1. Manuals
  2. Brands
  3. Atop Manuals
  4. Network Router
  5. EH7506
  6. User manual

Atop EH7506 User Manual

Industrial managed ethernet switch
Hide thumbs
Table of Contents

Advertisement

Quick Links

Industrial Managed Ethernet Switch
Series covered by this manual:
EH7506, EH7508, EH7512, EH7520
EHG7504, EHG7506, EHG7508, EHG7512
User's Manual
Version 1.0
May 2015
TEL: +886-3-5508137
FAX: +886-3-5508131
http://www.atop.com.tw

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the EH7506 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Atop EH7506

Summary of Contents for Atop EH7506

  • Page 1 Industrial Managed Ethernet Switch User’s Manual Series covered by this manual: EH7506, EH7508, EH7512, EH7520 EHG7504, EHG7506, EHG7508, EHG7512 Version 1.0 May 2015 TEL: +886-3-5508137 FAX: +886-3-5508131 http://www.atop.com.tw...
  • Page 2 Important Announcement The information contained in this document is the property of Atop Technologies, Inc. and is supplied for the sole purpose of operation and maintenance of Atop Technologies, Inc products. No part of this publication is to be used for any other purposes, and it is not to be...

  • Page 3: Table Of Contents

    Table of Contents Introduction ....................2 What is a Managed Industrial Switch ..............2 Software Features ....................2 Configuring with a Web Browser ............4 Web-based Management Basics ................4 2.1.1 Default Settings ....................4 2.1.2 Login Process and Main Window Interface ............. 5 Basic Information .....................
  • Page 4 Power Over Ethernet ....................34 2.6.1 PoE Setting ....................34 2.6.2 PoE Status ..................... 35 2.6.3 PoE Alarm Setting ..................35 Trunking ........................37 2.7.1 Trunking Setting ..................... 38 2.7.2 LACP Status....................39 Unicast/Multicast MAC ..................41 2.8.1 Add Static MAC ....................42 2.8.2 MAC Filter ......................
  • Page 5 2.13.5 Example of using 802.1Q VLAN ..............68 2.13.6 Port based VLAN Setting ................69 2.14 Security ........................71 2.14.1 Background on 802.1X ..................71 2.14.2 Port Security Setting ..................72 2.14.3 Port Security Add Static MAC ................ 72 2.14.4 802.1x and Radius setting ................74 2.14.5 802.1.x Parameters Setting ................
  • Page 6 3.4.1 Administration Setup using Serial Console ..........109 3.4.2 Spanning Tree Setup using Serial Console ..........110 Configuring with a Telnet Console ............. 112 Telnet ........................112 Telnet Log-in ......................112 Command line interface for Telnet ..............113 Commands in the privileged mode ..............113 Commands in the configuration mode ...............
  • Page 7 For any related problems, please contact your local distributor. If they are unable to assist you, please redirect your inquiries to www.atop.com.tw.. Warranty Period Atop technology provides a limited 5-year warranty for managed Ethernet switches.

  • Page 8: Introduction

    However, an industrial switch is designed to perform in harsh industrial environments, i.e., extreme temperature, high humidity, dusty air, potential high impact or the presence of potentially high static charges. Atop’s managed switch works fine even in these environments.
  • Page 9  DHCP Server/Relay/Client with Option 66/67/68  NTP Server/Client  SNTP  IEEE 1588 PTP V2 and Transparent Clock  Port Mirror  QoS Traffic Regulation  LACP  MAC Filter  GARP/GMRP/GVRP  IGMP  SNMP v1/v2/v3 (with MD5 Authentication and DES encryption) ...

  • Page 10: Configuring With A Web Browser

    2 Configuring with a Web Browser Chapter 2 explains how to access the managed switch for the first time. There are three ways to configure this Ethernet Switch: 1. Web browser 2. Telnet console 3. Serial console The web browser and telnet console methods allow users to access the switch over the Internet or the Ethernet LAN, while the serial console method requires a serial cable connection between the console and the switch.

  • Page 11: Login Process And Main Window Interface

    Login Process and Main Window Interface 2.1.2 Before users access the configuration, they have to log in; this can be done in two simple steps. Launch a web browser. Type in the switch IP address (e.g. http://10.0.50.1), (as shown in Figure 2.1). *When the user name and password is left empty, the login prompt will not show.

  • Page 12: Basic Information

    2.2 Basic Information To help users become familiar with the device, the Basic section provides important details of the switch. This is also the main welcome screen once the user has logged in. The details make it easier to identify different devices connected to the network. They are divided into five sections. Figure 2.3 Basic information dropdown menu Sys Info 2.2.1...

  • Page 13: Info Setting S

    Locations of the switch. Switch Location Location Max. 63 Characters. System Contact Provides contact information for maintenance. Enter www.atop.com.tw the name of whom to contact in case a problem occurs. Max. 63 Characters. Console 2.2.3 In this chapter, we use a web browser for configuring the switch. However, there is a...

  • Page 14: Protocol Status

    Power Status 2.2.5 Atop’s Managed Switch features dual VDC power. Figure 2.8 shows the status of each power input. A “Fault” status means that the power is either not connected or the power the not supplied normally. Figure 2.8 Power status page...

  • Page 15: Administration

    2.3 Administration Here users will be able to configure Password, IP Settings, Ping, Mirror Port, System Time, Modbus, PTP and SSH settings. Figure 2.9 Administration dropdown menu Password 2.3.1 Although no password is set for the device when it is manufactured, users can set a password to assure overall system security, see Figure 2.10.
  • Page 16 Confirmed Password Re-type the password. This has to be NULL exactly the same as the password entered in the above field. Max.15 characters. In addition to the local authentication, the switch can be configured to request for authentication through a centralized RADIUS or TACACS+ server when the local authentication fails. For the RADIUS and TACACS+ comparison, please refer to Table 2.5, you can choose the solution that best meets your needs.

  • Page 17: Ip Setting

    Multiprotocol Yes, support ARA and NetBIOS Support protocol Confidentiality Only password encrypted Entire packet encrypted IP Setting 2.3.2 In this section, users may modify IP address functions to reconfigure the switch’s network settings. Users can choose to enable DHCP (Dynamic Host Configuration Protocol) here. This function is to obtain an IP address automatically from a DHCP Server.

  • Page 18: Ipv6 Setting

    IPv6 Setting 2.3.3 Figure 2.12 IPv6 setting page Ping 2.3.4 Ping is a command to test the network connectivity between the destination device and the managed switch. Figure 2.13 Ping page...

  • Page 19: Ping6

    Figure 2.14 Example of ping command Users can assign an IP address or a domain name to verify network connectivity (see Figure 2.14 for an example). After entering the IP address/name, please click “Ping” button to start the ping function. Examples of ping results are shown in Figure 2.15 and Figure 2.16.

  • Page 20: Mirror Port

    Figure 2.17 Ping6 page Users can assign an IPv6 address to verify network connectivity (Figure 2.17). After entering the IP address, please click “Ping6” button to start the ping function. Examples of ping results are shown in Figure 2.18. Figure 2.18 Example of successful ping6 result Mirror Port 2.3.6 In order to help the network administrator keeps track of network activities, the managed switch...

  • Page 21: System Time And Sntp

    - Output data stream: to monitor output data stream of monitored ports only. - Input/Output data stream: to monitor both input and output data stream of monitored ports. Monitored Port Select the ports that will be monitored. Unchecked all Select the mirror port that will be used to Port1 Mirror port monitor the activity of the monitored ports.

  • Page 22: Modbus Setting

    Query Period updated from the NTP server. Note: - Daylight Saving Time: In certain regions (e.g. US), local time is adjusted during the summer season in order to provide an extra hour of daylight in the afternoon, and the time shifted forward (or backward) is usually an hour.
  • Page 23 1. Make sure the supervising computer (Modbus Master) is connected to your target switch (Modbus Slave). 2. Launch Modbus Poll in the supervising computer. 3. Click connect button on the top toolbar to enter Connection Setup. Figure 2.23 Modbus Poll entries Connection Setup 4.
  • Page 24 Figure 2.25 Modbus Poll’s Slave ID is 1 6. Select Function 03 or 04 (the switch support function code 03 and 04). Figure 2.26 Modbus Poll Function Setting 7. Set Display mode to HEX.
  • Page 25 Figure 2.27 Modbus Poll Display mode Set start Address to 82 and Quantity to 2. Figure 2.28 Setup Modbus Poll start address 9. Click OK.
  • Page 26 Figure 2.29 the address 81 and 82 are EH7520’s IP Address 10. Modbus Poll will get the values 0x0A, 0x00, 0x32, 0x01, which means that the switch’s IP is 10.0.50.1. Write Registers (This sample clears the switches Port Count) Figure 2.30 Modbus address mapping table 1.
  • Page 27 Figure 2.32 Modbus Poll Function 06 3. Set Address to 256 and Value to 1 then click “Send” button. Figure 2.33 Use Modbus Poll to clear switch’s Port Count 4. Check Port Count in the switch’s Web UI, the packet count is now cleared. Figure 2.34 Port Statistics...

  • Page 28: Ptp

    2.3.9 The Precision Time Protocol (PTP) is a high-precision time protocol. It is for precise synchronization of clocks on a local area network by measurement and control systems. Figure 2.35 shows where to configure PTP and to see PTP status. The lower part of Figure 2.35 allows the user to enable or disable the PTP function per port and see their current status.

  • Page 29: Ssh

    Table 2.9 PTP setting descriptions Label Description Factory Default Unchecked Enabled/Disable the PTP function. This is the master State option that needs to be enabled in order for the per port PTP function to work in Table 2.9. Version Set the PTP operation version, v1 and v2 are supported. PTP (Precision Time Protocol) clock type selection.
  • Page 30 In the beginning, Server will send a public key to Client and Client will compare if the public key is correct or not. If it’s not correct, Server will refuse the connection. In this moment, please click “Generate” button to change and regenerate the Server Key then obtain another public key from Server.

  • Page 31: Qos

    2.4 QoS The main objective of Quality of Service is to transfer certain data packets either particularly safe or as quickly as possible. With this managed switch, users are able to prioritize traffic on the network to ensure that high priority data can be transmitted as soon as possible. Figure 2.37 QoS dropdown menu QoS Setting 2.4.1...
  • Page 32 priority bits. and DiffServ Both 802.1p CoS and DiffServ: Switch checks both types. See notes below for a detailed description. Type of Storm Packets: DLF: Destination Lookup Failure. The switch will always look for a destination MAC address in its MAC Table first. In case that a MAC address cannot be found in the Table, which means DLF occurs, the switch will forward the packets to all ports that are in the same LAN.
  • Page 33 inspects the 802.1p CoS tag in the MAC frame to determine the priority of each frame. DiffServ/ToS: DiffServ stands for Differentiated Services. It’s a networking architecture that specifies a simple but scalable mechanism for classifying network traffic and providing QoS guarantees on networks.

  • Page 34: Cos Queue Mapping

    CoS Queue Mapping 2.4.2 Figure 2.39 Mapping Table of CoS page The switch can classify traffic based on a valid 802.1p (CoS – Class of Service) priority tag. These options allow users to map Priority Code Point (PCP) within an Ethernet frame header to different COS priority queues, Figure 2.39.
  • Page 35 Figure 2.40 Mapping Table of DSCP,ECN page...

  • Page 36: Port

    2.5 Port This function contains three options, which are  Port Setting Port Status   Mini-GBIC Port Status  Port Statistics Figure 2.41 Port dropdown menu Port Setting 2.5.1 Port settings are included to allow users to control each port on Port state (enabled or disabled), Port Negotiation, Port Transmission Speed, Duplex function, Flow Control, and Rate Control as shown in Figure 2.42.
  • Page 37 Figure 2.42 Port setting page Table 2.13 Port setting descriptions Label Description Factory Default Port Port number on the switch. Check the box to allow data to be transmitted and All ports are enabled Enable received through this port. Copper / Fiber. When both Copper and Fiber are Depend Mode listed, it means this is a Combo port.

  • Page 38: Port Status

    - Rate Control: Outgoing and incoming values have to be set between 0 and 102,400 (for 100 Mbps) or 1,024,000 (for 1000 Mbps). - 0 is to turn off rate control. - The values have to be an integer multiples of 64 when rate is less than 1,792 Kbps. Ex: 64 Kbps, 128 Kbps, 512 Kbps…1,792 Kbps.

  • Page 39: Port Statistics

    Figure 2.44 Mini-GBIC port status page Port Statistics 2.5.4 Figure 2.45 Port Statistics page - Enable (On or Off): The port is enabled or disabled. - Link (Up or Down): Actual link status of the port. - Tx: Total number of packets transmitted. - Tx Error: The number of outbound packets which were chosen to be discarded even though no errors have been detected to prevent them from being transmitted.

  • Page 40: Power Over Ethernet

    2.6 Power Over Ethernet Power over Ethernet (PoE) is an optional function for the managed switches. To find out whether this function is supported or not, look for the keyword “PoE” in the model name. If the switch has “PoE” in the model name, it means that the switch is a Power Sourcing Equipment (PSE) that can provide power output to a Powered Device (PD).

  • Page 41: Poe Status

    Figure 2.47 PoE Settings page PoE Status 2.6.2 This page shows the status of each PoE port. For example, in Figure 2.1, Port8 was enabled and is supplying power to a Class 2 Powered Device (PD). The PD device is rated at 49V and 33mA. The total power consumption for this PD is 1.617W.
  • Page 42 Figure 2.49 PoE Alarm Setting Table 2.14 PoE Alert Events Label Description Factory Default Enable to trigger “PD Power On/Off” Disable PoE Alarm function event. Enable to trigger an event when the total Disable Detect Total Power power consumption of all the PDs is over function the defined value.

  • Page 43: Trunking

    2.7 Trunking The managed switch supports Link Trunking, which allows one or more links to be added together to form one single but larger group of links. The advantage of this function is that it gives the users more flexibility while setting up network connections. The bandwidth of a link can be doubled or tripled. In addition, if one link is disconnected, the remaining trunked ports can share the traffic within the trunk group.

  • Page 44: Trunking Setting

    Trunking Setting 2.7.1 Figure 2.51 Trunking setting page There are four steps to setup a trunking group: Step 1: Select Trkx from Group ID. Step 2: Choose whether to enable LACP (IEEE standard, Link Aggregation Control Protocol). Step 3: Select the Hash Type. Step 3: Select specific ports to be in this trunk group.

  • Page 45: Lacp Status

    Src/dst MAC, Src IP, Dst IP, Src/dst IP. Specifies the member ports. Hold Control Key to select more Ports than one port at a time. Specify which ports within the group should be LACP Active. LACP Active Ports not selected would be LACP Passive. Apply Click Apply to confirm changes.
  • Page 46 higher number means a lower priority. Group ID Shows which trunk group this port belongs to. Disabled: LACP is disabled. Passive: LACP will only passively respond to LACP LACP requests. Active: LACP will be actively searching for LACP Partner. Indicates whether a LACP Partner can be located or LACP Partner not.

  • Page 47: Unicast/Multicast Mac

    2.8 Unicast/Multicast MAC Multicast filtering improves the performance of networks that carry multicast traffic. This section will explain what Multicast and Unicast are as well as their benefits (see Figure 2.53). - Unicast: This type of transmission sends messages to a single network destination identified by a unique MAC address.

  • Page 48: Add Static Mac

    Add Static MAC 2.8.1 Figure 2.55 Add static MAC page The managed switch supports adding static MAC address manually (Figure 2.55). The steps are as follows, Step 1: Enter MAC Address. Step 2: Specify VLAN ID. Step 3: Select the ports to apply this static MAC address. Use Ctrl-key to add more than one port. Table 2.17 Add static MAC descriptions Label Description...

  • Page 49: Mac Age

    Figure 2.56 MAC Filter setting page Table 2.18 MAC filter descriptions Label Description MAC address Enter MAC address manually. Remove Remove this entry in MAC filter table. Add the MAC addresses to the MAC filter table MAC Age 2.8.3 This function allows users to set MAC address age-out manually, see Figure 2.57. Users can specify the age-out period between 100 and 765 seconds (the default value is 300).
  • Page 50 Figure 2.58 MAC address table page Information of current Unicast and Multicast MAC addresses is displayed, as shown in Figure 2.58. Unicast MAC address would be shown first, followed by Multicast MAC address. Table 2.19 MAC address table descriptions Label Description Unicast/Multicast MAC Displays MAC address.

  • Page 51: Garp/Gvrp/Gmrp

    2.9 GARP/GVRP/GMRP This page includes three options, GARP, GVRP, and GMRP settings. GARP: Generic Attribute Registration Protocol, also known as Multiple Registration Protocol (MRP). It operates at the data link layer of OSI model, and it defines an architecture, rules of operation, state machines and variables for the registration and removing of attribute values.

  • Page 52: Garp Setting

    GARP Setting 2.9.2 Figure 2.61 GARP setting page Figure 2.61 shows GARP timer setting and the descriptions of each timer is explained in Table 2.20. Table 2.20 GARP timer setting descriptions Label Description Factory Default Join Timer Indicates the GARP Join timer, in 0 ~ 65535 seconds. 20 seconds Leave Timer Indicates the GARP Leave timer, in 0 ~ 65535 seconds.

  • Page 53: Gvrp Settings

    GVRP Settings 2.9.1 Figure 2.62 GVRP setting page...
  • Page 54 Figure 2.62 indicates GVRP configurations and functions. When GVRP is enabled, the switch which is an end node of a network needs to add static VLANs locally. Others switches dynamically learn the rest of the VLANs configured elsewhere in the network via GVRP. Table 2.21 GVRP setting descriptions Label Description...

  • Page 55: Gmrp Settings

    GMRP Settings 2.9.2 Figure 2.63 GMRP setting page...

  • Page 56: Igmp/Ip Multicast

    2.10 IGMP/IP Multicast This function contains four options (Figure 2.68 (a)), which are:  IGMP Setting  IGMP Statistics  IGMP/IP Multicast Table  Static IP Multicast IGMP: Internet Group Management Protocol is used on IP networks to establish multicast group memberships.
  • Page 57 Table 2.22 IGMP setting descriptions Label Description Factory Default Choose to enable IGMP snooping. Disabled IGMP Snooping To enable IGMP snooping. IGMP Proxy Choose to enable IGMP proxy. See note below. Disabled IGMP Fast-leave Choose to enable IGMP Fast-leave. See note below. Disabled Router's IP Display the multicast router’s IP address.

  • Page 58: Igmp Statistics

    2.10.2 IGMP Statistics Figure 2.33 (a) IGMP statistics page Figure 2.66 (b) Example of IGMP statistics IGMP statistics are shown in Figure 2.66 (a), and its example is in Figure 2.66 (b). It shows the statistical values of IGMP protocol.

  • Page 59: Igmp/Ip Multicast Table

    2.10.3 IGMP/IP Multicast Table Figure 2.34 (a) IP Multicast table page Figure 2.67 (b) Example of IP Multicast Table This option shows: 1. The IGMP membership group table. 2. Static and dynamic IP Multicast table. The dynamic join port is added by the switch’s IGMP snooping function.

  • Page 60: Static Ip Multicast

    2.10.4 Static IP Multicast Figure 2.34 (a) Static IP Multicast setting page Figure 2.68 (b) Example of Static IP Multicast setting Figure 2.68 (a) and Figure 2.68 (b) display current IP multicast addresses, and users are allowed to add more manually. For example, an IP multicast group address is: 239.1.1.1 and joining ports are Port1, Port2 and Port5 with VLAN=1.
  • Page 61 in the Join Port column. Click the “Ctrl” key on the keyboard to add more ports. Then click on the button, the IP address is then added as it can be seen on Figure 2.68 (b). To remove the static IP multicast address entry setting, click the button.

  • Page 62: Snmp

    2.11 SNMP Figure 2.69 This SNMP setting has four categories as shown in , which are  SNMP  Community Strings  Trap Receivers  SNMP V3 Users 2.11.1 SNMP SNMP: Simple Network Management Protocol is a protocol for managing devices on IP networks. It exposes management data in the form of variables on the managed systems, which describe the system configuration.

  • Page 63: Community Strings

    SNMP Choose to enable SNMP V1/V2c/V3. Disabled 2.11.2 Community Strings The managed switch supports SNMP V1, V2c, and V3. SNMP V1 and V2c use a community string match for authentication. There are three levels of authentications which are read-sysinfo-only, read- all-only, or read-write-all.

  • Page 64: Snmpv3 Users

    Community Community string for authentication. NULL String Max. 15 characters. 2.11.4 SNMPv3 Users SNMP V3 is a more secure protocol. Users will be able to set a password and an encryption key to enhance the data security. When choosing this option, users can configure SNMP V3. MD5 (Message-Digest algorithm 5) is used for authentication password, and DES (Data Encryption Standard) for data encryption algorithm as shown in Figure 2.69.

  • Page 65: Spanning Tree

    2.12 Spanning Tree IEEE Standard Spanning tree functionality is provided. The Spanning Tree Protocol (STP) provides a function of preventing switching loops and ensuring broadcast radiation. A switching loop occurs in a network when there are multiple connections between two network switches or two ports. The loop creates a broadcast radiation, which is the accumulation of broadcast and multicast traffics on a computer network.

  • Page 66: Rstp Main Setting

    2.12.2 RSTP Main Setting Figure 2.72 RSTP setting page RSTP Main setting consists of three sub sections, which are RSTP setting, Bridge info and Port status, as shown in Figure 2.72. RSTP Main setting is to enable or disable RSTP protocol. Table 2.27 RSTP main setting descriptions Label Description...

  • Page 67: Rstp Bridge Information

    2.12.3 RSTP Bridge information Figure 2.73 Bridge information page RSTP Bridge information shows the statistical value of RSTP protocol, as shown in Figure 2.73.

  • Page 68: Rstp Port Status

    2.12.4 RSTP Port Status Figure 2.74 RSTP status page RSTP Port Status shows the statistical value of RSTP protocol for each port, as shown in Figure 2.74. The statistical information for each port is state, rate, path cost, link type, edge, cost, path priority, designated information, receiving count, and transmission count.

  • Page 69: Vlan

    2.13 VLAN A Virtual Local Area Network (VLAN) is a group of devices that can be located anywhere on a network, but all devices in the group are logically connected together. In other words, VLAN allows end stations to be grouped together even if they are not located on the same network switch. With a traditional network, users usually spend a lot of time on devices relocations, but a VLAN reconfiguration can be performed entirely through software.
  • Page 70 port. If a user changes the connected port, a new port-VLAN assignment must be reconfigured for this new connection. Steps to set up Port-Based VLAN: 1. On Port-Based VLAN Setting page. 2. Select specific ports to be included to certain group. Figure 2.76 VLAN Setting 802.1Q VLAN (or tagging-based equivalently) Another VLAN mode that supported is 802.1Q.

  • Page 71: Q Vlan Table

    2.13.2 802.1Q VLAN Table Figure 2.44 (a) VLAN table page Figure 2.77 (b) Example of VLAN table page Figure 2.77 (a) and Figure 2.77 (b) display the static and dynamic VLAN information of each VID. Table 2.29 802.1Q VLAN Table descriptions Label Description Factory...

  • Page 72: Q Vlan Setting

    this port. This entry is created by GVRP. 2.13.3 802.1Q VLAN Setting Figure 2.45 (a) 802.1Q VLAN setting page Figure 2.78 (b) Example of 802.1Q VLAN setting Figure 2.78 (a) and Figure 2.78 (a) display the VLAN entry configuration. Note that below there are the corresponding VLAN entries.

  • Page 73: Q Vlan Pvid Setting

    Table 2.30 802.1Q VLAN setting descriptions Label Description Factory Default Name The VLAN ID name that can be assigned by the user. DEFAULT Configures the VLAN ID that will be added in static VLAN Dependant table in switch. The VLAN ID is in the range 2~4094. Member Configures the ports to this specific VID.

  • Page 74: Example Of Using 802.1Q Vlan

    Figure 2.79 802.1Q VLAN PVID setting page Figure 2.79 displays the ports’ default PVID. The lower portion allows the user to configure the port’s PVID. Table 2.31 802.1Q VLAN PVID setting descriptions Label Description Factory Default Port Select specific ports to be configured the PVID value. PVID Configures the default 802.1Q VID tag assigned to specific Port.

  • Page 75: Port Based Vlan Setting

    Member Ports Choice Port 1, 2 and 3 Tagged Ports Choice Port 2 and 3 Add/Modify Click button after done To select more than one port, user can simply click the “Ctrl” Key on keyboard Figure 2.80 Example of VLAN Settings 2.13.6 Port based VLAN Setting Figure 2.81 Port-based VLAN page Users can manually specify each group member port to a group ID as shown in Figure 2.81.

  • Page 77: Security

    2.14 Security Two security features are provided, Port Security and 802.1X 2.14.1 Background on 802.1X 802.1X: is an IEEE standard for port-based Network-Access Control, and it provides an authentication mechanism to devices wishing to attach to a LAN or WLAN. This protocol restricts unauthorized clients from connecting to a LAN through ports that are open to the Internet.

  • Page 78: Port Security Setting

    Figure 2.82 RADIUS authentication sequence 2.14.2 Port Security Setting Figure 2.83 shows the port security states and security setting. Figure 2.83 Port Security setting page 2.14.3 Port Security Add Static MAC...
  • Page 79 Figure 2.84 Add port security static MAC page Table 2.33 Port Security Add Static MAC descriptions Label Description MAC Address Type the suitable MAC address. Ports Choose between ports. Remove Option to remove the corresponding MAC address Click to add a MAC address VLAN Specify the corresponding VLAN address to MAC address.

  • Page 80: And Radius Setting

    2.14.4 802.1x and Radius setting Figure 2.85 802.1x & RADIUS setting page Configuration for 802.1x and Radius server information is shown on Figure 2.85. Table 2.34 802.1X setting descriptions Label Description Factory Default Choose whether to Enable 802.1X for all ports or Disabled 802.1x not.

  • Page 81: Parameters Setting

    2.14.5 802.1.x Parameters Setting Figure 2.86 802.1x setting page 802.1x parameter settings is shown in Figure 2.86 and the descriptions for each parameter are explained in Table 2.35. Table 2.35 802.1X parameter descriptions Label Description Factory Default Waiting time between requests when the Quiet Period authorization has failed.

  • Page 82: Port Setting

    2.14.6 802.1x Port Setting Figure 2.87 802.1x Port setting page 802.1x Port information is shown in Figure 2.87. Each port can be set a mode for authorization as described in Table 2.36. Table 2.36 802.1X Port setting descriptions Label Description Factory Default Port Set specific ports to be configured.

  • Page 83: Erps/Ring

    2.15 ERPS/Ring 2.15.1 DIP Switch Figure 2.88 DIP switch status page This section allows users to set the DIP Switch control; the DIP switches are located on the housing. This is another easy and convenient way to configure ERPS or iA-ring or Compatible-Ring via DIP Switches (instead of modifying configuration on a web browser).
  • Page 84 Figure 2.89 Ring topology Figure 2.89 shows each Ethernet Ring Node is connected to an adjacent Ethernet Ring Nodes participating in the same Ethernet Ring using two independent links (i.e. two ways). In the Ethernet ring, loops can be avoided by guaranteeing that traffic may flow on all but one of the ring links at any time.
  • Page 85 Figure 2.90 ERPS Setting page ERPS settings are shown on Figure 2.90. Users should disable the DIP Switch Control first in order to set up ERPS parameters. Table 2.37 ERP setting description Label Description Factory Default ERPS Choose whether to enable ERPS or not. Disabled Choose to enable log.
  • Page 86 Figure 2.91 ERPS RAPS VLAN Setting page Table 2.38 ERPS VLAN setting description Label Description Factory Default ERPS VLAN Indicate current RAPS VLAN ID. None Status Choose to enable ERPS with this particular VLAN. Disabled West Port Choose the West Port of the RPL. Port1 East Port Choose the East Port of the RPL.
  • Page 87 Figure 2.92 Example of Ring topology Using the same example as above, configurations of four switches can be set up individually as follows: Table 2.39 Switch A and B configuration setting EH7520 EH7520 RAPS VLAN RAPS VLAN ERPS RAPS Enabled ERPS RAPS Enabled West Port...

  • Page 88: Uerps Settings (Optional)

    UERPS Settings (optional) 1. Prepare two managed switches (Switch A and Switch B). We will use Port 7 and Port 8 on both switches for redundancy. 2. Connect Switch A and Switch B to the network or PC so that you can access them. For simplicity you can use Port 1 for Web configuration on both switches.

  • Page 89: Ia-Ring Setting

    9. Now you can add any other bridge that you want in between the two managed switches. 2.15.3 iA-Ring Setting Atop’s managed switch is designed to be compatible with iA-Ring protocol for providing better network reliability and faster recovery time for redundant ring topologies. It is in the same category as R Rings, but with its own protocol.
  • Page 90 Figure 2.97 iA-Ring Example Topology...
  • Page 91 Figure 2.98 iA-Ring Setting page Figure 2.98 shows iA-Ring redundancy protocol. Users should disable DIP Switch Control and ERPS first in order to enable/configure iA-Ring parameters on a web browser. Table 2.41 iA-Ring setting descriptions Label Description Factory Default iA-Ring Enable iA-Ring or disable iA-Ring.

  • Page 92: Compatible-Ring Setting

    2.15.4 Compatible-Ring Setting Compatible-Ring is similar to iA-Ring. The only difference is that it can be used for MOXA rings as well. For more information about this redundant ring protocol, please contact Atop. Figure 2.99 Compatible-Ring Setting page Figure 2.99 shows how to set the Compatible-Ring redundancy protocol; users should disable DIP Switch Control and ERPS first in order to enable/configure Compatible-Ring parameters on the web browser.

  • Page 93: U-Ring

    2.15.5 U-Ring U-Ring (Unicast Ring) Setup Figure 2.68 (a) Example of a 2 wireless bridge U-ring From Figure 2.100 (a), this configuration is for accessing between 2 points. In this example, each point is connected to the Access Points by an Ethernet LAN line and these in turn are connected by Wireless Bridges 1 and 2.
  • Page 94 Figure 2.100 (b) Example of a 2 wired bridge U-ring U-ring protocol could be used in the above environment. The AP could be:  Dump-switch  Transceiver  XDSL bridge Care should be taken that if a dump-switch is used as an AP (Access Point). The one on the other side must be a dump-switch as well.
  • Page 95 Figure 2.101 U-Ring Setting page Table 2.43 U-Ring setting descriptions Label Description Factory Default Operation Status Shows whether the device’s state is normal or Disabled protected. U-Ring Shows whether the Unicast ring is working. Disabled Ring Master Shows whether the device is a slave or master on Disabled this ring.

  • Page 96: Lldp

    2.16 LLDP Link Layer Discovery Protocol (LLDP) section consists of LLDP setting and LLDP Neighbors. 2.16.1 LLDP Setting Link Layer Discovery Protocol (LLDP) is an IEEE standard OSI layer-2 protocol. It’s used by network devices for displaying their identity, capabilities, and neighbors’ information on a local area network. It allows each network device, e.g.

  • Page 97: Neighbors

    Tx Interval Set the transmit interval of LLDP messages. Range from 5 to 65535 seconds. TxTTL Tx Time-To-Live. Amount of time to keep neighbors’ information. The recommend TTL value is 4 times of Tx Interval. Range from 5 to 65535 seconds. 2.16.2 Neighbors Figure 2.71 (a) LLDP Neighbor page Figure 2.103 (b) Example of LLDP Neighbor...
  • Page 98 Management Indicates neighbor’s management IP address. Address...

  • Page 99: System

    2.17 System It is important for network administrators to know what’s happening in their networks, and know where the events are happening. However, it is difficult to locate network devices that are at the endpoints of systems. Thus Ethernet switches connected to these devices play an important role of providing first- moment alarm messages to network administrators.

  • Page 100: Event Log

    Checked: Saving log event into flash memory. Uncheck Enable Log Event to The flash memory can keep the log event files Flash even if the switch is rebooted. Unchecked: Saving log event into RAM memory. The RAM memory cannot keep the log event files after each reboot.

  • Page 101: Warning

    Next page. Click to display all events. Click to clear all events 2.17.3 Warning 2.17.4 Warning Event Selection There are three different types of events: Port Events, Power Events, and System Events. Port Events (Figure 2.106), are related to the activities of a certain port. Power Events keep track of power status of the switch.
  • Page 102 Label Description Factory Default Port Indicates each port number. Disable: Disables alarm function, i.e. no alarm Disabled message will be sent. Link Up: Alarm message will be sent when this port/link is up and connection begins. Port state event Link Down: Alarm message will be sent when this port/link is down and disconnected.

  • Page 103: Alert Warning Events

    2.17.5 Alert Warning Events Managed switches warns its users in case any event occurs. A table in this section displays the warning events (as shown in Figure 2.107 (b) as an example). A short alarm message is shown on the top portion of the web browser interface. Users can click the “Alarms!” to hyperlink to the “Warning Events”...

  • Page 104: Smtp Settings

    Table 2.49 Warning events descriptions Label Description Factory Default Clear Relay Alarm Sets Hardware Relay Alarm to off. Relay is off Clear All Warning Events Clears all warning events that are displayed. 2.17.6 SMTP Settings Simple Mail Transfer Protocol (SMTP) is an internet standard for email transmission across IP networks.

  • Page 105: Backup/Restore

    Figure 2.108 (b) Example of SMTP setting Table 2.50 SMTP setting descriptions Label Description Factory Default SMTP Server Address Configure the IP address of email server NULL Sender E-mail Address Configure the sender e-mail address. NULL Mail Subject Type the subject of this warning message. NULL Max.
  • Page 106 Figure 2.109 Backup/Restore page Restore: Upload configuration back to the managed switch from the computer. It will replace the current configuration. Figure 2.110 Restore Device Configuration *Notes: There are two options which can save the username, password or network configuration. This will prevent users from logging-in due to a different username, password or network configuration after settings are restored.

  • Page 107: Firmware Upgrade

    2.17.8 Firmware Upgrade Users can upgrade device firmware via web interface as shown in Figure 2.111. To upgrade the firmware, users download a new firmware from the web and save it in a computer. Then, users click “Browse” and choose the firmware that already downloaded. After that, users click “Upgrade” and wait for the upgrade process to be done.
  • Page 108 Figure 2.112 TFTP Configuration page Figure 2.113 Example of TFTP Configurations This selection allows users to save the current configuration file to a remote TFTP server, or download and replace a configuration setting which already exist in a TFTP server. Table 2.51 TFTP setting descriptions Label Description...

  • Page 109: Factory Default

    Configuration File Name Type in the name of the file to be uploaded or NULL downloaded. Click to start download remote configuration into Switch. Click to start upload Switch configuration to remote TFTP server. 2.17.10 Factory Default When the managed switch is not working properly, users can reset it to default factory settings by clicking Reset, as shown in Figure 2.114.
  • Page 110 Figure 2.115 Reboot page...

  • Page 111: Configuring With A Serial Console

    3 Configuring with a Serial Console A managed switch can also be configured by using a serial console. This method is similar to the web browser one. The options are the same, so users can take the same procedures as those examples Chapter 3.1 Serial Console Setup After users install Tera Term, perform the following steps to access the serial console utility.
  • Page 112 Figure 3.2 Setup menu 3. The Serial Port Setup window pops up. Select appropriate port for Port, 115200 for Baud Rate, 8 bit for Data, none for Parity, and 1 bit for Stop, as shown in Fig.3.3. Figure 3.3 Serial port setting 4.

  • Page 113: Command Line Interface Introduction

    3.2 Command Line Interface Introduction The Command Line Interface supports two types of privileges, which are operator and manager privileges. Users with operator privileges may only view the information, while those with manager privileges are allowed to view information and configure settings. Operator and manager privileges are initially entered without the need for passwords, but a user may assign a password to both the operator and manager.

  • Page 114: General Commands

    3.3 General Commands The table below shows some useful commands that may be used anytime when using serial console. Table 3.1 Command descriptions Commands Descriptions Enable Turn on privileged mode. Disable Turn off privileged mode. Configure Enter configuration mode. List all available options. Exit Go back to previous menu.

  • Page 115: Command Example

    3.4 Command Example The serial console method is available to make any configuration just like the web browser method. These two methods have similar functionalities. The picture below shows all the options on CLI. Two examples of making configurations, Administration and Spanning Tree, are shown in following sub- sections are the same as explained in Chapter 2 by using web browser, but the only difference is that...

  • Page 116: Spanning Tree Setup Using Serial Console

    Table 3.2 Commands for Administration setup descriptions Command Description sntp <IP-add> <before-utc | after-utc> Starts SNTP service. <0 ~ 24 hours> [no] dhcp Enable or disable DHCP. show dhcp Shows DHCP status. ip address<ip-addr> <ip-mask> Set IP address and subnet mask. Ip default-gateway <ip-addr>...

  • Page 118: Configuring With A Telnet Console

    4 Configuring with a Telnet Console The last configuration method is the Telnet method and it is described in this chapter. 4.1 Telnet Telnet is a remote terminal software to login to any remote telnet servers. It typically is installed in most of operating systems.

  • Page 119: Command Line Interface For Telnet

    4.3 Command line interface for Telnet After the input telnet command line, the switch’s interface is displayed as shown in Figure 4.2. Figure 4.2 Log-in screen using Telnet Users will see the welcome screen to the switch interface. It is important to note that there is no password protection to the default telnet log-in method.

  • Page 120: Commands In The Configuration Mode

    4.5 Commands in the configuration mode When users type in “?” in configuration mode, a long lists of commands is displayed on screen as shown in Figure 4.4. Figure 4.4 Commands in the configuration mode Table 4.1 shows all commands that can be used to configure the switch in the configuration mode. Table 4.1 Configuration mode commands Commands Descriptions...
  • Page 121 erase Erase configuration erps ERPS information filter Filter source MAC address information garp GARP information gvrp GVRP information help Description of the interactive help system history Set the number of history commands IP information igmp IGMP information ia-ring iA-Ring configuration logout Log out of the system lldp...

  • Page 122: Appendix A: Glossary

    Appendix A: Glossary Term Description 802.1 A working group of IEEE standards dealing with Local Area Network. Provides mechanism for implementing Quality of Service (QoS) at the Media 802.1p Access Control Level (MAC). IEEE standard for port-based Network-Access Control; provides an 802.1x authentication mechanism to devices wishing to attach to a LAN or WLAN Broadcast...
  • Page 123 system into smaller parts called layers. A layer is a collection of conceptually similar functions that provide services to the layer above it and receives services from the layer below it. Quality of Service. Remote Authentication Dial In User Service. Authentication and monitoring RADIUS protocol on the application level for authentication, integrity protection and accounting for network access.

  • Page 124: Appendix B: Modbus Memory Map

    Appendix B: Modbus Memory Map 1. Read Registers (Support Function Code 3, 4). 2. Write Register (Support Function Code 6). 3. 1 Word = 2 Bytes. Address Data Type Read/Write Description System Information System Description = "Managed Switch EH7510" Word 0 Hi byte = 'M' Word 0 Lo byte = 'a' Word 1 Hi byte = 'n' Word 1 Lo byte = 'a'...
  • Page 125 Baud Rate 0x0000: 4800 0x0001: 9600 0x0002: 14400 0x0003: 19200 0x0030 (48) 1 word 0x0004: 28800 0x0005: 38400 0x0006: 57600 0x0007: 144000 0x0008: 115200 Data Bits 0x0031 (49) 1 word 0x0007: 7 0x0008: 8 Parity 0x0000: None 0x0032 (50) 1 word 0x0001: Odd 0x0002: Even Stop Bit...
  • Page 126 DNS1 of switch Ex: IP = 168.95.1.1 Word 0 Hi byte = 0xA8 0x0057 (87) 2 words Word 0 Lo byte = 0x5F Word 1 Hi byte = 0x01 Word 1 Lo byte = 0x01 DNS2 of switch Ex: IP = 168.95.1.1 Word 0 Hi byte = 0xA8 0x0059 (89) 2 words...
  • Page 127 Port Speed Status, 10M = 0x01 Status, 100M = 0x02 Status, 1000M = 0x03 Word 0 Hi byte = Port 1 Status Word 0 Lo byte = Port 2 Status Word 1 Hi byte = Port 3 Status 0x1040 (4160) 5 words Word 1 Lo byte = Port 4 Status Word 2 Hi byte = Port 5 Status...
  • Page 128 Word 6,7 = Port 4 TX Rate Word 8,9 = Port 5 TX Rate Word 10,11 = Port 6 TX Rate Word 12,13 = Port 7 TX Rate Word 14,15 = Port 8 TX Rate Word 16,17 = Port 9 TX Rate Word 18,19 = Port 10 TX Rate Port RX rate Ex.
  • Page 129 Count of Good Packets of RX Ex. Port 1 gets 0x2EEEE1FFFF good packets of RX. Word 0 of Port 1 = 0x0000 Word 1 of Port 1 = 0x002E Word 2 of Port 1 = 0xEEE1 Word 3 of Port 1 = 0xFFFF Word 0,1,2,3 = Port 1 good packets Word 4,5,6,7 = Port 2 good packets 0x1500 (5376)
  • Page 130 STP Port Status 0x00: Disabled 0x01: Listening 0x02: Learning 0x03: Forwarding 0x04: Blocking 0x05: Discarding 0xFF: RSTP Not Enable Word 0 Hi byte = Port 1 Status 0x2101 (8449) 5 words Word 0 Lo byte = Port 2 Status Word 1 Hi byte = Port 3 Status Word 1 Lo byte = Port 4 Status Word 2 Hi byte = Port 5 Status Word 2 Lo byte = Port 6 Status...
  • Page 131 ERPS East Port Ex: 3st West Port = Port 3, Word 2 = 0x0003 0x0001: Port 1 0x0002: Port 2 … 0x000A: Port 10 0x000C: Trk1 0x000D: Trk2 0x2240 (8768) 5 words 0x000E: Trk3 0x000F: Virtual Channel 0x00FF: VLAN ID exist but no East Port be Selected 0xFFFF: ERPS Not Enable Word 0 = 1st VLAN ID East Port Word 1 = 2st VLAN ID East Port...
  • Page 132 iA-Ring Master Status 0x0000: Disabled 0x2300 (8960) 1 word 0x0001: Enabled 0xFFFF: iA-Ring not enable 1st Ring Port Ex: 1st Ring Port = Port 2, Word 0 = 0x0002 0x0001: Port 1 0x2301 (8961) 1 word 0x0002: Port 2 … 0x000A: Port 10 0xFFFF: iA-Ring not enable 2st Ring Port...

This manual is also suitable for:

Eh7508Eh7520Ehg7504Eh7512Ehg7506Ehg7508 ... Show all

Table of Contents