1. Manuals
  2. Brands
  3. IS5 COMMUNICATIONS Manuals
  4. Switch
  5. iES22GF
  6. User manual

IS5 COMMUNICATIONS iES22GF User Manual

Intelligent 20 ports configurable gigabit ethernet switch
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
iES22GF User's Manual
Intelligent
20 Ports Configurable
Gigabit Ethernet Switch
Version 1.8
May 2017

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the iES22GF and is the answer not in the manual?

Questions and answers

Related Manuals for IS5 COMMUNICATIONS iES22GF

Summary of Contents for IS5 COMMUNICATIONS iES22GF

  • Page 1 User’s Manual Intelligent 20 Ports Configurable Gigabit Ethernet Switch Version 1.8 May 2017...

  • Page 2: Copyright Notice

    User’s Manual COPYRIGHT NOTICE Copyright © 2013 iS5 Communications Inc. All rights reserved. No part of this publication may be reproduced in any form without the prior written consent of iS5 Communications Inc. (iS5). TRADEMARKS iS5Com is a registered trademark of iS5. All other trademarks belong to their respective owners.

  • Page 3: Table Of Contents

    2.1.1 Mounting the iES22GF on a DIN-Rail ................10 Wall Mount Installation ..................... 10 2.2.1 Mounting the iES22GF on a Wall or Panel ..............10 Hardware Overview ....................12 Front Panel ........................12 Front Panel LED ....................... 13 Bottom view Panel ......................13 Rear Panel ........................
  • Page 4 User’s Manual iChain ..........................23 5.2.1 Introduction ........................23 5.2.2 Configurations ....................... 23 iBridge ..........................24 5.3.1 Introduction ........................24 5.3.2 Configurations ....................... 25 STP/RSTP/MSTP ......................26 5.4.1 STP/RSTP ........................26 5.4.2 MSTP ........................... 29 5.4.3 CIST ..........................32 MRP (NOTE: Feature available on request) ..............
  • Page 5 User’s Manual 6.3.2 Port Trunk ........................58 6.3.3 Loop Protection ......................62 Redundancy ........................63 6.4.1 MRP (NOTE: Feature available on request) ............... 63 6.4.2 iRing ..........................64 6.4.3 iChain ..........................65 6.4.4 iBridge ........................... 66 6.4.5 RSTP ..........................66 6.4.6...
  • Page 6 Command Line Interface Management ..............182 CLI Management by RS-232 Serial Console (115200, 8, none, 1, none) ..........182 CLI M anagement by Telnet ......................184 Command Groups ........................185 Technical Specifications ..................201 Appendix A: iES22GF Modbus Information ............203 iS5 Communications Inc.

  • Page 7: Fcc Statement And Cautions

    This product contains no user-serviceable parts. Attempted service by unauthorized personnel shall render all warranties null and void. Changes or modifications not expressly approved by iS5 Communications Inc. could invalidate specifications, test results, and agency approvals, and void the user's authority to operate the equipment.

  • Page 8: Getting Started

    Started 1.1. About iES22GF The iES22GF is a DIN Rail Ethernet switches optimized for harsh environments and comply with IEC 61850 applications. The robust iES22GF switches are designed for power substation and rolling stock applications. The iES22GF is furnished with functionality that boasts a faster forwarding hardware platform with complete support for Ethernet redundancy protocols such as iRing (recovery time <...

  • Page 9: Hardware Specifications

    User’s Manual Supports HTTPS/SSH protocol to enhance network security Supports SMTP client Supports IP-based bandwidth management Supports application-based QoS management Supports Device Binding security function Supports DOS/DDOS auto prevention Supports IGMP v2/v3 (IGMP snooping support) for filtering multicast traffic Support SNMP v1/v2c/v3 &...

  • Page 10: Hardware Installation

    The switch can also be panel or wall mounted. The following steps show how to mount the switch on a panel or wall. 2.2.1 Mounting the iES22GF on a Wall or Panel Option 1: Fix mounting brackets to the side of switch using the 4 screws included in the package.
  • Page 11 User’s Manual Option 2: Fix mounting brackets to back of switch using 4 screws included in the package. Note: To avoid damage to the unit please use the screws provided to mount the panel mount iS5 Communications Inc.

  • Page 12: Hardware Overview

    User’s Manual Hardware Overview 3.1 Front Panel The following table describes the labels that stick on the iES22GF series. Port Description SFP ports 12 x 100 /1000Base-X SFP ports Copper 8 x10/100/1000Base-T(X) Port Console Use RS-232 with RJ-45 connecter to manage switch.

  • Page 13: Front Panel Led

    User’s Manual 3.1 Front Panel LED Color Status Description Green DC power module up Green DC power module 1activated. Green DC Power module 2activated. Green Ring Master. Ring enabled. Ring has only One link. (lack Ring Green Slowly blinking of one link to build the ring.)
  • Page 14 Failsafe Relay (Normally Closed) contact. Chassis Ground Connection The iES22GF chassis ground connection, located next to the terminal block, uses a #6-32 Screw. We recommend terminating the ground connection using a #6 ring lug, and a torque setting of 15 in.lbs (1.7Nm).

  • Page 15: Rear Panel

    The components on the side of the iES10G are shown below: 1. Screw holes (4) for wall mount kit. Cables 4.1 Ethernet Cables The iES22GF switch has standard Ethernet ports. According to the link type, the switches use CAT 3, 4, 5,5e UTP iS5 Communications Inc.

  • Page 16: 1000/100Base-Tx/10Base-T Pin Assignments

    Not used 1000 Base-T RJ-45 Pin Assignments: Pin Number Assignment BI_DA+ BI_DA- BI_DB+ BI_DC+ BI_DC- BI_DB- BI_DD+ BI_DD- The iES22GF supports auto MDI/MDI- X operation. You can use a cable to connect the switch to a PC. The iS5 Communications Inc.

  • Page 17: Sfp

    User’s Manual table below shows the 10BASE-T/ 100BASE-TX MDI and MDI- X port pin outs. 10/100 Base-T(X) MDI/MDI- X Pin Assignments: Pin Number M DI port M DI-X port TD+(transmit) RD+(receive) TD-(transmit) RD-(receive) RD+(receive) TD+(transmit) Not used Not used...

  • Page 18: Console Cable

    4.3 Console Cable The iES22GF can be managed via the console port using the RS-232 cable supplied with the switch. Connect the port to a PC using the RS-232 cable with a DB-9 female connector. The DB-9 female connector of the RS-232 cable should be connected the PC while the other end of the cable (RJ-45 connector) should be connected to the console port of the switch.

  • Page 19: Redundancy

    User’s Manual Redundancy Redundancy to minimize system downtime is one of the most important concerns for industrial networking devices. iRing and iBridge feature faster recovery times compared to the existing redundancy technologies widely used in commercial applications, such as STP, RSTP, and MSTP. The proprietary redundancy technologies not only support different networking topologies, but also assure the reliability of the network.

  • Page 20: Coupling Ring

    User’s Manual Coupling Ring 5.1.2 If two iRing topologies exist and you would like to connect the rings, a coupling ring can be formed. Select two switches from each ring to be connected, for example, switch A and B from Ring 1 and switch C and D from Ring 2, then decide which port on each switch will be used as the coupling ports and then link them together.

  • Page 21: Dual Homing

    User’s Manual Dual Homing 5.1.3 Dual Homing is used to connect a ring topology to a RSTP network environment. Choose the two switches (Switch A & B) from the ring to connect the switches in the RSTP network (backbone switches).
  • Page 22 User’s Manual Label Description Check to enable iRing topology. iRing Only one ring master is allowed in a ring. However, if more than one switch is set to enable Ring Master, the switch with the lowest Ring Master MAC address will be the active ring master and the others will be backup masters.

  • Page 23: Ichain

    User’s Manual 5.2 iChain Introduction 5.2.1 iChain is a revolutionary network redundancy technology which enhances network redundancy for any backbone network, providing ease-of-use and maximum fault-recovery times, flexibility, compatibility, and cost-effectiveness. The self-healing Ethernet technology designed for distributed and complex industrial networks enables the network to recover in less than 30 milliseconds (in full- duplex Gigabit operation) or 10 milliseconds (in full-duplex Fast Ethernet operation) for up to 250 switches if at any time a segment of the chain fails.

  • Page 24: Ibridge

    Moxx, Advantexx, Hirshmaxx, Soltexx. Three or more switches can be connected together to form a ring topology with network redundancy capabilities by following the steps below. The iES22GF should be connected to same vendor on both Ring Ports.

  • Page 25: Configurations

    User’s Manual iRing Backup Patch 5.3.2 Configurations iBridge is very easy to configure and manage. Only one edge port of the edge switch needs to be defined. Other switches beside them just need to have iBridge enabled. Label Description...

  • Page 26: Stp/Rstp/Mstp

    User’s Manual 5.4 STP/RSTP/MSTP 5.4.1 STP/RSTP STP (Spanning T r e e Protocol), and its ad van ced v e r s io n s RSTP (Rapid Spanning Tree Protocol) and MSTP (Multiple Spanning Tree Protocol), are designed to prevent network loops and provide network redundancy.
  • Page 27 User’s Manual This page displays the STP port status for the currently selected switch. Label Description The switch port number to which the following settings will be Port applied. The current STP port role of the CIST port. The values include: CIST Role AlternatePort, BackupPort, RootPort, and DesignatedPort.
  • Page 28 User’s Manual The number of RSTP configuration BPDU’s received/transmitted RSTP on the port The number of legacy STP configuration BPDU’s received/transmitted on the port The number of (legacy) topology change notifications BPDU’s received/transmitted on the port The number of unknown spanning tree BPDUs received (and Discarded Unknown discarded) on the port.

  • Page 29: Mstp

    User’s Manual This defines the initial value of remaining hops for MSTI information generated at the boundary of an MSTI region. It defines how many Maximum Hop Count bridges a root bridge can distribute its BPDU information to. The range of valid values is 4 to 30 seconds, and MaxAge must be <= (FwdDelay-1)*2.
  • Page 30 User’s Manual Label Description The switch port number of the corresponding STP CIST (and Port MSTI) port Configures the path cost incurred by the port. Auto will set the path cost according to the physical link speed by using the 802.1D- recommended values.
  • Page 31 User’s Manual Mapping This page allows you to examine and change the configurations of current STP MSTI bridge instances. Label Description The name which identifies the VLAN to MSTI mapping. Bridges must share the name and revision (see below), as well as the VLAN-to-...

  • Page 32: Cist

    User’s Manual Priority This page allows you to examine and change the configurations of current STP MSTI bridge instance priorities. Label Description The bridge instance. CIST is the default instance, which is always active. M STI Indicates bridge priority. The lower the value, the higher th e priority.
  • Page 33 User’s Manual Port Settings Label Description The switch port number to which the following settings will be Port applied. STP Enabled Check to enable STP for the port Configures the path cost incurred by the port. Auto will set the path cost according to the physical link speed by using the 802.1D-...
  • Page 34 User’s Manual When enabled, the port will not be selected as root port for CIST or any MSTI, even if it has the best spanning tree priority vector. Such a port will be selected as an alternate port after the root port has been selected.

  • Page 35: Mrp (Note: Feature Available On Request)

    Chooses the port which connects to the MRP ring. Fast Recovery Fast recovery mode can be set to connect multiple ports to one or more switches. iES22GF with fast recovery modes will provide redundant links. Fast recovery mode supports 12 priorities. Only the first priority will be the active port, the other ports with different priorities will be backup ports.

  • Page 36: Dual Port Recovery

    Dual Port Recovery mode is defined to work with unmanaged devices/switches or ring of switches. This feature can be set to on single port of switches on both sides of unmanaged ring. The iES22GF with Dual Port Recovery mode will provide redundant links.

  • Page 37: Configuration

    User’s Manual In Dual Port Recovery function if link of port in “Forwarding” state goes down, the “backup” port is changing its state to be forwarding, like in picture below. The disconnected port changes its status to “No Link”...
  • Page 38 User’s Manual Dual Port Recovery interface Label Description Enable Activate the Dual Port Recovery mode. Active Port Choosing the port which connects to the unmanaged switch/ring of switches. Note: User need to select one port to be Active Port on each of two devices of each side.

  • Page 39: Management

    User’s Manual Management The switch can be controlled using a built-in web server that supports Internet Explorer (Internet Explorer 5.0 or above versions) and other Web browsers such as Chrome. Management and configuration of the switch can easily be done remotely. Firmware upgrades may also be done using the web browser.

  • Page 40: Basic Settings

    User’s Manual Type in the username and password. The default username and password is admin/admin. Click Enter or OK button, the management Web page appears. Note: Session timeout is 10 minutes. On the right hand side of the management interface it shows links to various settings. Click on the links to access the configuration pages to different functions.

  • Page 41: Admin Password

    User’s Manual Label Description An administratively assigned name for the managed node. By convention, this is the node's fully-qualified domain name. A domain name is a text string consisting of alphabets (A-Z, a-z), digits (0-9), System Name and minus sign (-). Space is not allowed to be part of the name. The first character must be an alpha character.

  • Page 42: Authentication Method

    User’s Manual The existing password. If this is incorrect, you cannot set the new Old Password password. The new system password. The allowed string length is 0 to 31, and only New Password ASCII characters from 32 to 126 are allowed.
  • Page 43 User’s Manual Label Description Enable the DHCP client by checking this box. If DHCP fails and the configured IP address is zero, DHCP will retry. If DHCP fails and the configured IP address is non-zero, DHCP will stop and DHCP Client the configured IP settings will be used.

  • Page 44: Daylight Saving Time

    User’s Manual 6.1.5 Daylight Saving Time This page allows you to configure the Time Zone. Label Description Lists various Time Zones worldwide. Select appropriate Time Zone from Time Zone Configuration the drop down and click Save to set. The user can set the acronym of the time zone. This is a User configurable Time Zone Acronym acronym to identify the time zone.

  • Page 45: Https

    User’s Manual Non-Recurring: The Daylight Saving Time duration configuration will be for used once.  Week - Select the starting week number. (Recurring)  Day - Select the starting day. (Recurring)  Month - Select the starting month. ...

  • Page 46: Ssh

    User’s Manual Click to undo any changes made locally and revert to previously Reset saved values 6.1.7 SSH Configure SSH settings in the following page. Label Description Indicates the selected SSH mode. The modes include: Mode Enabled: enable SSH.

  • Page 47: Lldp Neighbor Information

    User’s Manual Indicates the selected LLDP mode Rx only: the switch will not send out LLDP information, but LLDP information from its neighbors will be analyzed. Tx only: the switch will drop LLDP information received from its neighbors, but will send out LLDP information.
  • Page 48 User’s Manual Description of the neighbor's capabilities. The capabilities include: 1. Other 2. Repeater 3. Bridge System Capabilities 4. WLAN Access Point 5. Router 6. Telephone 7. DOCSIS Cable Device 8. Station Only 9. Reserved When a capability is enabled, a (+) will be displayed. If the capability is disabled, a (-) will be displayed.
  • Page 49 User’s Manual Global Counters Label Description Neighbor entries Shows the time when the last entry was deleted or added. were last changed at Total Neighbors Shows the number of new entries added since switch reboot Entries Added Total Neighbors...

  • Page 50: Modbus Tcp

    User’s Manual Click to clear the local counters. All counters (including global Clear counters) are cleared upon reboot. Check to enable an automatic refresh of the page at regular Auto-refresh intervals 6.1.9 Modbus TCP This page shows Modbus TCP support of the switch. (For more information regarding Modbus, please visit http://www.modbus.org/)

  • Page 51: Dhcp Server

    User’s Manual the software image is uploaded, a page announces that the firmware update is initiated. After about a minute, the firmware is updated and the switch restarts. Warning: While the firmware is being updated, Web access appears to be defunct.

  • Page 52: Dhcp Dynamic Client List

    User’s Manual End IP Address The Last IP address of IP pool. Subnet Mask The subnet mask. Router The IP address of the gateway. The IP address of the Domain Name Server. Lease Time Lease timer counted in seconds.

  • Page 53: Dhcp Relay Agent

    User’s Manual You can assign a specific IP address within the dynamic IP range to a specific port. When a device is connected to the port and requests for dynamic IP assigning, the switch will assign the IP address that has previously been assigned to the connected device.
  • Page 54 User’s Manual Relay Label Description Indicates the existing DHCP relay mode. The modes include: Enabled: activate DHCP relay. When DHCP relay is enabled, the agent forward and transfers DHCP messages between clients and the server Relay Mode when they are not in the same subnet domain, in order to prevent the DHCP broadcast message from flooding for security considerations.
  • Page 55 User’s Manual Replace: replace the original relay information when a DHCP message containing the information is received. Keep: keep the original relay information when a DHCP message containing the information is received. Drop: drop the package when a DHCP message containing the information is received.

  • Page 56: Port Setting

    User’s Manual The number of packets whose relay agent information is Keep Agent Option retained The number of packets dropped when received messages contain Drop Agent Option relay agent information. 6.3 Port Setting Port Setting allows you to manage individual ports of the switch, including traffic, power, and trunks.
  • Page 57 User’s Manual When Auto Speed is selected for a port, this section indicates the flow control capability that is advertised to the link partner. When a fixed-speed setting is selected, that is what is used. The Current Rx column indicates whether pause frames on the port are obeyed, and...

  • Page 58: Port Trunk

    User’s Manual 6.3.2 Port Trunk Configuration This page allows you to configure the aggregation hash mode and the aggregation group. Label Description Calculates the destination port of the frame. You can check this box to enable the source MAC address, or uncheck to disable. By default, Source M AC Address Source M AC Address is enabled.

  • Page 59: Lacp Port

    User’s Manual Label Description Indicates the ID of each aggregation group. Normal means no Group ID aggregation. Only one group ID is valid per port. Lists each switch port for each group ID. Select a radio button to include a port in an aggregation, or clear the radio button to remove the port from the aggregation.

  • Page 60: Lacp System Status

    User’s Manual The Key value varies with the port, ranging from 1 to 65535. Auto will set the key according to the physical link speed (10Mb = 1, 100Mb = 2, 1Gb = 3). Specific allows you to enter a user-defined value. Ports with the same key value can join in the same aggregation group, while ports with different keys cannot.

  • Page 61: Lacp Port Status

    User’s Manual Click to refresh the page immediately. Refresh Check to enable an automatic refresh of the page at regular Auto-refresh Intervals. LACP Port Status This page provides an overview of the LACP status for all ports. Label Description Switch port number.

  • Page 62: Loop Protection

    User’s Manual Label Description Switch port number. Port The number of LACP frames received at each port. LACP Received The number of LACP frames sent from each port. LACP Transmitted The number of unknown or illegal LACP frames discarded at each port.

  • Page 63: Redundancy

    User’s Manual Label Description Enable Loop Protection Activate loop protection functions (as a whole). The interval between each loop protection PDU sent to each port. The Transmission Time value must be between 1 to 10 seconds. The period (in seconds) for which a port will be kept disabled when a loop is detected (shutting down the port).

  • Page 64: Iring

    User’s Manual Label Description Enable Enables the MRP function. Every MRP topology needs a MRP manager. One MRP topology Manager can only have one Manager. If two or more switches are set to be Managers, the MRP topology will fail.

  • Page 65: Ichain

    User’s Manual Used for connecting multiple rings. A coupling ring needs four switches to build an active and a backup link. Links formed by the Coupling Port coupling ports will run in active/backup mode. Check t o e n a b l e D u a l Ho m in g. When D u a l H o m i n g i s enabled, the ring will be connected to normal switches through two RSTP links (ex: backbone Switch).

  • Page 66: Ibridge

    User’s Manual 6.4.4 iBridge Use iBridge to connect 2 Ring networks. 6.4.5 RSTP The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol (STP). It provides faster convergence of spanning tree after a topology change. The system also supports STP and will detect a connected device that is running STP or RSTP protocol automatically.
  • Page 67 User’s Manual RSTP Port Setting This page allows the user to configure the current RSTP port configurations, and change them as well. The following table describes the labels for the RSTP Port Setting screen. Label Description Port The switch port number of the logical RSTP port Enabled Controls whether RSTP is enabled on this switch port.
  • Page 68 User’s Manual RSTP Bridge Status page The following table describes the labels for the RSTP Bridge Status screen. Label Description Auto-refresh Check this box to enable an automatic refresh of the page at regular intervals. Refresh Click to refresh the page immediately.

  • Page 69: Mstp

    User’s Manual Port Priority Which ports should be blocked by priority in LAN. A number 0 through 240. The value of priority must be the multiple of 16. Path Cost The cost of the path to the other bridge from this transmitting bridge at the specified port.
  • Page 70 User’s Manual Label Description The version of the STP protocol. Valid values include STP, RSTP and Protocol Version MSTP. Controls the bridge priority. Lower numeric values have better priority. The bridge priority plus the MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Priority Bridge Identifier.

  • Page 71: Msti Mapping

    User’s Manual Click to undo any changes made locally and revert to previously saved Reset values. MSTI Mapping This page allows you to examine and change the configurations of current STP MSTI bridge instances. Label Description The name which identifies the VLAN to MSTI mapping. Bridges must...

  • Page 72: Msti Priorities

    User’s Manual MSTI Priorities This page allows the user to inspect the current STP MSTI bridge instance priority configurations, and possibly change them as well. Label Description The bridge instance. CIST is the default instance, which is always active.
  • Page 73 User’s Manual Label Description The switch port number to which the following settings will be Port applied. STP Enabled Check to enable STP for the port Configures the path cost incurred by the port. Auto will set the path cost according to the physical link speed by using the 802.1D-...

  • Page 74: Msti Ports

    User’s Manual When enabled, the port will not be selected as root port for CIST or any MSTI, even if it has the best spanning tree priority vector. Such a port will be selected as an alternate port after the root port has been selected.
  • Page 75 User’s Manual Label Description The switch port number of the corresponding STP CIST (and MSTI) Port port Configures the path cost incurred by the port. Auto will set the path cost according to the physical link speed by using the 802.1D- recommended values.

  • Page 76: Bridge Status

    User’s Manual Bridge Status This page shows the status for all STP bridge instances. Label Description The bridge instance. Can also be linked to the STP detailed bridge status. M STI Bridge ID The bridge ID of this bridge instance.
  • Page 77 User’s Manual Label Description The switch port number to which the following settings will be Port applied. The current STP port role of the CIST port. The values include: CIST Role AlternatePort, BackupPort, RootPort, DesignatedPort, and Non-STP. The current STP port state of the CIST port. The values include: CIST State Blocking, Learning, and Forwarding.

  • Page 78: Fast Recovery

    User’s Manual 6.4.7 Fast Recovery Label Description Enable Enables fast recovery mode Ports can be set to 12 priorities. Only the port with the highest priority will Port be the active port. 1st Priority is the highest. Save Click to save the configurations.
  • Page 79 User’s Manual In Dual Port Recovery function if link of port in “Forwarding” state goes down, the “backup” port is changing its state to be forwarding, like in picture below. The disconnected port changes its status to “No Link”...

  • Page 80: Vlan

    User’s Manual devices of each side. Setting Interval time for sending keep alive messages (10-5000ms Test Interval default 10) Note: Test interval should be the same on both sides. Test Max Retry Set the maximum number of lost frames to start Dual Port Recovery mechanism (1-500 retries default 3 ) Note: Test Max Retry should be the same on both sides.

  • Page 81: Port Configurations

    User’s Manual Click to add a new VLAN ID. An empty row is added to the table, and the VLAN can be configured as needed. Valid values for a VLAN ID are 1 through 4095. After clicking Save, the new VLAN will be enabled on the selected switch stack but contains no port members.
  • Page 82 User’s Manual Enable ingress filtering on a port by checking the box. This parameter affects VLAN ingress processing. If ingress filtering is enabled and the ingress Ingress Filtering port is not a member of the classified VLAN of the frame, the frame will be discarded.
  • Page 83 User’s Manual Introduction of Port Types Below is a detailed description of each port type, including Unaware, C-port, S-port, and S- custom-port. Ingress action Egress action When the port receives untagged frames, The TPID of a frame an untagged frame obtains a tag (based on...
  • Page 84 User’s Manual When the port receives untagged frames, The TPID of a frame an untagged frame obtains a tag (based on transmitted by PVID) and is forwarded. S-custom-port will be When the port receives tagged frames: set to a Self-customized...
  • Page 85 User’s Manual iS5 Communications Inc.
  • Page 86 User’s Manual Examples of VLAN Settings VLAN Access Mode: Switch A, Port 7 is VLAN Access mode = Untagged 20 Port 8 is VLAN Access mode = Untagged 10 Below are the switch settings. iS5 Communications Inc.
  • Page 87 User’s Manual VLAN 1Q Trunk Mode: Switch B, Port 1 = VLAN 1Qtrunk mode = tagged 10, 20 Port 2 = VLAN 1Qtrunk mode = tagged 10, 20 Below are the switch settings. iS5 Communications Inc.
  • Page 88 User’s Manual VLAN Hybrid Mode: Port 1 VLAN Hybrid mode = untagged 10 Tagged 10, 20 Below are the switch settings. iS5 Communications Inc.
  • Page 89 User’s Manual VLAN QinQ Mode: VLAN QinQ mode is usually adopted when there are unknown VLANs, as shown in the figure below VLAN “X” = Unknown VLAN iES22GF Port 1 VLAN Settings: iS5 Communications Inc.

  • Page 90: Private Vlan

    User’s Manual VLAN ID Settings When setting the management VLAN, only the same VLAN ID port can be used to control the switch. iES22GF VLAN Settings: 6.7.7 Private VLAN Private VLAN Membership Configuration The private VLAN membership configuration for the switch can be monitored and modified here.

  • Page 91: Port Isolation Configuration

    User’s Manual Description Label Check to delete the entry. It will be deleted during the next save. Delete Indicates the ID of this particular private VLAN. Private VLAN ID A row of check boxes for each port is displayed for each private VLAN ID.

  • Page 92: Snmp

    User’s Manual Label Description A check box is provided for each port of a private VLAN. When checked, port isolation is enabled for that port. Port Number When unchecked, port isolation is disabled for that port. By default, port isolation is disabled for all ports.
  • Page 93 User’s Manual Label Description Indicates existing SNMP mode. Possible modes include: Mode Enabled: enable SNMP mode Disabled: disable SNMP mode Indicates the supported SNMP version. Possible versions include: SNM P v1: supports SNMP version 1. Version SNM P v2c: supports SNMP version 2c.
  • Page 94 User’s Manual Label Description Indicates the trap destination mode operation. Possible modes are: Enabled: Enable SNMP trap mode operation. Trap Mode Disabled: Disable SNMP trap mode operation. Indicates the SNMP trap supported version. Possible versions are: SNMP v1: Set SNMP trap supported version 1.

  • Page 95: Snmp Community Configurations

    User’s Manual Indicates the SNMP trap inform mode. Possible modes include: Trap Inform Mode Enabled: enable SNMP trap inform mode Disabled: disable SNMP trap inform mode Trap Inform Configures the SNMP trap inform timeout. The allowed range is 0 to 2147.
  • Page 96 User’s Manual Name. Label Description Delete Check to delete the entry. It will be deleted during the next save. An octet string identifying the engine ID that this entry should belong to. The string must contain an even number between 10 and 64 hexadecimal digits, but all-zeros and all-'F's are not allowed.
  • Page 97 User’s Manual Indicates the authentication protocol that this entry should belong to. Possible authentication protocols include: None : no authentication protocol M D5: an optional flag to indicate that this user is using MD5 Authentication authentication protocol Protocol SHA: an optional flag to indicate that this user is using SHA...

  • Page 98: Snmp Group Configurations

    User’s Manual 6.6.4 SNMP Group Configurations This page allows you to configure SNMPv3 group table. The entry index keys are Security Model and Security Name. Label Description Delete Check to delete the entry. It will be deleted during the next save.

  • Page 99: Snmp View Configurations

    User’s Manual 6.6.5 SNMP View Configurations This page allows you to configure SNMPv3 view table. The entry index keys are View Name and OID Subtree. Label Description Delete Check to delete the entry. It will be deleted during the next save.

  • Page 100: Traffic Prioritization

    User’s Manual Label Description Delete Check to delete the entry. It will be deleted during the next save. A string identifying the group name that this entry should belong to. Group Name The allowed string length is 1 to 32, and only ASCII characters from 33 to 126 are allowed.

  • Page 101: Port Classification

    User’s Manual on the MAC Address table. The rate is 2^n, where n is equal to or less than 15, or "No Limit". The unit of the rate can be either pps (packets per second) or kpps (kilopackets per second). The configuration indicates the permitted packet rate for unicast, multicast, or broadcast traffic across the switch.
  • Page 102 User’s Manual Label Description Port The port number for which the configuration below applies Controls the default QoS class All frames are classified to a QoS class. There is a one to one mapping between QoS class, queue, and priority. A QoS class of 0 (zero) has the lowest priority.
  • Page 103 User’s Manual and DEI value in the tag. Otherwise the frame is classified to the default QoS class. The classified QoS class can be overruled by a QCL entry. Note: if the default QoS class has been dynamically changed, then the actual default QoS class is shown in parentheses after the configured default QoS class.

  • Page 104: Port Tag Remarking

    User’s Manual 6.7.3 Port Tag Remarking This page provides an overview of QoS Egress Port Tag Remarking for all switch ports. Label Description The switch port number to which the following settings will be applied. Port Click on the port number to configure tag remarking.

  • Page 105: Port Dscp

    User’s Manual 6.7.4 Port DSCP This page allows you to configure basic QoS Port DSCP Configuration settings for all switch ports . Label Description Shows the list of ports for which you can configure DSCP Ingress and Port Egress settings.

  • Page 106: Port Policing

    User’s Manual 6.7.5 Port Policing This page allows you to configure Policer settings for all switch ports. Label Description Port The port number for which the configuration below applies. Enable Check to enable the policer for individual switch ports.

  • Page 107: Port Scheduler

    User’s Manual Label Description Port The port number for which the configuration below applies. Enable(E) Check to enable queue policer for individual switch ports Configures the rate of each queue policer. The default value is 500. This value is restricted to 100 to 1000000 when the Unit is kbps, and is restricted to 1 to Rate 3300 when the Unit is Mbps.

  • Page 108: Port Shaping

    User’s Manual Label Description The switch port number to which the following settings will be applied. Port Click on the port number to configure the schedulers. Details for configuration can be found in the QoS Egress Port Scheduler and Shapers section.

  • Page 109: Strict Priority

    User’s Manual Strict Priority Label Description Controls whether the scheduler mode is Strict Priority or Scheduler Mode Weighted on this switch port Check to enable queue shaper for individual switch ports. Queue Shaper Enable Configures the rate of each queue shaper. The default value is Queue Shaper Rate 500.
  • Page 110 User’s Manual Click to undo any changes made locally and return to the previous page. Cancel Weighted Label Description Controls whether the scheduler mode is Strict Priority or Scheduler Mode Weighted on this switch port. Check to enable queue shaper for individual switch ports.

  • Page 111: Dscp Based Qos

    User’s Manual Queue Scheduler Shows the weight of the queue in percentage. This parameter is Percent only shown if Scheduler Mode is set to Weighted. Port Shaper Enable Check to enable port shaper for individual switch ports Configures the rate of each port shaper. The default value is 500.

  • Page 112: Dscp Translation

    User’s Manual Label Description DSCP Maximum number of supported DSCP values is 64 Check to trust a specific DSCP value. Only frames with trusted DSCP values are mapped to a specific QoS class and drop precedence Trust l e v e l . Frames with untrusted DSCP values are treated as a non-IP frame.

  • Page 113: Dscp Classification

    User’s Manual Label Description Maximum number of supported DSCP values is 64 and valid DSCP DSCP value ranges from 0 to 63. Ingress DSCP can be first translated to new DSCP before using the DSCP for QoS class and DPL map.

  • Page 114: Qos Control List

    User’s Manual Label Description QoS Class Actual QoS class Actual Drop Precedence Level. DSCP Select the classified DSCP value (0-63) Click to save changes. Save Click to undo any changes made locally and revert to previously saved Reset values.
  • Page 115 User’s Manual Label Description Port Members Check to include the port in the QCL entry. By default, all ports are included. iS5 Communications Inc.
  • Page 116 User’s Manual Key Parameters Key configurations include: Tag: value of tag, can be Any, Untag or Tag. VID: valid value of VLAN ID, can be any value from 1 to 4095 Any: user can enter either a specific value or a range of VIDs.

  • Page 117: Qos Statistics

    User’s Manual Protocol IP Protocol Number: (0-255, TCP or UDP) or Any Source IP: specific Source IP address in value/mask format or Any. IP and mask are in the format of x.y.z.w where x, y, z, and w are decimal numbers between 0 and 255.

  • Page 118: Qcl Status

    User’s Manual Label Description The logical port number for the statistics displayed. Click on the port Port number to see Detailed Port Statistics. There are 8 QoS queues per port. Q0 is the lowest priority. Rx / Tx The number of received and transmitted packets per queue.
  • Page 119 User’s Manual Indicates the classification action taken on ingress frame if parameters configured are matched with the frame's content. There are three action fields: Class, DPL, and DSCP. Action Class: Classified QoS; if a frame matches the QCE, it will be put in the queue.

  • Page 120: Multicast

    User’s Manual 6.8 Multicast 6.8.1 IGMP Snooping Basic Configuration This page provides IGMP Snooping related configuration s. Label Description Snooping Enabled Check to enable global IGMP snooping Unregistered Check to enable unregistered IPMCv4 traffic flooding. The flooding control IPM Cv4Flooding takes effect only when IGMP Snooping is enabled.

  • Page 121: Igmp Snooping Vlan Configurations

    User’s Manual 6.8.2 IGMP Snooping VLAN Configurations Each page shows up to 99 entries from the VLAN table, with a default value of 20, selected by the Entries Per Page input field. When first visited, the web page will show the first 20 entries from the beginning of the VLAN Table.

  • Page 122: Igmp Snooping Status

    User’s Manual 6.8.3 IGMP Snooping Status This page provides IGMP snooping status. Label Description VLAN ID The VLAN ID of the entry. Querier Version Active Querier version. Host Version Active Host version. Querier Status Shows the Querier status as ACTIVE or DISABLE.

  • Page 123: Igmp Snooping Group Information

    User’s Manual 6.8.4 IGMP Snooping Group Information Entries in the IGMP Group Table are shown on this page. The IGMP Group Table is sorted first by VLAN ID, and then by group. Each page shows up to 99 entries from the IGMP Group table, default being 20, selected through the "entries per page"...

  • Page 124: Security

    User’s Manual 6.9 Security 6.9.1 Remote Control Security Remote Control Security allows you to limit remote access to the management interface. When enabled, client requests which are not allowed will be rejected. Label Description Port Port number of the remote client IP Address IP address of the remote client.
  • Page 125 User’s Manual Label Description Indicates the device binding operation for each port. Possible modes are: ---: disable Mode Scan: scans IP/MAC automatically, but no binding function Binding: enables binding. Under this mode, any IP/MAC that does not match the entry will not be allowed to access the network.
  • Page 126 User’s Manual Label Description Specifies alias IP address. Keep 0.0.0.0 if the device does not have Alias IP Address an alias IP address. Alive Check You can use ping commands to check port link status. If port link fails, you can set actions from the list.
  • Page 127 User’s Manual Label Description Mode Enables or disables DDOS prevention of the port Indicates the level of DDOS detection. Possible levels are: Low: low sensibility Sensibility Normal: normal sensibility Medium: medium sensibility High: high sensibility Indicates the types of DDoS attack packets to be monitored. Possible...
  • Page 128 User’s Manual Label Description Indicates device types. Possible types are: --- (no specification), IP Device Type Camera, IP Phone, Access Point, PC, PLC, and Network Video Recorder Location Indicates location information of the device. The information can be Address used for Google Mapping.

  • Page 129: Acl

    User’s Manual Label Description Mode Enables or disables stream monitoring of the port Indicates the action to take when the stream gets low. Possible actions are: Action ---: no action Log it: simply logs the event 6.9.1 ACL Ports This page allows you to configure the ACL parameters (ACE) of each switch port.

  • Page 130: Rate Limiters

    User’s Manual Specify the mirror operation of this port. The allowed values are: Enabled: Frames received on the port are mirrored. Mirror Disabled: Frames received on the port are not mirrored. The default value is "Disabled" Specifies the logging operation of the port. The allowed values are: Enabled: frames received on the port are stored in the system log.
  • Page 131 User’s Manual Label Description Rate Limiter ID The rate limiter ID for the settings contained in the same row. The rate unit is packet per second (pps). The allowed values are:0- 131071 in pps. Rate The allowed values are: 0-3276700 in pps or 0, 100, 200, 300, ..., 1000000 in kbps.
  • Page 132 User’s Manual An ACE consists of several parameters. These parameters vary with the frame type you have selected. First select the ingress port for the ACE, and then the frame type. Different parameter options are displayed according to the frame type you have selected.
  • Page 133 User’s Manual Indicates the frame type of the ACE. These frame types are mutually exclusive. Any: any frame can match the ACE. Ethernet Type: only Ethernet type frames can match the ACE. The IEEE 802.3 descripts the value of length/types should be greater than or equal to 1536 decimal (equal to 0600 hexadecimal).
  • Page 134 User’s Manual Label Description (Only displayed when the frame type is Ethernet Type or ARP.) Specifies the source MAC filter for the ACE. SM AC Filter Any: no SMAC filter is specified (SMAC filter status is "don't-care "). Specific: if you want to filter a specific source MAC address with the ACE, choose this value.
  • Page 135 User’s Manual When Specific is selected for the VLAN ID filter, you can enter a VLAN ID specific VLAN ID number. The allowed range is 1 to 4095. Frames matching the ACE will use this VLAN ID value. Specifies the tag priority for the ACE. A frame matching the ACE will Tag Priority use this tag priority.
  • Page 136 User’s Manual Label Description Specifies the IP protocol filter for the ACE Any: no IP protocol filter is specified ("don't-care "). IP Protocol Filter Other: if you want to filter a specific IP protocol filter with the ACE, choose this value.
  • Page 137 User’s Manual Specifies the options flag settings for the ACE No: IPv4 frames whose options flag is set must not be able to match this entry. IP Option Yes: IPv4 frames whose options flag is set must be able to match this entry.
  • Page 138 User’s Manual Label Description Specifies the available ARP/RARP opcode (OP) flag for the ACE Any: no ARP/RARP OP flag is specified (OP is "don't-care"). ARP/RARP ARP: frame must have ARP/RARP opcode set to ARP RARP: frame must have ARP/RARP opcode set to RARP.
  • Page 139 User’s Manual Specifies whether frames will meet the action according to their target hardware address field (THA) settings. RARP Target 0: RARP frames where THA is not equal to the target MAC address Match 1: RARP frames where THA is equal to the target MAC address Any: any value is allowed ("don't-care ")
  • Page 140 User’s Manual Label Description Specifies the ICMP filter for the ACE Any: no ICMP filter is specified (ICMP filter status is "don't-care"). ICM P Type Filter Specific: if you want to filter a specific ICMP filter with the ACE, you can enter a specific ICMP value.
  • Page 141 User’s Manual Label Description Specifies the TCP/UDP source filter for the ACE Any: no TCP/UDP source filter is specified (TCP/UDP source filter status is "don't-care"). Specific: if you want to filter a specific TCP/UDP source filter with the ACE, TCP/UDP Source Filter you can enter a specific TCP/UDP source value.
  • Page 142 User’s Manual Specifies the TCP FIN ("no more data from sender") value for the ACE. 0: TCP frames where the FIN field is set must not be able to match this entry. TCP FIN 1: TCP frames where the FIN field is set must be able to match this entry.

  • Page 143: Acl Status

    User’s Manual ACL Status This page shows the ACL status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations. The maximum number of ACEs is 512 on each switch.

  • Page 144: Aaa

    User’s Manual Forward packet that matched the specific ACE to CPU. Forward first packet that matched the specific ACE to CPU. CPU Once Counter The counter indicates the number of times the ACE was hit by a frame. Conflict Indicates the hardware status of the specific ACE.
  • Page 145 User’s Manual The Dead Time, which can be set to a number between 0 and 3600 seconds, is the period during which the switch will not send new requests to a server that has failed to respond to a previous request.

  • Page 146: Radius Overview

    User’s Manual Label Description The RADIUS Accounting Server number for which the configuration below applies. Enable the RADIUS Accounting Server by checking this box. Enabled The IP address or hostname of the RADIUS Accounting Server. IP IP Address Address is expressed in dotted decimal notation.

  • Page 147: Radius Details

    User’s Manual The current status of the server. This field takes one of the following values: Disabled: The server is disabled. Not Ready: The server is enabled, but IP communication is not yet up and running. Ready: The server is enabled, IP communication is up and running, and the Status RADIUS module is ready to accept access attempts.
  • Page 148 User’s Manual Packet Counters: RADIUS authentication server packet counter. There are seven receive and four transmit counters. Rx/Tx Name RFC4668 Name Description Access Accepts radiusAuthClientExtAcc The number of RADIUS Access-Accept packets (valid essAccepts or invalid) received from the server.
  • Page 149 User’s Manual Name RFC4668 Name Description IP address and UDP port for the authentication IP Address server in question. Shows the state of the server. It takes one of the following values: Disabled: The selected server is disabled. Not Ready: The server is enabled, but IP communication is not yet up and running.
  • Page 150 User’s Manual The number of RADIUS packets of unknown types radiusAccClientExtUnkn Unknown Types that were received from the server on the ownTypes accounting port. The number of RADIUS packets that were received radiusAccClientExtPack Packets Dropped from the server on the accounting port and etsDropped dropped for some other reason.

  • Page 151: Nas (802.1X)

    User’s Manual 6.9.3 NAS (802.1x) Configuration This page allows you to configure the IEEE 802.1X and MAC-based authentication system and port settings. The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication.
  • Page 152 User’s Manual not failed (because the X seconds have not expired), the same server will be contacted when the next back-end authentication server requests from the switch. This scenario will loop forever. Therefore, the server timeout should be smaller than the supplicant's EAPOL Start frame retransmission rate.

  • Page 153: System Configuration

    User’s Manual System Configuration Label Description Indicates if 802.1X and MAC-based authentication is globally enabled or disabled on the switch. If globally disabled, all ports are allowed to forward Mode frames. If checked, clients are re-authenticated after the interval specified by the Re- authentication Period.

  • Page 154: Port Configuration

    User’s Manual This setting applies to the following modes, i.e. modes using the Port Age Period Security functionality to secure MAC addresses: M AC-Based Auth.: When the NAS module uses the Port Security module to secure MAC addresses, the Port Security module needs to check for activity on the MAC address in question at regular intervals and free resources if no activity is seen within a given period of time.
  • Page 155 User’s Manual In this mode, the switch will send one EAPOL Failure frame when the port link is Force up, and any client on the port will be disallowed network access. Unauthorized In an 802.1X network environment, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the authentication server.
  • Page 156 User’s Manual In port-based 802.1X authentication, once a supplicant is successfully authenticated on a port, the whole port is opened for network traffic. This allows other clients connected to the port (for instance through a hub) to piggy-back on the successfully authenticated client and get network access even though they are not authenticated individually.
  • Page 157 User’s Manual In port-based 802.1X authentication, once a supplicant is successfully authenticated on a port, the whole port is opened for network traffic. This allows other clients connected to the port (for instance through a hub) to piggy-back on the successfully authenticated client and get network access even though they are not authenticated individually.
  • Page 158 User’s Manual Unlike port-based 802.1X, MAC-based authentication is not a standard, but merely a best-practices method adopted by the industry. In MAC-based authentication, users are called clients, and the switch acts as the supplicant on behalf of clients. The initial frame (any kind of frame) sent by a client is snooped by the switch, which in turn uses the client's MAC address as both username and password in the subsequent EAP exchange with the RADIUS server.
  • Page 159 User’s Manual Two buttons are available for each row. The buttons are only enabled when authentication is globally enabled and the port's Admin State is in an EAPOL-based or MAC-based mode. Clicking these buttons will not cause settings changed on the page to take effect.
  • Page 160 User’s Manual The source MAC address carried in the most recently received EAPOL frame for EAPOL-based authentication, and the most recently Last Source received frame from a new client for MAC-based authentication. The user name (supplicant identity) carried in the most recently...
  • Page 161 User’s Manual This button is available in the following modes: • Force Authorized Clear • Force Unauthorized • 802.1X This button is available in the following modes: Click to clear the counters for the selected port. • MAC-based Auth.X Clear All Click to clear both the port counters and all of the attached client's counters.
  • Page 162 User’s Manual Backend Server Counters These backend (RADIUS) frame counters are available for the following administrative states: • 802.1X • MAC-based Auth. Rx/Tx Name IEEE Name Description 802.1X-based: Counts the number of times that the switch receives the first request from the backend server following the first response from the supplicant.
  • Page 163 User’s Manual Last Supplicant/ Client Info Information about the last supplicant/client that attempted to authenticate. This information is available for the following administrative states: • 802.1X • MAC-based Auth. Name IEEE Name Description dot1xAuthLastEapolFra MAC Address The MAC address of the last supplicant/client.

  • Page 164: Warning

    User’s Manual 6.10 Warning 6.10.1 Fault Alarm When any selected fault event happens, the Fault LED on the switch panel will light up and the electric relay will signal at the same time. Select the events to cause the Fault Alarm then click Save, at the bottom of the screen to save the changes.

  • Page 165: Sntp Setting

    User’s Manual The following table describes the labels in this screen Label Description Server Mode Indicates the server mode operation. When the mode operation is enabled, the syslog message will send out to syslog server. The syslog protocol is based on UDP...

  • Page 166: Event Selection

    User’s Manual Label Description E-mail Alarm Enables or disables transmission of system warnings by e-mail. Sender E-mail SMTP server IP address. Address Mail Subject Subject of the mail Username: the authentication username Authentication Password: the authentication password Confirm Password: re-enter password Recipient E-mail The recipient’s e-mail address, allows a total number of six recipients.
  • Page 167 User’s Manual Alerts when the system is restarted. System Start Alerts when power is up or down. Power Status Alerts when SNMP authentication fails. SNM P Authentication Failure Alerts when there is a ring topology change. Redundant Ring Topology Change Select the SYSLOG event for a specific port number.

  • Page 168: Monitor And Diag

    User’s Manual 6.11 Monitor and Diag 6.11.1 MAC Table MAC Address Table Configuration The MAC address table can be configured on this page. Set timeouts for entries in the dynamic MAC table and configure the static MAC table here.

  • Page 169: Mac Address Table

    User’s Manual Learning is done automatically as soon as a frame with unknown Auto SMAC is received. Disable No learning is done. Only static MAC entries are learned, all other frames are dropped. Note: make sure the link used for managing the switch is added to the...

  • Page 170: Port Statistics

    User’s Manual The >> will use the last entry of the currently displayed VLAN/MAC address pairs as a basis for the next lookup. When it reaches the end, the text "no more entries" is shown in the displayed table. Use the |<<...

  • Page 171: Detailed Statistics

    User’s Manual The number of received and transmitted bytes per port. Bytes The number of frames received in error and the number of Errors incomplete transmissions per port. The number of frames discarded due to ingress or egress congestion.

  • Page 172: Port Monitoring

    User’s Manual Rx and Tx The number of received and transmitted (good and bad) broadcast Broadcast packets. The number of MAC Control frames received or transmitted on this Rx and Tx Pause port that have an opcode indicating a PAUSE operation.

  • Page 173: System Log Information

    User’s Manual 6.11.4 System Log Information This page provides switch system log information. iS5 Communications Inc.

  • Page 174: Veriphy Cable Diagnostics

    User’s Manual Label Description The ID (>= 1) of the system log entry The level of the system log entry. The following level types are supported: Info: provides general information Level Warning: provides warning for abnormal operation Error: provides error message...

  • Page 175: Sfp Monitor

    User’s Manual Press Start to run the diagnostics. This will take approximately 5 seconds. If all ports are selected, this can take approximately 15 seconds. When completed, the page refreshes automatically. Results can be viewed in the cable status table. Note that VeriPHY diagnostics is only accurate for cables 7 - 140 meters long.

  • Page 176: Ping

    User’s Manual 6.11.7 Ping This page allows you to issue ICMP PING packets to troubleshoot IP connectivity issues. After you press Start, five ICMP packets will be transmitted, and the sequence number and roundtrip time will be displayed upon reception of a reply. The page refreshes automatically until responses to all packets are received, or until a timeout occurs PING6 server ::10.10.132.20...

  • Page 177: Synchronization

    User’s Manual PING6 server ::192.168.10.1 sendto sendto sendto sendto sendto Sent 5 packets, received 0 OK, 0 bad 6.12 Synchronization 6.12.1 Configuration This page allows you to configure current PTP clock settings. PTP External Clock Mode Label Description One_pps_mode The box allows you to select One_pps_mode configurations.
  • Page 178 User’s Manual iS5 Communications Inc.
  • Page 179 User’s Manual PTP Clock Configurations Label Description Delete Check this box and click Save to delete the clock instance Clock Instance Indicates the instance of a particular clock instance [0..3] Click on the clock instance number to edit the clock details Device Type Indicates the type of the clock instance.

  • Page 180: Status

    User’s Manual Protocol Transport protocol used by the PTP protocol engine: Ethernet PTP over Ethernet multicast ip4multi PTP over IPv4 multicast ip4uni PTP over IPv4 unicast Note: IPv4 unicast protocol only works in Master Only and Slave Only clocks For more information, please refer to Device Type.

  • Page 181: Factory Defaults

    User’s Manual 6.13 Factory Defaults You can reset the configuration of the stack switch on this page. The IP configuration and/or User/Password are retained only if the respective boxes are checked when the switch is restored to factory defaults.

  • Page 182: Command Line Interface Management

    User’s Manual Command Line Interface Management Besides Web-based management, the iES22GF also supports CLI management. Use either the console port or telnet to manage the switch via the CLI. CLI Management by RS-232 Serial Console (115200, 8, none, 1, none) Before configuring RS-232 serial console, connect the RS-232 port of the switch to your PC Com port using a RJ45 to DB9-F cable.
  • Page 183 User’s Manual (4) Press “Enter” for the Console login screen to appear. Use the keyboard to enter the Console Username and Password which is same as the Web Browser password (admin for both), then press “Enter”. iS5 Communications Inc.

  • Page 184: Cli M Anagement By Telnet

    User’s Manual CLI M anagement by Telnet You can use TELNET to configure the switch. The default values are: IP Address: 192.168.10.1 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.10.254 User Name: admin Password: admin Follow the steps below to access the console via Telnet.

  • Page 185: Command Groups

    User’s Manual Command Groups iS5 Communications Inc.
  • Page 186 User’s Manual System Configuration [all] [<port_list>] Name [<name>] Description [<description>] Contact [<contact>] Location [<location>] Version Log Configuration Log Level [info|warning|error] Log Server Mode [enable|disable] Log Server Address [<ip_addr_string>] Log Lookup [<log_id>] [all|info|warnup ing|error] Log Lookup [<log_id>] [all|info|warning|error] System> Log Clear [all|info|warning|error] Timezone Configuration Timezone Offset [<offset>]...
  • Page 187 User’s Manual Neighbour Clear Neighbour List Ping <ip_target> [(Length <ping_length>)] [(Count <ping_count>)] [(Interval <ping_interval>)] Route Add <ip_net> <ip_gateway> Route Delete <ip_net> <ip_gateway> Route List SNTP Configuration SNTP Mode [enable|disable] SNTP Server Add <ip_addr_string> SNTP Server Delete Port Configuration [<port_list>] [up|do wn] Mode [<port_list>]...
  • Page 188 User’s Manual FrameType [<port_list>] [all|tagged|untagged] IngressFilter [<port_list>] [enable|disable] tx_tag [<port_list>] [untag_pvid|untag_all|tag_all] PortType [<port_list>] [unaware|c-port|s-port|s-custom-port] EtypeCustomSport [<etype>] Add <vid>|<name> [<ports_list>] Forbidden Add <vid>|<name> [<port_list>] Delete <vid>|<name> Forbidden Delete <vid>|<name> Forbidden Lookup [<vid>] [(name <name>)] Lookup [<vid>] [(name <name>)] [combined|static|nas|all] Name Add <name> <vid>...
  • Page 189 User’s Manual auth> Console [no|local|radius] [local|radius] Telnet [no|local|radius] [local|radius] SSH [no|local|radius] [local|radius] HTTP [no|local|radius] [local|radius] Security Switch SSH Configuration Security/switch/S S H> Mode [enable|disable] Security Switch HTTPS Configuration Security/switch/ Mode [enable|disable] HTTPS> Redirect [enable|disable] Security Switch RMON Statistics Add <stats_id> <data_source>...
  • Page 190 User’s Manual Security Network Psec Switch [<port_list>] Security/Network/ Psec> Port [<port_list>] Security Network NAS Configuration [<port_list>] Mode [enable|disable] State [<port_list>] [auto|authorized|unauthorized|macbased] Reauthentication [enable|disable] ReauthPeriod [<reauth_period>] Security/Network /NAS> EapolTimeout [<eapol_timeout>] Agetime [<age_time>] Holdtime [<hold_time>] Authenticate [<port_list>] [now] Statistics [<port_list>] [clear|eapol|radius] Security Network ACL Configuration [<port_list>]...
  • Page 191 User’s Manual Lookup [<ace_id>] Clear Status [combined|static|loop_protect|dhcp|ptp|ipmc|conflicts] Port State [<port_list>] [enable|disable] Security Network DHCP Configuration Mode [enable|disable] Server [<ip_addr>] Security/Network/ Information Mode [enable|disable] DHCP> Information Policy [replace|keep|drop] Statistics [clear] Security AAA Configuration Radius-server timeout [<timeout>] Radius-server retransmit [<retransmit>] Radius-server deadtime [<deadtime>] radius-server key [<key>]...
  • Page 192 User’s Manual bpduGuard [enable|disable] recovery [<timeout>] CName [<config-name>] [<integer>] Status [<msti>] [<port_list>] Msti Priority [<msti>] [<priority>] Msti Map [<msti>] [clear] Msti Add <msti> <vid> Port Configuration [<stp_port_list>] Port Mode [<stp_port_list>] [enable|disable] Port Edge [<stp_port_list>] [enable|disable] STP> Port AutoEdge [<stp_port_list>] [enable|disable] Port P2P [<stp_port_list>] [enable|disable|auto]...
  • Page 193 User’s Manual LLDP Configuration [<port_list>] Mode [<port_list>] [enable|disable] Optional_TLV [<port_list>] [port_descr|sys_name|sys_descr|sys_capa|mgmt_addr] [enable|disable] Interval [<interval>] LLDP> Hold [<hold>] Delay [<delay>] Reinit [<reinit>] Statistics [<port_list>] [clear] Info [<port_list>] Configuration [<port_list>] Port Classification Class [<port_list>] [<class>] Port Classification DPL [<port_list>] [<dpl>] Port Classification PCP [<port_list>] [<pcp>] Port Classification DEI [<port_list>] [<dei>]...
  • Page 194 User’s Manual Port TagRemarking DEI [<port_list>] [<dei>] Port TagRemarking DPL [<port_list>] [<dpl>] [<dpl>] [<dpl>] [<dpl>] Port TagRemarking Map [<port_list>] [<class_list>] [<dpl_list>] [<pcp>] [<dei>] Port DSCP Translation [<port_list>] [enable|disable] Port DSCP Classification [<port_list>] [none|zero|selected|all] Port DSCP EgressRemark [<port_list>] [disable|enable|remap] DSCP Map [<dscp_list>] [<class>] [<dpl>] DSCP Translation [<dscp_list>] [<trans_dscp>]...
  • Page 195 User’s Manual Config Save <ip_server> <file_name> Config> Load <ip_server> <file_name> [check] SNMP Configuration Mode [enable|disable] Version [1|2c|3] Read Community [<community>] Write Community [<community>] Engine ID [<engineid>] Community Add <community> [<ip_addr>] [<ip_mask>] Community Delete <index> Community Lookup [<index>] User Add <engineid> <user_name> [MD5|SHA] [<auth_password>] [DES|AES] [<priv_password>]...
  • Page 196 User’s Manual Trap Add <conf_name> [enable|disable] [(dip <ipv4v6_addr>)] [(dport <udp_port>)][((1) [(community <comm>)]) |(((2c) [(community <comm>)]) [(trap) | (informs [<retries>] [<timeout>])])] |((3) [(trap) | (informs [<retries>] [<timeout>])] [(probe) | (engine <engineid>)] [(security <security_name>)])] Trap Delete <conf_name> Trap Event Lookup [<conf_name>] Trap Event System Warm-start [<conf_name>] [enable|disable]...
  • Page 197 User’s Manual LocalClock <clockinst> [update|show|ratio|offset] [<clockratio>] Filter <clockinst> [<def_delay_filt>] [<period>] [<dist>] Servo <clockinst> [<displaystates>] [<ap_enable>] [<ai_enable>] [<ad_enable>] [<ap>] [<ai>] [<ad>] ClkOptions <clockinst> [synce|free] [<threshold>] [<ap>] Holdover <clockinst> [<ho_filter>] [<adj_threshold>] SlaveTableUnicast <clockinst> UniConfig <clockinst> [<index>] [<duration>] [<ip_addr>] ForeignMasters <clockinst> [<port_list>] EgressLatency [show|clear] MasterTableUnicast <clockinst>...
  • Page 198 User’s Manual State [igmp] [<vid>] [enable|disable] Querier [igmp] [<vid>] [enable|disable] Fastleave [igmp] [<port_list>] [enable|disable] Router [igmp] [<port_list>] [enable|disable] Status [igmp] [<vid>] Groups [igmp] [<vid>] V ersion [igmp] [<vid>] Fault Alarm PortLinkDown [<port_list>] [enable|disable] Fault> Alarm PowerFailure [pwr1|pwr2|pwr3] [enable|disable] Event...
  • Page 199 User’s Manual Chain Configuration Mode [enable|disable] 1stUplinkPort [<port>] Chain> 2ndUplinkPort [<port>] EdgePort [1st|2nd|none] Mode [enable|disable] Add [<ip_addr>] [<port_list>] [web_on|web_off] [telnet_on|telnet_off] [snmp_on|snmp_off] RCS> Del <index> Configuration FastRecovery Mode [enable|disable] FastRecovery> Port [<port_list>] [<fr_priority>] Open-Ring Configuration Mode [enable|disable] 1stUplinkPort [<port>] Open-Ring>...
  • Page 200 User’s Manual Port DDOS Action [<port_list>] [do_nothing|block_1_min|block_10_mins|block|shutdown|only_lo Port DDOS Status [<port_list>] Port Alive Mode [<port_list>] [enable|disable] Port Alive Action [<port_list>] [do_nothing|link_change|shutdown|only_log] Port Alive Status [<port_list>] Port Stream Mode [<port_list>] [enable|disable] Port Stream Action [<port_list>] [do_nothing|only_log] Port Stream Status [<port_list>] Port Addr [<port_list>] [<ip_addr>] [<mac_addr>]...

  • Page 201: Technical Specifications

    User’s Manual Technical Specifications iES22G Switch Models Physical Ports 10/100/1000Base-T(X) Ports in 8 x 10/100/100Base-T RJ45 Auto MDI/MDIX 100/1000Base-X with SFP port Up to 12 x 100/1000Base-X with SFP port Technology EEE 802.3 for 10Base-T IEEE 802.3u for 100Base-TX and 100Base-FX IEEE 802.3ab for 1000Base-T...

  • Page 202: Regulatory Approvals

    User’s Manual 100/1000Base-X SFP Port Green for port Link/Act. Indicator Fault contact Relay output to carry capacity of 1 A at 24 VDC. Relay Power Dual DC inputs 10-48VDC, Dual DC 36-72VDC, and Dual AC/DC power inputs. 85-264VAC / 88- Redundant power input modular 370VDC.

  • Page 203: Appendix A: Ies22Gf Modbus Information

    User’s Manual Appendix A: iES22GF Modbus Information Address Description VendorName ProductName Version MacAddress FaultAlarm: 0x0000 – No Fault Alarm 0x0001 – Fault Alarm SysName SysDescription SysLocation 1024 SysContact 4096-4115 PortStatus: Port :1~VTSS_PORTS Value :0x0000 Link down 0x0001 Link up...

Table of Contents