Subscribe to Our Youtube Channel
Related Manuals for Cerio CS-2424G A2S
Summary of Contents for Cerio CS-2424G A2S
- Page 1 CERIO Corporation CS-2424G_A2S 24 Port 10/100/1000M Gigabit Web Managed Switch with 4 SFP Ports User Manual V1.0a...
- Page 2 FCC Warning This device has been tested and found to comply with limits for a Class A digital device, pursuant to Part 2 and 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses and can radiates radio frequency energy and, if not installed and used in accordance with the user’s manual, may cause interference in which case user will be required to correct the...
-
Page 3: Table Of Contents
Exterior ..............................8 Front Panel ............................ 8 Rear Panel Layout ......................... 8 Software Configuration .......................... 8 Example of Segment: (Windows OS) ................... 9 Open Web Browser..........................12 System login username and password information ..............12 System Status ............................13 Device Information ........................13 Logging Message ......................... - Page 4 GVRP ............................35 6.7.1 Property ......................... 36 6.7.2 Member ship ........................36 MAC Address Table ..........................38 Dynamic Address ........................38 Static Address ..........................38 Filtering Address ......................... 39 Spanning Tree ............................39 Property ............................39 Port Setting ..........................41 MST Instance ..........................
- Page 5 10.4.2 Port Setting ........................65 10.4.3 Group Address ....................... 66 Security ..............................67 11.1 RADIUS ............................67 11.2 TACACS+ ............................69 11.3 AAA .............................. 70 11.3.1 Method List ........................70 11.3.2 Login Authentication ..................... 71 11.4 Management Access ........................72 11.4.1 Management VLAN .......................
- Page 6 12.6 IPv6 ACE ............................92 12.7 ACL Binding ..........................94 QoS ............................... 95 13.1 Property ............................95 13.2 Queue Scheduling ........................96 13.3 CoS Mapping ..........................97 13.4 DSCP Mapping ..........................98 13.5 IP Precedence to Queue Mapping ..................... 99 13.6 Rate Limit ............................
- Page 7 V1.0a...
-
Page 8: Exterior
Set the IP segment of the administrator's computer to be in the same range as CS-2424G A2S for accessing the system. Do not duplicate the IP Address used here with IP Address of CS-2424G A2S or any other device within the network. Please refer to the following steps... -
Page 9: Example Of Segment: (Windows Os)
Example of Segment: (Windows OS) Step 1 : Please click on the computer icon in the bottom right window, and click “Open Network and Sharing Center” Step 2 : In the Network and Sharing Center page, click on the left side of “Change adapter setting” button V1.0a... - Page 10 Step 3 : In “Change adapter setting” Page, right click on Local LAN then select “Properties” Step 4 : In the “Properties” page, click the “Properties” button to open TCP/IP setting V1.0a...
- Page 11 Step 5 : In Properties page for setting IP addresses, find “Internet Protocol Version 4 (TCP/IPv4)” and double click to open TCP/IPv4 Properties window Double click Step 6 : Select “Use the following IP address”, and fix in IP Address to: 192.168.2.X ex.
-
Page 12: Open Web Browser
System login Overview page will appear after successful login. 2.2 System login username and password information The CS-2424G A2S web switch default IP is 192.168.2.200 Into the management page as follows, please enter Username and password Default IP Address: 192.168.2.200 ... -
Page 13: System Status
Default Username and Password Management Account Root Account Username root Password default After the authentication procedure, the home page will show up. Select one of the configurations by clicking the icon. 3. System Status Device Information This administrator can check device system information in the “Device Information” tab V1.0a... -
Page 14: Logging Message
Model: Display model name of the switch. System Name/ Location/ Contact: Display system name of the switch. When administrator click Edit button then can modify the system information. MAC Address: Display system use MAC address. IPv4/v6 Address: Display system use IP address. ... -
Page 15: Port
Administrator can use this tools page to Inspection of system RAM and Flash status. Viewing: Administrator can select RAM or Flash. Showing: Administrator can set pen display. 3.3 Port Display detailed information for each port. 3.3.1 Statistics Administration can choose to view specified GE or LAG information.( contain Interface/ Etherlike/ RMON information) or set auto refresh time of information page. - Page 16 Etherlike page displays statistics per interface according to the Etherlike MIB standard definition. This function provides more detailed information regarding errors in the physical layer (Layer 1). V1.0a...
-
Page 17: Error Disabled
3.3.2 Error Disabled If administrator has set Error disabled functions then can monitor information in page. V1.0a... -
Page 18: Bandwidth Utilization
3.3.3 Bandwidth Utilization This page can display Tx / Rx Real-time bandwidth information of each port. (Instant used rate per port). 3.4 Link Aggregation V1.0a... -
Page 19: Mac Address Table
If administrator has set LACP function then this can display LACP information. LAG 1~8: This system have support 8 Link Aggregation group. Administrator can enable 8 LAG. Name: Disable LAGs name. Type: Display Link Aggregation used Static or LACP mode. ... -
Page 20: Network
VLAN: Display each port used VLAN number. MAC Address: Display device use MAC address information. Type: Display each port used type for Dynamic or Static. Port: Display Port number. 4. Network V1.0a... -
Page 21: Ip Address
4.1 IP Address Administrator can set IP address for the system. The IP address support IPv4 & IPv6 protocol, if switch device must want to internet, administrator can set gateway IP address in the page. IPv4 Address Address Type: Administrator can select use static or Dynamic IP address in system. If ... -
Page 22: Port
System time can be configured via this page. Administrator can select SNTP Server or from computer to update the system time or administration can use manual setting the system time. Note. If administrator chooses SNTP Server to synchronization update time then must confirm system gateway and DNS is correct and switch system must be able to connect to the SNTP Server. -
Page 23: Port Setting
5.1 Port setting Administrator can set speed / Duplex / Flow Control by each port. Please select port number in checkbox and click apply button to set speed / Duplex / Flow Control of each port. 5.2 Error Disabled This function can block of faulty operation, including EPDU Guard / UDLD / Self Loop / Broadcast V1.0a... -
Page 24: Link Aggregation Setup
Flood / Unknown Multicast Flood / Unicast Flood / ACL / Port Security / DHCP Rate Limit / ARP Rate Limit etc. After administrator enable this functions, if occur error in table functions then system will auto immediate block of faulty operation until the after the set time, system will auto re-enable. Recovery Interval: Administrator can set time of auto recovery interval. -
Page 25: Group Configuration
together to form a logical aggregation group. To upper layer entities, all the physical links in an aggregation group are a single logical link. 5.3.1 Group Configuration Administrator can select use MAC Address or IP-MAC address of load balance Algorithm. This system default can set 8 LA group, administrator can select LAG number and click Edit button go to set LA used ports. -
Page 26: Port Setting
5.3.2 Port Setting Administrator can set speed and flow control for Link Aggregation Group (LAG). 5.3.3 LACP The LACP can aggregate multiple Ethernet ports together to form a logical aggregation group. To upper layer entities, all the physical links in an aggregation group are a single logical link. V1.0a... -
Page 27: Eee
System Priority: Administrator configures the LACP system priority on each switch running LACP. LACP uses the system priority with the switch MAC address to form the system ID and also during negotiation with other switches. The function with the lower system priority value determines which links between LACP partner devices are active and which are in standby for each LACP group. -
Page 28: Jumbo Frame
Jumbo Frame Administrator can set Jumbo Frame for switch. Jumbo frames support takes effect only after it is enabled, and after the switch is Note rebooted. 6. VLAN Administrator can set IEEE 802.1q Tag Based VLAN or Port Based VLAN. System default is VLAN1 Port based (PVID). -
Page 29: Create Vlan
Create VLAN Administrator can select VLAN number in Available VLAN list, this VLAN number based on IEEE 802.1q standard. Available VLAN list can be multiple choices. VLAN: Administrator can select VLANs number in "Available VLAN" table and move to "Created VLAN"... -
Page 30: Membership
VLAN: Administrator can click drop down menu to choose VLAN and set. Excluded: This interface is currently not a member of the VLAN. This is the default for all the ports and LAGs. Tagged: This interface is a tagged member of the VLAN. ... -
Page 31: Port Setting
When a port is forbidden default VLAN membership, that port is not allowed membership in any other VLAN. An internal VID of 4095 is assigned to the port. This PVID on the ports between the two devices must be the same if the ports are to send and receive untagged packets to and from the VLAN. Otherwise, traffic might leak from one VLAN to another. - Page 32 Hybrid: The interface can be a tagged or untagged member of one or more VLANs. Access: The interface is an untagged member of a single VLAN. A port configured in this mode is known as an access port. Trunk: The interface is an untagged member of one VLAN at most, and is a tagged member of ...
-
Page 33: Voice Vlan
Untag Only: The interface accepts only untagged and priority frames. Ingress Filtering: Administrator can check Enable to enable ingress filtering. When an interface is ingress filtering enabled, the interface discards all incoming frames that are classified as VLANs of which the interface is not a member. -
Page 34: Mac Vlan
OUI. Once the OUI is added, all traffic received on voice VLAN ports from the specific IP phone with a listed OUI is forwarded on the voice VLAN. Unlike the telephony OUI mode that detects voice devices based on telephony OUI, Auto Voice VLAN mode depends on auto smart port to dynamically add the ports to the voice VLAN. -
Page 35: Gvrp
otherwise, the priority will be set to 0 (zero). The assigned VLAN ID is verified against the VLAN table. If the VLAN is valid, ingress processing on the packet continues; otherwise, the packet is dropped. This implies that you can configure a MAC address mapping to a VLAN that has not been created on the system. -
Page 36: Property
802.1Q-compliant method for facilitating automatic (dynamic) VLAN membership configuration. GVRP-enabled switches can exchange VLAN configuration information with other GVRP-enabled switches. Policy rules or other network management methods can determine who is admitted to a VLAN. When a node requests admission to a specific VLAN, GVRP handles the registration of the node with GVRP-enabled switches and maintains that information. - Page 37 6.7.3 Statistics When enable and set GVRP function then administrator can check every port in GVRP include Receive / Transmit and Error information. V1.0a...
-
Page 38: Mac Address Table
7. MAC Address Table 7.1 Dynamic Address This page can display MAC address for connected device. Administrator can set aging time for connected port. When administrator select checkbox MACs address and click “Add Static Address” button then selected MAC address will move to “Static Address” function. 7.2 Static Address If administrator fixed an MAC address in the port then device MAC address will bind in the port, if device connection other port will can't working only connection bind port. -
Page 39: Filtering Address
7.3 Filtering Address Administrator can set need filtering MAC address in the MAC table. If MAC is added on table this MAC will be blocked Spanning Tree Spanning Tree function allows only one active path at a time between any two network devices (this prevents the loops) but establishes the redundant links as a backup if the initial link should fail. - Page 40 State: Administrator can choose Enable or Disable this function. Operation Mode: Administrator can choose use STP or RSTP. Path Cost: Administrator can choose STP judgment use Path cost for Long or Short. BPDU Handling: When the Switch receives the BPDU frame, Administrator can choose the BPDU ...
-
Page 41: Port Setting
parameters in the spanning-tree mst configuration. All three parameters are the same Region. Administrator can use MAC address will set a name. Revision: Administrator every time change MST value, customary "Revision" to add 1 value. Max. Hop: Set max. hop of switch. ... -
Page 42: Mst Instance
devices. Therefore, lower values should be assigned to ports attached to faster media, and higher values assigned to ports with slower media. (Path cost takes precedence over port priority.) Note that when the Path Cost Method is set to short, the maximum path cost is 65,535. Range: 1-200000000, (set 0 = Auto, default is 0). -
Page 43: Mst Port Setting
MSTI: Select the MSTP instance to be configured. VLAN: Displays the VLANs mapped to the selected MSTP instance. Priority: Enter the priority of this bridge for the selected MST instance. Bridge Identifier: Displays the priority and MAC address of the Root Bridge for the selected MST ... - Page 44 MST Port Settings is used to configure the port MSTP settings for every MST instance. It is also used to view statistics that have been learned from the protocol. Path Cost: Path cost default value is 0 (auto) depends on source device rate. ...
-
Page 45: Statistics
Port State: Displays the MSTP status of the port. Mode: Displays the current Spanning Tree mode. RSTP: RSTP is enabled on the port. STP: Classic STP is enabled on the port. MSTP: MSTP is enabled on the port. ... -
Page 46: Discovery(Lldp)
Discovery(LLDP) The Link Layer Discovery Protocol (LLDP) is a vendor-neutral link layer protocol in the Internet Protocol Suite used by network devices for advertising their identity, capabilities, and neighbors on an IEEE 802 local area network, principally wired Ethernet. LLDP information is sent by devices from each of their interfaces at a fixed interval, in the form of an Ethernet frame. -
Page 47: Port Setting
State: Administrator can choose Enable or disable this LLDP function. LLDP Handing: If cancel checkbox then administrator can choose Filtering / Bridging / Flooding for LLDP handing. TLV Advertise Interval: Set LLDPDU Send Interval period (range 5-32760, default is 30) ... -
Page 48: Packet View
Mode: Administrator can choose Transmit(TX) / Receive(RX) or Normal(TX+RX) and Disable, if choose disable will don't send and receive LLDPDU. Optional TLV: Administrator can be configuration information into different TLV, encapsulates LLDPDU and issued to the neighbor device. 802.1 VLAN Name: Administrator can choose VLAN group. - Page 49 Mandatory TLVs: Size(Bytes): Display total mandatory TLV byte size. Operational Status: If TLV is transmitting or overloaded will display on this table. MED Capabilities Size(Bytes): Display total LLDP MED capabilities packets byte size. Operational Status: Display the LLDP MED capabilities packets whether were transmitted or they ...
-
Page 50: Local Information
Optional TLVs Size(Bytes): Display total LLDP MED optional TLVs packets byte size. Operational Status: Display the MED optional TLVs whether were transmitted or they were overloaded. 802.1 TLVs Size(Bytes): Display total LLDP MED 802.1 TLVs packets byte size. ... - Page 51 Management Address Table: This table will display local LLDP agent. Address Subtype: Display management IP address type. Address: Returned address most appropriate for management use, typically a Layer 3 address. Interface Subtype: Numbering method used for defining the interface number. ...
-
Page 52: Neighbor
802.3 Link Aggregation Aggregation Capability: Indicates whether the interface can be aggregated. Aggregation Status: Indicates whether the interface is aggregated. Aggregation Port ID: Advertised aggregated interface ID. 9.5 Neighbor The page displays information that was received using the LLDP protocol from neighboring devices. After timeout the information is deleted. -
Page 53: Statistics
9.6 Statistics This page displays LLDP statistical information per port. Port: Port identifier. Transmit Frames Total: Total number of transmitted frames. Receive Frames: Total: Number of received frames. Discarded: Total number of received frames that were discarded. ... -
Page 54: Group Address
Unknown Multicast Action: Choose how to deal with unknown Multicast frames. Administrator can choose 3 processing method. Flood: Floods unknown Multicast frames. Drop: Drops unknown Multicast frames. Forward to Router Port: Forwards unknown Multicast frames to Router port. ... - Page 55 VALN: Define the VLAN of the group to be displayed. IP Version: Select either Version 4 or Version 6. Group Address: Define the IP address of the Multicast group to be displayed. Member: Select ports of Multicast group. ...
-
Page 56: Router Port
10.1.3 Router Port A Multicast Router (MRouter) port is a port that connects to a Multicast router. The switch includes the MRouter port(s) when it forwards Multicast streams and IGMP/ MLD registration messages. It is required in order for all MRouter(s) can, in turn; forward the Multicast streams and propagate the registration messages to other subnets. -
Page 57: Forward All
10.1.4 Forward All Configure ports or LAGs to receive Multicast streams from a specific VLAN. Administrator can statically configure a port to Forward All if the devices connecting to the port do not support IGMP or MLD. The configuration affects only the ports that are members of the selected VLAN. Note ... -
Page 58: Filtering Profile
10.1.5 Filtering Profile Filter profile permits or denies a range of Multicast groups to be learned when the join group matches the filter profile IP group range. 10.1.6 Filtering Binding When the setting is completed of Filtering Profile, administrator can select ports to set filtering binding. -
Page 59: Igmp Snooping
10.2 IGMP Snooping IGMP snooping is the process of listening to Internet Group Management Protocol (IGMP) network traffic. The feature allows a network switch to listen in on the IGMP conversation between hosts and routers. By listening to these conversations the switch maintains a map of which links need which IP multicast streams. - Page 60 State: Administrator can choose Enable or Disable this function. Router Port Auto Learn: Administrator can enable Router Port Auto Learn. Immediate leave: Immediate leave for the specified VLAN. Administrator enable immediate leave will host tracking is started, which allows the switch to track the hosts that send membership reports.
-
Page 61: Querier
10.2.2 Querier Administrator can choose created VLAN to enable or disable the IGMP Snooping query function. When select checkbox and click "Edit" button will be go to set IGMP Snooping version, this function can get IGMP Snooping query device regularly to VLAN local segments in all hosts and routers send IGMP Snooping general query packets, to the query segment which multicast group members. -
Page 62: Mld Snooping
10.3 MLD Snooping The function support selective Multicast forwarding (IPv6), MLD Snooping must be enabled globally and for each relevant VLAN. The switch supports MLD Snooping on both static and dynamic VLANs. Hosts use the MLD protocol to report their participation in Multicast sessions, and the switch uses MLD Snooping to build Multicast membership lists. - Page 63 State: Administrator can Enable or Un-Enable MLD Snooping on the VLAN. The switch monitors network traffic to determine which hosts have asked to be sent Multicast traffic. The switch performs MLD Snooping only when MLD Snooping is enabled globally and on the VLAN.
-
Page 64: Statistics
10.3.2 Statistics If administrator to enable MLD snooping, the page will display Receive / Transmit Packet information of MLD Snooping. 10.4 MVR MVR (Multicast VLAN Registration) is designed for applications that use wide-scale deployment of multicast traffic across an Ethernet ring-based service-provider network (for example, the broadcast of multiple television channels over a service-provider network). -
Page 65: Property
10.4.1 Property State: Administrator can Enable or Un-Enable MVR function. VLAN: Select VLAN ID. Mode: Select use Compatible or Dynamic mode. Group Start: Administrator can set range is 224.0.0.0 to 239.255.255.255. Group Count: Uses the count parameter to configure a contiguous series of MVR group ... -
Page 66: Group Address
Receiver: Configures a port as a receiver port if it is a subscriber port and should only receive multicast data. It does not receive data unless it becomes a member of the multicast group, either statically or by using IGMP leave and join messages. Receiver ports cannot belong to the multicast VLAN. -
Page 67: Security
Security 11.1 RADIUS Network architecture can establish a Remote Authorization login Service (RADIUS) server to provide a centralized 802.1X or MAC-based network access control for all of its devices. This switch can act as a RADIUS client that uses the RADIUS server to provide centralized security and authorization and user authentication. - Page 68 Address Type: Select IP Version 4 / 6 or use Hostname type. Server Address: Please enter the IP address or hostname of the RADIUS server. Server Port: Set port of RADIUS server. Priority: Administrator can enter the priority of the server. The priority determines the order that ...
-
Page 69: Tacacs
11.2 TACACS+ Administrator can be configuration TACACS+ to connection TACACS+ Server to provide authentication and authorization for all devices in the organization. Timeout: Enter the amount of time in seconds that passes before the connection between the switch and the TACACS+ server times out. If a value is not entered for an individual server, the value is taken from this field, default is 5. -
Page 70: Aaa
Address Type: Select IP Version 4 / 6 or use Hostname type. Server Address: Please enter the IP address or hostname of the TACACS+ server. Server Port: Set port of RADIUS server. Priority: Administrator can enter the priority of the server. The priority determines the order that ... -
Page 71: Login Authentication
Empty: Close authentication type of this method. None: Don’t use authentication. Local: System login account use local system authentication in "menu -> management -> user Account". Enable: RADIUS: System login account use remote RADIUS server authentication. ... -
Page 72: Management Access
11.4 Management Access 11.4.1 Management VLAN When created VLAN function then administrator can select a specific VLAN, only allow this VLAN can to enter the UI management page. 11.4.2 Management Service Administrator can select enable Telnet / SSH / HTTP / HTTPS / SNMP by different protocol to login service and configuration login timeout limit and password error retry count limit. -
Page 73: Management Acl
Session Timeout: After login management page, in the set time if not session then system will auto timeout, administrator need re-login. Password Retry Count: If login error reaches the set value then login page will be kicked out, administrator need reopen the login page. -
Page 74: Management Ace
11.4.4 Management ACE This management ACE page is to create an ACL profile rule. Administrator can select an created ACL profile to set security rule. If set the ACE only use Telnet a single rule. After confirmation the rule will apply to ACL profile. Administrator can go to "management ACL"... -
Page 75: Port Security
11.5 Port Security Port security monitors received and learned packets. Access to locked ports is limited to users with specific MAC addresses. Port: Displays selected port number. State: Enable or Un-Enable the port security. MAC Address: Enter the maximum number of MAC addresses that can be learned on the ... -
Page 76: Protected Port
11.6 Protected Port If administrators check enable to make this a protected port. A protected port is also referred as a Private VLAN Edge. It's provide Layer 2 isolation between interfaces (Ethernet ports and Link Aggregation Groups) that share the same Broadcast domain (VLAN).After enable protected port, packets received from protected ports can be forwarded only to unprotected egress ports and unrestricted by VLAN members. - Page 77 Mode: Select use Packets/second or Kbits/sec of the rate threshold IFG: Inter frame gap is 20 Bytes Excluded: Not count the Broadcast / unknown Multicast or unknown Unicast frames. (excluding preamble and IFG) Include: Count the Broadcast / unknown Multicast or unknown Unicast frames. (including ...
-
Page 78: Dos
11.8 DoS DoS attack (denial-of-service) is a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. -
Page 79: Port Setting
11.8.2 Port Setting Administrator can choose protected ports. 11.9 Dynamic ARP Inspection Dynamic Address Resolution Protocol (ARP) is a TCP/IP protocol for translating IP addresses into MAC addresses. 11.9.1 Property V1.0a... - Page 80 State: Administrator can enable or disable this Dynamic ARP Inspection. VLAN: In the Enabled VLAN table, users assign static ARP Inspection lists to enabled VLANs. When a packet passes through an untrusted interface that is enabled for ARP Inspection switch will performs the checks.
-
Page 81: Statistics
11.9.2 Statistics The Statistics page will displays the statistical information for ARP Inspection. Entry: Display list entry. Port: Display all port number. Forward: Display total number of ARP packets forwarded by the VLAN. Source MAC Failure: Display total number of ARP packets that include wrong source MAC ... -
Page 82: Dhcp Snooping
11.10 DHCP Snooping Administrator can use DHCP snooping to help avoid the Denial of Service attacks that result from unauthorized users adding a DHCP server to the network that then provides invalid configuration data to other DHCP clients on the network. DHCP packets received on other switch ports are inspected before being forwarded. -
Page 83: Statistics
11.10.2 Statistics Entry: Display list entry. Port: Display all port number. Forward: Display total number of forwarded packets. Chaddr Check Drop: Display total number of packets that are dropped by Chaddr check. Untrust Port Drop: Display total number of packets that are dropped by Untrust check. ... -
Page 84: Option82 Circuit Id
Remote ID: If Option 82 is enabled, select User Defined to manually enter the format remote Operational Status: Display remote ID information. Port: Display selected Port number. State: Check Enable or Un-Enable. Allow Untrust: When untrusted port receives DHCP packets administrator can select setting ... -
Page 85: Ip Source Guard
11.11 IP Source Guard IP Source Guard restricts the client IP traffic to those source IP addresses configured in the IP Source binding database, mainly can prevent traffic attacks caused when a host tries to use the IP address of its neighbor. -
Page 86: Impv Binding
11.11.2 IMPV Binding Use the Binding to query and view information about inactive addresses recorded in the IP Source Guard database. Port: Administrator can select port number. VLAN: Set VLAN with which the IP address is associated. Binding: Select “IP/MAC/Port/VLAN or IP/ Port/VLAN binding. ... -
Page 87: Acl
Type: System can access the database by local Flash or TFTP server. Filename: Set file name of TFTP server. Address Type: Select use Host name or IP address to connection TFTP server. Server Address: Set TFTP address. If use host name then need enter host name. If use IPv4 ... -
Page 88: Mac Ace
ACL Name: Create a name of ACL. ACL Table: Display created MAC ACL name list. ACL Name: Display ACL name. Rule: Display the number of conditions. 12.2 MAC ACE MAC ACEs will check all frames for a match. ACL Name: Displays selected MAC ACL name. -
Page 89: Ipv4 Acl
Action: Administrator can select the action taken upon a match. Permit: This is forwards packets that meet the ACE criteria. Deny: This is drops packets that meet the ACE criteria. Shutdown: This is disables the port from where the packets were received. Source MAC: If select any then all source addresses are acceptable or select administrator ... -
Page 90: Ipv4 Ace
12.4 IPv4 ACE ACL Name: Displays selected IPv4 ACL name. Sequence: This sequence is priority of ACE rule. ACEs with higher priority are processed first. 1 is the highest priority. Action: Administrator can select the action taken upon a match. ... - Page 91 Source Port: If administrator select use TCP/UDP protocol will can definition source port. Any: Match to all source ports. Single: Enter a single TCP/UDP source port to which packets are matched. Range: Select a range of TCP/UDP source ports to which the packet is matched. There are ...
-
Page 92: Ipv6 Acl
12.5 IPv6 ACL Use the IPv6 Based ACL page to create IPv6-based ACLs, which check pure IPv6-based traffic. IPv6 based ACLs do not check IPv6-over-IPv4 or ARP packets. ACL Name: Create a name of ACL. ACL Table: Display created IPv6 ACL name list. ... - Page 93 Action: Administrator can select the action taken upon a match. Permit: This is forwards packets that meet the ACE criteria. Deny: This is drops packets that meet the ACE criteria. Shutdown: This is disables the port from where the packets were received. Protocol: Creates this ACE based on a specific protocol or protocol ID.
-
Page 94: Acl Binding
12.7 ACL Binding Administrator can from ACL Binding Table to select ports. When an ACL is bound to an interface, its ACE rules are applied to packets arriving at that interface. Packets that do not match any of the ACEs in the ACL are matched to a default rule, whose action is to drop unmatched packets. -
Page 95: Qos
The quality of service (QoS) feature is applied throughout the network to ensure that network traffic is prioritized according to required criteria and the desired traffic receives preferential treatment. 13.1 Property The QoS feature is used to optimize network performance. State: Administrator can enable or disable this QoS Feature. -
Page 96: Queue Scheduling
Port: Displays selected port number. CoS: Set the default CoS value to be assigned for incoming packets (that do not have a VLAN tag). The range is 0 to 7. Trust: Select the trust mode when the switch is in QoS basic mode. ... -
Page 97: Cos Mapping
Strict Priority: The function assigns the maximum weights to each queue, to cause the queuing mechanism to serve as many packets in one queue as possible before moving to a lower queue. WRR: Weight Round Robin Scheduling is like waiting in line, Packets in all the queues are sent in ... -
Page 98: Dscp Mapping
13.4 DSCP Mapping This DSCP values range from 0 through 63, whereas the internal forwarding priority values range from 1 through 8. Any DSCP value within a given range is mapped to the same internal forwarding priority value. These include the CS (Class Selector), AF (Assured Forwarding) and EF (Expedited Forwarding). For example, a packet with a DSCP tag value of 1 can be assigned to the High queue. -
Page 99: Ip Precedence To Queue Mapping
13.5 IP Precedence to Queue Mapping The IP Precedence standard uses the first 3 bits of the ToS byte to mark packets with 8 levels of priority, numbered 0-7, with 0 being the lowest priority and 7 the highest. Because IP Precedence and ToS use different bits in the ToS byte to mark the priority of a packet, they can co-exist in the same packet header without interfering with each other. -
Page 100: Diagnostics
Diagnostics 14.1 Logging This function support log message includes Console / RAM / Flash message send to remote log server. Administrator can enable or disable this function. Property Remote Server Use the Remote Log Servers page to define the remote SYSLOG servers where log messages are sent (using the SYSLOG protocol). -
Page 101: Mirroring
Address Type: Administrator can select use Hostname or IPv4/6 connection remote log server. Server Port: Enter service port to which the log messages are sent. Facility: Select a facility from which system logs are sent to the remote server. Only one facility ... -
Page 102: Ping
Mirroring Port: Administrator can choose a mirroring Port. Ingress Port: Administrator can choose mirrored ports for ingress. Egress Port: Administrator can choose mirrored ports for egress. 14.3 Ping Administrators can use this ping function to check connected device whether is active. This ping function support IPv4 and IPv6 protocol. -
Page 103: Traceroute
14.4 Traceroute Traceroute discovers the IP routes along which packets were forwarded by sending an IP packet to the target host and back to the switch. The Traceroute page displays each hop between the switch and a target host and the round-trip time to each hop. 14.5 Copper Test Administrator can use this function check port Result... -
Page 104: Fiber Module
14.6 Fiber Module Display Fiber module messenger. Management 15.1 User Account The default username/password is root/default. Administrator can modify login password or create new username / password and defined Privilege. V1.0a... -
Page 105: Firmware
15.2 Firmware 15.2.1 Upgrade / Backup Administrator can upgrade or backup firmware, method can choose use TFTP or HTTP protocol. If choose backup then administrator can choose firmware image to backup. 15.2.2 Active Image If the Switch has upload multiple firmware in system then administrator can choose a firmware to do system default start. -
Page 106: Configuration
15.3 Configuration 15.3.1 Upgrade / Backup Administrator can backup system configuration file to PC or upload configuration file to Switch system. 15.3.2 Save Configuration When administrator to click Apply on any window, changes that you made to the switch configuration settings are stored only in the Running Configuration. To preserve the parameters in the Running Configuration, the Running Configuration must be copied to another configuration type or saved as a file on another device. -
Page 107: Snmp
Source File Running Configuration to the Running Configuration, Startup Configuration or Backup Configuration. Startup Configuration to the Running Configuration, Startup Configuration, or Backup Configuration. Backup Configuration to the Running Configuration, Startup Configuration, or Backup Configuration. Destination File Select the configuration file type to be overwritten by the source file Restore Factory Default button is reset system to default. -
Page 108: Group
Type: Include: Check to include the selected MIBs in this view Excluded: Check to Excluded the selected MIBs in this view 15.4.2 Group In SNMPv1 and SNMPv2, a community string is sent along with the SNMP frames. The community string acts as a password to gain access to an SNMP agent. -
Page 109: User
Type: Basic: The access rights of a community can configure with Read Only or Read Write. In addition, Administrator can restrict the access to the community to only certain MIB objects by selecting a view. Advanced: The access rights of a community are defined by a group. You can configure the group with a specific security model. -
Page 110: Engine Id
15.4.5 Engine ID The Engine ID is only used by SNMPv3 entities to uniquely identify them. An SNMP agent is considered an authoritative SNMP engine. This means that the agent responds to incoming messages (Get, GetNext, GetBulk, Set), and sends trap messages to a manager. Each SNMP agent maintains local information that is used in SNMPv3 message exchanges. -
Page 111: Notification
15.4.7 Notification Notification is network nodes where the trap messages are sent by the switch. A list of notification recipients are defined as the targets of trap messages. A trap receiver entry contains the IP address of the node and the SNMP credentials corresponding to the version that will be included in the trap message. -
Page 112: Rmon
15.5 RMON 15.5.1 Statistics The page displays traffic statistics per interface. The refresh rate of the information can be selected. This page is useful for analyzing the amount of traffic that is both sent and received and its dispersion (Unicast, Multicast, and Broadcast). 15.5.2 History Use the History Control Table page to define the sampling frequency, amount of samples to store,... -
Page 113: Event
Max Sample: Enter the number of samples to store. Interval: Enter the time in seconds that samples were collected from the interface. Owner: Enter the RMON station or user that requested the RMON information. 15.5.3 Event Events page to configure events that are actions performed when an alarm is generated (alarms are defined on the Alarms page). - Page 114 V1.0a...
Need help?
Do you have a question about the CS-2424G A2S and is the answer not in the manual?
Questions and answers