Page 1: User Manual
AMS Series Gigabit Managed Switches AMS-10T2SFP AMS-26T6SFP AMS-48T4SFP AMS-24T4S4SP AMS-48T4S4SP AMS-4T24S4SP User Manual Version: 1.0.1 Oct 2012...
Page 2: Table Of Contents
AMS User Manual About this Guide ____________________________________________________________ 6 Compliances and Safety Statements ____________________________________________ 7 Introduction _____________________________________________________________ 11 Overview ____________________________________________________________________ 11 1. Operation of the Web-based Management ___________________________________ 12 1.1 System ________________________________________________________________ 14 1.1.1 System Information ________________________________________________________ 14 1.1.1-1 Information ___________________________________________________________________ 14 1.1.1-2 Configuration _________________________________________________________________ 16 1.1.1-3 CPU Load _____________________________________________________________________ 17 1.1.2 Time _____________________________________________________________________ 18...
Page 3 AMS User Manual 1.2.1-4 Detailed Statistics ______________________________________________________________ 53 1.2.1-5 QoS Statistics _________________________________________________________________ 55 1.2.1-6 SFP Information _______________________________________________________________ 56 1.2.1-7 EEE __________________________________________________________________________ 58 1.2.2 ACL ______________________________________________________________________ 60 1.2.2-1 Ports ________________________________________________________________________ 60 1.2.2-2 Rate Limiters __________________________________________________________________ 63 1.2.2-3 Access Control List _____________________________________________________________ 65 1.2.2-4 ACL Status ____________________________________________________________________ 75 1.2.3 Aggregation _______________________________________________________________ 77 1.2.3-1 Static Trunk ___________________________________________________________________ 77...
Page 4 AMS User Manual 1.2.8-1 LLDP Configuration ____________________________________________________________ 135 1.2.8-2 LLDP Neighbours ______________________________________________________________ 138 1.2.8-3 LLDP-MED Configuration _______________________________________________________ 140 1.2.8-4 LLDP-MED Neighbours _________________________________________________________ 147 1.2.8-5 EEE _________________________________________________________________________ 152 1.2.8-6 Port Statistics ________________________________________________________________ 154 1.2.9 Filtering Data Base ________________________________________________________ 156 1.2.9-1 Configuration ________________________________________________________________ 156 1.2.9-2 Dynamic MAC Table ___________________________________________________________ 158 1.2.10 VLAN __________________________________________________________________ 159 1.2.10-1 VLAN Membership ___________________________________________________________ 159...
Page 5 AMS User Manual 1.2.14-11 QCL Status _________________________________________________________________ 217 1.2.14-12 Storm Control ______________________________________________________________ 219 1.2.15 s-Flow Agent ____________________________________________________________ 221 1.2.15-1 Collector ___________________________________________________________________ 221 1.2.15-2 Sampler ____________________________________________________________________ 223 1.2.16 Loop Protection _________________________________________________________ 225 1.2.16-1 Configuration _______________________________________________________________ 225 1.2.16-2 Status _____________________________________________________________________ 227 1.2.17 Single IP ________________________________________________________________ 228 1.2.17-1 Configuration _______________________________________________________________ 228 1.2.17-2 Information _________________________________________________________________ 230 1.2.18 Easy Port _______________________________________________________________ 232...
Page 6 AMS User Manual 1.3.6-3 RADIUS Details _______________________________________________________________ 283 1.3.7 Port Security _____________________________________________________________ 289 1.3.7-1 Limit Control _________________________________________________________________ 289 1.3.7-2 Switch Status _________________________________________________________________ 292 1.3.7-3 Port Status __________________________________________________________________ 294 1.3.8 Access Management ______________________________________________________ 296 1.3.8-1 Configuration ________________________________________________________________ 296 1.3.8-2 Statistics ____________________________________________________________________ 298 1.3.9 SSH _____________________________________________________________________ 300 1.3.10 HTTPS _________________________________________________________________ 301 1.3.11 Auth Method ___________________________________________________________ 303...
Page 7: About This Guide
Internet Protocol (IP), and Simple Network Management Protocol (SNMP). Warranty The AMS series comes with a standard 3 year warranty. For full Alloy warranty terms and conditions please follow the link below: http://www.alloy.com.au/Warranty...
Page 8: Compliances And Safety Statements
AMS User Manual Compliances and Safety Statements Federal Communications Commission (FCC) Statement This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
Page 9 AMS User Manual - Radio-frequency electromagnetic field according to IEC 61000-4- 3:2006+A1:2007+A2:2010 - Electrical fast transient/burst according to IEC 61000-4-4:2010 - Surge immunity test according to IEC 61000-4-5:2005 - Immunity to conducted disturbances, Induced by radio-frequency Fields: IEC 61000-4-6:2008 - Power frequency magnetic field immunity test according to IEC 61000-4-8:2009 - Voltage dips, short interruptions and voltage variations immunity test According to IEC 61000-4-11:2004...
Page 10 AMS User Manual SAFETY PRECAUTIONS Read the following information carefully before operating the device. Please follow the following precaution items to protect the device from risks and damage caused by fire and electric power:  Use the power adapter that is included with the device package. ...
Page 11 AMS User Manual Fig. Additional arrester installed between outdoor device and this switch NOTE: The switch is indoor device; if it will be used in outdoor environment or connects with some outdoor device, then it must use a lightning arrester to protect the switch WARNING: ...
Page 12: Introduction
In this user’s manual, we will explain how to configure and monitor the AMS Series switches through the Web Management Interface. The AMS Series, the next generation Web managed switches from Alloy, are a portfolio of affordable managed switches that provides a reliable infrastructure for your business network. These switches...
Page 13: Operation Of The Web-Based Management
AMS User Manual 1. Operation of the Web-based Management This chapter instructs you on how to configure and manage the AMS Series switches through the web user interface. With this facility, you can easily access and monitor the switch through any of the Ethernet ports and view the status of the switch, including MIBs status, each port activity, Spanning tree status, port aggregation status, multicast traffic, VLAN and priority status, even illegal access record and so on.
Page 14 AMS User Manual Fig. 1 The login page...
Page 15: System
AMS User Manual 1.1 System This chapter describes the basic configuration tasks required to configure the system information on the AMS Series switches. The System Information page is the default page and will be the first page you see when you log into the switches web interface. 1.1.1 System Information The System Information page shows you the following: Model Name, System Description, Location, Contact, Device Name, System Date, System Uptime, BIOS Version, Firmware Version, Hardware-...
Page 16 AMS User Manual Parameter Description Model Name: The model name of this device. System Description: A brief description of this device. Location: A user-defined value describing the location of the switch. Contact: A user-defined value, normally the system/network administrator details will be entered here.
Page 17: Configuration
AMS User Manual Maximum Frame Size: Displays the switches maximum supported frame size. 1.1.1-2 Configuration The Contact Information, name and the location of switch and can all be configured here. Web Interface To configure the contact information via the web interface: Click System, System Information and Configuration.
Page 18: Cpu Load
AMS User Manual System Location: The physical location of the switch (e.g., telephone closet, 3rd floor). The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 32 to 126. 1.1.1-3 CPU Load This page displays the CPU load, using an SVG graph. The load is measured as averaged over the last 100ms, 1sec and 10 seconds intervals.
Page 19: Time
AMS User Manual 1.1.2 Time The page is used to configure the time setting on the switch. Time can be set manually or via a NTP server. By default NTP is used and is set to au.pool.ntp.org. 1.1.2-1 Manual The time for the switch can set manually or via a NTP Server. When setting manually simply enter the date and time into the paces provided.
Page 20 AMS User Manual Parameter Description Clock Source: Select what clock source the switch will use for its time configuration. Use Local Settings allows you to manually set the time, or use NTP Server to allow the switch to sync it’s time with an external NTP time server. Local Time: Displays the current time when using NTP Server, or is used to set the time when using Local Settings.
Page 21: Ntp
AMS User Manual 1.1.2-2 NTP NTP (Network Time Protocol) is a protocol used to sync devices on the network with a time server. Web Interface To configure the NTP Settings via the Web Interface: 1. Click System, Time and NTP. 2.
Page 22: Account
AMS User Manual 1.1.3 Account The Accounts function is used by the administrator to create, modify and delete users. The administrator can modify any guest user’s settings including the privilege level and the guest user password. The guest user only has rights to modify their own password. Only one administrator account can be configured and up to four Guest accounts can be created.
Page 23 AMS User Manual Fig. 8 Adding a New User Parameter Description User Name: The name identifying the user, enter the username that you want to create. Password: Enter the required password. The password length can be between 0 and 255 characters. Password (again): Re-enter the password from the password field.
Page 24: Privilege Level
AMS User Manual 1.1.3-2 Privilege Level This page provides the administrator a way to give users access to the management interface of the switch. Privilege levels can be set for a variety of different switch functions. Each function is assigned to a group and a privilege level from 1 through to 15 can be assigned to each group.
Page 25: Ipv4
AMS User Manual 1.1.4 IP IP is an acronym for Internet Protocol. It is a protocol used for communicating data across an internet network. IP is a "best effort" system, which means that no packet of information sent over is assured to reach its destination in the same condition it was sent.
Page 26 AMS User Manual Fig. 10 IPv4 Address Configuration Parameter Description DHCP Client: Enable the DHCP Client by checking the tick box. When selected, the switch will obtain an IP Address from your DHCP Server. If the switch does not receive an IP Address the Default IP Address will be used. Renew: Click the Renew button to renew the DHCP lease from the DHCP Server.
Page 27: Ipv6
AMS User Manual 1.1.4-2 IPv6 The AMS Series switches support both dynamically assigned and statically configured IP Addresses. If you are running a DHCP server on your network the switch can obtain an IP Address from the DHCP if DHCP Client is enabled. If not the switches IP settings must be configured manually. Please change the IP Address of the switch to suit your networks requirements.
Page 28 AMS User Manual Prefix: Enter the IPv6 Prefix of this switch. The allowed range is 1 to 128. Gateway: Enter the required IPv6 Gateway Address.
Page 29: Syslog
AMS User Manual 1.1.5 Syslog The AMS Series Switches support offloading system messages to a Syslog Server. A Syslog is a standard for logging program messages. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. It is supported by a wide variety of devices and receivers across multiple platforms.
Page 30: Log
AMS User Manual Syslog Level: Indicates what messages will be sent to the Syslog server. 1.1.5-2 Log This section display’s the system logging locally on the switch. Web Interface To view the System Logs via the Web Interface: 1. Click System, Syslog and Logs. Fig.
Page 31: Detailed Log
AMS User Manual 1.1.5-3 Detailed Log This section is used to display events ID’s in more detail. Web Interface To view the Detailed System Logs via the Web Interface: 1. Click System, Syslog and Detailed Logs. 2. Enter the Event ID into the ID filed to display the event in more detail. Fig.
Page 32: Snmp
AMS User Manual 1.1.6 SNMP The AMS Series Switches support SNMP and can be managed by any Network Management System (NMS). SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent and traverses the Object Identity (OID) of the management Information Base (MIB), described in the form of SMI syntax.
Page 33: Configuration
AMS User Manual 1.1.6-2 Configuration This section is used to configure the GET and SET community names. In this section you can also enable or disable the SET community. By doing this the NMS server will not be able to write configuration parameters to the switch.
Page 34: Communities
AMS User Manual 1.1.6-3 Communities This section is used to configure additional communities. These communities can be used to secure the SNMP information by allowing only certain users and IP Addresses to be able to access a specific community. The maximum number of communities that can be created is four. Web Interface To configure communities via the Web Interface: 1.
Page 35 AMS User Manual Fig. 17 SNMP Add New Community window Parameter Description Delete: Select the delete button next to the community you would like to delete. Community: Enter a valid community name. Valid length is from 1 to 32. The community string will be treated as a security name and map a SNMPc1 or SNMPv2c community string.
Page 36: Users
AMS User Manual 1.1.6-4 Users SNMPv3 brings some important and much needed authentication and encryption options to the SNMP protocol. This section is used to configure SNMPv3 users. Web Interface To configure SNMP Users via the Web Interface: 1. Click System, SNMP and Users. 2.
Page 37 AMS User Manual Fig. 19 adding a new SNMPv3 User Parameter Description Delete: Select the delete button next to the community you would like to delete. Username: Enter a username to identify the user. Allowed length is 1 to 32 characters. Security Level: Indicates the security model set for the user.
Page 38 AMS User Manual DES: Select to use the DES encryption method once the Privacy Protocol has been set for a user it cannot be changed. If you need to modify the Privacy Protocol you will need to delete and re- create the user.
Page 39: Groups
AMS User Manual 1.1.6-5 Groups This section is used to configure SNMPv3 groups. Web Interface To configure SNMP Groups via the Web Interface: 1. Click System, SNMP and Groups. 2. Click on Add New Group to configure a new Group. Enter the required group details. 3.
Page 40 AMS User Manual Fig. 13 Add a new SNMPv3 Group Parameter Description Delete: Select the delete button next to the group you would like to delete. Security Model: Select the required security model that the group will belong to. Options are: v1: Reserved for SNMPv1 and will be available once a SNMPv1 community has been created in the communities section.
Page 41: Views
AMS User Manual 1.1.6-6 Views This section is used to configure SNMPv3 views. Web Interface To configure SNMP Views via the Web Interface: 1. Click System, SNMP and Views. 2. Click on Add New View to configure a new View. Enter the required view details. 3.
Page 42 AMS User Manual Fig. 15 Add a new SNMPv3 View Parameter Description Delete: Select the delete button next to the view you would like to delete. View Name: Enter a view name to identify the view you are creating. Allowed length of 1 to 32 characters.
Page 43: Access
AMS User Manual 1.1.6-7 Access This section is used to configure SNMPv3 access lists. Web Interface To configure SNMP Access lists via the Web Interface: 1. Click System, SNMP and Access. 2. Click Add new Access. 3. Specify the SNMP Access parameters. 4.
Page 44 AMS User Manual Fig. 17 Add a new SNMPv3 Access Rule Parameter Description Delete: Select the delete button next to the Access Rule you would like to delete. Group Name: Select the Group name from the drop down box. Please ensure you have created a group from the Group section.
Page 45: Trap
AMS User Manual The name of the MIB view defining the MIB objects for which this Write View Name: request may potentially set new values. The allowed string length is 1 to 32. 1.1.6-8 Trap This section is used to create SNMP traps. Web Interface To configure SNMP Traps via the Web Interface: 1.
Page 46 AMS User Manual Fig. 19 Add a new SNMP Trap Parameter Description Trap Version: Select the required Trap Version SNMP v1, v2c or v3 trap. Server IP: Enter the IP Address of the server that will receive the SNMP Traps. UDP Port: Enter the UDP port used for sending the SNMP Traps, default is 162.
Page 47 AMS User Manual Privacy Password: The password used for both the DES Privacy Protocol. The allowed password length is 8 to 32 characters.
Page 48: Configuration
AMS User Manual 1.2 Configuration This chapter describes the network configuration options available in the AMS Series of switches. All Layer 2 features such as VLAN’s, Port Trunking, IGMP, ACL’s and QoS can be configured in this section. 1.2.1 Port The Port section is used to configure specific port parameters and view statistics related to individual ports.
Page 49 AMS User Manual Parameter Description Port: The logical port number for the switch. Link: The current link state of the port is shown. Green indicates link is active, Red indicates the link is down. Speed-Current: Displays the current port link speed. Speed-Configured: Here you can force the speed of a port.
Page 50 AMS User Manual ActiPHY: Link down power savings enabled. Power saving occurs if no active link. PerfectReach: Link up power savings enabled. Reduced power used by the port depending on the length of the cable. Enabled: Both Link up and Link Down power saving mechanisms enabled. NOTE: At the top of the column there is an *.
Page 51: Port Description
AMS User Manual 1.2.1-2 Port Description Use this section to help identify what devices are connected to each port of your switch. Each Port can have a description assigned to it. Web Interface To add a description to the ports of the switch via the Web Interface: 1.
Page 52: Traffic Overview
AMS User Manual 1.2.1-3 Traffic Overview Use this section to view basic traffic statistics for each of the switch ports. Web Interface To view the port statistics via the Web Interface: 1. Click Configuration, Port and Traffic Overview. 2. Click on an individual port number to show the detailed statistics for that port. 3.
Page 53 AMS User Manual Filtered: The number of filtered frames received by the switch. Auto-Refresh: To enable auto-refreshing of the statistics on the screen, tick this tick box. Refresh: Used to manually refresh the statistics. Clear: Used to clear the current statistical data.
Page 54: Detailed Statistics
AMS User Manual 1.2.1-4 Detailed Statistics This sections displays in depth details of the traffic being transmitted and received by the switch. If you are having problems on your network, this page can be useful for diagnosing packet errors being received or transmitted by the switch.
Page 55 AMS User Manual Clear: Used to clear the current statistical data. Receive Total: The total number of received Rx traffic including good and bad packets. Types of traffic displayed are Rx Packets, Rx Octets, Rx Unicast, Rx Multicast, Rx Broadcast and Rx Pause packets. Transmit Total: The total number of transmitted Tx traffic including good and bad packets.
Page 56: Qos Statistics
AMS User Manual 1.2.1-5 QoS Statistics This section displays the QoS Queuing details for each of the ports. By clicking on an individual port detailed statistic can be shown. Web Interface To view the detailed QoS statistics via the Web Interface: 1.
Page 57: Sfp Information
AMS User Manual 1.2.1-6 SFP Information This section displays the detailed information regarding the SFP module(s) installed in the switch. Web Interface To view the detailed SFP Information via the Web Interface: 1. Click Configuration, Port and SFP Information. 2. Select the port you want to view. 3.
Page 58 AMS User Manual Vendor Name: Vendor’s name of the SFP Module. Vendor P/N: The part number of the Vendors SFP module. Vendor Revision: The revision number of the Vendors SFP module. Vendor Serial Number: The serial number of the SFP module. Date Code: Date the SFP module was manufactured.
Page 59: Eee
AMS User Manual 1.2.1-7 EEE EEE is a power saving option that reduces the power usage when there is very low traffic utilization (or no traffic). EEE works by powering down circuits when there is no traffic. When a port has data to be transmitted all circuits are powered up.
Page 60 AMS User Manual Fig. 26 EEE Configuration Parameter Description Port: Physical port of the switch. EEE Enabled: Used to enable or disable EEE for each port. EEE Urgent Queues: Queues set will activate transmission of data as soon as it is available. If no queue is set then transmission of data will only occur once 3000 bytes are ready to be transmitted.
Page 61: Acl
AMS User Manual 1.2.2 ACL The AMS Series switches access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering but also for selecting types of traffic to be analyzed, forwarded, or influenced in some way.
Page 62 AMS User Manual Fig. 27 Port ACL Configuration Parameter Description Port: Physical port of the switch. Policy ID: Select the Policy to apply to this port. The allowed vales are 1 through 8. The default value is 1. Action: Select whether forwarding is permitted (Permit) or denied (Deny). The default value is Permit.
Page 63 AMS User Manual Disabled: Frames received on the port are not mirrored. The default value is "Disabled". Logging: Specify the logging operation of this port. The allowed values are: Enabled: Frames received on the port are stored in the System Log. Disabled: Frames received on the port are not logged.
Page 64: Rate Limiters
AMS User Manual 1.2.2-2 Rate Limiters The section describes how to configure the ACL Rate Limiting Parameters. Up to 16 different rate limits can be set and applied to individual ports. Rate Limits can be set in either pps (Packets Per Second) or Kbps (Kilo Bits Per Second).
Page 65 AMS User Manual Unit: Select to limit traffic in units of either pps (Packets Per Second) or Kbps (Kilo Bits Per Second). Reset Button: Used to reset unsaved changes to original configuration. Apply: Used to save the settings configured on this page.
Page 66: Access Control List
AMS User Manual 1.2.2-3 Access Control List The section describes how to configure Access Control List rules. An Access Control List (ACL) is a sequential list of permit or deny conditions that apply to IP addresses, MAC addresses, or other more specific criteria.
Page 67 AMS User Manual Fig. 29 Access Control List Rules Fig. 30 Adding a new Access Control List Rule...
Page 68 AMS User Manual Parameter Description Ingress Port: Indicates the ingress port of the ACE. Possible values are: Any: The ACE will match any ingress port. Policy: The ACE will match ingress ports with a specific policy (Policy must be created in the Ports Section before it will appear in the list). Port: The ACE will match a specific ingress port.
Page 69 AMS User Manual following buttons: Inserts a new ACE before the current row. Edits the ACE row. Moves the ACE up the list. Moves the ACE down the list. Deletes the ACE. The lowest plus sign adds a new entry at the bottom of the ACE listings.
Page 70 AMS User Manual DMAC Filter: The type of destination MAC address. Options: Any, MC - multicast, BC - broadcast, UC - unicast, Specific Default: Any Ethernet – EtherType Filter Parameters EtherType Filter: This option can only be used to filter Ethernet II formatted packets. Options: Any, Specific (600-ffff hex) Default: Any a detailed listing of Ethernet protocol types can be found in RFC1060.
Page 71 AMS User Manual Target IP Filter: Specifies the destination IP address. Any: no target IP filter is specified Host: specifies the target IP address in the Target IP Address field. Network: specifies the target IP address and target IP mask in the Target IP Address and Target IP Mask fields Default: Any ARP SMAC Match:...
Page 72 AMS User Manual 1: ARP/RARP frames where the PRO is equal to IP (0x800) must match this entry. Default: Any IPv4 – MAC Parameters DMAC Filter: The type of destination MAC address. Options: Any, MC - multicast, BC - broadcast, UC - unicast, Specific Default: Any IPv4 –...
Page 73 AMS User Manual TCP FIN: Specifies the TCP "No more data from sender" (FIN) value for this rule. Any: any value is allowed. 0: TCP frames where the FIN field is set must not match this entry. 1: TCP frames where the FIN field is set must match this entry. Default: Any TCP SYN: Specifies the TCP "Synchronize sequence numbers"...
Page 74 AMS User Manual IP Fragment: Specifies the fragment offset settings for this rule. This involves the settings for the More Fragments (MF) bit and the Fragment Offset (FRAG OFFSET) field for an IPv4 frame. Any: any value is allowed. Yes: IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must match this entry.
Page 75 AMS User Manual use ACL-based mirroring, enable the Mirror parameter on the ACE Configuration page. Then open the Mirror Configuration page, set the "Port to mirror on" field to the required destination port, and leave the "Mode" field Disabled. Logging: Enables logging of matching frames to the system log.
Page 76: Acl Status
AMS User Manual 1.2.2-4 ACL Status The section displays the current ACL rules configured on the switch Web Interface To view the ACL Rate rules via the Web Interface: 1. Click Configuration, ACL and ACL Status. 2. If you would like the page to auto-refresh the ACL Information, check the Auto-Refresh tick box at the top of the page, or alternatively hit the refresh button to refresh the page manually.
Page 77 AMS User Manual IPv4: The ACE will match all IPv4 frames. IPv4/ICMP: The ACE will match IPv4 frames with ICMP protocol. IPv4/UDP: The ACE will match IPv4 frames with UDP protocol. IPv4/TCP: The ACE will match IPv4 frames with TCP protocol. IPv4/Other: The ACE will match IPv4 frames, which are not ICMP/UDP/TCP.
Page 78: Aggregation
AMS User Manual 1.2.3 Aggregation The AMS Series switches support two types of link aggregation, Static Trunk and LACP. Static Trunk is a non-protocol based aggregation method where the connections are determined via source and destination MAC Addresses. LACP is an IEEE standardized protocol used to aggregate ports. Because it is an IEEE standard LACP trunking or aggregation can be used across multi-vendor equipment.
Page 79 AMS User Manual Fig. 32 Configuring a static trunk group Parameter Description Source MAC Address: The Source MAC address can be used to calculate the destination port for the frame. Check to enable the use of the Source MAC address, or uncheck to disable.
Page 80 AMS User Manual Port Members: Each switch port is listed for each group ID. Select a radio button to include a port in a trunk group, or select normal to remove the port from a trunk group. By default, no ports belong to any trunk group. Only full duplex ports can join a trunk group and ports must be the same speed in each group.
Page 81: Lacp
AMS User Manual 1.2.3-2 LACP Ports using Link Aggregation Control Protocol (according to IEEE 802.3ad specification) as their trunking method can choose their unique LACP Group ID to form a logical “trunked port”. The benefit of using LACP is that a port makes an agreement with its peer port before it becomes a ready member of a “trunk group”...
Page 82 AMS User Manual Parameter Description Port: Physical port of the switch. LACP Enabled: Used to enable or disable LACP on the desired port. To enable LACP on an individual port check the tick box. Key: The Key is used to determine a specific trunk/aggregation group. The key can be generated automatically by the switch or you can enter a key manually.
Page 83: 3-2-2 System Status
AMS User Manual 1.2.3-2-2 System Status This section displays the current status of the LACP groups. Web Interface To view the LACP status via the Web Interface: 1. Click Configuration, Aggregation, LACP and System Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3.
Page 84: 3-2-3 Port Status
AMS User Manual 1.2.3-2-3 Port Status This section displays the current port status of the LACP groups. Web Interface To view the Port status via the Web Interface: 1. Click Configuration, Aggregation, LACP and Port Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3.
Page 85 AMS User Manual Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
Page 86: 3-2-4 Port Statistics
AMS User Manual 1.2.3-2-4 Port Statistics This section displays the current port statistics relating to the LACP information. Web Interface To view the Port statistics via the Web Interface: 1. Click Configuration, Aggregation, LACP and Port Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3.
Page 87 AMS User Manual Refresh: Used to manually refresh the information on the page.
Page 88: Spanning Tree
AMS User Manual 1.2.4 Spanning Tree The Spanning Tree Protocol (STP) can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices (that is, an STP-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
Page 89 AMS User Manual STP mode may be useful for supporting applications and protocols whose frames may arrive out of sequence or duplicated, for example NetBeui. RSTP Rapid Spanning Tree Protocol (RSTP) also creates a single spanning tree over a network. Compared with STP, RSTP provides for more rapid convergence to an active spanning tree topology.
Page 90: Bridge Settings
AMS User Manual 1.2.4-1 Bridge Settings This section is used to configure the spanning tree bridge settings, allowing full configuration of all spanning tree parameters. Here you can select what Spanning Tree Protocol you would like the switch to use, STP, RSTP or MSTP. Web Interface To configure the Bridge Settings for STP via the Web Interface: 1.
Page 91 AMS User Manual MSTP operation, this is the priority of the CIST. Otherwise, this is the priority of the STP/RSTP Bridge. Default is 32768. Forward Delay: The delay used by STP Bridges to transit Root and Designated Ports to Forwarding state (used in STP compatible mode). Valid values are in the range 4 to 30 seconds.
Page 92: Msti Mapping
AMS User Manual 1.2.4-2 MSTI Mapping This section is used to map VLAN’s to MSTI’s when using the MSTP protocol. MSTP enables the grouping and mapping of VLANs to different spanning tree instances. So, an MST Instance (MSTI) is a particular set of VLANs that are all using the same spanning tree.
Page 93 AMS User Manual Parameter Description Configuration Name: The name identifying the VLAN to MSTI mapping. Bridges must share the name and revision, as well as the VLAN-to-MSTI mapping configuration in order to share spanning trees for MSTI's (Intra-region). The name must be no more than 32 characters.
Page 94: Msti Priorities
AMS User Manual 1.2.4-3 MSTI Priorities This section is used to manually change the priority of the STP bridge instances. The CIST (Common and Internal Spanning Tree) is the default Bridge Instance when using MSTP and is always active. Any VLAN that has not been assigned to a MIST is assigned to the CIST.
Page 95: Cist Ports
AMS User Manual 1.2.4-4 CIST Ports This section is used to configure individual STP Parameters for each port. Here you can enable and disable STP on individual ports, configure the ports as AdminEdge ports, give certain ports higher priority than others and much more. Web Interface To configure the CIST Port Parameters via the Web Interface: 1.
Page 96 AMS User Manual entered. The path cost is used when establishing the active topology of the network. Lower path cost ports are chosen as forwarding ports in favour of higher path cost ports. Valid values are in the range 1 to 200000000. Priority: Controls the port priority.
Page 97: Msti Ports
AMS User Manual Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page. 1.2.4-5 MSTI Ports This section is used to configure MSTI Port parameters. An MSTI Port is a virtual port and each MSTI has its own virtual port.
Page 98 AMS User Manual Fig. 43 MSTI Port Configuration Parameter Description Port: Physical port of the switch. Path Cost: Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values.
Page 99: Bridge Status
AMS User Manual 1.2.4-6 Bridge Status This section is used to display the status information for each of the configured STP Bridges. Web Interface To view the Bridge Status via the Web Interface: 1. Click Configuration, Spanning Tree and Bridge Status. 2.
Page 100 AMS User Manual Topology Flag: The current state of the Topology Change Flag of this Bridge instance. Topology Change Last: The time since the last Topology Change occurred. Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
Page 101: Port Status
AMS User Manual 1.2.4-7 Port Status This section is used to display the status information for each of the configured STP CIST Ports. Web Interface To view the STP CIST Port Status via the Web Interface: 1. Click Configuration, Spanning Tree and Port Status. 2.
Page 102 AMS User Manual Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
Page 103: Port Statistics
AMS User Manual 1.2.4-8 Port Statistics This section is used to display the port statistics for of the configured STP CIST Ports. Web Interface To view the Port Statistics via the Web Interface: 1. Click Configuration, Spanning Tree and Port Statistics. 2.
Page 104 AMS User Manual TCN: The number of (legacy) Topology Change Notification BPDU's received/transmitted on the port. Discarded Unknown: The number of unknown Spanning Tree BPDU's received (and discarded) on the port. Discarded Illegal: The number of illegal Spanning Tree BPDU's received (and discarded) on the port.
Page 105: Igmp Snooping
AMS User Manual 1.2.5 IGMP Snooping IGMP Snooping is a way for Layer 2 switches to reduce the amount of multicast traffic on a LAN. Without IGMP Snooping, Layer 2 switches handle IP multicast traffic in the same manner as broadcast traffic and forward multicast frames received on one port to all other ports in the same VLAN.
Page 106: Basic Configuration
AMS User Manual group specific query asking whether any hosts still want to remain members of that specific group. If no hosts respond with join messages for that group, then the querier knows that there are no hosts on its LAN that are still members of that group. This means that for that specific group, it can ask to be pruned from the multicast tree.
Page 107 AMS User Manual Parameter Description Snooping Enabled: Enable IGMP Snooping on the switch. Unregister IPMCv4 Flooding Enabled: Enable unregistered IPMCv4 flooding enabled. IGMP SSM Range: SSM (Source –Specific Multicast) range allows SSM-aware hosts and routers that run the SSM service model to use groups in the configured address range.
Page 108: Vlan Configuration
AMS User Manual 1.2.5-2 VLAN Configuration This section is used to configure specific IGMP Settings for each of the configured VLAN groups. IGMP Snooping can be enable or disabled for every individual VLAN group. 20 VLAN groups will be displayed on the screen by default this can be increased to a maximum of 99. The VLAN with the lowest VID will be displayed at the top of the table.
Page 109 AMS User Manual Snooping Enabled: Enable IGMP Snooping for each individual VLAN group. A maximum of 32 VLAN’s can be enabled at any one time. IGMP Querier: A router is used to send IGMP query messages to IGMP enabled hosts. The IGMP router can also be called the IGMP Querier.
Page 110: Port Group Filtering
AMS User Manual 1.2.5-3 Port Group Filtering With this feature, you can filter multicast joins on a per-port basis by configuring IP multicast profiles and associating them with individual switch ports. An IGMP profile can contain one or more multicast groups and when applied to a port to deny access to that port on the configured multicast address.
Page 111 AMS User Manual Parameter Description Delete: Check to delete the entry, and click Apply save the changes and remove the selected entry. Port: Select the Port you would like to enable filtering for the configured Multicast address. Filtering Groups: Enter the IP Address of the Multicast group to be filtered. Valid values are 224.x.y.z to 239.x.y.z.
Page 112: Status
AMS User Manual 1.2.5-4 Status This section is used to view the status of all configured IGMP parameters on the AMS Series switches. Web Interface To view the IGMP Status via the Web Interface: 1. Click Configuration, IGMP Snooping and Status. 2.
Page 113 AMS User Manual Queries Received: The number of received queries. V1 Reports Received: The number of Received V1 Reports. V2 Reports Received: The number of Received V2 Reports. V3 Reports Received: The number of Received V3 Reports. V2 Leaves Received: The number of Received V2 Leaves.
Page 114: Groups Information
AMS User Manual 1.2.5-5 Groups Information This section displays the learnt IGMP groups. The IGMP Group Table is sorted first by VLAN ID, and then by group. They will use the last entry of the currently displayed table as a basis for the next lookup.
Page 115 AMS User Manual Refresh: Used to manually refresh the information on the page. <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch.
Page 116: Ipv4 Ssm Information
AMS User Manual 1.2.5-6 IPv4 SSM Information Source Specific Multicast (SSM) is a datagram delivery model that best supports one-to-many applications, also known as broadcast applications. SSM is a core network technology of IP multicast targeted for audio and video broadcast application environments. For the SSM delivery mode, an IP multicast receiver host must use IGMP Version 3 (IGMPv3) to subscribe to channel (S, G).
Page 117 AMS User Manual Fig. 52 IPv4 SSM information Parameter Description VLAN ID: The VLAN ID of the entry. Group: Multicast Group Address. Port: Physical port number of the switch. Mode: Indicates the filtering mode maintained per (VLAN ID, port number, Group Address) basis.
Page 118: Mld Snooping
AMS User Manual 1.2.6 MLD Snooping Multicast Listener Discovery (MLD) snooping constrains the flooding of IPv6 multicast traffic on VLANs on a switch. When MLD snooping is enabled on a VLAN, the AMS Series Switches examine MLD messages between hosts and multicast routers and learn which hosts are interested in receiving traffic for a multicast group.
Page 119 AMS User Manual Fig. 53 MLD Snooping Configuration Parameter Description Snooping Enabled: Enable MLD Snooping on the switch. Unregister IPMCv6 Flooding Enabled: Enable unregistered IPMCv6 flooding enabled. MLD SSM Range: SSM (Source –Specific Multicast) range allows SSM-aware hosts and routers that run the SSM service model to use groups in the configured address range.
Page 120 AMS User Manual Throttling: Throttling is used to limit the amount of IPv6 multicast groups a switch port can belong to. Valid values are unlimited or 1 through to 10. Default is unlimited.
Page 121: Vlan Configuration
AMS User Manual 1.2.6-2 VLAN Configuration This section is used to configure specific MLD Settings for each of the configured VLAN groups. MLD Snooping can be enabled or disabled for every individual VLAN group. 20 VLAN groups will be displayed on the screen by default this can be increased to a maximum of 99. The VLAN with the lowest VID will be displayed at the top of the table.
Page 122 AMS User Manual Snooping Enabled: Enable MLD Snooping for each individual VLAN group. A maximum of 32 VLAN’s can be enabled at any one time. MLD Querier: A router is used to send MLD query messages to MLD enabled hosts. The MLD router can also be called the MLD Querier.
Page 123: Port Group Filtering
AMS User Manual 1.2.6-3 Port Group Filtering With this feature, you can filter multicast joins on a per-port basis by configuring IP multicast profiles and associating them with individual switch ports. An IGMP profile can contain one or more multicast groups and when applied to a port to deny access to that port on the configured multicast address.
Page 124 AMS User Manual Parameter Description Delete: Check to delete the entry, and click Apply save the changes and remove the selected entry. Port: Select the Port you would like to enable filtering for the configured Multicast address. Filtering Groups: Enter the IP Address of the Multicast group to be filtered. Reset Button: Used to reset unsaved changes to original configuration.
Page 125: Status
AMS User Manual 1.2.6-4 Status This section is used to view the status of all configured MLD parameters on the AMS Series switches. Web Interface To view the MLD Status via the Web Interface: 1. Click Configuration, MLD Snooping and Status. 2.
Page 126 AMS User Manual V1 Reports Received: The number of Received V1 Reports. V2 Reports Received: The number of Received V2 Reports. V1 Leaves Received: The number of Received V2 Leaves. Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
Page 127: Groups Information
AMS User Manual 1.2.6-5 Groups Information This section displays the learnt MLD groups. The MLD Group Table is sorted first by VLAN ID, and then by group. They will use the last entry of the currently displayed table as a basis for the next lookup.
Page 128 AMS User Manual Refresh: Used to manually refresh the information on the page. <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch.
Page 129: Ipv6 Ssm Information
AMS User Manual 1.2.6-6 IPv6 SSM Information Source Specific Multicast (SSM) is a datagram delivery model that best supports one-to-many applications, also known as broadcast applications. SSM is a core network technology of IP multicast targeted for audio and video broadcast application environments. For the SSM delivery mode, an IP multicast receiver host must use IGMP Version 3 (IGMPv3) to subscribe to channel (S, G).
Page 130 AMS User Manual Parameter Description VLAN ID: The VLAN ID of the entry. Group: Multicast Group Address. Port: Physical port number of the switch. Mode: Indicates the filtering mode maintained per (VLAN ID, port number, Group Address) basis. It can be either Include or Exclude. Source Address: Source IP Address of the group, current limit on the system for filtering is 128 IP addresses.
Page 131: Mvr
VLAN over which IPTV multicast traffic flows throughout the Layer 2 network. The Alloy AMS Series Switches that are enabled for MVR selectively forward IPTV multicast traffic from interfaces on the MVLAN (source interfaces) to hosts that are connected to interfaces that are not part of the MVLAN.
Page 132 AMS User Manual Fig. 59 MVR Configuration Parameter Description MVR Mode: Used to enable or disable MVR globally on the switch. VLAN ID: Specify the VLAN ID used for Multicasting. Port: Physical port of the switch. Mode: Enable MVR on a per port basis. Type: Specify the port type, this can be either Receiver or Source.
Page 133: Groups Information
AMS User Manual 1.2.7-2 Groups Information This section displays the learnt MVR groups. The MVR Group Table is sorted first by VLAN ID, and then by group. They will use the last entry of the currently displayed table as a basis for the next lookup.
Page 134: Statistics
AMS User Manual Refresh: Used to manually refresh the information on the page. <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch. 1.2.7-3 Statistics This section is used to view the statistics of all configured MVR parameters on the AMS Series switches.
Page 135 AMS User Manual V3 Reports Received: The number of Received V3 Reports. V2 Leaves Received: The number of Received V2 Leaves. Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
Page 136: Lldp
AMS User Manual 1.2.8 LLDP LLDP enables Ethernet network devices, such as switches and routers, to transmit and/or receive device-related information to or from directly connected devices on the network, and to store such information learned about other devices. The data sent and received by LLDP is useful for many reasons.
Page 137 AMS User Manual Fig. 62 LLDP Configuration Parameter Description Tx Interval: The switch will periodically transmit LLDP frames to its neighbours to ensure the discovery information is kept up to date. The interval between each LLDP frame is determined by the Tx Interval value. Valid values are restricted to 5 –...
Page 138 AMS User Manual Port: Physical port of the switch. Mode: Used to select the LLDP mode for each port. RX Only – The switch will not transmit LLDP frames from this port, but is able to receive LLDP frames from other devices. TX Only –...
Page 139: Lldp Neighbours
AMS User Manual 1.2.8-2 LLDP Neighbors This section is used to display the neighbors that have been discovered by the AMS Series switch. Web Interface To view the LLDP neighbors via the Web Interface: 1. Click Configuration, LLDP and LLDP Neighbors. 2.
Page 140 AMS User Manual System Capabilities: System Capabilities describes the neighbour unit's capabilities. The possible capabilities are: Other, Repeater, Bridge, WLAN Access Point, Router, Telephone, DOCSIS cable device, Station only or Reserved. When a capability is enabled, the capability is followed by (+). If the capability is disabled, the capability is followed by (-).
Page 141: Lldp-Med Configuration
AMS User Manual 1.2.8-3 LLDP-MED Configuration Media Endpoint Discovery is an enhancement of LLDP, known as LLDP-MED that provides the following facilities: Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority and Differentiated services (Diffserv) settings) enabling plug and play networking. Device location discovery to allow creation of location databases and, in the case of Voice over Internet Protocol (VoIP), Enhanced 911 services.
Page 142 AMS User Manual Fig. 64 LLDP-MED Configuration Parameter Description Fast Start Repeat Count: Rapid startup and Emergency Call Service Location Identification Discovery of endpoints is a critically important aspect of VoIP systems in general. In addition, it is best to advertise only those pieces of information which are specifically relevant to particular endpoint types (for example only advertise the voice network policy to permitted voice-capable devices), both in order to conserve the limited LLDPU space and to reduce security and system integrity issues that...
Page 143 AMS User Manual given that 4 LLDP frames with a 1 second interval will be transmitted, when an LLDP frame with new information is received. It should be noted that LLDP-MED and the LLDP-MED Fast Start mechanism is only intended to run on links between LLDP-MED Network Connectivity Devices and Endpoint Devices, and as such does not apply to links between LAN infrastructure elements, including Network Connectivity Devices, or other types of links.
Page 144 AMS User Manual Country Code: The two-letter ISO 3166 country code in capital ASCII letters - Example: DK, DE or US. State: National subdivisions (state, canton, region, province, prefecture). County: County, parish, gun (Japan), district. City: City, township, shi (Japan) - Example: Melbourne. City District: City division, borough, city district, ward, chou (Japan).
Page 145 AMS User Manual Emergency Call Service: Emergency Call Service (e.g. 000 and others), such as defined by TIA or NENA. Policies: Network Policy Discovery enables the efficient discovery and diagnosis of mismatch issues with the VLAN configuration, along with the associated Layer 2 and Layer 3 attributes, which apply for a set of specific protocol applications on that port.
Page 146 AMS User Manual Policy ID: ID for the policy. This is auto generated and shall be used when selecting the policies that shall be mapped to the specific ports. Application Type: Intended use of the application types: 1. Voice - for use by dedicated IP Telephony handsets and other similar appliances supporting interactive voice services.
Page 147 AMS User Manual 8. Video Signalling (conditional) - for use in network topologies that require a separate policy for the video signalling than for the video media. This application type should not be advertised if all the same network policies apply as those advertised in the Video Conferencing application policy.
Page 148: Lldp-Med Neighbours
AMS User Manual 1.2.8-4 LLDP-MED Neighbors This page provides a status overview of all LLDP-MED neighbors. The displayed table contains a row for each port on which an LLDP neighbour is detected. This function applies to VoIP devices which support LLDP-MED. Web Interface To view the LLDP-MED neighbors that have been learnt from the switch via the Web Interface: 1.
Page 149 AMS User Manual Devices. An LLDP-MED Network Connectivity Device is a LAN access device based on any of the following technologies: 1. LAN Switch/Router 2. IEEE 802.1 Bridge 3. IEEE 802.3 Repeater (included for historical reasons) 4. IEEE 802.11 Wireless Access Point 5.
Page 150 AMS User Manual Discovery services defined in this class include media-type-specific network layer policy discovery. LLDP-MED Communication Endpoint (Class III): The LLDP-MED Communication Endpoint (Class III) definition is applicable to all endpoint products that act as end user communication appliances supporting IP media.
Page 151 AMS User Manual 4. Guest Voice Signalling - for use in network topologies that require a different policy for the guest voice signalling than for the guest voice media. 5. Softphone Voice - for use by softphone applications on typical data centric devices, such as PCs or laptops.
Page 152 AMS User Manual Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
Page 153: Eee
AMS User Manual 1.2.8-5 EEE This page provides an overview of EEE information exchanged by LLDP. Web Interface To view the LLDP EEE information that has been discovered from the switch via the Web Interface: 1. Click Configuration, LLDP and EEE. 2.
Page 154 AMS User Manual savings, this provides the transmitter with additional information that it may use for a more efficient allocation. Systems that do not implement this option default the value to be the same as that of the Receive Tw_sys_tx. Echo Tx Tw: The link partner's Echo Tx Tw value.
Page 155: Port Statistics
AMS User Manual 1.2.8-6 Port Statistics This section displays two types of counters. Global counters are counters that refer to the whole switch, while local counters refer to per port counters for the currently selected switch. Web Interface To view the LLDP Port Statistics from the switch via the Web Interface: 1.
Page 156 AMS User Manual Total Neighbours Entries Dropped: Shows the number of new entries dropped since switch reboot. Total Neighbours Entries Aged Out: Shows the number of entries deleted due to Time-To-Live expiring. Local Port: The Port on which LLDP frames are received or transmitted. Tx Frames: The number of LLDP frames transmitted on the port.
Page 157: Filtering Data Base
AMS User Manual 1.2.9 Filtering Data Base Switching of frames is based upon the Destination MAC address contained in the frame. The switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the Destination MAC address in the frame).
Page 158 AMS User Manual Parameter Description Aging Configuration: By default, dynamic entries are removed from the MAC table after 300 seconds. This removal is also called aging. Configure aging time by entering a value here in seconds. The allowed range is 10 to 1000000 seconds. Disable the automatic aging of dynamic entries by checking Disable automatic aging.
Page 159: Dynamic Mac Table
AMS User Manual 1.2.9-2 Dynamic MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID, then by MAC address. Web Interface To view the MAC Address that have been learnt by the switch via the Web Interface: 1.
Page 160: Vlan
AMS User Manual 1.2.10 VLAN The virtual LAN (VLAN) allows you to group physically separate users into the same broadcast domain. The use of VLANs improves security, segmentation, and flexibility. The use of VLANs also decreases the cost of arranging users, because no extra cabling is required. VLANs allow an administrator to define user groups logically rather than by their physical locations.
Page 161 AMS User Manual Fig. 70 VLAN Membership Parameter Description Delete: To delete a VLAN entry, tick the check box next to the corresponding VLAN entry. After you press the Apply the entry will be deleted. VLAN ID: The VLAN ID of the entry. VLAN Name: Enter a descriptive name for the VLAN.
Page 162: Ports
AMS User Manual 1.2.10-2 Ports This section is used to configure Port specific parameters for your VLAN’s. Here we can configure a port as a Tagged (Trunk) or Untagged (Access) port or as a Hybrid port allowing both tagged and untagged frames.
Page 163 AMS User Manual Port Type: There are several port types that can be selected depending on the role of the port. The port type available are Unaware, (Customer) C-Port, (Service) S-Port and S-Custom Port: Unaware – This port type can be used when the configured port is an untagged port.
Page 164 AMS User Manual not a member of the classified VLAN of the frame, the frame is discarded. By default, ingress filtering is disabled. Frame Type: Determines whether the port accepts all frames or only tagged/untagged frames. This parameter affects VLAN ingress processing. If the port only accepts tagged frames, untagged frames received on the port are discarded.
Page 165: Switch Status
AMS User Manual 1.2.10-3 Switch Status This section is used to view the currently configured VLAN groups. VLAN groups which have been learnt from other protocols such as GVRP can also be viewed here. Web Interface To view the current VLAN groups via the Web Interface: 1.
Page 166 AMS User Manual Refresh: Used to manually refresh the information on the page. <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch.
Page 167: Port Status
AMS User Manual 1.2.10-4 Port Status This section is used to view the port specific values relating to the VLAN information. Web Interface To view the current Port Information via the Web Interface: 1. Click Configuration, VLAN and Port Status. 2.
Page 168 AMS User Manual Port Type: Displays the currently configured port type, values are unaware, C-Port, S- Port and S-Custom-Port. For a full explanation of these parameters see section 1.2.10-2. Ingress Filtering: Displays whether the port has ingress filtering enabled or disabled. Frame Type: Displays what type of packets can be received by the port, Tagged, Un- Tagged or All.
Page 169: Private Vlan
AMS User Manual 1.2.10-5 Private VLAN A private VLAN allows the administrator to configure a VLAN which contains switch ports that are restricted, such that they can only communicate with a given uplink port. The restricted ports are called private ports. Each private VLAN typically contains many private ports, and a single uplink. The uplink will typically be a port (or link aggregation group) connected to a router, firewall, server, provider network, or similar central resource.
Page 170 AMS User Manual Fig. 74 Private VLAN Membership Parameter Description Delete: To delete a Private VLAN entry, tick the box and press the Apply button. PVLAN ID: Indicates the VLAN ID of the private VLAN. Port Members: Displays the port members that belong to a particular VLAN group. If the check box it ticked it means that port belongs to that VLAN group.
Page 171: 10-5-2 Port Isolation
AMS User Manual 1.2.10-5-2 Port Isolation Port Isolation allows the administrator to configure ports so they can only communicate with certain ports, even though they are in the same VLAN group. A typical scenario is where you need to block all ports from communicating with each other, but allow all ports to communicate with a single uplink port.
Page 172: Mac-Based Vlan
AMS User Manual 1.2.10-6 MAC-based VLAN One of the most common ways of grouping VLAN members is by port, hence the name port-based VLAN. Typically, the device adds the same VLAN tag to untagged packets that are received through the same port. Later on, these packets can be forwarded in the same VLAN. Port-based VLAN’s are easy to configure, and applies to networks where the locations of terminal devices are relatively fixed.
Page 173 AMS User Manual Fig. 76 MAC-based VLAN Configuration Parameter Description Delete: To delete a MAC-based VLAN entry, check this box and press Apply. The entry will be deleted on the selected switch. MAC Address: Indicates the MAC Address. VLAN ID: Indicates the VLAN ID.
Page 174: 10-6-2 Status
AMS User Manual 1.2.10-6-2 Status This section displays the current MAC-based VLAN groups configured on the switch. Web Interface To view the MAC-based VLAN groups via the Web Interface: 1. Click Configuration, VLAN, MAC-based VLAN’s and Status. 2. Select to view Combined, Static or NAS based MAC entries by using the drop down box near the top of the screen.
Page 175: Protocol-Based Vlan
AMS User Manual 1.2.10-7 Protocol-based VLAN This section describes Protocol -based VLAN, the AMS Series support Protocols including Ethernet LLC and SNAP. The Logical Link Control (LLC) data communication protocol layer is the upper sub-layer of the Data Link Layer (which is itself layer 2, just above the Physical Layer) in the seven-layer OSI reference model.
Page 176 AMS User Manual Fig. 78 Protocol-based VLAN’s Parameter Description Delete: To delete a Protocol-based VLAN entry, check this box and press Apply. The entry will be deleted on the selected switch. Frame Type: Select the frame type for the group, valid values are Ethernet, LLC and SNAP. NOTE: Once you change the Frame type field, the valid value of the following text field will vary depending on the new frame type you...
Page 177 AMS User Manual a. OUI: OUI (Organizationally Unique Identifier) is value in format of xx-xx-xx where each pair (xx) in string is a hexadecimal value ranges from 0x00-0xff. b. PID: If the OUI is hexadecimal 000000, the protocol ID is the Ethernet type (EtherType) field value for the protocol running on top of SNAP;...
Page 178: 10-7-2 Group To Vlan
AMS User Manual 1.2.10-7-2 Group to VLAN This section is used to map the groups configured in section 1.2.10-7-1 to a VLAN Group. Web Interface To map the protocol group to a VLAN group via the Web Interface: 1. Click Configuration, VLAN, Protocol-based VLAN’s and Group to VLAN. 2.
Page 179 AMS User Manual VLAN ID: Indicates the ID to which the Group Name will be mapped. A valid VLAN ID ranges from 1-4095. Port Members: A row of check boxes for each port is displayed for each Group Name to VLAN ID mapping.
Page 180: Voice Vlan
AMS User Manual 1.2.11 Voice VLAN The Voice VLAN function is used for networks where both data and voice traffic are running on the same network. By using a dedicated VLAN for voice traffic it allows the administrator to prioritize this traffic to ensure voice quality is kept to an optimum level.
Page 181 AMS User Manual Fig. 80 Voice VLAN Configuration Parameter Description Mode: Select to enable or disable the Voice VLAN function. Please Note: MSTP must be disabled when using Voice VLAN to avoid conflicting ingress filtering information. VLAN ID: Specify a unique VLAN ID for the voice VLAN. This VLAN ID cannot be the same as any other VLAN ID configured on the switch.
Page 182 AMS User Manual Auto: Will auto detect whether an IP Phone is connected to the port and will automatically join the Voice VLAN. Forced: Will force the port to be part of the Voice VLAN. Security: Used to enable or disable the Voice VLAN port security mode. When the function is enabled, all non-IP Phone MAC addresses in the Voice VLAN will be blocked for 10 seconds.
Page 183: Oui
AMS User Manual 1.2.11-2 OUI This section is used to configure the Voice VLAN OUI table. The maximum number of entries is 16. Modifying the OUI table will restart auto detection of OUI process. Web Interface To configure the Voice VLAN OUI settings via the Web Interface: 1.
Page 184 AMS User Manual Description: The description of OUI address. Normally, it describes which vendor telephony device it belongs to. The allowed string length is 0 to 32. Add New Entry: Click to add a new entry to the Voice VLAN OUI table. An empty row is added to the table, please enter the Telephony OUI and Description.
Page 185: Garp
AMS User Manual 1.2.12 GARP The Generic Attribute Registration Protocol (GARP) provides a generic framework whereby devices in a bridged LAN, e.g. end stations and switches, can register and de-register attribute values, such as VLAN Identifiers, with each other. In doing so, the attributes are propagated to devices in the bridged LAN, and these devices form a reachability tree that is a subset of an active topology.
Page 186 AMS User Manual Fig. 82 GARP Configuration Parameter Description Port: Physical port of the switch. Timer Values: To set the GARP Join Timer, Leave Timer and Leave All Timer, the units are set in micro seconds. Join Timer: The default value for the Join Timer is 200ms. Leave Timer: The default value for the Leave Timer is 600ms.
Page 187 AMS User Manual Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
Page 188: Statistics
AMS User Manual 1.2.12-2 Statistics This page allows you to view the GARP Statistics for all switch ports. Web Interface To view the GARP Statistics via the Web Interface: 1. Click Configuration, GARP and Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3.
Page 189: Gvrp
AMS User Manual 1.2.13 GVRP The GARP VLAN Registration Protocol (GVRP) allows network devices to share VLAN information and to use the information to modify existing VLANs or create new VLANs, automatically. This makes it easier to manage VLANs that span more than one switch. Without GVRP, you have to manually configure your switches to ensure that the various parts of the VLANs can communicate with each other across the different switches.
Page 190 AMS User Manual 3. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig. 84 GVRP Configuration Parameter Description GVRP Mode: Used to enable or disable GVRP globally for the switch. Port: Physical port of the switch.
Page 191: Statistics
AMS User Manual 1.2.13-2 Statistics This page allows you to view the GVRP Statistics for all switch ports. Web Interface To view the GVRP Statistics via the Web Interface: 1. Click Configuration, GVRP and Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3.
Page 192: Qos
AMS User Manual 1.2.14 QoS The AMS Series switches support four QoS queues per port with strict or weighted fair queuing scheduling. It supports QoS Control Lists (QCL) for advance programmable QoS classification, based on IEEE 802.1p, Ethertype, VID, IPv4/IPv6 DSCP and UDP/TCP ports and ranges. High flexibility in the classification of incoming frames to a QoS class.
Page 193 AMS User Manual Fig. 86 QoS Port Classification Parameter Description Port: Physical port of the switch. QoS Class: Controls the default QoS class, i.e., the QoS class for frames not classified in any other way. There is a one to one mapping between QoS class, queue and priority.
Page 194: Port Policing
AMS User Manual DSCP Based: Click to Enable DSCP Based QoS Ingress Port Classification. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page. 1.2.14-2 Port Policing This section provides an overview of QoS Ingress Port Policers for all switch ports The Port Policing is useful in constraining traffic flows and marking frames above specific rates.
Page 195: Port Scheduler
AMS User Manual Parameter Description Port: Physical port of the switch. Mode: Check the box next to the corresponding port to enable Ingress port policing. Rate: Set the Rate that you want to limit the ingress bandwidth to. Default vale is 500. Unit: Select the required speed type in units of kbps, Mbps, fps or kfps.
Page 196 AMS User Manual Fig. 88 Port Scheduling Fig. 89 Port Scheduling – Strict Priority...
Page 197 AMS User Manual Fig. 90 Port Scheduling – Weighted Parameter Description QoS Egress Port Schedulers Port: Physical port of the switch. Mode: Displays the configured Mode type, Strict Priority or Weighted. Weight (Q0-5): Shows the current weight for this queue and corresponding port. QoS Egress Port Scheduler and Shapers (Strict Priority) Scheduler Mode: Select the required Scheduler Mode for the port, Strict Priority or Weighted.
Page 198 AMS User Manual Port Shaper Rate: Enter the required bandwidth rate, maximum values are based on the speed on the port. If running at 1Gb, 1000000 Kbps or 1000Mbps. Default value is 500. Port Shaper Unit: Select whether the shaping rate is measured in kbps or Mbps. Default is kbps.
Page 199: Port Shaping
AMS User Manual 1.2.14-4 Port Shaping This section provides an overview of QoS Egress Port shaping for all switch ports. Web Interface To configure the QoS Port Shaping settings via the Web Interface: 1. Click Configuration, QoS and Port Shaping. 2.
Page 200 AMS User Manual Fig. 92 Port Shaping – Strict Priority Fig. 93 Port Shaping – Weighted Parameter Description QoS Egress Port Shapers Port: Physical port of the switch.
Page 201 AMS User Manual Mode: Displays the configured Mode type, Strict Priority or Weighted. Weight (Q0-5): Shows the current weight for this queue and corresponding port. QoS Egress Port Scheduler and Shapers (Strict Priority) Scheduler Mode: Select the required Scheduler Mode for the port, Strict Priority or Weighted. Queue Shaper Enable: Tick the box next to the appropriate queue to enable the Queue Shaper.
Page 202 AMS User Manual Queue Scheduler Weight: Controls the weight of the queue. This is a percentage of total bandwidth available, valid values 1 to 100. Default is 17. Queue Scheduler Percent: Shows the weight in percent for this queue. Port Shaper Enable: Tick the box to enable Port shaping on the selected port.
Page 203: Port Tag Remarking
AMS User Manual 1.2.14-5 Port Tag Remarking This section provides an overview of QoS Egress Port Tag Remarking all switch ports. Web Interface To configure the QoS Port Tag Remarking settings via the Web Interface: 1. Click Configuration, QoS and Port Tag Remarking. 2.
Page 204 AMS User Manual Fig. 95 Port Tag Remarking – Classified Mode Fig. 96 Port Tag Remarking – Default Mode...
Page 205 AMS User Manual Fig. 97 Port Tag Remarking – Mapped Mode Parameter Description Port: Physical port of the switch. Mode: Shows the tag remarking mode for this port. Classified: Use classified PCP/DEI values. Default: Use default PCP/DEI values. Mapped: Use mapped versions of QoS class and DP level. Tag Remarking Mode (Classified): When set to Classified no configuration is necessary.
Page 206: Port Dscp
AMS User Manual 1.2.14-6 Port DSCP This section provides an overview of QoS Port DSCP settings for all switch ports. Web Interface To configure the QoS Port DSCP settings via the Web Interface: 1. Click Configuration, QoS and Port DSCP. 2.
Page 207 AMS User Manual enabled as specified in DSCP Translation window for the specific DSCP. All: Classify all DSCP values. Egress Rewrite: DSCP Values can be rewritten based on the below parameters: Disable: No Egress rewrite. Enable: Rewrite enable without remapping the DSCP value. Remap DP Unaware: Frame with DSCP from analyser is remapped and remarked with the remapped DSCP value.
Page 208: Dscp-Based Qos
AMS User Manual 1.2.14-7 DSCP-based QoS This section is used to configure DSCP-based QoS settings for all switch ports. Web Interface To configure the DSCP-based QoS settings via the Web Interface: 1. Click Configuration, QoS and DSCP-based QoS. 2. Specify whether the DSCP value is trusted, and set the corresponding QoS value and DP level used for ingress processing.
Page 209 AMS User Manual DPL: Drop Precedence Level to which the corresponding DSCP value is classified for ingress processing. Range: 0-1, where 1 is the higher drop priority; Default value is 0. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
Page 210: Dscp Translation
AMS User Manual 1.2.14-8 DSCP Translation This section is used to configure DSCP translation for ingress traffic or DSCP re-mapping for egress traffic. Web Interface To configure the DSCP Translation settings via the Web Interface: 1. Click Configuration, QoS and DSCP Translation. 2.
Page 211 AMS User Manual Egress Remap DP0: Re-maps DP0 field to selected DSCP value. DP0 indicates a drop precedence with a low priority. Egress Remap DP1: Re-maps DP1 field to selected DSCP value. DP1 indicates a drop precedence with a high priority. Reset Button: Used to reset unsaved changes to original configuration.
Page 212: Dscp Classification
AMS User Manual 1.2.14-9 DSCP Classification This section is used to map DSCP values to a QoS class and drop precedence level. Web Interface To configure the DSCP Classification settings via the Web Interface: 1. Click Configuration, QoS and DSCP Classification. 2.
Page 213: Qos Control List
AMS User Manual 1.2.14-10 QoS Control List Use the QoS Control List Configuration page to configure Quality of Service policies for handling ingress packets based on Ethernet type, VLAN ID, TCP/UDP port, DSCP, ToS, or VLAN priority tag. Once a QCE is mapped to a port, traffic matching the first entry in the QoS Control List is assigned to the QoS class, drop precedence level, and DSCP value defined by that entry.
Page 214 AMS User Manual Fig. 103 Adding a QoS Control List Entry Parameter Description QCE: Quality Control Entry Index. Port: Physical port of the switch. Frame Type: Indicates the type of frame to look for in incoming frames. Possible frame types are: Any, Ethernet, LLC, SNAP, IPv4, and IPv6. SMAC: The OUI field of the source MAC address, i.e.
Page 215 AMS User Manual queue corresponding to the specified QoS class. DPL – The drop precedence level will be set to the specified value. DSCP – The DSCP value will be set the specified value. Inserts a new QCE before the current row. Edits the QCE.
Page 216 AMS User Manual Frame Type: The supported Frame Types are listed below: Any – Allow all types of frames. Ethernet – This option can only be used to filter Ethernet II formatted packets. Options: Any, Specific – 600-ffff hex; Default: ffff Note that 800 (IPv4) and 86DD (IPv6) are excluded.
Page 217 AMS User Manual DSCP – Diffserv Code Point value. (Options: Any, specific value of 0-63, BE, CS1-CS7, EF or AF11-AF43, or Range; Default: Any) IPv6 – IPv6 frame type includes the same settings as those used for IPv4, except for the Source IP. When configuring a specific IPv6source address, enter the least significant 32 bits (a.b.c.d) using the same type of mask as that used for an IPv4 address.
Page 218: Qcl Status
AMS User Manual 1.2.14-11 QCL Status Displays the current QCL (QoS Control List) entries configured on the switch. Web Interface To view the QCL via the Web Interface: 1. Click Configuration, QoS and QCL Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3.
Page 219 AMS User Manual Refresh: Used to manually refresh the information on the page. Resolve Conflict: Click to resolve any current QCE conflicts that have occurred.
Page 220: Storm Control
AMS User Manual 1.2.14-12 Storm Control Use the Storm Control Configuration page to set limits on broadcast, multicast and unknown unicast traffic to control traffic storms which may occur when a network device is malfunctioning, the network is not properly configured, or application programs are not well designed or properly configured.
Page 221 AMS User Manual Parameter Description Frame Type: Specifies broadcast, multicast or unknown unicast traffic. Status: Enables or Disables Storm Control. Rate (pps): The threshold above which packets are dropped. This limit can be set by specifying a value in pps, or by selecting one of the options in Kpps (i.e., marked with the suffix "K").
Page 222: S-Flow Agent
AMS User Manual 1.2.15 s-Flow Agent The AMS Series switches support s-Flow network monitoring. sFlow is a sampling technology that meets the key requirements for a network traffic monitoring solution:  sFlow provides a network-wide view of usage and active routes. It is a scalable technique for measuring network traffic, collecting, storing, and analyzing traffic data.
Page 223 AMS User Manual 3. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig. 107 s-Flow Agent Collector Settings Parameter Description Receiver ID: The "Receiver ID" input field allows the user to input the receiver ID. Currently one ID is supported as one collector is supported.
Page 224: Sampler
AMS User Manual Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page. 1.2.15-2 Sampler An average of 1 This section is used to configure the s-Flow sampling rate that is sent to the receiver. out of N packets/operations is randomly sampled.
Page 225 AMS User Manual Fig. 108 s-Flow Agent Sampler Port Settings Parameter Description s-Flow Ports: Displays the ports that s-Flow is configured. s-Flow Instance: Configured sFlow instance for the port number. Sampler Type: Sampler types available are None, RX, TX and All. Default is None.
Page 226: Loop Protection
AMS User Manual 1.2.16 Loop Protection The AMS Series switches support a Loop protection mechanism. Loop Protection can be used in environments that have devices that do not support the spanning tree protocol. If the switch receives a packet containing its own MAC address the port will be locked. 1.2.16-1 Configuration This section allows you to configure the Loop Protection settings for the switch.
Page 227 AMS User Manual Transmission Time: The interval between each loop protection PDU sent on each port. Valid values are 1 to 10 seconds. Shutdown Time: The period (in seconds) for which a port will be kept disabled in the event of a loop is detection (and the port action is to shut down the port).
Page 228: Status
AMS User Manual 1.2.16-2 Status This section displays the Loop Protection status of individual ports. Web Interface To view the Loop Protection status via the Web Interface: 1. Click Configuration, Loop Protection and Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3.
Page 229: Single Ip
AMS User Manual 1.2.17 Single IP The AMS Series switches support Single IP Management. Single IP Management (SIM), is a simple and useful method to optimize network utilities and management, it is designed to manage a group of switches as a single entity, called a SIM group. Implementing the SIM feature will have the following advantages for users ...
Page 230 AMS User Manual Parameter Description Mode: Is used to disable the SIP function or set the device as a Master or Slave. Possible modes are: Disable: Disable operation of Single IP Management. Master: Enable Single IP Management and run as a Master Switch. Running as the master switch the user will connect to the Master switches IP Address and can then control the Slave switches in the same SIP group.
Page 231: Information
AMS User Manual 1.2.17-2 Information This section displays the slave devices and allows the administrator access to these switches. Web Interface To view and configure the slave switches of the Single IP Management group via the Web Interface: 1. Click Configuration, Single IP and Information. 2.
Page 232 AMS User Manual NOTE: When you click the index link you will be redirected to the web interface of the slave device.
Page 233: Easy Port
AMS User Manual 1.2.18 Easy Port The AMS Series switches support a feature called Easy Port, which provides a convenient way to save and share common configurations. You can use it to enable features and settings based on the location of a switch in the network and for mass configuration deployments across the network. Predefined ports settings can be applied to particular ports for installations of IP Phones, Wireless Access Points and IP Cameras.
Page 234 AMS User Manual sure the box is unchecked. By default, no ports are members. Role: The port role is based on the type of devices to be connected to the switch ports. Scroll to select the type of device that will connect to the port. Options are IP-Phone, IP-CAM and WIFI-AP.
Page 235 AMS User Manual Security-enabled port. Since all ports draw from the same pool, it may happen that a configured maximum cannot be granted, if the remaining ports have already used all available MAC addresses. Spanning Tree Admin Edge: Controls whether the operEdge flag should start as set or cleared. (The initial operEdge state when a port is initialized).
Page 236: Mirroring
AMS User Manual 1.2.19 Mirroring The AMS Series switches support traffic mirroring to capture and analyze real time traffic. You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the source port in a completely unobtrusive manner.
Page 237 AMS User Manual Parameter Description Port to Mirror on: Port to mirror also known as the mirror port. Frames from ports that have either source (rx) or destination (tx) mirroring enabled are mirrored on this port. Disabled disables mirroring. Port: Physical port of the switch.
Page 238: Trap Event Severity
AMS User Manual 1.2.20 Trap Event Severity The AMS Series switches support trap events that can alert the administrator if a particular event occurs. This section is used to customize the severity levels of the trap events. Administrators can manually configure each event to have a Severity level of Emerg, Alert, Crit, Error, Warning, Notice, Info and Debug.
Page 239 AMS User Manual <3> Error: Error conditions. <4> Warning: Warning conditions. <5> Notice: Normal but significant conditions. <6> Information: Information messages. <7> Debug: Debug-level messages. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
Page 240: Smtp Configuration
AMS User Manual 1.2.21 SMTP Configuration The AMS Series switches support trap events that can alert the administrator if a particular event occurs. This section is used to configure the mail server settings that will be used to send the emails. Email Addresses can also be configured here, these will be the addresses the events will be sent to.
Page 241 AMS User Manual Email Address 1 – 6: Enter up to 6 email address to receive the trap events. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
Page 242: Upnp
AMS User Manual 1.2.22 UPnP The AMS Series switches support UPnP. UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly and to simplify the implementation of networks in the home (data sharing, communications, and entertainment) and in corporate environments for simplified installation of computer components.
Page 243 AMS User Manual related packets to CPU. The ACEs are automatically removed when the mode is disabled. TTL: The TTL value is used by UPnP to send SSDP advertisement messages. Valid values are in the range 1 to 255. Advertising Duration: The duration, carried in SSDP packets, is used to inform a control point or control points how often it or they should receive an SSDP advertisement message from this switch.
Page 244: Security
AMS User Manual 1.3 Security This chapter describes the Security configuration options available in the AMS Series of switches. Features such as IP Source Guard, Port Security, HTTPS, DHCP Snooping, DHCP Relay and many more can be configured from this section. 1.3.1 IP Source Guard The AMS Series switches support IP Source Guard.
Page 245 AMS User Manual Parameter Description Mode: Enable the Global IP Source Guard or disable the Global IP Source Guard. All configured ACEs will be lost when the mode is enabled. Port: Physical port of the switch. Mode: Select to enable or disable the IP Source Guard function on the select port. The global IP Source Guard Mode must also be enabled, when enabling each individual port.
Page 246: Static Table
AMS User Manual 1.3.1-2 Static Table This section is used to enter Static IP addresses into the AMS switch. Web Interface To enter Static IP Addresses into the Static Table via the Web Interface: 1. Click Security, IP Source Guard and Static Table. 2.
Page 247 AMS User Manual Add New Entry: Click to add a new static entry. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
Page 248: Dynamic Table
AMS User Manual 1.3.1-3 Dynamic Table This section is used to view the dynamic IP Source Guard entries. Web Interface To view the Dynamic IP Addresses via the Web Interface: 1. Click Security, IP Source Guard and Dynamic Table. 2. To filter the entries you can select the Start from Port, VLAN ID and or IP Address. 3.
Page 249 AMS User Manual <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch.
Page 250: Arp Inspection
AMS User Manual 1.3.2 ARP Inspection The AMS Series switches supports ARP Inspection. This allows the switch to intercept and examine all ARP request and response packets in a subnet and discard those packets with invalid IP to MAC address bindings. 1.3.2-1 Configuration This section is used to configure the ARP Inspection settings for the AMS switch.
Page 251 AMS User Manual Mode: Select to enable or disable the ARP Inspection function on the select port. The global ARP Inspection Mode must also be enabled, when enabling each individual port. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
Page 252: Static Table
AMS User Manual 1.3.2-2 Static Table This section is used to enter Static ARP entries into the AMS switch. Web Interface To enter Static ARP entries into the Static Table via the Web Interface: 1. Click Security, ARP Inspection and Static Table. 2.
Page 253 AMS User Manual Add New Entry: Click to add a new static entry. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
Page 254: Dynamic Table
AMS User Manual 1.3.2-3 Dynamic Table This section is used to view the dynamic ARP Inspection entries. Web Interface To view the Dynamic ARP entries via the Web Interface: 1. Click Security, ARP Inspection and Dynamic Table. 2. To filter the entries you can select the Start from Port, VLAN ID and or IP Address. 3.
Page 255 AMS User Manual <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch.
Page 256: Dhcp Snooping
AMS User Manual 1.3.3 DHCP Snooping The AMS Series switches supports DHCP Snooping. The section describes how to configure the DHCP Snooping parameters of the switch. DHCP Snooping can prevent attackers from adding their own DHCP servers on the network. 1.3.3-1 Configuration This section is used to configure the DHCP Snooping settings for the AMS switch.
Page 257 AMS User Manual to trusted ports and only allow reply packets from trusted ports. Disabled: Disable DHCP snooping mode operation. Port: Physical port of the switch. Mode: Indicates the DHCP snooping port mode. Possible port modes are: Trusted: Configures the port as trusted source of the DHCP messages. Untrusted: Configures the port as untrusted source of the DHCP messages.
Page 258: Statistics
AMS User Manual 1.3.3-2 Statistics This section is used to view the DHCP Snooping Statistics for the AMS switch. Web Interface To view the DHCP Snooping Statistics of the switch via the Web Interface: 1. Click Security, DHCP Snooping and Statistics. 2.
Page 259 AMS User Manual Rx and Tx ACK: The number of ACK (option 53 with value 5) packets received and transmitted. Rx and Tx NAK: The number of NAK (option 53 with value 6) packets received and transmitted. Rx and Tx Release: The number of release (option 53 with value 7) packets received and transmitted.
Page 260: Dhcp Replay
AMS User Manual 1.3.4 DHCP Replay The AMS Series switches supports the DHCP Relay function. DHCP Relays are used to forward DHCP requests to other DHCP Server on the same or on another subnet. This section is used to configure the DHCP Relay parameters.
Page 261 AMS User Manual Parameter Description Relay Mode: Indicates the DHCP relay mode operation. Possible modes are: Enabled: Enable DHCP relay mode. When the DHCP relay is enabled, the agent forwards and transfers DHCP messages between the clients and the server when they are not in the same subnet domain. Disabled: Disable the DHCP relay.
Page 262: Statistics
AMS User Manual 1.3.4-2 Statistics This section is used to view the DHCP Relay Statistics for the AMS switch. Web Interface To view the DHCP Relay Statistics via the Web Interface: 1. Click Security, DHCP Relay and Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3.
Page 263 AMS User Manual Receive Bad Circuit ID: The number of packets whose Circuit ID option did not match known circuit Receive Bad Remote ID: The number of packets whose Remote ID option did not match known Remote ID. Client Statistics Transmit to Client: The number of relayed packets from server to client.
Page 264: Nas
AMS User Manual 1.3.5 NAS The AMS Series switches supports a NAS (Network Access Server) function which allows users connection to a variety of resources, including the internet. Particular settings can be applied to this user based on authentication to a RADIUS Server. Functions such as 802.1x and Mac based Authentication can be used to authenticate users onto the network allowing them access to these shared resources.
Page 265 AMS User Manual Parameter Description Mode: Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames. Reauthentication Enabled: If checked, successfully authenticated supplicants/clients are reauthenticated after the interval specified by the Reauthentication Period. Reauthentication for 802.1X-enabled ports can be used to detect if a new device is plugged into a switch port or if a supplicant is no longer attached.
Page 266 AMS User Manual whether the client is still attached or not, and the only way to free any resources is to age the entry. Hold Time: This setting applies to the following modes, i.e. modes using the Port Security functionality to secure MAC addresses: •...
Page 267 AMS User Manual assigned VLAN is enabled on that port. When unchecked, RADIUS-server assigned VLAN is disabled on all ports. Guest VLAN Enabled: A Guest VLAN is a special VLAN - typically with limited network access - on which 802.1X-unaware clients are placed after a network administrator- defined timeout.
Page 268 AMS User Manual frame when the port link comes up, and any client on the port will be allowed network access without authentication. Force Unauthorized: In this mode, the switch will send one EAPOL Failure frame when the port link comes up, and any client on the port will be disallowed network access.
Page 269 AMS User Manual scenario will loop forever. Therefore, the server timeout should be smaller than the supplicant's EAPOL Start frame retransmission rate. Single 802.1X: In port-based 802.1X authentication, once a supplicant is successfully authenticated on a port, the whole port is opened for network traffic.
Page 270 AMS User Manual destination MAC address for EAPOL frames sent from the switch towards the supplicant, since that would cause all supplicants attached to the port to reply to requests sent from the switch. Instead, the switch uses the supplicant's MAC address, which is obtained from the first EAPOL Start or EAPOL Response Identity frame sent by the supplicant.
Page 271 AMS User Manual RADIUS-Assigned QoS Enabled: When RADIUS-Assigned QoS is both globally enabled and enabled (checked) on a given port, the switch reacts to QoS Class information carried in the RADIUS Access-Accept packet transmitted by the RADIUS server when a supplicant is successfully authenticated. If present and valid, traffic received on the supplicant's port will be classified to the given QoS Class.
Page 272 AMS User Manual • Port-based 802.1X • Single 802.1X For trouble-shooting VLAN assignments, use the "Monitor→VLANs→VLAN Membership and VLAN Port" pages. These pages show which modules have (temporarily) overridden the current Port VLAN configuration. RADIUS attributes used in identifying a VLAN ID: RFC2868 and RFC3580 form the basis for the attributes used in identifying a VLAN ID in an Access-Accept packet.
Page 273 AMS User Manual or the port's Admin State is changed), and if not, the port will be placed in the Guest VLAN. Otherwise it will not move to the Guest VLAN, but continue transmitting EAPOL Request Identity frames at the rate given by EAPOL Timeout.
Page 274 AMS User Manual Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
Page 275: Switch Status
AMS User Manual 1.3.5-2 Switch Status This section is used to view the NAS Status Information on the AMS switch. Web Interface To view the NAS information via the Web Interface: 1. Click Security, NAS and Switch Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3.
Page 276 AMS User Manual Last Source: The source MAC address carried in the most recently received EAPOL frame for EAPOL-based authentication, and the most recently received frame from a new client for MAC-based authentication. Last ID: The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame for EAPOL-based authentication, and the source MAC address from the most recently received frame from a new client for MAC-based authentication.
Page 277: Port Status
AMS User Manual 1.3.5-3 Port Status This section is used to view the Port Status of the NAS function on the AMS switch. Web Interface To view the Port related NAS information via the Web Interface: 1. Click Security, NAS and Port Status. 2.
Page 278: Aaa
AMS User Manual 1.3.6 AAA The AMS Series switches supports AAA (Authentication, Authorization, Accounting) to provide access control to your network. The AAA server can be a TACACS+ or RADIUS server to create and manage objects that contain settings for using AAA servers. 1.3.6-1 Configuration This section is used to configure the AAA settings for the AMS switch.
Page 279 AMS User Manual 1. Check “Enabled”. 2. Specify IP address or Hostname for TACACS+ Server. 3. Specify Authentication Port for TACACS+ Server (Default is 49). 4. Specify the Secret with TACACS+ Server. Fig. 131 AAA Configuration Parameter Description Timeout: The Timeout, which can be set to a number between 3 and 3600 seconds, is the maximum time to wait for a reply from a server.
Page 280 AMS User Manual Setting the Dead Time to a value greater than 0 (zero) will enable this feature, but only if more than one server has been configured. TACACS+ Authorization and Accounting Configuration Authorisation: Every command will be authorized by the TACACS+ server when enabled. The authorization table on the TACACS+ server is able to configure which command can be passed successfully.
Page 281 AMS User Manual IP Address/Hostname: The IP address or hostname of the RADIUS Accounting Server. IP address is expressed in dotted decimal notation. Port: The UDP port to use on the RADIUS Accounting Server. If the port is set to 0 (zero), the default port (1813) is used on the RADIUS Accounting Server.
Page 282: Radius Overview
AMS User Manual 1.3.6-2 RADIUS Overview This section is used show you an overview of the status of the RADIUS Authentication and Accounting servers. Web Interface To view the RADIUS Server overview in the web interface: 1. Click Security, AAA and RADIUS Overview. 2.
Page 283 AMS User Manual Not Ready: The server is enabled, but IP communication is not yet up and running. Ready: The server is enabled, IP communication is up and running, and the RADIUS module is ready to accept access attempts. Dead (X seconds left): Access attempts were made to this server, but it did not reply within the configured timeout.
Page 284: Radius Details
AMS User Manual 1.3.6-3 RADIUS Details This section shows you detailed information of the RADIUS Accounting and Authentication Statistics. Web Interface To view the RADIUS Detailed Information in the web interface: 1. Click Security, AAA and RADIUS Details. 2. Specify the Server you wish to view statistics for. 3.
Page 285 AMS User Manual server. The number of RADIUS Access-Reject Access radiusAuthClientExtAccessR packets (valid or invalid) received from the Rejects ejects server. The number of RADIUS Access-Challenge Access radiusAuthClientExtAccessC packets (valid or invalid) received from the Challenges hallenges server. The number of malformed RADIUS Access- Response packets received from the Malformed server.
Page 286 AMS User Manual This variable is incremented when an Access-Request is sent and decremented due to receipt of an Access-Accept, Access- Reject, Access-Challenge, timeout, or retransmission. The number of authentication timeouts to the server. After a timeout, the client may retry to the same server, send to a radiusAuthClientExtTimeou different server, or give up.
Page 287 AMS User Manual Access-Request that matched it from the RADIUS authentication server. The granularity of this measurement is 100 ms. A value of 0 ms indicates that there hasn't been round-trip communication with the server yet. RADIUS Accounting Statistics Packet Counters: RADIUS authentication server packet counter.
Page 288 AMS User Manual sions retransmitted to the RADIUS accounting server. The number of RADIUS packets destined for the server that have not yet timed out or received a response. Pending radiusAccClientExtPendingRe This variable is incremented when a Requests quests Request is sent and decremented due to receipt of a Response, timeout, or retransmission.
Page 289 AMS User Manual dead-time expires. The number of seconds left before this occurs is displayed in parentheses. This state is only reachable when more than one server is enabled. The time interval (measured in milliseconds) between the most recent Response and the Request that matched it from the RADIUS Round- radiusAccClientExtRoundTripTime...
Page 290: Port Security
AMS User Manual 1.3.7 Port Security The AMS Series switches supports a Port Security function allowing the administrator to specify the amount MAC Addresses allowed to be accessed by an individual port. 1.3.7-1 Limit Control This section is used to configure the amount of MAC Addresses allowed to by the port and you can also specify the action taken once this configured threshold has been reached Web Interface To configure the Port Security limitations via the web interface:...
Page 291 AMS User Manual Aging Enabled: If checked, secured MAC addresses are subject to aging as discussed under Aging Period. Aging Period: If Aging Enabled is checked, then the aging period is controlled with this input. If other modules are using the underlying port security for securing MAC addresses, they may have other requirements to the aging period.
Page 292 AMS User Manual Trap: If Limit + 1 MAC addresses is seen on the port, send an SNMP trap. If Aging is disabled, only one SNMP trap will be sent, but with Aging enabled, new SNMP traps will be sent every time the limit is exceeded. Shutdown: If Limit + 1 MAC addresses is seen on the port, shut down the port.
Page 293: Switch Status
AMS User Manual 1.3.7-2 Switch Status This section shows the Port Security status. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning. In this mode, frames from unknown MAC addresses are passed on to the port security module, which in turn asks all user modules whether to allow this new MAC address to forward or block it.
Page 294 AMS User Manual Abbr: A one-letter abbreviation of the user module. This is used in the Users column in the port status table. Port Status Port: The port number for which the status applies. Click the port number to see the status for this particular port.
Page 295: Port Status
AMS User Manual 1.3.7-3 Port Status This section shows the MAC addresses secured by the Port Security module. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software- based learning.
Page 296 AMS User Manual Parameter Description MAC Address and VLAN ID: The MAC address and VLAN ID that is seen on this port. If no MAC addresses are learnt, a single row stating "No MAC addresses attached" is displayed. State: Indicates whether the corresponding MAC address is blocked or forwarding. In the blocked state, it will not be allowed to transmit or receive traffic.
Page 297: Access Management
AMS User Manual 1.3.8 Access Management The AMS Series switches supports a number of methods for configuring the switch. This section is used to allow/deny specific IP Addresses from accessing HTTP/HTTPS, SNMP or Telnet/SSH access. 1.3.8-1 Configuration This section is used to configure the Access Management function of the AMS Series switch. Web Interface To configure the Access Management settings via the web interface: 1.
Page 298 AMS User Manual Delete: Check to delete the entry. It will be deleted during the next save. Start IP Address: Indicates the start IP address for the access management entry. End IP Address: Indicates the end IP address for the access management entry. HTTP/HTTPS: Indicates that the host can access the switch from HTTP/HTTPS interface if the host IP address matches the IP address range provided in the entry.
Page 299: Statistics
AMS User Manual 1.3.8-2 Statistics This section is used to view the statistics of the Access Management function of the AMS Series switch. Web Interface To view the Access Management statistics via the web interface: 1. Click Security, Access Management and Statistics. 2.
Page 300 AMS User Manual Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
Page 301: Ssh
AMS User Manual 1.3.9 SSH The AMS Series switches supports SSH access to the management interface. SSH is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication. Web Interface To enable/disable SSH via the web interface: 1.
Page 302: Https
AMS User Manual 1.3.10 HTTPS The AMS Series switches supports HTTPS access to the management interface. HTTPS is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication via the browser. Web Interface To enable/disable HTTPS via the web interface: 1.
Page 303 AMS User Manual Enabled: Enable HTTPS redirect mode operation. Disabled: Disable HTTPS redirect mode operation. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
Page 304: Auth Method
AMS User Manual 1.3.11 Auth Method The AMS Series switches support different ways of authenticating a user when logging into the management of the switch. Authentication can be done locally, via TACACS+ or via RADIUS. Web Interface To configure the Authentication Method via the web interface: 1.
Page 305 AMS User Manual Fallback: Enable fallback to local authentication by checking this box. If none of the configured authentication servers are alive, the local user database is used for authentication. This is only possible if the Authentication Method is set to a value other than 'none' or 'local'.
Page 306: Maintenance
AMS User Manual 1.4 Maintenance This chapter describes all of the switch Maintenance configuration tasks to enhance the performance of the switch, including Restart Device, Firmware upgrade, Save/Restore, Import/Export, and Diagnostics. 1.4.1 Restart Device This section explains how to restart the device. Web Interface To restart the switch via the Web Interface: 1.
Page 307: Firmware
AMS User Manual 1.4.2 Firmware This section is used to upgrade the firmware in the AMS Series switches. Firmware updates are provided periodically to provide bug fixes and features enhancements. The AMS Series switches support Dual Firmware Images, allowing the administrator to upload two firmware images into the switch.
Page 308 AMS User Manual WARNING: While the firmware is being updated, Web access appears to be defunct. The front LED flashes Green/Off with a progress. Do frequency of 10 Hz while the firmware update is in not restart or power off the device at this time or the switch may fail to function afterwards.
Page 309: Firmware Selection
AMS User Manual 1.4.2-2 Firmware Selection This section is used to switch between the latest uploaded firmware image and the previously uploaded firmware image. This page displays both firmware file details including the version number. Web Interface To select the required firmware to be used in the switch via the Web Interface: 1.
Page 310 AMS User Manual NOTE: 1. In case the active firmware image is the alternate image, only the "Active Image" table is shown. In this case, the Activate Alternate Image button is also disabled. 2. If the alternate image is active (due to a corruption of the primary image or by manual intervention), uploading a new firmware image to the device will automatically use the primary image slot and activate this.
Page 311: Save/Restore
AMS User Manual 1.4.3 Save/Restore This section is used to backup, restore, and save the configuration in the switch. 1.4.3-1 Factory Defaults This section is used to reset the switch back to its factory default settings. Web Interface To Factory Default the switch via the Web Interface: 1.
Page 312: Save Start
AMS User Manual 1.4.3-2 Save Start This section describes how to save the Switch Start configuration. Any current configuration files will be saved as XML format. This must be performed after configuration of the switch. If the Start configuration is not saved after the switch has been powered off it will revert back to previous settings.
Page 313: Save User
AMS User Manual 1.4.3-3 Save User This section describes how to save the Switch User configuration. Any current configuration files will be saved as XML format. Web Interface To Save the User Configuration in the switch via the Web Interface: 1.
Page 314: Restore User
AMS User Manual 1.4.3-4 Restore User This section describes how to restore user’s information back to the switch. Any current configuration files will be restored via XML format. Web Interface To Restore the User Configuration in the switch via the Web Interface: 1.
Page 315: Export/Import
AMS User Manual 1.4.4 Export/Import This section describes how to export and import the Switch configuration. Any current configuration files will be exported as XML format. 1.4.4-1 Export Configuration This section is used to Save / Export the currently running configuration file of the switch. Web Interface To Save the configuration file of the switch via the Web Interface: 1.
Page 316: Import Configuration
AMS User Manual 1.4.4-2 Import Configuration This section is used to Import a saved configuration file into the switch. Web Interface To Import a configuration file into the switch via the Web Interface: 1. Click Maintenance, Export/Import and Import Configuration. 2.
Page 317: Diagnostics
AMS User Manual 1.4.5 Diagnostics This section provides a set of basic system diagnosis. It lets users know whether the system is healthy or needs to be fixed. Users can also check network connectivity issues with the Ping command. The basic system check includes ICMP Ping, ICMPv6, and VeriPHY Cable Diagnostics.
Page 318 AMS User Manual Parameter Description IP Address: The destination IP Address you want to ping it. Ping Length: The payload size of the ICMP packet. Values range from 2 bytes to 1452 bytes. Ping Count: The count of the ICMP packet. Values range from 1 time to 60 times. Ping Interval: The interval of the ICMP packet.
Page 319: Ping6
AMS User Manual 1.4.5-2 Ping6 This section is used to test network connectivity issues using the Ping IPv6 command. Web Interface To test IPv6 network connectivity using the switch via the Web Interface: 1. Click Maintenance, Diagnostics and Ping. 2. Enter the IP Address of the device you are trying to communicate with. 3.
Page 320: Veriphy
AMS User Manual 1.4.5-3 VeriPHY This section is used for running the VeriPHY Cable Diagnostics. Press to run the diagnostics. This will take approximately 5 seconds. If all ports are selected, this can take approximately 15 seconds. When completed, the page refreshes automatically, and you can view the cable diagnostics results in the cable status table.
Page 321: Specifications
AMS User Manual 2. Specifications AMS Series Model 10T2SFP 24T6SFP 48T4SFP 24T4S4SFP 48T4S4SFP 4T24S4SFP Interface Total Ports, comprising 10x GbE 26x GbE 48x GbE 28x GbE 52x GbE 28x GbE UTP (10/100/1000Mbps) UTP/(100M/1G) SFP SFP (100M/1G) SFP+ (1G/10G) General Jumbo Frames 9Kb on Gigabit Interfaces MAC Table Performance...
Page 322 AMS User Manual Works with DHCP Option 82 IGMP Snooping V1, V2 and v3 . Supports 1024 Multicast Groups IGMP Querier Supported IGMP Proxy Supported MLD Snooping v1 and v2 Security v1 and v2 are supported Supported IEEE 802.1x IEEE802.1x: RADIUS authentication, authorisation and accounting, MD5 hash, guest VLAN, single/multiple host mode and single/multiple sessions.
Page 323 AMS User Manual based on DSCP and class of service (802.1p/ CoS) Classification Port based; 802.1p VLAN priority based; IPv4/IPv6 precedence/ type of service (ToS) / DSCP based; Differentiated Services (DiffServ); classification and re-marking ACLs, trusted QoS Rate Limiting Ingress policer; egress shaping and rate control; per VLAN, per port and flow based IPv6 applications Web/SSL, Telnet/SSH, Ping, Simple Network Time Protocol (SNTP), Trivial...
Page 324 AMS User Manual IEEE 802.3ah Ethernet Simple link fault management (LFM) for Ethernet as defined in IEEE 802.3ah (MAC Layer OAM) IEEE 802.1ag Ethernet IEEE 802.1ag Ethernet CFM function that provides connectivity fault management Syn-E and IEEE1588v2 Both IEEE 1588v2 and ITU-T Sync-E Ethernet synchronization protocols, and can emulate link OAM and service OAM protocols (by request).

This manual is also suitable for:

Ams-26t6sfp Ams-4t24s4sp Ams-48t4sfp Ams-24t4s4sp Ams-48t4s4sp

Alloy AMS-10T2SFP User Manual

About this Guide

Compliances and Safety Statements

Introduction

Overview

1 Operation of the Web-Based Management

1.1.4 Ip _______________________________________________________________________24

2 Specifications

Quick Links

User Manual

Need help?

Questions and answers

Related Manuals for Alloy AMS-10T2SFP

Summary of Contents for Alloy AMS-10T2SFP