Page 1 Layer 2 Ethernet Switch AT-S94 V1.1.0 Web Browser Interface User’s Guide...
Page 2 Allied Telesis, Inc. has been advised of, known, or...
Page 3: Table Of Contents
Preface............................ 7 Web Browser Interface User’s Guide Overview ................7 Intended Audience........................... 8 Document Conventions ........................8 Contacting Allied Telesis ......................... 8 Getting Started........................9 Starting the Application........................9 Using the Web Browser Interface ....................11 Viewing the Device Representation......................11 User Interface Components........................12...
Page 4 Table of Contents Configuring DHCP Snooping ....................68 Defining DHCP Snooping General Properties ..................68 Defining DHCP Snooping on VLANs .......................70 Defining Trusted Interfaces........................71 Binding Addresses to the DHCP Snooping Database ................73 Configuring Ports ........................75 Setting Ports Configurations ......................75 Defining Port Settings ..........................75 Configuring Port Mirroring........................79 Aggregating Ports..........................
Page 5 Table of Contents Defining SNMP Views..........................141 Defining Notification Recipients ......................143 Defining Notification Filters ........................147 Configuring Power Over Ethernet ..................149 Enabling PoE and Setting the Power Threshold..................149 Defining Power Over Ethernet Configuration..................151 Configuring Services ......................153 Enabling Class of Service (CoS) ......................154 Configuring CoS Queueing and Scheduling ..................156 Mapping CoS Values to Queues ......................157 Mapping DSCP Values to Queues ......................158...
Page 6 Table of Contents Standalone Device Software Download ....................191 Stacking Member Software Download....................194 System Defaults........................196 RS-232 Port Settings ........................197 Port Defaults ..........................197 Configuration Defaults ......................198 Security Defaults........................198 Jumbo Frame Defaults......................198 System Time Defaults .......................198 Spanning Tree Defaults ......................199 Address Table Defaults......................199 VLAN Defaults ..........................199 Trunking Defaults........................200 Multicast Defaults........................200...
Page 7: Preface
Preface Web Browser Interface User’s Guide Overview Preface This guide contains instructions on how to configure an AT-S95 Series Layer 2+ Gigabit Ethernet Switch using the interface in the Embedded Management System (EWS). The Embedded Management System enables configuring, monitoring, and troubleshooting of network devices remotely via a web browser.
Page 8: Intended Audience
Warning Indicates a risk of personal injury. Contacting Allied Telesis This section provides Allied Telesis contact information for technical support as well as sales or corporate information. You can request technical support online by accessing the Allied Telesis Knowledge Base...
Page 9: Getting Started
Getting Started Starting the Application Section 1. Getting Started This section provides an introduction to the Web Browser Interface, and includes the following topics: • Starting the Application • User Interface Components • Resetting the Device • Starting the Application Starting the Application This section contains information for starting the application.
Page 10 Getting Started Starting the Application Figure 2: System General Page Page 10...
Page 11: Using The Web Browser Interface
Getting Started Using the Web Browser Interface Using the Web Browser Interface This section provides general information about the interface, and describes the following topics: • Viewing the Device Representation • User Interface Components • Using the Management Buttons • Adding, Modifying and Deleting Information Viewing the Device Representation Zoom Views provide a graphical representation of the device ports.
Page 12: User Interface Components
Getting Started Using the Web Browser Interface User Interface Components The System General Page example shows the interface components. Figure 4: System General Page The following table lists the interface components with their corresponding numbers: Table 1: Interface Components Comp on en t Des cription Menu The Menu provides easy navigation through the main management software...
Page 13: Using The Management Buttons
Getting Started Using the Web Browser Interface Using the Management Buttons Management buttons provide an easy method of configuring device information, and include the following: Table 2: Configuration Management Buttons Butto n Bu t to n Na me D escr ip tio n Opens a page which creates new configuration entries.
Page 14: Adding, Modifying And Deleting Information
Getting Started Using the Web Browser Interface Adding, Modifying and Deleting Information The WBI contains and tables for configuring devices. User-defined information can be added, modified or deleted in specific WBI pages. To add information to tables or WBI pages: Open a WBI page.
Page 15: Saving Configurations
Getting Started Logging Out Define the fields. Click Apply. The fields are modified, and the information is saved to the device. To delete information in tables or WBI pages: Open the WBI page. Select a table row. Click Delete. The information is deleted, and the device is updated. Saving Configurations User-defined information can be saved for permanent use or until next update, not just for the current session.
Page 16: Resetting The Device
Getting Started Resetting the Device Resetting the Device The Reset option enables resetting the device from a remote location. Note Save all changes to the Running Configuration file before resetting the device. This prevents the current device configuration from being lost. See also "System Utilities". To reset the device: In the System General Page, click Reset.
Page 17: Defining System Information
Defining System Information Section 2. Defining System Information The contains general device information, including system name and its IP addressing, administrator and passwords information, Dynamic Host Configuration Protocol (DHCP) configuration and MAC Address Aging Time. To define the general system information: Click System >...
Page 18 Defining System Information • Default Gateway — The IP address of a router for remote management of the device. The address must be entered in the format: xxx.xxx.xxx.xxx. The default value is 0.0.0.0. Note Packets are forwarded to the default IP when frames are sent to a remote network via the default gateway. The configured IP address must belong to the same subnet as one of the IP interfaces.
Page 19: Configuring System Time
Configuring System Time Section 3. Configuring System Time The System Time Page provides information for configuring system time parameters, including: • Setting the System Clock • Configuring SNTP • Configuring Daylight Saving Time Setting the System Clock The System Time Page contains fields for defining system time parameters for both the local hardware clock and the external SNTP clock.
Page 20: Configuring Sntp
Configuring System Time The Clock Source and System Time sections of the System Time Page contain the following fields: • Clock Source — The source used to set the system clock. The possible field values are: – Local Settings — Indicates that the clock is set locally. –...
Page 21: Configuring Daylight Saving Time
Configuring System Time Broadcast Time Information Broadcast information is used when the server IP address is unknown. When a broadcast message is sent from an SNTP server, the SNTP client listens for the response. The SNTP client neither sends time information requests nor receives responses from the Broadcast server.
Page 22 Configuring System Time – Time — The time at which DST begins. The field format is HH:MM. For example: 05:30. • To — Indicates the time that DST ends in countries other than the USA and Europe, in the format Day/Month/ Year in one field and HH:MM in another.
Page 23 Configuring System Time • Canada — From the first Sunday in April until the last Sunday of October. Daylight Saving Time is usually regulated by provincial and territorial governments. Exceptions may exist in certain municipalities. • Cuba — From the last Sunday of March to the last Sunday of October. •...
Page 24 Configuring System Time • Turkey — From the last weekend of March until the last weekend of October. • United Kingdom — From the last weekend of March until the last weekend of October. • United States of America — From the second Sunday in March at 02:00 to the first Sunday in November at 02:00.
Page 25: Configuring Device Security
Configuring Device Security Section 4. Configuring Device Security This section describes setting security parameters for ports, device management methods, users, and servers. This section contains the following topics: • Configuring Management Security • Configuring Server Based Authentication • Configuring Network Security •...
Page 26: Configuring Management Security
Configuring Device Security Configuring Management Security Configuring Management Security This section provides information for configuring device management security, device authentication methods, users and passwords. This section includes the following topics: • Defining Access Profiles • Defining Profile Rules • Defining Authentication Profiles •...
Page 27 Configuring Device Security Configuring Management Security Figure 10: Access Profile Page The Access Profile Page contains a table listing the currently defined profiles and their active status: • Access Profile Name — The name of the profile. The access profile name can contain up to 32 characters. •...
Page 28 Configuring Device Security Configuring Management Security Figure 11: Add Access Profile Page The Add Access Profile Page contains the following fields: • Access Profile Name — Defines the name of a new access profile. • Rule Priority — Defines the rule priority. When the packet is matched to a rule, user groups are either granted permission or denied device management access.
Page 29 Configuring Device Security Configuring Management Security • Action — Defines the action attached to the access rule. The possible field values are: – Permit — Permits access to the device. – Deny — Denies access to the device. This is the default. Define the fields.
Page 30: Defining Profile Rules
Configuring Device Security Configuring Management Security Defining Profile Rules Access profiles can contain up to 128 rules that determine which users can manage the device module, and by which methods. Users can also be blocked from accessing the device. Rules are composed of filters including: •...
Page 31 Configuring Device Security Configuring Management Security • Management Method — Defines the management method for which the rule is defined. Users with this access profile can access the device using the management method selected. The possible field values are: – All —...
Page 32 Configuring Device Security Configuring Management Security To modify an access rule: Click Mgmt. Security > Profile Rules: The Profile Rules Page opens. Click Modify. The Profiles Rules Configuration Page opens: Figure 14: Profiles Rules Configuration Page Define the fields. Click Apply. The profile rule is saved, and the device is updated. Page 32...
Page 33: Defining Authentication Profiles
Configuring Device Security Configuring Management Security Defining Authentication Profiles Authentication profiles allow network administrators to assign authentication methods for user authentication. User authentication can be performed either locally or on an external server. User authentication occurs in the order the methods are selected. If the first authentication method is not available, the next selected method is used.
Page 34 Configuring Device Security Configuring Management Security – RADIUS — Authenticates the user at the RADIUS server. For more information, see Defining RADIUS Server Settings. – TACACS+ — Authenticates the user at the TACACS+ server. For more information, see Defining TACACS+ Host Settings. –...
Page 35 Configuring Device Security Configuring Management Security Enter the Profile Name. Using the arrows, move the method(s) from the Optional Method list to the Selected Method list. Click Apply. The authentication profile is defined. The profile is added to the profiles table and the device is updated.
Page 36: Mapping Authentication Profiles
Configuring Device Security Configuring Management Security Mapping Authentication Profiles After authentication profiles are defined, they can be applied to management access methods. For example, console users can be authenticated by Authentication Profile List 1, while Telnet users are authenticated by Authentication Profile List 2.
Page 37 Configuring Device Security Configuring Management Security • Secure HTTP — Indicates that authentication methods are used for secure HTTP access. The possible methods are: – Local — Authentication occurs locally. – RADIUS — Authenticates the user at the RADIUS server. –...
Page 38: Configuring Server Based Authentication
Configuring Device Security Configuring Server Based Authentication Configuring Server Based Authentication Network administrators assign authentication methods for user authentication. User authentication can be performed locally, or on an external server. User authentication occurs in the order the methods are selected. If the first authentication method is not available, the next selected method is used.
Page 39 Configuring Device Security Configuring Server Based Authentication The TACACS+ Page contains the following fields: • Timeout for Reply — Defines the time interval in seconds that passes before the connection between the device and the TACACS+ server times out. The field range is 1-60 seconds and the default is 10 seconds. •...
Page 40 Configuring Device Security Configuring Server Based Authentication To modify TACACS+ server settings: Click Mgmt. Protocols > TACACS+. The TACACS+ Page opens. Click Modify. The TACACS+ Configuration Page opens: Figure 21: TACACS+ Configuration Page Define the relevant fields. Click Apply. The TACACS+ settings are modified, and the device is updated. Page 40...
Page 41: Configuring Radius
Configuring Device Security Configuring Server Based Authentication Configuring RADIUS Remote Authorization Dial-In User Service (RADIUS) servers provide additional security for networks. RADIUS servers provide a centralized authentication method for web access. To configure RADIUS security settings: Click Mgmt. Protocols > RADIUS. The RADIUS Page opens: Figure 22: RADIUS Page The RADIUS Page contains the following fields: •...
Page 42 Configuring Device Security Configuring Server Based Authentication • Authentication Port — Identifies the authentication port. The authentication port is used to verify the RADIUS server authentication. The authenticated port default is 1812. • Number of Retries — Defines the number of transmitted requests sent to the RADIUS server before a failure occurs.
Page 43 Configuring Device Security Configuring Server Based Authentication Figure 24: RADIUS Configuration Page Define the relevant fields. Click Apply. The RADIUS server settings are modified, and the device is updated. Page 43...
Page 44: Configuring Local Users
Configuring Device Security Configuring Server Based Authentication Configuring Local Users Network administrators can define users, passwords, and access levels for users using the Local Users Page. To configure local users and passwords: Click Mgmt. Security > Local Users. The Local Users Page opens: Figure 25: Local Users Page The Local Users Page displays the list of currently defined local users and contains the following fields: •...
Page 45 Configuring Device Security Configuring Server Based Authentication Figure 26: Add Local User Page In addition to the fields in the Local Users Page, the Add Local User Page contains the following fields • Password — Defines the local user password. Local user passwords can contain up to 159 characters. •...
Page 46: Defining Line Passwords
Configuring Device Security Configuring Server Based Authentication Defining Line Passwords Network administrators can define line passwords in the Line Password Page. The administrator enters the new password in the Password column and then confirms it in the Confirm Password column. After the line password is defined, a management method is assigned to the password.
Page 47: Configuring Network Security
Configuring Device Security Configuring Network Security Configuring Network Security Network security manages locked ports. Port-based authentication provides traditional 802.1x support, as well as, Guest VLANs. Guest VLANs limited network access to authorized ports. If a port is denied network access via port-based authorization, but the Guest VLAN is enabled, the port receives limited network access.
Page 48 Configuring Device Security Configuring Network Security Figure 29: Port Security Page The Port Security Page displays the Zoom View of the selected stacking member’s (defined in the Unit No. field) ports. In the Unit No. field, select the stacking member to display. Select the ports to lock.
Page 49 Configuring Device Security Configuring Network Security Figure 30: Port Security Configuration Page The Port Security Configuration Page contains the following fields: • Interface — Displays the port name. • Action On Violation— Indicates the intruder action defined for the port. Indicates the action to be applied to packets arriving on a locked port.
Page 50: Defining 802.1X Port Access
Configuring Device Security Configuring Network Security Defining 802.1x Port Access The 802.1x Port Access Page allows enabling port access globally, defining the authentication method, and configuration of port roles and settings. To configure 802.1x port access parameters: Click Network Security > 802.1x Port Access. The 802.1x Port Access Page opens: Figure 31: 802.1x Port Access Page The 802.1x Port Access Page contains the following fields: •...
Page 51 Configuring Device Security Configuring Network Security The 802.1x Port Access Page also displays the Zoom View of the selected stacking member’s (defined in the Unit No. field) ports. Select Enable Port Access. Select the Authentication Method. Define the VLAN fields Click Apply.
Page 52 Configuring Device Security Configuring Network Security • Admin Port Control — Indicates the port state. The possible field values are: – Auto —Enables port-based authentication on the device. The interface moves between an authorized or unauthorized state based on the authentication exchange between the device and the client. –...
Page 53: Enabling Storm Control
Configuring Device Security Configuring Network Security Enabling Storm Control Storm control limits the amount of unknown Unicast, Multicast and Broadcast frames accepted and forwarded by the device. When Layer 2 frames are forwarded, Broadcast, and Multicast frames are flooded to all ports on the relevant VLAN.
Page 54 Configuring Device Security Configuring Network Security Figure 34: Storm Control Configuration Page The Storm Control Configuration Page contains the following fields: • Port — Indicates the port from which storm control is enabled. • Enable Broadcast Control — Indicates if forwarding Broadcast packet types is enabled on the port. The field values are: –...
Page 55: Defining Access Control
Configuring Device Security Defining Access Control Defining Access Control Access Control Lists (ACL) allow network managers to define classification actions and rules for specific ingress ports. Your switch supports up to 256 ACLs. Packets entering an ingress port, with an active ACL, are either admitted or denied entry.
Page 56 Configuring Device Security Defining Access Control The MAC Based ACL Page contains the following fields: • ACL Name — Displays the specific MAC based ACLs. • Remove ACL — Deletes the specified ACL. The possible field values are: – Checked — Deletes the ACL when user clicks the Apply button. –...
Page 57 Configuring Device Security Defining Access Control Figure 36: Add MAC Based ACL Page In the ACL Name field, type a name for the ACL. Enable Rule Priority and define the ACL’s relevant fields. Click Apply. The MAC Based ACL configuration is defined and the device is updated. Click Save Config on the menu to save the changes permanently.
Page 58 Configuring Device Security Defining Access Control Figure 37: Add MAC Based ACE Page Define the fields. Click Apply. The MAC Based ACE rule is defined and the device is updated. Click Save Config on the menu to save the changes permanently. To modify the MAC Based ACL configuration: Click Network Security >...
Page 59 Configuring Device Security Defining Access Control Define the fields. Click Apply. The MAC Based ACL configuration is defined, and the device is updated. Click Save Config on the menu to save the changes permanently. Page 59...
Page 60: Defining Ip Based Acl
Configuring Device Security Defining Access Control Defining IP Based ACL The IP Based ACL Page contains information for defining IP Based ACLs, including defining the ACEs defined for IP Based ACLs. Click Network Security > IP Based ACL. The IP Based ACL Page opens. Figure 39: IP Based ACL Page The IP Based ACL Page contains the following fields: •...
Page 61 Configuring Device Security Defining Access Control – TCP — Transmission Control Protocol (TCP). Enables two hosts to communicate and exchange data streams. TCP guarantees packet delivery, and guarantees packets are transmitted and received in the order they are sent. – EGP —...
Page 62 Configuring Device Security Defining Access Control • Destination – IP Address — Matches the destination port IP address to which packets are addressed to the ACE. – Mask — Defines the destination IP address wildcard mask. Wildcard masks specify which bits are used and which bits are ignored.
Page 63 Configuring Device Security Defining Access Control Figure 40: Add IP Based ACL Page In addition to the IP Based ACL Page, the Add IP Based ACL Page contains the following fields: • Match QoS — Enables or disables the ACL classification to identify flows based on QoS values, such as DSCP or IP Precedence.
Page 64 Configuring Device Security Defining Access Control Adding ACE Rules Click Network Security > IP Based ACL. The IP Based ACL Page opens. Click the Add ACE button. The Add IP Based ACE Page page opens. Figure 41: Add IP Based ACE Page Define the fields.
Page 65 Configuring Device Security Defining Access Control Figure 42: IP Based ACL Configuration Page Define the fields. Click Apply. The IP Based ACL configuration is defined, and the device is updated. Click Save Config on the menu to save the changes permanently. Page 65...
Page 66: Defining Acl Binding
Configuring Device Security Defining Access Control Defining ACL Binding When an ACL is bound to an interface, all the ACE rules that have been defined are applied to the selected interface. Whenever an ACL is assigned on an interface, flows from that ingress interface that do not match the ACL are matched to the default rule, which is Drop unmatched packets.
Page 67 Configuring Device Security Defining Access Control Figure 44: ACL Binding Configuration The ACL Binding Configuration contains the following fields: • Interface — Choose the interface to which the ACL is bound. The possible values are: – Port — Port associated with the ACL. –...
Page 68: Configuring Dhcp Snooping
Configuring DHCP Snooping Section 5. Configuring DHCP Snooping DHCP Snooping expands network security by providing an extra layer of security between untrusted interfaces and DHCP servers. By enabling DHCP Snooping network administrators can identify between trusted interfaces connected to end-users or DHCP Servers, and untrusted interface located beyond the network firewall. DHCP Snooping filters untrusted messages.
Page 69 Configuring DHCP Snooping Figure 45: DHCP Snooping General Page The DHCP Snooping General Page contains the following fields: • Enable DHCP Snooping Status — Indicates if DHCP Snooping is enabled on the device. The possible field values are: – Checked — Enables DHCP Snooping on the device. –...
Page 70: Defining Dhcp Snooping On Vlans
Configuring DHCP Snooping • DHCP Option 82 Insertion — DHCP Option 82 attaches authentication messages to the packets sent to DHCP Server via TCP/IP network. The option permits network administrators to limit address allocation to authorized hosts only. This permits network administrators to limit address allocation authorized hosts. The possible field values are: –...
Page 71: Defining Trusted Interfaces
Configuring DHCP Snooping Defining Trusted Interfaces The Trusted Interfaces Page allows network manager to define Trusted interfaces. Trusted interfaces are connected to DHCP servers, switches, or hosts which do not require DHCP packet filtering. Trusted interfaces receive packets only from within the network or the network firewall, and are allowed to respond to DHCP requests.
Page 72 Configuring DHCP Snooping From the global Interface field, define the specific port or trunk. In the table, select an interface and click Modify. The Trusted Configuration page opens. Figure 48: Trusted Configuration Page Edit the following field: • Trusted Status — Indicates whether the interface is a Trusted Interface. –...
Page 73: Binding Addresses To The Dhcp Snooping Database
Configuring DHCP Snooping Binding Addresses to the DHCP Snooping Database The Binding Database Page contains parameters for querying and adding IP addresses to the DHCP Snooping Database. To bind addresses to the DHCP Snooping database: Click DHCP Snooping > Binding Database. The Binding Database Page opens: Figure 49: Binding Database Page Define any of the following fields as a query filter: Query Parameters...
Page 74 Configuring DHCP Snooping Query Results The Query Results table contains the following fields: • MAC Address — Indicates the MAC address found during the query. • VLAN ID — Displays the VLAN ID to which the IP address is attached in the DHCP Snooping Database. •...
Page 75: Configuring Ports
Configuring Ports Setting Ports Configurations Section 6. Configuring Ports Port Configuration includes the following procedures for configuring ports and trunks on the device. • Setting Ports Configurations • Aggregating Ports Setting Ports Configurations This section contains the following topics: • Defining Port Settings •...
Page 76 Configuring Ports Setting Ports Configurations Click Modify. The Port Setting Configuration Page opens: Figure 52: Port Setting Configuration Page The Port Setting Configuration Page contains the following fields: • Port— Lists the names of configured ports. • Description — Provides a user-defined port description. •...
Page 77 Configuring Ports Setting Ports Configurations • Admin Status — Displays the link operational status. The possible field values are: – Up — Indicates that the port is currently operating. – Down — Indicates that the port is currently not operating. •...
Page 78 Configuring Ports Setting Ports Configurations • Admin Advertisement — Defines the auto negotiation setting the port advertises. The possible field values are: – Max Capability — Indicates that all port speeds and duplex mode settings are accepted. – 10 Half — Indicates that the port advertises for a 10 Mbps speed port and half duplex mode setting. –...
Page 79: Configuring Port Mirroring
Configuring Ports Setting Ports Configurations Configuring Port Mirroring Port mirroring monitors and mirrors network traffic by forwarding copies of incoming and outgoing packets from one port to a monitoring port. Port mirroring can be used as a diagnostic tool as well as a debugging feature. Port mirroring also enables device performance monitoring.
Page 80 Configuring Ports Setting Ports Configurations • Status — Indicates if the port is currently monitored. The possible field values are: – Active — Indicates the port is currently monitored. – Ready — Indicates the port is not currently monitored. Click Add. The Add Port Mirroring Page opens: Figure 54: Add Port Mirroring Page The Add Port Mirroring Page contains the following fields: •...
Page 81 Configuring Ports Setting Ports Configurations Define the Type field. Click Apply. The Port mirroring is modified, and the device is updated. Click Save Config on the menu to permanently save the change. Page 81...
Page 82: Aggregating Ports
Configuring Ports Aggregating Ports Aggregating Ports Link Aggregation optimizes port usage by linking a group of ports together to form a single trunk. Aggregating ports multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. The device supports both static trunks and Link Aggregation Control Protocol (LACP) trunks. LACP trunks negotiate aggregating port links with other LACP ports located on a different device.
Page 83 Configuring Ports Aggregating Ports Figure 56: Trunk Settings Page The Trunk Settings Page displays information about the currently defined trunks and contains the following fields: • Trunk — Displays the trunk name. • Description — Displays the user-defined trunk name and/or description. •...
Page 84 Configuring Ports Aggregating Ports – Disable — LACP is disabled on the trunk. • PVE — Enables a port to be a Private VLAN Edge (PVE) port. When a port is defined as PVE, it bypasses the Forwarding Database (FDB), and forwards all Unicast, Multicast and Broadcast traffic to an uplink (except MAC-to-me packets).
Page 85 Configuring Ports Aggregating Ports • Current Status — Indicates whether the trunk is currently operational or non-operational. The possible field values are: – Up — Indicates the trunk is currently operating. – Down — Indicates the trunk is currently not operating. •...
Page 86: Defining Port Trunking
Configuring Ports Aggregating Ports • PVE — Enables a port to be a Private VLAN Edge (PVE) port. When a port is defined as PVE, it bypasses the Forwarding Database (FDB), and forwards all Unicast, Multicast and Broadcast traffic to an uplink (except MAC-to-me packets).
Page 87 Configuring Ports Aggregating Ports Figure 59: Port Trunking Configuration Page In addition to the fields in the The Port Trunking Page, the Port Trunking Configuration Page contains the following additional field: • Unit Number — Displays the stacking member for which the port trunking parameters are defined. •...
Page 88: Configuring Lacp
Configuring Ports Aggregating Ports Configuring LACP Trunk ports can contain different media types if the ports are operating at the same speed. Aggregated links can be set up manually or automatically established by enabling Link Aggregation Control Protocol (LACP) on the relevant links.
Page 89 Configuring Ports Aggregating Ports Figure 61: LACP Configuration Page Define the fields. Click Apply. The LACP settings are saved and the device is updated. Page 89...
Page 90: Configuring Interfaces
Configuring Interfaces Section 7. Configuring Interfaces This section contains information on configuring the interfaces of the device. This section describes the following topics: • Defining MAC Addresses • Configuring VLANs • Defining MAC Based Groups Defining MAC Addresses The MAC Address Page contains parameters for querying information in the Static MAC Address Table and the Dynamic MAC Address Table, in addition to viewing and configuring Unicast addresses.
Page 91 Configuring Interfaces The MAC Address Page contains the following fields: • View Static — Displays the static addresses assigned to the ports on the device. • View Dynamic — Displays the dynamic addresses learned on the ports on the device. •...
Page 92 Configuring Interfaces To delete all MAC addresses: Click Layer 2 > MAC Address. The MAC Address Page opens. Click Delete in the Delete All MAC Addresses section of the MAC Address Page. All addresses are cleared from the Dynamic MAC Address Table and the device begins to learn new addresses as packets arrive on the ports.
Page 93: Configuring Vlans
Configuring Interfaces Configuring VLANs Configuring VLANs This section describes how to create and configure Virtual LANs (VLANs). VLANs are logical subgroups with a Local Area Network (LAN) which combine user stations and network devices into a single unit, regardless of the physical LAN segment to which they are attached. VLANs allow network traffic to flow more efficiently within subgroups.
Page 94: Defining Vlan Properties
Configuring Interfaces Configuring VLANs Defining VLAN Properties The VLAN Page provides information and global parameters for configuring and working with VLANs. To configure a VLAN: Click Layer 2 > VLAN. The VLAN Page opens: Figure 65: VLAN Page The VLAN Page is divided into two sections. The first section contains the following fields: •...
Page 95 Configuring Interfaces Configuring VLANs • Interface Status — Indicates the interface’s membership status in the VLAN. The possible field values are: – Tagged — Indicates the interface is a tagged member of a VLAN. All packets forwarded by the interface are tagged.
Page 96: Defining Vlan Interface Settings
Configuring Interfaces Configuring VLANs Defining VLAN Interface Settings The VLAN Interface Page contains fields for managing ports that are part of a VLAN. To define a VLAN interface: Click Layer 2 > VLAN Interface. The VLAN Interface Page opens: Figure 68: VLAN Interface Page The VLAN Interface Page displays the VLAN interface information for a selected Port/Unit or Trunk: •...
Page 97 Configuring Interfaces Configuring VLANs • PVID — Port Default VLAN ID. Assigns a VLAN ID to untagged packets. The possible values are 1-4094. VLAN 4095 is defined as per standard and industry practice as the Discard VLAN. Packets classified to the Discard VLAN are dropped.
Page 98: Defining Gvrp
Configuring Interfaces Configuring VLANs Defining GVRP The GVRP Page enables users to configure GARP VLAN Registration Protocol (GVRP) on the device. GVRP is specifically provided for automatic distribution of VLAN membership information among VLAN-aware bridges. GVRP allows VLAN-aware bridges to automatically learn VLANs to bridge ports mapping, without having to individually configure each bridge and register VLAN membership.
Page 99 Configuring Interfaces Configuring VLANs • Select the interfaces displayed in the table. – Ports of Unit — Specifies the port and stacking member for which the GVRP settings are displayed. – Trunk — Specifies the trunk for which the GVRP settings are displayed. •...
Page 100: Defining Mac Based Groups
Configuring Interfaces Defining MAC Based Groups Defining MAC Based Groups The MAC Based Groups Page allows network managers to group VLANs based on the VLAN MAC address, and to map protocol groups to VLANs. For these purposes, the page contains two tables: •...
Page 101 Configuring Interfaces Defining MAC Based Groups • Group ID — Defines the protocol group ID to which the interface is added. • VLAN ID — Attaches the interface to a user-defined VLAN ID. VLAN group ports can be attached to a VLAN ID.
Page 102 Configuring Interfaces Defining MAC Based Groups To add a mapped group: Click Layer 2 > MAC Based Groups. The MAC Based Groups Page opens: Below the Mapping Group table, click the Add button. The Add MAC Address Group Mappings Page opens: Figure 75: Add MAC Address Group Mappings Page In addition to the fields in the MAC Based Groups Page, the Add MAC Address Group Mappings Page contains the following additional fields:...
Page 103: Configuring System Logs
Configuring System Logs Section 8. Configuring System Logs This section provides information for managing system logs. System logs enable viewing device events in real time and recording the events for later usage. System Logs record and manage events, and report errors and informational messages.
Page 104 Configuring System Logs Seve rity Le vel De scrip tio n Mess ag e Informational Provides device information. Provides device information. Debug Provides detailed information about Provides detailed information about the the log. If a Debug error occurs, log. If a Debug error occurs, contact contact Customer Tech Support.
Page 105 Configuring System Logs • IP Address — Displays the defined IP address of the syslog server. • Minimum Severity — Indicates the defined minimum severity level. • Description — Provides additional information about the syslog server. Clearing Event Logs To clear all events from the log: Click System >...
Page 106: Viewing Temporary And Flash Logs
Configuring System Logs • Facility — Defines an application from which system logs are sent to the remote server. Only one facility can be assigned to a single server. If a second facility level is assigned, the first facility is overridden. All applications defined for a device utilize the same facility on a server.
Page 107 Configuring System Logs Figure 80: View Flash Log Page The View Flash Log Page and View Temporary Log Page list the following information: • Log Index —The log index number. • Log Time — The date and time that the log was entered. •...
Page 108: Configuring Spanning Tree
Configuring Spanning Tree Configuring Classic Spanning Tree Section 9. Configuring Spanning Tree Spanning Tree Protocol (STP) provides tree topography for any arrangement of bridges. STP also provides a single path between end stations on a network, eliminating loops. Loops occur when alternate routes exist between hosts. Loops in an extended network can cause bridges to forward traffic indefinitely, resulting in increased traffic and reducing network efficiency.
Page 109: Defining Stp Properties
Configuring Spanning Tree Configuring Classic Spanning Tree Defining STP Properties The Spanning Tree Page contains parameters for enabling and configuring STP on the device. To enable STP on the device: Click Layer 2 > Spanning Tree. The Spanning Tree Page opens: Figure 81: Spanning Tree Page The STP General section of the Spanning Tree Page contains the following fields: •...
Page 110 Configuring Spanning Tree Configuring Classic Spanning Tree • Path Cost Default Values — Specifies the method used to assign default path cost to STP ports. The possible field values are: – Short — Specifies 1 through 65,535 range for port path cost. –...
Page 111: Defining Stp Interfaces
Configuring Spanning Tree Configuring Classic Spanning Tree Defining STP Interfaces Network administrators can assign STP settings to a specific interface (port or trunk) using the STP Interface Configuration Page. The Global trunks section displays the STP information for Link Aggregated Groups. To assign STP settings to an interface (port or trunk): Click Layer 2 >...
Page 112 Configuring Spanning Tree Configuring Classic Spanning Tree • Port Fast — Indicates if Fast Link is enabled on the port. If Fast Link mode is enabled for a port, the Port State is automatically placed in the Forwarding state when the port link is up. Fast Link optimizes the STP protocol convergence.
Page 113 Configuring Spanning Tree Configuring Classic Spanning Tree Figure 83: Spanning Tree Configuration Page In addition to the STP Interface Configuration Page, the port-level Spanning Tree Configuration Page contains the following fields: • Default Path Cost — Select if the default path cost of the port is automatically set by the port speed and the default path cost method.
Page 114: Configuring Rapid Spanning Tree
Configuring Spanning Tree Configuring Rapid Spanning Tree Configuring Rapid Spanning Tree While Classic STP prevents Layer 2 forwarding loops in a general network topology, convergence can take between 30-60 seconds. This time may delay detecting possible loops and propagating status topology changes. Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies that allow a faster STP convergence without creating forwarding loops.
Page 115 Configuring Spanning Tree Configuring Rapid Spanning Tree • Mode — Displays the current STP mode. The STP mode is selected in the Spanning Tree Page. The possible field values are: – STP — Classic STP is enabled on the device. –...
Page 116: Configuring Multiple Spanning Tree
Configuring Spanning Tree Configuring Multiple Spanning Tree Configuring Multiple Spanning Tree Multiple Spanning Tree Protocol (MSTP) provides differing load balancing scenarios. For example, while port A is blocked in one STP instance, the same port can be placed in the Forwarding state in another STP instance. This section contains the following topics: •...
Page 117: Defining Mstp Interfaces
Configuring Spanning Tree Configuring Multiple Spanning Tree The MSTP Page contains the following fields: • Region Name — User-defined STP region name. • Revision — An unsigned 16-bit number that identifies the revision of the current MSTP configuration. The revision number is required as part of the MSTP configuration. The possible field range is 0-65535. •...
Page 118 Configuring Spanning Tree Configuring Multiple Spanning Tree The MSTP Interface Settings Page contains the following fields: • Instance ID — Lists the MSTP instances configured on the device. The possible field range is 1-16. • Interface — Displays the specific interface for this page’s MSTP setting. The possible field values are: –...
Page 119 Configuring Spanning Tree Configuring Multiple Spanning Tree Define the fields. Click Apply. MSTP is defined for the selected interface. Click Save Config on the menu, to save changes permanently. To view the MSTP configurations of all interfaces, click Interface Table. The MSTP Interface Table is displayed.
Page 120: Defining Mstp Instance Mappings
Configuring Spanning Tree Configuring Multiple Spanning Tree Defining MSTP Instance Mappings Network administrators can assign MSTP mapping to a specific instance (port or trunk) using the MSTP Instance Mapping Page. To define MSTP interface mapping: Click Layer 2 > MSTP. The MSTP Page opens. Click Configure next to the Configure Instance Mapping option.
Page 121: Defining Mstp Instance Settings
Configuring Spanning Tree Configuring Multiple Spanning Tree Defining MSTP Instance Settings MSTP maps VLANs into STP instances. Packets assigned to various VLANs are transmitted along different paths within Multiple Spanning Tree Regions (MST Regions). Regions are one or more Multiple Spanning Tree bridges by which frames can be transmitted.
Page 122 Configuring Spanning Tree Configuring Multiple Spanning Tree Define the fields. Click Apply. MSTP is defined for the selected instance, and the device is updated. The MSTP Page is displayed. Click Save Config on the menu, to save changes permanently. Page 122...
Page 123: Configuring Multicast Forwarding
Configuring Multicast Forwarding Section 10. Configuring Multicast Forwarding Multicast forwarding allows a single packet to be forwarded to multiple destinations. Layer 2 Multicast service is based on a Layer 2 switch receiving a single packet addressed to a specific multicast address. Multicast forwarding creates copies of the packet, and transmits the packets to the relevant ports.
Page 124: Configuring Igmp Snooping
Configuring Multicast Forwarding Configuring IGMP Snooping When IGMP Snooping is enabled globally, all IGMP packets are forwarded to the CPU. The CPU analyzes the incoming packets and determines: • Which ports want to join which Multicast groups. • Which ports have Multicast routers generating IGMP queries. •...
Page 125 Configuring Multicast Forwarding • IGMP Snooping Status — Indicates if IGMP snooping is enabled on the VLAN. The possible field values are: – Enable — Enables IGMP Snooping on the VLAN. – Disable — Disables IGMP Snooping on the VLAN. •...
Page 126: Defining Multicast Bridging Groups
Configuring Multicast Forwarding Figure 92: IGMP Configuration Page In addition to the IGMP Page, the IGMP Configuration Page contains the following field: • Immediate Leave — Host immediately times out after requesting to leave the IGMP group and not receiving a Join message from another station.
Page 127 Configuring Multicast Forwarding Figure 93: Multicast Group Page The Multicast Group Page contains the following fields: • Enable Bridge Multicast Filtering — Indicates if bridge Multicast filtering is enabled on the device. The possible field values are: – Checked — Enables Multicast filtering on the device. –...
Page 128 Configuring Multicast Forwarding Figure 94: Add Multicast Group Page Select the VLAN ID. Enter the Bridge Multicast MAC Address and the Bridge Multicast IP Address. Click Apply. The new Multicast group is saved and the device is updated. To modify a multicast group: Click Modify.
Page 129: Defining Multicast Forward All Settings
Configuring Multicast Forwarding Defining Multicast Forward All Settings Multicast forwarding enables transmitting packets from either a specific multicast group to a source, or from a non- specific source to a Multicast group. The Bridge Multicast Forward All page contains fields for attaching ports or trunks to a device that is attached to a neighboring Multicast router/switch.
Page 130 Configuring Multicast Forwarding Select interfaces to modify. Click Modify. The Multicast Forward All Configuration Page opens: Figure 97: Multicast Forward All Configuration Page Define the Interface Status field. Click Apply. The Multicast Forward All settings are saved and the device is updated. Page 130...
Page 131: Configuring Snmp
Configuring SNMP Section 11. Configuring SNMP Simple Network Management Protocol (SNMP) provides a method for managing network devices. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performance or detect potential problems.
Page 132: Enabling Snmp
Configuring SNMP Enabling SNMP The SNMP Global Page provides fields for globally enabling and configuring SNMP on the device. To enable SNMP: Click SNMP > Global. The SNMP Global Page opens: Figure 98: SNMP Global Page The SNMP Global Page contains the following fields: •...
Page 133: Defining Snmp Communities
Configuring SNMP Defining SNMP Communities Access rights are managed by defining communities in the SNMP Community Page. When the community names are changed, access rights are also changed. SNMP communities are defined only for SNMP v1 and SNMP v2c. Note The device switch is delivered with no community strings configured.
Page 134 Configuring SNMP • Access Mode — Defines the access rights of the community. The possible field values are: – Read Only — Management access is restricted to read-only, and changes cannot be made to the community. – Read Write — Management access is read-write and changes can be made to the device configuration, but not to the community.
Page 135 Configuring SNMP Figure 101:Community Configuration Page Define the Basic or Advanced configuration of the community. Click Apply. The SNMP community settings are modified, and the device is updated. Page 135...
Page 136: Defining Snmp Groups
Configuring SNMP Defining SNMP Groups The SNMP Group Page provides information for creating SNMP groups, and assigning SNMP access control privileges to SNMP groups. Groups allow network managers to assign access rights to specific device features, or feature aspects. To define an SNMP group: Click SNMP >...
Page 137 Configuring SNMP Click Add. The Add Group Page opens: Figure 103:Add Group Page Define the Group Name, Security Level, Security Model, and Operation. Click Apply. The new SNMP group is saved. To modify an SNMP group: Click SNMP > Groups. The SNMP Group Page opens. Click Modify.
Page 138: Defining Snmp Users
Configuring SNMP Defining SNMP Users The SNMP Users Page enables assigning system users to SNMP groups, as well as defining the user authentication method. To define SNMP group membership: Click SNMP > Users. The SNMP Users Page opens: Figure 105:SNMP Users Page The SNMP Users Page contains the following fields: •...
Page 139 Configuring SNMP • Authentication — Displays the method used to authenticate users. The possible field values are: – MD5 Key — Users are authenticated using the HMAC-MD5 algorithm. – SHA Key — Users are authenticated using the HMAC-SHA-96 authentication level. –...
Page 140 Configuring SNMP • Authentication Key — Defines the HMAC-MD5-96 or HMAC-SHA-96 authentication level. The authentication and privacy keys are entered to define the authentication key. If only authentication is required, 16 bytes are defined. If both privacy and authentication are required, 32 bytes are defined. Each byte in hexadecimal character strings is two hexadecimal digits.
Page 141: Defining Snmp Views
Configuring SNMP Defining SNMP Views The SNMP views provide or block access to device features or portions of features. Feature access is granted via the MIB name or MIB Object ID. To define SNMP views: Click SNMP > Views. The SNMP Views Page opens: Figure 108:SNMP Views Page The SNMP Views Page contains the following fields: •...
Page 142 Configuring SNMP Figure 109:Add SNMP VIew Page Define the View Name field. Select the Subtree ID Tree using one of the following options: – Select from List — Select the Subtree from the list provided. Pressing the Up and Down buttons allows you to change the priority by moving the selected subtree up or down in the list.
Page 143: Defining Notification Recipients
Configuring SNMP Defining Notification Recipients The SNMP Notify Page contains fields for defining SNMP notification recipients. the page contains information for defining filters that determine whether traps are sent to specific users, and the trap type sent. SNMP notification filters provide the following services: •...
Page 144 Configuring SNMP SNMPv1,2c Notification Recipient The SNMP v1, v2c Recipient table contains the following fields: • Recipients IP — Displays the IP address to which the traps are sent. • Notification Type — Displays the type of notification sent. The possible field values are: –...
Page 145 Configuring SNMP Figure 111: Add Notify Page Define the relevant fields. Click Apply. The notification recipient settings are saved and the device is updated. Click Save Config on the menu to save the changes permanently. To modify notification settings: Click SNMP > Notify. The SNMP Notify Page opens. Select an entry from one of the tables and click Modify.
Page 146 Configuring SNMP Figure 112: SNMP Notify Configuration Page Define the fields. Click Apply. The SNMP Notification configuration is modified, and the device is updated. Click Save Config on the menu to save the changes permanently. Page 146...
Page 147: Defining Notification Filters
Configuring SNMP Defining Notification Filters The SNMP Notification Filter Page permits filtering traps based on OIDs. Each OID is linked to a device feature or a portion of a feature. The SNMP Notification Filter Page also allows network managers to filter notifications. To configure SNMP notification filters: Click SNMP >...
Page 148 Configuring SNMP To add an SNMP notification filter: Click the Add button. The Add SNMP Notification Filter Page opens: Figure 114: Add SNMP Notification Filter Page The Add SNMP Notification Filter Page contains the following fields: • Filter Name — Contains a list of user-defined notification filters. •...
Page 149: Configuring Power Over Ethernet
Configuring Power Over Ethernet Section 12. Configuring Power Over Ethernet This section describes configuring Power over Ethernet (PoE) for an AT-S95 device. PoE only applies to the AT- S95/24POE and AT-S95/48POE device. Power-over-Ethernet (PoE) provides power to devices over existing LAN cabling, without updating or modifying the network infrastructure.
Page 150 Configuring Power Over Ethernet Figure 115: Power Over Ethernet Page The Power Over Ethernet Page contains the following fields: Global PoE Configuration • Power Threshold — Indicates the percentage of power consumed before an alarm is generated. The value range is 1-99 percent; the default value is 95 percent. If maximum power available is 375 W, and the power threshold is 95%, the threshold is exceeded when the PoE devices require more than 356.25 W.
Page 151: Defining Power Over Ethernet Configuration
Configuring Power Over Ethernet Defining Power Over Ethernet Configuration To modify PoE port settings: In the Power Over Ethernet Page Zoom View, click the port(s) to modify. The port indication changes to Port is selected. Click Modify. The Power Over Ethernet Configuration Page opens: Figure 116: Power Over Ethernet Configuration Page The Power Over Ethernet Configuration Page displays the currently configured PoE ports and contains the following information:...
Page 152 Configuring Power Over Ethernet – Fault — Indicates one of the following: – The powered device test has failed. For example, a port could not be enabled and cannot be used to deliver power to the powered device. – The device has detected a fault on the powered device. For example, the powered device memory could not be read.
Page 153: Configuring Services
Configuring Services Section 13. Configuring Services This section describes Quality of Service related configurations. QoS supports activating one of the following Trust settings: • VLAN Priority Tag • DiffServ Code Point • None Only packets that have a Forward action are assigned to the output queue, based on the specified classification. By properly configuring the output queues, the following basic mode services can be set: •...
Page 154: Enabling Class Of Service (Cos)
Configuring Services Enabling Class of Service (CoS) The CoS Page enables configuring the CoS ports or trunks on the device. To configure CoS ports or trunks on the device: Click Services > CoS. The CoS Page opens: Figure 117: CoS Page As a default the CoS Page opens displaying the port options.
Page 155 Configuring Services • Select the interfaces displayed in the table. – Ports of Unit — Specifies the port and stacking member for which the CoS configuration is displayed. – Trunk — Specifies the trunk for which the CoS configuration is displayed. •...
Page 156: Configuring Cos Queueing And Scheduling
Configuring Services Configuring CoS Queueing and Scheduling The CoS Queuing & Scheduling Page provides fields for configuring CoS Priority to Egress Queues and for defining Egress Weights. The queue settings are set system-wide. To define schedule and queue settings for Quality of Service: Click Services >...
Page 157: Mapping Cos Values To Queues
Configuring Services Mapping CoS Values to Queues The Configure CoS Page contains fields for classifying CoS settings to traffic queues. To set CoS to queue: Click Services > Queuing & Scheduling. The CoS Queuing & Scheduling Page opens: In the Configure Priority to Egress Queues section, select Configure CoS. Click Configure.
Page 158: Mapping Dscp Values To Queues
Configuring Services Mapping DSCP Values to Queues The Configure DSCP Page contains fields for classifying DSCP settings to traffic queues. For example, a packet with a DSCP tag value of 3 can be assigned to queue 2. To set DSCP to queues: Click Services >...
Page 159: Configuring Qos Bandwidth
Configuring Services The Configure DSCP Page contains the following fields: • Restore Defaults — Restores the device factory defaults for mapping DSCP values to a forwarding queue. • DSCP In — Displays the incoming packet’s DSCP value. • Queue — Defines the traffic forwarding queue to which the DSCP priority is mapped. Four traffic priority queues are supported.
Page 160 Configuring Services As a default the Bandwidth Page opens displaying the port options. The fields are identical when displaying the trunk CoS. The Bandwidth Page contains the following fields: • Select the interfaces displayed in the table. – Ports of Unit — Specifies the port and stacking member for which the bandwidth settings are displayed. –...
Page 161: System Utilities
System Utilities Section 14. System Utilities The configuration file structure involves the following configuration files: • Startup Configuration File — Contains the commands required to reconfigure the device to the same settings as when the device is powered down or rebooted. The Startup file is created by copying the configuration commands from the Running Configuration file or the Backup Configuration file.
Page 162: Restoring The Default Configuration
System Utilities Restoring the Default Configuration in the System Utilities Page, the Reset to Factory Defaults function restores the Configuration file to factory defaults during device reset. When this option is not selected, the device maintains the current Configuration file. To restore the default system configuration: Click Utilities >...
Page 163: Defining Tftp File Uploads And Downloads
System Utilities Select the After Reset image file. Click Apply (below the table). The factory defaults are restored, and the device is updated. The device reboots. Defining TFTP File Uploads and Downloads The File System Page contains parameters for system uploads and downloads and for copying firmware and configuration files.
Page 164 System Utilities If the TFTP Operation is Configuration, the possible values are: – Running Configuration — Contains the configuration currently valid on the device. – Starting Configuration — Contains the configuration which will be valid following system startup or reboot. Note The configuration file is copied only to the Master Unit, since this unit controls the entire stack.
Page 165: Viewing Integrated Cable Tests
System Utilities Viewing Integrated Cable Tests The Cable Test Page contains fields for performing tests on copper cables. Cable testing provides diagnostic information about where errors occurred in the cable, the last time a cable test was performed, and the type of cable error that occurred.
Page 166 System Utilities • Cable Length — Indicates the approximate cable length. This test can only be performed when the port is up and operating at 1 Gbps. Select the Unit Number, and the Port. Click Test. The cable test is performed. Click Advanced.
Page 167: Viewing Optical Transceivers
System Utilities Viewing Optical Transceivers The Optical Transceivers Page allows network managers to perform tests on Fiber Optic cables. Optical transceiver diagnostics can be performed only when the link is present. To view transceiver diagnostics: Click Utilities > Optical Transceivers. The Optical Transceivers Page opens: Figure 128:Optical Transceivers Page The Optical Transceivers Page contains the following fields: •...
Page 168: Resetting The Device
System Utilities Resetting the Device The Reset page enables the user to reset the system. Save all changes to the Running Configuration file before resetting the device. This prevents the current device configuration from being lost. To reset the device: Click Utilities >...
Page 169: Viewing Statistics
Viewing Statistics Viewing Device Statistics Section 15. Viewing Statistics The device provides statistics for RMON, interfaces, and Etherlike. This section contains the following topics: • Viewing Device Statistics • Managing RMON Statistics Viewing Device Statistics This section contains the following topics: •...
Page 170 Viewing Statistics Viewing Device Statistics The Interface Statistics Page contains the following fields: • Select the interfaces displayed in the table. – Unit No. — Indicates the stacking member for which the interface statistics are displayed. – Port — Specifies the port for which the interface statistics are displayed. –...
Page 171: Viewing Etherlike Statistics
Viewing Statistics Viewing Device Statistics Viewing Etherlike Statistics The Etherlike Statistics Page displays interface statistics. To view Etherlike statistics: Click Statistics > Etherlike. The Etherlike Statistics Page page opens: Figure 131:Etherlike Statistics Page The Etherlike Statistics Page contains the following fields: •...
Page 172 Viewing Statistics Viewing Device Statistics • Excessive Collisions — Displays the number of excessive collisions received on the selected interface. • Oversize Packets — Displays the number of oversized packet errors on the selected interface. • Internal MAC Receive Errors — Displays the number of internal MAC received errors on the selected interface.
Page 173: Managing Rmon Statistics
Viewing Statistics Managing RMON Statistics Managing RMON Statistics This section contains the following topics: • Viewing RMON Statistics • Configuring RMON History • Configuring RMON Events • Defining RMON Alarms Viewing RMON Statistics The RMON Statistics Page contains fields for viewing information about device utilization and errors that occurred on the device.
Page 174 Viewing Statistics Managing RMON Statistics • Refresh Rate — Defines the frequency of the RMON statistics updates. The possible field values are: – No Refresh — Indicates that the RMON statistics are not refreshed. – 15 Sec — Indicates that the RMON statistics are refreshed every 15 seconds. –...
Page 175: Configuring Rmon History
Viewing Statistics Managing RMON Statistics Configuring RMON History The RMON History Page contains information about samples of data taken from ports. For example, the samples may include interface definitions or polling periods. To view RMON history information: Click Statistics > RMON History. The RMON History Page opens: Figure 133:RMON History Page The RMON History Page contains the following fields: •...
Page 176 Viewing Statistics Managing RMON Statistics Click Add. The Add RMON History Page opens: Figure 134:Add RMON History Page In addition to the RMON History Page, the Add RMON History Page contains the following fields: • Max No. of Samples to Keep — Defines the maximum number of samples that the device saves. The field range is 1-65535.
Page 177: Viewing The Rmon History Table
Viewing Statistics Managing RMON Statistics Viewing the RMON History Table The RMON History Table Page contains interface specific statistical network samplings. Each table entry represents all counter values compiled during a single sample. To view the RMON History Table: Click Statistics > RMON History. The RMON History Page opens. Click View.
Page 178 Viewing Statistics Managing RMON Statistics • CRC Align Errors — Displays the number of CRC and Align errors that have occurred on the interface since the device was last refreshed. • Undersize Packets — Displays the number of undersized packets (less than 64 octets) received on the interface since the device was last refreshed.
Page 179: Configuring Rmon Events
Viewing Statistics Managing RMON Statistics Configuring RMON Events The RMON Events Page contains fields for defining, modifying and viewing RMON events statistics. To add an RMON event: Click Statistics > RMON Events. The RMON Events Page opens: Figure 137:RMON Events Page The RMON Events Page contains the following fields: •...
Page 180 Viewing Statistics Managing RMON Statistics Figure 138:Add RMON Events Page Define the Community, Description, Type and Owner fields. Click Apply. The event entry is added and the device is updated. To modify the RMON Event entry settings: Click Statistics > RMON Events. The RMON Events Page opens. Click Modify.
Page 181: Viewing The Rmon Events Logs
Viewing Statistics Managing RMON Statistics Viewing the RMON Events Logs The RMON Events Logs Page contains interface specific statistical network samplings. Each table entry represents all counter values compiled during a single sample. To view the RMON Events Table: Click Statistics > RMON Events. The RMON Events Page opens. Click View.
Page 182: Defining Rmon Alarms
Viewing Statistics Managing RMON Statistics Defining RMON Alarms The RMON Alarm Page contains fields for setting network alarms. Network alarms occur when a network problem, or event, is detected. Rising and falling thresholds generate events. To set RMON alarms: Click Statistics > RMON Alarm. The RMON Alarm Page opens: Figure 141:RMON Alarm Page The RMON Alarm Page contains the following fields: •...
Page 183 Viewing Statistics Managing RMON Statistics • Rising Event — Displays the event that triggers the specific alarm. The possible field values are user- defined RMON events. • Falling Threshold — Displays the falling counter value that triggers the falling threshold alarm. •...
Page 184 Viewing Statistics Managing RMON Statistics Figure 143:Alarm Configuration Page Define the fields. Click Apply. The RMON alarm is saved, and the device is updated. Page 184...
Page 185: Managing Stacking
Managing Stacking Stacking Overview Section 16. Managing Stacking This section describes the stacking control management and includes the following topics: • Stacking Overview • Configuring Stacking Management Stacking Overview Stacking provides multiple switch management through a single point as if all stack members are a single unit. All stack members are accessed through a single IP address through which the stack is managed.
Page 186: Stacking Chain Topology
Managing Stacking Stacking Overview Stacking Chain Topology In a chain topology, there are two units that have only one neighbor. Every unit has an uplink neighbor and a downlink neighbor. The chain topology is less robust than the ring topology. A failure in the chain results in a topology change to the stack.
Page 187: Exchanging Stacking Members
Managing Stacking Stacking Overview Each port in the stack has a specific Unit ID, port type, and port number, which are part of both the configuration commands and the configuration files. Configuration files are managed only from the device Stacking Master, including: •...
Page 188: Configuring Stacking Management
Managing Stacking Configuring Stacking Management Configuring Stacking Management The Stacking Page allows network managers to either reset the entire stack or a specific device. Device configuration changes that are not saved before the device is reset are not saved. If the Stacking Master is reset, the entire stack is reset.
Page 189: Downloading Software With Cli
Before connecting a device, ensure that the device has been installed according to the instructions described in the Allied Telesis AT-S95 Installation Guide. Once installed the device is connected to a terminal through a console port (located on the front panel of 24 port devices and the back panel for the 48 port devices).
Page 190: Initial Configuration
Downloading Software with CLI Initial Configuration Initial Configuration Before a device can download system software, the device must have an initial configuration of IP address and network mask. Before assigning a static IP address to the device, obtain the following information from the network administrator: •...
Page 191: User Name
Boot file — file 2 Standalone Device Software Download To download software an a standalone device perform the following: Power up the device as described in the Allied Telesis AT-S95 Installation Guide. The CLI command prompt is displayed. Console# Page 191...
Page 192 Downloading Software with CLI Downloading Software Enter the copy command to download the boot file. Console# copy tftp://172.16.101.101/file2.rfb boot Accessing file 'file2' on 172.16.101.101... Loading file1 from 172.16.101.101: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 09-Jul-2006 03:15:21 %COPY-W-TRAP: The copy operation was completed successfully Copy: 3329361 bytes copied in 00:03:00 [hh:mm:ss] Enter the “bootvar”...
Page 193 Downloading Software with CLI Downloading Software Enter the “copy” command to download the system file. Console# copy tftp://172.16.101.101/file1.ros image Accessing file 'file1' on 172.16.101.101... Loading file1 from 172.16.101.101: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 09-Jul-2006 03:22:27 %COPY-W-TRAP: The copy operation was completed successfully Copy: 6720861 bytes copied in 00:05:00 [hh:mm:ss] Reboot the device.
Page 194: Stacking Member Software Download
1. The software is then copied from the Stacking Master to a specified Stacking Member. Downloading Software to a Stacking Member To download software an Stacking Member number 3 perform the following: Power up the stack as described in the Allied Telesis AT-S95 Installation Guide. The CLI command prompt is displayed. Console# Enter the “copy”...
Page 195 Downloading Software with CLI Downloading Software Enter the “copy” command to download the system file. Console# copy tftp://172.16.101.101/file1.ros unit://3/image Accessing file 'file1' on 172.16.101.101... Loading file1 from 172.16.101.101: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 09-Jul-2006 03:22:27 %COPY-W-TRAP: The copy operation was completed successfully Copy: 6720861 bytes copied in 00:05:00 [hh:mm:ss] Reboot the devices being updated.
Page 196: System Defaults
System Defaults Appendix B. System Defaults This section contains the system defaults, and includes the following topics: • RS-232 Port Settings • Port Defaults • Configuration Defaults • Security Defaults • Jumbo Frame Defaults • System Time Defaults • Spanning Tree Defaults •...
Page 197: Rs-232 Port Settings
System Defaults RS-232 Port Settings RS-232 Port Settings The following table contains the RS-232 port setting defaults: Data Bits Stop Bits None Parity None Flow Control 115,200 Baud Rate Port Defaults The following are the port defaults: Enabled Auto Negotiation Enabled Auto Negotiation advertised...
Page 198: Configuration Defaults
System Defaults Configuration Defaults Configuration Defaults The following are the initial device configuration defaults: manager Default User Name friend Default Password None System Name None Comments Enabled BootP Disabled DHCP Security Defaults The following are the system security defaults: Disabled Locked Ports Disabled 802.1X Port Based...
Page 199: Spanning Tree Defaults
System Defaults Spanning Tree Defaults Spanning Tree Defaults The following are the spanning tree defaults: Enabled Disabled STP Port Enabled Rapid STP Disabled Multiple STP Disabled Fast Link Long Path Cost Address Table Defaults The following the Address Table defaults: 8,000 Number of MAC Entries...
Page 200: Trunking Defaults
System Defaults Trunking Defaults Trunking Defaults The following are the trunking defaults: Possible Trunks Possible Ports per Trunk LACP Ports/Trunk Multicast Defaults The following are the Multicast defaults: Disable IGMP Snooping Maximum Multicast Groups QoS Defaults The following are the QoS defaults: Disable QoS Mode Queue...
Page 201 Index Index Symbols 802.1x port access 51 Daylight Saving Time (DST) configuration broadcast time 22 DST per country 23 parameters 22 Absolute 186 Debug 108 Access level 45 Default gateway 19 access profiles 27 Delta 186 rules 31 device management ACE 57 methods 27 ACL 57...
Page 202 Index GARP VLAN Registration Protocol (GVRP) 102 Notice 107 Guest VLAN 51 Notifications 136 GVRP 103 configuration 102 Object ID 145 Offset 21 Host 105 Option 82 70 HTTP 29 Path cost 125 IGMPv1 and 2 128 PoE configuration IGMPv3 128 enabling 153 Informational 108 port based authentication 48...
Page 203 Index Threshold 153 Time Domain Reflectometry (TDR) 169 Samples 179 Trunks 89 Scheduling 160 Trust mode 158 Secure HTTP 29 Trusted Interface 73 Secure Telnet 29, 37 security 802.1x port access 51 server based authentication methods 39 UDP port 109 servers configuration Untrusted Interface 73 RADIUS 42...

Allied Telesis AT-S94 User Manual

Preface

Getting Started

Defining System Information

Configuring System Time

Configuring Device Security

Configuring DHCP Snooping

Configuring Ports

Configuring Interfaces

Configuring System Logs

Configuring Spanning Tree

Configuring Multicast Forwarding

Configuring SNMP

Configuring Power over Ethernet

Configuring Services

System Utilities

Viewing Statistics

Managing Stacking

Downloading Software with CLI

System Defaults

Quick Links

Related Manuals for Allied Telesis AT-S94

Summary of Contents for Allied Telesis AT-S94

Table of Contents