ifs NS3562-8P-2S-V2 User Manual
  1. Manuals
  2. Brands
  3. ifs Manuals
  4. Switch
  5. NS3562-8P-2S-V2
  6. User manual

ifs NS3562-8P-2S-V2 User Manual

Industrial managed switch
Hide thumbs Also See for NS3562-8P-2S-V2:
Table of Contents

Advertisement

Quick Links

Download this manual
NS3562-8P-2S-V2 Industrial
Managed Switch User
Manual
P/N 1073704-EN • REV B • ISS 13JUL22

Advertisement

Table of Contents
loading

Related Manuals for ifs NS3562-8P-2S-V2

Summary of Contents for ifs NS3562-8P-2S-V2

  • Page 1 NS3562-8P-2S-V2 Industrial Managed Switch User Manual P/N 1073704-EN • REV B • ISS 13JUL22...
  • Page 2 Trademarks and patents IFS names and logos are a product brand of Aritech, a part of Carrier. Other trade names used in this document may be trademarks or registered trademarks of the manufacturers or vendors of the respective products.
  • Page 3 Product Please consult the following web link to retrieve the electronic version of the documentation product documentation. The manuals are available in several languages.

  • Page 5: Table Of Contents

    Quality of Service (QoS) 174 Access Control Lists (ACL) 198 Authentication 213 Security 254 MAC address table 273 LLDP 277 Network diagnostics 291 Loop protection 296 RMON 298 Ring 307 Power over Ethernet (PoE) 320 Port identification 332 NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 6 Learning 333 Forwarding and filtering 333 Store-and-forward 333 Auto-negotiation 334 Chapter 6 PoE overview 335 What is PoE? 335 PoE system architecture 335 Chapter 7 Troubleshooting 337 Appendix A Networking connection 338 Glossary 340 NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 7: Important Information

    COVENANT OR PROMISE THAT ITS PRODUCTS (INCLUDING SECURITY PRODUCTS), SOFTWARE, SERVICES OR OTHER OFFERINGS WILL NOT BE HACKED, COMPROMISED AND/OR CIRCUMVENTED. CARRIER DOES NOT ENCRYPT COMMUNICATIONS BETWEEN ITS ALARM OR OTHER CONTROL PANELS AND THEIR WIRELESS OUTPUTS/INPUTS INCLUDING NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 8 CARRIER DOES NOT WARRANT THAT ANY PRODUCT (INCLUDING SECURITY PRODUCTS), SOFTWARE OR SERVICE MANUFACTURED, SOLD OR LICENSED BY CARRIER WILL PREVENT, OR IN ALL CASES PROVIDE ADEQUATE WARNING OF OR PROTECTION FROM, BREAK-INS, BURGLARY, ROBBERY, FIRE, OR OTHERWISE. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 9 Note: Note messages advise you of the possible loss of time or effort. They describe how to avoid the loss. Notes are also used to point out important information that you should read. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 10: Introduction

    Chapter 1 Introduction The description of the IFS NS3562-8P-2S-V2 model is as follows:  Industrial L2+ 8-port 10/100/1000T 802.3at PoE+  + 2-port 100/1000X SFP wall-mount managed switch Unless specified, the term “industrial managed switch” mentioned in this user manual refers to the NS3562-8P-2S-V2.
  • Page 11 Chapter 1: Introduction switch offers IPv6/IPv4 dual stack management, intelligent Layer 2 management functions, and a user-friendly interface. The IFS managed series is able to operate reliably, stably, and quietly in any environment without affecting its performance. Featuring ultra networking speed and an operating temperature ranging from -40 to 75°C in a compact but rugged IP30 metal housing, this industrial managed switch is an...
  • Page 12 Chapter 1: Introduction Scheduled power recycling The IFS PoE managed series allows each of the connected PoE IP cameras or PoE wireless access points to reboot at a specific time each week. This reduces the chance of an IP camera or AP crash resulting from buffer overflow.
  • Page 13 DIN rail, thereby making its usability more flexible. SMTP/SNMP trap event alert The industrial managed switch provides an event alert function to help to diagnose problems such as a network connection break or an abnormal rebooting response. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 14 For efficient management, the industrial managed switch is equipped with a console, web, and SNMP management interfaces. With the built-in web-based management interface, the managed industrial switch offers an easy-to-use, platform-independent management and configuration facility. For text-based management mode, the NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 15 The industrial managed switch series supports a SFP-DDM (Digital Diagnostic Monitor) function that can easily monitor real-time parameters of the SFP transceivers, such as optical output power, optical input power, temperature, laser bias current, and transceiver supply voltage. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 16: Product Features

    Remote power feeding up to 100 meters. • PoE management: • Total PoE power budget control • Per port PoE function enable/disable • PoE port power feeding priority • Per PoE port power limitation NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 17 RSTP, IEEE 802.1w Rapid Spanning Tree Protocol • MSTP, IEEE 802.1s Multiple Spanning Tree Protocol, spanning tree by VLAN • BPDU Guard Supports link aggregation • IEEE 802.3ad Link Aggregation Control Protocol (LACP) • Cisco ether-channel (static trunk) NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 18 − Built-in RADIUS client to co-operate with the RADIUS servers − TACACS+ login users access authentication − RADIUS / TACACS+ users access authentication • Access Control List (ACL) − IP-based ACL − MAC-based ACL NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 19 − Cable diagnostic technology provides the mechanism to detect and report potential cabling issues • SMTP/Syslog remote alarm • Four RMON groups (history, statistics, alarms, and events) • SNMP trap for interface Link Up and Link Down notification NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 20: Product Specifications

    Ring Owner (Green) Per 10/100/1000T RJ45 PoE+ Ports: PoE in-use (Orange) 1000 LNK/ACT (Green) Per SFP Interface: 100 LNK/ACT (Orange) 1000 LNK/ACT (Green) Power Requirement Dual 48~56 VDC (>51 VDC for PoE+ output recommended) NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 21 Up to 255 VLAN groups, out of 4094 VLAN IDs IEEE 802.3ad LACP/static trunk Link Aggregation Two groups with two ports per trunk Traffic classification based, strict priority and WRR 8-level priority for switching – Port number NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 22 IEEE 802.1ab LLDP IEEE 802.3af Power over Ethernet IEEE 802.3at Power over Ethernet Plus ITU-T G.8032 Ethernet Ring Protection Switching RFC 768 UDP RFC 793 TFTP RFC 791 IP RFC 792 ICMP RFC 2068 HTTP NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 23 Chapter 1: Introduction RFC 1112 IGMP v1 RFC 2236 IGMP v2 Environment Temperature: -40 to 75°C Operating Relative Humidity: 5 to 95% (non-condensing) Temperature: -40 to 85°C Storage Relative Humidity: 5 to 95% (non-condensing) NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 24: Installation

    LED indicators. Before connecting any network device to the industrial managed switch, please read this chapter completely. Hardware description The industrial managed switch provides three different running speeds – 10Mbps, 100Mbps, and 1000Mbps, and automatically distinguishes the speed of the incoming connection. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 25 Chapter 2: Installation Physical dimensions Dimensions (W x D x H): 180 x 24.4 x 140 mm NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 26 48~56 VDC To install the 3-pin terminal block connector on the wall-mount managed switch: 1. Insert the positive DC power wire into V+, negative DC power wire into V-, and the grounding wire into Ground. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 27 Blinking: indicates that the connected device is not a PoE Powered Device (PD). Per 100/1000X SFP interface (Port-9 to Port-10) Color Function Green Lit: indicates the port has successfully connected to the 1000 LNK/ACT network at 1000 Mbps. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 28: Installing The Industrial Managed Switch

    Hot-swapping this device will result in damage. DIN-rail mounting Note: Follow all the DIN-rail installation steps as shown in the example. To install the DIN rails on the industrial managed switch: 1. Screw the DIN-rail onto the industrial managed switch. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 29 Chapter 2: Installation 2. Carefully slide the DIN-rail into the track. 3. Ensure that the DIN-rail is tightly attached to the track. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 30 3. Screw the bolts into the conductor pipe. The switch is between the bolts and the conductor pipe, as shown below. To install the industrial managed switch on a magnetic surface: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 31: Cabling

    Installing the SFP/SFP+ transceiver SFP transceivers are hot-pluggable and hot-swappable. They can be plugged in and removed to/from any SFP port without having to power down the industrial managed switch (see below). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 32 Chapter 2: Installation Approved IFS SFP transceivers The industrial managed switch supports both single mode and multi-mode SFP transceivers. The following list of approved IFS SFP transceivers is valid as of the time of publication: Optical Optical Receiver Fiber # of...
  • Page 33 -8 ~ -2 Mode (12 mi.) 1490 nm (32 to 122°F) S30-1SLC/B- Single 20 km 1490 / 0 to +50°C -8 ~ -2 Mode (12 mi.) 1310 nm (32 to 122°F) Gigabit Ethernet 1000 Base BX NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 34 * Note: High Power Optic. There must be a minimum of 5 dB of optical loss to the fiber for proper operation. Note: We recommend the use of IFS SFPs on the industrial managed switch. If you insert an SFP transceiver that is not supported, the industrial managed switch will not recognize it.
  • Page 35 Never pull out the module without making use of the lever or the push bolts on the module. Removing the module with force could damage the module and the SFP/SFP+ module slot of the industrial managed switch. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 36: Switch Management

    The industrial managed switch provides the flexibility to access and manage it using any or all of the following methods: • Remote Telnet interface • Web browser interface • An external SNMP-based network management application NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 37 Remote Telnet The Wall-mount Managed Switch also supports telnet for remote management. The switch asks for user name and password for remote login when using telnet; use “admin” for both the user name and password. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 38: Web Management

    (NNM), or What’s Up Gold. This management method requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string. This management method uses two community strings: the get community string and the set community string. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 39 MIBs. However, if it only knows the get community string, it can only read MIBs. The default get and set community strings for the industrial managed switch are public. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 40: Web Configuration

    192.168.1.1 with subnet mask 255.255.255.0 via the console, then the administrator computer should be set at 192.168.1.x (where x is a number between 2 and 254) to do the relative configuration on a manager computer. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 41 Note: For security purposes, change and memorize the new password after this first setup. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 42: Main Web

    The administrator can set up the industrial managed switch by making selections from the main functions menu. Clicking on a main menu item opens sub menus. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 43: System

    This list contains the following items: System information The System Infomation page provides information on the current device such as the hardware MAC address, software version, and system uptime. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 44 This page includes the IP Configuration, IP Interface, and IP Routes. The configured column is used to view or change the IP configuration. The maximum number of interfaces supported is 128 and the maximum number of routes is 32. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 45 No DNS server – Explicitly provide the valid IPv4 Configured IPv4 unicast address of the DNS Server in dotted decimal notation. Make sure the configured DNS server is reachable (e.g., via PING) for activating DNS service. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 46 If DHCP is enabled, this field configures the fallback address network mask. The field may be left blank if IPv4 operation on the interface is not required, or if no DHCP fallback address is required. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 47 If the IPv6 gateway address is link-local, it must specify the next hop VLAN for the gateway. If the IPv6 gateway address is not link-local, the system ignores the next hop VLAN for the gateway. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 48 IP status IP status displays the status of the IP protocol layer. The status is defined by the IP interfaces, the IP routes, and the neighbour cache (ARP cache) status. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 49 (i.e., it is granted full control of the device). Other values need to refer to each group privilege level. User privileges should be the same or greater than the group privilege level to have access to that group. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 50 Generally, privilege level 15 can be used for an administrator account, privilege level 10 for a standard user account, and privilege level 5 for a guest account. Buttons • Click Save to save changes. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 51 This page provides an overview of the privilege levels. After setup is complete, click the Save button and log in to the web interface with the new user name and password. The following appears: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 52 Password, Configuration Save, Configuration Load and Firmware Load. Web- Users, Privilege Levels and everything in Maintenance. Debug: Only present in CLI. Privilege Level Every privilege level group has an authorization level for the following sub groups: Configuration read-only Configuration/execute read-write Status/statistics read-only NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 53 Configure NTP on this page. NTP is an acronym for Network Time Protocol, a network protocol for synchronizing the clocks of computer systems. NTP uses UDP (data grams) as a transport layer. You can specify NTP servers in this page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 54 For example, If customer want to use internal NTP server like W32Time service on the Windows 10 system without internet connection. It is recommend that user can modify the value of LocalClockDispersion as 0 (default is 10). NTP function of switch will work well. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 55 Daylight Saving Time duration to repeat the configuration every year. Select Non-Recurring and configure the Daylight Saving Time duration for single time configuration. (Default: Disabled). Start Time Settings Week - Select the starting week number. Day - Select the starting day. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 56 Enabled: Enable UPnP mode operation. Disabled: Disable UPnP mode operation. When the mode is enabled, two ACEs are added automatically to trap UPnP related packets to the CPU. The ACEs are automatically removed when the mode is disabled. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 57 The parameter of "port_no" is the fourth byte and it means the port number. The remote ID is six bytes in length, and the value equals the DHCP relay agent’s MAC address. Configure DHCP relay in the DHCP Relay Configuration page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 58 Drop: Drop the package when receiving a DHCP message that already contains relay information. Buttons • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 59 The number of packets in which the Circuit ID option does not match with the known circuit ID. Receive Bad Remote ID The number of packets in which the Remote ID option does not match with the known Remote ID. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 60 To display the SVG graph, the browser must support the SVG format. Consult the SVG Wiki for more information on browser support as a plugin may be required. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 61 Info: Information level of the system log. Warning: Warning level of the system log. Error: Error level of the system log. All: All levels. Time The time of the system log entry. Message The message of the system log entry. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 62 ID. • Click Refresh to update the system log entry to the current entry ID. • Click I<< to update the system log entries, starting from the first available entry ID. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 63 Info: Send information, warnings, and errors. Warning: Send warnings and errors. Error: Send errors. Buttons • Click Save to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 64 • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. Fault alarm The Fault Alarm Control Configuration page manages the fault alarm output. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 65 To open the Firmware Upload page: 1. Click System > Web Firmware Upgrade. The Firmware Upload page appears. 2. Click the Browse button on the main page. The file selection menu to choose firmware appears. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 66 There are three system files: • running-config: A virtual file that represents the currently active configuration on the switch. This file is volatile. • startup-config: The startup configuration for the switch, read at boot time. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 67 If the destination is running-config, the file will be applied to the switch configuration. This can be done in two ways: • Replace mode: The current configuration is fully replaced with the configuration in the uploaded file. • Merge mode: The uploaded file is merged into running-config. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 68 This page provides information about the active and alternate (backup) firmware images in the device, and permits you to revert to the alternate image. The web page displays two tables with information about the active and alternate firmware images. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 69 System reboot The Restart Device page permits the device to be rebooted from a remote location. After clicking the button to restart, log in to the web interface about 60 seconds later. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 70: Dhcp Server

    DHCP server Mode The DHCP Server Mode Configuration page permits setting changes for Global Mode and VLAN Mode. The page includes the following fields: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 71 The DHCP Server Excluded IP Configuration page permits exclusion of IP addresses for static IP address devices, such as servers or routers. The DHCP server will not allocate these excluded IP addresses to the DHCP client. The page includes the following fields: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 72 If you want to configure all settings including type, IP subnet mask, and lease time, click the pool name to go into the configuration page. The page includes the following fields: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 73 Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. Click a pool name to configure DHCP pool settings on the DHCP Pool Configuration page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 74 Chapter 4: Web configuration NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 75 DHCP option 51, 58 and 59. Specifies the lease time that allows the client to request a lease time for the IP address. If all are 0's, then it means the lease time is infinite. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 76 Specifies the identifier to be used by the DHCP client to optionally identify the vendor type and configuration of a DHCP client. The DHCP server delivers the corresponding option 43 specific information to the client that sends an option 60 vendor class identifier. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 77 Statistics The DHCP Server Statistics page displays the database counters and the number of DHCP messages sent and received by the DHCP server. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 78 Number of bindings that the administrator assigns an IP address to a client (host pool type). Expired Binding Number of bindings in which the lease time expired or they are cleared from Automatic/Manual type bindings. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 79: Udld

    • Click Clear to clear DHCP message received and sent counters. UDLD The UDLD Port Configuration page permits the user to inspect and change the current Unidirectional Link Detection (UDLD) configurations. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 80 Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. UDLD status The Detailed UDLD Status/Neighbor Status page displays the UDLD status of the ports. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 81 The current link status of the neighbor port. Device Name Name of the neighbor device. Buttons • Select the Auto-refresh check box to refresh the page automatically. Automatic refresh occurs every three seconds. • Click Refresh to refresh the page immediately. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 82: Simple Network Management Protocol (Snmp)

    Set – Allows the NMS to set values for object instances within an agent. • Trap – Used by the agent to asynchronously inform the NMS of some event. The SNMPv2 trap message is designed to replace the SNMPv1 trap message. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 83 Indicates the SNMPv3 engine ID. The string must contain an even number between 10 and 64 hexadecimal digits, but all-zeros and all- 'F's are not allowed. Change of the Engine ID will clear all original local users. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 84 Write Community Indicates the community write access string to permit access to the SNMP agent. The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 33 to 126. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 85 Indicates the SNMP trap security name. SNMPv3 traps and informs using USM for authentication and privacy. A unique security name is needed when traps and informs are enabled. Buttons • Click Apply to apply changes. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 86 If you want to apply link up or link down to one of ports, input the SNMP OID to the subset OID column. For example, if you want apply a link down trap to port1, input “10000001” in the linkDown entry. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 87 OID count must not exceed 128. Buttons • Click Add New Entry to add a new community entry. • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 88 Reset to undo any changes made locally and revert to previously saved values. SNMPv3 users Configure SNMPv3 users on the SNMPv3 User Configuration page. The entry index keys are Engine ID and User Name. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 89 8 to 40. The allowed content is the ASCII characters from 33 to 126. Privacy Protocol Indicates the privacy protocol that this entry should belong to. Selections include: None: None privacy protocol. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 90 Reset to undo any changes made locally and revert to previously saved values. SNMPv3 groups Configure SNMPv3 groups on the SMNPv3 Group Configuration page. The entry index keys are Security Model and Security Name. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 91 1 to 32, and the allowed content is the ASCII characters from 33 to 126. View Type Indicates the view type that this entry should belong to. Selections include: included: An optional flag to indicate that this view subtree should be included. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 92 User-based Security Model (USM) Security Level Indicates the security model that this entry should belong to. Selections include: NoAuth, NoPriv: None authentication and none privacy. Auth, NoPriv: Authentication and none privacy. Auth, Priv: Authentication and privacy. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 93: Port Management

    Port Statistics Detail Lists Ethernet and RMON port statistics SFP Module Information Displays SFP information Port Mirror Sets the source and target ports for mirroring Port configuration Ports can be configured on the Port Configuration page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 94 If setting each port to run at 100M full-, 100M half-, 10M full-, and 10M half-speed modes, the auto-MDIX function will be disabled. Buttons • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 95 The displayed counters are the totals for receive and transmit, the size counters for receive and transmit, and the error counters for receive and transmit. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 96 The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes. Receive and transmit queue counters The number of received and transmitted packets per input and output queue. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 97 You can also use the port number hyperlinks to check the statistics on a specific interface. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 98 • Click Refresh to refresh the page immediately. • Select the Auto-refresh check box to enable an automatic refresh of the page at regular intervals. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 99 The traffic to be copied to the mirror port is selected as follows: • All frames received on a given port (also known as ingress or source mirroring). • All frames transmitted on a given port (also known as egress or destination mirroring). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 100: Link Aggregation

    Port Aggregation optimizes port usage by linking a group of ports together to form a single Link Aggregated Group (LAG). Port aggregation multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 101 LACP operation requires full-duplex mode (refer to the IEEE 802.3ad standard for further details). Port link aggregations can be used to increase the bandwidth of a network connection or to ensure fault recovery. Link aggregation permits grouping up to four consecutive NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 102 (they are only limited by the quantity of ports on the device). To configure a proper traffic distribution, the ports within a link aggregation must use the same link speed. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 103 The TCP/UDP port number can be used to calculate the destination port for the frame. Select the check box to enable the use of the TCP/UDP Port Number, or uncheck it to disable. By default, the TCP/UDP Port Number is enabled. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 104 LAG. This page allows the user to inspect and change the current LACP port configurations. The LACP port settings relate to the current device, as reflected by the page header. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 105 Lower number means greater priority. Buttons • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 106 LACP port status The LACP Status page provides a LACP status overview of all ports. This page displays the current LACP aggregation groups and LACP port status. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 107 • Select the Auto-refresh check box to automatically refresh the page every three seconds. LACP port statistics The LACP Statistics page provides an overview of LACP statistics for all ports. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 108: Vlan

    VLANs. 2. The industrial managed switch supports IEEE 802.1Q VLAN. The port untagging function can be used to remove the 802.1 tag from packet headers to maintain compatibility with devices that are tag-unaware. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 109 Up to 255 VLANs based on the IEEE 802.1Q standard. • Port overlapping, allowing a port to participate in multiple VLANs. • End stations can belong to multiple VLANs. • Passing traffic between VLAN-aware and VLAN-unaware devices. • Priority tagging NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 110 VID is 12 bits long, 4094 unique VLAN can be identified. The tag is inserted into the packet header making the entire packet longer by four octets. All of the information originally contained in the packet is retained. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 111 A switch port can have only one PVID, but can have as many VIDs as the switch has memory in its VLAN table to store them. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 112 VLANs configured on the switch. Packets are forwarded only between ports that are designated for the same VLAN. Untagged VLANs can be used to manually isolate user groups or subnets. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 113 Untagged: Ports with untagging enabled strip the 802.1Q tag from all packets that flow into those ports. If the packet doesn't have an 802.1Q VLAN tag, the port will not alter the packet. Thus, all packets received by and forwarded by an untagging port have no NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 114 VLAN tags so that the VLANs in the MAN space can be used independent of the customers’ VLANs. This is accomplished by adding a VLAN tag with a MAN-related VID for frames entering the MAN. When leaving NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 115 In cases where a given service VLAN only has two member ports on the switch, the learning can be disabled for the particular VLAN and can therefore rely on flooding as the forwarding mechanism between the two ports. This way, the MAC table requirements are reduced. VLAN port configuration NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 116 The port must be a member of the same VLAN as the Port VLAN ID. Buttons • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 117 VLAN without any port members on any stack unit will be deleted when you click Save. The button can be used to undo the addition of new VLANs. Buttons • Click Add New VLAN to add a new VLAN. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 118 A VLAN User is a module that uses services of the VLAN management functionality to configure VLAN memberships and VLAN port configuration such as PVID and UVID. Currently we support following VLAN s: CLI/Web/SNMP: This is referred as static. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 119 VLAN ID). • Click >> to update the table, starting with the entry after the last entry currently displayed. VLAN port status The VLAN Port Status for Static User page provides VLAN port status. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 120 By default, all ports are VLAN unaware and are members of VLAN 1 and private VLAN 1. A VLAN unaware port can only be a member of one VLAN, but it can be a member of multiple private VLANs. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 121 Servers in a farm of web servers in a Demilitarized Zone (DMZ) are allowed to communicate with the outside world and with database servers on the inside segment, but are not allowed to communicate with each other. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 122 The Port Isolation Configuration page is used for enabling or disabling port isolation on ports in a private VLAN. A port member of a VLAN can be isolated to other isolated ports on the same VLAN and private VLAN. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 123 VLANs. VLAN Group 2 and VLAN Group 3 are separated VLANs. Each VLAN isolates network traffic, so only members of the VLAN receive traffic from the same VLAN members. The table below describes the port configuration of the industrial managed switches. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 124 1. While [PC-3], a tagged packet with VLAN Tag=2 enters Port-3, [PC-1] and [PC-2] will receive the packet through Port-1 and Port-2. 2. While the packet leaves Port-1 and Port-2, it will be stripped away, becoming an untagged packet. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 125 4. Assign PVID to each port: Port-1, Port-2, and Port-3 : PVID=2 Port-4, Port-5, and Port-6 : PVID=3 Port-7~Port-24: PVID=1 5. Enable VLAN Tag for specific ports Link Type: Port-3 (VLAN-2) and Port-6 (VLAN-3) NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 126 In most cases, they are used for “Uplink” to other switches. VLANs are separated at different switches, but they need access to other switches within the same VLAN group. Setup steps 1. Create a VLAN group. Set VLAN Group 1 = Default-VLAN with VID (VLAN ID) =1 NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 127 However, each computer requires access to the same server/AP/Printer. This section explains how to configure the port for the server so that it can be accessed by each isolated port. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 128 VLAN 2: Port-3~Port-6. The Private VLAN Membership Configuration page appears. MAC-based VLAN The MAC-based VLAN entries can be configured on the MAC-based VLAN Membership Configuration page. This page allows for adding and deleting MAC-based NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 129 • Select the Auto-refresh check box to refresh the page automatically. Automatic refresh occurs every three seconds. • Click Refresh to refresh the page immediately. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 130 The IP subnet-based VLAN entries can be configured on the IP Subnet-based VLAN Membership Configuration page. This page allows for adding, updating, and deleting IP subnet-based VLAN entries and assigning the entries to different ports. This page shows only static entries. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 131 • Click Reset to undo any changes made locally and revert to previously saved values. • Select the Auto-refresh check box to refresh the page automatically. Automatic refresh occurs every three seconds. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 132 In other words, if value of OUI field is 00-00-00 then value of PID will be etype (0x0600-0xffff) and if value of OUI is other than 00-00-00 then the valid value of PID will be any value from 0x0000 to 0xffff. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 133 • Click Refresh to refresh the page immediately. Protocol-based VLAN membership The Group Name to VLAN Mapping Table page permits mapping an already configured Group Name to a VLAN. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 134: Spanning Tree Protocol (Stp)

    The spanning tree algorithms supported by this switch include these versions: STP – Spanning Tree Protocol (IEEE 802.1D) • RSTP – Rapid Spanning Tree Protocol (IEEE 802.1w) • MSTP – Multiple Spanning Tree Protocol (IEEE 802.1s) • NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 135 BPDU. BPDUs are not directly forwarded by the switch, but the receiving switch uses the information in the frame to calculate a BPDU and, if the topology changes, initiates a BPDU transmission. The communication between switches via BPDUs results in the following: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 136 A port transitions from one state to another as follows: • From initialization (switch boot) to blocking. • From blocking to listening or to disabled. • From listening to learning or to disabled. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 137 On the switch level, STP calculates the bridge identifier for each switch and then sets the root bridge and the designated bridges. On the port level, STP sets the root port and the designated ports. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 138 The user changeable parameters in the switch are as follows: • Priority – A priority for the switch can be set from 0 to 65535. 0 is equal to the highest priority. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 139 Illustration of STP A simple illustration of three switches connected in a loop is depicted in the following diagram. In this example, you can anticipate some major network problems if the STP assistance is not applied. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 140 C is deliberately chosen as a 100 Mbps Fast Ethernet link (default port cost = 200,000). Gigabit ports could be used, but the port cost should be increased from the default to ensure that the link between switch B and switch C is the blocked link. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 141 MSTI instance number, concatenated with the 6-byte MAC address of the switch forms a Bridge Identifier. For MSTP operation, this is the priority of the CIST. Otherwise, this is the priority of the STP/RSTP bridge. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 142 RSTP (802.1w) to be compatible and work with another STP (802.1D)’s BPDU control packet. Buttons • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 143 The time since the last topology change occurred. Buttons • Select the Auto-refresh check box to refresh the page automatically. Automatic refresh occurs every three seconds. • Click Refresh to refresh the page immediately. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 144 Chapter 4: Web configuration CIST port configuration This STP CIST Port Configuration page permits the user to inspect and change the current STP CIST port configurations. The page includes the following fields: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 145 BPDU's. Contrary to the similar bridge setting, the port Edge status does not effect this setting. A port entering error-disabled state due to this setting is subject to the bridge port error recovery setting as well. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 146 Port Type Link Type Ethernet Half Duplex 2,000,000 Full Duplex 1,999,999 Trunk 1,000,000 Fast Ethernet Half Duplex 200,000 Full Duplex 100,000 Trunk 50,000 Gigabit Ethernet Full Duplex 10,000 Trunk 5,000 Default STP path costs NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 147 6-byte MAC address of the switch, forms a bridge identifier. Buttons • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 148 Chapter 4: Web configuration MSTI configuration The MSTI Configuration page permits the user to inspect and change the current STP MSTI bridge instance priority configurations. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 149 The MSTI instance must be selected before displaying actual MSTI port configuration options. This page contains MSTI port settings for physical and aggregated ports. The aggregation settings are stack global. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 150 Priority Controls the port priority. This can be used to control priority of ports having identical port cost. means all ports wil have one specific setting. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 151 Disabled Blocking Learning Forwarding Non-STP Uptime The time since the bridge port was last initialized. Buttons • Select the Auto-refresh check box to refresh the page automatically. Automatic refresh occurs every three seconds. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 152: Multicast

    Click Clear to clear the counters for all ports. Multicast IGMP snooping The Internet Group Management Protocol (IGMP) allows hosts and routers share information about multicast groups memberships. IGMP snooping is a switch feature NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 153 If there are no members on a sub network, packets will not be forwarded to that sub network. Multicast service NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 154 Chapter 4: Web configuration Multicast flooding IGMP snooping multicast stream control NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 155 LAN, an explicit leave message, and query messages that are specific to a given group. The states a computer will go through to join or to leave a multicast group are as follows: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 156 Multicast routers use this information, along with a multicast routing protocol such as DVMRP or PIM, to support IP multicasting across the Internet. IGMP snooping configuration The IGMP Snooping Configuration page provides IGMP snooping-related configuration information. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 157 Enable IGMP leave proxy. This feature can be used to avoid forwarding unnecessary leave messages to the router side. Proxy Enable Enable IGMP proxy. This feature can be used to avoid forwarding unnecessary join and leave messages to the router side. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 158 When initially accessing the page, it shows the first 20 entries from the beginning of the VLAN table. The first entry shown will be the one with the lowest VLAN ID found in the VLAN table. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 159 Unsolicited Report Interval. The Unsolicited Report Interval is the time between repetitions of a host's initial report of membership in a group. The allowed range is 31744 seconds, default unsolicited report interval is 1 second. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 160 “deny” or “replace.” If the action is set to deny, any new IGMP join reports will be dropped. If the action is set to replace, the switch randomly removes an existing group and replaces it with the new multicast group. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 161 Group Filtering table. • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. IGMP snooping status The IGMP Snooping Status page provides IGMP snooping status. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 162 When initially accessing the page, it shows the first 20 entries from the beginning of the IGMP Group table. The Start from VLAN group Address fields permit the user to select the starting point in the IGMP group table. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 163 When initially accessing the page, it shows the first 20 entries from the beginning of the IGMP Group table. The Start from VLAN group Address fields permit the user to select the starting point in the IGMP information table. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 164 IGMP group table. • Click >> to update the table, starting with the entry after the last entry currently shown. MLD snooping configuration The MLD Snooping Configuration page provides MLD snooping-related configuration. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 165 When initially accessing the page, it shows the first 20 entries from the beginning of the VLAN table. The first entry shown will be the one with the lowest VLAN ID found in the VLAN table. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 166 Start from VLAN entries per page input fields. • Click I<< to update the table starting from the first entry in the VLAN table (i.e., the entry with the lowest VLAN ID). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 167 “deny” or “replace.” If the action is set to deny, any new MLD join reports will be dropped. If the action is set to replace, the switch randomly removes an existing group and replaces it with the new multicast group. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 168 Group Filtering table. • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. MLD snooping status The MLD Snooping Status page provides MLD snooping status. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 169 When initially accessing the page, it shows the first 20 entries from the beginning of the MLD Group table. The Start from VLAN group Address fields permit the user to select the starting point in the MLD group table. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 170 When initially accessing the page, it shows the first 20 entries from the beginning of the IGMP Group table. The Start from VLAN Group fields permit the user to select the starting point in the MLD information table. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 171 Uplink ports that send and receive multicast data to and from the multicast VLAN are called MVR source ports. A maximum of eight MVR VLANs with corresponding channel settings can be created for each multicast VLAN. A maximum of 256 group addresses are available for channel settings. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 172 Chapter 4: Web configuration The MVR Configurations page provides MVR-related configuration information. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 173 Chapter 4: Web configuration The page includes the following fields: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 174 Setting corresponding multicast channel settings for the specific MVR VLAN. Summary about the Interface Channel Setting (of the MVR VLAN) will be shown besides the Edit symbol. Port The logical port for the settings. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 175 Save. • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. MVR status The MVR Statistics page provides MVR status. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 176 When initially accessing the page, it shows the first 20 entries from the beginning of the MVR Group table. The Start from VLAN Group Address fields permit the user to select the starting point in the MVR group table. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 177 When initially accessing the page, it shows the first 20 entries from the beginning of the MVR SFM information table. The Start from VLAN Group Address fields permit the user to select the starting point in the MVR SFM information table. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 178: Quality Of Service (Qos)

    Use QoS on the system to control a wide variety of network traffic functions by: • Classifying traffic based on packet attributes. • Assigning priorities to traffic (for example, setting higher priorities for time-critical or business-critical applications). • Applying security policy through traffic filtering. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 179 3. Create a QoS profile that associates a service level and a classifier. 4. Apply a QoS profile to a port(s). Port policing The QoS Ingress Port Policers page permits configuration of the policer settings for all switch ports. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 180 Reset to undo any changes made locally and revert to previously saved values. Port shaping The QoS Egress Port Shapers page provides an overview of the QoS egress port shapers for all switch ports. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 181 Shows "disabled" or actual port shaper rate (e.g., "800 Mbps"). QoS egress port schedule and shapers The port scheduler and shapers for a specific port are configured on the QoS Egress Port Schedule and Shapers page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 182 Cancel to undo any changes made locally and return to the previous page. Port classification The QoS Ingress Port Classification page permits configuration of the basic QoS ingress classification settings for all switch ports. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 183 Shows the classification mode for tagged frames on this port. Disabled: Use default CoS and DPL for tagged frames. Enabled: Use mapped versions of PCP and DEI for tagged frames. Click on the mode to configure the mode and/or mapping. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 184 Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. QoS ingress port tag classification Configure the classification modes for tagged frames on this page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 185 For more details, refer to “Error! Reference source not found.” Error! Bookmark not defined.. Mode Shows the scheduling mode for this port. Q0 ~ Q5 Shows the weight for this queue and port. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 186 Mapped: Use mapped versions of QoS class and DP level. QoS egress port tag remarking The QoS Egress Port Tag Remarking page can also provide an overview of QoS egress port tag remarking for a specific port. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 187 • Click Cancel to return to the previous page. Port DSCP The QoS Port DSCP Configuration page permits configuration of the basic QoS port DSCP settings for all switch ports. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 188 DSCP-based QoS The QoS DSCP-Based QoS Ingress Classification page permits configuration of the basic QoS DSCP-based QoS ingress classification settings for all switches. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 189 QoS Class QoS Class values can be between 0-7. Drop Precedence Level (0-1) Buttons • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 190 There are two configuration parameters for DSCP Translation: Translate Classify Translate DSCP at the Ingress side can be translated to any of 0-63 DSCP values. Classify Click Classify to enable classification at the Ingress side. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 191 • Click Reset to undo any changes made locally and revert to previously saved values. DSCP classification The DSCP Classification page permits mapping a DSCP value to a QoS Class and DPL value. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 192 Displays the OUI field of Source MAC address (i.e., the first three octets (in bytes) of the MAC address). Tag Type Indicates tag type. Selections include: Any: Match tagged and untagged frames. Default value. Untagged: Match untagged frames. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 193 : Moves the QCE down the list. : Deletes the QCE. : The lowest plus sign adds a new entry at the bottom of the list of QCL. QoS control entry configuration The QCE Configuration page appears as follows: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 194 Chapter 4: Web configuration The page includes the following fields: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 195 CS7, EF or AF11-AF43. – Source TCP/UDP port:(0-65535) or Any, specific or port range Sport applicable for IP protocol UDP/TCP. – Destination TCP/UDP port:(0-65535) or Any, specific or port range Dport applicable for IP protocol UDP/TCP. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 196 Ethernet: Only Ethernet frames (with Ether Type 0x600-0xFFFF) are allowed. LLC: Only (LLC) frames are allowed. SNAP: Only (SNAP) frames are allowed. IPv4: The QCE will match only IPV4 frames. IPv6: The QCE will match only IPV6 frames. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 197 QCL entry is Yes. • Click Refresh to refresh the page. Queue policing Configure the queue policer settings for all switch ports in the QoS Ingress Queue Policers page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 198 These only affect flooded frames (i.e., frames with a (VLAN ID, DMAC) pair not present on the MAC Address table). The configuration indicates the permitted packet rate for unicast, multicast, or broadcast traffic across the switch. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 199 • Click Reset to undo any changes made locally and revert to previously saved values. QoS statistics The Queuing Counters page provides statistics for the different queues for all switch ports. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 200 We recommended that there be two VLANs on a port – one for voice and one for data. Before connecting the IP device to the switch, the IP phone should configure the voice VLAN ID correctly. It should be configured through its own GUI. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 201 All: All ports will have one specific setting. Voice VLAN OUI table Configure Voice VLAN OUI table on the Voice VLAN OUI Table page. The maximum entry number is 16. Modifying the OUI table restarts auto detection of the OUI process. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 202: Access Control Lists (Acl)

    ACL implementations can be quite complex (as when the ACEs are prioritized for various situations). In networking, the ACL refers to a list of service ports or network NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 203 Deny: Frames matching the ACE are dropped. Rate Limiter Indicates the rate limiter number of the ACE. The allowed range is 1 to 16. When Disabled is shown, the rate limiter operation is disabled. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 204 Indicates the ingress port of the ACE. Possible values are: All: The ACE matches all ingress port. Port: The ACE matches a specific ingress port. Policy / Bitmask Indicates the policy number and bitmask of the ACE. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 205 ACE, and then select the frame type. Different parameter options appear depending on the frame type selected. A frame that hits this ACE matches the configuration that is defined here. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 206 The permitted range is to 255. Policy Bitmask When Specific is selected for the policy filter, you can enter a specific policy bitmask. The permitted range is to 0xff. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 207 Disabled: Port shut down is disabled for the ACE. Note: The shutdown feature only works when the packet length is less than 1518 (without VLAN tags). Counter The counter indicates the number of times the ACE was hit by a frame. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 208 The allowed number range is 0 to 7. The value means that no tag priority is specified (tag priority is "don't-care”). ARP parameters Object Description ARP/RARP Specify the available ARP/RARP opcode (OP) flag for this ACE. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 209 0: ARP/RARP frames where the HLN is equal to Ethernet (0x06) and the (PLN) is equal to IPv4 (0x04). 1: ARP/RARP frames where the HLN is equal to Ethernet (0x06) and the (PLN) is equal to IPv4 (0x04). Any: Any value is allowed ("don't-care”). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 210 Yes: IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must be able to match this entry. Any: Any value is allowed ("don't-care”). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 211 When Specific is selected for the ICMP code filter, you can enter a specific ICMP code value. The allowed range is to 255. A frame that hits this ACE matches this ICMP code value. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 212 Chapter 4: Web configuration TCP/UDP parameters NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 213 0: TCP frames where the RST field is set must not be able to match this entry. 1: TCP frames where the RST field is set must be able to match this entry. Any: Any value is allowed ("don't-care”). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 214 ACL ports configuration Configure the ACL parameters (ACE) of each switch port on the ACL Ports Configuration page. These parameters will affect frames received on a port unless the frame matches a specific ACE. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 215 Specify the port shut down operation of this port. Selections include: Enabled: If a frame is received on the port, the port will be disabled. Disabled: Port shut down is disabled. The default value is Disabled. means all ports will have one specific setting. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 216 Any changes made locally are undone. • Click Clear to clear the counters. ACL rate limiter configuration Configure the rate limiter for the ACL of the industrial managed switch on the ACL Rate Limiter Configuration page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 217: Authentication

    When authentication is complete, the RADIUS server sends a special packet containing a success or failure indication. Besides forwarding this decision to the supplicant, the switch uses it to open up or block traffic on the switch port connected to the supplicant. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 218 Understanding IEEE 802.1X port-based authentication The IEEE 802.1X standard defines a client-server-based access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly accessible ports. The authentication server authenticates each client NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 219 The switch includes the RADIUS client, which is responsible for encapsulating and decapsulating the Extensible Authentication Protocol (EAP) frames and interacting with the authentication server. When the NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 220 The specific exchange of EAP frames depends on the authentication method being used. The diagram below shows a message exchange initiated by the client using the One-Time-Password (OTP) authentication method with a RADIUS server. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 221 When a client logs off, it sends an EAPOL-logoff message that causes the switch port to transition to the unauthorized state. If the link state of a port transitions from up to down, or if an EAPOL-logoff frame is received, the port returns to the unauthorized state. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 222 Network Access Server Configuration page. The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication. One or more central NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 223 The switch uses the MAC address to authenticate against the back end server. Intruders can create counterfeit MAC addresses, which makes MAC-based authentication less secure than 802.1X authentication. The NAS configuration consists of two sections, a system- and a port-wide. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 224 Chapter 4: Web configuration The page includes the following fields: System configuration NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 225 In MAC-based Auth. mode, the The switch will ignore new frames coming from the client during the hold time. The Hold Time can be set to a number between 10 and 1000000 seconds. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 226 (selected), the switch considers entering the Guest VLAN even if an EAPOL frame has been received on the port for the life-time of the port. The value can only be changed if the Guest VLAN option is globally enabled. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 227 Chapter 4: Web configuration Port configuration The table has one row for each port on the selected switch and a number of columns, which are: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 228 Chapter 4: Web configuration Object Description Port The port number for which the configuration below applies. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 229 If more than one supplicant is connected to a port, the one that comes first when the port's link comes up will be the first one considered. If that supplicant doesn't provide valid credentials within a certain amount of NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 230 MAC address is a valid RADIUS user can be used by anyone. Also, only the MD5-Challenge method is supported. The maximum number of clients that can be attached to a port can be limited using the port security limit control functionality. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 231 Value of Tunnel-Private-Group-ID must be a string of ASCII chars in the range '0' - '9', which is interpreted as a decimal string representing the VLAN ID. Leading '0's are discarded. The final value must be in the range [1; 4095]. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 232 Reinitialize: Forces a reinitialization of the clients on the port and thereby a reauthentication immediately. The clients transfer to the unauthorized state while the reauthentication is in progress. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 233 QoS Class assigned to the port by the RADIUS server if enabled. Port VLAN ID The VLAN ID that NAS has put the port in. The field is blank, if the Port VLAN ID is not overridden by NAS. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 234 ID is not overridden by NAS. If the VLAN ID is assigned by the RADIUS server, "(RADIUS-assigned)" is appended to the VLAN ID. If the port is moved to the Guest VLAN, "(Guest)" is appended to the VLAN NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 235 Chapter 4: Web configuration Port counters NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 236 The number of EAPOL frames of any type that have been transmitted by the switch. Request ID dot1xAuthEapolReqId The number of EAPOL FramesTx Request Identity frames that have been transmitted by the switch. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 237 Chapter 4: Web configuration Requests dot1xAuthEapolReqFr The number of valid amesTx EAPOL Request frames (other than Request Identity frames) that have been transmitted by the switch. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 238 Auth. dot1xAuthBack 802.1X- and MAC-based: endAuthFails Failures Counts the number of times that the switch receives a failure message. This indicates that the supplicant/client has not authenticated to the back end server. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 239 The protocol version number carried in the most recently received EAPOL frame. MAC-based: Not applicable. Identity 802.1X-based: The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame. MAC-based: Not applicable. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 240 Refresh to refresh the page immediately. • Click Clear to clear the counters for the selected port. This button is available in the following modes: • Force Authorized • Force Unauthorized • Port-based 802.1X NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 241 This button is available in the following modes: • Multi 802.1X • MAC-based Auth.X Authentication server configuration Configure the authentication servers on the Authentication Server Configuration page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 242 The TACACS+ authentication server number for which the configuration below applies. Enabled Enable the TACACS+ authentication server by selecting this check box. The IP address or hostname of the TACACS+ authentication server. IP Address/Hostname address is expressed in dotted decimal notation. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 243 RADIUS overview The RADIUS Authentication/Accounting Server Overview page provides an overview of the status of the RADIUS servers configurable on the authentication configuration page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 244 This state is only reachable when more than one server is enabled. Buttons • Click Refresh to refresh the page immediately. • Click Auto-refresh to refresh the page automatically. Automatic refresh occurs every three seconds. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 245 RADIUS authentication statistics The statistics map closely to those specified in RFC4668 - RADIUS Authentication Client MIB. Use the server select box to switch between the back end servers to show details for each. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 246 Access radiusAuthClientEx The number of RADIUS Requests tAccessRequests Access-Request packets sent to the server. This does not include retransmissions. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 247 Chapter 4: Web configuration Access radiusAuthClientEx The number of RADIUS Retransmissi tAccessRetransmis Access-Request packets sions retransmitted to the RADIUS authentication server. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 248 This variable is incremented when an Access-Request is sent and decremented due to receipt of an Access-Accept, Access- Reject, Access-Challenge, timeout, or retransmission. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 249 A retry to the same server is counted as a retransmit as well as a timeout. A send to a different server is counted as a Request as well as a timeout. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 250 RADIUS accounting statistics The statistics map closely to those specified in RFC4670 - RADIUS Accounting Client MIB. Use the server check box to switch between the back end servers to show details for each. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 251 This variable is incremented when a Request is sent and decremented due to receipt of a response, timeout, or retransmission. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 252 Buttons • Select the Auto-refresh check box to refresh the page automatically. Automatic refresh occurs every three seconds. • Click Refresh to refresh the page immediately. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 253 802.1x system configuration (12345678 in this case). 1. Configure the IP Address of remote RADIUS server and secret key. 2. Click New RADIUS Client on the Windows 2003 server. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 254 6. Create user data. The establishment of the user data needs to be created on the Radius Server PC. For example, select Active Directory Users and Computers and create legal user data (Windows Server 2003). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 255 Chapter 4: Web configuration 7. Right-click a user that you created and then type in properties and configure settings. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 256 Configuration sample: EAP-MD5 authentication 1. Go to Start > Control Panel, and then double-click on Network Connections. 2. Right-click on the Local Network Connection. 3. Click Properties to open up the Properties setting window. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 257 EAP type. 7. Click OK. 8. When the client has associated with the industrial managed switch, a user authentication notice appears in the system tray. Click on the notice to continue. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 258: Security

    This section describes how to control access to the managed switch, including user access and management control. The Security page contains links to the following main topics: • Port Limit Control • Access Management • HTTPs / SSH • DHCP Snooping NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 259 The limit control module utilizes a lower-layer port security module that manages MAC addresses learned on the port. The limit control configuration consists of two sections, a system- and a port-wide. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 260 NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 261 Chapter 4: Web configuration Port configuration The table has one row for each port on the selected switch and a number of columns, NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 262 For other methods, refer Shutdown in the Action section. Note: Clicking the reopen button causes the page to be refreshed, resulting in the loss of non-committed changes. Buttons • Click Apply to apply changes. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 263 Buttons • Click Add New Entry to add a new access management entry. • Click Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 264 • Click Auto-refresh to to refresh the page automatically. Automatic refresh occurs every three seconds. • Click Clear to clear all statistics. HTTPs Configure HTTPS on the HTTPS Configuration page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 265 MAC address to forward. If only one chooses to block it, it will be blocked until that user module decides otherwise. The status page is divided into two sections – one with a legend of user modules and one with the actual port status. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 266 If only one chooses to block it, it will be blocked until that user module decides otherwise. The status page is divided into two sections – one with a legend of user modules and one with the actual port status. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 267 A one-letter abbreviation of the user module. This is used in the Users column in the port status table. Port status The table has one row for each port on the selected switch in the switch and a number of columns, which are: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 268 MAC address to be set in the forwarding state, all enabled user modules must unanimously agree on allowing the MAC address to forward. If only one chooses to block it, it will be blocked until that user module decides otherwise. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 269 DHCP snooping is used to block intruders on the untrusted ports of DUT when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 270 Chapter 4: Web configuration Configure DHCP Snooping on the DHCP Snooping Configuration page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 271 IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic based on the DHCP Snooping Table or manually configured IP Source Bindings. It helps prevent IP spoofing attacks when a host tries to NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 272 Apply to apply changes. • Click Reset to undo any changes made locally and revert to previously saved values. IP source guard static table The Static IP Source Guard Table page appears as below: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 273 Each page shows up to 99 entries from the Dynamic IP source guard table, selected through the "entries per page" input field (default is 20). When first visited, the web page will show the first 20 entries from the beginning of the table. The first entry NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 274 Layer 2 networks by "poisoning" the ARP caches. This feature is used to block such attacks. Only valid ARP requests and responses can go through DUT. The ARP Inspection Configuration page provides ARP Inspection related configuration. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 275 None: Log nothing. Deny: Log denied entries. Permit: Log permitted entries. ALL: Log all entries. Buttons • Click Translate Dynamic to Static to translate all dynamic entries to static entries. • Click Apply to apply changes. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 276 Entries in the Dynamic ARP Inspection Table are shown on this page. The Dynamic ARP Inspection Table contains up to 1024 entries, and is sorted first by port, then by VLAN ID, then by MAC address, and then by IP address. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 277: Mac Address Table

    MAC addresses to switch ports for knowing which ports the frames should go to (based upon the DMAC address in the frame). This table contains both static and dynamic entries. The static entries are NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 278 MAC table configuration The MAC Address Table is configured on the MAC Address Table Configuration page. Set timeouts for entries in the dynamic MAC Table and configure the static MAC table here. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 279 Add New Static Entry to add a new entry to the static MAC table. Specify the VLAN ID, MAC address, and port members for the new entry. Click Save. Buttons • Click Apply to apply changes. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 280 VLAN/MAC address pairs as a basis for the next lookup. When the end is reached the text "no more entries" is shown in the displayed table. Use the I<< button to start over. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 281: Lldp

    SNMP applications to simplify troubleshooting, enhance network management, and maintain an accurate network topology. LLDP configuration The LLDP Configuration page allows the user to inspect and configure the current LLDP port settings. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 282 LLDP information is no longer valid. Tx Reinit controls the amount of seconds between the shutdown frame and a new LLDP initialization. Valid values are restricted to 1 - 10 seconds. LLDP port configuration NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 283 LLDP information. Disabled The switch will not send out LLDP information, and will drop LLDP information received from neighbors. Enabled The switch will send out LLDP information, and will analyze LLDP information received from neighbors. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 284 Buttons • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 285 The recommended value is four times, given that four LLDP frames with a one second interval will be transmitted when an LLDP frame with new information is received. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 286 IETF Geopriv Civic Address based Location Configuration Information (Civic Address LCI). Object Description Country code The two-letter ISO 3166 country code in capital ASCII letters - Example: DK, DE or US. State National subdivisions (state, canton, region, province, prefecture). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 287 Improper network policy configurations are a very significant issue in VoIP environments that frequently result in voice quality degradation or loss of service. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 288 Voice application policy. Guest Voice – Support a separate 'limited feature–set' voice service for guest users and visitors with their own IP Telephony handsets and other similar appliances supporting interactive voice services. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 289 The number of policies supported is 32 Port policies configuration Every port may advertise a unique set of network policies or different attributes for the same network policies based on the authenticated user identity or port configuration. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 290 TIA-1057 and can relay IEEE 802 frames via any method. LLDP-MED Endpoint Device Definition Within the LLDP-MED Endpoint Device category, the LLDP-MED scheme is broken into further Endpoint Device Classes, as defined in the following. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 291 6. Inventory 7. Reserved Application Type Application Type indicating the primary function of the application(s) defined for this network policy, advertised by an Endpoint or Network Connectivity Device. The possible application types are as follows: NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 292 Auto-negotiation status identifies if auto-negotiation is currently enabled at status the link partner. If Auto-negotiation is supported and Auto-negotiation status is disabled, the 802.3 PMD operating mode will be determined by the operational MAU type field value rather than by auto-negotiation. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 293 (-). Management The neighbor unit's address that is used for higher layer entities to assist the Address discovery by the network management. This could, for instance, hold the neighbor's IP address. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 294 Entries Deleted Total Neighbors Shows the number of LLDP frames dropped due to the entry table being full. Entries Dropped Total Neighbors Shows the number of entries deleted due to Time-To-Live expiring. Entries Aged Out NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 295: Network Diagnostics

    Use the Diagnostics menu items to display and configure basic administrative details of the industrial managed switch. Under System, the following topics are provided to configure and view the system information: • Ping • IPv6 Ping NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 296 After clicking Start, five ICMPv6 packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply. The page refreshes automatically until responses to all packets are received, or until a timeout occurs. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 297 IP connectivity issues on a special port. After clicking Test, five ICMP packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply. The page refreshes automatically until responses to all packets are received, or until a timeout occurs. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 298 The VeriPHY Cable Diagnostics page is used for running cable diagnostics. Click Start to run the diagnostics. This will take approximately 15 seconds for a 1000Base-T Laptop/PC. Note: Cable diagnostics is only accurate for cables of 7-140 meters in length. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 299 Cable Status Port: Port number. Pair: The status of the cable pair. Length: The length (in meters) of the cable pair. The resolution is 3 meters Buttons • Click Start to run the diagnostics. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 300: Loop Protection

    This section describes the enable loop protection function that provides loop protection to prevent broadcast loops in the industrial managed switch. Loop protection configuration The Loop Protection Configuration page allows the user to inspect and change the current loop protection configurations. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 301 • Click Reset to undo any changes made locally and revert to previously saved values. Loop protection status The Loop Protection Status page shows the loop protection port status of the switch. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 302: Rmon

    (sending Trap or record in logs). RMON alarm configuration Configure RMON alarm table on the RMON Alarm Configuration page. The entry index key is ID. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 303 OutDiscards: The number of outbound packets that are discarded when the packets are normal. OutErrors: The number of outbound packets that could not be transmitted because of errors. OutQLen: The length of the output packet queue (in packets). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 304 When initially accessing the page, it shows the first 20 entries from the beginning of the Alarm table. The first entry shown will be the one with the lowest ID found in the Alarm table. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 305 RMON event configuration Configure the RMON Event table on the RMON Event Configuration page. The entry index key is ID. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 306 When initially accessing the page, it shows the first 20 entries from the beginning of the Event table. The first entry shown will be the one with the lowest ID found in the Event table NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 307 Indicates the maximum data entries associated with this history control entry stored in RMON. The range is from 1 to 3600, default value is 50. Buckets Granted The number of data to be saved in the RMON. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 308 The total number of packets received that were less than 64 octets. Oversize The total number of packets received that were longer than 1518 octets. Frag. The number of frames with a size less than 64 octets received with invalid CRC. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 309 2005. Buttons • Click Add New Entry to add a new community entry. • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 310 The total number of packets (including bad packets) received that were 64 octets in length. 65~127 The total number of packets (including bad packets) received that were between 65 to 127 octets in length. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 311: Ring

    When the failure of a network connection occurs, the nodes block the failed link and report the signal failure message. The RPL owner switch will automatically unblock the PRL to recover from the failure. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 312 Chapter 4: Web configuration MEP configuration Maintenance entity point instances are configured in the Maintenance Entity Point page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 313 MEP entry. • Click Refresh to refresh the page immediately. • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 314 IEEE String: This is defined by IEEE. 'Domain Name' can be a maximum of eight characters. 'MEG id' can be a maximum of eight characters. ICC/Domain Name This is either ITU ICC (MEG ID value[1-6]) or IEEE Maintenance Domain Name, depending on 'Format'. See Format. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 315 Fault cause indicating that a CCM is received from this peer MEP with a priority different from what is configured for this MEP. Buttons • Click Add New Peer MEP to add a new peer MEP. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 316 Fault Management to go to the Fault Management page. • Click Performance Monitoring to go to the Performance Monitor page. • Click Refresh to refresh the page immediately. • Click Save to save changes. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 317 There is an active alarm on the ERPS. Buttons • Click Add New Protection Group to add a new protection group entry. • Click Refresh to refresh the page immediately. • Click Save to save changes. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 318 Click Help when on the ERPS web page. Port 1 APS MEP Click Help when on the ERPS web page. Ring Type Type of protected ring. It can be either major ring or sub-ring. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 319 Administrative command. A port can be administratively configured to be in either manual switch or forced switch state. Port selection – Port 0 or Port 1 of the protection group on which the Port command is applied. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 320 • Click Refresh to refresh the page immediately. • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 321 Port Configures the port number for the MEP. VLAN Set the ERPS VLAN. Buttons • Click Next to configure ERPS. • Click to save changes. • Click Save Topology to show the ring topology. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 322 2. On switch 1, 2, and 3, disable STP to avoid a conflict with ERPS. Setup steps Set ERPS configuration on switch 1 1. Connect a PC directly to switch 1. Do not connect to port 1 or 2. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 323 2. Log in to switch 3 and select Ring > Ring Wizard. 3. Set “All Switch Number” = 3 and “Number ID” = 3. Click Next to set the ERPS configuration for switch 3. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 324: Power Over Ethernet (Poe)

    Point (AP) group for the enterprise. For example, 8/16 cameras/APs can be installed for company surveillance demands, or to build a wireless roaming environment in the office. Without power-socket limitation, the industrial managed switch makes the installation of cameras or WLAN APs simple and efficient. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 325 PoE splitters split the PoE 52 VDC over the Ethernet cable into a 5/12 VDC power output. It frees the device deployment from restrictions due to power outlet locations, which eliminate the 3~12 Watts costs for additional AC wiring and reduces the installation time. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 326 In this mode, each port automatically determines how much power to reserve according to the class the connected PD belongs to, and reserves the power accordingly. Four different port classes exist: 4, 7, 15.4, and 30.8 W. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 327 PoE ports according to port priority settings. PoE configuration Inspect and configure the current PoE configuration settings on the Power over Ethernet Configuration page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 328 Note: For NS3562-8P-2S-V2, the total PoE power reservation from Port-1~8 is up to 240 W. PD classifications A PD may be classified by the PSE based on the classification information provided by the PD.
  • Page 329 Schedule: Enables the PoE function in schedule mode Schedule Indicates the schedule profile mode. Possible profiles are: Profile1 Profile2 Profile3 Profile4 AF/AT Mode Permits the user to select 802.3at or 802.3af compatibility mode. The default vaule is 802.3at mode. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 330 After a power overload has been detected, the port automatically shuts down and remains in detection mode until the PD’s power consumption is lower than the power limit value. NS3562-8P-2S-V2 = 30.8 watts for per port PoE output. Buttons • Click Save to save changes.
  • Page 331 Watt power. The PoE schedule function can enable or disable PoE power feeding for each PoE port during specified time intervals, and is a powerful function to help SMB or Enterprises save power and reduce cost. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 332 PoE schedule function. Click Apply after creating a schedule for the selected profile. Then, go to the PoE Port Configuration page and select Schedule from the PoE Mode drop-down list, and the NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 333 LLDP PoE neighbors The LLDP Neighbor PoE Information page provides a status overview for all LLDP PoE neighbors. The displayed table contains a row for each port on which an LLDP PoE neighbor is detected. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 334 After the PD stops working and does not respond, the industrial managed switch restarts PoE port power so that the PD is once again recognized and working. Configure PD alive check on the PD Ping Alive Check page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 335 If you cannot determine the precise booting time, we suggest set it to a longer time. Buttons • Click Save to save changes. • Click Reset to undo any changes made locally and revert to previously saved values. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 336: Port Identification

    Chapter 4: Web configuration Port identification Configure each port response time for TruVision Navigator in the port identification Configuration page. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 337: Switch Operation

    Store-and-forward Store-and-Forward is a packet-forwarding technique. A Store-and-Forward switch stores the incoming frame in an internal buffer and completes error checking before NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 338: Auto-Negotiation

    Both the 10BASE-T and 100BASE-TX devices can connect with the port in either half- or full- duplex mode. 1000BASE-T can be only connected in full-duplex mode. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 339: Poe Overview

    CAT-5 cabling. Powered Source Equipment (PSE) A PSE is a device such as a switch that provides (sources) power on the Ethernet cable. The maximum allowed continuous output power per cable in IEEE 802.3af is NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 340 DC power to the center tap of the isolation transformer without interrupting the data transfer. In this mode of operation, the pair on pins 3 and 6 and the pair on pins 1 and 2 can be of either polarity. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 341: Troubleshooting

    2. If the cord is inserted correctly, replace the power cord. 3. Check that the AC power source is working by connecting a different device in place of the switch. If that device does not work, check the AC power NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 342: Appendix A Networking Connection

    Dependent Interface Cross) detection. This makes it possible to directly connect the industrial managed switch to any Ethernet device without making a crossover cable. The following table and diagram show the standard RJ45 receptacle/ connector and their pin assignments. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 343 7 = White / Brown SIDE 2 8 = Brown 8 = Brown Ensure that connected cables are with the same pin assignment and color as the above diagram before deploying the cables into the network. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

  • Page 344: Glossary

    ACL can generally be configured to control inbound traffic, and in this context, they are similar to firewalls. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 345 ARP allows a host to communicate with other hosts when only the Internet address of its neighbors is known. Before using IP, the host sends a broadcast ARP request containing the Internet address of the desired destination system. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 346 IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 347 Differentiated Services Code Point. It is a field in the header of IP packets for packet classification purposes. Energy Efficient Ethernet as defined in IEEE 802.3az. Ethernet Protection Switching as defined in ITU/T G.8031. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 348 Transmission Control Protocol (TCP) connection to a particular port on a remote host (port 80 by default). An HTTP server listening on that port waits for the client to send a request message. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 349 To remove your messages from the server, use the mail client to generate local folders, copy messages to the local hard drive, and then delete and expunge the messages from the server. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 350 (TIA-1057). LOC is an acronym for Loss Of Connectivity and is detected by a MEP and indicates lost connectivity in the network. Can be used as a switch criteria by EPS. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 351 NAS, and the NAS connects to another resource asking whether the client's supplied credentials are valid. Based on the answer, the NAS then allows or disallows access to the protected resource. An example of a NAS implementation is IEEE 802.1X. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 352 Powered Device. In a PoE> system the power is delivered from a PSE ( power sourcing equipment ) to a remote device. The remote device is called a PD. Physical Interface Transceiver. It is the device that implements the Ethernet physical layer (IEEE-802.3). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 353 There are six QCE frame types: Ethernet Type, VLAN, UDP/TCP Port, DSCP, TOS, and Tag Priority. Frames can be classified by one of four different QoS classes: "Low", "Normal," "Medium," and "High" for individual application. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 354 STP: the Rapid Spanning Tree Protocol, which provides for faster spanning tree convergence after a topology change. Standard IEEE 802.1D-2004 now incorporates RSTP and obsoletes STP, while at the same time being backwards- compatible with STP. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 355 SPROUT also calculates parameters for setting up each switch to perform the shortest path forwarding within the stack. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 356 IP manages and for reassembling the packets back into the complete message at the other end. Common network applications that use TCP include the World Wide Web (WWW), email, and File Transfer Protocol (FTP). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 357 Common network applications that use UDP include the Domain Name System (DNS), streaming media applications such as IPTV, Voice over IP (VoIP), and Trivial File Transfer Protocol (TFTP). NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 358 (Wikipedia). Wi-Fi Wireless Fidelity. It is meant to be used generically when referring of any type of 802.11 network, whether 802.11b, 802.11a, dual-band, etc. The term is promulgated by the Wi-Fi Alliance. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...
  • Page 359 Wait To Restore. This is the time a fail on a resource has to be 'not active' before restoration back to this (previously failing) resource. NS3562-8P-2S-V2 Industrial Managed Switch User Manual...

Table of Contents