PLANET is a registered trademark of PLANET Technology Corp. All other trademarks belong to their respective owners. Disclaimer PLANET Technology does not warrant that the hardware will work properly in all environments and applications, and makes no warranty and representation, either implied or expressed, with respect to the quality, performance, merchantability, or fitness for a particular purpose.
Page 5
User’s Manual of MGSW-24160F 4.5.2 LACP Configuration ............................106 4.5.3 LACP System Status ............................107 4.5.4 LACP Port Status...............................109 4.5.5 LACP Port Statistics............................110 4.6 VLAN................................112 4.6.1 VLAN Overview ..............................112 4.6.2 IEEE 802.1Q VLAN ............................112 4.6.3 VLAN Basic Information............................. 116 4.6.4 VLAN Port Configuration ...........................
Page 6
User’s Manual of MGSW-24160F 4.9.1 Understand QOS ...............................170 4.9.2 QCL Configuration Wizard ..........................171 4.9.2.1 Set up Policy Rules ..........................172 4.9.2.2 Set up Typical Network Application Rules ....................173 4.9.2.3 Set up ToS Precedence Mapping ......................176 4.9.2.4 Set up VLAN Tag Priority Mapping ......................177 4.9.3 QoS Control List Configuration ..........................178...
Page 8
User’s Manual of MGSW-24160F System Contact ..............................306 System Location..............................306 System Timezone..............................307 System Prompt..............................307 System Reboot..............................308 System Restore Default............................308 System Load ...............................308 System Log .................................309 6.2 IP Command..............................311 IP Configuration..............................311 IP DHCP................................311 IP Setup................................312 IP Ping.................................313 IP DNS ................................313 IP DNS Proxy ..............................314...
Page 9
User’s Manual of MGSW-24160F MAC Age Time ..............................328 MAC Learning ..............................329 MAC Dump................................329 MAC Statistics ..............................330 MAC Flush................................331 6.5 VLAN Configuration Command ......................332 VLAN Configuration.............................332 VLAV PVID ................................332 VLAN Frame Type ...............................333 VLAN Ingress Filter .............................333 VLAN Mode .................................334 VLAN Link Type..............................335 VLAN Q-in-Q Mode .............................335...
Page 12
User’s Manual of MGSW-24160F Security Network DHCP Snooping Configuration ....................400 Security Network DHCP Snooping Mode ......................401 Security Network DHCP Snooping Port Mode.....................401 Security Network DHCP Snooping Statistics .......................402 Security Network IP Source Guard Configuration ....................403 Security Network IP Source Guard Mode......................404 Security Network IP Source Guard Port Mode ....................404...
Page 13
User’s Manual of MGSW-24160F STP Port AutoEdge .............................424 STP Port P2P ..............................424 STP Port RestrictedRole .............................425 STP Port RestrictedTcn ............................425 STP Port bpduGuard ............................426 STP Port Statistic..............................426 STP Port Mcheck..............................427 STP MSTI Port Configuration ..........................427 STP MSTI Port Cost ............................428 STP MSTI Port Priority ............................429...
The PLANET MGSW-24160F is all multiple ports Gigabit Ethernet Switch with SFP fiber optical connective ability and robust layer 2 features. Terms of “Managed Switch” means the Switch mentioned titled in the cover page of this User’s manual, i.e. MGSW-24160F industrial Managed Switch.
Page 19
AC and DC Redundant Power to ensure continuous operation PLANET MGSW-24160F is equipped with one 100~240V AC power supply unit and one additional DC 36 ~ 72V power supply unit for redundant power supply installation. A redundant power system is also provided to enhance the reliability with either 100~240V AC power supply unit or DC 36 ~ 72V power supply unit.
User’s Manual of MGSW-24160F 1.3 How to Use This Manual This User Manual is structured as follows: Section 2, INSTALLATION The section explains the functions of the Switch and how to physically install the Managed Switch. Section 3, SWITCH MANAGEMENT The section contains the information about the software function of the Managed Switch.
User’s Manual of MGSW-24160F 1.4 Product Features Physical Port 16 100/1000Base-X SFP mini-GBIC slots from port9 to port24 8-Port 10/100/1000Base-T Gigabit Ethernet RJ-45 RS-232 DB9 console interface for Switch basic management and setup Hardware Conformance ...
Page 22
User’s Manual of MGSW-24160F ■ Ingress Shaper and Egress Rate Limit per port bandwidth control ■ 4 priority queues on all switch ports ■ Traffic classification: IEEE 802.1p CoS TOS / DSCP / IP Precedence of IPv4/IPv6 packets IP TCP/UDP port number Typical network application ■...
Page 23
User’s Manual of MGSW-24160F ■ Built-in Trivial File Transfer Protocol (TFTP) client ■ BOOTP and DHCP for IP address assignment ■ Firmware upload/download via HTTP / TFTP ■ DHCP Relay and Option 82 ■ User Privilege levels control ■ NTP (Network Time Protocol) ■...
User’s Manual of MGSW-24160F 1.5 Product Specification Product MGSW-24160F Hardware Specification 16 1000Base-SX/LX/BX SFP interfaces, from port9 to port16 SFP/mini-GBIC Slots Compatible with 100Base-FX SFP 8 10/ 100/1000Base-T RJ-45 Auto-MDI/MDI-X ports Copper Ports 1 x RS-232 DB9 serial port (115200, 8, N, 1)
Page 25
User’s Manual of MGSW-24160F Port-Based VLAN Q-in-Q Private VLAN Edge (PVE) Up to 256 VLAN groups, out of 4094 VLAN IDs IEEE 802.3ad LACP / Static Trunk Port trunking Support 12 groups of 16-Port trunk support Traffic classification based, Strict priority and WRR...
Page 26
User’s Manual of MGSW-24160F IEEE 802.1p Class of service IEEE 802.1Q VLAN Tagging IEEE 802.1x Port Authentication Network Control IEEE 802.1ab LLDP RFC 768 UDP RFC 793 TFTP RFC 791 IP RFC 792 ICMP RFC 2068 HTTP RFC 1112 IGMP version 1...
The unit front panel provides a simple interface monitoring the Switch. Figure 2-1 shows the front panel of the Managed Switch. MGSW-24160F Front Panel Figure 2-1 MGSW-24160F Front Panel ■ Gigabit TP interface 10/100/1000Base-T Copper, RJ-45 Twist-Pair: Up to 100 meters. ■ Gigabit SFP slots 1000Base-SX/LX mini-GBIC slot, SFP (Small Factor Pluggable) transceiver module: From 550 meters (Multi-mode fiber), up to 10/30/50/70/120 kilometers (Single-mode fiber).
The front panel LEDs indicates instant status of port links, data activity and system power; helps monitor and troubleshoot when needed. Figure 2-2 shows the LED indications of these Managed Switch. MGSW-24160F LED indication Figure 2-2 MGSW-24160F LED Panel ■ System Color Function Lights to indicate that the Switch is powered on by DC1 input.
Figure 2-3 shows the rear panel of this Managed Switch. MGSW-24160F Rear Panel Figure 2-3 Rear Panel of MGSW-24160F ■ AC Power Receptacle For compatibility with electric service in most areas of the world, the Managed Switch’s power supply automatically adjusts to line power in the range 100-240VAC and 50/60 Hz.
To install the Managed Switch on desktop or shelf, please follows these steps: As desktop and rackmount installation demonstration as following is an example for SGSW-24040, however, the installation procedure of MGSW-24160F is the same with SGSW-24040. Attach the rubber feet to the recessed areas on the bottom of the Managed Switch.
User’s Manual of MGSW-24160F Keep enough ventilation space between the Managed Switch and the surrounding objects. Step3: When choosing a location, please keep in mind the environmental restrictions discussed in Chapter 1, Section 4, and Specification. Connect the Managed Switch to network devices.
User’s Manual of MGSW-24160F Secure the brackets tightly. Step3: Follow the same steps to attach the second bracket to the opposite side. Step4: After the brackets are attached to the Managed Switch, use suitable screws to securely attach the brackets to the...
Page 33
User’s Manual of MGSW-24160F Figure 2-7 Plug-in the SFP Transceiver Approved PLANET SFP Transceivers PLANET Managed Switch supports both Single mode and Multi-mode SFP transceiver. The following list of approved PLANET SFP transceivers is correct at the time of publication: 1000Base-X SFP modules: ■...
Page 34
User’s Manual of MGSW-24160F 1. It recommends using PLANET SFPs on the Managed Switch. If you insert a SFP transceiver that is not supported, the Managed Switch will not recognize it. 2. MGB series SFP modules are guaranteed working under -10 ~ 50 environmet, but MGB-TSX / ℃...
Page 35
User’s Manual of MGSW-24160F Figure 2-8 Pull out the SFP Transceiver Never pull out the module without pull the handle or the push bolts on the module. Direct pull out the module with violent could damage the module and SFP module slot of the Managed Switch.
User’s Manual of MGSW-24160F 2.2.4 Wiring the Power Input The 6-contact terminal block connector on the rear panel of MGSW-24160F is used for two DC redundant powers input. Please follow the steps below to insert the power wire. Insert positive / negative DC power wires into the contacts 1 and 2 for DC POWER 1, or 5 and 6 for DC POWER 2.
The 6-contact terminal block connector on the rear panel of MGSW-24160F is used for Digital Input and Digital Output. Please follow the steps below to insert wire. MGSW-24160F offers two DI and DO groups. 1 and 2 are DI groups, 3 and 4 are DO groups and 5 is GND (ground).The 6 pin is useless.
Page 38
Figure 2-13 Wires DI0 and DI1 to Open Detector There are two Digital Output groups for you to sense MGSW-24160F port faile or power fail and issue a high or low signal to external device. As following topology shows how to wire DO0 and DO1.
User’s Manual of MGSW-24160F 3. SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (workstation or personal computer) and the system.
User’s Manual of MGSW-24160F 3.2 Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods: An administration console Web browser interface An external SNMP-based network management application The administration console and Web browser interface support are embedded in the Managed Switch software and are available for immediate use.
Page 41
User’s Manual of MGSW-24160F Figure 3-1 Console Management Diagram Direct Access Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal-emulation program (such as HyperTerminal) to the Managed Switch console (serial) port.
User’s Manual of MGSW-24160F 3.4 Web Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. After you set up your IP address for the switch, you can access the Managed Switch's Web interface applications directly in your Web browser by entering the IP address of the Managed Switch.
User’s Manual of MGSW-24160F 3.5 SNMP-Based Network Management You can use an external SNMP-based application to configure and manage the Managed Switch, such as SNMPc Network Manager, HP Openview Network Node Management (NNM) or What’s Up Gold. This management method requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string.
User’s Manual of MGSW-24160F 4. WEB CONFIGURATION This section introduces the configuration and functions of the Web-Based management. About Web-based Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer.
Page 45
User’s Manual of MGSW-24160F Logging on the switch Use Internet Explorer 7.0 or above Web browser. Enter the factory-default IP address to access the Web interface. The factory-default IP Address as following: http://192.168.0.100 When the following login screen appears, please enter the default username "admin" with password “admin” (or the username/password you have changed via console) to login the main screen of Managed Switch.
Page 46
User’s Manual of MGSW-24160F Figure 4-1-3 Default Main Page Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by Web interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides.
User’s Manual of MGSW-24160F 4.1 Main Web Page The Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed Switch’s Web browser interface to configure and manage it.
Page 48
Using the onboard web agent, you can define system parameters, manage and control the Managed Switch, and all its ports, or monitor network conditions. Via the Web-Management, the administrator can setup the Managed Switch by select the functions those listed in the Main Function. The screen in Figure 4-1-5 appears. Figure 4-1-5 MGSW-24160F Managed Switch Main Functions Menu...
User’s Manual of MGSW-24160F 4.2 System Use the System menu items to display and configure basic administrative details of the Managed Switch. Under System the following topics are provided to configure and view the system information: This section has the following items: The switch system information is provided here.
User’s Manual of MGSW-24160F 4.2.1 System Information The System Info page provides information for the current device information. System Info page helps a switch administrator to identify the hardware MAC address, software version and system uptime. The screen in Figure 4-2-1 appears.
User’s Manual of MGSW-24160F Software Date The software version date of the switch. Buttons Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. : Click to refresh the page; any changes made locally will be undone.
User’s Manual of MGSW-24160F Provide the IP address of the router in dotted decimal notation. IP Router VLAN ID Provide the managed VLAN ID. The allowed range is 1 through 4095. DNS Server Provide the IP address of the DNS Server in dotted decimal notation.
User’s Manual of MGSW-24160F Address Provide the IPv6 address of this switch. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separate each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros;...
Page 54
User’s Manual of MGSW-24160F Figure 4-2-4 Users Configuration Page Screenshot The page includes the following fields: Object Description Username The name identifying the user. This is also a link to Add/Edit User. The privilgeg level for the user.
Page 55
User’s Manual of MGSW-24160F : Delete the current user. This button is not available for new configurations (Add new user) Once the new user is added, the new user entry shown in the Users Configuration page. Figure 4-2-6 User Configuration Page Screenshot After change the default password, if you forget the password.
User’s Manual of MGSW-24160F 4.2.5 Users Privilege Levels This page provides an overview of the privilege levels. After setup completed, please press “Save” button to take effect. Please login web interface with new user name and password, the screen in Figure 4-2-7 appears.
Page 57
User’s Manual of MGSW-24160F The page includes the following fields: Object Description Group Name The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contains more than one.
User’s Manual of MGSW-24160F 4.2.6 NTP Configuration Configure NTP on this page. NTP is an acronym for Network Time Protocol, a network protocol for synchronizing the clocks of computer systems. NTP uses UDP (data grams) as transport layer. You can specify NTP Servers and set GMT Time zone. The NTP Configuration...
User’s Manual of MGSW-24160F 4.2.7 UPnP Configuration Configure UPnP on this page. UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly and to simplify the implementation of networks in the home (data sharing, communications, and entertainment) and in corporate environments for simplified installation of computer components.
User’s Manual of MGSW-24160F Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. Figure 4-2-10 UPnP devices shows on Windows My Network Places 4.2.8 DHCP Relay Configure DHCP Relay on this page. DHCP Relay is used to forward and to transfer DHCP messages between the clients and the server when they are not on the same subnet domain.
Page 61
User’s Manual of MGSW-24160F The Remote ID sub-option was designed to carry information relating to the remote host end of the circuit. The definition of Circuit ID in the switch is 4 bytes in length and the format is "vlan_id" "module_id" "port_no". The parameter of "vlan_id"...
User’s Manual of MGSW-24160F DHCP relay information operation mode enabled. Possible policies are: Replace: Replace the original relay information when receive a DHCP message that already contains it. Keep: Keep the original relay information when receive a DHCP message that already contains it.
Page 63
User’s Manual of MGSW-24160F Receive Missing The packets number that received packets which Remote ID option was missing. Remote ID Receive Bad Circuit ID The packets number that the Circuit ID option did not match known the circuit ID.
User’s Manual of MGSW-24160F 4.2.10 CPU Load This page displays the CPU load, using a SVG graph. The load is measured as averaged over the last 100ms, 1sec and 10 seconds intervals. The last 120 samles are graphed, and the last numbers are displayed as text as well.
User’s Manual of MGSW-24160F 4.2.11 System Log The switch system log information is provided here. The System Log screen in Figure 4-2-14 appears. Figure 4-2-14 System Log Page Screenshot The page includes the following fields: Object Description ID The ID (>= 1) of the system logging entry.
User’s Manual of MGSW-24160F : Updates the system log entries, starting from the last entry currently displayed. : Updates the system log entries, ending at the last available entry ID. 4.2.12 Detailed Log The switch system detailed log information is provided here. The Detailed Log screen in Figure 4-2-15 appears.
User’s Manual of MGSW-24160F 4.2.13 Remote Syslog Configure remote syslog on this page. The Remote Syslog screen in Figure 4-2-16 appears. Figure 4-2-16 Remote Syslog Page Screenshot The page includes the following fields: Object Description Mode Indicates the remote syslog mode operation. Possible modes are: Enabled: Enable remote syslog mode operation.
Page 68
User’s Manual of MGSW-24160F Figure 4-2-17 Web Firmware Upgrade Page Screenshot The page includes the following fields: Object Description SMTP Mode Controls whether SMTP is enabled on this switch. SMTP Server Type the SMTP server name or the IP address of the SMTP server.
User’s Manual of MGSW-24160F 4.2.15 Web Firmware Upgrade This page facilitates an update of the firmware controlling the switch. The Web Firmware Upgrade screen in Figure 4-2-18 appears. Figure 4-2-18 Web Firmware Upgrade Page Screenshot To open Firmware Upgrade screen perform the folling: Click System ->...
User’s Manual of MGSW-24160F 4.2.16 TFTP Firmware Upgrade The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server in the network. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP server.
User’s Manual of MGSW-24160F 4.2.17 Configuration Backup This function allows backup and reload the current configuration of the Managed Switch to the local management station. The Configuration Backup screen in Figure 4-2-21 appears. Figure 4-2-21 Configuration Backup Page Screenshot You can save/view or load the switch configuration. The configuration file is in XML format with a hierarchy of tags: <?xml version="1.0"?>...
Page 72
User’s Manual of MGSW-24160F Figure 4-2-22 File Download Screen Chose the file save path in management workstation. Figure 4-2-23 File Save Screen...
User’s Manual of MGSW-24160F 4.2.18 Configuration Upload This function allows backup and reload the current configuration of the Managed Switch to the local management station. The Configuration Upload screen in Figure 4-2-24 appears. Figure 4-2-24 Configuration Upload Page Screenshot ...
User’s Manual of MGSW-24160F 4.2.19 Digital input/output Digital Input allows user can log external device (such as industrial cooler) dead or alive or something else, system will logs a user cistomize message into system log, syslog, issue SNMP trap or issue an alarm E-mail.
User’s Manual of MGSW-24160F As Digital Output: that when Allows user selecting to High to Low or Low to High. This is means the switch has power failed or port failed then system will issue a High or Low signal to an external device (such as an alarm).
Page 76
User’s Manual of MGSW-24160F Figure 4-2-27 Windows File Selection Menu Popup The page includes the following fields: Object Description Allows user to enable Fault Alarm function. Enable Allows user to record alarm message to System log, syslog or issues out via Record SNMP Trap or SMTP.
User’s Manual of MGSW-24160F 4.2.21 Factory Default You can reset the configuration of the switch on this page. Only the IP configuration is retained. The new configuration is available immediately, which means that no restart is necessary. The Factory Default screen in Figure 4-2-28 appears.
User’s Manual of MGSW-24160F 4.2.22 System Reboot The Reboot page enables the device to be rebooted from a remote location. Once the Reboot button is pressed, user have to re-login the WEB interface about 60 seconds later, the System Reboot screen in Figure 4-2-29 appears.
User’s Manual of MGSW-24160F 4.3 Simple Network Management Protocol 4.3.1 SNMP Overview The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite.
User’s Manual of MGSW-24160F Configure SNMPv3 communities table on this page. SNMPv3 Communities Configure SNMPv3 users table on this page. SNMPv3 Users Configure SNMPv3 groups table on this page. SNMPv3 Groups Configure SNMPv3 views table on this page.
User’s Manual of MGSW-24160F will be associated with SNMPv3 community’s table. Indicates the SNMPv3 engine ID. The string must contain an even number Engine ID between 10 and 64 hexadecimal digits, but all-zeros and all-'F's are not allowed. Change of the Engine ID will clear all original local users.
User’s Manual of MGSW-24160F Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.3.4 SNMP Trap Configuration Configure SNMP trap on this page. The SNMP Trap Configuration screen in Figure 4-3-3 appears.
Page 83
User’s Manual of MGSW-24160F Address Trap Destination IPv6 Provide the trap destination IPv6 address of this switch. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a Address colon separate each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros;...
User’s Manual of MGSW-24160F 4.3.5 SNMPv3 Configuration 4.3.5.1 SNMPv3 Communities Configuration Configure SNMPv3 community’s table on this page. The entry index key is Community. The SNMPv3 Communities Configuration screen in Figure 4-3-4 appears. Figure 4-3-4 SNMPv3 Communities Configuration Page Screenshot...
Page 85
User’s Manual of MGSW-24160F Figure 4-3-5 SNMPv3 Users Configuration Page Screenshot The page includes the following fields: Object Description Check to delete the entry. It will be deleted during the next save. Delete A octet string identifying the engine ID that this entry should belong to. The string...
Page 86
User’s Manual of MGSW-24160F DES: An optional flag to indicate that this user using DES authentication protocol. Privacy Password A string identifying the privacy pass phrase. The allowed string length is 8 to 32, and the allowed content is the ASCII characters from 33 to 126.
User’s Manual of MGSW-24160F 4.3.5.3 SNMPv3 Groups Configuration Configure SNMPv3 groups table on this page. The entry index keys are Security Model and Security Name. The SNMPv3 Groups Configuration screen in Figure 4-3-6 appears. Figure 4-3-6 SNMPv3 Groups Configuration Page Screenshot...
User’s Manual of MGSW-24160F 4.3.5.4 SNMPv3 Views Configuration Configure SNMPv3 views table on this page. The entry index key is View Name and OID Subtree. The SNMPv3 Views Configuration screen in Figure 4-3-7 appears. Figure 4-3-7 SNMPv3 Views Configuration Page Screenshot...
User’s Manual of MGSW-24160F 4.3.5.5 SNMPv3 Accesses Configuration Configure SNMPv3 accesses table on this page. The entry index key is Group Name, Security Model and Security Level. The SNMPv3 Accesses Configuration screen in Figure 4-3-8 appears. Figure 4-3-8 SNMPv3 Accesses Configuration Page Screenshot...
Page 90
User’s Manual of MGSW-24160F Buttons : Click to add a new access entry. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
User’s Manual of MGSW-24160F 4.4 Port Management Use the Port Menu to display or configure the Managed Switch's ports. This section has the following items: Configures port connection settings Port Configuration Port Statistics Overview Lists Ethernet and RMON port statistics ...
Page 92
User’s Manual of MGSW-24160F The page includes the following fields: Object Description This is the logical port number for this row. Port Description Indicates the per port description. The current link state is displayed graphically. Green indicates the link is up and Link red that it is down.
User’s Manual of MGSW-24160F When set each port to run at 100M Full, 100M Half, 10M Full, and 10M Half-speed modes. The Auto-MDIX function will disable. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
User’s Manual of MGSW-24160F The displayed counters are: Object Description The logical port for the settings contained in the same row. Port The number of received and transmitted packets per port. Packets The number of received and transmitted bytes per port.
Page 95
User’s Manual of MGSW-24160F The page includes the following fields: Receive Total and Transmit Total Object Description The number of received and transmitted (good and bad) packets Rx and Tx Packets The number of received and transmitted (good and bad) bytes. Includes FCS, but Rx and Tx Octets excludes framing bits.
User’s Manual of MGSW-24160F Transmit Error Counters Object Description The number of frames dropped due to output buffer congestion. Tx Drops The number of frames dropped due to excessive or late collisions. Tx Late/Exc. Coll. Buttons : Click to refresh the page immediately.
User’s Manual of MGSW-24160F Object Description Type Display the type of current SFP module, the possible types are: 1000Base-SX 1000Base-LX 100Base-FX Speed Display the spedd of current SFP module, the speed value or description is get from the SFP module.
Page 98
User’s Manual of MGSW-24160F Figure 4-4-5 Port Mirror application The traffic to be copied to the mirror port is selected as follows: All frames received on a given port (also known as ingress or source mirroring). All frames transmitted on a given port (also known as egress or destination mirroring).
Page 99
User’s Manual of MGSW-24160F Figure 4-4-6 Port Mirror Configuration Page Screenshot...
Page 100
User’s Manual of MGSW-24160F The page includes the following fields: Object Description Port to mirror to Frames from ports that have either source or destination mirroring enabled are mirrored to this port. Disabled disables mirroring. Switch to mirror to Frames from ports that have either source (rx) or destination (tx) mirroring enabled are mirrored to this switch.
User’s Manual of MGSW-24160F 4.5 Link Aggregation Port Aggregation optimizes port usage by linking a group of ports together to form a single Link Aggregated Groups (LAGs). Port Aggregation multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy.
Page 102
User’s Manual of MGSW-24160F Figure 4-5-1 Link Aggregations The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems that require high speed redundant links. Link aggregation lets you group up to eight consecutive ports into a single dedicated connection.
Page 103
User’s Manual of MGSW-24160F All of the ports in a link aggregation have to be treated as a whole when moved from/to, added or deleted from a VLAN. The Spanning Tree Protocol will treat all the ports in a link aggregation as a whole.
User’s Manual of MGSW-24160F 4.5.1 Static Aggregation Configuration This page is used to configure the Aggregation hash mode and the aggregation group. The aggregation hash mode settings are global, whereas the aggregation group relate to the currently selected unit, as reflected by the page header.
Page 105
User’s Manual of MGSW-24160F Figure 4-5-3 Aggregation Group Configuration Page Screenshot The page includes the following fields: .Object Description Indicates the group ID for the settings contained in the same row. Group ID Group ID "Normal" indicates there is no aggregation. Only one group ID is valid per port.
User’s Manual of MGSW-24160F 4.5.2 LACP Configuration Link Aggregation Control Protocol (LACP) - LACP LAG negotiate Aggregated Port links with other LACP ports located on a different device. LACP allows switches connected to each other to discover automatically whether any ports are member of the same LAG.
User’s Manual of MGSW-24160F The page includes the following fields: Object Description The switch port number. Port Controls whether LACP is enabled on this switch port. LACP will form an LACP Enabled aggregation when 2 or more ports are connected to the same partner. LACP can form max 12 LLAGs per switch.
Page 108
User’s Manual of MGSW-24160F The page includes the following fields: Object Description The Aggregation ID associated with this aggregation instance. Aggr ID For LLAG the id is shown as 'isid:aggr-id' and for GLAGs as 'aggr-id' The system ID (MAC address) of the aggregation partner.
User’s Manual of MGSW-24160F 4.5.4 LACP Port Status This page provides a status overview for LACP status for all ports. The LACP Port Status screen in Figure 4-5-6 appears. Figure 4-5-6 LACP Port Status Page Screenshot The page includes the following fields:...
User’s Manual of MGSW-24160F The partner System ID (MAC address). Partner System ID Partner Port The partner port number connected to this port. Buttons : Click to refresh the page immediately. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals.
Page 111
User’s Manual of MGSW-24160F The page includes the following fields: Object Description The switch port number. Port Shows how many LACP frames have been sent from each port. LACP Transmitted Shows how many LACP frames have been received at each port.
User’s Manual of MGSW-24160F 4.6 VLAN 4.6.1 VLAN Overview A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN.
Page 113
User’s Manual of MGSW-24160F to the same physical segment. VLANs help to simplify network management by allowing you to move devices to a new VLAN without having to change any physical connections. VLANs can be easily organized to reflect departmental groups (such as Marketing or R&D), usage groups (such as e-mail), or multicast groups (used for multimedia applications such as videoconferencing).
Page 114
User’s Manual of MGSW-24160F 1 bit of Canonical Format Identifier (CFI - used for encapsulating Token Ring packets so they can be carried across Ethernet backbones), and 12 bits of VLAN ID (VID). The 3 bits of user priority are used by 802.1p. The VID is the VLAN identifier and is used by the 802.1Q standard.
Page 115
User’s Manual of MGSW-24160F Tagged packets are forwarded according to the VID contained within the tag. Tagged packets are also assigned a PVID, but the PVID is not used to make packet forwarding decisions, the VID is. Tag-aware switches must keep a table to relate PVID within the switch to VID on the network. The switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet.
User’s Manual of MGSW-24160F ■ Untagged VLANs Untagged (or static) VLANs are typically used to reduce broadcast traffic and to increase security. A group of network users assigned to a VLAN form a broadcast domain that is separate from other VLANs configured on the switch. Packets are forwarded only between ports that are designated for the same VLAN.
User’s Manual of MGSW-24160F 4.6.4 VLAN Port Configuration This page is used for configuring the Managed Switch port VLAN. The VLAN per Port Configuration page contains fields for managing ports that are part of a VLAN. The port default VLAN ID (PVID) is configured on the VLAN Port Configuration page. All untagged packets arriving to the device are tagged by the ports PVID.
Page 118
User’s Manual of MGSW-24160F The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge, aggregating traffic from numerous independent customer LANs into the MAN (Metro Access Network) space. One of the purposes of the provider bridge is to recognize and use VLAN tags so that the VLANs in the MAN space can be used independent of the customers’...
Page 119
User’s Manual of MGSW-24160F Figure 4-6-2 VLAN Port Configuration Page Screenshot The page includes the following fields: Object Description This is the logical port number for this row. Port PVID Allow assign PVID for selected port. The range for the PVID is 1-4094.
Page 120
User’s Manual of MGSW-24160F ingress filtering is disabled (no checkmark). Determines whether the port accepts all frames or only tagged frames. This Accept Frame Type parameter affects VLAN ingress processing. If the port only accepts tagged frames, untagged frames received on the port are discarded. By default, the field is set to All.
User’s Manual of MGSW-24160F 4.6.5 VLAN Membership Configuration Adding Static Members to VLANs (VLAN Index) Use the VLAN Static Table to configure port members for the selected VLAN index. The VLAN membership configuration for the selected the switch can be monitored and modified here. Up to 255 VLANs are supported. This page allows for adding and deleting VLANs as well as adding and deleting port members of each VLAN.
User’s Manual of MGSW-24160F Buttons : Click to add new VLAN. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. : Refreshes the displayed table starting from the "VLAN ID" input fields.
User’s Manual of MGSW-24160F Server. - Voice VLAN : Voice VLAN is a VLAN configured specially for voice traffic typically originating from IP phones. - MVR : MVR is used to eliminate the need to duplicate multicast traffic for subscribers in each VLAN. Multicast traffic for all channels is sent only on a single (multicast) VLAN.
Page 124
User’s Manual of MGSW-24160F Figure 4-6-5 VLAN Port Status for User Static Page Screenshot The page includes the following fields: Object Description Port The logical port for the settings contained in the same row. PVID Shows the VLAN identifier for that port. The allowed values are 1 through 4095.
User’s Manual of MGSW-24160F parameter affects VLAN ingress processing. If the port only accepts tagged frames, untagged frames received on that port are discarded. Tx Tag Shows egress filtering frame status whether tagged or untagged. UVID Shows UVID (untagged VLAN ID). Port's UVID determines the packet's behavior at the egress side.
Page 126
User’s Manual of MGSW-24160F application examples are provided in this section: Customers connected to an ISP can be members of the same VLAN, but they are not allowed to communicate with each other within that VLAN. Servers in a farm of web servers in a Demilitarized Zone (DMZ) are allowed to communicate with the outside world and...
Page 127
User’s Manual of MGSW-24160F The port settings relate to the currently selected unit, as reflected by the page header. The Port Isolation Configuration screen in Figure 4-6-6 appears. Figure 4-6-6 Port Isolation Configuration Page Screenshot The page includes the following fields:...
User’s Manual of MGSW-24160F 4.6.9 Private VLAN Membership Configuration The Private VLAN membership configurations for the switch can be monitored and modified here. Private VLANs can be added or deleted here. Port members of each Private VLAN can be added or removed here.
User’s Manual of MGSW-24160F Buttons : Click to add new VLAN. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.6.10 VLAN setting example: - Separate VLAN - 802.1Q VLAN Trunk - Port Isolate 4.6.10.1 Two separate 802.1Q VLAN...
Page 130
User’s Manual of MGSW-24160F VLAN Group Untagged Members Tagged Members VLAN Group 1 Port-7~Port-24 VLAN Group 2 Port-1, Port-2 Port-3 VLAN Group 3 Port-4, Port-5 Port-6 Table 4-6-2 VLAN and Port Configuration The scenario described as follow: Untagged packet entering VLAN 2 While [PC-1] transmit an untagged packet enters Port-1, the Managed Switch will tag it with a VLAN Tag=2.
Page 131
User’s Manual of MGSW-24160F VLAN Group 3 with VID=3 Assign VLAN Member: VLAN 2: Port-1, Port-2 and Port-3 VLAN 3: Port-4, Port-5 and Port-6 VLAN 1: All other ports – Port-7~Port-24 Remove VLAN Member for VLAN 1: Remember to remove the Port 1 – Port 6 from VLAN 1 membership, since the Port 1 – Port 6 had been assigned to VLAN 2 and VLAN 3.
Page 132
User’s Manual of MGSW-24160F Figure 4-6-10 Port 1-Port 6 VLAN Configuration...
User’s Manual of MGSW-24160F 4.6.10.2 VLAN Trunking between two 802.1Q aware switch The most cases are used for “Uplink” to other switches. VLANs are separated at different switches, but they need to access with other switches within the same VLAN group. The screen in Figure 4-6-11 appears.
User’s Manual of MGSW-24160F VLAN 2: Port-1, Port-2 and Port-3 VLAN 3: Port-4, Port-5 and Port-6 VLAN 1: All other ports – Port-7~Port-24 About the VLAN ports connect to the hosts, please refer to 4.6.10.1 examples. The following steps will focus on the VLAN Trunk port configuration.
Page 135
User’s Manual of MGSW-24160F each other PCs of each isolate port. But they all need to access with the same server/AP/Printer. The screen in Figure 4-6-14 appears. This section will show you how to configure the port for the server – that could be accessed by each isolate port.
Page 136
User’s Manual of MGSW-24160F Figure 4-6-15 The Configuration of Isolate and Promiscuous Port Assign VLAN Member: VLAN 1: Port-1, Port-2, Port-5 and Port-3 VLAN 2: Port-3~Port-6. The screen in Figure 4-6-16 appears. Figure 4-6-16 Private VLAN Port Setting...
User’s Manual of MGSW-24160F 4.7 Spanning Tree Protocol 4.7.1 Theory The Spanning Tree protocol can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
Page 138
User’s Manual of MGSW-24160F The switch sends BPDUs to communicate and construct the spanning-tree topology. All switches connected to the LAN on which the packet is transmitted will receive the BPDU. BPDU does’nt directly forward by the switch, but the receiving switch uses the information in the frame to calculate a BPDU, and, if the topology changes, initiates a BPDU transmission.
Page 139
User’s Manual of MGSW-24160F Figure 4-7-1 STP Port State Transitions You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state.
Page 140
User’s Manual of MGSW-24160F The following are the user-configurable STP parameters for the switch level: Parameter Description Default Value A combination of the User-set priority and 32768 + MAC Bridge Identifier(Not user the switch’s MAC address. configurable The Bridge Identifier consists of two parts:...
Page 141
User’s Manual of MGSW-24160F User-Changeable STA Parameters The Switch’s factory default setting should cover the majority of installations. However, it is advisable to keep the default settings as set at the factory; unless, it is absolutely necessary. The user changeable parameters in the Switch are as follows: Priority –...
Page 142
User’s Manual of MGSW-24160F Figure 4-7-2 Before Applying the STA Rules In this example, only the default STP values are used. Figure 4-7-3 After Applying the STA Rules...
User’s Manual of MGSW-24160F The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost between switches B and C. The two (optional) Gigabit ports (default port cost = 20,000) on switch A are connected to one (optional) Gigabit port on both switch B and C.
Page 144
User’s Manual of MGSW-24160F The page includes the following fields: Basic Settings Object Description The STP protocol version setting. Valid values are STP, RSTP and MSTP. Protocol Version The delay used by STP Bridges to transition Root and Designated Ports to Forward Delay Forwarding (used in STP compatible mode).
User’s Manual of MGSW-24160F The Gigabit Ethernet Switch implement the Rapid Spanning Protocol as the default spanning tree protocol. While select “Compatibles” mode, the system uses the RSTP (802.1w) to compatible and co work with another STP (802.1d)’s BPDU control packets.
User’s Manual of MGSW-24160F 4.7.4 CIST Port Configuration This page allows the user to inspect the current STP CIST port configurations, and possibly change them as well. This page contains settings for aggregations and physical ports. The RSTP port settings relate to the currently selected unit, as reflected by the page header.
Page 147
User’s Manual of MGSW-24160F The page includes the following fields: Object Description The switch port number of the logical STP port. Port Controls whether RSTP is enabled on this switch port. STP Enabled Controls the path cost incurred by the port. The Auto setting will set the path cost Path Cost as appropriate by the physical link speed, using the 802.1D recommended...
Page 148
User’s Manual of MGSW-24160F to the similar bridge setting, the port Edge status doesn’t affect this setting. A port entering error-disabled state due to this setting is subject to the bridge Port Error Recovery setting as well. Point2Point Controls whether the port connects to a point-to-point LAN rather than a shared medium.
User’s Manual of MGSW-24160F Half Duplex 200,000 Fast Ethernet Full Duplex 100,000 Trunk 50,000 Full Duplex 10,000 Gigabit Ethernet Trunk 5,000 Table 4-7-3 Default STP Path Costs 4.7.5 MSTI Priorities This page allows the user to inspect the current STP MSTI bridge instance priority configurations, and possibly change them as well.
User’s Manual of MGSW-24160F 4.7.6 MSTI Configuration This page allows the user to inspect the current STP MSTI bridge instance priority configurations, and possibly change them as well. The MSTI Configuration screen in Figure 4-7-8 appears. Figure 4-7-8 MSTI Configuration Page Screenshot...
User’s Manual of MGSW-24160F MSTI Mapping Object Description MSTI The bridge instance. The CIST is not available for explicit mapping, as it will receive the VLANs not explicitly mapped. VLANs Mapped The list of VLAN's mapped to the MSTI. The VLANs must be separated with comma and/or space.
Page 152
User’s Manual of MGSW-24160F Figure 4-7-10 MST1 MSTI Port Configuration Page Screenshot...
Page 153
User’s Manual of MGSW-24160F The page includes the following fields: MSTx MSTI Port Configuration Object Description Port The switch port number of the corresponding STP CIST (and MSTI) port. Path Cost Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended...
User’s Manual of MGSW-24160F 4.7.8 Port Status This page displays the STP CIST port status for port physical ports in the currently selected switch. The STP Port Status screen in Figure 4-7-11 appears. Figure 4-7-11 STP Port Status Page Screenshot...
User’s Manual of MGSW-24160F Disabled Blocking Learning Forwarding Non-STP Uptime The time since the bridge port was last initialized. Buttons : Click to refresh the page immediately. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals.
Page 156
User’s Manual of MGSW-24160F port. Buttons : Click to refresh the page immediately. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. : Click to clear the information immediately.
User’s Manual of MGSW-24160F 4.8 Multicast 4.8.1 IGMP Snooping The Internet Group Management Protocol (IGMP) lets host and routers share information about multicast groups memberships. IGMP snooping is a switch feature that monitors the exchange of IGMP messages and copies them to the CPU for feature processing.
Page 159
User’s Manual of MGSW-24160F IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time. IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group. IGMP version 1 is defined in RFC 1112. It has a fixed packet size and no optional data.
Page 160
User’s Manual of MGSW-24160F message, and query messages that are specific to a given group. The states a computer will go through to join or to leave a multicast group are shown below: Figure 4-8-4 IGMP State Transitions IGMP Querier –...
User’s Manual of MGSW-24160F 4.8.2 IGMP Snooping Configuration This page provides IGMP Snooping related configuration. Most of the settings are global, whereas the Router Port configuration is related to the currently selected unit, as reflected by the page header. The IGMP Snooping Configuration screen in Figure 4-8-5 appears.
User’s Manual of MGSW-24160F 4.8.3 IGMP Port Related Configuration This page provides IGMP Snooping related configuration. Most of the settings are global, whereas the Router Port configuration is related to the currently selected unit, as reflected by the page header. The IGMP Port Related Configuration screen in Figure 4-8-6 appears.
User’s Manual of MGSW-24160F will act as a router port. Fast Leave Enable the Fast Leave on the port. Throttling Enable to limit the number of multicast groups to which a switch port can belong. Buttons : Click to save changes.
User’s Manual of MGSW-24160F Buttons : Refreshes the displayed table starting from the "VLAN" input fields. : Updates the table starting from the first entry in the VLAN Table, i.e. the entry with the lowest VLAN ID. : Updates the table, starting with the entry after the last entry currently displayed.
User’s Manual of MGSW-24160F Port The logical port for the settings. Filtering Group The IP Multicast Group that will be filtered. Buttons : Check to delete the entry. : Click to add a new entry to the Group Filtering table.
User’s Manual of MGSW-24160F The page includes the following fields: Object Description The VLAN ID of the entry. VLAN ID The present IGMP groups. Max. are 128 groups for each VLAN. Groups The ports that are members of the entry.
Page 167
User’s Manual of MGSW-24160F This page provides MVR related configuration. The MVR Configuration screen in Figure 4-8-10 appears. Figure 4-8-10 MVR Configuration Page Screenshot The page includes the following fields: Object Description MVR Mode Enable/Disable the Global MVR.
User’s Manual of MGSW-24160F VLAN ID Specify the Multicast VLAN ID. Mode Enable MVR on the port. Type Specify the MVR port type on the port. Immediate Leave Enable the fast leave on the port. Buttons : Click to save changes.
Page 169
User’s Manual of MGSW-24160F Buttons : Click to refresh the page immediately. : Clears all Statistics counters. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals.
User’s Manual of MGSW-24160F 4.9 Quality of Service 4.9.1 Understand QOS Quality of Service (QoS) is an advanced traffic prioritization feature that allows you to establish control over network traffic. QoS enables you to assign various grades of network service to different types of traffic, such as multi-media, video, protocol-specific, time critical, and file-backup traffic.
User’s Manual of MGSW-24160F Apply a QoS profile to a port(s). 4.9.2 QCL Configuration Wizard This handy wizard helps you set up a QCL quickly. The QCL Configuration Wizard screen in Figure 4-9-1 appears. Figure 4-9-1 Welcome to the QCL Configuration Wizard Page Screenshot...
User’s Manual of MGSW-24160F 4.9.2.1 Set up Policy Rules Group ports into several types which according to different QCL policies. The settings relate to the currently selected unit, as reflected by the page header. The screen in Figure 4-9-2 appears.
User’s Manual of MGSW-24160F Buttons : Click to start the wizard again. : Click to get more information. : Click to continue the wizard. Once the QCL configuration wizard is finished, the below screen appears. Buttons : Click to start the wizard again.
Page 174
User’s Manual of MGSW-24160F Figure 4-9-3 Set up Typical Network Application Rules Page Screenshot The page includes the following fields: Object Description Indicates the common servers that apply to the specific QCE . Audio and Video The common servers are:...
Page 175
User’s Manual of MGSW-24160F STEP-2 According to your selection on the previous page, this wizard will create specific QCEs (QoS Control Entries) automatically. First select the QCL ID for these QCEs, and then select the traffic class. Different parameter options are displayed depending on the frame type that you selected.
User’s Manual of MGSW-24160F 4.9.2.3 Set up ToS Precedence Mapping Set up the traffic class mapping to the precedence part of ToS (3 bits) when receiving IPv4/IPv6 packets. The Set up ToS Precedence Mapping screen in Figure 4-9-5 appears. Figure 4-9-5 Set up ToS Precedence Mapping Page Screenshot...
User’s Manual of MGSW-24160F 4.9.2.4 Set up VLAN Tag Priority Mapping Set up the traffic class mapping to the User Priority value (3 bits) when receiving VLAN tagged packets. The Set up VLAN Tag Priority Mapping screen in Figure 4-9-6 appears.
User’s Manual of MGSW-24160F : Click to continue the wizard. The QCL configuration wizard is finished, and the new configuration is ready for use. 4.9.3 QoS Control List Configuration This page lists the QCEs for a given QCL. 4 different QoS classes classified Frameswhich are Low, Normal, Medium, and High.
User’s Manual of MGSW-24160F The following QCE types are supported: Ethernet Type: The Ethernet Type field. If frame is tagged, this is the Ethernet Type that follows the tag header. VLAN ID: VLAN ID. Only applicable if the frame is VLAN tagged.
Page 180
User’s Manual of MGSW-24160F Figure 4-9-8 QCE Configuration Page Screenshot The page includes the following fields: Object Description Select the available type for the specific QCE. QCE Type Ethernet Type: Matches the received frame's EtherType against the QCE Key.
User’s Manual of MGSW-24160F : Click to undo any changes made locally and revert to previously saved values. : Return to the previous page. 4.9.4 Port QoS Configuration This page allows you to configure QoS settings for each port. Frames can be classified by 4 different QoS classes are Low, Normal, Medium, and High.
Page 182
User’s Manual of MGSW-24160F Figure 4-9-9 Port QoS Configuration Page Screenshot The page includes the following fields: Object Description Number of Classes Configure the number of traffic classes as "1", "2", or "4". The default value is "4". ...
User’s Manual of MGSW-24160F Configure the default QoS class for the port, that is, the QoS class for frames not Default Class matching any of the QCEs in the QCL. Select which QCL to use for the port.
Page 184
User’s Manual of MGSW-24160F Figure 4-9-10 Rate Limit Configuration Page Screenshot The page includes the following fields: Object Description The logical port for the settings contained in the same row. Port Enable or disable the port policer. The default value is "Disabled".
User’s Manual of MGSW-24160F default value is "kbps". Enable or disable the port shaper. The default value is "Disabled". Shaper Enabled Shaper Rate Configure the rate for the port shaper. The default value is "500". This value is restricted to 500-1000000 when the "Policer Unit"...
User’s Manual of MGSW-24160F 64, 128, 256, 512, 1K, 2K, 4K, 8K, 16K, 32K, 64K, 128K, 256K, 512K, or 1024K. The 1 kpps is actually 1002.1 pps. Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
User’s Manual of MGSW-24160F The page includes the following fields: Object Description The logical port for the settings contained in the same row. Port There are 4 QoS queues per port with strict or weighted queuing scheduling. This Low Queue is the lowest priority queue.
Page 188
User’s Manual of MGSW-24160F Figure 4-9-13 DSCP Remarking Configuration Page Screenshot The page includes the following fields: Object Description The logical port for the settings contained in the same row. Port If the QoS remarking mode is set to enabled, it should be with this DSCP DSCP Remarking remarking/correction function according to RFC2474 on this port.
Page 191
User’s Manual of MGSW-24160F The page includes the following fields: Object Description Mode Indicates the Voice VLAN mode operation. We must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filter. Possible modes are: Enabled: Enable Voice VLAN mode operation.
User’s Manual of MGSW-24160F 4.9.10 Voice VLAN OUI Table Configure VOICE VLAN OUI table on this page. The maximum entry number is 16. Modify OUI table will restart auto detect OUI process. The Voice VLAN OUI Table screen in Figure 4-9-15 appears.
User’s Manual of MGSW-24160F 4.10 Access Control Lists ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that specify individual users or groups permitted or denied to specific traffic objects, such as a process or a program.
User’s Manual of MGSW-24160F ARP: The ACE will match ARP/RARP frames. IPv4: The ACE will match all IPv4 frames. IPv4/ICMP: The ACE will match IPv4 frames with ICMP protocol. IPv4/UDP: The ACE will match IPv4 frames with UDP protocol. IPv4/TCP: The ACE will match IPv4 frames with TCP protocol.
Page 195
User’s Manual of MGSW-24160F Figure 4-10-2 Access Control List Configuration Page Screenshot The page includes the following fields: Object Description Ingress Port Indicates the ingress port of the ACE. Possible values are: Any: The ACE will match any ingress port.
User’s Manual of MGSW-24160F Counter The counter indicates the number of times the ACE was hit by a frame. Modification Buttons You can modify each ACE (Access Control Entry) in the table using the following buttons: : Inserts a new ACE before the current row.
Page 197
User’s Manual of MGSW-24160F Figure 4-10-3 ACE Configuration Page Screenshot The page includes the following fields: Object Description Select the ingress port for which this ACE applies. Ingress Port Any: The ACE applies to any port. Port n: The ACE applies to this port number, where n is the number of the switch port.
Page 198
User’s Manual of MGSW-24160F Disabled: Frames matching the ACE are not logged. Please note that the System Log memory size and logging rate is limited. Shutdown Specify the port shut down operation of the ACE. The allowed values are: Enabled: If a frame matches the ACE, the ingress port will be disabled.
Page 199
User’s Manual of MGSW-24160F Specify the tag priority for this ACE. A frame that hits this ACE matches this tag Tag Priority priority. The allowed number range is 0 to 7. The value Any means that no tag priority is specified (tag priority is "don't-care".) ...
Page 200
User’s Manual of MGSW-24160F 0: ARP frames where SHA is not equal to the SMAC address. 1: ARP frames where SHA is equal to the SMAC address. Any: Any value is allowed ("don't-care"). RARP SMAC Match Specify whether frames can hit the action according to their target hardware address field (THA) settings.
Page 201
User’s Manual of MGSW-24160F UDP: Select UDP to filter IPv4 UDP protocol frames. Extra fields for defining UDP parameters will appear. These fields are explained later in this help file. TCP: Select TCP to filter IPv4 TCP protocol frames. Extra fields for defining TCP parameters will appear.
Page 202
User’s Manual of MGSW-24160F DIP Address field that appears. Network: Destination IP filter is set to Network. Specify the destination IP address and destination IP mask in the DIP Address and DIP Mask fields that appear. DIP Address When "Host" or "Network" is selected for the destination IP filter, you can enter a specific DIP address in dotted decimal notation.
Page 203
User’s Manual of MGSW-24160F When "Specific" is selected for the TCP/UDP source filter, you can enter a TCP/UDP Source No. specific TCP/UDP source value. The allowed range is 0 to 65535. A frame that hits this ACE matches this TCP/UDP source value.
User’s Manual of MGSW-24160F 1: TCP frames where the URG field is set must be able to match this entry. Any: Any value is allowed ("don't-care"). Ethernet Type Parameters The Ethernet Type parameters can be configured when Frame Type "Ethernet Type" is selected.
Page 205
User’s Manual of MGSW-24160F Figure 4-10-4 ACL Ports Configuration page screenshot The page includes the following fields: Object Description The logical port for the settings contained in the same row. Port Select the policy to apply to this port. The allowed values are 1 through 8. The Policy ID default value is 1.
User’s Manual of MGSW-24160F Logging Specify the logging operation of this port. The allowed values are: Enabled: Frames received on the port are stored in the System Log. Disabled: Frames received on the port are not logged. The default value is "Disabled".
Page 207
User’s Manual of MGSW-24160F Figure 4-10-5 ACL Rate Limiter Configuration Page Screenshot The page includes the following fields: Object Description The rate limiter ID for the settings contained in the same row. Rate Limiter ID The rate unit is packet per second (pps), configure the rate as 1, 2, 4, 8, 16, 32,...
User’s Manual of MGSW-24160F 4.11 Authentication This section is to control the access of the Managed Switch, includes the user access and management control. The Authentication section contains links to the following main topics: IEEE 802.1X Port-Based Network Access Control ...
User’s Manual of MGSW-24160F to authenticate. The disadvantage is that MAC addresses can be spoofed by malicious users; equipment whose MAC address is a valid RADIUS user can be used by anyone, and only the MD5-Challenge method is supported. The 802.1X and MAC-Based Authentication configuration consists of two sections, a system- and a port-wide.
Page 210
User’s Manual of MGSW-24160F Figure 4-11-1 Client—the device (workstation) that requests access to the LAN and switch services and responds to requests from the switch. The workstation must be running 802.1X-compliant client software such as that offered in the Microsoft Windows XP operating system.
Page 211
User’s Manual of MGSW-24160F authentication server must support EAP within the native frame format. When the switch receives frames from the authentication server, the server's frame header is removed, leaving the EAP frame, which is then encapsulated for Ethernet and sent to the client.
User’s Manual of MGSW-24160F Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network. The port starts in the unauthorized state. While in this state, the port disallows all ingress and egress traffic except for 802.1X protocol packets. When a client is successfully authenticated, the port transitions to the authorized state, allowing all traffic for the client to flow normally.
User’s Manual of MGSW-24160F The page includes the following fields: Object Description Client The management client for which the configuration below applies. Authentication Method Authentication Method can be set to one of the following values: None: authentication is disabled and login is not possible.
Page 214
User’s Manual of MGSW-24160F Figure 4-11-4 Network Access Server Configuration Page Screenshot...
Page 215
User’s Manual of MGSW-24160F The page includes the following fields: System Configuration Object Description Mode Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames. Reauthentication If checked, successfully authenticated supplicants/clients are reauthenticated after the interval specified by the Reauthentication Period.
Page 216
User’s Manual of MGSW-24160F communication between the switch and the client, so this will not detect whether the client is still attached or not, and the only way to free any resources is to age the entry. Hold Time This setting applies to the following modes, i.e.
Page 217
User’s Manual of MGSW-24160F Guest VLAN Enabled A Guest VLAN is a special VLAN - typically with limited network access - on which 802.1X-unaware clients are placed after a network administrator-defined timeout. The switch follows a set of rules for entering and leaving the Guest VLAN as listed below.
Page 218
User’s Manual of MGSW-24160F authentication. Force Unauthorized In this mode, the switch will send one EAPOL Failure frame when the port link comes up, and any client on the port will be disallowed network access. Port-based 802.1X In the 802.1X-world, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the authentication server.
Page 219
User’s Manual of MGSW-24160F authenticated on a port, the whole port is opened for network traffic. This allows other clients connected to the port (for instance through a hub) to piggy-back on the successfully authenticated client and get network access even though they really aren't authenticated.
Page 220
User’s Manual of MGSW-24160F limited using the Port Security Limit Control functionality. MAC-based Auth. Unlike port-based 802.1X, MAC-based authentication is not a standard, but merely a best-practices method adopted by the industry. In MAC-based authentication, users are called clients, and the switch acts as the supplicant on behalf of clients.
Page 221
User’s Manual of MGSW-24160F the RADIUS-assigned). This option is only available for single-client modes, i.e. • Port-based 802.1X • Single 802.1X RADIUS attributes used in identifying a QoS Class: Refer to the written documentation for a description of the RADIUS attributes needed in order to successfully identify a QoS Class.
Page 222
User’s Manual of MGSW-24160F VLAN ID in an Access-Accept packet. The following criteria are used: - The Tunnel-Medium-Type, Tunnel-Type, and Tunnel-Private-Group-ID attributes must all be present at least once in the Access-Accept packet. - The switch looks for the first set of these attributes that have the same...
Page 223
User’s Manual of MGSW-24160F an EAPOL Success frame when entering the Guest VLAN. While in the Guest VLAN, the switch monitors the link for EAPOL frames, and if one such frame is received, the switch immediately takes the port out of the Guest VLAN and starts authenticating the supplicant according to the port mode.
User’s Manual of MGSW-24160F 4.11.4 Network Access Overview This page provides an overview of the current NAS port states for the selected switch. The Network Access Overview screen in Figure 4-11-5 appears. Figure 4-11-5 Network Access Overview Page Screenshot The page includes the following fields:...
User’s Manual of MGSW-24160F Last ID The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame for EAPOL-based authentication, and the source MAC address from the most recently received frame from a new client for MAC-based authentication.
Page 226
User’s Manual of MGSW-24160F individual states. QoS Class The QoS class assigned by the RADIUS server. The field is blank if no QoS class is assigned. Port VLAN ID The VLAN ID that NAS has put the port in. The field is blank, if the Port VLAN ID is not overridden by NAS.
Page 227
User’s Manual of MGSW-24160F received by the switch. dot1xAuthEapolLogoffFr The number of valid EAPOL Logoff amesRx Logoff frames that have been received by the switch. dot1xAuthInvalidEapolF The number of EAPOL Invalid Type ramesRx frames that have been received by the switch in which the frame type is not recognized.
Page 228
User’s Manual of MGSW-24160F dot1xAuthBackendAcce Access 802.1X-based: ssChallenges Counts the number of times Challenges that the switch receives the first request from the backend server following the first response from the supplicant. Indicates that the backend server has communication with the switch.
Page 229
User’s Manual of MGSW-24160F server. dot1xAuthBackendResp Responses 802.1X-based: onses Counts the number of times that the switch attempts to send a supplicant's first response packet to the backend server. Indicates the switch is attempting to communicate with the backend server. Possible retransmissions are not counted.
Page 230
User’s Manual of MGSW-24160F Identity 802.1X-based: The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame. MAC-based: Not applicable. Selected Counters Object Description Selected Counters The Selected Counters table is visible when the port is one of the following administrative states: Multi 802.1X...
User’s Manual of MGSW-24160F remain in the unauthenticated state for Hold Time seconds. Last Authentication Shows the date and time of the last authentication of the client (successful as well as unsuccessful). Buttons Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals.
Page 232
User’s Manual of MGSW-24160F Figure 4-11-7 Authentication Server Configuration Page Screenshot The page includes the following fields: Port State These setting are common for all of the Authentication Servers. Object Description Timeout The Timeout, which can be set to a number between 3 and 3600 seconds, is the...
Page 233
User’s Manual of MGSW-24160F If the server does not reply within this timeframe, we will consider it to be dead and continue with the next enabled server (if any). RADIUS servers are using the UDP protocol, which is unreliable by design. In order to cope with lost frames, the timeout interval is divided into 3 subintervals of equal length.
Page 234
User’s Manual of MGSW-24160F applies. Enabled Enable the RADIUS Accounting Server by checking this box. IP Address/Hostname The IP address or hostname of the RADIUS Accounting Server. IP address is expressed in dotted decimal notation. Port The UDP port to use on the RADIUS Accounting Server. If the port is set to 0 (zero), the default port (1813) is used on the RADIUS Accounting Server.
User’s Manual of MGSW-24160F 4.11.7 RADIUS Overview This page provides an overview of the status of the RADIUS servers configurable on the Authentication configuration page. The RADIUS Authentication/Accounting Server Overview screen in Figure 4-11-8 appears. Figure 4-11-8 RADIUS Authentication/Accounting Server Overview Page Screenshot...
User’s Manual of MGSW-24160F but will get re-enabled when the dead-time expires. The number of seconds left before this occurs is displayed in parentheses. This state is only reachable when more than one server is enabled. RADIUS Accounting Servers Object Description ...
Page 237
User’s Manual of MGSW-24160F Figure 4-11-9 RADIUS Authentication/Accounting for Server Overview Page Screenshot The page includes the following fields: RADIUS Authentication Servers The statistics map closely to those specified in RFC4668 - RADIUS Authentication Client MIB. Use the server select box to switch between the backend servers to show details for.
Page 238
User’s Manual of MGSW-24160F ccessRejects Access-Reject packets (valid or invalid) received from the server. radiusAuthClientExtA The number of RADIUS Access ccessChallenges Access-Challenge packets Challenges (valid or invalid) received from the server. radiusAuthClientExt The number of malformed Malformed MalformedAccessRe RADIUS Access-Response...
Page 239
User’s Manual of MGSW-24160F ccessRequests to the server. This does not Requests include retransmissions. radiusAuthClientExtA The number of RADIUS Access ccessRetransmission Access-Request packets Retransmissio retransmitted to the RADIUS authentication server. radiusAuthClientExtP The number of RADIUS Pending endingRequests Access-Request packets Requests...
Page 240
User’s Manual of MGSW-24160F up and run, and the RADIUS module is ready to accept access attempts. Dead (X seconds left): Access attempts were made to this server, but it did not reply within the configured timeout. The server has temporarily been disabled, but will get re-enabled when the dead-time expires.
Page 241
User’s Manual of MGSW-24160F radiusAcctClientExt The number of RADIUS BadAuthenticators packets containing invalid Authenticators authenticators received from the server. radiusAccClientExt The number of RADIUS Unknown Types UnknownTypes packets of unknown types that were received from the server on the accounting port.
User’s Manual of MGSW-24160F different server is counted as a Request as well as a timeout. Other Info This section contains information about the state of the server and the latest round-trip time. Name RFC4670 Name Description Shows the state of the server. It takes one of...
Page 243
User’s Manual of MGSW-24160F Configure the IP Address of remote RADIUS server and secret key. Figure 4-11-10 RADIUS Server Configuration Page Screenshot Add New RADIUS Cleint on the Windows 2003 server Figure 4-11-11 Windows Server – add new RADIUS Client Setting...
Page 244
User’s Manual of MGSW-24160F Assign the client IP address to the Managed switch Figure 4-11-12 Windows Server RADIUS Server setting The shared secret key should be as same as the key configured on the Managed Switch. Figure 4-11-13 Windows Server RADIUS Server Setting...
Page 245
User’s Manual of MGSW-24160F Configure ports attribute of 802.1X, the same as “802.1X Port Configuration”. Figure 4-11-14 802.1x Port Configuration Create user data. The establishment of the user data needs to be created on the Radius Server PC. For example, the...
Page 246
User’s Manual of MGSW-24160F Enter ” Active Directory Users and Computers”, create legal user data, the next, right-click a user what you created to enter properties, and what to be noticed: Figure 4-11-16 Add User Properties Screen Figure 4-11-17 Add User Properties Screen...
User’s Manual of MGSW-24160F Set the Ports Authenticate Status to “Force Authorized” if the port is connected to the RADIUS server or the port is a uplink port that is connected to another switch. Or once the 802.1X stat to work, the switch might not be able to access the RADIUS server.
Page 248
User’s Manual of MGSW-24160F Select “Authentication” tab. Select “Enable network access control using IEEE 802.1X” to enable 802.1x authentication. Select “MD-5 Challenge” from the drop-down list box for EAP type. Figure 4-11-19 Click “OK”. When client has associated with the Managed Switch, a user authentication notice appears in system tray. Click on the...
Page 249
User’s Manual of MGSW-24160F Figure 4-11-20 Windows Client Popup Login Request Message Enter the user name, password and the logon domain that your account belongs. 10. Click “OK” to complete the validation process. Figure 4-11-21...
User’s Manual of MGSW-24160F 4.12 Security This section is to control the access of the Managed Switch, includes the user access and management control. The Security page contains links to the following main topics: Port Limit Control Access Management ...
Page 251
User’s Manual of MGSW-24160F Figure 4-12-1 Port Limit Control Configuration Overview Page Screenshot...
Page 252
User’s Manual of MGSW-24160F The page includes the following fields: System Configuration Object Description Mode Indicates if Limit Control is globally enabled or disabled on the switch. If globally disabled, other modules may still use the underlying functionality, but limit checks and corresponding actions are disabled.
Page 253
User’s Manual of MGSW-24160F Limit The maximum number of MAC addresses that can be secured on this port. This number cannot exceed 1024. If the limit is exceeded, the corresponding action is taken. The switch is "born" with a total number of MAC addresses from which all ports draw whenever a new MAC address is seen on a Port Security-enabled port.
User’s Manual of MGSW-24160F Buttons : Click to refresh the page. Note that non-committed changes will be lost. : Click to save changes. Click to undo any changes made locally and revert to previously saved values. 4.12.2 Access Management Configure access management table on this page. The maximum entry number is 16. If the application's type match any one of access management entry, it will allow to access the switch.
User’s Manual of MGSW-24160F host IP address matched the entry. Buttons : Click to add a new access management entry. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.12.3 Access Management Statistics This page provides statistics for access management.
User’s Manual of MGSW-24160F 4.12.4 HTTPs Configure HTTPS on this page. The HTTPS Configuration screen in Figure 4-12-4 appears. Figure 4-12-4 HTTPS Configuration Screen Page Screenshot The page includes the following fields: Object Description Mode Indicates the HTTPS mode operation. Possible modes are: Enabled: Enable HTTPS mode operation.
User’s Manual of MGSW-24160F Figure 4-12-5 SSH Configuration Screen Page Screenshot The page includes the following fields: Object Description Mode Indicates the SSH mode operation. Possible modes are: Enabled: Enable SSH mode operation. Disabled: Disable SSH mode operation. Buttons : Click to save changes.
Page 258
User’s Manual of MGSW-24160F Figure 4-12-6 Port Security Status Screen Page Screenshot The page includes the following fields: User Module Legend The legend shows all user modules that may request Port Security services. Object Description User Module Name The full name of a module that may request Port Security services.
Page 259
User’s Manual of MGSW-24160F Abbr A one-letter abbreviation of the user module. This is used in the Users column in the port status table. Port Status The table has one row for each port on the selected switch in the switch and a number of columns, which are:...
User’s Manual of MGSW-24160F 4.12.7 Port Security Detail This page shows the MAC addresses secured by the Port Security module. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning.
User’s Manual of MGSW-24160F 4.12.8 DHCP Snooping DHCP Snooping is used to block intruder on the untrusted ports of DUT when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server. Configure DHCP Snooping on this page. The...
User’s Manual of MGSW-24160F Snooping Mode Indicates the DHCP snooping mode operation. Possible modes are: Enabled: Enable DHCP snooping mode operation. When enable DHCP snooping mode operation, the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports.
User’s Manual of MGSW-24160F The page includes the following fields: Object Description Rx and Tx Discover The number of discover (option 53 with value 1) packets received and transmitted. Rx and Tx Offer The number of offer (option 53 with value 2) packets received and transmitted.
Page 264
User’s Manual of MGSW-24160F Configuration screen in Figure 4-12-10 appears. Figure 4-12-10 IP Source Guard Configuration Screen Page Screenshot The page includes the following fields: Object Description Mode of IP Source Enable the Global IP Source Guard or disable the Global IP Source Guard. All configured ACEs will be lost when the mode is enabled.
User’s Manual of MGSW-24160F Port Mode Specify IP Source Guard is enabled on which ports. Only when both Global Mode and Port Mode on a given port are enabled, IP Source Guard is enabled on this Configuration given port.
User’s Manual of MGSW-24160F Buttons : Click to add a new entry. : Click to save changes. Click to undo any changes made locally and revert to previously saved values. 4.12.12 ARP Inspection ARP Inspection is a secure feature. Several types of attacks can be launched against a host or devices connected to Layer 2 networks by "poisoning"...
Page 267
User’s Manual of MGSW-24160F Figure 4-12-12 ARP Inspection Configuration Screen Page Screenshot The page includes the following fields: Object Description Mode of ARP Enable the Global ARP Inspection or disable the Global ARP Inspection. Inspection Configuration Port Mode...
User’s Manual of MGSW-24160F and Port Mode on a given port are enabled, ARP Inspection is enabled on this Configuration given port. Buttons : Click to save changes. Click to undo any changes made locally and revert to previously saved values.
User’s Manual of MGSW-24160F 4.13 Address Table Switching of frames is based upon the DMAC address contained in the frame. The Managed Switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the DMAC address in the frame).
User’s Manual of MGSW-24160F 4.13.2 Static MAC Table Configuration The static entries in the MAC table are shown in this table. The static MAC table can contain 64 entries. The MAC table is sorted first by VLAN ID and then by MAC address. The Static MAC Table Configuration screen in...
Page 271
User’s Manual of MGSW-24160F Figure 4-13-3 MAC Address Table Status Navigating the MAC Table Each page shows up to 999 entries from the MAC table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the MAC Table. The first displayed will be the one with the lowest VLAN ID and the lowest MAC address found in the MAC Table.
User’s Manual of MGSW-24160F The VLAN ID of the entry. VLAN The MAC address of the entry. MAC address The ports that are members of the entry. Port Members Buttons Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals.
User’s Manual of MGSW-24160F Figure 4-13-4 MAC Table Learning Page Screenshot The page includes the following fields: Object Description Learning is done automatically as soon as a frame with unknown SMAC is Auto received. No learning is done.
Page 274
User’s Manual of MGSW-24160F Figure 4-13-5 Dynamic ARP Inspection Table Page Screenshot Navigating the ARP Inspection Table Each page shows up to 999 entries from the Dynamic ARP Inspection table, default being 20, selected through the "entries per page" input field. When first visited, the web page will show the first 20 entries from the beginning of the Dynamic ARP Inspection Table.
User’s Manual of MGSW-24160F 4.13.6 Dynamic IP Source Guard Table Entries in the Dynamic IP Source Guard Table are shown on this page. The Dynamic IP Source Guard Table is sorted first by port, then by VLAN ID, then by IP address, and then by IP mask. The Dynamic IP Source Guard Table screen in Figure 4-13-6 appears.
Page 276
User’s Manual of MGSW-24160F Updates the table starting from the first entry in the MAC Table, i.e. the entry with the lowest VLAN ID and MAC address. : Updates the table, starting with the entry after the last entry currently displayed.
User’s Manual of MGSW-24160F 4.14 LLDP 4.14.1 Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring devices on the local broadcast domain. LLDP is a Layer 2 protocol that uses periodic broadcasts to advertise information about the sending device. Advertised information is represented in Type Length Value (TLV) format according to the IEEE 802.1ab standard, and can include details...
Page 278
User’s Manual of MGSW-24160F Figure 4-14-1 LLDP Configuration Page Screenshot The page includes the following fields: LLDP Parameters Object Description The switch is periodically transmitting LLDP frames to its neighbors for having the Tx Interval network discovery information up-to-date. The interval between each LLDP frame is determined by the Tx Interval value.
Page 279
User’s Manual of MGSW-24160F >= (4 * Delay Interval) Each LLDP frame contains information about how long the information in the Tx Hold LLDP frame shall be considered valid. The LLDP information valid period is set to Tx Hold multiplied by Tx Interval seconds. Valid values are restricted to 2 - 10 times.
Page 280
User’s Manual of MGSW-24160F is enabled. Only CDP TLVs that can be mapped into a corresponding field in the LLDP neighbors table are decoded. All other TLVs are discarded ( Unrecognized CDP TLVs and discarded CDP frame are not shown in the LLDP statistic. Only ). CDP TLVs are mapped into LLDP neighbors table as shown below.
User’s Manual of MGSW-24160F Buttons : Click to save changes. Click to undo any changes made locally and revert to previously saved values. 4.14.3 LLDPMED Configuration This page allows you to configure the LLDP-MED. The LLDPMED Configuration screen in Figure 4-14-2 appears.
Page 282
User’s Manual of MGSW-24160F limited LLDPU space and to reduce security and system integrity issues that can come with inappropriate knowledge of the network policy. With this in mind LLDP-MED defines an LLDP-MED Fast Start interaction between the protocol and the application layers on top of the protocol, in order to achieve these related properties.
Page 283
User’s Manual of MGSW-24160F Meters: Representing meters of Altitude defined by the vertical datum specified. Floors: Representing altitude in a form more relevant in buildings which have different floor-to-floor dimensions. An altitude = 0.0 is meaningful even outside a building, and represents ground level at the given latitude and longitude. Inside a building, 0.0 represents the floor level associated with ground level at the main...
Page 284
User’s Manual of MGSW-24160F Landmark Landmark or vanity address - Example: Columbia University Additional location Additional location info - Example: South Wing info Name Name (residence and office occupant) - Example: Flemming Jahn Zip code Postal/zip code - Example: 2791 ...
Page 285
User’s Manual of MGSW-24160F This network policy is potentially advertised and associated with multiple sets of application types supported on a given port. The application types specifically addressed are: 1. Voice 2. Guest Voice 3. Softphone Voice 4. Video Conferencing 5.
Page 286
User’s Manual of MGSW-24160F support multiple VLANs, if at all, and are typically configured to use an 'untagged’ VLAN or a single 'tagged’ data specific VLAN. When a network policy is defined for use with an 'untagged’ VLAN (see Tagged flag below), then the L2 priority field is ignored and only the DSCP value has relevance.
User’s Manual of MGSW-24160F Port The port number for which the configuration applies. Policy ID The set of policies that shall apply for a given port. The set of policies is selected by checkmarking the checkboxes that corresponds to the policies Buttons : click to add new policy.
Page 288
User’s Manual of MGSW-24160F 2. IEEE 802.1 Bridge 3. IEEE 802.3 Repeater (included for historical reasons) 4. IEEE 802.11 Wireless Access Point 5. Any device that supports the IEEE 802.1AB and MED extensions defined by TIA-1057 and can relay IEEE 802 frames via any method.
Page 289
User’s Manual of MGSW-24160F expected to adhere to this class include (but are not limited to) end user communication appliances, such as IP Phones, PC-based softphones, or other communication appliances that directly support the end user. Discovery services defined in this class include provision of location identifier...
User’s Manual of MGSW-24160F Policy Policy Unknown: The network policy for the specified application type is currently unknown. Defined: The network policy is defined. TAG TAG is indicating whether the specified application type is using a tagged or an untagged VLAN.
User’s Manual of MGSW-24160F Object Description Local Port The port on which the LLDP frame was received. Chassis ID The Chassis ID is the identification of the neighbor's LLDP frames. Remote Port ID The Remote Port ID is the identification of the neighbor port.
Page 292
User’s Manual of MGSW-24160F Figure 4-14-5 LLDP Statistics Page Screenshot The page includes the following fields: Global Counters Object Description Shows the time for when the last entry was last deleted or added. It is also shows Neighbor entries were the time elapsed since last change was detected.
Page 293
User’s Manual of MGSW-24160F Local Counters The displayed table contains a row for each port. The columns hold the following information: Object Description The port on which LLDP frames are received or transmitted. Local Port The number of LLDP frames transmitted on the port.
User’s Manual of MGSW-24160F 4.15 Network Diagnostics This section provide the Physical layer and IP layer network diagnostics tools for troubleshoot. The diagnostic tools are designed for network manager to help them quickly diagnose problems between point to point and better service customers.
User’s Manual of MGSW-24160F ICMP Ping screen in Figure 4-15-1 appears. Figure 4-15-1 ICMP Ping Page Screenshot The page includes the following fields: Object Description The destination IP Address. IP Address The payload size of the ICMP packet. Values range from 8 bytes to 1400 bytes.
User’s Manual of MGSW-24160F Figure 4-15-2 ICMPv6 Ping Page Screenshot The page includes the following fields: Object Description The destination IPv6 Address. IPv6 Address The payload size of the ICMP packet. Values range from 8 bytes to 1400 bytes.
Page 297
User’s Manual of MGSW-24160F Figure 4-15-3 Remote IP Ping Test Page Screenshot The page includes the following fields: Object Description Port The logical port for the settings. The destination IP Address. Remote IP Address...
User’s Manual of MGSW-24160F The payload size of the ICMP packet. Values range from 8 bytes to 1400 bytes. Ping Size Display the ping result. Result 4.15.4 Cable Diagnostics This page is used for running the Cable Diagnostics.
Page 299
User’s Manual of MGSW-24160F Figure 4-15-4 VeriPHY Cable Diagnostics Page Screenshot The page includes the following fields: Object Description The port where you are requesting Cable Diagnostics. Port Port: Port number. Cable Status Pair: The status of the cable pair.
User’s Manual of MGSW-24160F 5. COMMAND LINE INTERFACE 5.1 Accessing the CLI When accessing the management interface for the switch over a direct connection to the server’s console port, or via a Telnet connection, the switch can be managed by entering command keywords and parameters at the prompt. Using the switch's command-line interface (CLI) is very similar to entering commands on a UNIX system.
User’s Manual of MGSW-24160F For security reason, please change and memorize the new password after this first setup. Only accept command in lowercase letter under console interface. Configure IP address The Managed Switch is shipped with default IP address as following.
Page 302
User’s Manual of MGSW-24160F IP: 192.168.1.100 Subnet Mask: 255.255.255.0 Gateway: 192.168.1.1 VLAN ID: 1 Figure 5-3 Set IP Address Screen Repeat Step 1 to check if the IP address is changed. If the IP address is successfully configured, the Managed Switch will apply the new IP address setting immediately. You can access the Web interface of The Managed Switch through the new IP address.
User’s Manual of MGSW-24160F 5.2 Telnet Login The Managed Switch also supports telnet for remote management. The switch asks for user name and password for remote login when using telnet, please use “admin” for username & password.
User’s Manual of MGSW-24160F 6. Command Line Mode The CLI groups all the commands in appropriate modes according to the nature of the command. A sample of the CLI command modes are described below. Each of the command modes supports specific software commands.
User’s Manual of MGSW-24160F Syntax: System Configuration [all] [<port_list>] Parameters: : Show all switch configuration, default: Show system configuration <port_list>: Port list or 'all', default: All ports Example: To display system information: SWITCH/>System configuration System Contact : System Name :MGSW-24160F...
User’s Manual of MGSW-24160F Example: To set device title: Switch/>System name MGSW-24160F-LAB System Contact Description: Set or show the system contact. Syntax: System Contact [<contact>] Parameters: <contact>: System contact string. Use 'clear' or "" to clear the string. No blank or space characters are permitted as part of a contact. (only in CLI)
User’s Manual of MGSW-24160F Example: To set device location: Switch/>System location 9F-LAB System Timezone Description: Set or show the system timezone offset. Syntax: System Timezone [<offset>] Parameters: <offset>: Time zone offset in minutes (-720 to 720) relative to UTC Default Setting:...
User’s Manual of MGSW-24160F To change CLI title: Switch/>system prompt MGSW-24160F MGSW-24160F/> System Reboot Description: Reboot the system. Syntax: System Reboot Example: To reboot device without changing any of the settings: Switch/>system reboot System Restore Default Description: Restore factory default configuration.
User’s Manual of MGSW-24160F Example: To show current CPU load: Switch/>system load Load average(100ms, 1s, 10s): System Log Description: Show or clear the system log. Syntax: System Log [<log_id>] [all|info|warning|error] [clear] Parameters: <log_id>: System log ID or range (default: All entries)
User’s Manual of MGSW-24160F 6.2 IP Command IP Configuration Description: Show IP configuration. Syntax: IP Configuration Example: Show IP configuration: Switch/>ip configuration IP Configuration: ================= DHCP Client : Disabled IP Address : 192.168.0.100 IP Mask : 255.255.255.0 IP Router : 192.168.0.1 DNS Server : 0.0.0.0...
User’s Manual of MGSW-24160F Parameters: enable : Enable or renew DHCP client disable: Disable DHCP client Default Setting: Disable Example: Disable DHCP sever: SWITCH/>ip dhcp disable IP Setup Description: Set or show the IP setup. Syntax: IP Setup [<ip_addr>] [<ip_mask>] [<ip_router>] [<vid>] Parameters: <ip_addr>...
User’s Manual of MGSW-24160F IP Ping Description: Ping IP address (ICMP echo). Syntax: IP Ping <ip_addr_string> [<ping_length>] Parameters: <ip_addr_string>: IP host address (a.b.c.d) or a host name string : Ping data length (8-1400), excluding MAC, IP and ICMP headers <ping_length>...
User’s Manual of MGSW-24160F SWITCH/>ip dns 168.95.1.1 IP DNS Proxy Description: Set or show the IP DNS Proxy mode. Syntax: IP DNS_Proxy [enable|disable] Parameters: enable : Enable DNS Proxy disable: Disable DNS Proxy Default Setting: disable Example: Enable DNS proxy function: SWITCH/>ip dns_proxy enable...
User’s Manual of MGSW-24160F Enable IPv6 autoconfig function: SWITCH/>ip ipv6 autoconfig enable IPv6 Setup Description: Set or show the IPv6 setup. Syntax: IP IPv6 Setup [<ipv6_addr>] [<ipv6_prefix>] [<ipv6_router>] [<vid>] Parameters: <ipv6_addr> : IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field (:).
User’s Manual of MGSW-24160F IPv6 Ping Description: Ping IPv6 address (ICMPv6 echo). Syntax: IP IPv6 Ping6 <ipv6_addr> [<ping_length>] Parameters: <ipv6_addr> : IPv6 host address. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separate each field (:).
User’s Manual of MGSW-24160F NTP Mode : Disabled Server IP host address (a.b.c.d) or a host name string ------------------------------------------------------ pool.ntp.org europe.pool.ntp.org north-america.pool.ntp.org asia.pool.ntp.org oceania.pool.ntp.org IP NTP Mode Description: Set or show the NTP mode. Syntax: IP NTP Mode [enable|disable] Parameters:...
User’s Manual of MGSW-24160F Parameters: <server_index> : The server index (1-5) <ip_addr_string>: IP host address (a.b.c.d) or a host name string Example: To add NTP server: SWITCH/>ip ntp server add 1 60.249.136.151 IP NTP Server IPv6 Add Description: Add NTP server IPv6 entry.
Page 319
User’s Manual of MGSW-24160F <server_index>: The server index (1-5) Example: To delete NTP server: SWITCH/>ip ntp server delete 1...
User’s Manual of MGSW-24160F 6.3 Port Management Command Port Configuration Description: Show port configuration. Syntax: Port Configuration [<port_list>] [up|down] Parameters: <port_list>: Port list or 'all', default: All ports : Show ports, which are up : Show ports, which are down...
User’s Manual of MGSW-24160F Port State Description: Set or show the port administrative state. Syntax: Port State [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Enable port enable : Disable port disable (default: Show administrative mode)
User’s Manual of MGSW-24160F Port Power Description: Set or show the port PHY power mode. Syntax: Port Power [<port_list>] [enable|disable|actiphy|dynamic] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable all power control disable: Disable all power control...
User’s Manual of MGSW-24160F ---- -------------- -------- --------------- ----------- 1000Base-LX 1000-Base 1310 10000 1000Base-LX 1000-Base 1310 10000 Port Excessive Description: Set or show the port excessive collision mode. Syntax: Port Excessive [<port_list>] [discard|restart] Parameters: <port_list>: Port list or 'all', default: All ports...
User’s Manual of MGSW-24160F : Show packet statistics packets : Show byte statistics bytes : Show error statistics errors : Show discard statistics discards : Show filtered statistics filtered : Show low priority statistics : Show normal priority statistics normal...
User’s Manual of MGSW-24160F 6.4 MAC Address Table Command MAC Configuration Description: Show MAC address table configuration. Syntax: MAC Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show Mac address state SWITCH/>mac configuration MAC Configuration: ==================...
User’s Manual of MGSW-24160F Auto Auto Auto Auto Auto Auto Auto Auto Auto MAC Add Description: Add MAC address table entry. Syntax: MAC Add <mac_addr> <port_list> [<vid>] Parameters: <mac_addr> : MAC address (xx-xx-xx-xx-xx-xx) <port_list>: Port list or 'all' or 'none' : VLAN ID (1-4095), default: 1 <vid>...
User’s Manual of MGSW-24160F Example: Delete Mac address 00-30-4F-01-01-02 in vid1 SWITCH/>mac delete 00-30-4f-01-01-02 1 MAC Look up Description: Look up MAC address entry. Syntax: MAC Look up <mac_addr> [<vid>] Parameters: <mac_addr>: MAC address (xx-xx-xx-xx-xx-xx) : VLAN ID (1-4095), default: 1 <vid>...
User’s Manual of MGSW-24160F Set agetime value in 30 SWITCH/>mac agetime 30 MAC Learning Description: Set or show the port learn mode. Syntax: MAC Learning [<port_list>] [auto|disable|secure] Parameters: <port_list>: Port list or 'all', default: All ports : Automatic learning auto...
User’s Manual of MGSW-24160F Example: Show all of MAC table SWITCH/>mac dump Type MAC Address Ports ------ ----------------- ----- Static 00-30-00-33-22-55 Static 00-30-4f-24-04-d1 None,CPU Static 33-33-ff-24-04-d1 None,CPU Static 33-33-ff-a8-00-64 None,CPU Dynamic 1 40-61-86-04-18-69 Static ff-ff-ff-ff-ff-ff 1-24,CPU MAC Statistics Description: Show MAC address table statistics.
User’s Manual of MGSW-24160F Total Dynamic Addresses: 1 Total Static Addresses : 5 MAC Flush Description: Flush all learned entries. Syntax: MAC Flush...
User’s Manual of MGSW-24160F 6.5 VLAN Configuration Command VLAN Configuration Description: Show VLAN configuration. Syntax: VLAN Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', (default: All ports) Example: Show VLAN status of port1 SWITCH/>vlan configuration 1 VLAN Configuration: =================== Mode : IEEE 802.1Q...
User’s Manual of MGSW-24160F Parameters: <port_list>: Port list or 'all', default: All ports <vid>|none : Port VLAN ID (1-4095) or 'none', (default: Show port VLAN ID) Default Setting: Example: Set PVID2 for port20 SWITCH/>vlan pvid 20 2 VLAN Frame Type Description: Set or show the port VLAN frame type.
User’s Manual of MGSW-24160F VLAN Link Type Description: Set or show the port VLAN link type. Syntax: VLAN LinkType [<port_list>] [untagged|tagged] Parameters: <port_list>: Port list or 'all', default: All ports : VLAN Link Type Tagged untagged : VLAN Link Type Untagged...
User’s Manual of MGSW-24160F SWITCH/>vlan qinq 2 man VLAN Ethernet Type Description: Set or show out layer VLAN tag ether type in Q-in-Q VLAN mode. Syntax: VLAN Ethtype [<port_list>] [man|dot1q] Parameters: <port_list>: Port list or 'all', default: All ports : Set out layer VLAN tag ether type : MAN : Set out layer VLAN tag ether type : 802.1Q...
User’s Manual of MGSW-24160F Example: Show VLAN status SWITCH/>vlan lookup Ports ---- ----- 1-24 None VLAN Status Description: VLAN Port Configuration Status. Syntax: VLAN Status [<port_list>] [combined|static|nas|mvr|voice_vlan|mstp|all|conflicts] Parameters: <port_list>: Port list or 'all', default: All ports : combined VLAN Users configuration...
User’s Manual of MGSW-24160F Parameters: <pvlan_id> : Private VLAN ID Example: Delete PVLAN10 SWITCH/>pvlan delete 10 PVLAN Look up Description: Look up Private VLAN entry. Syntax: PVLAN Look up [<pvlan_id>] Parameters: <pvlan_id> : Private VLAN ID Example: Look up PVLAN SWITCH/>...
Page 343
User’s Manual of MGSW-24160F : Disable port isolation disable (default: Show port isolation port list) Default Setting: Promiscous Example: Enable isolate for port10 SWITCH/>pvlan isolate 10 enable...
User’s Manual of MGSW-24160F Example: Add new user: username: test, password: test & privilege: 10 SWITCH/>security switch users add test test 10 Security Switch User Delete Description: Delete users entry. Syntax: Security Switch Users Delete <user_name> Parameters: <user_name>: A string identifying the user name that this entry should belong to Example: Delete test account.
User’s Manual of MGSW-24160F ------- ---------------------- ----------------------------- console local Disabled telnet local Disabled local Disabled local Disabled Security Switch Auth Method Description: Set or show Auth method. Syntax: Security Switch Auth Method [console|telnet|ssh|web] [none|local|radius|tacacs+] [enable|disable] Parameters: : Settings for console...
User’s Manual of MGSW-24160F System Access Mode : Disabled System Access number of entries: 0 Security Switch Access Mode Description: Set or show the access management mode. Syntax: Security Switch Access Mode [enable|disable] Parameters: enable : Enable access management disable: Disable access management...
User’s Manual of MGSW-24160F : SNMP interface snmp : TELNET/SSH interface telnet (default: Show configured and current mode) Example: Add access management list from 192.168.0.1 to 192.168.0.200 via web interface. SWITCH/>security switch access add 1 192.168.0.1 192.168.0.200 web Security Switch Access IPv6 Add Description: Add access management IPv6 entry.
User’s Manual of MGSW-24160F Number of entries: 1 SNMPv3 Groups Table; Idx Model Security Name Group Name --- ----- -------------------------------- -------------------------------- public default_ro_group private default_rw_group public default_ro_group private default_rw_group default_user default_rw_group Number of entries: 5 SNMPv3 Views Table: Idx View Name...
User’s Manual of MGSW-24160F Default Setting: enable Example: Disable SNMP mode. SWITCH/>security switch snmp mode disable Security Switch SNMP Version Description: Set or show the SNMP protocol version. Syntax: Security Switch SNMP Version [1|2c|3] Parameters: 1 : SNMP version 1...
User’s Manual of MGSW-24160F Parameters: <community>: Community string. Use 'clear' or "" to clear the string (default: Show SNMP read community) Default Setting: public Example: Set to SNMP read community private. SWITCH/>security switch snmp read community private Security Switch SNMP Write Community Description: Set or show the community string for SNMP write access.
User’s Manual of MGSW-24160F Syntax: Security Switch SNMP Trap Community [<community>] Parameters: <community>: Community string. Use 'clear' or "" to clear the string (default: Show SNMP trap community) Default Setting: public Example: Set private value for SNMP trap community. SWITCH/>security switch snmp trap community private...
User’s Manual of MGSW-24160F Parameters: <ipv6_addr>: IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separate each field (:). For example, four hexadecimal digits with a colon separate each field (:). For example, fe80::215:c5ff:fe03:4dc7'.
User’s Manual of MGSW-24160F Security Switch SNMP Trap Security Name Description: Set or show SNMP trap security name. Syntax: Security Switch SNMP Trap Security Name [<security_name>] Parameters: <security_name>: A string representing the security name for a principal (default: Show SNMP trap security name)
User’s Manual of MGSW-24160F Add or modify SNMPv3 community entry. The entry index key is <community>. Syntax: Security Switch SNMP Community Add <community> [<ip_addr>] [<ip_mask>] Parameters: <community>: Community string <ip_addr> : IP address (a.b.c.d), default: Show IP address <ip_mask> : IP subnet mask (a.b.c.d), default: Show IP mask Example: Add SNMPv3 community entry.
User’s Manual of MGSW-24160F Parameters: <index>: entry index (1-64) Example: Look up SNMPv3 community entry SWITCH/>security switch snmp community lookup Idx Community Source IP Source Mask --- -------------------------------- --------------- --------------- public 192.168.0.20 255.255.255.0 private 0.0.0.0 0.0.0.0 Number of entries: 2...
User’s Manual of MGSW-24160F Syntax: Security Switch SNMP User Look up [<index>] Parameters: <index>: entry index (1-64) Example: Look up SNMPv3 user entry SWITCH/>security switch snmp user lookup Idx Engine ID User Name Level Auth Priv --- --------- -------------------------------- --------------...
User’s Manual of MGSW-24160F Security Switch SNMP Group Delete Description: Delete SNMPv3 group entry. Syntax: Security Switch SNMP Group Delete <index> Parameters: <index>: entry index (1-64) Example: Delete SNMPv3 group entry SWITCH/>security switch snmp group delete 1 Security Switch SNMP Group Look up Description: Look up SNMPv3 group entry.
User’s Manual of MGSW-24160F Security Switch SNMP View Add Description: Add or modify SNMPv3 view entry. The entry index key are <view_name> and <oid_subtree>. Syntax: Security Switch SNMP View Add <view_name> [included|excluded] <oid_subtree> Parameters: <view_name> : A string identifying the view name that this entry should belong to...
User’s Manual of MGSW-24160F Look up SNMPv3 view entry. Syntax: Security Switch SNMP View Look up [<index>] Parameters: <index>: entry index (1-64) Example: Look up SNMPv3 view entry SWITCH/>security switch snmp view lookup Idx View Name View Type OID Subtree...
User’s Manual of MGSW-24160F --- -------------------------------- ----- -------------- default_ro_group NoAuth, NoPriv default_rw_group NoAuth, NoPriv Number of entries: 2 Security Network Psec Switch Description: Show Port Security status. Syntax: Security Network Psec Switch [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports...
User’s Manual of MGSW-24160F ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users...
User’s Manual of MGSW-24160F <none> Security Network Limit Configuration Description: Show Limit Control configuration. Syntax: Security Network Limit Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show Limit Control configuration. SWITCH/>security network limit configuration Port Security Limit Control Configuration:...
User’s Manual of MGSW-24160F Syntax: Security Network Limit Aging [enable|disable] Parameters: enable : Enable aging disable : Disable aging (default: Show current enabledness of aging) Default Setting: disable Example: Enable limit aging SWITCH/>security network limit aging enable Security Network Limit Agetime Description: Time in second between check for activity on learned MAC addresses.
User’s Manual of MGSW-24160F Syntax: Security Network Limit Port [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable port security on this port disable : Disable port security on this port (default: Show current port enabledness of port security limit control)
User’s Manual of MGSW-24160F Security Network Limit Action Description: Set or show the action involved with exceeding the limit. Syntax: Security Network Limit Action [<port_list>] [none|trap|shut|trap_shut] Parameters: : Port list or 'all', default: All ports <port_list> none|trap|shut|trap_shut: Action to be taken in case the number of MAC addresses exceeds the limit...
User’s Manual of MGSW-24160F Security Network NAS Configuration Description: Show 802.1X configuration. Syntax: Security Network NAS Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show 802.1X configuration of port 1 SWITCH/>security network nas configuration 1 802.1X Configuration:...
User’s Manual of MGSW-24160F Syntax: Security Network NAS Mode [enable|disable] Parameters: enable : Globally enable 802.1X disable: Globally disable 802.1X (default: Show current 802.1X global enabledness) Default Setting: disable Example: Enable IEEE802.1X function SWITCH/>security network nas mode enable Security Network NAS State Description: Set or show the port security state.
User’s Manual of MGSW-24160F SWITCH/>security network nas state 1 Port Admin State Port State Last Source Last ID ---- ------------------ --------------------- ----------------- ------------------ Force Authorized Link Down Security Network NAS Reauthentication Description: Set or show Reauthentication enabledness. Syntax: Security Network NAS Reauthentication [enable|disable]...
User’s Manual of MGSW-24160F Default Setting: 3600 Example: Set reauthentication period in 3000sec. SWITCH/>security network nas reauthperiod 3000 Security Network NAS EapolTimeout Description: Set or show the time between EAPOL retransmissions. Syntax: Security Network NAS EapolTimeout [<eapol_timeout>] Parameters: <eapol_timeout>: Time between EAPOL retransmissions (1-65535 seconds)
User’s Manual of MGSW-24160F Default Setting: Example: Set NAS age time in 1000sec SWITCH/>security network nas agetime 1000 Security Network NAS Holdtime Description: Time in seconds before a MAC-address that failed authentication gets a new authentication chance. Syntax: Security Network NAS Holdtime [<hold_time>] Parameters: <hold_time>: Hold time before MAC addresses that failed authentication expire...
User’s Manual of MGSW-24160F (default: Show current per-port RADIUS-assigned QoS enabledness) enable : Enable RADIUS-assigned QoS either globally or on one or more ports disable: Disable RADIUS-assigned QoS either globally or on one or more ports (default: Show current RADIUS-assigned QoS enabledness)
User’s Manual of MGSW-24160F Set or show either global enabledness and parameters (use the global keyword) or per-port enabledness of Guest VLAN Unless the 'global' keyword is used, the <reauth_max> and <allow_if_eapol_seen> parameters will not be unused. Syntax: Security Network NAS Guest_VLAN [global|<port_list>] [enable|disable] [<vid>] [<reauth_max>] [<allow_if_eapol_seen>]...
User’s Manual of MGSW-24160F Parameters: <port_list>: Port list or 'all', default: All ports now: Force reauthentication immediately Example: Start NAS authentication now for port 1. SWITCH/>security network nas authenticate 1 now Security Network NAS Statistics Description: Show or clear 802.1X statistics.
User’s Manual of MGSW-24160F Rx Other Requests: Rx Auth. Successes: Rx Auth. Failures: Security Network ACL Configuration Description: Show ACL Configuration. Syntax: Security Network ACL Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show ACL Configuration.
User’s Manual of MGSW-24160F Parameters: : Port list or 'all', default: All ports <port_list> : Permit forwarding (default) permit : Deny forwarding deny <rate_limiter>: Rate limiter number (1-15) or 'disable' : Port number for copy of frames or 'disable' <port_copy>...
User’s Manual of MGSW-24160F Security Network ACL Rate Description: Set or show the ACL rate limiter. Syntax: Security Network ACL Rate [<rate_limiter_list>] [<packet_rate>] Parameters: <rate_limiter_list>: Rate limiter list (1-15), default: All rate limiters : Rate in pps (1, 2, 4, ..., 512, 1k, 2k, 4k, ..., 1024k) <packet_rate>...
Page 394
User’s Manual of MGSW-24160F [permit|deny] [<rate_limiter>] [<port_copy>] [<logging>] [<shutdown>] Parameters: : ACE ID (1-128), default: Next available ID <ace_id> <ace_id_next> : Next ACE ID (1-128), default: Add ACE last : Switch ACE keyword switch : Port ACE keyword port : Port number <port>...
User’s Manual of MGSW-24160F Example: Clear all ACL counters. SWITCH/>security network acl clear Security Network ACL Status Description: Show ACL status. Syntax: Security Network ACL Status [combined|static|dhcp|upnp|arp_inspection|ip_source_guard|conflicts] Parameters: : Shows the combined status combined : Shows the static user configured status...
User’s Manual of MGSW-24160F Syntax: Security Network DHCP Relay Server [<ip_addr>] Parameters: <ip_addr>: IP address (a.b.c.d), default: Show IP address Default Setting: null Example: Set DHCP relay server in 192.168.0.20 SWITCH/>security network dhcp relay server 192.168.0.20 Security Network DHCP Relay Information Mode Description: Set or show DHCP relay agent information option mode.
User’s Manual of MGSW-24160F Security Network DHCP Relay Information Policy Description: Set or show the DHCP relay mode. When enable DHCP relay information mode operation, if agent received a DHCP message that already contains relay agent information. It will enforce the policy.
User’s Manual of MGSW-24160F trusted trusted trusted Security Network DHCP Snooping Mode Description: Set or show the DHCP snooping mode. Syntax: Security Network DHCP Snooping Mode [enable|disable] Parameters: enable : Enable DHCP snooping mode. When enable DHCP snooping mode operation, the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports.
User’s Manual of MGSW-24160F untrusted: Configures the port as untrusted sources of the DHCP message (default: Show flow DHCP snooping port mode) Default Setting: trusted Example: Set untrusted DHCP snooping port mode in port 1 SWITCH/>security network dhcp snooping port mode 1 untrusted...
User’s Manual of MGSW-24160F Disabled unlimited Disabled unlimited Disabled unlimited Disabled unlimited Disabled unlimited Disabled unlimited Disabled unlimited IP Source Guard Entry Table: Type Port VLAN IP Address IP Mask ------- ---- ---- --------------- --------------- Security Network IP Source Guard Mode Description: Set or show IP source guard mode.
User’s Manual of MGSW-24160F Syntax: Security Network IP Source Guard Port Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable IP Source Guard port disable : Disable IP Source Guard port (default: Show IP Source Guard port mode)
User’s Manual of MGSW-24160F Security Network IP Source Guard Entry Description: Add or delete IP source guard static entry. Syntax: Security Network IP Source Guard Entry [<port_list>] add|delete <vid> <allowed_ip> <ip_mask> Parameters: <port_list> : Port list or 'all', default: All ports...
User’s Manual of MGSW-24160F Security Network ARP Inspection Port Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable ARP Inspection port disable : Disable ARP Inspection port (default: Show ARP Inspection port mode) Default Setting:...
User’s Manual of MGSW-24160F Security Network ARP Inspection Status Description: Show ARP inspection static and dynamic entries. Syntax: Security Network ARP Inspection Status [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show ARP inspection static and dynamic entries.
User’s Manual of MGSW-24160F Default Setting: Example: Set 30sec for server timeout SWITCH/>security aaa timeout 30 Security AAA Deadtime Description: Set or show server dead time. Syntax: Security AAA Deadtime [<dead_time>] Parameters: <dead_time>: Time that a server is considered dead if it doesn't answer a request (0-3600 seconds)
User’s Manual of MGSW-24160F : Enable RADIUS authentication server enable : Disable RADIUS authentication server disable (default: Show RADIUS server mode) <ip_addr_string>: IP host address (a.b.c.d) or a host name string : Secret shared with external authentication server. <secret> Set to empty secret, please use two quotes ("").
User’s Manual of MGSW-24160F Security AAA TACACS+ Description: Set or show TACACS+ authentication server setup. Syntax: Security AAA TACACS+ [<server_index>] [enable|disable] [<ip_addr_string>] [<secret>] [<server_port>] Parameters: The server index (1-5) (default: Show TACACS+ authentication server configuration) : Enable TACACS+ authentication server...
Page 414
User’s Manual of MGSW-24160F Example: Show RADIUS statistics. SWITCH/>security aaa statistics...
User’s Manual of MGSW-24160F Example: Set the STP Bridge protocol version. SWITCH/> stp version rstp STP Tx Hold Description: Set or show the STP Bridge Transmit Hold Count parameter. Syntax: STP Txhold [<holdcount>] Parameters: <holdcount>: STP Transmit Hold Count (1-10)
User’s Manual of MGSW-24160F Example: Set STP maximum hops in 25 SWITCH/>stp maxhops 25 STP MaxAge Description: Set or show the CIST/MSTI bridge maximum age. Syntax: STP MaxAge [<max_age>] Parameters: <max_age>: STP maximum age time (6-40, and max_age <= (forward_delay-1)*2)
User’s Manual of MGSW-24160F Set STP forward delay value in 25 SWITCH/>stp fwddelay 25 STP CName Description: Set or show MSTP configuration name and revision. Syntax: STP CName [<config-name>] [<integer>] Parameters: <config-name>: MSTP Configuration name. A text string up to 32 characters length.
User’s Manual of MGSW-24160F Example: Set edge port BPDU filtering SWITCH/>stp bpdufilter enable STP BPDU Guard Description: Set or show edge port BPDU Guard. Syntax: STP bpduGuard [enable|disable] Parameters: enable|disable: enable or disable BPDU Guard for Edge ports Default Setting:...
User’s Manual of MGSW-24160F Example: Set STP recovery value in 30 sec. SWITCH/>stp recovery 30 STP Status Description: Show STP Bridge status. Syntax: STP Status [<msti>] [<port_list>] Parameters: : STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) <msti> <port_list>: Port list or 'all', default: All ports...
User’s Manual of MGSW-24160F Enabled Enabled Enabled Disabled Disabled Disabled Auto STP Port Mode Description: Set or show the STP enabling for a port. Syntax: STP Port Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all'. Port zero means aggregations.
User’s Manual of MGSW-24160F Example: Disable STP edge function on port1 SWITCH/>stp port edge 1 disable STP Port AutoEdge Description: Set or show the STP autoEdge port parameter. Syntax: STP Port AutoEdge [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports...
User’s Manual of MGSW-24160F Default: auto Example: Disable STP P2P function on port1 SWITCH/>stp port p2p 1 disable STP Port RestrictedRole Description: Set or show the MSTP restrictedRole port parameter. Syntax: STP Port RestrictedRole [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports...
User’s Manual of MGSW-24160F : Enable MSTP restricted TCN enable : Disable MSTP restricted TCN disable Default: disable Example: Eisable STP restricted TCN on port1 SWITCH/>stp port restrictedtcn 1 enable STP Port bpduGuard Description: Set or show the bpduGuard port parameter.
User’s Manual of MGSW-24160F Parameters: <port_list>: Port list or 'all', default: All ports Example: Show STP port statistics. SWITCH/>stp port statistics Port Rx MSTP Tx MSTP Rx RSTP Tx RSTP Rx STP Tx STP Rx TCN Tx TCN Rx Ill. Rx Unk.
User’s Manual of MGSW-24160F Default: auto Example: Set MSTI2 in port1~2 SWITCH/>stp msti port configuration 2 1-2 MSTI Port Path Cost Priority ---- ---- ---------- -------- MST2 Aggr Auto MSTI Port Path Cost Priority ---- ---- ---------- -------- MST2 Auto...
User’s Manual of MGSW-24160F MST7 1 Auto STP MSTI Port Priority Description: Set or show the STP CIST/MSTI port priority. Syntax: STP Msti Port Priority [<msti>] [<port_list>] [<priority>] Parameters: : STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) <msti> <port_list> : Port list or 'all'. Port zero means aggregations.
User’s Manual of MGSW-24160F 6.9 Multicast Configuration Command IGMP Configuration Description: Show IGMP snooping configuration. Syntax: IGMP Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show IGMP snooping configuration. SWITCH/>igmp configuration IGMP Mode Description: Set or show the IGMP snooping mode.
User’s Manual of MGSW-24160F SWITCH/>igmp state 1 disable IGMP Querier Description: Set or show the IGMP snooping querier mode for VLAN. Syntax: IGMP Querier [<vid>] [enable|disable] Parameters: <vid>: VLAN ID (1-4095), default: Show all VLANs enable : Enable IGMP querier...
User’s Manual of MGSW-24160F Default Setting: disable Example: Enable the IGMP snooping fast leave port mode. SWITCH/>igmp fastleave 1 enable IGMP Throttling Description: Set or show the IGMP port throttling status. Syntax: IGMP Throttling [<port_list>] [limit-group-number] Parameters: <port_list>: Port list or 'all', default: All ports...
User’s Manual of MGSW-24160F Parameters: <port_list>: Port list or 'all', default: All ports add : Add new port group filtering entry del : Del existing port group filtering entry (default: Show IGMP port group filtering list) IP multicast group address (a.b.c.d)
User’s Manual of MGSW-24160F Aggregation Mode Description: Set or show the link aggregation traffic distribution mode. Syntax: Aggr Mode [smac|dmac|ip|port] [enable|disable] Parameters: : Source MAC address smac : Destination MAC address dmac : Source and destination IP address : Source and destination UDP/TCP port...
User’s Manual of MGSW-24160F 6.11 Link Aggregation Control Protocol Command LACP Configuration Description: Show LACP configuration. Syntax: LACP Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LACP configuration SWITCH/>lacp configuration Port Mode Role ---- --------...
User’s Manual of MGSW-24160F Disabled Auto Active Disabled Auto Active Disabled Auto Active LACP Mode Description: Set or show LACP mode. Syntax: LACP Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable LACP protocol...
User’s Manual of MGSW-24160F Default Setting: auto Example: Set key1 for port1~4 SWITCH/>lacp key 1-4 1 LACP Role Description: Set or show the LACP role. Syntax: LACP Role [<port_list>] [active|passive] Parameters: <port_list>: Port list or 'all', default: All ports active : Initiate LACP negotiation...
User’s Manual of MGSW-24160F <port_list>: Port list or 'all', default: All ports Example: Show LACP status of port1~4 SWITCH/>lacp status 1-4 Port Mode Aggr ID Partner System ID Partner Port ---- -------- ----- ------- ----------------- ------------ Disabled Disabled Disabled Disabled...
User’s Manual of MGSW-24160F Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable LLDP reception and transmission disable: Disable LLDP : Enable LLDP reception only : Enable LLDP transmission only (default: Show LLDP mode) Default Setting: disable Example: Enable port1 LLDP function.
User’s Manual of MGSW-24160F System capabilities: Enable Master's IP address: Enable Example: Disable description of the port for port1 SWITCH/>lldp optional_tlv 1 port_descr disable LLDP Interval Description: Set or show LLDP Tx interval. Syntax: LLDP Interval [<interval>] Parameters: <interval>: LLDP transmission interval (5-32768)
User’s Manual of MGSW-24160F Example: Set LLDP hold value in 10 SWITCH/>lldp hold 10 LLDP Delay Description: Set or show LLDP Tx delay. Syntax: LLDP Delay [<delay>] Parameters: <delay>: LLDP transmission delay (1-8192) Default Setting: Example: Set LLDP delay value in 1 SWITCH/>lldp delay 1...
User’s Manual of MGSW-24160F Example: Set LLDP reinit delay value in 3 SWITCH/>lldp reinit 3 LLDP Statistics Description: Show LLDP Statistics. Syntax: LLDP Statistics [<port_list>] [clear] Parameters: <port_list>: Port list or 'all', default: All ports : Clear LLDP statistics clear...
User’s Manual of MGSW-24160F LLDP Info Description: Show LLDP neighbor device information. Syntax: LLDP Info [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports LLDP CDP Aware Description: Set or show if discovery information from received CDP ( Cisco Discovery Protocol ) frames is added to the LLDP neighbor table.
User’s Manual of MGSW-24160F 6.13 LLDPMED Command LLDPMED Configuration Description: Show LLDP-MED configuration. Syntax: LLDPMED Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LLDP-MED configuration of port1~4 SWITCH/>lldpmed configuration 1-4 LLDP-MED Configuration: ======================= Fast Start Repeast Count : 4...
User’s Manual of MGSW-24160F Syntax: LLDPMED Civic [country|state|county|city|district|block|street|leading_street_direction|trailing_street_suffix|str_suf|house_no|house_no_s uffix|landmark|additional_info|name|zip_code|building|apartment|floor|room_number|place_type|postal_com_name|p_o_ box|additional_code] [<civic_value>] Parameters: : Country country : National subdivisions (state, caton, region, province, prefecture) state : County, parish,gun (JP), district(IN) county : City, townchip, shi (JP) city : City division,borough, city, district, ward,chou (JP)
User’s Manual of MGSW-24160F Syntax: LLDPMED ecs [<ecs_value>] Parameters: <ecs_value>: lldpmed The value for the Emergency Call Service LLDPMED Policy Delete Description: Delete the selected policy. Syntax: LLDPMED policy delete [<policy_list>] Parameters: <policy_list>: List of policies to delete Example: Delete the policy 1 SWITCH/>lldpmed policy delete 1...
User’s Manual of MGSW-24160F visitors with their own IP Telephony handsets and other similar appliances supporting interactive voice services. guest_voice_signaling : Guest Voice Signaling (conditional) for use in network topologies that require a different policy for the guest voice signaling than for the guest voice media.
User’s Manual of MGSW-24160F LLDPMED Coordinates Description: Set or show LLDP-MED Location. Syntax: LLDPMED Coordinates [latitude|longitude|altitude] [north|south|west|east|meters|floor] [coordinate_value] Parameters: : Latitude, 0 to 90 degress with max. 4 digits (Positive numbers are north of the equator and negative latitude numbers are south of the equator).
User’s Manual of MGSW-24160F LLDPMED Fast Description: Set or show LLDP-MED Fast Start Repeat Count. Syntax: LLDPMED Fast [<count>] Parameters: <count>: The number of times the fast start LLDPDU are being sent during the activation of the fast start mechanism defined by LLDP-MED (1-10).
User’s Manual of MGSW-24160F 6.14 Quality of Service Command QoS Configuration Description: Show QoS Configuration. Syntax: QoS Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show QoS Configuration of port 1-4. SWITCH/>qos configuration 1-4 QoS Configuration:...
User’s Manual of MGSW-24160F Syntax: QoS Classes [<class>] Parameters: <class>: Number of traffic classes (1,2 or 4) Default Setting: Example: Set QoS classes 2 SWITCH/>qos classes 2 QoS Default Description: Set or show the default port priority. Syntax: QoS Default [<port_list>] [<class>] Parameters: <port_list>: Port list or 'all', default: All ports...
User’s Manual of MGSW-24160F Syntax: QoS Tagprio [<port_list>] [<tag_prio>] Parameters: <port_list>: Port list or 'all', default: All ports <tag_prio> : VLAN tag priority (0-7) Default Setting: Example: Set priority7 for port 3 SWITCH/>qos tagprio 3 7 QoS QCL Port Description: Set or show the port QCL ID.
User’s Manual of MGSW-24160F If the QCE ID parameter <qce_id> is specified and an entry with this QCE ID already exists, the QCE will be modified. Otherwise, a new QCE will be added. If the QCE ID is not specified, the next available QCE ID will be used.
User’s Manual of MGSW-24160F QoS QCL Look up Description: Look up QCE. Syntax: QoS QCL Look up [<qcl_id>] [<qce_id>] Parameters: <qcl_id>: QCL ID <qce_id>: QCE ID (1-24) QoS Mode Description: Set or show the port egress scheduler mode. Syntax: QoS Mode [<port_list>] [strict|weighted] Parameters: <port_list>: Port list or 'all', default: All ports...
User’s Manual of MGSW-24160F Syntax: QoS Weight [<port_list>] [<class>] [<weight>] Parameters: <port_list> : Port list or 'all', default: All ports : Traffic class low/normal/medium/high or 1/2/3/4 <class> : Traffic class weight 1/2/4/8 <weight> QoS Rate Limiter Description: Set or show the port rate limiter.
User’s Manual of MGSW-24160F Parameters: <port_list>: Port list or 'all', default: All ports : Enable shaper enable : Disable shaper disable (default: Show shaper mode) <bit_rate> : Rate in 1000 bits per second (500-1000000 kbps) Default Setting: Disabled, 500kbps Example: Set 1000kbps shaper for port 9~16 SWITCH/>qos shaper 9-16 enable 1000...
User’s Manual of MGSW-24160F QoS DSCP Remarking Description: Set or show the status of QoS DSCP Remarking. Syntax: QoS DSCP Remarking [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Enable QoS Remarking enable : Disable QoS Remarking...
User’s Manual of MGSW-24160F 6.15 Mirror Command Mirror Configuration Description: Show mirror configuration. Syntax: Mirror Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Default Setting: disable Example: Show mirror configuration. SWITCH/>mirror configuration Mirror Port Description: Set or show the mirror port.
User’s Manual of MGSW-24160F Mirror SID Description: Set or show the mirror switch ID. Syntax: Mirror SID [<sid>] Parameters: <sid>: Switch ID (1-16) Default Setting: Example: Set SID2 for mirror switch ID. SWITCH/>mirror sid 2 Mirror Mode Description: Set or show the mirror mode.
Page 467
User’s Manual of MGSW-24160F Example: Enable the mirror mode for port 1-4. SWITCH/>mirror mode 1-4 enable...
User’s Manual of MGSW-24160F 6.16 Configuration Command Configuration Save Description: Save configuration to TFTP server. Syntax: Config Save <ip_server> <file_name> Parameters: <ip_server>: TFTP server IP address (a.b.c.d) <file_name>: Configuration file name Configuration Load Description: Load configuration from TFTP server. Syntax: Config Load <ip_server>...
User’s Manual of MGSW-24160F 6.17 Firmware Command Firmware Load Description: Load new firmware from TFTP server. Syntax: Firmware Load <ip_addr_string> <file_name> Parameters: <ip_addr_string>: IP host address (a.b.c.d) or a host name string : Firmware file name <file_name> Firmware IPv6 Load Description: Load new firmware from IPv6 TFTP server.
User’s Manual of MGSW-24160F SWITCH/>upnp mode enable UPnP TTL Description: Set or show the TTL value of the IP header in SSDP messages. Syntax: UPnP TTL [<ttl>] Parameters: <ttl>: ttl range (1..255), default: Show UPnP TTL Default Setting: Example: Set the value 10 for TTL value of the IP header in SSDP messages.
User’s Manual of MGSW-24160F 6.19 MVR Command MVR Configuration Description: Show the MVR configuration. Syntax: MVR Configuration Example: Show the MVR configuration. SWITCH/>mvr configuration MVR Configuration: ================== MVR Mode: Disabled Muticast VLAN ID: 100 Port Port Mode Port Type Immediate Leave...
User’s Manual of MGSW-24160F Disabled Receive Disabled Disabled Receive Disabled Disabled Receive Disabled Disabled Receive Disabled Disabled Receive Disabled Disabled Receive Disabled MVR Group Description: Show the MVR group. Syntax: MVR Group MVR Status Description: Show the MVR status. Syntax:...
User’s Manual of MGSW-24160F Default Setting: disable Example: Enable MVR mode. SWITCH/>mvr mode enable MVR Port Mode Description: Set or show the MVR port mode. Syntax: MVR Port Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports...
User’s Manual of MGSW-24160F Parameters: <vid>: VLAN ID (1-4095), default: Show current MVR multicast VLAN ID Default Setting: Example: Set VLAN 1000 for MVR multicast VLAN ID. SWITCH/>mvr multicast vlan 1000 MVR Port Type Description: Set or show MVR port type.
Page 476
User’s Manual of MGSW-24160F MVR Immediate Leave [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Enable Immediate-leave mode enable : Disable Immediate-leave mode disable (default: Show MVR Immediate-leave mode) Default Setting: disable Example: Enable MVR port state about immediate leave for port 1.
User’s Manual of MGSW-24160F Parameters: <age_time>: MAC address age time (10-10000000) default: Show age time Default Setting: 86400sec Example: Set Voice VLAN age time in 100sec. SWITCH/>voice valn agetime 100 Voice VLAN Traffic Class Description: Set or show Voice VLAN ID.
User’s Manual of MGSW-24160F Parameters: : OUI address (xx-xx-xx) <oui_addr> <description>: Entry description. Use 'clear' or "" to clear the string No blank or space characters are permitted as part of a contact.(only in CLI) Example: Add Voice VLAN OUI entry.
User’s Manual of MGSW-24160F Example: Set auto mode for port 1-4 of Voice VLAN port mode. SWITCH/>voice vlan port mode 1-4 auto Voice VLAN Security Description: Set or show the Voice VLAN port security mode. When the function is enabled, all non-telephone MAC address in Voice VLAN will be blocked 10 seconds.
User’s Manual of MGSW-24160F SMTP Auth_pass Description: Set or show up SMTP authentication password configure. Syntax: SMTP Auth_pass [<auth_pass_text>] Parameters: <auth_pass_text>: SMTP Authentication Password Default Setting: disable SMTP Mailfrom Description: Set or show SMTP e-mail from configure. Syntax: SMTP Mailfrom [<mailfrom_text>] Parameters: <mailfrom_text>: SMTP E-mail From address...
User’s Manual of MGSW-24160F Default Setting: disable SMTP Mailto1 Description: Set or show SMTP e-mail 1 to configure. Syntax: SMTP Mailto1 [<mailto1_text>] Parameters: <mailto1_text>: SMTP e-mail 1 to address Default Setting: disable SMTP Mailto2 Description: Set or show SMTP e-mail 2 to configure.
User’s Manual of MGSW-24160F 6.22 Show Command Show ACL Configuration Description: Show ACL Configuration. Syntax: Show acl Show Link Aggregation Configuration Description: Show link aggregation configuration. Syntax: Show aggr Show IGMP Configuration Description: Show IGMP snooping configuration. Syntax: Show igmp...
User’s Manual of MGSW-24160F Show LACP Configuration Description: Show LACP configuration. Syntax: Show lacp Show LLDP Configuration Description: Show LLDP configuration. Syntax: Show lldp Show MAC Configuration Description: Show MAC address table configuration. Syntax: Show MAC Show Mirror Configuration Description: Show mirror configuration.
User’s Manual of MGSW-24160F Syntax: Show PoE Show Port Configuration Description: Show port configuration. Syntax: Show port Show Private VLAN Configuration Description: Show up Private VLAN configuration. Syntax: Show pvlan Show QoS Configuration Description: Show QoS Configuration. Syntax: Show QoS...
User’s Manual of MGSW-24160F Show System Configuration Description: Show system configuration. Syntax: Show system Show VLAN Configuration Description: Show VLAN configuration. Syntax: Show vlan Show STP Configuration Description: Show up STP Port configuration. Syntax: Show STP...
User’s Manual of MGSW-24160F 6.23 DIDO Command Di_act Description: Digital input fuction and action configuration. Syntax: di_act [first|second] [1|2|3|4] [enable|disable] Parameters: <first >: Digital input/output 1 <second>: Digital input/output 2 (default: Set or show digital input/output first(1)/second(2) select) <1>: System Log <2>: Syslog...
User’s Manual of MGSW-24160F Syntax: Di_desc [first|second] [<description>] Parameters: <first >: Digital input/output 1 <second>: Digital input/output 2 (default: Set or show digital input/output first(1)/second(2) select) <description>: Digital input1/2 described string. Use 'clear' or "" to clear the string In CLI, no blank or space characters are permitted as part of a contact.
User’s Manual of MGSW-24160F Do_act Description: Set or show the system digital output1/2 action. Syntax: do_act [first|second] [port|power] [enable|disable] Parameters: <first >: Digital input/output 1 <second>: Digital input/output 2 (default: Set or show digital input/output first(1)/second(2) select) <port>: port fail <power>: power fail...
User’s Manual of MGSW-24160F <hightolow>: Trigger -> high to low <lowtohigh>: Trigger -> low to high (default: Set or show digital input/output 1/2 trigger) Example: Enable digital output function and set trigger condition. SWITCH/>dido do_en first enable hightolow Do_port_alr Description: Set or show the system digital output1/2 port alarm.
User’s Manual of MGSW-24160F <dc1>: DC power 1 <dc2>: DC power 2 <ac>: AC power (default: Set or show digital output/fault alarm 1/2 power_fail) <enable>: Enable digital input1/2 function <disable> : Disable digital input1/2 function (default: Set or show digital input/output/fault alarm 1/2 status) Example: Enable power alarm configuration.
User’s Manual of MGSW-24160F fault_en Description: Set or show the system fault alarm. Syntax: dido fault_en [enable|disable] Parameters: <enable>: Enable digital input1/2 function <disable> : Disable digital input1/2 function (default: Set or show digital input/output/fault alarm 1/2 status) Example: Enable power alarm configuration.
Page 498
User’s Manual of MGSW-24160F Parameters: <dc1>: DC power 1 <dc2>: DC power 2 <ac>: AC power (default: Set or show digital output/fault alarm 1/2 power_fail) <enable>: Enable digital input1/2 function <disable> : Disable digital input1/2 function (default: Set or show digital input/output/fault alarm 1/2 status) Example: Enable power alarm configuration.
User’s Manual of MGSW-24160F 7. SWITCH OPERATION 7.1 Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is used to store the address information of some node in network, including MAC address, port no, etc. This in-formation comes from the learning process of Ethernet Switch.
User’s Manual of MGSW-24160F 7.5 Auto-Negotiation The STP ports on the Switch have built-in "Auto-negotiation". This technology automatically sets the best possible bandwidth when a connection is established with another network device (usually at Power On or Reset). This is done by detect the modes and speeds at the second of both device is connected and capable of, both 10Base-T and 100Base-TX devices can connect with the port in either Half- or Full-Duplex mode.
User’s Manual of MGSW-24160F 8. TROUBLE SHOOTING This chapter contains information to help you solve problems. If the Ethernet Switch is not functioning properly, make sure the Ethernet Switch was set up according to instructions in this manual. ■ The Link LED is not lit...
Page 502
User’s Manual of MGSW-24160F If that device works, refer to the next step. If that device does not work, check the AC power While IP Address be changed or forgotten admin password – To reset the IP address to the default IP Address “192.168.0.100” or reset the password to default value. Press the hardware reset button at the front panel about 10 seconds.
User’s Manual of MGSW-24160F APPENDEX A A.1 Switch's RJ-45 Pin Assignments 1000Mbps, 1000Base T Contact MDI-X BI_DA+ BI_DB+ BI_DA- BI_DB- BI_DB+ BI_DA+ BI_DC+ BI_DD+ BI_DC- BI_DD- BI_DB- BI_DA- BI_DD+ BI_DC+ BI_DD- BI_DC- Implicit implementation of the crossover function within a twisted-pair cable, or at a wiring panel, while not expressly forbidden, is beyond the scope of this standard.
Page 504
User’s Manual of MGSW-24160F 7, 8 Not used The standard cable, RJ-45 pin assignment The standard RJ-45 receptacle/connector There are 8 wires on a standard UTP/STP cable and each wire is color-coded. The following shows the pin allocation and color...
User’s Manual of MGSW-24160F APPENDEX B : GLOSSARY ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID. There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The ACE also contains many detailed, different parameter options that are available for individual application.
Page 506
User’s Manual of MGSW-24160F ranging from 1-1024K packets per seconds. Under "Ports" and "Access Control List" web-pages you can assign a Rate Limiter ID to the ACE(s) or ingress port(s). AES is an acronym for Advanced Encryption Standard. The encryption key protocol is applied in 802.1i standard to improve WLAN security.
Page 507
User’s Manual of MGSW-24160F CCM is an acronym for Continuity Check Message. It is a OAM frame transmitted from a MEP to it's peer MEP and used to implement CC functionality. CDP is an acronym for Cisco Discovery Protocol. DEI is an acronym for Drop Eligible Indicator. It is a 1-bit field in the VLAN tag.
Page 508
User’s Manual of MGSW-24160F The DHCP option 82 enables a DHCP relay agent to insert specific information into a DHCP request packets when forwarding client DHCP packets to a DHCP server and remove the specific information from a DHCP reply packets when forwarding server DHCP packets to a DHCP client.
Page 509
User’s Manual of MGSW-24160F EPS is an abbreviation for Ethernet Protection Switching defined in ITU/T G.8031. Ethernet Type Ethernet Type, or EtherType, is a field in the Ethernet MAC header, defined by the Ethernet networking standard. It is used to indicate which protocol is being transported in an Ethernet frame.
Page 510
User’s Manual of MGSW-24160F HTTPS is really just the use of Netscape's Secure Socket Layer (SSL) as a sublayer under its regular HTTP application layering. (HTTPS uses port 443 instead of HTTP port 80 in its interactions with the lower layer, TCP/IP.) SSL uses a 40-bit key size for the RC4 stream encryption algorithm, which is considered an adequate degree of encryption for commercial exchange.
Page 511
User’s Manual of MGSW-24160F IP is an acronym for Internet Protocol. It is a protocol used for communicating data across a internet network. IP is a "best effort" system, which means that no packet of information sent over it is assured to reach its destination in the same condition it was sent.
Page 512
User’s Manual of MGSW-24160F LLDP-MED LLDP-MED is an extendsion of IEEE 802.1ab and is defined by the telecommunication industry association (TIA-1057). LOC is an acronym for Loss Of Connectivity and is detected by a MEP and is indicating lost connectivity in the network.
Page 513
User’s Manual of MGSW-24160F NAS is an acronym for Network Access Server. The NAS is meant to act as a gateway to guard access to a protected source. A client connects to the NAS, and the NAS connects to another resource asking whether the client's supplied credentials are valid.
Page 514
User’s Manual of MGSW-24160F For some TLVs it is configurable if the switch shall include the TLV in the LLDP frame. These TLVs are known as optional TLVs. If an optional TLVs is disabled the corresponding information is not included in the LLDP frame.
Page 515
User’s Manual of MGSW-24160F POP3 POP3 is an acronym for Post Office Protocol version 3. It is a protocol for email clients to retrieve email messages from a mail server. POP3 is designed to delete mail on the server as soon as the user has downloaded it. However, some implementations allow users or an administrator to specify that mail be saved for some period of time.
Page 516
User’s Manual of MGSW-24160F Each accessible traffic object contains an identifier to its QCL. The privileges determine specific traffic object to specific QoS class. QL In SyncE this is the Quality Level of a given clock source. This is received on a port in a SSM indicating the quality of the clock received in the port.
Page 517
User’s Manual of MGSW-24160F SAMBA Samba is a program running under UNIX-like operating systems that provides seamless integration between UNIX and Microsoft Windows machines. Samba acts as file and print servers for Microsoft Windows, IBM OS/2, and other SMB client machines. Samba uses the Server Message Block (SMB) protocol and Common Internet File System (CIFS), which is the underlying protocol used in Microsoft Windows networking.
Page 518
User’s Manual of MGSW-24160F SSH is an acronym for Secure SHell. It is a network protocol that allows data to be exchanged using a secure channel between two networked devices. The encryption used by SSH provides confidentiality and integrity of data over an insecure network.
Page 519
User’s Manual of MGSW-24160F TELNET TELNET is an acronym for TELetype NETwork. It is a terminal emulation protocol that uses the Transmission Control Protocol (TCP) and provides a virtual connection between TELNET server and TELNET client. TELNET enables the client to control the server and communicate with other servers on the network. To start a Telnet session, the client user must log in to a server by entering a valid username and password.
Page 520
User’s Manual of MGSW-24160F UDP is an acronym for User Datagram Protocol. It is a communications protocol that uses the Internet Protocol (IP) to exchange the messages between computers. UDP is an alternative to the Transmission Control Protocol (TCP) that uses the Internet Protocol (IP). Unlike TCP, UDP does not provide the service of dividing a message into packet datagrams, and UDP doesn't provide reassembling and sequencing of the packets.
Page 521
User’s Manual of MGSW-24160F Provider switching: This is also known as Q-in-Q switching. Ports connected to subscribers are VLAN unaware, members of one VLAN, and set up with this unique Port VLAN ID. Ports connected to the service provider are VLAN aware, members of multiple VLANs, and set up to tag all frames.
Page 522
User’s Manual of MGSW-24160F WPA-Radius WPA-Radius is an acronym for Wi-Fi Protected Access - Radius (802.1X authentication server). WPA was designed to enhance the security of wireless networks. There are two flavors of WPA: enterprise and personal. Enterprise is meant for use with an IEEE 802.1X authentication server, which distributes different keys to each user.
*Model Number: MGSW-24160F * Produced by: Manufacturer‘s Name : Planet Technology Corp. Manufacturer‘s Address: 10F., No.96, Minquan Rd., Xindian Dist., New Taipei City 231, Taiwan (R.O.C.) is herewith confirmed to comply with the requirements set out in the Council Directive on the Approximation of the Laws of the Member States relating to Electromagnetic Compatibility Directive on (2004/108/EC).