Page 1: Cisco Small Business 300 Series Managed Switch Administration Guide
Cisco Small Business 300 Series Managed Switch Administration Guide 10/100 Switches SF 300-08, SF 302-08, SF 302-08MP, SF 302-08P, SF 300-24, SF 300-24P, SF 300-48, SF 300-48P Gigabit Switches SG 300-10, SG 300-10MP, SG 300-10P, SG 300-20, SG 300-28, SG 300-...
Page 2: Table Of Contents
Defining RMON Events Control Viewing the RMON Events Logs Defining RMON Alarms Chapter 3: Managing System Logs Setting System Log Settings Setting Remote Logging Settings Viewing Memory Logs RAM Memory Flash Memory Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 3 System Time Options Configuring System Time Setting SNTP Defining SNTP Authentication Chapter 7: Managing Device Diagnostics Testing Copper Ports Displaying Optical Module Status Configuring Port and VLAN Mirroring Viewing CPU Utilization Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 4 Defining LAG Management Defining Member Ports in a LAG Configuring LAG Settings Configuring LACP Setting Port LACP Parameter Settings Green Ethernet Setting Global Green Ethernet Properties Setting per Port Green Ethernet Properties Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 5 Assigning VLAN Group ID to VLAN Per Interface Voice VLAN Voice VLAN Options Voice VLAN Constraints Configuring Voice VLAN Properties Configuring Telephony OUI Chapter 12: Configuring the Spanning Tree Protocol STP Flavors Configuring STP Status and Global Settings Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 6 Multicast Address Properties Defining Multicast Properties MAC Group Address IP Multicast Group Address IGMP Snooping MLD Snooping IGMP/MLD IP Multicast Group Multicast Router Port Defining Forward All Multicast Defining Unregistered Multicast Settings Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 7 Mapping DNS Hosts Chapter 16: Configuring Security Defining Users Setting User Accounts Setting Password Complexity Rules TACACS+ Configuration Configuring Default TACACS+ Parameters Adding a TACACS+ Server Configuring RADIUS Parameters Adding a RADIUS Server Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 8 Defining MAC-based ACLs Adding Rules to a MAC-based ACL IPv4-based ACLs Defining an IPv4-based ACL Adding Rules (ACEs) to an IPv4-Based ACL IPv6-based ACLs Defining an IPv6-based ACL Defining ACL Binding Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 9 Workflow to Configure Advanced QoS Mode Configuring Out-of-Profile DSCP Remarking Defining Class Mapping QoS Policers Defining Aggregate Policers Configuring a Policy Policy Class Maps Policy Binding Managing QoS Statistics Viewing Policer Statistics Viewing Queues Statistics Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 10 Communicating By Using a TCP/IP Connection Connecting By Using Telnet Console Configuration Menu Navigation Console Interface Main Menu System Configuration Menu System Information Management Settings Username & Password Settings Security Settings VLAN Management Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 11 Contents IP Configuration IPv6 Address Configuration Network Configuration File Management Port Status Port Configuration System Mode Help Logout Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 12: Chapter 1: Getting Started
Open a Web browser. STEP 1 Enter the IP address of the switch you are configuring in the address bar on the STEP 2 browser, and then press Enter. The Login Page opens. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 13: Logging In
To add a new language to the switch or update a current one, refer to the Upgrade/Backup Firmware/Language section. If this is the first time that you logged on with the default user ID (cisco) and the STEP 3 default password (cisco) or your password has expired, the Change Password Page opens.
Page 14: Password Expiration
Starting the Web-based Switch Configuration Utility Password Expiration The New Password Page is displayed: • The first time you access the switch with the default username cisco and password cisco. This page forces you to replace the factory default password. •...
Page 15: Quick Start Switch Configuration
Configuration/Log Page Create MAC Based ACL MAC Based ACL Page Create IP Based ACL IPv4 Based ACL Page Configure QoS QoS Properties Page Configure Port Mirroring Port and VLAN Mirroring Page Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 16: Window Navigation
Logout Click to logout of the web-based switch configuration utility. About Click to display the switch name and switch version number. Help Click to display the online help. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 17: Management Buttons
Running Configuration. Click Close to return to the main page. Click Save to display the Copy/Save Configuration Page and save the Running Configuration to the Startup Configuration file type on the switch. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 18: Cisco Small Business 300 Series Managed Switch Administration Guide
Select the entry in the table to be deleted and click Delete to remove entries from a table. The entry is deleted. Details Click to display the details associated with the entry selected on the main page. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 19: Cisco Small Business 300 Series Managed Switch Administration Guide
2. Click Close to return to the main page. Enter the query filtering criteria and click Go. The results are displayed on the page. Test Click Test to perform the related tests. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 20: Chapter 2: Viewing Statistics
The Interface Page displays traffic statistics per port. The refresh rate of the information can be selected. This page is useful for analyzing the amount of traffic that is both sent and received and its dispersion (Unicast, Multicast, and Broadcast). Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 21: Cisco Small Business 300 Series Managed Switch Administration Guide
Broadcast Packets—Good Broadcast packets transmitted. To clear statistics counters: • Click Clear Interface Counters to clear counters for the interface displayed. • Click Clear All Interface Counters to clear counters for all interfaces. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 22: Viewing Etherlike Statistics
Oversize Packets—Packets greater than 1518 octets received. • Internal MAC Receive Errors—Frames rejected because of receiver errors. • Received Pause Frames—Received flow control pause frames. • Transmitted Pause Frames—Flow control pause frames transmitted from the selected interface. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 23: Viewing Gvrp Statistics
Empty—Number of GVRP empty packets received/transmitted. • Leave Empty—Number of GVRP Leave Empty packets received/ transmitted. • Join In—Number of GVRP Join In packets received/transmitted. • Leave In—Number of GVRP Leave In packets received/transmitted. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 24: Viewing 802.1X Eap Statistics
EAPOL Start Frames Received—EAPOL Start frames received on the port. • EAPOL Logoff Frames Received—EAPOL Logoff frames received on the port. • EAP Response/ID Frames Received—EAP Resp/ID frames received on the port. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 25: Viewing Tcam Utilization
This page displays TCAM Utilization, the percentage of TCAM resources used. The TCAM Rules Per Process table lists all processes that can allocate TCAM rules. Each process has its specific allocation policy. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 26 2/device 4 TCAM entries per ARP Inspection rule VLAN Rate Limiting Both 1 Global rule An additional rule is per VLAN Rate created for each Limit. Permit rule on the interface. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 27: Managing Rmon Statistics
STEP 1 Select the Interface for which Ethernet statistics are to be displayed. STEP 2 Select the Refresh Rate, the time period that passes before the interface STEP 3 statistics are refreshed. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 28 • Frames of 128 to 255 Bytes—Number of frames, containing 128-255 bytes that were received. • Frames of 256 to 511 Bytes—Number of frames, containing 256-511 bytes that were received. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 29: Configuring Rmon History
Therefore, this field represents the sample number actually granted to the request that is equal or less than the requested value. Click Add. The Add RMON History Page opens. STEP 2 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 30: Viewing The Rmon History Table
This may not represent the exact number of dropped packets, but rather the number of times dropped packets were detected. • Bytes Received—Octets received that including bad packets and FCS octets, but excluding framing bits. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 31: Defining Rmon Events Control
Event Log Table Page. To view RMON events: Click RMON > Events. The Events Page opens. STEP 1 This page displays previously-defined events. Add RMON Events Page Click Add. The opens. STEP 2 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 32: Viewing The Rmon Events Logs
Click Event Log Table. The Event Log Table Page opens. STEP 2 This page displays the following fields: • Event—Events log entry number. • Log No.—Log number. • Log Time—Time that the log entry was entered. • Description—Log entry description. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 33: Defining Rmon Alarms
Rising Threshold—Enter the rising counter value that triggers the rising threshold alarm. • Rising Event—Select an event, from those that you defined in the Events table, to be performed when a rising event is triggered. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 34 Interval—Enter the alarm interval time in seconds. • Owner—Enter the name of the user or network management system that receives the alarm. Click Apply. The RMON alarm is added and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 35: Chapter 3: Managing System Logs
(-) on each side (except for Emergency that is indicated by the letter F). For example, the log message "%INIT-I-InitCompleted: … " has a severity level of I, meaning Informational. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 36 The aggregated messages are sent in the order of their arrival. Each message states the number of times it has been aggregated. • Max Aggregation Time—Enter the interval of time that SYSLOG messages are aggregated. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 37: Setting Remote Logging Settings
Link Local Interface—Select the link local interface (if IPv6 Address Type Link Local is selected) from the list. • Log Server IP Address—Enter the address of the server to which logs are sent. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 38: Viewing Memory Logs
RAM Memory Page opens. This page displays the following fields: • Log Index—Log entry number. • Log Time—Time when message was generated. • Severity—Event severity. • Description—Message text describing the event. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 39: Flash Memory
Log Index—Log entry number. • Log Time—Time when message was generated. • Severity—Event severity. • Description—Message text describing the event. To clear the messages, click Clear Logs. The messages are cleared. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 40: Chapter 4: Managing System Files
If the switch is rebooted, the Running Configuration is lost. When the switch is rebooted, this file type is copied from the Startup Configuration stored in Flash to the Running Configuration stored in RAM. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 41 • Firmware—The operating system. More commonly referred to as the image. • Boot Code—Controls the basic system startup and launches the firmware image. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 42 Running Configuration file by copying it to the Startup Configuration file. After this save, the red X icon and the link to the Copy/Save Configuration Page are hidden. This chapter describes how configuration and log files are managed. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 43: Upgrade/Backup Firmware/Language
When you upgrade the firmware, the new image is always replaces the image identified as the inactive image. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 44 Link Local Interface—Select the link local interface (if IPv6 is used) from the list. e. TFTP Server—Enter the IP address of the TFTP server. Source File Name—Enter the name of the source file. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 45 Files and File Types section.) b. File Name—Click Browse to select a file or enter the path and source file name to be used in the transfer. c. Click Apply. The file is upgraded. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 46: Selecting The Active Image
Active Image Version Number After Reboot displays the firmware version of the active image that is used after the switch is rebooted. Click Apply. The active image selection is updated. STEP 3 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 47: Downloading Or Backing-Up A Configuration Or Log
• Global—The IPv6 address is a global Unicast IPV6 type that is visible and reachable from other networks. c. Link-Local Interface—Select the link local interface from the list. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 48 (.), and the maximum length for file names on the TFTP server is 160 characters. (Valid characters: A-Z, a-z, 0-9, “.”, “-”, “_”). If you selected HTTP, enter the parameters as described in this step. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 49: Displaying Configuration File Properties
Configuration Files Properties Page Configuration Files Properties. The opens. This page provides the following fields: • Configuration File Name—Displays the type of file. • Creation Time—Displays the date and time that file was modified. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 50: Copying Or Saving Switch Configuration File Types
Files and File Types section.) Select the Destination File Name to be overwritten by the source file. STEP 3 Click Apply. The file is copied and switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 51: Setting Dhcp Auto Configuration
IP addresses with each DHCP renew cycle, IP addresses must be bound to MAC addresses in the DHCP server table. This ensures that each device has its own reserved IP address and other relevant information. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 52 TFTP server identified by the DHCP server into the Startup Configuration file, and initiates a reboot. If the values match, no action is taken. Click Apply. The DHCP Auto Configuration is updated. STEP 3 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 53: Chapter 5: General Administrative Information And Operations
(PoE) status, and so forth. Displaying the System Summary To view system information, click Status and Statistics > System Summary. The System Summary Page opens. The System Summary page displays system and hardware information. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 54 Firmware Version (Non-active Image)—Firmware version number of the non-active image. . • Firmware MD5 Checksum (Non-active Image)—MD5 checksum of the non-active image. • Boot Version—Boot version number. • Boot MD5 Checksum—MD5 checksum of the boot version. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 55: Configuring The System Settings
User Defined—Enter the hostname. Use only letters, digits, and hyphens. Host names cannot begin or end with a hyphen. No other symbols, punctuation characters, or blank spaces are permitted (as specified in RFC1033, 1034, 1035). Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 56: Switch Models
24 regular ports, and four At most special-purpose ones - uplinks and 180W combo-ports. SG 300-52 SRW2048-K9 52-port Gigabit. g1-g52. 48 regular ports, and four special-purpose ones - uplinks and combo-ports. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 57: Rebooting The Switch
Configuration or click Save at the top of the window. You can also upload the configuration from a remote device see the “Downloading or Backing-up a Configuration or Log” section in the Managing System Files chapter. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 58 DHCP Auto Configuration should be disabled (enabled by default), otherwise a CAUTION configuration file might be loaded from a TFTP server, instead of the factory default settings. The switch is rebooted. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 59: Monitoring The Fan Status And Temperature
Select the timeout for each session from the corresponding list. The default STEP 2 timeouts are 10 minutes. Click Apply to set the configuration settings on the switch. STEP 3 ———————————————— Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 60: Chapter 6: System Time
This chapter describes the options for configuring system time, time zone, and Daylight Savings Time (DST). It includes the following topics: • System Time Options • Configuring System Time • Setting SNTP • Defining SNTP Authentication Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 61: System Time Options
If the server supplying the source parameters fails or dynamic configuration is disabled by the user, the manual settings are used. Dynamic configuration of the time zone and DST continues after the IP address lease time has expired. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 62: Configuring System Time
DHCP packet. If this option is enabled, you must also enable DHCP client on the switch. To do this, set the IP Address Type to Dynamic in the IPv4 Interface Page. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 63 Friday in October at 5:00 am. The parameters are: Day—Day of the week on which DST ends every year. Week—Week within the month from which DST ends every year. Month—Month of the year in which DST ends every year. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 64: Setting Sntp
The preferred server is chosen according to its stratum level. • Poll Interval—Interval (in seconds) at which the SNTP server is polled for system time information. The poll interval is 1024 seconds. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 65 Internet and configured with a DNS server or configured so that a DNS server is identified by using DHCP. (See the Defining DNS Servers section.) • IP Version—Select the version of the IP address: Version 6 or Version 4. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 66: Defining Sntp Authentication
Click Apply. The STNP server is added, and you are returned to the main page. STEP 5 Defining SNTP Authentication The SNTP Authentication Page enables configuration of the authentication keys that are used when communicating with an SNTP server that requires authentication. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 67 Trusted Key—Select the check box to allow the switch to receive broadcast synchronization information only from a SNTP server by using this authentication key. Click Apply. The SNTP Authentication is defined, and the switch is updated. STEP 6 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 68: Chapter 7: Managing Device Diagnostics
After the test, the port returns to the Up state. It is not recommended that you run the copper port test on a port you are using to run the web-based switch configuration utility, because communications with that device are disrupted. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 69 To avoid unknown results in the Advanced Test, perform the Basic Test NOTE first. This page displays the results of the most recent test: • Port—Port identifier. • Cable Status—Cable status. • Speed—Link speed. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 70 • Polarity—Indicates if automatic polarity detection and correction has been activated for the wire pair. • Pair Skew—Difference in delay between wire pairs. Click Close to close the window. STEP 5 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 71: Displaying Optical Module Status
This page displays the following fields: • Port—Port number on which the SFP is connected. • Temperature—Temperature (Celsius) at which the SFP is operating. • Voltage—SFP’s operating voltage. • Current—SFP’s current consumption. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 72: Configuring Port And Vlan Mirroring
Only one instance of mirroring is supported system-wide. The analyzer port (or target port for VLAN mirroring or port mirroring) is the same for all the mirrored VLANs or mirrored ports. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 73 Rx Only—Port mirroring on incoming packets. Tx Only—Port mirroring on outgoing packets. Tx and Rx—Port mirroring on both incoming and outgoing packets. Click Apply. Port mirroring is added, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 74: Viewing Cpu Utilization
A new sample is created for each time period. The window displays a graph of the CPU utilization. The Y axis is percentage of usage, and the X axis is the sample number. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 75: Chapter 8: Configuring Discovery
Bonjour is displayed on the IP Multicast Group Address Page. When Bonjour Discovery is disabled, the switch stops any service type advertisements and does not respond to any requests for service from network management applications. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 76: Bonjour For A System In Layer 3 Mode
Bonjour Discovery Interface Control table. Bonjour Discover can only enabled on interfaces with an IP address. Click Add to enable an interface and add it to the Bonjour Discovery Interface STEP 3 Control table. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 77: Configuring Lldp
LLDP updates using the Properties Page Port Settings Page 2. Configure LLDP per interface by using the LLDP MED Network Policy 3. Create LLDP MED network policies by using the Page Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 78: Setting Lldp Properties
LLDP, following an LLDP enable/disable cycle. • Transmit Delay—Enter the amount of time in seconds that passes between successive LLDP frame transmissions due to changes in the LLDP local systems MIB. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 79: Editing Lldp Port Settings
Administrative Status—Select the LLDP publishing option for the port. The values are: Tx Only—Publishes only but does not discover. Rx Only—Discovers but does not publish. Tx & Rx—Publishes and discovers. Disable—Indicates that LLDP is disabled on the port. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 80 802.3 Link Aggregation—Whether the link (associated with the port on which the LLDP PDU is transmitted) can be aggregated. It also indicates whether the link is currently aggregated, and if so, provides the aggregated port identifier. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 81: Lldp Med Protocol
PC. • Device location discovery to allow creation of location databases and, in the case of Voice over Internet Protocol (VoIP), Emergency Call Service (E-911) by using IP Phone location information. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 82: Setting Lldp Med Network Policy
Click Add and the opens. STEP 2 This page enables the definition of new policies. Enter the values. STEP 3 • Network Policy Number—Select the number of the policy to be created. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 83: Configuring Lldp Med Port Settings
Click Administration > Discovery - LLDP > LLDP MED Port Settings. The LLDP STEP 1 MED Port Settings Page opens. This page displays LLDP MED settings, including enabled TLVs, for all ports. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 84 Location (ECS) ELIN—Enter the Emergency Call Service (ECS) ELIN location to be published by LLDP. Click Apply. The LLDP MED port settings are modified, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 85: Displaying Lldp Port Status
Remote PoE—PoE information advertised by the neighbor. • # of neighbors—Number of neighbors discovered. • Neighbor Capability of 1st Device—Displays the primary enabled device functions of the neighbor, for example: Bridge or Router. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 86: Displaying Lldp Local Information
The address consists of the following elements: • Address Subtype—Type of management IP address that is listed in the Management Address field, for example, IPv4. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 87 Capabilities Supported—MED capabilities supported on the port. • Current Capabilities—MED capabilities enabled on the port. • Device Class—LLDP-MED endpoint device class. The possible device classes are: Endpoint Class 1—Indicates a generic endpoint class, offering basic LLDP services. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 88 ECS ELIN—Emergency Call Service (ECS) Emergency Location Identification Number (ELIN). Network Policy Table • Application Type—Network policy application type, for example, Voice. • VLAN ID—VLAN ID for which the network policy is defined. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 89: Displaying Lldp Neighbors Information
System Name—Published name of the switch. • Time to Live—Time interval (in seconds) after which the information for this neighbor is deleted. Neighbors Information Page Select a local port, and click Details. The opens. STEP 2 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 90 Address Subtype—Managed address subtype, for example, MAC or IPv4. • Address—Managed address. • Interface Subtype—Port subtype. • Interface Number—Port number. MAC/PHY Details • Auto-Negotiation Supported—Port speed auto-negotiation support status. The possible values are True and False. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 91 Capabilities Supported—MED capabilities enabled on the port. • Current Capabilities—MED TLVs advertised by the port. • Device Class—LLDP-MED endpoint device class. The possible device classes are: Endpoint Class 1—Indicates a generic endpoint class, offering basic LLDP services. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 92 Supported—Supported Port and Protocol VLAN IDs. • Enabled—Enabled Port and Protocol VLAN IDs. VLAN IDs • VID—Port and Protocol VLAN ID. • VLAN Names—Advertised VLAN names. Protocol IDs • Protocol ID—Advertised protocol IDs. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 93: Accessing Lldp Statistics
For each port, the fields are displayed: • Interface—Identifier of interface. • Tx Frames Total—Number of transmitted frames. • Rx Frames Total—Number of received frames. Discarded—Total number of received frames that were discarded. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 94: Lldp Overloading
To view the overloading details for a port, select it and click Details. The LLDP STEP 2 Overloading Details opens. This page displays the following information for each TLV sent on the port: • LLDP Mandatory TLVs Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 95 —If the LLDP MED 802.3 TLVs packets were sent, or if they were overloaded. • LLDP Optional TLVs Size (Bytes) —Total LLDP MED optional TLVs packets byte size. Status —If the LLDP MED optional TLVs packets were sent, or if they were overloaded. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 96 —If the LLDP MED inventory packets were sent, or if they were overloaded. • Total (Bytes)—Total number of packets sent (in bytes). • Left to Send (Bytes)—Total number of packet bytes left to transmit. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 97: Chapter 9: Port Management
Link Aggregation Group by using the 5. Configure global Green Ethernet settings by using the Properties Page 6. Configure per port Green Ethernet energy mode by using the Port Settings Page. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 98: Setting The Basic Port Configuration
Combo Fiber—SFP Fiber Gigabit Interface Converter Port with the following values: 100M and 1000M (type: ComboF) • Administrative Status—Select whether the port should be operational (Up) or non-operational (Down) when the switch is rebooted. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 99 10 Half—10 Mbps speed and Half Duplex mode. 10 Full—10 Mbps speed and Full Duplex mode. 100 Half—100 Mbps speed and Half Duplex mode. 100 Full—100 Mbps speed and Full Duplex mode. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 100 Packets received from protected ports can be forwarded only to unprotected egress ports. Protected port filtering rules are also applied to packets that are forwarded by software, such as snooping applications. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 101: Configuring Link Aggregation
Traffic load balancing over the active member ports of a LAG is managed by a hash-based distribution function that distributes Unicast traffic based on Layer 2 or Layer 3 packet header information. Multicast packets behave in the same way as Unicast packets. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 102 Protocols, such as Spanning Tree, consider all the ports in the LAG to be one port. • All the ports in the LAG must have the same 802. 1 p priority. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 103: Static And Dynamic Lag Workflow
IP/MAC Address—Perform load balancing by the source and destination IP addresses on IP packets, and by the source and destination MAC addresses on non-IP packets Click Apply. The Load Balance Algorithm is defined, and the switch is updated. STEP 3 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 104: Defining Member Ports In A Lag
Enter the values for the following fields: STEP 3 • LAG—Select the LAG ID number. • Description—Enter the LAG name or a comment. • LAG Type—Displays the port type that comprises the LAG. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 105 LAG to start the negotiation process. The possible values are the same as those listed in the Administrative Advertisement field. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 106: Configuring Lacp
Any link operating at a different speed from the highest-speed active member or operating at half-duplex is made standby. All the active ports in a dynamic LAG operate at the same baud rate. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 107: Setting Port Lacp Parameter Settings
LACP timeout preference. Click Apply. The switch is updated. STEP 5 You can continue editing by selecting another port in the Port field. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 108: Green Ethernet
Green Ethernet mode. Power savings can be monitored. The Green Ethernet features are defined per port, regardless of their LAG membership. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 109: Setting Global Green Ethernet Properties
This value is updated each time there is an event that affects power saving. Click Apply. The Port Settings are modified, and the switch is updated. STEP 3 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 110: Setting Per Port Green Ethernet Properties
Select a Port and click Edit. The Edit Port Setting Page opens. STEP 2 Select to enable or disable Energy Detect mode on the port. STEP 3 Select to enable or disable Short Reach mode on the port. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 111 Port Management Green Ethernet Click Apply. The Green Ethernet port settings are modified, and the switch is STEP 5 updated. Select another port to display or edit that port. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 112: Chapter 10: Managing Power-Over-Ethernet Devices
Eliminates the need to run 110/220 V AC power to all devices on a wired LAN. • Removes the necessity for placing all network devices next to power sources. • Eliminates the need to deploy double cabling systems in an enterprise significantly decreasing installation costs. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 113: Poe Operation
There are two factors to consider in the PoE feature: • The amount of power that the PSE can supply • The amount of power that the PD is actually attempting to consume Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 114: Configuring Poe Properties
These settings are entered in advance. When the PD actually connects and is consuming power, it might consume much less than the maximum power allowed. Output power is disabled during power-on reboot, initialization, and system configuration to ensure that PDs are not damaged. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 115 Nominal Power—The total amount of power the switch can supply to all the • connected PDs. Consumed Power—Amount of power currently being consumed by the PoE • ports. Available Power—Nominal power - the amount of consumed power. • Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 116: Configuring The Poe Power, Priority, And Class
For example, if the power supply is running at 99% usage and port 1 is prioritized as high, but port 3 is prioritized as low, port 1 receives power and port 3 might be denied power. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 117 PSE. Signatures are generated during powered device detection, classification, or maintenance. Click Apply. The PoE settings for the port are defined and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 118: Chapter 11: Vlan Management
A port in VLAN Access mode can be part of only one VLAN. If it is in General or Trunk mode, the port can be part of one or more VLANs. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 119 The IP router can be a VLAN-aware router, where each of its interfaces can connect to one or more VLANs. Traffic to and from a VLAN-aware IP router can be VLAN tagged or untagged. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 120 4. Assign interfaces to VLANs by using the Configuring Port to VLAN section or Configuring VLAN to Port section. 5. You can view the current VLAN port membership for all the interfaces in the Viewing VLAN Membership section. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 121: Configuring Default Vlan Settings
• The original Default VLAN ID is removed from the switch. To be used, it must be recreated. • Adds the ports as untagged VLAN members of the new default VLAN. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 122: Creating Vlans
You can create a VLAN, but this has no effect until the VLAN is attached to at least one port, either manually or dynamically. Ports must always belong to one or more VLANs. The Cisco Sx300 Series switch supports 256 VLANs; default VLAN included.
Page 123 To create a range of VLANs, select the Range radio button, and specify the range of VLANs to be created by entering the Starting VID and Ending VID, inclusive. Click Apply to create the VLAN(s). STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 124: Configuring Vlan Interface Settings
Configuring VLAN Interface Settings Configuring VLAN Interface Settings Interface Settings Page displays and enables configuration of VLAN-related parameters for all interfaces. The Cisco Sx300 Series switch supports 256 VLANs; default VLAN included. To configure the VLAN settings: Interface Settings Page Click VLAN Management >...
Page 125: Configuring Vlan Interface Settings
OUI. (Telephony OUIs are configured by using the procedure in the Configuring Telephony OUI section.) Click Apply. The parameters are set, and the switch is updated. STEP 5 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 126: Defining Vlan Membership
Click VLAN Management > Port to VLAN. The Port to VLAN Page opens. STEP 1 Select a VLAN and the interface type (Port or LAG), and click Go to display or to STEP 2 change the port characteristic with respect to the VLAN. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 127: Configuring Vlan To Port
Select interface type (Port or LAG), and click Go. The following fields are STEP 2 displayed for all interfaces of the selected type: • Interface—Port/LAG ID. Interface Settings • Mode—Interface VLAN mode that was selected in the Page. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 128: Viewing Vlan Membership
To view VLAN membership: Port VLAN Click VLAN Management > Port VLAN Membership. The STEP 1 Membership Page opens. Select an interface type (Port or LAG), and click Go. STEP 2 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 129: Gvrp Settings
Click VLAN Management > GVRP Settings. The GVRP Settings Page opens. STEP 1 Select GVRP Global Status to enable GVRP globally. STEP 2 Click Apply to set the global GVRP status. STEP 3 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 130: Assigning Mac-Based Vlan Groups
1. Assign the MAC address to a Group ID (an identifier created by using the Based Groups Page Mapping Group 2. For each interface, assign the VLAN group to a VLAN by using to VLAN Page . (The interfaces must be in General mode.) Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 131: Assigning Vlan Group Id To Vlan Per Interface
Interface—Type of interface (Port or LAG), through which traffic is received for this group. MAC Based Groups Page • Group ID—VLAN group defined in the • VLAN ID—Traffic is forwarded from the VLAN group to this VLAN. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 132: Voice Vlan
Voice VLAN, and has a source MAC address that is configured with telephony OUI. (Telephony OUIs are configured by using the procedure in the Configuring Telephony OUI section.) Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 133: Voice Vlan Options
• Create a new VLAN to serve as the Voice VLAN by using the Create VLAN Page, or configure an existing VLAN as described in the Configuring Voice VLAN Properties section. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 134: Voice Vlan Constraints
Voice VLAN does not have candidate ports. • The Voice VLAN cannot be the Guest VLAN. • The interface VLAN of a candidate port must be in General mode or Trunk mode. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 135: Configuring Voice Vlan Properties
Voice VLAN. If this option is selected, the outer user priority will be the new CoS. Otherwise, the outer user priority will be the original CoS, since Trust mode is used. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 136: Configuring Telephony Oui
OUIs. Add Telephony OUI Page Click Add. The opens. STEP 2 Enter the values for the following fields: STEP 3 • Telephony OUI—Enter a new OUI. • Description—Enter an OUI name. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 137 VLAN Management Configuring Voice VLAN Properties Click Apply. The OUI is added. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 138: Chapter 12: Configuring The Spanning Tree Protocol
STP provides a tree topology for any arrangement of Layer 2 switches and interconnecting links, creating a unique path between end stations on a network, eliminating loops. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 139 MSTP provides full connectivity for packets allocated to any VLAN. MSTP is based on RSTP. In addition, MSTP transmits packets assigned to various VLANs through different multiple spanning tree (MST) regions. MST regions act as a single bridge. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 140: Configuring Stp Status And Global Settings
MAC addresses are used to determine which is the Root Bridge. The bridge priority value is provided in increments of 4096. For example, 4096, 8192, 12288, and so on. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 141: Defining Spanning Tree Interface Settings
The STP Interface Settings Page enables you to configure STP on a per-port basis, and to view the information learned by the protocol, such as the designated bridge. The configuration entered on this page is active for all flavors of the STP protocol. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 142 Learning—The port is in Learning mode. The port cannot forward traffic, but it can learn new MAC addresses. Forwarding—The port is in Forwarding mode. The port can forward traffic and learn new MAC addresses. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 143: Configuring Rapid Spanning Tree Settings
Click Spanning Tree > RSTP Interface Settings. The RSTP Interface Settings STEP 2 Page opens: Select a port. (Activate Protocol Migration is only available after selecting the port STEP 3 connected to the bridge partner being tested.) Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 144 LAN has two or more connections connected to a shared segment. Disabled—The port is not participating in Spanning Tree. • Mode—Displays the current Spanning Tree mode: Classic STP or RSTP. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 145: Multiple Spanning Tree
2. Define MTP Instances. Each MST instance calculates and builds a loop free topology to bridge packets from the VLANs that map to the instance. Refer to Mapping VLANs to a MST Instance section. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 146: Defining Mstp Properties
Click Spanning Tree > STP Status and Global Settings. The STEP 1 Global Settings Page displays. Enable MSTP. MSTP Properties Page Click Spanning Tree > MSTP Properties. The displays. STEP 2 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 147: Mapping Vlans To A Mst Instance
Configuration on this page (and all of the MSTP pages) applies if the system STP mode is MSTP. Up to seven MST instances can be defined on Cisco Small Business 300 Series switches. For those VLANs that are not explicitly mapped to one of the MST instances, the switch automatically maps them to the CIST (Core and Internal Spanning Tree) instance.
Page 148: Defining Mst Instance Settings
Designated Root Bridge ID—Displays the priority and MAC address of the Root Bridge for the MST instance. • Root Port—Displays the root port of the selected instance. • Root Path Cost—Displays the root path cost of the selected instance. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 149: Defining Mstp Interface Settings
Path Cost—Set the port contribution to the root path cost or use the default value. The root path cost is the cost of the switch to the Root Bridge of the specified MST instance. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 150 Mode—Displays the current Spanning Tree mode. Classic STP—Classic STP is enabled on the port. Rapid STP—Rapid STP is enabled on the port. MSTP—MSTP is enabled on the port. • Type—Displays the MST type of the port. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 151 Remaining Hops—Displays the hops remaining to the next destination. • Forward Transitions—Displays the number of times the port has changed from the Forwarding state to the Blocking state. Click Apply. The switch is updated. STEP 5 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 152: Chapter 13: Managing Mac Address Tables
The addresses are bound to the assigned interface. If a static address is seen on another interface, the address is ignored and it is not written to the address table. Static Addresses Page enables viewing statically-configured MAC addresses and creating new static MAC addresses. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 153: Dynamic Mac Addresses
MAC address for a certain period. This period of time is the aging interval. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 154: Configuring Dynamic Mac Address Parameters
In the Filter block, enter the following query criteria: STEP 2 VLAN ID—Enter the VLAN ID for which the table is queried. • MAC Address—Enter the MAC address for which the table is queried. • Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 155: Defining Reserved Mac Addresses
Click MAC Address Tables > Reserved MAC Addresses. The Reserved MAC STEP 1 Addresses Page opens. This page displays the reserved MAC addresses. Click Add. The Add Reserved MAC Address Page opens. STEP 2 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 156: Defining Reserved Mac Addresses
Action—Select one of the following actions to be taken upon the arriving • packet that matches the selected criteria: Discard—Delete the packet. Bridge—Forward the packet to all VLAN members. Click Apply. A new MAC address is reserved. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 157: Chapter 14: Configuring Multicast Forwarding
Cable-TV like service, where clients can join a channel in the middle of a transmission, and leave before it ends. The data is sent only to relevant ports. Forwarding the data only to the relevant ports conserves bandwidth and host resources on links. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 158: Typical Multicast Setup
When the switch is IGMP/MLD snooping enabled and receives a frame for a multicast stream, it forwards the multicast frame to all the ports that have registered to receive the multicast stream using IGMP Join messages. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 159: Multicast Registration
Multicast traffic generated in the network. The following versions are supported: • IGMP v1/v2/ v3 • MLD v1/v2 • A simple IGMP Snooping Querier Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 160: Multicast Address Properties
For IPv6, this is mapped by taking the 32 low order bits of the Multicast address, and adding them with the prefix of 33:33. For example, the IPv6 Multicast address FF00:1122:3344 is mapped to Layer 2 Multicast 33:33:11:22:33:44. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 161: Defining Multicast Properties
(S,G) is supported by IGMPv3 and MLDv2, while IGMPv1/2 and MLDv1 support only (*.G) which is just the group ID. The switch supports a maximum of 256 static and dynamic multicast group addresses. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 162: Mac Group Address
VLAN ID or a specific MAC address group. This data is acquired either dynamically through IGMP/MLD snooping or statically by manual entry. • Add or delete static entries to this database which provides static forwarding information based on MAC destination addresses. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 163: Mac Group Address
Click Go to display the port or LAG membership. STEP 8 Select the way that each interface is associated with the Multicast group: STEP 9 • Static—Attaches the interface to the Multicast group as a static member. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 164: Ip Multicast Group Address
Click Go. The results are displayed in the lower block. When Bonjour and IGMP are STEP 3 enabled on a Layer 2 switch, the IP Multicast address of Bonjour is displayed. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 165 STEP 10 • Static—Attaches the interface to the Multicast group as a static member. • Dynamic—Indicates that the interface was added to the Multicast group as a result of IGMP/MLD snooping. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 166: Igmp Snooping
Multicast router. For example, where Multicast content is provided by a local server, but the router (if one exists) on that network does not support Multicast. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 167 MRouter Ports Auto Learn—Enable or disable auto learning of the ports to which the Mrouter is connected. • Query Robustness—Enter the Robustness Variable value to be used if this switch is the elected querier. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 168: Igmp Snooping
IGMP Querier. This can be the IP address of the VLAN or it can be the management IP address. • Operational Querier Source IP Address—Displays the source IP address of the elected querier. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 169: Mld Snooping
On which ports Multicast routers sending Multicast frames are located This knowledge is used to exclude irrelevant ports (ports on which no stations have registered to receive a specific Multicast group) from the forwarding set of an incoming Multicast frame. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 170 • Operational Query Interval—The time interval in seconds between General Queries received from the elected querier. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 171: Igmp/Mld Ip Multicast Group
224. 1 . 1 . 1 and 225. 1 . 1 . 1 , both are mapped to the same MAC Multicast address 01:00:5e:01:01:01. In this case, there is a single entry in the MAC Multicast page, but two entries on this page. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 172: Multicast Router Port
On this page, it is possible to statically configure or dynamically detect which ports are connected to Mrouters. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 173: Defining Forward All Multicast
If it is disabled, then all Multicast traffic is flooded to all ports in the switch. You can statically configure a port to Forward All, if the devices connecting to the port does not support IGMP and/or MLD. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 174: Defining Unregistered Multicast Settings
Multicast group. Multicast groups can also be statically configured. Multicast groups that were either dynamically learned or statically configured, are considered registered. This enables the Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 175 • Interface—Select the interface to be modified. • Unregistered Multicast—Define the forwarding status of the interface. The options are as follows: Forwarding—Enables forwarding of unregistered Multicast frames to the selected interface. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 176: Defining Unregistered Multicast Settings
Configuring Multicast Forwarding Defining Unregistered Multicast Settings Filtering—Enables filtering of unregistered Multicast frames to the selected interface. Click Apply. The settings are saved, and the switch is updated. STEP 5 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 177: Chapter 15: Configuring Ip Information
DHCPDISCOVER packet that restarts the process. If the switch does not receive a DHCP response in 60 seconds, it continues to send DHCPDISCOVER queries, and adopts the default IP address: 192. 1 68. 1 .254/ Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 178 When no statically defined or DHCP-acquired IP address is available, the default IP address is used. When the other IP addresses becomes available, the addresses are automatically used. The default IP address is always on the management VLAN. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 179: Managing Ipv6
VLAN Assignment, VLAN Rate Limit, SYN Rate DoS Protection, and Advanced QoS Policers. Configuring the switch to work in either mode is done by the Console interface, described in the Console Menu Interface chapter of the administration guide. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 180 All the IP addresses configured or assigned to the switch are also referred as Management IP addresses in this guide. The following sections include configuration information that is relevant to both Layer 2 and Layer 3 modes. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 181 Operational Default Gateway—Displays the current default gateway status. If the switch is not configured with a default gateway, it cannot NOTE communicate with other devices that are not in the same IP subnet. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 182 Interface—Interface for which the IP address is defined. • IP Address Type—IP address defined as static or DHCP. Static—Entered manually. DHCP—Received from DHCP server. • IP Address—Configured IP address for the interface. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 183 STEP 5 • Network Mask—IP mask for this address. • Prefix Length—Length of the IPv4 prefix. Click Apply. The IPv4 address settings are defined, and the switch is updated. STEP 6 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 184: Defining Ipv6 Global Configuration
A tunnel interface is configured with an IPv6 address based on the settings defined in the IPv6 Tunnel Page. To configure IPv6 interfaces: In Layer 2 mode, click Administration > Management Interface > IPv6 STEP 1 Interfaces. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 185 Solicited-Node Multicast address (format FF02::1:FFXX:XXXX) Click IPv6 Address Table to manually assign IPv6 addresses to the interface, if STEP 5 required. This page is described in the “Defining IPv6 Addresses” section. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 186: Defining Ipv6 Addresses
Prefix Length—The length of the Global IPv6 prefix as a decimal value from 0-128 indicating the number of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 187: Defining An Ipv6 Default Router List
Interface—Outgoing IPv6 interface where the default router resides. • Type—The default router configuration that includes the following options: Static—The default router was manually added to this table through the Add button. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 188: Configuring Ipv6 Tunnels
If an ISATAP interface is active, the ISATAP router IPv4 address is resolved via DNS by using ISATAP-to-IPv4 mapping. If the ISATAP DNS record is not resolved, ISATAP host name-to-address mapping is searched in the host mapping table. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 189 ISATAP Solicitation Interval—The number of seconds from 10-3600 between ISATAP router solicitations messages, when there is no active ISATAP router. The interval can be the default value (10 seconds) or a user defined interval. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 190: Defining Ipv6 Neighbors Information
• —Deletes the static IPv6 address entries. Dynamic Only • —Deletes the dynamic IPv6 address entries. All Dynamic & Static • —Deletes the static and dynamic address entries IPv6 address entries. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 191 MAC Address—Enter the MAC address mapped to the specified IPv6 address. Click Apply. The switch is updated. STEP 5 Modifying an IPv6 Neighbor In Layer 2 mode, click Administration > Management Interface > IPv6 STEP 1 Neighbors. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 192: Viewing Ipv6 Route Tables
IPv6 Address—The IPv6 subnet address. • Prefix Length—IP route prefix length for the destination IPv6 subnet address. It is preceded by a forward slash. • Interface—Interface used to forward the packet. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 193: Defining Ipv4 Static Routing
Network Mask—The IP route prefix for the destination IP. Prefix Length—The IP route prefix for the destination IP. • Next Hop Router IP Address—Enter the next hop IP address or IP alias on the route. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 194: Enabling Arp Proxy
Click IP Configuration > ARP Proxy. STEP 1 The ARP Proxy Page opens. Select ARP Proxy to enable the switch to respond to ARP requests for remotely- STEP 2 located nodes with the switch MAC address. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 195: Defining Udp Relay
0.0.0.0, UDP packets are discarded. If this field is 255.255.255.255, UDP packets are flooded to all IP interfaces. Click Apply. The UDP relay settings are defined, and the switch is updated. STEP 6 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 196: Dhcp Relay
DHCP server passes the configuration information to hosts on a TCP/IP network. This permits the DHCP server to limit the address allocation to authorized hosts. DHCP with Option 82 can only be enabled if DHCP Relay is enabled. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 197: Defining Dhcp Relay Interfaces
This page displays the interface where DHCP Relay is defined, and the IP address. In Layer 3, port, LAG, or VLANs are offered; in Layer 2 only VLANs are offered. Add DHCP Interface Page (Layer 2) Click Add. The opens. STEP 2 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 198: Configuring Arp
ARP Entry Age Out time. When a dynamic address ages out, it is deleted from the table, and needs to be relearned to be entered into the table again. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 199 IP Address—Enter the IP address of the local device. • MAC Address—Enter the MAC address of the local device. Click Apply. The ARP entry is defined, and the switch is updated. STEP 6 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 200: Domain Name Systems
Each static server has a priority, a lower value means a higher priority. When first time the request is sent, static server with lowest priority is chosen. If after two retries there is no response from this server, the next server with Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 201: Mapping Dns Hosts
DNS cache, and ends by sending requests to the external DNS server. The Host Mapping Page enables configure static mappings between a DNS host name and an IP address. Several IP addresses are supported per DNS per host name. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 202 IP Address—Enter an IP v4 IP address or enter up to four IPv6 host IP addresses. Addresses 2–4 are backup addresses. Click Apply. The DNS host is added, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 203: Chapter 16: Configuring Security
Access control of end-users to the network through the switch is detailed in the following sections: • Management Access Authentication • Access Profiles • Defining Users • TACACS+ Configuration • Configuring RADIUS Parameters • Configuring Port Security Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 204: Defining Users
A user, in this context, is a system administrator or superuser, who manages the switch. The default username is cisco and the default password is cisco. The first time that you log in with the default username and password, you are required to enter a new password.
Page 205: Setting Password Complexity Rules
The New Password Must Be Different than the Current One—If selected, the new password cannot be the same as the current password. • Password Aging—If selected, the user is prompted to change the password when the Password Aging Time expires. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 206: Tacacs+ Configuration
Some TACACS+ servers support a single connection that enables the device to receive all information in a single connection. If the TACACS+ server does not support this, the device reverts back to multiple connections. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 207: Configuring Default Tacacs+ Parameters
STEP 4 Adding a TACACS+ Server Click Security > TACACS+. The TACACS+ Page displays. STEP 1 Click Add. The Add TACACS+ Server Page displays. STEP 2 Enter the parameters. STEP 3 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 208: Configuring Radius Parameters
For the RADIUS server to grant access to the web-based switch configuration utility, the RADIUS server must return cisco-avpair = shell:priv-lvl=15. Use this page to enable the configuration of the RADIUS server parameters the switch uses to communicate with the servers.
Page 209: Adding A Radius Server
Click Apply. The RADIUS settings for the switch are updated. STEP 3 Adding a RADIUS Server Click Security > RADIUS. The RADIUS Page displays. STEP 1 Click Add. The Add RADIUS Server Page displays. STEP 2 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 210 Dead Time—Enter the number of minutes that must pass before a non- responsive RADIUS server is bypassed for service requests. Select Use Default to use the default value for the dead time. If you enter 0 minutes, there is no dead time. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 211: Management Access Authentication
Use the arrows to move the authentication method between the Optional Methods STEP 3 column and the Selected Methods column. The first method selected is the first method that is used. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 212: Access Profiles
(top to bottom). Rules are composed of filters that include the following elements: • Access Methods—Methods for accessing and managing the switch: Telnet Secure Telnet (SSH) Hypertext Transfer Protocol (HTTP) Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 213: Displaying, Adding, Or Activating An Access Profile
To display, add, or select a different active access profile: Click Security > Mgmt Access Method > Access Profiles. The Access Profiles STEP 1 Page displays. This page displays all of the access profiles, active and inactive. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 214: Access Profiles
HTTP access profile criteria, are permitted or denied. Secure HTTP (HTTPS)—Users requesting access to the switch who meet the HTTPS access profile criteria, are permitted or denied. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 215 IP address prefix. Click Apply. The access profile is created, and the switch is updated. You can now STEP 6 select this access profile as the active access profile. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 216: Defining Profile Rules
Telnet—Users requesting access to the switch who meet the Telnet access profile criteria are permitted or denied access. Secure Telnet (SSH)—Users requesting access to the switch who meet the Telnet access profile criteria, are permitted or denied access. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 217 Prefix Length—Select the Prefix Length and enter the number of bits that comprise the source IP address prefix. Click Apply, and the rule is added to the access profile. STEP 5 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 218: Configuring Tcp/Udp Services
State—Status of the service. The UDP Services table displays the following information: • Service Name—Management access method through which the switch is offering the service. • Type—IP protocol the service uses. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 219: Defining Storm Control
Select a port and click Edit. The Edit Storm Control Page displays. STEP 2 Enter the parameters. STEP 3 • Port—Select the port for which storm control is enabled. • Storm Control—Select to enable Storm Control. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 220: Configuring Port Security
Limited Dynamic Lock—The switch learns MAC addresses up to the configured limit of allowed addresses. After the limit is reached the switch does not learn additional addresses. In this mode, the addresses are subject to aging and re-learning. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 221 Interface must be cleared. After the mode is changed, the Lock Interface can be reinstated. The options are: Classic Lock—Locks the port immediately, regardless of the number of addresses that have already been learned. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 222 Port-based access control has the effect of creating two types of access on the switch ports. One point of access enables uncontrolled communication, regardless of the authorization state (uncontrolled port). The other point of access authorizes communication between the host and the switch. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 223 RADIUS server during the authentication process. The switch classifies untagged packets to the assigned VLAN if the packets are originated from the devices or ports that are authenticated and authorized. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 224 802. 1 x supplicant has precedence over non-802. 1 x device. The 802. 1 x supplicant preempts an authorized but non-802. 1 x device at a port that is configured with a single session. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 225 The switch also uses the Guest VLAN for the authentication process at ports configured with Multiple Session mode and MAC-Based Authentication. Therefore, you must configure a Guest VLAN before you can use the MAC authentication mode. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 226: 802.1X Parameters Workflow
RADIUS, None—Perform port authentication first by using the RADIUS server. If no response is received from RADIUS (for example, if the server is down), then no authentication is performed, and the session is permitted Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 227: Configuring Unauthenticated Vlans
Select a VLAN, and click Edit. The Edit VLAN Authentication Page displays. STEP 2 Select a VLAN. STEP 3 Optionally, uncheck Authentication to make the VLAN an unauthenticated VLAN. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 228: Defining 802.1X Port Authentication
Authorized, the port is either authenticated or the Administrative Port Control is Force Authorized. Conversely, if the state is Unauthorized, then the port is either not authenticated or the Administrative Port Control is Force Unauthorized. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 229 After an authentication failure and if Guest VLAN is activated globally on the given port, the guest VLAN is automatically assigned to the unauthorized ports as an Untagged VLAN. Cleared—Disables Guest VLAN on the port. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 230 • Time Range Name—Select the profile that specifies the time range. • Quiet Period—Enter the number of seconds that the switch remains in the quiet state following a failed authentication exchange. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 231: Defining Host And Session Authentication
Multiple Sessions—Enables number of specific authorized hosts to access the port. Each host is treated as if it were the first and only user and must be authenticated. Filtering is based on the source MAC address. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 232 Action on Violation—Select the action to be applied to packets arriving in Single Session/Single Host mode, from a host whose MAC address is not the supplicant MAC address. The options are: Discard—Discards the packets. Forward—Forwards the packets. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 233: Viewing Authenticated Hosts
Authentication Method—Method by which the last session was authenticated. The options are: None—No authentication is applied; it is automatically authorized. RADIUS—Supplicant was authenticated by a RADIUS server. • MAC Address—Displays the supplicant MAC address. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 234: Defining Time Ranges
Click Security > 802.1X > Time Range. The Time Range Page displays. STEP 1 Click Add. The Add Absolute Time Range Page displays. STEP 2 Enter the parameters. STEP 3 • Time Range Name—Enter a time range name. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 235: Defining A Recurring Range
• Recurring Ending Time—Enter the day of the week and time on which the recurring range ends. Click Apply. The recurring range is added to the time range. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 236: Denial Of Service Prevention
Before activating Denial of Service Prevention, you must unbind all Access Control NOTE Lists (ACLs) or advanced QoS policies that are bound to a port. ACL and advanced QoS policies are not active when a port has Denial of Service Protection. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 237 The switch supports a set of reserved Martian addresses that are illegal from the view point of the IP protocol. The supported reserved Martian addresses are: Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 238: Denial Of Service Prevention
IP Address—Enter the Martian IP addresses for which Denial of Service Prevention is enabled. The values are: From reserved List—Select a well-known IP address from the reserved list. New IP Address—Enter an IP address. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 239 Known Ports—Select a port from the list. User Defined—Enter a port number. All Ports—Select to indicate that all ports are filtered. Click Apply. The SYN filter is defined, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 240 IP address prefix. • SYN Rate Limit—Enter the number of SYN packets allowed. Click Apply. The SYN rate protection is defined, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 241 To define fragmented IP blocking: Click Security > Denial of Service Prevention > IP Fragments Filtering. The IP STEP 1 Fragments Filtering Page displays. This page displays the fragmented IP blocking per interface. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 242 Prefix Length—Select the Prefix Length and enter the number of bits that comprise the source IP address prefix. Click Apply. The IP fragmentation is defined, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 243: Chapter 17: Access Control
Either a DENY or PERMIT action is applied to frames whose contents match the filter. The switch support a maximum of 512 ACLs, and a maximum of 512 ACEs. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 244 If a frame matches the filter in an ACL, it is defined as a flow with the name of that ACL. In advanced QoS, these frames can be referred to using this Flow name, and QoS can be applied to these frames (see QoS Advanced Mode). Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 245 Configuring a Policy (Edit). Delete the class map containing the ACL, by using Defining Class Mapping. Only then can the ACL be modified, as described in the sections of this chapter. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 246: Defining Mac-Based Acls
One is the highest priority. • Action—Select the action taken upon a match. The options are: Permit—Forward packets that meet the ACE criteria. Deny—Drop packets that meet the ACE criteria. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 247: Ipv4-Based Acls
Click Apply. The Add MAC Based ACE is defined, and the switch is updated. STEP 5 IPv4-based ACLs IPv4-based ACLs are used to check IPv4 packets, while other types of frames, such as ARPs, are not checked. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 248: Defining An Ipv4-Based Acl
Click Access Control > IPv4 Based ACE. The IPv4 Based ACE Page opens. STEP 1 Select an ACL, and click Go. All currently-defined IP ACEs for the selected ACL are STEP 2 displayed. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 249 RDP—Reliable Datagram Protocol. IDPR—Inter-Domain Policy Routing Protocol IPV6—IPv6 over IPv4 tunneling IPV6:ROUT—Matches packets belonging to the IPv6 over IPv4 route through a gateway IPV6:FRAG—Matches packets belonging to the IPv6 over IPv4 Fragment Header Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 250 Any—Match to all source ports. Single—Enter a single TCP/UDP source port to which packets are matched. This field is active only if 800/6-TCP or 800/17-UDP is selected in the Select from List drop-down menu. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 251 ICMP Code—The ICMP messages can have a code field that indicates how to handle the message. Select one of the following options to configure whether to filter on this code: Any—Accept all codes. User defined—Enter an ICMP code for filtering purposes. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 252: Ipv6-Based Acls
Enter the name of a new ACL in the ACL Name field. The names are STEP 3 case-sensitive. Click Apply. The IPv6-based ACL is defined, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 253 Protocol ID to Match—Enter the ID of the protocol to be matched. • Source IP Address—Select Any if all source address are acceptable or User defined to enter a source address or range of source addresses. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 254 Either select the message type by name or enter the message type number. If all message types are accepted, select Any. Any—All message types are accepted. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 255: Defining Acl Binding
MAC ACL—ACLs of type MAC that are bound to the interface (if any). • IPv4 ACL—ACLs of type IPv4 that are bound to the interface (if any). • IPv6 ACL—ACLs of type IPv6 that are bound to the interface (if any). Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 256 Click Apply. The ACL binding is modified, and the switch is updated. STEP 7 If no ACL is selected, the ACL(s) that is previously bound to the NOTE interface is unbound. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 257: Chapter 18: Configuring Quality Of Service
The QoS feature is used to optimize network performance. QoS provides the following: • Classification of incoming traffic to traffic classes, based on attributes, including: Device Configuration Ingress interface Packet content Combination of these attributes Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 258: Qos Modes
A policer applies the configured QoS to a flow. The QoS configuration of a flow may consist of egress queue, the DSCP or CoS/802. 1 p value, and actions on out of profile (excess) traffic. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 259: Qos Workflow
CoS/802. 1 p priority in the packets. This is done by using the CoS/802. 1 p to Queue Page. 6. If required for Layer 3 traffic only, assign a queue to each DSCP/TC value, by using the DSCP to Queue Page. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 260: Configuring Qos
Click Quality of Service > General > QoS Properties. The QoS Properties Page STEP 1 opens. Select the QoS Mode (Disable, Basic, or Advanced) that will be active on the STEP 2 switch and click Apply. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 261: Modifying Interface Default Cos Value
(that do not have a VLAN tag). The range is 0-7. Click Apply. The interface default CoS value is set, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 262: Configuring Qos Queues
WRR queues. Only after the strict priority queues have been emptied is traffic from the WRR queues forwarded. (The relative portion from each WRR queue depends on its weight). Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 263: Mapping Cos/802.1P To A Queue
Default Mapping Queues 802.1p Queue Queue Notes Values (4 queues 1- (2 queues: (0-7, 7 being 4, 4 being the Normal and the highest) highest High) priority) Normal Background Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 264 Output Queue—Select the egress queue to which the 802. 1 p priority is mapped. Four egress queues are supported, where Queue 4 is the highest priority egress queue and Queue1 is the lowest priority. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 265: Mapping Dscp To Queue
Select the Output Queue (traffic forwarding queue) to which the DSCP value is STEP 2 mapped. Click Apply. The switch is updated. STEP 3 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 266: Configuring Bandwidth
This amount can be sent even if it temporarily increases the bandwidth beyond the allowed limit. Click Apply. The bandwidth settings are modified, and the switch is updated. STEP 5 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 267: Configuring Egress Shaping Per Queue
CBS is the maximum burst of data allowed to be sent even if a burst exceeds CIR. Click Apply. The bandwidth settings are modified, and the switch is updated. STEP 6 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 268: Configuring Vlan Rate Limit
If there is more than one device in the system (for example if a network includes 2 Cisco 24-port 10/100 switches participating in the same VLAN), the configured VLAN rate limit values will be applied on each of the devices independently.
Page 269: Tcp Congestion Avoidance
Enable or disable the global selected trusted mode at the ports by using the Interface Settings Page. If a port is disabled without trusted mode, all its ingress packets are forward in best effort. It is recommended that you disable Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 270: Configuring Global Settings
If Override Ingress DSCP was enabled, click DSCP Override Table to STEP 4 reconfigure DSCP. The DSCP Override Table Page opens. Out of Profile DSCP Mapping Page For more information about this page, see the which provides the same fields. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 271: Interface Qos Settings
Frames that match an ACL and were permitted entrance are implicitly labeled with the name of the ACL that permitted their entrance. Advanced mode QoS actions can then be applied to these flows. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 272 • Definition of the actions to be applied to frames in each flow that match the rules. • Binding the combinations of rules and action to one or more interfaces. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 273: Workflow To Configure Advanced Qos Mode
DSCP Mapping Table. The switch uses the new values to assign resources and the egress queues to these packets. The switch also physically replaces the original DSCP value in the out of profile packets with the new DSCP value. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 274 Select the DSCP Out value to where the incoming value is mapped. STEP 2 Click Apply. The switch is updated with the new DSCP remarking table. STEP 3 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 275: Defining Class Mapping
IP or MAC—A packet must match either the IP based ACL or the MAC based ACL in the class map. • IP—Select the IPv4 based ACL or the IPv6 based ACL for the class map. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 276: Qos Policers
An amount of traffic, measured in bytes, called a Committed Burst Size (CBS). This is traffic that is allowed to pass as a temporary burst even if it is above the defined maximum rate. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 277: Defining Aggregate Policers
Exceed Action—Select the action to be performed on incoming packets that exceed the CIR. Possible values are: Forward—Packets exceeding the defined CIR value are forwarded. Drop—Packets exceeding the defined CIR value are dropped. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 278: Configuring A Policy
Click Add to open the Add Policy Page. Enter the name of the new policy in the New Policy field. STEP 3 Click Apply. The QoS policy profile is added, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 279: Policy Class Maps
DSCP value and the DSCP to Queue Table. Otherwise, the egress queue of the packet is based on the packet's CoS/802. 1 p value and the CoS/ 802. 1 p to Queue Table. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 280 Drop—Packets exceeding the defined CIR value are dropped. Out of Profile DSCP—IP packets exceeding the defined CIR are forwarding with a new DSCP derived from the Out Of Profile DSCP Mapping Table. Click Apply. STEP 5 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 281: Policy Binding
This page is not displayed when the switch is in Layer 3 mode. NOTE Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 282 Aggregate Policer Name—Policer on which statistics are based. • In-profile bytes—Number of in-profile packets that were received. • Out-of-profile bytes—Number of out-of-profile packets that were received. Click Add and the Add Aggregate Policer Statistics Page opens. STEP 2 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 283: Viewing Queues Statistics
• Total packets—Number of packets forwarded or tail dropped. • Tail Drop packets—Percentage of packets that were tail dropped. Click Add. The Add Queues Statistics Page opens. STEP 2 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 284 Queue—Select the queue for which statistics are displayed. • Drop Precedence—Enter drop precedence that indicates the probability of being dropped. Click Apply. The Queue Statistics counter is added, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 285: Chapter 19: Configuring Snmp
To control access to the system, a list of community entries is defined. Each community entry consists of a community string and its access privilege. Only SNMP messages with the suitable community string and operation are responded to by the system. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 286: Snmp Versions And Workflow
• Key Management—Defines key generation, key updates, and key use. The switch supports SNMP notification filters based on Object IDs (OID). OIDs are used by the system to manage device features. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 287: Snmp Workflow
2. Optionally, define a notification filter(s) by using the SNMPv1,2 Notification Recipient 3. Define a notification recipient(s) by using the Page SNMPv3 Notification Recipient Page and/or , respectively. Supported MIBs The following standard MIBs are supported: • CISCO-CDP-MIB.mib Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 288 • inet-address-mib.mib • ip-forward-mib.mib • ip-mib.mib • lldp.mib • p-bridge-mib.mib • q-bridge-mib.mib • RFC-1212.mib • rfc1213.mib • rfc1389.mib • rfc1493.mib • rfc1611.mib • rfc1612.mib • rfc1757.mib • rfc1850.mib • rfc1907.mib Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 289 • rfc2618.mib • rfc2620.mib • rfc2665.mib • rfc2668.mib • rfc2674.mib • rfc2737.mib • rfc2851.mib • rfc2925.mib • rfc3621.mib • rfc4668.mib • rfc4670.mib • rmon2.mib • SNMPv2-CONF.mib • SNMPv2-SMI.mib • SNMPv2-TC.mib Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 290 Configuring SNMP SNMP Versions and Workflow • trunk.mib • udp-mib.mib Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 291: Model Oids
9.6. 1 .82.24.2 Managed Switch SF 300-48 48-port 10/100 Managed e1-e48, g1-g4 9.6. 1 .82.48. 1 Switch SF 300-48P 48-port 10/100 PoE e1-e48, g1-g4 9.6. 1 .82.48.2 Managed Switch Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 292: Snmp Engine Id
First 4 octets—First bit = 1, the rest is the IANA enterprise number. Fifth octet—Set to 3 to indicate the MAC address that follows. Last 6 octets—MAC address of the switch. • None—No Engine ID is used. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 293: Configuring Snmp Views
Object ID Subtree View Type—Displays whether the defined subtree is included or excluded in the selected SNMP view. Add View Page Click Add to define new views. The opens. STEP 3 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 294: Configuring Snmp Views
Include in view option is selected. This means that the node and its descendents are included or excluded from the view. The SNMP views are defined, and the switch is updated. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 295: Creating Snmp Groups
Group Name—Enter a new group name for which privileges are being defined. The field range is up to 30 ASCII characters. • Security Model—Select the SNMP version attached to the group. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 296: Managing Snmp Users
SNMP user login credentials are verified using the local database. Groups enable network managers to assign access rights to specific features, or feature aspects, to an entire group of users instead of to a single user. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 297 Enter the remote engine ID. • Group Name—Select the SNMP groups to which the SNMP user belongs. Add Group Page SNMP groups are defined in the Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 298: Defining Snmp Communities
SNMP management station. Communities are only defined in SNMPv1 and v2 because SNMP v3 works with users instead of communities. The users belong to groups that have access rights assigned to them. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 299 • Link Local Interface—If the IPv6 address type is Link Local, select whether it is received through VLAN2 or ISATAP. • IP Address—Enter the SNMP management station IPv4 address. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 300 Advanced—Select this mode for a selected community. Group Name—Select an SNMP group that determines the access rights. Click Apply. The SNMP Community is defined, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 301: Defining Trap Settings
The Add/Edit pop-ups enable configuring the attributes of the notifications. An SNMP notification is a message sent from the switch to the SNMP management station indicating that a certain event has occurred, such as a link up/down. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 302: Defining Snmpv1,2 Notification Recipients
• Notification Version—Select the trap SNMP version. Either SNMPv1 or SNMPv2 may be used as the version of traps, with only a single version enabled at a single time. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 303: Defining Snmpv3 Notification Recipients
Global—The IPv6 address is a global Unicast IPV6 type that is visible and reachable from other networks. • Link Local Interface—Select the link local interface (if IPv6 Address Type Link Local is selected) from the list. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 304 (Inform) Retries—Enter the number of times that the device resends an inform request. Retries: Range 1-255, default 3 Click Apply. The SNMP Notification Recipient settings are defined, and the switch STEP 4 is updated. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 305: Snmp Notification Filters
Include in filter option is selected. If Object ID is used, the entered object identifier is included in or excluded from the view if the Include in filter option is selected. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 306: Snmp Notification Filters
This means that the node and its descendents are included or excluded from the notification filter. Click Apply. The SNMP views are defined, and the switch is updated. STEP 4 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 307: Chapter 20: Console Menu Interface
In the PC desktop, click the Start button. STEP 1 Select Programs > Accessories > Communications > HyperTerminal. The STEP 2 HyperTerminal - Connection Description window displays. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 308: Communicating By Using A Serial Cable Connection
If this is the first time you have logged in, or the switch has been reset to factory NOTE defaults, you are asked to change your password. (See the Username & Password Settings section to create and save a new password.) Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 309: Communicating By Using A Tcp/Ip Connection
Use these options to create and save a new password. See “Change User Password” page 312. The Switch Main Menu displays. Continue to the Console Interface Main Menu section. STEP 8 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 310: Connecting By Using Telnet
The Change User Password is displayed. Use these options to create and save a new password. Otherwise, the Switch Main Menu displays. Continue to the Console Interface Main Menu section. STEP 8 Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 311: Console Configuration Menu Navigation
Press Esc to navigate from the options list to the action list. The available actions are listed at the bottom of each screen. If you Quit without saving the changes, the changes to the parameter values made in this session are ignored. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 312: Console Interface Main Menu
Management Settings • Username & Password Settings • Security Settings • VLAN Management • IP Configuration • File Management • Delete Startup Configuration • Reboot to Factory Defaults • Reboot System Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 313: System Information
The Management Settings menu provides the following options: • Serial Port Configuration • Telnet Configuration • SSH Configuration • SNMP Configuration Serial Port Configuration Path: Switch Main Menu > System Configuration Menu > Management Settings Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 314 > SSH Server Status Use SSH Server Status to view the SSH server status, the RSA and DSA key status, and any open SSH sessions. Select Refresh to update the screen. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 315: Username & Password Settings
Use Username & Password Settings to configure the user names and passwords of those accessing the switch. Up to five users can be added. The factory default username is cisco. The factory default password is cisco. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 316: Security Settings
Path: Switch Main Menu > System Configuration Menu Use the VLAN Management menu to set the default VLAN. Changes to the default VLAN take effect only after you reboot the switch. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 317: Ip Configuration
Default Gateway—Enter the default gateway address for the switch (IPv4 Address Settings). • Management VLAN—Enter the management VLAN ID (IPv4 Address Settings). • DHCP Client—Use the Spacebar to enable or disable the DHCP client. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 318: Ipv6 Address Configuration
The device supports a maximum of 128 addresses at the interface. Each address must be a valid IPv6 address that is specified in hexadecimal format by using 16-bit values separated by colons. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 319 Path: Switch Main Menu > System Configuration Menu > IP Configuration > HTTP Configuration Use the HTTP Configuration option to enable or disable the HTTP server, and set the HTTP Server port number. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 320: Network Configuration
Use the Ping IPv6 option to enter the IPv6 address, interface type (VLAN, LAG, FE, GE), and interface ID number that you want to test. Select Execute to begin the test. The ping results are displayed in the Status and Statistics fields. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 321 IPv4 Default Route (Layer 3 devices only) Path: Switch Main Menu > System Configuration Menu > IP Configuration > IPv4 Default Route Use IPv4 Default Route to set the Next Hop IP Address for the switch. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 322: File Management
Path: Switch Main Menu > System Configuration Menu > File Management > Upgrade/Backup <IPv6> Use Upgrade/Backup <IPv6> to upload or download files, such as the startup configuration, boot, or image file via a TFTP server. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 323: File Management
Any settings that are not saved to a file are lost after this action is selected. If there is a configuration on a TFTP server, the switch downloads the configuration. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 324: Port Status
Path: Switch Main Menu > Port Status > PoE Status PoE Status displays the status of the PoE ports. Port Configuration Path: Switch Main Menu > Port Configuration Use the Port Configuration Menu to change Port Configuration and PoE configuration. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 325: System Mode
Path: Switch Main Menu > Help Select Help to view information on how to navigate the options in the console interface. Logout Path: Switch Main Menu > Logout Select Logout to end the current console session. Cisco Small Business 300 Series Managed Switch Administration Guide...
Page 326 Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks;...

This manual is also suitable for:

Sf 302-08 Sf 300-24p Sf 300-48 Sf 300-48p Sg 300-10 Sg 300-10mp ... Show all

Cisco SF 300-08 Administration Manual

Chapter 1: Getting Started

Chapter 2: Viewing Statistics

Chapter 3: Managing System Logs

Chapter 4: Managing System Files

Chapter 5: General Administrative Information and Operations

Chapter 6: System Time

Chapter 7: Managing Device Diagnostics

Chapter 8: Configuring Discovery

Chapter 9: Port Management

Chapter 10: Managing Power-Over-Ethernet Devices

Chapter 11: VLAN Management

Chapter 12: Configuring the Spanning Tree Protocol

Chapter 13: Managing MAC Address Tables

Chapter 14: Configuring Multicast Forwarding

Chapter 15: Configuring IP Information

Chapter 16: Configuring Security

Chapter 17: Access Control

Chapter 18: Configuring Quality of Service

Chapter 19: Configuring SNMP

Chapter 20: Console Menu Interface

Quick Links

Related Manuals for Cisco SF 300-08

Summary of Contents for Cisco SF 300-08