Advantech EKI-9228G-8CMI User Manual
  1. Manuals
  2. Brands
  3. Advantech Manuals
  4. Switch
  5. EKI-9228G-8CMI
  6. User manual

Advantech EKI-9228G-8CMI User Manual

Eki-9228g series 16xrj45 + 4xsfp + 8xcombo port full gigabit l2 managed switch
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
User Manual
EKI-9228G Series
16xRJ45 + 4xSFP + 8xCombo Port
Full Gigabit L2 Managed Switch

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the EKI-9228G-8CMI and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Advantech EKI-9228G-8CMI

Summary of Contents for Advantech EKI-9228G-8CMI

  • Page 1 User Manual EKI-9228G Series 16xRJ45 + 4xSFP + 8xCombo Port Full Gigabit L2 Managed Switch...
  • Page 2 No part of this manual may be reproduced, copied, translated or transmitted in any form or by any means without the prior written permission of Advantech Co., Ltd. Information provided in this manual is intended to be accurate and reliable. How- ever, Advantech Co., Ltd.

  • Page 3: Declaration Of Conformity

    This product has passed the CE test for environmental specifications when shielded cables are used for external wiring. We recommend the use of shielded cables. This kind of cable is available from Advantech. Please contact your local supplier for ordering information.

  • Page 4: Document Feedback

    Technical Support and Assistance Visit the Advantech web site at www.advantech.com/support where you can find the latest information about the product. Contact your distributor, sales representative, or Advantech's customer service center for technical support if you need additional assistance. Please have the following information ready before you call: –...

  • Page 5: Safety Instructions

    The sound pressure level at the operator's position according to IEC 704-1:1982 is no more than 70 dB (A). DISCLAIMER: This set of instructions is given according to IEC 704-1. Advantech disclaims all responsibility for the accuracy of any statements contained herein.
  • Page 6 Der arbeitsplatzbezogene Schalldruckpegel nach DIN 45 635 Teil 1000 beträgt 70dB(A) oder weiger. Haftungsausschluss: Die Bedienungsanleitungen wurden entsprechend der IEC- 704-1 erstellt. Advantech lehnt jegliche Verantwortung für die Richtigkeit der in die- sem Zusammenhang getätigten Aussagen ab. EKI-9228G Series User Manual...
  • Page 7 Safety Precaution - Static Electricity Follow these simple precautions to protect yourself from harm and the products from damage.  To avoid electrical shock, always disconnect the power from your PC chassis before you work on it. Don't touch any components on the CPU card or other cards while the PC is on.

  • Page 8: Table Of Contents

    Contents Chapter Product Overview ....... 1 Supported Models..................2 Specifications.................... 2 Hardware Views..................3 1.3.1 Front View..................3 Figure 1.1 Front View ..............3 1.3.2 Rear View ..................3 Figure 1.2 Front View ..............3 Figure 1.3 System LED Panel ........... 4 Chapter Switch Installation ......
  • Page 9 3.1.3 Administrative Interface Access..........19 3.1.4 Using the Graphical (Web) Interface........... 20 3.1.5 Configuring the Switch for Network Access ........ 20 3.1.6 Configuring the Ethernet Ports............ 21 Command Line Interface Configuration ..........21 3.2.1 Introduction to Command-Line Interface (CLI)......21 3.2.2 Accessing the CLI ...............
  • Page 10 Interface Configuration ........... 44 Figure 4.26 System > Advanced Configuration > Email Alerts > Global ..............44 Figure 4.27 System > Advanced Configuration > Email Alerts > Test ................ 45 Figure 4.28 System > Advanced Configuration > Email Alerts > Server..............
  • Page 11 Supported MIBs............64 Figure 4.56 System > Advanced Configuration > SNMP > Access Control Group ............65 Figure 4.57 System > Advanced Configuration > SNMP > Access Control Group > Add ..........66 Figure 4.58 System > Advanced Configuration > SNMP > User Security Model............
  • Page 12 4.3.5 Connectivity ................89 Figure 4.87 System > Connectivity > IPv4 ........ 90 Figure 4.88 System > Connectivity > IPv6 ........ 91 Figure 4.89 System > Connectivity > IPv6 Neighbors ....92 Figure 4.90 System > Connectivity > IPv6 Neighbors > Add ..93 Figure 4.91 System >...
  • Page 13 4.3.13 Summary................... 131 Figure 4.135System > Summary > Dashboard ......131 Figure 4.136System > Summary > Description ......133 Figure 4.137System > Summary > Inventory ......133 Figure 4.138System > Summary > MAC Address Table..134 4.3.14 Users..................135 Figure 4.139System > Users > Accounts ......... 135 Figure 4.140System >...
  • Page 14 Figure 4.172Switching > IPv6 DHCP Snooping > Base > Dynamic Bindings..............162 Figure 4.173Switching > IPv6 DHCP Snooping > Base > Persistent Figure 4.174Switching > IPv6 DHCP Snooping > Base > Statistics 4.4.4 DVLAN..................164 Figure 4.175Switching > DVLAN > Configuration ....165 Figure 4.176Switching >...
  • Page 15 Figure 4.207Switching > MLD Snooping > Multicast Router VLAN Status ..............189 Figure 4.208Switching > MLD Snooping > Multicast Router VLAN Status > Add ............190 4.4.11 MLD Snooping Querier ............. 190 Figure 4.209Switching > MLD Snooping Querier > Configuration.. Figure 4.210Switching >...
  • Page 16 Figure 4.246Switching > Spanning Tree > CST ....... 221 Figure 4.247Switching > Spanning Tree > CST Port ....222 Figure 4.248Switching > Spanning Tree > Statistics....224 4.4.20 VLAN ..................224 Figure 4.249Switching > VLAN > Status ........225 Figure 4.250Switching > VLAN > Status > Add......226 Figure 4.251Switching >...
  • Page 17 Figure 4.289Security > Port Access Control > Privileges Summary Figure 4.290Security > Port Access Control > History Log Summary .............. 265 4.6.2 RADIUS ..................265 Figure 4.291Security > RADIUS > Configuration ..... 266 Figure 4.292Security > RADIUS > Named Server....266 Figure 4.293Security >...
  • Page 18 Troubleshooting ..................305 EKI-9228G Series User Manual xviii...

  • Page 19: Product Overview

    Chapter Product Overview...

  • Page 20: Supported Models

    -40 ~ 85°C (-40 ~ 185°F) Temperature Ambient Relative 10 ~ 95% (non-condensing) Humidity Switch Properties MAC Address 16K-entry  Power Power EKI-9228G-8CMI:19.21 W @ 48V Consumption  EKI-9228G-8COI:19.24 W @ 110V  Power Input EKI-9228G-8CMI: 48V  EKI-9228G-8COI: 90~264AC/88~370V ...

  • Page 21: Hardware Views

    Hardware Views 1.3.1 Front View The following view applies to EKI-9228G-8CMI and EKI-9228G-8COI. LINK/ACT Speed Console EKI-9228G Speed Reset LINK/ACT Speed Figure 1.1 Front View No. Item Description System LED panel See “System LED Panel” on page 4 for further details.

  • Page 22: Figure 1.3 System Led Panel

    1.3.2.1 System LED Panel Console EKI-9228G Speed Reset Figure 1.3 System LED Panel No. LED Name LED Color Description Yellow on Blink yellow (1Hz) Configuration changed, but unsaved. Blink yellow (3Hz) TBD Blink yellow (5Hz) TBD Configuration saved. Green on When the EKI switch system ready.

  • Page 23: Switch Installation

    Chapter Switch Installation...

  • Page 24: Warnings

    Warnings Warning: Before working on equipment that is connected to power lines, remove any jewelry (including rings, necklaces, and watches). Metal objects can heat up when EKI-9228G Series User Manual...
  • Page 25 connected to power and ground, which can cause serious burns or weld the metal object to the terminals. Caution! Exposure to chemicals can degrade the sealing properties of materials used in the sealed relay device. Caution! It is not recommended to work on the system or connect or disconnect cables during periods of lightning activity.

  • Page 26: Installation Guidelines

    Caution! To prevent the system from overheating, do not operate it in an area that exceeds the maximum recommended ambient temperature of: 70°C (158°F). Caution! If the switch is to be installed in a hazardous location, ensure that the DC power source is located away from the vicinity of the switch. Caution! The installation of the equipment must comply with all national and local electrical codes.

  • Page 27: Environment And Enclosure Guidelines

    Environment and Enclosure Guidelines Review these environmental and enclosure guidelines before installation: This equipment is intended for use in a Pollution Degree 2 industrial environment, in overvoltage Category II applications (as defined in IEC publication 60664-1), at alti- tudes up to 9842 ft (3 km) without derating. This equipment is considered Group 1, Class A industrial equipment, according to IEC/CISPR Publication 11.

  • Page 28: Installing The Switch

    Installing the Switch 2.5.1 Rack-Mounting Align the rack mount brackets with the holes on the switch. Secure the rack mount brackets with the provided screws. CF G Co nso SY S AL M EK I-9 22 8G PW 1 LINK /AC Spe ed PW 2 Spe ed...

  • Page 29: Installing Sfp Modules

    2.6.1 Installing SFP Modules To connect the fiber transceiver and LC cable, use the following guidelines: Remove the dust plug from the fiber optic slot chosen for the SFP transceiver. Figure 2.3 Removing the Dust Plug from an SFP Slot Note! Do not remove the dust plug from the SFP slot if you are not installing the transceiver at this time.

  • Page 30: Removing Sfp Modules

    Insert the fiber cable into the transceiver. The connector snaps into place and locks. Figure 2.5 Attaching a Fiber Optic Cable to a Transceiver Repeat the previous procedures to install any additional SFP transceivers in the switch. The fiber port is now setup. 2.6.2 Removing SFP Modules To disconnect an LC connector, use the following guidelines:...

  • Page 31: Connecting The Switch To Ethernet Ports

    Connecting the Switch to Ethernet Ports 2.7.1 RJ45 Ethernet Cable Wiring For RJ45 connectors, data-quality, twisted pair cabling (rated CAT5 or better) is rec- ommended. The connector bodies on the RJ45 Ethernet ports are metallic and con- nected to the GND terminal. For best performance, use shielded cabling. Shielded cabling may be used to provide further protection.

  • Page 32: Power Supply Installation

    DB9 Connector RJ45 Connector 1 Orange/White 2 Orange 3 Green/White 4 Blue 5 Blue/White 6 Green 7 Brown/White 8 Brown Figure 2.11 Pin Assignment Power Supply Installation 2.9.1 Overview Warning! Power down and disconnect the power cord before servicing or wiring the switch.

  • Page 33: Considerations

    redundant power configuration is supported through a secondary power supply unit to reduce network down time as a result of power loss. Dual power inputs are supported and allow you to connect a backup power source. Single DC Power Redundant DC Power P2 P1 P2 P1 Chassis...

  • Page 34: Wiring A Relay Contact

    Caution! Do not service equipment or cables during periods of lightning activity. Caution! Do not service any components unless qualified and authorized to do Caution! Do not block air ventilation holes. 2.9.4 Wiring a Relay Contact The following section details the wiring of the relay output. The terminal block on the EKI-9228G Series is wired and then installed onto the terminal receptor located on the EKI-9228G Series.

  • Page 35: Reset Button

    There are two power inputs for normal and redundant power configurations. The power input 2 is used for wiring a redundant power configuration. See the following for terminal block connector views. PWR2 PWR1 V+ V-GND V+ V-GND Figure 2.14 Terminal Receptor: Power Input Contacts To wire the power inputs: Make sure the power is not connected to the switch or the power converter before proceeding.

  • Page 36: Configuration Utility

    Chapter Configuration Utility...

  • Page 37: First Time Setup

    First Time Setup 3.1.1 Overview The Industrial Ethernet Managed Switch is a configurable device that facilitates the interconnection of Ethernet devices on an Ethernet network. This includes comput- ers, operator interfaces, I/O, controllers, RTUs, PLCs, other switches/hubs or any device that supports the standard IEEE 802.3 protocol. This switch has all the capabilities of a store and forward Ethernet switch plus advanced management features such as SNMP, RSTP and port mirroring.

  • Page 38: Using The Graphical (Web) Interface

    3.1.4 Using the Graphical (Web) Interface The graphical interface is provided via a web server in the switch and can be accessed via a web browser such as Opera, Mozilla, or Internet Explorer. Note! JavaScript must be supported and enabled in your browser for the graphical interface to work correctly.

  • Page 39: Configuring The Ethernet Ports

    3.1.6 Configuring the Ethernet Ports The switch comes with default port settings that should allow you to connect to the Ethernet Ports with out any necessary configuration. Should there be a need to change the name of the ports, negotiation settings or flow control settings, you can do this in the Port Configuration menu.

  • Page 40: Accessing The Cli

    – parameter will specify the parameter within the section. For example, the net- work section will have parameters for DHCP, IP address, subnet mask, and default gateway. – value is the new value of the parameter. If value is omitted, the current value is displayed.

  • Page 41: Chapter 4 Managing Switch

    Chapter Managing Switch...

  • Page 42: Log In

    Log In To access the login window, connect the device to the network, see “Connecting the Ethernet Media” on page 16. Once the switch is installed and connected, power on the switch see the following procedures to log into your switch. When the switch is first installed, the default network configuration is set to DHCP enabled.

  • Page 43: System

    In the Password field, type in the new password. Re-type the same password in the Confirm field. Click Submit to change the current account settings. Figure 4.3 Changing a Default Password After saving all the desired settings, perform a system save (Save Configuration). The changes are saved.
  • Page 44 Item Description Access Type The way the user accesses the system. This field can be configured only when adding a new authentication list, and only the Login and Enable access types can be selected. The access types are as fol- lows: ...

  • Page 45: Figure 4.5 System > Aaa > Authentication List > Add

    Click System > AAA > Authentication List > Add. Figure 4.5 System > AAA > Authentication List > Add The following table describes the items in the previous figure. Item Description Authentication Methods Available Methods The authentication methods that can be used for the authentication list.

  • Page 46: Figure 4.7 System > Aaa > Accounting List

    The following table describes the items in the previous figure. Item Description Terminal Console The Login authentication list and the Enable authentication list to apply to users who attempt to access the CLI by using a connection to the console port. Telnet The Login authentication list and the Enable authentication list to apply to users who attempt to access the CLI by using a Telnet ses-...

  • Page 47: Figure 4.8 System > Aaa > Accounting List > Add

    Item Description Method Options The method(s) used to record user activity. The possible methods are as follows:  TACACS+: Accounting notifications are sent to the configured TACACS+ server.  Radius: Accounting notifications are sent to the configured RADIUS server. List Type The type of accounting list, which is one of the following: ...

  • Page 48: Advanced Configuration

     Exec: The accounting list to record user login and logout times.  Commands: The accounting list to record which actions a user takes on the sys- tem, such as page views or configuration changes. This list also records the time when the action occurred.

  • Page 49: Global

    To access this page, click System > Advanced Configuration > DHCP Server > Global. Figure 4.10 System > Advanced Configuration > DHCP Server > Global The following table describes the items in the previous figure. Item Description Admin Mode Enables or disables the DHCP server administrative mode. When enabled, the device can be configured to automatically allocate TCP/ IP configurations for clients.

  • Page 50: Pool Summary

    Item Description The highest address to exclude in a range of addresses. If the excluded address is not part of a range, this field shows the same value as the From field. When adding a single IP address to exclude, you can enter the same address specified in the From field or leave the field with the default value.
  • Page 51 Item Description Type The type of binding for the pool. The options are:  Manual: The DHCP server assigns a specific IP address to the client based on the client's MAC address. This type is also known as Static.  Dynamic: The DHCP server can assign the client any available IP address within the pool.
  • Page 52 Item Description Network Mask The subnet mask associated with the Network Base Address that sep- arates the network bits from the host bits (for dynamic pools only). Client Name The system name of the client. The Client Name should not include the domain name.
  • Page 53 To access this page, click System > Advanced Configuration > DHCP Server > Pool Configuration. Figure 4.15 System > Advanced Configuration > DHCP Server > Pool Configuration The following table describes the items in the previous figure. Item Description Pool Name Select the pool to configure.
  • Page 54 Item Description Lease Expiration Indicates whether the information the server provides to the client should expire.  Enable: Allows the lease to expire. If you select this option, you can specify the amount of time the lease is valid in the Lease Duration field.

  • Page 55: Figure 4.16 System > Advanced Configuration > Dhcp Server Pool Options

    To access this page, click System > Advanced Configuration > DHCP Server > Pool Options. Figure 4.16 System > Advanced Configuration > DHCP Server > Pool Options The following table describes the items in the previous figure. Item Description Pool Name Select the pool to configure.

  • Page 56: Pool Options > Add Vendor Option

    Click System > Advanced Configuration > DHCP Server > Pool Options > Add Vendor Option. Figure 4.17 System > Advanced Configuration > DHCP Server > Pool Options > Add Vendor Option The following table describes the items in the previous figure. Item Description Option Code...

  • Page 57: Bindings

    Item Description Submit Click Submit to save the values. Cancel Click Cancel to close the window. Bindings Use the DHCP Server Bindings page to view information about the IP address bind- ings in the DHCP server database. To access this page, click System > Advanced Configuration > DHCP Server > Bindings.
  • Page 58 The following table describes the items in the previous figure. Item Description Automatic Bindings The total number of IP addresses from all address pools with auto- matic bindings that the DHCP server has assigned to DHCP clients. Expired Bindings The number of IP addresses that the DHCP server has assigned to DHCP clients that have exceeded the configured lease time.

  • Page 59: Configuration

    To access this page, click System > Advanced Configuration > DHCP Server > Conflicts. Figure 4.21 System > Advanced Configuration > DHCP Server > Conflicts The following table describes the items in the previous figure. Item Description IP Address The IP address that has been detected as a duplicate. Detection Method The method used to detect the conflict, which is one of the following: ...

  • Page 60: Mapping

    The following table describes the items in the previous figure. Item Description Admin Mode The administrative mode of the DNS client. Default Domain The default domain name for the DNS client to use to complete Name unqualified host names. Domain names are typically composed of a series of labels concatenated with dots.

  • Page 61: Mapping > Add

    Item Description IP Address The IPv4 or IPv6 address associated with the configured Host Name. For Static entries, specify the IP Address after you click Add. You can specify either an IPv4 or an IPv6 address. Total Time The number of seconds that the entry will remain in the table. The function is only available for Dynamic entries.

  • Page 62: Interface Configuration

    To access this page, click System > Advanced Configuration > DNS > Source Interface Configuration. Figure 4.25 System > Advanced Configuration > DNS > Source Interface Configuration The following table describes the items in the previous figure. Item Description Type The type of interface to use as the source interface: ...

  • Page 63: Test

    Item Description Log Duration Determines how frequently the non critical messages are sent to the (Minutes) SMTP server. Submit Click Submit to save the values and update the screen. Refresh Click Refresh to update the screen. Cancel Click Cancel to restore default value. Test Use the Email Alert Test page to verify that the Email alert settings are configured properly.

  • Page 64: Server > Add

    Item Description Password If the Security is TLSv1, this field specifies the password associated with the configured user name for mail server access. When adding or editing the server, you must retype the password to confirm that it is entered correctly. Refresh Click Refresh to update the screen.

  • Page 65: Subject

    Item Description Number of Emails The number of email alerts that failed to be sent since the counters Failed were cleared or system was reset. Time Since Last The amount of time in days, hours, minutes, and seconds that has Email Sent passed since the last email alert was successfully sent.

  • Page 66: Address > Add

    To add a new Email alert to address: Click System > Advanced Configuration > Email Alerts > Address > Add. Figure 4.33 System > Advanced Configuration > Email Alerts > Address > Add The following table describes the items in the previous figure. Item Description To Address...

  • Page 67: Table

    Item Description Hold Time Interval The number of seconds the neighbor device should consider the infor- (Seconds) mation it receives in an ISDP packet to be valid. Device ID The identification information the device advertises to its neighbors in the ISDP packets. Device ID Format The possible formats that the device can use for identification pur- Capability...
  • Page 68 Interface Use the ISDP Interface Configuration page to configure the ISDP settings for each interface. To access this page, click System > Advanced Configuration > ISDP > Interface. Figure 4.36 System > Advanced Configuration > ISDP > Interface The following table describes the items in the previous figure. Item Description Interface...

  • Page 69: Dependency > Group

    Item Description ISDPv1 Packets The total number of ISDP version 1 packets transmitted by the device. Transmitted ISDPv2 Packets The total number of ISDP version 2 packets received by the device. Received ISDPv2 Packets The total number of ISDP version 2 packets transmitted by the device. Transmitted Bad Header The total number of ISDP packets received with bad headers.

  • Page 70: Dependency > Group > Add

    Item Description Link Action The action performed on downstream interfaces when the upstream interfaces are down, which can be one of the following:  Up: Downstream interfaces are up when upstream interfaces are down.  Down: Downstream interfaces go down when upstream inter- faces are down.

  • Page 71: Denial Of Service

    Item Description Submit Click Submit to save the values. Cancel Click Cancel to close the window. 4.3.2.6 Protection Denial of Service Use the Denial of Service (DoS) Configuration page to configure DoS control. FAST- PATH SMB software provides support for classifying and blocking specific types of DoS attacks.
  • Page 72 Item Description TCP Fragment Enable this option to allow the device to drop packets that have a TCP payload where the IP payload length minus the IP header size is less than the minimum allowed TCP header size. TCP Offset Enable this option to allow the device to drop packets that have a TCP header Offset set to 1.
  • Page 73 agent on the device. The sFlow agent can send packet sampling data to multiple sFlow receivers on the network. To access this page, click System > Advanced Configuration > sFlow > Receiver. Figure 4.42 System > Advanced Configuration > sFlow > Receiver The following table describes the items in the previous figure.

  • Page 74: Add

    The following table describes the items in the previous figure. Item Description Poller Data Source The sFlowDataSource for this sFlow poller. The sFlow agent supports physical ports as sFlow data sources. Receiver Index The sFlowReceiver for this sFlow counter poller. The specified Receiver Index must be associated with an active sFlow receiver.

  • Page 75: Add

    To access this page, click System > Advanced Configuration > sFlow > Sampler. Figure 4.45 System > Advanced Configuration > sFlow > Sampler The following table describes the items in the previous figure. Item Description Sampler Data Source The sFlowDataSource for this sFlow sampler. The sFlow agent sup- ports physical ports as sFlow data sources.

  • Page 76: Interface Configuration

    Source Interface Configuration Use the sFlow Source Interface Configuration page to specify the physical or logical interface to use as the sFlow client source interface. When an IP address is config- ured on the source interface, this address is used for all sFlow communications between the local sFlow client and the remote sFlow server.

  • Page 77: Community > Add Community

    The following table describes the items in the previous figure. Item Description Community Name Community name used in SNMPv1/v2 packets. This is configured in the client and identifies the access the user may connect with. Security Name Identifies the security entry that associates communities and Groups for a specific access type.

  • Page 78: Community > Add Community Group

    Click System > Advanced Configuration > SNMP > Community > Add Commu- nity Group. Figure 4.50 System > Advanced Configuration > SNMP > Community > Add Community Group The following table describes the items in the previous figure. Item Description Community Name Community name used in SNMPv1/v2 packets.

  • Page 79: Receiver V1/V2 > Add

    Item Description Timeout Value The number of seconds to wait for an acknowledgment from the SNMP management host before resending an inform message. Retries The number of times to resend an inform message that is not acknowledged by the SNMP management host. Filter The name of the filter for the SNMP management host.

  • Page 80: Receiver V3

    Item Description Filter The name of the filter for the SNMP management host. The filter is configured by using the CLI and defines which MIB objects to include or exclude from the view. This field is optional. UDP Port The UDP port on the SNMP management host that will receive the SNMP notifications.

  • Page 81: Receiver V3 > Add

    Item Description UDP Port The UDP port on the SNMP management host that will receive the SNMP notifications. If no value is specified when configuring a receiver, the default UDP port value is used. Refresh Click Refresh to update the screen. Click Add to add a new SNMP trap receiver.

  • Page 82: Supported Mibs

    Item Description Timeout Value (Sec- The number of seconds to wait for an acknowledgment from the onds) SNMP receiver before resending an inform message. Filter The name of the filter for the SNMP management host. The filter is configured by using the CLI and defines which MIB objects to include or exclude from the view.

  • Page 83: Control Group

    To access this page, click System > Advanced Configuration > SNMP > Access Control Group. Figure 4.56 System > Advanced Configuration > SNMP > Access Control Group The following table describes the items in the previous figure. Item Description Group Name The name that identifies the SNMP group.

  • Page 84: Control Group > Add

    Click System > Advanced Configuration > SNMP > Access Control Group > Add. Figure 4.57 System > Advanced Configuration > SNMP > Access Control Group > Add The following table describes the items in the previous figure. Item Description Access Control Group Group Name The name that identifies the SNMP group.

  • Page 85: Security Model

    Item Description Write The level of write access rights for the group. The menu includes the available SNMP views. When adding a group, select the check box to allow the field to be configured, then select the desired view that per- mits management read-write access to the contents of the agent but not to the community.

  • Page 86: Security Model > Add

    Item Description Refresh Click Refresh to update the screen. Click Add to add a new SNMP user. Remove Click Remove to remove the selected entries. To add a new SNMP user: Click System > Advanced Configuration > SNMP > User Security Model > Add. Figure 4.59 System >...

  • Page 87: Interface Configuration

    Item Description Privacy Specifies the privacy protocol to be used on encrypted messages on behalf of the specified user. This parameter is only valid if the Authen- tication method parameter is not NONE.  DES: DES protocol will be used. ...

  • Page 88: Configuration

    To access this page, click System > Advanced Configuration > SNMP > Server Configuration. Figure 4.61 System > Advanced Configuration > SNMP > Server Configuration The following table describes the items in the previous figure. Item Description SNMP Server Port The UDP port number on which the SNMP server listens for requests.

  • Page 89: Status

    Item Description Unicast Poll Timeout Specifies the timeout value, in seconds, to wait for an SNTP response (Seconds) when configured in unicast mode. Unicast Poll Retry Specifies the number of times to retry a request to an SNTP server after the first time-out before attempting to use the next configured server when configured in unicast mode.

  • Page 90: Configuration

    Item Description Last Attempt Status Specifies the status of the last SNTP request or unsolicited message for both unicast and broadcast modes. If no message has been received from a server, a status of Other is displayed. These values are appropriate for all operational modes. ...

  • Page 91: Configuration > Add

    The following table describes the items in the previous figure. Item Description SNTP Server The address or host name of an SNTP server the device can use to synchronize the system time. Type The configured SNTP server address type, which can be IPv4, IPv6, or DNS.

  • Page 92: Status

    The SNTP Server Status page displays status information about the SNTP servers configured on your switch. To access this page, click System > Advanced Configuration > SNTP > Server Status. Figure 4.66 System > Advanced Configuration > SNTP > Server Status The following table describes the items in the previous figure.

  • Page 93: Interface Configuration

    To access this page, click System > Advanced Configuration > SNTP > Source Interface Configuration. Figure 4.67 System > Advanced Configuration > SNTP > Source Interface Configuration The following table describes the items in the previous figure. Item Description Type The type of interface to use as the source interface: ...

  • Page 94: Configuration > Add

    The following table describes the items in the previous figure. Item Description Admin Mode Enables or disables the Time Range administrative mode. When enabled, actions with subscribed components are performed for exist- ing time range entries. Time Range Name The unique ID or name that identifies this time range. A time-based ACL rule can reference the name configured in this field.

  • Page 95: Entry Configuration > Add Absolute

    To access this page, click System > Advanced Configuration > Time Ranges > Entry Configuration. Figure 4.70 System > Advanced Configuration > Time Ranges > Entry Configuration The following table describes the items in the previous figure. Item Description Time Range Name Click the drop-down menu to select a time range.

  • Page 96: Entry Configuration > Add Periodic

    The following table describes the items in the previous figure. Item Description Time Range Name The time range configuration that will include the Absolute time range entry. Start Time Select this option to configure values for the Start Date and the Start- ing Time of Day.

  • Page 97: Summary

    The following table describes the items in the previous figure. Item Description Time Range Name The time range configuration that will include the Periodic time range entry. Applicable Days Select the days on which the Periodic time range entry is active: ...
  • Page 98 The following table describes the items in the previous figure. Item Description Current Time Time The current time on the system clock. This time is used to provide time stamps on log messages. Additionally, some CLI show com- mands include the time in the command output. Zone The acronym that represents the time zone.

  • Page 99: Summer Time

    To access this page, click System > Advanced Configuration > Time Zone > Time Zone. Figure 4.74 System > Advanced Configuration > Time Zone > Time Zone The following table describes the items in the previous figure. Item Description Time Zone Offset The system clock's offset from UTC, which is also known as Green- wich Mean Time (GMT).
  • Page 100 The following table describes the items in the previous figure. Item Description Summer Time The summer time mode on the system:  Disable: Summer time is not active, and the time does not shift based on the time of year. ...

  • Page 101: Alarm Status

    4.3.2.12 Event Manager The pages in the Event Manager folder allow you to view and configure information about alarm LED, alarm relay, alarm relay2, logs, Email and SNMP traps the system generates. Alarm Status Use the Alarm Status page to view the current alarm status for alarm LED, alarm relay and alarm relay2.

  • Page 102: Policy List

    The following table describes the items in the previous figure. Item Description Trap Log Capacity The maximum number of traps the log can store. If the number of traps exceeds the capacity, new entries overwrite the oldest entries. Number of Traps The number of traps the system has generated since the trap log Since Last Reset entries were last cleared, either by clicking Clear Log or by resetting...
  • Page 103 The following table describes the items in the previous figure. Item Description List Name The name of the policy list. This field can be configured only when adding a new policy list. Event Options The method(s) used to decide which events will be applied to event alarm action (Alarm LED, Alarm Relay, Alarm Relay 2, Logging, or Trap).

  • Page 104: Severity Configuration

    Use the Policy List Selection page to associate a policy list with each event alarm method (Alarm LED, Alarm Relay, Alarm Relay 2, Alarm Email, Logging, and SNMP Traps). To access this page, click System > Advanced Configuration > Event Manager > Policy Selection.

  • Page 105: Basic Configuration

    The following table describes the items in the previous figure. Item Description List Name The name of the policy list. This field can be configured only when adding a new policy list. Severity Configura- The severity level for each event. tion Submit Click Submit to save the values and update the screen.

  • Page 106: Configuration Storage

    4.3.4 Configuration Storage 4.3.4.1 Save Use the Save All Applied Changes page to store the system's configuration settings to non-volatile memory. Once saved the settings are available across a system reset. When you click Save, the save action is initiated. To access this page, click System >...

  • Page 107: Figure 4.86 System > Configuration Storage > Copy

    The following table describes the items in the previous figure. Item Description Reset Click Reset to initiate the action to erase the text-based configuration file stored in non-volatile memory after displaying a confirmation mes- sage. If the system resets and no startup-config file is found, the sys- tem will begin the AutoInstall process to automatically update the image and download a configuration file.

  • Page 108: Figure 4.87 System > Connectivity > Ipv4

    To access this page, click System > Connectivity > IPv4. Figure 4.87 System > Connectivity > IPv4 The following table describes the items in the previous figure. Item Description Network Configura- Specify how the device acquires network information on the network tion Protocol interface: ...

  • Page 109: Figure 4.88 System > Connectivity > Ipv6

    Item Description Locally Administered You may configure a locally administered MAC address for in-band MAC Address connectivity instead of using the burned in universally administered MAC address. In addition to entering an address in this field, you must also set the MAC address type to locally administered. Enter the address as twelve hexadecimal digits (6 bytes) with a colon between each byte.

  • Page 110: Figure 4.89 System > Connectivity > Ipv6 Neighbors

    Item Description Static IPv6 Lists the manually configured static IPv6 addresses on the network Addresses interface.  To add an entry to the list, click button to open the Add IPv6 Address dialog and provide the following: – New IPv6 Address: Specify the IPv6 address to add to the interface.

  • Page 111: Figure 4.90 System > Connectivity > Ipv6 Neighbors > Add

    Item Description Neighbor State The current reachability state of the neighboring device, which is one of the following:  Reachable: The neighbor is reachable through the network interface.  Stale: The neighbor is not known to be reachable, and the sys- tem will begin the process to reach the neighbor.
  • Page 112 The following table describes the items in the previous figure. Item Description Service Port Configu- Specify how the device acquires network information on the service ration Protocol port:  BOOTP: During the next boot cycle, the BOOTP client on the device broadcasts a BOOTP request in an attempt to acquire information from a BootP server on the network.

  • Page 113: Figure 4.92 System > Connectivity > Service Port Ipv6

    To access this page, click System > Connectivity > Service Port IPv6. Figure 4.92 System > Connectivity > Service Port IPv6 The following table describes the items in the previous figure. Item Description IPv6 Mode Enables or disables the IPv6 administrative mode on the service port. Service Port Configu- Specify whether the device should attempt to acquire network infor- ration Protocol...
  • Page 114 4.3.5.6 Service Port IPv6 Neighbors The Service Port IPv6 Neighbors page provides information about IPv6 neighbors the device has discovered through the service port by using the Neighbor Discovery Protocol (NDP). The manually configured static service port IPv6 neighbors are also displayed.

  • Page 115: Figure 4.94 System > Connectivity > Service Port Ipv6 Neighbors List > Add

    Click System > Connectivity > Service Port IPv6 Neighbors > Add. Figure 4.94 System > Connectivity > Service Port IPv6 Neighbors List > Add The following table describes the items in the previous figure. Item Description IPv6 Address The IPv6 address of a neighbor device that has been reachable on the local link through the service port.

  • Page 116: Figure 4.96 System > Firmware > Status

    To access this page, click System > Firmware > Status. Figure 4.96 System > Firmware > Status The following table describes the items in the previous figure. Item Description Unit The unit ID of the switch. Active The code file version of the active image. Backup The code file version of the backup image.

  • Page 117: Logs

    Item Description Backup The backup code file version. Use the icons to the right of the field to perform the following tasks:  To transfer a new code image to the device, click button. The Firmware Upgrade window opens. Click Choose File to browse to the file to transfer.

  • Page 118: Figure 4.99 System > Logs > Event Log

    Item Description Severity The severity level associated with the log entry. The severity can be one of the following:  Emergency (0): The device is unusable.  Alert (1): Action must be taken immediately.  Critical (2): The device is experiencing primary system failures. ...

  • Page 119: Figure 4.100System > Logs > Persistent Log

    Item Description Event Time A time stamp (days, hours, minutes, and seconds) indicating when the event occurred, measured from the time the device was last reset. The only correlation between any two entries in the event log is the relative amount of time after a system reset that the event occurred. Refresh Click Refresh to update the screen.

  • Page 120: Figure 4.101System > Logs > Hosts

    To access this page, click System > Logs > Hosts. Figure 4.101 System > Logs > Hosts The following table describes the items in the previous figure. Item Description Host The IP address or DNS-resolvable host name of the remote host to receive log messages.

  • Page 121: Figure 4.103System > Logs > Configuration

    To access this page, click System > Logs > Configuration. Figure 4.103 System > Logs > Configuration The following table describes the items in the previous figure. Item Description Buffered Log Configuration Admin Mode Enable or disable logging to the buffered (RAM) log file. Behavior Specify what the device should do when the buffered log is full.

  • Page 122: Figure 4.104System > Logs > Source Interface Configuration

    Item Description Local UDP Port The UDP port on the local host from which syslog messages are sent. Submit Click Submit to save the values and update the screen. Refresh Click Refresh to update the screen. Cancel Click Cancel to restore default value. 4.3.7.6 Source Interface Configuration Use the Syslog Source Interface Configuration page to specify the physical or logical...

  • Page 123: Figure 4.105System > Logs > Statistics

    To access this page, click System > Logs > Statistics. Figure 4.105 System > Logs > Statistics The following table describes the items in the previous figure. Item Description Buffered Log Total Number of Mes- The number of log messages currently stored in RAM. sages Persistent Log Total Number of Mes-...

  • Page 124: Figure 4.107System > Management Access > Telnet

    Item Description Java Mode Enables or disables the port that Java uses. When this mode is dis- abled, any feature on the device that uses Java is not available and cannot be viewed by using a web browser. Telnet Telnet Server Admin Enables or disables the telnet administrative mode.

  • Page 125: Figure 4.108System > Management Access > Serial

    Item Description Telnet Port The TCP port number on which the telnet server listens for requests. Existing telnet login sessions are not affected by a change in this value, although establishment of any new telnet sessions must use the new port number. NOTE: Before changing this value, check your system (e.g.

  • Page 126: Figure 4.109System > Management Access > Cli Banner

    4.3.8.4 CLI Banner Use the CLI Banner Configuration page to configure a message that appears before the user prompt as a Pre- login banner. The message configured shows up on Telnet, SSH and Console connections. To access this page, click System > Management Access > CLI Banner. Figure 4.109 System >...

  • Page 127: Figure 4.111System > Management Access > Https

    Item Description HTTP Session Soft HTTP session inactivity timeout value. A logged-in user that does not Time Out (Minutes) exhibit any HTTP activity for this amount of time is automatically logged out of the HTTP session. HTTP Session Hard HTTP session hard timeout value. A user connected to the device via Time Out (Hours) an HTTP session is automatically logged out after this amount of time regardless of the amount of HTTP activity that occurs.

  • Page 128: Figure 4.112System > Management Access > Ssh

    Item Description Maximum Number of The maximum number of HTTPS sessions that can be connected to HTTPS Sessions the device simultaneously. Certificate Status The status of the SSL certificate generation process.  Present: The certificate has been generated and is present on the device.

  • Page 129: Passwords

    Item Description SSH Version 1 When this option is selected, the SSH server on the device can accept connections from an SSH client using SSH-1 protocol. If the option is clear, the device does not allow connections from clients using the SSH-1 protocol.

  • Page 130: Figure 4.114System > Passwords > Enable Password

    The following table describes the items in the previous figure. Item Description Line Mode Any or all of the following passwords may be changed on this page by checking the box that precedes it:  Console  Telnet  Password Enter the new password for the corresponding Line Mode in this field.

  • Page 131: Figure 4.115System > Passwords > Password Rules

    To access this page, click System > Passwords > Password Rules. Figure 4.115 System > Passwords > Password Rules The following table describes the items in the previous figure. Item Description Minimum Length The minimum number of characters required for a valid password. Aging (Days) The number of days that a user password is valid from the time the password is set.

  • Page 132: Figure 4.116System > Passwords > Last Password

    Item Description Exclude Keyword The list of keywords that a valid password must not contain. Excluded Name keyword checking is case-insensitive. Additionally, a password cannot contain the backwards version of an excluded keyword. For example, if pass is an excluded keyword, passwords such as 23passA2c, ssap- word, and PAsSwoRD are prohibited.

  • Page 133: Figure 4.118System > Port > Summary

    4.3.10 Port The pages in the Port folder allow you to view and monitor the physical port informa- tion for the ports available on the switch. The Port folder has links to the following pages: 4.3.10.1 Summary Use the Port Summary page to view the settings for all physical ports on the platform. To access this page, click System >...

  • Page 134: Figure 4.119System > Port > Description

    Item Description LACP Mode Shows the administrative mode of the Link Aggregation Control Proto- col (LACP), which is one of the following:  Enabled: The port uses LACP for dynamic LAG configuration. When LACP is enabled, the port sends and receives LACP PDUs with its link partner to confirm that the external switch is also configured for link aggregation.

  • Page 135: Figure 4.120System > Port > Cable Test

    4.3.10.3 Cable Test The cable test feature enables you to determine the cable connection status on a selected port. You can also obtain an estimate of the length of the cable connected to the port, if the PHY on the ports supports this functionality. Note! The cable test feature is supported only for copper cable.

  • Page 136: Figure 4.121System > Port > Mirroring

    The packet that is copied to the destination port is in the same format as the original packet on the wire. This means that if the mirror is copying a received packet, the copied packet is VLAN tagged or untagged as it was received on the source port. If the mirror is copying a transmitted packet, the copied packet is VLAN tagged or untagged as it is being transmitted on the source port.

  • Page 137: Figure 4.122System > Port > Transceiver Brief

    Item Description Direction The direction of traffic on the source port (or source ports) or VLAN that is sent to the specified destination. A source VLAN mirrors all received and transmitted packets to the destination. Possible values for source ports are: ...

  • Page 138: Figure 4.123System > Statistics > System > Switch

    4.3.11 Statistics 4.3.11.1 System Switch The Switch Statistics page shows summary information about traffic transmitted and received on the device, entries in the MAC address table, and Virtual Local Area Net- works (VLANs) that exist on the device. To access this page, click System > Statistics > System > Switch. Figure 4.123 System >...

  • Page 139: Figure 4.124System > Statistics > System > Port Summary

    Item Description Static Entries The current number of entries in the MAC address table or VLAN database that an administrator has statically configured. Dynamic Entries The current number of entries in the MAC address table or VLAN database that have been dynamically learned by the device. Total Entries Deleted The number of VLANs that have been created and then deleted since the last reboot.

  • Page 140: Figure 4.125System > Statistics > System > Port Detailed

    Item Description Clear Counters Click Clear Counters to reset the selected counters to zero. Clear All Counters Click Clear All Counters to reset all counters to zero. Port Detailed The Port Detailed Statistics page shows detailed information about the traffic trans- mitted and received by each interface.
  • Page 141 Item Description FCS Errors Frame Check Sequence errors may occur if a network link is bad or if packets are being dropped. Protocol The table shows statistics about various protocol data units (PDUs) or EAPOL frames transmitted or received by the interface. Statistics for transmitted traffic and received traffic are shown in separate columns.

  • Page 142: Figure 4.127System > Statistics > Time Based > Group

    Item Description Request Packets Number of DHCPv6 request messages the client sent in response to Transmitted a DHCPv6 server's advertisement message. Renew Packets Number of renew messages the DHCPv6 client has sent to the server Transmitted to request an extension of the lifetime of the information provided by the server.
  • Page 143 Item Description Time Range The name of the periodic or absolute time range to use for data collec- tion. The time range is configured by using the Time Range Summary and Time Range Entry Summary pages. The time range must be con- figured on the system before the time-based statistics can be col- lected.
  • Page 144 The following table describes the items in the previous figure. Item Description Group The type of traffic statistics to collect for the group, which is one of the following:  Received: The number of packets received on the interfaces within the group. ...
  • Page 145 To access this page, click System > Statistics > Time Based > Flow Based. Figure 4.129 System > Statistics > Time Based > Flow Based The following table describes the items in the previous figure. Item Description Reporting Methods The methods for reporting the collected statistics at the end of every configured interval.
  • Page 146 Click System > Statistics > Time Based > Flow Based > Add. Figure 4.130 System > Statistics > Time Based > Flow Based > Add The following table describes the items in the previous figure. Item Description Rule Id The number that identifies the flow-based statistics collection rule. Time Range The name of the periodic or absolute time range to use for data collec- tion.

  • Page 147: Figure 4.131System > Statistics > Time Based > Statistics

    Statistics Use the Time Based Statistics page to view time-based statistics collected for the configured traffic groups and flow-based rules. To access this page, click System > Statistics > Time Based > Statistics. Figure 4.131 System > Statistics > Time Based > Statistics The following table describes the items in the previous figure.

  • Page 148: Figure 4.133System > Status > Resource Status

    The following table describes the items in the previous figure. Item Description MAC Address The physical (MAC) address associated with the IP address of the connection. IP Address The Internet (IP) address of the connection. Interface Shows the switch port through which the connection was established, or displays as Management if the connection occurred via a non-net- work port interface (if applicable).

  • Page 149: Figure 4.134System > Status > Resource Configuration

    Item Description 60 Seconds The percentage amount of CPU utilization consumed by the corre- sponding task in the last 60 seconds. 300 Seconds The percentage amount of CPU utilization consumed by the corre- sponding task in the last 300 seconds. Refresh Click Refresh to update the screen.
  • Page 150 The following table describes the items in the previous figure. Item Description System Information System Description The product name of this device. System Name The configured name used to identify this device. System Location The configured location of this device. System Contact The configured contact person for this device.

  • Page 151: Figure 4.136System > Summary > Description

    To access this page, click System > Summary > Description. Figure 4.136 System > Summary > Description The following table describes the items in the previous figure. Item Description System Description The product name of this device. System Name The name used to identify this device. The factory default is blank. System Location The location of this device.

  • Page 152: Figure 4.138System > Summary > Mac Address Table

    The following table describes the items in the previous figure. Item Description System Description The product name of this device. Machine Type The hardware platform of this device. Machine Model The product model number. Serial Number The unique serial number used to identify the device. Manufacturer The two-octet code that identifies the manufacturer.

  • Page 153: Users

    Item Description Status Provides information about the entry and why it is in the table, which can be one of the following:  Static: The address has been manually configured and does not age out.  Learned: The address has been automatically learned by the device and can age out when it is not in use.

  • Page 154: Figure 4.140System > Users > Accounts > Add

    Item Description Access Level The access or privilege level for this user. The options are:  Privilege-15: The user can view and modify the configuration.  Privilege-1: The user can view the configuration but cannot mod- ify any fields.  Privilege-0: The user exists but is not permitted to log on to the device.

  • Page 155: Figure 4.141System > Users > Auth Server Users

    Item Description Password Strength Shows the status of password strength check. Encrypted Password Specifies the password encryption. Submit Click Submit to save the values. Cancel Click Cancel to close the window. 4.3.14.2 Auth Server Users Use the Auth Server Users page to add and remove users from the local authentica- tion server user database.

  • Page 156: Figure 4.143System > Users > Sessions

    Item Description Password Required Select this option to indicate that the user must enter a password to be authenticated. If this option is clear, the user is required only to enter a valid user name. Password Specify the password to associate with the user name (if required). Confirm Re-enter the password to confirm the entry.

  • Page 157: Figure 4.145System > Utilities > Ping

    The following table describes the items in the previous figure. Item Description Reset Click Reset to initiates the system reset action after displaying a con- firmation message. 4.3.15.2 Ping Use the Ping page to tell the switch to send a Ping request to a specified IP address. You can use this feature to check whether the switch can communicate with a partic- ular network host.

  • Page 158: Figure 4.146System > Utilities > Ping Ipv6

    Item Description Start Click Start to start the ping test. The device sends the specified num- ber of ping packets to the host. Stop Click Stop to interrupts the current ping test. 4.3.15.3 Ping IPv6 Use the Ping IPv6 page to tell the device to send one or more ping requests to a specified IPv6 host.

  • Page 159: Figure 4.147System > Utilities > Traceroute

    4.3.15.4 TraceRoute Use the TraceRoute page to determine the layer 3 path a packet takes from the device to a specific IP address or hostname. When you initiate the TraceRoute com- mand by clicking the Start button, the device sends a series of TraceRoute probes toward the destination.
  • Page 160 Item Description Status The current status of the TraceRoute, which can be:  Not Started: The TraceRoute has not been initiated since view- ing the page.  In Progress: The TraceRoute has been initiated and is running.  Stopped: The TraceRoute was interrupted by clicking the Stop button.

  • Page 161: Figure 4.148System > Utilities > Traceroute Ipv6

    To access this page, click System > Utilities > TraceRoute IPv6. Figure 4.148 System > Utilities > TraceRoute IPv6 The following table describes the items in the previous figure. Item Description Host Name or IPv6 The DNS-resolvable hostname or IPv6 address of the system to Address attempt to reach.

  • Page 162: Figure 4.149System > Utilities > Ip Address Conflict

    Item Description Results The results of the TraceRoute, which are displayed in the following format: 1 3001::1 708 ms 41 ms 11 ms 2 4001::2 250 ms 200 ms 193 ms 3 5001::3 289 ms 313 ms 278 ms 4 6001::4 651 ms 41 ms 270 ms 5 :: * N * N * N Hop Count = 4 Last TTL = 5 Test attempt = 1 Test Success = 0 For each TTL value probed, the results show the IP address of the...

  • Page 163: Figure 4.150System > Utilities > Transfer

    Item Description IP Address Conflict Indicates whether a conflicting IP address has been detected since Currently Exists this status was last reset.  False: No conflict detected (the subsequent fields on this page display as N/A).  True: Conflict was detected (the subsequent fields on this page show the relevant information).
  • Page 164 Item Description  File Type: Specify the type of file to transfer from the device to a remote system. – Active Code: Select this option to transfer an active image. – Backup Code: Select this option to transfer an backup image. –...
  • Page 165 Item Description  File Type: Specify the type of file to transfer to the device: – Active Code: Select this option to transfer a new image to the device. The code file is stored as the active image. – Backup Code: Select this option to transfer a new image to the device.

  • Page 166: Switching

    Item Description  Select File: If HTTP is the Transfer Protocol, browse to the direc- tory where the file is located and select the file to transfer to the device. This field is not present if the Transfer Protocol is TFTP or FTP.

  • Page 167: Figure 4.151Switching > Class Of Service > 802.1P

    To access this page, click Switching > Class of Service > 802.1p. Figure 4.151 Switching > Class of Service > 802.1p The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. The Global entry represents the common settings for all interfaces, unless specifically overridden individually.

  • Page 168: Figure 4.153Switching > Dhcp Snooping > Base > Vlan Configuration

    Use the DHCP Snooping VLAN Configuration page to view and configure the DHCP snooping settings on VLANs that exist on the device. DHCP snooping can be config- ured on switching VLANs and routing VLANs. For Layer 2 (non-routing) VLANs, DHCP snooping forwards valid DHCP client messages received on the VLANs. The message is forwarded on all trusted interfaces in the VLAN.

  • Page 169: Figure 4.155Switching > Dhcp Snooping > Base > Interface Configuration

    incoming DHCP messages. For DHCPRELEASE and DHCPDECLINE messages, the feature compares the receive interface and VLAN with the client's interface and VLAN in the binding database. If the interfaces do not match, the application logs the event (when logging of invalid packets is enabled) and drops the message. If MAC address validation is globally enabled, messages that pass the initial validation are checked to verify that the source MAC address and the DHCP client hardware address match.

  • Page 170: Figure 4.157Switching > Dhcp Snooping > Base > Static Bindings Add

    Item Description Rate Limit (pps) The rate limit value for DHCP packets received on the interface. To prevent DHCP packets from being used as a DoS attack when DHCP snooping is enabled, the snooping application enforces a rate limit for DHCP packets received on untrusted interfaces.

  • Page 171: Figure 4.158Switching > Dhcp Snooping > Base > Dynamic Bindings

    The following table describes the items in the previous figure. Item Description Interface The interface on which the DHCP client is authorized. MAC Address The MAC address associated with the DHCP client. This is the Key to the binding database. VLAN ID The ID of the VLAN the client is authorized to use.

  • Page 172: Figure 4.159Switching > Dhcp Snooping > Base > Persistent

    To access this page, click Switching > DHCP Snooping > Base > Persistent. Figure 4.159 Switching > DHCP Snooping > Base > Persistent The following table describes the items in the previous figure. Item Description Store The location of the DHCP snooping bindings database, which is either locally on the device (Local) or on a remote system (Remote).

  • Page 173: Figure 4.162Switching > Dhcp Snooping > L2 Relay > Interface Configuration

    Item Description DHCP Server Msgs The number of DHCP server messages (DHCPOFFER, DHCPACK, Received DHCPNAK, DHCPRELEASEQUERY) that have been dropped on an untrusted port. Refresh Click Refresh to update the screen. Clear Counters Click Clear Counters to reset all statistics to zero for all interfaces. 4.4.2.2 L2 Relay Global...

  • Page 174: Figure 4.163Switching > Dhcp Snooping > L2 Relay > Vlan Configuration

    The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. When configuring the settings for one or more interfaces, this field identifies each interface that is being configured. L2 Relay Mode The administrative mode of L2 relay mode on the interface.
  • Page 175 Item Description Remote ID The DHCP remote identifier string. When a string is entered here, if a client sends a DHCP request to the device and the client is in a VLAN that corresponds to the S-VID, the device adds the string to the Remote-ID suboption of Option 82 in the DHCP request packet.

  • Page 176: Ipv6 Dhcp Snooping

    To access this page, click Switching > DHCP Snooping > L2 Relay > Statistics. Figure 4.165 Switching > DHCP Snooping > L2 Relay > Statistics The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. Untrusted Server The number of messages received on an untrusted interface from a Messages With...

  • Page 177: Figure 4.167Switching > Ipv6 Dhcp Snooping > Base > Vlan Configuration

    The following table describes the items in the previous figure. Item Description DHCP Snooping The administrative mode of IPv6 DHCP snooping on the device. Mode MAC Address Vali- Enables or Disables the verification of the sender MAC address for dation IPv6 DHCP snooping.

  • Page 178: Figure 4.169Switching > Ipv6 Dhcp Snooping > Base > Interface Configuration

    Click Switching > IPv6 DHCP Snooping > Base > VLAN Configuration > Add. Figure 4.168 Switching > IPv6 DHCP Snooping > Base > VLAN Configuration > The following table describes the items in the previous figure. Item Description VLAN ID The VLAN ID that is enabled for IPv6 DHCP snooping.

  • Page 179: Figure 4.170Switching > Ipv6 Dhcp Snooping > Base > Static Bindings

    Item Description Trust State The trust state configured on the interface. The trust state is one of the following:  Disabled: The interface is considered to be untrusted and could potentially be used to launch a network attack. DHCPv6 server messages are checked against the bindings database.

  • Page 180: Figure 4.171Switching > Ipv6 Dhcp Snooping > Base > Static Bindings > Add

    Item Description Refresh Click Refresh to update the screen. Click Add to add a new static entry to the IPv6 DHCP snooping bind- ings table. Remove Click Remove to remove the selected entries. To add a new static entry to the IPv6 DHCP snooping bindings table: Click Switching >...
  • Page 181 The following table describes the items in the previous figure. Item Description Interface The interface on which the DHCPv6 client message was received. MAC Address The MAC address associated with the DHCPv6 client that sent the message. This is the key to the binding database. VLAN ID The VLAN ID of the client interface.

  • Page 182: Dvlan

    To access this page, click Switching > IPv6 DHCP Snooping > Base > Statistics. Figure 4.174 Switching > IPv6 DHCP Snooping > Base > Statistics The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. MAC Verify Failures The number of DHCPv6 messages that were dropped because the source MAC address and client hardware address did not match.

  • Page 183: Figure 4.175Switching > Dvlan > Configuration

    To access this page, click Switching > DVLAN > Configuration. Figure 4.175 Switching > DVLAN > Configuration The following table describes the items in the previous figure. Item Description Primary TPID The two-byte hex EtherType value to be used as the first 16 bits of the DVLAN tag.

  • Page 184: Dynamic Arp Inspection

    Item Description Secondary TPIDs The two-byte hex EtherType values configured as secondary TPIDs. Refresh Click Refresh to update the screen. 4.4.4.3 Interface Summary Use the DVLAN Interface Summary page to view and configure the double VLAN (DVLAN) tag settings for each interface. Double VLAN tagging allows service provid- ers to create Virtual Metropolitan Area Networks (VMANs).

  • Page 185: Figure 4.178Switching > Dynamic Arp Inspection > Global

    4.4.5.1 Global Use the Global Configuration page to configure global DAI settings. To access this page, click Switching > Dynamic ARP Inspection > Global. Figure 4.178 Switching > Dynamic ARP Inspection > Global The following table describes the items in the previous figure. Item Description Validate Source...
  • Page 186 Item Description ARP ACL Name The name of the of ARP access control list (ACL) that the VLAN uses as the filter for ARP packet validation. The ARP ACL must already exist on the system to associate it with a DAI-enabled VLAN. ARP ACLs include permit rules only.

  • Page 187: Figure 4.181Switching > Dynamic Arp Inspection > Interface

    Item Description Submit Click Submit to save the values. Cancel Click Cancel to close the window. 4.4.5.3 Interface Use the Interface Configuration page to configure the per-interface Dynamic ARP Inspection (DAI) settings. To access this page, click Switching > Dynamic ARP Inspection > Interface. Figure 4.181 Switching >...

  • Page 188: Acl

    To access this page, click Switching > Dynamic ARP Inspection > ACL. Figure 4.182 Switching > Dynamic ARP Inspection > ACL The following table describes the items in the previous figure. Item Description ACL Name The name of the ACL. Only the ACLs that appear in this column can be referenced by DNI-enabled VLANs.

  • Page 189: Figure 4.184Switching > Dynamic Arp Inspection > Acl > Add Rule

    Click Switching > Dynamic ARP Inspection > ACL > Add Rule. Figure 4.184 Switching > Dynamic ARP Inspection > ACL > Add Rule The following table describes the items in the previous figure. Item Description ACL Name The name of the ACL. Only the ACLs that appear in this column can be referenced by DNI-enabled VLANs.

  • Page 190: Filters

    Item Description DHCP Permits The number of ARP packets that were forwarded by DAI because a matching DHCP snooping binding entry was found in the DHCP snooping database. ACL Permits The number of ARP packets that were forwarded by DAI because the sender IP address and sender MAC address in the ARP packet matched a rule in the ARP ACL associated with this VLAN.

  • Page 191: Figure 4.187Switching > Filters > Mac Filters > Add

    The following table describes the items in the previous figure. Item Description MAC Address The MAC address of the filter. The destination MAC address of an Ethernet frame must match this value to be considered for the filter. When adding or editing a filter, note that you cannot configure the fol- lowing MAC addresses in this field: ...

  • Page 192: Garp

    The following table describes the items in the previous figure. Item Description MAC Address The MAC address of the filter. The destination MAC address of an Ethernet frame must match this value to be considered for the filter. When adding or editing a filter, note that you cannot configure the fol- lowing MAC addresses in this field: ...

  • Page 193: Figure 4.189Switching > Garp > Port

    Item Description GMRP Mode The administrative mode of GMRP on the system. When enabled, GMRP can help control the flooding of multicast traffic by keeping track of group membership information. GMRP is similar to IGMP snooping in its purpose, but IGMP snooping is more widely used. GMRP must be running on both the host and the switch to function properly.

  • Page 194: Igmp Snooping

    Item Description Leave All Timer The amount of time to wait before sending a LeaveAll PDU after the (Centisecs) GARP application has been enabled on the interface or the last Lea- veAll PDU was sent. A LeaveAll PDU indicates that all registrations will shortly be deregistered.
  • Page 195 Item Description Multicast Control The number of data frames forwarded by the CPU. Frame Count Interface(s) Enabled The interface(s) on which IGMP snooping is administratively enabled. for IGMP Snooping IGMP snooping must be enabled globally and on an interface for the interface to be able to snoop IGMP packets to determine which seg- ments should receive multicast packets directed to the group address.

  • Page 196: Figure 4.192Switching > Igmp Snooping > Vlan Status

    Item Description Refresh Click Refresh to update the screen. Edit Click Edit to edit the selected entries. 4.4.8.3 VLAN Status Use the IGMP Snooping VLAN Status page to enable or disable IGMP snooping on system VLANs and to view and configure per-VLAN IGMP snooping settings. Only VLANS that are enabled for IGMP snooping appear in the table.
  • Page 197 Item Description Click Add to enable IGMP snooping on a VLAN. Edit Click Edit to edit the selected entries. Remove Click Remove to disable IGMP snooping for the selected entries. To enable IGMP snooping on a VLAN: Click Switching > IGMP Snooping > VLAN Status > Add. Figure 4.193 Switching >...

  • Page 198: Status

    4.4.8.4 Multicast Router Configuration If a multicast router is attached to the switch, its existence can be learned dynami- cally. You can also statically configure a switch port as a multicast router interface. Use the IGMP Snooping Multicast Router Configuration page to manually configure an interface as a static multicast router interface.

  • Page 199: Configuration

    Item Description Click Add to enable IGMP snooping on a VLAN. The Multicast Router VLAN Configuration Menu displays. Click a VLAN ID to select it (or CTRL + click to select multiple VLAN IDs). Click the appropriate arrow to move the selected VLAN ID or VLAN IDs to the Configured VLAN IDs window.

  • Page 200: Figure 4.198Switching > Igmp Snooping Querier > Vlan Configuration

    VLAN needs to be layer 2 switched only, an IP-multicast router is not required. The IGMP snooping querier can perform the IGMP snooping functions on the VLAN. To access this page, click Switching > IGMP Snooping Querier > Configuration. Figure 4.197 Switching > IGMP Snooping Querier > Configuration The following table describes the items in the previous figure.

  • Page 201: Figure 4.199Switching > Igmp Snooping Querier > Vlan Configuration > Add

    Item Description Querier Election The participation mode for the IGMP snooping querier election pro- Participation cess:  Enabled: The IGMP snooping querier on this VLAN participates in the querier election process when it discovers the presence of another querier in the VLAN. If the snooping querier finds that the other querier source IP address is lower than its own address, it stops sending periodic queries.

  • Page 202: Mld Snooping

    Item Description Querier VLAN IP The IGMP snooping querier address the VLAN uses as the source IP Address address in periodic IGMP queries sent on the VLAN. If this value is not configured, the VLAN uses the global IGMP snooping querier IP address.

  • Page 203: Figure 4.201Switching > Mld Snooping > Configuration

    IPv4, Layer 2 switches can use IGMP snooping to limit the flooding of multicast traffic by dynamically configuring Layer 2 interfaces so that multicast traffic is forwarded to only those interfaces associated with IP multicast address. In IPv6 networks, MLD snooping performs a similar function.

  • Page 204: Figure 4.203Switching > Mld Snooping > Source Specific Multicast

    Item Description Group Membership The number of seconds the interface should wait for a report for a par- Interval ticular group on the interface before the MLD snooping feature deletes the interface from the group. Max Response Time The number of seconds the interface should wait after sending a query if it does not receive a report for a particular group.

  • Page 205: Figure 4.204Switching > Mld Snooping > Vlan Status

    4.4.10.4 VLAN Status Use the MLD Snooping VLAN Status page to enable or disable MLD snooping on system VLANs and to view and configure per-VLAN MLD snooping settings. Only VLANS that are enabled for MLD snooping appear in the table. To access this page, click Switching >...
  • Page 206 Click Switching > MLD Snooping > VLAN Status > Add. Figure 4.205 Switching > MLD Snooping > VLAN Status > Add The following table describes the items in the previous figure. Item Description VLAN ID The VLAN associated with the rest of the data in the row. When enabling MLD snooping on a VLAN, use this menu to select the desired VLAN.

  • Page 207: Figure 4.206Switching > Mld Snooping > Multicast Router Configuration

    To access this page, click Switching > MLD Snooping > Multicast Router Config- uration. Figure 4.206 Switching > MLD Snooping > Multicast Router Configuration The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. When configuring the MLD snooping multicast router settings, this field identi- fies each interface that is being configured.

  • Page 208: Figure 4.208Switching > Mld Snooping > Multicast Router Vlan Status > Add

    Item Description VLAN ID The ID of each VLAN configured as enabled as a multicast router inter- face on the associated interface. When changing the multicast routing VLAN interfaces that are associated with an interface, click the VLAN ID to select it (or CTRL + click to select multiple VLAN IDs). Refresh Click Refresh to update the screen.

  • Page 209: Figure 4.210Switching > Mld Snooping Querier > Vlan Configuration

    needs to be Layer 2 switched only, an IP-multicast router is not required. The MLD snooping querier can perform the MLD snooping functions on the VLAN. To access this page, click Switching > MLD Snooping Querier > Configuration. Figure 4.209 Switching > MLD Snooping Querier > Configuration The following table describes the items in the previous figure.

  • Page 210: Figure 4.211Switching > Mld Snooping Querier > Vlan Configuration > Add

    Item Description Querier Election The participation mode for the MLD snooping querier election process:  Participation Enabled: The MLD snooping querier on this VLAN participates in the querier election process when it discovers the presence of another querier in the VLAN. If the snooping querier finds that the other querier source IPv6 address is lower than its own address, it stops sending periodic queries.
  • Page 211 Item Description Querier Election The participation mode for the MLD snooping querier election process:  Participation Enabled: The MLD snooping querier on this VLAN participates in the querier election process when it discovers the presence of another querier in the VLAN. If the snooping querier finds that the other querier source IPv6 address is lower than its own address, it stops sending periodic queries.

  • Page 212: Multicast Forwarding Database

    Item Description Last Version The MLD protocol version of the last querier from which a query was snooped on the VLAN. Max Response Time The maximum response time to be used in the queries that are sent by (Seconds) the snooping querier. Refresh Click Refresh to update the screen.
  • Page 213 Item Description Type The type of entry, which is one of the following:  Static: The entry has been manually added to the MFDB by an administrator.  Dynamic: The entry has been added to the MFDB as a result of a learning process or protocol.

  • Page 214: Figure 4.215Switching > Multicast Forwarding Database > Igmp Snooping

    To access this page, click Switching > Multicast Forwarding Database > IGMP Snooping. Figure 4.215 Switching > Multicast Forwarding Database > IGMP Snooping The following table describes the items in the previous figure. Item Description VLAN ID The VLAN ID associated with the entry in the MFDB. MAC Address The multicast MAC address associated with the entry in the MFDB.

  • Page 215: Figure 4.217Switching > Multicast Forwarding Database Statistics

    Item Description Description A text description of this multicast table entry. Interface(s) The list of interfaces that will forward or filter traffic sent to the multicast MAC address. Refresh Click Refresh to update the screen. Clear Entries Click Clear Entries to remove all IGMP snooping entries from the MFDB table.

  • Page 216: Figure 4.219Switching > Mvr > Group

    The following table describes the items in the previous figure. Item Description Admin Mode The administrative mode of MVR on the device. MVR Mode The MVR learning mode, which can be one of the following:  Compatible: MVR does not learn source ports membership, instead all source ports are members of all groups by default.

  • Page 217: Figure 4.220Switching > Mvr > Group > Add

    To add a new group: Click Switching > MVR > Group > Add. Figure 4.220 Switching > MVR > Group > Add The following table describes the items in the previous figure. Item Description Group The multicast group address. Contiguous Group Specify the desired number of groups to be created starting with the Count entered group address.

  • Page 218: Figure 4.222Switching > Mvr > Statistics

    Item Description Status The active state of the interface, which can be one of the following:  Active: The port has link up and is in the forwarding state.  Inactive: The port may not have link up, not be in the forwarding state, or both.

  • Page 219: Figure 4.223Switching > Lldp > Global

    cessed by stations implementing the receive function. The transmit and receive func- tions can be enabled/disabled separately per port. By default, both transmit and receive are disabled on all ports. The application is responsible for starting each transmit and receive state machine appropriately, based on the configured status and operational state of the port.

  • Page 220: Figure 4.225Switching > Lldp > Interface > Add

    The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. Only inter- faces that have at least one LLDP setting enabled appear in the table. In the Add LLDP Interface window, use this field to select the interface with the LLDP settings to configure.

  • Page 221: Figure 4.226Switching > Lldp > Local Devices

    The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. Only inter- faces that have at least one LLDP setting enabled appear in the table. In the Add LLDP Interface window, use this field to select the interface with the LLDP settings to configure.

  • Page 222: Figure 4.227Switching > Lldp > Remote Devices

    The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the LLDP - 802.1AB data in the row. When viewing the details for an interface, this field identifies the interface that is being viewed. Port ID The port identifier, which is the physical address associated with the interface.

  • Page 223: Figure 4.228Switching > Lldp > Statistics

    To access this page, click Switching > LLDP > Statistics. Figure 4.228 Switching > LLDP > Statistics The following table describes the items in the previous figure. Item Description Last Update The amount of time that has passed since an entry was created, modi- fied, or deleted in the local database that maintains LLDP information received from remote systems.

  • Page 224: Lldp-Med

    4.4.15 LLDP-MED The Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED) is an enhancement to LLDP that features:  Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority and DiffServ set- tings), enabling plug and play networking.  Device location discovery for creation of location databases. ...

  • Page 225: Figure 4.230Switching > Lldp-Med > Interface

    To access this page, click Switching > LLDP-MED > Interface. Figure 4.230 Switching > LLDP-MED > Interface The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. When configuring LLDP-MED settings, this field identifies the interfaces that are being configured.

  • Page 226: Figure 4.231Switching > Lldp-Med > Interface > Add

    Click Switching > LLDP-MED > Interface > Add. Figure 4.231 Switching > LLDP-MED > Interface > Add The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. When configuring LLDP-MED settings, this field identifies the interfaces that are being configured.

  • Page 227: Figure 4.233Switching > Lldp-Med > Remote Devices

    Item Description Port ID The MAC address of the interface. This is the MAC address that is advertised in LLDP-MED PDUs. Refresh Click Refresh to update the screen. Details Click Details to open a window and display additional information. 4.4.15.4 Remote Devices The LLDP-MED Remote Device Summary page displays information about the remote devices the local system has learned about through the LLDP- MED data...

  • Page 228: Figure 4.234Switching > Port Channel > Summary

    To access this page, click Switching > Port Channel > Summary. Figure 4.234 Switching > Port Channel > Summary The following table describes the items in the previous figure. Item Description Name A unique name to identify the port channel. Depending on the type of port channel, this name is automatically assigned by the system or can be configured by a system administrator.

  • Page 229: Figure 4.235Switching > Port Channel > Statistics

    Item Description Members The ports that are members of a port channel. Each port channel can have a maximum of 8 member ports. To add ports to the port channel, select one or more ports from the Port List field (CTRL + click to select multiple ports).

  • Page 230: Port Security

    Item Description Refresh Click Refresh to update the screen. Clear Counters Click Clear Counters to reset the flap counters for all port channels and member ports to zero. 4.4.17 Port Security Port Security can be enabled on a per-port basis. When a port is locked, only packets with allowable source MAC addresses can be forwarded.

  • Page 231: Figure 4.237Switching > Port Security > Interface

    To access this page, click Switching > Port Security > Interface. Figure 4.237 Switching > Port Security > Interface The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. When configuring the port security settings for one or more interfaces, this field lists the interfaces that are being configured.

  • Page 232: Figure 4.238Switching > Port Security > Static Mac

    Item Description Sticky Mode The sticky MAC address learning mode, which is one of the following:  Enabled: MAC addresses learned or manually configured on this interface are learned in sticky mode. A sticky-mode MAC address is a MAC address that does not age out and is added to the running configuration.

  • Page 233: Figure 4.239Switching > Port Security > Static Mac > Add

    Item Description Sticky Mode Indicates whether the static MAC address entry is added in sticky mode. When adding a static MAC address entry, the Sticky Mode field can be selected only if it is enabled on the interface. If a static MAC address is added in sticky mode, and sticky mode is disabled on the interface, the MAC address entry is converted to a dynamic entry and will age out and be removed from the running (and saved) configura-...

  • Page 234: Figure 4.240Switching > Port Security > Dynamic Mac

    To access this page, click Switching > Port Security > Dynamic MAC. Figure 4.240 Switching > Port Security > Dynamic MAC The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. When converting dynamic addresses to static addresses, use the Interface menu to select the interface to associate with the MAC addresses.

  • Page 235: Spanning Tree

    Item Description Refresh Click Refresh to update the screen. Click Add to add a new protected ports group and add ports to the group. Edit Click Edit to edit the selected entries. Remove Click Remove to remove the selected entries. To add a new protected ports group and add ports to the group: Click Switching >...

  • Page 236: Figure 4.243Switching > Spanning Tree > Switch

    resulting in rapid transitioning of the port to 'Forwarding' state and the suppression of Topology Change Notification. These features are represented by the parameters 'pointtopoint' and 'edgeport'. MSTP is compatible to both RSTP and STP. It behaves appropriately to STP and RSTP bridges. A MSTP bridge can be configured to behave entirely as a RSTP bridge or a STP bridge.

  • Page 237: Figure 4.244Switching > Spanning Tree > Mst

    Item Description Refresh Click Refresh to update the screen. Cancel Click Cancel to restore default value. 4.4.19.2 Use the Spanning Tree MST Summary page to view and configure the Multiple Span- ning Tree Instances (MSTIs) on the device. Multiple Spanning Tree Protocol (MSTP) allows the creation of MSTIs based upon a VLAN or groups of VLANs.

  • Page 238: Figure 4.245Switching > Spanning Tree > Mst Port

    To access this page, click Switching > Spanning Tree > MST Port. Figure 4.245 Switching > Spanning Tree > MST Port The following table describes the items in the previous figure. Item Description MST ID The menu contains the ID of each MST instance that has been created on the device.

  • Page 239: Figure 4.246Switching > Spanning Tree > Cst

    Item Description Description A user-configured description of the port. Refresh Click Refresh to update the screen. Edit Click Edit to edit the selected entries. Details Click Details to open a window and display additional information for the selected interface. 4.4.19.4 Use the Spanning Tree CST Configuration page to configure the Common Spanning Tree (CST) settings.

  • Page 240: Figure 4.247Switching > Spanning Tree > Cst Port

    Item Description Spanning Tree Tx The maximum number of BPDUs that a bridge is allowed to send Hold Count within a hello time window. Bridge Identifier A unique value that is automatically generated based on the bridge pri- ority value and the base MAC address of the bridge. When electing the root bridge for the spanning tree, if the bridge priorities for multiple bridges are equal, the bridge with the lowest MAC address is elected as the root bridge.
  • Page 241 The following table describes the items in the previous figure. Item Description Interface The port or link aggregation group (LAG) associated with the rest of the data in the row. When configuring CST settings for an interface, this field identifies the interface being configured. Port Role The role of the port within the CST, which is one of the following: ...

  • Page 242: Figure 4.248Switching > Spanning Tree > Statistics

    To access this page, click Switching > Spanning Tree > Statistics. Figure 4.248 Switching > Spanning Tree > Statistics The following table describes the items in the previous figure. Item Description Interface The port or link aggregation group (LAG) associated with the rest of the data in the row.

  • Page 243: Figure 4.249Switching > Vlan > Status

    To access this page, click Switching > VLAN > Status. Note! You cannot remove or rename VLAN 1. Figure 4.249 Switching > VLAN > Status The following table describes the items in the previous figure. Item Description VLAN ID The unique VLAN identifier (VID). Name A user-configurable name that identifies the VLAN.

  • Page 244: Figure 4.250Switching > Vlan > Status > Add

    Click Switching > VLAN > Status > Add. Figure 4.250 Switching > VLAN > Status > Add The following table describes the items in the previous figure. Item Description VLAN ID or Range Specify VLAN ID(s). Use '-' to specify a range and ',' to separate VLAN IDs or VLAN ranges in the list.

  • Page 245: Figure 4.252Switching > Vlan > Port Summary

    Item Description Participation The participation mode of the interface in the selected VLAN, which is one of the following:  Include: The port is always a member of the selected VLAN. This mode is equivalent to registration fixed in the IEEE 802.1Q stan- dard.
  • Page 246 Item Description Acceptable Frame Indicates how the interface handles untagged and priority tagged Type frames. The options include the following:  Admit All: Untagged and priority tagged frames received on the interface are accepted and assigned the value of the Port VLAN ID for this interface.

  • Page 247: Figure 4.253Switching > Vlan > Switchport Summary

    To access this page, click Switching > VLAN > Switchport Summary. Figure 4.253 Switching > VLAN > Switchport Summary The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. When editing information for one or more interfaces, this field identifies the interfaces that are being configured.

  • Page 248: Figure 4.254Switching > Vlan > Internal Usage

    4.4.20.5 Internal Usage Use the VLAN Internal Usage page to configure which VLAN IDs to use for port- based routing interfaces. When a port-based routing interface is created, an unused VLAN ID is assigned internally. This page also displays a list of VLANs assigned to routing interfaces.

  • Page 249: Figure 4.256Switching > Vlan > Status

    To access this page, click Switching > VLAN > RSPAN. Figure 4.256 Switching > VLAN > Status The following table describes the items in the previous figure. Item Description RSPAN VLAN Click the drop-down menu to select the VLAN to use as the RSAN VLAN.

  • Page 250: Mac Based Vlan

    Click Switching > IP Subnet Based VLAN > Status > Add. Figure 4.258 Switching > IP Subnet Based VLAN > Status > Add The following table describes the items in the previous figure. Item Description IP Address The network address for the IP subnet. All incoming untagged packets that have a source IP address within the defined subnetwork are placed in the same VLAN.

  • Page 251: Figure 4.260Switching > Mac Based Vlan > Status > Add

    To add a new MAC-based VLAN: Click Switching > MAC Based VLAN > Status > Add. Figure 4.260 Switching > MAC Based VLAN > Status > Add The following table describes the items in the previous figure. Item Description MAC Address The source MAC address of the host.
  • Page 252 Item Description VLAN The VLAN ID associated with the PBVLAN. VLAN tagging for the PBV- LAN works as follows:  If the frame received over a port is tagged, normal processing takes place.  If the frame received over a port is untagged, the frame type is matched according to the protocol(s) assigned to the group on that port.
  • Page 253 The following table describes the items in the previous figure. Item Description Group Name The user-configured name that identifies the PBVLAN group. VLAN The VLAN ID associated with the PBVLAN. VLAN tagging for the PBV- LAN works as follows:  If the frame received over a port is tagged, normal processing takes place.

  • Page 254: Private Vlan

    Item Description VLAN The VLAN ID associated with the PBVLAN. Untagged traffic that matches the protocol criteria is tagged with this VLAN ID. Protocol The protocol or protocols to use as the match criteria to determine whether a particular packet belongs to the PBVLAN. The protocols in this list are checked against the two-byte EtherType field of ingress Ethernet frames on the PVBLAN Group Interfaces.

  • Page 255: Figure 4.264Switching > Private Vlan > Configuration

    To access this page, click Switching > Private VLAN > Configuration. Figure 4.264 Switching > Private VLAN > Configuration The following table describes the items in the previous figure. Item Description VLAN ID The ID of the VLAN that exists on the device. Type The private VLAN type, which is one of the following: ...

  • Page 256: Figure 4.266Switching > Private Vlan > Association

    4.4.24.2 Association Use the Private VLAN Association page to configure the association between the pri- mary VLAN and secondary VLANs. Associating a secondary VLAN with a primary VLAN allows host ports in the secondary VLAN to communicate outside the private VLAN.
  • Page 257 The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. When editing interface settings, this field identifies the interface being config- ured. Mode The private VLAN mode of the interface, which is one of the following: ...

  • Page 258: X-Ring Pro

    4.4.25 X-Ring Pro 4.4.25.1 Configuration Use the X-Ring Pro Configuration page to view and configure the X-Ring settings. To access this page, click Switching > X-Ring Pro > Configuration. Figure 4.268 Switching > X-Ring Pro > Configuration The following table describes the items in the previous figure. Item Description Ring ID...

  • Page 259: Figure 4.270Switching > X-Ring Pro > Status

    The following table describes the items in the previous figure. Item Description Ring ID Specifies a number ranging from 1 to 99 to identify a given X-Ring Pro group. Ring Mode Specifies the mode of the X-Ring Pro group. The value is either "Ring" or "Coupling".

  • Page 260: Routing

    Item Description Interface 1 Specifies the first member interface for the X-Ring Pro group. The value is either physical port or LAG (Link-Aggregation-Group) port. Interface 2 Specifies the secondary member interface for the X-Ring Pro group.  For the X-Ring Pro group denoted as “Ring”, the value is either physical port or LAG (Link-Aggregation-Group) port.

  • Page 261: Figure 4.271Routing > Arp Table > Summary

    the requestor, who stores the sender information in its ARP cache. Newer information always replaces existing content in the ARP cache. The number of supported ARP entries is platform-dependent. Devices can be moved in a network, which means the IP address that was at one time associated with a certain MAC address is now found using a different MAC, or may have disappeared from the network altogether (i.e., it has been reconfigured, disconnected, or powered off).

  • Page 262: Figure 4.272Routing > Arp Table > Summary > Add

    Click Routing > ARP Table > Summary > Add. Figure 4.272 Routing > ARP Table > Summary > Add The following table describes the items in the previous figure. Item Description IP Address The IP address of a network host on a subnet attached to one of the device's routing interfaces.

  • Page 263: Figure 4.274Routing > Arp Table > Statistics

    To access this page, click Routing > ARP Table > Statistics. Figure 4.274 Routing > ARP Table > Statistics The following table describes the items in the previous figure. Item Description Total Entry Count The total number of entries currently in the ARP table. The number includes both dynamically learned entries and statically configured entries.
  • Page 264 The following table describes the items in the previous figure. Item Description Routing Mode The administrative mode of routing on the device. The options are as follows:  Enable: The device can act as a Layer 3 device by routing pack- ets between interfaces configured for IP routing.

  • Page 265: Figure 4.276Routing > Ip > Interface Summary

    To access this page, click Routing > IP > Interface Summary. Figure 4.276 Routing > IP > Interface Summary The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. When viewing details about the routing settings for an interface, this field identifies the interface being viewed.

  • Page 266: Figure 4.277Routing > Ip > Interface Configuration

    To access this page, click Routing > IP > Interface Configuration. Figure 4.277 Routing > IP > Interface Configuration The following table describes the items in the previous figure. Item Description Interface The menu contains all non-loopback interfaces that can be configured for routing.
  • Page 267 Item Description IP Address The IP address of the interface. This field can be configured only when the selected IP Address Configuration Method is Manual. If the method is DHCP, the interface attempts to lease an IP address from a DHCP server on the network, and the IP address appears in this field (read- only) after it is acquired.

  • Page 268: Figure 4.278Routing > Ip > Statistics

    To access this page, click Routing > IP > Statistics. Figure 4.278 Routing > IP > Statistics The following table describes the items in the previous figure. Item Description IpInReceives The total number of input datagrams received from all routing inter- faces, including those datagrams received in error.
  • Page 269 Item Description IpOutDiscards The number of output IP datagrams for which no problem was encoun- tered to prevent their transmission to their destination, but which were discarded (e.g., for lack of buffer space). Note that this counter would include datagrams counted in ipForwDatagrams if any such packets met this (discretionary) discard criterion.

  • Page 270: Router

    Item Description IcmpOutErrors The number of ICMP messages which this entity did not send due to problems discovered within ICMP, such as a lack of buffers. This value should not include errors discovered outside the ICMP layer such as the inability of IP to route the resultant datagram. In some implementa- tions there may be no type of error that contributes to this counter's value.

  • Page 271: Figure 4.280Routing > Router > Configured Routes

    Item Description Next Hop IP The outgoing router IP address to use when forwarding traffic to the Address next router (if any) in the path towards the destination. The next router is always one of the adjacent neighbors or the IP address of the local interface for a directly-attached network.

  • Page 272: Figure 4.281Routing > Router > Configured Routes > Add

    Click Routing > Router > Configured Routes > Add. Figure 4.281 Routing > Router > Configured Routes > Add The following table describes the items in the previous figure. Item Description Route Type The type of route to configure, which is one of the following: ...

  • Page 273: Figure 4.282Routing > Router > Summary

    To access this page, click Routing > Router > Summary. Figure 4.282 Routing > Router > Summary The following table describes the items in the previous figure. Item Description Route Types Connected Routes The total number of connected routes in the IP routing table. Static Routes The total number of static routes in the IP routing table.

  • Page 274: Security

    Security 4.6.1 Port Access Control In port-based authentication mode, when 802.1x is enabled globally and on the port, successful authentication of any one supplicant attached to the port results in all users being able to use the port without restrictions. At any given time, only one sup- plicant is allowed to attempt authentication on a port in this mode.

  • Page 275: Figure 4.284Security > Port Access Control > Port Summary

    Item Description Monitor Mode The administrative mode of the Monitor Mode feature on the device. Monitor mode is a special mode that can be enabled in conjunction with port-based access control. Monitor mode provides a way for net- work administrators to identify possible issues with the port-based access control configuration on the device without affecting the net- work access to the users of the device.
  • Page 276 Item Description Control Mode The port-based access control mode configured on the port, which is one of the following:  Auto: The port is unauthorized until a successful authentication exchange has taken place.  Force Unauthorized: The port ignores supplicant authentication attempts and does not provide authentication services to the cli- ent.
  • Page 277 Item Description Edit Click Edit to edit the selected entries. Details Click Details to open a window and display additional information. 4.6.1.3 Port Configuration Use the Port Access Control Port Configuration page to enable and configure port access control on one or more ports. To access this page, click Security >...
  • Page 278 Item Description Authenticator Options Control Mode The port-based access control mode on the port, which is one of the following:  Auto: The port is unauthorized until a successful authentication exchange has taken place.  Force Unauthorized: The port ignores supplicant authentication attempts and does not provide authentication services to the cli- ent.

  • Page 279: Figure 4.286Security > Port Access Control > Port Details

    Item Description Supplicant Options Control Mode The port-based access control mode on the port, which is one of the following:  Auto: The port is in an unauthorized state until a successful authentication exchange has taken place between the supplicant port, the authenticator port, and the authentication server.
  • Page 280 Item Description PAE Capabilities The Port Access Entity (PAE) role, which is one of the following:  Authenticator: The port enforces authentication and passes authentication information from a remote supplicant (client or host) to the authentication server. If the server successfully authenticates the supplicant, the port allows access.

  • Page 281: Figure 4.287Security > Port Access Control > Statistics

    Item Description Maximum Users The maximum number of clients supported on the port if the Control Mode on the port is MAC-based 802.1X authentication. Refresh Click Refresh to update the screen. 4.6.1.5 Statistics Use the Port Access Control Statistics page to view information about the Extensible Authentication Protocol over LAN (EAPOL) frames and EAP messages sent and received by the local interfaces.
  • Page 282 To access this page, click Security > Port Access Control > Client Summary. Figure 4.288 Security > Port Access Control > Client Summary The following table describes the items in the previous figure. Item Description Interface The local interface associated with the rest of the data in the row. When viewing detailed information for an interface, this field identifies the interface being viewed.

  • Page 283: Summary

    Item Description Users The users that are allowed access to the system through the associ- ated port. When configuring user access for a port, the Available Users field lists the users configured on the system that are denied access to the port.

  • Page 284: Figure 4.291Security > Radius > Configuration

     Port Access Control (802.1X) 4.6.2.1 Configuration Use the RADIUS Configuration page to view and configure various settings for the RADIUS servers configured on the system. To access this page, click Security > RADIUS > Configuration. Figure 4.291 Security > RADIUS > Configuration The following table describes the items in the previous figure.

  • Page 285: Figure 4.293Security > Radius > Named Server > Add

    The following table describes the items in the previous figure. Item Description Current Indicates whether the RADIUS server is the current server (True) or a backup server (False) within its group. If more than one RADIUS server is configured with the same Server Name, the device selects one of the servers to be the current server in the named server group.

  • Page 286: Figure 4.294Security > Radius > Statistics

    The following table describes the items in the previous figure. Item Description IP Address/Host The IP address or host name of the RADIUS server. Host names must Name be resolvable by DNS and are composed of a series of labels sepa- rated by dots.

  • Page 287: Figure 4.295Security > Radius > Accounting Server

    Item Description Pending Requests The number of RADIUS Access-Request packets destined for the server that have not yet timed out or received a response. Timeouts The number of times a response was not received from the server within the configured timeout value. Packets Dropped The number of RADIUS packets received from the server on the authentication port and dropped for some other reason.

  • Page 288: Figure 4.297Security > Radius > Accounting Statistics

    The following table describes the items in the previous figure. Item Description IP Address/Host The IP address or host name of the RADIUS accounting server. Host Name names must be resolvable by DNS and are composed of a series of labels separated by dots.

  • Page 289: Figure 4.298Security > Radius > Clear Statistics

    To access this page, click Security > RADIUS > Clear Statistics. Figure 4.298 Security > RADIUS > Clear Statistics The following table describes the items in the previous figure. Item Description Reset Click Reset to clear all RADIUS authentication and RAIDUS account- ing server statistics.

  • Page 290: Figure 4.300Security > Tacacs+ > Configuration

    To access this page, click Security > TACACS+ > Configuration. Figure 4.300 Security > TACACS+ > Configuration The following table describes the items in the previous figure. Item Description Key String Specifies the authentication and encryption key for TACACS+ commu- nications between the device and the TACACS+ server.

  • Page 291: Figure 4.302Security > Tacacs+ > Server Summary > Add

    Click Security > TACACS+ > Server Summary > Add. Figure 4.302 Security > TACACS+ > Server Summary > Add The following table describes the items in the previous figure. Item Description Server Specifies the TACACS+ Server IP address or Hostname. Priority Specifies the order in which the TACACS+ servers are used.

  • Page 292: Figure 4.304Security > Tacacs+ > Source Interface Configuration

    Item Description Refresh Click Refresh to update the screen. Cancel Click Cancel to restore default value. 4.6.3.4 Source Interface Configuration Use the TACACS+ Source Interface Configuration page to specify the physical or logical interface to use as the TACACS+ client source interface. When an IP address is configured on the source interface, this address is used for all TACACS+ communi- cations between the local TACACS+ client and the remote TACACS+ server.

  • Page 293: Figure 4.305Qos > Access Control Lists > Summary

    To access this page, click QoS > Access Control Lists > Summary. Figure 4.305 QoS > Access Control Lists > Summary The following table describes the items in the previous figure. Item Description ACL Identifier The name or number that identifies the ACL. The permitted identifier depends on the ACL type.

  • Page 294: Figure 4.306Qos > Access Control Lists > Summary > Add

    Click QoS > Access Control Lists > Summary > Add. Figure 4.306 QoS > Access Control Lists > Summary > Add The following table describes the items in the previous figure. Item Description ACL Type The type of ACL. The ACL type determines the criteria that can be used to match packets.

  • Page 295: Figure 4.307Qos > Access Control Lists > Configuration

    To access this page, click QoS > Access Control Lists > Configuration. Figure 4.307 QoS > Access Control Lists > Configuration The following table describes the items in the previous figure. Item Description ACL Identifier The menu contains the ID for each ACL that exists on the system. Before you add or remove a rule, you must select the ID of the ACL from the menu.

  • Page 296: Figure 4.308Qos > Access Control Lists > Configuration > Add Rule

    Item Description Action The action to take when a packet or frame matches the criteria in the rule:  Permit: The packet or frame is forwarded.  Deny: The packet or frame is dropped. NOTE: When configuring ACL rules in the Add Access Control List Rule window, the selected action determines which fields can be configured.
  • Page 297 Item Description Action The action to take when a packet or frame matches the criteria in the rule:  Permit: The packet or frame is forwarded.  Deny: The packet or frame is dropped. NOTE: When configuring ACL rules in the Add Access Control List Rule window, the selected action determines which fields can be configured.
  • Page 298 Item Description IGMP Type The TCP/UDP destination port to match in the packet header. Select one of the following options: Equal, Not Equal, Less Than, Greater Than, or Range and specify the port number or keyword. TCP port keywords include BGP, Domain, Echo, FTP, FTP Data, HTTP, SMTP, Telnet, WWW, POP2, and POP3.
  • Page 299 Item Description Every When this option is selected, all packets will match the rule and will be either permitted or denied. This option is exclusive to all other match criteria, so if Every is selected, no other match criteria can be config- ured.
  • Page 300 Item Description Every When this option is selected, all packets will match the rule and will be either permitted or denied. This option is exclusive to all other match criteria, so if Every is selected, no other match criteria can be config- ured.

  • Page 301: Figure 4.309Qos > Access Control Lists > Interfaces

    Item Description Time Range Name The name of the time range that will impose a time limitation on the ACL rule. If a time range with the specified name does not exist, and the ACL containing this ACL rule is associated with an interface, the ACL rule is applied immediately.

  • Page 302: Figure 4.310Qos > Access Control Lists > Interfaces > Add

    Item Description ACL Type The type of ACL. The ACL type determines the criteria that can be used to match packets. The type also determines which attributes can be applied to matching traffic. IPv4 ACLs classify Layer 3 and Layer 4 IPv4 traffic, IPv6 ACLs classify Layer 3 and Layer 4 IPv6 traffic, and MAC ACLs classify Layer 2 traffic.

  • Page 303: Figure 4.311Qos > Access Control Lists > Vlans

    Item Description ACL Identifier The name or number that identifies the ACL. When applying an ACL to an interface, the ACL Identifier menu includes only the ACLs within the selected ACL Type. Submit Click Submit to save the values. Cancel Click Cancel to close the window.

  • Page 304: Figure 4.312Qos > Access Control Lists > Vlans > Add

    Item Description Refresh Click Refresh to update the screen. Click Add to associate an ACL with a VLAN. Remove Click Remove to remove the association between a VLAN and an ACL. To associate an ACL with a VLAN: Click QoS > Access Control Lists > VLANs > Add. Figure 4.312 QoS >...

  • Page 305: Figure 4.313Qos > Class Of Service > Ip Dscp

    To access this page, click QoS > Class of Service > IP DSCP. Figure 4.313 QoS > Class of Service > IP DSCP The following table describes the items in the previous figure. Item Description Interface The interface to configure. To configure the same IP DSCP-to-Traffic Class mappings on all interfaces, select the Global menu option.

  • Page 306: Figure 4.315Qos > Class Of Service > Queue

    Item Description Trust Mode The trust mode for ingress traffic on the interface, which is one of the following:  untrusted: The interface ignores any priority designations encoded in incoming packets, and instead sends the packets to a traffic queue based on the ingress port's default priority. ...

  • Page 307: Figure 4.316Qos > Class Of Service > Drop Precedence

    Item Description Minimum Bandwidth The minimum guaranteed bandwidth allocated to the selected queue on the interface. Setting this value higher than its corresponding Maxi- mum Bandwidth automatically increases the maximum to the same value. A zero value (0) means no guaranteed minimum. The sum of individual Minimum Bandwidth values for all queues in the selected interface cannot exceed defined maximum 100.

  • Page 308: Diffserv

    Item Description WRED Minimum The minimum queue threshold below which now packets are dropped Threshold for the associated drop precedence level. After the minimum is reached, WRED randomly drops packets based on their priority (DSCP or IP precedence). This setting applies to the interface if it is configured with a WRED queue management type.

  • Page 309: Figure 4.318Qos > Diffserv > Class Summary

    Item Description Policy Table The current and maximum number of policy entries in the table. The policy determines the traffic conditioning or service provisioning actions applied to a traffic class. Policy Instance The current and maximum number of policy-class instance entries in Table the table.

  • Page 310: Figure 4.319Qos > Diffserv > Class Summary > Add

    Click QoS > Diffserv > Class Summary > Add. Figure 4.319 QoS > Diffserv > Class Summary > Add The following table describes the items in the previous figure. Item Description Class Enter the name of the DiffServ class. Type The class type, which is one of the following: ...

  • Page 311: Figure 4.321Qos > Diffserv > Class Configuration > Add Match Criteria

    Item Description Value The configured value of the match criteria that corresponds to the match type. Refresh Click Refresh to update the screen. Add Match Criteria Click Add Match Criteria to define criteria for matching packets within a class. Remove Reference Click Remove Reference Class to remove the associated reference Class class from the selected class.
  • Page 312 Item Description VLAN Select this option to require a packet's VLAN ID to match a VLAN ID or a VLAN ID within a continuous range. If you configure a range, a match occurs if a packet's VLAN ID is the same as any VLAN ID within the range.
  • Page 313 Item Description Source IPv6 Select this option to require the source IPv6 address in a packet Address header to match the specified values. After you select this option, use the following fields to configure the source IPv6 address match criteria: ...

  • Page 314: Figure 4.322Qos > Diffserv > Policy Summary

    Item Description Protocol Select this option to require a packet header's Layer 4 protocol to match the specified value. After you select this option, use one of the following fields to configure the protocol match criteria:  Protocol: The L4 keyword that corresponds to value of the IANA protocol number to match.

  • Page 315: Figure 4.323Qos > Diffserv > Policy Summary > Add

    Click QoS > Diffserv > Policy Summary > Add. Figure 4.323 QoS > Diffserv > Policy Summary > Add The following table describes the items in the previous figure. Item Description Policy Enter the name of the policy. Type The traffic flow direction to which the policy is applied: ...
  • Page 316 To add a class to the policy: Click QoS > Diffserv > Policy Configuration > Add Class. Figure 4.325 QoS > Diffserv > Policy Configuration > Add Class The following table describes the items in the previous figure. Item Description Policy The name of the policy.
  • Page 317 Item Description Mark CoS Select this option to mark all packets in a traffic stream with the speci- fied Class of Service (CoS) queue value. Use the Class of Service field to select the CoS value to mark in the priority field of the 802.1p header (the only tag in a single tagged packet or the first or outer 802.1Q tag of a double VLAN tagged packet).
  • Page 318 Item Description Police Single Rate Select this option to enable the single-rate traffic policing style for the policy-class. The single-rate form of the police attribute uses a single data rate and two burst sizes, resulting in three outcomes (conform, exceed, and violate). After you select this option, configure the follow- ing policing criteria: ...

  • Page 319: Figure 4.327Qos > Diffserv > Service Summary

    Item Description Police Two Rate Select this option to enable the two-rate traffic policing style for the pol- icy-class. The two-rate form of the police attribute uses two data rates and two burst sizes. Only the smaller of the two data rates is intended to be guaranteed.

  • Page 320: Figure 4.328Qos > Diffserv > Service Summary > Add

    Item Description Direction The traffic flow direction to which the policy is applied:  Inbound: The policy is applied to traffic as it enters the interface.  Outbound: The policy is applied to traffic as it exits the interface. Status The status of the policy on the interface.

  • Page 321: Figure 4.330Qos > Diffserv > Policy Statistics

    The following table describes the items in the previous figure. Item Description Interface The interface associated with the rest of the data in the row. The table displays all interfaces that have a DiffServ policy currently attached in a traffic flow direction. Direction The traffic flow direction to which the policy is applied: ...
  • Page 322 Appendix Troubleshooting...
  • Page 323 Troubleshooting  Verify that the device is using the right power cord/adapter (DC 24-110V); please do not use a power adapter with DC output higher than 110V, or the device may be damaged.  Select the proper UTP/STP cable to construct the user network. Use unshielded twisted-pair (UTP) or shield twisted-pair (STP) cable for M12 connections that depend on the connector type the switch equipped: 100R Category 3, 4 or 5 cable for 10Mbps connections, 100R Category 5 cable for 100Mbps connec-...
  • Page 324 No part of this publication may be reproduced in any form or by any means, electronic, photocopying, recording or otherwise, without prior written permis- sion of the publisher. All brand and product names are trademarks or registered trademarks of their respective companies. © Advantech Co., Ltd. 2016...

This manual is also suitable for:

Eki-9228g-8coi

Table of Contents