Page 1 Management Software AT-S94 WEB User’s Guide AT-8000S Series Stackable Gigabit Ethernet Switches Version 2.0.0 613-001104 Rev. A...
Page 2 Allied Telesis, Inc. reserves the right to make changes in specifications and other information contained in this document without prior written notice. The information provided herein is subject to change without notice. In no event shall Allied Telesis, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesis, Inc.
Page 3: Table Of Contents
Preface............................ 7 Web Browser Interface User’s Guide Overview ................8 Intended Audience........................... 8 Document Conventions ........................9 Contacting Allied Telesis ......................... 9 Getting Started........................10 Starting the Application........................10 Using the Web Browser Interface ....................12 Viewing the Device Representation......................12 User Interface Components........................13...
Page 4 Table of Contents Configuring Network Security ......................63 Managing Port Security ...........................63 Defining 802.1x Port Access........................66 Enabling Storm Control..........................71 Defining Access Control ........................ 73 Defining MAC Based ACL ........................73 Defining IPv4 Based ACL ........................78 Defining IPv6 Based ACL ........................84 Defining ACL Binding..........................89 Configuring DHCP Snooping ....................
Page 5 Table of Contents Configuring Multicast Forwarding ..................150 Configuring IGMP Snooping ........................151 Defining Multicast Bridging Groups .......................153 Defining Multicast Forward All Settings ....................156 Defining Unregistered Multicast Settings....................158 Configuring SNMP ......................160 Enabling SNMP .............................161 Defining SNMP Communities ........................162 Defining SNMP Groups .........................166 Defining SNMP Users..........................169 Defining SNMP Views..........................172 Defining Notification Recipients ......................174...
Page 6 Table of Contents Managing Stacking ......................231 Stacking Overview........................231 Stacking Ring Topology.........................231 Stacking Chain Topology........................232 Stacking Members and Unit ID ......................232 Removing and Replacing Stacking Members..................232 Exchanging Stacking Members ......................233 Configuring Stacking Management .....................234 Downloading Software with CLI ..................235 Connecting a Terminal ......................235 Initial Configuration ........................236 Configuration ............................236...
Page 7: Preface
Preface Preface This guide contains instructions on how to configure an AT-8000S Series Layer 2+ Fast Ethernet Switch using the interface in the Embedded Management System (EWS). The Embedded Management System enables configuring, monitoring, and troubleshooting of network devices remotely via a web browser. The web pages are easy-to-use and easy-to-navigate.
Page 8: Web Browser Interface User's Guide Overview
Preface Web Browser Interface User’s Guide Overview Web Browser Interface User’s Guide Overview The Web Browser Interface User’s Guide provides the following sections: • Section 1,“Getting Started” — Provides information for using the Embedded Web Management System, including adding, editing, and deleting configurations. •...
Page 9: Document Conventions
Warning Indicates a risk of personal injury. Contacting Allied Telesis This section provides Allied Telesis contact information for technical support as well as sales or corporate information. You can request technical support online by accessing the Allied Telesis Knowledge Base Online Support from the following web site: www.alliedtelesis.com/kb.
Page 10: Getting Started
Getting Started Starting the Application Section 1. Getting Started This section provides an introduction to the Web Browser Interface, and includes the following topics: • Starting the Application • User Interface Components • Logging Out • Resetting the Device • Configurable Login Banner Starting the Application This section contains information for starting the application.
Page 11 Getting Started Starting the Application Figure 1: Embedded Web System Login Page Enter manager in the User Name field. Enter friend in the Password field. Click Sign In. The System General Page opens: Page 11...
Page 12 Getting Started Starting the Application Figure 2: System General Page Page 12...
Page 13: Using The Web Browser Interface
Getting Started Using the Web Browser Interface Using the Web Browser Interface This section provides general information about the interface, and describes the following topics: • Viewing the Device Representation • User Interface Components • Using the Management Buttons • Adding, Modifying and Deleting Information Viewing the Device Representation Zoom Views provide a graphical representation of the device ports.
Page 14: User Interface Components
Getting Started Using the Web Browser Interface User Interface Components The System General Page example shows the interface components. Figure 4: System General Page The following table lists the interface components with their corresponding numbers: Table 1: Interface Components Comp on en t Des cription Menu The Menu provides easy navigation through the main management software...
Page 15: Using The Management Buttons
Getting Started Using the Web Browser Interface Using the Management Buttons Management buttons provide an easy method of configuring device information, and include the following: Table 2: Configuration Management Buttons Butto n Bu t to n Na me D escr ip tio n Opens a page which creates new configuration entries.
Page 16 Getting Started Using the Web Browser Interface Table 2: Configuration Management Buttons Butto n Bu t to n Na me D escr ip tio n Test Performs a diagnostic test. Clear All Counters Removes all counters. The application menu includes the following general purpose buttons: Configuration Opens the default configuration page (System General).
Page 17: Adding, Modifying And Deleting Information
Getting Started Using the Web Browser Interface Adding, Modifying and Deleting Information The WBI contains and tables for configuring devices. User-defined information can be added, modified or deleted in specific WBI pages. To add information to tables or WBI pages: Open a WBI page.
Page 18: Saving Configurations
Getting Started Using the Web Browser Interface Figure 6: Local User Settings Page Define the fields. Click Apply. The fields are modified, and the information is saved to the device. To delete information in tables or WBI pages: Open the WBI page. Select a table row.
Page 19: Logging Out
Getting Started Logging Out Logging Out The Logout option enables the user to log out of the device thereby terminating the running session. To log out: • In any page, click Logout on the menu. The current management session is ended and the Log Off Page opens: Figure 7: Log Off Page...
Page 20: Resetting The Device
Getting Started Resetting the Device Resetting the Device The Reset option enables resetting the device from a remote location. Note Save all changes to the Running Configuration file before resetting the device. This prevents the current device configuration from being lost. See also "System Utilities". To reset the device: In the System General Page, click Reset.
Page 21: Defining System Information
Defining System Information Section 2. Defining System Information The System General Page contains general device information, including system name and its IPv4 addressing, administrator and passwords information, Dynamic Host Configuration Protocol (DHCP) configuration and MAC Address Aging Time. To define the general system information: Click System >...
Page 22 Defining System Information • Default Gateway — The IP address of a router for remote management of the device. The address must be entered in the format: xxx.xxx.xxx.xxx. The default value is 0.0.0.0. Note Packets are forwarded to the default IP when frames are sent to a remote network via the default gateway. The configured IP address must belong to the same subnet as one of the IP interfaces.
Page 23: Configuring Internet Protocol Version 6
Configuring Internet Protocol Version 6 Section 3. Configuring Internet Protocol Version 6 The device functions as an IPv6 compliant Host, as well as an IPv4 Host (also known as dual stack). This allows device operation in a pure IPv6 network as well as in a combined IPv4/IPv6 network. The primary change from IPv4 to IPv6 is the length of network addresses.
Page 24 Configuring Internet Protocol Version 6 In addition to the dynamically configured IPv6 interfaces, there are two types of static IP addresses that can be configured on an IPv6 interface: • Link Local Addresses — Defines a Link Local address that is non-routable and used for communication on the same network only.
Page 25 Configuring Internet Protocol Version 6 The IPv6 Interface Table on the IPv6 Interface Page displays the IPv6 interfaces defined on the selected Interface. This table contains the following fields: • Check Box — Deletes the selected IPv6 interface. The first IPv6 interface entry displayed in the table is read-only and represents the automatically generated Link Local IPv6 address that cannot be removed or modified.
Page 26 Configuring Internet Protocol Version 6 Adding Multiple IPv6 Addresses The Add IPv6 Address Page allows the user to add multiple IPv6 addresses to an existing IPv6 interface. Click Add. The Add IPv6 Address Page opens. Figure 10: Add IPv6 Address Page In addition to the fields in the Add IPv6 Address Page, the Add IPv6 Address Page contains the following field: •...
Page 27: Defining The Ipv6 Default Gateway
Configuring Internet Protocol Version 6 Defining the IPv6 Default Gateway The IPv6 Default Gateway Page enables you to configure the IPv6 address of the next hop that can be used to reach the network. Two IPv6 Link-Local address formats are used: standard and one with a specified IPv6 interface identifier.
Page 28 Configuring Internet Protocol Version 6 – Tunnel • Type — Specifies the means by which the default gateway was configured. The possible field values are: – Static — Indicates the default gateway is user-defined. – Dynamic — Indicates the default gateway is dynamically configured. •...
Page 29: Configuring Tunnels
Configuring Internet Protocol Version 6 Configuring Tunnels The Tunneling Page defines the tunneling process on the device, which encapsulates IPv6 packets in IPv4 packets for delivery across an IPv4 network. The Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) address assignment and automatic tunneling mechanism is used for Unicast communication between IPv6/IPv4 nodes in an IPv4 intranet.
Page 30: Defining Ipv6 Neighbors
Configuring Internet Protocol Version 6 • Domain Name Query Interval (10-3600) — Specifies the interval between DNS Queries (before the IP address of the ISATAP router is known) for the automatic tunnel router domain name. The range is 10 - 3600 seconds.
Page 31 Configuring Internet Protocol Version 6 The IPv6 Neighbors Page contains the following fields: View IPV6 Neighbors • View Static — Displays the static IPv6 address entries from the IPv6 Neighbor Table. • View Dynamic — Displays the dynamic IPv6 address entries from the IPv6 Neighbor Table. •...
Page 32 Configuring Internet Protocol Version 6 Click Add. The Add IPv6 Neighbor Page opens. Figure 15: Add IPv6 Neighbor Page Define the static IPv6 Address and MAC Address fields. Click Apply. The IPv6 Neighbors entry is defined, and the device is updated. To modify IPv6 Neighbor entries: Click System >...
Page 33 Configuring Internet Protocol Version 6 To view IPv6 Neighbor entries: Click System > IPv6 Neighbors. The IPv6 Neighbors Page opens. Select an interface. Click View. The View IPv6 Neighbors Page opens. Figure 16: View IPv6 Neighbors Page The View IPv6 Neighbors Page contains the following fields: •...
Page 34: Configuring System Time
Configuring System Time Section 4. Configuring System Time The System Time Page provides information for configuring system time parameters, including: • Setting the System Clock • Configuring SNTP • Configuring Daylight Saving Time Setting the System Clock The System Time Page contains fields for defining system time parameters for both the local hardware clock and the external SNTP clock.
Page 35: Configuring Sntp
Configuring System Time • System Date — Sets the system date. The field format is Day/Month/Year. For example: 04/May/2050 (May 4, 2050). • Time Zone Offset — The difference between Greenwich Mean Time (GMT) and local time. For example, the Time Zone Offset for Paris is GMT +1, while the Time Zone Offset for New York is GMT –5.
Page 36: Configuring Daylight Saving Time
Configuring System Time To define SNTP global parameters: Click System > System Time. The System Time Page opens. The Simple Network Time Protocol (SNTP) section of the System Time Page contains the following fields: • Status — Indicates if SNTP is enabled on the device. The possible field values are: –...
Page 37 Configuring System Time • Time Set Offset — Used for non-USA and European countries to set the amount of time for DST (in minutes). The default time is 60 minutes. The range is 1-1440 minutes. • From — Indicates the time that DST begins in countries other than the USA and Europe, in the format Day/ Month/Year in one field and HH:MM in another.
Page 38 Configuring System Time • Bahamas — From April to October, in conjunction with Daylight Savings Time in the United States. • Belarus — From the last weekend of March until the last weekend of October. • Belgium — From the last weekend of March until the last weekend of October. •...
Page 39 Configuring System Time • Slovak Republic - From the last weekend of March until the last weekend of October. • South Africa — South Africa does not use Daylight Saving Time. • Spain — From the last weekend of March until the last weekend of October. •...
Page 40: Configuring Device Security
Configuring Device Security Section 5. Configuring Device Security This section describes setting security parameters for ports, device management methods, users, and servers. This section contains the following topics: • Configuring Management Security • Configuring Server Based Authentication • Configuring Network Security •...
Page 41: Configuring Management Security
Configuring Device Security Configuring Management Security Configuring Management Security This section provides information for configuring device management security, device authentication methods, users and passwords. This section includes the following topics: • Defining Access Profiles • Defining Profile Rules • Defining Authentication Profiles •...
Page 42 Configuring Device Security Configuring Management Security To define access profiles: Click Mgmt. Security > Access Profile. The Access Profile Page opens: Figure 18: Access Profile Page The Access Profile Page contains a table listing the currently defined profiles and their active status: •...
Page 43 Configuring Device Security Configuring Management Security Click Add. The Add Access Profile Page opens: Figure 19: Add Access Profile Page In addition to the Access Profile Page, the Add Access Profile Page contains the following fields: • Access Profile Name — Defines the name of a new access profile. •...
Page 44 Configuring Device Security Configuring Management Security • Supported IP Format — Defines the supported Internet Protocol on which the access profile is defined. The possible field values are: – IPv4 — Indicates that IPv4 is supported. – IPv6 — Indicates that IPv6 is supported. •...
Page 45: Defining Profile Rules
Configuring Device Security Configuring Management Security Defining Profile Rules Access profiles can contain up to 128 rules that determine which users can manage the device module, and by which methods. Users can also be blocked from accessing the device. Rules are composed of filters including: •...
Page 46 Configuring Device Security Configuring Management Security • Management Method — Defines the management method for which the rule is defined. Users with this access profile can access the device using the management method selected. The possible field values are: – All —...
Page 47 Configuring Device Security Configuring Management Security – IPv6 — Indicates that IPv6 is supported. • IPv6 Address Type — If IPv6 is selected as a Supported IP Format, defines the supported Unicast address type. The possible field values are: – Link Local —...
Page 48 Configuring Device Security Configuring Management Security To modify an access rule: Click Mgmt. Security > Profile Rules: The Profile Rules Page opens. Click Modify. The Profiles Rules Configuration Page opens: Figure 22: Profiles Rules Configuration Page Define the fields. Click Apply. The profile rule is saved, and the device is updated. Page 48...
Page 49: Defining Authentication Profiles
Configuring Device Security Configuring Management Security Defining Authentication Profiles Authentication profiles allow network administrators to assign authentication methods for user authentication. User authentication can be performed either locally or on an external server. User authentication occurs in the order the methods are selected. If the first authentication method is not available, the next selected method is used.
Page 50 Configuring Device Security Configuring Management Security – RADIUS — Authenticates the user at the RADIUS server. For more information, see Defining RADIUS Server Settings. – TACACS+ — Authenticates the user at the TACACS+ server. For more information, see Defining TACACS+ Host Settings. –...
Page 51 Configuring Device Security Configuring Management Security Figure 24: Add Authentication Profile Page Select the type of function to configure for the profile: Method or Login. Enter the Profile Name. Using the arrows, move the method(s) from the Optional Method list to the Selected Method list. Click Apply.
Page 52 Configuring Device Security Configuring Management Security Figure 25: Authentication Profile Configuration Page Select the Profile Name from the list. Using the arrows, move the method(s) from the Optional Method list to the Selected Method list. Click Apply. The profile settings are saved and the device is updated. Page 52...
Page 53: Mapping Authentication Profiles
Configuring Device Security Configuring Management Security Mapping Authentication Profiles After authentication profiles are defined, they can be applied to management access methods. For example, console users can be authenticated by Authentication Profile List 1, while Telnet users are authenticated by Authentication Profile List 2.
Page 54 Configuring Device Security Configuring Management Security • Secure HTTP — Indicates that authentication methods are used for secure HTTP access. The possible methods are: – Local — Authentication occurs locally. – RADIUS — Authenticates the user at the RADIUS server. –...
Page 55: Configuring Server Based Authentication
Configuring Device Security Configuring Server Based Authentication Configuring Server Based Authentication Network administrators assign authentication methods for user authentication. User authentication can be performed locally, or on an external server. User authentication occurs in the order the methods are selected. If the first authentication method is not available, the next selected method is used.
Page 56 Configuring Device Security Configuring Server Based Authentication Figure 27: TACACS+ Page The TACACS+ Page contains the following fields: • Supported IP Format — Indicates that IPv4 is supported. • Timeout for Reply — Defines the time interval, in seconds, that passes before the connection between the device and the TACACS+ server times out.
Page 57 Configuring Device Security Configuring Server Based Authentication Figure 28: Add TACACS+ Page Define the fields. Click Apply. The TACACS+ profile is saved, and the device is updated. Page 57...
Page 58 Configuring Device Security Configuring Server Based Authentication To modify TACACS+ server settings: Click Mgmt. Protocols > TACACS+. The TACACS+ Page opens. Click Modify. The TACACS+ Configuration Page opens: Figure 29: TACACS+ Configuration Page Define the relevant fields. Click Apply. The TACACS+ settings are modified, and the device is updated. Page 58...
Page 59: Configuring Radius
Configuring Device Security Configuring Server Based Authentication Configuring RADIUS Remote Authorization Dial-In User Service (RADIUS) servers provide additional security for networks. RADIUS servers provide a centralized authentication method for web access. In addition, RADIUS servers, when activated, record device management sessions on Telnet, serial and WEB and/or 802.1x authentication sessions.
Page 60 Configuring Device Security Configuring Server Based Authentication • Default Dead Time — Defines the default amount of time (in minutes) that a RADIUS server is bypassed for service requests. The range is 0-2000. • Default Source IPv4 Address — Defines the default IPv4 address. •...
Page 61 Configuring Device Security Configuring Server Based Authentication Click Add. The Add RADIUS Page opens. Figure 31: Add RADIUS Page Define the fields. Click Apply. The RADIUS profile is saved, and the device is updated. Page 61...
Page 62 Configuring Device Security Configuring Server Based Authentication To modify RADIUS server settings: Click Mgmt. Protocols > RADIUS. The RADIUS Page opens: Click Modify. The RADIUS Configuration Page opens: Figure 32: RADIUS Configuration Page Define the relevant fields. Click Apply. The RADIUS server settings are modified, and the device is updated. Page 62...
Page 63: Configuring Local Users
Configuring Device Security Configuring Server Based Authentication Configuring Local Users Network administrators can define users, passwords, and access levels for users using the Local Users Page. To configure local users and passwords: Click Mgmt. Security > Local Users. The Local Users Page opens: Figure 33: Local Users Page The Local Users Page displays the list of currently defined local users and contains the following fields: •...
Page 64 Configuring Device Security Configuring Server Based Authentication Click Create. The Add Local User Page opens: Figure 34: Add Local User Page In addition to the fields in the Local Users Page, the Add Local User Page contains the following fields •...
Page 65 Configuring Device Security Configuring Server Based Authentication To modify local users: Click Mgmt. Security > Local Users. The Local Users Page opens. Click Modify. The Local Users Configuration Page opens: Figure 35: Local Users Configuration Page Define the User Name, Access Level, Password, and Confirm Password fields. Click Apply.
Page 66: Defining Line Passwords
Configuring Device Security Configuring Server Based Authentication Defining Line Passwords Network administrators can define line passwords in the Line Password Page. The administrator enters the new password in the Password column and then confirms it in the Confirm Password column. After the line password is defined, a management method is assigned to the password.
Page 67: Configuring Network Security
Configuring Device Security Configuring Network Security Configuring Network Security Network security manages locked ports. Port-based authentication provides traditional 802.1x support, as well as, Guest VLANs. Guest VLANs limited network access to authorized ports. If a port is denied network access via port-based authorization, but the Guest VLAN is enabled, the port receives limited network access.
Page 68 Configuring Device Security Configuring Network Security To configure secure ports: Click Network Security > Port Security. The Port Security Page opens: Figure 37: Port Security Page The Port Security Page displays the Zoom View of the selected stacking member’s (defined in the Unit No. field) ports.
Page 69 Configuring Device Security Configuring Network Security Click Modify. The Port Security Configuration Page opens: Figure 38: Port Security Configuration Page The Port Security Configuration Page contains the following fields: • Interface — Displays the port name. • Action On Violation— Indicates the intruder action defined for the port. Indicates the action to be applied to packets arriving on a locked port.
Page 70: Defining 802.1X Port Access
Configuring Device Security Configuring Network Security Click Apply. The port security settings are saved and the device is updated. Click Save Config on the menu to save the changes permanently. Defining 802.1x Port Access The 802.1x Port Access Page allows enabling port access globally, defining the authentication method, and configuration of port roles and settings.
Page 71 Configuring Device Security Configuring Network Security For example, a network administrator can use Guest VLANs to deny network access via port-based authentication, but grant Internet access to unauthorized users. The possible field values are: – Enable — Enables Guest VLAN. –...
Page 72 Configuring Device Security Configuring Network Security To modify port based authentication settings: Click Modify. The Port Authentication Settings Page opens: Figure 40: Port Authentication Settings Page Page 72...
Page 73 Configuring Device Security Configuring Network Security The Port Authentication Settings Page contains the following port authentication parameters: • Port — Displays a list of interfaces on which port-based authentication is enabled. • User Name — Displays the supplicant user name. •...
Page 74 Configuring Device Security Configuring Network Security • Enable Periodic Reauthentication — Permits port reauthentication. The possible field values are: – Enable — Enables port reauthentication. This is the default value. – Disable — Disables port reauthentication. • Reauthentication Period — Displays the time span (in seconds) in which the selected port is reauthenticated.
Page 75: Enabling Storm Control
Configuring Device Security Configuring Network Security Enabling Storm Control Storm control limits the amount Multicast and Broadcast frames accepted and forwarded by the device. When Layer 2 frames are forwarded, Broadcast, and Multicast frames are flooded to all ports on the relevant VLAN. This occupies bandwidth, and loads all nodes on all ports.
Page 76 Configuring Device Security Configuring Network Security The Storm Control Page displays the Zoom View of the selected stacking member’s (defined in the Unit No. field) ports. The possible port indicators are: Port is active — Indicates that the port is linked. Port is inactive —...
Page 77: Defining Access Control
Configuring Device Security Defining Access Control Defining Access Control Access Control Lists (ACL) allow network managers to define classification actions and rules for specific ingress ports. Your switch supports up to 256 ACLs. Packets entering an ingress port, with an active ACL, are either admitted or denied entry.
Page 78 Configuring Device Security Defining Access Control The MAC Based ACL Page contains the following fields: • ACL Name — Displays the specific MAC based ACLs. • Remove ACL — Deletes the specified ACL. The possible field values are: – Checked — Deletes the ACL when user clicks the Apply button. –...
Page 79 Configuring Device Security Defining Access Control Click the Add ACL button. The Add MAC Based ACL Page opens: Figure 44: Add MAC Based ACL Page In the ACL Name field, type a name for the ACL. Enable Rule Priority and define the ACL’s relevant fields. Click Apply.
Page 80: Defining Ipv4 Based Acl
Configuring Device Security Defining Access Control Adding ACE Rules Click Network Security > MAC Based ACL. The MAC Based ACL Page opens. Click the Add ACE button. The Add MAC Based ACE Page opens. Figure 45: Add MAC Based ACE Page Define the fields.
Page 81 Configuring Device Security Defining Access Control Figure 46: IPv4 Based ACL Page The IPv4 Based ACL Page contains the following fields: • ACL Name — Displays the specific IP based ACLs. • Remove ACL — Deletes the specified ACL. The possible field values are: –...
Page 82 Configuring Device Security Defining Access Control – HMP — Host Mapping Protocol (HMP). Collects network information from various networks hosts. HMP monitors hosts spread over the internet as well as hosts in a single network. – RDP — Remote Desktop Protocol (RDP). Allows clients to communicate with the Terminal Server over the network.
Page 83 Configuring Device Security Defining Access Control • Destination – IPv4 Address — Matches the destination port IPv4 address to which packets are addressed to the ACE. – Mask — Defines the destination IP address wildcard mask. Wildcard masks specify which bits are used and which bits are ignored.
Page 84 Configuring Device Security Defining Access Control Click the Add ACL Button. The Add IPv4 Based ACL Page opens: Figure 47: Add IPv4 Based ACL Page In addition to the IPv4 Based ACL Page, the Add IPv4 Based ACL Page contains the following fields: •...
Page 85 Configuring Device Security Defining Access Control Adding ACE Rules Click Network Security > IPv4 Based ACL. The IPv4 Based ACL Page opens. Click the Add ACE button. The Add IPv4 Based ACE Page opens. Figure 48: Add IPv4 Based ACE Page Define the fields.
Page 86: Defining Ipv6 Based Acl
Configuring Device Security Defining Access Control Defining IPv6 Based ACL The IPv6 Based ACL Page contains information for defining IPv6-based ACLs, including defining the ACEs defined for IPv6-based ACLs. Click Network Security > IPv6 Based ACL. The IPv6 Based ACL Page opens. Figure 49: IPv6 Based ACL Page The IPv6 Based ACL Page contains the following fields: •...
Page 87 Configuring Device Security Defining Access Control • Destination Port — Defines the TCP/UDP destination port. This field is active only if 800/6-TCP or 800/17- UDP are selected in the Select from List drop-down menu. The possible field range is 0 - 65535. •...
Page 88 Configuring Device Security Defining Access Control Click the Add ACL Button. The Add IPv6 Based ACL Page opens: Figure 50: Add IPv6 Based ACL Page In addition to the IPv6 Based ACL Page, the Add IPv6 Based ACL Page contains the following fields: •...
Page 89 Configuring Device Security Defining Access Control Adding ACE Rules Click Network Security > IPv6 Based ACL. The IPv6 Based ACL Page opens. Click the Add ACE button. The Add IPv6 Based ACL Page opens. Define the fields. Click Apply. The IPv6-based ACE rule is defined and the device is updated. Click Save Config on the menu to save the changes permanently.
Page 90: Defining Acl Binding
Configuring Device Security Defining Access Control Defining ACL Binding When an ACL is bound to an interface, all the ACE rules that have been defined are applied to the selected interface. Whenever an ACL is assigned on an interface, flows from that ingress interface that do not match the ACL are matched to the default rule, which is Drop unmatched packets.
Page 91 Configuring Device Security Defining Access Control Click the Modify button. The ACL Binding Configuration opens: Figure 52: ACL Binding Configuration The ACL Binding Configuration contains the following fields: • Interface — Choose the interface to which the ACL is bound. The possible values are: –...
Page 92: Configuring Dhcp Snooping
Configuring DHCP Snooping Section 6. Configuring DHCP Snooping DHCP Snooping expands network security by providing an extra layer of security between untrusted interfaces and DHCP servers. By enabling DHCP Snooping network administrators can identify between trusted interfaces connected to end-users or DHCP Servers, and untrusted interface located beyond the network firewall. DHCP Snooping filters untrusted messages.
Page 93: Defining Dhcp Snooping General Properties
Configuring DHCP Snooping Defining DHCP Snooping General Properties The DHCP Snooping General Page contains parameters for enabling DHCP Snooping on the device. To define DHCP Snooping on the device: Click DHCP Snooping > General. The DHCP Snooping General Page opens: Figure 53: DHCP Snooping General Page The DHCP Snooping General Page contains the following fields: •...
Page 94: Defining Dhcp Snooping On Vlans
Configuring DHCP Snooping • Backup Database — Indicates if the DHCP Snooping Database is enabled. The possible field values are: – Enable — Enables storing allotted IP addresses in the DHCP Snooping Database. – Disable — Disables storing allotted IP addresses in the DHCP Snooping Database. This is the default value.
Page 95: Defining Trusted Interfaces
Configuring DHCP Snooping To define DHCP Snooping on VLANs: Click DHCP Snooping > VLAN Settings. The VLAN Settings Page opens: Figure 54: VLAN Settings Page The VLAN Settings Page contains the following fields: • VLAN ID — Indicates the VLAN to be added to the Enabled VLAN list. •...
Page 96 Configuring DHCP Snooping To define trusted interfaces: Click DHCP Snooping > Trusted Interfaces. The Trusted Interfaces Page opens: Figure 55: Trusted Interfaces Page The Trusted Interfaces Page contains the following fields: • Select the interfaces displayed in the table. – Ports of Unit —...
Page 97 Configuring DHCP Snooping In the table, select an interface and click Modify. The Trusted Configuration Page opens. Figure 56: Trusted Configuration Page Edit the following field: • Trusted Status — Indicates whether the interface is a Trusted Interface. – Enable — Interface is a trusted interface. –...
Page 98: Binding Addresses To The Dhcp Snooping Database
Configuring DHCP Snooping Binding Addresses to the DHCP Snooping Database The Binding Database Page contains parameters for querying and adding IP addresses to the DHCP Snooping Database. To bind addresses to the DHCP Snooping database: Click DHCP Snooping > Binding Database. The Binding Database Page opens: Figure 57: Binding Database Page Define any of the following fields as a query filter: Query Parameters...
Page 99 Configuring DHCP Snooping Query Results The Query Results table contains the following fields: • MAC Address — Indicates the MAC address found during the query. • VLAN ID — Displays the VLAN ID to which the IP address is attached in the DHCP Snooping Database. •...
Page 100: Configuring Ports
Configuring Ports Setting Ports Configurations Section 7. Configuring Ports Port Configuration includes the following procedures for configuring ports and trunks on the device. • Setting Ports Configurations • Aggregating Ports Setting Ports Configurations This section contains the following topics: • Defining Port Settings •...
Page 101 Configuring Ports Setting Ports Configurations The Port Settings Page contains the Zoom View of the device ports. The possible port settings are: Port is active — Indicates that the port is linked. Port is inactive — Indicates that the port is not linked. Port is disabled —...
Page 102 Configuring Ports Setting Ports Configurations The Port Setting Configuration Page contains the following fields: • Port— Lists the names of configured ports. • Description — Provides a user-defined port description. • Port Type — Indicates the type of port. • Admin Status —...
Page 103 Configuring Ports Setting Ports Configurations • Admin Advertisement — Defines the auto negotiation setting the port advertises. The possible field values are: – Max Capability — Indicates that all port speeds and duplex mode settings are accepted. – 10 Half — Indicates that the port advertises for a 10 Mbps speed port and half duplex mode setting. –...
Page 104: Configuring Port Mirroring
Configuring Ports Setting Ports Configurations Configuring Port Mirroring Port mirroring monitors and mirrors network traffic by forwarding copies of incoming and outgoing packets from one port to a monitoring port. Port mirroring can be used as a diagnostic tool as well as a debugging feature. Port mirroring also enables device performance monitoring.
Page 105 Configuring Ports Setting Ports Configurations • Status — Indicates if the port is currently monitored. The possible field values are: – Active — Indicates the port is currently monitored. – Ready — Indicates the port is not currently monitored. Click Add. The Add Port Mirroring Page opens: Figure 62: Add Port Mirroring Page The Add Port Mirroring Page contains the following fields: •...
Page 106 Configuring Ports Setting Ports Configurations Define the Type field. Click Apply. The Port mirroring is modified, and the device is updated. Click Save Config on the menu to permanently save the change. Page 106...
Page 107: Aggregating Ports
Configuring Ports Aggregating Ports Aggregating Ports Link Aggregation optimizes port usage by linking a group of ports together to form a single trunk. Aggregating ports multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. The device supports both static trunks and Link Aggregation Control Protocol (LACP) trunks. LACP trunks negotiate aggregating port links with other LACP ports located on a different device.
Page 108 Configuring Ports Aggregating Ports Defining Trunk Settings The Trunk Settings Page contains parameters for defining Trunks. To define a port trunk: Click Layer 1 > Trunk Settings. The Trunk Settings Page opens: Figure 64: Trunk Settings Page The Trunk Settings Page displays information about the currently defined trunks and contains the following fields: •...
Page 109 Configuring Ports Aggregating Ports • Flow Control — Displays the flow control status of the trunk. • LACP — Indicates if LACP is enabled on the trunk. The possible values are: – Enable — LACP is enabled on the trunk. –...
Page 110 Configuring Ports Aggregating Ports • Current Status — Indicates whether the trunk is currently operational or non-operational. The possible field values are: – Up — Indicates the trunk is currently operating. – Down — Indicates the trunk is currently not operating. •...
Page 111: Defining Port Trunking
Configuring Ports Aggregating Ports Defining Port Trunking The Port Trunking Page displays information about the defined trunks. To modify Port Trunking settings: Click Layer 1 > Port Trunking. The Port Trunking Page opens: Figure 66: Port Trunking Page The Port Trunking Page contains information about all port trunks currently defined on the device. The following information is displayed: •...
Page 112 Configuring Ports Aggregating Ports Click Modify. The Port Trunking Configuration Page opens: Figure 67: Port Trunking Configuration Page In addition to the fields in the The Port Trunking Page, the Port Trunking Configuration Page contains the following additional field: • Unit Number —...
Page 113: Configuring Lacp
Configuring Ports Aggregating Ports Configuring LACP Trunk ports can contain different media types if the ports are operating at the same speed. Aggregated links can be set up manually or automatically established by enabling Link Aggregation Control Protocol (LACP) on the relevant links.
Page 114 Configuring Ports Aggregating Ports Click Modify. the LACP Configuration Page opens: Figure 69: LACP Configuration Page Define the fields. Click Apply. The LACP settings are saved and the device is updated. Page 114...
Page 115: Configuring Interfaces
Configuring Interfaces Section 8. Configuring Interfaces This section contains information on configuring the interfaces of the device. This section describes the following topics: • Defining MAC Addresses • Configuring VLANs • Defining MAC Based Groups Defining MAC Addresses The MAC Address Page contains parameters for querying information in the Static MAC Address Table and the Dynamic MAC Address Table, in addition to viewing and configuring Unicast addresses.
Page 116 Configuring Interfaces The MAC Address Page contains the following fields: • View Static — Displays the static addresses assigned to the ports on the device. • View Dynamic — Displays the dynamic addresses learned on the ports on the device. •...
Page 117 Configuring Interfaces Click Apply. The new MAC address is added to the addresses table and the device information is updated. To delete all MAC addresses: Click Layer 2 > MAC Address. The MAC Address Page opens. Click Delete in the Delete All MAC Addresses section of the MAC Address Page. All addresses are cleared from the Dynamic MAC Address Table and the device begins to learn new addresses as packets arrive on the ports.
Page 118: Configuring Vlans
Configuring Interfaces Configuring VLANs Configuring VLANs This section describes how to create and configure Virtual LANs (VLANs). VLANs are logical subgroups within a Local Area Network (LAN) which combine user stations and network devices into a single unit, regardless of the physical LAN segment to which they are attached. VLANs allow network traffic to flow more efficiently within subgroups.
Page 119 Configuring Interfaces Configuring VLANs Defining VLAN Properties The VLAN Page provides information and global parameters for configuring and working with VLANs. To configure a VLAN: Click Layer 2 > VLAN. The VLAN Page opens: Figure 73: VLAN Page The VLAN Page is divided into two sections. The first section contains the following fields: •...
Page 120 Configuring Interfaces Configuring VLANs The second section contains a table that maps VLAN parameters to ports. • Select the interfaces displayed in the table. – Ports of Unit — Specifies the port and stacking member for which the VLAN mapping is displayed. –...
Page 121 Configuring Interfaces Configuring VLANs Click Modify. The VLAN Configuration opens. Figure 75: VLAN Configuration Change the Interface Status setting. Click Apply. The VLAN configuration is modified, and the device is updated. Click Save Config on the menu to permanently save the change. Page 121...
Page 122: Defining Vlan Interface Settings
Configuring Interfaces Configuring VLANs Defining VLAN Interface Settings The VLAN Interface Page contains fields for managing ports that are part of a VLAN. To define a VLAN interface: Click Layer 2 > VLAN Interface. The VLAN Interface Page opens: Figure 76: VLAN Interface Page The VLAN Interface Page displays the VLAN interface information for a selected Port/Unit or Trunk: •...
Page 123 Configuring Interfaces Configuring VLANs • Frame Type — Specifies the packet type accepted on the port. The possible field values are: – Admit Tag Only — Only tagged packets are accepted on the port. – Admit All — Both tagged and untagged packets are accepted on the port. •...
Page 124: Defining Gvrp
Configuring Interfaces Configuring VLANs Defining GVRP The GVRP Page enables users to configure GARP VLAN Registration Protocol (GVRP) on the device. GVRP is specifically provided for automatic distribution of VLAN membership information among VLAN-aware bridges. GVRP allows VLAN-aware bridges to automatically learn VLANs to bridge ports mapping, without having to individually configure each bridge and register VLAN membership.
Page 125 Configuring Interfaces Configuring VLANs • Interface — Displays the port or trunk name on which GVRP is enabled. • GVRP State — Indicates if GVRP is enabled on the port. The possible field values are: – Enable — Enables GVRP on the interface. –...
Page 126: Defining Mac Based Groups
Configuring Interfaces Defining MAC Based Groups Defining MAC Based Groups The MAC Based Groups Page allows network managers to group VLANs based on the VLAN MAC address, and to map groups to VLANs. For these purposes, the page contains two tables: •...
Page 127 Configuring Interfaces Defining MAC Based Groups • VLAN ID — Attaches the interface to a user-defined VLAN ID. VLAN group ports can be attached to a VLAN ID. The possible field range is 1-4093, and 4095 (4094 is not available for configuration). Below the MAC-Based Group table, click the Add button.
Page 128 Configuring Interfaces Defining MAC Based Groups To add a mapped group: Click Layer 2 > MAC Based Groups. The MAC Based Groups Page opens: Below the Mapping Group table, click the Add button. The Add MAC Address Group Mappings Page opens: Figure 83: Add MAC Address Group Mappings Page In addition to the fields in the MAC Based Groups Page, the Add MAC Address Group Mappings Page contains the following additional fields:...
Page 129: Configuring System Logs
Configuring System Logs Section 9. Configuring System Logs This section provides information for managing system logs. System logs enable viewing device events in real time and recording the events for later usage. System Logs record and manage events, and report errors and informational messages.
Page 130 Configuring System Logs The Event Log Page contains the following fields: The Configure Log Outputs table displays the following log information: • Type — Indicates the log type included in the output. The possible values are: – Console — Indicates that the output is of a console log. –...
Page 131 Configuring System Logs The Add Syslog Page contains the following fields: • Description — Provides any additional information about the syslog server, for example its location. • UDP Port — Defines the UDP port to which the server logs are sent. The possible range is 1-65535. The default value is 514.
Page 132: Viewing Temporary And Flash Logs
Configuring System Logs Modifying Log Servers Clicking Modify opens the Event Log Configuration Page, in which administrators can modify Server Log entries. To modify a Server Log entry: Select the entry in the Log Table and click Modify. The Event Log Configuration Page opens. Figure 87: Event Log Configuration Page The Event Log Configuration Page contains the following fields: •...
Page 133 Configuring System Logs Click View. The selected log page opens: Figure 88: View Flash Log Page The View Flash Log Page and View Temporary Log Page list the following information: • Log Index —The log index number. • Log Time — The date and time that the log was entered. •...
Page 134: Configuring Spanning Tree
Configuring Spanning Tree Configuring Classic Spanning Tree Section 10. Configuring Spanning Tree Spanning Tree Protocol (STP) provides tree topography for any arrangement of bridges. STP also provides a single path between end stations on a network, eliminating loops. Loops occur when alternate routes exist between hosts. Loops in an extended network can cause bridges to forward traffic indefinitely, resulting in increased traffic and reducing network efficiency.
Page 135: Defining Stp Properties
Configuring Spanning Tree Configuring Classic Spanning Tree Defining STP Properties The Spanning Tree Page contains parameters for enabling and configuring STP on the device. To enable STP on the device: Click Layer 2 > Spanning Tree. The Spanning Tree Page opens: Figure 89: Spanning Tree Page The STP General section of the Spanning Tree Page contains the following fields: •...
Page 136 Configuring Spanning Tree Configuring Classic Spanning Tree • Path Cost Default Values — Specifies the method used to assign default path cost to STP ports. The possible field values are: – Short — Specifies 1 through 65,535 range for port path cost. This is the default value. –...
Page 137: Defining Stp Interfaces
Configuring Spanning Tree Configuring Classic Spanning Tree Defining STP Interfaces Network administrators can assign STP settings to a specific interface (port or trunk) using the STP Interface Configuration Page. The Global trunks section displays the STP information for Link Aggregated Groups. To assign STP settings to an interface (port or trunk): Click Layer 2 >...
Page 138 Configuring Spanning Tree Configuring Classic Spanning Tree • Port Fast — Indicates if Fast Link is enabled on the port. If Fast Link mode is enabled for a port, the Port State is automatically placed in the Forwarding state when the port link is up. Fast Link optimizes the STP protocol convergence.
Page 139 Configuring Spanning Tree Configuring Classic Spanning Tree • Designated Cost — Indicates the cost of the port participating in the STP topology. Ports with a lower cost are less likely to be blocked if STP detects loops. • Forward Transitions — Indicates the number of times the port has changed from Forwarding state to Blocking state.
Page 140: Configuring Rapid Spanning Tree
Configuring Spanning Tree Configuring Rapid Spanning Tree Configuring Rapid Spanning Tree While Classic STP prevents Layer 2 forwarding loops in a general network topology, convergence can take between 30-60 seconds. This time may delay detecting possible loops and propagating status topology changes. Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies that allow a faster STP convergence without creating forwarding loops.
Page 141 Configuring Spanning Tree Configuring Rapid Spanning Tree • Mode — Displays the current STP mode. The STP mode is selected in the Spanning Tree Page. The possible field values are: – STP — Classic STP is enabled on the device. –...
Page 142 Configuring Spanning Tree Configuring Rapid Spanning Tree – Learning — Indicates the port is currently in the learning mode. The interface cannot forward traffic however it can learn new MAC addresses – Disabled — Indicates that STP is currently disabled on the port. The port forwards traffic while learning MAC addresses.
Page 143: Configuring Multiple Spanning Tree
Configuring Spanning Tree Configuring Multiple Spanning Tree Configuring Multiple Spanning Tree Multiple Spanning Tree Protocol (MSTP) provides differing load balancing scenarios. For example, while port A is blocked in one STP instance, the same port can be placed in the Forwarding state in another STP instance. This section contains the following topics: •...
Page 144: Defining Mstp Interfaces
Configuring Spanning Tree Configuring Multiple Spanning Tree • — IST Master Identifies the Spanning Tree Master instance. The IST Master is the specified instance root. • Configure Interface Settings — Click Configure to assign MSTP settings to a specific interface. •...
Page 145 Configuring Spanning Tree Configuring Multiple Spanning Tree The MSTP Interface Settings Page contains the following fields: • Instance ID — Lists the MSTP instances configured on the device. The possible field range is 1-7. • Interface — Displays the specific interface for this page’s MSTP setting. The possible field values are: –...
Page 146 Configuring Spanning Tree Configuring Multiple Spanning Tree Define the fields. Click Apply. MSTP is defined for the selected interface. Click Save Config on the menu, to save changes permanently. To view the MSTP configurations of all interfaces, click Interface Table. The MSTP Interface Table is displayed.
Page 147: Defining Mstp Instance Mappings
Configuring Spanning Tree Configuring Multiple Spanning Tree Defining MSTP Instance Mappings Network administrators can assign MSTP mapping to a specific instance (port or trunk) using the MSTP Instance Mapping Page. To define MSTP interface mapping: Click Layer 2 > MSTP. The MSTP Page opens. Click Configure next to the Configure Instance Mapping option.
Page 148: Defining Mstp Instance Settings
Configuring Spanning Tree Configuring Multiple Spanning Tree Defining MSTP Instance Settings MSTP maps VLANs into STP instances. Packets assigned to various VLANs are transmitted along different paths within Multiple Spanning Tree Regions (MST Regions). Regions are one or more Multiple Spanning Tree bridges by which frames can be transmitted.
Page 149 Configuring Spanning Tree Configuring Multiple Spanning Tree Define the fields. Click Apply. MSTP is defined for the selected instance, and the device is updated. The MSTP Page is displayed. Click Save Config on the menu, to save changes permanently. Page 149...
Page 150: Configuring Multicast Forwarding
Configuring Multicast Forwarding Section 11. Configuring Multicast Forwarding Multicast forwarding allows a single packet to be forwarded to multiple destinations. Layer 2 Multicast service is based on a Layer 2 switch receiving a single packet addressed to a specific Multicast address. Multicast forwarding creates copies of the packet, and transmits the packets to the relevant ports.
Page 151: Configuring Igmp Snooping
Configuring Multicast Forwarding Configuring IGMP Snooping When IGMP Snooping is enabled globally, all IGMP packets are forwarded to the CPU. The CPU analyzes the incoming packets and determines: • Which ports want to join which Multicast groups. • Which ports have Multicast routers generating IGMP queries. •...
Page 152 Configuring Multicast Forwarding • IGMP Querier Status — Indicates if the specific VLAN can operate as an IGMP Querier. The possible field values are: – Enable — Enables IGMP Querying on the VLAN. – Disable — Disables IGMP Querying on the VLAN. •...
Page 153: Defining Multicast Bridging Groups
Configuring Multicast Forwarding To modify the IGMP Snooping configuration: Click Multicast > IGMP. The IGMP Page opens. Click Modify. The IGMP Configuration Page opens: Figure 100:IGMP Configuration Page In addition to the IGMP Page, the IGMP Configuration Page contains the following fields: •...
Page 154 Configuring Multicast Forwarding To define Multicast Groups: Click Multicast > Multicast Group. The Multicast Group Page opens: Figure 101:Multicast Group Page The Multicast Group Page contains the following fields: • Enable Bridge Multicast Filtering — Indicates if bridge Multicast filtering is enabled on the device. The possible field values are: –...
Page 155 Configuring Multicast Forwarding Click Add. The Add Multicast Group Page opens: Figure 102:Add Multicast Group Page Select the VLAN ID. Enter the Bridge Multicast MAC Address and the Bridge Multicast IPv4 Address. Click Apply. The new Multicast group is saved and the device is updated. To modify a Multicast group: Click Modify.
Page 156: Defining Multicast Forward All Settings
Configuring Multicast Forwarding Defining Multicast Forward All Settings Multicast forwarding enables transmitting packets from either a specific Multicast group to a source, or from a non- specific source to a Multicast group. The Bridge Multicast Forward All Page contains fields for attaching ports or trunks to a device that is attached to a neighboring Multicast router/switch.
Page 157 Configuring Multicast Forwarding Click Modify. The Multicast Forward All Configuration Page opens: Figure 105:Multicast Forward All Configuration Page Define the Interface Status field. Click Apply. The Multicast Forward All settings are saved and the device is updated. Page 157...
Page 158: Defining Unregistered Multicast Settings
Configuring Multicast Forwarding Defining Unregistered Multicast Settings Multicast frames are generally forwarded to all ports in the VLAN. If IGMP Snooping is enabled, the device learns about the existence of Multicast groups and monitors which ports have joined what Multicast group. Multicast groups can also be statically enabled.
Page 159 Configuring Multicast Forwarding Click Modify. The Unregistered Multicast Configuration Page opens: Figure 107:Unregistered Multicast Configuration Page Define the Unregistered Multicast field. The . Click Apply. The Multicast Forward All settings are saved and the device is updated. Page 159...
Page 160: Configuring Snmp
Configuring SNMP Section 12. Configuring SNMP Simple Network Management Protocol (SNMP) provides a method for managing network devices. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performance or detect potential problems.
Page 161: Enabling Snmp
Configuring SNMP Enabling SNMP The SNMP Global Page provides fields for globally enabling and configuring SNMP on the device. To enable SNMP: Click SNMP > Global. The SNMP Global Page opens: Figure 108:SNMP Global Page The SNMP Global Page contains the following fields: •...
Page 162: Defining Snmp Communities
Configuring SNMP Defining SNMP Communities Access rights are managed by defining communities in the SNMP Community Page. When the community names are changed, access rights are also changed. SNMP communities are defined only for SNMP v1 and SNMP v2c. Note The device switch is delivered with no community strings configured.
Page 163 Configuring SNMP • Access Mode — Defines the access rights of the community. The possible field values are: – Read Only — Management access is restricted to read-only, and changes cannot be made to the community. – Read Write — Management access is read-write and changes can be made to the device configuration, but not to the community.
Page 164 Configuring SNMP The Add SNMP Community Page contains the following fields: • Supported IP Format — Indicates the type of IP addressing protocol supported. The possible values are: – IPv4 – IPv6 • IPv6 Address Type — Defines the type of configurable static IPv6 IP address for an interface. The possible values are: –...
Page 165 Configuring SNMP To modify SNMP community settings: Select an SNMP community entry in the Basic table or in the Advanced Table. Click Modify. The Community Configuration Page opens: Figure 111: Community Configuration Page Define the Basic or Advanced configuration of the community. Click Apply.
Page 166: Defining Snmp Groups
Configuring SNMP Defining SNMP Groups The SNMP Group Page provides information for creating SNMP groups, and assigning SNMP access control privileges to SNMP groups. Groups allow network managers to assign access rights to specific device features, or feature aspects. To define an SNMP group: Click SNMP >...
Page 167 Configuring SNMP • Security Level — Defines the security level attached to the group. Security levels apply to SNMPv3 only. The possible field values are: – No Authentication — Indicates that neither the Authentication nor the Privacy security levels are assigned to the group.
Page 168 Configuring SNMP To modify an SNMP group: Click SNMP > Groups. The SNMP Group Page opens. Click Modify. The Group Configuration Page opens: Figure 114: Group Configuration Page Define the Group Name, Security Level, Security Model, and Operation fields. Click Apply. The SNMP group profile is saved. Page 168...
Page 169: Defining Snmp Users
Configuring SNMP Defining SNMP Users The SNMP Users Page enables assigning system users to SNMP groups, as well as defining the user authentication method. To define SNMP group membership: Click SNMP > Users. The SNMP Users Page opens: Figure 115: SNMP Users Page The SNMP Users Page contains the following fields: •...
Page 170 Configuring SNMP • Authentication — Displays the method used to authenticate users. The possible field values are: – MD5 Key — Users are authenticated using the HMAC-MD5 algorithm. – SHA Key — Users are authenticated using the HMAC-SHA-96 authentication level. –...
Page 171 Configuring SNMP • Authentication Key — Defines the HMAC-MD5-96 or HMAC-SHA-96 authentication level. The authentication and privacy keys are entered to define the authentication key. If only authentication is required, 16 bytes are defined. If both privacy and authentication are required, 32 bytes are defined. Each byte in hexadecimal character strings is two hexadecimal digits.
Page 172: Defining Snmp Views
Configuring SNMP Defining SNMP Views The SNMP views provide or block access to device features or portions of features. Feature access is granted via the MIB name or MIB Object ID. To define SNMP views: Click SNMP > Views. The SNMP Views Page opens: Figure 118: SNMP Views Page The SNMP Views Page contains the following fields: •...
Page 173 Configuring SNMP Click Add. The Add SNMP VIew Page opens: Figure 119: Add SNMP VIew Page Define the View Name field. Select the Object ID Subtree using one of the following options: – Select from List — Select the Subtree from the list provided. Pressing the Up and Down buttons allows you to change the priority by moving the selected subtree up or down in the list.
Page 174: Defining Notification Recipients
Configuring SNMP Defining Notification Recipients The SNMP Notify Page contains fields for defining SNMP notification recipients. The page contains information for defining filters that determine whether traps are sent to specific users, and the trap type sent. SNMP notification filters provide the following services: •...
Page 175 Configuring SNMP SNMPv1,2c Notification Recipient The SNMP v1, v2c Recipient table contains the following fields: • Recipients IP Address — Displays the IP address to which the traps are sent. • Notification Type — Displays the type of notification sent. The possible field values are: –...
Page 176 Configuring SNMP Click Add. The Add Notify Page opens: Figure 121:Add Notify Page In addition to the SNMP Notify Page, the Add Notify Page contains the following fields: • Supported IP Format — Indicates the type of IP addressing protocol supported. The possible values are: –...
Page 177 Configuring SNMP Click Apply. The notification recipient settings are saved and the device is updated. Click Save Config on the menu to save the changes permanently. To modify notification settings: Click SNMP > Notify. The SNMP Notify Page opens. Select an entry from one of the tables and click Modify. The SNMP Notify Configuration Page opens. Figure 122:SNMP Notify Configuration Page Define the fields.
Page 178: Defining Notification Filters
Configuring SNMP Defining Notification Filters The SNMP Notification Filter Page permits filtering traps based on OIDs. Each OID is linked to a device feature or a portion of a feature. The SNMP Notification Filter Page also allows network managers to filter notifications. To configure SNMP notification filters: Click SNMP >...
Page 179 Configuring SNMP To add an SNMP notification filter: Click the Add button. The Add SNMP Notification Filter Page opens: Figure 124:Add SNMP Notification Filter Page The Add SNMP Notification Filter Page contains the following fields: • Filter Name — Contains a list of user-defined notification filters. •...
Page 180: Configuring Lldp
Configuring LLDP Section 13. Configuring LLDP Link Layer Discovery Protocol (LLDP) is a Layer 2 protocol that allows a network device supporting the 802.1ab standard to advertise its identity and capabilities on a local network. LLDP allows network managers to troubleshoot and enhance network management by discovering and maintaining network topologies over multi-vendor environments.
Page 181: Defining Global Lldp Properties
Configuring LLDP Defining Global LLDP Properties The LLDP Properties Page allows network managers to assign global LLDP parameters. To enable and configure LLDP on the device: Click LLDP > Properties. The LLDP Properties Page opens: Figure 125:LLDP Properties Page The LLDP Properties Page contains fields for configuring LLDP: •...
Page 182: Defining Lldp Port Settings
Configuring LLDP • Transmit Delay (1 - 8192) — Indicates the amount of time that passes between successive LLDP frame transmissions due to changes in the LLDP local systems MIB. The possible field range is 1 - 8192 seconds. The default value is 2 seconds. A Tx delay < 0.25 is recommended for the TLV Adv Interval. –...
Page 183 Configuring LLDP • State — Indicates the LLDP state on the port. The possible field values are: – Tx Only — Enables transmitting LLDP packets only. – Rx Only — Enables receiving LLDP packets only. – Tx & Rx — Enables transmitting and receiving LLDP packets. This is the default value. –...
Page 184: Defining Lldp Media Endpoint Discovery Network Policy
Configuring LLDP Defining LLDP Media Endpoint Discovery Network Policy LLDP Media Endpoint Discovery (LLDP MED) is an enhancement to the 802.1ab standard. LLDP MED increases network flexibility by allowing different IP systems to co-exist on a single network. LLDP MED: •...
Page 185 Configuring LLDP – Guest VLAN Signaling — Indicates that the network policy is defined for a Guest VLAN Signalling application. – Softphone Voice — Indicates that the network policy is defined for a Softphone Voice application. – Video Conferencing — Indicates that the network policy is defined for a Video Conferencing application. –...
Page 186 Configuring LLDP To modify a network policy setting: Click LLDP > Profile Rules: The LLDP MED Network Policy Page opens. Click Modify. The Network Policy Settings Configuration Page opens: Figure 130:Network Policy Settings Configuration Page Define the fields. Click Apply. The network policy setting is saved, and the device is updated. Page 186...
Page 187: Defining Lldp Med Port Settings
Configuring LLDP Defining LLDP MED Port Settings The LLDP MED Port Settings Page contains parameters for assigning LLDP network policies to specific ports. To configure LLDP MED port settings: Click LLDP > LLDP-MED Port Settings. The LLDP MED Port Settings Page opens: Figure 131:LLDP MED Port Settings Page The LLDP MED Port Settings Page contains the following fields: •...
Page 188 Configuring LLDP Click Modify. The Modify LLDP MED Port Settings Page opens: Figure 132:Modify LLDP MED Port Settings Page This page contains the following fields: • Port — Indicates the port for which the LLDP-MED port settings are displayed. • LLDP MED Status —Indicates the LLDP-MED port status, the possible field values are: –...
Page 189: Viewing The Lldp Neighbors Information
Configuring LLDP Define the port location in the Location Coordinate (16 Bytes in Hex), Location Civic Address (6-160 Bytes in Hex), Location ECS ELIN (10-25 Bytes in Hex) fields. Click Apply. The LLDP MED port settings are saved, and the device is updated. Viewing the LLDP Neighbors Information The LLDP Neighbors Information Page contains information received from neighboring device LLDP advertisements.
Page 190 Configuring LLDP Click Details to view the Neighbors Information Details Page for ports. Figure 134:Neighbors Information Details Page The Neighbors Information Details Page contains the following fields: • Port — The port for which detailed information is displayed. • Auto-Negotiation Status — The auto-negotiation status of the port. The possible field values are: –...
Page 191 Configuring LLDP LLDP MED Power over Ethernet The port PoE information. • Power Type — Indicates the power type advertised on the port. • Power Source — Indicates the power source advertised on the port. • Power Priority — Indicates the port’s power priority advertised on the port. •...
Page 192: Configuring Power Over Ethernet
Section 14. Configuring Power Over Ethernet This section describes configuring Power over Ethernet (PoE) for an AT-S94 device. PoE only applies to the AT-8000S/24POE and AT-8000S/48POE devices. Power-over-Ethernet (PoE) provides power to devices over existing LAN cabling, without updating or modifying the network infrastructure.
Page 193 Configuring Power Over Ethernet To enable PoE for the device: Click System > Power Over Ethernet. The Power Over Ethernet Page opens: Figure 135:Power Over Ethernet Page The Power Over Ethernet Page contains the following fields: Global PoE Configuration • Power Threshold —...
Page 194 Configuring Power Over Ethernet Click Modify. PoE is enabled on the device and global settings are saved. The new threshold is immediately activated on the device. Click Save Config on the menu to permanently save the change. Page 194...
Page 195: Defining Power Over Ethernet Configuration
Configuring Power Over Ethernet Defining Power Over Ethernet Configuration To modify PoE port settings: In the Power Over Ethernet Page Zoom View, click the port(s) to modify. The port indication changes to Port is selected. Click Modify. The Power Over Ethernet Configuration Page opens: Figure 136:Power Over Ethernet Configuration Page The Power Over Ethernet Configuration Page displays the currently configured PoE ports and contains the following information:...
Page 196 Configuring Power Over Ethernet – Searching — Indicates that the device is currently searching for a powered device. Searching is the default PoE operational status. – Fault — Indicates one of the following: – The powered device test has failed. For example, a port could not be enabled and cannot be used to deliver power to the powered device.
Page 197: Configuring Services
Configuring Services Section 15. Configuring Services This section describes Quality of Service related configurations. QoS supports activating one of the following Trust settings: • VLAN Priority Tag • DiffServ Code Point • None Only packets that have a Forward action are assigned to the output queue, based on the specified classification. By properly configuring the output queues, the following basic mode services can be set: •...
Page 198: Enabling Class Of Service (Cos)
Configuring Services Enabling Class of Service (CoS) The CoS Page enables configuring the CoS ports or trunks on the device. To configure CoS ports or trunks on the device: Click Services > CoS. The CoS Page opens: Figure 137:CoS Page As a default the CoS Page opens displaying the port options.
Page 199 Configuring Services • Interface — Displays the interface number. • Default CoS— Determines the default CoS value for incoming packets for which a VLAN tag is not defined. The possible field values are 0-7. The default CoS is 0. This field appears in the CoS Ports table. •...
Page 200: Configuring Cos Queueing And Scheduling
Configuring Services Configuring CoS Queueing and Scheduling The CoS Queuing & Scheduling Page provides fields for configuring CoS Priority to Egress Queues and for defining Egress Weights. The queue settings are set system-wide. When configuring QoS for stacking, note that stacking only uses three queues.
Page 201: Mapping Cos Values To Queues
Configuring Services Mapping CoS Values to Queues The Configure CoS Page contains fields for classifying CoS settings to traffic queues. When configuring QoS for stacking, note that stacking only uses three queues. To set CoS to queue: Click Services > Queuing & Scheduling. The CoS Queuing & Scheduling Page opens: In the Configure Priority to Egress Queues section, select Configure CoS.
Page 202: Mapping Dscp Values To Queues
Configuring Services Mapping DSCP Values to Queues The Configure DSCP Page contains fields for classifying DSCP settings to traffic queues. For example, a packet with a DSCP tag value of 3 can be assigned to queue 2. To set DSCP to queues: Click Services >...
Page 203: Configuring Qos Bandwidth
Configuring Services Configuring QoS Bandwidth The Bandwidth Page allows network managers to define the bandwidth settings for a specified egress interface. The Bandwidth Page is not used with the Service mode, as bandwidth settings are based on services. To configure bandwidth: Click Services >...
Page 204 Configuring Services As a default the Bandwidth Page opens displaying the port options. The fields are identical when displaying the trunk CoS. The Bandwidth Page contains the following fields: • Select the interfaces displayed in the table. – Ports of Unit — Specifies the port and stacking member for which the bandwidth settings are displayed. –...
Page 205 Configuring Services Click Modify. The Bandwidth Configuration Page opens: Figure 143:Bandwidth Configuration Page Define the fields. Click Apply. The bandwidth information is saved and the device is updated. Click Save Config on the menu to save the changes permanently. Page 205...
Page 206: System Utilities
System Utilities Section 16. System Utilities The configuration file structure involves the following configuration files: • Startup Configuration File — Contains the commands required to reconfigure the device to the same settings as when the device is powered down or rebooted. The Startup file is created by copying the configuration commands from the Running Configuration file or the Backup Configuration file.
Page 207: Restoring The Default Configuration
System Utilities Restoring the Default Configuration The Reset to Factory Defaults function restores the Configuration file to factory defaults during device reset. When this option is not selected, the device maintains the current Configuration file. To restore the default system configuration: Click Utilities >...
Page 208: Defining Tftp File Uploads And Downloads
System Utilities To reset the configuration file to defaults with reboot: Check the Reboot Switch After Resetting to Defaults option. Select the After Reset image file. Click Apply (below the table). The factory defaults are restored, and the device is updated. The device reboots.
Page 209 System Utilities • Link Local Interface — If Link Local is selected as the supported IPv6 Address Type, indicates the supported interface. The possible field values are: – VLAN 1 — Indicates that VLAN 1 is supported. – Tunnel 1 — Indicates that ISATAP tunneling (Tunnel 1) mechanism is supported. •...
Page 210 System Utilities The Configuration Copy section of the File System Page contains the following fields: • Copy Configuration— Allows the copy configuration operation. • Source File Name — Specifies the configuration file type to be copied. – Startup Configuration — Copies the Startup Configuration file, and overwrites the old Startup Configuration file.
Page 211: Viewing Integrated Cable Tests
System Utilities Viewing Integrated Cable Tests The Cable Test Page contains fields for performing tests on copper cables. Cable testing provides diagnostic information about where errors occurred in the cable, the last time a cable test was performed, and the type of cable error that occurred.
Page 212 System Utilities Click Test. The cable test is performed. Click Advanced. The Cable Test Configuration Page opens, and the copper cable test results are displayed. Figure 147:Cable Test Configuration Page Page 212...
Page 213: Viewing Optical Transceivers
System Utilities Viewing Optical Transceivers The Optical Transceivers Page allows network managers to perform tests on Fiber Optic cables. Optical transceiver diagnostics can be performed only when the link is present. To view transceiver diagnostics: Click Utilities > Optical Transceivers. The Optical Transceivers Page opens: Figure 148:Optical Transceivers Page The Optical Transceivers Page contains the following fields: •...
Page 214: Resetting The Device
System Utilities Resetting the Device The Reset Page enables the user to reset the system. Save all changes to the Running Configuration file before resetting the device. This prevents the current device configuration from being lost. To reset the device: Click Utilities >...
Page 215: Viewing Statistics
Viewing Statistics Viewing Device Statistics Section 17. Viewing Statistics This section provides device statistics for RMON, interfaces, and Etherlike. This section contains the following topics: • Viewing Device Statistics • Managing RMON Statistics Viewing Device Statistics This section contains the following topics: •...
Page 216 Viewing Statistics Viewing Device Statistics The Interface Statistics Page contains the following fields: • Select the interfaces displayed in the table. – Port — Specifies the port for which the interface statistics are displayed. – Trunk — Specifies the trunk for which the interface statistics are displayed. •...
Page 217: Viewing Etherlike Statistics
Viewing Statistics Viewing Device Statistics Viewing Etherlike Statistics The Etherlike Statistics Page displays interface statistics. To view Etherlike statistics: Click Statistics > Etherlike. The Etherlike Statistics Page page opens: Figure 151:Etherlike Statistics Page The Etherlike Statistics Page contains the following fields: •...
Page 218 Viewing Statistics Viewing Device Statistics • Internal MAC Receive Errors — Displays the number of internal MAC received errors on the selected interface. • Received Pause Frames — Displays the number of received paused frames on the selected interface. • Transmitted Paused Frames —...
Page 219: Managing Rmon Statistics
Viewing Statistics Managing RMON Statistics Managing RMON Statistics This section contains the following topics: • Viewing RMON Statistics • Configuring RMON History • Configuring RMON Events • Defining RMON Alarms Viewing RMON Statistics The RMON Statistics Page contains fields for viewing information about device utilization and errors that occurred on the device.
Page 220 Viewing Statistics Managing RMON Statistics – 15 Sec — Indicates that the RMON statistics are refreshed every 15 seconds. – 30 Sec — Indicates that the RMON statistics are refreshed every 30 seconds. – 60 Sec — Indicates that the RMON statistics are refreshed every 60 seconds. –...
Page 221: Configuring Rmon History
Viewing Statistics Managing RMON Statistics Configuring RMON History The RMON History Page contains information about samples of data taken from ports. For example, the samples may include interface definitions or polling periods. To view RMON history information: Click Statistics > RMON History. The RMON History Page opens: Figure 153:RMON History Page The RMON History Page contains the following fields: •...
Page 222 Viewing Statistics Managing RMON Statistics Figure 154:Add RMON History Page Define the Source Interface, Owner, Max. No. of Samples to Keep, and Sampling Interval fields. Click Apply. The new entry is added to the history table, and the device is updated. To edit an RMON history entry: Click Statistics >...
Page 223 Viewing Statistics Managing RMON Statistics Viewing the RMON History Table The RMON History Table Page contains interface specific statistical network samplings. Each table entry represents all counter values compiled during a single sample. To view the RMON History Table: Click Statistics > RMON History. The RMON History Page opens. Click View.
Page 224 Viewing Statistics Managing RMON Statistics • Undersize Packets — Displays the number of undersized packets (less than 64 octets) received on the interface since the device was last refreshed. • Oversize Packets — Displays the number of oversized packets (over 1518 octets) received on the interface since the device was last refreshed.
Page 225: Configuring Rmon Events
Viewing Statistics Managing RMON Statistics Configuring RMON Events The RMON Events Page contains fields for defining, modifying and viewing RMON events statistics. To add an RMON event: Click Statistics > RMON Events. The RMON Events Page opens: Figure 157:RMON Events Page The RMON Events Page contains the following fields: •...
Page 226: Viewing The Rmon Events Logs
Viewing Statistics Managing RMON Statistics Figure 158:Add RMON Events Page Define the Community, Description, Type and Owner fields. Click Apply. The event entry is added and the device is updated. To modify the RMON Event entry settings: Click Statistics > RMON Events. The RMON Events Page opens. Click Modify.
Page 227 Viewing Statistics Managing RMON Statistics Figure 159:RMON Events Logs Page The RMON Events Logs Page contains the following event log information: • Event — Displays the RMON Events Log entry number. • Log No. — Displays the log number. • Log Time —...
Page 228: Defining Rmon Alarms
Viewing Statistics Managing RMON Statistics Defining RMON Alarms The RMON Alarm Page contains fields for setting network alarms. Network alarms occur when a network problem, or event, is detected. Rising and falling thresholds generate events. To set RMON alarms: Click Statistics > RMON Alarm. The RMON Alarm Page opens: Figure 160:RMON Alarm Page The RMON Alarm Page contains the following fields: •...
Page 229 Viewing Statistics Managing RMON Statistics • Falling Event — Displays the event that triggers the specific alarm. The possible field values are user- defined RMON events. • Startup Alarm — Displays the trigger that activates the alarm generation. Rising is defined by crossing the threshold from a low-value threshold to a higher-value threshold.
Page 230 Viewing Statistics Managing RMON Statistics Figure 162:Alarm Configuration Page Define the fields. Click Apply. The RMON alarm is saved, and the device is updated. Page 230 Not approved by Document Control. For review only.
Page 231: Managing Stacking
Managing Stacking Stacking Overview Section 18. Managing Stacking This section describes the stacking control management and includes the following topics: • Stacking Overview • Configuring Stacking Management Stacking Overview Stacking provides multiple switch management through a single point as if all stack members are a single unit. All stack members are accessed through a single IP address through which the stack is managed.
Page 232: Stacking Chain Topology
Managing Stacking Stacking Overview After the stacking issues are resolved, the device can be reconnected to the stack without interruption, and the Ring topology is restored. Stacking Chain Topology In a chain topology, there are two units that have only one neighbor. Every unit has an uplink neighbor and a downlink neighbor.
Page 233: Exchanging Stacking Members
Managing Stacking Stacking Overview During the Warm Standby, the Master and the Secondary Master are synchronized with the static configuration only. When the Stacking Master is configured, the Stacking Master must synchronize the Secondary Master. The Dynamic configuration is not saved, for example, dynamically learned MAC addresses are not saved. Each port in the stack has a specific Unit ID, port type, and port number, which are part of both the configuration commands and the configuration files.
Page 234: Configuring Stacking Management
Managing Stacking Configuring Stacking Management Configuring Stacking Management The Stacking Page allows network managers to either reset the entire stack or a specific device. Device configuration changes that are not saved before the device is reset are not saved. If the Stacking Master is reset, the entire stack is reset.
Page 235: Downloading Software With Cli
Before connecting a device, ensure that the device has been installed according to the instructions described in the Allied Telesis AT-8000S Installation Guide. Once installed the device is connected to a terminal through a console port (located on the front panel of 24 port devices and the back panel for the 48 port devices).
Page 236: Initial Configuration
Downloading Software with CLI Initial Configuration Initial Configuration Before a device can download system software, the device must have an initial configuration of IP address and network mask. Before assigning a static IP address to the device, obtain the following information from the network administrator: •...
Page 237: User Name
Boot file — file 2 Standalone Device Software Download To download software an a standalone device perform the following: Power up the device as described in the Allied Telesis AT-S94 Installation Guide. The CLI command prompt is displayed. Console# Page 237...
Page 238 Downloading Software with CLI Downloading Software Enter the copy command to download the boot file. Console# copy tftp://172.16.101.101/file2.rfb boot Accessing file 'file2' on 172.16.101.101... Loading file1 from 172.16.101.101: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 09-Jul-2006 03:15:21 %COPY-W-TRAP: The copy operation was completed successfully Copy: 3329361 bytes copied in 00:03:00 [hh:mm:ss] Enter the “bootvar”...
Page 239 Downloading Software with CLI Downloading Software Enter the “copy” command to download the system file. Console# copy tftp://172.16.101.101/file1.ros image Accessing file 'file1' on 172.16.101.101... Loading file1 from 172.16.101.101: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 09-Jul-2006 03:22:27 %COPY-W-TRAP: The copy operation was completed successfully Copy: 6720861 bytes copied in 00:05:00 [hh:mm:ss] Reboot the device.
Page 240: Stacking Member Software Download
1. The software is then copied from the Stacking Master to a specified Stacking Member. Downloading Software to a Stacking Member To download software an Stacking Member number 3 perform the following: Power up the stack as described in the Allied Telesis AT-S94 Installation Guide. The CLI command prompt is displayed. Console# Enter the “copy”...
Page 241 Downloading Software with CLI Downloading Software Enter the “copy” command to download the system file. Console# copy tftp://172.16.101.101/file1.ros unit://3/image Accessing file 'file1' on 172.16.101.101... Loading file1 from 172.16.101.101: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 09-Jul-2006 03:22:27 %COPY-W-TRAP: The copy operation was completed successfully Copy: 6720861 bytes copied in 00:05:00 [hh:mm:ss] Reboot the devices being updated.
Page 242: System Defaults
System Defaults Appendix B. System Defaults This section contains the system defaults, and includes the following topics: • RS-232 Port Settings • Port Defaults • Configuration Defaults • Security Defaults • Jumbo Frame Defaults • System Time Defaults • Spanning Tree Defaults •...
Page 243: Rs-232 Port Settings
System Defaults RS-232 Port Settings RS-232 Port Settings The following table contains the RS-232 port setting defaults: Data Bits Stop Bits None Parity None Flow Control 115,200 Baud Rate Port Defaults The following are the port defaults: Enabled Auto Negotiation Enabled Auto Negotiation advertised...
Page 244: Configuration Defaults
System Defaults Configuration Defaults Configuration Defaults The following are the initial device configuration defaults: manager Default User Name friend Default Password None System Name None Comments Enabled BootP Disabled DHCP Security Defaults The following are the system security defaults: Disabled Locked Ports Disabled 802.1X Port Based...
Page 245: Spanning Tree Defaults
System Defaults Spanning Tree Defaults Spanning Tree Defaults The following are the spanning tree defaults: Enabled Enable STP Port Enabled Rapid STP Disabled Multiple STP Disabled Fast Link Long Path Cost Address Table Defaults The following the Address Table defaults: 8,000 Number of MAC Entries...
Page 246: Trunking Defaults
System Defaults Trunking Defaults Trunking Defaults The following are the trunking defaults: Possible Trunks Possible Ports per Trunk LACP Ports/Trunk Multicast Defaults The following are the Multicast defaults: Disable IGMP Snooping Maximum Multicast Groups QoS Defaults The following are the QoS defaults: Disable QoS Mode Queue...
Page 247 Index Index Daylight saving time 36 Daylight Saving Time (DST) 36 Daylight Saving Time configuration broadcast time 35 Symbols DST per country 37 parameters 36 802.1x port access 70 Default gateway 22 Delta 228 device management methods 41 Absolute 228 DHCP 22 Access level 63 DHCP database 98...
Page 248 Index GVRP configuration 124 MDI 103 MDIX 103 LLDP port settings 187 MED network policy 184 Host 127 MSTP interface 144 HTTP 43 MSTP mapping 147 MSTP properties 143 Multicast 151 Multicast Forwarding 150 IGMP 151 multicast forwarding 150 interface configuration Multicast groups 151 access profiles 41 Multiple Spanning Tree Protocol (MSTP) 143...
Page 249 Index Strict Priority 197 Suspended 102 RADIUS 50 System Log RADIUS authentication 59 modify 132 RADIUS server System log 132 authentication methods 50 system log Rate limiting 204 configuration 129 Remote Authorization Dial-In User Service (RADIUS) 59 System time 34 Remote log server 129 restoring configuration file to factory defaults 207 RMON 225...

This manual is also suitable for:

At-s94

Allied Telesis AT-8000S User Manual

Preface

Getting Started

Defining System Information

Configuring Internet Protocol Version 6

Configuring System Time

Configuring Device Security

Configuring DHCP Snooping

Configuring Ports

Configuring Interfaces

Configuring System Logs

Configuring Spanning Tree

Configuring Multicast Forwarding

Configuring SNMP

Configuring LLDP

Configuring Power over Ethernet

Configuring Services

System Utilities

Viewing Statistics

Managing Stacking

Downloading Software with CLI

System Defaults

Quick Links

Related Manuals for Allied Telesis AT-8000S

Summary of Contents for Allied Telesis AT-8000S

This manual is also suitable for:

Table of Contents