4 Gigabit Combo Base-T/SFP Ports INTRODUCTION Thank you for purchasing the Intellinet Network Solutions 24-Port Gigabit Ethernet PoE+ Web-Managed Switch with 4 Gigabit Combo Base-T/SFP Ports. Before you install and use this product, read this manual carefully for a full understanding of its functions.
PACKAGE CONTENTS Before installing the switch, make sure that the following items are enclosed. If any part is missing or damaged, contact your Intellinet Network Solutions agent immediately. • 24-Port Gigabit Ethernet PoE+ Web-Managed Switch with 4 Gigabit Combo Base-T/SFP Ports •...
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports RACKMOUNT INSTALLATION IN 19” CABINET The switch can be mounted in an EIA standard-sized, 19-inch rack, which can be placed in a wiring closet with other equipment. To install the switch, follow these steps: Attach the mounting brackets on the switch’s side panels (one on each side) and secure them with the screws provided.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports HOW TO LOG IN TO THE SWITCH As the switch provides Web-based management login, configure your computer’s IP address manually to log on to the switch. The default settings of the switch are shown below. Parameter Default Value Default IP address...
4 Gigabit Combo Base-T/SFP Ports SAVING THE CONFIGURATION The Intellinet Network Solutions 24‐Port Gigabit Ethernet PoE+ Web Managed Switch provides a myriad of configuration options, many of which are designed for experienced network administrators and aren’t easy to configure. It would be a real shame if all the configuration data was lost after a power failure or after the switch was restarted.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports QUICK SETUP This switch provides a setting that offers direct access to some of the core functions of the device, namely VLAN, trunking, device IP address and admin password. Even though the function is called “Quickly Set, ” there is no need to rush.
Page 11
Access the parameters related to each of the 24 ports. The screen is divided into two sections. The upper section displays an image of the 24 ports of the Intellinet Network Solutions switch. In order to make changes to a port, simply click to select it.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports Once one port or multiple ports are selected, make changes to the port settings. The screen also shows a table that lists all 24 ports along with their parameters. The “mega frame” value refers to jumbo frames, which are Ethernet frames with more than 1500 bytes of payload Define the size of the jumbo frames in the section SYSTEM ->...
3. PORT SPEED LIMIT This feature allows you to limit the data rates for a particular port on the Intellinet Network Solutions switch. When the data rate exceeds user-configured values, the switch drops packets immediately. Rate limiting is configured for two types of transmissions, which are ingress and egress. Ingress traffic is received on any given port (incoming, inbound, download or input speed), whereas egress traffic is traffic sent out (outgoing, outbound, upload or output speed) to another network client.
Errors in the protocol-stack implementation or in the network configuration can cause a broadcast storm. The Intellinet Network Solutions switch allows configuring maximum allowed pps rates for three different types of packets. It’s possible to set all 24 ports to the same value or provide individual values.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports PORT ISOLATION The port isolation function allows you to configure your Intellinet Network Solutions switch to prevent PCs on different ports from communicating with each other without configuring a VLAN. Item Description Source Port Select the port you wish to isolate.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports b. Tagged VLAN packets arriving at the access port are dropped by the switch. c. As far as the switch is concerned, any port that isn’t defined as a trunk or hybrid port is considered an access port.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports Item Description Native VLAN ID The native VLAN ID is the untagged VLAN on an IEEE 802.1q trunked port. The native VLAN and management VLAN (see SYSTEM->SYSTEM CONFIG) can be the same, but in terms of security, it is better that they are not.
Page 18
Allowed TAG VLAN Tagged VLAN packets that are allowed to pass through, all other tagged packets will be dropped. Setup Example This section provides a real-life example and the corresponding setup of the Intellinet Network Solutions switch, or in this case, switches. • There are three VLANs in the network •...
Page 19
However, the PC connected to it cannot tag the packets by itself and therefore must rely on the Intellinet Network Solutions switch to do so. The switch adds the VLAN ID 100 to all packets that are not tagged as VLAN ID 200. Port number two acts as an untagged port (VLAN ID 100) and tagged port (VLAN ID 200) at the same time, hence the name hybrid.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports FAULT/SAFETY In the navigation bar, select “Fault/Safety” to set options for Anti Attack, Channel Detection, ACL and 802.1x. ANTI ATTACK DHCP SNOOPING DHCP snooping is a security technology built into the operating system of a capable network switch that drops DHCP traffic determined to be unacceptable.
Page 21
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports Item Description Native Protection Status Closed: All DHCP related traffic will pass through the switch without any interference. Open: Activates DHCP snooping. DHCP traffic is now subject to certain rules. DHCP Trusted Port These are trusted ports on your network, which are under your direct administrator control.
Page 22
Internet. The Intellinet Network Solutions switch has integrated mechanisms to counter possible DoS attacks such as land attacks or illegal TCP/IP packets. There are configuration options. You simply activate or deactivate this feature.
Page 23
IP/MAC/PORT The Intellinet Network Solutions Switch features IP-MAC-Port Binding. This is a powerful authentication function that ensures the correctness of hardware (MAC address), software/user (IP address), and location (Connected port) for devices connected to the network. This feature ensures they are all from legal sources to prevent the data leakage from hackers faking the legal network devices.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports CHANNEL DETECTION PING Item Description Destination IP IP address you wish to ping. address Timeout Period Define the maximum allowed response time(s) before the response is considered to have timed-out.
ACL rules. The example below shows the setup of a timetable called “WorkingHours. ” Note that the Intellinet Network Solutions switch must be set up with a proper system time (see section System Config).
Page 26
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports SET UP ACL In this section, set up the actual Access Control List (ACL). The ACL connects IP address and port information with a timetable (see previous section) and an action to either allow or deny access to the network through the switch.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports APPLICATION ACL With this function you can link an ACL to one or more of the 24 available switch ports. 802.1X The 802.1x standard defines a client-server-based access control and authentication protocol that prevents unauthorized clients from connecting to a LAN through publicly accessible ports, unless they are properly authenticated.
Guest VLAN to 1, and Auth failure VLAN to 2. In the navigation bar, select “PoE” to configure the PoE Config, PoE Port Config and PoE Delay Config parameters. POE CONFIG The Intellinet Network Solutions Switch is equipped with sophisticated PoE-monitoring and configuration options. MANAGEMENT...
Page 29
SNMP trap messages if a threshold you set will be exceeded. Click in order to edit the temperature threshold of the PoE chips. Note that in order for the Intellinet Network Solutions PoE switch to send our SNMP traps, SNMP must be activated and configured.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports POE PORT CONFIG This section describes how to edit the parameters of individual PoE ports. Upon opening the configuration screen, an overview of the PoE ports and their current statuses appears. Click on in order to modify individual ports.
(i.e., your PoE- enabled network cameras). The restart time allows to cut power to the PSE ports of the Intellinet Network Solutions switch in order to restart a connected powered device. This can be used in order to preventively reboot powered devices to keep them from failing.
Page 32
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports are a complicated and complex subject and must be fully researched and understood. It is possible to cause serious degradation to network performance if the Spanning Tree is incorrectly configured. Please read the following before making any changes from the default values.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports • Blocking – the port is blocked from forwarding or receiving packets • Listening – the port is waiting to receive BPDU packets that may tell the port to go back to the blocking state • Learning –...
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports STP BRIDGE Item Description Instance Priority Priority can be configured for a specified instance. Instance ID Select the instance ID for which you want to define a priority. Priority Select the priority level for the instance ID.
DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay agents are used to forward requests and replies between clients and servers when they are not on the same physical subnet. The Intellinet Network Solutions switch can fulfill the role of such a relay agent.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports DHCP RELAY Item Description DHCP relay enable Enable or disable DHCP relay. DHCP OPTION trust field When enabled, the client that receives the DHCP message with option82 enable: information will forward it;...
Protocol (IP) networks for dynamically distributing network configuration parameters such as IP addresses for interfaces and services. A typical DHCP server is a router or a Windows server. The Intellinet Network Solutions Switch can also fulfill the role of a DHCP server ENABLE CONFIG Set this option to “Open”...
Provide the value fort the tag (code) you selected. BIND CONFIG This page displays all clients that have obtained an IP address from the Intellinet Network Solutions switch. Click on to set the lease time to expired, forcing the connect client to obtain a new IP address instantly.
Page 39
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports authentication, authorization and accounting (AAA) services. Compared to the open standard RADIUS authentication (section 6.12 Radius), TACACS+ encrypts the entire payload whereas RADIUS only encrypts passwords. Item Description Global Config Global parameters that can be overwritten by port-specific configuration.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports RADIUS Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization and Accounting (AAA or Triple A) management for users who connect and use a network service.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports Item Description Server address Type in the address of the RADIUS server. Charging port Type the accounting port number on the RADIUS server’s host computer. The default port number is 1813.
Note: If you activate this but have not configured any of the authentication methods (i.e., RADIUS) correctly, you will lose access to the Intellinet Network Solutions switch, and you may need to perform a hardware reset in order to re-gain access to the web admin interface. See section 2.4.1 Front Panel.
DSCP field ID is represented by the server ID, and the QUEUE ID is listed as the server list on the screen. PORT COS MAP This page allows the network administrator to classify CoS settings to the physical ports on the Intellinet Network Solutions switch. The server ID represents the CoS ID.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports ADDRESS TABLE In the navigation bar, select “Addr table” to adjust settings for MAC Management, MAC Learning and Aging and MAC Filter parameters. MAC MANAGEMENT This section is used to add or delete static MAC and view the current MAC address table: Parameter Description Options to clear the multicast MAC address, clear dynamic unicast MAC address,...
“0” disables the aging time mechanism, which means that the MAC address table will keep the learned address until the switch is reset. Since the Intellinet Network Solutions switch has only finite space to hold MAC addresses, it is recommended to keep the aging time at or around the default value.
It is sent along with each SNMP Get-Request and allows (or denies) access to device. Access authority Set to read-only or read-write. GROUP CONFIG The Intellinet Network Solutions switch uses a view-based access control model that allows the network administrator to configure the access privileges granted to a group. Item Description Group name Provide a group name.
Page 47
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports USER CONFIG This section allows setting up SNMP users and assigning them to an SNMP group. Item Description User name Provide a user name. Security level Select the desired security level.
RMON provides a highly efficient method to monitor actions inside the subnets. MIB of RMON consists of 10 groups. The Intellinet Network Solutions 24-Port Gigabit Ethernet PoE+ Web- Managed Switch with 4 Gigabit Combo Base-T/SFP Ports supports the most frequently used groups 1, 2, 3 and 9: • Statistics: Collects Ethernet, Fast Ethernet, and Gigabit Ethernet statistics on an interface.
Page 49
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports STATISTICS GROUP Item Description Index Specify the history table index number. Interface name Select one of the 24 Gigabit ports from the drop-down list. Owner Optional field that allows the network administrator to enter the name of the owner of the Statistics RMON group.
Page 50
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports ALARM GROUP Item Description Index Specify the alarm table index number. Static table Specify the MIB variable that is monitored by the alarm entry. Statistical group This is the number of samples (“buckets”) to keep before they get overwritten.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports Item Description Index Specify the event table index number. Description A descriptive name of the event. Owner Optional field that allows the network administrator to enter the name of the owner of the Event RMON group.
24-Port Gigabit Ethernet PoE+ Web-Managed Switch with User Manual 4 Gigabit Combo Base-T/SFP Ports LACP DISPLAY Here it is possible view and configure settings and delete LACP entries. How to delete LACP configurations. SYSTEM CONFIG SYSTEM SETTINGS Item Description VLAN The default VLAN ID of the switch (“1: by default).
Page 53
Adjust the time zone for your current location. SYSTEM RESTART Click “Restart” in order to have the Intellinet Network Solutions switch perform a system restart. PASSWORD This screen allow you to change the administrator password. The default password is “1234”.
Activate Telnet support by setting the TELNET CONFIG to “OPEN”. SYSTEM LOG The Intellinet Network Solutions switch can create a history log of important events. These logs can be stored either in the switch’s own memory or on a remote Syslog server. In order to utilize the logging service, you must first enable it.
Note that if you still see the message above after 5 minutes, open a new browser window and re-connect to the IP address of the Intellinet Network Solutions switch (default = http://192.168.2.1). CONFIGURATION MANAGEMENT CONFIG EXPORT AND IMPORT This function allows for backing-up and restoring the configuration data of the Intellinet Network Solutions switch. Item Description Show current config Shows the current switch configuration in a pop-up window.
USER ACCOUNTS This page is designed to configure user accounts. A user account that does not have administrator rights can only monitor the main status information of the Intellinet Network Solutions switch, but cannot make any changes to the configuration.
INFORMATION COLLECT Click on the button to create a file that contains the configuration data of the Intellinet Network Solutions switch. A few seconds later, you will be asked to open or save the file (or whatever web browser default action for unknown files is in place on your system). This information can be useful when it comes to...
DEUTSCHLAND: intellinetnetwork.de EN MÉXICO: intellinetsolutions.mx EN MÉXICO: Póliza de Garantía Intellinet Network Solutions — Datos del importador y responsable ante el consumidor IC Intracom México, S.A.P.I. de C.V. • Av. Interceptor Poniente # 73, Col. Parque Industrial La Joya, Cuautitlán Izcalli, Estado de México, C.P. 54730, México. • Tel. (55)1500-4500 La presente garantía cubre los siguientes productos contra cualquier defecto de fabricación en sus...
Page 59
cuentan con reparaciones, ni refacciones, ya que su garantía es de cambio físico. 3. La garantía cubre exclusivamente aquellas partes, equipos o sub-ensambles que hayan sido instaladas de fábrica y no incluye en ningún caso el equipo adicional o cualesquiera que hayan sido adicionados al mismo por el usuario o distribuidor.