Download Print this page

Interlogix IFS NS3601-24P User Manual

24-port gigabit ethernet switches

Table Of Contents

Table of Contents

Advertisement

Quick Links

IFS NS3601-24P/4S

GE-DSSG-244

GE-DSSG-244-POE

User Manual

P/N 1072570 • REV 00.10 • ISS 13JUN13

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the IFS NS3601-24P and is the answer not in the manual?

Questions and answers

Summary of Contents for Interlogix IFS NS3601-24P

Page 1: User Manual
IFS NS3601-24P/4S GE-DSSG-244 GE-DSSG-244-POE User Manual P/N 1072570 • REV 00.10 • ISS 13JUN13...
Page 2 Copyright © 2013 UTC Fire & Security Americas Corporation, Inc. Interlogix is part of UTC Climate Controls & Security, a unit of United Technologies Corporation. All rights reserved. The IFS NS3601-24P/4S GE-DSSG-244 GE-DSSG-244-POE and logo Trademarks and patents are trademarks of United Technologies.
Page 3: Table Of Contents
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual TABLE OF CONTENTS I FS NS3601-24P/4S GE-DSSG-244 GE-DSSG-244-POE USER MANUAL ....1 T ABLE OF CONTENTS ....................1 I NTRODUCTION ......................7 P acket Contents ............................7 P roduct Description ..........................9 H ow to Use This Manual ......................... 11 P roduct Features.............................
Page 4 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual U sers Privilege Levels ........................49 N TP Configuration ..........................51 U PnP Configuration ..........................51 D HCP Relay............................53 D HCP Relay Statistics ........................55 C PU Load ............................56 S ystem Log ............................57 D etailed Log............................
Page 5 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual V LAN Membership Configuration ....................... 99 V LAN Membership Status for User Static..................100 V LAN Port Status for User Static...................... 101 P ort Isolation Configuration ......................102 P rivate VLAN Membership Configuration ..................105 V LAN setting example: ........................
Page 6 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual A CE Configuration ..........................164 A CL Ports Configuration ........................169 A CL Rate Limiter Configuration ......................171 U nderstanding IEEE 802.1X Port-Based Authentication..............173 A uthentication Configuration......................175 N etwork Access Server Configuration ....................176 N etwork Access Overview ........................
Page 7 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual N eighbor ............................236 P ort Statistics ............................ 237 N etwork Diagnostics..........................239 P ing ..............................239 I Pv6 Ping............................240 R emote IP Ping Test......................... 241 C able Diagnostics ..........................242 P ower over Ethernet (GE-DSSG-244-POE / NS3601-24P/4S) ............243 P ower over Ethernet Powered Device....................
Page 8 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Q uality of Service Command ....................... 363 M irror Command............................ 369 C onfiguration Command ........................370 F irmware Command..........................371 U PnP Command ............................ 371 M VR Command ............................372 V oice VLAN Command ......................... 375 S MTP Command ............................
Page 9: Introduction
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual INTRODUCTION The IFS Layer 2 Managed Gigabit Switch series NS3601-24P/4S, GE-DSSG-244, and GE-DSSG-244-POE are 24-port Gigabit Ethernet Switches with SFP fiber ports and robust layer 2 features. The description of these models is shown below:...
Page 11: Product Description
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Product Description Cost-effective IPv6 Managed Gigabit Switch solution for SMB Nowadays, lots of electronic products or mobile devices can browse the Internet, which means the need of IP Address increases. However, the current IPv4 network infrastructure is not capable enough to provide IP Address to each single users/Clients. The situation forces the ISP to build up the IPv6 (Internet Protocol version 6) network infrastructure speedily.
Page 12 Efficient Management For efficient management, the series of Managed Switch is equipped with console, WEB and SNMP management interfaces. With its built-in Web-based management, it offers an easy-to-use, platform-independent management and configuration facility. The Managed Switch supports standard Simple Network Management Protocol (SNMP) and can be managed via any standard-based management software.
Page 13: How To Use This Manual
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual How to Use This Manual This User Manual is structured as follows: Section 2, INSTALLATION The section explains the functions of the Switch and how to physically install the Managed Switch. Section 3, SWITCH MANAGEMENT The section contains the information about the software function of the Managed Switch.
Page 14: Product Features
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Product Features Physical Port NS3601-24P/4S / GE-DSSG-244-POE 24-Port 10/100/1000Base-T Gigabit Ethernet RJ-45 with IEEE 802.3af PoE Injector 4 100/1000Base-X SFP slots, shared with Port-21 to Port-24 RS-232 DB9 console interface for Switch basic management and setup...
Page 15 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual ■ DSCP remarking Multicast ■ Supports IGMP Snooping v1, v2 and v3 ■ Querier mode support ■ IGMP Snooping port filtering ■ Multicast VLAN Registration (MVR) support Security ■ IEEE 802.1x Port-Based / MAC-Based network access authentication ■...
Page 16: Product Specification
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Product Specification IFS Stackable Fiber Switch Product GE-DSSG-244 Hardware Specification 8 10/ 100/1000Base-T RJ-45 Auto-MDI/MDI-X ports, shared with Port-1~Port-8 Copper Ports 24 100/1000Base-X Dual Speed SFP interfaces SFP/mini-GBIC Slots 1 x RS-232 DB9 serial port (115200, 8, N, 1)
Page 17 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual IP-Based ACL / MAC-Based ACL Access Control List Up to 256 entries RFC-1213 MIB-II IF-MIB RFC-1493 Bridge MIB RFC-1643 Ethernet MIB RFC-2863 Interface MIB RFC-2665 Ether-Like MIB RFC-2737 Entity MIB SNMP MIBs RFC-2618 RADIUS Client MIB...
Page 18 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual 6KV DC ESD Protection Power over Ethernet IEEE 802.3af PoE / PSE PoE Standard End-Span PoE Power Supply Type Per Port 48V DC. PoE Power Output Max. 15.4 watts 1/2(+), 3/6(-) Power Pin Assignment...
Page 19 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual IEEE 802.3 10Base-T IEEE 802.3u 100Base-TX/100Base-FX IEEE 802.3z Gigabit SX/LX IEEE 802.3ab Gigabit 1000T IEEE 802.3x Flow Control and Back pressure IEEE 802.3ad Port trunk with LACP IEEE 802.1d Spanning tree protocol IEEE 802.1w Rapid spanning tree protocol IEEE 802.1s Multiple spanning tree protocol...
Page 20: Installation
Switches. GE-DSSG-244 Front Panel Figure 2-1 GE-DSSG-244 front panel. IFS NS3601-24P/4S / GE-DSSG-244-POE Front Panel Figure 2-2 IFS NS3601-24P/4S / GE-DSSG-244-POE front panel. ■ Gigabit TP interface 10/100/1000Base-T Copper, RJ-45 Twist-Pair: Up to 100 meters. ■ Gigabit SFP slots 1000Base-SX/LX mini-GBIC slot, SFP (Small Factor Pluggable) transceiver module: From 550 meters (Multi-mode fiber), up to 10/30/5060//70 kilometers (Single-mode fiber).
Page 21 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual ■ Reset button On the left hand side of the front panel, the reset button is designed for rebooting the Managed Switch without a power cycle. The following is the summary table of Reset button...
Page 22: Led Indications
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual LED Indications The front panel LEDs indicates instant status of port links, data activity and system power; helps monitor and troubleshoot when needed. Figure 2-3 & Figure 2-4 shows the LED indications of these Managed Switches.
Page 23 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Per 10/100/1000Base-T port / SFP interfaces Color Function Illuminates: To indicate the link through that port is successfully established with speed 1000Mbps. To indicate that the Switch is actively sending or receiving data over that port.
Page 24: Switch Rear Panel
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual ■ 10/100/1000Base-T interfaces (Shared Port-1~Port-8) Color Function illuminates: To indicate the link through that port is successfully established with speed 1000Mbps 1000 To indicate that the switch is actively sending or receiving data over that...
Page 25: Install The Switch
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual NS3601-24P/4S / GE-DSSG-244-POE Rear Panel Figure 2-6 Rear panel of NS3601-24P/4SP and GE-DSSG-244-POE ■ AC Power Receptacle For compatibility with electric service in most areas of the world, the Managed Switch’s power supply automatically adjusts to line power in the range 100-240VAC and 50/60 Hz.
Page 26 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 2-7 Place the Managed Switch on the desktop Keep enough ventilation space between the Managed Switch and the surrounding objects. Step3: When choosing a location, please keep in mind the environmental restrictions discussed in Chapter 1, Section 5 Product Specification.
Page 27: Rack Mounting
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Supply power to the Managed Switch. Step5: Connect one end of the power cable to the Managed Switch. Connect the power plug of the power cable to a standard wall outlet. When the Managed Switch receives power, the Power LED should remain solid Green.
Page 28: Installing The Sfp Transceiver
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 2-8 Mounting IFS-24040 in a Rack Step6: Proceeds with the steps 4 and steps 5 of session 2.2.1 Desktop Installation to connect the network cabling and supply power to the Managed Switch.
Page 29 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual 1000Base-SX/LX SFP transceiver: We recommend using IFS SFPs on the Managed Switch. If you insert a SFP transceiver that is not supported, the Managed Switch will not recognize it. Before connecting the other switches, workstation or Media Converter: Make sure both sides use the same SFP transceiver, for example: 1000Base-SX to 1000Base-SX, 1000Base-LX to 1000Base-LX.
Page 30: Stack Installation
IP address. And up to 384 Gigabit Ethernet ports can be managed by a stacking group and you can add ports and functionality as needed. You can add IFS NS3601-24P/4S and GE-DSSG-244 series switches as needed to support more network clients, knowing that your switching fabric will scale to meet increasing traffic demands.
Page 31: Connecting Stacking Cable
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 2-12 Ring Stack topology Connecting Stacking cable Before attempting to connect stacking ports, verify that you have the required stack cables. The following cables are used to connect stacked switches: • NS-CBL-50: 50cm, Short stack cable –used to connect adjacent IFS switches.
Page 32: Management Stacking
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The stack port is for management and data packets to be transmitted between other IFS stackable switches, the stack ports can’t be configured with Layer 2 features via management interface. STEP-4: Power up the stack switches.
Page 33 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual It’s allow to build a stack of up to 16 IFS Switches. If there is the space limitation or power issue and you wish to stack all the switches in different racks, use long stack cables “NS-CBL-200” to connect two stacks.
Page 34: Switch Management
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (workstation or personal computer) and the system.
Page 35: Management Access Overview
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods: An administration console Web browser interface An external SNMP-based network management application The administration console and Web browser interface support are embedded in the Managed Switch software and are available for immediate use.
Page 36: Web Management
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 3-2 Terminal parameter settings You can change these settings, if desired, after you log on. This management method is often preferred because you can remain connected and monitor the system during system reboots. Also, certain error messages are sent to the serial port, regardless of the interface through which the associated action was initiated.
Page 37: Snmp-Based Network Management
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 3-4 Web main screen of Managed Switch SNMP-Based Network Management You can use an external SNMP-based application to configure and manage the Managed Switch, such as SNMPc Network Manager, HP Openview Network Node Management (NNM) or What’s Up Gold. This management method requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string.
Page 38 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual...
Page 39: Web Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual WEB CONFIGURATION This section introduces the configuration and functions of the Web-Based management. About Web-based Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer.
Page 40 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Logging on the switch Use Internet Explorer 7.0 or above Web browser. Enter the factory-default IP address to access the Web interface. The factory-default IP Address as following: http://192.168.0.100 When the following login screen appears, please enter the default username "admin" with password “admin” (or the username/password you have changed via console) to login the main screen of Managed Switch.
Page 41 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-1-3 Default main page Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by Web interface. The Switch Menu on the left of the web page lets you access all the commands and statistics the Managed Switch provides.
Page 42: Main Web Page
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Main Web Page The IFS Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed Switch’s Web browser interface to configure and manage it.
Page 43 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-1-5 IFS Managed Switch Main Functions Menu...
Page 44: System
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual System Use the System menu items to display and configure basic administrative details of the Managed Switch. Under System the following topics are provided to configure and view the system information: This section has the following items: The switch system information is provided here.
Page 45: System Information
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual System Information The System Info page provides information for the current device information. System Info page helps a switch administrator to identify the hardware MAC address, software version and system uptime. The screen is shown Figure 4-2-1.
Page 46: Ip Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual : Click to refresh the page; any changes made locally will be undone. IP Configuration The IP Configuration includes the IP Address, Subnet Mask and Gateway. The Configured column is used to view or change the IP configuration.
Page 47: Ipv6 Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual : Click to undo any changes made locally and revert to previously saved values. IPv6 Configuration Configure the switch-managed IPv6 information on this page. The Configured column is used to view or change the IPv6 configuration. The Current column is used to show the active IPv6 configuration.
Page 48: Users Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Users Configuration It is allowed to configure the Managed Switch to authenticate users logging into the system for management access using local or remote authentication methods, such as telnet and Web browser. This Managed Switch provides secure network management...
Page 49 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-2-5 Add / Edit User Configuration page screenshot The page includes the following fields: Object Description • Username The name identifying the user. • Password The password of the user. • Password (again) Confirm the password of the user.
Page 50 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-2-6 User Configuration page screenshot After change the default password, if you forget the password, press the “Reset” button in the front panel of the Managed Switch over 10 seconds and then release. The current settings...
Page 51: Users Privilege Levels
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Users Privilege Levels In addition to the local user account management as configured in “User Configuration”, the Managed Switch allowed to use a remote access authentication server based on RADIUS or TACACS+ protocols.
Page 52 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • Group Name The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contains more than one.
Page 53: Ntp Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual NTP Configuration Configure NTP on this page. NTP is an acronym for Network Time Protocol, a network protocol for synchronizing the clocks of computer systems. NTP uses UDP (data grams) as transport layer. You can specify NTP Servers and set GMT Time zone. The NTP Configuration screen is...
Page 54 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-2-9 UPnP Configuration page screenshot The page includes the following fields: Object Description • Mode Indicates the UPnP operation mode. Possible modes are: Enabled: Enable UPnP mode operation. Disabled: Disable UPnP mode operation.
Page 55: Dhcp Relay
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. Figure 4-2-10 UPnP devices shows on Windows My Network Places DHCP Relay Configure DHCP Relay on this page. DHCP Relay is used to forward and to transfer DHCP messages between the clients and the server when they are not on the same subnet domain.
Page 56 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-2-11 DHCP Relay Configuration page screenshot The page includes the following fields: Object Description • Relay Mode Indicates the DHCP relay mode operation. Possible modes are: Enabled: Enable DHCP relay mode operation. When enable DHCP relay mode operation, the agent forward and to transfer DHCP messages between the clients and the server when they are not on the same subnet domain.
Page 57: Dhcp Relay Statistics
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual DHCP Relay Statistics This page provides statistics for DHCP relay. The DHCP Relay Statistics screen is shown Figure 4-2-12. Figure 4-2-12 DHCP Relay Statistics page screenshot The page includes the following fields: Server Statistics...
Page 58: Cpu Load
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. : Click to refresh the page; any changes made locally will be undone. : Clear all statistics.
Page 59: System Log
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual System Log The switch system log information is provided here. The System Log screen is shown Figure 4-2-14. Figure 4-2-14 System Log page screenshot The page includes the following fields: Object Description • ID The ID (>= 1) of the system log entry.
Page 60: Detailed Log
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Detailed Log The switch system detailed log information is provided here. The Detailed Log screen is shown Figure 4-2-15. Figure 4-2-15 Detailed Log page screenshot The page includs the following fields: Object Description •...
Page 61 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-2-16 Remote Syslog page screenshot The page includes the following fields: Object Description • Mode Indicates the remote syslog mode operation. Possible modes are: Enabled: Enable remote syslog mode operation. Disabled: Disable remote syslog mode operation.
Page 62: Smtp Configure
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual SMTP Configure This page facilitates a SMTP Configure the switch. The SMTP Configure screen is shown Figure 4-2-17. Figure 4-2-17 SMTP Configuration page screenshot The page includes the following fields: Object Description • SMTP Mode Controls whether SMTP is enabled on this switch.
Page 63: Web Firmware Upgrade
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Send a test mail to mail server to check this account is available or not. : Click to save changes. : Click to undo any changes made locally and revert to previously saved values.
Page 64: Tftp Firmware Upgrade
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual TFTP Firmware Upgrade The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server in the network. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP server. The...
Page 65 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual and this section must include the correct platform ID and version. The global section is optional and includes configuration which is not related to specific switch ports. The switch section is optional and includes configuration which is related to specific switch ports.
Page 66: Configuration Upload
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-2-23 File save screen Configuration Upload This function allows backup and reload the current configuration of the Managed Switch to the local management station. The Configuration Upload screen is shown Figure 4-2-24.
Page 67 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-2-25 Windows file selection menu popup Select on the configuration file then click “ ”, the bottom of the browser shows the upload status. After the upload process is complete, the main screen displays “Transfer Completed”.
Page 68: Factory Default
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Factory Default You can reset the configuration of the stack switch on this page. Only the IP configuration is retained. The new configuration is available immediately, which means that no restart is necessary. The Factory Default screen is shown Figure 4-2-26.
Page 69: System Reboot
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual System Reboot The Reboot page enables the device to be rebooted from a remote location. Once the Reboot button is pressed, user have to re-login the WEB interface about 60 seconds later. The System Reboot screen is shown in Figure 4-2-27.
Page 70: Snmp System Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The system information is provides here. System Information Configure SNMP trap on this page. Trap Configuration Configure SNMPv3 communities table on this page. SNMPv3 Communities Configure SNMPv3 users table on this page. SNMPv3 Users Configure SNMPv3 groups table on this page.
Page 71: Snmp System Information Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual SNMP System Information Configuration The switch system information is provided here. The System Information Configuration screen is shown Figure 4-3-2. Figure 4-3-2 System Information Configuration page screenshot The page includes the following fields:...
Page 72 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-3-3 SNMP Trap Configuration page screenshot The page includes the following fields: Object Description • Indicates the SNMP trap mode operation. Possible modes are: Trap Mode Enabled: Enable SNMP trap mode operation.
Page 73: Snmpv3 Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. SNMPv3 Configuration SNMPv3 Communities Configuration Configure SNMPv3 communities table on this page. The entry index key is Community. The SNMPv3 Communities Configuration...
Page 74: Snmpv3 Users Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual SNMPv3 Users Configuration Configure SNMPv3 users table on this page. The entry index key are Engine ID and User Name. The SNMPv3 Users Configuration screen is shown Figure 4-3-5. Figure 4-3-5 SNMPv3 Users Configuration page screenshot...
Page 75: Snmpv3 Groups Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual SNMPv3 Groups Configuration Configure SNMPv3 groups table on this page. The entry index keys are Security Model and Security Name. The SNMPv3 Groups Configuration screen is shown Figure 4-3-6. Figure 4-3-6 SNMPv3 Groups Configuration page screenshot...
Page 76: Snmpv3 Accesses Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • Check to delete the entry. It will be deleted during the next save. Delete • A string identifying the view name that this entry should belong to. The allowed...
Page 77: Port Management
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Auth, NoPriv: Authentication and none privacy. Auth, Priv: Authentication and privacy. • The name of the MIB view defining the MIB objects for which this request may Read View Name request the current values. The allowed string length is 1 to 32, and the allowed content is the ASCII characters from 33 to 126.
Page 78 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-4-1 Port Configuration page screenshot The page includes the following fields: Object Description • This is the logical port number for this row. Port • Description Indicates the per port description. •...
Page 79: Port Statistics Overview
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • When Auto Speed is selected for a port, this section indicates the flow control Flow Control capability that is advertised to the link partner. When a fixed-speed setting is selected, that is what is used.
Page 80 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-4-2 Port Statistics Overview page screenshot The displayed counters are: Object Description • The logical port for the settings contained in the same row. Port • The number of received and transmitted packets per port.
Page 81: Port Statistics Detail
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Download the port statistics overview. : Click to refresh the page immediately. : Clears the counters for all ports. : Print out the port statistics overview. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals.
Page 82: Sfp Module Information
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Receive and Transmit Size Counters The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes. Receive and Transmit Queue Counters The number of received and transmitted packets per input and output queue.
Page 83 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-4-4 SFP Module Information for Switch page screenshot The page includes the following fields: Object Description • Type Display the type of current SFP module, the possible types are: 1000Base-SX 1000Base-LX 100Base-FX •...
Page 84: Port Mirroring Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Port Mirroring Configuration Configure port Mirroring on this page. This function provide to monitoring network traffic that forwards a copy of each incoming or outgoing packet from one port of a network Switch to another port where the packet can be studied. It enables the manager to keep close track of switch performance and alter it if necessary.
Page 85 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Mirror Port Configuration The Port Mirror Configuration screen is shown Figure 4-4-6. Figure 4-4-6 Port Mirror Configuration page screenshot...
Page 86: Link Aggregation
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • Port to mirror to Frames from ports that have either source or destination mirroring enabled are mirrored to this port. Disabled option disables mirroring.
Page 87 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-5-1 Link Aggregation The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems that require high speed redundant links. Link aggregation lets you group up to eight consecutive ports into a single dedicated connection.
Page 88: Static Aggregation Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Destination MAC • Source and destination IPv4 address. • Source and destination TCP/UDP ports for IPv4 packets Normally, all 5 contributions to the aggregation code should be enabled to obtain the best traffic distribution among the link aggregation member ports.
Page 89: Lacp Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-5-3 Aggregation Group Configuration page screenshot The page includes the following fields: .Object Description • Indicates the aggregation group type. This field is only valid for stackable Locality switches. Global: The group members may reside on different units in the stack. The device supports two 8-port global aggregations.
Page 90 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-5-4 LACP Port Configuration page screenshot The page includes the following fields: Object Description • The switch port number. Port • Controls whether LACP is enabled on this switch port. LACP will form an LACP Enabled aggregation when 2 or more ports are connected to the same partner.
Page 91: Lacp System Status
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual same Key value can participate in the same aggregation group, while ports with different keys cannot. The default setting is “Auto” • The Role shows the LACP activity status. The Active will transmit LACP packets...
Page 92 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-5-6 LACP Port Status page screenshot The page includes the following fields: Object Description • The switch port number. Port • 'Yes' means that LACP is enabled and the port link is up. 'No' means that LACP is LACP not enabled or that the port link is down.
Page 93: Lacp Port Statistics
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual LACP Port Statistics This page provides an overview for LACP statistics for all ports. The LACP statistics screen is shown Figure 4-5-7. Figure 4-5-7 LACP Port statistics page screenshot The page includes the following fields:...
Page 94: Lan
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual VLAN VLAN Overview A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN.
Page 95: Q Vlan Tags
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual VLAN allow a network to be segmented in order to reduce the size of broadcast domains. All packets entering a VLAN will only be forwarded to the stations (over IEEE 802.1Q enabled switches) that are members of that VLAN, and this includes broadcast, multicast and unicast packets from unknown sources.
Page 96: Lan Basic Information
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLAN to span network devices (and indeed, the entire network – if all network devices are 802.1Q compliant).
Page 97: Lan Port Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-6-1 VLAN Basic Information page screenshot The page includes the following fields: Object Description • Mode Display the current VLAN mode used by this Managed Switch Port-Based IEEE 802.1Q VLAN • Maximum VLAN ID Maximum VLAN ID recognized by this Managed Switch.
Page 98 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Frame Income Income Frame is tagged Income Frame is untagged Frame Leave Leave port is tagged Frame remains tagged Tag is inserted Leave port is untagged Tag is removed Frame remain untagged Table 4-6-1 Ingress/Egress port with VLAN VID Tag/Untag table ■...
Page 99 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual VLAN Port Configuration The VLAN Port Configuration screen is shown Figure 4-6-2. Figure 4-6-2 VLAN Port Configuration page screenshot...
Page 100 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • This is the logical port number for this row. Port • PVID Allow assign PVID for selected port. The range for the PVID is 1-4094.
Page 101: Lan Membership Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual VLAN Membership Configuration Adding Static Members to VLANs (VLAN Index) Use the VLAN Static Table to configure port members for the selected VLAN index. The VLAN membership configuration for the selected stack switch / unit switch can be monitored and modified here. Up to 255 VLANs are supported. This page allows for adding and deleting VLANs as well as adding and deleting port members of each VLAN.
Page 102: Lan Membership Status For User Static
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual : Updates the table starting from the first entry in the VLAN Table, i.e. the entry with the lowest VLAN ID. : Updates the table, starting with the entry after the last entry currently displayed.
Page 103: Lan Port Status For User Static
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual VLAN Port Status for User Static This page provides VLAN Port Staus. The VLAN Port Status for User Static screen is shown Figure 4-6-5. Figure 4-6-5 VLAN Port Status for User Static page screenshot...
Page 104: Port Isolation Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • UVID Shows UVID (untagged VLAN ID). Port's UVID determines the packet's behavior at the egress side. • Conflicts Shows status of Conflicts whether exists or Not. When a Volatile VLAN User requests to set VLAN membership or VLAN port configuration, the following conflicts can occur: Functional Conflicts between feature.
Page 105 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual For private VLANs to be applied, the switch must first be configured for standard VLAN operation When this is in place, one or more of the configured VLANs can be configured as private VLANs. Ports in a private VLAN fall into one of these two groups: Promiscuous ports —...
Page 106 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-6-6 Port Isolation Configuration page screenshot The page includes the following fields: Object Description • Port The switch interface. • PVLAN Port Type Displays private VLAN port types. - Isolated: A single stand-alone VLAN that contains one promiscuous port and one or more isolated (or host) ports.
Page 107: Private Vlan Membership Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Private VLAN Membership Configuration In this menu the Private VLAN membership configurations for the switch can be monitored and modified here, private VLANs can be added or deleted, and port members of each Private VLAN can be added or removed here.
Page 108: Lan Setting Example
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual VLAN setting example: - Separate VLAN - 802.1Q VLAN Trunk - Port Isolate Two separate 802.1Q VLAN The diagram shows how the Managed Switch handle Tagged and Untagged traffic flow for two VLANs. VLAN Group 2 and VLAN Group 3 are separated VLAN.
Page 109 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Untagged packet entering VLAN 3 While [PC-4] transmit an untagged packet enters Port-4, the switch will tag it with a VLAN Tag=3. [PC-5] and [PC-6] will received the packet through Port-5 and Port-6.
Page 110 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The Per Port VLAN configuration in Figure 4-6-10. Figure 4-6-10 Port 1-Port 6 VLAN Configuration...
Page 111 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual VLAN Trunking between two 802.1Q aware switch The most cases are used for “Uplink” to other switches. VLANs are separated at different switches, but they need to access with other switches within the same VLAN group. The screen is shown Figure 4-6-11.
Page 112: Port Isolate
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Assign the VLAN Trunk Port to be the member of each VLAN – which wants to be aggregated. At this sample, add Port-8 to be VLAN 2 and VLAN 3 member port. The screen is shown Figure 4-6-12.
Page 113 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Setup steps Assign Port Mode Set Port-1~Port-4 in Isolate port. Set Port-5 and Port-6 in Promiscuous port. The screen is shown Figure 4-6-15.
Page 114 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-6-15 The configuration of Isolate and Promiscuous port Assign VLAN Member : VLAN 1 : Port-1,Port-2 ,Port-5 and Port-6 VLAN 2 : Port-3~Port-6. The screen is shown Figure 4-6-16. Figure 4-6-16 Private VLAN port setting...
Page 115: Spanning Tree Protocol
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Spanning Tree Protocol Theory The Spanning Tree protocol can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
Page 116 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual network topology to stabilize after a topology change. In addition, STP specifies a series of states a port must transition through to further ensure that a stable network topology is created after a topology change.
Page 117 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual 2. STP Parameters STP Operation Levels The Switch allows for two levels of operation: the switch level and the port level. The switch level forms a spanning tree consisting of links between one or more switches. The port level constructs a spanning tree consisting of groups of one or more ports. The STP operates in much the same way for both levels.
Page 118 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration error will occur. Max. Age – The Max Age can be from 6 to 40 seconds. At the end of the Max Age, if a BPDU has still not been received from the Root Bridge, your Switch will start sending its own BPDU to all other Switches for permission to become the Root Bridge.
Page 119 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-7-5 Before Applying the STA Rules In this example, only the default STP values are used. Figure 4-7-6 After Applying the STA Rules The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost...
Page 120: Stp Bridge Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual between switches B and C. The two (optional) Gigabit ports (default port cost = 20,000) on switch A are connected to one (optional) Gigabit port on both switch B and C. The redundant link between switch B and C is deliberately chosen as a 100 Mbps Fast Ethernet link (default port cost = 200,000).
Page 121: Bridge Status
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • The maximum age of the information transmitted by the Bridge when it is the Max Age Root Bridge. Valid values are in the range 6 to 200 seconds. -Default: -Minimum: The higher of 6 or [2 x (Hello Time + 1)].
Page 122: Cist Port Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Object Description • The Bridge Instance. This is also a link to the STP Detailed Bridge Status. MSTI • The Bridge ID of this Bridge instance. Bridge ID • The Bridge ID of the currently elected root bridge.
Page 123 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-7-9 STP CIST Port Configuration page screenshot The page includes the following fields: Object Description • The switch port number of the logical STP port. Port • Controls whether RSTP is enabled on this switch port.
Page 124 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Controls the path cost incurred by the port. The Auto setting will set the path cost Path Cost as appropriate by the physical link speed, using the 802.1D recommended values. Using the Specific setting, a user-defined value can be entered. The path cost is used when establishing the active topology of the network.
Page 125: Msti Priorities
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Port Type Link Type IEEE 802.1D-1998 IEEE 802.1w-2001 Half Duplex 2,000,000 Ethernet Full Duplex 1,999,999 Trunk 1,000,000 Half Duplex 200,000 Fast Ethernet Full Duplex 100,000 Trunk 50,000 Full Duplex 10,000 Gigabit Ethernet Trunk...
Page 126: Msti Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. MSTI Configuration This page allows the user to inspect the current STP MSTI bridge instance priority configurations, and possibly change them as well.
Page 127: Msti Ports Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Configuration Revision The revision of the MSTI configuration named above. This must be an integer between 0 and 65535. MSTI Mapping Object Description • MSTI The bridge instance. The CIST is not available for explicit mapping, as it will receive the VLANs not explicitly mapped.
Page 128 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-7-13 MST1 MSTI Port Configuration page screenshot...
Page 129: Port Status
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: MSTx MSTI Port Configuration Object Description • Port The switch port number of the corresponding STP CIST (and MSTI) port. • Path Cost Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended...
Page 130: Port Statistics
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • The switch port number of the logical STP port. Port • The current STP port role of the ICST port. The port role can be one of...
Page 131: Multicast
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • The switch port number of the logical RSTP port. Port • The number of RSTP Configuration BPDU's received/transmitted on the port. RSTP • The number of legacy STP Configuration BPDU's received/transmitted on the port.
Page 132 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-8-1 Multicast Service...
Page 133 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-8-2 Multicast flooding Figure 4-8-3 IGMP Snooping multicast stream control IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time. IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group.
Page 134 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual following outlines what is communicated between a multicast router and a multicast group member using IGMP. A host sends an IGMP “report” to join a group A host will never send a report when it wants to leave a group (for version 1).
Page 135: Igmp Snooping Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual IGMP Snooping Configuration This page provides IGMP Snooping related configuration. Most of the settings are global, whereas the Router Port configuration is related to the currently selected stack unit, as reflected by the page header. The IGMP Snooping Configuration screen is shown Figure 4-8-5.
Page 136 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-8-6 IGMP Port Related Configuration page screenshot...
Page 137: Lan Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • Specify which ports act as IGMP router ports. A router port is a port on the Router Port Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier.
Page 138: Port Group Filtering
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-8-7 IGMP Snooping VLAN Configuration page screenshot The page includes the following fields: Object Description • The VLAN ID of the entry. VLAN ID • IGMP Snooping Enable Enable the per-VLAN IGMP Snooping. Only up to 64 VLANs can be selected.
Page 139: Igmp Snooping Status
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-8-8 IGMP Snooping Port Group Filtering Configuration page screenshot The page includes the following fields: Object Description • Check to delete the entry. It will be deleted during the next save. Delete •...
Page 140 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-8-9 IGMP Snooping Status page screenshot The page includes the following fields: Object Description • The VLAN ID of the entry. VLAN ID • The present IGMP groups. Max. are 128 groups for each VLAN.
Page 141: Mvr Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual : Click to refresh the page immediately. : Clears all Statistics counters. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. MVR Configuration In multicast VLAN networks, subscribers to a multicast group can exist in more than one VLAN. If the VLAN boundary restrictions in...
Page 142 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-8-10 MVR Configuration page screenshot...
Page 143: Mvr Status
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • MVR Mode Enable/Disable the Global MVR. • VLAN ID Specify the Multicast VLAN ID. • Mode Enable MVR on the port. • Type Specify the MVR port type on the port.
Page 144: Quality Of Service
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to refresh the page immediately. : Clears all Statistics counters. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. Quality of Service Understand QOS Quality of Service (QoS) is an advanced traffic prioritization feature that allows you to establish control over network traffic.
Page 145: Set Up Policy Rules
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-9-1 Welcome to the QCL Configuration Wizard page screenshot The page includes the following fields: Object Description • Group ports into several types according to different QCL policies. Set up Port Policies •...
Page 146 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-9-2 Set up Policy Rules page screenshot The page includes the following fields: Object Description • Frames that hit this QCE are set to match this specific QCL. QCL ID • A row of radio buttons for each port is displayed for each QCL ID. To include a Port Members port in a QCL member, click the radio button.
Page 147: Set Up Typical Network Application Rules
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to start the wizard again. : Click to get more information. Set up Typical Network Application Rules Set up the specific QCL for different typical network application quality control. STEP-1...
Page 148 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Indicates the common games that apply to the specific QCE. Games • Indicates the user definition that applies to the specific QCE. The user definitions User Definition are: Ethernet Type: Specify the Ethernet Type filter for this QCE. The allowed range is 0x600 to 0xFFFF.
Page 149: Set Up Tos Precedence Mapping
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to cancel the wizard. : Click to go back to the previous wizard step. : Click to continue the wizard. Set up ToS Precedence Mapping Set up the traffic class mapping to the precedence part of ToS (3 bits) when receiving IPv4/IPv6 packets. The Set up ToS...
Page 150: Set Up Vlan Tag Priority Mapping
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Set up VLAN Tag Priority Mapping Set up the traffic class mapping to the User Priority value (3 bits) when receiving VLAN tagged packets. The Set up VLAN Tag Priority Mapping screen is shown Figure 4-9-6.
Page 151: Qos Control List Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual QoS Control List Configuration This page lists the QCEs for a given QCL. Frames can be classified by 4 different QoS classes: Low, Normal, Medium, and High. The classification is controlled by a QoS assigned to each port.
Page 152: Qos Control Entry Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual VLAN ID: The field shows the VLAN ID. TCP/UDP Port: The field shows the TCP/UDP port range. DSCP: The field shows the IPv4/IPv6 DSCP value. • The QoS class associated with the QCE.
Page 153: Port Qos Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual number. The port range allowed is from 0 to 65535. DSCP: The allowed range is 0 to 63. ToS or Tag Priority do not have type value settings. • Select a traffic class of Low, Normal, Medium, or High to apply to the QCE.
Page 154 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-9-9 Port QoS Configuration page screenshot The page includes the following fields: Object Description • Number of Classes Configure the number of traffic classes as "1", "2", or "4". The default value is "4".
Page 155: Bandwidth Control
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Configure the default QoS class for the port, that is, the QoS class for frames not Default Class matching any of the QCEs in the QCL. • Select which QCL to use for the port.
Page 156 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-9-10 Rate Limit Configuration page screenshot The page includes the following fields: Object Description • The logical port for the settings contained in the same row. Port • Enable or disable the port policer. The default value is "Disabled".
Page 157: Storm Control Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Enable or disable the port shaper. The default value is "Disabled". Shaper Enabled • Shaper Rate Configure the rate for the port shaper. The default value is "500". This value is restricted to 500-1000000 when the "Policer Unit" is "kbps", and it is restricted to 1-1000 when the "Policer Unit"...
Page 158 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-9-12 QoS Statistics page screenshot The page includes the following fields: Object Description • The logical port for the settings contained in the same row. Port • There are 4 QoS queues per port with strict or weighted queuing scheduling. This Low Queue is the lowest priority queue.
Page 159: Dscp Remarking
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual : Clears the counters for all ports. Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. DSCP Remarking This page allows you to configure DSCP remarking related settings for each port.
Page 160: Oice Vlan Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • The logical port for the settings contained in the same row. Port • If the QoS remarking mode is set to enabled, it should be with this DSCP DSCP Remarking remarking/correction function according to RFC2474 on this port.
Page 161 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-9-14 Voice VLAN Configuration page screenshot...
Page 162 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • Mode Indicates the Voice VLAN mode operation. We must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filter. Possible modes are: Enabled: Enable Voice VLAN mode operation.
Page 163: Oice Vlan Oui Table
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Voice VLAN OUI Table Configure VOICE VLAN OUI table on this page. The maximum entry number is 16. Modify OUI table will restart auto detect OUI process. The Voice VLAN OUI Table screen is shown Figure 4-9-15.
Page 164: Access Control List Status
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID. There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The ACE also contains many detailed, different parameter options that are available for individual application.
Page 165: Access Control List Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Access Control List Configuration This page shows the Access Control List (ACL), which is made up of the ACEs defined for this Managed Switch. Each row describes the ACE that is defined. The maximum number of ACEs is 128.
Page 166: Ace Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual : Moves the ACE down the list. : Deletes the ACE. : The lowest plus sign adds a new entry at the bottom of the ACE listings. Buttons Auto-refresh : Check this box to refresh the page automatically. Automatic refresh occurs at regular intervals.
Page 167 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Select the frame type for this ACE. Frame Type Any: Any frame can match this ACE. Ethernet Type: Only Ethernet Type frames can match this ACE. ARP: Only ARP frames can match this ACE.
Page 168 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual ARP Parameters The ARP parameters can be configured when Frame Type "ARP" is selected. Object Description • Specify the available ARP/RARP opcode (OP) flag for this ACE. ARP/RARP Any: No ARP/RARP OP flag is specified. (OP is "don't-care".) ARP: Frame must have ARP/RARP opcode set to ARP.
Page 169 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual 1: ARP/RARP frames where the PRO is equal to IP (0x800) must match this entry. Any: Any value is allowed ("don't-care"). IP Parameters The IP parameters can be configured when Frame Type "IPv4" is selected.
Page 170 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual ICMP Parameters Object Description • Specify the ICMP filter for this ACE. ICMP Type Filter Any: No ICMP filter is specified (ICMP filter status is "don't-care"). Specific: If you want to filter a specific ICMP filter with this ACE, you can enter a specific ICMP value.
Page 171: Acl Ports Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • TCP PSH Specify the TCP "Push Function" (PSH) value for this ACE. 0: TCP frames where the PSH field is set must not be able to match this entry. 1: TCP frames where the PSH field is set must be able to match this entry.
Page 172 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-10-4 ACL Ports Configuration page screenshot The page includes the following fields: Object Description • The logical port for the settings contained in the same row. Port • Select the policy to apply to this port. The allowed values are 1 through 8. The Policy ID default value is 1.
Page 173: Acl Rate Limiter Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Please note that the System Log memory size and logging rate is limited. • Shutdown Specify the port shut down operation of this port. The allowed values are: Enabled: If a frame is received on the port, the port will be disabled.
Page 174 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. 4.11 Authentication This section is to control the access of the Managed Switch, includes the user access and management control.
Page 175: Understanding Ieee 802.1X Port-Based Authentication
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Understanding IEEE 802.1X Port-Based Authentication The IEEE 802.1X standard defines a client-server-based access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly accessible ports. The authentication server authenticates each client connected to a switch port before making available any services offered by the switch or the LAN.
Page 176 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual switch acts as an intermediary (proxy) between the client and the authentication server, requesting identity information from the client, verifying that information with the authentication server, and relaying a response to the client. The switch includes the RADIUS client, which is responsible for encapsulating and decapsulating the Extensible Authentication Protocol (EAP) frames and interacting with the authentication server.
Page 177: Authentication Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual If a client that does not support 802.1X is connected to an unauthorized 802.1X port, the switch requests the client's identity. In this situation, the client does not respond to the request, the port remains in the unauthorized state, and the client is not granted access to the network.
Page 178: Network Access Server Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Network Access Server Configuration This page allows you to configure the IEEE 802.1X and MAC-based authentication system and port settings. The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication.
Page 179 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-11-4 Network Access Server Configuration page screenshot...
Page 180 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: System Configuration Object Description • Mode Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames.
Page 181 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual QoS Class is enabled for that port. When unchecked, RADIUS-server assigned QoS Class is disabled for all ports. • RADIUS-Assigned RADIUS-assigned VLAN provides a means to centrally control the VLAN on which a successfully authenticated supplicant is placed on the switch. Incoming VLAN Enabled traffic will be classified to and switched on the RADIUS-assigned VLAN.
Page 182 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual authenticator, and the RADIUS server is the authentication server. The authenticator acts as the man-in-the-middle, forwarding requests and responses between the supplicant and the authentication server. Frames sent between the supplicant and the switch are special 802.1X frames, known as EAPOL (EAP Over LANs) frames.
Page 183 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual supplicant, since that would cause all supplicants attached to the port to reply to requests sent from the switch. Instead, the switch uses the supplicant's MAC address, which is obtained from the first EAPOL Start or EAPOL Response Identity frame sent by the supplicant.
Page 184 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • RADIUS-Assigned - When RADIUS-Assigned VLAN is both globally enabled and enabled (checked) for a given port, the switch reacts to VLAN ID information VLAN Enabled carried in the RADIUS Access-Accept packet transmitted by the RADIUS server when a supplicant is successfully authenticated.
Page 185 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual an EAPOL Success frame when entering the Guest VLAN. While in the Guest VLAN, the switch monitors the link for EAPOL frames, and if one such frame is received, the switch immediately takes the port out of the Guest VLAN and starts authenticating the supplicant according to the port mode.
Page 186: Network Access Overview
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Network Access Overview This page provides an overview of the current NAS port states for the selected switch. The Network Access Overview screen is shown Figure 4-11-5. Figure 4-11-5 Network Access Overview page screenshot...
Page 187: Network Access Statistics
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Port VLAN ID The VLAN ID that NAS has put the port in. The field is blank, if the Port VLAN ID is not overridden by NAS. If the VLAN ID is assigned by the RADIUS server, "(RADIUS-assigned)" is appended to the VLAN ID.
Page 188 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Port Counters Object Description • EAPOL Counters These supplicant frame counters are available for the following administrative states: Force Authorized Force Unauthorized Port-based 802.1X Single 802.1X Multi 802.1X Direction Name IEEE Name Description...
Page 189 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Backend Server These backend (RADIUS) frame counters are available for the following administrative Counters states: Port-based 802.1X Single 802.1X Multi 802.1X MAC-based Auth. Direction Name IEEE Name Description dot1xAuthBackendAcce Access 802.1X-based: ssChallenges...
Page 190 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual for a given port (left-most table) or client (right-most table). Possible retransmissions are not counted. • Last Supplicant/Client Information about the last supplicant/client that attempted to authenticate. This information is available for the following administrative states: Info Port-based 802.1X...
Page 191 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual unauthenticated. If an authentication fails for one or the other reason, the client will remain in the unauthenticated state for Hold Time seconds. • Last Authentication Shows the date and time of the last authentication of the client (successful as well as unsuccessful).
Page 192: Authentication Server Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Authentication Server Configuration This page allows you to configure the Authentication Servers. The Authentication Server Configuration screen is shown Figure 4-11-7. Figure 4-11-7 Authentication Server Configuration page screenshot...
Page 193 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Port State These setting are common for all of the Authentication Servers. Object Description • Timeout The Timeout, which can be set to a number between 3 and 3600 seconds, is the maximum time to wait for a reply from a server.
Page 194: Radius Overview
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual TACACS+ Authentication Server Configuration The table has one row for each TACACS+ Authentication Server and a number of columns, which are: Object Description • # The TACACS+ Authentication Server number for which the configuration below applies.
Page 195 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual RADIUS Authentication Servers Object Description • # The RADIUS server number. Click to navigate to detailed statistics for this server. • IP Address The IP address and UDP port number (in <IP Address>:<UDP Port> notation) of this server.
Page 196: Radius Details
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual RADIUS Details This page provides detailed statistics for a particular RADIUS server. The RADIUS Authentication/Accounting for Server Overview screen is shown Figure 4-11-9. Figure 4-11-9 RADIUS Authentication/Accounting for Server Overview page screenshot The page includes the following fields: RADIUS Authentication Servers The statistics map follows details specified in RFC4668 - RADIUS Authentication Client MIB.
Page 197 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual server. radiusAuthClientExtA The number of RADIUS Access ccessChallenges Access-Challenge packets Challenges (valid or invalid) received from the server. radiusAuthClientExt The number of malformed Malformed MalformedAccessRe RADIUS Access-Response Access sponses packets received from the Responses server.
Page 198 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual counted as a retransmit as well as a timeout. A send to a different server is counted as a Request as well as a timeout. • Other Info This section contains information about the state of the server and the latest round-trip time.
Page 199 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual radiusAccClientExt The number of RADIUS Packets Dropped PacketsDropped packets that were received from the server on the accounting port and dropped for some other reason. radiusAccClientExt The number of RADIUS Requests Requests packets sent to the server.
Page 200: Windows Platform Radius Server Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Windows Platform RADIUS Server Configuration Setup the RADIUS server and assign the client IP address to the Managed switch. In this case, field in the default IP Address of the Managed Switch with 192.168.0.100. And also make sure the shared secret key is as same as the one you had set at the Managed Switch’s 802.1x system configuration –...
Page 201 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-11-11 Windows Server – add new RADIUS client setting Assign the client IP address to the Managed switch. Figure 4-11-12 Windows Server RADIUS Server setting...
Page 202 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The shared secret key should be as same as the key configured on the Managed Switch. Figure 4-11-13 Windows Server RADIUS Server setting...
Page 203 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Configure ports attribute of 802.1X, the same as “802.1X Port Configuration”. Figure 4-11-14 802.1x Port Configuration Create user data. The establishment of the user data needs to be created on the Radius Server PC. For example, the...
Page 204 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Enter ” Active Directory Users and Computers”, create legal user data, the next, right-click a user what you created to enter properties, and what to be noticed: Figure 4-11-16 Add User Properties screen...
Page 205: 4.11.10 802.1X Client Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Set the Ports Authenticate Status to “Force Authorized” if the port is connected to the RADIUS server or the port is an uplink port that is connected to another switch. Or once the 802.1X stat to work, the switch might not be able to access the RADIUS server.
Page 206 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-11-19 Click “OK”. When client has associated with the Managed Switch, a user authentication notice appears in system tray. Click on the notice to continue. Figure 4-11-20 Windows client popup login request message...
Page 207: Security
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Enter the user name, password and the logon domain that your account belongs. 10. Click “OK” to complete the validation process. Figure 4-11-21 Security This section is to control the access of the Managed Switch, and includes the user access and management control.
Page 208 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-12-1 Port Limit Control Configuration Overview page screenshot...
Page 209 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: System Configuration Object Description • Mode Indicates if Limit Control is globally enabled or disabled on the switchstack. If globally disabled, other modules may still use the underlying functionality, but limit checks and corresponding actions are disabled.
Page 210: Access Management
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Trap & Shutdown: If Limit + 1 MAC addresses is seen on the port, both the "Trap" and the "Shutdown" actions described above will be taken. • State This column shows the current state of the port as seen from the Limit Control's point of view.
Page 211: Access Management Statistics
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • SNMP Indicates the host can access the switch from SNMP interface that the host IP address matched the entry. • TELNET/SSH Indicates the host can access the switch from TELNET/SSH interface that the host IP address matched the entry.
Page 212: Https
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual HTTPs Configure HTTPS on this page. The HTTPS Configuration screen is shown Figure 4-12-4. Figure 4-12-4 HTTPS Configuration screen page screenshot The page includes the following fields: Object Description • Mode Indicates the HTTPS mode operation. Possible modes are: Enabled: Enable HTTPS mode operation.
Page 213: Port Security Status
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. Port Security Status This page shows the Port Security status. Port Security is a module with no direct configuration. Configuration comes indirectly from the user modules.
Page 214 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: User Module Legend The legend shows all user modules that may request Port Security services. Object Description • User Module Name The full name of a module that may request Port Security services.
Page 215: Port Security Detail
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Port Security Detail This page shows the MAC addresses secured by the Port Security module. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning.
Page 216 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-12-8 DHCP Snooping Configuration screen page screenshot...
Page 217: Dhcp Snooping Statistics
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • Snooping Mode Indicates the DHCP snooping mode operation. Possible modes are: Enabled: Enable DHCP snooping mode operation. When DHCP snooping is enabled, the requested DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports.
Page 218 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • Rx and Tx Discover The number of discover (option 53 with value 1) packets received and transmitted. • Rx and Tx Offer The number of offer (option 53 with value 2) packets received and transmitted.
Page 219: Ip Source Guard Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual IP Source Guard Configuration IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic based on the DHCP Snooping Table or manually configured IP Source Bindings. It helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host.
Page 220: Ip Source Guard Static Table
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • Mode of IP Source Enable the Global IP Source Guard or disable the Global IP Source Guard. All configured ACEs will be lost when the mode is enabled.
Page 221: Arp Inspection
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual ARP Inspection ARP Inspection is a secure feature. Several types of attacks can be launched against a host or devices connected to Layer 2 networks by "poisoning" the ARP caches. This feature is used to block such attacks. Only valid ARP requests and responses can go through DUT.
Page 222: Arp Inspection Static Table
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • Mode of ARP Enable the Global ARP Inspection or disable the Global ARP Inspection. Inspection Configuration • Port Mode when both Global Mode ARP Inspection is only enabled on this given port and Port Mode on a given port are enabled.
Page 223: Address Table
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to add a new entry. : Click to save changes. Click to undo any changes made locally and revert to previously saved values. Address Table Switching of frames is based upon the DMAC address contained in the frame. The Managed Switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the DMAC address in the frame ).
Page 224 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-13-2 Static MAC Table Configuration page screenshot The page includes the following fields: Object Description • Check to delete the entry. It will be deleted during the next save. Delete • The VLAN ID for the entry.
Page 225: Mac Address Table Status
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual MAC Address Table Status Dynamic MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID, then by MAC address.
Page 226: Mac Table Learning
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons Auto-refresh : Check this box to enable an automatic refresh of the page at regular intervals. : Refreshes the displayed table starting from the "Start from MAC address" and "VLAN" input fields.
Page 227: Dynamic Arp Inspection Table
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to save changes. Click to undo any changes made locally and revert to previously saved values. Dynamic ARP Inspection Table Entries in the Dynamic ARP Inspection Table are shown on this page. The Dynamic ARP Inspection Table contains up to 1024 entries, and is sorted first by port, then by VLAN ID, then by MAC address, and then by IP address.
Page 228: Dynamic Ip Source Guard Table
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Dynamic IP Source Guard Table Entries in the Dynamic IP Source Guard Table are shown on this page. The Dynamic IP Source Guard Table is sorted first by port, then by VLAN ID, then by IP address, and then by IP mask. The Dynamic IP Source Guard Table screen is shown Figure 4-13-6.
Page 229: Lldp
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual LLDP Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring devices on the local broadcast domain. LLDP is a Layer 2 protocol that uses periodic broadcasts to advertise information about the sending device. Advertised information is represented in Type Length Value (TLV) format according to the IEEE 802.1ab standard, and can include details...
Page 230 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: LLDP Parameters Object Description • The switch is periodically transmitting LLDP frames to its neighbors for having the Tx Interval network discovery information up-to-date. The interval between each LLDP frame is determined by the Tx Interval value.
Page 231: Lldpmed Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual CDP TLV "Port ID" is mapped into the LLDP "Port ID" field. CDP TLV "Version and Platform" is mapped into the LLDP "System Description" field. Both the CDP and LLDP supports "system capabilities", but the CDP capabilities cover capabilities that are not part of the LLDP.
Page 232 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-14-2 LLDPMED Configuration page screenshot The page includes the following fields: Fast start repeat count Object Description • Rapid startup and Emergency Call Service Location Identification Discovery of Fast start repeat count endpoints is a critically important aspect of VoIP systems in general.In addition, it...
Page 233 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Coordinates Location Object Description • Latitude Latitude SHOULD be normalized to within 0-90 degrees with a maximum of 4 digits. It is possible to specify the direction to either North of the equator or South of the equator.
Page 234 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • House no. suffix House number suffix - Example: A, 1/2 • Landmark Landmark or vanity address - Example: Columbia University • Additional location Additional location info - Example: South Wing info • Name Name (residence and office occupant) - Example: Flemming Jahn •...
Page 235 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual the same Network Connectivity Device may advertise different sets of policies, based on the authenticated user identity or port configuration. It should be noted that LLDP-MED is not intended to run on links other than between Network Connectivity Devices and Endpoints, and therefore does not need to advertise the multitude of network policies that frequently run on an aggregated link interior to the LAN.
Page 236: Lldp-Med Neighbor
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Port Policies Configuration Every port may advertise a unique set of network policies or different attributes for the same network policies, based on the authenticated user identity or port configuration. Object Description • Port The port number for which the configuration applies.
Page 237 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual also support all aspects of TIA-1057 applicable to Generic Endpoints (Class I), and any LLDP-MED Endpoint Device claiming compliance as a Communication Device (Class III) will also support all aspects of TIA-1057 applicable to both Media Endpoints (Class II) and Generic Endpoints (Class I).
Page 238: Neighbor
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual with buffering would not be an intended use of this application type. Video Signaling - for use in network topologies that require a separate policy for the video signaling than for the video media.
Page 239: Port Statistics
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual 2. Repeater 3. Bridge 4. WLAN Access Point 5. Router 6. Telephone 7. DOCSIS cable device 8. Station only 9. Reserved When a capability is enabled, the capability is followed by (+). If the capability is disabled, the capability is followed by (-).
Page 240 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Global Counters Object Description • Shows the time for when the last entry was last deleted or added. It is also shows Neighbor entries were the time elapsed since last change was detected.
Page 241: Network Diagnostics
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Network Diagnostics This section provide the Physical layer and IP layer network diagnostics tools for troubleshooting. The diagnostic tools are designed for network manager to help them quickly diagnose problems between point to point and better service customers.
Page 242: Ipv6 Ping
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Be sure the target IP Address is within the same network subnet of the switch, or you had setup the correct gateway IP address. Buttons : Click to transmit ICMP packets. IPv6 Ping This page allows you to issue ICMPv6 PING packets to troubleshoot IPv6 connectivity issues.
Page 243: Remote Ip Ping Test
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Remote IP Ping Test This page allows you to issue ICMP PING packets to troubleshoot IP connectivity issues on special port. After you press “Test”, 5 ICMP packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply.
Page 244: Cable Diagnostics
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • Port The logical port for the settings. • The destination IP Address. Remote IP Address • The payload size of the ICMP packet. Values range from 8 bytes to 1400 bytes.
Page 245: Power Over Ethernet (Ge-Dssg-244-Poe / Ns3601-24P/4S)
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual The page includes the following fields: Object Description • The port where you are requesting Cable Diagnostics. Port • Description Display per port description. • Port: Port number. Cable Status Pair: The status of the cable pair.
Page 246: Power Over Ethernet Powered Device
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Power over Ethernet Powered Device Voice over IP phones Enterprise can install POE VoIP Phone, ATA and other Ethernet/non-Ethernet end-devices to the central where UPS is installed for un-interrupt power system and power control system.
Page 247 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual In this mode the Maximum Power fields have no effect. Allocation mode In this mode the user allocates the amount of power that each port may reserve. The allocated/reserved power for each port/PD is specified in the Maximum Power fields.
Page 248 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Buttons : Click to save changes. : Click to undo any changes made locally and revert to previously saved values. For IFS GE-DSSG-244-Poe, the total PoE power reservation from Port-1~24 is up to 220W...
Page 249: Port Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Port Configuration This section allows the user to inspect and configure the current PoE port settings , screen is shown Figure 4-16-3. Figure 4-16-3 Power over Ethernet Configuration screenshot The page includes the following fields:...
Page 250: Poe Status
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Power Allocation It limits the port PoE supply. Per port maximum value must be less than 15.4 watts, and total ports values must be less than the Power Reservation value if current PoE mode is 802.3af. Once power overload is detected, the port will automatically shut down and keep on detection mode until PD’s power...
Page 251 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • This is the logical port number for this row. Local Port • Display the class of the PD attached to the port, as established by the classification PD Class process. Class 0 is the default for PDs. The PD is classified based on power. The classification of the PD is the maximum power that the PD will draw across all input voltages and operational modes.
Page 252: Poe Schedule
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual PoE Schedule This page allows the user to define PoE schedule. The screen is shown Figure 4-16-5. Figure 4-16-5 PoE Schedule screenshot The page includes the following fields Object Description • Profile Set the schedule profile mode. Possible porifles are: Profile1 / Profile2 / Profile3 / Profile4 •...
Page 253: Lldp Neighbor Power Over Ethernet
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual : Click to save changes. : Check to delete the entry. LLDP Neighbor Power Over Ethernet This page provides a status overview for all LLDP PoE neighbors. The displayed table contains a row for each port on which an LLDP PoE neighbor is detected.
Page 254 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual 4.17 Stack Using Stacking, it is possible to connect a number of switches together in a stack, which behaves as a single switch as seen from outside the stack. Two types of stack topologies are supported:...
Page 255: Stack
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-17-2 Ring Stack topology Back-to-Back Stack : Two switches interconnected on both stacking ports. Figure 4-17-3 Back to back Stack topology Stack This section provides information for understand stacking architecture, include the below items: Switch IDs •...
Page 256: Master Election
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual (see "Replacing a Switch" above). Deleting a switch will remove any configuration pertaining to it. Deleting an active switch will leave it with an unassigned Switch ID until rebooted or manually assigning a Switch ID.
Page 257: Stack Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-17-5 True Ring Topology Stack Configuration This page is used for configure the stack, include assign Switch ID, master priority and display the current stack member information. The screen is shown Figure 4-17-6appears.
Page 258 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Object Description • Deletes this switch from the stack configuration. Delete • The MAC address of the switch. Stack Member • The Switch ID (1-16) assigned to a switch. For more information, see description...
Page 259: Stack Information
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • Start Master Election By checking this option, the "Save" operation will also start the master election process. This is done by clicking "Start Master Election", followed by "Save". This causes the first two criteria to be ignored, thereby basing master election only on master priority and MAC address.
Page 260: Stack Port State Overview
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual • The time of the last topology change in the stack. Last Topology Change • The MAC address of the current stack master switch. Master Switch • The time of the last master change in the stack.
Page 261: Stack Example
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual SWITCH ID MASTER Port Link status Stack Port Link status Figure 4-17-10 Port State Overview page screenshot Stack Example Stacking function is convenient for administrator to manage multiple switches by single IP. Basically, you got to have min. 2 units.
Page 262 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-17-12 Stack Configuration Step 5: We wish to make the IFS switch with MAC “00-30-4f-7b-9c-b2” / Switch ID=2 to become the Stack Master and swap the Switch ID to 1. Select the switch with ID=1 and assign a new ID for this unit, for example: ID=4 Figure 4-17-13 Assing new ID for current master Select the target switch and set up with lower priority “1”, also re-assing the Switch ID=1 for it.
Page 263 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-17-14 Assing lower priority value fo the target switch Reflash the web browser, the switch with MAC address “00-30-4f-7b-9e-b2” become the stack master now. Figure 4-17-15 The result after master election Step 6: After the Stack Master and Members have been configured, any switch in the stack can be managed from the web agent by choosing the desired Member ID from the Switch drop down menu.
Page 264 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 4-17-16 To manage the member switch Slave switch IP will be covered by Master one, and disappear temporarily. The slave IP address can be the same as Master IP address. Thus, if master switch is malfunction, you can still access the other switch by same IP address.
Page 265: Command Line Interface
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual COMMAND LINE INTERFACE Accessing the CLI When accessing the management interface for the switch over a direct connection to the server’s console port, or via a Telnet connection, the switch can be managed by entering command keywords and parameters at the prompt. Using the switch's command-line interface (CLI) is very similar to entering commands on a UNIX system.
Page 266: Configure Ip Address
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Configure IP address The IFS Managed Switch is shipped with default IP address as following. IP Address: 192.168.0.100 Subnet Mask: 255.255.255.0 To check the current IP address or modify a new IP address for the Switch, please use the procedures as follow: Show the current IP address On ”Switch/>...
Page 267: Telnet Login
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Figure 5-3 Set IP address screen Repeat Step 1 to check if the IP address is changed. If the IP address is successfully configured, the Managed Switch will apply the new IP address setting immediately. You can access the Web interface of IFS Managed Switch through the new IP address.
Page 268: Command Line Mode
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Command Line Mode The CLI groups all the commands in appropriate modes according to the nature of the command. A sample of the CLI command modes are described below. Each of the command modes supports specific software commands.
Page 269: System Command
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual System Command System Configuration Description: Show system configuration. Syntax: System Configuration [all] [<port_list>] Parameters: : Show all switch configuration, default: Show system configuration <port_list>: Port list or 'all', default: All ports Example: To display system information: SWITCH/>System configuration...
Page 270: System Location
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Parameters: <contact>: System contact string. Use 'clear' or "" to clear the string. No blank or space characters are permitted as part of a contact. (only in CLI) Default Setting: empty Example: To set device contact: Switch/>System contact IFS-Test...
Page 271: System Restore Default
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Default Setting: SWITCH Example: To change CLI title: Switch/>system prompt IFS GE-DSSG-244 IFS-24040/> System Reboot Description: Reboot the system. Syntax: System Reboot Example: To reboot device without changing any of the settings: Switch/>system reboot...
Page 272: Stack
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Parameters: <log_id>: System log ID or range (default: All entries) : Show all levels (default) : Show informations info warning : Show warnings : Show errors error : Clear log clear Example: To show system log: Switch/>system log...
Page 273: Stack Master Reelect
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Switch/> Stack Master Reelect Description: Force master reelection (ignoring master time). Syntax: Stack Master Reelect Example: Force master reelection. Switch/>stack master reelect Switch/> Stack Select Description: Set or show the selected switch ID.
Page 274: Ip Command
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Parameters: <sid>: Switch ID (1-16) Example: Delete stack SID 10. Switch/>stack sid delete 10 Switch/> Stack SID Assign Description: Assign SID and associated configuration to switch. SID must be unassigned, switch must be present and switch must not already be assigned to a SID.
Page 275 IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual IP DHCP Description: Set or show the DHCP client mode. Syntax: IP DHCP [enable|disable] Parameters: enable : Enable or renew DHCP client disable: Disable DHCP client Default Setting: Disable Example: Disable DHCP sever: SWITCH/>ip dhcp disable...
Page 276: Ip Dns Proxy
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual SWITCH/>ip ping 192.168.0.21 PING server 192.168.0.21 60 bytes from 192.168.0.21: icmp_seq=0, time=0ms 60 bytes from 192.168.0.21: icmp_seq=1, time=0ms 60 bytes from 192.168.0.21: icmp_seq=2, time=0ms 60 bytes from 192.168.0.21: icmp_seq=3, time=10ms 60 bytes from 192.168.0.21: icmp_seq=4, time=0ms...
Page 277: Ipv6 Setup
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Default Setting: disable Example: Enable IPv6 autoconfig function: SWITCH/>ip ipv6 autoconfig enable IPv6 Setup Description: Set or show the IPv6 setup. Syntax: IP IPv6 Setup [<ipv6_addr>] [<ipv6_prefix>] [<ipv6_router>] [<vid>] Parameters: <ipv6_addr> : IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field (:).
Page 278: Ip Ntp Configuration
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Example: SWITCH/>ip ipv6 ping 2001::0002 PING6 server 2001::2 68 bytes from 2001::2: icmp_seq=0, time=0ms 68 bytes from 2001::2: icmp_seq=1, time=0ms 68 bytes from 2001::2: icmp_seq=2, time=0ms 68 bytes from 2001::2: icmp_seq=3, time=0ms 68 bytes from 2001::2: icmp_seq=4, time=0ms...
Page 279: Port Management Command
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual IP NTP Server Add <server_index> <ip_addr_string> Parameters: <server_index> : The server index (1-5) <ip_addr_string>: IP host address (a.b.c.d) or a host name string Example: To add NTP server: SWITCH/>ip ntp server add 1 60.249.136.151...
Page 280: Port Mode
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Parameters: <port_list>: Port list or 'all', default: All ports : Show ports, which are up : Show ports, which are down down (default: Show all ports) Example: Display port1~4 status SWITCH/>port configuration 1-4...
Page 281: Port State
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Disable Example: Enable flow control function for port1 SWITCH/>port flow control 1 enable Port State Description: Set or show the port administrative state. Syntax: Port State [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 282: Port Sfp
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual actiphy: Enable ActiPHY power control dynamic: Enable Dynamic power control Default Setting: Enable Example: Disable port power function for port1-4 SWITCH/>port power 1-4 disable Port SFP Description: Show SFP port information. Syntax: Port SFP [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports...
Page 283: Mac Address Table Command
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Parameters: <port_list>: Port list or 'all', default: All ports <command> : The command parameter takes the following values: : Clear port statistics clear : Show packet statistics packets : Show byte statistics bytes...
Page 284: Mac Delete
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto MAC Add Description: Add MAC address table entry. Syntax: MAC Add <mac_addr> <port_list> [<vid>] Parameters: <mac_addr> : MAC address (xx-xx-xx-xx-xx-xx) <port_list>: Port list or 'all' or 'none'...
Page 285: Mac Age Time
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Parameters: <mac_addr>: MAC address (xx-xx-xx-xx-xx-xx) : VLAN ID (1-4095), default: 1 <vid> Example: Lookup state of Mac address 00-30-4F-01-01-02 SWITCH/>mac lookup 00-30-4f-01-01-02 MAC Age Time Description: Set or show the MAC address age timer.
Page 286: Mac Statistics
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Parameters: <mac_max> : Maximum number of MAC addresses 1-8192, default: Show all addresses <mac_addr>: First MAC address (xx-xx-xx-xx-xx-xx), default: MAC address zero : First VLAN ID (1-4095), default: 1 <vid> Example: Show all of MAC table SWITCH/>mac dump...
Page 287: Lan Configuration Command
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual MAC Flush Description: Flush all learned entries. Syntax: MAC Flush VLAN Configuration Command VLAN Configuration Description: Show VLAN configuration. Syntax: VLAN Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', (default: All ports) Example: Show VLAN status of port1 SWITCH/>vlan configuration 1...
Page 288: Vlan Frame Type
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual VLAN Frame Type Description: Set or show the port VLAN frame type. Syntax: VLAN FrameType [<port_list>] [all|tagged] Parameters: <port_list>: Port list or 'all', default: All ports : Allow tagged and untagged frames : Allow tagged frames only...
Page 289: Vlan Link Type
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual SWITCH/>vlan mode portbased VLAN Link Type Description: Set or show the port VLAN link type. Syntax: VLAN LinkType [<port_list>] [untagged|tagged] Parameters: <port_list>: Port list or 'all', default: All ports : VLAN Link Type Tagged...
Page 290: Vlan Add
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Example: Set out layer VLAN tag Ethernet type for port 10 in man Ethernet type SWITCH/>vlan ethtype 10 man VLAN Add Description: Add or modify VLAN entry. Syntax: VLAN Add <vid> [<port_list>] Parameters: : VLAN ID (1-4095) <vid>...
Page 291: Vlan Status
IFS NS3601-24P/4S GE-DSSG-244 and 244-POE User Manual Example: Show VLAN status SWITCH/>vlan lookup Ports ---- ----- 1-24 None VLAN Status Description: VLAN Port Configuration Status. Syntax: VLAN Status [<port_list>] [combined|static|nas|mvr|voice_vlan|mstp|all|conflicts] Parameters: <port_list>: Port list or 'all', default: All ports : combined VLAN Users configuration...
Page 292: Private Vlan Configuration Command
User’s Manual of NS3601-24P/4S Private VLAN Configuration Command PVLAN Configuration Description: Show Private VLAN configuration. Syntax: PVLAN Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show private VLAN configuration SWITCH/> pvlan configuration Private VLAN Configuration: =========================== Port Isolation ---- --------- Disabled...
Page 293: Pvlan Delete
User’s Manual of NS3601-24P/4S Series Example: Add port17 to port24 in PVLAN10 SWITCH/>pvlan add 10 17-24 PVLAN Delete Description: Delete Private VLAN entry. Syntax: PVLAN Delete <pvlan_id> Parameters: <pvlan_id> : Private VLAN ID Example: Delete PVLAN10 SWITCH/>pvlan delete 10 PVLAN Lookup Description: Lookup Private VLAN entry.
Page 294: Security Command
User’s Manual of NS3601-24P/4S Series Security Command Security Switch User Configuration Description: Show users configuration. Syntax: Security Switch Users Configuration Default Setting: User Privilege Name admin guest Example: Enable isolate for port10 SWITCH/>security switch user configuration Users Configuration: ==================== User Name Privilege Level -------------------------------- ----------------...
Page 295: Security Switch Privilege Level Configuration
User’s Manual of NS3601-24P/4S Series SWITCH/>security switch users delete user Security Switch Privilege Level Configuration Description: Show privilege configuration. Syntax: Security Switch Privilege Level Configuration Example: Show privilege level SWITCH/>security switch privilege level configuration Privilege Level Configuration: ============================== Privilege Current Level: 15 Group Name Privilege Level CRO CRW SRO SRW...
Page 296: Security Switch Privilege Level Current
User’s Manual of NS3601-24P/4S Series SWITCH/>security switch privilege level group mvr 15 15 15 15 Security Switch Privilege Level Current Description: Show the current privilege level. Syntax: Security Switch Privilege Level Current Default Setting: Security Switch Auth Configuration Description: Show Auth configuration. Syntax: Security Switch Auth Configuration Default Setting:...
Page 297 User’s Manual of NS3601-24P/4S Series Default Setting: Authentication Method: local Fallback: disable Example: Use RADIUS authentication method for telnet. SWITCH/>security switch auth method telnet radius enable Security Switch SSH Configuration Description: Show SSH configuration. Syntax: Security Switch SSH Configuration Example: Show SSH configuration.
Page 298 User’s Manual of NS3601-24P/4S Series SWITCH/>security switch https configuration HTTPS Configuration: ==================== HTTPS Mode : Disabled HTTPS Redirect Mode : Disabled Security Switch HTTPs Mode Description: Set or show the HTTPS mode. Syntax: Security Switch HTTPS Mode [enable|disable] Parameters: enable : Enable HTTPs disable: Disable HTTPs (default: Show HTTPs mode) Default Setting:...
Page 299: Security Switch Access Mode
User’s Manual of NS3601-24P/4S Series SWITCH/>security switch access configuration Access Mgmt Configuration: ========================== System Access Mode : Disabled System Access number of entries: 0 Security Switch Access Mode Description: Set or show the access management mode. Syntax: Security Switch Access Mode [enable|disable] Parameters: enable : Enable access management disable: Disable access management...
Page 300: Security Switch Access Delete
User’s Manual of NS3601-24P/4S Series IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros;...
Page 301: Security Switch Access Statistics
User’s Manual of NS3601-24P/4S Series Clear access management entry. SWITCH/>security switch access clear Security Switch Access Statistics Description: Show or clear access management statistics. Syntax: Security Switch Access Statistics [clear] Parameters: clear: Clear access management statistics Default Setting: disable Example: Show access management statistics.
Page 302: Security Switch Snmp Mode
User’s Manual of NS3601-24P/4S Series SNMPv3 Engine ID : 800007e5017f000001 SNMPv3 Communities Table: Idx Community Source IP Source Mask --- -------------------------------- --------------- --------------- public 0.0.0.0 0.0.0.0 private 0.0.0.0 0.0.0.0 Number of entries: 2 SNMPv3 Users Table: Idx Engine ID User Name Level Auth Priv --- --------- -------------------------------- -------------- ---- ----...
Page 303: Security Switch Snmp Version
User’s Manual of NS3601-24P/4S Series Security Switch SNMP Version Description: Set or show the SNMP protocol version. Syntax: Security Switch SNMP Version [1|2c|3] Parameters: 1 : SNMP version 1 2c: SNMP version 2c 3 : SNMP version 3 (default: Show SNMP version) Default Setting: Example: Set SNMP in version 3.
Page 304: Security Switch Snmp Trap Mode
User’s Manual of NS3601-24P/4S Series Security Switch SNMP Trap Mode Description: Set or show the SNMP trap mode. Syntax: Security Switch SNMP Trap Mode [enable|disable] Parameters: enable : Enable SNMP traps disable: Disable SNMP traps (default: Show SNMP trap mode) Default Setting: disable Example:...
Page 305: Security Switch Snmp Trap Destination
User’s Manual of NS3601-24P/4S Series Security Switch SNMP Trap Destination Description: Set or Show the SNMP trap destination address. Syntax: Security Switch SNMP Trap Destination [<ip_addr_string>] Parameters: <ip_addr_string>: IP host address (a.b.c.d) or a host name string Example: Set SNMP trap destination address for 192.168.0.20 SWITCH/>security switch snmp trap destination 192.168.0.20 Security Switch SNMP Trap IPv6 Destination Description:...
Page 306: Security Switch Snmp Trap Inform Mode
User’s Manual of NS3601-24P/4S Series Syntax: Security Switch SNMP Trap Link-up [enable|disable] Parameters: enable : Enable SNMP trap link-up and link-down disable: Disable SNMP trap link-up and link-down (default: Show SNMP trap link-up and link-down mode) Default Setting: enable Example: Disable SNMP trap link-up SWITCH/>security switch snmp trap link-up disable Security Switch SNMP Trap Inform Mode...
Page 307: Security Switch Snmp Trap Probe Security Engine Id
User’s Manual of NS3601-24P/4S Series Syntax: Security Switch SNMP Trap Inform Retry Times [<retries>] Parameters: <retries>: SNMP trap inform retransmited times (0-255) (default: Show SNMP trap inform retry times) Default Setting: Example: Set SNMP trap inform retry times in 10. SWITCH/>security switch snmp trap inform retry times 10 Security Switch SNMP Trap Probe Security Engine ID Description:...
Page 308: Security Switch Snmp Engine Id
User’s Manual of NS3601-24P/4S Series (default: Show SNMP trap security name) Example: Set the SNMP trap security name SWITCH/>security switch snmp trap security name 12345678 Security Switch SNMP Engine ID Description: Set or show SNMPv3 local engine ID. Syntax: Security Switch SNMP Engine ID [<engineid>] Parameters: <engineid>: Engine ID, the format may not be all zeros or all 'ff'H and is restricted to 5 - 32 octet string Default Setting:...
Page 309: Security Switch Snmp Community Lookup
User’s Manual of NS3601-24P/4S Series Security Switch SNMP Community Lookup Description: Lookup SNMPv3 community entry. Syntax: Security Switch SNMP Community Lookup [<index>] Parameters: <index>: entry index (1-64) Example: Lookup SNMPv3 community entry SWITCH/>security switch snmp community lookup Idx Community Source IP Source Mask --- -------------------------------- ---------------...
Page 310: Security Switch Snmp User Changekey
User’s Manual of NS3601-24P/4S Series Security Switch SNMP User Changekey Description: Change SNMPv3 user password. Syntax: Security Switch SNMP User Changekey <engineid> <user_name> <auth_password> [<priv_password>] Parameters: : Engine ID, the format may not be all zeros or all 'ff'H and is restricted to 5 - 32 octet string <engineid>...
Page 311: Security Switch Snmp Group Delete
User’s Manual of NS3601-24P/4S Series Security Switch SNMP Group Delete Description: Delete SNMPv3 group entry. Syntax: Security Switch SNMP Group Delete <index> Parameters: <index>: entry index (1-64) Example: Delete SNMPv3 group entry SWITCH/>security switch snmp group delete 1 Security Switch SNMP Group Lookup Description: Lookup SNMPv3 group entry.
Page 312: Security Switch Snmp View Lookup
User’s Manual of NS3601-24P/4S Series Delete SNMPv3 view entry. Syntax: Security Switch SNMP View Delete <index> Parameters: <index>: entry index (1-64) Example: Delete SNMPv3 view entry SWITCH/>security switch snmp view delete 3 Security Switch SNMP View Lookup Description: Lookup SNMPv3 view entry. Syntax: Security Switch SNMP View Lookup [<index>] Parameters:...
Page 313 User’s Manual of NS3601-24P/4S Series Security Switch SNMP Access Delete Description: Delete SNMPv3 access entry. Syntax: Security Switch SNMP Access Delete <index> Parameters: <index>: entry index (1-64) Example: Delete SNMPv3 access entry SWITCH/>security switch snmp access delete 3 Security Switch SNMP Access Lookup Description: Lookup SNMPv3 access entry.
Page 314: Security Network Psec Port
User’s Manual of NS3601-24P/4S Series ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ---- No users ----...
Page 315: Security Network Limit Mode
User’s Manual of NS3601-24P/4S Series ========================================== Mode : Disabled Aging : Disabled Age Period: 3600 Port Mode Limit Action ---- -------- ----- --------------- Disabled None Disabled None Disabled None Disabled None Disabled None Disabled None Disabled None Disabled None Disabled None Disabled None...
Page 316: Security Network Limit Agetime
User’s Manual of NS3601-24P/4S Series disable : Disable aging (default: Show current enabledness of aging) Default Setting: disable Example: Enable limit aging SWITCH/>security network limit aging enable Security Network Limit Agetime Description: Time in seconds between check for activity on learned MAC addresses. Syntax: Security Network Limit Agetime [<age_time>] Parameters:...
Page 317: Security Network Limit Action
User’s Manual of NS3601-24P/4S Series <port_list>: Port list or 'all', default: All ports : Max. number of MAC addresses on this port <limit> (default: Show current limit) Default Setting: Example: Set limit in 5 SWITCH/>security network limit limit 1-24 5 Security Network Limit Action Description: Set or show the action involved with exceeding the limit.
Page 318: Security Network Nas Mode
User’s Manual of NS3601-24P/4S Series Parameters: <port_list>: Port list or 'all', default: All ports Example: Show 802.1X configuration of port 1 SWITCH/>security network nas configuration 1 802.1X Configuration: ===================== Mode : Disabled Reauth. : Disabled Reauth. Period : 3600 EAPOL Timeout : 30 Age Period : 300...
Page 319: Security Network Nas Reauthentication
User’s Manual of NS3601-24P/4S Series (default: Show 802.1X state) Default Setting: none Example: Show the port 1 security state. SWITCH/>security network nas state 1 Port Admin State Port State Last Source Last ID ---- ------------------ --------------------- ----------------- ------------------ Force Authorized Link Down Security Network NAS Reauthentication Description:...
Page 320: Security Network Nas Agetime
User’s Manual of NS3601-24P/4S Series Parameters: <eapol_timeout>: Time between EAPOL retransmissions (1-65535 seconds) (default: Show current EAPOL retransmission timeout) Default Setting: Example: Set the time between EAPOL retransmissions for 100sec. SWITCH/>security network nas eapoltimeout 100 Security Network NAS Agetime Description: Time in seconds between check for activity on successfully authenticated MAC addresses.
Page 321 User’s Manual of NS3601-24P/4S Series <port_list>: Select the per-port RADIUS-assigned QoS setting (default: Show current per-port RADIUS-assigned QoS enabledness) enable : Enable RADIUS-assigned QoS either globally or on one or more ports disable: Disable RADIUS-assigned QoS either globally or on one or more ports (default: Show current RADIUS-assigned QoS enabledness) Default Setting: disable...
Page 322: Security Network Nas Authenticate
User’s Manual of NS3601-24P/4S Series enable :The Guest VLAN can be entered even if an EAPOL frame has been received during the lifetime of the port (default: Show current setting) Default Setting: disable Example: Enable NAS guest VLAN SWITCH/>security network nas guest_vlan enable Security Network NAS Authenticate Description: Refresh (restart) 802.1X authentication process.
Page 323: Security Network Acl Configuration
User’s Manual of NS3601-24P/4S Series Security Network ACL Configuration Description: Show ACL Configuration. Syntax: Security Network ACL Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show ACL Configuration. SWITCH/>security network acl configuration ACL Configuration: ================== Port Policy Action Rate Limiter Port Copy Logging Shutdown Counter ---- ------...
Page 324: Security Network Acl Action
User’s Manual of NS3601-24P/4S Series Security Network ACL Action Description: Set or show the ACL port default action. Syntax: Security Network ACL Action [<port_list>] [permit|deny] [<rate_limiter>] [<port_copy>] [<logging>] [<shutdown>] Parameters: : Port list or 'all', default: All ports <port_list> : Permit forwarding (default) permit : Deny forwarding deny...
Page 325: Security Network Acl Add
User’s Manual of NS3601-24P/4S Series Example: Set rate limit value in 1024k for port 1 SWITCH/>security network acl rate 1 1024k Security Network ACL Add Description: Add or modify Access Control Entry (ACE). If the ACE ID parameter <ace_id> is specified and an entry with this ACE ID already exists, the ACE will be modified. Otherwise, a new ACE will be added.
Page 326: Security Network Acl Delete
User’s Manual of NS3601-24P/4S Series : Shut down ingress port: shut|shut_disable <shutdown> Security Network ACL Delete Description: Delete ACE. Syntax: Security Network ACL Delete <ace_id> Parameters: <ace_id>: ACE ID (1-128) Example: Delete ACE 1 SWITCH/>security network acl delete 1 Security Network ACL Lookup Description: Show ACE, default: All ACEs.
Page 327: Security Network Dhcp Relay Configuration
User’s Manual of NS3601-24P/4S Series (default : Shows the combined status) Example: Show ACL status. SWITCH/>security network acl status Security Network DHCP Relay Configuration Description: Show DHCP relay configuration. Syntax: Security Network DHCP Relay Configuration Example: Show DHCP relay configuration. SWITCH/>security network dhcp relay configuration DHCP Relay Configuration: =========================...
Page 328: Security Network Dhcp Relay Information Mode
User’s Manual of NS3601-24P/4S Series <ip_addr>: IP address (a.b.c.d), default: Show IP address Default Setting: null Example: Set DHCP relay server in 192.168.0.20 SWITCH/>security network dhcp relay server 192.168.0.20 Security Network DHCP Relay Information Mode Description: Set or show DHCP relay agent information option mode. When enable DHCP relay information mode operation, the agent insert specific information (option 82) into a DHCP message when forwarding to DHCP server and remote it from a DHCP message when transferring to DHCP client.
Page 329: Security Network Dhcp Snooping Configuration
User’s Manual of NS3601-24P/4S Series Show or clear DHCP relay statistics. Syntax: Security Network DHCP Relay Statistics [clear] Parameters: clear: Clear DHCP relay statistics Example: Show DHCP relay statistics. SWITCH/>security network dhcp relay statistics Security Network DHCP Snooping Configuration Description: Show DHCP snooping configuration.
Page 330: Security Network Dhcp Snooping Port Mode
User’s Manual of NS3601-24P/4S Series Security Network DHCP Snooping Mode [enable|disable] Parameters: enable : Enable DHCP snooping mode. When enable DHCP snooping mode operation, the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports. disable: Disable DHCP snooping mode (default: Show flow DHCP snooping mode) Default Setting:...
Page 331: Security Network Ip Source Guard Configuration
User’s Manual of NS3601-24P/4S Series Rx Lease Query: Tx Lease Query: Rx Lease Unassigned: Tx Lease Unassigned: Rx Lease Unknown: Tx Lease Unknown: Rx Lease Active: Tx Lease Active: Security Network IP Source Guard Configuration Description: Show IP source guard configuration. Syntax: Security Network IP Source Guard Configuration Example:...
Page 332: Security Network Ip Source Guard Port Mode
User’s Manual of NS3601-24P/4S Series enable : Enable IP Source Guard disable: Disable IP Source Guard Default Setting: disable Example: Enable IP source guard mode SWITCH/>security network ip source guard mode enable Security Network IP Source Guard Port Mode Description: Set or show the IP Source Guard port mode.
Page 333: Security Network Ip Source Guard Status
User’s Manual of NS3601-24P/4S Series <port_list> : Port list or 'all', default: All ports : Add new port IP source guard static entry delete : Delete existing port IP source guard static entry : VLAN ID (1-4095) <vid> <allowed_ip>: IP address (a.b.c.d), IP address allowed for doing ARP request : IP mask (a.b.c.d), IP mask for allowed IP address <ip_mask>...
Page 334: Security Network Arp Inspection Port Mode
User’s Manual of NS3601-24P/4S Series Security Network ARP Inspection Port Mode Description: Set or show the ARP Inspection port mode. Syntax: Security Network ARP Inspection Port Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable ARP Inspection port disable : Disable ARP Inspection port (default: Show ARP Inspection port mode) Default Setting:...
Page 335: Security Aaa Configuration
User’s Manual of NS3601-24P/4S Series Security AAA Configuration Description: Show Auth configuration. Syntax: Security AAA Configuration Example: Show Auth configuration. SWITCH/>security aaa configuration AAA Configuration: ================== Server Timeout : 15 seconds Server Dead Time : 300 seconds RADIUS Authentication Server Configuration: =========================================== Server Mode IP Address...
Page 336: Security Aaa Deadtime
User’s Manual of NS3601-24P/4S Series Example: Set 30sec for server timeout SWITCH/>security aaa timeout 30 Security AAA Deadtime Description: Set or show server dead time. Syntax: Security AAA Deadtime [<dead_time>] Parameters: <dead_time>: Time that a server is considered dead if it doesn't answer a request (0-3600 seconds) (default: Show server dead time configuration) Default Setting: Example:...
Page 337: Security Aaa Tacacs
User’s Manual of NS3601-24P/4S Series The server index (1-5) (default: Show RADIUS accounting server configuration) : Enable RADIUS accounting server enable : Disable RADIUS accounting server disable (default: Show RADIUS server mode) <ip_addr_string>: IP host address (a.b.c.d) or a host name string : Secret shared with external accounting server.
Page 338: Spanning Tree Protocol Command
User’s Manual of NS3601-24P/4S Series Spanning Tree Protocol Command STP Configuration Description: Show STP configuration. Syntax: STP Configuration Example: Show STP configuration. SWITCH/>stp cofiguration STP Configuration: ================== Protocol Version: MSTP Max Age : 20 Forward Delay : 15 Tx Hold Count Max Hop Count : 20 STP Version...
Page 339: Stp Maxhops
User’s Manual of NS3601-24P/4S Series STP MaxHops Description: Set or show the MSTP Bridge Max Hop Count parameter. Syntax: STP MaxHops [<maxhops>] Parameters: <maxhops>: STP BPDU MaxHops (6-40)) Default Setting: 20 Example: Set STP maximum hops in 25 SWITCH/>stp maxhops 25 STP MaxAge Description: Set or show the CIST/MSTI bridge maximum age.
Page 340: Stp Bpdu Filter
User’s Manual of NS3601-24P/4S Series Parameters: <config-name>: MSTP Configuration name. A text string up to 32 characters long. Use quotes (") to embed spaces in name. : Integer value <integer> Default Setting: Configuration name: MAC address Configuration rev.: 0 Example: Set MSTP configuration name and revision.
Page 341: Stp Status
User’s Manual of NS3601-24P/4S Series <timeout>: Time before error-disabled ports are reenabled (30-86400 seconds, 0 disables) (default: Show recovery timeout) Default Setting: Disable Example: Set STP recovery value in 30 sec. SWITCH/>stp recovery 30 STP Status Description: Show STP Bridge status. Syntax: STP Status [<msti>] [<port_list>] Parameters:...
Page 342: Stp Msti Map
User’s Manual of NS3601-24P/4S Series MST4 128 MST5 128 MST6 128 MST7 128 Example: Set MST1 priority value in 48. SWITCH/>stp msti priority 1 48 STP MSTI Map Description: Show or clear MSTP MSTI VLAN mapping configuration. Syntax: STP Msti Map [<msti>] [clear] Parameters: <msti>: STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) Clear : Clear VID to MSTI mapping...
Page 343: Stp Port Mode
User’s Manual of NS3601-24P/4S Series STP Port Mode Description: Set or show the STP enabling for a port. Syntax: STP Port Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all'. Port zero means aggregations. : Enable MSTP protocol Enable : Disable MSTP protocol Disable Default: Enable...
Page 344: Stp Port P2P
User’s Manual of NS3601-24P/4S Series SWITCH/>stp port autoedge 1 disable STP Port P2P Description: Set or show the STP point2point port parameter. Syntax: STP Port P2P [<port_list>] [enable|disable|auto] Parameters: <port_list>: Port list or 'all', default: All ports : Enable MSTP point2point enable : Disable MSTP point2point disable...
Page 345: Stp Port Bpduguard
User’s Manual of NS3601-24P/4S Series Example: Eisable STP restricted TCN on port1 SWITCH/>stp port restrictedtcn 1 enable STP Port bpduGuard Description: Set or show the bpduGuard port parameter. Syntax: STP Port bpduGuard [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Enable port BPDU Guard enable : Disable port BPDU Guard...
Page 346: Stp Msti Port Configuration
User’s Manual of NS3601-24P/4S Series STP MSTI Port Configuration Description: Show the STP CIST/MSTI port configuration. Syntax: STP Msti Port Configuration [<msti>] [<port_list>] Parameters: : STP bridge instance no (0-7, CIST=0, MSTI1=1, ...) <msti> <port_list>: Port list or 'all', default: All ports Default: auto Example:...
Page 347: Multicast Configuration Command
User’s Manual of NS3601-24P/4S Series Default: Multicast Configuration Command IGMP Configuration Description: Show IGMP snooping configuration. Syntax: IGMP Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show IGMP snooping configuration. SWITCH/>igmp configuration IGMP Mode Description: Set or show the IGMP snooping mode. Syntax: IGMP Mode [enable|disable] Parameters:...
Page 348: Igmp State
User’s Manual of NS3601-24P/4S Series Enable IGMP leave proxy SWITCH/>igmp leave proxy enable IGMP State Description: Set or show the IGMP snooping state for VLAN. Syntax: IGMP State [<vid>] [enable|disable] Parameters: <vid>: VLAN ID (1-4095), default: Show all VLANs enable : Enable IGMP snooping disable: Disable IGMP snooping (default: Show IGMP snooping mode) Default Setting:...
Page 349: Igmp Throttling
User’s Manual of NS3601-24P/4S Series disable Example: Enable the IGMP snooping fast leave port mode. SWITCH/>igmp fastleave 1 enable IGMP Throttling Description: Set or show the IGMP port throttling status. Syntax: IGMP Throttling [<port_list>] [limit-group-number] Parameters: <port_list>: Port list or 'all', default: All ports : No limit : Group learn limit 1~10...
Page 350: Igmp Flooding
User’s Manual of NS3601-24P/4S Series enable : Enable IGMP router port disable : Disable IGMP router port (default: Show IGMP router port mode) Default Setting: disable Example: Enable IGMP snooping function for port1~4 SWITCH/>igmp router 1-4 enable IGMP Flooding Description: Set or show the IGMP snooping unregistered flood operation.
Page 351: Link Aggregation Command
User’s Manual of NS3601-24P/4S Series Link Aggregation Command Aggregation Configuration Description: Show link aggregation configuration. Syntax: Aggr Configuration Example: SWITCH/>aggr configuration Aggregation Mode: SMAC : Enabled DMAC : Disabled : Enabled Port : Enabled Aggregation Add Description: Add or modify link aggregation. Syntax: Aggr Add <port_list>...
Page 352: Link Aggregation Control Protocol Command
User’s Manual of NS3601-24P/4S Series Aggr Lookup [<aggr_id>] Parameters: <aggr_id>: Aggregation ID , global: 1-2, local: 3-14 Example: Show aggregation status SWITCH/>aggr lookup 1 Aggr ID Name Type Ports ----------- ------- ------- ------- GLAG1 Static Aggregation Mode Description: Set or show the link aggregation traffic distribution mode. Syntax: Aggr Mode [smac|dmac|ip|port] [enable|disable] Parameters:...
Page 353: Lacp Mode
User’s Manual of NS3601-24P/4S Series Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active...
Page 354: Lacp Role
User’s Manual of NS3601-24P/4S Series Set key1 for port1~4 SWITCH/>lacp key 1-4 1 LACP Role Description: Set or show the LACP role. Syntax: LACP Role [<port_list>] [active|passive] Parameters: <port_list>: Port list or 'all', default: All ports active : Initiate LACP negotiation passive: Listen for LACP packets (default: Show LACP role) Default Setting:...
Page 355: Lldp Command
User’s Manual of NS3601-24P/4S Series SWITCH/>lacp statistics 1-4 Port Rx Frames Tx Frames Rx Unknown Rx Illegal ------ --------------- --------------- --------------- ---------- LLDP Command LLDP Configuration Description: Show LLDP configuration. Syntax: LLDP Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LLDP configuration of port1~4 SWITCH/>lldp configuration 1-4...
Page 356: Lldp Optional Tlv
User’s Manual of NS3601-24P/4S Series SWITCH/>lldp mode 1 enable LLDP Optional TLV Description: Show or Set LLDP Optional TLVs. Syntax: LLDP Optional_TLV [<port_list>] [port_descr|sys_name|sys_descr|sys_capa|mgmt_addr] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Description of the port port_descr : System name sysm_name : Description of the system...
Page 357: Lldp Delay
User’s Manual of NS3601-24P/4S Series Parameters: <hold>: LLDP hold value (2-10) Default Setting: Example: Set LLDP hold value in 10 SWITCH/>lldp hold 10 LLDP Delay Description: Set or show LLDP Tx delay. Syntax: LLDP Delay [<delay>] Parameters: <delay>: LLDP transmission delay (1-8192) Default Setting: Example: Set LLDP delay value in 1...
Page 358: Lldpmed Command
User’s Manual of NS3601-24P/4S Series Show LLDP Statistics of port 1 SWITCH/>lldp statistics 1 LLDP global counters Neighbor entries was last changed at - (323592 sec. ago). Total Neighbors Entries Added Total Neighbors Entries Deleted 0. Total Neighbors Entries Dropped 0. Total Neighbors Entries Aged Out 0.
Page 359: Lldpmed Civic
User’s Manual of NS3601-24P/4S Series Parameters: <port_list>: Port list or 'all', default: All ports Example: Show LLDP-MED configuration of port1~4 SWITCH/>lldpmed configuration 1-4 LLDP-MED Configuration: ======================= Fast Start Repeast Count : 4 Location Coordinates : Latitude - 0.0000 North Longitude - 0.0000 East Altitude - 0.0000 meter(s)
Page 360: Lldpmed Ecs
User’s Manual of NS3601-24P/4S Series LLDPMED ECS Description: Set or show LLDP-MED Emergency Call Service. Syntax: LLDPMED ecs [<ecs_value>] Parameters: <ecs_value>: lldpmed The value for the Emergency Call Service LLDPMED Policy Delete Description: Delete the selected policy. Syntax: LLDPMED policy delete [<policy_list>] Parameters: <policy_list>: List of policies to delete Example:...
Page 361: Lldpmed Port Policy
User’s Manual of NS3601-24P/4S Series : This field shall contain the DSCP value to be used to provide Diffserv node behavior for the specified <dscp> application type as defined in IETF RFC 2474 [5]. This 6 bit field may contain one of 64 code point values (0 through 63).
Page 362: Power Over Ethernet Command
User’s Manual of NS3601-24P/4S Series LLDPMED Fast [<count>] Parameters: <count>: The number of times the fast start LLDPDU are being sent during the activation of the fast start mechanism defined by LLDP-MED (1-10). LLDPMED Info Description: Show LLDP-MED neighbor device information. Syntax: LLDPMED Info [<port_list>] Parameters:...
Page 363: Poe Mode
User’s Manual of NS3601-24P/4S Series Enabled High 15.4 15.4 Enabled High 15.4 15.4 Enabled High 15.4 15.4 Enabled High 15.4 15.4 Enabled High 15.4 15.4 Enabled High 15.4 15.4 Enabled High 15.4 15.4 Enabled High 15.4 15.4 Enabled High 15.4 15.4 Enabled High 15.4...
Page 364: Poe Management Mode
User’s Manual of NS3601-24P/4S Series PoE Management Mode Description: Show / Set PoE management mode. Syntax: PoE Mgmt_mode [mgt_class|mgt_alloc|mgt_consumption|mgt_priority] Parameters: mgt_class: handle power allocation according to PD class mgt_alloc: power allocated according to values entered in power allocate mgt_consumption: allocated according to PD actual need , with a maximum of 15.4 W per port mgt_priority: max.
Page 365: Quality Of Service Command
User’s Manual of NS3601-24P/4S Series SWITCH/>poe alloc_power 1-4 10 PoE Power Supply Description: Set or show the value of the power supply. Syntax: PoE Power_Supply [<supply_power>] Parameters: <supply_power>: PoE power for a power supply Example: Set 200 watts of power supply. SWITCH/>poe power_supply 200 PoE Status Description:...
Page 366: Qos Classes
User’s Manual of NS3601-24P/4S Series QoS Classes Description: Set or show the number of traffic classes. Syntax: QoS Classes [<class>] Parameters: <class>: Number of traffic classes (1,2 or 4) Default Setting: Example: Set QoS classes 2 SWITCH/>qos classes 2 QoS Default Description: Set or show the default port priority.
Page 367: Qos Qcl Port
User’s Manual of NS3601-24P/4S Series QoS QCL Port Description: Set or show the port QCL ID. Syntax: QoS QCL Port [<port_list>] [<qcl_id>] Parameters: <port_list>: Port list or 'all', default: All ports : QCL ID <qcl_id> Default Setting: Example: Set QCL ID5 for port10 SWITCH/>qos qcl port 10 5 QoS QCL Add Description:...
Page 368: Qos Qcl Lookup
User’s Manual of NS3601-24P/4S Series QoS QCL Lookup Description: Lookup QCE. Syntax: QoS QCL Lookup [<qcl_id>] [<qce_id>] Parameters: <qcl_id>: QCL ID <qce_id>: QCE ID (1-24) QoS Mode Description: Set or show the port egress scheduler mode. Syntax: QoS Mode [<port_list>] [strict|weighted] Parameters: <port_list>: Port list or 'all', default: All ports strict : Strict mode...
Page 369: Qos Shaper
User’s Manual of NS3601-24P/4S Series Disabled, 500kbps Example: Set 1000kbps rate limiter for port17~24 SWITCH/>qos rate limiter 17-24 enable 1000 QoS Shaper Description: Set or show the port shaper. Syntax: QoS Shaper [<port_list>] [enable|disable] [<bit_rate>] Parameters: <port_list>: Port list or 'all', default: All ports : Enable shaper enable : Disable shaper...
Page 370: Qos Strom Broadcast
User’s Manual of NS3601-24P/4S Series Default Setting: Disabled, 1pps Example: Enable multicast storm rate limiter in 1kpps SWITCH/>qos storm multicast enable 1k QoS Strom Broadcast Description: Set or show the multicast storm rate limiter. Syntax: QoS Storm Broadcast [enable|disable] [<packet_rate>] Parameters: : Enable broadcast storm control enable...
Page 371: Mirror Command
User’s Manual of NS3601-24P/4S Series : Traffic class low/normal/medium/high or 1/2/3/4 <class> : QoS DSCP Remarking Value 0/8/16/24/32/40/48/56/46 <dscp> Mirror Command Mirror Configuration Description: Show mirror configuration. Syntax: Mirror Configuration [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Default Setting: disable Example:...
Page 372: Configuration Command
User’s Manual of NS3601-24P/4S Series SWITCH/>mirror sid 2 Mirror Mode Description: Set or show the mirror mode. Syntax: Mirror Mode [<port_list>] [enable|disable|rx|tx] Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable Rx and Tx mirroring disable: Disable Mirroring : Enable Rx mirroring : Enable Tx mirroring (default: Show mirror mode)
Page 373: Firmware Command
User’s Manual of NS3601-24P/4S Series Firmware Command Firmware Load Description: Load new firmware from TFTP server. Syntax: Firmware Load <ip_addr_string> <file_name> Parameters: <ip_addr_string>: IP host address (a.b.c.d) or a host name string : Firmware file name <file_name> Firmware IPv6 Load Description: Load new firmware from IPv6 TFTP server.
Page 374: Mvr Command
User’s Manual of NS3601-24P/4S Series enable : Enable UPnP disable: Disable UPnP (default: Show UPnP mode) Default Setting: disable Example: Enable the UPnP mode. SWITCH/>upnp mode enable UPnP TTL Description: Set or show the TTL value of the IP header in SSDP messages. Syntax: UPnP TTL [<ttl>] Parameters:...
Page 375: Mvr Group
User’s Manual of NS3601-24P/4S Series Example: Show the MVR configuration. SWITCH/>mvr configuration MVR Configuration: ================== MVR Mode: Disabled Muticast VLAN ID: 100 Port Port Mode Port Type Immediate Leave ---- ----------- ----------- --------------- Disabled Receive Disabled Disabled Receive Disabled Disabled Receive Disabled Disabled...
Page 376: Mvr Port Mode
User’s Manual of NS3601-24P/4S Series : Disable MVR mode disable (default: Show MVR mode) Default Setting: disable Example: Enable MVR mode. SWITCH/>mvr mode enable MVR Port Mode Description: Set or show the MVR port mode. Syntax: MVR Port Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all', default: All ports : Enable MVR mode...
Page 377: Oice Vlan Command
User’s Manual of NS3601-24P/4S Series <port_list>: Port list or 'all', default: All ports : Enable source mode source : Disable receiver mode receiver (default: Show MVR port type) Default Setting: receive Example: Set source type for MVR port type of port 1. SWITCH/>mvr port type 1 source MVR Immediate Leave Description:...
Page 378: Voice Vlan Mode
User’s Manual of NS3601-24P/4S Series 00-03-6B Cisco phones 00-0F-E2 H3C phones 00-60-B9 Philips and NEC AG phones 00-D0-1E Pingtel phones 00-E0-75 Polycom phones 00-E0-BB 3Com phones 00-01-E3 Siemens AG phones Voice VLAN Port Configuration: ============================== Port Mode Security Discovery Protocol ---- -------- --------...
Page 379: Voice Vlan Id
User’s Manual of NS3601-24P/4S Series Voice VLAN ID Description: Set or show Voice VLAN ID. Syntax: Voice VLAN ID [<vid>] Parameters: <vid>: VLAN ID (1-4095) Default Setting: 1000 Example: Set ID 2 for Voice VLAN ID. SWITCH/>voice vlan id 2 Voice VLAN Agetime Description: Set or show Voice VLAN age time.
Page 380: Voice Vlan Oui Delete
User’s Manual of NS3601-24P/4S Series Modify OUI table will restart auto detect OUI process. Syntax: Voice VLAN OUI Add <oui_addr> [<description>] Parameters: : OUI address (xx-xx-xx) <oui_addr> <description>: Entry description. Use 'clear' or "" to clear the string No blank or space characters are permitted as part of a contact.(only in CLI) Example: Add Voice VLAN OUI entry.
Page 381: Smtp Command
User’s Manual of NS3601-24P/4S Series Voice VLAN Port Mode Description: Set or show the Voice VLAN port mode. When the port mode isn't disabled, we must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filter. Syntax: Voice VLAN Port Mode [<port_list>] [disable|auto|force] Parameters:...
Page 382: Smtp Mode
User’s Manual of NS3601-24P/4S Series SMTP Mode Description: Enable or disable SMTP configure. Syntax: SMTP Mode [enable|disable] Parameters: : Enable SMTP mode enable : Disable SMTP mode disable (default: Show SMTP mode) Default Setting: disable SMTP Server Description: Set or show SMTP server configure. Syntax: SMTP Server [<server>] [<port>] Parameters:...
Page 383: Smtp Mailfrom
User’s Manual of NS3601-24P/4S Series SMTP Auth_pass Description: Set or show SMTP authentication password configure. Syntax: SMTP Auth_pass [<auth_pass_text>] Parameters: <auth_pass_text>: SMTP Authentication Password Default Setting: disable SMTP Mailfrom Description: Set or show SMTP e-mail from configure. Syntax: SMTP Mailfrom [<mailfrom_text>] Parameters: <mailfrom_text>: SMTP E-mail From address Default Setting:...
Page 384: Show Command
User’s Manual of NS3601-24P/4S Series Parameters: <mailto1_text>: SMTP e-mail 2 to address Default Setting: disable Show Command Show ACL Configuration Description: Show ACL Configuration. Syntax: Show acl Show Link Aggregation Configuration Description: Show link aggregation configuration. Syntax: Show aggr Show IGMP Configuration Description: Show IGMP snooping configuration.
Page 385 User’s Manual of NS3601-24P/4S Series Show MAC Configuration Description: Show MAC address table configuration. Syntax: Show MAC Show Mirror Configuration Description: Show mirror configuration. Syntax: Show mirror Show PoE Configuration Description: Show PoE configuration. Syntax: Show PoE Show Port Configuration Description: Show port configuration.
Page 386 User’s Manual of NS3601-24P/4S Series Syntax: Show stack Show System Configuration Description: Show system configuration. Syntax: Show system Show VLAN Configuration Description: Show VLAN configuration. Syntax: Show vlan Show STP Configuration Description: Show STP Port configuration. Syntax: Show STP...
Page 387: Switch Operation
User’s Manual of NS3601-24P/4S Series SWITCH OPERATION Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is used to store the address information of some node in network, including MAC address, port no, etc. This in-formation comes from the learning process of Ethernet Switch.
Page 388 User’s Manual of NS3601-24P/4S Series...
Page 389: Power Over Ethernet Overview
User’s Manual of NS3601-24P/4S Series POWER OVER ETHERNET OVERVIEW What is PoE? Based on the global standard IEEE 802.3af, PoE is a technology for wired Ethernet, the most widely installed local area network technology adopted today. PoE allows the electrical power necessary for the operation of each end-device to be carried by data cables rather than by separate power cords.
Page 390: The Poe Provision Process
User’s Manual of NS3601-24P/4S Series Figure 8-2 - Power Supplied over the Data Pins When to install PoE? Consider the following scenarios: • • You're planning to install the latest VoIP Phone system to minimize cabling building costs when your company moves into new offices next month.
Page 391: Stages Of Powering Up A Poe Link
User’s Manual of NS3601-24P/4S Series Stages of powering up a PoE link Volts specified Volts managed Stage Action per 802.3af by chipset Measure whether powered device has the correct signature 2.7-10.0 1.8–10.0 Detection resistance of 15–33 kΩ Measure which power level class the resistor indicates 14.5-20.5 12.5–25.0 Classification...
Page 392 User’s Manual of NS3601-24P/4S Series DC Disconnect detection involves measurement of current. Naturally, a disconnected PD stops consuming current, which can be inspected by the PSE. The PSE must therefore disconnect power within 300 to 400 ms from the current flow stop. The lower time boundary is important to prevent shutdown due to random fluctuations.
Page 393: Trouble Shooting
User’s Manual of NS3601-24P/4S Series TROUBLE SHOOTING This chapter contains information to help you solve problems. If the Ethernet Switch is not functioning properly, make sure the Ethernet Switch was set up according to instructions in this manual. ■ The Link LED is not lit Solution: Check the cable connection and remove duplex mode of the Ethernet Switch ■...
Page 394: Appendex A
User’s Manual of NS3601-24P/4S Series APPENDEX A Switch's RJ-45 Pin Assignments 1000Mbps, 1000Base T Contact MDI-X BI_DA+ BI_DB+ BI_DA- BI_DB- BI_DB+ BI_DA+ BI_DC+ BI_DD+ BI_DC- BI_DD- BI_DB- BI_DA- BI_DD+ BI_DC+ BI_DD- BI_DC- Implicit implementation of the crossover function within a twisted-pair cable, or at a wiring panel, while not expressly forbidden, is beyond the scope of this standard.
Page 395 User’s Manual of NS3601-24P/4S Series There are 8 wires on a standard UTP/STP cable and each wire is color-coded. The following shows the pin allocation and color of straight cable and crossover cable connection: Straight Cable SIDE 1 SIDE2 SIDE 1 1 = White / Orange 1 = White / Orange 2 = Orange...
Page 396: Appendex B : Glossary
User’s Manual of NS3601-24P/4S Series APPENDEX B : GLOSSARY ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID. There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The ACE also contains many detailed, different parameter options that are available for individual application.
Page 397 User’s Manual of NS3601-24P/4S Series ARP is an acronym for Address Resolution Protocol. It is a protocol that used to convert an IP address into a physical address, such as an Ethernet address. ARP allows a host to communicate with other hosts when only the Internet address of its neighbors is known.
Page 398 User’s Manual of NS3601-24P/4S Series Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address.
Page 399 User’s Manual of NS3601-24P/4S Series and provides file writing and reading. It also provides directory service and security features. Fast Leave IGMP snooping Fast Leave processing allows the switch to remove an interface from the forwarding-table entry without first sending out group specific queries to the interface. The VLAN interface is pruned from the multicast tree for the multicast group specified in the original leave message.
Page 400 User’s Manual of NS3601-24P/4S Series IMAP is an acronym for Internet Message Access Protocol. It is a protocol for email clients to retrieve email messages from a mail server. IMAP is the protocol that IMAP clients use to communicate with the servers, and SMTP is the protocol used to transport mail to an IMAP server.
Page 401 User’s Manual of NS3601-24P/4S Series LLDP-MED LLDP-MED is an extendsion of IEEE 802.1ab and is defined by the telecommunication industry association (TIA-1057). LOC is an acronym for Loss Of Connectivity and is detected by a MEP and is indicating lost connectivity in the network. Can be used as a switch criteria by EPS MAC Table Switching of frames is based upon the DMAC address contained in the frame.
Page 402 User’s Manual of NS3601-24P/4S Series NAS is an acronym for Network Access Server. The NAS is meant to act as a gateway to guard access to a protected source. A client connects to the NAS, and the NAS connects to another resource asking whether the client's supplied credentials are valid.
Page 403 User’s Manual of NS3601-24P/4S Series PD is an acronym for Powered Device. In a PoE> system the power is delivered from a PSE ( power sourcing equipment ) to a remote device. The remote device is called a PD. PHY is an abbreviation for Physical Interface Transceiver and is the device that implement the Ethernet physical layer (IEEE-802.3).
Page 404 User’s Manual of NS3601-24P/4S Series There are six QCE frame types: Ethernet Type, VLAN, UDP/TCP Port, DSCP, TOS, and Tag Priority. Frames can be classified by one of 4 different QoS classes: "Low", "Normal", "Medium", and "High" for individual application. QCL is an acronym for QoS Control List.
Page 405 User’s Manual of NS3601-24P/4S Series SAMBA Samba is a program running under UNIX-like operating systems that provides seamless integration between UNIX and Microsoft Windows machines. Samba acts as file and print servers for Microsoft Windows, IBM OS/2, and other SMB client machines. Samba uses the Server Message Block (SMB) protocol and Common Internet File System (CIFS), which is the underlying protocol used in Microsoft Windows networking.
Page 406 User’s Manual of NS3601-24P/4S Series Switch IDs (1-16) are used to uniquely identify the switches within a stack. The Switch ID of each switch is shown on the display on the front of the switch and is used widely in the web pages as well as in the CLI commands. SyncE SyncE Is an abbreviation for Synchronous Ethernet.
Page 407 User’s Manual of NS3601-24P/4S Series UDP is an acronym for User Datagram Protocol. It is a communications protocol that uses the Internet Protocol (IP) to exchange the messages between computers. UDP is an alternative to the Transmission Control Protocol (TCP) that uses the Internet Protocol (IP). Unlike TCP, UDP does not provide the service of dividing a message into packet datagrams, and UDP doesn't provide reassembling and sequencing of the packets.
Page 408 User’s Manual of NS3601-24P/4S Series WiFi WiFi is an acronym for Wireless Fidelity. It is meant to be used generically when referring of any type of 802.11 network, whether 802.11b, 802.11a, dual-band, etc. The term is promulgated by the Wi-Fi Alliance. WPA is an acronym for Wi-Fi Protected Access.
Page 409: Appendix C: Local User Privilege Level Table
User’s Manual of NS3601-24P/4S Series APPENDIX C: Local User Privilege Level Table GE-DSSG-244 Model GE-DSSG-244-POE NS3601-24P/4S Group Name Master Security User Level Admin Viewer Admin Viewer Admin Viewer Main Function System Information Change Change Change View Only View Only Not Accessable IP Configuration Change Change...
Page 410 User’s Manual of NS3601-24P/4S Series User Name Admin Viewer Admin Viewer Admin Viewer Main Function Port Configuration Change Change Change View Only Not Accessable Not Accessable Port Statistics Overview Change Change Change View Only Not Accessable Not Accessable Port Port Statistics Detail Change Change Change...
Page 411 User’s Manual of NS3601-24P/4S Series Group Name Master Security User Name Admin Viewer Admin Viewer Admin Viewer Main Function Statistics Change Change Change View Only Not Accessable Not Accessable DSCP Remarking Change Change Change View Only Not Accessable Not Accessable Voice VLAN Configuration Change Change...
Page 412 User’s Manual of NS3601-24P/4S Series Group Name Master Security User Name Admin Viewer Admin Viewer Admin Viewer Main Function Dynamic IP Source Guard MAC Address Change Change Change View Only Change View Only Table Table Configuration Change Change Change View Only Change View Only LLDP-MED...

This manual is also suitable for:

Ifs ns3601-4s Ge-dssg-244 Ge-dssg-244-poe Ns3601-24p/4s