Page 1: Management Software
AT-8100 Series Fast Ethernet Switches AT-8100L/8  AT-8100L/8POE  AT-8100L/8POE-E  AT-8100S/24C  AT-8100S/24  AT-8100S/24POE  AT-8100S/16F8-SC  AT-8100S/16F8-LC  AT-8100S/24F-LC  AT-8100S/48  AT-8100S/48POE  CONSOLE plus LINK / ACT CONSOLE plus LINK / ACT CONSOLE LINK / ACT CONSOLE LINK / ACT 2056...
Page 2 * Neither the name of Allied Telesis, Inc. nor the names of the respective companies above may be used to endorse or promote products derived from this software without specific prior written permission.
Page 3 Telesis, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesis, Inc. has been advised of, known, or should have known, the possibility of such damages.
Page 5: Table Of Contents
Contents Preface ................................15 Document Conventions ............................ 16 Where to Find Web-based Guides ........................17 Contacting Allied Telesis ..........................18 Chapter 1: AT-8100 Series Version 2.2.5.0 Web Browser Interface ............19 Management Sessions ............................. 20 Web Manager Accounts ........................... 21 Chapter 2: Starting a Management Session ....................
Page 6 Contents Changing the User Privilege........................54 Deleting a User Account..........................55 Rebooting a Switch ............................57 Upgrading the Software ............................ 58 Displaying System Information ......................... 61 Chapter 4: Setting Port Parameters ......................63 Port Numbers on the Switch ..........................64 Displaying the Port Parameters ........................
Page 7 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Port VLAN Identifier ..........................132 Tagged VLANs............................132 Tagged and Untagged Ports ........................133 Native VLAN............................. 133 Displaying VLANs............................134 Adding a VLAN ............................... 135 Modifying VLANs ............................137 Assigning a Native VLAN ..........................139 Removing an Untagged Port from a VLAN.....................
Page 8 Contents Adding a RADIUS Server .........................193 Configuring TACACS+ for Remote Manager Authentication ................195 Configuring Remote Manager Authentication Using TACACS+...............195 Adding a TACACS+ Server ........................198 Deleting an Authentication Server ........................200 Chapter 18: 802.1x Port-based Network Access ..................201 Overview .................................202 Port Roles..............................202 Operating Modes ............................203 Dynamic VLAN Assignments........................205 Guest VLAN..............................206...
Page 9 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Assigning a QoS Policy to Ports........................260 Displaying a List of QoS Policies........................262 Chapter 23: Setting Dynamic Routes Using RIP ..................263 Overview................................. 264 Enabling RIP ............................264 Displaying the RIP Configuration........................265 Enabling RIP on a VLAN Interface .........................
Page 10 Contents...
Page 11 Figure 19: User Management Page with Change Privilege Tab...................55 Figure 20: User Management Page with Delete User Tab ....................56 Figure 21: User Login Page on the Allied Telesis Website....................58 Figure 22: System Upgrade Page ............................59 Figure 23: Port Number ................................64 Figure 24: Switching Tab with Port Tab..........................65...
Page 12 Figures Figure 51: VLANs Page ..............................134 Figure 52: Add VLAN Page ..............................135 Figure 53: Edit VLAN Page..............................137 Figure 54: Native VLAN Page.............................139 Figure 55: Spanning Tree Settings Page..........................145 Figure 56: Switching IGMP Tab ............................151 Figure 57: IGMP Snooping Page with Configuration Tab ....................152 Figure 58: IGMP Snooping Page with Routers List Tab .....................155 Figure 59: IGMP Snooping Page with Hosts List Tab......................157 Figure 60: IGMP Snooping Querier with One Querier ......................161...
Page 13 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 111: Traffic Classifiers Page............................262 Figure 112: Layer 3 Tab ..............................265 Figure 113: RIP Configuration Page...........................265 Figure 114: Layer 3 Tab ..............................267 Figure 115: RIP Interface Page ............................268 Figure 116: Layer 3 Tab ..............................272 Figure 117: RIP Configuration Page...........................272 Figure 118: RIP Statistics Page with the Refresh Button ....................274 Figure 119: Layer 3 Tab ..............................277...
Page 14 Figures...
Page 15: Preface
This preface contains the following sections: “Document Conventions” on page 16  “Where to Find Web-based Guides” on page 17  “Contacting Allied Telesis” on page 18  Caution The software described in this document may contain certain encryption/security or cryptographic functionality and for exporting those products/software, USA export restrictions apply as per 15 C.F.R.
Page 16: Document Conventions
Document Conventions This document uses the following conventions: Note Notes provide additional information. Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data. Warning Warnings inform you that performing or omitting a specific action may result in bodily injury.
Page 17: Where To Find Web-Based Guides
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Where to Find Web-based Guides The installation and user guides for all of the Allied Telesis products are available for viewing in portable document format (PDF) from our web site at www.alliedtelesis.com/support/documentation.
Page 18: Contacting Allied Telesis
Contacting Allied Telesis If you need assistance with this product, you may contact Allied Telesis technical support by going to the Support & Services section of the Allied Telesis web site at www.alliedtelesis.com/support. You can find links for the following services on this page: 24/7 Online Support—...
Page 19: Chapter 1: At-8100 Series Version 2.2.5.0 Web Browser Interface
Chapter 1 AT-8100 Series Version 2.2.5.0 Web Browser Interface This chapter describes the types of management sessions using the AT-8100 Series management software and the web interface manager accounts. See the following sections: “Management Sessions” on page 20  “Web Manager Accounts” on page 21 ...
Page 20: Management Sessions
Chapter 1: AT-8100 Series Version 2.2.5.0 Web Browser Interface Management Sessions The AT-8100 Series switches provide two management interfaces: the web interface and Command Line Interface (CLI). This manual provides procedures that guide you through the web interface. The initial management session of the switch can be from a management session, either through the web interface or the CLI.
Page 21: Web Manager Accounts
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Web Manager Accounts You must log on to manage the switch. This requires a valid username and password. The switch comes with one manager account with a username of “manager” and the default password of “friend.” Both the username and password are case-sensitive.
Page 22 Chapter 1: AT-8100 Series Version 2.2.5.0 Web Browser Interface...
Page 23: Chapter 2: Starting A Management Session
Chapter 2 Starting a Management Session This chapter describes how to start a management session using the AlliedWare Plus™ web interface as well as how to select fields, save your changes, and end a management session. See the following sections: “Non-secure HTTP and Secure HTTPS Modes”...
Page 24: Non-Secure Http And Secure Https Modes
Chapter 2: Starting a Management Session Non-secure HTTP and Secure HTTPS Modes The switch has a web server so that you can remotely manage the switch over the network from a web browser on your PC. The server can operate in either plain-text HTTP mode or encrypted HTTPS mode.
Page 25: Starting The Initial Web Management Session
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Starting the Initial Web Management Session This section explains how to start a management session for the first time using the AT-8100 web interface. The switch shipped from the factory is configured with an IP address assigned and the web interface (HTTP service) enabled.
Page 26: Figure 1: Login Page
Chapter 2: Starting a Management Session 3. Open a web browser on the PC and enter the following: http://169.254.1.1 The AT-8100 Login page is displayed as shown in Figure 1. Figure 1. Login Page...
Page 27: Logging Onto The Switch
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Logging onto the Switch Once you start the web interface, the AT-8100 Login page is displayed. Enter “manager” in the User Name field and “friend” in the Password field as shown in Figure 2. Then click the Login button. Figure 2.
Page 28: Figure 3: Dashboard Page
Chapter 2: Starting a Management Session Figure 3. Dashboard Page The following fields are displayed: Up Time— Length of time since the switch was last reset or power  cycled in days, hours, minutes and seconds. Note Up Time is displayed on the top-right corner of the screen. The System section displays the following information: MAC Address—...
Page 29 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide System Name— Name of the switch. To specify this field, see  “Setting the Switch Information” on page 48. Version— Software version number of the Management Software.  Contact— Contact person for the switch. To specify this field, see ...
Page 30: What To Configure First
If you forget the manager password, you cannot manage the switch if there are no other management accounts on the unit. In this case, contact Allied Telesis Technical Support for assistance. For instructions on how to create additional management accounts, see “Adding a New User Account”...
Page 31: Setting System Time
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The management IPv4 address can be any IPv4 address assigned  on the switch. The switch can have only one IPv6 address.  Your PC must have an IP address that belongs to the network ...
Page 32: Starting A Web Management Session
Chapter 2: Starting a Management Session Starting a Web Management Session This section provides how to start a web management session when the switch does not have the factory default configuration. To log onto the switch through the web interface, enter the IP address of the switch on the web browser, such as Windows Internet Explorer, on the PC or laptop that can access the switch.
Page 33: When The Switch Does Not Display The Login Page
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide When the Switch When the switch does not display the web interface, even though you enter the IP address of the switch on the web browser, you must enable Does Not Display HTTP or HTTPS service on the switch through the CLI by performing the the Login Page following steps:...
Page 34: Checking For The Ip Addresses Of The Switch In The Cli
Chapter 2: Starting a Management Session The local management session is started when the AlliedWare Plus™ command line prompt is displayed as shown in Figure 4. awplus> Figure 4. AlliedWare Plus™ Command Line Prompt Checking for the To check for IP addresses assigned to the switch, enter the following commands: IP Addresses of the Switch in the...
Page 35: Enabling Http Or Https Service In The Cli
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide awplus# show ip http HTTP server disabled. Figure 6. Displaying the Status of HTTP Service To check whether HTTPS service is enabled, enter the following commands: awplus> enable awplus# show ip https Figure 7 shows an example of the command output.
Page 36: Saving Your Changes In The Cli
Chapter 2: Starting a Management Session Saving your Save your changes to the startup configuration file by entering the following commands: Changes in the awplus# copy running-config startup-config awplus# write...
Page 37: Saving Your Changes
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Saving Your Changes The changes you have made are temporarily stored in the running configuration file. When you reboot the switch, the information in the running configuration file is lost. To save your changes after you reboot the switch, do the following: 1.
Page 38: Ending A Web Management Session
Chapter 2: Starting a Management Session Ending a Web Management Session To end a web management session, select LOGOUT at the top of the web page. For an example, see the System Contact Information page in Figure 8 on page 37.
Page 39: Chapter 3: Basic Switch Parameters
Chapter 3 Basic Switch Parameters This chapter describes how to set up basic switch operations. See the following sections: “Setting the System Date and Time” on page 40  “Configuring a Telnet or SSH Server” on page 45  “Configuring a Remote Log Server” on page 47 ...
Page 40: Setting The System Date And Time
Chapter 3: Basic Switch Parameters Setting the System Date and Time This procedure explains how to set the switch’s date and time. Setting the date and time is important if you plan to view the events in the switch’s event log or on a syslog server. The correct date and time are also important if the management software sends traps to a management workstation or if you plan to create a self-signed SSL certificate.
Page 41: Figure 9: System Settings Tab
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 9. System Settings Tab 3. From the System tab, hover over System Settings. 4. Move the cursor to the right and select Time. The System Time Settings page is displayed. See Figure 10. Figure 10.
Page 42: Figure 11: System Time Settings Page With Network Time Settings Tab
Chapter 3: Basic Switch Parameters Figure 11. System Time Settings Page with Network Time Settings Tab 6. To configure the switch to obtain its date and time from an SNTP or NTP server on your network or the Internet, specify the following fields: NTP Status—...
Page 43: Setting System Time Manually
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Note The switch does not set daylight saving time (DST) automatically. If the switch is in a locale that uses DST, you must remember to enable this in March when DST begins and disable it in October when DST ends.
Page 44: Figure 12: Calendar Page
Chapter 3: Basic Switch Parameters Figure 12. Calendar Page a. Use the arrows at the top of the Calendar to select the month and year. b. Set the time of day using the following format: hh:mm:ss c. Click on the day of the month. 7.
Page 45: Configuring A Telnet Or Ssh Server
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Configuring a Telnet or SSH Server The AT-8100 web browser interface allows you to configure the switch as a Telnet or SSH server. You can use the web browser interface to enable a Telnet server, but not as a Telnet client.
Page 46 Chapter 3: Basic Switch Parameters Note Both the Remote Log and Server IP Address fields are used only to set a remote log server. For information on these fields, see “Configuring a Remote Log Server” on page 47. Remote Log— Check the checkbox to enable the switch to send ...
Page 47: Configuring A Remote Log Server
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Configuring a Remote Log Server You can use the AT-8100 web browser interface to enable logging to a remote log server, which is part of the Syslog feature. However, you must use the CLI to view or clear the event log. For information about the Syslog features, see the SysLog chapters in the AT-8100 Series Version 2.2.5.0 Management Software Command Line Interface User’s Guide.
Page 48: Setting The Switch Information
Chapter 3: Basic Switch Parameters Setting the Switch Information This procedure allows you to set information about the switch, such as a switch name, contact person, and location. Assigning a name to the switch helps you identify your switches when you manage them and avoid performing a configuration procedure on the wrong switch.
Page 49 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Specify the following fields as necessary: System Name— Enter a name for the switch, for example, S1 or  Switch2. The name is displayed on the Dashboard page. See Figure 3 on page 28. The name can be from 1 to 39 characters in length.
Page 50: Managing The Configuration File
Chapter 3: Basic Switch Parameters Managing the Configuration File Within the web browser interface, you can upload a configuration file onto the switch, download a configuration file from the switch, delete a configuration file, and save your changes to the current configuration file. However, to create a new configuration file, you need to access the switch through the CLI.
Page 51: Setting The Active Configuration File
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide format is year, month, date. Setting the Active To specify a file as the startup configuration file, do the following: Configuration 1. Use the pull-down menu to select a file as the active configuration file. File 2.
Page 52: Managing Local User Accounts
Chapter 3: Basic Switch Parameters Managing Local User Accounts The switch comes with one local manager account. The account, which has the username “manager” and default password “friend,” is referred to as a local account because it is the switch that authenticates the username and password when a manager logs on using the account.
Page 53: Changing A User Password
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide 3. Add a new user by doing the following: User Name— Enter a new logon name for the new account. The  name is case-sensitive and can contain up to 15 alphanumeric characters.
Page 54: Changing The User Privilege
Chapter 3: Basic Switch Parameters Figure 18. User Management Page with Change Password Tab 4. Use the pull-down menu next to the User Name field to select a username. The username must already exist. 5. Enter a new password in plaintext in the New Password field. A password can consist of up to 16 alphanumeric characters and is case-sensitive.
Page 55: Deleting A User Account
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 19. User Management Page with Change Privilege Tab 4. Use the pull-down menu next to the User Name field to select a user. 5. Use the pull-down menu next the New Privilege field to select a user privilege level.
Page 56: Figure 20: User Management Page With Delete User Tab
Chapter 3: Basic Switch Parameters Figure 20. User Management Page with Delete User Tab 4. Use the pull-down menu to select a user. 5. Click Delete User. 6. Click SAVE to save your changes to the startup configuration file.
Page 57: Rebooting A Switch
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Rebooting a Switch Resetting the switch ends your web browser management session. To continue managing the switch, you must log in again. Note All unsaved changes are discarded when you reset a switch. To save your changes to the startup configuration file, click SAVE.
Page 58: Upgrading The Software
Upgrading the Software The latest version of the AlliedWare Plus™ Management Software is available from the Allied Telesis website. You can download the software image file on your workstation and upload the file onto the switch. To upgrade the AT-8100 software, perform the following procedure: 1.
Page 59: Figure 22: System Upgrade Page
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide 4. Enter your email address and password, then click the Sign In button. Note If you do not know your password, click the Create Account link and follow the instructions on the page. 5.
Page 60 Chapter 3: Basic Switch Parameters Note Upgrading the system software on the switch ends your current web browser management session. To continue managing the switch, you must log in again.
Page 61: Displaying System Information
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying System Information To view basic information about the switch, select the System Tab. The Dashboard Page is displayed as shown in Figure 3 on page 28. The following fields are displayed: Up Time—...
Page 62 Chapter 3: Basic Switch Parameters IGMP Snooping Querier— Indicates if IGMP Snooping Querier is  enabled or disabled on the switch. The Administration Options section displays the following information: System Upgrade— Click this link to go to the System Upgrade ...
Page 63: Chapter 4: Setting Port Parameters
Chapter 4 Setting Port Parameters This chapter describes how to display and modify the port settings such as back pressure and flow control. In addition, it provides procedures to display and modify storm control settings. This chapter contains the following sections: “Port Numbers on the Switch”...
Page 64: Port Numbers On The Switch
Chapter 4: Setting Port Parameters Port Numbers on the Switch The ports on the switch are identified in the format shown in Figure 23. Figure 23. Port Number The variables in the parameter are defined here: Switch ID: When the switch is a stand-alone switch, the web interface ...
Page 65: Displaying The Port Parameters
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the Port Parameters To display the settings for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24. Figure 24.
Page 66 Chapter 4: Setting Port Parameters Type— Transmission speed and medium, copper or fiber optic, of  the port. For example, 1000Base-SX indicates that the port is a fiber optic gigabit standard. Status— Indicates if the port is enabled or disabled. The default ...
Page 67: Changing The Port Settings
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Changing the Port Settings You can change the settings of one port at a time. Use the following procedure to change the port settings or reset a port to its default value, To change the port settings, do the following: 1.
Page 68: Figure 26: Port Configuration Modify Page
Chapter 4: Setting Port Parameters Figure 26. Port Configuration Modify Page 5. Specify the following fields as needed: Interface— Indicates the port ID.  Port Type— Indicates the transmission speed and medium,  copper or fiber, that the port supports. Port Description—...
Page 69 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide cannot select them. To change the Configure Speed and Configure Duplex fields, change the Negotiation setting to “Manual.” Note When the port type is 1000Base fiber optic, the Negotiation must be “Auto”, and you are not allowed to change the setting to “Manual.” Current Speed—...
Page 70 Chapter 4: Setting Port Parameters A cell represents 128 bytes. The range is 1 to 7935 cells. The default value is 7935 cells. Flow Control Status— Enable or disable the flow control feature.  By default, flow control is disabled on the port. Flow Control Limit (1 - 7935)—...
Page 71: Displaying The Storm Control Settings
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the Storm Control Settings To display the storm control settings, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 72 Chapter 4: Setting Port Parameters Multicast packets that exceed the threshold are discarded by the port. The range is 0 to 33,554,431 packets. The default is 33,554,431 packets. Dlf— Indicates whether the unknown unicast threshold setting is  enabled or disabled. Dlf Level—...
Page 73: Modifying The Storm Control Settings
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying the Storm Control Settings To modify the storm control settings, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 74 Chapter 4: Setting Port Parameters 5. Change the following fields as needed: Broadcast— Enable or disable the broadcast storm control  feature. When this feature is enabled, the port discards ingress broadcast packets that exceed the specified level. This feature is disabled by default.
Page 75: Chapter 5: Setting Port Statistics
Chapter 5 Setting Port Statistics This chapter describes how to display and clear port statistics. Within the AlliedWare Plus™ software, you can display and clear transmit, receive, and interface port statistics. This chapter contains the following topics: “Displaying Port Statistics” on page 76 ...
Page 76: Displaying Port Statistics
Chapter 5: Setting Port Statistics Displaying Port Statistics You can display several types of port statistics. See the following sections: “Displaying Transmit and Receive Port Statistics” on page 76  “Displaying Receive Statistics” on page 77  “Displaying Transmit Statistics” on page 79 ...
Page 77: Displaying Receive Statistics
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The following fields are displayed: Interface— Port ID.  0-64 Byte Frames— Number of frames transmitted by the port that  contains 0 to 64 bytes. 65-127 Byte Frames— Number of frames transmitted by the port ...
Page 78: Figure 30: Port Statistics With The Receive Tab
Chapter 5: Setting Port Statistics Figure 30. Port Statistics with the Receive Tab The following fields are displayed: Interface— Port ID.  Total Bytes— Number of received bytes.  Total Frames— Number of received frames.  Total Error Frames— Total number of received frames with ...
Page 79: Displaying Transmit Statistics
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Undersize Frames— Number of received frames that were less  than the minimum length as specified by IEEE 802.3 (64 bytes, including the CRC). Dropped Frames— Number of frames successfully received and ...
Page 80: Displaying Interface Statistics
Chapter 5: Setting Port Statistics Total Frames— Number of transmitted frames.  Total Error Frames— Number of transmitted frames with errors.  Multicast Frames— Number of transmitted multicast frames.  Broadcast Frames— Number of transmitted broadcast frames.  Pause Frames Sent— Number of transmitted flow-control pause ...
Page 81: Figure 32: Port Statistics Page With Interface Tab
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 32. Port Statistics Page with Interface Tab The following fields are displayed: Interface— Port ID.  Rx Unicast Packets— Number of ingress unicast packets.  Rx Discard Packets— Number of ingress packets that were ...
Page 82: Clearing Port Statistics
Chapter 5: Setting Port Statistics Clearing Port Statistics To clear the statistics for a port, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2. From the Switching tab, hover over Port. 3.
Page 83: Reloading Statistics
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Reloading Statistics Port statistics are constantly counting, and the values are changing so that the data displayed in the Port Statistics pages are not the most recent. To display the latest data possible, click on the Reload Page button on a Port Statistics page.
Page 84 Chapter 5: Setting Port Statistics...
Page 85: Chapter 6: Port Mirroring
Chapter 6 Port Mirroring The port mirror is a management tool that allows you to monitor the traffic on one or more ports on the switch. It works by copying the traffic from source ports to a destination port where the traffic can be monitored with a network analyzer.
Page 86: Overview
Chapter 6: Port Mirroring Overview To use the port mirroring feature, you must designate one or more source ports and one destination port. The source ports are the ports whose packets are mirrored and monitored. The destination port is the port where the packets from the source ports are copied and where the network analyzer is connected.
Page 87: Displaying Port Mirroring Settings
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying Port Mirroring Settings To display the port mirroring assignments for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 88: Assigning A Destination Port
Chapter 6: Port Mirroring Assigning a Destination Port The destination port is the source port where the packets are copied. You can only assign one destination port to the switch. To assign a destination port, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed.
Page 89: Specifying Direction Type
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Specifying Direction Type To specify source ports and type of packet direction, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 90 Chapter 6: Port Mirroring 6. Click Apply. 7. Click SAVE to save your changes to the startup configuration file.
Page 91: Deleting Port Mirroring Settings
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting Port Mirroring Settings To delete the existing port mirroring settings, assign the port to “None” by doing the following: 1. Display the port mirroring assignments. See “Displaying Port Mirroring Settings” on page 87. The Port Mirroring List page is displayed.
Page 92 Chapter 6: Port Mirroring...
Page 93: Chapter 7: Spanning Tree Protocol On A Port
Chapter 7 Spanning Tree Protocol on a Port The Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP) guard against the formation of loops in an Ethernet network topology. A topology has a loop when two or more nodes can transmit packets to each other over more than one data path.
Page 94: Overview
Chapter 7: Spanning Tree Protocol on a Port Overview STP and RSTP prevent loops from forming by ensuring that only one path is available at a time between the switches in your network. Where multiple paths exist, these spanning tree protocols place the extra paths in a standby or blocking mode.
Page 95: Displaying Port Spanning Tree Protocol Settings
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying Port Spanning Tree Protocol Settings To display the Spanning Tree Protocol settings for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 96 Chapter 7: Spanning Tree Protocol on a Port Version— Spanning Tree Protocol version: STP, RSTP, or MSTP.  The default setting is RSTP. Portfast— Indicates if the port is designated as an edge port. If a  port on the switch is not connected to a switch or a network that is running the spanning tree protocol, you can designate it as an edge port.
Page 97: Modifying Port Spanning Tree Protocol Settings
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying Port Spanning Tree Protocol Settings To modify port settings for Spanning Tree Protocol, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 98 Chapter 7: Spanning Tree Protocol on a Port Version— Indicates the Spanning Tree Protocol version. The  default setting is RSTP. Configured Path Cost— Enter the cost of the port to the root  bridge. This cost is combined with the costs of the other ports in the path to the root bridge to determine the total path cost.
Page 99 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Link Type— Choose from the following settings:  AUTO: The switch determines the link type of the port is either PTP or Shared. If a port is set to full-duplex mode, the link type is point-to-point.
Page 100 Chapter 7: Spanning Tree Protocol on a Port...
Page 101: Chapter 8: Setting The Mac Address
Chapter 8 Setting the MAC Address The procedures in this chapter describe how to display the MAC address table that resides on the switch, as well as how to add a unicast or multicast MAC addresses to the table. Procedures to modify and delete MAC addresses within the table are also included in this chapter.
Page 102: Displaying The Unicast Mac Addresses
Chapter 8: Setting the MAC Address Displaying the Unicast MAC Addresses To display the unicast MAC addresses, do the following: 1. Hover the cursor over the Switching Tab. The Switching Tab is displayed. See Figure 38. Figure 38. Switching Tab 2.
Page 103 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The following fields are displayed: MAC Address— Dynamic and static unicast MAC addresses  learned on or assigned to the port. Vlan— ID number of the VLAN that the node designated by the ...
Page 104: Displaying The Multicast Mac Addresses
Chapter 8: Setting the MAC Address Displaying the Multicast MAC Addresses To display the multicast MAC addresses, do the following: 1. Hover the cursor over the Switching tab. The Switching Tab is displayed. See Figure 38 on page 102. 2. Hover over Mac Table and then move the cursor to the right to select Multicast.
Page 105: Assigning A Unicast Mac Address
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Assigning a Unicast MAC Address To assign a unicast MAC address to the MAC address table, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 106 Chapter 8: Setting the MAC Address Forward: Specifies the port to forward packets that have the designated source MAC address. Discard: Specifies the port to discard packets that have the designated source MAC address. 5. Click Add. 6. Click SAVE to save your changes to the startup configuration file.
Page 107: Assigning A Multicast Mac Address
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Assigning a Multicast MAC Address To assign a multicast MAC address to the MAC address table, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 108 Chapter 8: Setting the MAC Address Forward: Specifies the port to forward packets that have the designated source MAC address. Discard: Specifies the port to discard packets that have the designated source MAC address. 5. Click Add. 6. Click SAVE to save your changes to the startup configuration file.
Page 109: Deleting A Unicast Mac Address
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting a Unicast MAC Address To delete a unicast address or clear all static or dynamic unicast addresses, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 38 on page 102. 2.
Page 110: Deleting A Multicast Mac Address
Chapter 8: Setting the MAC Address Deleting a Multicast MAC Address To delete a multicast address or clear all static or dynamic multicast addresses, do the following: 1. Hover the cursor over the Switching Tab. The Switching Tab is displayed. See Figure 38 on page 102. 2.
Page 111: Chapter 9: Link Aggregation Control Protocol (Lacp)
Chapter 9 Link Aggregation Control Protocol (LACP) LACP is used to increase the bandwidth between the switch and other LACP compatible devices by grouping ports together to form single virtual links. This chapter provides a brief description of LACP and explains how to display and set LACP.
Page 112: Overview
Chapter 9: Link Aggregation Control Protocol (LACP) Overview LACP trunks are similar in function to static port trunks, but they are more flexible. The implementations of static trunks tend to be vendor-specific and may not always be compatible. In contrast, the implementation of LACP in the switch is compliant with the IEEE 802.3ad standard.
Page 113: Displaying Lacp Trunks
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying LACP Trunks To display the LACP trunk assignments for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 114 Chapter 9: Link Aggregation Control Protocol (LACP) Load Balance Method— Load distribution methods of the  aggregators. An aggregator can have only one load distribution method. The load distribution method determines the manner in which the switch distributes the egress packets among the active ports of an aggregator.
Page 115: Adding An Lacp Trunk
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding an LACP Trunk To create an LACP trunk, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2. From the Switching tab, hover over Link Aggregation. For an example of the Link Aggregation selection, see Figure 43 on page 113.
Page 116 Chapter 9: Link Aggregation Control Protocol (LACP) 5. Enter an aggregator ID number in the Aggregator ID field. The number can be from 1-32. 6. Select the Load Balance Method. Choose from the following: Src MAC— Source MAC address as the load distribution method. ...
Page 117: Modifying An Lacp Trunk
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying an LACP Trunk To modify the LACP Trunk settings, see the following procedure: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 118 Chapter 9: Link Aggregation Control Protocol (LACP) 5. Select the Load Balance Method. Choose from the following: Src MAC— Source MAC address as the load distribution method.  Dst MAC— Destination MAC address.  Src-Dst MAC— Source address/destination MAC address. ...
Page 119: Deleting An Lacp Trunk
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting an LACP Trunk To delete an LACP trunk, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2. From the Switching tab, hover over Link Aggregation. For an example of the Link Aggregation selection, see Figure 43 on page 113.
Page 120 Chapter 9: Link Aggregation Control Protocol (LACP)
Page 121: Chapter 10: Setting Static Port Trunks
Chapter 10 Setting Static Port Trunks Static port trunks are groups of two to eight ports that act as single virtual links between the switch and other network devices. This chapter describes how to display, create, and modify static trunks. See the following sections: “Overview”...
Page 122: Overview
Chapter 10: Setting Static Port Trunks Overview Static port trunks are commonly used to improve network performance by increasing the available bandwidth between the switch and other network devices, as well as to enhance the reliability of the connections between network devices.
Page 123: Displaying Static Trunk Settings
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying Static Trunk Settings To display the static port trunks for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 124 Chapter 10: Setting Static Port Trunks Dst MAC: Destination MAC address is the load distribution method. Src-Dst MAC: Source address and destination MAC address is the load distribution method. Src IP: Source IP address is the load distribution method. Dst IP: Destination IP address is the load distribution method. Src-Dst IP: Source address and destination IP address is the load distribution method.
Page 125: Adding Static Trunks
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding Static Trunks Review the following information before creating a new static port trunk: When you create a new trunk, the settings of the lowest-numbered port  are copied to the other ports so that all the ports have the same settings.
Page 126: Figure 49: Add Static Trunk Page
Chapter 10: Setting Static Port Trunks Figure 49. Add Static Trunk Page 5. Assign an ID number of a new static trunk in the Trunk ID field. The range is 1 to 32. 6. Select the Load Balance Method. You can assign different load distribution methods to different static trunks on the same switch.
Page 127: Modifying The Static Trunk Settings
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying the Static Trunk Settings Review the following information if you are adding ports to an existing trunk: The ports of a static trunk must be members of the same VLAN.  If the new port added to a trunk is already a member of another static ...
Page 128 Chapter 10: Setting Static Port Trunks 5. Change the Load Balance Method as needed. You can assign different load distribution methods to different static trunks on the same switch. Choose from the following: Src MAC— Source MAC address.  Dst MAC— Destination MAC address. ...
Page 129: Deleting Static Trunks
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting Static Trunks To delete a static port trunk, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2. From the Switching tab, hover over Link Aggregation. For an example of the Link Aggregation selection, see Figure 47 on page 123.
Page 130 Chapter 10: Setting Static Port Trunks...
Page 131: Chapter 11: Setting Port-Based And Tagged Vlans
Chapter 11 Setting Port-based and Tagged VLANs This chapter provides a brief description of VLANs and explains how to display, create, and modify port-based and tagged VLANs. See the following sections: “Overview” on page 132  “Displaying VLANs” on page 134 ...
Page 132: Overview
Chapter 11: Setting Port-based and Tagged VLANs Overview A VLAN is a group of ports that form a logical Ethernet segment on an Ethernet switch. The ports of a VLAN form an independent broadcast domain in which the traffic generated by the nodes remains within the VLAN.
Page 133: Tagged And Untagged Ports
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The VLAN information within an Ethernet frame is referred to as a tag or tagged header. A tag, which follows the source and destination addresses in a frame, contains the VID of the VLAN to which the frame belongs (IEEE 802.3ac standard).
Page 134: Displaying Vlans
Chapter 11: Setting Port-based and Tagged VLANs Displaying VLANs To display the VLAN assignments for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 135: Adding A Vlan
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding a VLAN To create a VLAN, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2. From the Switching tab drop-down menu, select VLANs. The VLANs page is displayed.
Page 136 Chapter 11: Setting Port-based and Tagged VLANs switch. For example, if you are creating a VLAN called Sales with a VID of 3 that spans three switches, assign the Sales VLAN on each switch the VID value of 3. VLAN Name— Specify the name of a VLAN. The name can be ...
Page 137: Modifying Vlans
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying VLANs To modify the VLAN settings, see the following procedure: Caution Modifying the VLAN membership of active ports may cause loss of connectivity to the switch. 1. Hover the cursor over the Switching tab. The Switching tab is displayed.
Page 138 Chapter 11: Setting Port-based and Tagged VLANs 4. Change the following fields as needed: VLAN Name— Change the name of a VLAN. The name can be  from 1 to 20 characters in length. The first character must be a letter;...
Page 139: Assigning A Native Vlan
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Assigning a Native VLAN A VLAN can be assigned to a tagged port so that untagged ingress traffic is placed on the VLAN. This VLAN is referred to as the native VLAN. To assign a native VLAN to a tagged port, perform the following procedure: 1.
Page 140 Chapter 11: Setting Port-based and Tagged VLANs 5. Change the following fields as needed: VLAN Interface— Select a VLAN ID from the pull-down menu.The  selected VLAN Interface is assigned to a port as a native VLAN, on which untagged frames are placed. Port ID—...
Page 141: Removing An Untagged Port From A Vlan
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Removing an Untagged Port from a VLAN By default, all the ports on the switch belong to the default VLAN, VLAN1, as untagged ports. When you assign a port to another VLAN as an untagged port, the switch removes the untagged port from the original VLAN and then assigns it to the new VLAN.
Page 142: Deleting Vlans
Chapter 11: Setting Port-based and Tagged VLANs Deleting VLANs Caution Deleting VLANs that active ports belong to may cause loss of connectivity to the switch. To delete a VLAN, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed.
Page 143: Chapter 12: Spanning Tree Protocols On The Switch
Chapter 12 Spanning Tree Protocols on the Switch This chapter provides a brief description of both the Spanning Tree Protocol (STP) and the Rapid Spanning Tree Protocol (RSTP), and explains how to set the spanning tree protocols on the switch. See the following sections: “Overview”...
Page 144: Overview
Chapter 12: Spanning Tree Protocols on the Switch Overview Both STP and RSTP guard against the formation of loops in an Ethernet network topology. A topology has a loop when two or more nodes can transmit packets to each other over more than one data path. Packets can become caught in repeating cycles, referred to as broadcast storms, that needlessly consume network bandwidth and that can significantly reduce network performance.
Page 145: Displaying And Modifying Spanning Tree Protocol Settings On The Switch
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying and Modifying Spanning Tree Protocol Settings on the Switch To display and modify Spanning Tree Protocol settings on the switch, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed.
Page 146 Chapter 12: Spanning Tree Protocols on the Switch Note If you try to select MSTP from the menu, a message will appear indicating that MSTP can only be set via the Command Line Interface and will not allow the selection. To set the protocol to MSTP, and for more information on MSTP, see Section VII: Spanning Tree Protocols in the AT-8100 Series Version 2.2.5.0 Management Software Command Line Interface User’s Guide and...
Page 147 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Hello Time— Enter the hello time in seconds. The hello time is the  frequency that the switch sends bridge protocol data units (BPDUs), which contain spanning tree configuration information. The range is 1 to 10 seconds. This value is active only when the switch is acting as the root bridge of the spanning tree domain.
Page 148 Chapter 12: Spanning Tree Protocols on the Switch...
Page 149: Chapter 13: Internet Group Management Protocol (Igmp) Snooping
Chapter 13 Internet Group Management Protocol (IGMP) Snooping This chapter provides a brief description of IGMP Snooping and explains how to set this feature on the switch. See the following sections: “Overview” on page 150  “Displaying and Modifying IGMP Snooping Configuration” on page 151 ...
Page 150: Overview
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Overview IGMP snooping allows the switch to control the flow of multicast packets from its ports. It enables the switch to forward packets of a multicast group to only ports connected to members of the multicast group. When the switch is not using IGMP snooping and receives multicast packets, it floods the packets out all its ports, except the port on which it received the packets.
Page 151: Displaying And Modifying Igmp Snooping Configuration
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying and Modifying IGMP Snooping Configuration To display and modify the IGMP Configuration settings, do the following: 1. Hover the cursor over the Switching tab. The Switching Tab is displayed. See Figure 56. Figure 56.
Page 152: Figure 57: Igmp Snooping Page With Configuration Tab
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Figure 57. IGMP Snooping Page with Configuration Tab 3. Change the following settings as needed: Status— Enable or disable IGMP Snooping. When you enable  IGMP, the switch begins to build its multicast tables as queries from the multicast router and reports from the host nodes arrive on its ports.
Page 153 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Auto: The switch automatically detect ports that are connected to multicast routers. Manual: You manually specify ports that are connected to multicast routers. Router Ports— Specify the port ID of a port that is connected to a ...
Page 154: Disabling Igmp Snooping
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Disabling IGMP Snooping To disable the IGMP Configuration on the switch, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 56 on page 151. 2.
Page 155: Displaying The Routers List
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the Routers List To display the IGMP Routers List, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 56 on page 151. 2.
Page 156: Clearing The Routers List
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Clearing the Routers List To clear the group membership on the IGMP Routers List, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 56 on page 151. 2.
Page 157: Displaying The Hosts List
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the Hosts List To display the IGMP Hosts List, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 56 on page 151. 2.
Page 158 Chapter 13: Internet Group Management Protocol (IGMP) Snooping...
Page 159: Chapter 14: Igmp Snooping Querier
Chapter 14 IGMP Snooping Querier This chapter provides a brief description of IGMP Snooping Querier and explains how to set this feature on the switch. See the following sections: “Overview” on page 160  “Guidelines” on page 164  “Displaying IGMP Snooping Querier” on page 165 ...
Page 160: Overview
VLAN. Then, apply the IP address to the VLAN where it sends its queries to enable IGMP snooping querier on the VLAN. Allied Telesis recommends using the Default VLAN, which has a VID of 1.
Page 161: Assigning Multiple Queriers
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Switch 1: VLAN: Default_VLAN 149.123.48 Routing interface: Multicast source: Host nodes: IP address: IP addresses: 149.123.48.1 149.123.48.3 to 149.123.48.24 Figure 60. IGMP Snooping Querier with One Querier Table 3 lists the switch settings that are illustrated in Figure 60. Table 3.
Page 162: Figure 61: Igmp Snooping Querier With Two Queriers
Chapter 14: IGMP Snooping Querier with the second lowest IP address is made the standby querier, again by switch 2. In the case where there are three queriers, the switch in the network with IGMP snooping enabled and IGMP querier disabled determines the standby querier and then the second standby querier by comparing their IP addresses.
Page 163 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Table 4 lists the switch settings that are illustrated in Figure 61 on page 162. Table 4. IGMP Snooping Querier with Two Queriers IGMP Routing IGMP Querier Switch Snooping Address Snooping Status Querier 149.123.48 Enabled...
Page 164: Guidelines
Chapter 14: IGMP Snooping Querier Guidelines The guidelines for IGMP snooping querier are listed here: The network can have only one LAN.  The network cannot have any multicast routers.  IGMP snooping must be enabled on the switch.  IGMP snooping querier should be enabled on only one switch.
Page 165: Displaying Igmp Snooping Querier
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying IGMP Snooping Querier To display an IGMP Snooping Querier list, do the following: 1. Hover the cursor over the Switching tab. The Switching Tab is displayed. See Figure 62. Figure 62. Switching IGMP Tab 2.
Page 166 Chapter 14: IGMP Snooping Querier Query Interval— Time interval in seconds at which IGMP General  Query messages are transmitted.
Page 167: Modifying Igmp Snooping Query Interval
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying IGMP Snooping Query Interval To modify the value of Query interval, do the following: 1. Hover the cursor over the Switching tab. The Switching Tab is displayed. See Figure 62 on page 165. 2.
Page 168 Chapter 14: IGMP Snooping Querier...
Page 169: Chapter 15: Power Over Ethernet (Poe)
Chapter 15 Power Over Ethernet (PoE) This chapter provides brief descriptions of PoE and explains how to change the configuration of a port on the PoE featured switch. See the following sections: “Overview” on page 170  “Displaying PoE Port Settings” on page 172 ...
Page 170: Overview
Chapter 15: Power Over Ethernet (PoE) Overview The AT-8100L/8PoE, AT-8100S/24PoE, and AT-8100S/48PoE switches feature Power over Ethernet (PoE) on the 10/100Base-Tx ports. PoE is used to supply power to network devices over the same twisted-pair cables that carry the network traffic. The main advantage of PoE is that it can make installing a network easier.
Page 171: Port Prioritization
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide be operated using either one power supply or both power supplies. One power supply is responsible for providing 185 watts of the power budget. Table 6 shows power budget per model. Table 6. PoE Switch’s Power Budget When Using One When Using Two Switch Model...
Page 172: Displaying Poe Port Settings
Chapter 15: Power Over Ethernet (PoE) Displaying PoE Port Settings To display a list of the PoE port settings, do the following: Note The PoE pull-down menu item appears only when you are accessing a PoE featured switch. 1. Hover the cursor over the Switching tab. The Switching tab is displayed.
Page 173: Figure 66: Poe Port List Page
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 66. PoE Port List Page The following fields are displayed: Status— Enable or disable PoE on the ports globally. By default,  power is enabled on all ports. Note This status does not indicate that the PoE status of all the ports is the same.
Page 174 Chapter 15: Power Over Ethernet (PoE) Power Status— Indicates if a powered device that is connected to  the port is powered on or off. When powered on, it indicates Powered. When no powered device is connected to the port, indicates Off.
Page 175: Modifying Poe Settings Globally
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying PoE Settings Globally To modify PoE settings on the switch, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 65 on page 172. 2.
Page 176: Modifying Poe Settings On A Port
Chapter 15: Power Over Ethernet (PoE) Modifying PoE Settings on a Port To display a list of the IPv4 interfaces, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 67. 2. From the Switching tab drop-down menu, select PoE. A list of PoE settings on the ports is displayed.
Page 177 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide PoE Device Description— Enter the description of the PoE  device that is connected to the port. The description can contain up to 256 alphanumeric characters. Spaces and special characters are allowed. PoE Port Power Limit (4000 ~ 30000)—...
Page 178 Chapter 15: Power Over Ethernet (PoE)
Page 179: Chapter 16: Mac Address-Based Port Security
Chapter 16 MAC Address-based Port Security This chapter provides a brief description of MAC address-based port security and explains how to set this feature on the switch. See the following sections: “Overview” on page 180  “Displaying MAC Address-based Port Security Settings” on page 182 ...
Page 180: Overview
Chapter 16: MAC Address-based Port Security Overview This feature lets you control access to the ports on the switch based on the source MAC addresses of the network devices. You specify the maximum number of source MAC addresses that ports can learn. Ports that learn their maximum number of addresses discard packets that have new, unknown addresses, preventing access to the switch by any additional devices.
Page 181: Guidelines
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Guidelines Here are the guidelines to MAC address-based port security: The filtering of a packet occurs on the ingress port, not on the egress  port. You cannot use MAC address-based port security and 802.1x port- ...
Page 182: Displaying Mac Address-Based Port Security Settings
Chapter 16: MAC Address-based Port Security Displaying MAC Address-based Port Security Settings To display the MAC address-based port security settings, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68. Figure 68. Security Tab 2.
Page 183 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Yes: Saves the source MAC addresses as dynamic addresses in the MAC address table. No: Saves the source MAC addresses as static addresses in the MAC address table. This is the default setting. MAX MACs—...
Page 184: Modifying Mac Address-Based Port Security Settings
Chapter 16: MAC Address-based Port Security Modifying MAC Address-based Port Security Settings To the modify the MAC address-based port security settings, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Page 185 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide 4. Change the following settings as needed: Interface— Indicates the port number. You cannot change this  parameter from this page. MAC Security— Select between “Enabled” and “Disabled” to  activate or deactivate MAC address-based security on the port. Aging—...
Page 186: Disabling Mac Address-Based Port Security Settings
Chapter 16: MAC Address-based Port Security Disabling MAC Address-based Port Security Settings To deactivate MAC address-based port security settings, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Page 187: Chapter 17: Radius And Tacacs+ Clients
Chapter 17 RADIUS and TACACS+ Clients This chapter provides a brief description of both the RADIUS and TACACS+ clients and explains how to configure these clients on the switch. See the following sections: “Overview” on page 188  “Configuring RADIUS for Remote Manager Authentication” on ...
Page 188: Overview
Chapter 17: RADIUS and TACACS+ Clients Overview The switch has RADIUS and TACACS+ clients for remote authentication. Here are the features that use remote authentication: 802.1x port-based network access control. This feature lets you  increase network security by requiring that network users log on with a username and password before the switch forwards their packets.
Page 189: Accounting Information
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The following steps illustrate the authentication process that occurs between the switch and an authentication server when a manager logs on: 1. The switch uses its RADIUS or TACACS+ client to transmit the username and password to an authentication server on the network.
Page 190 Chapter 17: RADIUS and TACACS+ Clients When you delete Server 1, the server with an IP address of 192.168.10.12 remains Server 2; the server with an IP address of 192.168.10.13 remains Server 3. As a result, the next server that you add to the switch becomes Server 1.
Page 191: Configuring Radius For Remote Manager Authentication
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Configuring RADIUS for Remote Manager Authentication To configure remote manager authentication using RADIUS and add RADIUS servers to the switch, perform the following: “Configuring Remote Manager Authentication Using RADIUS” on  page 191 “Adding a RADIUS Server”...
Page 192 Chapter 17: RADIUS and TACACS+ Clients authentication request, before querying the next server in the list. The range is 1 to 1,000 seconds. The default value is 5 seconds. Key Value— Enter the value of the global encryption key of the ...
Page 193: Adding A Radius Server
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide AAA Accounting— Select a RADIUS accounting setting. Choose  from the following: Start-Stop: Indicates that a start accounting message is sent at the beginning of a session, and a stop accounting message is sent at the end of the session.
Page 194 Chapter 17: RADIUS and TACACS+ Clients Authentication Port— Specify the UDP destination port for  RADIUS authentication requests. If you select 0, the server is not used for authentication. The default UDP port for authentication is 1812. Accounting Port— Specify the UDP destination port for RADIUS ...
Page 195: Configuring Tacacs+ For Remote Manager Authentication
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Configuring TACACS+ for Remote Manager Authentication To configure remote manager authentication using TACACS+ and add TACACS+ servers to the switch, perform the following: “Configuring Remote Manager Authentication Using TACACS+” on  page 195 “Adding a TACACS+ Server”...
Page 196: Figure 73: Authentication Server Configuration Page With Tacacs+ Tab
Chapter 17: RADIUS and TACACS+ Clients Figure 73. Authentication Server Configuration Page with TACACS+ Tab 4. Change the following as needed: Timeout Value— Enter the length of the time, in seconds, that the  switch waits for a response from a TACACS+ server to an authentication request, before querying the next server in the list.
Page 197 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide TACACS+ Authentication Login— Enable or disable TACACS+  to authenticate user login. Choose from the following: Enabled: The TACACS+ servers authenticate user login. Disabled: The TACACS+ servers do not authenticate user login. Authentication is attempted using the username and password combinations specified on the User Management page and using the USERNAME command in the CLI.
Page 198: Adding A Tacacs+ Server
Chapter 17: RADIUS and TACACS+ Clients authentication is attempted using the password specified using the ENABLE PASSWORD command in the CLI. Disabled: The TACACS+ servers do not use its enable password. Authentication is attempted using the password specified using the ENABLE PASSWORD command in the CLI.
Page 199 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide 2. Enter the following settings: IP Address— Enter the IP address of the TACACS+ server. The IP  address must be in the following IPv4 format: xxx.xxx.xxx.xxx. Key— Enter the encryption key for TACACS+ communications ...
Page 200: Deleting An Authentication Server
Chapter 17: RADIUS and TACACS+ Clients Deleting an Authentication Server To delete either an TACACS+ or RADIUS authentication server, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Page 201: Chapter 18: 802.1X Port-Based Network Access
Chapter 18 802.1x Port-based Network Access This chapter provides a brief description of the 802.1x Port-based Authentication feature and explains how to enable this feature on the switch, and specify authentication on a port. See the following sections: “Overview” on page 202 ...
Page 202: Overview
Chapter 18: 802.1x Port-based Network Access Overview The 802.1x port-based network access control feature lets you control who can send traffic through, and receive traffic from, the individual switch ports. The switch does not allow an end node to send or receive traffic through a port until the user of the node has been authenticated by a RADIUS server.
Page 203: Operating Modes
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Authenticator Role:  The authenticator role activates port access control on a port. Ports in this role do not forward network traffic to or from network devices until the supplicants are authenticated by a RADIUS server. The authenticator role is appropriate when you want the switch to authenticate the supplicants of network devices before they can use the network.
Page 204: Figure 77: Multiple Host Operating Mode
Chapter 18: 802.1x Port-based Network Access Multiple host mode  This mode permits multiple supplicants on an authenticator port. An authenticator host forwards packets from all supplicants once one supplicant has successfully logged on. This mode is typically used in situations where you want to add 802.1x port-based network access control to a switch port that is supporting multiple supplicants, but do not want to create individual accounts for all the supplicants on the...
Page 205: Dynamic Vlan Assignments
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide An example of this authenticator operating mode is illustrated in Figure 78. The supplicants are connected to a hub or non-802.1x- compliant switch which is connected to an authenticator port on the switch.
Page 206: Guest Vlan
Chapter 18: 802.1x Port-based Network Access Guest VLAN An authenticator port in the unauthorized state typically accepts and transmits only 802.1x packets while waiting to authenticate a supplicant. However, you can specify an authenticator port to be a member of a Guest VLAN when no authenticated supplicant is logged on.
Page 207: Enabling 802.1X Port-Based Authentication On The Switch
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Enabling 802.1x Port-based Authentication on the Switch To enable the 802.1x port-based Authentication feature on a switch, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Page 208: Configuring 802.1X Port-Based Authentication
Chapter 18: 802.1x Port-based Network Access Configuring 802.1x Port-based Authentication To set 802.1x port authentication on a port, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Page 209: Figure 81. Modify 802.1X Authentication Page Expanded
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 81. Modify 802.1x Authentication Page Expanded 5. Modify the following fields as needed: Interface— Indicates the port ID. You cannot modify this  parameter from this page. Port Role— Specifies that you have selected the port as an ...
Page 210 Chapter 18: 802.1x Port-based Network Access Authentication Mode— Select the authentication mode. Choose  from the following: Unauthorized: Sets the port in the unauthorized state. Although the port is in the authenticator role, the switch blocks all authentication on the port. If you set all the ports on the switch to this setting, then no supplicants can log on and forward packets through them.
Page 211 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide times the switch retransmits EAP Request packets to a supplicant before it times out an authentication session. The range is 1 to 10 retransmissions. The default value is 2. Port Control Direction— Select whether the authenticator port ...
Page 212 Chapter 18: 802.1x Port-based Network Access automatically sends it as the supplicant’s username and password to the authentication server. This authentication method does not require 802.1x client software on supplicant nodes. Re-Auth Learning— Check the checkbox to force the port that is ...
Page 213: Disabling 802.1X Port-Based Authentication On The Switch
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Disabling 802.1x Port-based Authentication on the Switch To disable the 802.1x port-based Authentication feature on a switch, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Page 214: Disabling 802.1X Port-Based Authentication On A Port
Chapter 18: 802.1x Port-based Network Access Disabling 802.1x Port-based Authentication on a Port To disable 802.1x port authentication on a port, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Page 215: Chapter 19: Setting Ipv4 And Ipv6 Addresses
Chapter 19 Setting IPv4 and IPv6 Addresses This chapter provides brief descriptions of management IPv4 and IPv6 addresses and explains how to specify both types of IP addresses on the switch. See the following sections: “Overview” on page 216  “Displaying IPv4 Interfaces”...
Page 216: Overview
Chapter 19: Setting IPv4 and IPv6 Addresses Overview The management IP address is an IP address that the switch uses to identify itself to other network devices, such as TFTP servers and Telnet clients. The management address can be any IPv4 address, or an IPv6 address for some features, that is assigned to a VLAN on the switch.
Page 217: Ip Management Guidelines
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Table 8. Web Interface Features that Require an IP Management Address (Continued) Supported by Supported by Feature Description IPv4 Address IPv6 Address HTTP client Used for a web browser to bring the AT-8100 web interface on your network.
Page 218: Displaying Ipv4 Interfaces
Chapter 19: Setting IPv4 and IPv6 Addresses Displaying IPv4 Interfaces To display a list of the IPv4 interfaces, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 83. Figure 83. Layer 3 Tab 2.
Page 219: Adding An Ipv4 Address
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding an IPv4 Address To assign an IPv4 address, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 83 on page 218. 2.
Page 220: Changing An Ipv4 Address
Chapter 19: Setting IPv4 and IPv6 Addresses Changing an IPv4 Address To display a list of the IPv4 interfaces, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 83 on page 218. 2.
Page 221 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Note If you change the IP address that you use to access the web interface, you lose the connection to the switch. Start a management session again by opening a web browser on your PC and entering the new IP address of the switch.
Page 222: Deleting An Ipv4 Address
Chapter 19: Setting IPv4 and IPv6 Addresses Deleting an IPv4 Address To delete an IPv4 address, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 83 on page 218. 2.
Page 223: Displaying The Ipv6 Interface
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the IPv6 Interface To display a list of the IPv6 interface, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 87. Figure 87.
Page 224 Chapter 19: Setting IPv4 and IPv6 Addresses The following fields are displayed: Interface Name— VLAN number that the management IPv6  address is assigned to. IP Address— Management IPv6 address.  Subnet Mask— Subnet mask of the management IPv6 address. ...
Page 225: Adding An Ipv6 Address
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding an IPv6 Address The switch supports only one IPv6 address. As a result, you can add an IPv6 address only when no IPv6 address is assigned to the switch. To assign an IPv6 address, do the following: 1.
Page 226 Chapter 19: Setting IPv4 and IPv6 Addresses 5. Enter an IPv6 address in the IP Address field in the following format: nnnn:nnnn:nnnn:nnnn:nnnn:nnnn:nnnn:nnnn Where n is a hexadecimal digit from 0 to F. The eight groups of digits must be separated by colons. Groups where all four digits are “0” can be omitted.
Page 227: Changing Ipv6 Addresses
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Changing IPv6 Addresses To edit the management IPv6 interface, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 87 on page 223. 2.
Page 228 Chapter 19: Setting IPv4 and IPv6 Addresses 5. Click Apply. 6. Click SAVE to save your changes to the startup configuration file.
Page 229: Deleting Ipv6 Addresses
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting IPv6 Addresses To delete an IPv6 address, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 87 on page 223. 2.
Page 230 Chapter 19: Setting IPv4 and IPv6 Addresses...
Page 231: Chapter 20: Access Control Lists (Acl)
Chapter 20 Access Control Lists (ACL) This chapter provides a brief description of the Access Control Lists (ACL) feature and explains how to use these features on the switch. See the following sections: “Overview” on page 232  “Creating an ACL” on page 235 ...
Page 232: Overview
Chapter 20: Access Control Lists (ACL) Overview Access Control Lists (ACLs) act as filters to control the ingress packets on ports. They are commonly used to restrict the types of packets that ports accept to increase port security and create physical links dedicated to carrying specific types of traffic.
Page 233: Ipv4 Address And Mask
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Source and destination UDP ports  VLAN IDs  IPv4 Address and The mask of an IPv4 address is a decimal number that represents Mask the number of bits in the address, from left to right, that constitute the network portion of the address.
Page 234: Guidelines
Chapter 20: Access Control Lists (ACL) Guidelines Here are the ACL guidelines: An ACL can have a permit, deny, or copy-to-mirror action. The permit  action allows ports to forward ingress packets of the designated traffic flow, while the deny action causes ports to discard packets. The copy- to-mirror action causes a port to copy all ingress packets that match the ACL to the destination port for mirroring.
Page 235: Creating An Acl
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Creating an ACL To create an ACL, do the following: 1. Hover the cursor over the ACLs & QoS tab. The ACLs & QoS tab is displayed. See Figure 91. Figure 91. ACLs and QoS Tab 2.
Page 236: Figure 93: Traffic Classification Page
Chapter 20: Access Control Lists (ACL) Figure 93. Traffic Classification Page 4. Enter and select the following fields as needed: Classifier #— Enter a classifier number to identify an ACL.  Choose a number from the following ranges: IPv4 ACL: 3000 to 3699 MAC ACL: 4000 to 4699 Actions—...
Page 237: Figure 94: Menu For Mirror To Port
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide from the menu. The menu for Mirror to Port is displayed, as shown in Figure 94. Figure 94. Menu for Mirror to Port Mirror to Port— Use the menu to select a destination port number ...
Page 238 Chapter 20: Access Control Lists (ACL) MAC Address and mask: Select MAC, then enter a MAC source address followed by a slash (/) and a mask if you are creating a MAC ACL. The keyword “any” matches all packets on the destination address. The wildcard mask for MAC addresses must be either “0”...
Page 239: Assigning An Acl To Ports
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Assigning an ACL to Ports Before assigning ACLs to ports, ACLs must be available on the switch. To create an ACL, see “Creating an ACL” on page 235. To assign an ACL to ports, do the following: 1.
Page 240: Figure 96: Traffic Classifiers Page From Policies/Acls Page
Chapter 20: Access Control Lists (ACL) Figure 96. Traffic Classifiers Page from Policies/ACLs Page 4. Click a radio button to select an ACL. 5. Check one or multiple port numbers to select ports to apply the ACL. 6. Click Apply. 7.
Page 241: Displaying A List Of Acls
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying a List of ACLs To display a list of ACLs, do the following: 1. Hover the cursor over the ACLs & QoS tab. The ACLs & QoS tab is displayed. See Figure 91 on page 235. 2.
Page 242 Chapter 20: Access Control Lists (ACL)
Page 243: Chapter 21: Setting Static Routes
Chapter 21 Setting Static Routes To make remote networks communicate, you must add static routes or dynamic routes, or both, to the routing table. Static routes are configured manually to add routing information to the routing table. This chapter provides information about static routes. The procedures in this chapter describe how to display a list of static routes on the switch, and how to add and delete a static route.
Page 244: Displaying Static Routes
Chapter 21: Setting Static Routes Displaying Static Routes To display the static routes, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 98. Figure 98. Layer 3 Tab 2. From the Layer 3 tab drop-down menu, select Static Routes. A list of static routes is displayed.
Page 245: Adding A Static Route
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding a Static Route To add a static route, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 98 on page 244. 2.
Page 246 Chapter 21: Setting Static Routes 8. Click Apply. 9. Click SAVE.
Page 247: Deleting A Static Route
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting a Static Route To delete a static route entry, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 98 on page 244. 2.
Page 248: Displaying The Routing Table
Chapter 21: Setting Static Routes Displaying the Routing Table The routing table includes static routes and dynamic routes. The switch decides which route is the best based on the routing table. To display the routing table, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed.
Page 249 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Protocol— How this route is established.  “Static” indicates that the route was added statically; “RIP” indicates that the route was added dynamically using the RIP protocol; “Connected” indicates that the route is connected directly. AD/Metric—...
Page 250 Chapter 21: Setting Static Routes...
Page 251: Chapter 22: Quality Of Service (Qos)
Chapter 22 Quality of Service (QoS) This chapter provides a brief description of the QoS feature and explains how to use the feature on the switch. See the following sections: “Overview” on page 252  “Creating a QoS Policy” on page 255 ...
Page 252: Overview
Chapter 22: Quality of Service (QoS) Overview Quality of Service (QoS) is a feature that classifies and prioritizes traffic to guarantee a certain level of performance in converged networks, which run voice and video services on data networks. QoS can give certain traffic types preferential treatment.
Page 253: Filtering Criteria
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Table 10. Classifier Number Ranges for QoS Filtering Criterion Classifier Number Range Specifying a MAC address 4000 - 4699 Specifying no address 3000 - 3699 and 4000 - 4699 Filtering Criteria QoS policies identify packets using filtering criteria. The AT-8100 web interface offers seven criteria: Source and destination IP addresses ...
Page 254 Chapter 22: Quality of Service (QoS) value. The mark CoS action causes a port to change the CoS value of all ingress packets that match the filtering criteria with the specified CoS value. A port can have only one QoS policy. ...
Page 255: Creating A Qos Policy
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Creating a QoS Policy To create a QoS policy, do the following: 1. Hover the cursor over the ACLs & QoS tab. The ACLs & QoS tab is displayed. See Figure 103. Figure 103.
Page 256: Figure 105: Traffic Classification Page
Chapter 22: Quality of Service (QoS) Figure 105. Traffic Classification Page 4. Enter and select the following fields as needed: Classifier #— Enter a classifier number to identify a QoS policy.  Choose a classifier number according to the following conditions: When specifying an IPv4 address as a filtering criterion: Choose from 3000 to 3699.
Page 257: Figure 106: Text Box For Priority Queue
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Actions— Click a radio button to select an action from the  following options: Priority Queue: Instructs ports to place all ingress packets that match the filtering criteria into a specified priority queue. When you select Priority Queue, a text box appears below the action icons as shown in Figure 106.
Page 258: Figure 108: Text Box For Cos
Chapter 22: Quality of Service (QoS) Figure 108. Text Box for CoS Note The action options of Deny, Permit, and Mirror are for the Access Control List (ACL) feature. For information about creating an ACL, see “Creating an ACL” on page 235. Match The following parameters are under the “Match”...
Page 259 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide MAC Address and mask: Enter a MAC source address followed by a slash (/) and a mask if you are creating a MAC ACL. The wildcard mask for MAC addresses must be either “0” (zero) or “F”...
Page 260: Assigning A Qos Policy To Ports
Chapter 22: Quality of Service (QoS) Assigning a QoS Policy to Ports Before assigning QoS policies to ports, QoS policies must be available on the switch. For how to create a QoS policy, see “Creating a QoS Policy” on page 255. To assign a QoS policy to ports, do the following: 1.
Page 261: Figure 110: Traffic Classifier Page
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 110. Traffic Classifier Page 4. Click a radio button to select a QoS policy. 5. Check one or multiple checkboxes to select ports to apply the QoS policy. 6. Click Apply. 7.
Page 262: Displaying A List Of Qos Policies
Chapter 22: Quality of Service (QoS) Displaying a List of QoS Policies To display a list of QoS policies, do the following: 1. Hover the cursor over the ACLs & QoS tab. The ACLs & QoS tab is displayed. See Figure 103 on page 255. 2.
Page 263: Chapter 23: Setting Dynamic Routes Using Rip
Chapter 23 Setting Dynamic Routes Using RIP The chapter provides a brief description of the RIP feature and explains how to display the RIP settings, enable RIP on a VLAN interface, change the RIP settings, delete a VLAN interface, and display RIP statistics. See the following sections: “Overview”...
Page 264: Overview
Chapter 23: Setting Dynamic Routes Using RIP Overview To make remote networks communicate, you must add either static routes, dynamic routes, or both. The AT-8100 Series Management Software supports RIP as the routing protocol to add dynamic routes. By enabling RIP, the switch can learn about remote networks and add the routing information to its routing table dynamically.
Page 265: Displaying The Rip Configuration
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the RIP Configuration To check how the RIP is configured on the switch, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 112. Figure 112.
Page 266 Chapter 23: Setting Dynamic Routes Using RIP Authentication Type— Authentication mode for the VLAN  interface. Authentication Key— Authentication password that the VLAN  interface uses to authenticate the RIP packets Send— RIP version number of the packets that the VLAN interface ...
Page 267: Enabling Rip On A Vlan Interface
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Enabling RIP on a VLAN Interface To enable RIP and connect remote networks dynamically, you must enable RIP on VLAN interfaces. When RIP is enabled on a VLAN interface, the VLAN interface sends and receives RIP packets, and the network where the VLAN belongs is advertised through RIP.
Page 268: Figure 115: Rip Interface Page
Chapter 23: Setting Dynamic Routes Using RIP Figure 115. RIP Interface Page 3. Specify the following fields as needed: IP Interface— Select the VLAN interface to associate with the RIP  routing process. This VLAN interface receives and sends RIP packets, and the network where the VLAN belongs is advertised through RIP.
Page 269 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Note There is another way to go to the RIP Interface page to enable RIP on a VLAN interface. Go to the RIP Configuration page from the RIP Configuration page shown in Figure 113 on page 265 and click Add. To go to the RIP Configuration page, see the procedure in “Displaying the RIP Configuration”...
Page 270: Changing The Rip Settings
Chapter 23: Setting Dynamic Routes Using RIP Changing the RIP Settings To change the RIP settings of the VLAN interface, perform the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 112 on page 265. 2.
Page 271: Removing A Vlan Interface From The Rip Configuration
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Removing a VLAN Interface from the RIP Configuration To remove a VLAN interface from the RIP configuration, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 112 on page 265. 2.
Page 272: Displaying Rip Statistics
Chapter 23: Setting Dynamic Routes Using RIP Displaying RIP Statistics To display counters for RIP packets on the switch, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 116. Figure 116.
Page 273 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide inRequests— Number of request packets received.  inDiscards— Number of packets discarded. Packets may be  discarded due to authentication failure, packet received when receive is disabled, or mismatched sequence number of a triggered acknowledgement.
Page 274: Reloading Rip Statistics
Chapter 23: Setting Dynamic Routes Using RIP Reloading RIP Statistics RIP statistics are constantly counting up so that the data that has been displayed in the RIP Statistics pages are not the most recent. To display the latest data possible, click on the Refresh button on the RIP Statistics page.
Page 275: Chapter 24: Managing The Arp Table
Chapter 24 Managing the ARP Table The procedures in this chapter describe how to display the ARP table that resides on the switch, how to add static ARP entries to the table, and how to delete static ARP entries. See the following sections: “Overview”...
Page 276: Overview
Chapter 24: Managing the ARP Table Overview The Address Resolution Protocol (ARP) is used to associate an IPv4 address with a MAC address used by network nodes including the AT-8100 switches. ARP gathers information about mapping between an IPv4 address and a MAC address and stores them in the ARP table. When the node receives a packet from the Network layer, then the node encapsulates the packet into a frame.
Page 277: Displaying The Arp Table
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the ARP Table To display the ARP table, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 119. Figure 119. Layer 3 Tab 2.
Page 278: Adding A Static Arp Entry
Chapter 24: Managing the ARP Table Adding a Static ARP Entry To add a static ARP entry, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 119 on page 277. 2.
Page 279 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide 6. Click SAVE to save your changes to the startup configuration file.
Page 280: Deleting Arp Entries
Chapter 24: Managing the ARP Table Deleting ARP Entries To delete a static ARP entry, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 119 on page 277. 2. From the Layer 3 tab drop-down menu, select ARP Table. The ARP table is displayed.
Page 281: Chapter 25: Lldp And Lldp-Med
Chapter 25 LLDP and LLDP-MED This chapter provides a brief description of the Link Layer Discovery Protocol (LLDP) and Link Layer Discovery Protocol for Media Endpoint Devices (LLDP-MED) features, and explains how to enable these features on the switch. See the following sections: “Overview”...
Page 282: Overview
Chapter 25: LLDP and LLDP-MED Overview Link Layer Discovery Protocol (LLDP) and Link Layer Discovery Protocol for Media Endpoint Devices (LLDP-MED) allow Ethernet network devices, such as switches and routers, to receive and/or transmit device-related information to directly connected devices on the network that are also using the protocols, and store the information that is learned about other devices.
Page 283 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Optional LLDP-MED TLVs:  You can select LLDP-MED TLVs that are included in an LLDPDU. The switch sends selected TLVs along with the mandatory TLVs in an LLDPDU.
Page 284: Enabling And Configuring Lldp On The Switch
Chapter 25: LLDP and LLDP-MED Enabling and Configuring LLDP on the Switch To enable LLDP and set the basic LLDP configuration on the switch, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122. Figure 122.
Page 285: Figure 123: Lldp Configuration Page
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 123. LLDP Configuration Page 4. Change the following fields as needed: Status— To enable or disable LLDP on the switch, select Enabled  or Disabled from the drop-down menu. By default, LLDP is disabled.
Page 286 Chapter 25: LLDP and LLDP-MED Holdtime Multiplier— Enter a holdtime multiplier value. The  transmit interval is multiplied by the holdtime multiplier to give the Time To Live (TTL) the switch advertises to the neighbors. The range is 2 to 10. The default value is 4. Non Strict Med TLV Order Check—...
Page 287: Disabling Lldp On The Switch
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Disabling LLDP on the Switch To disable the LLDP feature on a switch, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284.
Page 288: Configuring Lldp On A Port
Chapter 25: LLDP and LLDP-MED Configuring LLDP on a Port To assign LLDP to a port, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284.
Page 289: Figure 125: Modify Lldp Port Configuration Page
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 125. Modify LLDP Port Configuration Page 4. Change the settings as needed: Interface— Indicates the port ID.  Notifications— Check the checkbox to activate the switch to send  LLDP-MED topology change notifications when a device is connected to, or disconnected from, the port.
Page 290: Selecting Lldp Tlvs On A Port
Chapter 25: LLDP and LLDP-MED Selecting LLDP TLVs on a Port To enable LLDP TLV, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284. 2.
Page 291: Figure 127: Lldp Tlv Page
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 127. LLDP TLV Page 5. Click Edit next to the port that you want to modify. The Modify LLDP TLV page is displayed. See Figure 128 on page 292.
Page 292: Figure 128: Modify Lldp Tlv Page
Chapter 25: LLDP and LLDP-MED Figure 128. Modify LLDP TLV Page 6. Change the settings as needed: Interface— Indicates the port ID.  Port Description— Check the checkbox to select the port  description to be included in LLDPDUs. System Name— Check the checkbox to select the system name ...
Page 293 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Management Address— Check the checkbox to select the IP  address of the local LLDP agent to be included in LLDPDUs. Port VLAN— Check the checkbox to select the VID of the ...
Page 294: Setting A Location Entry For The Lldp-Med Location Tlv
Chapter 25: LLDP and LLDP-MED Setting a Location Entry for the LLDP-MED Location TLV You can define location information about a network device as an LLDP- MED TLV and include the TLV in an LLDPDU, which the switch sends to its neighbors.
Page 295: Figure 129: Locations Tab
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 129. Locations Tab 4. From the Locations tab drop-down menu, move the cursor to the right and select Civic. The LLDP Civic Location page is displayed. See Figure 130. Figure 130. LLDP Civic Location Page...
Page 296: Figure 131: Lldp Civic Location Page- Add
Chapter 25: LLDP and LLDP-MED 5. Click Add. The Add LLDP Civic Location Page is displayed. See Figure 131. Figure 131. LLDP Civic Location Page— Add 6. Enter the ID and Country fields:...
Page 297 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide ID— Enter an LLDP Civic Location ID. The range is 1 to 256. (This  range is separate from the ranges for coordinate and ELIN entries.) Country— Enter the county code. It must contain two uppercase ...
Page 298: Creating A Coordinate Location
Chapter 25: LLDP and LLDP-MED Additional Code— 1234  Seat— cube-411a  Primary Road Name— Zanker  Road Section— North  Branch Road Name— State-Lane  Sub Branch Road Name— Boulder-Creek-Avenue  Street Name Pre Modifier— West  Street Name Post Modifier— Div ...
Page 299: Figure 133: Lldp Coordinate Location Page- Add
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The LLDP Coordinate Location page is displayed. See Figure 133. Figure 133. LLDP Coordinate Location Page— Add 6. Specify the following fields as needed: ID— Enter an LLDP Coordinate Location ID. The range is 1 to 256. ...
Page 300: Creating An Emergency Location Identification Number (Elin) Location
Chapter 25: LLDP and LLDP-MED Altitude Type— Choose between meters and floors.  Altitude Resolution— Enter altitude resolution as the number of  valid bits. The range is 0 to 30. Datum— Select the geodetic system (or datum) of the ...
Page 301: Figure 135: Lldp Elin Location Page
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The LLDP ELIN Location page is displayed. See Figure 135. Figure 135. LLDP ELIN Location Page 6. Enter values in the following fields: ID— Enter an ID number for an LLDP-MED coordinate location ...
Page 302: Assigning Lldp Locations To A Port
Chapter 25: LLDP and LLDP-MED Assigning LLDP Locations to a Port Use a Civic, Coordinate, or ELIN location ID port location to assign to a port. You must create these location IDs before you assign a port location to a port. For instructions to create location IDs, see “Setting a Location Entry for the LLDP-MED Location TLV”...
Page 303: Figure 137: Modify Lldp Port Location Page
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 137. Modify LLDP Port Location Page 4. Select values in the fields as needed: Interface — Indicates the port ID.  Civic Location ID— Select a Civic Location ID from the pull-down ...
Page 304: Selecting Lldp-Med Tlvs On A Port
Chapter 25: LLDP and LLDP-MED Selecting LLDP-MED TLVs on a Port To enable LLDP-MED TLV, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284. 2.
Page 305: Figure 139: Modify Lldp-Med Tlv Page
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 139. Modify LLDP-MED TLV Page 5. Change the fields as needed: Interface— Indicates the port ID.  Capabilities— Check the checkbox to select the capabilities to be  included in LLDPDUs. Network-policy—...
Page 306 Chapter 25: LLDP and LLDP-MED Inventory-management— Check the checkbox to select the  current hardware and the software information to be included in LLDPDUs. This information is identical on every port on the switch: - Hardware Revision - Firmware Revision - Software Revision - Serial Number - Manufacturer Name...
Page 307: Displaying Lldp Neighbor Information
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying LLDP Neighbor Information To display LLDP Statistical information, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284.
Page 308 Chapter 25: LLDP and LLDP-MED C = Cable Device S = Station only Med Device class and Power Source code— Indicates whether  or not the MED device Classes I through III are supported. Power Source code indicates the current power source which is either the Primary Power Source or the Backup Power Source.
Page 309: Displaying Lldp Statistics
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying LLDP Statistics To display LLDP Statistics, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284. 2.
Page 310: Figure 142: Lldp Statistics Page With Summary Tab
Chapter 25: LLDP and LLDP-MED New Entries— Number of times the information advertised by  neighbors has been inserted into the neighbor table. Deleted Entries— Number of times the information advertised by  neighbors has been removed from the neighbor table. Dropped Entries—...
Page 311: Displaying Location Entries
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying Location Entries To display the LLDP Civic, Coordinate, and ELIN locations, use the following procedures: “Displaying Civic Locations” on page 311  “Displaying Coordinate Locations” on page 312  “Displaying ELIN Locations” on page 313 ...
Page 312: Displaying Coordinate Locations
Chapter 25: LLDP and LLDP-MED House Number  House Number Suffix  Landmark  Additional Information  Name  Postal Code  Building  Unit  Floor  Room  Place Type  Postal Community Name  Post Office Box ...
Page 313: Displaying Elin Locations
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The following fields are displayed: ID— LLDP Coordinate Location ID.  Latitude— Latitude value in decimal degrees.  Latitude Resolution— Latitude resolution as the number of valid  bits. Longitude— Longitude value in decimal degrees. ...
Page 314: Displaying Lldp And Lldp-Med Settings
Chapter 25: LLDP and LLDP-MED Displaying LLDP and LLDP-MED Settings To display the LLDP and LLDP-MED settings, use the following procedures: “Displaying the Basic LLDP Configuration” on page 314  “Displaying LLDP Port Assignments” on page 315  “Displaying Port Locations” on page 316 ...
Page 315: Displaying Lldp Port Assignments
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Notification Interval— Notification interval. This is the minimum  interval between LLDP SNMP notifications (traps). Reinit— Reinitialization delay. This is the number of seconds that  must elapse after LLDP is disabled on a port before it can be reinitialized.
Page 316: Displaying Port Locations
Chapter 25: LLDP and LLDP-MED Displaying Port To display the LLDP port locations, do the following: Locations 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284. 2.
Page 317 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide System Capabilities— Device’s router and bridge functions, and  whether or not these functions are currently enabled. Management Address— IP address of the local LLDP agent. This  is used to obtain information related to the local device. Port VLAN—...
Page 318: Displaying Lldp-Med Tlv
Chapter 25: LLDP and LLDP-MED Displaying To display LLDP-MED TLV settings, do the following: LLDP-MED TLV 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284. 2. From the Discovery & Monitoring tab, hover over LLDP and then hover over TLV.
Page 319 AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide - Model Name - Asset ID...
Page 320 Chapter 25: LLDP and LLDP-MED...
Page 321: Chapter 26: Sflow
Chapter 26 sFlow This chapter provides a brief description of the sFlow feature and explains how to enable this feature on the switch. See the following sections: “Overview” on page 322  “Specifying an sFlow Collector” on page 324  “Configuring sFlow on a Port”...
Page 322: Overview
Chapter 26: sFlow Overview The sFlow agent allows the switch to gather data about the traffic on the ports and to send the data to sFlow collectors on your network for analysis. You can use the information to monitor the performance of your network or identify traffic bottlenecks.
Page 323: Sflow Collectors
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide To configure the agent to forward these port statistics to the collectors, you have to specify polling rates, which define the maximum amount of time permitted between successive queries of the counters of a port by the agent.
Page 324: Specifying An Sflow Collector
Chapter 26: sFlow Specifying an sFlow Collector Use this procedure to specify the IP address and the UDP port of an sFlow collector on your network. The packet sampling data and the packet counters are sent by the switch to the collector specified. You can specify only one collector.
Page 325: Figure 145: Sflow Page With Collectors Tab
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The sFlow page is displayed with the Collector Tab selected. See Figure 145. Figure 145. sFlow Page with Collectors Tab 4. Click Add. The sFlow Collector page is displayed. See Figure 146. Figure 146.
Page 326 Chapter 26: sFlow IP Address— IPv4 address of the sFlow collector on your network.  Enter the IPv4 address in the following format: xxx.xxx.xxx.xxx where xxx is a number from 0 to 255. There are four groups of numbers that are separated by periods. UDP Port—...
Page 327: Configuring Sflow On A Port
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Configuring sFlow on a Port To configure the sFlow feature on a port, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 143 on page 324.
Page 328: Figure 147: Sflow Port Modify Page
Chapter 26: sFlow The sFlow Port Modify page is displayed. See Figure 147. Figure 147. sFlow Port Modify Page 4. Change the following fields as needed: Interface— Indicates the port ID. You cannot change this  parameter on this page. Polling Interval—...
Page 329: Enabling Sflow On The Switch
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Enabling sFlow on the Switch Before enabling the sFlow feature on the switch, you must configure sFlow on the ports. The port configurations cannot be edited if the sFlow feature is enabled. For how to configure sFlow on the ports, see “Configuring sFlow on a Port”...
Page 330: Displaying The Sflow Settings
Chapter 26: sFlow Displaying the sFlow Settings To display the sFlow settings, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 143 on page 324. 2. From the Discovery & Monitoring tab drop-down menu, select sFlow.

This manual is also suitable for:

At-8100l/8poe At-8100l/8poe-e At-8100s/24c At-8100s/24poe At-8100s/16f8-sc At-8100s/16f8-lc ... Show all

Allied Telesis T-8100L/8 User Manual

Preface

Chapter 1: AT-8100 Series Version 2.2.5.0 Web Browser Interface

Chapter 2: Starting a Management Session

Chapter 3: Basic Switch Parameters

Chapter 4: Setting Port Parameters

Chapter 5: Setting Port Statistics

Chapter 6: Port Mirroring

Chapter 7: Spanning Tree Protocol on a Port

Chapter 8: Setting the MAC Address

Chapter 9: Link Aggregation Control Protocol (LACP)

Chapter 10: Setting Static Port Trunks

Chapter 11: Setting Port-Based and Tagged Vlans

Chapter 12: Spanning Tree Protocols on the Switch

Chapter 13: Internet Group Management Protocol (IGMP) Snooping

Chapter 14: IGMP Snooping Querier

Chapter 15: Power over Ethernet (Poe)

Chapter 16: MAC Address-Based Port Security

Chapter 17: RADIUS and TACACS+ Clients

Chapter 18: 802.1X Port-Based Network Access

Chapter 19: Setting Ipv4 and Ipv6 Addresses

Chapter 20: Access Control Lists (ACL)

Chapter 21: Setting Static Routes

Chapter 22: Quality of Service (Qos)

Quick Links

Management Software

Related Manuals for Allied Telesis T-8100L/8

Summary of Contents for Allied Telesis T-8100L/8