Barox RY-LGSP28-28 Operating Instructions Manual
  1. Manuals
  2. Brands
  3. Barox Manuals
  4. Switch
  5. RY-LGSP28-28
  6. Operating instructions manual

Barox RY-LGSP28-28 Operating Instructions Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Operating Instructions
RY-LGSP28-10
RY-LGSP28-28
RY-LGSP28-52/xxx

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the RY-LGSP28-28 and is the answer not in the manual?

Questions and answers

Related Manuals for Barox RY-LGSP28-28

Summary of Contents for Barox RY-LGSP28-28

  • Page 1 Operating Instructions RY-LGSP28-10 RY-LGSP28-28 RY-LGSP28-52/xxx...
  • Page 2 Kommunikation. Registered trademark barox® is a registered and protected trademark of the barox Kommunikation company. All other registered trademarks or registered brands mentioned in this manual are the property of the respective manufacturers.

  • Page 3: Table Of Contents

    5.3.2. Deployment and Authentication Settings using the Switch Management 5.3.3. Access Management and Use of HTTPS 5.3.4. Configuration and Use of Certificate-based Access to the Management SNMP – Monitoring- and Administration Function 5.4.1. Configuration of SNMP v2c 5.4.2. SNMP Trap Configuration barox Kommunikation...
  • Page 4 5.5.3. Supplementary Information regarding the Sending of SNMP Traps Reading SNMP Traps Use of MIB Files for Reading-out and Control of the Switches Control of Switch Functions via SNMP and MIB using the “SET” Operation Firmware Upgrade Factory Defaults WARRANTY barox Kommunikation...

  • Page 5: Introduction

    In all situations where a network is required to transmit high -quality video content fast and securely, barox Kommunikation’s range of POWERHAUS switches guarantee pioneering connections. barox Kommunikation designs, coordinates and supplies everything fr om a simple, point-to-point connection to a large area network running multicast applications. Website Information on our full range of switches as well as download links to our data sheets, documentation and the latest firmware are available on our website: www.barox.ch.

  • Page 6: Dms (Device Management System)

    To log in, the user simply enters the user name and password listed above. Once the login process has been successfully completed, the “System Information” page is automatically displayed showing the most important information on the switch. barox Kommunikation...

  • Page 7: System Information

    System Information This page displays the most important information on the switch. Key: Name of the switch model Firmware version Hardware version MAC address barox Kommunikation...

  • Page 8: Set A Static Ip Address Or Use Dhcp

    The factory default settings of the CLI interface are as follows : Bit rate: 115,200 Data bits Parity: None Stop bits: Flow control: None Once the connection is established using the serial interface, the user needs to log on using the user name and password. barox Kommunikation...

  • Page 9: Time Configuration

    Time Configuration The system time used by barox Kommunikation switches can either be configured manually or via an NTP server. The whole purpose of defining the time is to use it in the log file. If an error...

  • Page 10: Ntp (Network Time Protocol)

    Internet, it is possible to enter the external NTP server details directly, e.g. 213.209.109.45 at http://www.pool.ntp.org/de/ As soon as the switch can access the time and date, the cor rect date is shown in the “System Date” field. barox Kommunikation...

  • Page 11: Port Configuration

    − whereby no guarantee is supplied that these will function properly. The barox Kommunikation product range includes SFPs for multi and single mode fibres with transmission speeds of 100 Mbit/s, 1 Gbit/s and 10 Gbit/s. Distances of between 550 m and 120 km can be achieved depending on the type of fibre and transmission speed.

  • Page 12: Change Of User Name And Password

    Change of User Name and Password barox Kommunikation switches offer the option of generating a number of users with different rights. Up to 15 different levels can be defined. Level 15 is the highest level and is intended to be used by the administrators.

  • Page 13: Loop Protection

    “Shutdown Time” shows how long a port is to remain disabled, should a loop be detected. Possible time entries: 0 – 604,800 s (7 days). If “0” is entered here, the port will remain deactivated until the switch is rebooted. barox Kommunikation...

  • Page 14: Ring Configuration

    The switch factory default is set to “Bridge Priority” 32768. If t he switch is to act as master, the Bridge Priority must be set to “0”. All the other values can be left as they are. barox Kommunikation...

  • Page 15: Port Configuration

    In a larger ring with numerous terminal devices and larger data volumes it makes sen se to channel the data flow within the ring to distribute the load evenly across the switches (load - sharing). To achieve this, the path cost needs to be defined. barox Kommunikation...
  • Page 16 ➔ Wherever possible, one should aim to realise a configuration that corresponds to the one illustrated in the above image. barox Kommunikation...

  • Page 17: Vlan Configuration

    Connection between two switches or to a terminal device The allowed VLANs can be defined in the “Allowed VLANs” column both in “Trunk” and “Hybrid” mode. The same applies to forbidden VLANs, which can be defined in the column “Forbidden VLANs”. barox Kommunikation...

  • Page 18: Power Over Ethernet (Poe)

    = according to the value stated in the “Maximum Power (W)” column Allocation LLDP-Med = ditto Class mode, pulls the information via LLDP (where possible) If the terminal device exceeds the predefined power limit, the port turns PoE off. barox Kommunikation...

  • Page 19: Poe Power Delay

    To avoid this problem, one can configure the individual ports to start up one after the other in the following menu. In the example below, port 1 is activated after 10 seconds and ports 2 and 3 are activated in 20 seconds intervals. barox Kommunikation...

  • Page 20: Poe Schedule

    After 3 failed attempts, PoE to port 1 is turned off and turned back on after 15 seconds. This forces the camera to reboot. 60 seconds after the camera has rebooted, the ping m onitoring mechanism will kick in again. barox Kommunikation...

  • Page 21: Saving And Retrieving The Configuration

    IP address changed. That saves a huge amount of time. We strongly recommend saving the “startup -config file”. barox Kommunikation...

  • Page 22: Upload Configuration

    The opposite scenario is uploading a configuration file to the switch. In this case, the path where the file is stored and stored as “running-config”. Subject to a successful operation the file must then be saved as “startup-config –File” as described above. barox Kommunikation...

  • Page 23: Dms Device Management System

    The master switch can be determined using the IP address in the line “Controller IP”.
  • Page 24 The connection to a device can be checked − even across a row of switches − simply by clicking on the “Online”, resp. “Offline” status symbol. Should there be in interruption anywhere in the connection chain, this can be seen here. The same information can be checked using the “Maintenance/Diagnostics” menu. barox Kommunikation...

  • Page 25: Graphical Monitoring

    PoE requirement, in as far as the device is a PoE appliance, can also be read. Additionally, by clicking on “Login”, the device can be directly accessed or diagnostics on the connection carried out. The PoE appliance can also be easily rebooted by simply clicking on the “PoE Reboot” icon. barox Kommunikation...
  • Page 26 IP and MAC address to return and will set the new camera back to the default IP address over and over again despite this having the same IP address. This occurs because the new camera has a different MAC address. barox Kommunikation...
  • Page 27 Two conditions must be fulfilled for this representation: a) RSTP as ring protocol b) The ring only consists of RY switches supporting the DMS barox Kommunikation...
  • Page 28 − done. Map View The same function is also possible using Map View. The backgro und image is directly generated using Google Maps. This requires an internet connection and Google licences for using the service. barox Kommunikation...

  • Page 29: Maintenance

    “Add”. The uploaded plans are then listed in the lower section of the web page. Up to 30 files can be saved. Diagnostics This function was described and explained on page 24 under the heading “Devices List”. barox Kommunikation...

  • Page 30: Switch Management In The Security Focus

    Some applications require the adjustments of the Ethernet frame sizes. This can also be done in the menu section “Ports Configuration” in the field “Maximum Frame Size” as described in the following screenshot. ! Important, when setting the frame size: Please pay attention to set the exact values in order to avoid malfunctions! barox Kommunikation...

  • Page 31: Information Regarding The General Consideration Of The Bandwidth Demand

    5.1.2. Information Regarding the General Consideration of the Bandwidth Demand The consideration of the following items is recommended when planning the bandwidth demand and the related deployment of suitable barox switches: Deployment of the required Ethernet standards (10/100/1000/10000) under consideration...
  • Page 32 Preliminary considerations: The example describes the protection of a port using the physical Ethernet address at the barox switch. The ACL function functions similar to a network firewall. It sequentially verifies policies and conditions, resp., and triggers the profile and related actions depending on the emergence of the condition.
  • Page 33 SMAC Filter: Specific SMAC Value: “MAC-Address of the terminal” DMAC Filter: Any Ether Type Filter: Any Action: Permit Further settings can be derived from the following figure. Following the setting of the parameters the input is confirmed by clicking “Apply”. barox Kommunikation...
  • Page 34 A second policy is required following the generation of the first one. It is generated by clicking the “+” symbol. The following policy controls that no further MAC addresses are allow ed at port 1. All further MAC addresses are rejected accordingly. The settings can be assumed as follows: barox Kommunikation...
  • Page 35 Port 1 is switched off if a terminal with a MAC address deviating from the allowed one is connected. The port overview in the header line and the menu “Access Control > Port Configuration“ in the state “Disabled” provide indications on the connections of non-allowed terminals as shown in the following: barox Kommunikation...
  • Page 36 Attention must be paid, that the switch checks all policies top - down in each case and the sequence is maintained exactly during the configuration . Please refer to the following example: barox Kommunikation...

  • Page 37: Port Security With Limit Control Settings

    E.g.: The total limit is 4 where one unmanaged switch with three further network terminals is connected to port 2 of the barox switch. The configuration must be activated first. Furthermore the respective port is activated, the limit is determined and the action selected, which applies in case of an exceedance.

  • Page 38: Private Vlan With Port Isolation

    WAN connection for remote access. Information regarding the deployment planning: Record which components communicate with each other Add the logical separation (Private VLAN) of the components and the IP addresses to the documentation Example configuration: Step 1: barox Kommunikation...
  • Page 39 Step 2: barox Kommunikation...

  • Page 40: Use And Protection Of Ip Functions (Layer 3)

    Then the service is generally activated in “Mode“ using the setting “on“ as shown below: An overview of the service status and the allocated client addresses, resp., can be found as follows: barox Kommunikation...

  • Page 41: Protection Of Dhcp By Arp Inspection

    Furthermore the port parameters are activated and configured. The ARP In spection is activated for port 7 as shown in the following example, the verification of the VLAN is activated and the log type is set to “none”. barox Kommunikation...
  • Page 42 The DHCP clients can be connected upon the completion of the settings. Following the distribution of the IP addresses by the DHCP service the clients and their layer 2 and 3 characteristics become visible in the dynamic ARP inspection table and can subsequently be translated into the static ARP inspection table. barox Kommunikation...
  • Page 43 The following screenshot shows a static entry. An IP address is reserved for the client according to the table. barox Kommunikation...

  • Page 44: Ip Source Guard

    MAC addresses of the source terminal devices. E.g. it provides protection against so-called “IP Spoofing”. As shown in the following screenshot this function is generally activated and can be adjusted on a per-port basis. barox Kommunikation...
  • Page 45 The DHCP snooping function is required in this deployment scenario. The function is activated using the menu “Switch > DHCP > Snooping > Configuration”. The protected clients can be viewed using the dynamic table as shown in the following screenshot: barox Kommunikation...

  • Page 46: Protection Of The Switch Management And Network Administration (Layer 3-7)

    Protection of the Switch Management and Network Administration (Layer 3 –7) 5.3.1. User Management and Configuration User Generation: The following example shows the generation of a further user: barox Kommunikation...
  • Page 47 It is generally recommended not to change the default values. Such rights should be allocated when generating new users . Information: Scaling the rights of a further user on the basis of authorisation and competencies is helpful. barox Kommunikation...

  • Page 48: Deployment And Authentication Settings Using The Switch Management

    The generation of a separate user for HTTP is recommended. Change of port 80, information: Please pay attention to the port information when accessing via a browser! Access via HTTPS provides the highest level of protection due to the encryption of the connection. barox Kommunikation...
  • Page 49 The selection of a method for each entry is mandatory. The switch cannot be managed in this VLAN and access to the management is prohibited where the respective method should nevertheless be generally switched off. In case of a “wrong configuration” this can be reversed by a restart of the device. barox Kommunikation...

  • Page 50: Access Management And Use Of Https

    The HTTP option should be disabled where this mode is activated. The switch GUI is called up in the browser using the HTTPS protocol phrase https://192.168.XX(YourManagement IP):1234(YourPort) in the URL field. Following this the browser communication to the management interface is effected using encryption. barox Kommunikation...

  • Page 51: Configuration And Use Of Certificate-Based Access To The Management

    Generation of the certificate for later use, which can be downloaded and installed using the browser Upload of an externally generated certificate The browser access is effected following the installation of the certificat e and determination of the HTTPS authentication method via the HTTPS protocol barox Kommunikation...

  • Page 52: Snmp - Monitoring- And Administration Function

    The mode should be generally. Furthermore the names for the Read and Write communities are determined and the Write community is activated. Following this the changes must be saved to the start-up configuration and the switch must be restarted. barox Kommunikation...

  • Page 53: Snmp Trap Configuration

    5.4.2. SNMP Trap Configuration The parameters required for the connection to the target recipient shall be determined prior to the receipt of SNMP trap messages. This starts with the generation of a configuration. barox Kommunikation...
  • Page 54 Trap Destination Address -> Entry of the IP address of the trap recipient Trap Destination Port -> Entry of the port at the recipient Further settings can be assumed from the default settings Following this the settings are confirmed by clicking “Apply”. barox Kommunikation...
  • Page 55 Following its generation the new configuration is displayed on the super-ordinated layer. The configuration can be opened by selecting the name. barox Kommunikation...
  • Page 56 Deactivation of the SNMP Trap Function The deactivation can be effected in two ways. On the one hand it can be deactivated by erasing the configuration. Setting the configuration to “Disabled” is recommended where trap messaging shall only be used sporadically. barox Kommunikation...

  • Page 57: Supplementary Information Regarding The Sending Of Snmp Traps

    Some events − such like e.g. port events − must also be set accordingly in the port configuration. Further information regarding the reading and testing of the configuration can be found in “5.6 Reading-out SNMP Traps”. barox Kommunikation...

  • Page 58: Snmp V3 Configuration

    5.5.1. Activation of the SNMP v3 Function The mode should be generally enabled. Furthermore the Read and Write community’s text entries (standard “public” and “private”) must be erased and the Write community must be set to the state “Disabled”. barox Kommunikation...
  • Page 59 When selecting the authentication “MD5” and the privacy protocol DES attention shall be paid as the length of both passwords must be at least eight characters (numbers and character combinations). barox Kommunikation...
  • Page 60 Setting the View Configuration At the beginning the View Name is determined. Setting the OID to a value “.1” is recommended providing all SNMP-relevant messages can be viewed. This enables the complete view to all distributed OIDs. barox Kommunikation...
  • Page 61 “Group Name”. Furthermore the “Security Model” “usm” and the “Security Level” “Auth, Priv” are allocated to the group. The latter ones are required for reading and writing the views, which were previously generated in “Read View Name” and “Write View Name”. barox Kommunikation...

  • Page 62: Snmp Trap Configuration

    Trap Destination Port -> Entry of the port at the recipient Trap Security Engine ID -> The user‘s Engine ID must be entered here Trap Security Name -> Selection of the respective user Following this the settings are confirmed by clicking “Apply”. barox Kommunikation...
  • Page 63 Deactivation of the SNMP Trap Function The deactivation can be effected in two ways. On the one hand it can be deactivated by erasing the configuration. Setting the configuration to “Disabled” is recommended where trap messaging shall only be used sporadically. barox Kommunikation...

  • Page 64: Supplementary Information Regarding The Sending Of Snmp Traps

    Please assure yourself, that the events triggering a trap are configured accordingly. These settings can be configured per terminal device elsewhere in the configuration menu as shown in the following screenshot. Some events − such like e.g. port events − must also be set accordingly in the port configuration. barox Kommunikation...

  • Page 65: Reading Snmp Traps

    Reading SNMP Traps Various parameters of the barox switch configurations can be read out and set, resp., using the SNMP protocol. So-called “SNMP/MIB Browser” are basically required for doing so. But also network-/recording-/sniffer software can be utilised to read SNMP transmissions.
  • Page 66 View of the information in the SNMP browser: PoE camera is connected again / PD device is online: Recording of the information, which is sent by the switch: barox Kommunikation...
  • Page 67 Frequently a value used for reading and interpreting, resp., the status/message of the SNMP message is added to the related OIDs (Object Identifier for I nformation Units) of the traps. In this example the last line is marked for illustration purposes. barox Kommunikation...

  • Page 68: Use Of Mib Files For Reading-Out And Control Of The Switches

    During the import attention must be paid for selecting the suitable MIB file for the respective switch. The required MIB files can be identified by their prefix “mib”. * Please pay attention to the respective software vendor‘s licencing conditions when using the software! barox Kommunikation...
  • Page 69 For generating an enquiry the desired status is selected first. The enquiry is then generated using the operation “Get Next” and clicking “Go”. Upon completion of a successful enquiry the status information is displayed in the results table as shown in the following example: barox Kommunikation...

  • Page 70: Control Of Switch Functions Via Snmp And Mib Using The "Set" Operation

    Control of Switch Functions via SNMP and MIB using the “SET” Operation The “SET” operation via the SNMP protocol can be a further method for controlling barox switches. The basic SNMP configurations at the switch and of the MIB browser are preconditions.
  • Page 71 The SET operation is opened by a click on “Go“ and the OID entry is complemented by “.2“ (label of port 2). In addition to this the value “1“ (for activation) is entered and confirmed by “OK”. A respective success message is generated upon a successful operation. barox Kommunikation...

  • Page 72: Firmware Upgrade

    This is done either via the “Maintenance/Factory Defaults” menu or by pressing the reset button at the front (for longer than 10 seconds). Checking the “Keep IP setup” box ensures that the switch retains the confi gured IP address. Otherwise, everything is reset to the factory defaults. barox Kommunikation...

  • Page 73: Warranty

    Kommunikation shall remedy any product defects caused by poor material quality and/or a machining error of which barox Kommunikation is notified during the warranty period. barox Kommunikation shall then decide at their own discretion what measures to take to alleviate the defect. The warranty for any repaired or replaced components shall then continue to apply for the remaining warranty period.

Table of Contents