AT-8100 Series Fast Ethernet Switches AT-8100L/8 AT-8100L/8POE AT-8100L/8POE-E AT-8100S/24C AT-8100S/24 AT-8100S/24POE AT-8100S/16F8-SC AT-8100S/16F8-LC AT-8100S/24F-LC AT-8100S/48 AT-8100S/48POE CONSOLE plus LINK / ACT CONSOLE plus LINK / ACT CONSOLE LINK / ACT CONSOLE LINK / ACT 2056...
Page 2
* Neither the name of Allied Telesis, Inc. nor the names of the respective companies above may be used to endorse or promote products derived from this software without specific prior written permission.
Page 3
Telesis, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesis, Inc. has been advised of, known, or should have known, the possibility of such damages.
Contents Preface ................................15 Document Conventions ............................ 16 Where to Find Web-based Guides ........................17 Contacting Allied Telesis ..........................18 Chapter 1: AT-8100 Series Version 2.2.5.0 Web Browser Interface ............19 Management Sessions ............................. 20 Web Manager Accounts ........................... 21 Chapter 2: Starting a Management Session ....................
Page 6
Contents Changing the User Privilege........................54 Deleting a User Account..........................55 Rebooting a Switch ............................57 Upgrading the Software ............................ 58 Displaying System Information ......................... 61 Chapter 4: Setting Port Parameters ......................63 Port Numbers on the Switch ..........................64 Displaying the Port Parameters ........................
Page 7
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Port VLAN Identifier ..........................132 Tagged VLANs............................132 Tagged and Untagged Ports ........................133 Native VLAN............................. 133 Displaying VLANs............................134 Adding a VLAN ............................... 135 Modifying VLANs ............................137 Assigning a Native VLAN ..........................139 Removing an Untagged Port from a VLAN.....................
Page 8
Contents Adding a RADIUS Server .........................193 Configuring TACACS+ for Remote Manager Authentication ................195 Configuring Remote Manager Authentication Using TACACS+...............195 Adding a TACACS+ Server ........................198 Deleting an Authentication Server ........................200 Chapter 18: 802.1x Port-based Network Access ..................201 Overview .................................202 Port Roles..............................202 Operating Modes ............................203 Dynamic VLAN Assignments........................205 Guest VLAN..............................206...
Page 9
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Assigning a QoS Policy to Ports........................260 Displaying a List of QoS Policies........................262 Chapter 23: Setting Dynamic Routes Using RIP ..................263 Overview................................. 264 Enabling RIP ............................264 Displaying the RIP Configuration........................265 Enabling RIP on a VLAN Interface .........................
Page 11
Figure 19: User Management Page with Change Privilege Tab...................55 Figure 20: User Management Page with Delete User Tab ....................56 Figure 21: User Login Page on the Allied Telesis Website....................58 Figure 22: System Upgrade Page ............................59 Figure 23: Port Number ................................64 Figure 24: Switching Tab with Port Tab..........................65...
Page 12
Figures Figure 51: VLANs Page ..............................134 Figure 52: Add VLAN Page ..............................135 Figure 53: Edit VLAN Page..............................137 Figure 54: Native VLAN Page.............................139 Figure 55: Spanning Tree Settings Page..........................145 Figure 56: Switching IGMP Tab ............................151 Figure 57: IGMP Snooping Page with Configuration Tab ....................152 Figure 58: IGMP Snooping Page with Routers List Tab .....................155 Figure 59: IGMP Snooping Page with Hosts List Tab......................157 Figure 60: IGMP Snooping Querier with One Querier ......................161...
This preface contains the following sections: “Document Conventions” on page 16 “Where to Find Web-based Guides” on page 17 “Contacting Allied Telesis” on page 18 Caution The software described in this document may contain certain encryption/security or cryptographic functionality and for exporting those products/software, USA export restrictions apply as per 15 C.F.R.
Document Conventions This document uses the following conventions: Note Notes provide additional information. Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data. Warning Warnings inform you that performing or omitting a specific action may result in bodily injury.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Where to Find Web-based Guides The installation and user guides for all of the Allied Telesis products are available for viewing in portable document format (PDF) from our web site at www.alliedtelesis.com/support/documentation.
Contacting Allied Telesis If you need assistance with this product, you may contact Allied Telesis technical support by going to the Support & Services section of the Allied Telesis web site at www.alliedtelesis.com/support. You can find links for the following services on this page: 24/7 Online Support—...
Chapter 1 AT-8100 Series Version 2.2.5.0 Web Browser Interface This chapter describes the types of management sessions using the AT-8100 Series management software and the web interface manager accounts. See the following sections: “Management Sessions” on page 20 “Web Manager Accounts” on page 21 ...
Chapter 1: AT-8100 Series Version 2.2.5.0 Web Browser Interface Management Sessions The AT-8100 Series switches provide two management interfaces: the web interface and Command Line Interface (CLI). This manual provides procedures that guide you through the web interface. The initial management session of the switch can be from a management session, either through the web interface or the CLI.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Web Manager Accounts You must log on to manage the switch. This requires a valid username and password. The switch comes with one manager account with a username of “manager” and the default password of “friend.” Both the username and password are case-sensitive.
Page 22
Chapter 1: AT-8100 Series Version 2.2.5.0 Web Browser Interface...
Chapter 2 Starting a Management Session This chapter describes how to start a management session using the AlliedWare Plus™ web interface as well as how to select fields, save your changes, and end a management session. See the following sections: “Non-secure HTTP and Secure HTTPS Modes”...
Chapter 2: Starting a Management Session Non-secure HTTP and Secure HTTPS Modes The switch has a web server so that you can remotely manage the switch over the network from a web browser on your PC. The server can operate in either plain-text HTTP mode or encrypted HTTPS mode.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Starting the Initial Web Management Session This section explains how to start a management session for the first time using the AT-8100 web interface. The switch shipped from the factory is configured with an IP address assigned and the web interface (HTTP service) enabled.
Chapter 2: Starting a Management Session 3. Open a web browser on the PC and enter the following: http://169.254.1.1 The AT-8100 Login page is displayed as shown in Figure 1. Figure 1. Login Page...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Logging onto the Switch Once you start the web interface, the AT-8100 Login page is displayed. Enter “manager” in the User Name field and “friend” in the Password field as shown in Figure 2. Then click the Login button. Figure 2.
Chapter 2: Starting a Management Session Figure 3. Dashboard Page The following fields are displayed: Up Time— Length of time since the switch was last reset or power cycled in days, hours, minutes and seconds. Note Up Time is displayed on the top-right corner of the screen. The System section displays the following information: MAC Address—...
Page 29
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide System Name— Name of the switch. To specify this field, see “Setting the Switch Information” on page 48. Version— Software version number of the Management Software. Contact— Contact person for the switch. To specify this field, see ...
If you forget the manager password, you cannot manage the switch if there are no other management accounts on the unit. In this case, contact Allied Telesis Technical Support for assistance. For instructions on how to create additional management accounts, see “Adding a New User Account”...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The management IPv4 address can be any IPv4 address assigned on the switch. The switch can have only one IPv6 address. Your PC must have an IP address that belongs to the network ...
Chapter 2: Starting a Management Session Starting a Web Management Session This section provides how to start a web management session when the switch does not have the factory default configuration. To log onto the switch through the web interface, enter the IP address of the switch on the web browser, such as Windows Internet Explorer, on the PC or laptop that can access the switch.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide When the Switch When the switch does not display the web interface, even though you enter the IP address of the switch on the web browser, you must enable Does Not Display HTTP or HTTPS service on the switch through the CLI by performing the the Login Page following steps:...
Chapter 2: Starting a Management Session The local management session is started when the AlliedWare Plus™ command line prompt is displayed as shown in Figure 4. awplus> Figure 4. AlliedWare Plus™ Command Line Prompt Checking for the To check for IP addresses assigned to the switch, enter the following commands: IP Addresses of the Switch in the...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide awplus# show ip http HTTP server disabled. Figure 6. Displaying the Status of HTTP Service To check whether HTTPS service is enabled, enter the following commands: awplus> enable awplus# show ip https Figure 7 shows an example of the command output.
Chapter 2: Starting a Management Session Saving your Save your changes to the startup configuration file by entering the following commands: Changes in the awplus# copy running-config startup-config awplus# write...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Saving Your Changes The changes you have made are temporarily stored in the running configuration file. When you reboot the switch, the information in the running configuration file is lost. To save your changes after you reboot the switch, do the following: 1.
Chapter 2: Starting a Management Session Ending a Web Management Session To end a web management session, select LOGOUT at the top of the web page. For an example, see the System Contact Information page in Figure 8 on page 37.
Chapter 3 Basic Switch Parameters This chapter describes how to set up basic switch operations. See the following sections: “Setting the System Date and Time” on page 40 “Configuring a Telnet or SSH Server” on page 45 “Configuring a Remote Log Server” on page 47 ...
Chapter 3: Basic Switch Parameters Setting the System Date and Time This procedure explains how to set the switch’s date and time. Setting the date and time is important if you plan to view the events in the switch’s event log or on a syslog server. The correct date and time are also important if the management software sends traps to a management workstation or if you plan to create a self-signed SSL certificate.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 9. System Settings Tab 3. From the System tab, hover over System Settings. 4. Move the cursor to the right and select Time. The System Time Settings page is displayed. See Figure 10. Figure 10.
Chapter 3: Basic Switch Parameters Figure 11. System Time Settings Page with Network Time Settings Tab 6. To configure the switch to obtain its date and time from an SNTP or NTP server on your network or the Internet, specify the following fields: NTP Status—...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Note The switch does not set daylight saving time (DST) automatically. If the switch is in a locale that uses DST, you must remember to enable this in March when DST begins and disable it in October when DST ends.
Chapter 3: Basic Switch Parameters Figure 12. Calendar Page a. Use the arrows at the top of the Calendar to select the month and year. b. Set the time of day using the following format: hh:mm:ss c. Click on the day of the month. 7.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Configuring a Telnet or SSH Server The AT-8100 web browser interface allows you to configure the switch as a Telnet or SSH server. You can use the web browser interface to enable a Telnet server, but not as a Telnet client.
Page 46
Chapter 3: Basic Switch Parameters Note Both the Remote Log and Server IP Address fields are used only to set a remote log server. For information on these fields, see “Configuring a Remote Log Server” on page 47. Remote Log— Check the checkbox to enable the switch to send ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Configuring a Remote Log Server You can use the AT-8100 web browser interface to enable logging to a remote log server, which is part of the Syslog feature. However, you must use the CLI to view or clear the event log. For information about the Syslog features, see the SysLog chapters in the AT-8100 Series Version 2.2.5.0 Management Software Command Line Interface User’s Guide.
Chapter 3: Basic Switch Parameters Setting the Switch Information This procedure allows you to set information about the switch, such as a switch name, contact person, and location. Assigning a name to the switch helps you identify your switches when you manage them and avoid performing a configuration procedure on the wrong switch.
Page 49
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Specify the following fields as necessary: System Name— Enter a name for the switch, for example, S1 or Switch2. The name is displayed on the Dashboard page. See Figure 3 on page 28. The name can be from 1 to 39 characters in length.
Chapter 3: Basic Switch Parameters Managing the Configuration File Within the web browser interface, you can upload a configuration file onto the switch, download a configuration file from the switch, delete a configuration file, and save your changes to the current configuration file. However, to create a new configuration file, you need to access the switch through the CLI.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide format is year, month, date. Setting the Active To specify a file as the startup configuration file, do the following: Configuration 1. Use the pull-down menu to select a file as the active configuration file. File 2.
Chapter 3: Basic Switch Parameters Managing Local User Accounts The switch comes with one local manager account. The account, which has the username “manager” and default password “friend,” is referred to as a local account because it is the switch that authenticates the username and password when a manager logs on using the account.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide 3. Add a new user by doing the following: User Name— Enter a new logon name for the new account. The name is case-sensitive and can contain up to 15 alphanumeric characters.
Chapter 3: Basic Switch Parameters Figure 18. User Management Page with Change Password Tab 4. Use the pull-down menu next to the User Name field to select a username. The username must already exist. 5. Enter a new password in plaintext in the New Password field. A password can consist of up to 16 alphanumeric characters and is case-sensitive.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 19. User Management Page with Change Privilege Tab 4. Use the pull-down menu next to the User Name field to select a user. 5. Use the pull-down menu next the New Privilege field to select a user privilege level.
Chapter 3: Basic Switch Parameters Figure 20. User Management Page with Delete User Tab 4. Use the pull-down menu to select a user. 5. Click Delete User. 6. Click SAVE to save your changes to the startup configuration file.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Rebooting a Switch Resetting the switch ends your web browser management session. To continue managing the switch, you must log in again. Note All unsaved changes are discarded when you reset a switch. To save your changes to the startup configuration file, click SAVE.
Upgrading the Software The latest version of the AlliedWare Plus™ Management Software is available from the Allied Telesis website. You can download the software image file on your workstation and upload the file onto the switch. To upgrade the AT-8100 software, perform the following procedure: 1.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide 4. Enter your email address and password, then click the Sign In button. Note If you do not know your password, click the Create Account link and follow the instructions on the page. 5.
Page 60
Chapter 3: Basic Switch Parameters Note Upgrading the system software on the switch ends your current web browser management session. To continue managing the switch, you must log in again.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying System Information To view basic information about the switch, select the System Tab. The Dashboard Page is displayed as shown in Figure 3 on page 28. The following fields are displayed: Up Time—...
Page 62
Chapter 3: Basic Switch Parameters IGMP Snooping Querier— Indicates if IGMP Snooping Querier is enabled or disabled on the switch. The Administration Options section displays the following information: System Upgrade— Click this link to go to the System Upgrade ...
Chapter 4 Setting Port Parameters This chapter describes how to display and modify the port settings such as back pressure and flow control. In addition, it provides procedures to display and modify storm control settings. This chapter contains the following sections: “Port Numbers on the Switch”...
Chapter 4: Setting Port Parameters Port Numbers on the Switch The ports on the switch are identified in the format shown in Figure 23. Figure 23. Port Number The variables in the parameter are defined here: Switch ID: When the switch is a stand-alone switch, the web interface ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the Port Parameters To display the settings for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24. Figure 24.
Page 66
Chapter 4: Setting Port Parameters Type— Transmission speed and medium, copper or fiber optic, of the port. For example, 1000Base-SX indicates that the port is a fiber optic gigabit standard. Status— Indicates if the port is enabled or disabled. The default ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Changing the Port Settings You can change the settings of one port at a time. Use the following procedure to change the port settings or reset a port to its default value, To change the port settings, do the following: 1.
Chapter 4: Setting Port Parameters Figure 26. Port Configuration Modify Page 5. Specify the following fields as needed: Interface— Indicates the port ID. Port Type— Indicates the transmission speed and medium, copper or fiber, that the port supports. Port Description—...
Page 69
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide cannot select them. To change the Configure Speed and Configure Duplex fields, change the Negotiation setting to “Manual.” Note When the port type is 1000Base fiber optic, the Negotiation must be “Auto”, and you are not allowed to change the setting to “Manual.” Current Speed—...
Page 70
Chapter 4: Setting Port Parameters A cell represents 128 bytes. The range is 1 to 7935 cells. The default value is 7935 cells. Flow Control Status— Enable or disable the flow control feature. By default, flow control is disabled on the port. Flow Control Limit (1 - 7935)—...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the Storm Control Settings To display the storm control settings, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 72
Chapter 4: Setting Port Parameters Multicast packets that exceed the threshold are discarded by the port. The range is 0 to 33,554,431 packets. The default is 33,554,431 packets. Dlf— Indicates whether the unknown unicast threshold setting is enabled or disabled. Dlf Level—...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying the Storm Control Settings To modify the storm control settings, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 74
Chapter 4: Setting Port Parameters 5. Change the following fields as needed: Broadcast— Enable or disable the broadcast storm control feature. When this feature is enabled, the port discards ingress broadcast packets that exceed the specified level. This feature is disabled by default.
Chapter 5 Setting Port Statistics This chapter describes how to display and clear port statistics. Within the AlliedWare Plus™ software, you can display and clear transmit, receive, and interface port statistics. This chapter contains the following topics: “Displaying Port Statistics” on page 76 ...
Chapter 5: Setting Port Statistics Displaying Port Statistics You can display several types of port statistics. See the following sections: “Displaying Transmit and Receive Port Statistics” on page 76 “Displaying Receive Statistics” on page 77 “Displaying Transmit Statistics” on page 79 ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The following fields are displayed: Interface— Port ID. 0-64 Byte Frames— Number of frames transmitted by the port that contains 0 to 64 bytes. 65-127 Byte Frames— Number of frames transmitted by the port ...
Chapter 5: Setting Port Statistics Figure 30. Port Statistics with the Receive Tab The following fields are displayed: Interface— Port ID. Total Bytes— Number of received bytes. Total Frames— Number of received frames. Total Error Frames— Total number of received frames with ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Undersize Frames— Number of received frames that were less than the minimum length as specified by IEEE 802.3 (64 bytes, including the CRC). Dropped Frames— Number of frames successfully received and ...
Chapter 5: Setting Port Statistics Total Frames— Number of transmitted frames. Total Error Frames— Number of transmitted frames with errors. Multicast Frames— Number of transmitted multicast frames. Broadcast Frames— Number of transmitted broadcast frames. Pause Frames Sent— Number of transmitted flow-control pause ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 32. Port Statistics Page with Interface Tab The following fields are displayed: Interface— Port ID. Rx Unicast Packets— Number of ingress unicast packets. Rx Discard Packets— Number of ingress packets that were ...
Chapter 5: Setting Port Statistics Clearing Port Statistics To clear the statistics for a port, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2. From the Switching tab, hover over Port. 3.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Reloading Statistics Port statistics are constantly counting, and the values are changing so that the data displayed in the Port Statistics pages are not the most recent. To display the latest data possible, click on the Reload Page button on a Port Statistics page.
Chapter 6 Port Mirroring The port mirror is a management tool that allows you to monitor the traffic on one or more ports on the switch. It works by copying the traffic from source ports to a destination port where the traffic can be monitored with a network analyzer.
Chapter 6: Port Mirroring Overview To use the port mirroring feature, you must designate one or more source ports and one destination port. The source ports are the ports whose packets are mirrored and monitored. The destination port is the port where the packets from the source ports are copied and where the network analyzer is connected.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying Port Mirroring Settings To display the port mirroring assignments for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Chapter 6: Port Mirroring Assigning a Destination Port The destination port is the source port where the packets are copied. You can only assign one destination port to the switch. To assign a destination port, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Specifying Direction Type To specify source ports and type of packet direction, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 90
Chapter 6: Port Mirroring 6. Click Apply. 7. Click SAVE to save your changes to the startup configuration file.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting Port Mirroring Settings To delete the existing port mirroring settings, assign the port to “None” by doing the following: 1. Display the port mirroring assignments. See “Displaying Port Mirroring Settings” on page 87. The Port Mirroring List page is displayed.
Chapter 7 Spanning Tree Protocol on a Port The Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP) guard against the formation of loops in an Ethernet network topology. A topology has a loop when two or more nodes can transmit packets to each other over more than one data path.
Chapter 7: Spanning Tree Protocol on a Port Overview STP and RSTP prevent loops from forming by ensuring that only one path is available at a time between the switches in your network. Where multiple paths exist, these spanning tree protocols place the extra paths in a standby or blocking mode.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying Port Spanning Tree Protocol Settings To display the Spanning Tree Protocol settings for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 96
Chapter 7: Spanning Tree Protocol on a Port Version— Spanning Tree Protocol version: STP, RSTP, or MSTP. The default setting is RSTP. Portfast— Indicates if the port is designated as an edge port. If a port on the switch is not connected to a switch or a network that is running the spanning tree protocol, you can designate it as an edge port.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying Port Spanning Tree Protocol Settings To modify port settings for Spanning Tree Protocol, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 98
Chapter 7: Spanning Tree Protocol on a Port Version— Indicates the Spanning Tree Protocol version. The default setting is RSTP. Configured Path Cost— Enter the cost of the port to the root bridge. This cost is combined with the costs of the other ports in the path to the root bridge to determine the total path cost.
Page 99
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Link Type— Choose from the following settings: AUTO: The switch determines the link type of the port is either PTP or Shared. If a port is set to full-duplex mode, the link type is point-to-point.
Page 100
Chapter 7: Spanning Tree Protocol on a Port...
Chapter 8 Setting the MAC Address The procedures in this chapter describe how to display the MAC address table that resides on the switch, as well as how to add a unicast or multicast MAC addresses to the table. Procedures to modify and delete MAC addresses within the table are also included in this chapter.
Chapter 8: Setting the MAC Address Displaying the Unicast MAC Addresses To display the unicast MAC addresses, do the following: 1. Hover the cursor over the Switching Tab. The Switching Tab is displayed. See Figure 38. Figure 38. Switching Tab 2.
Page 103
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The following fields are displayed: MAC Address— Dynamic and static unicast MAC addresses learned on or assigned to the port. Vlan— ID number of the VLAN that the node designated by the ...
Chapter 8: Setting the MAC Address Displaying the Multicast MAC Addresses To display the multicast MAC addresses, do the following: 1. Hover the cursor over the Switching tab. The Switching Tab is displayed. See Figure 38 on page 102. 2. Hover over Mac Table and then move the cursor to the right to select Multicast.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Assigning a Unicast MAC Address To assign a unicast MAC address to the MAC address table, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 106
Chapter 8: Setting the MAC Address Forward: Specifies the port to forward packets that have the designated source MAC address. Discard: Specifies the port to discard packets that have the designated source MAC address. 5. Click Add. 6. Click SAVE to save your changes to the startup configuration file.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Assigning a Multicast MAC Address To assign a multicast MAC address to the MAC address table, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 108
Chapter 8: Setting the MAC Address Forward: Specifies the port to forward packets that have the designated source MAC address. Discard: Specifies the port to discard packets that have the designated source MAC address. 5. Click Add. 6. Click SAVE to save your changes to the startup configuration file.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting a Unicast MAC Address To delete a unicast address or clear all static or dynamic unicast addresses, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 38 on page 102. 2.
Chapter 8: Setting the MAC Address Deleting a Multicast MAC Address To delete a multicast address or clear all static or dynamic multicast addresses, do the following: 1. Hover the cursor over the Switching Tab. The Switching Tab is displayed. See Figure 38 on page 102. 2.
Chapter 9 Link Aggregation Control Protocol (LACP) LACP is used to increase the bandwidth between the switch and other LACP compatible devices by grouping ports together to form single virtual links. This chapter provides a brief description of LACP and explains how to display and set LACP.
Chapter 9: Link Aggregation Control Protocol (LACP) Overview LACP trunks are similar in function to static port trunks, but they are more flexible. The implementations of static trunks tend to be vendor-specific and may not always be compatible. In contrast, the implementation of LACP in the switch is compliant with the IEEE 802.3ad standard.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying LACP Trunks To display the LACP trunk assignments for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 114
Chapter 9: Link Aggregation Control Protocol (LACP) Load Balance Method— Load distribution methods of the aggregators. An aggregator can have only one load distribution method. The load distribution method determines the manner in which the switch distributes the egress packets among the active ports of an aggregator.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding an LACP Trunk To create an LACP trunk, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2. From the Switching tab, hover over Link Aggregation. For an example of the Link Aggregation selection, see Figure 43 on page 113.
Page 116
Chapter 9: Link Aggregation Control Protocol (LACP) 5. Enter an aggregator ID number in the Aggregator ID field. The number can be from 1-32. 6. Select the Load Balance Method. Choose from the following: Src MAC— Source MAC address as the load distribution method. ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying an LACP Trunk To modify the LACP Trunk settings, see the following procedure: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 118
Chapter 9: Link Aggregation Control Protocol (LACP) 5. Select the Load Balance Method. Choose from the following: Src MAC— Source MAC address as the load distribution method. Dst MAC— Destination MAC address. Src-Dst MAC— Source address/destination MAC address. ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting an LACP Trunk To delete an LACP trunk, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2. From the Switching tab, hover over Link Aggregation. For an example of the Link Aggregation selection, see Figure 43 on page 113.
Page 120
Chapter 9: Link Aggregation Control Protocol (LACP)
Chapter 10 Setting Static Port Trunks Static port trunks are groups of two to eight ports that act as single virtual links between the switch and other network devices. This chapter describes how to display, create, and modify static trunks. See the following sections: “Overview”...
Chapter 10: Setting Static Port Trunks Overview Static port trunks are commonly used to improve network performance by increasing the available bandwidth between the switch and other network devices, as well as to enhance the reliability of the connections between network devices.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying Static Trunk Settings To display the static port trunks for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
Page 124
Chapter 10: Setting Static Port Trunks Dst MAC: Destination MAC address is the load distribution method. Src-Dst MAC: Source address and destination MAC address is the load distribution method. Src IP: Source IP address is the load distribution method. Dst IP: Destination IP address is the load distribution method. Src-Dst IP: Source address and destination IP address is the load distribution method.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding Static Trunks Review the following information before creating a new static port trunk: When you create a new trunk, the settings of the lowest-numbered port are copied to the other ports so that all the ports have the same settings.
Chapter 10: Setting Static Port Trunks Figure 49. Add Static Trunk Page 5. Assign an ID number of a new static trunk in the Trunk ID field. The range is 1 to 32. 6. Select the Load Balance Method. You can assign different load distribution methods to different static trunks on the same switch.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying the Static Trunk Settings Review the following information if you are adding ports to an existing trunk: The ports of a static trunk must be members of the same VLAN. If the new port added to a trunk is already a member of another static ...
Page 128
Chapter 10: Setting Static Port Trunks 5. Change the Load Balance Method as needed. You can assign different load distribution methods to different static trunks on the same switch. Choose from the following: Src MAC— Source MAC address. Dst MAC— Destination MAC address. ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting Static Trunks To delete a static port trunk, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2. From the Switching tab, hover over Link Aggregation. For an example of the Link Aggregation selection, see Figure 47 on page 123.
Page 130
Chapter 10: Setting Static Port Trunks...
Chapter 11 Setting Port-based and Tagged VLANs This chapter provides a brief description of VLANs and explains how to display, create, and modify port-based and tagged VLANs. See the following sections: “Overview” on page 132 “Displaying VLANs” on page 134 ...
Chapter 11: Setting Port-based and Tagged VLANs Overview A VLAN is a group of ports that form a logical Ethernet segment on an Ethernet switch. The ports of a VLAN form an independent broadcast domain in which the traffic generated by the nodes remains within the VLAN.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The VLAN information within an Ethernet frame is referred to as a tag or tagged header. A tag, which follows the source and destination addresses in a frame, contains the VID of the VLAN to which the frame belongs (IEEE 802.3ac standard).
Chapter 11: Setting Port-based and Tagged VLANs Displaying VLANs To display the VLAN assignments for all of the switch ports, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding a VLAN To create a VLAN, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 24 on page 65. 2. From the Switching tab drop-down menu, select VLANs. The VLANs page is displayed.
Page 136
Chapter 11: Setting Port-based and Tagged VLANs switch. For example, if you are creating a VLAN called Sales with a VID of 3 that spans three switches, assign the Sales VLAN on each switch the VID value of 3. VLAN Name— Specify the name of a VLAN. The name can be ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying VLANs To modify the VLAN settings, see the following procedure: Caution Modifying the VLAN membership of active ports may cause loss of connectivity to the switch. 1. Hover the cursor over the Switching tab. The Switching tab is displayed.
Page 138
Chapter 11: Setting Port-based and Tagged VLANs 4. Change the following fields as needed: VLAN Name— Change the name of a VLAN. The name can be from 1 to 20 characters in length. The first character must be a letter;...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Assigning a Native VLAN A VLAN can be assigned to a tagged port so that untagged ingress traffic is placed on the VLAN. This VLAN is referred to as the native VLAN. To assign a native VLAN to a tagged port, perform the following procedure: 1.
Page 140
Chapter 11: Setting Port-based and Tagged VLANs 5. Change the following fields as needed: VLAN Interface— Select a VLAN ID from the pull-down menu.The selected VLAN Interface is assigned to a port as a native VLAN, on which untagged frames are placed. Port ID—...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Removing an Untagged Port from a VLAN By default, all the ports on the switch belong to the default VLAN, VLAN1, as untagged ports. When you assign a port to another VLAN as an untagged port, the switch removes the untagged port from the original VLAN and then assigns it to the new VLAN.
Chapter 11: Setting Port-based and Tagged VLANs Deleting VLANs Caution Deleting VLANs that active ports belong to may cause loss of connectivity to the switch. To delete a VLAN, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed.
Chapter 12 Spanning Tree Protocols on the Switch This chapter provides a brief description of both the Spanning Tree Protocol (STP) and the Rapid Spanning Tree Protocol (RSTP), and explains how to set the spanning tree protocols on the switch. See the following sections: “Overview”...
Chapter 12: Spanning Tree Protocols on the Switch Overview Both STP and RSTP guard against the formation of loops in an Ethernet network topology. A topology has a loop when two or more nodes can transmit packets to each other over more than one data path. Packets can become caught in repeating cycles, referred to as broadcast storms, that needlessly consume network bandwidth and that can significantly reduce network performance.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying and Modifying Spanning Tree Protocol Settings on the Switch To display and modify Spanning Tree Protocol settings on the switch, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed.
Page 146
Chapter 12: Spanning Tree Protocols on the Switch Note If you try to select MSTP from the menu, a message will appear indicating that MSTP can only be set via the Command Line Interface and will not allow the selection. To set the protocol to MSTP, and for more information on MSTP, see Section VII: Spanning Tree Protocols in the AT-8100 Series Version 2.2.5.0 Management Software Command Line Interface User’s Guide and...
Page 147
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Hello Time— Enter the hello time in seconds. The hello time is the frequency that the switch sends bridge protocol data units (BPDUs), which contain spanning tree configuration information. The range is 1 to 10 seconds. This value is active only when the switch is acting as the root bridge of the spanning tree domain.
Page 148
Chapter 12: Spanning Tree Protocols on the Switch...
Chapter 13 Internet Group Management Protocol (IGMP) Snooping This chapter provides a brief description of IGMP Snooping and explains how to set this feature on the switch. See the following sections: “Overview” on page 150 “Displaying and Modifying IGMP Snooping Configuration” on page 151 ...
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Overview IGMP snooping allows the switch to control the flow of multicast packets from its ports. It enables the switch to forward packets of a multicast group to only ports connected to members of the multicast group. When the switch is not using IGMP snooping and receives multicast packets, it floods the packets out all its ports, except the port on which it received the packets.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying and Modifying IGMP Snooping Configuration To display and modify the IGMP Configuration settings, do the following: 1. Hover the cursor over the Switching tab. The Switching Tab is displayed. See Figure 56. Figure 56.
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Figure 57. IGMP Snooping Page with Configuration Tab 3. Change the following settings as needed: Status— Enable or disable IGMP Snooping. When you enable IGMP, the switch begins to build its multicast tables as queries from the multicast router and reports from the host nodes arrive on its ports.
Page 153
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Auto: The switch automatically detect ports that are connected to multicast routers. Manual: You manually specify ports that are connected to multicast routers. Router Ports— Specify the port ID of a port that is connected to a ...
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Disabling IGMP Snooping To disable the IGMP Configuration on the switch, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 56 on page 151. 2.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the Routers List To display the IGMP Routers List, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 56 on page 151. 2.
Chapter 13: Internet Group Management Protocol (IGMP) Snooping Clearing the Routers List To clear the group membership on the IGMP Routers List, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 56 on page 151. 2.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the Hosts List To display the IGMP Hosts List, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 56 on page 151. 2.
Page 158
Chapter 13: Internet Group Management Protocol (IGMP) Snooping...
Chapter 14 IGMP Snooping Querier This chapter provides a brief description of IGMP Snooping Querier and explains how to set this feature on the switch. See the following sections: “Overview” on page 160 “Guidelines” on page 164 “Displaying IGMP Snooping Querier” on page 165 ...
VLAN. Then, apply the IP address to the VLAN where it sends its queries to enable IGMP snooping querier on the VLAN. Allied Telesis recommends using the Default VLAN, which has a VID of 1.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Switch 1: VLAN: Default_VLAN 149.123.48 Routing interface: Multicast source: Host nodes: IP address: IP addresses: 149.123.48.1 149.123.48.3 to 149.123.48.24 Figure 60. IGMP Snooping Querier with One Querier Table 3 lists the switch settings that are illustrated in Figure 60. Table 3.
Chapter 14: IGMP Snooping Querier with the second lowest IP address is made the standby querier, again by switch 2. In the case where there are three queriers, the switch in the network with IGMP snooping enabled and IGMP querier disabled determines the standby querier and then the second standby querier by comparing their IP addresses.
Page 163
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Table 4 lists the switch settings that are illustrated in Figure 61 on page 162. Table 4. IGMP Snooping Querier with Two Queriers IGMP Routing IGMP Querier Switch Snooping Address Snooping Status Querier 149.123.48 Enabled...
Chapter 14: IGMP Snooping Querier Guidelines The guidelines for IGMP snooping querier are listed here: The network can have only one LAN. The network cannot have any multicast routers. IGMP snooping must be enabled on the switch. IGMP snooping querier should be enabled on only one switch.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying IGMP Snooping Querier To display an IGMP Snooping Querier list, do the following: 1. Hover the cursor over the Switching tab. The Switching Tab is displayed. See Figure 62. Figure 62. Switching IGMP Tab 2.
Page 166
Chapter 14: IGMP Snooping Querier Query Interval— Time interval in seconds at which IGMP General Query messages are transmitted.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying IGMP Snooping Query Interval To modify the value of Query interval, do the following: 1. Hover the cursor over the Switching tab. The Switching Tab is displayed. See Figure 62 on page 165. 2.
Chapter 15 Power Over Ethernet (PoE) This chapter provides brief descriptions of PoE and explains how to change the configuration of a port on the PoE featured switch. See the following sections: “Overview” on page 170 “Displaying PoE Port Settings” on page 172 ...
Chapter 15: Power Over Ethernet (PoE) Overview The AT-8100L/8PoE, AT-8100S/24PoE, and AT-8100S/48PoE switches feature Power over Ethernet (PoE) on the 10/100Base-Tx ports. PoE is used to supply power to network devices over the same twisted-pair cables that carry the network traffic. The main advantage of PoE is that it can make installing a network easier.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide be operated using either one power supply or both power supplies. One power supply is responsible for providing 185 watts of the power budget. Table 6 shows power budget per model. Table 6. PoE Switch’s Power Budget When Using One When Using Two Switch Model...
Chapter 15: Power Over Ethernet (PoE) Displaying PoE Port Settings To display a list of the PoE port settings, do the following: Note The PoE pull-down menu item appears only when you are accessing a PoE featured switch. 1. Hover the cursor over the Switching tab. The Switching tab is displayed.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 66. PoE Port List Page The following fields are displayed: Status— Enable or disable PoE on the ports globally. By default, power is enabled on all ports. Note This status does not indicate that the PoE status of all the ports is the same.
Page 174
Chapter 15: Power Over Ethernet (PoE) Power Status— Indicates if a powered device that is connected to the port is powered on or off. When powered on, it indicates Powered. When no powered device is connected to the port, indicates Off.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Modifying PoE Settings Globally To modify PoE settings on the switch, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 65 on page 172. 2.
Chapter 15: Power Over Ethernet (PoE) Modifying PoE Settings on a Port To display a list of the IPv4 interfaces, do the following: 1. Hover the cursor over the Switching tab. The Switching tab is displayed. See Figure 67. 2. From the Switching tab drop-down menu, select PoE. A list of PoE settings on the ports is displayed.
Page 177
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide PoE Device Description— Enter the description of the PoE device that is connected to the port. The description can contain up to 256 alphanumeric characters. Spaces and special characters are allowed. PoE Port Power Limit (4000 ~ 30000)—...
Chapter 16 MAC Address-based Port Security This chapter provides a brief description of MAC address-based port security and explains how to set this feature on the switch. See the following sections: “Overview” on page 180 “Displaying MAC Address-based Port Security Settings” on page 182 ...
Chapter 16: MAC Address-based Port Security Overview This feature lets you control access to the ports on the switch based on the source MAC addresses of the network devices. You specify the maximum number of source MAC addresses that ports can learn. Ports that learn their maximum number of addresses discard packets that have new, unknown addresses, preventing access to the switch by any additional devices.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Guidelines Here are the guidelines to MAC address-based port security: The filtering of a packet occurs on the ingress port, not on the egress port. You cannot use MAC address-based port security and 802.1x port- ...
Chapter 16: MAC Address-based Port Security Displaying MAC Address-based Port Security Settings To display the MAC address-based port security settings, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68. Figure 68. Security Tab 2.
Page 183
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Yes: Saves the source MAC addresses as dynamic addresses in the MAC address table. No: Saves the source MAC addresses as static addresses in the MAC address table. This is the default setting. MAX MACs—...
Chapter 16: MAC Address-based Port Security Modifying MAC Address-based Port Security Settings To the modify the MAC address-based port security settings, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Page 185
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide 4. Change the following settings as needed: Interface— Indicates the port number. You cannot change this parameter from this page. MAC Security— Select between “Enabled” and “Disabled” to activate or deactivate MAC address-based security on the port. Aging—...
Chapter 16: MAC Address-based Port Security Disabling MAC Address-based Port Security Settings To deactivate MAC address-based port security settings, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Chapter 17 RADIUS and TACACS+ Clients This chapter provides a brief description of both the RADIUS and TACACS+ clients and explains how to configure these clients on the switch. See the following sections: “Overview” on page 188 “Configuring RADIUS for Remote Manager Authentication” on ...
Chapter 17: RADIUS and TACACS+ Clients Overview The switch has RADIUS and TACACS+ clients for remote authentication. Here are the features that use remote authentication: 802.1x port-based network access control. This feature lets you increase network security by requiring that network users log on with a username and password before the switch forwards their packets.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The following steps illustrate the authentication process that occurs between the switch and an authentication server when a manager logs on: 1. The switch uses its RADIUS or TACACS+ client to transmit the username and password to an authentication server on the network.
Page 190
Chapter 17: RADIUS and TACACS+ Clients When you delete Server 1, the server with an IP address of 192.168.10.12 remains Server 2; the server with an IP address of 192.168.10.13 remains Server 3. As a result, the next server that you add to the switch becomes Server 1.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Configuring RADIUS for Remote Manager Authentication To configure remote manager authentication using RADIUS and add RADIUS servers to the switch, perform the following: “Configuring Remote Manager Authentication Using RADIUS” on page 191 “Adding a RADIUS Server”...
Page 192
Chapter 17: RADIUS and TACACS+ Clients authentication request, before querying the next server in the list. The range is 1 to 1,000 seconds. The default value is 5 seconds. Key Value— Enter the value of the global encryption key of the ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide AAA Accounting— Select a RADIUS accounting setting. Choose from the following: Start-Stop: Indicates that a start accounting message is sent at the beginning of a session, and a stop accounting message is sent at the end of the session.
Page 194
Chapter 17: RADIUS and TACACS+ Clients Authentication Port— Specify the UDP destination port for RADIUS authentication requests. If you select 0, the server is not used for authentication. The default UDP port for authentication is 1812. Accounting Port— Specify the UDP destination port for RADIUS ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Configuring TACACS+ for Remote Manager Authentication To configure remote manager authentication using TACACS+ and add TACACS+ servers to the switch, perform the following: “Configuring Remote Manager Authentication Using TACACS+” on page 195 “Adding a TACACS+ Server”...
Chapter 17: RADIUS and TACACS+ Clients Figure 73. Authentication Server Configuration Page with TACACS+ Tab 4. Change the following as needed: Timeout Value— Enter the length of the time, in seconds, that the switch waits for a response from a TACACS+ server to an authentication request, before querying the next server in the list.
Page 197
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide TACACS+ Authentication Login— Enable or disable TACACS+ to authenticate user login. Choose from the following: Enabled: The TACACS+ servers authenticate user login. Disabled: The TACACS+ servers do not authenticate user login. Authentication is attempted using the username and password combinations specified on the User Management page and using the USERNAME command in the CLI.
Chapter 17: RADIUS and TACACS+ Clients authentication is attempted using the password specified using the ENABLE PASSWORD command in the CLI. Disabled: The TACACS+ servers do not use its enable password. Authentication is attempted using the password specified using the ENABLE PASSWORD command in the CLI.
Page 199
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide 2. Enter the following settings: IP Address— Enter the IP address of the TACACS+ server. The IP address must be in the following IPv4 format: xxx.xxx.xxx.xxx. Key— Enter the encryption key for TACACS+ communications ...
Chapter 17: RADIUS and TACACS+ Clients Deleting an Authentication Server To delete either an TACACS+ or RADIUS authentication server, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Chapter 18 802.1x Port-based Network Access This chapter provides a brief description of the 802.1x Port-based Authentication feature and explains how to enable this feature on the switch, and specify authentication on a port. See the following sections: “Overview” on page 202 ...
Chapter 18: 802.1x Port-based Network Access Overview The 802.1x port-based network access control feature lets you control who can send traffic through, and receive traffic from, the individual switch ports. The switch does not allow an end node to send or receive traffic through a port until the user of the node has been authenticated by a RADIUS server.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Authenticator Role: The authenticator role activates port access control on a port. Ports in this role do not forward network traffic to or from network devices until the supplicants are authenticated by a RADIUS server. The authenticator role is appropriate when you want the switch to authenticate the supplicants of network devices before they can use the network.
Chapter 18: 802.1x Port-based Network Access Multiple host mode This mode permits multiple supplicants on an authenticator port. An authenticator host forwards packets from all supplicants once one supplicant has successfully logged on. This mode is typically used in situations where you want to add 802.1x port-based network access control to a switch port that is supporting multiple supplicants, but do not want to create individual accounts for all the supplicants on the...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide An example of this authenticator operating mode is illustrated in Figure 78. The supplicants are connected to a hub or non-802.1x- compliant switch which is connected to an authenticator port on the switch.
Chapter 18: 802.1x Port-based Network Access Guest VLAN An authenticator port in the unauthorized state typically accepts and transmits only 802.1x packets while waiting to authenticate a supplicant. However, you can specify an authenticator port to be a member of a Guest VLAN when no authenticated supplicant is logged on.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Enabling 802.1x Port-based Authentication on the Switch To enable the 802.1x port-based Authentication feature on a switch, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Chapter 18: 802.1x Port-based Network Access Configuring 802.1x Port-based Authentication To set 802.1x port authentication on a port, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 81. Modify 802.1x Authentication Page Expanded 5. Modify the following fields as needed: Interface— Indicates the port ID. You cannot modify this parameter from this page. Port Role— Specifies that you have selected the port as an ...
Page 210
Chapter 18: 802.1x Port-based Network Access Authentication Mode— Select the authentication mode. Choose from the following: Unauthorized: Sets the port in the unauthorized state. Although the port is in the authenticator role, the switch blocks all authentication on the port. If you set all the ports on the switch to this setting, then no supplicants can log on and forward packets through them.
Page 211
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide times the switch retransmits EAP Request packets to a supplicant before it times out an authentication session. The range is 1 to 10 retransmissions. The default value is 2. Port Control Direction— Select whether the authenticator port ...
Page 212
Chapter 18: 802.1x Port-based Network Access automatically sends it as the supplicant’s username and password to the authentication server. This authentication method does not require 802.1x client software on supplicant nodes. Re-Auth Learning— Check the checkbox to force the port that is ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Disabling 802.1x Port-based Authentication on the Switch To disable the 802.1x port-based Authentication feature on a switch, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Chapter 18: 802.1x Port-based Network Access Disabling 802.1x Port-based Authentication on a Port To disable 802.1x port authentication on a port, do the following: 1. Hover the cursor over the Security tab. The Security tab is displayed. See Figure 68 on page 182. 2.
Chapter 19 Setting IPv4 and IPv6 Addresses This chapter provides brief descriptions of management IPv4 and IPv6 addresses and explains how to specify both types of IP addresses on the switch. See the following sections: “Overview” on page 216 “Displaying IPv4 Interfaces”...
Chapter 19: Setting IPv4 and IPv6 Addresses Overview The management IP address is an IP address that the switch uses to identify itself to other network devices, such as TFTP servers and Telnet clients. The management address can be any IPv4 address, or an IPv6 address for some features, that is assigned to a VLAN on the switch.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Table 8. Web Interface Features that Require an IP Management Address (Continued) Supported by Supported by Feature Description IPv4 Address IPv6 Address HTTP client Used for a web browser to bring the AT-8100 web interface on your network.
Chapter 19: Setting IPv4 and IPv6 Addresses Displaying IPv4 Interfaces To display a list of the IPv4 interfaces, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 83. Figure 83. Layer 3 Tab 2.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding an IPv4 Address To assign an IPv4 address, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 83 on page 218. 2.
Chapter 19: Setting IPv4 and IPv6 Addresses Changing an IPv4 Address To display a list of the IPv4 interfaces, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 83 on page 218. 2.
Page 221
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Note If you change the IP address that you use to access the web interface, you lose the connection to the switch. Start a management session again by opening a web browser on your PC and entering the new IP address of the switch.
Chapter 19: Setting IPv4 and IPv6 Addresses Deleting an IPv4 Address To delete an IPv4 address, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 83 on page 218. 2.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the IPv6 Interface To display a list of the IPv6 interface, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 87. Figure 87.
Page 224
Chapter 19: Setting IPv4 and IPv6 Addresses The following fields are displayed: Interface Name— VLAN number that the management IPv6 address is assigned to. IP Address— Management IPv6 address. Subnet Mask— Subnet mask of the management IPv6 address. ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding an IPv6 Address The switch supports only one IPv6 address. As a result, you can add an IPv6 address only when no IPv6 address is assigned to the switch. To assign an IPv6 address, do the following: 1.
Page 226
Chapter 19: Setting IPv4 and IPv6 Addresses 5. Enter an IPv6 address in the IP Address field in the following format: nnnn:nnnn:nnnn:nnnn:nnnn:nnnn:nnnn:nnnn Where n is a hexadecimal digit from 0 to F. The eight groups of digits must be separated by colons. Groups where all four digits are “0” can be omitted.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Changing IPv6 Addresses To edit the management IPv6 interface, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 87 on page 223. 2.
Page 228
Chapter 19: Setting IPv4 and IPv6 Addresses 5. Click Apply. 6. Click SAVE to save your changes to the startup configuration file.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting IPv6 Addresses To delete an IPv6 address, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 87 on page 223. 2.
Page 230
Chapter 19: Setting IPv4 and IPv6 Addresses...
Chapter 20 Access Control Lists (ACL) This chapter provides a brief description of the Access Control Lists (ACL) feature and explains how to use these features on the switch. See the following sections: “Overview” on page 232 “Creating an ACL” on page 235 ...
Chapter 20: Access Control Lists (ACL) Overview Access Control Lists (ACLs) act as filters to control the ingress packets on ports. They are commonly used to restrict the types of packets that ports accept to increase port security and create physical links dedicated to carrying specific types of traffic.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Source and destination UDP ports VLAN IDs IPv4 Address and The mask of an IPv4 address is a decimal number that represents Mask the number of bits in the address, from left to right, that constitute the network portion of the address.
Chapter 20: Access Control Lists (ACL) Guidelines Here are the ACL guidelines: An ACL can have a permit, deny, or copy-to-mirror action. The permit action allows ports to forward ingress packets of the designated traffic flow, while the deny action causes ports to discard packets. The copy- to-mirror action causes a port to copy all ingress packets that match the ACL to the destination port for mirroring.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Creating an ACL To create an ACL, do the following: 1. Hover the cursor over the ACLs & QoS tab. The ACLs & QoS tab is displayed. See Figure 91. Figure 91. ACLs and QoS Tab 2.
Chapter 20: Access Control Lists (ACL) Figure 93. Traffic Classification Page 4. Enter and select the following fields as needed: Classifier #— Enter a classifier number to identify an ACL. Choose a number from the following ranges: IPv4 ACL: 3000 to 3699 MAC ACL: 4000 to 4699 Actions—...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide from the menu. The menu for Mirror to Port is displayed, as shown in Figure 94. Figure 94. Menu for Mirror to Port Mirror to Port— Use the menu to select a destination port number ...
Page 238
Chapter 20: Access Control Lists (ACL) MAC Address and mask: Select MAC, then enter a MAC source address followed by a slash (/) and a mask if you are creating a MAC ACL. The keyword “any” matches all packets on the destination address. The wildcard mask for MAC addresses must be either “0”...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Assigning an ACL to Ports Before assigning ACLs to ports, ACLs must be available on the switch. To create an ACL, see “Creating an ACL” on page 235. To assign an ACL to ports, do the following: 1.
Chapter 20: Access Control Lists (ACL) Figure 96. Traffic Classifiers Page from Policies/ACLs Page 4. Click a radio button to select an ACL. 5. Check one or multiple port numbers to select ports to apply the ACL. 6. Click Apply. 7.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying a List of ACLs To display a list of ACLs, do the following: 1. Hover the cursor over the ACLs & QoS tab. The ACLs & QoS tab is displayed. See Figure 91 on page 235. 2.
Chapter 21 Setting Static Routes To make remote networks communicate, you must add static routes or dynamic routes, or both, to the routing table. Static routes are configured manually to add routing information to the routing table. This chapter provides information about static routes. The procedures in this chapter describe how to display a list of static routes on the switch, and how to add and delete a static route.
Chapter 21: Setting Static Routes Displaying Static Routes To display the static routes, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 98. Figure 98. Layer 3 Tab 2. From the Layer 3 tab drop-down menu, select Static Routes. A list of static routes is displayed.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Adding a Static Route To add a static route, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 98 on page 244. 2.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Deleting a Static Route To delete a static route entry, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 98 on page 244. 2.
Chapter 21: Setting Static Routes Displaying the Routing Table The routing table includes static routes and dynamic routes. The switch decides which route is the best based on the routing table. To display the routing table, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed.
Page 249
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Protocol— How this route is established. “Static” indicates that the route was added statically; “RIP” indicates that the route was added dynamically using the RIP protocol; “Connected” indicates that the route is connected directly. AD/Metric—...
Chapter 22 Quality of Service (QoS) This chapter provides a brief description of the QoS feature and explains how to use the feature on the switch. See the following sections: “Overview” on page 252 “Creating a QoS Policy” on page 255 ...
Chapter 22: Quality of Service (QoS) Overview Quality of Service (QoS) is a feature that classifies and prioritizes traffic to guarantee a certain level of performance in converged networks, which run voice and video services on data networks. QoS can give certain traffic types preferential treatment.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Table 10. Classifier Number Ranges for QoS Filtering Criterion Classifier Number Range Specifying a MAC address 4000 - 4699 Specifying no address 3000 - 3699 and 4000 - 4699 Filtering Criteria QoS policies identify packets using filtering criteria. The AT-8100 web interface offers seven criteria: Source and destination IP addresses ...
Page 254
Chapter 22: Quality of Service (QoS) value. The mark CoS action causes a port to change the CoS value of all ingress packets that match the filtering criteria with the specified CoS value. A port can have only one QoS policy. ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Creating a QoS Policy To create a QoS policy, do the following: 1. Hover the cursor over the ACLs & QoS tab. The ACLs & QoS tab is displayed. See Figure 103. Figure 103.
Chapter 22: Quality of Service (QoS) Figure 105. Traffic Classification Page 4. Enter and select the following fields as needed: Classifier #— Enter a classifier number to identify a QoS policy. Choose a classifier number according to the following conditions: When specifying an IPv4 address as a filtering criterion: Choose from 3000 to 3699.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Actions— Click a radio button to select an action from the following options: Priority Queue: Instructs ports to place all ingress packets that match the filtering criteria into a specified priority queue. When you select Priority Queue, a text box appears below the action icons as shown in Figure 106.
Chapter 22: Quality of Service (QoS) Figure 108. Text Box for CoS Note The action options of Deny, Permit, and Mirror are for the Access Control List (ACL) feature. For information about creating an ACL, see “Creating an ACL” on page 235. Match The following parameters are under the “Match”...
Page 259
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide MAC Address and mask: Enter a MAC source address followed by a slash (/) and a mask if you are creating a MAC ACL. The wildcard mask for MAC addresses must be either “0” (zero) or “F”...
Chapter 22: Quality of Service (QoS) Assigning a QoS Policy to Ports Before assigning QoS policies to ports, QoS policies must be available on the switch. For how to create a QoS policy, see “Creating a QoS Policy” on page 255. To assign a QoS policy to ports, do the following: 1.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 110. Traffic Classifier Page 4. Click a radio button to select a QoS policy. 5. Check one or multiple checkboxes to select ports to apply the QoS policy. 6. Click Apply. 7.
Chapter 22: Quality of Service (QoS) Displaying a List of QoS Policies To display a list of QoS policies, do the following: 1. Hover the cursor over the ACLs & QoS tab. The ACLs & QoS tab is displayed. See Figure 103 on page 255. 2.
Chapter 23 Setting Dynamic Routes Using RIP The chapter provides a brief description of the RIP feature and explains how to display the RIP settings, enable RIP on a VLAN interface, change the RIP settings, delete a VLAN interface, and display RIP statistics. See the following sections: “Overview”...
Chapter 23: Setting Dynamic Routes Using RIP Overview To make remote networks communicate, you must add either static routes, dynamic routes, or both. The AT-8100 Series Management Software supports RIP as the routing protocol to add dynamic routes. By enabling RIP, the switch can learn about remote networks and add the routing information to its routing table dynamically.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the RIP Configuration To check how the RIP is configured on the switch, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 112. Figure 112.
Page 266
Chapter 23: Setting Dynamic Routes Using RIP Authentication Type— Authentication mode for the VLAN interface. Authentication Key— Authentication password that the VLAN interface uses to authenticate the RIP packets Send— RIP version number of the packets that the VLAN interface ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Enabling RIP on a VLAN Interface To enable RIP and connect remote networks dynamically, you must enable RIP on VLAN interfaces. When RIP is enabled on a VLAN interface, the VLAN interface sends and receives RIP packets, and the network where the VLAN belongs is advertised through RIP.
Chapter 23: Setting Dynamic Routes Using RIP Figure 115. RIP Interface Page 3. Specify the following fields as needed: IP Interface— Select the VLAN interface to associate with the RIP routing process. This VLAN interface receives and sends RIP packets, and the network where the VLAN belongs is advertised through RIP.
Page 269
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Note There is another way to go to the RIP Interface page to enable RIP on a VLAN interface. Go to the RIP Configuration page from the RIP Configuration page shown in Figure 113 on page 265 and click Add. To go to the RIP Configuration page, see the procedure in “Displaying the RIP Configuration”...
Chapter 23: Setting Dynamic Routes Using RIP Changing the RIP Settings To change the RIP settings of the VLAN interface, perform the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 112 on page 265. 2.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Removing a VLAN Interface from the RIP Configuration To remove a VLAN interface from the RIP configuration, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 112 on page 265. 2.
Chapter 23: Setting Dynamic Routes Using RIP Displaying RIP Statistics To display counters for RIP packets on the switch, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 116. Figure 116.
Page 273
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide inRequests— Number of request packets received. inDiscards— Number of packets discarded. Packets may be discarded due to authentication failure, packet received when receive is disabled, or mismatched sequence number of a triggered acknowledgement.
Chapter 23: Setting Dynamic Routes Using RIP Reloading RIP Statistics RIP statistics are constantly counting up so that the data that has been displayed in the RIP Statistics pages are not the most recent. To display the latest data possible, click on the Refresh button on the RIP Statistics page.
Chapter 24 Managing the ARP Table The procedures in this chapter describe how to display the ARP table that resides on the switch, how to add static ARP entries to the table, and how to delete static ARP entries. See the following sections: “Overview”...
Chapter 24: Managing the ARP Table Overview The Address Resolution Protocol (ARP) is used to associate an IPv4 address with a MAC address used by network nodes including the AT-8100 switches. ARP gathers information about mapping between an IPv4 address and a MAC address and stores them in the ARP table. When the node receives a packet from the Network layer, then the node encapsulates the packet into a frame.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying the ARP Table To display the ARP table, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 119. Figure 119. Layer 3 Tab 2.
Chapter 24: Managing the ARP Table Adding a Static ARP Entry To add a static ARP entry, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 119 on page 277. 2.
Page 279
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide 6. Click SAVE to save your changes to the startup configuration file.
Chapter 24: Managing the ARP Table Deleting ARP Entries To delete a static ARP entry, do the following: 1. Hover the cursor over the Layer 3 tab. The Layer 3 tab is displayed. See Figure 119 on page 277. 2. From the Layer 3 tab drop-down menu, select ARP Table. The ARP table is displayed.
Chapter 25 LLDP and LLDP-MED This chapter provides a brief description of the Link Layer Discovery Protocol (LLDP) and Link Layer Discovery Protocol for Media Endpoint Devices (LLDP-MED) features, and explains how to enable these features on the switch. See the following sections: “Overview”...
Chapter 25: LLDP and LLDP-MED Overview Link Layer Discovery Protocol (LLDP) and Link Layer Discovery Protocol for Media Endpoint Devices (LLDP-MED) allow Ethernet network devices, such as switches and routers, to receive and/or transmit device-related information to directly connected devices on the network that are also using the protocols, and store the information that is learned about other devices.
Page 283
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Optional LLDP-MED TLVs: You can select LLDP-MED TLVs that are included in an LLDPDU. The switch sends selected TLVs along with the mandatory TLVs in an LLDPDU.
Chapter 25: LLDP and LLDP-MED Enabling and Configuring LLDP on the Switch To enable LLDP and set the basic LLDP configuration on the switch, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122. Figure 122.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 123. LLDP Configuration Page 4. Change the following fields as needed: Status— To enable or disable LLDP on the switch, select Enabled or Disabled from the drop-down menu. By default, LLDP is disabled.
Page 286
Chapter 25: LLDP and LLDP-MED Holdtime Multiplier— Enter a holdtime multiplier value. The transmit interval is multiplied by the holdtime multiplier to give the Time To Live (TTL) the switch advertises to the neighbors. The range is 2 to 10. The default value is 4. Non Strict Med TLV Order Check—...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Disabling LLDP on the Switch To disable the LLDP feature on a switch, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284.
Chapter 25: LLDP and LLDP-MED Configuring LLDP on a Port To assign LLDP to a port, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 125. Modify LLDP Port Configuration Page 4. Change the settings as needed: Interface— Indicates the port ID. Notifications— Check the checkbox to activate the switch to send LLDP-MED topology change notifications when a device is connected to, or disconnected from, the port.
Chapter 25: LLDP and LLDP-MED Selecting LLDP TLVs on a Port To enable LLDP TLV, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284. 2.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 127. LLDP TLV Page 5. Click Edit next to the port that you want to modify. The Modify LLDP TLV page is displayed. See Figure 128 on page 292.
Chapter 25: LLDP and LLDP-MED Figure 128. Modify LLDP TLV Page 6. Change the settings as needed: Interface— Indicates the port ID. Port Description— Check the checkbox to select the port description to be included in LLDPDUs. System Name— Check the checkbox to select the system name ...
Page 293
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Management Address— Check the checkbox to select the IP address of the local LLDP agent to be included in LLDPDUs. Port VLAN— Check the checkbox to select the VID of the ...
Chapter 25: LLDP and LLDP-MED Setting a Location Entry for the LLDP-MED Location TLV You can define location information about a network device as an LLDP- MED TLV and include the TLV in an LLDPDU, which the switch sends to its neighbors.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 129. Locations Tab 4. From the Locations tab drop-down menu, move the cursor to the right and select Civic. The LLDP Civic Location page is displayed. See Figure 130. Figure 130. LLDP Civic Location Page...
Chapter 25: LLDP and LLDP-MED 5. Click Add. The Add LLDP Civic Location Page is displayed. See Figure 131. Figure 131. LLDP Civic Location Page— Add 6. Enter the ID and Country fields:...
Page 297
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide ID— Enter an LLDP Civic Location ID. The range is 1 to 256. (This range is separate from the ranges for coordinate and ELIN entries.) Country— Enter the county code. It must contain two uppercase ...
Chapter 25: LLDP and LLDP-MED Additional Code— 1234 Seat— cube-411a Primary Road Name— Zanker Road Section— North Branch Road Name— State-Lane Sub Branch Road Name— Boulder-Creek-Avenue Street Name Pre Modifier— West Street Name Post Modifier— Div ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The LLDP Coordinate Location page is displayed. See Figure 133. Figure 133. LLDP Coordinate Location Page— Add 6. Specify the following fields as needed: ID— Enter an LLDP Coordinate Location ID. The range is 1 to 256. ...
Chapter 25: LLDP and LLDP-MED Altitude Type— Choose between meters and floors. Altitude Resolution— Enter altitude resolution as the number of valid bits. The range is 0 to 30. Datum— Select the geodetic system (or datum) of the ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The LLDP ELIN Location page is displayed. See Figure 135. Figure 135. LLDP ELIN Location Page 6. Enter values in the following fields: ID— Enter an ID number for an LLDP-MED coordinate location ...
Chapter 25: LLDP and LLDP-MED Assigning LLDP Locations to a Port Use a Civic, Coordinate, or ELIN location ID port location to assign to a port. You must create these location IDs before you assign a port location to a port. For instructions to create location IDs, see “Setting a Location Entry for the LLDP-MED Location TLV”...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 137. Modify LLDP Port Location Page 4. Select values in the fields as needed: Interface — Indicates the port ID. Civic Location ID— Select a Civic Location ID from the pull-down ...
Chapter 25: LLDP and LLDP-MED Selecting LLDP-MED TLVs on a Port To enable LLDP-MED TLV, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284. 2.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Figure 139. Modify LLDP-MED TLV Page 5. Change the fields as needed: Interface— Indicates the port ID. Capabilities— Check the checkbox to select the capabilities to be included in LLDPDUs. Network-policy—...
Page 306
Chapter 25: LLDP and LLDP-MED Inventory-management— Check the checkbox to select the current hardware and the software information to be included in LLDPDUs. This information is identical on every port on the switch: - Hardware Revision - Firmware Revision - Software Revision - Serial Number - Manufacturer Name...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying LLDP Neighbor Information To display LLDP Statistical information, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284.
Page 308
Chapter 25: LLDP and LLDP-MED C = Cable Device S = Station only Med Device class and Power Source code— Indicates whether or not the MED device Classes I through III are supported. Power Source code indicates the current power source which is either the Primary Power Source or the Backup Power Source.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying LLDP Statistics To display LLDP Statistics, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284. 2.
Chapter 25: LLDP and LLDP-MED New Entries— Number of times the information advertised by neighbors has been inserted into the neighbor table. Deleted Entries— Number of times the information advertised by neighbors has been removed from the neighbor table. Dropped Entries—...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Displaying Location Entries To display the LLDP Civic, Coordinate, and ELIN locations, use the following procedures: “Displaying Civic Locations” on page 311 “Displaying Coordinate Locations” on page 312 “Displaying ELIN Locations” on page 313 ...
Chapter 25: LLDP and LLDP-MED House Number House Number Suffix Landmark Additional Information Name Postal Code Building Unit Floor Room Place Type Postal Community Name Post Office Box ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The following fields are displayed: ID— LLDP Coordinate Location ID. Latitude— Latitude value in decimal degrees. Latitude Resolution— Latitude resolution as the number of valid bits. Longitude— Longitude value in decimal degrees. ...
Chapter 25: LLDP and LLDP-MED Displaying LLDP and LLDP-MED Settings To display the LLDP and LLDP-MED settings, use the following procedures: “Displaying the Basic LLDP Configuration” on page 314 “Displaying LLDP Port Assignments” on page 315 “Displaying Port Locations” on page 316 ...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Notification Interval— Notification interval. This is the minimum interval between LLDP SNMP notifications (traps). Reinit— Reinitialization delay. This is the number of seconds that must elapse after LLDP is disabled on a port before it can be reinitialized.
Chapter 25: LLDP and LLDP-MED Displaying Port To display the LLDP port locations, do the following: Locations 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284. 2.
Page 317
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide System Capabilities— Device’s router and bridge functions, and whether or not these functions are currently enabled. Management Address— IP address of the local LLDP agent. This is used to obtain information related to the local device. Port VLAN—...
Chapter 25: LLDP and LLDP-MED Displaying To display LLDP-MED TLV settings, do the following: LLDP-MED TLV 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 122 on page 284. 2. From the Discovery & Monitoring tab, hover over LLDP and then hover over TLV.
Page 319
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide - Model Name - Asset ID...
Chapter 26 sFlow This chapter provides a brief description of the sFlow feature and explains how to enable this feature on the switch. See the following sections: “Overview” on page 322 “Specifying an sFlow Collector” on page 324 “Configuring sFlow on a Port”...
Chapter 26: sFlow Overview The sFlow agent allows the switch to gather data about the traffic on the ports and to send the data to sFlow collectors on your network for analysis. You can use the information to monitor the performance of your network or identify traffic bottlenecks.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide To configure the agent to forward these port statistics to the collectors, you have to specify polling rates, which define the maximum amount of time permitted between successive queries of the counters of a port by the agent.
Chapter 26: sFlow Specifying an sFlow Collector Use this procedure to specify the IP address and the UDP port of an sFlow collector on your network. The packet sampling data and the packet counters are sent by the switch to the collector specified. You can specify only one collector.
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide The sFlow page is displayed with the Collector Tab selected. See Figure 145. Figure 145. sFlow Page with Collectors Tab 4. Click Add. The sFlow Collector page is displayed. See Figure 146. Figure 146.
Page 326
Chapter 26: sFlow IP Address— IPv4 address of the sFlow collector on your network. Enter the IPv4 address in the following format: xxx.xxx.xxx.xxx where xxx is a number from 0 to 255. There are four groups of numbers that are separated by periods. UDP Port—...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Configuring sFlow on a Port To configure the sFlow feature on a port, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 143 on page 324.
Chapter 26: sFlow The sFlow Port Modify page is displayed. See Figure 147. Figure 147. sFlow Port Modify Page 4. Change the following fields as needed: Interface— Indicates the port ID. You cannot change this parameter on this page. Polling Interval—...
AT-8100 Series Version 2.2.5.0 Web Interface User’s Guide Enabling sFlow on the Switch Before enabling the sFlow feature on the switch, you must configure sFlow on the ports. The port configurations cannot be edited if the sFlow feature is enabled. For how to configure sFlow on the ports, see “Configuring sFlow on a Port”...
Chapter 26: sFlow Displaying the sFlow Settings To display the sFlow settings, do the following: 1. Hover the cursor over the Discovery & Monitoring tab. The Discovery & Monitoring tab is displayed. See Figure 143 on page 324. 2. From the Discovery & Monitoring tab drop-down menu, select sFlow.