Weidmüller Gigabit Advanced IE-SW-AL08M-8GT Manual

Industrial ethernet managed switches

Hide thumbs Also See for Gigabit Advanced IE-SW-AL08M-8GT:

Hardware installation manual (2 pages)

Hardware installation manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

page of 209

/ 209
Contents
Table of Contents
Bookmarks

Table of Contents

Quick Links

Industrial Ethernet managed Switches

Gigabit Advanced Line Switches

IE-SW-AL08M-8GT

IE-SW-AL12M-8GT-4GESFP

IE-SW-AL14M-12GT-2GESFP

IE-SW-AL24M-16GT-8GESFP

IE-SW-AL08M-8GTPoE

IE-SW-AL06M-4GTPoE-2GESFP (2682430000)

Second Edition, February 2022

Manual

for

(2682350000)

(2682340000)

(2682360000)

(2682370000)

(2682420000)

Table of Contents

Need help?

Do you have a question about the Gigabit Advanced IE-SW-AL08M-8GT and is the answer not in the manual?

Questions and answers

Summary of Contents for Weidmüller Gigabit Advanced IE-SW-AL08M-8GT

Page 1 Industrial Ethernet managed Switches Manual Gigabit Advanced Line Switches IE-SW-AL08M-8GT (2682350000) IE-SW-AL12M-8GT-4GESFP (2682340000) IE-SW-AL14M-12GT-2GESFP (2682360000) IE-SW-AL24M-16GT-8GESFP (2682370000) IE-SW-AL08M-8GTPoE (2682420000) IE-SW-AL06M-4GTPoE-2GESFP (2682430000) Second Edition, February 2022...
Page 2 Industrial Ethernet managed Switches Manual The software described in this manual is furnished under a license agreement and may be used only in accordance with the terms of that agreement. Copyright Notice Copyright ©2016 Weidmüller Interface GmbH & Co. KG All rights reserved.
Page 3: Table Of Contents
User Manual Managed Switches Table of Contents 1. About this Manual ..................... 6 2. Getting Started ....................6 2.1 Hardware features ........................6 2.2 Software features ........................7 3. Web Management ....................8 3.1 Accessing the Web interface via HTTP ................8 3.2 Accessing the Web interface via HTTPS ................
Page 4 User Manual Managed Switches 3.4.2.4 LACP Port Status ....................41 3.4.2.5 LACP Statistics ...................... 42 3.4.2.6 Aggregation Status ....................42 3.4.3 Loop Protection ......................42 3.4.3.1 Configuration......................43 3.4.3.2 Status ........................44 3.5 DHCP Server/Relay ......................45 3.5.1 DHCP Server ......................... 45 3.5.1.1 DHCP Server Mode Configuration.................
Page 5 User Manual Managed Switches 3.7.2 Configuring Virtual LAN ....................79 3.7.2.1 VLAN Membership ....................79 3.7.2.2 VLAN Membership Status ..................83 3.7.2.3 VLAN Port Status ....................84 3.7.2.4 Private VLAN Membership ..................85 3.7.2.5 Private VLAN Port Isolation ................... 86 3.7.2.6 GVRP Configuration ....................
Page 6 User Manual Managed Switches 3.11.4 IGMP Snooping Status ....................133 3.11.5 IGMP Snooping Group Information ................134 3.11.6 IGMP SFM Information ....................134 3.11.7 IGMP Snooping Port Group Filtering ................. 135 3.11.8 IPMC Profile Configurations..................135 3.11.9 IPMC Profile Address Configuration ................137 3.12 Security ..........................
Page 7 User Manual Managed Switches 3.14.4 Detailed Port Statistics ....................188 3.14.5 Port Monitoring ......................190 3.14.6 System Log Information ..................... 192 3.14.7 VeriPHY Cable Diagnostics ..................192 3.14.8 SFP Monitor ....................... 193 3.14.9 SFP Type ........................194 3.14.10 Ping and Ping6 ......................195 3.15 Power over Ethernet (PoE) ....................
Page 8: About This Manual
User Manual Managed Switches 1. About this Manual Thank you for purchasing a Weidmüller managed Industrial Ethernet switch. Read this user’s manual to learn how to connect your Weidmüller switch to Ethernet-enabled devices used for industrial applications. The following chapters are covered in this user manual: ...
Page 9: Software Features
User Manual Managed Switches 2.2 Software features • Management Web-interface (HTTP / HTTPS) SNMP v1/v2c/v3 Telnet console Command Line Interface (CLI) Upload of a configuration file via web-interface or external backup module • Network redundancy Spanning Tree Protocol (STP) Rapid Spanning Tree Protocol (RSTP) Multiple Spanning Tree Protocol (MSTP) O-Ring (optimized protocol for ring topologies;...
Page 10: Web Management
User Manual Managed Switches 3. Web Management In this chapter, we explain how to access the Weidmüller Switch’s through the Web console as well as all the configuration, monitoring, and administration functions available when using this interface. 3.1 Accessing the Web interface via HTTP The Ethernet Switch’s web browser interface provides a convenient way to modify the switch's configuration and access the built-in monitoring and network administration functions.
Page 11 User Manual Managed Switches After logging in, the main general information of the switch is shown including, among others, System Name, Software version, MAC address and Serial number. It is also displayed the front side of the switch (showing the active ports) in the right navigation panel. In this home page is also available the button Enable location alert.
Page 12: Accessing The Web Interface Via Https
User Manual Managed Switches 3.2 Accessing the Web interface via HTTPS To secure your HTTP access, the Weidmüller switch supports HTTPS to encrypt all HTTP traffic. Perform the following steps to access the Weidmüller switch web browser interface via HTTPS/SSL. Open Internet Explorer and enter https://<Switch´s IP address>...
Page 13: Ip Configuration
User Manual Managed Switches System Name Factory Setting Description Default This option is useful for recording a name of the unit. A text string consisting of alphabets (A-Z, a-z), digits (0-9), and minus sign (-). Space is not allowed to be part of the Max.
Page 14 User Manual Managed Switches See a brief explanation of each configuration item below. IPv4 Setting DHCPv4 Factory Setting Description Default The Weidmüller switch’s IP address must be set Disabled manually. The Weidmüller switch’s IP address will be assigned Disabled automatically by the network’s DHCPv4 server. The Enabled DHCPv4 client will announce the configured System Name as hostname to provide DNS lookup.
Page 15 User Manual Managed Switches the DHCPv4 server. IP Address Factory Setting Description Default Assigns the Weidmüller Switch´s IPv4 address on a IPv4 address for TCP/IP network. If DHCP is enabled, this field the Weidmüller configures the fallback address. The field may be left 192.168.1.110 Switch blank if IPv4 operation on the interface is not desired -...
Page 16: Ip Status
User Manual Managed Switches Current Lease Factory Setting Description Default For DHCPv6 interface with an active lease, this column No setting shows the current interface address, as provided by None (display) the DHCPv6 server. IP Address Factory Setting Description Default Assigns the Weidmüller Switch´s IPv6 address on a TCP/IP network.
Page 17 User Manual Managed Switches The tables displays the following information: IP Interfaces Interface The name of the interface. Type The address type of the entry. This may be LINK, IPv4 or IPv6. Address The current address of the interface (of the given type). Status The status flags of the interface (and/or address).
Page 18: Access Management
User Manual Managed Switches 3.3.4 Access Management 3.3.4.1 Login Methods The Login Methods page allows the user to restrict the remote management of the switch. It is possible to block any specific kind of management (eg: web or telnet). Setting Description Factory Default...
Page 19: Authentication Methods
User Manual Managed Switches Certificate Maintain Setting Description Factory Default None No operation of certificate maintenance. None Delete Delete the current certificate. Upload a certificate PEM file through a web browser or URL. A pass phrase has to be entered if the Upload uploading certificate is protected by a specific passphrase.
Page 20 User Manual Managed Switches Authentication Method Configuration For each client type (console, telnet, ssh and http) the method to authenticate the user can be programmed: Setting Description Factory Default Authentication is disabled and login is not possible. local Use the local user database on the switch for local authentication.
Page 21: Access Security
User Manual Managed Switches Cfg Cmd Setting Description Factory Default Check / Uncheck Also authorize configuration commands. Unchecked Accounting Method Configuration The accounting section allows the administrator to configure command and exec (login) accounting. For each client type (console, telnet and ssh) the following parameters can be programmed: Method Setting Description...
Page 22 User Manual Managed Switches Mode Setting Description Factory Default Disabled / Enable or Disable the access management mode Unchecked Enabled operation. If the Access Management Mode is Enabled, for each entry of the table, the following fields have to be programmed: VLAN ID Setting Description...
Page 23: Access Statistics
User Manual Managed Switches 3.3.4.4 Access Statistics This page provides statistics for access management if the Mode is Enabled in the Access Security page. In the table shown on the page is displayed the following information: Interface The interface type through which the remote host can access the switch. Received Number of received packets from the interface.
Page 24: Privilege Levels
User Manual Managed Switches User Name Factory Setting Description Default Max. 31 Enter the new user name. The valid user name is a None characters combination of letters, numbers and underscores. Password Setting Description Factory Default Max. 31 Enter the password of the new user. Any printable None characters characters including space are acceptable.
Page 25 User Manual Managed Switches The page shows a table with the following fields: Group Name The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contains more than one.
Page 26: Time Setting
User Manual Managed Switches Privilege Levels Every group has an authorization privilege level for the following subgroups: Configuration Read-only Configuration/Execute Read/write Status/Statistics Read-only Status/Statistics Read/write User Privilege should be same or greater than the authorization Privilege level to have the access to that group. 3.3.6 Time Setting The Time Setting configuration page lets users set the time, date, and other settings.
Page 27 User Manual Managed Switches Set System Date Time manually Factory Setting Description Default None Allows configuration of the local date in yyyy-mm-dd System Date format. Allows configuration of the local time in 24-hour System Time None format. SNTP mode Setting Description Factory Default...
Page 28: Lldp Function
User Manual Managed Switches Daylight Saving Offset Setting Description Factory Default User-specified Specifies the number of minutes that the time should None minutes. be set forward during Daylight Saving Time. 3.3.7 LLDP Function 3.3.7.1 Overview Defined by IEEE 802.11AB, LLDP is an OSI Layer 2 Protocol that standardizes the methodology of self-identity advertisement.
Page 29: Configuration
User Manual Managed Switches 3.3.7.2 Configuration This page allows the user to inspect and configure the current LLDP port settings. LLDP Parameters Tx Interval Setting Description Factory Default 5 to 32768 sec The switch periodically transmits LLDP frames to its 30 (sec) neighbors to update the network discovery information.
Page 30 User Manual Managed Switches Tx Reinit Setting Description Factory Default 1 to 10 sec When an interface is disabled, LLDP is disabled or the 2 (sec) switch is rebooted, a LLDP shutdown frame is transmitted to the neighboring units, signaling that the LLDP information isn't valid anymore.
Page 31: Neighbors
User Manual Managed Switches Sys Capa Setting Description Factory Default Check / Uncheck Optional TLV: When checked, the "system capability" Checked is included in LLDP information transmitted. Mgmt Addr Setting Description Factory Default Check / Uncheck Optional TLV: When checked, the "management Checked address"...
Page 32: Port Statistics
User Manual Managed Switches 3.3.7.4 Port Statistics This page provides an overview of all LLDP traffic. Two types of counters are shown. Global counters refer to the whole switch, whilst local counters refer to specific interfaces/ports of the switch. LLDP Global Counters Clear global If checked, the global counters are cleared when the button Clear is counters...
Page 33: Industrial Protocols
User Manual Managed Switches given interface’s links is down, an LLDP shutdown frame is received, or when the entry ages out. TLVs Discarded Each LLDP frame can contain multiple pieces of information, known as TLVs (Type Length Value). If a TLV is malformed, it will be counted and discarded.
Page 34: Ethernet/Ip
User Manual Managed Switches 3.3.8.2 Ethernet/IP Introduction EtherNet/IP is an Industrial Ethernet Protocol defined by the ODVA association. The protocol is open to the public and vendors can implement EtherNet/IP into their industrial devices without incurring a license fee. Many vendors have adopted this protocol as the standard communication protocol between devices.
Page 35: Ext. Backup/Restore Module
User Manual Managed Switches Backup Configuration The switch stores its configuration in a number of text files. The files are either virtual (RAM-based) or stored in flash on the switch. The available files are: • Running Configuration: A virtual file that represents the currently active configuration on the switch.
Page 36: Upgrade Firmware
User Manual Managed Switches This module allows the user to save and restore configuration files without PC. It is also a very useful tool for creating cloned devices based on a stored Master Switch configuration to speed up mass configuration. The web page Ext.
Page 37 User Manual Managed Switches Description Setting Description Factory Default Max. 256 Name of the port. Example: Factory Switch 1. None characters Link Setting Description Factory Default Graphic display of Green indicates the link is up and red that it is down. Current link status Status...
Page 38 User Manual Managed Switches 1 Gbps FDX Forces the RJ45 port in 1Gbps full-duplex mode. Auto (SFP) Automatically determines the speed of the SFP transceiver. Note: There is no standardized way for the SFP auto detect, so in the switch is done by reading the SFP ROM.
Page 39: Port Trunking
User Manual Managed Switches Maximum Frame Size Setting Description Factory Default 1518 to 9600 Enter the maximum frame size allowed for the switch 9600 (bytes) (bytes) port, including FCS. Excessive Collision Mode Setting Description Factory Default Discard / Restart Configures the port transmission behavior with Discard collisions: Discard: Discard frame after 16 collisions...
Page 40: Aggregation Mode
User Manual Managed Switches • Load sharing—MAC Client traffic may be distributed across multiple links. To avoid broadcast storms or loops in your network while configuring a trunk, first disable or disconnect all ports that you want to add to the trunk or remove from the trunk. After you finish configuring the trunk, enable or re-connect the ports.
Page 41: Lacp Port Settings
User Manual Managed Switches TCP/UDP Port Number Setting Description Factory Default Check / Uncheck When enabled, theTCP/UDP port number is used to Checked calculate the destination port for the frame. Static Aggregation Group Configuration Group ID Setting Description Factory Default Normal, 1 to half Indicates the ID of each aggregation group.
Page 42: Lacp System Status
User Manual Managed Switches LACP Enabled Setting Description Factory Default Check / Uncheck Controls whether LACP is enabled on the switch port. Unchecked LACP will form an aggregation when two or more ports are connected to the same partner. Setting Description Factory Default...
Page 43: Lacp Port Status
User Manual Managed Switches The displayed table contains information about the different LACP groups created: Aggr ID The aggregation ID is associated with the aggregation instance. Partner System ID The system ID (MAC address) of the aggregation partner. Partner Key The Key that the partner has assigned to this aggregation ID.
Page 44: Lacp Statistics
User Manual Managed Switches 3.4.2.5 LACP Statistics This page provides an overview of the LACP statistics for all ports. The displayed table shows the following information: Port The switch port number. LACP Received Shows how many LACP frames have been received at each port. LACP Transmitted Shows how many LACP frames have been sent from each port.
Page 45: Configuration
User Manual Managed Switches 3.4.3.1 Configuration This page allows the user to enable the Loop Protection function in the different ports of the switch. General Settings Enable Loop Protection Setting Description Factory Default Enable / Disable Controls whether loop protection is enabled (as a Disable whole).
Page 46: Status
User Manual Managed Switches Port Configuration Enable Setting Description Factory Default Check / Uncheck Controls whether loop protection is enabled in this Checked port. It is also necessary to enable the function in the General Setting section. Action Setting Description Factory Default Shutdown Port /...
Page 47: Dhcp Server/Relay
User Manual Managed Switches 3.5 DHCP Server/Relay To reduce the effort required to set up IP addresses, the Weidmüller switch comes equipped with DHCP server. When enabled, the Weidmüller switch can assign specific IP addresses automatically to connected devices that are equipped with DHCP Client. In effect, the Weidmüller switch acts as a DHCP server by assigning a connected device with a specific IP address stored in its internal memory.
Page 48: Dhcp Server Excluded Ip Configuration
User Manual Managed Switches Name Factory Setting Description Default Configure the pool name that accepts all printable Max 32 characters, except white space. If you want to None characters configure the detail settings, you can click the pool name to go into the configuration page. Type Factory Setting...
Page 49: Dhcp Server Statistics
User Manual Managed Switches IP Range Factory Setting Description Default Define the IP range to be excluded IP addresses. The first excluded IP must be smaller than or equal to the Range of IP second excluded IP. BUT, if the IP range contains only None addresses 1 excluded IP, then you can just enter it in any of the...
Page 50: Dhcp Server Binding Ip
User Manual Managed Switches Binding Counters Automatic Binding Number of bindings with network-type pools.c Manual Binding Number of bindings that administrator assigns an IP address to a client. That is, the pool is of host type. Expired Binding Number of bindings that their lease time expired or they are cleared from Automatic/Manual type bindings.
Page 51: Dhcp Server Declined Ip
User Manual Managed Switches Clear Automatic Click to clear all Automatic bindings and change them to Expired bindings. Clear Manual Click to clear all Manual bindings and change them to Expired bindings. Clear Expired Click to clear all Expired bindings and free them. 3.5.1.6 DHCP Server Declined IP This page displays the IP addresses declined by DHCP clients.
Page 52: Dhcp Relay Agent (Option 82)
User Manual Managed Switches 3.5.2 DHCP Relay Agent (Option 82) The DHCP Relay Agent makes it possible for DHCP broadcast messages to be sent over routers. The DHCP Relay Agent enables DHCP clients to obtain IP addresses from a DHCP server on a remote subnet, or those that are not located on the local subnet.
Page 53: Dhcp Relay Statistics
User Manual Managed Switches Relay Information Mode Setting Description Factory Default Enabled / Indicates the DHCP relay information mode option Disabled Disabled operation. Enabled: When DHCP relay information is enabled, the agent inserts specific information (option 82) into a DHCP message when forwarding to a DHCP server and removes it from a DHCP message when transferring to a DHCP client.
Page 54: Dhcp Snooping
User Manual Managed Switches Receive from The number of packets received from the server. Server Receive Missing The number of packets received without agent information option. Agent Option Receive Missing The number of packets received with the Circuit ID option missing. Circuit ID Receive Missing The number of packets received with the Remote ID option missing.
Page 55: Dhcp Snooping Table
User Manual Managed Switches Snooping Mode Setting Description Factory Default Enabled / Indicates the DHCP snooping mode operation. Disabled Disabled Enabled: Activates DHCP snooping. When DHCP snooping is enabled, the DHCP request messages will be forwarded to trusted ports and only allow reply packets from trusted ports.
Page 56: Dhcp Snooping Detailed Statistics
User Manual Managed Switches The "MAC address" and "VLAN" input fields allow the user to select the starting point in the Dynamic DHCP snooping Table. MAC Address User MAC address of the entry. VLAN ID VLAN-ID in which the DHCP traffic is permitted. Source Port Switch port number for which the entries are displayed.
Page 57: Redundancy
User Manual Managed Switches Rx and Tx NAK The number of NAK packets received and transmitted. Rx and Tx Release The number of release packets received and transmitted. Rx and Tx Inform The number of inform packets received and transmitted. Rx and Tx Lease The number of lease query packets received and transmitted.
Page 58: The O-Ring Concept
User Manual Managed Switches All of Weidmüller’s managed switches support following proprietary redundancy protocols: O-Ring, which has a recovery time of under 10 ms. O-Chain is a redundancy protocol with unlimited flexibility that allows you to construct any type of redundant network topology.
Page 59: Dual Homing Configuration
User Manual Managed Switches Ring coupling Ring Coupling for two "O-Ring" rings Switch B Switch D Coupling Port (Primary) Main Path Backup Path Coupling Port (Backup) Switch A Switch C Ring Coupling is activated by enabling the function in Switches A / B (Ring 1) and C / D (Ring 2) and by defining one port of that switches as “Coupling Port”.
Page 60: Configuring "O-Ring
User Manual Managed Switches 3.6.2.4 Configuring “O-Ring” Use the O-Ring page of the Redundancy menu. 1. Select Enable in field Ring Redundancy. 2. If only a redundancy with 1 ring shall be created then do following: • Enable ‘Ring Master’ if the switch shall be assigned as ring master •...
Page 61: The O-Chain Concept
User Manual Managed Switches Status Description Factory Default Inactive O-Ring disabled and this port is connected. LinkDown No connection in this port. LinkDown Forwarding Normal transmission in this port. Discarding The port is connected to a backup path and the path is blocked.
Page 62 User Manual Managed Switches • The configured edge ports of the two end switches of the daisy chain are connected to an existing network • One of the edge switches blocks its redundancy line (prevent frame looping) and opens only when the main line on the other edge-switch is broken.
Page 63: Stp / Rstp / Mstp
User Manual Managed Switches Chain Ports Setting Description Factory Default 1st Chain Port Select any port of the Switch to be one of the ports of the Port 01 daisy Chain. 2nd Chain Port Select any port of the Switch to be one of the ports of the Port 02 daisy Chain.
Page 64 User Manual Managed Switches The figure below shows a network made up of three LANs separated by three bridges. Each segment uses at most two paths to communicate with the other segments. Since this configuration can give rise to loops, the network will overload if STP is NOT enabled. Bridge B Bridge A Bridge C...
Page 65: How Stp Works
User Manual Managed Switches Bridge B Bridge A Bridge C STP will determine which path between each bridged segment is most efficient, and then assign a specific reference point on the network. When the most efficient path has been identified, the other paths are blocked.
Page 66 User Manual Managed Switches STP Calculation The first step of the STP process is to perform calculations. During this stage, each bridge on the network transmits BPDUs. The following items will be calculated: • Which bridge should be the Root Bridge. The Root Bridge is the central reference point from which the network is configured.
Page 67 User Manual Managed Switches • Bridge A has been selected as the Root Bridge, since it was determined to have the lowest Bridge Identifier on the network. • Since Bridge A is the Root Bridge, it is also the Designated Bridge for LAN segment 1. Port 1 on Bridge A is selected as the Designated Bridge Port for LAN Segment 1.
Page 68: Configuring Stp / Rstp / Mstp - Bridge Settings
User Manual Managed Switches The MSTP concept Multiple Spanning Tree Protocol (MSTP) is a standard protocol based on IEEE 802.1S. It defines an extension to RSTP to further develop the usefulness of virtual LANs (VLANs). The calculations of STP/RSTP only depend on the physical connections, whilst MSTP configures separate Spanning Tree instances for different VLAN groups.
Page 69 User Manual Managed Switches Basic Settings Protocol version Setting Description Factory Default The version of the STP protocol. Valid values are STP, STP / RSTP / MSTP MSTP RSTP and MSTP. Bridge Priority Setting Description Factory Default Controls the bridge priority. Lower numeric values have higher priority.
Page 70 User Manual Managed Switches Forward Delay (sec) Setting Description Factory Default Numerical value The amount of time this device waits before checking to input by user (4 to see if it should change to a different state. Max. Age (sec) Setting Description Factory Default...
Page 71: Msti Mapping
User Manual Managed Switches Port Error Recovery Timeout (sec) Setting Description Factory Default Numerical value input This field is only enabled if Port Error Recovery is by user (30 to 86400) checked. It sets the time to pass before a port in the None error-disabled state can be enabled.
Page 72: Msti Priorities
User Manual Managed Switches Configuration Revision Setting Description Factory Default Numerical value input by user (0 to The revision of the MSTI configuration named above. 65535) MSTI Mapping VLANs Mapped Setting Description Factory Default The list of VLANs mapped to the different MSTIs. The VLAN number by the VLANs must be separated with commas and/or space.
Page 73: Cist Ports
User Manual Managed Switches 3.6.4.6 CIST Ports This page allows the user to inspect and change the current CIST port configurations. For each port of the switch, the user can program the following parameters: STP Enabled Setting Description Factory Default Checked / Controls whether STP/RSTP is enabled on this switch Unchecked...
Page 74: Msti Ports
User Manual Managed Switches Auto Edge Setting Description Factory Default Check to enable the bridge to detect edges at the bridge Checked / port automatically. This allows operEdge to be derived Checked Unchecked from whether BPDUs are received on the port or not. Restricted Role Setting Description...
Page 75: Bridge Status
User Manual Managed Switches This page allows the user to inspect and change the current MSTI port configuration. An MSTI port is a virtual port, which is instantiated separately for each active CIST (physical) port for each MSTI instance configured on and applicable to the port. The MSTI instance must be selected before displaying actual MSTI port configuration options.
Page 76 User Manual Managed Switches MSTI The bridge instance. This is also a link to the STP Detailed Bridge Status. Bridge ID The bridge ID of this bridge instance. Root ID The bridge ID of the currently elected root bridge. Root Port The switch port currently assigned the root port role.
Page 77: Port Status
User Manual Managed Switches port to which no bridges are attached. The flag may be automatically computed or explicitly configured. Each Edge Port transits directly to the Forwarding Port State, since there is no possibility of it participating in a loop.
Page 78: Port Statistics
User Manual Managed Switches 3.6.4.10 Port Statistics This page displays the STP port statistics counters of bridge ports in the switch. The page includes a table with the following information: Port The switch port number of the logical STP port. MSTP The number of MSTP BPDUs transmitted/received on the port.
Page 79: Virtual Lan
User Manual Managed Switches Recovery Priority Setting Description Factory Default Select the priority (number from 1 to total number of Not included, 1 to ports) of each port. The connected port with the highest Not included total number of ports priority (lowest number) will be the active one and the others will be blocked.
Page 80 User Manual Managed Switches Benefits of VLANs The main benefit of VLANs is that they provide a network segmentation system that is far more flexible than traditional networks. Using VLANs also provides you with three other benefits: • VLANs ease the relocation of devices on networks: With traditional networks, network administrators spend most of their time dealing with moves and changes.
Page 81: Configuring Virtual Lan
User Manual Managed Switches The IEEE Std 802.1Q-1998 defines how VLANs operate within an open packet-switched network. An 802.1Q compliant packet carries additional information that allows a switch to determine which VLAN the port belongs. If a frame is carrying the additional information, it is known as a tagged frame. To carry multiple VLANs across a single physical (backbone, trunk) link, each packet must be tagged with a VLAN identifier so that the switches can identify which packets belong to which VLAN.
Page 82 User Manual Managed Switches Ethertype for Custom S-ports Setting Description Factory Default Hexadecimal This field specifies the ethertype/TPID used for 88A8 value between Custom S-ports. The setting is in force for all ports 0x600 and FFFF whose Port Type is set to S-Custom-Port. Port VLAN Configuration Mode Factory...
Page 83 User Manual Managed Switches • Ingress filtering can be controlled • Ingress acceptance of frames and configuration of egress tagging can be configured independently ATTENTION For communication redundancy in the VLAN environment, set Redundant Port, Coupling Port, and Homing Port as "Trunk Port," since these ports act as the "backbone"...
Page 84 User Manual Managed Switches with an S-tag. This port type can only be selected if port mode is Hybrid. On ingress, frames with a VLAN tag with a TPID equal to the Ethertype configured for Custom-S ports get classified to the VLAN ID embedded in the tag. Priority-tagged frames are classified to the Port VLAN.
Page 85: Vlan Membership Status
User Manual Managed Switches tag. All frames, whether classified to the Port VLAN or not, are Tag All transmitted with a tag. All frames, whether classified to the Port VLAN or not, are Untag All transmitted without a tag. Only available for Hybrid ports. Allowed VLANs Setting Description...
Page 86: Vlan Port Status
User Manual Managed Switches (Admin) or as configured by one of these internal software modules. The "Combined" entry will show a combination of the administrator and internal software modules configuration, and basically reflects what is actually configured in hardware. The table displayed on the page shows the port members of each programmed VLAN ID. VLAN ID VLAN ID for which the Port members are displayed.
Page 87: Private Vlan Membership
User Manual Managed Switches Shows the egress Tag requirements (Tag All, Tag PVID, Untag All, …) Tx Tag for the port. Untagged VLAN ID If Tx Tag is overridden in the port and is set to UVID (Untagged VLAN ID), then this field will show the VLAN ID the user wants to untag on egress.
Page 88: Private Vlan Port Isolation
User Manual Managed Switches displayed for each private VLAN ID. Check the box to include a port in a private VLAN. To remove or exclude the port from the private VLAN, make sure the box is unchecked. 3.7.2.5 Private VLAN Port Isolation This page is used for enabling or disabling port isolation on ports in a Private VLAN.
Page 89: Gvrp Port Configuration
User Manual Managed Switches Leave-time Setting Description Factory Default Numerical value GVRP protocol timer. between 60 and 300 (hundreds of sec) LeaveAll-time Setting Description Factory Default Numerical value GVRP protocol timer. 1000 between 1000 and 5000 (hundreds of sec) Max VLANs Setting Description Factory Default...
Page 90: Snmp
User Manual Managed Switches 3.8 SNMP Weidmüller managed Switches support SNMP V1, V2c, and V3. SNMP V1 and SNMP V2c use a community string match for authentication, which means that SNMP servers access all objects with read-only or read/write permissions using the community strings public and private by default. SNMP V3 requires that you select an authentication level of MD5 or SHA and is the most secure protocol.
Page 91 User Manual Managed Switches Mode Factory Setting Description Default Enabled/Disabled Enables or disables SNMP operation mode. Enabled Version Factory Setting Description Default Specifies the SNMP protocol version used to manage V1 / V2c / V3 the switch. Read Community (SNMPv1 and SNMP v2c only) Factory Setting Description...
Page 92: Snmp Trap
User Manual Managed Switches 3.8.2 SNMP Trap This page allows the user to configure the general SNMP traps. Mode Factory Setting Description Default Disabled/Enabled Enables or disables SNMP traps in the switch. Disabled Pressing the button Add New Entry the SNMP Trap configuration page appears. SNMP Trap Configuration Trap Config Name Factory...
Page 93 User Manual Managed Switches Trap Mode Factory Setting Description Default Disabled/Enabled Enables or disables SNMP traps in the switch. Disabled Trap Version Factory Setting Description Default Specifies the SNMP protocol version used to manage V1 / V2c / V3 the traps. Trap Community Factory Setting...
Page 94 User Manual Managed Switches Trap Probe Security Engine ID Factory Setting Description Default This field can only be programmed if the selected trap version is SNMPv3. Indicates the SNMP trap security engine ID. SNMPv3 sends traps and informs using USM for authentication and privacy. A unique engine ID for these traps and informs is Disabled/Enabled needed.
Page 95: Snmp Community Configuration
User Manual Managed Switches Switch Factory Setting Description Default Enable/Disable the traps related with the STP Check/Uncheck Unchecked redundancy. 3.8.3 SNMP Community Configuration This page allows the user to configure SNMP community table. The entry index key is Community. Press the button Add New Entry to create a new Community. Community Factory Setting...
Page 96 User Manual Managed Switches A default user is already created but is possible to create additional ones with different security levels. Press the button Add New Entry to create a new User. Engine ID Factory Setting Description Default An octet string identifying the engine ID that this entry should belong to.
Page 97: Snmp Groups Configuration
User Manual Managed Switches Authentication Password Factory Setting Description Default String between 8 and 32 characters A string identifying the authentication pass phrase. None (MD5) or between 8 and 40 (SHA) Privacy Protocol Factory Setting Description Default Encryption will be based on DES protocol. Encryption will be based on AES protocol.
Page 98: Snmp View Configuration
User Manual Managed Switches Security Name Factory Setting Description Default A string identifying the security name that this entry Max. 32 should belong to. This Security Name must be one of None characters the created users names in the SNMP Users Configuration option.
Page 99: Snmp Access Configuration
User Manual Managed Switches View Type Factory Setting Description Default Indicates that the created view subtree should be Included included. Exact Indicates that the created view subtree should be Excluded excluded. OID Subtree Factory Setting Description Default The object identifier (OID) value for the created view table.
Page 100: Rmon
User Manual Managed Switches Reserved for SNMPv2c. User-based Security Model (usm): SNMPv3. Accepted any Security model. Security Level This Security Level must be selected in accordance with the one defined for the User of the selected Group Name. Factory Setting Description Default NoAuth, NoPriv...
Page 101: Rmon Statistics Configuration
User Manual Managed Switches 3.9.1 RMON Statistics Configuration This page allows the user to configure RMON Statistics. Press the button Add New Entry to create a new entry to get RMON statistics in any port of the switch. Setting Description Factory Default Numeric value...
Page 102: Rmon Alarm Configuration
User Manual Managed Switches Data Source Setting Description Factory Default Number (OID) Indicates the port ID which wants to be monitored. None The value of the switch must add 1000000*(switch ID-1). For example, if we want to monitor switch 3 port 5, the value is 2000005.
Page 103 User Manual Managed Switches InOctets: The total number of octets received on the interface, including framing characters. InUcastPkts: The number of uni-cast packets delivered to a higher-layer protocol. InNUcastPkts: The number of broad-cast and multi-cast packets delivered to a higher-layer protocol.
Page 104: Rmon Event Configuration
User Manual Managed Switches Rising Or Falling when the first value is larger than the rising threshold or lower than the falling threshold. Rising Threshold Setting Description Factory Default Numeric value Rising threshold value. between -2 and 2 Rising Index Setting Description Factory...
Page 105: Rmon Statistics Status
User Manual Managed Switches Desc Setting Description Factory Default Max. 127 Description of the event. None characters Type Setting Description Factory Default None The event is not notified. None SNMP log is created when the event is triggered. SNMPtrap SNMP trap is sent when the event is triggered. Logandtrap SNMP log is created and SNMP trap is sent when the event is triggered.
Page 106 User Manual Managed Switches The page includes a table with the following information: Indicates the index of Statistics entry. Data Source The port ID which wants to be monitored. The total number of events in which packets were dropped by the probe Drop due to lack of resources.
Page 107: Rmon History Status
User Manual Managed Switches 3.9.6 RMON History Status This page provides an overview of RMON History entries. The page shows up to 99 entries from the History table, default being 20, selected through the Entries per page input field. When first visited, the web page will show the first 20 entries from the beginning of the Statistics table.
Page 108: Rmon Alarm Status
User Manual Managed Switches 3.9.7 RMON Alarm Status This page provides an overview of RMON Alarm entries. The page shows up to 99 entries from the Alarm table, default being 20, selected through the Entries per page input field. When first visited, the web page will show the first 20 entries from the beginning of the Statistics table.
Page 109: Traffic Prioritization
User Manual Managed Switches The page includes a table with the following information: Event Index Indicates the index of the event entry. Log Index Indicates the index of the log entry. Log Time Indicates Event log time LogDescripi Indicates the Event description. 3.10 Traffic Prioritization The Weidmüller switch’s traffic prioritization capability provides Quality of Service (QoS) to your network by making data delivery more reliable.
Page 110 User Manual Managed Switches IEEE 802.1D Traffic Marking The IEEE Std 802.1D, 1998 Edition marking scheme, which is an enhancement to IEEE Std 802.1D, enables Quality of Service on the LAN. Traffic service levels are defined in the IEEE 802.1Q 4-byte tag, which is used to carry VLAN identification as well as IEEE 802.1p priority information.
Page 111: Storm Control
User Manual Managed Switches Traffic Prioritization Weidmüller managed Switches classify traffic based on layer 2 of the OSI 7 layer model, and the switch prioritizes received traffic according to the priority information defined in the received packet. Incoming traffic is classified based upon the IEEE 802.1D frame and is assigned to the appropriate priority queue based on the IEEE 802.1p service level value defined in that packet.
Page 112: Port Classification
User Manual Managed Switches For each frame type (Unicast / Multicast / Broadcast) is possible: Enable Setting Description Factory Default Check / Enable or disable the storm control status for the Unchecked Uncheck given frame type. Rate Setting Description Factory Default Numeric value Controls the rate for the global storm policer.
Page 113 User Manual Managed Switches If the port is VLAN aware, the frame is tagged and Tag Classification is enabled, then the frame is classified to a CoS that is mapped from the PCP and DEI value in the tag. Otherwise the frame is classified to this default CoS.
Page 114: Port Tag Remarking
User Manual Managed Switches default CoS class and DPL. DSCP Based Setting Description Factory Default Checked / Check to enable DSCP Based ToS Ingress Port Unchecked Unchecked Classification Address Mode Setting Description Factory Default Source / The IP/MAC address mode specifies whether Source Destination the QoS Control List (QCL) classification must be...
Page 115 User Manual Managed Switches Ingress Translate Setting Description Factory Default Check / Check to enable ingress translation. Unchecked Uncheck Ingress Classify Setting Description Factory Default Disable / The classification of a port has four different values: Disable DSCP=0 / Disable: No ingress DSCP classification. Selected / All DSCP=0: Classify if incoming (or translated if enabled) DSCP is 0.
Page 116: Port Policing
User Manual Managed Switches taken from the 'DSCP Translation->Egress Remap DP0' table or from the 'DSCP Translation->Egress Remap DP1' table. 3.10.5 Port Policing This page allows the user to configure the Policer settings for all switch ports. Enable Setting Description Factory Default Check /...
Page 117: Queue Policing
User Manual Managed Switches 3.10.6 Queue Policing This page allows the user to configure Queue Policer settings for all switch ports. Enable Setting Description Factory Default Check / Check to enable the queue policer on the switch port. Unchecked Uncheck Rate Setting Description...
Page 118 User Manual Managed Switches When clicking on any port number, a new page is loaded to configure the Scheduler and Shapers for that specific port of the switch. Scheduler Mode Setting Description Factory Default Strict Priority / Configures the scheduler mode on this switch port. Strict Priority 6 Queues Weighted...
Page 119 User Manual Managed Switches Queue Shaper Rate Setting Description Factory Default Numerical value Controls the rate for the queue shaper. This value is restricted to 100-3281943 when "Unit" is kbps, and 1-3281 when "Unit" is Mbps. The rate is internally rounded up to the nearest value supported by the queue shaper.
Page 120: Port Shaper
User Manual Managed Switches 1-3281 when "Unit" is Mbps. The rate is internally rounded up to the nearest value supported by the port shaper. Queue Shaper Unit Setting Description Factory Default kbps / Mbps Controls the unit of measure for the port shaper rate kbps as kbps or Mbps.
Page 121: Dscp Translation
User Manual Managed Switches QoS Class Setting Description Factory Default 0 to 7 Quality of Service Class value (CoS). A CoS of 0 (zero) has the lowest priority. Setting Description Factory Default 0 to 1 Drop precedence level (DP). A DP level of 0 corresponds to committed frames and a DP level of 1 corresponds to discard eligible frames.
Page 122 User Manual Managed Switches Ingress Translate Setting Description Factory Default 0 to 63 Before using the DSCP for classification is possible 0 to 63 to first translate the ingress side DSCP to new DSCP values. Ingress Classification Setting Description Factory Default Check / Check to enable classification at ingress side.
Page 123: Dscp Classification
User Manual Managed Switches 3.10.11 DSCP Classification This page allows the user to configure the mapping of QoS class and Drop Precedence Level to DSCP value. For the actual QoS (0 to 7) the user can set the classified DSCP value. DSCP DP0 and DP1 Setting Description...
Page 124 User Manual Managed Switches Port Members Setting Description Factory Default Check/Uncheck A row of check boxes for each port. Checked Check the box to include the port in the QCL entry. Key Parameters - DMAC Setting Description Factory Default Any / Unicast / Indicates the destination MAC address Multicast / for incoming frames.
Page 125 User Manual Managed Switches Key Parameters - PCP Setting Description Factory Default Any / 0 to 7 / Valid value of Priority Code Point (PCP). ranges Can be any value in the range 1-7 or ‘Any’. Key Parameters - DEI Setting Description Factory Default...
Page 126 User Manual Managed Switches Key Parameters – Frame Type – IPv4 Setting Description Factory Default Protocol TCP, UDP, Other (value from 0 to 255) or ‘Any’. When selecting TCP or UDP, the following additional parameters have to be configured: Sport (Source TCP/UDP Port): Specific value (0 to 65535) or ‘Any’.
Page 127: Qos Statistics
User Manual Managed Switches Action Parameters – DPL Setting Description Factory Default Default, 0 or 1 Drop Precedence Level 0, 1 or Default. Default 'Default' means that the default classified value is not modified by this QCE. Action Parameters – DSCP Setting Description Factory Default...
Page 128: Qcl Status
User Manual Managed Switches 3.10.14 QCL Status This page shows the QCL (Quality of Service Control List) status by different QCL users. Each row describes the QCE (Quality of Service Control Entry) that is defined. The maximum number of QCEs is 256 on each switch.
Page 129: Multicast
User Manual Managed Switches 3.11 Multicast Multicast filtering improves the performance of networks that carry multicast traffic. This section explains multicasts, multicast filtering, and how multicast filtering can be implemented on your Weidmüller switch. 3.11.1 The Concept of Multicast Filtering What is an IP Multicast? A multicast is a packet sent by one host to multiple hosts.
Page 130 User Manual Managed Switches Network with multicast filtering Hosts only receive dedicated traffic from other hosts belonging to the same group. The Weidmüller switch supports both automatic multicast filtering with IGMP (Internet Group Management Protocol) Snooping and manual multicast filtering by adding static multicast IP addresses.
Page 131: Igmp Snooping Basic Configuration
User Manual Managed Switches IGMP (Internet Group Management Protocol) Snooping Mode Snooping Mode allows your switch to forward multicast packets only to the appropriate ports. The switch "snoops" on exchanges between hosts and an IGMP device, such as a router, to find those ports that want to join a multicast group, and then configure its filters accordingly.
Page 132 User Manual Managed Switches Global Configuration Snooping Enabled Setting Description Factory Default Check/Uncheck Enable the IGMP Snooping function globally. Unchecked Unregister IPMCv4 Flooding Enabled Setting Description Factory Default Check/Uncheck Enable unregistered IPMCv4 traffic flooding. Checked The flooding control takes effect only when IGMP Snooping is enabled.
Page 133: Igmp Snooping Vlan Configuration
User Manual Managed Switches Fast Leave Setting Description Factory Default Check/Uncheck Enable the fast leave on the port. Unchecked System will remove group record and stop forwarding data upon receiving the leave message without sending last member query messages. It is recommended to enable this feature only when a single IGMPv2 host is connected to the specific port.
Page 134 User Manual Managed Switches Querier Address Setting Description Factory Default IP address Define the IPv4 address as source address used in IP None header for IGMP Querier election. When the Querier address is not set, system uses IPv4 management address of the IP interface associated with this VLAN.
Page 135: Igmp Snooping Status
User Manual Managed Switches LLQI Setting Description Factory Default 1 to 31774 (tenths Last Member Query Interval. It is the time value 10 (1 sec) of sec) represented by the Last Member Query Interval, multiplied by the Last Member Query Count. Setting Description Factory...
Page 136: Igmp Snooping Group Information
User Manual Managed Switches Port Switch port number. Status Indicates whether the specific port is a router port or not. 3.11.5 IGMP Snooping Group Information The page shows up to 99 entries from the IGMP Group table, default being 20, selected through the Entries per page input field.
Page 137: Igmp Snooping Port Group Filtering
User Manual Managed Switches Port Switch port number. Indicates the filtering mode maintained per basis (VLAN ID, port number, Mode Group Address). It can be either Include or Exclude. IP Address of the source. Currently, the maximum number of IPv4 source Source Address address for filtering (per group) is 8.
Page 138 User Manual Managed Switches Global Profile Mode Setting Description Factory Default Enabled/Disabled Enable/Disable the Global IPMC Profile. Disabled System starts to do filtering based on profile settings only when the global profile mode is enabled. Using the Add New IPMC Profile button the user can create the different Profile entries. Profile Name Setting Description...
Page 139: Ipmc Profile Address Configuration
User Manual Managed Switches 3.11.9 IPMC Profile Address Configuration This page provides address range settings used in IPMC profile. The address entry is used to specify the address range that will be associated with IPMC Profile. It is allowed to create a maximum of 128 address entries in the system.
Page 140 User Manual Managed Switches Access Control Lists The user can create specific access lists for any port of the switch. In these access lists is possible to permit or deny any kind of ingress Ethernet and/or IP traffic. Access control according IEEE 802.1X The IEEE 802.1X standard defines a protocol for client/server-based access control and authentication.
Page 141: Device Binding
User Manual Managed Switches 1. When the supplicant receives an "EAP Request/Identity" frame, it sends an "EAP Response/Identity" frame with its username back to the authenticator. 2. The authenticator relays the "EAP Response/Identity" frame from the supplicant by encapsulating it into a "RADIUS Access-Request" frame and sends to the RADIUS server. When the authentication server receives the frame, it looks up its database to check if the username exists.
Page 142 User Manual Managed Switches Shutdown each port are: ---: Device Binding disabled in that port. Scan: Scans IP/MAC automatically, but no binding function executed in the port. Binding: Binding function enabled in the port. Under this mode, any IP/MAC that does not match the entry will not be allowed to access the network.
Page 143: Alias Ip Address
User Manual Managed Switches the MAC address detected. If the Mode configuration is ‘Binding’, this field must specify the MAC address of the authorized device. 3.12.1.1 Alias IP Address Some devices might have more than one IP address. In this page is possible to specify alternative IP addresses (alias IP addresses).
Page 144: Ddos Prevention
User Manual Managed Switches Note: If the Binding function is not enabled on a port, it will not be possible to enable the Alive Check option. Binding function is enabled in the Device Binding page. Action Setting Description Factory Default Link Change / Indicates the action when Alive check fails (Lost --- (Disabled)
Page 145 User Manual Managed Switches Sensibility Setting Description Factory Default Low / Normal / Indicates the level of DDOS detection. Possible levels Normal Medium / High are: Low: Low sensibility. Normal: Normal sensibility. Medium: Medium sensibility. High: High sensibility. Packet Type Setting Description Factory...
Page 146: Device Description
User Manual Managed Switches Status Setting Description Factory Default Information only Indicates the DDOS Prevention status. --- (Disabled) ---: Disabled Analyzing: Analyze the packet throughput for initialization. Running: Function ready. Attacked: DDOS attack happened. 3.12.1.4 Device Description From this option it can be specified a description and a location for each port to help administrators differentiate between different ports.
Page 147: Ip Source Guard
User Manual Managed Switches Mode Setting Description Factory Default Enable / Disable Enable or Disable (---) the Stream Check option on the --- (Disabled) port. Note: If the Binding function is not enabled on a port, it will not be possible to enable the Stream Check option.
Page 148: Static Ip Source Guard Table
User Manual Managed Switches IP Source Guard Configuration Mode Setting Description Factory Default Enabled/Disabled Enable or Disable the IP Source Guard function Disabled globally in the switch. All configured ACEs (Access Control Entries) will be lost when the mode is enabled. The button Translate dynamic to static translates all dynamic entries to static entries (see following sections Static and Dynamic IP Source Guard Tables).
Page 149: Dynamic Ip Source Guard Table
User Manual Managed Switches Press the button Add New Entry to create an entry for the Static IP Source Guard Table. Port Setting Description Factory Default 1 to 20 The logical port for the entry. VLAN ID Setting Description Factory Default 1 to 4095 The VLAN ID for the entry.
Page 150: Access Control List (Acl)
User Manual Managed Switches MAC Address Source MAC address. 3.12.3 Access Control List (ACL) The switch has an Access Control List (ACL) where the user can create different Access Control Entries (ACEs) specifying individual frame types permitted or denied. Accordingly, ACL can be configured to control inbound traffic, and in this context, they are similar to firewalls.
Page 151 User Manual Managed Switches the option ACL Rate Limiter Configuration. Port Redirect Setting Description Factory Default Disabled / Port Select which port frames are redirected on. It can't be Disabled number set when action is permitted. Mirror Setting Description Factory Default Enabled/Disabled Specifies the mirror operation of this port.
Page 152: Acl Rate Limiter Configuration
User Manual Managed Switches 3.12.3.2 ACL Rate Limiter Configuration This option is used to define the Rate Limiters ID (from 1 to 16) that are used in the ACLs of the switch. For each Rate Limited ID (1 to 16) it has be configured the maximum data rate. Rate Setting Description...
Page 153 User Manual Managed Switches Indicates the ACE ID. Indicates the ingress port of the ACE. It can be “All” (the ACE will match Ingress Port all ingress ports) or “Port” (the ACE will match a specific ingress port). Policy / Bitmask Indicates the policy number and bitmask of the ACE.
Page 154 User Manual Managed Switches Ingress Port Setting Description Factory Default Any / Port n Select the ingress port for which this ACE applies: All: The ACE applies to any port. Port n: The ACE applies to this port number, where n is the number of the switch port. Policy Filter Setting Description...
Page 155 User Manual Managed Switches 802.1Q Tagged Setting Description Factory Default Any / Enabled / Specify whether frames can hit the action of this ACE Disabled according to the 802.1Q tagging. Any: Any value is allowed. Enabled: Tagged frame only. Disabled: Untagged frame only. VLAN ID Filter Setting Description...
Page 156 User Manual Managed Switches Mirror Setting Description Factory Default Enabled/Disabled Specify the mirror operation of this port. When Disabled Enabled, frames matching the ACE are mirrored to the destination mirror port. The rate limiter will not affect frames on the mirror port. When isabled, frames received on the port are not mirrored.
Page 157 User Manual Managed Switches DMAC Filter Setting Description Factory Default Any / MC / BC / Specify the destination MAC address filter for this UC / Specific ACE. Any: No DMAC address filter is specified. MC: Frame must be multicast. BC: Frame must be broadcast.
Page 158 User Manual Managed Switches Sender IP Filter Setting Description Factory Default Any / Host / Specify the sender IP filter for this ACE. Network Any: No sender IP filter is specified. Host: Sender IP filter is set to Host. Specify the sender IP address in the SIP Address field that appears.
Page 159 User Manual Managed Switches IP/Ethernet Length Setting Description Factory Default Any / 0 / 1 Specify whether frames can hit the action according to their ARP/RARP hardware address length (HLN) and protocol address length (PLN) settings. Any: Any value is allowed. 0: ARP/RARP frames where the HLN is not equal to Ethernet (0x06) or the (PLN) is not equal to IPv4 (0x04).
Page 160 User Manual Managed Switches IP TTL Setting Description Factory Default Any / Non-zero / Specify the Time-to-Live settings for this ACE. Zero Any: Any value is allowed. Zero: IPv4 frames with a Time-to-Live field greater than zero must not be able to match this entry. Non-zero: IPv4 frames with a Time-to-Live field greater than zero must be able to match this entry.
Page 161 User Manual Managed Switches DIP Filter Setting Description Factory Default Any / Host / Specify the destination IP filter for this ACE. Network Any: No destination IP filter is specified. Host: Destination IP filter is set to Host. Specify the destination IP address in the DIP Address field that appears.
Page 162 User Manual Managed Switches ICMP parameters If the type of frame selected is IPv4/ICMP or IPv6/ICMP, several additional parameters can be programmed: ICMP Type Filter Setting Description Factory Default Any / Specific Specify the ICMP filter for this ACE. Any: No ICMP filter is specified. Specific: A field for entering an ICMP value (0 to 255) appears.
Page 163 User Manual Managed Switches TCP FIN Setting Description Factory Default Any / 0 / 1 Specify the TCP "No more data from sender" (FIN) value for this ACE. Any: Any value is allowed ("don't-care"). 0: TCP frames where the FIN field is set must not be able to match this entry.
Page 164: Acl Status
User Manual Managed Switches TCP ACK Setting Description Factory Default Any / 0 / 1 Specify the TCP "Acknowledgment field significant" (ACK) value for this ACE. Any: Any value is allowed ("don't-care"). 0: TCP frames where the ACK field is set must not be able to match this entry.
Page 165: Authentication, Authorization And Accounting (Aaa)
User Manual Managed Switches Filter: Frames matching the ACE are filtered. Rate Limiter Indicates the rate limiter number of the ACE. The allowed range is 1 o 16. When Disabled is displayed, the rate limiter operation is disabled. Mirror Indicates if the Mirror operation is included in the ACE (Enabled). When Disabled is displayed, the mirror operation is disabled.
Page 166 User Manual Managed Switches Retransmit Setting Description Factory Default 1 to 1000 Number of times, in the range 1 to 1000, a RADIUS request is retransmitted to a server that is not responding. If the server has not responded after the last retransmit it is considered to be dead.
Page 167 User Manual Managed Switches Server Configuration Press the button Add New Server to add and configure a RADIUS server. Up to 5 servers are supported. The parameters that have to be configured for each server are: Hostname Setting Description Factory Default IP address The IP address of the RADIUS server.
Page 168: Tacacs+ Server Configuration
User Manual Managed Switches 3.12.4.2 TACACS+ Server Configuration This page allows the user to configure the TACACS+ servers. Global Configuration Timeout Setting Description Factory Default 1 to 1000 (sec) Number of seconds to wait for a reply from a TACACS+ server before retransmitting the request. Deadtime Setting Description...
Page 169: Radius Overview
User Manual Managed Switches Server Configuration Press the button Add New Server to add and configure a TACACS+ server. Up to 5 servers are supported. The parameters that have to be configured for each server are: Hostname Setting Description Factory Default IP address The IP address of the TACACS+ server.
Page 170: Radius Details
User Manual Managed Switches Not Ready: The server is enabled, but IP communication is not yet up and running. Ready: The server is enabled, IP communication is up and running, and the RADIUS module is ready to accept access attempts. Dead (X seconds left): Access attempts were made to this server but it did not reply within the configured timeout.
Page 171: Network Access Server (802.1X)
User Manual Managed Switches The Help button provides a description of all the different counters shown on the page. 3.12.5 Network Access Server (802.1X) The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication. One or more central servers (the backend servers determine whether the user is allowed access to the network.
Page 172 User Manual Managed Switches Reauthentication Period Setting Description Factory Default 1 to 3600 (sec) Period, in seconds, after which a connected client 3600 must be reauthenticated. It can only be programmed if Reauthentication Enabled is checked. EAPOL Timeout Setting Description Factory Default 1 to 65535 (sec)
Page 173 User Manual Managed Switches the RADIUS server request times out (according to the timeout specified on the RADIUS configuration page), the client is put on hold in the Unauthorized state. The hold timer does not count during an on-going authentication. In MAC-based Auth.
Page 174 User Manual Managed Switches Max. Reauth. Count Setting Description Factory Default 1 to 255 The number of times the switch transmits an EAPOL Request Identity frame without response before considering entering the Guest VLAN is adjusted with this setting. The value can only be changed if the Guest VLAN option is globally enabled.
Page 175 User Manual Managed Switches • Force Unauthorized: In this mode, the switch will MAC-based Auth send one EAPOL Failure frame when the port link comes up and any client on the port will be network access disallowed. • Port-based 802.1X: In this mode, the switch will act as authenticator according to the IEEE 802.1X standard.
Page 176 User Manual Managed Switches RADIUS server. The switch only supports the MD5-Challenge authentication method, so the RADIUS server must be configured accordingly. When authentication is complete, the RADIUS server sends a success or failure indication, which in turn causes the switch to open up or block traffic for that particular client.
Page 177 User Manual Managed Switches Guest VLAN Enabled Setting Description Factory Default Check / Uncheck When Guest VLAN is both globally enabled and Unchecked enabled (checked) for a given port, the switch considers moving the port into the Guest VLAN according to the following rules: When a Guest VLAN enabled port's link comes up, the switch starts transmitting EAPOL Request Identity frames.
Page 178: Network Access Server (Nas) Switch Status
User Manual Managed Switches The Reauthenticate button schedules a reauthentication whenever the quiet-period of the port runs out (EAPOL-based authentication). For MAC-based authentication, reauthentication will be attempted immediately. The button only has effect for successfully authenticated clients on the port and will not cause the clients to get temporarily unauthorized.
Page 179: Port Security
User Manual Managed Switches The page shows the Port State information including the parameters Admin State, Port State, QoS Class and Port VLAN ID already described in the previous section of this manual. Additionally, the page also shows the Port Counters. The Help button provides a detailed description of all these counters shown on the page.
Page 180 User Manual Managed Switches Aging Enabled Setting Description Factory Default Check / Uncheck If checked, secured MAC addresses are subject to Unchecked aging according to the ‘Aging Period’ defined. Aging Period Setting Description Factory Default 10 to 10000000 If Aging is enabled (checked) the user can specify the 3600 (sec) aging period of the MAC addresses in seconds.
Page 181: Port Security Status
User Manual Managed Switches There are three ways to re-open a port that has been shut down: 1) Boot the switch, 2) Disable and re-enable Limit Control on the port or the switch, 3) Click the Reopen button. State Setting Description Factory Default...
Page 182: Port Status
User Manual Managed Switches User Module Legend The table displayed shows the following information: User Module Name The full name of a user module that may request Port Security services. Abbr A one-letter abbreviation of the user module. This is used in the Users column in the Port Status table.
Page 183: Warning/Event Settings
User Manual Managed Switches forwarding. If blocked, it will not be allowed to transmit or receive traffic. Time of Addition Shows the date and time when this MAC address was first seen on the port. Age/Hold If at least one user module has decided to block this MAC address, it will stay in the blocked state until the hold time (measured in seconds) expires.
Page 184: Configuring Email Warning
User Manual Managed Switches Alarm event types can be divided into two basic groups: Power Failure and Port Link Down/Broken. You can configure which events are related to the relay output. NOTE: The events that are configured to activate the relay output also activate the amber light in the FAULT LED of the front-plate of the switch.
Page 185: Email Settings
User Manual Managed Switches Event Types can be divided into two basic groups: System Events and Port Events. System Events are related to the overall function of the switch, whereas Port Events are related to the activity of a specific port. NOTE: For each event the user can decide if a log is registered (SYSLOG) and/or if a warning Email is sent (SMTP).
Page 186: Syslog Setting
User Manual Managed Switches Disabled SMTP Server Address Setting Description Factory Default IP address The IP Address of your email server. 0.0.0.0 Sender E-mail Address Setting Description Factory Default E-mail address Your email account administrator Mail Subject Setting Description Factory Default Max.
Page 187: Monitoring And Diag
User Manual Managed Switches Client(Local) and Events are logged in the switch and in a remote Server(Remote) SYSLOG server. Server Address Setting Description Factory Default IP address The IP address of Syslog Server used by your None network. Syslog Level Setting Description Factory...
Page 188 User Manual Managed Switches Aging Configuration Disable Automatic Aging Setting Description Factory Default Check / Uncheck By default, dynamic entries are removed from the Unchecked MAC table after 300 seconds. This removal is called aging. It is possible to de-activate the automatic aging of dynamic entries by checking Disable Automatic Aging.
Page 189: Mac Address Table Status
User Manual Managed Switches VLAN ID Setting Description Factory Default 1 to 4095 The VLAN ID of the entry. MAC Address Setting Description Factory Default MAC Address The MAC address of the entry. None Port Members Setting Description Factory Default Indicate (check) which ports are member of the entry.
Page 190: Port Statistics Overview
User Manual Managed Switches 3.14.3 Port Statistics Overview This page provides an overview of general traffic statistics for all switch ports. The table shown on the page includes the following information: Port The port number of the switch. Description The description of the port. Packets The number of received and transmitted packets per port.
Page 191 User Manual Managed Switches Receive and Transmit Total Rx and Tx Packets The number of received and transmitted (good and bad) packets. The number of received and transmitted (good and bad) bytes, including Rx and Tx Octets FCS but excluding framing bits. Rx and Tx Unicast The number of received and transmitted (good and bad) unicast packets.
Page 192: Port Monitoring
User Manual Managed Switches 3.14.5 Port Monitoring The user can configure port mirroring on this page. This function can be used by the administrator to debug network problems. The selected traffic can be mirrored or copied on a destination port where a network analyzer can be attached to analyze the network traffic.
Page 193 User Manual Managed Switches VLAN ID Setting Description Factory Default 1 to 4095 When Remote Mirroring is activated, the VLAN ID points out where the monitor packet will copy to. Reflector port Setting Description Factory Default Port of the switch The reflector port is a method to redirect the traffic to Port 1 Remote Mirroring VLAN.
Page 194: System Log Information
User Manual Managed Switches of the switch where is received a copy of traffic from the source port. 3.14.6 System Log Information This page shows the Event Log Table stored in the switch. The page shows up to 999 entries, default being 20, selected through the Entries per page input field.
Page 195: Sfp Monitor
User Manual Managed Switches Press the Start button to run the diagnostics. When completed, the page refreshes automatically and the cable diagnostics results are shown in the cable status table. NOTE: The VeriPHY diagnostics tool is only accurate for cables 7 - 140 meters long. 10 and 100 Mbps ports will be disconnected while running VeriPHY diagnostics.
Page 196: Sfp Type
User Manual Managed Switches Parameter Description Port No. Switch port number with SFP plugged in Temperature (°C) SFP casing temperature Vcc (V) Voltage supply to the SFP Tx Bias (mA) The bias current of the optical transmitter Tx power (mW) The amount of light being transmitted into the fiber optic cable in (dBm) The amount of light being transmitted into the fiber optic cable in...
Page 197: Ping And Ping6
User Manual Managed Switches Parameter Description Port Switch port number with SFP plugged in Vendor Provider of the SFP transceiver Product Identification of the SFP transceiver Version Version of the SFP transceiver Type General information about the SFP transceiver (Interface / Fiber optic type / Distance) 3.14.10 Ping and Ping6 The Ping function uses the ping command to give users a simple but powerful tool for...
Page 198: Poe Configuration
User Manual Managed Switches • Industrial wireless access points • Emergency IP phones In fact, it’s not uncommon for video, voice, and high-rate industrial application data transfers to be integrated into one network. Weidmüller’s PoE switches are equipped with many advanced PoE management functions, providing vital security systems with a convenient and reliable Ethernet network.
Page 199 User Manual Managed Switches Power Management Mode Setting Description Factory Default Actual The ports are shut down when the actual power Reserved Consumption consumption for all ports exceeds the amount of Power power that the power supply can deliver or if the actual power consumption for a given port exceeds the reserved power for that port.
Page 200: Poe Status
User Manual Managed Switches Priority Setting Description Factory Default The priority is used in the case where the remote devices require more power than the power supply High can deliver. In this case the port with the lowest priority Critical will be turn off starting from the port with the highest port number.
Page 201: Poe Schedule
User Manual Managed Switches PoE turned OFF- PoE disabled: PoE is disabled by the user PoE turned OFF - Power budget exceeded: The total requested or used power by the PDs exceeds the maximum power the Power Supply can deliver, and port(s) with the lowest priority is/are powered down No PD detected: No PD detected for the port PoE turned OFF - PD overload: The PD has requested or used...
Page 202: Poe Auto-Ping
User Manual Managed Switches 3.15.4 PoE Auto-Ping This page allows the user to monitor the real time status of connected PDs (automatic ping) and execute specific actions if any connected device fails to respond. Ping Check Setting Description Factory Default Enable / Disable Enable or Disable the automatic ping feature.
Page 203: Ptp Synchronization
User Manual Managed Switches Failure Action Setting Description Factory Default Nothing No action when the connected device fails to respond Nothing the alive-checking packets. Restart Forever Cut power and supply power continuously to the connected device until it successfully responds the alive-checking packets.
Page 204: Ptp Clock Configuration
User Manual Managed Switches modes. Transparent clock operation may be configured as peer to peer or end to end. Peer to peer provides better accuracy but then is required that all the network devices are PTP complaint. 3.16.1 PTP Clock Configuration This page allows the user to configure and inspect the current PTP clock settings.
Page 205 User Manual Managed Switches Clock Type and Profile The clock instance, device type and selected profile is shown. If the clock has been configured to use a profile (eg: 1588), clicking the Apply button will reset configured values to profile defaults. Port Enable and Configuration Select (check) the ports configured for this Clock Instance and click on Ports Configuration to edit all the data settings.
Page 206 User Manual Managed Switches Clock Default DataSet The clock default data set is defined in the IEEE 1588 Standard. It holds three groups of data: the static members defined at clock creation time, the Dynamic members defined by the system, and the configurable members which can be set here.
Page 207: Ptp Clock Status
User Manual Managed Switches 3.16.2 PTP Clock Status This page shows an overview of the PTP clocks configured in the switch. The table on the page shows the following information: Inst The particular clock instance. Device Type The type of clock for that particular instance. The five possible types are Transparent Clock (End to End or Peer to Peer), Boundary Clock, Master only or Slave only.
Page 208: Factory Defaults
User Manual Managed Switches 3.18 Factory Defaults This function provides users with a quick way of restoring the Weidmüller switch’s configuration to factory defaults. It is also possible to define different actions for the reset button located in the front of the switch.
Page 209: Downloads (Software And Documentation)
User Manual Managed Switches A. Downloads (Software and Documentation) Using below described link you can download following items: • Firmware Upgrades • Private MIB files • EDS file • GSDML file • Documentation (User Manual and Hardware Installation Guide) Download via Product Catalogue (Online Catalogue) •...

This manual is also suitable for:

Gigabit advancedie-sw-al12m-8gt-4gesfp Gigabit advanced ie-sw-al14m-12gt-2gesfp Gigabit advanced ie-sw-al24m-16gt-8gesfp Gigabit advanced ie-sw-al08m-8gtpoe Gigabit advanced ie-sw-al06m-4gtpoe-2gesfp 2682350000 ... Show all

Weidmüller Gigabit Advanced IE-SW-AL08M-8GT Manual

Quick Links

Need help?

Questions and answers

Related Manuals for Weidmüller Gigabit Advanced IE-SW-AL08M-8GT

Summary of Contents for Weidmüller Gigabit Advanced IE-SW-AL08M-8GT

This manual is also suitable for:

Table of Contents