Download Print this page

NETGEAR GS324T User Manual

NETGEAR GS324T User Manual

24-port (poe+) and 48-port gigabit ethernet smart switches with 2 or 4 sfp ports

Hide thumbs Also See for GS324T:

User manual (365 pages)

,

Installation manual (2 pages)

Table Of Contents

page of 365

/ 365
Contents
Table of Contents
Bookmarks

Table of Contents

Advertisement

Quick Links

Download this manual

User Manual

S350 Series 24-Port (PoE+) and 48-Port

Gigabit Ethernet Smart Switches

with 2 or 4 SFP Ports

M o d el s

G S 3 2 4T

G S 3 2 4T P

G S 3 4 8T

September 2021

202-11910-04

NETGEAR, Inc.

350 East Plumeria Drive

San Jose, CA 95134, USA

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the GS324T and is the answer not in the manual?

Questions and answers

Summary of Contents for NETGEAR GS324T

Page 1 2 or 4 SFP Ports M o d el s G S 3 2 4T G S 3 2 4T P G S 3 4 8T NETGEAR, Inc. September 2021 350 East Plumeria Drive 202-11910-04 San Jose, CA 95134, USA...
Page 2 WARNING: Before connecting this switch to outdoor cables or devices, see https://kb.netgear.com/000057103 for safety and warranty information. Trademarks © NETGEAR, Inc., NETGEAR, and the NETGEAR Logo are trademarks of NETGEAR, Inc. Any non-NETGEAR trademarks are used for reference purposes only. Revision History...
Page 3: Table Of Contents
Discover the Switch in a Network Without a DHCP Server...13 Use the NETGEAR Switch Discovery Tool to Access the Switch..15 Configure a Static IP Address From a Directly Connected Computer .16 About the User Interfaces .
Page 4 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Use the Device View ..........72 Configure PoE .
Page 5 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure Protocol-Based VLAN Group Membership ... . 134 Configure a Voice VLAN .........135 Configure Auto-VoIP.
Page 6 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure CoS Queue Settings for an Interface ....188 Map 802.1p Priorities to Queues ......189 Map DSCP Values to Queues .
Page 7 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Chapter 6 Monitor the System Monitor the Switch and the Ports ....... . 294 View Switch Statistics .
Page 8 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches MSTP Example Configuration ....... . . 351 Appendix B Specifications and Default Settings Switch Default Settings .
Page 9: Chapter 1 Get Started
Get Started This user manual describes how you can configure and operate the NETGEAR S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches with 2 or 4 SFP Ports by using the local browser–based management interface. The manual describes the software configuration procedures and explains the options that are available within those procedures for the following models: •...
Page 10: Available Publications
Note: Firmware updates with new features and bug fixes are made available from time to time at netgear.com/support/download/. Some products can regularly check the site and download new firmware, or you can check for and download new firmware manually. If the features or behavior of your product does not match what is described in this guide, you might need to update your firmware.
Page 11: Switch Management And Discovery Overview
Server on page 13. • NETGEAR Switch Discovery Tool. If you use a Mac computer, you can use the NETGEAR Switch Discovery Tool to discover the switch in your network and access the local browser interface of the switch. For more information about the Switch Discovery Tool, Use the NETGEAR Switch Discovery Tool to Access the Switch on page 15.
Page 12: Discover Or Change The Switch Ip Address
Control Center (SCC) to discover the IP address automatically assigned to the switch. Note: For more information about the SCC program, see the SCC user manual, which you can download by visiting netgear.com/support/download/. To install the switch in a network with a DHCP server: 1.
Page 13: Discover The Switch In A Network Without A Dhcp Server
If you prefer, you can assign the switch a static IP address even if your network does include a DHCP server. Note: For more information about the SCC program, see the SCC user manual, which you can download by visiting netgear.com/support/download/. Get Started User Manual...
Page 14 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches To assign a static IP address: 1. Connect the switch to your existing network. 2. Power on the switch by connecting its power cord. 3. Install the Smart Control Center on your computer. 4.
Page 15: Use The Netgear Switch Discovery Tool To Access The Switch
DHCP server that assigns IP addresses, power on the switch, and then use a computer that is connected to the same network as the switch. The NETGEAR Switch Discovery Tool lets you discover the switch in your network and access the local browser interface of the switch from a Mac or a 64-bit Windows-based computer.
Page 16: Configure A Static Ip Address From A Directly Connected Computer
IP settings of your computer to be in the same subnet as the static IP address. For more information about changing the IP settings on your computer, see one of the following knowledge base articles at the NETGEAR website: • Windows-based computer. See the following article: https://kb.netgear.com/27476/How-to-set-a-static-IP-address-in-Windows...
Page 17: About The User Interfaces
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If you did not disable the DHCP client and assigned a static IP address to the switch, enter 192.168.0.239. The login window opens. 6. Enter the switch’s password in the Password field. The default password is password.
Page 18: Supported Web Browsers
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Supported Web Browsers The following browsers were tested and support the local browser interface. Later browser versions might function fine but were not tested. The supported web browsers include the following: •...
Page 19 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 4. If the browser does not display the login window, do the following: • If your browser displays a security warning, dismiss the warning by doing one of the following Google Chrome.
Page 20: Navigation Tabs, Configuration Menus, And Page Menu
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Navigation tabs Logout button Configuration menus Language menu Help page Buttons Page menu Configuration status and options Navigation Tabs, Configuration Menus, and Page Menu The navigation tabs along the top of the local browser interface give you quick access to the various switch functions.
Page 21: Configuration And Status Options
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configuration and Status Options The area directly under the configuration menus and to the right of the links displays the configuration information or status for the page you select. On pages that contain configuration options, you might be able to enter information into fields, select options from menus, select check boxes, and select radio buttons.
Page 22: Change The Language Of The Local Browser Interface
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Change the Language of the Local Browser Interface By default, the language is set to Auto. You can set the language to a specific one. To change the language of the local browser interface: 1.
Page 23 • Black or gray. No link is present. For models GS324T and GS324TP, the associated port LED is at the upper left of the panel. For model GS348T, the associated port LED is above the port. For model GS324TP, depending on the PoE status of the port, the associated PoE LED at the lower left of the panel is either green, yellow, or black: •...
Page 24: Power Led In The Device View
The Fan LED serves as an indicator of the fan and diagnostic status: • Off. The fan is operating normally. • Solid yellow. A problem occurred with the fan. Note: Model GS324T does not include a fan. Get Started User Manual...
Page 25: Poe Max Led In The Device View (Model Gs324Tp)
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches PoE Max LED in the Device View (Model GS324TP) The PoE Max LED indicates the following status: • Off. Sufficient (more than 7W of) PoE power is available. • Solid yellow. Less than 7W of PoE power is available. •...
Page 26 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Many of the pages that allow you to configure or view interface settings include links to display all ports, all LAGs, or all ports and LAGs on the page. Use these links as follows: •...
Page 27 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The row for the selected interface is highlighted, and the interface number appears in the heading row. 3. Configure the desired settings. 4. Click the Apply button. Your settings are saved. To configure a single LAG: 1.
Page 28: Context-Sensitive Help And Access To The Support Website
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 4. Click the Apply button. Your settings are saved. To configure all LAGs: 1. Click the LAG link to display only the LAG interfaces. 2. Select the check box in the heading row. The check box associated with every LAG is selected, and the rows for all LAGs are highlighted.
Page 29: Access The User Manual Online
6. To access the NETGEAR support site for the switch, click the Apply button. Access the User Manual Online The user manual (the guide you are now reading) is available at the NETGEAR download center at netgear.com/support/download/. To access the user manual online from the local browser interface: 1.
Page 30: Register Your Product
To qualify for product updates and product warranty, we encourage you to register your product. The first time you log in to the switch, you can register with NETGEAR. Registration confirms that your email alerts work, lowers technical support resolution time, and ensures that your shipping address accuracy.
Page 31: Chapter 2 Configure System Information
Configure System Information This chapter contains the following sections: View and Configure the Switch Management Settings • Use the Device View • Configure PoE • Configure SNMP • Configure LLDP • Configure DHCP Snooping • Set Up PoE Timer Schedules •...
Page 32: View And Configure The Switch Management Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View and Configure the Switch Management Settings This section describes how to display the switch status and specify some basic switch information, such as the local browser interface IP address, system clock settings, and DNS information.
Page 33 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 5. Define the following fields: • System Name. Enter the name to identify this switch. You can use up to 255 alphanumeric characters. The default is blank. • System Location. Enter the location of this switch. You can use up to 255 alphanumeric characters.
Page 34 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View the Temperature Sensor Information Note: The temperature sensor information is available for models GS324TP and GS348T. You can view the current temperature of the temperature sensors. The maximum temperature of the temperature sensors depends on the hardware. To view temperature information: 1.
Page 35 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View the Fan Status Note: The fan status information is available for models GS324TP and GS348T. Model GS324Tdoes not include a fan. You can view the status of the fans in all units. These fans remove the heat generated by the power, CPU, and other components, and allow the switch to function normally.
Page 36 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View the Power Supplies You can view the status of the power supplies. To view the power supplies status: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 37: View The System Cpu Status
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 38 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The default password is password. The System Information page displays. 5. Select System > Management > System CPU Status > System CPU Status. The CPU Utilization section shows the memory information, task-related information, and percentage of CPU utilization per task.
Page 39 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12. The login window opens. 4. Enter the switch’s password in the Password field. The default password is password.
Page 40: Configure The Ip Network And Vlan Settings For The Local Browser Interface
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure the IP Network and VLAN Settings for the Local Browser Interface You can configure network information for the local browser interface, which is the logical interface used for in-band connectivity with the switch through any of the switch’s front-panel ports.
Page 41: Change The Management Vlan
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 8. To change the management VLAN, specify the VLAN ID for the new management VLAN. The management VLAN is used to establish an IP connection to the switch from a computer that is connected to a port in the same VLAN.
Page 42: Configure The Time Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure the Time Settings The switch supports the Simple Network Time Protocol (SNTP). As its name suggests, it is a less complicated version of Network Time Protocol, which is a system for synchronizing the clocks of networked computer systems, primarily when data transfer is handled through the Internet.
Page 43 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure the Time Settings With SNTP and Configure the Global SNTP Settings To configure the time by using SNTP and configure the global SNTP settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 44 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. Next to Client Mode, select the mode of operation of the SNTP client: • Unicast. SNTP operates in a point-to-point way. A unicast client sends a request to a designated server at its unicast address and expects a reply from which it can determine the time and, optionally, the round-trip delay and local clock offset relative to the server.
Page 45 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches For more information see the description for Time Zone Name in Step 14. The allowed range is –12 to 13. The default value is 0. 16. In the Offset Minutes field, specify the number of minutes that the time zone is different from UTC.
Page 46 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. Click the Refresh button to refresh the page with the latest information about the switch. The following table displays the nonconfigurable SNTP Global Status information. Table 10. SNTP Global Status information Field Description Version...
Page 47 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 10. SNTP Global Status information (continued) Field Description Server Stratum The claimed stratum of the server for the last received valid packet. Reference Clock ID The reference clock identifier of the server for the last received valid packet. Server mode The mode of the server for the last received valid packet.
Page 48 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches method is selected, SNTP information is accepted only from SNTP servers defined on the device using the SNTP Server Configuration page. The device retrieves synchronization information, either by actively requesting information or at every poll interval.
Page 49 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches address is a DNS host name, then that host name is resolved into an IP address each time an SNTP request is sent to it. 8. If the UDP port on the SNTP server to which SNTP requests are sent is not the standard port (123), specify the port number in the Port field.
Page 50 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 11. SNTP Server Status information (continued) Field Description Last Attempt Status The status of the last SNTP request or unsolicited message for both unicast and broadcast modes. If no message was received from a server, a status of Other is displayed.
Page 51 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 8. Click the Apply button. Your settings are saved. Remove an SNTP Server To remove an SNTP server: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 52 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select System > Management > Time > DayLight Saving Configuration. 6.
Page 53 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 12. Daylight saving setting is Recurring, Recurring EU, or Recurring USA Field Description Ends At These fields are used to configure the end values of date and time. • Week.
Page 54 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches To view the daylight saving time status: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 55: Configure Denial Of Service Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 14. Daylight Saving (DST) Status information (continued) Field Description Ends At The end date of daylight saving time. This field is not displayed when daylight saving time is disabled. Offset (in Minutes) The offset value in minutes.This field is not displayed when daylight saving time is disabled.
Page 56 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. Click the Apply button. Your settings are saved. Configure Denial of Service You can select which types of DoS attacks the switch monitors and blocks. To configure individual DoS settings: 1.
Page 57 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select the types of DoS attacks for the switch to monitor and block and configure any associated values: • Denial of Service Min TCP Header Size. Specify the minimum TCP header size allowed.
Page 58: Configure Dns Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • Denial of Service TCP SYN. Enabling TCP SYN DoS prevention causes the switch to drop packets with TCP flags set. • Denial of Service TCP SYN&FIN. Enabling TCP SYN & FIN DoS prevention causes the switch to drop packets with TCP flags SYN and FIN set.
Page 59 When the system is performing a lookup on an unqualified host name, this field is provides the domain name (for example, if default domain name is netgear.com and the user enters test, then test is changed to test.netgear.com to resolve the name). The name must not be longer than 255 characters.
Page 60 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Remove a DNS Server You can remove a DNS server that you no longer need. To remove a DNS server: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 61 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select System > Management > DNS > Host Configuration. The DNS Host Configuration page displays. 6.
Page 62 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Change the Host Name or IP Address in an Entry of the Dynamic Host Mapping Table, View All Entries, or Clear All Entries To change the host name or IP address in an entry of the Dynamic Host Mapping table, view all entries, or clear all entries 1.
Page 63: Configure Green Ethernet Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure Green Ethernet Settings You can configure the green Ethernet features to reduce power consumption. To configure the Green Ethernet settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 64 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure Green Ethernet Interface Settings You can configure Green Ethernet settings for individual interfaces. To configure the Green Ethernet interface settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 65 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 8. From the EEE mode menu, select Enable or Disable. By default, this mode is disabled for the port. Energy Efficient Ethernet (EEE) combines the MAC with a family of physical layers that support operation in a low power mode. It is defined by the IEEE 802.3az standard.
Page 66 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. From the Interface menu, select the interface. 7. From the Energy Detect Admin Mode menu, select Enable or Disable. By default, this mode is disabled for the port. When you enable this mode, and is the port link goes down, the underlying physical layer goes down for a short period and then checks for port link pulses again so that auto-negotiation remains possible.
Page 67 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 11. Click the Apply button. Your settings are saved. 12. To refresh the page with the latest information about the switch, click the Refresh button. 13. To clear the device information, resetting all statistics for the selected interface to default values, click the Clear button.
Page 68 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View Green Ethernet Information for Remote Devices To view green Ethernet information for remote device: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 69 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View the Green Ethernet Statistics Summary This page summarizes the green Ethernet settings currently in use. To view the green Ethernet statistics: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 70 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The following table describes the nonconfigurable fields. Table 19. Green Ethernet Statistics Summary information Field Description Green Ethernet Statistics Summary Current Power Consumption (mW) The estimated power consumption by all ports of the switch in mWatts. Percentage Power Saving (%) The estimated percentage of power saved on all ports of the switch if the green modes are enabled.
Page 71 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 72: Use The Device View
PoE settings for each port. Note: For more information about PoE, see the hardware installation guide, which you can download by visiting netgear.com/support/download/. Configure the Global PoE Settings To configure the PoE settings: 1. Connect your computer to the same network as the switch.
Page 73 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The System Information page displays. 5. Select System > PoE > Basic > PoE Configuration. The previous figure shows the PoE Configuration page for model GS324TP. 6. In the System Usage Threshold field, enter a number from 1 to 99 to set the threshold level at which a trap is sent if the consumed power exceeds the threshold power.
Page 74: Configure The Poe Port Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure the PoE Port Settings To configure the PoE port settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 75 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • High. High priority. • Critical. Critical priority. The port priority determines which ports can still deliver power after the total power delivered by the switch exceeds the total power budget. (In such a situation, the switch might not be able to deliver power to all connected devices.) If the same priority applies to two ports, the lower-numbered port receives higher priority.
Page 76 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 13. From the Timer Schedule menu, select a timer schedule or select None, which is the default selection. For information about setting up and configuring PoE timer schedules, see Set Up PoE Timer Schedules on page 106.
Page 77: Configure Snmp
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 22. PoE Port Configuration (continued) Field Description Fault Status The error description when the PoE port is in a fault state: • No Error. The port is not in any error state and can provide power. •...
Page 78 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The login window opens. 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select System > SNMP > SNMP V1/V2 > Community Configuration. 6.
Page 79 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 80: Configure Snmpv1/V2 Trap Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure SNMPv1/v2 Trap Settings You can configure settings for each SNMPv1 or SNMPv2 management host that must receive notifications about traps generated by the device. The SNMP management host is also known as the SNMP trap receiver.
Page 81 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Modify Information About an Existing SNMP Recipient To modify information about an existing SNMP recipient: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 82: Configure Snmpv1/V2 Trap Flags
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The Trap Configuration page displays. 6. Select the check box next to the recipient to remove. 7. Click the Delete button. The trap recipient is removed. Configure SNMPv1/v2 Trap Flags You can enable or disable traps that the switch can send to an SNMP manager.
Page 83: View The Supported Mibs
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. Click the Apply button. Your settings are saved. View the Supported MIBs You can view a list of all MIBs that are supported on the switch. To view the supported MIBs: 1.
Page 84: Configure Snmp V3 Users
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure SNMP V3 Users Any user can connect to the switch using the SNMPv3 protocol, but for authentication and encryption, the switch supports only one user (admin). Therefore, you can create or modify only one profile.
Page 85: Configure Lldp
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure LLDP The IEEE 802.1AB-defined standard, Link Layer Discovery Protocol (LLDP), allows stations on an 802 LAN to advertise major capabilities and physical descriptions. A network manager can view this information to identify system topology and detect bad configurations on the LAN.
Page 86 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 87: Configure Lldp Port Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure LLDP Port Settings You can specify per-interface LLDP settings. To configure the LLDP interface: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 88: View The Lldp-Med Network Policy
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. Use the following menus to configure the LLDP settings for the selected ports: • Admin Status. Select the status for transmitting and receiving LLDP packets: Tx Only. Enable only transmitting LLDP PDUs on the selected ports. Rx Only.
Page 89 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The login window opens. 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select System > LLDP > Advanced > LLDP-MED Network Policy. The LLDP-MED Network Policy page displays.
Page 90: Configure Lldp-Med Port Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure LLDP-MED Port Settings You can enable LLDP-MED mode on an interface and configure its properties. To configure LLDP-MED settings for a port: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 91: View The Lldp-Med Neighbors Information
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View the LLDP-MED Neighbors Information You can display the LLDP-MED neighbor or remote device information for an interface. To view LLDP-MED Neighbor Information: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 92 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Field Description This section of the page specifies if network policy TLV is received in the LLDP frames on this port. Media Application Type Specifies the application type: unknown, voicesignaling, guestvoice, guestvoicesignalling, softphonevoice, videoconferencing, streamingvideo, or videosignaling.
Page 93: View The Local Information Advertised Through Lldp
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Field Description Power Source Specifies the remote port’s PSE power source. Power Priority Specifies the remote port’s PSE power priority. Power Value Specifies the remote port’s PSE power value in tenths of watts. Extended PoE PD This section of the page specifies if extended PD TLV is received in LLDP frame on this port.
Page 94 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The page includes only the interfaces on which LLDP is enabled. 6. To refresh the page with the latest information about the switch, click the Refresh button. The following table describes the LLDP device information and port summary information. Field Description Device Information...
Page 95 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The following table describes the detailed local information that displays for the selected port. Field Description Managed Address Address SubType The type of address the management interface uses, such as an IPv4 address.
Page 96: View Lldp Neighbors Information
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View LLDP Neighbors Information You can view the data that a specified interface received from other LLDP-enabled systems. To view LLDP information received from a neighbor device: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 97 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. To view additional information about the remote device, click the link in the MSAP Entry column. A pop-up window displays information for the selected port. The following table describes the information transmitted by the neighbor. Field Description Port Details...
Page 98 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Field Description MED Details Capabilities Supported The supported capabilities that were received in MED TLV from the device. Current Capabilities The advertised capabilities that were received in MED TLV from the device. Device Class The LLDP-MED endpoint device class.
Page 99: Configure Dhcp Snooping
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Field Description Network Policies Application Type The media application type associated with the policy advertised by the remote device. VLAN ID The VLAN ID associated with the policy. VLAN Type Specifies whether the VLAN associated with the policy is tagged or untagged.
Page 100: Enable Dhcp For All Interfaces In A Vlan
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12. The login window opens. 4. Enter the switch’s password in the Password field. The default password is password.
Page 101: Configure Dhcp Snooping Interface Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The login window opens. 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select System> Services > DHCP Snooping > Global Configuration. The DHCP Snooping Global Configuration page displays.
Page 102 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select whether to display physical interfaces, LAGs, or both by clicking one of the following links above the table heading: • 1 (the unit ID of the switch). Only physical interfaces are displayed. This is the default setting.
Page 103: Configure Static Dhcp Bindings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure Static DHCP Bindings You can view, add, and remove static bindings in the DHCP snooping bindings database and to view or clear the dynamic bindings in the bindings table. To view, add, and remove static DHCP bindings: 1.
Page 104: Configure Dhcp Snooping Persistent Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The Dynamic Binding Configuration table shows information about the DHCP bindings that were learned on each interface on which DHCP snooping is enabled. The following table describes the dynamic bindings information. Table 25.
Page 105: View Or Clear Dhcp Snooping Statistics
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If the database is stored on a remote server, specify the following information: Remote IP Address. Specify the IP address of the TFTP server. Remote File Name. Specify the file name of the DHCP snooping bindings database in which the bindings are stored.
Page 106: Set Up Poe Timer Schedules
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 8. To clear all DHCP snooping statistics, click the Clear button. The following table describes the DHCP snooping statistics. Table 26. DHCP Snooping Statistics information Field Description Interface The interface associated with the rest of the data in the row. MAC Verify Failures The number of DHCP messages that were dropped because the source MAC address and client hardware address did not match.
Page 107: Specify The Settings For An Absolute Poe Timer Schedule
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12. The login window opens. 4. Enter the switch’s password in the Password field. The default password is password.
Page 108: Specify The Settings For A Recurring Poe Timer Schedule
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches You can select only names of schedules that you created (see Create a PoE Timer Schedule on page 106). b. Timer Schedule Type. Select Absolute. The fields in the Timer Schedule Configuration section might adjust to let you configure a timer schedule for specific dates and times.
Page 109 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The default password is password. The System Information page displays. 5. Select System> Timer Schedule > Advanced > Timer Schedule Configuration. The Timer Schedule Configuration page displays. 6. In the Timer Schedule Selection section, make your selections from the following menus: a.
Page 110: Change The Settings For A Recurring Poe Timer Schedule Entry
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Select a single Week Day check box, multiple check boxes, or all check boxes to specify the day or days of the week that the schedule must operate. • Monthly. The timer schedule works with monthly recurrence. The fields adjust. In the Day field, enter a number from 1 to 31 to specify the day of the month when the schedule must be triggered.
Page 111: Delete A Poe Timer Schedule Entry
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 10. Click the Apply button. Your settings are saved. Delete a PoE Timer Schedule Entry You can delete a PoE timer schedule entry that you no longer need. To delete a PoE timer schedule entry: 1.
Page 112 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 113: Chapter 3 Configure Switching
Configure Switching This chapter contains the following sections: Configure the Port Settings and Maximum Frame Size • Configure Link Aggregation Groups • Configure VLANs • Configure Auto-VoIP • Configure Spanning Tree Protocol • Configure Multicast • View, Search, and Manage the MAC Address Table •...
Page 114: Configure The Port Settings And Maximum Frame Size
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure the Port Settings and Maximum Frame Size You can view, configure, and monitor the physical port information for the ports (that is, the physical interfaces) on the switch. To configure the port settings and maximum frame size: 1.
Page 115 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • To configure all interfaces with the same settings, select the check box in the heading row. 8. In the Description field, enter the description string to be attached to a port. The string can be up to 64 characters in length.
Page 116 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 14. In the Frame Size (1500 to 9198) field, specify the maximum Ethernet frame size that each interface can support. The frame size includes the Ethernet header, CRC, and payload. The range is 1500 to 9198.
Page 117: Configure Link Aggregation Groups
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 27. Port Configuration information (continued) Field Description PortList Bit Offset The bit offset value that corresponds to the port when the MIB object type PortList is used to manage in SNMP. ifIndex The ifIndex of the interface table entry associated with the port.
Page 118 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The System Information page displays. 5. Select Switching> LAG > Basic > LAG Configuration. 6. In the LAG Name field, enter a name for the LAG. You can enter any string of up to 15 alphanumeric characters. 7.
Page 119: Configure Lag Membership
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • Enable. Spanning tree is enabled for this LAG. Enable is the default. 11. From the Link Trap menu, select Enable or Disable to specify whether to send a trap when the link status changes.
Page 120: Set The Lacp System Priority
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The previous figure shows the LAG Membership page for models GS324T and GS324TP. 6. From the LAG ID menu, select the LAG ID. 7. In the LAG Name field, enter the name to be assigned to the LAG.
Page 121: Set The Lacp Port Priority Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. In the LACP System Priority field, specify the switch’s link aggregation priority relative to the devices at the other ends of the links on which link aggregation is enabled. A higher value indicates a lower priority.
Page 122: Configure Vlans
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select one or more interfaces by taking one of the following actions: • To configure a single interface, select the check box associated with the interface, or type the interface number in the Go To Interface field and click the Go button. •...
Page 123: Configure Vlan Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches You can define VLAN groups stored in the VLAN membership table. The switch supports up to 256 VLANs. The following VLANs are preconfigured on the switch and you cannot delete them: •...
Page 124 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The VLAN name can be up to 32 alphanumeric characters long, including blanks. You cannot change the names of the default VLANs (that is, the VLANs with ID 1 and 4089). 8.
Page 125: Configure Vlan Membership
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Reset the VLAN Configuration on the Switch to the Default Settings If you reset the VLAN configuration on the switch to the default settings, all VLANs that you added are deleted. (The predefined VLANS are not deleted). The VLAN default values are as follows: •...
Page 126 The System Information page displays. 5. Select Switching > VLAN > Advanced > VLAN Membership. The previous figure shows the LAG Membership page for models GS324T and GS324TP. 6. In the VLAN ID menu, select the VLAN ID. You can select a VLAN that is predefined or that you added (see Add a VLAN on page 123).
Page 127: View The Vlan Status
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • U (Untagged). Selects the port as an untagged port in the VLAN. All frames transmitted on the port are untagged for this VLAN. • Blank. The port is excluded from the VLAN. By default, the selection is blank and none of the ports are a member of the VLAN.
Page 128 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12. The login window opens. 4. Enter the switch’s password in the Password field. The default password is password.
Page 129: Configure Port Pvid Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure Port PVID Settings You can assign a port VLAN ID (PVID) to an interface. The following requirements apply to a PVID: • By default, the PVID for each port is 1. •...
Page 130 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The previous figure does snot show all columns on the page. 6. Select whether to display physical interfaces, LAGs, or both by clicking one of the following links above the table heading: •...
Page 131: Configure A Mac-Based Vlan
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches the tag. In an untagged frame, the VLAN is the port VLAN ID specified for the port that received this frame. • Disable. All frames are forwarded in accordance with the 802.1Q VLAN bridge specification.
Page 132 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Add a MAC-Based VLAN To add a MAC-based VLAN: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 133: Configure Protocol-Based Vlan Groups
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select Switching> VLAN > Advanced > MAC Based VLAN. The MAC Based VLAN Configuration page displays. 6.
Page 134: Configure Protocol-Based Vlan Group Membership
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The default password is password. The System Information page displays. 5. Select Switching> VLAN > Advanced > Protocol Based VLAN Group Configuration. 6. In the Group ID field, enter a number to identify the group. The number must be in the range from 1 to 128.
Page 135: Configure A Voice Vlan
5. Select Switching> VLAN > Advanced > Protocol Based VLAN Group Membership. The previous figure shows the Protocol Based VLAN Group Membership page for models GS324T and GS324TP. 6. From the Group ID menu, select the protocol-based VLAN group ID.
Page 136 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 137: Configure Auto-Voip
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 9. In the Value field, enter the VLAN ID or dot1p value. This field is enabled only if you select VLAN ID or Dot1p from the Interface Mode menu. 10. In the CoS Override Mode field, select Disable or Enable. The default is Disable.
Page 138 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches To configure protocol-based port settings for VoIP: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 139: Configure Auto-Voip Oui-Based Properties
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 10. Select one or more interfaces by taking one of the following actions: • To configure a single interface, select the check box associated with the port, or type the port number in the Go To Interface field and click the Go button. •...
Page 140: Configure The Oui-Based Port Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 8. Click the Apply button. Your settings are saved. Configure the OUI-Based Port Settings You can configure the OUI port settings. To configure OUI-based port settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 141: Manage The Oui Table
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • To configure multiple interfaces with the same settings, select the check box associated with each interface. • To configure all interfaces with the same settings, select the check box in the heading row.
Page 142 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12. The login window opens. 4. Enter the switch’s password in the Password field. The default password is password.
Page 143: Display The Auto-Voip Status
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Display the Auto-VoIP Status You can display the Auto-VoIP status. To view the Auto-VoIP status: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 144: Configure The Stp Settings And View The Stp Status
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The switch support the following spanning tree versions: CST. Common STP. For information on configuring CST, see Configure and View the • CST Settings on page 146 and Configure and View the CST Port Settings on page 148. •...
Page 145 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The default password is password. The System Information page displays. 5. Select Switching > STP > Basic > STP Configuration. 6. Configure the following global settings for the switch: a. Spanning Tree State. Enable or disable the spanning tree operation on the switch. By default, spanning tree operation is disabled.
Page 146: Configure And View The Cst Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 33. STP Configuration status (continued) Field Description Bridge Identifier The bridge identifier for the CST. It is made up using the bridge priority and the base MAC address of the bridge. Time Since Topology Change The time in day-hour-minute-second format since the topology of the CST last changed.
Page 147 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The System Information page displays. 5. Select Switching > STP > Advanced > CST Configuration. 6. Specify the CST options: • Bridge Priority. When switches or bridges are running STP, each is assigned a priority.
Page 148: Configure And View The Cst Port Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The following table describes the MSTP Status information that is displayed. Table 34. STP advanced CST configuration, MSTP status Field Description MST ID The MST instances (including the CST) and the corresponding VLAN IDs associated with each of them.
Page 149 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select whether to display physical interfaces, LAGs, or both by clicking one of the following links above the table heading: • 1 (the unit ID of the switch). Only physical interfaces are displayed. This is the default setting.
Page 150: View The Cst Port Status
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 16. To refresh the page with the latest information about the switch, click the Refresh button. The following table describes the nonconfigurable information displayed on the page. Table 35. CST port configuration Field Description Port State...
Page 151 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select whether to display physical interfaces, LAGs, or both by clicking one of the following links above the table heading: • 1 (the unit ID of the switch). Only physical interfaces are displayed. This is the default setting.
Page 152: View Rapid Stp Information
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View Rapid STP Information You can view information about the Rapid Spanning Tree (RSTP) port status. To view information about RSTP: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 153: Manage Mst Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Manage MST Settings You can configure a multiple spanning tree (MST) on the switch. Configure an MST Instance To configure an MST instance: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 154 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches For each configured instance, the information described in the following table displays on the page. Table 38. MST configuration Field Description Bridge Identifier The bridge identifier for the selected MST instance. It is made up using the bridge priority and the base MAC address of the bridge.
Page 155: Configure And View The Port Settings For An Mst Instance
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 8. Click the Apply button. Your settings are saved. Delete an MST Instance To delete an MST instance: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 156 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12. The login window opens. 4. Enter the switch’s password in the Password field. The default password is password.
Page 157 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches the priority is set to the priority is automatically set to the next lowest priority that is a multiple of 16. For example, if you set a value between 0 and 15, the priority is set to 0.
Page 158: View The Stp Statistics
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 39. MST port status information (continued) Field Description Designated Cost The cost of the port participating in the STP topology. Ports with a lower cost are less likely to be blocked if STP detects loops. Designated Bridge The bridge identifier of the bridge with the designated port.
Page 159: Configure Multicast
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • All. Both physical interfaces and LAGs are displayed. 7. To refresh the page with the latest information about the switch, click the Refresh button. The following table describes the information available about the STP Statistics page. Table 40.
Page 160: View The Mfdb Statistics
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The System Information page displays. 5. Select Switching > Multicast > MFDB > MFDB Table. 6. In the Search by MAC Address field, enter a MAC address. Enter six two-digit hexadecimal numbers separated by colons, for example 00:01:23:43:45:67.
Page 161: Configure The Auto-Video Multicast Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12. The login window opens. 4. Enter the switch’s password in the Password field. The default password is password.
Page 162: About Igmp Snooping
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The Auto-Video Configuration page displays. 6. Select one of the following radio buttons: • Select the Disable radio button to globally disable Auto-Video administrative mode for the switch. • Select the Enable radio button to globally enable Auto-Video administrative mode for the switch.
Page 163: Configure Igmp Snooping
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure IGMP Snooping You can configure the settings for IGMP snooping, which is used to build forwarding lists for multicast traffic. To configure IGMP snooping: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 164: Configure Igmp Snooping For Interfaces
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The following table displays information about the global IGMP snooping status and statistics on the page. Table 43. IGMP Snooping Configuration information Field Description Multicast Control Frame Count The number of multicast control frames that are processed by the CPU. Interfaces Enabled for IGMP The interfaces that are enabled for IGMP snooping.
Page 165 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select whether to display physical interfaces, LAGs, or both by clicking one of the following links above the table heading: • 1 (the unit ID of the switch). Only physical interfaces are displayed. This is the default setting.
Page 166: View, Search, Or Clear The Igmp Snooping Table
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View, Search, or Clear the IGMP Snooping Table You can view all of the entries in the Multicast Forwarding Database that were created for IGMP snooping. To view, search, or clear the IGMP snooping table: 1.
Page 167: Configure Igmp Snooping For Vlans
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 44. IGMP Snooping Table information (continued) Field Description Type The type of the entry. Static entries are those that are configured by the end user. Dynamic entries are added to the table as a result of a learning process or protocol.
Page 168: Modify Igmp Snooping Settings For A Vlan
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. Configure the IGMP snooping values for the selected VLAN or VLANs: • Admin Mode. Enable or disable IGMP snooping for the specified VLAN ID. The default is Disable. • Fast Leave Mode.
Page 169: Disable Igmp Snooping On A Vlan
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The System Information page displays. 5. Select Switching> Multicast > IGMP Snooping > IGMP Snooping VLAN Configuration. The IGMP Snooping VLAN Configuration page displays. 6. Select the check box next to the VLAN ID. 7.
Page 170 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches To configure a multicast router interface: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 171: Configure A Multicast Router Vlan
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure a Multicast Router VLAN You can configure an interface to forward only snooped IGMP packets from a specific VLAN to the multicast router connected to the interface. This configuration is usually not required because the switch automatically detects a multicast router and forwards the IGMP packets accordingly.
Page 172: Igmp Snooping Querier Overview
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches IGMP Snooping Querier Overview IGMP snooping requires that one central switch or router periodically queries all end-devices on the network to announce their multicast memberships. This central device is the IGMP querier.
Page 173: Configure An Igmp Snooping Querier For Vlans
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • Snooping Querier IP Address. Enter the snooping querier IP address to be used as the source address in periodic IGMP queries. This address is used when no address is configured on the VLAN on which a query is being sent. •...
Page 174: Display Igmp Snooping Querier For Vlan Status
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. Configure the following settings: • VLAN ID. The VLAN ID for which the IGMP snooping querier must be enabled. You can select an existing VLAN only. • Querier Election Participate Mode. Enable or disable the querier mode: Disable.
Page 175: View, Search, And Manage The Mac Address Table
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The following table describes the nonconfigurable information displayed on the page. Table 45. Querier VLAN Status information Field Description VLAN ID The VLAN ID on which IGMP snooping querier is administratively enabled and the VLAN exists in the VLAN database.
Page 176: View, Search, Or Clear The Mac Address Table
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View, Search, or Clear the MAC Address Table To view, search, or clear the MAC Address Table: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 177: Set The Dynamic Address Aging Interval
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • Search Interface. From the Search menu, select Interface, and enter the interface ID using the respective interface naming convention (for example, g1 or l1). Then click the Go button. 7.
Page 178: Add A Static Mac Address To The Mac Address Table
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 5. Select Switching > Address Table > Advanced > Dynamic Addresses. 6. In the Address Aging Timeout (seconds) field, specify the time-out period in seconds for aging out dynamically learned forwarding information. 802.1D-1990 recommends a default of 300 seconds.
Page 179: Configure Layer 2 Loop Protection
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. In the Static MAC Address field, enter the static MAC address that you want to add. 8. From the VLAN ID menu, select the VLAN ID that must be associated with the MAC address.
Page 180: View And Configure Layer 2 Loop Protection On A Port
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 181 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 182 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 10. Click the Apply button. Your settings are saved. 11. Click the Clear button to clear the statistics in the table. 12. Click the Refresh button to update the page to show the latest information. The following table describes the nonconfigurable information displayed on the page.
Page 183: Chapter 4 Configure Quality Of Service
Configure Quality of Service This chapter contains the following sections: Quality of Service Concepts • Manage Class of Service • Manage Differentiated Services •...
Page 184: Quality Of Service Concepts
CoS queue characteristics that affect queue mapping, such as minimum guaranteed bandwidth or transmission rate shaping, are user configurable at the queue (or port) level. Note: Models GS324T and GS324TP support four hardware queues per port. Model GS348T supports eight hardware queues per port. CoS Configuration Concepts You can set the Class of Service trust mode for an interface.
Page 185: Configure Global Cos Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches CoS level configured for the ingress port as a whole, based on the existing port default priority as mapped to a traffic class by the current 802.1p mapping table. Alternatively, when a port is configured as untrusted, it does not trust any incoming packet priority designation and uses the port default priority value instead.
Page 186: Configure Cos Interface Settings For An Interface
802.1p. IEEE 802.1p specifies eight priority tags (p0 to p7). The QoS setting lets you map each of the eight priority levels to an internal hardware priority queue. Models GS324T and GS324TP support four hardware queues (0 to 3) and model GS348T supports eight hardware queues (0 to 7). The default mode is 802.1p.
Page 187 802.1p. IEEE 802.1p specifies eight priority tags (p0 to p7). The QoS setting lets you map each of the eight priority levels to an internal hardware priority queue. Models GS324T and GS324TP support four hardware queues (0 to 3) and model GS348T supports eight hardware queues (0 to 7). The default mode is 802.1p.
Page 188: Configure Cos Queue Settings For An Interface
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 11. Click the Apply button. Your settings are saved. Configure CoS Queue Settings for an Interface You can define what a particular queue does by configuring switch egress queues. User-configurable parameters control the amount of bandwidth used by the queue, the queue depth during times of congestion, and the scheduling of packet transmission from the set of all queues on a port.
Page 189: Map 802.1P Priorities To Queues
8. From the Queue ID menu, select the queue to be configured. Models GS324T and GS324TP support four queues (0 to 3) and model GS348T supports eight queues (0 to 7). 9. In the Minimum Bandwidth field, specify the minimum guaranteed bandwidth allotted to the queue.
Page 190 The 802.1p Priority row contains traffic class selectors for each of the eight 802.1p priorities to be mapped. The priority goes from low (0) to high (3 for models GS324T and GS324TP or 7 for model GS348T). For example, traffic with a priority of 0 is for most data traffic and is sent using best effort.
Page 191: Map Dscp Values To Queues
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 8. Click the Apply button. Your settings are saved. Map DSCP Values to Queues You can map an internal traffic class to a DSCP value. To map DSCP values to queues: 1.
Page 192: Manage Differentiated Services
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The allowed Per Hop Behavior (PHBs) values, besides other DSCP experimental values, are as follows: • Class Selector (CS) PHB. These values are based on IP precedence. • Assured Forwarding (AF) PHB. These values define four main levels to sort and manipulate some flows within the network.
Page 193: Configure And Display Global Diffserv Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Note the following about the DiffServ process: • Packets are filtered and processed based on defined criteria. The filtering criteria is defined by a class. The processing is defined by a policy's attributes. Policy attributes can be defined on a per-class instance basis, and it is these attributes that are applied when a match occurs.
Page 194: Configure A Diffserv Class
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select the administrative mode for DiffServ: • Enable. Differentiated services are active. This is the default setting. • Disable. The DiffServ configuration is retained and can be changed but is not active. 7.
Page 195 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Add and Configure a DiffServ Class To add and configure a DiffServ class: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 196 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 9. Define the criteria that must be associated the DiffServ class by selecting one of the following radio buttons: • Match Every. Select this radio button to add a match condition that considers all packets to belong to the class.
Page 197 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • Source MAC. Select this radio button to require a packet’s source MAC address to match the specified MAC address. After you select this radio button, use the following fields to configure the source MAC address match criteria: Address.
Page 198 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • Destination L4 Port. Select this radio button to require a packet’s TCP/UDP destination port to match the specified protocol. You can also select Other from the menu and enter a port number from 0 to 65535. •...
Page 199 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The login window opens. 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select QoS > DiffServ > Advanced > Class Configuration. The Class Name page displays.
Page 200: Configure A Diffserv Policy
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Delete a DiffServ Class To delete a DiffServ class: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 201 Assign Queue. Select this radio button to specify that traffic must be assigned to a queue, which you must select from the menu. Models GS324T and GS324TP support four hardware queues (0 to 3) and model GS348T supports eight hardware queues (0 to 7).
Page 202 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • Drop. Select this radio button to require each inbound packet to be dropped. • Mark VLAN CoS. Select this radio button to specify the VLAN priority, which you must select from the menu.
Page 203 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches d. In the Violate Action section, select one of the following radio buttons: • Send. Packets are forwarded unmodified. This is the default violating action. • Drop. Packets are dropped. •...
Page 204 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Change the Policy Attributes for an Existing DiffServ Policy To change the policy attributes for an existing DiffServ policy: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 205: Configure The Diffserv Service Interface
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 5. Select QoS > DiffServ > Advanced > Policy Configuration. The Policy Configuration page displays. 6. Select the check box next to the policy name. 7. From the Member Class menu, select None. 8.
Page 206 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 207: View Diffserv Service Statistics
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The following table describes the nonconfigurable information displayed on the page. Table 50. Service Interface Configuration information Field Description Direction Shows the traffic direction of this service interface, which is always inbound (In). Operational Status Shows the operational status of this service interface (either Up or Down).
Page 208 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 209: Chapter 5 Manage Device Security
Manage Device Security This chapter contains the following sections: Configure the Management Security Settings • Configure Management Access • Configure Port Authentication • Set Up Traffic Control • Configure Access Control Lists •...
Page 210: Configure The Management Security Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure the Management Security Settings You can configure the login password, Remote Authorization Dial-In User Service (RADIUS) settings, Terminal Access Controller Access Control System (TACACS) settings, and authentication lists. Change the Password for the Local Browser Interface You can change the login password for the default user with the user name admin.
Page 211: Manage The Radius Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Note: If you forget the password and are unable to log in to the switch local browser interface, press the Factory Defaults button on the front panel of the switch for more than five seconds. The device reboots, and all switch settings, including the password, are reset to the factory default values.
Page 212 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The login window opens. 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select Security > Management Security > RADIUS > Global Configuration. The Current Server IP Address field is blank if no servers are configured (see Configure a RADIUS Authentication Server on the Switch on page 213).
Page 213 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The following table describes the nonconfigurable fields displayed on the page. Table 52. RADIUS Configuration information Field Description Current Server IP Address The IP address of the current server. This field is blank if no servers are configured.
Page 214 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 8. From the Secret Configured menu, select Yes. You must select Yes before you can configure the RADIUS secret. After you add the RADIUS server, this field indicates whether the shared secret for this server was configured.
Page 215 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 53. RADIUS authentication server statistics information (continued) Field Description Bad Authenticators The number of RADIUS access-response packets containing invalid authenticators or signature attributes received from this server. Pending Requests The number of RADIUS access-request packets destined for this server that did not yet time out or receive a response.
Page 216 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Remove a RADIUS Authentication Server From the Switch To remove a RADIUS authentication server from the switch: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 217 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select Security > Management Security > RADIUS > Accounting Server Configuration. 6.
Page 218 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 54. RADIUS accounting server statistics information (continued) Field Description Accounting Responses The number of RADIUS packets received on the accounting port from this server. Malformed Accounting Responses The number of malformed RADIUS accounting-response packets received from this server.
Page 219: Configure Tacacs
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Remove a RADIUS Accounting Server From the Switch To remove a RADIUS accounting server from the switch: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 220 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure the Global TACACS+ Settings You can configure the global TACACS+ settings for communication between the switch and a TACACS+ server. To configure the global TACACS+ settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 221 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure a TACACS+ Server on the Switch You can configure up to three TACACS+ servers with which the switch can communicate. To configure a TACACS+ server on the switch: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 222 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Modify the Settings for a TACACS+ Server on the Switch To modify the settings for a TACACS+ server on the switch: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 223: Configure Authentication Lists
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The TACACS+ Server Configuration page displays. 6. Select the check box next to the server IP address. 7. Click the Delete button. The TACACS+ server is removed. Configure Authentication Lists You can configure a default login list.
Page 224 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If you select a method that does not time out as the first method, such as Local, no other method is tried, even if you specified more than one method. User authentication occurs in the order the methods are selected.
Page 225 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The default password is password. The System Information page displays. 5. Select Security > Management Security > Authentication List > HTTPS Authentication List. 6. Select the check box next to the httpsList name. 7.
Page 226 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure the Dot1x Authentication List The Dot1x authentication list defines the IEEE 802.1X authentication method used for the default list. The default list is dot1xList. To configure the dot1x authentication list: 1.
Page 227: Manage The Smart Control Center Utility
The default password is password. The System Information page displays. 5. Select Security > Management Security > SCC Control. The NETGEAR Smart Control Center (SCC) Utility page displays. 6. Select the one of the following SCC Admin Mode radio buttons: •...
Page 228: Configure Http Access Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure HTTP Access Settings You can configure the HTTP access settings on the switch. To configure the HTTP access settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 229: Configure Https Access Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure HTTPS Access Settings Secure HTTP enables the transmission of HTTP over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) connection. When you manage the switch by using a web interface, Secure HTTP can help ensure that communication between the management system and the switch is protected from eavesdroppers and man-in-the-middle attacks.
Page 230: Manage Certificates For Https Access
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 9. In the HTTPS Port field, type the HTTPS port number. The range is from 1025 to 65535. The default is port 443. 10. In the HTTPS Session Soft Timeout (Minutes) field, enter the inactivity time-out for HTTPS sessions.
Page 231 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select Security > Access > HTTPS > Certificate Management. The Certificate Present field displays whether a certificate is present on the switch. 6.
Page 232: Transfer An Existing Certificate To The Switch
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select Security > Access > HTTPS > Certificate Management. 6. The Certificate Management page displays. The Certificate Present field displays Yes.
Page 233 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The login window opens. 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select Security > Access > HTTPS > Certificate Download. 6.
Page 234: Manage Access Control To The Switch
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Manage Access Control to the Switch Access control allows you to configure an access control profile and set rules for access to the local browser interface, access by SNMP stations, SNTP devices, and client access to a TFTP server.
Page 235 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. In the Access Profile Name field, enter the name of the access profile to be added. The maximum length is 32 characters. 7. Click the Apply button. Your settings are saved. By default, the access profile is deactivated. After you add rules, you can activate the access profile.
Page 236 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 5. Select Security > Access > Access Control > Access Rule Configuration. 6. From the Rule Type menu, select Permit or Deny to permit or deny access when the selected rules are matched. A Permit rule allows access from a device that matches the rule criteria.
Page 237 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 238 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The Packets Filtered field displays the number of packets filtered (none in the previous figure). 6. To refresh the page with the latest information about the switch, click the Refresh button. The following table describes the nonconfigurable data that is displayed.
Page 239 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The login window opens. 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select Security > Access > Access Control > Access Profile Configuration. The Access Profile Configuration page displays.
Page 240: Configure Port Authentication
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure Port Authentication With port-based authentication, when 802.1X is enabled globally and on the port, successful authentication of any one supplicant attached to the port results in all users being able to use the port without restrictions.
Page 241 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Configure the following port authentication settings: • Port Based Authentication State. This selection specifies the 802.1X administrative mode on the switch. The default value is Disable. Enabled. If 802.1X is enabled, authentication is performed by a RADIUS server. This means that the primary authentication method must be RADIUS.
Page 242: Manage Port Authentication On Individual Ports
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Manage Port Authentication on Individual Ports You can enable and configure port access control on one or more physical ports. Configure 802.1X Settings for a Port To configure 802.1X settings for a port: 1.
Page 243 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. Specify the following settings: • Port Control. Defines the port authorization state. The control mode is set only if the link status of the port is link up. Select one of the following options: Auto.
Page 244 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches For example, you can use this mode if an IP phone is connected to a NAS port and a virtual machine controller (VMC) is connected to the hub port of the IP phone.
Page 245 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • Resending EAP. Specify the EAP retransmit period for the selected port. The transmit period is the time in seconds, after which an EAPoL EAP Request/Identify frame is resent to the supplicant. •...
Page 246: View The Port Summary
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The Port Authentication page displays. 6. Select the check box associated with the port to initialize. 7. Click the Initialize button. 802.1X on the selected interface is reset to the initialization state. Traffic sent to and from the port is blocked during the authentication process.
Page 247: View The Client Summary
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The following table describes the fields on the Port Summary page. Table 57. Port summary Field Description Port The port whose settings are displayed in the current table row. Control Mode This field indicates the configured control mode for the port.
Page 248 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The login window opens. 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select Security > Port Authentication > Advanced > Client Summary. The following table describes the fields on the Client Summary page.
Page 249: Set Up Traffic Control
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Set Up Traffic Control You can configure MAC filters, storm control, port security, and protected port settings. Manage MAC Filtering You can create MAC filters that limit the traffic allowed into and out of specified ports on the switch.
Page 250 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The previous figure shows the MAC Filter Configuration page for models GS324T and GS324TP. 6. From the MAC Filter menu, select Create Filter. If you did not configure any filters, this is the only option available.
Page 251: Mac Filter Summary
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches A packet with the MAC address and VLAN ID that you specify can be transmitted only from a port that is part of the outbound filter. Note: Destination ports can be included only in a multicast filter. A multicast filter is determined by the MAC address that you enter in the MAC Address field.
Page 252: Configure Storm Control Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 253 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches To configure global storm control settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 254 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The range is a percent of the total threshold between 0 and 100%. The default is 5%. 9. From the Control Action mode menu, select one of the following options: •...
Page 255 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The default settings in the Port Settings section depends on the global storm control settings (see Configure Global Storm Control Settings on page 252), which apply to all ports. 6. In the Port Settings section, select one or more interfaces by taking one of the following actions: •...
Page 256: Manage Port Security
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Manage Port Security Port security lets you lock one or more ports on the switch. When a port is locked, the port can only forward packets with a source MAC addresses that you specifically allowed. The port discards all other packets.
Page 257 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The following table describes the fields in the Port Security Violations table. Table 60. Port Security Violations information Field Description Port The physical interface. Last Violation MAC The source MAC address of the last packet that was discarded at a locked port. VLAN ID The VLAN ID corresponding to the last MAC address violation.
Page 258 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select whether to display physical interfaces, LAGs, or both by clicking one of the following links above the table heading: • 1 (the unit ID of the switch). Only physical interfaces are displayed. This is the default setting.
Page 259 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View Learned MAC Addresses and Convert Them to Static MAC Addresses After you enabled port security globally (see Configure the Global Port Security Mode on page 256) and enabled port security for specific interfaces (see Configure a Port Security Interface on page 257), you can convert a dynamically learned MAC address to a statically locked address.
Page 260: Configure Protected Ports
The System Information page displays. 5. Select Security > Traffic Control > Protected Port. The previous figure shows the Protected Ports Membership page for models GS324T and GS324TP. 6. In the Ports table, click each port that you want to configure as a protected port.
Page 261: Configure Access Control Lists
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Protected ports are marked with a check mark. No traffic forwarding is possible between two protected ports. 7. Click the Apply button. Your settings are saved. Configure Access Control Lists Access control lists (ACLs) ensure that only authorized users can access specific resources while blocking any unwarranted attempts to reach network resources.
Page 262 The System Information page displays. 5. Select Security > ACL > ACL Wizard. The previous figure shows the ACL Wizard page for models GS324T and GS324TP. 6. From the ACL Type menu, select the type of ACL. You can select from the following ACL types: •...
Page 263 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Note: For L4 port options, two rules are created (one for TCP and one for UDP). 7. In the Sequence Number field, enter a whole number in the range from 1 to 2147483647 that is used to identify the rule.
Page 264 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches As a sample, the following steps describe how you can specify the additional match criteria for an ACL based on the destination MAC address: a. In the Destination MAC field, specify the destination MAC address that must be compared against the information in an Ethernet frame.
Page 265 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 5. Select Security > ACL > ACL Wizard. The ACL Wizard page displays. 6. Select check box that is associated with the rule. 7. Update the match criteria as needed. 8.
Page 266: Configure A Basic Mac Acl
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The previous figure shows a sample for models GS324T and GS324TP. For information about the ACL Wizard, see Use the ACL Wizard to Create a Simple ACL on page 261.
Page 267 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12. The login window opens. 4. Enter the switch’s password in the Password field. The default password is password.
Page 268: Configure Mac Acl Rules
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The login window opens. 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select Security > ACL > Basic > MAC ACL. The MAC ACL page displays.
Page 269 9. In the Assign Queue field, specify the hardware egress queue identifier that must be used to handle all packets matching this ACL rule. For models GS324T and GS324TP, the range for the queue ID is from 0 to 3. For model GS348T, the range for the queue ID is from 0 to 7.
Page 270 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches This field cannot be set if a redirect interface is already configured for the ACL rule. This field is visible for a Permit action. 11. From the Redirect Interface menu, select the egress interface to which the matching traffic stream must be redirected, bypassing any forwarding decision normally performed by the switch.
Page 271 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches This value must be compared against the information in an Ethernet frame. The range is from 0x0600 to 0xFFFF. 18. In the Source MAC field, specify the source MAC address that must be compared against the information in an Ethernet frame.
Page 272: Configure Mac Bindings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select the check box that is associated with the rule. 7. Modify the fields as needed. 8. Click the Apply button. Your settings are saved. Delete a Rule for a MAC ACL To delete a rule for a MAC: 1.
Page 273 The System Information page displays. 5. Select Security > ACL > Basic > MAC Binding Configuration. The previous figure shows the MAC Binding Configuration page for models GS324T and GS324TP. The figure shows two MAC ACL examples in the table.
Page 274: View Or Delete Mac Acl Bindings In The Mac Binding Table
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The Ports and LAG tables display the available interfaces for ACL bindings. All nonrouting physical interfaces, VLAN interfaces, and interfaces participating in LAGs are listed. 9. Click the Apply button. Your settings are saved.
Page 275: Configure A Basic Or Extended Ip Acl
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. To delete a MAC ACL-to-interface binding, do the following: a. Select the check box next to the interface. b. Click the Delete button. The binding is removed. The following table describes the information that is displayed in the MAC Binding Table. Table 62.
Page 276 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 3. Associate the IP ACL with one or more interfaces (see Configure IP ACL Interface Bindings on page 289). You can view or delete IP ACL configurations in the IP ACL Binding table (see View or Delete IP ACL Bindings in the IP ACL Binding Table on page 291.
Page 277 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. In the IP ACL ID field, specify the ACL ID or IP ACL name, which depends on the IP ACL type. The IP ACL ID is an integer in the following range: •...
Page 278: Configure Rules For A Basic Ip Acl
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Delete an IP ACL To delete an IP ACL: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 279 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 280 IP ACL rule. For models GS324T and GS324TP, the range for the queue ID is from 0 to 3. For model GS348T, the range for the queue ID is from 0 to 7.
Page 281 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Modify the Match Criteria for a Basic IP ACL Rule To modify the match criteria for a basic IP ACL rule: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 282: Configure Rules For An Extended Ip Acl
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The System Information page displays. 5. Select Security > ACL > Advanced > IP Rules. The IP Rules page displays. 6. From the ACL ID menu, select the ACL that includes the rule that you want to modify. 7.
Page 283 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The previous figure does not show all columns on the page. If no rules exists, the Extended ACL Rule Table shows the message No rules have been configured for this ACL. If one or more rules exist for the ACL, the rules display in the Extended ACL Rule Table.
Page 284 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches For models GS324T and GS324TP, the range for the queue ID is from 0 to 3. For model GS348T, the range for the queue ID is from 0 to 7.
Page 285 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches You can select either the Port radio button or the Range radio button: Port. If you select the Port radio button, you can either enter the port number yourself or select one of the following protocols from the menu: •...
Page 286 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • Dst. In the Dst field, enter a destination IP address, using dotted-decimal notation, to be compared to a packet’s destination IP address as a match criterion for the selected IP ACL rule: If you select the IP Address radio button, enter an IP address with a relevant wildcard mask to apply this criteria.
Page 287 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches You can either select the enter the port range yourself or select one of the following protocols from the menu: • The destination IP TCP port range names are Domain, Echo, FTP, FTP data, www-http, SMTP, Telnet, POP2, POP3, and bgp.
Page 288 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The possible options are IP DSCP, IP precedence, and IP TOS, which are alternative methods to specify a match criterion for the same service type field in the IP header. Each method uses a different user notation.
Page 289: Configure Ip Acl Interface Bindings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. From the ACL ID menu, select the ACL that includes the rule that you want to modify. 7. In the Extended ACL Rule Table, click the rule. The rule is a hyperlink. The Extended ACL Rule Configuration page displays. 8.
Page 290 The System Information page displays. 5. Select Security > ACL > Advanced > IP Binding Configuration. The previous figure shows the IP Binding Configuration page for models GS324T and GS324TP. 6. From the ACL ID menu, select the existing IP ACL for you which you want to add an IP ACL interface binding.
Page 291: View Or Delete Ip Acl Bindings In The Ip Acl Binding Table
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches access list using that sequence number. If you do not specify the sequence number (meaning that the value is 0), a sequence number that is one number greater than the highest sequence number currently in use for the interface and direction is used.
Page 292 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 4. Enter the switch’s password in the Password field. The default password is password. The System Information page displays. 5. Select Security > ACL > Advanced > Binding Table. 6. To delete an IP ACL-to-interface binding, do the following: a.
Page 293: Chapter 6 Monitor The System
Monitor the System This chapter contains the following sections: Monitor the Switch and the Ports • Configure and View Logs • Configure Port Mirroring •...
Page 294: Monitor The Switch And The Ports
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Monitor the Switch and the Ports The following sections describe how you can view a variety of information about the amount and type of traffic that is transmitted from and received on the switch: View Switch Statistics on page 294 •...
Page 295 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Click the Refresh button to refresh the page with the latest information about the switch. 7. Click the Clear button to clear all the statistics counters, resetting all switch summary and detailed statistics to default values.
Page 296 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 65. Switch statistics (continued) Field Description Broadcast Packets Received The total number of packets received that were directed to the broadcast address. This does not include multicast packets. Receive Packets Discarded The number of inbound packets that were chosen to be discarded, even though no errors were detected, in order to prevent their being delivered to a higher-layer protocol.
Page 297: View Port Statistics
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View Port Statistics You can view a summary of per-port traffic statistics on the switch. To view port statistics: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 298 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The following table describes the per-port statistics displayed on the page. Table 66. Port statistics Field Description Interface The interface or LAG. Total Packets Received The total number of packets received that were without errors. Without Errors Packets Received With Error The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.
Page 299 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. Click the Clear button. All counters are reset to 0. Reset Counters for One or More Specific Interfaces To reset the counters for one or more specific interfaces: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 300: View And Manage Detailed Port Statistics
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View and Manage Detailed Port Statistics You can view a variety of per-port traffic statistics. To view and manage detailed port statistics: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 301 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. From the Interface menu, select the interface for which you want to view the statistics. 7. From the MST ID menu, select the MST ID associated with the interface (if available). 8.
Page 302 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 67. Detailed port statistics (continued) Field Description Link Status Indicates whether the link is up or down. Link Trap Indicates whether or not the port sends a trap when link status changes. Packets RX and TX 64 The total number of packets (including bad packets) received or transmitted that Octets...
Page 303 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 67. Detailed port statistics (continued) Field Description Packets Received 256-511 The total number of packets (including bad packets) received that were between Octets 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets).
Page 304 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 67. Detailed port statistics (continued) Field Description Rx FCS Errors The total number of packets received with a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but included a bad frame check sequence (FCS) with an integral number of octets.
Page 305 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 67. Detailed port statistics (continued) Field Description Total Packets Transmitted The number of frames that were transmitted by the port. Unicast Packets Transmitted The total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent.
Page 306: View Or Clear Eap And Eapol Statistics
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 67. Detailed port statistics (continued) Field Description EAPOL Frames Transmitted The number of EAPoL frames of any type that were transmitted by this authenticator. Time Since Counters Last The elapsed time in days, hours, minutes, and seconds since the statistics for Cleared the port were last cleared.
Page 307 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • To clear the counters for multiple ports, select the check boxes associated with the ports, and click the Clear button. • To clear all counters for all ports, select the check box in the row heading, and click the Clear button.
Page 308: Perform A Cable Test (Model Gs348T)
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Perform a Cable Test (Model GS348T) On model GS348T, you can test and view information about the cables that are connected to switch ports. To perform a cable test: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 309: Configure And View Logs
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 10/100 Ethernet adapter then the cable status might be Open or Short because some Ethernet adapters leave unused wire pairs unterminated or grounded. The following table describes the nonconfigurable information displayed on the page. Table 69.
Page 310 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 311: Manage The Flash Log
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches console log. Messages logged to a collector or relay through syslog support the same format as well. The following example shows the standard format for a log message: <14> Mar 24 05:34:05 10.131.12.183-1 UNKN[2176789276]: main_login.c(179) 3855 %% HTTP Session 19 initiated for user admin connected from 10.27.64.122 The number contained in the angle brackets represents the message priority, which is...
Page 312 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The default password is password. The System Information page displays. 5. Select Monitoring > Logs > FLASH Log. The FLASH Log Configuration page displays. 6. Select one of the following Admin Status radio buttons: •...
Page 313: Manage The Server Log
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Description: <15>Aug 24 05:34:05 STK0 MSTP[2110]: mspt_api.c(318) 237 %% Interface 12 transitioned to root state on message age timer expiry The previous log message example indicates a user-level message (1) with severity 7 (debug) on a system that is not stacked and generated by component MSTP running in thread ID 2110 on Aug 24 05:34:05 by line 318 of file mstp_api.c.
Page 314 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Your settings are saved. The Server Log Configuration section displays the following information: • Messages Received. Shows the number of messages received by the log process. This includes messages that are dropped or ignored. •...
Page 315 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Alert (1). The second-highest warning level. An alert log is saved if a serious device malfunction occurs, such as all device features being down. Critical (2). The third-highest warning level. A critical log is saved if a critical device malfunction occurs, for example, two device ports are not functioning, while the rest of the device ports remain functional.
Page 316: View Or Clear The Trap Logs And Counters
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Delete the Settings for a Remote Syslog Host To delete the settings for a remote syslog host: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 317: View Or Clear The Event Log
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches The System Information page displays. 5. Select Monitoring > Logs > Trap Logs. 6. To refresh the page with the latest information about the switch, click the Refresh button. 7. To clear the messages from the trap logs in the memory and clear the counters, click the Clear button.
Page 318 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches To view or clear the event log: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 319: Configure Port Mirroring
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Configure Port Mirroring Port mirroring lets you select the network traffic of specific switch ports for analysis by a network analyzer. You can select many switch ports as source ports but a single switch port only as the destination port.
Page 320 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select an Admin Mode radio button: • True. Port mirroring is enabled. • False. Port mirroring is disabled. This is the default setting. 7. From the Destination Port menu, select the physical destination port to which port traffic must be copied.
Page 321 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • To select multiple interfaces, select the check box associated with each interface. Traffic from the selected ports will be sent to the destination port. 12. From the Direction menu, specify the direction of the traffic that must be mirrored from the selected source ports: •...
Page 322: Chapter 7 Maintenance
Maintenance This chapter contains the following sections: Reboot the Switch • Reset the Switch to Its Factory Default Settings • Export a File From the Switch • Download a File to the Switch or Update the Firmware • Manage Software Images •...
Page 323: Reboot The Switch
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Reboot the Switch You can reboot the switch from the local browser interface. To reboot the switch: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 324: Reset The Switch To Its Factory Default Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Reset the Switch to Its Factory Default Settings You can reset the system configuration to the factory default values. All changes that you made are lost. If the IP address changes, your web session might disconnect. Note: If you reset the switch to the default configuration, the IP address is reset to 192.168.0.239, and the DHCP client is enabled.
Page 325: Export A File From The Switch
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Export a File From the Switch You can export configuration (ASCII) or log (ASCII log) files from the switch to a file server by using TFTP or to a computer by using HTTP. The following sections describe how you can export a file from the switch: Use TFTP to Export a File From the Switch to a TFTP Server on page 325 •...
Page 326: Use Http To Export A File From The Switch To A Computer
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches offline to personalize it for another similar device (for example, change the device name or IP address), and download it to that device. This is the default setting. • Error Log. The switch error log. •...
Page 327: Download A File To The Switch Or Update The Firmware
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Discover or Change the Switch IP Address on page 12.
Page 328: Use Tftp To Download A File To The Switch Or Update The Software Image
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Use TFTP to Download a File to the Switch or Update the Software Image You can download a software (firmware) image, configuration files, and SSL files from a TFTP server to the switch. Before you download a file to the switch, the following conditions must be true: •...
Page 329 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. From the File Type menu, select the type of file: • Software. The system software image, which is saved in one of two flash sectors called images (image1 and image2). The active image stores the active copy, while the other image stores a second copy.
Page 330: Use Http To Download A File To The Switch Or Update The Software Image
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 12. Select the Start File Transfer check box to initiate the file upload. 13. Click the Apply button. The file transfer begins. The page displays information about the progress of the file transfer. The page refreshes automatically when the file transfer completes.
Page 331 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. From the File Type menu, select the type of file: • Software. The system software image, which is saved in one of two flash sectors called images (image1 and image2). The active image stores the active copy, the other image stores a second copy.
Page 332: Manage Software Images
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Manage Software Images The switch maintains two versions of the switch software in permanent storage. One image is the active image, and the second image is the backup image. The active image is loaded when the switch starts or reboots.
Page 333: Configure Dual Image Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Select the Source Image image1 or image2 radio button to specify the image to be copied. 7. Select the Destination Image image1 or image2 radio button to specify the destination image.
Page 334 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 7. As an option, specify a name for the selected image by entering one in the Image Description field. 8. Select the Activate Image check box. 9. Click the Apply button. Your settings are saved.
Page 335: View The Dual Image Status
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches View the Dual Image Status You can view information about the active and backup images on the system. To view dual image status information: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Page 336: Enable Remote Diagnostics
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches nable Remote Diagnostics You can enable or disable the option to access the switch remotely. When remote access is enabled, you or technical support can perform remote diagnostics services. To enable remote diagnostics: 1.
Page 337: Appendix A Configuration Examples
Configuration Examples This appendix contains the following sections: Virtual Local Area Networks (VLANs) • Access Control Lists (ACLs) • Differentiated Services (DiffServ) • 802.1X Access Control • Multiple Spanning Tree Protocol •...
Page 338: Virtual Local Area Networks (Vlans)
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Virtual Local Area Networks (VLANs) A local area network (LAN) can generally be defined as a broadcast domain. Hubs, bridges, or switches in the same physical segment or segments connect all end node devices. End nodes can communicate with each other without the need for a router.
Page 339: Vlan Configuration Examples
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • If the port is a member of the VLAN specified by the packet’s VLAN ID, the packet can be sent to other ports with the same VLAN ID. • Packets leaving the switch are either tagged or untagged, depending on the setting for that port’s VLAN membership properties.
Page 340: Access Control Lists (Acls)
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • If an untagged packet enters port 4, the switch tags it with VLAN ID 20. The packet can access port 5 and port 6. The outgoing packet is stripped of its tag to become an untagged packet as it leaves port 6.
Page 341: Standard Ip Acl Sample Configuration
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 2. On the MAC Rules page, create a rule for the Sales_ACL with the following settings: • Sequence Number. 1 • Action. Permit • Assign Queue ID. 0 • Match Every. False •...
Page 342: Differentiated Services (Diffserv)
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches • Assign Queue ID. 0 (optional: 0 is the default value) • Match Every. False • Source IP Address. 192.168.187.0 • Source IP Mask. 255.255.0 For additional information about IP ACL rules, see Configure Rules for a Basic IP ACL on page 278.
Page 343: Class
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Two basic types of QoS are supported: • Integrated Services. Network resources are apportioned based on request and are reserved (resource reservation) according to network management policy (RSVP, for example). •...
Page 344: Diffserv Traffic Classes
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches DiffServ Traffic Classes With DiffServ, you define which traffic classes to track on an ingress interface. You can define simple BA classifiers (DSCP) and a wide variety of multifield (MF) classifiers: •...
Page 345: Diffserv Example Configuration
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches definition to convey some QoS characteristics to downstream switches that do not routinely look at the DSCP value in the IP header. • Policing. A method of constraining incoming traffic associated with a particular class so that it conforms to the terms of the TCS.
Page 346: 802.1X Access Control
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. Click the Add button. The policy is added. 7. Click the Policy1 hyperlink to view the Policy Class Configuration page for this policy. 8. Configure the Policy attributes as follows: •...
Page 347 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches between the authenticator (the system that passes an authentication request to the authentication server) and the supplicant (the system that requests authentication), as well as between the authenticator and the authentication server. The switch supports a guest VLAN, which allows unauthenticated users limited access to the network resources.
Page 348: 802.1X Example Configuration
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Figure 1. 802.1X authentication roles 802.1X Example Configuration This example shows how to configure the switch so that 802.1X-based authentication is required on the ports in a corporate conference room (1/0/5–1/0/8). These ports are available to visitors and must be authenticated before access is granted to the network.
Page 349: Multiple Spanning Tree Protocol
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches 6. On the RADIUS Server Configuration page, configure a RADIUS server with the following settings: • Server Address. 192.168.10.23 • Secret Configured. Yes • Secret. secret123 • Active. Primary For more information, see Manage the RADIUS Settings on page 211. 7.
Page 350 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches interconnecting these regions, and an Internal Spanning Tree (IST) within each region. MSTP ensures that frames with a VLAN ID are assigned to one and only one of the MSTIs or the IST within the region, that the assignment is consistent among all the networking devices in the region, and that the stable connectivity of each MSTI and IST at the boundary of the region matches that of the CST.
Page 351: Mstp Example Configuration
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches kind outside the region. In other words, connectivity within the region is independent of external connectivity. MSTP Example Configuration This example shows how to create an MSTP instance from the switch. The example network includes three different switches that serve different locations in the network.
Page 352 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Note: Bridge priority values are multiples of 4096. If you do not specify a root bridge and all switches are assigned the same bridge priority value, the switch with the lowest MAC address is elected as the root bridge (see Configure and View the CST Settings on page 146).
Page 353 Specifications and Default Settings This appendix contains the following sections: Switch Default Settings • General Feature Default Settings • System Setup and Maintenance Settings • Port Characteristics • Traffic Control Settings • Quality of Service Settings • Security Settings • System Management Settings •...
Page 354: Appendix B Specifications And Default Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Switch Default Settings The following table describes the switch default settings. Table 73. Switch default settings Feature Default IP address 192.168.0.239 Subnet mask 255.255.255.0 Default gateway 192.168.0.254 Protocol DHCP Management VLAN ID Minimum password length Eight characters SNTP client...
Page 355: General Feature Default Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 73. Switch default settings (continued) Feature Default Default VLAN name Default Voice VLAN Disabled RADIUS-assigned VLANs Disabled Multiple Spanning Tree Disabled Link aggregation No link aggregation groups (LAGs) configured LACP system priority 32768 DiffServ...
Page 356 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 74. General feature default settings (continued) Feature Name/Setting Default EAPoL flood mode Disabled Port control Auto Unauthenticated VLAN ID 0 (none) Periodic reauthentication Disabled Reauthentication period 3600 Quiet period Resending EAP request Maximum number of EAP requests Supplicant time-out period...
Page 357 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 74. General feature default settings (continued) Feature Name/Setting Default CST path cost CST priority CST external path cost Link Aggregation Lag name ch<n> where n is 1 to 8 LAG capability (“Admin Mode”) Enabled Hash mode...
Page 358 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 74. General feature default settings (continued) Feature Name/Setting Default Burst Interval Persistent Configuration Storage Local Write delay Class of Service (CoS), Global Trust Mode 802.1p 802.1p to queue mapping (802.1p -> queue) 0 ->...
Page 359 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 74. General feature default settings (continued) Feature Name/Setting Default DSCP to queue mapping (DSCP -> queue) Expedited Forwarding: (continued) (EF) 101110 -> 2 Other: (1) 000001 -> 1 (2) 000010 -> 1 (3) 000011 ->...
Page 360 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 74. General feature default settings (continued) Feature Name/Setting Default Class of Service (CoS), Interface Trust mode 802.1p Interface shaping rate 802.1p to queue mapping (802.1p –> queue) 0 -> 1 1 ->...
Page 361: System Setup And Maintenance Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches System Setup and Maintenance Settings The following table describes the system setup and maintenance settings. Table 75. System setup and maintenance settings Feature Sets Supported Default Boot code update DHCP/manual IP address DHCP enabled, 192.168.0.239 System name configuration Configuration save/restore...
Page 362: Traffic Control Settings
The following table describes the Quality of Service settings. Table 78. Quality of Service settings Feature Sets Supported Default Number of queues • Models GS324T and GS324TP. 4 queues • Model GS348T. 8 queues 802.1p Enabled DSCP Disabled Egress rate limiting...
Page 363: Security Settings
S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Security Settings The following table describes the security settings. Table 79. Security settings Feature Sets Supported Default 802.1X All ports Disabled MAC ACL 100 (shared with IP ACLs) All MAC addresses allowed IP ACL 100 (shared with MAC ACLs) All IP addresses allowed...
Page 364: Settings For Other Features
Number of DHCP snooping bindings Number of DHCP static entries 1024 Hardware Technical Specifications The following table describes the hardware technical specifications. Table 82. Hardware technical specifications Feature Model GS324T Model GS324TP Model GS348T Network interfaces • Twenty-four (24) • Twenty-four (24) PoE+ •...
Page 365 S350 Series 24-Port (PoE+) and 48-Port Gigabit Ethernet Smart Switches Table 82. Hardware technical specifications (continued) Feature Model GS324T Model GS324TP Model GS348T Fans None Operating temperature 32º to 113ºF (0° to 45°C) Operating humidity 95% maximum relative humidity, noncondensing...

This manual is also suitable for:

S350 series Gs324tp Gs348t Ms510txpp Gs110tp Ms510txup ... Show all