CTC Union GSW3208M User Manual
  1. Manuals
  2. Brands
  3. CTC Union Manuals
  4. Network Router
  5. GSW-3208M
  6. User manual
CTC Union GSW3208M User Manual

CTC Union GSW3208M User Manual

L2 managed gbe switches
Hide thumbs Also See for GSW3208M:
Table of Contents

Advertisement

Quick Links

See also: User Manual
GSW3208M/3424M
L2 Managed GbE Switches
1

Advertisement

Table of Contents
loading

Related Manuals for CTC Union GSW3208M

Summary of Contents for CTC Union GSW3208M

  • Page 1 GSW3208M/3424M L2 Managed GbE Switches...
  • Page 3 CTC Union Technologies Co., Ltd. Far Eastern Vienna Technology Center (Neihu Technology Park) 8F, No. 60 Zhouzi St. Neihu District Taipei 114 Taiwan Tel: +886-2-26591021 Fax: +886-2-27991355 Email: info@ctcu.com URL: http://www.ctcu.com GSW3208M/3424M User Manual 8+2 and 24+4 Gigabit Ethernet Layer 2 Switches w/SNMP Version 1.2 Feb 10, 2010 (Updated)
  • Page 4 About this manual … This manual is a general manual for different models of our Gigabit Management Switch. They are similar in operation but have different hardware configurations. These models are 8 * TX + 2 * SFP (10G) ports model This model supports eight TX ports and two extra SFP ports for Gigabit Ethernet connections.

  • Page 5: Table Of Contents

    Contents 1. INTRODUCTION ....................7 1.1 P ..................7 ACKAGE ONTENTS 2. WHERE TO PLACE THE SWITCH ..............8 3. CONFIGURE NETWORK CONNECTION............11 3.1 C ............11 ONNECTING EVICES TO THE WITCH 3.2 C ........11 ONNECTING TO NOTHER THERNET WITCH 3.3 A ....................12 PPLICATION 4.
  • Page 6 7. SOFTWARE UPDATE AND BACKUP ............128 A. PRODUCT SPECIFICATIONS..............129 B. COMPLIANCES...................133 C. WARRANTY ....................134...

  • Page 7: Introduction

    1. Introduction There are two models for the Gigabit Management Switch Series – 8TX+2SFP(10G) model and 24TX+4SFP(24G) model. This Gigabit Management Switch is a Layer2 Management switch with lots of advanced network functions including VLAN, trunking, spanning tree, mirror port, rate limit, IGMP and port configuration.

  • Page 8: Where To Place The Switch

    2. Where To Place the Switch This Switch can be placed on a flat surface (your desk, shelf or table). Place the Switch at a location with these connection considerations in mind: The switch configuration does not break the rules as specified in Section 3. The switch is accessible and cables can be connected easily to it.
  • Page 9 4. Grounding - Rack-mounted equipment should be properly and well grounded. Particular attention should be given to supply connections other than direct connections to the mains. [Attach Rack-Mount Brackets to the Switch] 1. Position a Rack-Mount Bracket on one side of the Switch. 2.
  • Page 10 1. Position a bracket that is already attached to the switch on one side of the rack. 2. Line up the screw holes on the bracket with the screw holes on the side of the rack. 3. Use a screwdriver to install the rack screws through the mounting bracket holes into the rack.

  • Page 11: Configure Network Connection

    3. Configure Network Connection 3.1 Connecting Devices to the Switch [ Connection Guidelines: ] For 10BaseT connection : Category 3 or 5 twisted-pair Ethernet cable For 100BaseTX connection : Category 5 twisted-pair Ethernet cable For 1000BaseTX connection: Category 5e or 6 twisted-pair Ethernet cable For TX cable connection, always limit the cable distance to 100 meters (328 ft) as defined by IEEE specification If your switch has 1000BaseSX/1000BaseLX connections, you can connect...

  • Page 12: Application

    3.3 Application A switch can be used to overcome the hub-to-hub connectivity limitations as well as improve overall network performance. Switches make intelligent decisions about where to send network traffic based on the destination address of the packet. As a result, the switch can significantly reduce unnecessary traffic. The example below demonstrates the switch ability to segment the network.

  • Page 13: Adding Module

    4. Adding Module This switch supports SFP (for 1000SX/LX/…) connectors for gigabit ports. Because the SFP slots support hot-swap function, you can plug/unplug the SFP transceiver to/from the SFP slot directly. The switch can auto-detect the gigabit connection from SFP slot. Follow the steps for module adding and removing.

  • Page 14: Leds Conditions Definition

    5. LEDs Conditions Definition The LEDs provide useful information about the switch and the status of all individual ports. [ For 8TX+2SFP / 24TX+4SFP Models ] STATUS CONDITION Switch is receiving power. Power System is booting. System Yellow System is initializing. Green System is running.

  • Page 15: Manage / Configure The Switch

    6. Manage / Configure the Switch 6.1 Introduction of the management functions This switch is a L2 Management switch. It supports in-band management function from Http/Telnet/SNMP interfaces. Console is supported for local command-line settings. It supports network configuration functions, like VLAN, Trunking, Port Mirror, QoS, spanning tree and software backup/update.
  • Page 16 configure this function for their network spanning tree application. 4. Port Mirror This switch operates in store-and-forward algorithm so it is not possible to monitor network traffic from another connection port. But the port mirror function can copy packets from some monitored port to another port for network monitor.
  • Page 17 8. IEEE 802.1x Port Security Function If the 802.1x function is enabled, the switch will act as an authenticator for users accessing network through the switch. It will need a RADIUS server for the authentication function. Users will be asked for username and password before network access.
  • Page 18 a. From console when booting : doing by Xmodem protocol and by terminal program for boot code and run-time code updating. b. From web browser : doing by http protocol and by web browser for run-time code and configuration backup/update. c.

  • Page 19: Settings With Console Connection

    6.2 Settings with Console Connection 6.2.1 Basic of the Console Interface << Enter Console Interface >> Please follow the steps to complete the console hardware connection first. 1. Connect from console port of the switch to COM port of PC with the console cable.
  • Page 20 first.
  • Page 21 With “?” command, you can find the command list as follow. --------------------------------------------------------------------------------------------- exit Exit from current mode help Show available commands history Show a list of previously run commands logout Disconnect ping Sends ICMP echo packets to other network nodes quit Quit commands reload...
  • Page 22 --------------------------------------------------------------------------------------------- > ? exit Exit from current mode help Show available commands history Show a list of previously run commands logout Disconnect ping Sends ICMP echo packets to other network nodes quit Quit commands show Show the counters that the system uses >...
  • Page 23 configure mode. And the prompt will become “(config-if)#”. For example, “interface ethernet 1/5” is for settings on Port 5. If the settings are for VLAN group, it is done with “interface vlan x” command in configure mode. And the prompt will become “(config-if)#”. For example, “interface vlan 100”...

  • Page 24: General Basic Commands

    6.2.2 General Basic Commands When “admin” / “admin” is used for username/password, the console will enter administrator mode. Enter “?”, command list will be shown. --------------------------------------------------------------------------------------------- exit Exit from current mode help Show available commands history Show a list of previously run commands logout Disconnect ping...
  • Page 25 -n count : Number of echo requests to send. -l length : Send buffer size, and length is between 64~8148 : Ping the specified host until stopped by <ESC> key. : Timeout in milliseconds to wait for each reply. : IP address (xxx.xxx.xxx.xxx) For example, “ping 192.168.1.80”.
  • Page 26 snmp Simple Network Management Protocol statistis sntp Simple Network Time Protocol configuration spanning-tree Spanning-tree configuration system System information trunk Trunk information version System hardware and software versions vlan Virtual LAN settings With sub-commands, different configuration settings will be displayed. More help information for them will be prompted with “show xxxx ?” (xxxx is the sub-command).
  • Page 27 The operation of configure mode will be described in next section. “exit” command can be used to quit this operation mode. 11. copy command This command is used to backup system configuration/firmware to TFTP server, restore system configuration from TFTP server, and update firmware from TFTP server.

  • Page 28: Configure Mode Commands

    6.2.3 Configure Mode Commands Entering “configure” command at console interface, the prompt will become ... “(configure)#”. All the general settings for the switch can be done in this mode. If the settings are for ports, it is done with “interface” command in configure mode. For example, “interface ethernet 1/5”...
  • Page 29 username Establishes user name authentication vlan Switch Virtual LAN interface ---------------------------------------------------------------------------------------------- 1 exit command This command is used to leave current operation mode. Go back to last mode. 2 help command This command is used to show all the available commands in this mode. 3 history command This command is used to show the history of entering commands.
  • Page 30 For “Auto Negotiation” mode, the switch will disable port auto-negotiation function when the auto function of port (in Port Configuration setting) is disabled. For “Auto Detect” mode, the switch will always keep port auto-negotiation function ON but just modify its attribution if auto function of port (in Port Configuration setting) is disabled.
  • Page 31 Here is the Option 82 definition of the switch. 1. Circuit ID sub-option setup information for DHCP server : <Format> [Slot ID/1-Byte] [Port ID/1-Byte] [VLAN ID/2-Bytes] [Information/X- Bytes] Slot ID - plase set to “0”. Port ID - please set according to the port number of the switch. VLAN ID - please set according to its VLAN ID.
  • Page 32 transparent Transparent 802.1x packets dot1x authcount x command is used to set max count for re-authentication request in the re-authentication process. If the max count is met, it will become un-authentication state. The valid value of “x” is 1~10. dot1x dynamic-vlan command is used to enable Dynamic VLAN function for 802.1x operation.
  • Page 33 Note: 1. Setting 802.1x function on ports, use “dot1x” command in interface configuring mode. 2. Setting for RADIUS server, use “radius-server” command. Please refer to sections for the commands. end command This command is used to exit from configure mode. 12 hostname command This command is used to set the name of the switch in network.
  • Page 34 igmp IGMP protocol ip default-gateway x.x.x.x command is used to specify the default gateway for IP configuration of the switch. x.x.x.x is the IP address of the gateway device. ip http ... command is used to configure http service of the switch. Entering “ip http ?”, the sub-command will be shown.
  • Page 35 to disable it. If it is enable, the unregistered (not joined) IP multicast traffic will be flooded to every port. If it is disable, the unregistered (not joined) IP multicast traffic will be flood to IGMP member ports only. 15 ip-filter command This command is used to enable IP Filtering function on port.
  • Page 36 <cr> logging remote-log command is used to enable the remote logging function. Events will also be sent to syslog servers. no logging remote-log command is used to disable it. logging remote-log x host y.y.y.y command is used to set IP address (y.y.y.y) to syslog server with index x.
  • Page 37 groups. management x mode modify/view command is used to set the access right for some user groups (“x” is the index of the user group). If “management x mode modify” command, users in this groups have “modify” right for management. If “management x mode view” command, users in this groups have “view”...
  • Page 38 “inactive” state. mvr x group yyy start-address m.m.m.m end-address n.n.n.n command is used to create a IP multicast group for the MVR VLAN. After MVR VLAN is created, you can assign IP multicast groups (video channels) to the MVR VLAN. And you can assign more than one IP multicast groups (video channels) to one MVR VLAN.
  • Page 39 spanning-tree Configures spanning tree parameters storm-control Configures storm control trunk Configures trunk function For example, “mirror” command can enable the mirror function and “no mirror” command can disable it. “ip default-gateway 192.168.1.100” will set the IP gateway of the switch to 192.168.1.100, and “no ip default-gateway”...
  • Page 40 weighting. 26 radius-server command This command is used to configure the settings for RADIUS Server. settings will be used in 802.1x operation. Entering “radius-server ?”, the sub-commands will be shown. (config)# radius-server ? host Sets the port as a host port Sets the RADIUS encryption key port Sets the RADIUS server network port...
  • Page 41 snmp-server community set xxx command is used to set the community string of set command for SNMP operation. “xxx” is the community string. snmp-server contact xxx command is used to set the contact information for this switch. “xxx” is the contact information string. snmp-server location xxx command is used to set the location information for this switch.
  • Page 42 Time. “w” is the week number in the month. Its value is 1~5. “x” is the day number in the week. Its value is 0~6. “y” is the month number. Its value is 1~12. “z” is the hour number in the day. Its value is 0~23. 30 spanning-tree command This command is used to configure spanning tree protocol of the switch.
  • Page 43 This command is used to set the storm control rate. The packet storms that could be controlled are broadcast, multicast, and unicast flooding traffic. And the rate is counted with packet per second(pps), not bit per second(bps). storm-control bc-rate x command is used to set rate limit for broadcast traffic. “x”...

  • Page 44: Interface Configuring Commands

    6.2.4 Interface Configuring Commands Commands in Configuring Mode are for general switch settings. And its prompt is “(config)#”. The port interface function and VLAN group interface function are set with “interface” command. (config)# interface ? ethernet Ethernet port vlan Switch Virtual LAN interface interface ethernet 1/x command is used to configure settings for Port x.
  • Page 45 4. interface ethernet 1/w,x,..,y-z and “w”,”x”,”y”,”z” are port number. All the settings after this command will be applied to those ports. For example, “interface ethernet 1/1,2,4-7” and the settings after this command will be applied to Port 1, Port 2, Port 4, Port 5, Port 6, and Port 7. (Port 4~7) Entering “interface ethernet 1/5”, and its prompt will become ...
  • Page 46 This command is used to show all the available commands in this mode. 3 history command This command is used to show the history of entering commands. 4 logout command This command is used to logout from console interface. 5 quit command This command is used to quit from console interface.
  • Page 47 9 duplex command This command is used to set the duplex mode of the interface port(s). It could be full duplex or half duplex. Note: Half duplex is for 10M and 100M speed mode only. 1000M speed mode don’t support half duplex. duplex full command will set the interface port(s) to full duplex.
  • Page 48 This command is used to set the IP address and subnet for IP-Filtering operation on the port(s). If the IP address is set and IP-Filtering function is enabled, only network devices in this IP subnet can access network through the port(s).
  • Page 49 (config-if)# maximum-packet-length ? 1518 max. packet length=1518 1532 max. packet length=1532 9216 max. packet length=9216 9600 max. packet length=9600 17 mdi-mdix command This command is used to set the MDI/MDI-X mode of port(s). This switch supports Auto-MDi/MDIX function. And this command can force it MDI or MDI- X mode.
  • Page 50 speed Configures speed operation switchport Configures switching mode characteristics For example, “lacp” command can enable the LACP function on the interface port(s) and “no lacp” command can disable it. “maximum-packet-length 9600” will set the maximum packet size to 9600, and “no maximum-packet-length”...
  • Page 51 22 power-saving command This command is used to enable the power-saving function for the interface port(s). If it is enabled and auto-negotiation is also enabled, the interface port(s) will go to low-power mode when link down. That can reduce power consumption of the switch.
  • Page 52 “x”=0, it means “no limit”. 25 shutdown command This command is used to disable the interface port(s). shutdown command is used to disable the interface port(s). no shutdown command is used to enable it. 26 spanning-tree command This command is used to configure spanning tree function on interface port(s). (config-if)# spanning-tree ? cost Specifies spanning tree cost...
  • Page 53 speed auto command will set the interface port(s) to auto-negotiation mode. speed 10 command will set the interface port(s) to 10M speed. speed 100 command will set the interface port(s) to 100M speed. speed 1000 command will set the interface port(s) to 1000M(gigabit) speed. 28 switchport command This command is used to configure some switch function characteristics for the interface port(s).
  • Page 54 tag port for all packets except packets for VLAN 10. Port 5 will act as an untag port for packets working for VLAN 10. switchport mode trunk command will set the interface port(s) as tag port(s) for 802.1Q VLAN operation. Tag port will always send tagged packets and is used for switch-to-switch cascading.
  • Page 55 port for VLAN stacking operation. It will add a tag and allow two 802.1Q VLAN tags in a packet. It is for tunnel and upward connection of VLAN stacking operation. 6.2.4.2 Interface Configuring Commands for VLAN Commands in Configuring Mode are for general switch settings. And its prompt is “(config)#”.
  • Page 56 This command is used to show the history of entering commands. 4. logout command This command is used to logout from console interface. 5. quit command This command is used to quit from console interface. It has the same function as logout.
  • Page 57 ip address x.x.x.x y.y.y.y command is used to set IP address of the switch on this VLAN. “x.x.x.x” is the IP address. “y.y.y.y” is the subnet mask. For example, “ip address 192.168.1.12 255.255.255.0” will set the IP address of the switch on this VLAN group for remote management. ip address renew command is used to refresh the lease time of the IP address got by DHCP.

  • Page 58: Vlan Configuring Commands

    6.2.5 VLAN Configuring Commands Commands in Configuring Mode are for general switch settings. And its prompt is “(config)#”. If the settings are for VLANs, it should enter VLAN configuring mode first by “vlan database” command in configure mode. And its prompt will become “(config- vlan)#”.
  • Page 59 5 quit command This command is used to quit from console interface. It has the same function as logout. 6 end command This command is used to exit from VLAN Configuring mode. (config-vlan)# end (config)# 7 1q-vlan command This command is used to configure 802.1Q VLAN characteristics. (config-vlan)# 1q-vlan ? gvrp Enables GVRP globally for the switch...
  • Page 60 will be disable at the same time. port-vlan command is used to enable Port-base VLAN. no port-vlan command is used to disable it. 10 private-vlan command This command is used to create VLAN groups for Private VLAN and create the associations between Primary VLAN and Community VLAN.

  • Page 61: Show Commands

    6.2.6 Show Commands Show command is put in General Basic Commands for viewing system configuration and information. Enter “show ?” at the prompt, the sub-command list will be shown. ---------------------------------------------------------------------------------------------- # show ? Show AAA service configuration calendar Date and time information dhcp-relay DHCP Relay Configuration dot1x...
  • Page 62 2. show calendar command This command will show current system time. For example, # show calendar Current Time : 2008/08/29-11:27:12 3. show dhcp-relay command This command will show current DHCP Relay/Option 82 settings. For example, # show dhcp-relay DHCP Relay Configuration DHCP Relay Status: Disable Add additional option82 information: Disable...
  • Page 63 Supplicant Allowed In Guest Vlan: Disable Dynamic vlan: Disable 5. show gvrp command This command is used to show current GVRP configuration. show gvrp configuration command will show current GVRP configuration. # show gvrp configuration GVRP configuration: Disable 6. show history command This command is used to show the history of input commands.
  • Page 64 show interface status command will show port status of all ports (one after another). show interface status ethernet 1/x command will show port status of Port x. (“x” is the port number). For example, # show interface status ethernet 1/5 Basic information: Port type: 1000TX...
  • Page 65 8. show ip command This command is used to show current IGMP configuration and switch IP configuration. # show ip ? igmp IGMP snooping interface Interface information redirects Default gateway configured for this device show ip igmp snooping command will show current switch IGMP configuration.
  • Page 66 10. show lacp command This command is used to show current LACP configuration of the switch. # show lacp ? internal Shows config settings/operational state for local side portstatus Shows LACP Port Status sysid Shows channel groups system priority/MAC address show lacp internal command is used to show system priority and protocol enable/disable status of ports.
  • Page 67 Password threshold: open-end time Baudrate: 9600 Databits: 8 Parity : 0 [0|1|2|3][NONE|EVEN|ODD|MARK|SPACE] Stopbits: 1 12. show log command This command is used to show current system log and system log configuration. # show log ? configuration logging configuration <cr> show log command is used to show current system log content. For example, # show log [5] Thu Jan 01 09:00:02 1970...
  • Page 68 show mac-address-table command will show mac address table content. For example, # show mac-address-table Interface MAC Address VLAN Type ================================================= Eth 1/3 00-00-01-00-00-20 Learned Eth 1/3 00-0E-A0-00-03-28 Learned Eth 1/3 00-90-08-A7-76-C6 Learned Eth 1/3 00-C0-F6-01-11-40 Learned Eth 1/3 00-80-C8-BF-10-D2 Learned Eth 1/3 00-C0-F6-01-15-87 Learned...
  • Page 69 14. show mac-security command This command is used to show mac address security settings on port. There are two mac address security functions for ports. One is “accept” function that allows static mac addresses on ports to access network only. Another is “limit by mac no.”...
  • Page 70 enable/disable status, and DSCP values(0~63) to priority queue mapping on each port. show map dscp ethernet 1/x command is used to show DSCP values(0~63) to priority queues mapping on Port x. (“x” is the port number.) show map port command is used to show connection port to priority queues mapping.
  • Page 71 19. show queue command This command is used to show traffic scheduling settings for priority queues on ports. # show queue ? bandwidth Shows weighted round-robin (WRR) bandwidth mode Priority queue information show queue bandwidth command is used to show weighting of priority queues for bandwitdh sharing of WRR operation.
  • Page 72 SNTP server 220.130.158.54 …… …… interface ethernet 1/10 port-vlan 1 Default_VLAN !end 22. show rate-limit command This command is used to show rate limit settings. For example, #show rate-limit Ingress Drop Mode: Enable Rate Control Unit(Kbps): 128 [Rate Control Configuration] Port Ingress Egress...
  • Page 73 4 Disabled public 0.0.0.0 5 Disabled public 0.0.0.0 Version: V3V2cV1 Username: admin SnmpSecurityLevel: noauth Authentication: MD5 Privacy: Des 24. show sntp command This command is used to show system time settings of the switch. For example, # show sntp ==================================== [Time Configuration] ==================================== Get Time By : Manually...
  • Page 74 26. show system command This command is used to show general system information/configuration of the switch. For example, # show system System Configuration Main Board Information: Firmware Version: 1.04.14 Mac Address: 00:11:22:33:44:55 Number of Ports: 1Q VLAN Max. Group: 1024 DHCP Client: Disable Time Server:...
  • Page 75 # show vlan ? private-vlan Private VLAN VLAN interface name VLAN interface name port-based Port-Based Virtual LAN Configuration <cr> show vlan command is used to show all 802.1Q VLAN settings (enable/disable, VLAN ID, VLAN Name, VLAN Type, and Assigned ports). show vlan id x command is used to show VLAN setting of VLAN x.
  • Page 76 ====== =========================================== [ 1] 1 2 3 4 5 6 7 8 9 10 ===================================================...

  • Page 77: About Telnet And Snmp Management Interfaces

    6.3 About Telnet and SNMP Management Interfaces 6.3.1 About Telnet Management Interface If you want to use Telnet to manage the switch from remote site, you have to set the IP/NetMask/Gateway address to the switch first from console. Then use "telnet <IP>"...

  • Page 78: Management With Http Connection

    6.4 Management with Http Connection Users can manage the switch with Http Web Browser connection. The default IP setting is 192.168.1.1 and NetMask 255.255.255.0. The default IP Gateway is 192.168.1.254. Before http connection, IP address configuration of the switch could be changed first. 1 Please follow the instruction in Section 6.2 to complete the console connection.
  • Page 79 Left part of the homepage is a function list. Users can select one of them for status monitoring or switch configuration. Upper part of the homepage is the link status of the switch. Three different colors are used to show different status of ports – Link Up, Link Down and Port Disable.

  • Page 80: System

    6.4.1 System “System Information” is the homepage of the switch. And there are four sub- functions for it. 1). System Information This function lists the system information about the switch. You can find the firmware version, Mac address, connection port number, and maximum VLAN group number here.
  • Page 81 automatically. Or, disable DHCP client function and set IP configuration manually. Management VLAN : This is used to setup the VLAN ID for remote management interface of the switch. Only users in the same VLAN can manage the switch remotely. For example, setting it to “5” will allow users in the VLAN with VLAN ID 5 to manage the switch remotely.
  • Page 82 About [Daylight Saving Time] ... Daylight Saving Time function will set the system time one-hour early than normal time in a period of time. [Start Time] and [End Time] can be used to set the time period. 4). Log [Configuration] Users can configure System Log function and view log records here.
  • Page 83 Remote Log : This can enable/disable remote syslog function. Remote Log Server IP : This is the syslog server IP for remote logging. Up to five syslog servers is supported. Event logs will be sent to those syslog servers at the same time.

  • Page 84: Snmp

    6.4.2 SNMP This function is used to configure SNMP function of the switch. This switch supports SNMP v1, v2c, and v3 agent function and MIB II(Interface), Bridge MIB, 802.1Q MIB and Private MIB. [System Information] Object ID: this is the SNMP Object ID of the switch for SNMP management. Up Time: this is the power-up running time of the switch.
  • Page 85 [SNMP — IP Trap Manager] Trap function will send notice message to SNMP management station when some events happen. Up to five SNMP management stations are supported for Trap function. The community string and enable/disable setting for each trap are set here. [User Information] This is used to configure SNMPv3 administrator settings.

  • Page 86: Security

    6.4.3 Security This function is used to configure security functions of the switch. Those security functions are Administrator Management Security, Mac ID Access Security, and 802.1x Authentication Security. 1). User Accounts (Administrator Management Security) Administrator Username/Password : This is for network administrator to change his/her username and password.
  • Page 87 This is used to setup the IP addresses that can manage this switch. They have different access rights set in “Mode”. And the remote management interfaces (Http/Telnet/SNMP) could be enable/disable for different administrators. This function is for security policy of switch management. Note: Remember to enable at least one IP/Subnet with Modify right for Http/ Telnet/SNMP interface.
  • Page 88 network. Other Mac addresses will be rejected by the port. Sometimes it is called “Mac-Port Binding”. Follow the steps to configure it. Set the “Security Control” to “Accept” on those ports that will apply static Mac ID security. Then click [Apply]. Set Static Mac Addresses that are allowed for network access at [Static Address] of [Address Table] function.
  • Page 89 The function here is for 802.1x function configuration. 802.1x Authentication Status: [Enable/Disable/Transparent] Enable: enable 802.1x function in authentication mode Disable: disable 802.1x function Transparent: only forwarding 802.1x packets Re-authentication (enable/disable), Timeout Period and Max Count: The re-authentication function will re-authenticate users after the timeout period.
  • Page 90 from RADIUS Server. [Radius Server Configuration] This function is for the configuration between switch and RADIUS server. You can assign the IP address of Radius Server, the protocol port number, and the security key. [Port Authentication Configuration] The Port Authentication Configuration is used to select the authentication mode for each port of the switch.
  • Page 91 Because it is a subnet specified by IP address/Network ID Number(0~32, or called Subnet Mask), the start IP address, end IP address and allowed IP address number are shown in the table. If some specified IP address will be assigned, set the Subnet Mask as 32. For example, 192.168.1.82/32.

  • Page 92: Port

    6.4.4 Port This section is about configurations for ports. For port speed setting, maximum packet size setting, mirror port setting, port bandwidth limit, and port statistics. 1). Port Configuration This function is used to configure port settings of the switch. You can enable /disable a port, set it to fixed 10M or 100M or 1000M ...
  • Page 93 Port Setting : It is for modifying the setting of port. Follow the steps to do it. Select the port that you want to modify in “Port#” first. Fill the name of the port. Select Enable/Disable state in “Admin”. If Disable is selected, this port will be disabled for any network access.
  • Page 94 Flow Control: It shows current Flow Control function status of ports. Power Saving: It shows current Power Saving enable/disable status of ports. MDI/MDI-X: It shows current MDI/MDI-X setting of ports. Link: It shows the link status of each port. 3). Max Packet Length This switch supports Jumbo Frame function.
  • Page 95 Mode: This is used to enable/disable Mirror function. Monitering Port: This is used to set the capture port. The switch will copy the traffic from Monitored Port to this port if Mirror function is enabled. Monitored Port: This is the monitored port. The switch will copy the traffic from this port to Monitoring Port.
  • Page 96 Click [Apply] after the setting. Select the Port Number. Enter the rate limit level for Ingress and Egress traffics. “0” means NO LIMIT. Click [Apply] after the setting. About “Packet Drop for Ingress Limit” function ... When Ingress traffic rate exceeds Ingress Rate Limit, the switch can drop packets or pause the traffic.
  • Page 97 Port statistics counters could be read here. Select a port to get its counters. [ Refresh ] The counters will be refreshed automatically. You can modify the refresh interval. And you can click [Refresh] to refresh the counters immediately. [ Reset Counters ] Click [Reset Statistics] can reset the counters to “0”.

  • Page 98: Address Table

    6.4.5 Address Table These are functions about Mac address table. They are “Static Address Assign”, “Dynamic Address Table”, and “Aging Time Setup”. 1). Static Addresses This switch supports static Mac address assignment. You can assign static Mac addresses by the following steps ... Give an Entry ID.
  • Page 99 About Port Security function . . . You can configure “Mac Security Configuration” function (in “Security” page) for port access security with Mac address. Select “Accept” for such security application.. 2). Dynamic Addresses This function can show the dynamic Mac addresses learned by the switch. This table will refresh every 30 seconds.
  • Page 100 3). Address Aging The switch will learn Mac addresses to an ARL table automatically. And follow the table to do packet forwarding operation. If Mac addresses are not received for some time, the Mac addresses will be removed from the table. This operation is called aging.

  • Page 102: Spanning Tree

    6.4.6 Spanning Tree Spanning Tree Protocol can prevent traffic looping in network. It can be configured for switch unit (bridge) and port unit. If spanning tree function is enabled, any link down to link up will have several seconds delay for the port going to forwarding state.
  • Page 103 [Setting of Port] Click [Configuration STA Port]. You can configure RSTP/STP on ports. Bridge Port Number is the Ethernet port that will be configured. Port Priority (0~240) : If the path cost for all ports on a switch are the same, the port with the highest priority (lowest value) will be forwarded when looping happens.

  • Page 104: Vlan

    6.4.7 VLAN This switch supports 802.1Q VLAN, Port-based VLAN, and Private VLAN. 1). 802.1Q VLAN 1-1). 802.1Q VLAN 802.1Q VLAN : This is used to enable/disable 802.1Q VLAN function. GVRP : The GVRP protocol can learn remote 802.1Q VLAN on other switches and add to dynamic 802.1Q VLAN table.
  • Page 105 1-2).VLAN Tag Rules For 802.1Q VLAN, every port could be tag port or untag port. Tag port will always send tagged packets and is used for switch-to-switch cascading. It is a VLAN trunk connection because there could be more than one VLAN working through it.
  • Page 106 1-3). VLAN Stacking VLAN Stacking function allows two VLAN tags in a packet for 802.1Q VLAN tunnelling application through a central network. For VLAN Stacking operation, port role definition is needed for each port. There are three roles for a port - Normal, Tunnel, and Access. Normal - It will set the port(s) as normal 802.1Q VLAN port(s).
  • Page 107 1-4). Static 1Q VLAN This function is used to maintain 802.1Q static VLAN. Create an 802.1Q VLAN: Input the VLAN ID and VLAN Name in “Create New Static VLAN”. Click [Create] to create the VLAN. The valid VLAN ID is 1 ~ 4094. Select the VLAN in “Modify Static VLAN Table”.
  • Page 108 1-5). VLAN Table This table will show the activity of 802.1Q VLAN. Both static and dynamic 802.1Q VLAN will be shown in the table. For ports, “S” means static member and “D” means dynamic member. If GVRP protocol is enabled, this table will also show the learned remote 802.1Q VLAN.
  • Page 109 2-1). Configuration Creating Private VLAN, do the steps first. Create VLAN groups, and define as “Primary”, “Community”, or “Isolated”. Associate Community VLAN with Primary VLAN. If more than one Primary VLAN, select Primary VLAN first and then do the association. See the following picture.
  • Page 110 2-2). Port Configuration After VLANs are created, assign ports to VLANs. There are three types for a port - Normal, Host, and Promiscuous. “Normal” is for ports doing normal 802.1Q operation instead of Private VLAN. “Host” is for ports that could be in Community VLAN or Isolated VLAN. “Promiscuous”...
  • Page 111 3). Port-based VLAN Follow the steps to configure Port-based VLAN. Enable Port-based VLAN. And click [Apply] button. Give VLAN name. Select ports for each VLAN. Click [Apply] button. Note: About Concentration VLAN This is a very popular application for VLAN setting.
  • Page 112 Port 10 is the uplink port. Port 1~9 are isolated to each other but communicate with Port 10 (uplink port).

  • Page 113: Qos

    6.4.8 QoS This switch supports Port-based priority, 802.1P priority, and DSCP priority. These priority operations could be enable/disable on each port. For 802.1P and DSCP priority operations, their priority values can be mapped to four priority queues on each port of the switch for QoS operation. 1).
  • Page 114 [Configure DSCP Priority] button : Click this button can go to the “IP Differential Service (DiffServ) Configuration” page for DSCP priority values (0~63) to priority queue mapping setting. [802.1P Priority Mapping] For 802.1P priority, priority value (0~7) in VLAN tag will be used for QoS operation.
  • Page 115 [DiffServ Priority Mapping] DSCP priority operation will use the priority setting in ToS field of IP packets for QoS operation. Seven DSCP values (0~63) could be defined and map to priority queues (High /Middle/Normal/Low). This mapping is done by port. And “All” could be selected for every port. If DSCP priority function is enabled, these settings will be followed for QoS operation.
  • Page 116 If Strict Priority is selected, packets in higher priority queues will always get bandwidth service first. Lower priority queues will get service when higher priority queues are empty. If WRR is selected, priority queues will be served with the weighting of priorities. And the setting of weight could be configured at “Queue Scheduling”.

  • Page 117: Igmp

    6.4.9 IGMP This switch supports IGMP Snooping function for IP Multicast traffic. Switch will learn IP Multicast Groups from IGMP protocol packets. Here is for IGMP function configuration settings. 1). IGMP Configuration IGMP Status: this is used to enable/disable IGMP function. IGMP Querying: this is used to enable/disable IGMP Query function.
  • Page 118 2). IP Multicast Registration Table This table will show the learned IP multicast groups. 3).MVR VLAN This page is used to configure MVR (Multicast VLAN Registration) function. VLAN function will isolate traffic between VLAN groups. But it will also isolate IP multicast traffic for subscribers in different VLANs.
  • Page 119 Complete 802.1Q VLAN setting first. Enable IGMP snooping function first. This switch supports three MVR VLANs and MVR VLAN can be created in this page. Here is the description about those settings. Active – this MVR VLAN is enabled/disabled. Name – you can assign a name for the MVR VLAN for identification. Multicast VLAN ID –...
  • Page 120 After the MVR VLAN is configured, you can assign IP multicast groups (video channels) to the MVR VLAN in “MVR Group” page. You can assign more than one IP multicast groups (video channels) to one MVR VLAN. Assigning IP multicast groups to MVR VLAN, you have to select one MVR VLAN first.

  • Page 121: Trunk

    6.4.10 Trunk This switch supports up to eight trunk groups. And the trunk could be configured with static assigned or by LACP (Link Aggregation Control Protocol) protocol. 1). Trunk Information This table is used to assign ports to Trunk groups statically. Follow the steps to do it.
  • Page 122 This page is used to configure LACP function. With LACP protocol, switches can learn trunk connections automatically. Follow the steps to do it. (*Don’t connect trunk cables until this function is set.) Enable Trunk function at “Trunk Information” page first. Then click [Apply]. Assign System Priority.
  • Page 123 You can see current port status with colors. If LACP trunk is created, another port groups message will be shown. Click [Refresh] can update the status information. The following table will show the LACP enable/disable status of each port. Port number and port key of the partner switch will also be shown in the table when LACP Trunk is running.

  • Page 124: Dhcp Relay Agent Option 82

    6.4.11 DHCP Relay Agent Option 82 DHCP Relay function will control DHCP requests and forward DHCP requests to the assigned DHCP server. DHCP Relay Agent Option 82 function will add connection port, VLAN ID and switch information to DHCP requests and then send to the specified DHCP server.
  • Page 125 Mac Address - this is the Mac Address of the switch. For example, “000000828ce6” in hexadecimal numbers. If the Option 82 of DHCP request meets these settings, DHCP server will assign the IP configuration according to this Option 82 content. Here are the setup item in this web page.

  • Page 126: Tools

    6.4.12 Tools The follow functions are used for system maintenance. They are Software Upgrade, Configuration Backup/Restore, Restore Factory Default, Reset System, and Ping functions. 1). Tools Information Four functions are supported as the system maintenance tools. System Upgrade : This function will upgrade the system operation software from the web management PC.
  • Page 127 This function is used to ping network devices from the switch. It can be used to verify network connection. Target IP address : This is the target IP address for the ping operation. Count : This is the repeat count for the ping operation. Time Out : This is the timeout value for the ping operation.

  • Page 128: Software Update And Backup

    7. Software Update and Backup This switch supports software update and configuration backup/update/restore functions. It could be done in two ways. 1. From console when booting: by Xmodem protocol and doing by terminal program. This function can be used for run-time code and boot code updating. (Boot code works only at boot time - before the main program starts.) Press Ctrl-C when the switch is booting, the following message will be shown.

  • Page 129: Product Specifications

    A. Product Specifications [ 8TX+2SFP Model ] Ethernet, CSMA/CD Access Method IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE Standards Conformance IEEE 802.3z, IEEE 802.3ab (1000Base) 10/100/1000Mbps, Communication Rate Full / Half duplex (auto-negotiation) Auto-detect (forced mode is supported) MDI/MDIX LEDs for each unit : Power, System Indicator Panel each port : Link/Act(Green:1000M, Yellow:10/100M), FDX/Col.
  • Page 130 http(s), telnet, and SNMP In-band Management v1,v2c,v3 agent, support MIB-II,Bridge MIB,802.1Q SNMP MIB and Private MIB Software Update/Backup by http/TFTP protocols, Xmodem, for firmware and configuration(binary/text)
  • Page 131 [ 24TX+4SFP Model ] Ethernet, CSMA/CD Access Method IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE Standards Conformance IEEE 802.3z, IEEE 802.3ab (1000Base) 10/100/1000Mbps, Communication Rate Full / Half duplex (auto-negotiation) Auto-detect (forced mode is supported) MDI/MDIX LEDs for each unit : Power, System Indicator Panel each port : Link/Act(Green:1000M, Yellow:10/100M), FDX/Col.
  • Page 132 v1,v2c,v3 agent, support MIB-II,Bridge MIB,802.1Q SNMP MIB and Private MIB Software Update/Backup by http/TFTP protocols, Xmodem, for firmware/ configuration(binary/text)

  • Page 133: Compliances

    B. Compliances EMI Certification FCC Class A Certification (USA) Warning: This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause interference to radio communications. It has been tested and found to comply with the limits for a Class A digital device pursuant to Subpart B of Part 15 of FCC Rules, which are designed to provide reasonable protection against such interference when operated in a commercial environment.

  • Page 134: Warranty

    C. Warranty We warrant to the original owner that the product delivered in this package will be free from defects in material and workmanship for a period of one year from the date of purchase from us or the authorized reseller. The warranty does not cover the product if it is damaged in the process of being installed.

This manual is also suitable for:

Gsw3424m

Table of Contents