Dahua DH-PFS4212-8GT-96 Web Operation Manual
  1. Manuals
  2. Brands
  3. Dahua Manuals
  4. Switch
  5. DH-PFS4212-8GT-96
  6. Web operation manual

Dahua DH-PFS4212-8GT-96 Web Operation Manual

Ethernet switch
Hide thumbs
Table of Contents

Advertisement

Quick Links

Ethernet Switch
Web Operation Manual
V1.0.0

Advertisement

Table of Contents
loading

Related Manuals for Dahua DH-PFS4212-8GT-96

Summary of Contents for Dahua DH-PFS4212-8GT-96

  • Page 1 Ethernet Switch Web Operation Manual V1.0.0...
  • Page 2 Foreword General This manual introduces operations on web interface of the Ethernet Switch (hereinafter referred to as "the Switch"). You can visit the switch on web browser, configure and manage the switch. Safety Instructions The following categorized signal words with defined meaning might appear in the manual. Signal Words Meaning Indicates a high potential hazard which, if not avoided, will result in...
  • Page 3 Upgrade the reader software or try other mainstream reader software if the manual (in PDF  format) cannot be opened. All trademarks, registered trademarks and the company names in the manual are the  properties of their respective owners. Please visit our website, contact the supplier or customer service if there is any problem ...

  • Page 4: Important Safeguards And Warnings

    Important Safeguards and Warnings The manual helps you to use our product properly. To avoid danger and property damage, read the manual carefully before using the product, and we highly recommend you to keep it well for future reference. Operating Requirements Do not expose the device directly to the sunlight, and keep it away from heat source.

  • Page 5: Table Of Contents

    Table of Contents Foreword ..............................I Important Safeguards and Warnings ......................III 1 Login ................................ 1 2 Quick Settings............................2 System Information.......................... 2 Local ............................... 3 VLAN ............................... 4 Aggregation ............................ 5 2.4.1 Static Aggregation Configuration ................... 5 2.4.2 Dynamic Aggregation Configuration ..................6 IP and Route ............................
  • Page 6 4.7.3 Uploading Network Management Configuration File............. 67 Cybersecurity Recommendations ..................68 Appendix 1...

  • Page 7: Login

    Login Before login, make sure: You already configure the IP address of the switch. The IP address of VLAN 1 is 192.168.1.110 by  default. The PC with web browser is connected to the network, and the PC can ping the switch ...

  • Page 8: Quick Settings

    Quick Settings You can view the system information, and set the device parameters, VLAN, link aggregation, IP address and route. Take 4-port PoE switch for example. The quick setting interface is different depending on the models of switch. The actual interface shall prevail. System Information You can view the name, type, serial number, software version, IP address, port status and port information of the device.

  • Page 9: Local

    Parameter Description Two link states: Up and Down. Up indicates the port is connected successfully, and Down indicates the port is not connected or the Link connection fails. Flow Control Displays the flow control state. Online: It displays the port rate and the duplex mode. ...

  • Page 10: Vlan

    VLAN Add the port to the VLAN, and configure the VLAN. By default, the port is VLAN1. Click Vlan on the Quick Setting interface. Step 1 The Vlan interface is displayed. Figure 2-3 VLAN Step 2 Configure the port VLAN parameters. Table 2-2 Port VLAN configuration parameter Parameter Description...

  • Page 11: Aggregation

    Aggregation Add the port to the aggregation. For details, see "3.1.4 Aggregation. " Click Aggregation on Quick Setting interface, and the Aggregation interface is displayed. Figure 2-4 Aggregation 2.4.1 Static Aggregation Configuration Static aggregation is a method of combining or bundling of multiple switch ports or NICs to form a single etherchannel.

  • Page 12: Dynamic Aggregation Configuration

    2.4.2 Dynamic Aggregation Configuration Dynamic aggregation differs from static aggregation in that port quantity is fixed in static aggregation, but quantity of actually aggregated port is adjusted dynamically according to flow rate strategy. Step 1 Add the ports to the dynamic group. Select LACP (Active) in the Mode area, and add the ports to the aggregation group.
  • Page 13 Figure 2-7 IP and route Step 2 Add the VLAN interface. Click Add in the IP Config area. Figure 2-8 VLAN interface Configure the parameters. Table 2-3 VLAN interface Parameter Description VLAN Enter VLAN number. IP address Set the IP address of the VLAN interface. Mask Length Set the mask length of the VLAN interface.
  • Page 14 Figure 2-9 IP route Configure the parameters. Table 2-4 IP routes Parameter Description Network It is the destination of the IP packet. Mask length, with the destination address, is to identify the IP address of the destination host or the route. After Logical AND between destination Mask Length address and network mask, you can get the IP address of the destination host or the route.

  • Page 15: Advanced Settings

    Advanced Settings You can configure system, port, VLAN, aggregation, MAC table and other parameters on the advanced settings interface. The advanced settings interface is different depending on the models of switch, and the actual interface shall prevail. Take 4-port PoE switch for example. Common Configuration 3.1.1 System Configuration 3.1.1.1 System Information...
  • Page 16 Figure 3-1 System information Step 2 Enter the device name, IP address and mask length, and Select DHCP enable. Step 3 Click Save. 3.1.1.2 IP and Route The hosts of different VLANs cannot communicate. Route or the layer 3 switch is needed for forwarding.
  • Page 17 The switch supports layer 3 forwarding through VLAN interface. VLAN interface is the virtual interface of layer 3 mode, for layer 3 communication between the VLANs. It is not the physical entity on the device. Every VLAN is related to a VLAN interface, and the VLAN interface can forward packet for the VLAN.
  • Page 18 Configure the parameters. Table 3-1 VLAN interface Parameter Description VLAN Enter VLAN number. IP address Set the IP address of the VLAN interface. Mask Length Set the mask length of the IP address. Click OK. Step 3 Add the IP route. Click Add in the Route Setting region.
  • Page 19 Figure 3-5 Current time (1) You can set the system time through the following three methods: Set the time manually  Set the date and time on Current Time interface, and then click Save. Sync time  Click Sync PC, and the switch time synchronizes with the local PC time automatically. Sync NTP server time ...

  • Page 20: Port Configuration

    The switch time automatically synchronizes with the time of server 1. 3.1.1.4 Log You can view logs, export logs and clear logs. Select Advanced > Common > System Config > Log. The Log interface is displayed. Figure 3-7 View logs. ...
  • Page 21 Figure 3-8 Port configuration Table 3-3 Port parameter Parameter Description Port Displays all ports of the switch. Green Up indicates the port is connected successfully, and Red Down Link indicates the port is not connected or the connection fails. Down means disconnection, and the specific speed means successful Speed Duplex Status connection.

  • Page 22: Vlan Configuration

    Parameter Description Enable/Disable egress limit. : Egress enable is enabled.  Egress Limit Enable : Egress enable is disabled.  Egress Limit (kbps) Set the egress limit. Receive Usage Displays the acceptance usage. Send Usage Displays the send usage. Step 2 Click Save.

  • Page 23: Aggregation

    Parameter Description Displays whether data can flow into the port. Only Hybrid supports the configuration (By default, all date flows into the port under other models). See the following situations: Ingress Acceptance Tagged and Untagged: All data flows into the port. ...
  • Page 24 Destination MAC Address: The aggregation load balancing algorithm based on  destination MAC address. IP Address: The aggregation load balancing algorithm based on source IPv4 address  and destination IPv4 address. TCP/UDP Port: The aggregation load balancing algorithm based on source and ...

  • Page 25: Mac Table

    Figure 3-12 LACP (1) Select LACP (Passive) in the Mode area, and add the port member to the dynamic Step 2 aggregation group. For example, add port 3 and port 4 to aggregation Group 2. Select LACP (Passive) in the Mode area, and add the port member to the dynamic Step 3 aggregation group.
  • Page 26 3.1.5.1 Adding Static MAC Table Select Advanced > Common > MAC Table > MAC Address Table. Step 1 Figure 3-14 MAC address table Step 2 Bind the MAC address to the port in the certain VLAN. For example, bind the MAC address 00:00:00:00:00:01 to the port 3 in VLAN 2.
  • Page 27 3.1.5.2 Port MAC Filtering After enabling port MAC filtering, the following two MAC devices can communicate with the port. Devices in MAC allowlist  The static MAC devices changing from the dynamic MAC devices  Step 1 Select Advanced > Common > MAC Table > Port MAC Filtering. The Port MAC Filtering interface is displayed.
  • Page 28 Figure 3-17 Enable port MAC filtering Change dynamic MAC device to static.  Select one record, and click Reserved. Click Save. The type changes from Dynamic to Static. Static MAC devices can communicate with the port normally. Add MAC allowlist. ...

  • Page 29: Spanning Tree

    Click OK. The devices in MAC allowlist can communicate with port normally. 3.1.6 Spanning Tree The spanning tree protocol is the protocol of layer 2. It can eliminate the ring cycle of layer 2 by choosing to block the redundant links in the network, and it can back up the links. Similar to other protocols, the spanning tree protocol is updated with the development of the network: From STP (Spanning Tree Protocol), to RSTP (Rapid Spanning Tree Protocol), and to the latest MSTP (Multiple Spanning Tree Protocol).
  • Page 30 Figure 3-20 Figure 3-21 RSTP...
  • Page 31 Figure 3-22 MSTP Step 4 Select 3 ports at least to combine an STP/RSTP/MSTP snoop. For example: Port 1, port 2 and port 3 combine an STP snoop. Figure 3-23 STP snoop Click Save. Step 5 The states of port 1, port 2 and port 3 will change.

  • Page 32: Long Distance Poe

    3.1.7 Long Distance PoE After you enable long distance PoE, the maximum transmission distance will change from 100 m to 250 m, and the transmission speed will be reduced from 1 Gbps to 10 Mbps. Non-PoE Ethernet switches do not support this function. Select Advanced >...
  • Page 33 3.2.1.1 MEP Configuration MEP (Maintenance Entity Point) is a part of ERPS. The layer 2 device added into ERPS are called node. Add no more than 2 ports into an ERPS for each node. Step 1 Select Advanced > Seldom-used > ERPS > MEP Setting. Figure 3-25 MEP configuration Click Add.
  • Page 34 Figure 3-27 ERPS configuration Step 2 Click Add. Figure 3-28 Add ERPS Step 3 Configure the parameters. Table 3-6 ERPS parameters Parameter Description ERPS ID The ID number of ERPS. Port 0 The two ports added into the ERPS. Port 1 Port 0 APS MEP The corresponding protocol packet ERPS to ERPS port.
  • Page 35 3.2.1.3 Example: ERPS Single Ring Configuration Networking Requirement Three switches, port 1 and port 2 are requested to combine an ERPS. See Figure 3-29. The corresponding relationship: Switch 1: MEP 1 and MEP 2; Switch 2: MEP3 and MEP 4; Switch 3: MEP 5 and MEP 6.
  • Page 36 Figure 3-30 Add port 1 and port 2 into VLAN 1 Step 2 Create MEP1 and MEP 2 Select Advanced > Seldom-used > ERPS > MEP Setting. Click Add. Set Instance to be 1. See Figure 3-31. Set Residence Port to be 1. Set Level to be 0.
  • Page 37 Click 1 and 2 separately under Instance to enter the configuration interface. Modify MEP ID Step 3 and add peer ID. Figure 3-32 Configure the peer ID of MEP 1 Figure 3-33 Configure the peer ID of MEP 2 Step 4 Click OK.
  • Page 38 Figure 3-34 Add ERPS Click 1 under ERPSID to enter the configuration interface. Step 6 Figure 3-35 ERPS configuration Click VLANconfig. Click Add.

  • Page 39: Acl

    Set ERPS VLAN to be 2. See Figure 3-36. Click OK. Figure 3-36 ERPS VLAN configuration Set port 2 of switch 1 to be RPL owner in RPL Configuration. Figure 3-37 Owner port configuration Click OK. Step 7 Step 8 Configure switch 2 and switch 3 in the same way.
  • Page 40 3.2.2.1 ACL Configuration Select Advanced > Seldom-used > ACL > ACL Setting. Step 1 The ACL Setting interface is displayed. Figure 3-39 ACL configuration Click Add. Step 2 Figure 3-40...

  • Page 41: Loop Protection

    Step 3 Set the ACL ID, and the range is 1–128. Click OK. Step 4 3.2.2.2 ACL Group Configuration Select Advanced > Seldom-used > ACL > ACL Group Setting. Step 1 Figure 3-41 ACL group configuration Step 2 Enter ACL ID. Ensure the ACL ID has been added during ACL configuration. Click Save.

  • Page 42: Security

    3.2.4 Security 3.2.4.1 User Management You can add, edit, and delete the user. Select Advanced > Seldom-used > Security > User Management. Figure 3-43 User management Add user Click Add. Step 1 Figure 3-44 Add user Step 2 Enter the user name, password, and confirm password. The password must consist of 8 to 32 non-blank characters and contain at least two types of characters among upper case, lower case, number, and special character (excluding ' "...
  • Page 43 Figure 3-45 New user added Modify and Delete User Click , and then the Modify User interface is displayed.  Figure 3-46 Modify user Click to delete the user.  You cannot delete the admin user. You can enable or disable SSH function. corresponding to SSH on the upper right corner of the User Management interface.
  • Page 44 authentication and encryption communication. It is widely applied in world wide web for security sensitive communication. For example, protect account security and user information. Click corresponding to HTTPS on the upper right corner of the User Management interface to enable HTTPS service. 3.2.4.2 NAS Configuration NAS (Network Access Server) is a server that allows ISP to provide Internet access service.
  • Page 45 Select Enabled in the Mode area to enable mirroring function. Step 2 Select the Reauthentication Enabled box to enable reauthentication. Step 3 Step 4 Set Admin State: Force Authorized, Force Unauthorized, Port based 802.1X or MAC-based Auth. Click Save. Step 5 3.2.4.3 Radius Configuration RADIUS (Remote Authentication Dial-In User Service) is a common protocol to realize AAA (Authentication, Authorization and Accounting).

  • Page 46: Igmp Snooping

    Figure 3-49 Add new server Step 3 Set the server address, auth port, acct port, restransmit, and key. Click OK. Step 4 3.2.5 IGMP Snooping IGMP Snooping (Internet Group Management Protocol Snooping) is the multicast constraint mechanism running on the device of layer 2, for managing and controlling the multicast. Through analyzing the received IGMP packet, the device of layer 2, which runs IGMP Snooping, creates the mapping between the port and the MAC multicast address, and forwards the multicast data according to the mapping.

  • Page 47: Qos

    Select Enable in the IGMP Snooping area to enable the function. Step 2 Step 3 Select Disable or Enable in the Discarding Unknown IGMP Packets area. Step 4 Click Add. Figure 3-51 Add VLAN Step 5 Set VLAN ID and querier address, and select the Querier Election box to enable the querier Click OK.
  • Page 48 poor control of the arrived flow in a certain time, which leads to the flow exceeding the distributive network resource, is also a factor for generating congestion. 3.2.6.1 Port Through setting CoS, the priority for packet passing egress port of switch can be decided. If the congestion occurs at the egress port, the switch will give a CoS value to the packet after it passes the ingress port.
  • Page 49 Figure 3-54 Set CoS Click Save. Step 3 3.2.6.2 Port Schedulers The two modes of port schedulers: Strict Priority. When congestion occurs, the priority for packet passing egress port of switch  depends on the CoS value in Port Classification. 2–8 Queues Weighted.
  • Page 50 Figure 3-55 Port schedulers Step 2 Click the port, such as port 1. The QoS Egress Port Schedulers and Shapers Port 1 interface is displayed. The CoS of Q0 is 0, and so on.
  • Page 51 Figure 3-56 Port configuration Step 3 Select mode. Strict Priority. The priority for packet passing egress port of switch depends on the  CoS value in Port Classification. 2–8 Queues Weighted. When congestion occurs, the priority for packet passing egress ...
  • Page 52 Figure 3-57 Port schedulers Click OK. Step 4 3.2.6.3 Port Shapers The configuration is the same for port schedulers and port shapers. The only difference is that the port schedulers interface shows the weight value and the port shapers interface shows the speed rate.
  • Page 53 Figure 3-58 Port shapers 3.2.6.4 DSCP-Based Make sure that you have enabled DSCP before configuring DSCP function. Select Advanced > Seldom-used > QoS > Port Classification. Step 1 Step 2 Enable DSCP at DSCP port. Suppose port 3 is the egress port.
  • Page 54 Figure 3-59 Port classification Click Save. Step 3 Select Advanced > Seldom-used > QoS > DSCP-Based. Step 4 Step 5 When setting DSCP to be 4 and 8, the CoS is 2 and DPL are 2 and 1. When DSCP are 4 and 8, select Trust to enable the function. See Figure 3-60. When setting DSCP to be 4, CoS is 2 and DPL is 2.
  • Page 55 Figure 3-60 DSCP-Based Click Save. Step 6 3.2.6.5 Storm Policer Inhibit the three packets, including unicast, multicast and broadcast. Select Advanced > Seldom-used > QoS > Storm Policer. Step 1...
  • Page 56 Figure 3-61 Storm policer Step 2 The port can receive the rate up to 1024 fps. See Figure 3-62. In Unicast, select the Enable box, and enter 1024 in Rate. It means that the port can  receive the rate up to 1024 fps of unicast packet. In Multicast, select the Enable box, and enter 1024 in Rate.

  • Page 57: Snmp

    3.2.7 SNMP SNMP (Simple Network Management Protocol) is the standard protocol for network management in Internet, and it is widely applied for management device to access and manage the managed devices. SNMP has the following features: It supports intelligent management for network device. By using the network management ...
  • Page 58 in SNMP to enable SNMP. Step 2 Click Every SNMP v3 agent has an engine ID as its unique identifier. 3.2.7.2 Configuring SNMP v1/v2 Example: Configure SNMP v1. The configuration of SNMP v2 is the same as that of SNMP v1. Select SNMP v1 in SNMP Version.
  • Page 59 Figure 3-64 SNMP v3 Step 2 Set the trap address, trap port and trap name. Step 3 Set the read-only username, authentication type, authentication password, encryption type and encryption password.

  • Page 60: Dhcp Server

    Step 4 Set the read&write username, authentication type, authentication password, encryption type and encryption password. Click Save. Step 5 3.2.8 DHCP Server DHCP Server is the server for managing DHCP standard in the specific network. DHCP Server is to allocate IP address for the workstation and make sure that the IP address for every workstation is different.
  • Page 61 Step 3 Configure DHCP mode. Add VLAN interface first. See "3.1.1.2 IP and Route." Click Add in VLAN Mode. Figure 3-66 Add VLAN mode Enter the VLAN range, such as 2-4. Click OK. Step 4 Configure network segment of excluded IP. Excluded IP refers to the IP reserved for the server, which will not assign to the client.

  • Page 62: Lldp

    Figure 3-68 Add pool Configure the parameters. Table 3-7 Pool parameters Parameter Description DHCP address pool name, such as “pool01”. Pool Name Only numbers or letters can be entered, and the length of the string is limited to 1~32. Two types: Network and Host. Type Network: The network segment of an IP.
  • Page 63 Figure 3-69 LLDP Step 2 Set LLDP mode. Select Enable: Both send and receive LLDP packet.  Select Disable: Neither send nor receive LLDP packet.  Select Rx only: Only receive LLDP packet.  Select Tx only: Only send LLDP packet. ...

  • Page 64: 485 Configuration

    Figure 3-70 LLDP neighbor 3.2.10 485 Configuration Transmit the data of asynchronous serial port RS–232/485 transparently through Ethernet. Select Advanced > Seldom-used > 485 Config. Figure 3-71 485 configuration...

  • Page 65: Poe

    3.2.11 PoE PoE (Power over Ethernet) is the function that through Ethernet RJ-45 port, the device can provide power for the external PD (Powered Device) remotely with twisted pair. PoE function helps to centralize power supply and facilitate backup. The network terminal does not need the external power source anymore, and one network cable is enough, It conforms to the standards of IEEE 802.3af, IEEE 802.3at, and IEEE 802.3bt, adopting the power port globally agreed.
  • Page 66 In PoE Settings, you can view the total power of the 4 ports, and configure available power Step 2 and overload power. In Power Status, you can view consumed power, remaining power and reserved power. Step 3 In Port Status and Control, select the Enable box to enable or disable PoE of the Step 4 corresponding port.
  • Page 67 Figure 3-74 Legacy support Select the Enable box for the corresponding port. Step 2 Click Save. Step 3 3.2.11.4 PoE Watchdog With PoE watchdog enabled, you can monitor PD and keep it online, and check the status of PD devices every 60 s. If there is no data transmission, the PoE port will be automatically powered off and restarted.
  • Page 68 3.2.11.5 Viewing PoE Event Statistics Select Advanced > Seldom-used > PoE > PoE Event Statistic to view PoE event statistics. Figure 3-76 PoE event statistic...

  • Page 69: Maintenance

    Maintenance Take 4-port PoE switch for example. The maintenance interface is different depending on the models of switch. The actual interface shall prevail. System Reboot Step 1 Select Maintain > Common > System Reboot. Figure 4-1 System reboot Click Reboot. Step 2 Click Confirm, and the device reboots.

  • Page 70: Uploading Configuration File

    Figure 4-3 Export Step 2 Click Export to export configuration file. 4.3.2 Uploading Configuration File Select Maintain > Common > Config Manage > UpLoad. Step 1 Figure 4-4 Upload Click Broswe..., and select the configuration file to upload. Step 2 Click UpLoad.

  • Page 71: Mirroring

    The device restarts after the upgrade is finished. Figure 4-7 Confirm update Mirroring Port mirroring is also called port monitoring. Port monitoring is the data package acquiring technology that through configuring switch, data package from one or several ports (mirroring source ports) can be copied to a specific port (mirroring destination port).

  • Page 72: Ping

    In Global Settings, select Enabled in Mode to enable mirroring. Step 2 In Port Configuration, select Source or Destination according to the actual situation. Step 3 Select the following four ways for source port.   Both: Enable the port as the source address of mirror. ...

  • Page 73: Exporting Network Management Configuration File

    Username: admin Password: lt_91_il_02_nmp Figure 4-10 iLinksView 4.7.2 Exporting Network Management Configuration File You can export network management configuration file. Select Maintain > Common > iLinksView > Export. Step 1 Figure 4-11 Export configuration file Step 2 Click Export. 4.7.3 Uploading Network Management Configuration File You can upload network management configuration file.
  • Page 74 Cybersecurity Recommendations Appendix 1 Cybersecurity is more than just a buzzword: it’s something that pertains to every device that is connected to the internet. IP video surveillance is not immune to cyber risks, but taking basic steps toward protecting and strengthening networks and networked appliances will make them less susceptible to attacks.
  • Page 75 Enable HTTPS We suggest you to enable HTTPS, so that you visit Web service through a secure communication channel. MAC Address Binding We recommend you to bind the IP and MAC address of the gateway to the equipment, thus reducing the risk of ARP spoofing. Assign Accounts and Privileges Reasonably According to business and management requirements, reasonably add users and assign a minimum set of permissions to them.

Table of Contents