Page 1 ADMINISTRATION GUIDE Cisco 350, 350X and 550X Series Managed Switches, Firm- ware Release 2.4, ver 0.4...
Page 2: Table Of Contents
Interface Naming Conventions Window Navigation Search Facility Chapter 3: Dashboard Grid Management System Health Resource Utilization Identification Port Utilization PoE Utilization Latest Logs Suspended Interfaces Traffic Errors Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 3 Switched Port Analyzer (SPAN) Diagnostics RMON View Logs Chapter 6: Administration System Settings User Accounts Idle Session Timeout Time Settings System Log File Management Plug-n-Play (PNP) Reboot Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 4 Stack Changes Unit Failure in Stack Stack Ports Software Auto Synchronization in Stack Stack Management Chapter 9: Administration: Time Settings System Time Configuration SNTP Modes System Time Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 5 Chapter 12: Smartport Overview How the Smartport Feature Works Auto Smartport Error Handling Default Configuration Relationships with Other Features Common Smartport Tasks Configuring Smartport Using The Web-based Interface Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 6 Dynamic Addresses Chapter 16: Multicast Multicast Forwarding Overview Properties MAC Group Address IP Multicast Group Address IPv4 Multicast Configuration IPv6 Multicast Configuration IGMP/MLD Snooping IP Multicast Group Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 7 Chapter 19: IP Configuration: VRRP Overview VRRP Topology Configurable Elements of VRRP Configuring VRRP Chapter 20: IP Configuration: SLA Overview Using SLA Chapter 21: Security RADIUS Password Strength Management Access Method Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 8 SSD Rules SSD Properties Configuration Files SSD Management Channels Menu CLI and Password Recovery Configuring SSD Chapter 24: Security: SSH Server Overview Common Tasks SSH User Authentication Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 9 Configuring IPv6 First Hop Security through Web GUI Chapter 27: Access Control Overview MAC-Based ACLs Creation IPv4-based ACL Creation IPv6-Based ACL Creation ACL Binding Chapter 28: Quality of Service QoS Features and Components Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 10 Chapter 30: Smart Network Application (SNA) SNA Sessions SNA Graphics Top Right-Hand Menu Topology View Right-Hand Information Panel Operations Overlays Tags Search Dashboard Notifications Device Authorization Control (DAC) DAC Workflow Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 11 Contents Services Saving SNA Settings Technical Details Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 12: Chapter 1: Quick Getting Started
If the supplied screws are lost, use replacement screws in the following size: Diameter of the screw head: 6.9 mm Length of face of screw head to base of screw: 5.9 mm Shaft diameter: 3.94 mm Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 13: Rack Mounting Switch
Repeat the previous step to attach the other bracket to the opposite side of the switch. STEP 2 After the brackets are securely attached, the switch is now ready to be installed into a standard STEP 3 19-inch rack. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 14: Power Over Ethernet Considerations
SF350-48P 48- 7* PD69208 AF/AT/60W Port 10/100 PoE (0x4AC2) / Managed Switch 7*69208M (0x4B42) (as of 2.2.7) SF350-48P SF350-48P 48- 7*69208M AF/AT/60W Port 10/100 PoE (0x4B42) Managed Switch Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 15 1*PD69204 Managed Switch (0x4AC2) / 3*69208M (0x4B42) + 1*69204 SG350-28MP SG350-28MP 28- 3x PD69208+ AF/AT/60W Port Gigabit PoE 1*PD69204 Managed Switch (0x4AC2) / 3*69208M (0x4B42) + 1*69204 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 16 3*69208M AF/AT/60W 24-Port 2.5G PoE (0x4B42) + Stackable 1*69204 Managed Switch SG350X-48P SG350X-48P 48- 7* PD69208 af/at/60w Port Gigabit PoE (0x4AC2) / Stackable 7*69208M Managed Switch (0x4B42) Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 17 4* PD69208 af/at/60w 24-Port Gigabit (0x4AC2) / PoE Stackable 4*69208M Managed Switch (0x4B42) SG550X-24MPP SG550X-24MPP 4* PD69208 af/at/60w 24-Port Gigabit (0x4AC2) / PoE Stackable 4*69208M Managed Switch (0x4B42) Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 18 PoE switch. When a device is being falsely detected as a PD, you should disconnect the device from the PoE port and power recycle the device with AC power before reconnecting its PoE ports. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 19 To configure the switch using the web-based interface: Power on the computer and your switch. STEP 1 For Cisco 350-550 XG switches, connect the computer to the OOB port found on the front STEP 2 panel. For all other switches, connect the computer to any network port.
Page 20 When the login page appears, choose the language that you prefer to use in the web-based STEP 6 interface and enter the username and password. The default username is cisco. The default password is cisco. Usernames and passwords are both case sensitive. Click Log In.
Page 21: Configuring Your Switch Using The Console Port
1 stop bit • no flow control Enter a username and password. The default username is cisco, and the default password is STEP 4 cisco. Usernames and passwords are both case sensitive. If this is the first time that you have logged on with the default username and password, the following message appears: Please change your password from the default settings.
Page 22 The OOB port cannot be a member of VLAN or LAG, and the bridge’s protocols (for example, STP, GVRP, etc.) cannot be enabled on the OOB port. Only untagged traffic is supported on the OOB port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 23 QoS and ACL are not supported on the OOB port (so all TCAM-based features like DOS Attack Prevention are also not supported). Only Management ACLs are supported. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 24: Usb Port
A stack can have up to four 350X devices or eight 550X devices in it. Any 10G port of the switch can be used for stacking. The switch can only be stacked without Mesh topology. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 25 98DX4203, 98DX4204, 98DX4210, 98DX4211, and 98DX4212Switch Features The switches in the same stack are connected together through their stack ports. Depending on the type of stack ports and the desired speed, you may need Cat6a Ethernet cables or Cisco approved modules or cables for the switches.
Page 26 SF350-48MP SF350-48MP 48-Port 10/100 PoE Managed Switch SG350-08PD SG350-8PD 8-Port 2.5G PoE Managed Switch SG350-10 SG350-10 10-Port Gigabit Managed Switch SG350-10P SG350-10P 10-Port Gigabit PoE Managed Switch Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 27 SG350-28SFP SG350-28SFP 28-Port Gigabit SFP Managed Switch SG350-52 SG350-52 52-Port Gigabit Managed Switch SG350-52P SG350-52P 52-Port Gigabit PoE Managed Switch SG350-52MP SG350-52MP 52-port Gigabit PoE Managed Switch Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 28 SG350X-48P 48-Port Gigabit PoE Stackable Managed Switch SG350X-48MP SG350X-48MP 48-Port Gigabit PoE Stackable Managed Switch SF550X-24 SF550X-24 24-Port 10/100 Stackable Managed Switch SF550X-24P SF550X-24P 24-Port 10/100 PoE Stackable Managed Switch Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 29 SG550X-24MPP 24-Port Gigabit PoE Stackable Managed Switch SG550X-48 SG550X-48 48-Port Gigabit Stackable Managed Switch SG550X-48P SG550X-48P 48-Port Gigabit PoE Stackable Managed Switch SG550X-48MP SG550X-48MP 48-Port Gigabit PoE Stackable Managed Switch Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 30 SX550X-24 24-Port 10GBase-T Stackable Managed Switch SX550X-24FT SX550X-24FT 24-Port 10G Stackable Managed Switch SX550X-24F SX550X-24F 24-Port 10G SFP+ Stackable Managed Switch SX550X-52 SX550X-52 52-Port 10GBase-T Stackable Managed Switch Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 31 Mbps, 1 Gbps, and 2.5 Gbps, on Cat 5e cables. Much of the cabling deployed worldwide is limited to 1 Gbps at 100 meters. Cisco Multigigabit Ethernet enables speeds up to 2.5 Gbps on the same infrastructure without replacing a cable.
Page 32 The SFP+ ports are compatible with the following Cisco SFP 1G optical modules MGBSX1, MGBLH1, MGBT1, as well as other brands. • The Cisco SFP+ 10G optical modules that are supported in the Cisco switches are: SFP-10G-SR, SFP-10G-LR, SFP-10G-SR-S, and SFP-10G-LR-S.
Page 33 Power—Connects the switch to AC power. • Console—Connects a serial cable to a computer serial port so that it can be configured by using a terminal emulation program. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 34: Chapter 2: General Information
Navigate from one mode to another, as shown below: When the user switches from basic to advanced, the browser reloads the page. However, after reload, the user stays on the same page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 35 When switching from one mode to another, any configuration which was made on the page (without Apply) is deleted. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 36: Quick Start Device Configuration
Switched Port Analyzer (SPAN and RSPAN) There are two hot links on the Getting Started page that take you to Cisco web pages for more information. Clicking on the Support link takes you to the device product support page, and clicking on the Forums link takes you to the Support Community page.
Page 37: Interface Naming Conventions
For example, GE1/0/4 is port number 4 on the first unit of the stack. • Slot Number—The slot number is always 0. • Interface Number: Port, LAG, Tunnel, or VLAN ID. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 38: Window Navigation
Download Language: Add a new language to the device. To upgrade a language file, use the Upgrade/Backup NOTE Firmware/Language page. Logout Click to log out of the web-based switch configuration utility. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 39 Cancel Click to reset changes made on the page. Clear Clear information on page. Clear Filter Click to clear filter to select information displayed. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 40 Click Refresh to refresh the counter values. Test Click Test to perform the related tests. Restore Defaults Click Restore Defaults to restore factory defaults. Cancel Defaults Click Cancel Defaults to restore factory defaults. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 41: Search Facility
CDP: If you are in Basic mode, links to pages in Advanced mode are displayed but not available. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 42: Chapter 3: Dashboard
Stack Topology • Traffic Errors Grid Management The dashboard consists of multiple modules, but only a subset of the modules can be viewed at the same time. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 43 The module can be dropped in an unoccupied spot, or in a spot occupied by a module of the same size. If the selected spot is occupied, the modules switch places. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 44: System Health
• Fan Status—Yellow if one fan failed and is backed up by the redundant fan; Green if the fan is operational; Red if the fan is faulty. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 45: Resource Utilization
Each bar becomes red if the resource utilization is higher than 80 percent. Hovering over a bar displays a tooltip displaying the numeric utilization information (used resources/max available). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 46: Identification
System Location—Enter the physical location of the device. • System Contact—Enter the name of a contact person. • Total Available Power—Amount of power available to the device. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 47: Port Utilization
A list of ports is displayed. The port utilization is displayed in bar format: For each port, the following port utilization information is displayed: Tx—% (red) Rx—% (blue) Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 48: Poe Utilization
Refresh Time—Select one of the displayed options. • PoE Global Properties—Link to the Port Management -> PoE -> Properties page. • PoE Port Settings—Link to the Port Management -> PoE -> Settings page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 49: Latest Logs
When units are connected in a stack, a drop-down selector enables the user to select the device to be viewed. All suspended ports in the device are shown as red. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 50 The following configuration options (right-hand corner) are available: • Display Mode—Select either Device View or Table View. • Refresh Time—Select one of the options displayed. • Error Recovery Settings—Click to open Error Recovery Settings. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 51 Hovering over a stack connection in the module displays a tooltip detailing the connected units and the stacking ports generating the connection. The following configuration options (right-hand corner) are available: • Stack Management—Click to open Stack Management. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 52: Traffic Errors
Last traffic error—Traffic error that occurred on a port and the last time the error occurred. • Refresh Time—Select one of the refresh rates. • Traffic Error Information—Click to link to the Statistics page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 53: Chapter 4: Configuration Wizards
No other symbols, punctuation characters, or blank spaces are permitted (as specified in RFC1033, 1034, 1035). Click Next. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 54 Clock Source—Select one of the following: Manual Settings—Select to enter the device system time. If this is selected, enter the Date and Time. Default SNTP Servers—Select to use the default SNTP servers. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 55: Vlan Configuration Wizard
Select the ports are that to be the access ports of the VLAN. Access ports of a VLAN is STEP 8 untagged member of the VLAN. (by clicking with mouse on the required ports in the graphical display). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 56: Acl Wizard
User defined to enter a destination address or a range of destination addresses. • Destination MAC Value—Enter the MAC address to which the destination MAC address is to be matched and its mask (if relevant). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 57 Note that this mask is different than in other uses, such as subnet mask. Here, setting a bit as 1 indicates don't care and 0 indicates to mask that value. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 58 VLANs only—Bind the ACL to a VLAN. Enter the list of VLANs in the Enter the list of VLANs you want to bind the ACL to field. No binding—Do not bind the ACL. Click Apply. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 59: Chapter 5: Status And Statistics
802.1X EAP • • Hardware Resource Utilization • Health and Power • Switched Port Analyzer (SPAN and RSPAN) • Diagnostics • RMON • sFlow • View Logs Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 60: System Summary
In a stack, the Firmware Version number shown is based on the version of the NOTE master. • Firmware MD5 Checksum (Active Image)—MD5 checksum of the active image. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 61 Total PoE Power Consumption (W)—Total PoE power delivered to connected PoE devices. • PoE Power Mode—Port Limit or Class Limit. The master unit is displayed graphically, as shown below: Hovering on a port displays its name. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 62: Cpu Utilization
Select the Refresh Rate (time period in seconds) that passes before the statistics are refreshed. STEP 3 A new sample is created for each time period. The window containing a graph displaying CPU utilization on the device is displayed. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 63: Interface
Broadcast Packets—Good Broadcast packets transmitted. To view statistics counters in table view or graphic view: STEP 3 • Click View All Interfaces Statistics to see all ports in table view. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 64: Etherlike
Pause Frames Received—Received flow control pause frames. This field is only supported for XG ports. When the port speed is 1G, the received pause frames counter is not operational. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 65: Port Utilization
GVRP is a standards-based Layer 2 network protocol, for automatic configuration of VLAN information on switches. It is defined in the 802.1ak amendment to 802.1Q-2005. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 66 Invalid Attribute Length—Invalid attribute length errors. • Invalid Event—Invalid events. To clear statistics counters, click View All Interfaces Statistics to see all ports on a single STEP 3 page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 67: 802.1X Eap
EAPOL frame. • EAPOL EAP Supplicant Frames Transmitted—EAPOL EAP Supplicant frames transmitted on the port. • EAPOL Start Frames Transmitted—EAPOL Start frames transmitted on the port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 68: Acl
Trapped Packets—Port/LAG Based—The interfaces on which packets forwarded or rejected based on ACL rules. • Trapped Packets—VLAN Based—The VLANs on which packets forwarded or rejected based on ACL rules. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 69: Hardware Resource Utilization
VLAN mapping. • IP Entries In Use—Number of TCAM entries used for IP rules. Maximum—Number of available TCAM entries that can be used for IP rules. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 70: Health And Power
Amber (solid) – RPS is connected but providing power to two other devices. In this case, the RPS will not be able to provide power to the current device, while providing power to the two other devices. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 71 In this case, the redundant fan becomes part of the environment monitoring of the device. It is recommended to let the redundant fan work for at least 1 minute once a day. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 72 This section displays the power saved by the device due to the Green Ethernet and Led Disable features, as well as due to ports being down (physically or due to time range settings). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 73 • PoE—The Port Management > PoE > Settings page is displayed. Connect the time range to the PoE operations on one or more ports. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 74 Active—Power supply is being used. Failure—Main power has failed. Main Power Supply Budget—Amount of power that can be can be allocated for device PSE operation by the main power supply. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 75 If the device is not part of a stack, the Health and Power page displays the following fields: • Fan Status—The following values are possible: OK—Fan is operating normally. Failure—Fan is not operating correctly. N/A—Fan ID is not applicable for the specific model. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 76 The following fields are displayed: • Port Name—Number of port. • PD Status—Displays one of the following values: Connected—The PD port is connected to a PSE device that is providing power. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 77: Switched Port Analyzer (Span)
Switched Port Analyzer (SPAN and RSPAN) The SPAN feature, which is sometimes called port mirroring or port monitoring, selects network traffic for analysis by a network analyzer. The network analyzer can be a Cisco SwitchProbe device or other Remote Monitoring (RMON) probes.
Page 78 If accurate monitoring is required, the TCAM-based mirror policy can be used. RSPAN Workflow The following workflow describes how to configure the start, intermediate and final switches: • Start Switch • Intermediate Switch(es) • Final Switch Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 79 STEP 1 The previously-defined RSPAN VLAN is displayed. To configure a VLAN as an RSPAN VLAN, select it from the RSPAN VLAN drop-down list STEP 2 of VLANs. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 80 Network Traffic—Select to enable that traffic other than monitored traffic is possible on the port. Click Apply. STEP 4 SPAN Session Sources One or more SPAN or RSPAN sources must be configured on the start and final devices. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 81: Diagnostics
• Tech-Support Information Copper Ports Tests The Copper Test page displays the results of integrated cable tests performed on copper cables by the Virtual Cable Tester (VCT). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 82 Last Update—Time of the last test conducted on the port. • Test Results—Cable test results. Possible values are: OK—Cable passed the test. No Cable—Cable is not connected to the port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 83 MGBLX1: 1000BASE-LX SFP transceiver, for single-mode fiber, 1310 nm wavelength, supports up to 10 km. • MGBSX1:1000BASE-SX SFP transceiver, for multimode fiber, 850 nm wavelength, supports up to 550 m. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 84 Transmitter Fault—Remote SFP reports signal loss. Values are True, False, and No Signal (N/S). • Loss of Signal—Local SFP reports signal loss. Values are True and False. • Data Ready—SFP is operational. Values are True and False. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 85: Rmon
Define interesting changes in counter values, such as “reached a certain number of late collisions” (defines the alarm), and then specify what action to perform when this event occurs (log, trap, or log and trap). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 86 Undersize Packets—Undersized packets (less than 64 octets) received. • Oversize Packets—Oversized packets (over 2000 octets) received. • Fragments—Fragments (packets with less than 64 octets, excluding framing bits, but including FCS octets) received. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 87 The RMON feature enables monitoring statistics per interface. The History page defines the sampling frequency, amount of samples to store and the port from which to gather the data. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 88 History Control table described above. To view RMON history statistics: Click Status and Statistics > RMON > History. STEP 1 Click History Table. STEP 2 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 89 Sequence) with an integral number of octets (FCS Error) or a bad FCS with a non- integral octet (Alignment Error) number. • Collisions—Collisions received. • Utilization—Percentage of current interface traffic compared to maximum traffic that the interface can handle. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 90 Log and Trap—Add a log entry to the Event Log table and send a trap to the remote log server when the alarm goes off. • Owner—Enter the device or user that defined the event. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 91 One or more alarms are bound to an event, which indicates the action to be taken when the alarm occurs. Alarm counters can be monitored by either absolute values or changes (delta) in the counter values. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 92 Falling Alarm—A falling value triggers the falling threshold alarm. Rising and Falling—Both rising and falling values trigger the alarm. • Interval—Enter the alarm interval time in seconds. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 93 V5 (if supported by the interface): Generic interface counters (RFC 2233) Ethernet interface counters (RFC 2358) Workflow By default, flow and counter sampling are disabled. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 94 If a link local address exists on the interface, this entry replaces the address in the configuration. Global—The IPv6 address is a global Unicast IPV6 type that is visible and reachable from other networks. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 95 Sampling Interval—If x is entered, this specifies that a counter sample will be taken for each x seconds. Receiver Index—Select one of the indices that was defined in these sFlow Receiver Settings pages. Click Apply. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 96: View Logs
The web GUI will poll the RAM log every 10 seconds. Notifications pop-ups for all SYSLOGs created in the last 10 seconds will appear at the bottom right of the screen. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 97 Log Time—Time when message was generated. • Severity—Event severity. • Description—Message text describing the event. To clear the log messages, click Clear Logs. The messages are cleared. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 98 • Log Time—Time when message was generated. • Severity—Event severity. • Description—Message text describing the event. To clear the messages, click Clear Logs. The messages are cleared. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 99: Chapter 6: Administration
• Plug-n-Play (PNP) • Reboot • Hardware Resources • Discovery - Bonjour • Discovery - LLDP • Discovery - CDP • Locate Device • Ping • Traceroute Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 100: System Settings
The banner can contain up to 1000 characters. After 510 characters, press <Enter> to continue. Click Apply to save the values in the Running Configuration file. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 101: User Accounts
(read-only or read-write) or changing the passwords of existing users. After adding a level 15 user (as described below), the default user is removed from the system. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 102 Read/Write Management Access (15)—User can access the GUI, and can configure the device. Click Apply. The user is added to the Running Configuration file of the device. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 103: Idle Session Timeout
The device generates the following local logs: • Log sent to the console interface. • Log written into a cyclical list of logged events in the RAM and erased when the device reboots. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 104 For example, if Warning is selected, all severity levels that are Warning and higher are stored in the log (Emergency, Alert, Critical, Error, and Warning). No events with severity level below Warning are stored (Notice, Informational, and Debug). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 105 The Remote Log Servers page enables defining remote SYSLOG servers to which log messages are sent. For each server, you can configure the severity of the messages that it receives. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 106 Facility—Select a facility value from which system logs are sent to the remote server. Only one facility value can be assigned to a server. If a second facility code is assigned, the first facility value is overridden. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 107: File Management
Using the Cisco Plug-n-Play solution, you can perform Zero Touch Installs of the switches in various deployment scenarios and deployment locations. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 108 If a link local address exists on the interface, this entry replaces the address in the configuration. Global—The IPv6 address is a global Unicast IPV6 type that is visible and reachable from other networks. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 109 Click Apply. The parameters are copied to the Running Configuration file. STEP 3 Click Display Sensitive Data as Plaintext to display the password if it is encrypted. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 110 If the agent is in the Discovery Waiting state, it is set to the Discovery state. • If the agent is in the PnP Session Waiting state, it is set to the PnP Session state. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 111: Reboot
(using a 24-hour clock). If you specify the month and day, the reload is scheduled to take place at the specified time and date. If you do not specify the month and day, Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 112 The number of router TCAM entries for a specific entry type that you allocate is less than the number currently in use. • The total number of router TCAM entries that you allocated is greater than the maximum available. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 113: Discovery - Bonjour
Click on Hardware Resource Management to configure resources allocated to each type of resource. Discovery - Bonjour See Bonjour. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 114: Discovery - Lldp
When the feature is activated the Start button is replaced by the Stop button, which allows you to stop the LED blinking before the defined timer expires. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 115: Ping
• Destination IP Address/Name—Address or host name of the device to be pinged. Whether this is an IP address or host name depends on the Host Definition. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 116: Traceroute
• IP Version—If the host is identified by its IP address, select either IPv4 or IPv6 to indicate that it will be entered in the selected format. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 117 Host—Displays a stop along the route to the destination. Round Trip Time (1-3)—Displays the round trip Time in (ms) for the first through third frame and the Status of the first through third operation. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 118: Chapter 7: Administration: File Management
The configuration files are text files and can be edited in a text editor, such as Notepad after they are copied to an external device, such as a PC. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 119 More commonly referred to as the image. • Language File—The dictionary that enables the web-based configuration utility windows to be displayed in the selected language. • Logging File—SYSLOG messages stored in Flash memory. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 120: Firmware Operations
Active Firmware Version—Displays the version of the current, active firmware file. Enter the following fields: STEP 2 • Operation Type—Select Update Firmware or Backup Firmware. • Copy Method—Select HTTP/HTTPS or USB. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 121 Link Local Interface—Select the link local interface (if IPv6 is used) from the list. • Server IP Address/Name—Enter the IP address or the name of the TFTP server, whichever is relevant. • (Update) Source—Enter the name of the source file. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 122 The username and password for one-time credential will not saved in NOTE configuration file. Enter the following fields: STEP 6 • Server Definition—Select whether to specify the SCP server by IP address or by domain name. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 123 Active Firmware File—Displays the current, active firmware file. • Active Firmware Version—Displays the version of the current, active firmware file. Enter the following fields are displayed: STEP 2 • Operation Type—Select Swap Image. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 124: File Operations
Unless the Running Configuration is copied to the Startup Configuration or another CAUTION configuration file, all changes made since the last time the file was copied are lost when the device is rebooted. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 125 Destination File Type—Select one of the configuration file types to update. • Copy Method—Select TFTP. • Server Definition—Select whether to specify the TFTP server by IP address or by domain name. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 126 To enable SSH server authentication (which is disabled by default), click Edit by Remote STEP 3 SSH Server Authentication. This takes you to the SSH Server Authentication page to configure the SSH server Return to this page. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 127 To backup a system configuration file using HTTP/HTTPS: Click Administration > File Management > File Operations. STEP 1 Enter the following fields: STEP 2 • Operation Type—Select Backup File. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 128 The available sensitive data options are determined by the current user SSD NOTE rules. For details, refer to the SSD Rules page. Click Apply to begin the operation. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 129 Plaintext—Include sensitive data in the backup in its plaintext form. The available sensitive data options are determined by the current user SSD NOTE rules. For details, refer to Secure Sensitive Data Management > SSD Rules page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 130 Server Definition—Select whether to specify the SCP server by IP address or by domain name. • IP Version—Select whether an IPv4 or an IPv6 address is used. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 131 Source File Name—Select one of the configuration file types to copy. • Destination File Name—Enter name of the destination configuration file. Click Apply to begin the operation. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 132: File Directory
Auto Image Update—Automatic downloading a firmware image from a remote TFTP/SCP server. At the end of the Auto Configuration/Image Update process, the device reboots itself to the firmware image. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 133 SCP, and files with the other extensions are downloaded using TFTP. The default extension is .scp. • TFTP Only—The download is done through TFTP, regardless of the file extension of the configuration file name. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 134 If the DHCP server did not send the indirect file name of the firmware image file, the Backup Indirect Image File Name (from the DHCP Auto Configuration/Image Update page) is used. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 135 TFTP—The device sends TFTP Request messages to a limited Broadcast address (for IPv4) or ALL NODES address (for IPv6) on its IP interfaces and continues the process of Auto Configuration/Image Update with the first answering TFTP server. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 136 If Auto Configuration is enabled, the Auto Configuration process is triggered when the configuration file name is received from a DHCP server or a backup configuration file name has been configured. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 137 The form and format of the file are checked, but the validity of the configuration parameters is not checked prior to loading it to the Startup Configuration. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 138 66 (single server address) or 150 (list of server addresses) 67 (name of configuration file) • DHCPv6 Option 59 (server address) Options 60 (name of configuration file plus indirect image file name, separated by a comma) Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 139 Enter the values. STEP 2 • Auto Configuration Via DHCP—Select this field to enable DHCP Auto Configuration. This feature is disabled by default, but can be enabled here. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 140 SSH server if required. • SSH Client Authentication—Click on the System Credentials link to enter user credentials in the SSH User Authentication page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 141 This is An example of an indirect image file name is: indirect-cisco.scp. This file contains the path and name of the firmware image. The following fields are displayed: • Last Auto Configuration/Image Server IP Address—Address of the last backup server.
Page 142: Chapter 8: Administration: Stack Management
In some cases, stack ports can become members in a stack of Link Aggregation Groups (LAGs) increasing the bandwidth of the stack interfaces. See Stack Port Link Aggregation. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 143 During Fast Stack Link failover, the master/backup units remain active and functioning. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 144: Types Of Units In Stack
Unit 6: LED 2 and 4 are lit. • Unit 7: LED 3 and 4 are lit. • Unit 8: LED 1, 3, and 4 are lit. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 145: Stack Topology
Ring Topology—Each unit is connected to the neighboring unit. The last unit is connected to the first unit. The following shows a ring topology of an eight-unit stack: Figure 1 Stack in Rig Topology (550 Family) Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 146 During topology discovery, each unit in a stack exchanges packets, which contain topology information. After the topology discovery process is completed, each unit contains the stack mapping information of all units in the stack. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 147: Unit Id Assignment
It did not win the master selection process between the master-enabled units (1 or 2). Duplicate Unit Shut Down Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 148 Duplication Between Two Units With Auto Number Unit ID If a new stack has more than the maximum number of units, all extra units are shut down. NOTE Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 149: Master Selection Process
The stack changes between ring and chain formation. When units are added or removed to and from a stack, it triggers topology changes, master election process, and/or unit ID assignment. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 150 The best unit is the unit with the higher uptime in segments of 10 minutes. The other unit is made the backup. Auto-numbered Master-enabled Unit Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 151: Unit Failure In Stack
The backup configuration file remains on the previous master. Dynamic process-state information, such as the STP state table, dynamically-learned MAC addresses, dynamically-learned Smartport types, MAC Multicast tables, LACP, and GVRP are not synchronized. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 152 STP. Packet flooding to unknown Unicast MAC addresses occurs until the MAC NOTE addresses are learned or relearned. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 153: Stack Ports
The allowed interface combination for the same stacking LAG is either interfaces XG1 and XG2 or interfaces XG3 and XG4. Other combination of interlaces in the same stack LAG is not supported. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 154 (auto-discovery is the default setting). The system automatically identifies the stack cable type and selects the highest speed supported by the cable and the port. A SYSLOG message (informational level) is displayed when the cable type is not recognized. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 155: Software Auto Synchronization In Stack
The unit automatically reboots itself to run the new version. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 156 In addition, the 2-4 XG ports of the Sx350X/Sx550X units must be configured as stacking ports, and connected to the SG350XG/SX350X and SG550XG/SX550X devices stacking ports. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 157 Number of Multicast groups Max. number of IPv4 routes 7168 Max. number of IPv4 host 7092 directly-connected Max. number of IPv4 1800 Multicast routes Max number of IPv6 interfaces Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 158 This usually succeeds, but there are exceptions as described below: Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 159: Stack Management
350 devices or mixed types of 550 devices (but not a mix of 350 and 550 devices). • Stack Topology—Displays whether the topology of the stack is chain or ring. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 160 When you hover over a port, a tool tip displays the stacking port number, unit that it is connected to (if there is one), the port speed and its connection status. See an example of Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 161 Unit x Stack Connection Speed—Displays the speed of the stack connection. Click Apply and Reboot. The parameters are copied to the Running Configuration file and STEP 4 the stack is rebooted. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 162: Chapter 9: Administration: Time Settings
Savings Time (DST). It covers the following topics: • System Time Configuration • SNTP Modes • System Time • SNTP Unicast • SNTP Multicast/Anycast • SNTP Authentication • Time Range • Recurring Time Range Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 163: System Time Configuration
After the time has been set by any of the above sources, it is not set again by the browser. SNTP is the recommended method for time setting. NOTE Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 164: Sntp Modes
The device supports having all of the above modes active at the same time and selects the best system time received from an SNTP server, according to an algorithm based on the closest stratum (distance from the reference clock). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 165: System Time
SNTP server: Date—Enter the system date. Local Time—Enter the system time. • Time Zone Settings—The local time is used via the DHCP server or Time Zone offset. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 166 Day—Day of the week on which DST begins every year. Week—Week within the month from which DST begins every year. Month—Month of the year in which DST begins every year. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 167: Sntp Unicast
This page displays the following information for each Unicast SNTP server: • SNTP Server—SNTP server IP address. The preferred server, or hostname, is chosen according to its stratum level. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 168 DNS server or configured so that a DNS server is identified by using DHCP. (See Settings) • IP Version—Select the version of the IP address: Version 6 or Version 4. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 169 Authentication Key ID—If authentication is enabled, select the value of the key ID. (Create the authentication keys using the SNTP Authentication page.) Click Apply. The STNP server is added, and you are returned to the main page. STEP 6 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 170: Sntp Multicast/Anycast
The authentication key is created on the SNTP server in a separate process that depends on the type of SNTP server you are using. Consult with the SNTP server system administrator for more information. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 171: Time Range
Time Range Time ranges can be defined and associated with the following types of commands, so that they are applied only during that time range: • ACLs Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 172 The existing time ranges are displayed. To add a new time range, click Add. STEP 2 Enter the following fields: STEP 3 • Time Range Name—Enter a new time range name. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 173: Recurring Time Range
Recurring Ending Time—Enter the date and time that the Time Range ends on a recurring basis. Click Apply. STEP 5 Click Time Range to access the Absolute Time Range page. STEP 6 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 174: Chapter 10: Administration: Discovery
If a service is changed, the device will send Bonjour packets with the new information. If the IP address of the device is changed, the device will also advertise its new IP address. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 175: Lldp And Cdp
Apply). LLDP and CDP LLDP (Link Layer Discovery Protocol) and CDP (Cisco Discovery Protocol) are link layer protocols for directly-connected LLDP and CDP-capable neighbors to advertise themselves and their capabilities. By default, the device sends an LLDP/CDP advertisement periodically to all its interfaces and processes incoming LLDP and CDP packets as required by the protocols.
Page 176 VLAN. A CDP/LLDP-capable device may receive advertisements from more than one device if the CDP/LLDP-incapable devices flood the CDP/LLDP packets. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 177: Discover - Lldp
The LLDP protocol has an extension called LLDP Media Endpoint Discovery (LLDP-MED) that provides and accepts information from media endpoint devices such as VoIP phones and video phones. For further information about LLDP-MED, see LLDP MED Network Policy. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 178 TLV Advertise Interval—Enter the rate in seconds at which LLDP advertisement updates are sent, or use the default. • Topology Change SNMP Notification Interval—Enter the minimum time interval between SNMP notifications. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 179 This page contains the port LLDP information. Select a port and click Edit. STEP 2 This page provides the following fields: • Interface—Select the port to edit (including the OOB port). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 180 LLDP PDU is transmitted) can be aggregated. It also indicates whether the link is currently aggregated, and if so, provides the aggregated port identifier. 802.3 Maximum Frame Size—Maximum frame size capability of the MAC/PHY implementation. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 181 Administration: Discovery Discover - LLDP 4-Wire Power via MDI—(relevant to PoE ports supporting 60W PoE) Proprietary Cisco TLV defined to support power over Ethernet that allow for 60 watts power (standard support is up to 30 watts). Management Address Optional TLV •...
Page 182 Select Auto for LLDP-MED Network Policy for Voice Application if the device is to STEP 2 automatically generate and advertise a network policy for voice application based on the voice VLAN maintained by the device. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 183 Auto and Auto Voice VLAN is in operation, then the device automatically generates an LLDP- MED Network Policy for Voice Application for all the ports that are LLDP-MED enabled and are members of the voice VLAN. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 184 LLDP MED Network Policy page. To include one or more user-defined network polices in the advertisement, you must also select Network Policy from the Available Optional TLVs. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 185 WLAN AP, or Router. • Enabled System Capabilities—Primary enabled function(s) of the device. • Port ID Subtype—Type of the port identifier that is shown. • LLDP Port Status Table Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 186 WLAN AP, or Router. • Enabled System Capabilities—Primary enabled function(s) of the device. • Port ID Subtype—Type of the port identifier that is shown. • Port ID—Identifier of port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 187 802.3 Power via MDI • MDI Power Support Port Class—Advertised power support port class. • PSE MDI Power Support—Indicates if MDI power is supported on the port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 188 PD Spare Pair Desired State—Indicates a pod device requesting to enable the 4-pair ability. • PD Spare Pair Operational State—Indicates whether the 4-pair ability is enabled or disabled. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 189 Coordinates—Map coordinates: latitude, longitude, and altitude. • ECS ELIN—Emergency Call Service (ECS) Emergency Location Identification Number (ELIN). Network Policy Table • Application Type—Network policy application type; for example, Voice. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 190 Port ID—Identifier of port. • System Name—Published name of the device. • Time to Live—Time interval (in seconds) after which the information for this neighbor is deleted. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 191 • Address—Managed address. • Interface Subtype—Port subtype. • Interface Number—Port number. MAC/PHY Details • Auto-Negotiation Supported—Port speed auto-negotiation support status. The possible values are True and False. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 192 PD Spare Pair Desired State—Indicates a pod device requesting to enable the 4-pair ability. • PD Spare Pair Operational State—Indicates if the 4-pair ability is enabled or disabled. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 193 Class 2 features plus location, 911, Layer 2 switch support and device information management capabilities. • PoE Device Type—Port PoE type, for example, PD/PSE. • PoE Power Source—Port’s power source. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 194 Protocol ID—Advertised protocol IDs. Location Information Enter the following data structures in hexadecimal as described in section 10.2.4 of the ANSI-TIA-1057 standard: • Civic—Civic or street address. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 195 Tx Frames (Total)—Number of transmitted frames. • Rx Frames Total—Number of received frames. Discarded—Total number of received frames that discarded. Errors—Total number of received frames with errors. • Rx TLVs Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 196 LLDP Mandatory TLVs Size (Bytes)—Total mandatory TLV byte size. Status—If the mandatory TLV group is being transmitted, or if the TLV group was overloaded. • LLDP MED Capabilities Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 197 Total (Bytes)—Total number of bytes of LLDP information in each packet Available Bytes Left—Total number of available bytes left to send for additional LLDP information in each packet. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 198: Discovery - Cdp
• CDP Statistics CDP Properties Similar to LLDP, the Cisco Discovery Protocol (CDP) is a link layer protocol for directly- connected neighbors to advertise themselves and their capabilities to each other. Unlike LLDP, CDP is a Cisco proprietary protocol. CDP Configuration Workflow The followings is sample workflow for configuring CDP on the device.
Page 199 • Source Interface—IP address to be used in the TLV of the frames. The following options are possible: Use Default—Use the IP address of the outgoing interface. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 200 • No. of Neighbors—Number of neighbors detected. The bottom of the page has four buttons: • Copy Settings—Select to copy a configuration from one port to another. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 201 STEP 2 • Interface—Number of the local port. The OOB port can also be selected. • CDP State—Displays whether CDP is enabled or not. • Device ID TLV Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 202 Disabled indicates that the port is not trusted in which case, the following field is relevant. • CoS for Untrusted Ports TLV Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 203 After timeout (based on the value received from the neighbor Time To Live TLV during which no CDP PDU was received from a neighbor), the information is deleted. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 204 Bits 0 through 7 indicate Other, Repeater, Bridge, WLAN AP, Router, Telephone, DOCSIS cable device, and station respectively. Bits 8 through 15 are reserved. • Platform—Identifier of the neighbors platform. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 205 (true only for specific ports that have this HW ability). Spare Pair Detection/Classification Required—Indicates that the 4-pair wire is needed. PD Spare Pair Desired State—Indicates a pod device requesting to enable the 4-pair ability. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 206 To clear all counters on all interfaces, click Clear All Interface Counters. To clear all STEP 2 counters on an interface, select it and click Clear Interface Counters. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 207: Chapter 11: Port Management
4. Configure the LACP parameters for the ports that are members or candidates of a dynamic LAG by using the LACP page. 5. Configure Green Ethernet and 802.3 Energy Efficient Ethernet by using the Properties page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 208: Port Settings
To update the port settings, select the desired port, and click Edit. STEP 4 Modify the following parameters: STEP 5 • Interface—Select the port number. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 209 Flow Control abilities to the port link partner. • Operational Auto Negotiation—Displays the current auto-negotiation status on the port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 210 This is only supported on the 550 family. 10000 Full—The LAG advertises a 10000 Mbps speed and the mode is full duplex. This is only supported on the 550 family. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 211 Packets received from protected ports can be forwarded only to unprotected egress ports. Protected port filtering rules are also applied to packets that are forwarded by software, such as snooping applications. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 212: Error Recovery Settings
STP BPDU guard. STP Loopback Guard— Enable automatic recovery when the port has been shut down by STP Loopback Guard. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 213: Loopback Detection Settings
Network managers can define a Detection Interval that sets the time interval between LBD packets. The following loop cases can be detected by the Loopback Detection protocol: • Shorted wire—Port that loop backs all receiving traffic. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 214 Loopback detection is not enabled by default. Interactions with Other Features If STP is enabled on a port on which Loopback Detection is enabled, the port must be in STP forwarding state. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 215: Link Aggregation
Click Apply to save the configuration to the Running Configuration file. STEP 8 Link Aggregation This section describes how to configure LAGs. It covers the following topics: • Link Aggregation Overview • Default Settings and Configuration Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 216 By MAC Addresses—Based on the destination and source MAC addresses of all packets. • By IP and MAC Addresses—Based on the destination and source IP addresses for IP packets, and destination and source MAC addresses for non-IP packets. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 217 Select the load balancing algorithm for the LAG. Perform these actions in the Management page. 2. Configure various aspects of the LAG, such as speed and flow control by using the Settings page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 218 Active Member—Active ports in the LAG. • Standby Member—Candidate ports for this LAG. Enter the values for the following fields: STEP 2 • LAG—Select the LAG number. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 219 When the time range is not active, the port is in shutdown. If a time range is configured, it is effective only when the port is administratively Up. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 220 Protected LAG—Select to make the LAG a protected port for Layer 2 isolation. See the Port Configuration description in Port Settings for details regarding protected ports and LAGs. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 221 In order for LACP to create a LAG, the ports on both link ends should be configured for LACP, meaning that the ports send LACP PDUs and handle received PDUs. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 222 LACP PDUs. Select the periodic transmissions of LACP PDUs, which occur at either a Long or Short transmission speed, depending upon the expressed LACP timeout preference. Click Apply. The Running Configuration file is updated. STEP 5 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 223 Shutdown—The link is unidirectional. Traffic sent by a local device is received by its neighbor, but traffic from the neighbor is not received by the local device. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 224 (3 times message time) has passed. If a new message is received before the expiration time, the information in that message replaces the previous one. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 225 UDLD again begins running on the port. If the link is still unidirectional, UDLD shuts it down again after the UDLD expiration time expires, for instance. • Manually—You can reactivate a port in the Error Recovery Settings page Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 226 UDLD Usage Guidelines Cisco does not recommend enabling UDLD on ports that are connected to devices on which UDLD is not supported or disabled. Sending UDLD packets on a port connected to a device that does not support UDLD causes more traffic on the port without providing benefits.
Page 227 The UDLD feature can be configured for all fiber ports at one time (in the UDLD Global Settings page) or per port (in the UDLD Interface Settings page). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 228 Information is displayed for all ports on which UDLD is enabled, or, if you have filtered only a certain group of ports, information is displayed for that group of ports. • Port—The port identifier. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 229 Click Apply to save the settings to the Running Configuration file. STEP 4 UDLD Neighbors To view all devices connected to the local device, click Port Management > UDLD > UDLD Neighbors. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 230 Neighbor Expiration Time (Sec.)—Displays the time that must pass before the device attempts to determine the port UDLD status. This is three times the Message Time. • Neighbor Message Time (Sec.)—Displays the time between UDLD messages. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 231: Poe
Power over Ethernet can be used in any enterprise network that deploys relatively low-pod devices connected to the Ethernet LAN, such as: • IP phones • Wireless access points • IP gateways • Audio and video remote monitoring devices Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 232 Consider the following when configuring PoE: • The amount of power that the PSE can supply • The amount of power that the PD is actually attempting to consume Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 233 Output power is disabled during power-on reboot, initialization, and system configuration to ensure that PDs are not damaged. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 234 Available Power—Nominal power minus the amount of consumed power. • PSE Chipset & Hardware Revision—PoE chipset and hardware revision number. Click Apply to save the PoE properties. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 235 Operational Status—Displays whether PoE is currently active on the port. • PoE Standard—Displays the type of PoE supported, such as 60W PoE and 802.3 AT PoE). Select a port and click Edit. STEP 2 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 236 PoE is enabled. When the time range is not active, PoE is disabled. To use this feature, a time range must first be defined in the Time Range page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 237 • Force Four Pair—Enable this feature to provide enhanced power supply. • Power Consumption—Displays the amount of power in milliwatts assigned Settings (Class Limit) Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 238 A sample's average PoE consumption per port/device is as follows: Sum of all PoE consumption readings in a period / Number of minutes in the sampling period. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 239 Clear Event Counters—Clear the displayed event counters. • View Interfaces Statistics—Display the above statistics for a selected interface • View Interface History Graph—Display the counters in graph format for a selected interface Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 240: Green Ethernet
This mode is only supported on RJ45 ports; it does not apply to Combo ports. This mode is disabled by default. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 241 LEDs that are displayed on the device board pictures are not affected by disabling the LEDs. Port LEDs can be disabled on the Properties page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 242 When signals from both sides are received, the Keep Alive signal indicates that the ports are in LPI status (and not in Down status), and power is reduced. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 243 • If the port speed on the GE port is changed to 10Mbit, 802.3az EEE is disabled. This is supported in GE models only. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 244 Energy Detect Mode— Click the checkbox to enable this mode. This setting is not supported for some of the XG devices. • Short Reach—(For non-XG devices) Click the checkbox to enable this feature. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 245 Some fields may not be displayed on some SKUs. NOTE • Port—The port number. • Energy Detect—State of the port regarding the Energy Detect feature: Administrative—Displays whether Energy Detect is enabled. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 246 Select to enable or disable 802.3 Energy Efficient Ethernet (EEE) mode on the port. STEP 5 Select to enable or disable 802.3 Energy Efficient Ethernet (EEE) LLDP mode on the port STEP 6 (advertisement of EEE capabilities through LLDP). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 247 Port Management Green Ethernet Click Apply. The Green Ethernet port settings are written to the Running Configuration file. STEP 7 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 248: Chapter 12: Smartport
The result is that these devices share a common configuration. The Smartport feature works in conjunction with other features such as: • Voice VLAN and Smartport, described in the Voice VLAN section. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 249 The “macro” serves to apply the desired configuration • The “anti-macro” serves to undo all configuration performed by the macro when an interface is attached to a different Smartport type. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 250 Smartport Type Supported by Auto Smartport Supported by Auto Smartport by default Unknown Default Printer Desktop Guest Server Host IP camera IP phone IP phone desktop Switch Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 251 LLDP messages are received on the interface before both TTLs of the most recent CDP and LLDP packets decrease to 0, then the anti-macro is run, and the Smartport type returns to default. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 252 Smartport macros are bound to Smartport types in the Type Settings page. Built-in Smartport Macros for a listing of the built-in Smartport macros for each device type. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 253 Smartport type (in the Interface Settings pages). See the workflow area in Common Smartport Tasks section for troubleshooting tips. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 254: How The Smartport Feature Works
• If a device is aged out (no longer receiving advertisements from other devices), the interface configuration is changed according to its Persistent Status. If the Persistent Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 255 CDP and/or LLDP advertisements from the device for a specified time period. Using CDP/LLDP Information to Identify Smartport Types The device detects the type of device attached to the port, based on the CDP/LLDP capabilities. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 256 DOCSIS cable device IETF RFC 4639 and Ignore IETF RFC 4546 Station Only IETF RFC 4293 Host C-VLAN Component of a VLAN Bridge Switch IEEE Std. 802.1Q Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 257 (assuming the configuration was saved). The Smartport type and the configuration of the interface are not Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 258: Error Handling
CDP and LLDP to detect attaching device's Smartport type, and detects Smartport type IP phone, IP phone + Desktop, Switch, and Wireless Access Point. Voice VLAN for a description of the voice factory defaults. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 259: Relationships With Other Features
Select the interface, and click Edit. STEP 2 Select the Smartport type that is to be assigned to the interface in the Smartport Application STEP 3 field. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 260 Troubleshoot, then correct the problem. Consider the troubleshooting tip below. STEP 3 Click Edit. A new window appears in which you can click Reset to reset the interface. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 261: Configuring Smartport Using The Web-Based Interface
Enter the parameters. STEP 2 • Administrative Auto Smartport—Select to globally enable or disable Auto Smartport. The following options are available: Disable—Select to disable Auto Smartport on the device. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 262 Editing these parameters for the Smartport types applied by Auto Smartport from the Smartport Type Settings page configures the default values for these parameters. These defaults are used by Auto Smartport. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 263 Smartport type by Auto Smartport. Auto Smartport does not apply the changes to interfaces that statically assigned a Smartport type. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 264 All Switches, Routers and Wireless Access Points—Reapplies the macros to all interfaces. • All Switches—Reapplies the macros to all interfaces defined as switches. • All Routers —Reapplies the macros to all interfaces defined as routers. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 265 Interface—Select the port or LAG. • Smartport Type—Displays the Smartport type currently assigned to the port/LAG. • Smartport Application—Select the Smartport type from the Smartport Application pull-down. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 266: Built-In Smartport Macros
Smartport type there is a macro to configure the interface and an anti macro to remove the configuration. Macro code for the following Smartport types are provided: • desktop • printer • guest • server • host • ip_camera • ip_phone Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 267 #macro description No Desktop no smartport switchport trunk native vlan smartport switchport trunk allowed vlan remove all no port security no port security mode no port security max Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 268 #macro description No printer no switchport access vlan no switchport mode no port security no port security mode no smartport storm-control broadcast enable no smartport storm-control broadcast level Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 269 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 270 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 271 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 272 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 273 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 274 #macro key description: $voice_vlan: The voice VLAN ID #Default Values are #$voice_vlan = 1 smartport switchport trunk allowed vlan remove $voice_vlan no smartport switchport trunk native vlan Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 275 #macro keywords $voice_vlan #macro key description: $voice_vlan: The voice VLAN ID no smartport switchport trunk native vlan smartport switchport trunk allowed vlan remove all no spanning-tree link-type Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 276 [ap] #macro description ap #macro keywords $native_vlan $voice_vlan #macro key description: $native_vlan: The untag VLAN which will be configured on the port Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 277: Chapter 13: Vlan Management
VLANs address security and scalability issues. Traffic from a VLAN stays within the VLAN, and terminates at devices in the VLAN. It also eases network configuration by logically connecting devices without physically relocating those devices. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 278 Adjacent VLAN-aware devices exchange VLAN information with each other by using Generic VLAN Registration Protocol (GVRP). As a result, VLAN information is propagated through a bridged network. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 279 The following types of ports can be members in a private VLAN: • Promiscuous—A promiscuous port can communicate with all ports of the same private VLAN. These ports connect servers and routers. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 280 VLAN’s various VLANs (primary, isolated and the communities). The switch supports 16 primary VLANs and 256 secondary VLANs. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 281 Figure 1 Traffic from Hosts to Servers/Routers Server Promiscous Promiscous Isolated vlan Community Vlan Isolated Isolated Community Community Community Isolated 1 Isolated 2 Community 1 Community 1 Community 1 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 282 The following describes server/router traffic (reply to host). Figure 2 Server/Router Traffic to Hosts Server Promiscous Promiscous Primary VLAN Isolated Isolated Community Community Community Isolated 1 Isolated 2 Community 1 Community 1 Community 1 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 283 IPv4 and IPv6. Both can be defined on a primary VLAN. Isolated and community ports do not allow for IP connectivity. IP connectivity requires traffic to pass on a primary VLAN. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 284 IP Source Guard—A TCAM rule is required to forward/drop IP traffic. • First Hop Security—A TCAM rule is required to trap IPv6 traffic (when IPv6 source guard is enabled). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 285: Regular Vlans
VLAN Settings section. STEP 1 Set the desired VLAN-related configuration for ports and enable QinQ on an interface as STEP 2 described in the Interface Settings section. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 286 Each VLAN must be configured with a unique VID with a value from 1 to 4094. The device reserves VID 4095 as the Discard VLAN. All packets classified to the Discard VLAN are discarded at ingress, and are not forwarded to a port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 287 For example, if you shut down a VLAN, on which an IP interface is configured, bridging into the VLAN continues, but the switch cannot transmit and receive IP traffic on the VLAN Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 288 Trunk—The interface is an untagged member of one VLAN at most, and is a tagged member of zero or more VLANs. A port configured in this mode is known as a trunk port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 289 VLANs that are required for normal packet forwarding from the Available Secondary VLANs. Promiscuous and trunk ports can be members in multiple VLANs. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 290 The S-VLAN specified by the user must be created on the device before configuring it on an interface as an S-VLAN. If this VLAN does not exist, the command fails. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 291 VLAN tunneling. The customer port mode is a particular case of VLAN-mapping tunnel port mode, and does not require allocation of TCAM resources. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 292 Mapping Type selection. Select one of the following: Source VLAN—Configure the ID of the customer VLAN (C-VLAN) that will be translated to S-VLAN (translated VLAN). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 293 VLAN-unaware. If a destination end node is VLAN-unaware, but is to receive traffic from a VLAN, then the last VLAN-aware device (if there is one), must send frames of the destination VLAN to the end node untagged. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 294 Running STEP 3 , and Configuration file. You can continue to display and/or configure port membership of another VLAN by selecting another VLAN ID. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 295 • Interface—Select a Port or LAG. • Current VLAN Mode—Displays the port VLAN mode that was selected in the Interface Settings page. • Access Mode Membership (Active) Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 296 Select a port and click Details to view the following fields: STEP 5 • Administrative VLANs—Port is configured for these VLANs. • Operational VLANs—Port is currently a member of these VLANs. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 297: Gvrp Settings
Generic VLAN Registration Protocol (GVRP). GVRP is based on the Generic Attribute Registration Protocol (GARP) and propagates VLAN information throughout a bridged network. To enable GVRP on an interface, it must be configured in General mode. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 298 Click Apply. GVRP settings are modified, and written to the Running Configuration file.. STEP 7 VLAN Groups This section describes how to configure VLAN groups. It describes the following features: • MAC-Based VLAN Group Overview Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 299 General mode. b. If the interface does not belong to the VLAN, manually assign it to the VLAN using the Port to VLAN page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 300 Group ID—Select a VLAN group, defined in the MAC-Based VLAN Group Overview page. • VLAN ID—Select the VLAN to which traffic from the VLAN group is forwarded. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 301 IP Address—Enter the IP address on which the subgroup is based. • Prefix Mask—Enter the prefix mask that defines the subnet. • Group ID—Enter a group ID. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 302 Groups of protocols can be defined and then bound to a port. After the protocol group is bound to a port, every packet originating from a protocol in the group is assigned the VLAN that is configured in the Protocol-Based Groups page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 303 Protocol Value—Enter the protocol for LLC-SNAP (rfc 1042)encapsulation. • Group ID—Enter a protocol group ID. Click Apply. The Protocol Group is added, and written to the Running Configuration file. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 304: Voice Vlan
VLANs, IP (Layer 3) routers are needed to provide communication. This section covers the following topics: • Voice VLAN Overview • Voice VLAN Configuration • Telephony OUI Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 305 The following are typical voice deployment scenarios with appropriate configurations: • UC3xx/UC5xx hosted: All Cisco phones and VoIP endpoints support this deployment model. For this model, the UC3xx/UC5xx, Cisco phones and VoIP endpoints reside in the same voice VLAN. The voice VLAN of UC3xx/UC5xx defaults to VLAN 100. •...
Page 306 CDP and/or LLDP-MED. Voice End-Points To have a voice VLAN work properly, the voice devices, such as Cisco phones and VoIP endpoints, must be assigned to the voice VLAN where it sends and receives its voice traffic. Some of the possible scenarios are as follows: •...
Page 307 VLAN port memberships. Auto Voice VLAN performs the following functions when it is in operation: • It discovers voice VLAN information in CDP advertisements from directly connected neighbor devices. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 308 (UC) devices, are advertising their voice VLAN, the voice VLAN from the device with the lowest MAC address is used. If connecting the device to a Cisco UC device, you may need to configure the NOTE port on the UC device using the switchport voice vlan command to ensure the UC device advertises its voice VLAN in CDP at the port.
Page 309 The interface VLAN of a candidate port must be in General or Trunk mode. • The Voice VLAN QoS is applied to candidate ports that have joined the Voice VLAN, and to static ports. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 310 If the device is currently in Auto Voice VLAN mode, you must disable it before NOTE you can enable Telephony OUI. Configure Telephony OUI in the Telephony OUI Table page. STEP 2 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 311 VLAN as a static voice VLAN. If the option Auto Voice VLAN Activation triggered by external Voice VLAN is selected, then the default values need to be maintained. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 312 VLAN, which has higher priority than auto voice VLAN that was learned from external sources. Click Apply. The VLAN properties are written to the Running Configuration file. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 313 Click Restart Auto Voice VLAN to reset the voice VLAN to the default voice VLAN and STEP 2 restart Auto Voice VLAN discovery on all the Auto-Voice-VLAN-enabled switches in the LAN. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 314 VLAN from a higher priority source is discovered. Only one local source is the best local source. No—This is not the best local source. Click Refresh to refresh the information on the page STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 315 Click Restore Default OUIs to delete all of the user-created OUIs, and leave only the default STEP 3 OUIs in the table. The OUI information may not be accurate until the restoration is completed. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 316 To configure an interface to be a candidate port of the telephony OUI-based voice VLAN, STEP 2 click Edit. Enter the values for the following fields: STEP 3 • Interface—Select an interface. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 317 One or more IP Multicast address groups can be associated with the same Multicast TV VLAN. Any VLAN can be configured as a Multicast-TV VLAN. A port assigned to a Multicast-TV VLAN: • Joins the Multicast-TV VLAN. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 318 VLAN Membership Source and all receiver ports Source and receiver ports cannot must be static members in the be members in the same data same data VLAN. VLAN. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 319 Multicast TV VLAN—VLAN to which the Multicast packets are assigned. • Multicast Group Start—First IPv4 address of the Multicast group. • Group End—Final IPv4 address of the Multicast group range. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 320 STEP 4 required ports to the Member Access Ports field. Click Apply. Multicast TV VLAN settings are modified, and written to the Running STEP 5 Configuration file. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 321 2. Configure the network port as a trunk or general port with subscriber and Multicast TV VLAN as tagged VLANS. (using the Interface Settings page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 322 Click Apply. CPE VLAN Mapping is modified, and written to the Running Configuration file. STEP 4 Port Multicast VLAN Membership The ports associated with the Multicast VLANs must be configured as customer ports (see Interface Settings). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 323 STEP 4 the required ports to the Member Customer Ports field. Click Apply. The new settings are modified, and written to the Running Configuration file. STEP 5 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 324: Chapter 14: Spanning Tree
STP provides a tree topology for any arrangement of switches and interconnecting links, by creating a unique path between end stations on a network, and thereby eliminating loops. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 325: Stp Status And Global Settings
• Spanning Tree State—Select to enable on the device. • STP Loopback Guard—Select to enable Loopback Guard on the device. • STP Operation Mode—Select an STP mode. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 326 Topology Changes Counts—The total number of STP topology changes that have occurred. • Last Topology Change—The time interval that elapsed since the last topology change occurred. The time appears in a days/hours/minutes/seconds format. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 327: Stp Interface Settings
0 and can be viewed on the STP Interface Settings page. Select an interface and click Edit. STEP 2 Enter the parameters STEP 3 • Interface—Select the Port or LAG on which Spanning Tree is configured. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 328 STP Status and Global Settings page. Filtering—Filters BPDU packets when Spanning Tree is disabled on an interface. Flooding—Floods BPDU packets when Spanning Tree is disabled on an interface. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 329 LAG—Displays the LAG to which the port belongs. If a port is a member of a LAG, the LAG settings override the port settings. Click Apply. The interface settings are written to the Running Configuration file. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 330 Auto—Automatically determines the device status by using RSTP BPDUs. • Point to Point Operational Status—Displays the Point-to-Point operational status if the Point to Point Administrative Status is set to Auto. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 331 MAC addresses. Forwarding—The port is in Forwarding mode. The port can forward traffic and learn new MAC addresses. Click Apply. The Running Configuration file is updated. STEP 8 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 332: Multiple Spanning Tree Overview
For two or more switches to be in the same MST region, they must have the same VLANs to MST instance mapping, the same configuration revision number, and the same region name. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 333: Vlans To A Mstp Instance
Configuration on this page (and all of the MSTP pages) applies if the system STP mode is MSTP. Up to 16 MST instances can be defined in addition to instance zero. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 334: Mstp Instance Settings
Included VLAN—Displays the VLANs mapped to the selected instance. The default mapping is that all VLANs are mapped to the common and internal spanning tree (CIST) instance 0). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 335: Mstp Interface Settings
Instance ID—Select the MST instance to be configured. • Interface—Select the interface for which the MSTI settings are to be defined. • Interface Priority—Set the port priority for the specified interface and MST instance. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 336 STP Interface Settings page. • Mode—Displays the current interface Spanning Tree mode. If the link partner is using MSTP or RSTP, the displayed port mode is RSTP. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 337 Forward Transitions—Displays the number of times the port has changed from the Forwarding state to the Discarding state. Click Apply. The Running Configuration file is updated. STEP 6 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 338: Chapter 15: Managing Mac Address Tables
VLAN. Such frames are referred to as unknown Unicast frames. The device supports a maximum of 8K static and dynamic MAC addresses. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 339: Static Addresses
Secure—The MAC address is secure when the interface is in classic locked mode (see Port Security). Click Apply. A new entry appears in the table. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 340: Dynamic Addresses
Click Go. The Dynamic MAC Address Table is queried and the results are displayed. STEP 3 To delete all of the dynamic MAC addresses. click Clear Table. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 341 Action—Select one of the following actions to be taken upon receiving a packet that matches the selected criteria: Bridge—Forward the packet to all VLAN members. Discard—Delete the packet. Click Apply. A new MAC address is reserved. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 342: Chapter 16: Multicast
(drop) the Multicast on the rest of the ports by enabling the Bridge Multicast filtering status in the Properties page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 343 ID. The device supports a maximum of 256 static and dynamic Multicast group addresses. Only one of filtering options can be configured per VLAN. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 344 • IGMP v1/v2/ v3 • MLD v1/v2 The device supports IGMP/MLD Snooping only on static VLANs. It does not support IGMP/ NOTE MLD Snooping on dynamic VLANs. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 345 Querier delays sending general query messages after its enabling for 60 seconds. If there is no other querier, it starts to send general query messages. It stops sending general query messages if it detects another querier. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 346 Another advantage is that it makes the proxy devices independent of the Multicast routing protocol used by the core network routers. Hence, proxy devices can be easily deployed in any Multicast network. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 347 By default, IP Multicast traffic arriving on an interface of the IGMP/MLD tree is forwarded. You can disable of IP Multicast traffic forwarding arriving on downstream interfaces. It can be done globally and on a given downstream interface. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 348: Properties
IPv4 Multicast group address. If an IPv4 address is configured on the VLAN, the operational forwarding method for IPv4 Multicast will be IP Group Address. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 349: Mac Group Address
• MAC Group Address—Defines the MAC address of the new Multicast group. Click Apply, the MAC Multicast group is saved to the Running Configuration file. STEP 6 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 350: Ip Multicast Group Address
The IP Multicast Group Address page is similar to the MAC Group Address page except that Multicast groups are identified by IP addresses. The IP Multicast Group Address page enables querying and adding IP Multicast groups. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 351 The VLAN ID, IP Version, IP Multicast Group Address, and Source IP Address selected are displayed as read-only in the top of the window. You can select the filter type: • Interface Type equals to—Select whether to display ports or LAGs. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 352: Ipv4 Multicast Configuration
To support selective IPv4 Multicast forwarding, bridge Multicast filtering must be enabled (in Properties page), and IGMP Snooping must be enabled globally and for each relevant VLAN in the IGMP Snooping page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 353 Use Query Robustness (x)—This value is set in MLD Interface Settings page. The number in parentheses is the current query robustness value. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 354 The following fields are displayed for each interface on which IGMP is enabled: • Interface Name—Interface on which IGMP snooping is defined. • Router IGMP Version—IGMP version. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 355 Query Interval (sec)—Interval between the General Queries to be used if this device is the elected querier. • Query Max Response Interval (sec)—Delay used to calculate the Maximum Response Code inserted into the periodic General Queries. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 356 User defined access list—Select the standard IPv4 access list name defining the SSM range. These access lists are defined in Access Lists. Click Apply. The Running Configuration file is updated. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 357 Uptime—Length of time in hours, minutes, and seconds that the entry has been in the IP Multicast routing table. • Expiry Time—Length of time in hours, minutes, and seconds until the entry is removed from the IP Multicast routing table. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 358: Ipv6 Multicast Configuration
Enable or disable the following features: STEP 2 • MLD Snooping Status—Select to enable MLD snooping globally on all interfaces. • MLD Querier Status—Select to enable MLD querier globally on all interfaces. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 359 Select MLDv2 if there are switches and/or Multicast routers in the VLAN that perform source-specific IP Multicast forwarding. Otherwise, select MLDv1. Click Apply. The Running Configuration file is updated. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 360 To configure an interface, select it and click Edit. Enter the fields that are described above. STEP 2 Click Apply. The Running Configuration file is updated. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 361 TTL threshold value automatically become border routers. To configure a VLAN, select it and click Edit. Enter the fields described above. STEP 2 Click Apply. The Running Configuration file is updated. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 362 Click Apply. The Running Configuration file is updated. STEP 5 The following fields are displayed for each IP Multicast route: • Source Address—Unicast source IPv4 address. • Group Address—Multicast destination IPv4 address. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 363 Uptime—Length of time in hours, minutes, and seconds that the entry has been in the IP Multicast routing table. • Expiry Time—Length of time in hours, minutes, and seconds until the entry is removed from the IP Multicast routing table. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 364: Igmp/Mld Snooping Ip Multicast Group
Excluded Ports—The list of ports not included in the group. • Compatibility Mode—The oldest IGMP/MLD version of registration from the hosts the device receives on the IP group address. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 365: Multicast Router Port
When Bridge Multicast Filtering is enabled, Multicast packets to registered Multicast groups are forwarded to ports based on IGMP Snooping and MLD snooping. If Bridge Multicast Filtering is disabled, all Multicast packets are flooded to the corresponding VLAN Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 366: Unregistered Multicast
You can select a port to receive or reject (filter) unregistered Multicast streams. The configuration is valid for any VLAN of which the port is a member (or will be a member). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 367 Filtering—Enables filtering (rejecting) of unregistered Multicast frames to the selected interface. Click Apply. The settings are saved, and the Running Configuration file is updated. STEP 5 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 368: Chapter 17: Ip Configuration
If the device does not receive a DHCPv4 response in 60 seconds, it continues to send DHCPDISCOVER queries, and adopts the default IPv4 address: 192.168.1.254/24. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 369 This is defined in the IPv4 Static Routes IPv6 Routes pages. All the IP addresses configured or assigned to the device are referred to as Management IP addresses in this guide. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 370: Loopback Interface
IPv4 Management and Interfaces This section covers the following topics: • IPv4 Interface • IPv4 Static Routes • IPv4 Forwarding Table • RIPv2 • VRRP • • ARP Proxy Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 371 The following fields are displayed in the IPv4 Interface Table: • Interface—Unit/Interface for which the IP address is defined. This can also be the out- of-band port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 372 Static IP Address—Enter the IP address. If Static IP Address was selected, enter the following fields: STEP 5 • IP Address—Enter the IP address of the interface. • Mask Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 373 Click Apply. The IPv4 address settings are written to the Running Configuration file. STEP 6 When the system is in one of the stacking modes with a Backup Master present, Cisco CAUTION recommends configuring the IP address as a static address to prevent disconnecting from the network during a Stacking Master switchover.
Page 374 Tracking Object ID—(Only on 550 family) Enter the object ID. This field and the next one only appears when SLA exists Click Apply. The IP Static route is saved to the Running Configuration file. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 375 Administrative Distance—The administrative distance to the next hop (a lower value is preferred). This is not relevant for static routes. • Outgoing Interface—Outgoing interface for this route. RIPv2 IP Configuration: RIPv2. VRRP IP Configuration: VRRP Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 376 IP Address—The IP address of the IP device. • MAC Address—The MAC address of the IP device. • Status—Whether the entry was manually entered or dynamically learned. Click Add. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 377 Select ARP Proxy to enable the device to respond to ARP requests for remotely-located nodes STEP 2 with the device MAC address. Click Apply. The ARP proxy is enabled, and the Running Configuration file is updated. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 378 STEP 6 DHCP Snooping/Relay This section covers the following topics: • Overview • Properties • Interface Settings • DHCP Snooping Trusted Interfaces • DHCP Snooping Binding Database Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 379 The main goal of option 82 is to help to the DHCP server select the best IP subnet (network pool) from which to obtain an IP address. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 380 Option 82 with the original Option 82 the packet Disabled Option 82 Bridge – no Bridge – Packet Option 82 is is sent with the inserted original Option Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 381 Enabled Option 82 Bridge – no Bridge – no Bridge – Packet Option 82 is sent Option 82 is is sent with the sent original Option Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 382 DHCP Relay VLAN with IP Address VLAN without IP Address Packet arrives Packet arrives Packet arrives Packet arrives without Option with Option 82 without Option with Option 82 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 383 DHCP Relay VLAN with IP Address VLAN without IP Address Packet arrives Packet arrives Packet arrives Packet arrives with without Option with Option 82 without Option Option 82 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 384 Packets from trusted ports are used to create the Binding database and are handled as described below. If DHCP Snooping is not enabled, all ports are trusted by default. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 385 DHCP Snooping Packet Handling Packet Type Arriving from Untrusted Arriving from Trusted Ingress Ingress Interface Interface DHCPDISCOVER Forward to trusted Forwarded to trusted interfaces only. interfaces only. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 386 DHCPRELEASE Same as Same as DHCPDECLINE. DHCPDECLINE. DHCPINFORM Forward to trusted Forward to trusted interfaces only. interfaces only. DHCPLEASEQUE Filtered. Forward. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 387 Click IP Configuration > IPv4 Management and Interfaces >DHCP Snooping/Relay > STEP 1 Properties. Enter the following fields: • Option 82—Select Option 82 to insert Option 82 information into packets. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 388 DHCP Snooping Trusted Interfaces Packets from untrusted ports/LAGs are checked against the DHCP Snooping Binding database (see the DHCP Snooping Binding Database page). By default, interfaces are trusted. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 389 Add page, except for the IP Source Guard field: • Status— Active—IP Source Guard is active on the device. Inactive—IP Source Guard is not active on the device. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 390 Click Apply. The settings are defined, and the device is updated. STEP 4 DHCP Server This section covers the following topics: • Overview • Properties • Network Pool • Excluded Addresses • Static Hosts • DHCP Options Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 391 Define up to 16 network pools of IP addresses using the Network Pool page. STEP 3 Configure clients that will be assigned a permanent IP address, using the Static Hosts page. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 392 IP addresses of the pool belong to the IP subnet. • Remote Client—The device takes an IP address from the network pool with the IP subnet that matches the IP address of the DHCP relay agent. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 393 Minutes—The number of minutes in the lease. A days value and an hours value must be added before a minutes value can be added. • Default Router IP Address (Option 3)— Enter the default router for the DHCP client. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 394 By default, the DHCP server assumes that all pool addresses in a pool may be assigned to clients. A single IP address or a range of IP addresses can be excluded. The excluded addresses are excluded from all DHCP pools. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 395 Network Mask—Check and enter the static host’s network mask. Prefix Length—Check and enter the number of bits that comprise the address prefix. • Identifier Type—Set how to identify the specific static host. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 396 Other and enter the IP address of the time server for the DHCP client. • File Server IP Address (siaddr)—Enter the IP address of the TFTP/SCP server from which the configuration file is downloaded. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 397 A hex value can be provided in place of any other type of value. For instance, you can provide a hex value of an IP address instead of the IP address itself. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 398 MAC Address or in hexadecimal notation, e.g., 01b60819681172. • Lease Expiration—The lease expiration date and time of the host’s IP address or Infinite is such was the lease duration defined. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 399: Ipv6 Management And Interfaces
IPv6 Global Configuration • IPv6 Interfaces • IPv6 Tunnel • IPv6 Addresses • IPv6 Router Configuration • IPv6 Default Router List • IPv6 Neighbors • IPv6 Prefix List Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 400 When static routes must be updated, this must be done explicitly by the user. It is the user's responsibility to prevent routing loops in the network. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 401 DHCP server to locate the client. It can be in one of the following formats: Link-Layer—(Default). If you select this option, the MAC address of the device is used. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 402 Click Add to add a new interface on which interface IPv6 is enabled. STEP 4 Enter the fields: STEP 5 • IPv6 Interface—Select a specific unit, port, LAG, loopback interface or VLAN for the IPv6 address. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 403 • Link local address using EUI-64 format interface ID based on a device’s MAC address • All node link local Multicast addresses (FF02::1) Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 404 Information Minimum Refresh Time— See above. • Information Refresh Time—See above. • Received Information Refresh Time—Refresh time received from DHCPv6 server. • Remaining Information Refresh Time—Remaining time until next refresh. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 405 When the ISATAP router IPv4 address is not resolved via the DNS process, the ISATAP IP interface remains active. The system does not have a default router for ISATAP traffic until the DNS process is resolved. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 406 IPv6 address, if it is link local. The following table summarizes tunnel support in the various devices: Tunnel Sx350 SG350x SG350XG/SX350X SG550X SG550XG/SX550X Type ISATAP Supported Supported Supported Supported Supported Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 407 Source IPv4 Address and ISATAP Router Name fields. See the following explanations for these fields. Enter the following fields: STEP 3 • Tunnel Name—Select a tunnel number. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 408 Use Default—This is always ISATAP. User Defined—Enter the router’s domain name. Click Apply. The tunnel is saved to the Running Configuration file. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 409 If a link local address exists on the interface, this entry replaces the address in the configuration. Global—An IPv6 address that is a global Unicast IPV6 type that is visible and reachable from other networks. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 410 Click Apply. The Running Configuration file is updated. STEP 5 IPv6 Router Configuration The following sections describe how to configure IPv6 routers. It covers the following topics: • Router Advertisement • IPv6 Prefixes Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 411 Neighbor Solicitation Retransmissions Interval—Set the interval to determine the time between retransmissions of neighbor solicitation messages to a neighbor when resolving the address or when probing the reachability of a neighbor. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 412 • Prefix Address—The IPv6 network. This argument must be in the form documented in RFC 4293 where the address is specified in hexadecimal—using 16-bit values between colons. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 413 (for example, because the prefix was also configured by adding an IPv6 address), it will be removed. Click Apply to save the configuration to the Running Configuration file. STEP 6 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 414 Next Hop Type—The IP address of the next destination to which the packet is sent. This is composed of the following: Global—An IPv6 address that is a global Unicast IPV6 type that is visible and reachable from other networks. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 415 Static Only—Deletes the static IPv6 address entries. • Dynamic Only—Deletes the dynamic IPv6 address entries. • All Dynamic & Static—Deletes the static and dynamic address entries IPv6 address entries. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 416 When First Hop Security is configured, it is possible to define rules for filtering based on IPv6 prefixes. These lists can be defined in the IPv6 Prefix List page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 417 If an entry with the number exists, it is replaced by the new one. • Rule Type—Enter the rule for the prefix list: Permit—Permits networks that matches the condition. Deny—Denies networks that matches the condition. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 418 Create new list—Enter a name for the new access list. • Source IPv6 Address—Enter the source IPv6 address. The following options are available: Any—All IP addresses are included. User Defined—Enter an IP address. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 419 Global—An IPv6 address that is a global Unicast IPV6 type that is visible and reachable from other networks. Point-to-Point—A Point-to-point tunnel. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 420 The user must configure the list DHCP servers to which packets are forwarded. Two sets of DHCPv6 servers can be configured: • Global Destinations—Packets are always relayed to these DHCPv6 servers. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 421 To enable DHCPv6 on an interface and optionally add a DHCPv6 server for an interface, click STEP 2 Add. Enter the fields: • Source Interface—Select the interface (port, LAG, VLAN or tunnel) for which DHCPv6 Relay is enabled. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 422 If a route map has more than one rule (ACL) defined on it, the sequence number determines the order in which the packets will be matched against the ACLs (from lower to higher number). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 423 Bound IPv4 Route Map—Select an IPv4 route map to bind to the interface. • Bound IPv6 Route Map—Select an IPv6 route map to bind to the interface. Click Apply. The Running Configuration file is updated. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 424: Domain Name System
As a DNS client, the device resolves domain names to IP addresses through the use of one or more configured DNS servers. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 425 Use Default—Select to use the default value. This value = 2*(Polling Retries + 1)* Polling Timeout User Defined—Select to enter a user-defined value. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 426 Preference—Select a value that determines the order in which the domains are used (from low to high). This effectively determines the order in which unqualified names are completed during DNS queries. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 427 Name resolution always begins by checking static entries, continues by checking the dynamic entries, and ends by sending requests to the external DNS server. Eight IP addresses are supported per DNS server per host name. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 428 Only one link local address is supported. If a link local address exists on the interface, this entry replaces the address in the configuration. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 429 IP Address—Enter a single address or up to eight associated IP addresses (IPv4 or IPv6). Click Apply. The settings are saved to the Running Configuration file. STEP 5 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 430: Chapter 18: Ip Configuration: Ripv2
The device supports RIP version 2, which is based on the following standards: • RFC2453 RIP Version 2, November 1998 • RFC2082 RIP-2 MD5 Authentication, January 1997 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 431: How Rip Operates On The Device
In this way, the relative cost of the interfaces can be adjusted as desired. It is your responsibility to set the offset for each interface (1 by default). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 432 RIP information on this interface. By default, transmission of routing updates on an IP interface is enabled. RIPv2 Settings for more information. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 433 If these features are enabled, rejected routes are advertised by routes with a metric of 16. The route configurations can be propagated using one of the following options: • Default Metric Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 434 RIP. This is shown in the following, which illustrates a network where some routers support RIP and others do not. A Network with RIP and non-RIP Routers Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 435 RIP Peers Database You can monitor the RIP peers database per IP interface. See RIPv2 Peers Database for a description of these counters Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 436: Configuring Rip
The following pages are described: • RIPv2 Properties • RIPv2 Settings • RIPv2 Statistic • RIPv2 Peers Database RIPv2 Properties This feature is only supported on 550 family of devices. NOTE Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 437 Connected Metric field. The following options are available: • Default Metric—Causes RIP to use the default metric value for the propagated static route configuration (refer to Redistribution Feature). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 438 Enable—Advertise the default route on this RIP interface. Disable—On this RIP interface, do not advertise the default route. • Default Route Advertisement Metric—Enter the metric for the default route for this interface. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 439 The following fields are displayed: • IP Interface—IP interface defined on the Layer 2 interface. • Bad Packets Received—Specifies the number of bad packets identified by RIP on the IP interface. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 440: Access Lists
1. Create an access list with a single IP address, using the Access Lists pages. 2. Add additional IP addresses if required, using the Source IPv4 Access List page. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 441 To modify the parameters of an access list, click Add and modify any of the following fields: STEP 2 • Access List Name—Name of the access list. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 442 Permit—Permit entry of packets from the IP address(es) in the access list. Deny—Reject entry of packets from the IP address(es) in the access list. Click Apply. The settings are written to the Running Configuration file. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 443: Chapter 19: Ip Configuration: Vrrp
VRRP also enables load sharing of traffic. Traffic can be shared equitably among available routers by configuring VRRP in such a way that traffic to and from LAN clients are shared by multiple routers. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 444: Vrrp Topology
The VRRP router priority depends on the following: if the VRRP router is the owner, its priority NOTE is 255 (the highest), if it is not an owner, the priority is manually configured (always less than 255). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 445 192.168.2.1 and is the virtual router master, and rB is the virtual router backup to rA. Clients 1 and 2 are configured with the default gateway IP address of 192.168.2.1. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 446: Configurable Elements Of Vrrp
The following cases might occur when configuring a virtual router: • All the existing VRRP routers of the virtual router operate in VRRPv3. In this case, configure your new VRRP router to operate in VRRPv3. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 447 IP subnet as the IP addresses of the virtual router. The corresponding IP subnets must be configured manually in the VRRP router, not DHCP assigned. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 448 Disabled—Even if a VRRP router with a higher priority than the current master is up, it does not replace the current master. Only the original master (when it becomes available) replaces the backup. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 449: Configuring Vrrp
Enter the following fields: STEP 3 • Interface—Interface on which virtual router is defined. • Virtual Router Identifier—User-defined number identifying virtual router. • Description—User-defined string identifying virtual router. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 450 Advertisement Interval—Enter how frequently advertisement packets are sent. If these parameters are changed (Edit), the virtual router is modified and a new NOTE message is sent with the new parameters. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 451 Priority—Priority of this virtual router’s device, based on its ability to function as a master. Advertisement Interval—Time interval, as described in VRRP Advertisements. Source IP Address—IP address to be used in VRRP messages. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 452 STEP 2 Click Clear Interface Counter to clear the counters for that interface. STEP 3 Click Clear All Interface Counters to clear all the counters. STEP 4 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 453: Chapter 20: Ip Configuration: Sla
This enables connectivity to the next hop via the new selected master router. IP SLA is not required when using RIP or other dynamic routing protocols Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 454 Operation—Each IP SLAs ICMP Echo operation sends a single ICMP Echo request to a target address at a configured frequency rate. It then waits for a response. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 455 Y. If the delay timer is expired, the state of the tracking object is changed to X and the X state is passed to the associated applications. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 456: Using Sla
To define this field, select from one of the following options: Auto—The source interface is based on Forwarding Table information. By address— Specify a different source IP address. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 457 To add a new object, click Add. STEP 2 Enter the following fields: STEP 3 • Track Number—Enter an unused number. • Operation Number—Select an SLA operation from a list. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 458 • ICMP-Echo Requests—Number of request packets that were sent. • ICMP-Echo Replies—Number of reply packets that were received. • ICMP-Echo Errors—Number of error packets that were received. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 459 Using SLA To refresh these counters click: • Clear Counters—Clears counters for selected operation. • Clear All Operations Counters—Clears counters for all operations. • Refresh—Refresh the counters. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 460: Chapter 21: Security
Storm Control • Access Control Access control of end-users to the network through the device is described in the following sections: • Management Access Method • Configuring TACACS+ Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 461 • Accounting—Enable accounting of login sessions using the TACACS+ server. This enables a system administrator to generate accounting reports from the TACACS+ server. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 462 The following defaults are relevant to this feature: • No default TACACS+ server is defined by default. • If you configure a TACACS+ server, the accounting feature is disabled by default. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 463 Encrypted or Plaintext mode. The device can be configured to use this key or to use a key entered for an specific server (entered in the Add TACACS+ Server page). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 464 Only one link local address is supported. If a link local address exists on the interface, this entry replaces the address in the configuration. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 465: Radius
To display sensitive data in plaintext form on this page, click Display Sensitive Data As STEP 8 Plaintext. RADIUS Remote Authorization Dial-In User Service (RADIUS) servers provide a centralized 802.1X or MAC-based network access control. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 466 Open an account for the device on the RADIUS server. STEP 1 Configure that server along with the other parameters in the RADIUS and ADD RADIUS STEP 2 Server pages. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 467 Source IPv4 Interface—Select the device IPv4 source interface to be used in messages for communication with the RADIUS server. • Source IPv6 Interface—Select the device IPv6 source interface to be used in messages for communication with the RADIUS server. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 468 RADIUS server before retrying the query, or switching to the next server if the maximum number of retries made. If Use Default is selected, the device uses the default timeout value. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 469 Click Security > RADIUS Server > RADIUS Server Global Settings. STEP 1 Enter the following parameters: STEP 2 • RADIUS Server Status—Check to enable the RADIUS server feature status. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 470 Click Apply. The RADIUS default settings for the device are updated in the Running STEP 3 Configuration file. To add a secret key, click Add and enter the following fields: STEP 4 • NAS Address—Address of switch containing RADIUS client. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 471 None—No VLAN ID is sent. VLAN ID—VLAN ID sent. VLAN Name—VLAN name sent Click Apply. The RADIUS group definition is added to the Running Configuration file of the STEP 3 device. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 472 Date/Time Change—Date/time on the device was changed. Reset—Device has reset at the specified time. • Authentication Method—Authentication method used by the user. Displays N/A if the Event Type is Date/Time Change or Reset. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 473 The rejected users are displayed along with the following fields: • Event Type—Displays one of the following options: Rejected—User was rejected. Time Change—Clock on device was changed by the administrator. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 474 The following fields are displayed: • (Log) Event Type Unknown NAS—An unknown NAS event occurred. Time Change—Clock on device was changed by the administrator. Reset—Device was reset by the administrator. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 475 Incoming Authentication Packets of Unknown Type—Number of received incoming authentication packets of unknown type. • Incoming Packets on the Accounting Port—Number of incoming packets on the accounting port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 476: Password Strength
To refresh the counters, click Refresh. Password Strength The default username/password is cisco/cisco. The first time that you log in with the default username and password, you are required to enter a new password. Password complexity is enabled by default. If the password that you choose is not complex enough (Password Complexity Settings are enabled in the Password Strength page), you are prompted to create another password.
Page 477 Minimal Number of Character Classes—Enter the number of character classes which must be present in a password. Character classes are lower case (1), upper case (2), digits (3), and symbols or special characters (4). Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 478 Key Identifier—Integer identifier for the key chain. • Key String—Value of the key chain string. Enter one of the following options: User Defined (Encrypted)—Enter an encrypted version. User Defined (Plaintext)—Enter a plaintext version Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 479 Minutes—Number of minutes that the key-identifier is valid. Seconds—Number of seconds that the key-identifier is valid. Click Apply. The settings are written to the Running Configuration file. STEP 3 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 480 • Duration—Length of time that the key identifier is valid. Enter the following fields: Days—Number of days that the key-identifier is valid. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 481: Management Access Method
Access Methods—Methods for accessing and managing the device: Telnet Secure Telnet (SSH) Hypertext Transfer Protocol (HTTP) Secure HTTP (HTTPS) Simple Network Management Protocol (SNMP) All of the above Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 482 This only applies to device types that offer a console port. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 483 Deny—Denies access to the device if the user matches the settings in the profile. • Applies to Interface—Select the interface attached to the rule. The options are: All—Applies to all ports, VLANs, and LAGs. User Defined—Applies to selected interface. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 484 To add profile rules to an access profile: Click Security > Mgmt Access Method > Profile Rules. STEP 1 Select the Filter field, and an access profile. Click Go. STEP 2 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 485 All—Applies to all ports, VLANs, and LAGs. User Defined—Applies only to the port, VLAN, or LAG selected. • Interface—Enter the interface number. The OOB port can also be entered. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...
Page 486: Management Access Authentication
In other words, if authentication fails for an authentication method, the device stops the authentication attempt; it does not continue and does not attempt to use the next authentication method. Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4...

Cisco 350 Series Administration Manual

Chapter 1: Quick Getting Started

Chapter 2: General Information

Chapter 3: Dashboard

Chapter 4: Configuration Wizards

Chapter 5: Status and Statistics

Chapter 6: Administration

Chapter 7: Administration: File Management

Chapter 8: Administration: Stack Management

Chapter 9: Administration: Time Settings

Chapter 10: Administration: Discovery

Chapter 11: Port Management

Chapter 12: Smartport

Chapter 13: VLAN Management

Chapter 14: Spanning Tree

Chapter 15: Managing MAC Address Tables

Chapter 16: Multicast

Chapter 17: IP Configuration

Chapter 18: IP Configuration: Ripv2

Chapter 19: IP Configuration: VRRP

Chapter 20: IP Configuration: SLA

Chapter 21: Security

Chapter 22: Security: 802.1X Authentication

Chapter 23: Security: Secure Sensitive Data Management

Chapter 24: Security: SSH Server

Chapter 25: Security: SSH Client

Chapter 26: Security: Ipv6 First Hop Security

Chapter 27: Access Control

Chapter 28: Quality of Service

Chapter 29: SNMP

Chapter 30: Smart Network Application (SNA)

Quick Links

Related Manuals for Cisco 350 Series

Summary of Contents for Cisco 350 Series