Page 1 User Interface for PoE Switches Models: ES-24-250W, ES-24-500W, Administration Guide ES-48-500W, ES-48-750W...
Page 2: Table Of Contents
Logged in Sessions ............38 Ubiquiti Networks, Inc.
Page 3 Network Port DHCPv6 Client Statistics ........85 Ubiquiti Networks, Inc.
Page 4 VLAN Port Summary ............128 Ubiquiti Networks, Inc.
Page 5 Spanning Tree Statistics ........... . 169 Ubiquiti Networks, Inc.
Page 6 Port Access Control History Log Summary ........216 Ubiquiti Networks, Inc.
Page 7 Diffserv Policy Performance Statistics ........257 Ubiquiti Networks, Inc.
Page 8 Ubiquiti Networks Support ........
Page 9: About This Document
• “Appendix A: Configuration Examples” on page 259 describes how to configure selected features on the switch using either the EdgeSwitch UI, command-line interface, and/or Simple Network Management Protocol (SNMP). Products and Models This document covers the following Ubiquiti products and models: Affected Products Name Description...
Page 10: Related Documents
Name of UI page, dialog box, window, etc. Use the IP Address Conflict Detection page > Order of navigation selections to access a page To access the Session page, click System > Users > Session Courier show network CLI commands and their output font Ubiquiti Networks, Inc.
Page 11: Chapter 1: Getting Started
2. Type the User Name and Password into the fields on the login screen, and then click Login. The user name and password are the same as those you use to log on to the command-line interface. By default, the user name is ubnt, and the password is ubnt. Passwords are case-sensitive. Ubiquiti Networks, Inc.
Page 12: Edgeswitch Ui Page Layout
• Gray indicates that the port link is down. • Amber indicates that the port link is up at 100 Mbps. • Green indicates that the port link is up at 1 Gbps. • A white dot indicates PoE output. Ubiquiti Networks, Inc.
Page 13: Navigation Menu
Each menu option (subcategory or page name) that you select is highlighted (the color changes to a lighter shade of gray). When you select a page, the navigation menus and submenus are again hidden, and the selected page appears in the main window. Ubiquiti Networks, Inc.
Page 14: Configuration And Status Fields
Configuration options allow you to input information using text input boxes, or make selections from drop- down boxes, radio buttons, and check boxes. Status fields display read-only information related to the switch and its configuration. Radio buttons Status fields Drop-down box Check box Text input field Example of Configuration and Status Fields Ubiquiti Networks, Inc.
Page 15: Command Buttons
For example, the following illustration shows the Event Log page in its default sort order (sorted by Log Index). To sort the table entries (rows) by the Event Time field, simply click the Event Time heading. Click to sort by Event Time Column Headings in Table Ubiquiti Networks, Inc.
Page 16: Help Page Access
Help Icon User-Defined Fields User-defined fields can contain 1-159 characters, unless otherwise noted on the configuration UI page. All characters may be used except for the following (unless specifically noted in the feature’s Help page): < > Ubiquiti Networks, Inc.
Page 17: Using The Command-Line Interface
• The command mode you must be in to access the command. • The default value, if any, of a configurable setting on the device. show Each command in this document also includes a description of the information displayed by the command. Ubiquiti Networks, Inc.
Page 18: Chapter 2: Configuring Power Over Ethernet
The following fields apply only to interfaces whose PoE mode is set to 54V auto: PoE Output The interface’s current PoE output power in W Current The interface’s current output current in mA Voltage The interface’s current output voltage in V Ubiquiti Networks, Inc.
Page 19 Submit to apply the settings. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 20: Chapter 3: Configuring System Information
• “Using System Utilities” on page 91 • “Managing SNMP Traps” on page 101 • “Managing the DHCP Server” on page 103 • “Configuring Time Ranges” on page 110 • “Configuring DNS” on page 113 • “Configuring SNTP Settings” on page 116 Ubiquiti Networks, Inc.
Page 21: Viewing Arp Cache
Use the buttons to perform the following tasks: • Click Refresh to reload the page and refresh the ARP cache view. • Click Clear Entries to clear all entries from the table. The table will be repopulated as new addresses are learned. Ubiquiti Networks, Inc.
Page 22: Viewing Inventory Information
The release.version.maintenance number of the code currently running on the switch. For example, if the release is 1, the version is 2 and the maintenance number is 4, the format is “1.2.4.” Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 23: Viewing The Dual Image Status
Backup Displays the description associated with the backup code file. Click Refresh to display the latest information from the switch. For information about how to update or change system images, see “Using System Utilities” on page 91. Ubiquiti Networks, Inc.
Page 24: Viewing System Resources
The percentage amount of CPU utilization consumed by the corresponding task in the last 60 seconds. 300 Seconds The percentage amount of CPU utilization consumed by the corresponding task in the last 300 seconds. Click Refresh to display the latest information from the switch. Ubiquiti Networks, Inc.
Page 25: System Resource Configuration
• Click Submit to apply the settings immediately to the running configuration. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 26: Defining General Device Information
• “Line Password Configuration” on page 44 • “Enable Password Configuration” on page 45 • “Password Rules” on page 46 • “Last Password Result” on page 48 • “Denial of Service Configuration” on page 49 • “CLI Banner Configuration” on page 51 Ubiquiti Networks, Inc.
Page 27: System Description
Click Refresh to refresh the page with the most current data from the switch. Click Cancel to exit the page. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 28: Ip Address Conflict Detection
The IPv4 Network Connectivity and IPv6 Network Connectivity pages allow you to change the IPv4 and IPv6 information using the EdgeSwitch UI. To access the pages, click System > Connectivity > IPv4 or IPv6 in the navigation menu. Ubiquiti Networks, Inc.
Page 29 Specifies the management VLAN ID of the switch. It may be configured to any value from 1 to 4093. The management VLAN is used for management of the switch. This field is configurable for administrative users and read-only for other users. Ubiquiti Networks, Inc.
Page 30 • If you change any of the network connectivity parameters, click Submit to apply the settings immediately to the running configuration. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 31: Network Port Ipv6 Neighbors
• To remove entries, select each entry to remove, click Remove, and confirm the removal. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 32: Dhcp Client Options
UI is limited to secure HTTP, which is disabled by default. HTTP Session Soft Timeout Specifies the inactivity timeout value for HTTP sessions, in the range of 1 to 60 minutes (0 corresponds to an infinite timeout). The default value is 5 minutes. Ubiquiti Networks, Inc.
Page 33: Secure Http Configuration
HTTPS Session Hard Time Out The maximum time in hours that a user connected to the device via an HTTPS session can be inactive (Hours) before being automatically logged out, regardless of the amount of HTTPS activity that occurs. Ubiquiti Networks, Inc.
Page 34: Ssh Configuration
This page also allows you to download or generate SSH host keys for secure CLI-based management. To access the page, click System > Management Access > SSH in the navigation menu. SSH Configuration Ubiquiti Networks, Inc.
Page 35 CLI. To display the Telnet Session Configuration page, click System > Management Access > Telnet in the navigation menu. Ubiquiti Networks, Inc.
Page 36: User Accounts
(either read-only or read/write). You can delete all accounts except for the default account. Note: Only a user with read/write privileges may alter data on this screen. To access the User Accounts page, click System > Users > Accounts in the navigation menu. Ubiquiti Networks, Inc.
Page 37 Passwords must be from 8 to 64 characters in length, and are case-sensitive. Confirm Enter the password again, to confirm that you entered it correctly. The password characters are not displayed on the page, but are disguised in a browser-specific manner. Ubiquiti Networks, Inc.
Page 38: Authentication Server Users
When 802.1X authentication is enabled on the ports and the authentication method is LOCAL, port access is allowed only to users in this database that provide the correct name and password. To access the Auth Server Users page, click System > Users > Auth Server Users in the navigation menu. Ubiquiti Networks, Inc.
Page 39 Password Specify the password to associate with the user name (if required). Confirm Re-enter the password to confirm the entry. Encrypted Select this option to encrypt the password before it is stored on the device. Ubiquiti Networks, Inc.
Page 40: Logged In Sessions
RADIUS server or TACACS+ server. To access the User Domain Name page, click System > Users > User Domain Name in the navigation menu. User Domain Name Ubiquiti Networks, Inc.
Page 41 Method Options The method(s) used to record user activity. The possible methods are as follows: • TACACS+ Accounting notifications are sent to the configured TACACS+ server. • RADIUS Accounting notifications are sent to the configured RADIUS server. Ubiquiti Networks, Inc.
Page 42: Accounting Selection
This list also records the time when the action occurred. For Terminal access methods, this list records the CLI commands a user executes and when each command is issued. To access the Accounting Selection page, click System > AAA > Accounting Selection in the navigation menu. Accounting Selection Ubiquiti Networks, Inc.
Page 43: Authentication List Configuration
Additionally, the List Name and Access Type settings for the default lists cannot be changed. To access the Authentication List Configuration page, click System > AAA > Authentication List in the navigation menu. Authentication List Configuration Ubiquiti Networks, Inc.
Page 44 To create a new authentication list, see “Authentication Server Users” on page 37. To assign users to a specific authentication list, see “User Accounts” on page 35. To configure the 802.1X port security users, see “RADIUS Settings” on page 218. Ubiquiti Networks, Inc.
Page 45: Authentication Selection
To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Line Password Configuration Use the Line Password page to configure line mode passwords. To display the page, click System > Passwords > Line Password in the navigation menu. Ubiquiti Networks, Inc.
Page 46: Enable Password Configuration
To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Enable Password Configuration Use the Enable Password Configuration page to configure the enable password. To display the page, click System > Passwords > Enable Password in the navigation menu. Enable Password Configuration Ubiquiti Networks, Inc.
Page 47 To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Password Rules Use the Password Rules page to configure settings that apply to all user passwords. To display the page, click System > Passwords > Password Rules in the navigation menu. Password Rules Ubiquiti Networks, Inc.
Page 48 • If you make changes to the page, click Submit to apply the changes to the running configuration. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 49: Last Password Result
Strength Check Displays Enabled if Strength Check is applied in last password change, otherwise it displays Disabled. Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 50: Denial Of Service Configuration
When selected, this option allows the device to drop packets that have the UDP source port equal to the UDP destination port. SIP=DIP When selected, this option allows the device to drop packets that have a source IP address equal to the destination IP address. Ubiquiti Networks, Inc.
Page 51 • If you change any of the DoS settings, click Submit to apply the changes to the running configuration. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 52: Cli Banner Configuration
You can also clear the CLI banner by deleting the text in the CLI Banner Message field and clicking Submit. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 53: Basic Switch Configuration
• If you make changes to the page, click Submit to apply the changes to the running configuration. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 54: Managing Logs
The Log Configuration page allows administrators with the appropriate privilege level to configure the administrative mode and various settings for logging features on the switch. To access the Log Configuration page, click System > Logs > Configuration in the navigation menu. Log Configuration Ubiquiti Networks, Inc.
Page 55 • If you make changes to the page, click Submit to apply the changes to the running configuration. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 56: Buffered Log
• Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 57: Event Log
The only correlation between any two entries in the event log is the relative amount of time after a system reset that the event occurred. Click Refresh to update the screen and associated messages. Ubiquiti Networks, Inc.
Page 58: Logging Hosts
• To delete a configured logging host from the list, select the check box associated with each entry to delete, click Remove, and confirm the deletion. • Click Refresh to update the screen and associated messages. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 59: Syslog Source Interface Configuration
• If you make changes to the page, click Submit to apply the changes to the running configuration. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 60: Persistent Log
The device is providing non-critical information. • Debug (7) The device is providing debug-level information. Component The component that has issued the log entry. Description The text description for the log entry. Click Refresh to update the screen and associated messages. Ubiquiti Networks, Inc.
Page 61: Configuring Email Alerts
See the Urgent Messages Severity field description for information about the severity levels. Traps Severity Configures the severity level for trap log messages. See the Urgent Messages Severity field description for information about the severity levels. Ubiquiti Networks, Inc.
Page 62: Email Alert Server Configuration
• To delete a configured SMTP server from the list, select the check box next to the entry to delete and click Remove. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 63: Email Alert Statistics
• To reset the values on the page to zero, click Clear Counters. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 64: Email Alert Subject Configuration
• To remove a configured Email Subject, select the Remove check box associated with the entry, click Delete, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 65: Email Alert To Address Configuration
Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 66: Viewing Device Port Information
If the interface is a LAG, this field displays LAG. Physical Status The port speed and duplex mode for physical interfaces. The physical status is not reported for LAGs. When a port is down, the physical status is unknown. Ubiquiti Networks, Inc.
Page 67 Submit to apply the changes. • Click Refresh to redisplay the page with the latest information. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 68: Port Description
Port Description field, and click Submit to apply the changes. • Click Refresh to redisplay the page with the latest information. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 69: Cable Test
PHY for the current link speed. Note: If the link is down and a cable is attached to a 10/100 Ethernet adapter, the displayed Cable Status may be Open or Short because some Ethernet adapters leave unused wire pairs unterminated or grounded. Ubiquiti Networks, Inc.
Page 70: Mirroring
Direction The direction of traffic on the source port(s) that is sent to the probe port. Possible values are: • Tx and Rx Both ingress and egress traffic. • Ingress traffic only. • Egress traffic only. Ubiquiti Networks, Inc.
Page 71: Configuring A Port Mirroring Session
The new port mirroring session is enabled for the unit and port, and the device is updated. The source port appears in the Source Port list on the Multiple Port Mirroring page. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 72: Configuring The Port Mirroring Destination
3. Click Remove Source, and then click OK to confirm the operation. The selected source ports are removed from the port mirroring session, and the device is updated. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 73: Defining Snmp Parameters
• Feature Access Control • Traps Authentication or Privacy Keys are modified in the SNMPv3 User Security Model (USM). Use the SNMP page to define SNMP parameters. To display the SNMP page, click System > SNMP in the navigation menu. Ubiquiti Networks, Inc.
Page 74: Snmp Community Configuration
• To delete a configured community from the list, select the check box next to its entry, click Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 75: Snmp V1/V2 Trap Receivers Configuration
• To delete one or more SNMP trap receivers from the list, select each entry to delete, click Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 76: Snmp V3 Trap Receivers Configuration
• To delete one or more SNMP trap receivers from the list, select each entry to delete and click Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 77: Snmp Access Control Group
MD5 key/password for authentication, but no DES key/password for encryption. • Auth Priv Authentication and data encryption. With this security level, users send an MD5 key/password for authentication and a DES key/password for encryption. Ubiquiti Networks, Inc.
Page 78: Snmp User Security Model
Specifies the name of the SNMP user being added for the User-based Security Model (USM). Each user name must be unique within the SNMP agent user list. A user name cannot contain any leading or embedded blanks. Ubiquiti Networks, Inc.
Page 79: Snmp Trap Source Interface Configuration
To access the SNMP Trap Source Interface Configuration page, click System > Advanced Configuration > SNMP > Source Interface Configuration in the navigation menu. SNMP Trap Source Interface Configuration Ubiquiti Networks, Inc.
Page 80 • If you make any changes to the page, click Submit to apply the changes to the system. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 81: Viewing System Statistics
Note that this number does not include packets directed to the broadcast address. Broadcast Packets The total number of packets transmitted or received by the device that were directed to the broadcast address. Note that this number does not include multicast packets. Ubiquiti Networks, Inc.
Page 82 • Click Clear Counters to clear all the statistics counters, resetting all switch summary and detailed statistics to default values. The discarded packets count cannot be cleared. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 83: Port Summary
• Click Clear All Counters to clear counters for all switches in the stack. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 84: Port Detailed Statistics
The Port Detailed Statistics page displays a variety of per-port traffic statistics. To access the Port Detailed page, click System > Statistics > System > Port Detailed in the navigation menu. The following illustration shows the fields on the Port Detailed Statistics page. Port Detailed Statistics Ubiquiti Networks, Inc.
Page 85 The number of Spanning Tree Protocol (STP) Bridge Protocol Data Units (BPDUs) transmitted or received by the interface. RSTP BPDUs The number of Rapid STP BPDUs transmitted or received by the interface. MSTP BPDUs The number of Multiple STP BPDUs transmitted or received by the interface. Ubiquiti Networks, Inc.
Page 86 • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 87: Network Port Dhcpv6 Client Statistics
Number of rebind messages the DHCPv6 client has sent to any available DHCPv6 server to request an extension of its addresses and an update to any other relevant information. This message is sent only if the client does not receive a response to the renew message. Ubiquiti Networks, Inc.
Page 88: Time-Based Group Statistics
The name of the periodic or absolute time range to use for data collection. The time range is configured using the Time Range Entry Summary page (see “Time Range Entry Configuration” on page 111). The time range must be configured on the system before the time-based statistics can be collected. Ubiquiti Networks, Inc.
Page 89: Time-Based Flow Statistics
Configure the system clock (manually or through SNTP) before using the time-based statistics feature. To access the Time-Based Flow Statistics page, click System > Statistics > Time Based > Flow Based in the navigation menu. Time-Based Flow Statistics Ubiquiti Networks, Inc.
Page 90 • Click Refresh to refresh the data on the screen with the present state of the data in the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 91: Time-Based Statistics
For flow-based statistics, this field reports the number of packets that matched the flow-based rule criteria during the time range. Click Refresh to refresh the data on the screen with the present state of the data in the switch. Ubiquiti Networks, Inc.
Page 92: Using System Utilities
Use the Ping page to tell the switch to send a Ping request to a specified IP address. You can use this feature to check whether the switch can communicate with a particular network host. To access the Ping page, click System > Utilities > Ping in the navigation menu. Ping Ubiquiti Networks, Inc.
Page 93: Ping Ipv6
A ping request is an Internet Control Message Protocol version 6 (ICMPv6) echo request packet. The information you enter on this page is not saved as part of the device configuration. To access the Ping IPv6 page, click System > Utilities > Ping IPv6 in the navigation menu. Ubiquiti Networks, Inc.
Page 94 Interface. Results The results of the ping test, which includes information about the reply (if any) received from the host. Click Submit to send the specified number of pings. The results are displayed in the Results box. Ubiquiti Networks, Inc.
Page 95: Traceroute
If the destination is further away, the traceroute will not reach it. InitTTL The initial Time-To-Live (TTL). This value controls the maximum number of Layer-3 hops that the first set of probes may travel. Ubiquiti Networks, Inc.
Page 96: Ip Address Conflict Detection
An IP address conflict can make both this system and the system with the same IP address unusable for network operation. To access the IP Address Conflict Detection page, click System > Utilities > IP Address Conflict in the navigation menu. IP Address Conflict Detection Ubiquiti Networks, Inc.
Page 97: File Transfer
To transfer a file from a remote system to the device using HTTP, TFTP or FTP, click in the same row as the desired transfer protocol. The File Download window appears. Configure the information for the file transfer (described below), and click Begin Transfer to begin the transfer. Ubiquiti Networks, Inc.
Page 98: Uploading Files
For Code and Configuration file types this option, when checked, will verify the file download with the digital signature. Status Provides information about the status of the file transfer. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 99: Downloading Files
For Code and Configuration file types this option, when checked, will verify the file download with the digital signature. Status Provides information about the status of the file transfer. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 100: Autoinstall
DHCP server. If the switch fails to obtain the file, it will retry indefinitely. To display the AutoInstall Configuration page, click System > Firmware> AutoInstall. AutoInstall Configuration Ubiquiti Networks, Inc.
Page 101 • To reset the fields to their original values, click Cancel. • Click Refresh to display the most recently configured AutoInstall state from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 102: Managing Snmp Traps
• Click Clear Log to clear all entries in the log. Subsequent displays of the log will only show new log entries. • Click Refresh to refresh the data on the screen with the present state of the data in the switch. Ubiquiti Networks, Inc.
Page 103: System Trap Flags
• If you make any changes to this page, click Submit to apply the changes to the system. • Click Refresh to refresh the data on the screen with the present state of the data in the switch. Ubiquiti Networks, Inc.
Page 104: Managing The Dhcp Server
• Click Refresh to refresh the data on the screen with the present state of the data in the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 105: Dhcp Server Pool Configuration
IP address within the defined network as long as it has not been configured as an excluded address. Network Mask Dynamic pools only – The subnet mask associated with the Network Base Address that separates the network bits from the host bits. Ubiquiti Networks, Inc.
Page 106: Dhcp Server Pool Options
DHCP server to supply. To access the page, click System > Advanced Configuration > DHCP Server > Pool Options in the navigation menu. The page displays the fields shown below only if DHCP pools are configured on the system. Ubiquiti Networks, Inc.
Page 107 The data associated with the Option Code. When adding or editing a vendor option, the field(s) available for configuring the value depend on the selected Option Type. If the value you configure contains invalid characters for the selected Option Type, the configuration cannot be applied. Ubiquiti Networks, Inc.
Page 108: Dhcp Server Bindings Information
• To remove an entry from the table, select each entry to delete and click Clear Entries. You must confirm the action before the binding is deleted. • Click Refresh to refresh the data on the screen with the present state of the data in the switch. Ubiquiti Networks, Inc.
Page 109: Dhcp Server Statistics
The number of negative DHCP acknowledgement messages the DHCP server has sent to DHCP clients. This type of message is sent if the client requests an IP address already in use or if the server does not renew the lease. Ubiquiti Networks, Inc.
Page 110: Dhcp Server Conflicts Information
• Click Clear Entries to clear all of the address conflict entries. • Click Refresh to update the information on the screen. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 111: Configuring Time Ranges
• If you change the Admin Mode setting on this page, click Submit to apply the change. • Click Refresh to update the information on the screen. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 112: Time Range Entry Configuration
Choose Time pop-up window. Click Now to use the current time of day. Click Done to close the Choose Time window. This field can be configured only if the Start Time option is selected. Ubiquiti Networks, Inc.
Page 113 • To delete a time range entry, select each entry to delete, click Remove, and confirm the action. • Click Refresh to update the information on the screen. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 114: Configuring Dns
• If you change any settings on this page, click Submit to apply the changes. • Click Refresh to update the information on the screen. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 115: Dns Ip Mapping Configuration
• To delete one or more entries, select each entry to delete, click Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 116: Dns Source Interface Configuration
• If you change any of the settings on the page, click Submit to apply the changes to system. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 117: Configuring Sntp Settings
MD5 (Message Digest 5) Authentication safeguards device synchronization paths to SNTP servers. MD5 is an algorithm that produces a 128-bit hash. MD5 is a variation of MD4, and increases MD4 security. MD5 verifies the integrity of the communication, authenticates the origin of the communication. Ubiquiti Networks, Inc.
Page 118: Sntp Global Configuration
• If you change any of the settings on the page, click Submit to apply the changes to system. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 119: Sntp Global Status
The claimed stratum of the server for the last received valid packet. Reference Clock Id The reference clock identifier of the server for the last received valid packet. Server Mode The mode of the server for the last received valid packet. Ubiquiti Networks, Inc.
Page 120: Sntp Server Configuration
• To remove an SNTP server from the list, select each entry to delete, click Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 121: Sntp Server Status
IP header of SNTP management protocol packets. This allows security devices, such as firewalls, to identify all source packets coming from a specific device. To access the SNTP Source Interface Configuration page, click System > Advanced Configuration > SNTP > Source Interface Configuration in the navigation menu. Ubiquiti Networks, Inc.
Page 122 • If you make any changes to the page, click Submit to apply the settings. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 123: Configuring The Time Zone
Summer time settings are in effect only between the start date and end date of the specified year. If this mode is selected, the summer time settings do not repeat on an annual basis. Zone The acronym that represents the time zone of the summer time. Ubiquiti Networks, Inc.
Page 124: Time Zone Configuration
• If you make any change to the page, click Submit to apply the settings. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 125: Summer Time Configuration
Typically clocks are adjusted forward one or more hours near the start of spring and are adjusted backward in autumn. To access the Summer Time Configuration page, click System > Advanced Configuration > Time Zone > Summer Time in the navigation menu. Summer Time Configuration Ubiquiti Networks, Inc.
Page 126 • If you make any changes to the page, click Submit to apply the settings. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 127: Chapter 4: Configuring Switching Information
• “Viewing Multicast Forwarding Database Information” on page 157 • “Configuring Protected Ports” on page 160 • “Configuring Spanning Tree Protocol” on page 161 • “Mapping 802.1p Priority” on page 170 • “Configuring Port Security” on page 172 • “Managing LLDP” on page 176 Ubiquiti Networks, Inc.
Page 128: Managing Vlans
• To remove one or more configured VLANs, select each entry to delete, click Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 129: Vlan Port Configuration
The tagging behavior for all the ports in this VLAN, which is one of the following: • Tagged The frames transmitted in this VLAN will include a VLAN ID tag in the Ethernet header. Untagged • The frames transmitted in this VLAN will be untagged. Ubiquiti Networks, Inc.
Page 130: Vlan Port Summary
Discards a frame if the VLAN ID in the tag identifies a VLAN to which the port does not belong. • Disable Accepts all tagged frames (factory default). Priority Identifies the default 802.1p priority assigned to untagged packets arriving at the port. Ubiquiti Networks, Inc.
Page 131: Vlan Internal Usage
• If you change any information on the page, click Submit to apply the changes to the system. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 132: Reset Vlan Configuration
To access the Reset VLAN Configuration page, click Switching > VLAN > Reset in the navigation menu. Reset VLAN Configuration To reset the VLAN configuration, click Reset, and then confirm the reset by clicking OK. When the system indicates that all default VLAN settings have been restored, click Close to acknowledge the result. Ubiquiti Networks, Inc.
Page 133: Managing Voice Vlans
Use this page to configure the per-port settings for the Voice VLAN feature. When Voice VLAN is configured on a port that receives both voice and data traffic, it can help ensure that the voice traffic has priority. To display the Voice VLAN Interface Summary page, click Switching > Voice VLAN > Interface Summary. Ubiquiti Networks, Inc.
Page 134 Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 135: Creating Mac Filters
• To remove a filter, select it from the table, click Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 136: Garp Configuration
GVRP and GMRP use the same set of GARP timers to specify the amount of time to wait before transmitting various GARP messages. To access the GARP Port Configuration page, click Switching > GARP > Port in the navigation menu. Ubiquiti Networks, Inc.
Page 137 To change the GARP settings for one or more interfaces, select each interface to configure and click Edit. The same settings are applied to all selected interfaces. Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 138: Configuring Dhcp Snooping
DHCP relay agent, the local DHCP server, or forwarded as an IP packet. To access the DHCP Snooping VLAN Configuration page, click Switching > DHCP Snooping > Base > VLAN Configuration in the navigation menu. Ubiquiti Networks, Inc.
Page 139: Dhcp Snooping Interface Configuration
To change the DHCP Snooping settings for one or more interfaces, select each entry to modify and click Edit. The same settings are applied to all selected interfaces. To access the DHCP Snooping Interface Configuration page, click Switching > DHCP Snooping > Base > Interface Configuration in the navigation menu. Ubiquiti Networks, Inc.
Page 140 Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 141: Dhcp Snooping Static Bindings
• To remove a DHCP snooping static binding, the operation • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 142: Dhcp Snooping Dynamic Bindings
• Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 143: Dhcp Snooping Persistent Configuration
• If you make any changes to this page, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 144: Dhcp Snooping Statistics
Clear Counters. You must confirm the action before the counters are reset. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 145: Configuring Igmp Snooping
• If you make any changes to this page, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 146: Interface Configuration
Then, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 147: Igmp Snooping Source Specific Multicast
The source filter mode (Include or Exclude) for the specified group. Source Address List List of source IP addresses for which source filtering is requested. Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 148: Igmp Snooping Vlan Status
• Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 149: Igmp Snooping Multicast Router Configuration
Multicast Router field, and click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 150: Igmp Snooping Multicast Router Vlan Status
Remove, and confirm the action. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 151: Igmp Snooping Multicast Router Vlan Configuration
• If you make any changes to this page, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 152: Configuring Igmp Snooping Querier
• If you make any changes to this page, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 153: Vlan Configuration
Remove, and confirm the action. Clicking this button does not remove the VLAN from the system. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 154: Igmp Snooping Querier Vlan Status
The IGMP protocol version of the last querier from which a query was snooped on the VLAN. Max Response Time (Seconds) The maximum response time to be used in the queries that are sent by the snooping querier. Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 155: Creating Port Channels
The current link status of the port channel, which can be Up, Up (SFP), or Down. Link Trap The link trap mode of the port channel. When enabled, a trap is sent to any configured SNMP receiver(s) when the link state of the port channel changes. Ubiquiti Networks, Inc.
Page 156 Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 157: Port Channel Statistics
• Click Clear Counters to reset the flap counters for all port channels and member ports to 0. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 158: Viewing Multicast Forwarding Database Information
The list of forwarding interfaces. The list does not include any interfaces listed as static filtering interfaces. To quickly find a MAC address when the list is too long to scan, enter the MAC address in the Filter box. Click Refresh to update the information on the screen with the most current data. Ubiquiti Networks, Inc.
Page 159: Multicast Forwarding Database Gmrp Table
IPv4 multicast groups by listening to IGMP join and leave requests. To access the page, click Switching > Multicast Forwarding Database > IGMP Snooping in the navigation menu. Multicast Forwarding Database IGMP Snooping Table Ubiquiti Networks, Inc.
Page 160 This value is also known as the MFDB high-water mark. MFDB Current Entries The current number of entries in the multicast forwarding database. Click Refresh to update the information on the screen with the most current data. Ubiquiti Networks, Inc.
Page 161: Configuring Protected Ports
• Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 162: Configuring Spanning Tree Protocol
Forwarding state and suppression of TCNs. • IEEE 802.1s Multiple Spanning Tree Protocol (MSTP): Supports multiple spanning tree instances to efficiently channel VLAN traffic over different interfaces. Compatible with RSTP and STP. Ubiquiti Networks, Inc.
Page 163: Spanning Tree Cst Configuration
STP/RSTP bridges and MSTP regions. To access the page, click Switching > Spanning Tree > CST in the navigation menu. Spanning Tree CST Ubiquiti Networks, Inc.
Page 164 • If you make any configuration changes, click Submit to apply the new settings to the switch. • Click Refresh to update the information on the screen with the most current data. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 165: Spanning Tree Cst Port Configuration
MAC address table. This state occurs during network convergence and is the second state in transitioning to the forwarding state. • Forwarding The port sends and receives user traffic. Disabled • The port is administratively disabled and is not part of the spanning tree. Ubiquiti Networks, Inc.
Page 166 The bridge ID of the root bridge for the CST. Designated Cost The path cost offered to the LAN by the designated port. Designated Bridge The bridge ID of the bridge with the designated port. Designated Port The port ID of the designated port. Ubiquiti Networks, Inc.
Page 167: Spanning Tree Mst Configuration
• To change the Priority or the VLAN associations for an existing MSTI, select the entry to modify and click Edit. • To remove one or more MSTIs, select each entry to delete and click Remove. You must confirm the action before the entry is deleted. Ubiquiti Networks, Inc.
Page 168 • To remove an MSTI, select the entry, click Remove, and confirm the deletion. • Click Refresh to update the screen with most recent data. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 169: Spanning Tree Mst Port Configuration
If the priority values are the same, the port with the lower interface index becomes the root port. Port Path Cost The path cost from the port to the root bridge. Ubiquiti Networks, Inc.
Page 170 • Click Details to display the MST port settings. • Click Refresh to update the screen with most recent data. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 171: Spanning Tree Statistics
If a delay is necessary, packets get held in the queue until the scheduler authorizes the queue for transmission. Ubiquiti Networks, Inc.
Page 172 Submit to apply the new settings to the switch. • Click Refresh to update the screen with most recent data. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 173: Configuring Port Security
• To change the Port Security Admin Mode setting, select Enable or Disable and click Submit to apply the change. • Click Refresh to update the screen with most recent data. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 174: Port Security Interface Status
MAC address entries in the port security MAC address table. Last Violation MAC/VLAN The source MAC address and, if applicable, associated VLAN ID of the last frame discarded at a locked port. Ubiquiti Networks, Inc.
Page 175: Port Security Statically Configured Mac Addresses
• To remove a static MAC address, select the entry, click Remove, and confirm the deletion. • Click Refresh to update the screen with most recent data. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 176: Port Security Dynamically Learned Mac Addresses
• Click Refresh to update the screen with most recent data. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 177: Managing Lldp
• If you make any changes to the page, click Submit to apply the new settings to the system. • Click Refresh to update the screen with most recent data. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 178: Lldp Interface Configuration
Select this option to include a description of the device in the LLDPDU the interface transmits. The description includes information about the product model and platform. System Capabilities Select this to advertise the primary function(s) of the device in the LLDPDU the interface transmits. Ubiquiti Networks, Inc.
Page 179: Lldp Local Device Summary
The physical address associated with the management interface of the device. Management Address Type The protocol type or standard associated with the management address. Click Refresh to update the information on the screen with the most current data. Ubiquiti Networks, Inc.
Page 180: Remote Device Summary
Time To Live The number of seconds the local device should consider the LLDP data it received from the remote system to be valid. Click Refresh to update the information on the screen with the most current data. Ubiquiti Networks, Inc.
Page 181: Lldp Statistics
TLV 802.1 Displays the total number of LLDP TLVs received on the local ports which are of type 802.1. TLV 802.3 Displays the total number of LLDP TLVs received on the local ports which are of type 802.3. Ubiquiti Networks, Inc.
Page 182 • Click Refresh to update the page with the most current information. • Click Clear to clear the LLDP statistics of all the interfaces. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 183: Lldp-Med
To configure the settings for one or more interfaces, select each entry to modify and click Edit. The same LLDP-MED settings are applied to all selected interfaces. To display this page, click Switching > LLDP-MED > Interface in the navigation menu. Ubiquiti Networks, Inc.
Page 184 • To remove an entry, select it from the table, click Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 185: Lldp-Med Local Device Information
• To display detailed information about an LLDP-MED interface, select the interface and click Details. A window displays the fields in the Network Policy Information section of the table below. • Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 186: Lldp-Med Remote Device Information
The hardware version advertised by the remote device. Firmware Revision The firmware version advertised by the remote device. Software Revision The software version advertised by the remote device. Serial Number The serial number advertised by the remote device. Ubiquiti Networks, Inc.
Page 187 • To view additional information about a remote device, select the interface that received the LLDP-MED data and click Details. The LLDP-MED Remote Device Information window appears and displays the fields in the table below. • Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 188: Chapter 5: Configuring Routing
If there is no default route configured, then the packet is passed to the software to be handled appropriately. The routing table can have entries added either statically by the administrator or dynamically via a routing protocol. The host table can have entries added either statically by the administrator or dynamically via ARP. Ubiquiti Networks, Inc.
Page 189: Configuring Arp
ARP packet during the course of an ageout interval, usually specified via configuration. The Routing > ARP Table submenu contains links to the following UI pages that configure and display ARP- related details: • “ARP Table” on page 189 • “ARP Table Configuration” on page 190 Ubiquiti Networks, Inc.
Page 190: Arp Table
Local cannot be removed. • Click Refresh to update the information on the screen with the most current data. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 191: Arp Table Configuration
• If you make any changes to the page, click Submit to apply the changes to the system. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 192: Configuring Global Ip Settings
By default, the rate limit is 100 packets per second, i.e. the burst interval is 1000 milliseconds. To disable ICMP rate limiting, set this field to zero. The valid rate interval range is 0 to 2147483647 milliseconds. Ubiquiti Networks, Inc.
Page 193 • If you make any changes to the page, click Submit to apply the changes to the system. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 194: Routing Ip Interface Summary
ARP request. IP MTU The largest IP packet size the interface can transmit, in bytes. The IP Maximum Transmission Unit (MTU) is the maximum frame size minus the length of the Layer-2 header. Ubiquiti Networks, Inc.
Page 195 • To view detailed routing information on an interface, select the interface’s entry and click Details. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 196: Routing Ip Interface Configuration
(Down). For the status to be Up, the routing mode and administrative mode for the interface must be enabled. Additionally, the interface must have an IP address and be physically up (active link). Routing Mode Used to Enable or Disable the administrative mode of IP routing on the interface. Ubiquiti Networks, Inc.
Page 197 • If you make any to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 198: Routing Ip Statistics
Configuring Routing ™ Routing IP Statistics The statistics reported on the Routing IP Statistics page are as specified in RFC 1213. To display the page, click Routing > IP > Statistics in the navigation menu. Routing IP Statistics Ubiquiti Networks, Inc.
Page 199 The number of ICMP Time Exceeded messages received. IcmpInParmProbs The number of ICMP Parameter Problem messages received. IcmpInSrcQuenchs The number of ICMP Source Quench messages received. IcmpInRedirects The number of ICMP Redirect messages received. IcmpInEchos The number of ICMP Echo (request) messages received. Ubiquiti Networks, Inc.
Page 200 The number of ICMP Timestamp (request) messages. IcmpOutTimestampReps The number of ICMP Timestamp Reply messages sent. IcmpOutAddrMasks The number of ICMP Address Mask Request messages sent. Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 201: Router
Indicates whether the route is the preferred route to the network. If the field is blank, a better route to the same network exists in the routing table. Click Refresh to update the information on the screen. Ubiquiti Networks, Inc.
Page 202: Configured Routes
“Routing IP Interface Configuration” on page 195). To see valid next hop IP addresses, use the Route Table page (refer to “Route Table” on page 200). Follow these steps to add a static route from the Configured Routes page: 1. Click Add. The Add Route dialog box appears. Ubiquiti Networks, Inc.
Page 203 “Configured Routes Fields” on page 201 are not available when configuring certain types of routes. 4. Click Submit to apply the changes. The new route is added, and you are returned to the Configured Routes page. Ubiquiti Networks, Inc.
Page 204: Configuring Policy-Based Routing
• The size of the packet • Protocol of the payload • Source MAC address • Destination MAC address • Source IP address • Destination IP address • VLAN tag • Priority Ubiquiti Networks, Inc.
Page 205: Chapter 6: Managing Device Security
The Port Access Control folder contains links to the following pages that allow you to view and configure 802.1X features on the system. Ubiquiti Networks, Inc.
Page 206: Global Port Access Control Configuration
• If you change any settings, click Submit to apply the new settings to the system. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 207: Port Access Control Port Summary
(similar to a client or host) to the authentication server. If the server successfully authenticates the supplicant, the port allows access. • Supplicant The port must be granted permission by the authentication server before it can access the remote authenticator port. Ubiquiti Networks, Inc.
Page 208 Port Details page for the selected port. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 209: Port Access Control Port Configuration
Use the Port Access Control Port Configuration page to enable and configure port access control on one or more ports. To access the Port Access Control Port Configuration page, click Security > Port Access Control > Port Configuration in the navigation menu. Port Access Control Port Configuration Ubiquiti Networks, Inc.
Page 210 Click this button to set the Re-Authentication Period. Click this button to reset the Re-Authentication Period to the default value. Maximum Users The maximum number of clients supported on the port if the Control Mode on the port is MAC-Based 802.1X authentication. Ubiquiti Networks, Inc.
Page 211 • If you change any settings on this page, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 212: Port Access Control Port Details
Each host connected to the port must authenticate separately in order to gain access to the network. The hosts are distinguished by their MAC addresses. Quiet Period The number of seconds that the port remains in the quiet state following a failed authentication exchange. Ubiquiti Networks, Inc.
Page 213 Maximum Users The maximum number of clients supported on the port if the Control Mode on the port is MAC-based 802.1X authentication. Click Refresh to update the information on the screen. Ubiquiti Networks, Inc.
Page 214: Port Access Control Statistics
The total number of EAPOL-Logoff frames received on the interface. EAPOL-Logoff frames are sent by Received a supplicant to indicate that it is disconnecting from the network, and the interface can return to the unauthorized state. This field is displayed only if the interface is configured as an authenticator. Ubiquiti Networks, Inc.
Page 215 • Click Details to view additional per-interface EAPOL and EAP message statistics for the selected interface(s). • Click Clear to reset all statistics counters to 0 for the selected interface(s). • Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 216: Port Access Control Client Summary
Use the buttons to perform the following tasks: • Click Details to view additional information for the selected client(s), as shown in the table above. • Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 217: Port Access Control Privileges Summary
• Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 218: Port Access Control History Log Summary
The reason for the successful or unsuccessful authentication. Use the buttons to perform the following tasks: • To clear the history log, click Clear History. • Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 219: Radius Settings
• If you make changes to the page, click Submit to apply the changes to the system. • Click Refresh to update the page with the most current information. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 220: Radius Named Server Status
• To remove a RADIUS server from the list, select the server, click Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 221: Radius Server Statistics
Use the buttons to perform the following tasks: • To display additional statistics information listed in the table above, click Details. • Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 222: Radius Accounting Server Status
Remove. You must confirm the action before the entry is deleted. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 223: Radius Accounting Server Statistics
• Click Details to display additional statistics information about the number and type of messages sent between the selected RADIUS server and the RADIUS client on the device. • Click Refresh to refresh the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 224: Radius Clear Statistics
To access the RADIUS Clear Statistics page, click Security > RADIUS > Clear Statistics in the navigation menu. RADIUS Clear Statistics Click Reset to clear all statistics for the RADIUS authentication and accounting server. After you confirm the action, the statistics on both the RADIUS Server Statistics and RADIUS Accounting Server Statistics pages are reset. Ubiquiti Networks, Inc.
Page 225: Radius Source Interface Configuration
• If you change any settings on this page, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 226: Tacacs+ Settings
• If you change any settings on this page, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 227: Tacacs+ Server Summary
• Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 228: Tacacs+ Server Configuration
• To remove a configured TACACS+ server, select it from the table, click Remove, and confirm the deletion. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 229: Tacacs+ Source Interface Configuration
• If you change any settings on this page, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 230: Chapter 7: Configuring Quality Of Service
“special treatment” in a QoS capable network. With this in mind, all elements of the network must be QoS-capable. The presence of at least one node which is not QoS-capable creates a deficiency in the network path and the performance of the entire packet flow is compromised. Ubiquiti Networks, Inc.
Page 231: Configuring Access Control Lists
1. Use the IP ACL Configuration page to define the IP ACL type and assign an ID to it. 2. Use the Access Control List Interface Summary page to create rules for the ACL. 3. Use the Access Control List Configuration page to view the configuration. Ubiquiti Networks, Inc.
Page 232: Access Control List Summary
• Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 233: Access Control List Configuration
Not all fields are available for both Permit and Deny actions. Match Conditions The criteria used to determine whether a packet or frame matches the ACL rule. Rule Attributes Each action, beyond the basic Permit and Deny actions, to perform on the traffic that matches the rule. Ubiquiti Networks, Inc.
Page 234 When a + flag is specified, a match occurs if the flag is set in the TCP header. When a - flag is specified, a match occurs if the flag is not set in the TCP header. When Established is specified, a match occurs if either RST or ACK bits are set in the TCP header. Ubiquiti Networks, Inc.
Page 235 Established is specified, a match occurs if either RST or ACK bits are set in the TCP header. This option is available only if the protocol is TCP. Flow Label A 20-bit number that is unique to an IPv6 packet, used by end stations to signify quality-of-service handling in routers. Ubiquiti Networks, Inc.
Page 236 Identifier menu and click Remove Last Rule. You must confirm the action before the entry is deleted. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 237: Access Control List Interface Summary
Remove. You must confirm the action before the entry is deleted. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 238: Access Control List Vlan Summary
• Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 239: Configuring Auto Voip
• To reset the VLAN to the default Auto VoIP VLAN, click Reset, and confirm the action. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 240: Oui Table Summary
• Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 241: Oui Based Auto Voip
• If you change the Priority field, click Submit to apply the change. • To configure settings on one or more interfaces, select each interface and click Edit. In the Edit OUI Based Port Configuration window, edit the settings as needed, and click Submit to apply the changes. Ubiquiti Networks, Inc.
Page 242: Protocol Based Auto Voip
The method used to prioritize VoIP traffic when a call-control protocol is detected, which is one of the following: • Remark Remark the voice traffic with the specified 802.1p priority value at the ingress interface. • Traffic Class Assign VoIP traffic to the specified traffic class when egressing the interface. Ubiquiti Networks, Inc.
Page 243 Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 244: Configuring Class Of Service
Use the CoS IP DSCP Mapping Configuration page to map an IP DSCP value to an internal traffic class. To display the page, click QoS > Class of Service > IP DSCP in the navigation menu. CoS IP DSCP Mapping Configuration – 1 of 2 Ubiquiti Networks, Inc.
Page 245 EdgeSwitch Administration Guide Configuring Quality of Service ™ CoS IP DSCP Mapping Configuration – 2 of 2 Ubiquiti Networks, Inc.
Page 246 • If you change any fields on the page, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 247: Cos Interface Queue Configuration
• Taildrop All packets on a queue are safe until congestion occurs. At this point, any additional packets queued are dropped. • WRED Weighted Random Early Detection (WRED) drops packets selectively based on their drop precedence level. Ubiquiti Networks, Inc.
Page 248: Cos Interface Queue Drop Precedence Configuration
If Global is selected in the Interface field, all default settings for all interfaces are restored. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 249: Configuring Diffserv
• If you change any fields on this page, click Submit to apply the changes. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 250: Diffserv Class Summary
• To remove one or more configured classes, select each entry to delete and click Remove. You must confirm the action before the entry is deleted. • Click Refresh to update the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 251: Diffserv Class Configuration
Select this option to specify that all packets are considered to match the specified class. There is no need to configure additional match criteria if Any is selected because a match will occur on all packets. Ubiquiti Networks, Inc.
Page 252 Select this option to require the destination IPv6 address in a packet header to match the specified values. After you select this option, use the following fields to configure the destination IPv6 address match criteria: • Destination Prefix The destination IPv6 prefix to match. • Destination Prefix Length The IPv6 prefix length. Ubiquiti Networks, Inc.
Page 253 • To remove the associated reference class from the selected class, click Remove Reference Class and confirm the action. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 254: Diffserv Policy Summary
• Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 255: Diffserv Policy Configuration
This can occur in addition to any marking or policing action. It may also be specified along with a QoS queue assignment. Use the Interface menu to select the interface to which traffic is mirrored. Ubiquiti Networks, Inc.
Page 256 • To remove the most recently associated class from the selected policy, click Remove Last Class. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 257: Diffserv Service Summary
Remove. You must confirm the action before the entry is deleted. • Click Refresh to refresh the page with the most current data from the switch. To retain the changes across the switch’s next power cycle, click System > Configuration Storage > Save. Ubiquiti Networks, Inc.
Page 258: Diffserv Service Performance Statistics
This is the overall count per-interface, per-direction. Click Refresh to update the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 259: Diffserv Policy Performance Statistics
The total number of packets discarded for all class instances in this service policy for any reason due to DiffServ treatment. This is the overall count per-interface, per-direction. Click Refresh to update the page with the most current data from the switch. Ubiquiti Networks, Inc.
Page 260: Appendix A: Configuration Examples
VLAN 2 & 3 VLAN 3 VLAN 3 VLAN 2 VLAN Example Network Diagram Using the EdgeSwitch UI to Configure VLANs 1. Access the Switching > VLAN > Status page. 2. Click Add to create a new VLAN. Ubiquiti Networks, Inc.
Page 261 17. In the Port VLAN ID field, enter 3 to assign VLAN 3 as the default VLAN for the port. 18. In the Acceptable Frame Types field, select Admit All to specify the untagged frames will be rejected on receipt. VLAN Port Configuration Page 19. Click Submit. Ubiquiti Networks, Inc.
Page 262: Using The Cli To Configure Vlans
0/3 vlan participation include 3 exit interface 0/4 vlan participation include 3 exit exit 6. Specify that untagged frames will be accepted on port 0/4. (UBNT EdgeSwitch) #Config interface 0/4 vlan acceptframe all exit exit Ubiquiti Networks, Inc.
Page 263: Configuring Multiple Spanning Tree Protocol
Go to the Switching > Spanning Tree > MST page. b. From the MST page, click Add. c. In the MST ID field, enter 10. d. Associate MST ID 10 with VLAN 10 and assign a bridge priority of 16384. e. Click Submit. Ubiquiti Networks, Inc.
Page 264 Go to the Switching > Spanning Tree > MST page. b. From the MST ID menu, select 20. c. From the Interface menu, select 0/2. d. In the Port Priority field, enter 64. e. Click Submit. Ubiquiti Networks, Inc.
Page 265: Using The Cli To Configure Mstp
9. Enable STP on interface 0/2. interface 0/2 spanning-tree port mode 10. On the non-root bridge, change the priority to force port 0/2 to be the root port. spanning-tree mst 20 port-priority 64 exit Ubiquiti Networks, Inc.
Page 266: Configuring Vlan Routing
2. Configure ports 0/1, 0/2 as members of VLAN 10 and specify that untagged frames received on these ports will be assigned to VLAN 10. config interface 0/1 vlan participation include 10 vlan pvid 10 exit interface 0/2 vlan participation include 10 vlan pvid 10 exit Ubiquiti Networks, Inc.
Page 267 7. Enable routing for the switch: config ip routing exit 8. Configure the IP addresses and subnet masks for the virtual router ports. config interface 4/1 ip address 192.150.3.1 255.255.255.0 exit interface 4/2 ip address 192.150.4.1 255.255.255.0 exit exit Ubiquiti Networks, Inc.
Page 268: Configuring Policy-Based Routing
30 is shown in the diagram above. Traffic sent to VLAN Interface 10 is destined for VLAN Interface 20. In order to override the traditional destination routing and send the same traffic to VLAN Interface 30, use the following procedure. Ubiquiti Networks, Inc.
Page 269 10 routing ip address 1.1.1.1 255.255.255.0 exit interface vlan 20 routing ip address 2.2.2.1 255.255.255.0 exit interface vlan 30 routing ip address 3.3.3.1 255.255.255.0 exit interface vlan 40 routing ip address 4.4.4.3 255.255.255.0 exit Ubiquiti Networks, Inc.
Page 270 8. Run the show command. (UBNT EdgeSwitch) #show route-map pbr_test route-map pbr_test permit 10 Match clauses: ip address (access-lists) : 1 Set clauses: ip next-hop 3.3.3.3 Policy routing matches: 19922869 packets, 1275063872 bytes Ubiquiti Networks, Inc.
Page 271: Configuring 802.1X Network Access Control
10.10.10.10 secret secret 5. Enable RADIUS accounting mode. radius accounting mode 6. Set IEEE 802.1X to use RADIUS as the AAA method. aaa authentication dot1x default radius 7. Enable 802.1X authentication on the switch. dot1x system-auth-control Ubiquiti Networks, Inc.
Page 272: Configuring Differentiated Services For Voip
2. Create a DiffServ classifier named ‘class_voip’ and define a single match criterion to detect UDP packets. The class type match-all indicates that all match criteria defined for the class must be satisfied in order for a packet to be considered a match. class-map match-all class_voip match protocol udp exit Ubiquiti Networks, Inc.
Page 273 5 of the egress port to which they are forwarded. policy-map pol_voip in class class_ef assign-queue 5 exit class class_voip mark ip-dscp ef assign-queue 5 exit exit Attach the defined policy to an inbound service interface. interface 0/2 service-policy in pol_voip exit exit Ubiquiti Networks, Inc.
Page 274: Appendix B: Contact Information
©2014 Ubiquiti Networks, Inc. All rights reserved. Ubiquiti, Ubiquiti Networks, the Ubiquiti U logo, the Ubiquiti beam logo, EdgeMAX, and EdgeSwitch are trademarks or registered trademarks of Ubiquiti Networks, Inc. in the United States and in other countries. All other trademarks are the property of their respective owners.

This manual is also suitable for:

Edgeswitch es-48-750w Edgeswitch es-48-500w Edgeswitch es-24-500w

Ubiquiti EdgeSwitch ES-24-250W Administration Manual

About this Document

Chapter 1: Getting Started

Chapter 2: Configuring Power over Ethernet

Chapter 3: Configuring System Information

Chapter 4: Configuring Switching Information

Chapter 5: Configuring Routing

Chapter 6: Managing Device Security

Chapter 7: Configuring Quality of Service

Appendix A: Configuration Examples

Appendix B: Contact Information

Quick Links

Related Manuals for Ubiquiti EdgeSwitch ES-24-250W

Summary of Contents for Ubiquiti EdgeSwitch ES-24-250W