Page 1 GS748T Smart Switch Sof t wa re Adm i n i strat ion M anua l 350 East Plumeria Drive San Jose, CA 95134 October 2012 202-10726-02 v2.0...
Page 2: Technical Support
©2012 All rights reserved. Technical Support Thank you for choosing NETGEAR. To register your product, get the latest product updates, get support online, or for more information about the topics covered in this manual, visit the Support website at http://support.netgear.com...
Page 3: Table Of Contents
Chapter 1 Getting Started Getting Started with the GS748T Smart Switch ..... 10 Switch Management Interface ........10 Connecting the Switch to the Network .
Page 4 GS748T Smart Switch Services — DHCP Filtering ........74 DHCP Filtering Configuration .
Page 5 GS748T Smart Switch Router Discovery Configuration ......137 Configuring and Viewing Routes ....... 138 Configuring ARP.
Page 6 GS748T Smart Switch Protected Ports Membership ....... . 203 Configuring Access Control Lists ....... 204 ACL Wizard .
Page 7 Appendix A Hardware Specifications and Default Values GS748T Smart Switch Specifications......269 GS748T Switch Features and Defaults ......270 Port Characteristics .
Page 8 GS748T Smart Switch...
Page 9: Chapter 1 Getting Started
GS748T Smart Switch Software Administration Manual describes how to ® configure and operate the GS748T Smart Switch by using the Web-based graphical user interface (GUI). This manual describes the software configuration procedures and explains the options available within those procedures.
Page 10: Getting Started With The Gs748T Smart Switch
Getting Started with the GS748T Smart Switch This chapter provides an overview of starting your NETGEAR GS748T Powerline AV 200 Extender and accessing the user interface. It also leads you through the steps to use the Smart Control Center utility.
Page 11: Connecting The Switch To The Network
GS748T Smart Switch In addition to enabling NETGEAR switch discovery, the Smart Control Center provides several utilities to help you maintain the NETGEAR switches on your network, such as password management, firmware upgrade, and configuration file backup. For more information, see Smart Control Center Utilities on page 17.
Page 12: Switch Discovery In A Network With A Dhcp Server
GS748T Smart Switch Switch Discovery in a Network with a DHCP Server This section describes how to set up your switch in a network that has a DHCP server. The DHCP client on the switch is enabled by default. When you connect it to your network, the DHCP server will automatically assign an IP address to your switch.
Page 13 GS748T Smart Switch Make a note of the displayed IP address assigned by the DHCP server. You will need this value to access the switch directly from a Web browser (without using the Smart Control Center). Select your switch by clicking the line that displays the switch, then click the Web Browser Access button.
Page 14: Switch Discovery In A Network Without A Dhcp Server
Install the Smart Control Center on your computer. Start the Smart Control Center. Click Discover for the Smart Control Center to find your GS748T switch. The utility broadcasts Layer 2 discovery packets within the broadcast domain to discover the switch.
Page 15: Configuring The Network Settings On The Administrative System
GS748T Smart Switch Enter the static switch IP address, gateway IP address, and subnet mask for the switch, and then type your password. Tip: You must enter the current password every time you use the Smart Control Center to update the switch setting. The default password is password.
Page 16: Web Access
Open a Web browser and enter the IP address of the switch in the address field. You must be able to ping the IP address of the GS748T management interface from your administrative system for Web access to be available. If you used the Smart Control Center to set up the IP address and subnet mask, either with or without a DHCP server, use that IP address in the address field of your Web browser.
Page 17: Smart Control Center Utilities
GS748T Smart Switch Clicking Web Browser Access on the Smart Control Center or accessing the switch directly from your Web browser displays the login screen shown in the following figure. Figure 2. Login Screen Smart Control Center Utilities In addition to device discovery and network address assignment, the Smart Control Center includes several maintenance features.
Page 18: Configuring The Device
GS748T Smart Switch • Configure Device—Allows you to modify network information for the switch, including the IP address, DHCP client mode, system name, and location. For more information about this feature, see Configuring the Device • Change Password—Allows you to set a new password for the device. For more...
Page 19: Configuration Upload And Download
GS748T Smart Switch Configuration Upload and Download When you make changes to the switch, the configuration information is stored in a file on the switch. You can backup the configuration by uploading the configuration file from the switch to an administrative system. You can download a saved configuration file from the administrative system to the switch.
Page 20: Firmware Upgrade
Firmware Upgrade The application software for the GS748T Smart Switch is upgradable, enabling your switch to take advantage of improvements and additional features as they become available. The upgrade procedure and the required equipment are described in this section. This procedure assumes that you have downloaded or otherwise obtained the firmware upgrade and that you have it available as a binary file on your computer.
Page 21 Run this FW after download option is clear. Note: NETGEAR recommends that you download the same image as the primary and secondary image for redundancy. From the Select new firmware window that appears, navigate to and select the firmware image to download to the switch.
Page 22: Viewing And Managing Tasks
GS748T Smart Switch Viewing and Managing Tasks From the Tasks tab, you can view information about configuration downloads and firmware upgrades that have already occurred, are in progress, or are scheduled to take place at a later time. You can also delete or reschedule selected tasks.
Page 23: Understanding The User Interfaces
Simple Network Management Protocol (SNMP) Each of the standards-based management methods allows you to configure and monitor the components of the GS748T Smart Switch software. The method you use to manage the system depends on your network size and requirements, and on your preference.
Page 24 GS748T Smart Switch Navigation Tab Feature Link Help Link Logout Button Help Page Page Menu Configuration and Status and Options Figure 4. Administrative Page Layout Navigation Tabs, Feature Links, and Page Menu The navigation tabs along the top of the Web interface give you quick access to the various switch functions.
Page 25 GS748T Smart Switch Page Link Configuration Pages Figure 5. Menu Hierarchy Configuration and Status Options The area directly under the feature links and to the right of the page menu displays the configuration information or status for the page you select. On pages that contain configuration options, you can input information into fields or select options from drop-down menus.
Page 26: Device View
A yellow LED indicates that the port is enabled and operating at a transfer rate of 10 Mbps/100 Mbps. The following image shows the Device View of the GS748T. Click the port you want to view or configure to see a menu that displays statistics and configuration options.
Page 27: Using Snmp
Web page. All characters may be used except for the following (unless specifically noted in for that feature): Table 1: < >| Using SNMP The GS748T Smart Switch software supports the configuration of SNMP groups and users that can manage traps that the SNMP agent generates.
Page 28 GS748T Smart Switch The GS748T Smart Switch uses both standard public MIBs for standard functionality and private MIBs that support additional switch functionality. All private MIBs begin with a “-” prefix. The main object for interface configuration is in -SWITCHING-MIB, which is a private MIB.
Page 29: Interface Naming Convention
GS748T Smart Switch Interface Naming Convention The GS748T Smart Switch supports physical and logical interfaces. Interfaces are identified by their type and the interface number. All the physical ports 1–48 are Gigabit ports and the SFP Ports 47–50 support 1000M Speed fiber modules. Ports 47–48 are Combo ports and ports 49–50 will support dedicated SFP modules.
Page 30 GS748T Smart Switch...
Page 31: Management
Configuring System Information Use the features in the System tab to define the switch’s relationship to its environment. The System tab contains links to the following features: • Management on page 31 • SNMP on page 57 • LLDP on page 62 •...
Page 32: System Information
GS748T Smart Switch System Information After a successful login, the System Information page displays. Use this page to configure and view general device information. To display the System Information page, click System Management System Information.   A screen similar to the following displays.
Page 33: Ip Configuration
GS748T Smart Switch The following table describes the status information the System Page displays. Field Description Serial Number The serial number of the switch. System Object ID The base object ID for the switch's enterprise MIB. Date & Time The current date and time.
Page 34 GS748T Smart Switch To configure the network information for the management interface: Select the appropriate radio button to determine how to configure the network information for the switch management interface: • Dynamic IP Address (DHCP). Specifies that the switch must obtain the IP address through a DHCP server.
Page 35: Ipv6 Network Configuration
GS748T Smart Switch If you change any of the network connection parameters, click Apply to apply the changes to the system. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 36: Ipv6 Network Neighbor
GS748T Smart Switch To configure the network information for an IPv6 network: Admin Mode. Enable or disable the IPv6 network interface on the switch. The default value is Enable. IPv6 Address Auto Configuration Mode. The IPv6 address for the IPv6 network interface is set in auto configuration mode if this option is enabled.
Page 37 GS748T Smart Switch Click Clear to delete all entries from the table. The table is repopulated as the IPv6 neighbors are discovered on the network. Click Refresh to refresh the screen with most recent data. The following table describes the information the IPv6 Network Interface Neighbor Table...
Page 38: Time
Time since the address was confirmed to be reachable. Time GS748T Smart Switch software supports the Simple Network Time Protocol (SNTP). You can also set the system time manually SNTP assures accurate network device clock time synchronization up to the millisecond.
Page 39: Time Configuration
GS748T Smart Switch SNTP time definitions are assessed and determined by the following time levels: • T1: Time at which the original request was sent by the client. • T2: Time at which the original request was received by the server.
Page 40 GS748T Smart Switch To configure the time by using the CPU clock cycle as the source: From the Clock Source field, select Local. In the Date field, enter the date in the DD/MM/YYYY format. In the Time field, enter the time in HH:MM:SS format.
Page 41 GS748T Smart Switch Field Description Last Attempt Status Specifies the status of the last SNTP request or unsolicited message for both unicast mode. If no message has been received from a server, a status of Other is displayed. These values are appropriate for all operational modes: •...
Page 42: Sntp Server Configuration
GS748T Smart Switch SNTP Server Configuration Use the SNTP Server Configuration page to view and modify information for adding and modifying Simple Network Time Protocol SNTP servers. To display the SNTP Server Configuration page, click System Management Time SNTP ...
Page 43 GS748T Smart Switch To change the settings for an existing SNTP server, select the check box next to the configured server and enter new values in the available fields, and then click Apply. Configuration changes take effect immediately. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 44: Denial Of Service
GS748T Smart Switch Denial of Service Use the Denial of Service (DoS) page to configure DoS control. The GS748T Smart Switch provide support for classifying and blocking specific types of DoS attacks. The type of DoS attacks the switch can detect and prevent are described in DoS Configuration on page 45.
Page 45 GS748T Smart Switch To configure the Auto-DoS feature: Select a radio button to enable or disable Auto-DoS: • Disable. Auto-DoS is disabled (default). • Enable. Auto-DoS is enabled. When an attack is detected, a warning message is logged to the buffered log and is sent to the Syslog server. At the same time, the port is shut down and can be enabled only manually by the admin user.
Page 46 GS748T Smart Switch Fragment DoS prevention causes the switch to drop packets that have an IP fragment offset equal to 1. The factory default is disabled. • Denial of Service Min TCP Hdr Size: Specifies the Min TCP Hdr Size allowed. If First TCP Fragment DoS prevention is enabled, then the switch will drop packets that have a TCP header smaller than this configured Min TCP Hdr Size.
Page 47: Dns
Enter the DNS default domain name to include in DNS queries. When the system is performing a lookup on an unqualified host name, this field is provided as the domain name (for example, if default domain name is netgear.com and the user enters test, then test is changed to test.netgear.com to resolve the name).
Page 48: Host Configuration
GS748T Smart Switch Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Click Apply to send the updated configuration to the switch. Configuration changes take effect immediately.
Page 49: Green Ethernet
GS748T Smart Switch The Dynamic Host Configuration table shows host name-to-IP address entries that the switch has learned. The following table describes the dynamic host fields: Field Description Host Lists the host name you assign to the specified IP address.
Page 50 GS748T Smart Switch To access this page, click System Management Green Ethernet Configuration.   To configure the Green Ethernet features: Enable or disable the Auto Power Down Mode. • Enable. When the port link is down, the PHY will automatically go down for a short period of time and then wake up to check link pulses.
Page 51 GS748T Smart Switch Green Ethernet Interface Configuration Use this page to configure Green Ethernet features on a per-port basis. The Green Ethernet modes must be administratively enabled on the switch for the mode enabled on the port to take effect.
Page 52 GS748T Smart Switch Enable or disable the EEE Mode: • Enable. The switch allows the port to transition to low-power mode during link idle conditions. Short cable mode and EEE mode cannot be enabled on the same port simultaneously. •...
Page 53 GS748T Smart Switch To configure or view details about the Green Ethernet feature on a port: Use the Interface field to select the port to view or configure. Enable or disable the Energy Detect, Short Reach, or EEE administrative modes on the interface.
Page 54 GS748T Smart Switch Green Ethernet Statistics Summary This page summarizes the Green Ethernet Summary settings currently in use. To access this page, click System Management Green Ethernet Green Ethernet    Statistics Summary. The following table describes the information available on the Green Mode Statistics Summary page.
Page 55 GS748T Smart Switch Field Description Energy Detect Admin Mode Shows whether Energy Detect Mode is administratively enabled on the port. Energy Detect Operational Shows the current operational status of the Green Mode for the selected Status port. Short Reach Admin Mode Shows the administrative status of Short Reach Mode on the port.
Page 56 GS748T Smart Switch Specify the LPI sampling interval, which determines the interval at which EEE LPI data needs to be collected. the default value is 3600, and the range is 30 to 36000. Specify the maximum number of LPI samples to store on the switch. The default is 168, and the range is 1 to 168.
Page 57: Snmp
GS748T Smart Switch SNMP From SNMP link under the System tab, you can configure SNMP settings for SNMP V1/V2 and SNMPv3. From the SNMP link, you can access the following pages: • SNMPV1/V2 on page 57 • Trap Flags on page 60 •...
Page 58 GS748T Smart Switch To configure SNMP communities: To add a new SNMP community, enter community information in the available fields described below, and then click Add. • Management Station IP. Specify the IP address of the management station.Together, the Management Station IP and the Management Station IP Mask denote a range of IP addresses from which SNMP clients may use that community to access this device.
Page 59: Trap Configuration
GS748T Smart Switch Trap Configuration This page displays an entry for every active Trap Receiver. To access this page, click System SNMP SNMP V1/V2 Trap Configuration.    To configure SNMP trap settings: To add a host that will receive SNMP traps, enter trap configuration information in the available fields described below, and then click Add.
Page 60: Trap Flags
GS748T Smart Switch Trap Flags The pages in the Trap Manager folder allow you to view and configure information about SNMP traps the system generates. Use the Trap Flags page to enable or disable traps the switch can send to an SNMP manager.
Page 61: Snmp V3 User Configuration
GS748T Smart Switch SNMP v3 User Configuration This is the configuration for SNMP v3. To access this page, click System SNMP SNMP V3 User Configuration.    The SNMPv3 Access Mode is a read-only field that shows the access privileges for the user account.
Page 62: Lldp
GS748T Smart Switch LLDP The IEEE 802.1AB-defined standard, Link Layer Discovery Protocol (LLDP), allows stations on an 802 LAN to advertise major capabilities and physical descriptions. This information is viewed by a network manager to identify system topology and detect bad configurations on the LAN.
Page 63 GS748T Smart Switch To configure global LLDP settings: Configure the following LLDP properties. • TLV Advertised Interval. Specify the interval at which frames are transmitted. The default is 30 seconds, and the valid range is 5–32768 seconds. • Hold Multiplier. Specify multiplier on the transmit interval to assign to Time-to-Live (TTL).
Page 64: Lldp Port Settings
GS748T Smart Switch LLDP Port Settings Use the LLDP Port Settings page to specify LLDP parameters that are applied to a specific interface. To display the LLDP Port Settings page, click System LLDP Advanced LLDP Port    Settings.
Page 65: Lldp-Med Network Policy
GS748T Smart Switch • Notification. When notifications are enabled, LLDP interacts with the Trap Manager to notify subscribers of remote data change statistics. The default is Disabled. • Optional TLV(s). Enable or disable the transmission of optional type-length value (TLV) information from the interface. The TLV information includes the system name, system description, system capabilities, and port description.
Page 66 GS748T Smart Switch From the Interface menu, select the interface with the information to view. The following table describes the LLDP-MED network policy information that displays on the screen. Field Description Network Policy Number Specifies the policy number. Application Specifies the media application type associated with the policy, which can only be Voice.
Page 67: Lldp-Med Port Settings
GS748T Smart Switch LLDP-MED Port Settings Use this page to enable LLDP-MED mode on an interface and configure its properties. To display this page, click System LLDP Advanced LLDP-MED Port Settings.    To configure LLDP-MED settings for a port: From the Port field, select the port to configure.
Page 68: Local Information
TLVs, as the following table describes: Field Description Chassis ID Subtype The type of information used to identify the GS748T in the Chassis ID field. Chassis ID The hardware platform identifier for the GS748T. System Name The user-configured system name for the GS748T.
Page 69 GS748T Smart Switch The Port Information table provides information about the LLDP and LLDP-MED status of each port, as the following table describes: Field Description Interface Select the interface with the information to display. Port ID Subtype Identifies the type of data displayed in the Port ID field.
Page 70 GS748T Smart Switch The following table describes the detailed local information that displays for the selected port. Field Description Managed Address Address SubType Displays the type of address the management interface uses, such as an IPv4 address. Address Displays the address used to manage the device.
Page 71: Neighbors Information
GS748T Smart Switch Neighbors Information Use the LLDP Neighbors Information page to view the data that a specified interface has received from other LLDP-enabled systems. To display the LLDP Neighbors Information page, click System > LLDP > Advanced > Neighbors Information.
Page 72 GS748T Smart Switch To view additional information about the remote device, click the link in the MSAP Entry field. A popup window displays information for the selected port. Field Description Port Details Local Port Displays the interface on the local system that received LLDP information from a remote system.
Page 73 GS748T Smart Switch Field Description Managed Addresses Address SubType Specifies the type of the management address. Address Specifies the advertised management address of the remote system. Interface SubType Specifies the port subtype. Interface Number Identifies the port on the remote device that sent the information.
Page 74: Services - Dhcp Filtering
GS748T Smart Switch Field Description Location Information Civic Displays the physical location, such as the street address, the remote device has advertised in the location TLV. For example, 123 45th St. E. The field value length range is 6–160 characters.
Page 75: Dhcp Filtering Configuration
GS748T Smart Switch DHCP Filtering Configuration Use the DHCP Filtering Configuration page to enable or disable the DHCP Filtering feature on the switch. To access the DHCP Filter Configuration page, click System Services DHCP Filtering    Configuration. To configure global DHCP filtering settings: In the Admin Mode field, select Enable or Disable to turn the DHCP Filtering feature on or off.
Page 76 GS748T Smart Switch To configure DHCP filtering settings for an interface: To configure DHCP filtering settings for a physical port, click PORTS. To configure DHCP filtering settings for a Link Aggregation Group (LAG), click LAGS. To configure DHCP filtering settings for both physical ports and LAGs, click ALL.
Page 77: Ports
Configuring Switching Information Use the features in the Switching tab to define Layer 2 features. The Switching tab contains links to the following features: • Ports on page 77 • Link Aggregation Groups on page 80 • VLANs on page 86 •...
Page 78 GS748T Smart Switch To configure port settings: To configure settings for a physical port, click PORTS. To configure settings for a Link Aggregation Group (LAG), click LAGS. To configure settings for both physical ports and LAGs, click ALL. Select the check box next to the port or LAG to configure. You can select multiple ports and LAGs to apply the same setting to the selected interfaces.
Page 79: Flow Control
GS748T Smart Switch • Link Status. Indicates whether the Link is up or down. • Link Trap. This object determines whether or not to send a trap when link status changes. The factory default is Enable. • Enable: Specifies that the system sends a trap when the link status changes.
Page 80: Link Aggregation Groups
If you change the mode, click Apply to apply the changes to the system. The GS748T supports two combo ports using 1000M SFP modules. Each combo port can operate in either ‘copper’ or ‘fiber’ mode. When a cable is plugged into the RJ-45 port, copper mode is used.
Page 81: Lag Configuration
GS748T Smart Switch From the LAGs link, you can access the following pages: • LAG Configuration on page 81 • LAG Membership on page 82 • LACP Configuration on page 84 • LACP Port Configuration on page 85 LAG Configuration...
Page 82: Lag Membership
GS748T Smart Switch • Admin Mode. Select Enable or Disable from the menu. When the LAG (port channel) is disabled, no traffic will flow and LAGPDUs will be dropped, but the links that form the LAG (port channel) will not be released. The factory default is Enable.
Page 83 GS748T Smart Switch To add ports to a LAG: From the LAG ID field, select the LAG to configure. Optionally, in the LAG Name field, enter the name you want assigned to the LAG. You may enter any string of up to 15 alphanumeric characters. A valid name has to be specified to create the LAG.
Page 84: Lacp Configuration
GS748T Smart Switch LACP Configuration To display the LACP Configuration page, click Switching Advanced LACP    Configuration. To configure LACP: From the LACP System Priority field, specify the device’s link aggregation priority relative to the devices at the other ends of the links on which link aggregation is enabled.
Page 85: Lacp Port Configuration
GS748T Smart Switch LACP Port Configuration To display the LACP Port Configuration page, click Switching Advanced LACP    Port Configuration. To configure LACP port priority settings: Select the check box next to the port to configure. You can select multiple ports to apply the same setting to all selected ports.
Page 86: Vlans
VLAN Configuration Use the VLAN Configuration page to define VLAN groups stored in the VLAN membership table. The GS748T supports up to 256 VLANs. VLAN 1 is created by default, and all ports are untagged members. To display the VLAN Configuration page, lick Switching...
Page 87: Vlan Membership Configuration
GS748T Smart Switch To configure VLANs: To add a VLAN, configure the VLAN ID, name, and type, and then click Add. • VLAN ID. Specify the VLAN Identifier for the new VLAN. (You can enter data in this field only when you are creating a new VLAN.) The range of the VLAN ID is 1–4093.
Page 88 GS748T Smart Switch To configure VLAN membership: From the VLAN ID field, select the VLAN to which you want to add ports. Click the orange bar below the VLAN Type field to display the physical ports on the switch. Click the lower orange bar to display the LAGs on the switch.
Page 89: Port Vlan Id Configuration
GS748T Smart Switch Port VLAN ID Configuration The Port PVID Configuration screen lets you assign a port VLAN ID (PVID) to an interface. There are certain requirements for a PVID: • All ports must have a defined PVID. • If no other value is specified, the default VLAN PVID is used.
Page 90: Voice Vlan
GS748T Smart Switch In the Ingress Filtering field, specify how you want the port to handle tagged frames: • Enable: A tagged frame will be discarded if this port is not a member of the VLAN identified by the VLAN ID in the tag. In an untagged frame, the VLAN is the Port VLAN ID specified for the port that received this frame.
Page 91: Voice Vlan Properties
GS748T Smart Switch Voice VLAN Properties To display the Voice VLAN Properties page, click Switching Voice VLAN Basic    Properties. To configure Voice VLAN: From the Voice VLAN Status field, enable or disable Voice VLAN on the switch. If the switch does not handle traffic from IP phones, the status should be disabled.
Page 92: Voice Vlan Port Setting
GS748T Smart Switch Voice VLAN Port Setting To display the Voice VLAN Port Setting page, click Switching Voice VLAN Advanced    Port Setting. To configure Voice VLAN port settings: Select the check box next to the port to configure. You can select multiple check boxes to apply the same setting to all selected ports.
Page 93: Voice Vlan Oui
GS748T Smart Switch Voice VLAN OUI The Organizational Unique Identifier (OUI) identifies the IP phone manufacturer. The switch comes preconfigured with the following OUIs: • 00:01:E3: SIEMENS • 00:03:6B: CISCO1 • 00:12:43: CISCO2 • 00:0F:E2: H3C • 00:60:B9: NITSUKO •...
Page 94: Auto-Voip Configuration
GS748T Smart Switch To configure OUI settings: To add a new OUI prefix, type the VOIP OUI prefix in the Telephony OUI(s) field, provide a description of the prefix, and click Add. The OUI prefix must be in the format AA:BB:CC.
Page 95 GS748T Smart Switch To enable Auto-VoIP: Auto-VoIP Mode. Select the Auto-VoIP administrative mode for the interface. This selector lists the two options for administrative mode: Enable and Disable. The administrative mode of Auto-VoIP is disabled by default. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 96: Spanning Tree Protocol
GS748T Smart Switch Spanning Tree Protocol The Spanning Tree Protocol (STP) provides a tree topology for any arrangement of bridges. STP also provides one path between end stations on a network, eliminating loops. Spanning tree versions supported include Common STP, Multiple STP, and Rapid STP.
Page 97: Stp Switch Configuration
GS748T Smart Switch STP Switch Configuration The Spanning Tree Switch Configuration/Status page contains fields for enabling STP on the switch. To display the Spanning Tree Switch Configuration/Status page, click Switching > STP > Basic STP Configuration.  To configure STP settings on the switch: From the Spanning Tree State field, specify whether to enable or disable Spanning Tree operation on the switch.
Page 98 GS748T Smart Switch Specify the BPDU Flooding status for all ports or for individual ports. When this feature is enabled, BPDU packets arriving at this port are flooded to other ports if STP is disabled. Click Cancel to cancel the configuration on the screen and reset the data on the screen to...
Page 99: Cst Configuration
GS748T Smart Switch CST Configuration Use the Spanning Tree CST Configuration page to configure Common Spanning Tree (CST) and Internal Spanning Tree on the switch. To display the Spanning Tree CST Configuration page, click Switching > STP > Advanced ...
Page 100: Cst Port Configuration
GS748T Smart Switch • Bridge Forward Delay (secs). Specifies the switch forward delay time, which indicates the amount of time in seconds a bridge remains in a listening and learning state before forwarding packets. The value must be greater or equal to (Bridge Max Age / 2) + 1.
Page 101 GS748T Smart Switch To configure CST port settings: To configure CST settings for a physical port, click PORTS. To configure CST settings for a Link Aggregation Group (LAG), click LAGS. To configure CST settings for both physical ports and LAGs, click ALL.
Page 102: Cst Port Status
GS748T Smart Switch • Hello Timer. Specifies the switch Hello time, which indicates the amount of time in seconds a port waits between configuration messages. The value is fixed at 2 seconds. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 103: Rapid Stp
GS748T Smart Switch Field Description Designated Bridge Bridge Identifier of the bridge with the Designated Port. It is made up using the bridge priority and the base MAC address of the bridge. Designated Port Port Identifier on the Designated Bridge that offers the lowest cost to the LAN.
Page 104: Mst Configuration
GS748T Smart Switch The following table describes the Rapid STP Status information displayed on the screen. Field Description Interface The physical or port channel interfaces associated with VLANs associated with the CST. Role Each MST Bridge Port that is enabled is assigned a Port Role for each spanning tree.
Page 105 GS748T Smart Switch To configure an MST instance: To add an MST instance, configure the MST values and click Add: • MST ID. Specify the ID of the MST to create. Valid values for this are between 1 and 4094.
Page 106: Mst Port Configuration
GS748T Smart Switch MST Port Configuration Use the Spanning Tree MST Port Configuration page to configure and display Multiple Spanning Tree (MST) settings on a specific port on the switch. To display the Spanning Tree MST Port Status page, click Switching Advanced ...
Page 107 GS748T Smart Switch Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch If you make any configuration changes, click Apply to send the updated configuration to the switch.
Page 108: Stp Statistics
GS748T Smart Switch STP Statistics Use the Spanning Tree Statistics page to view information about the number and type of bridge protocol data units (BPDUs) transmitted and received on each port. To display the Spanning Tree Statistics page, click Switching Advanced ...
Page 109: Multicast
GS748T Smart Switch Multicast Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255. From the Multicast link, you can access the following pages: •...
Page 110: Igmp Snooping
GS748T Smart Switch IGMP Snooping Internet Group Management Protocol (IGMP) Snooping is a feature that allows a switch to forward multicast traffic intelligently on the switch. Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255.
Page 111: Igmp Snooping Configuration
GS748T Smart Switch IGMP Snooping Configuration Use the IGMP Snooping Configuration page to configure the parameters for IGMP snooping, which is used to build forwarding lists for multicast traffic. To access the IGMP Snooping Configuration page, click Switching Multicast IGMP ...
Page 112: Igmp Snooping Interface Configuration
GS748T Smart Switch The following table displays information about the global IGMP snooping status and statistics on the page. Field Description Multicast Control Frame Displays the number of multicast control frames that have been processed Count by the CPU. Interfaces Enabled for IGMP Lists the interfaces currently enabled for IGMP Snooping.
Page 113 GS748T Smart Switch To configure IGMP Snooping interface settings: To configure IGMP Snooping settings for a physical port, click PORTS. To configure IGMP Snooping settings for a Link Aggregation Group (LAG), click LAGS. To configure IGMP Snooping settings for both physical ports and LAGs, click ALL.
Page 114: Igmp Snooping Table
GS748T Smart Switch IGMP Snooping Table Use the IGMP Snooping Table page to view all of the entries in the Multicast Forwarding Database that were created for IGMP snooping. To access the IGMP Snooping Table page, click Switching Multicast IGMP Snooping ...
Page 115 GS748T Smart Switch Multicast Forwarding Database Table The Layer 2 Multicast Forwarding Database (MFDB) is used by the switch to make forwarding decisions for packets that arrive with a multicast destination MAC address. By limiting multicasts to only certain ports in the switch, traffic is prevented from going to parts of the network where that traffic is unnecessary.
Page 116: Mfdb Statistics
GS748T Smart Switch Field Description Component This is the component that is responsible for this entry in the Multicast Forwarding Database. Possible values are IGMP Snooping or Static Filtering. Type This displays the type of the entry. Static entries are those that are configured by the end user.
Page 117: Igmp Snooping Vlan Configuration
GS748T Smart Switch The following table describes the information available on the MFDB Statistics page: Field Description Max MFDB Table Displays the maximum number of entries that the Multicast Forwarding Database Entries table can hold. Most MFDB Entries The largest number of entries that have been present in the Multicast Forwarding Since Last Reset Database table since the system was last reset.
Page 118 GS748T Smart Switch To configure IGMP snooping settings for VLANs: To enable IGMP snooping on a VLAN, enter the VLAN ID in the appropriate field and configure the IGMP Snooping values: • Fast Leave Admin Mode. Enable or disable the IGMP Snooping Fast Leave Mode for the specified VLAN ID.
Page 119: Multicast Router Configuration
GS748T Smart Switch Multicast Router Configuration This page configures the interface as the one the multicast router is attached to. All IGMP packets snooped by the switch will be forwarded to the multicast router reachable from this interface. The configuration is not needed most of the time since the switch will automatically detect the presence of multicast router and forward IGMP packet accordingly.
Page 120: Multicast Router Vlan Configuration
GS748T Smart Switch Multicast Router VLAN Configuration This page configures the interface to only forward the snooped IGMP packets that come from the specified VLAN to the multicast router attached to this interface. The configuration is not needed most of the time since the switch will automatically detect the presence of a multicast router and forward IGMP packets accordingly.
Page 121: Igmp Snooping Querier
GS748T Smart Switch IGMP Snooping Querier IGMP snooping requires that one central switch or router periodically query all end-devices on the network to announce their multicast memberships. This central device is the IGMP querier. The IGMP query responses, known as IGMP reports, keep the switch updated with the current multicast group membership on a port-by-port basis.
Page 122 GS748T Smart Switch In the Snooping Querier Address field, specify the IP address to be used as source address in periodic IGMP queries. This address is used when no address is configured on the VLAN on which the query is being sent.
Page 123: Igmp Snooping Querier Vlan Configuration
GS748T Smart Switch IGMP Snooping Querier VLAN Configuration Use this page to configure IGMP queriers for use with VLANs on the network. To access this page, click Switching Multicast IGMP Snooping Querier Querier VLAN    Configuration. To configure Querier VLAN settings:...
Page 124: Igmp Snooping Querier Vlan Status
GS748T Smart Switch IGMP Snooping Querier VLAN Status Use this page to view the operational state and other information for IGMP snooping queriers for VLANs on the network. To access this page, click Switching Multicast IGMP Snooping Querier Querier VLAN ...
Page 125: Forwarding Database
GS748T Smart Switch Field Description Last Querier Version Displays the IGMP protocol version of the last querier from which a query was snooped on the VLAN. Operational Max Response Displays the maximum response time to be used in the queries that are sent Time by the snooping querier.
Page 126: Dynamic Address Configuration
GS748T Smart Switch To search for an entry in the MAC Address Table: Use the Search By field to search for MAC Addresses by MAC Address, VLAN ID, or Interface. • MAC Address: Select MAC Address from the menu and enter a six-byte hexadecimal MAC address in two-digit groups separated by colons, then click Go.
Page 127: Static Mac Address
GS748T Smart Switch To configure the Dynamic Address setting: Specify the number of seconds the forwarding database should wait before deleting a learned entry that has not been updated. IEEE 802.1D-1990 recommends a default of 300 seconds. You may enter any number of seconds between 10 and 1000000. The factory default is 300.
Page 128 GS748T Smart Switch To configure a static MAC address: To add a static MAC address entry a. From the Interface menu, select the port or LAG on which to configure the static MAC address. b. Specify the MAC address to add.
Page 129: Configuring Routing
Configuring Routing The GS748T Smart Switch supports IP routing. Use the links in the Routing menu to manage and monitor routing on the system. This section contains the following information: • Configuring IP Settings on page 129 • Configuring VLAN Routing on page 135 •...
Page 130: Ip Configuration
GS748T Smart Switch IP Configuration Use the IP Configuration page to enable routing on the switch and to view global routing settings. To access the IP Configuration page click Routing IP, then click the IP Configuration link.  To configure or view the global routing settings on the switch:...
Page 131: Vlan Routing Wizard
GS748T Smart Switch VLAN Routing Wizard The VLAN Routing Wizard allows you to create a VLAN routing interface, configure the IP address and subnet mask for the interface, and add selected ports or LAGs to the VLAN. With this wizard, you can: •...
Page 132 GS748T Smart Switch Select the physical ports or LAGs to add as members to the VLAN interface. To display the ports that can be added as VLAN members, click PORT. Click LAG to display the LAGs to add to the VLAN interface. Click the box below each port or LAG to add or remove it as a member.
Page 133 GS748T Smart Switch The following table describes the information available on the IP Statistics page Field Description IpInReceives The total number of input datagrams received from interfaces, including those received in error. IpInHdrErrors The number of input datagrams discarded due to errors in their IP...
Page 134 GS748T Smart Switch Field Description IpReasmReqds The number of IP fragments received which needed to be reassembled at this entity. IpReasmOKs The number of IP datagrams successfully re-assembled. IpReasmFails The number of failures detected by the IP re-assembly algorithm (for whatever reason: timed out, errors, etc.).
Page 135: Configuring Vlan Routing
Click Refresh to update the page with the most current data. Configuring VLAN Routing You can configure GS748T Smart Switch software with some ports supporting VLANs and some supporting routing. You can also configure the software to allow traffic on a VLAN to be treated as if the VLAN were a router port.
Page 136: Vlan Routing Configuration
GS748T Smart Switch VLAN routing. A port can be either a VLAN port or a router port, but not both. However, a VLAN port may be part of a VLAN that is itself a router port. From the VLAN link, you can access...
Page 137: Configuring Router Discovery
GS748T Smart Switch Configuring Router Discovery The Router Discovery protocol is used by hosts to identify operational routers on the subnet. Router Discovery messages are of two types: Router Advertisements and Router Solicitations. The protocol mandates that every router periodically advertise the IP Addresses it is associated with.
Page 138: Configuring And Viewing Routes
Configuration changes take effect immediately. Configuring and Viewing Routes From the Routing Table page, you can configure static and default routes and view the routes that the GS748T has already learned. To display the page click the Routing Routing Table link.
Page 139 To add a route, enter the route information into the appropriate fields and click Add. To delete a route, select the check box next to the route and click Delete. The Route Status table provides information about the routes the GS748T already has in its routing table.
Page 140: Configuring Arp
ARP cache. Newer information always replaces existing content in the ARP cache. The GS748T switches support 1024 ARP entries, which includes dynamic and static ARP entries.
Page 141: Arp Cache
GS748T Smart Switch ARP Cache Use the ARP Cache page to view entries in the ARP table, a table of the remote connections most recently seen by this switch. To display the page, click the Routing ARP, then click the Basic ARP Cache link.
Page 142: Global Arp Configuration
GS748T Smart Switch Field Description Type The type of the ARP entry. Possible values are: • Local. An ARP entry associated with one of the switch’s routing interface’s MAC addresses. • Gateway. A dynamic ARP entry whose IP address is that of a router.
Page 143: Arp Create
GS748T Smart Switch In the Retries field, enter an integer which specifies the maximum number of times an ARP request will be retried. The range for this field is 0 to 10. The default value is 4. In the Cache Size field, enter an integer which specifies the maximum number of entries for the ARP cache.
Page 144: Arp Entry Management
GS748T Smart Switch The Routing VLANs ARP Cache table displays the following information: Field Description Interface The routing interface associated with the ARP entry. IP Address The IP address of a device on a subnet attached to one of the switch's routing interfaces.
Page 145 GS748T Smart Switch To manage the ARP entries: To move certain type of entries, select the type of entries to remove from the Remove From Table menu. The choices listed specify the type of ARP Entry to be deleted: •...
Page 146 GS748T Smart Switch...
Page 147: Chapter 5 Configuring Quality Of Service
Configuring Quality of Service Use the features in the QoS tab to configure Quality of Service (QoS) settings on the switch. The QoS tab contains links to the following features: • Class of Service on page 147 • Differentiated Services on page 154 In a typical switch, each physical port consists of one or more queues for transmitting packets on the attached network.
Page 148: Basic Cos Configuration
GS748T Smart Switch • Interface Queue Configuration on page 150 • 802.1p to Queue Mapping on page 152 • DSCP to Queue Mapping on page 153 Basic CoS Configuration Use the Trust Mode Configuration page to set the class of service trust mode of an interface.
Page 149: Cos Interface Configuration
GS748T Smart Switch To configure global CoS settings: Select the Global radio button to configure the trust mode settings that apply to all interfaces. Alternatively, you can select the Interface radio button to apply trust mode settings to individual interfaces. The per-interface setting overrides the global settings.
Page 150: Interface Queue Configuration
GS748T Smart Switch To configure CoS settings for an interface: To configure CoS settings for a physical port, click PORTS. To configure CoS settings for a Link Aggregation Group (LAG), click LAGS. To configure CoS settings for both physical ports and LAGs, click ALL.
Page 151 GS748T Smart Switch To display the Interface Queue Configuration page, click the QoS CoS tab, and then click  the Advanced Interface Queue Configuration link.  To configure CoS queue settings for an interface: To configure CoS queue settings for a physical port, click PORTS.
Page 152: 802.1P To Queue Mapping
GS748T Smart Switch 802.1p to Queue Mapping The 802.1p to Queue Mapping page also displays the Current 802.1p Priority Mapping table. To display the 801.p to Queue Mapping page, click QoS Advanced 802.1p to    Queue Mapping. To map 802.1p priorities to queues: Select the Global radio button to apply the same 802.1p priority mapping to all CoS...
Page 153: Dscp To Queue Mapping
GS748T Smart Switch DSCP to Queue Mapping Use the DSCP to Queue Mapping page to specify which internal traffic class to map the corresponding DSCP value. To display the IP DSCP Mapping page, click QoS Advanced DSCP to Queue ...
Page 154: Differentiated Services
GS748T Smart Switch Differentiated Services The QoS feature contains Differentiated Services (DiffServ) support that allows traffic to be classified into streams and given certain QoS treatment in accordance with defined per-hop behaviors. Standard IP-based networks are designed to provide “best effort” data delivery service. “Best effort”...
Page 155: Diffserv Configuration
GS748T Smart Switch DiffServ Configuration Use the DiffServ Configuration page to display DiffServ General Status Group information, which includes the current administrative mode setting as well as the current and maximum number of rows in each of the main DiffServ private MIB tables.
Page 156: Class Configuration
GS748T Smart Switch Field Description Policy Attributes Table Displays the current and maximum number of rows of the policy attributes table. Service Table Displays the current and maximum number of rows of the service table. Class Configuration Use the Class Configuration page to add a new DiffServ class name, or to rename or delete an existing class.
Page 157 GS748T Smart Switch To configure the class match criteria: Click the class name for an existing class. The class name is a hyperlink. The following figure shows the configuration fields for the class. Define the criteria to associate with a DiffServ class: •...
Page 158 GS748T Smart Switch • Ethernet Type. Select an EtherType keyword or enter an EtherType value to add a match condition based on the EtherType value. • Source MAC. Requires a packet’s source MAC address to match the address specified here.
Page 159 GS748T Smart Switch • IP Precedence. Matches the packet’s IP Precedence value to the class criteria’s when Enter a value in the range of 0–7. • IP ToS. Matches the packet’s Type of Service bits in the IP header to the class criteria’s when selected and a value is entered.
Page 160: Ipv6 Class Configuration
GS748T Smart Switch IPv6 Class Configuration Use the IPv6 Class Configuration page to add a new IPv6 DiffServ class name, or to rename or delete an existing class. The page also allows you to define the criteria to associate with a DiffServ class.
Page 161 GS748T Smart Switch To configure the class match criteria: Click the class name for an existing class. The class name is a hyperlink. The following figure shows the configuration fields for the class. Class Name - Displays the name for the configured DiffServ class.
Page 162 GS748T Smart Switch • Source IPv6 Prefix/Length - This is a valid Source IPv6 Prefix to compare against an IPv6 Packet. Prefix is always specified with the Prefix Length. Prefix can be entered in the range of ::0 to FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF and Prefix Length can be entered in the range of 0 to 128.
Page 163: Policy Configuration
GS748T Smart Switch Policy Configuration Use the Policy Configuration page to associate a collection of classes with one or more policy statements. After creating a Policy, click the policy link to the Policy page. To display the page, click QoS...
Page 164 GS748T Smart Switch To configure the policy attributes: Click the name of the policy. The policy name is a hyperlink. The following figure shows the configuration fields for the policy. Select the queue to which packets will of this policy-class will be assigned.
Page 165 GS748T Smart Switch Configure the policy attributes:. • Drop. Select this option to drop packets for this policy-class. • Mark CoS. Enter the specified Class of Service queue number to mark all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header.
Page 166: Service Configuration
GS748T Smart Switch • Send. (default) These packets are presented unmodified by DiffServ to the system forwarding element. • Drop. (default) These packets are immediately dropped. • Mark CoS. These packets are marked by DiffServ with the specified CoS value before being presented to the system forwarding element.
Page 167: Service Statistics
GS748T Smart Switch To configure DiffServ policy settings on an interface: To configure DiffServ policy settings for a physical port, click PORTS. To configure DiffServ policy settings for a Link Aggregation Group (LAG), click LAGS. To configure DiffServ policy settings for both physical ports and LAGs, click ALL.
Page 168 GS748T Smart Switch The following table describes the information available on the Service Statistics page. Field Description Interface Displays the interface for which service statistics are to display. Direction Displays the direction of packets for which service statistics display, which is always In.
Page 169: Managing Device Security
Managing Device Security Use the features available from the Security tab to configure management security settings for port, user, and server security. The Security tab contains links to the following features: • Management Security Settings on page 169 • Configuring Management Access on page 181 •...
Page 170: Change Password
GS748T Smart Switch Change Password Use the page to change the login password. To display the page, click Security  Management Security User Configuration Change Password.   To change the login password for the management interface: Specify the current password in the Old Password field. The entered password will be displayed in asterisks (*).
Page 171: Radius Configuration
GS748T Smart Switch RADIUS Configuration RADIUS servers provide additional security for networks. The RADIUS server maintains a user database, which contains per-user authentication information. The switch passes information to the configured RADIUS server, which can authenticate a user name and password before authorizing use of the network.
Page 172 GS748T Smart Switch To configure global RADIUS server settings: In the Max Number of Retransmits field, specify the value of the maximum number of times a request packet is retransmitted to the RADIUS server. Consideration to maximum delay time should be given when configuring RADIUS max retransmit and RADIUS timeout.
Page 173: Radius Server Configuration
GS748T Smart Switch RADIUS Server Configuration Use the RADIUS Server Configuration page to view and configure various settings for the current RADIUS server configured on the system. To access the RADIUS Server Configuration page, click Security Management Security,  and then click the RADIUS Server Configuration link.
Page 174 GS748T Smart Switch The following table describes the RADIUS server statistics available on the page. Field Description Server Address This displays all configured RADIUS servers. Round Trip Time The time interval, in hundredths of a second, between the most recent Access-Reply/Access-Challenge and the Access-Request that matched it from this RADIUS authentication server.
Page 175 GS748T Smart Switch Accounting Server Configuration Use the RADIUS Accounting Server Configuration page to view and configure various settings for one or more RADIUS accounting servers on the network. To access the RADIUS Accounting Server Configuration page, click Security Management ...
Page 176 GS748T Smart Switch The following table describes RADIUS accounting server statistics available on the page. Field Description Accounting Server Address Displays the IP address of the supported RADIUS accounting server. Round Trip Time (secs) Displays the time interval, in hundredths of a second, between the most recent Accounting-Response and the Accounting-Request that matched it from this RADIUS accounting server.
Page 177: Configuring Tacacs
GS748T Smart Switch Configuring TACACS+ TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services: • Authentication: Provides authentication during login and via user names and user-defined passwords.
Page 178 0–128 characters. The key must match the key configured on the TACACS+ server. In the Connection Timeout field, specify the maximum number of seconds allowed to establish a TCP connection between the GS748T and the TACACS+ server. The valid range is 1–30 seconds.
Page 179: Authentication List Configuration
The default is port 49, and the range is 0–65535. In the Key String field, specify the authentication and encryption key for TACACS+ communications between the GS748T and the TACACS+ server. This key must match the encryption used on the TACACS+ server. The valid range is 0–128 characters.
Page 180 GS748T Smart Switch To change the authentication method for the defaultList: Select the check box next to the defaultList name Use the drop down menu in the 1 column to select the authentication method that should appear first in the selected authentication login list. If you select a method that does not time out as the first method, such as ‘local’, no other method will be tried, even if you have...
Page 181: Configuring Management Access
GS748T Smart Switch Configuring Management Access From the Access page, you can configure HTTP and Secure HTTP access to the GS748T management interface. You can also configure Access Control Profiles and Access Rules. The Security Access tab contains the following folders: ...
Page 182: Secure Http Configuration
GS748T Smart Switch In the HTTP Session Hard Timeout field, specify the hard timeout for HTTP sessions. This timeout is unaffected by the activity level of the session. The value must be in the range of (0–168) hours. A value of zero corresponds to an infinite timeout. The default value is 24 hours.
Page 183 GS748T Smart Switch To configure HTTPS settings: Use the radio buttons in the HTTPS Admin Mode field to enable or disable the Administrative Mode of Secure HTTP. The currently configured value is shown when the Web page is displayed. The default value is Disable.
Page 184: Certificate Download
GS748T Smart Switch Certificate Download For the Web server on the switch to accept HTTPS connections from a management station, the Web server needs a public key certificate. You can generate a certificate externally (for example, off-line) and download it to the switch.
Page 185: Access Profile Configuration
GS748T Smart Switch In the TFTP Server IP field, specify the address of the TFTP server. The address can be an IP address in standard x.x.x.x format or a host name. The host name must start with a letter of the alphabet. Make sure that the software image or other file to be downloaded is available on the TFTP server.
Page 186 GS748T Smart Switch To create an Access Profile: In the Access Profile Name field, specify the name of the access profile to be added. The maximum length is 15 characters. To activate an access profile, select the Activate Profile check box. You cannot add rules to an active profile.
Page 187: Access Rule Configuration
To configure access profile rules: To add an access profile rule, configure the following settings and click Add. • Rule Type: Specify whether the rule permits or denies access to the GS748T management interface. • Select Permit to allow access to the management interface for traffic that meets the criteria you configure for the rule.
Page 188: Port Authentication
GS748T Smart Switch • Source IP Address. Specify the IP Address of the client originating the management traffic. • Mask. Specify the subnet mask associated with the IP address. The subnet mask is a standard subnet mask, and not an inverse (wildcard) mask that you use with IP ACLs.
Page 189: 802.1X Configuration
GS748T Smart Switch 802.1X Configuration Use the 802.1X Configuration page to enable or disable port access control on the system. To display the 802.1X Configuration page, click Security Port Authentication Basic    802.1X Configuration. To configure global 802.1X settings: Select the appropriate radio button in the Port Based Authentication State field to enable or disable 802.1X administrative mode on the switch.
Page 190: Port Authentication
GS748T Smart Switch Port Authentication Use the Port Authentication page to enable and configure port access control on one or more ports. To access the Port Authentication page, click Security Port Authentication, and then click  the Advanced Port Authentication link.
Page 191 GS748T Smart Switch To configure 802.1X settings for the port: Select the check box next to the port to configure. You can also select multiple check boxes to apply the same settings to the select ports, or select the check box in the heading row to apply the same settings to all ports.
Page 192 GS748T Smart Switch • Supplicant Timeout. Defines the amount of time that lapses before EAP requests are resent to the user. The field value is in seconds. The field default is 30 seconds. • Server Timeout. Defines the amount of time that lapses before the switch resends a request to the authentication server.
Page 193: Port Summary
GS748T Smart Switch Click Initialize to begin the initialization sequence on the selected port(s). This button is only selectable if the control mode is auto. If the button is not selectable, it will be grayed out. When this button is clicked, the action is immediate. It is not required to click Apply for the action to occur.
Page 194 GS748T Smart Switch The following table describes the fields on the Port Summary page. Field Description Port The port whose settings are displayed in the current table row. Control Mode Defines the port authorization state. The control mode is only set if the link status of the port is link up.
Page 195: Traffic Control
GS748T Smart Switch Traffic Control From the Traffic Control link, you can configure MAC Filters, Storm Control, Port Security, and Protected Port settings. To display the page, click the Security Traffic Control tab.  The Traffic Control folder contains links to the following features: •...
Page 196 GS748T Smart Switch To configure MAC filter settings: To configure a new MAC filter: a. Select Create Filter from the MAC Filter menu. If no filters have been configured, this is the only option available. b. From the VLAN ID menu, select the VLAN to use with the MAC address to fully identify packets you want filtered.
Page 197: Mac Filter Summary
GS748T Smart Switch MAC Filter Summary Use the MAC Filter Summary page to view the MAC filters that are configured on the system. To display the MAC Filter Summary page, click Security Traffic Control, and then click the  MAC Filter MAC Filter Summary link.
Page 198: Storm Control
GS748T Smart Switch Storm Control A broadcast storm is the result of an excessive number of broadcast messages simultaneously transmitted across a network by a single port. Forwarded message responses can overload network resources and/or cause the network to time out.
Page 199: Port Security Configuration
GS748T Smart Switch When the selected Ingress Control Mode is an option other than Disable, select Enable or Disable from the Status menu to specify the administrative status of the mode. In the Threshold field, specify the maximum rate at which unknown packets are forwarded.
Page 200: Port Security Interface Configuration
GS748T Smart Switch The Port Security Violation table shows information about violations that occurred on ports that are enabled for port security. The following table describes the fields in the Port Security Violation table. Field Description Port Identifies the port where a violation occurred.
Page 201 GS748T Smart Switch To configure port security settings: To configure port security settings for a physical port, click PORTS. To configure port security settings for a Link Aggregation Group (LAG), click LAGS. To configure port security settings for both physical ports and LAGs, click ALL.
Page 202: Security Mac Address
GS748T Smart Switch Security MAC Address Use the Security MAC Address page to convert a dynamically learned MAC address to a statically locked address. To display the Security MAC Address page, click Security Traffic Control, and then click the ...
Page 203: Protected Ports Membership
GS748T Smart Switch Protected Ports Membership If a port is configured as protected, it does not forward traffic to any other protected port on the switch, but it will forward traffic to unprotected ports. Use the Protected Ports Membership page to configure the ports as protected or unprotected.
Page 204: Configuring Access Control Lists
ACLs are used to provide traffic flow control, restrict contents of routing updates, decide which types of traffic are forwarded or blocked, and above all provide security for the network. GS748T Smart Switch software supports IPv4, IPv6 and MAC ACLs.
Page 205: Acl Wizard
GS748T Smart Switch ACL Wizard The ACL Wizard allows you to configure ACL permissions for devices based on the source and destination of MAC address, IP address, and port IDs. To display the MAC ACL page, click Security ACL Wizard.
Page 206: Mac Acl
GS748T Smart Switch MAC ACL A MAC ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match.
Page 207: Mac Rules
GS748T Smart Switch To delete a MAC ACL, select the check box next to the Name field, then click Delete. To change the name of a MAC ACL, select the check box next to the Name field, update the name, then click Apply.
Page 208 GS748T Smart Switch • Destination MAC. Requires an Ethernet frame’s destination port MAC address to match the address listed here. Enter a MAC address in this field. The valid format is xx:xx:xx:xx:xx:xx. • Destination MAC Mask. If desired, enter the MAC Mask associated with the Destination MAC to match.
Page 209: Mac Binding Configuration
GS748T Smart Switch MAC Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the MAC Binding Configuration page to assign MAC ACL lists to ACL Priorities and Interfaces.
Page 210: Mac Binding Table
GS748T Smart Switch Click the appropriate orange bar to expose the available ports or LAGs. • To add the selected ACL to a port or LAG, click the box directly below the port or LAG number so that an X appears in the box.
Page 211: Ip Acl
GS748T Smart Switch IP ACL IP ACLs allow network managers to define classification actions and rules for specific ingress ports. Packets can be filtered on ingress (inbound) ports only. If the filter rules match, then some actions can be taken, including dropping the packet or disabling the port. For example, a network administrator defines an ACL rule that says port number 20 can receive TCP packets.
Page 212: Ip Rules
GS748T Smart Switch To delete an IP ACL, select the check box next to the IP ACL ID field, then click Delete. To change the name of an IP ACL, select the check box next to the IP ACL ID field, update the name, then click Apply.
Page 213 GS748T Smart Switch To configure rules for an IP ACL: To add an IP ACL rule, select the ACL ID to add the rule to, complete the fields described in the following list, and click Add. • Rule ID. Specify a number from 1–10 to identify the IP ACL rule. You can create up to 10 rules for each ACL.
Page 214: Ip Extended Rules
GS748T Smart Switch IP Extended Rules Use the IP Extended Rules page to define rules for IP-based extended ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. Note: There is an implicit “deny all” rule at the end of an ACL list. This means that if an ACL is applied to a packet and if none of the explicit rules match, then the final implicit “deny all”...
Page 215 GS748T Smart Switch To configure rules for an IP ACL: To add an IP ACL rule, select the ACL ID to add the rule to, select the check box in the Extended ACL Rule table, and click Add. The page displays the extended ACL Rule Configuration fields.
Page 216 GS748T Smart Switch • Src L4 Port. Requires a packet’s TCP/UDP source port to match the port listed here. Click Complete one of the following fields: • Source L4 Keyword: Select the desired L4 keyword from a list of source ports on which the rule can be based.
Page 217: Ipv6 Acl
GS748T Smart Switch To delete an IP ACL rule, select the check box associated with the rule, and then click Delete. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 218: Ipv6 Rules
GS748T Smart Switch To configure an IPv6 ACL: To add an ACL, type a name in the IPv6 ACL field, and then click Add. To delete an ACL, select the check box associated with the ACL, and then click Delete.
Page 219 GS748T Smart Switch To configure the IPv6 rules, select the following: To add an IPv6 rule, use the pull-down list in the ACL Name field to select the IP ACL for which to create or update a rule. Complete the fields described in the following list, and click Add.
Page 220 GS748T Smart Switch • Source Prefix/Prefix Length: Specify IPv6 Prefix combined with IPv6 Prefix length of the network or host from which the packet is being sent. Prefix length can be in the range (0 to 128). • Source L4 Port: Specify a packet's source layer 4 port as a match condition for the selected IPv6 ACL rule.
Page 221: Ip Binding Configuration
GS748T Smart Switch IP Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the IP Binding Configuration page to assign IPv4 and IPv6 ACLs to ports and LAGs.
Page 222: Ip Binding Table
GS748T Smart Switch To configure IP ACL interface bindings: Select an existing IP ACL from the ACL ID menu. The packet filtering direction for ACL is Inbound, which means the IP ACL rules are applied to traffic entering the port.
Page 223 GS748T Smart Switch The following table describes the information displayed in the IP Binding Table. Field Description Interface Displays the interface to which the IP ACL is bound. Direction Specifies the packet filtering direction for ACL. The only valid direction is Inbound, which means the IP ACL rules are applied to traffic entering the port.
Page 224 GS748T Smart Switch...
Page 225: Ports
Monitoring the System Use the features available from the Monitoring tab to view a variety of information about the switch and its ports and to configure how the switch monitors events. The Monitoring tab contains links to the following features: •...
Page 226 GS748T Smart Switch The following table describes the Switch Statistics displayed on the screen. Field Description ifIndex This object indicates the ifIndex of the interface table entry associated with the processor of this switch. Octets Received The total number of octets of data received by the processor (excluding framing bits, but including FCS octets).
Page 227 GS748T Smart Switch Field Description Octets Transmitted The total number of octets transmitted out of the interface, including framing characters. Packets Transmitted Without The total number of packets transmitted out of the interface. Errors Unicast Packets Transmitted The total number of packets that higher level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent.
Page 228: Port Statistics
GS748T Smart Switch Port Statistics The Port Statistics page displays a summary of per-port traffic statistics on the switch. To access the Port Summary page, click Monitoring Ports tab, and then click the Port  Statistics link. To view port statistics: To view statistics for the physical ports, click PORTS.
Page 229: Port Detailed Statistics
GS748T Smart Switch Field Description Transmit Packet Errors The number of outbound packets that could not be transmitted because of errors. Collision Frames The best estimate of the total number of collisions on this Ethernet segment. Time Since Counters Last...
Page 230 GS748T Smart Switch The following table describes the detailed port information displayed on the screen. To view information about a different port, select the port number from the Interface menu. Field Description Interface Use the drop down menu to select the interface for which data is to be displayed or configured.
Page 231 GS748T Smart Switch Field Description LACP Mode Selects the Link Aggregation Control Protocol administration state: • Enable: Specifies that the port is allowed to participate in a port channel (LAG), which is the default mode. • Disable: Specifies that the port cannot participate in a port channel (LAG).
Page 232 GS748T Smart Switch Field Description Packets Received 65-127 The total number of packets (including bad packets) received that were Octets between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 128-255 The total number of packets (including bad packets) received that were...
Page 233 GS748T Smart Switch Field Description Alignment Errors The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with a non-integral number of octets.
Page 234 GS748T Smart Switch Field Description Packets Transmitted The total number of packets (including bad packets) transmitted that were 256-511 Octets between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted The total number of packets (including bad packets) transmitted that were...
Page 235: Eap Statistics
GS748T Smart Switch Field Description STP BPDUs Received Number of STP BPDUs received at the selected port. STP BPDUs Transmitted Number of STP BPDUs transmitted from the selected port. RSTP BPDUs Received Number of RSTP BPDUs received at the selected port.
Page 236 GS748T Smart Switch The following table describes the EAP statistics displayed on the screen. Field Description Ports Specifies the interface which is polled for statistics. Frames Received Displays the number of valid EAPOL frames received on the port. Frames Transmitted Displays the number of EAPOL frames transmitted through the port.
Page 237: Cable Test
GS748T Smart Switch Use the buttons at the bottom of the page to perform the following actions: • To clear all the EAP counters for all ports on the switch, select the check box in the row heading and click Clear. The button resets all statistics for all ports to default values.
Page 238: System Logs
GS748T Smart Switch The following table describes the cable information displayed on the screen. Field Description Interface Specifies the interface that has the connected cable. Cable Status Displays the cable status. • Normal: the cable is working correctly. • Open: the cable is disconnected or there is a faulty connector.
Page 239: Memory Logs
GS748T Smart Switch Memory Logs The in-memory log stores messages in memory based upon the settings for message component and severity. Use the Memory Logs page to set the administrative status and behavior of logs in the system buffer. These log messages are cleared when the switch reboots.
Page 240 GS748T Smart Switch The Memory Log table also appears on the Memory Log page. Field Description Total Number of Messages Displays the number of messages the system has logged in memory. Only the 64 most recent entries are displayed on the page.
Page 241: Flash Log Configuration
GS748T Smart Switch FLASH Log Configuration The FLASH log is a log that is stored in persistent storage, which means that the log messages are retained across a switch reboot. • The first log type is the system startup log. The system startup log stores the first N messages received after system reboot.
Page 242 GS748T Smart Switch The severity can be one of the following levels: • Emergency (0): The highest level warning level. If the device is down or not functioning properly, an emergency log is saved to the device. • Alert (1): The second highest warning level. An alert log is saved if there is a serious device malfunction, such as all device features being down.
Page 243: Server Log Configuration
GS748T Smart Switch Server Log Configuration Use the Server Log Configuration page to allow the switch to send log messages to the remote logging hosts configured on the system. To access the Server Log Configuration page, click the Monitoring Logs tab, and then click ...
Page 244 GS748T Smart Switch To configure a remote log server To add a remote syslog host (log server), specify the settings in the following list and click Add. • Host Address. Specify the IP address or host name of the host configured for syslog.
Page 245: Trap Logs
GS748T Smart Switch Trap Logs Use the Trap Logs page to view information about the SNMP traps generated on the switch. To access the Trap Logs page, click the Monitoring Logs tab, and then click the Trap Logs  link.
Page 246: Event Logs
The number of the entry within the event log. The most recent entry is first. Type Specifies the type of entry. Filename The GS748T source code filename identifying the code that detected the event. Line The line number within the source file of the code that detected the event.
Page 247: Port Mirroring
GS748T Smart Switch Port Mirroring The page under the Mirroring link allows you to view and configure port mirroring on the system. Multiple Port Mirroring Port mirroring selects the network traffic for analysis by a network analyzer. This is done for specific ports of the switch.
Page 248 GS748T Smart Switch To configure Port Mirroring: Select the check box next to a port to configure it as a source port. In the Destination Port field, specify the port to which port traffic is be copied. Use the g1, g2,...format to specify the port.
Page 249: Reset
The Reset menu contains links to the following options: • Device Reboot on page 249 • Factory Default on page 250 Device Reboot Use the Device Reboot page to reboot the GS748T. To access the Device Reboot page, click Maintenance Reset Device Reboot.  ...
Page 250: Factory Default
GS748T Smart Switch To reboot the switch: Select the check box on the page. Click Apply to reset the switch immediately, or click Cancel to abandon the reset request. After the switch reset begins, the management interface is not available until the switch completes the boot cycle.
Page 251: Upload File From Switch
GS748T Smart Switch Upload File From Switch The switch supports system file uploads from the switch to a remote system by using either TFTP or HTTP. The Upload menu contains links to the following options: • TFTP File Upload on page 251 •...
Page 252: Http File Upload
GS748T Smart Switch From the Server Address Type filed, specify the format to use for the address you type in the TFTP Server Address field: • IPv4. Indicates the TFTP server address is an IP address in dotted-decimal format. •...
Page 253: Download File To Switch
If you are uploading an GS748T image (Code), select the image on the switch to upload to the management system. This field is visible only when Code is selected as the File Type.
Page 254 GS748T Smart Switch Before you download a file to the switch, the following conditions must be true: • The file to download from the TFTP server is on the server in the appropriate directory. • The file is in the correct format.
Page 255 GS748T Smart Switch If you are downloading an GS748T image (Code), select the image on the switch to overwrite. This field is visible only when Code is selected as the File Type. Note: It is recommended that you not overwrite the active image. The system will display a warning that you are trying to overwrite the active image.
Page 256: Http File Download
GS748T Smart Switch HTTP File Download Use the HTTP File Download page to download files of various types to the switch using an HTTP session (for example, via your Web browser). To display this page, click Maintenance Download HTTP File Download.
Page 257: File Management
GS748T Smart Switch If you are downloading an GS748T image (Code), select the image on the switch to overwrite. This field is only visible when Code is selected as the File Type. Note: It is recommended that you not overwrite the active image. The system will display a warning that you are trying to overwrite the active image.
Page 258 GS748T Smart Switch To configure Dual Image settings: Select the image to configure. The Current-active field displays the name of the active image. To configure a descriptive name for the selected software image, type the name in the Image Description field.
Page 259: Dual Image Status
GS748T Smart Switch Dual Image Status You can use the Dual Image Status page to view information about the system images on the device. To display the Dual Image Status page, click Maintenance > File Management Dual Image  Dual Image Status.
Page 260: Troubleshooting
GS748T Smart Switch Troubleshooting The Troubleshooting menu contains links to the following options: • Ping on page 260 • Ping IPv6 on page 262 • Traceroute on page 263 Ping Use the Ping page to tell the switch to send a Ping request to a specified IP address. You can use this feature to check whether the switch can communicate with a particular network host.
Page 261 GS748T Smart Switch Click Apply to send the ping. The switch sends the number of pings specified in the Count field, and the results are displayed below the configurable data in the Ping area. • If successful, you will see “Reply From IP/Host: icmp_seq = 0. time = xx usec. Tx = x, Rx = x Min/Max/Avg RTT = x/x/x msec.”...
Page 262: Ping Ipv6
GS748T Smart Switch Ping IPv6 Use the Ping IPv6 page to send a Ping request to a specified Hostname or IPv6 address. You can use this to check whether the switch can communicate with a particular IPv6 station. When you click the Apply button, the switch will send three pings and the results will be displayed below the configurable data.
Page 263: Traceroute
GS748T Smart Switch Click Apply to send the ping. The switch sends the number of pings specified in the Count field, and the results are displayed below the configurable data in the Result area. • If successful, the output will be Send count=3, Receive count = n from (IPv6 Address).Average round trip time = n ms.
Page 264 GS748T Smart Switch • MaxFail. Specify the maximum number of failures allowed in the session. The valid range is 0–255. • Interval. Specify the time between probes in seconds. The valid range is 1–60. • Port. Specify the UDP destination port in probe packets. The valid range is 1–65535.
Page 265: Chapter 9 Help
• User Guide on page 266 Support Use the Support page to connect to the Online Support site at netgear.com. To access the Support page, click Help Support.  To connect to the NETGEAR support site for the GS748T, click Apply.
Page 266: User Guide
GS748T Smart Switch User Guide Use the User Guide page to access the GS748T Smart Switch Software Administration Manual (the guide you are now reading) that is available on the NETGEAR Website. To access the User Guide page, click Help User Guide.
Page 267: Registration
GS748T Smart Switch Registration Use the Registration page to register your GS748T switch. Completing the registration confirms your email address, lowers technical support resolution time, and ensures your shipping address accuracy. NETGEAR, Inc. would also like to incorporate your feedback into future product development.
Page 268 • REMIND ME LATER. The pop-up window is closed without taking any action, and the registration reminder pop-up appears on next successful login. • REGISTER NOW. The NETGEAR Registration Server is contacted to initiate the registration process.
Page 269: Appendix A Hardware Specifications And Default Values
Hardware Specifications and Default Values GS748T Smart Switch Specifications The GS748T Smart Switch conforms to the TCP/IP, UDP, HTTP, ICMP, TFTP, DHCP, IEEE 802.1D, IEEE 802.1p, and IEEE 802.1Q standards. Feature Value Interfaces 48 10/100/1000M Ethernet ports Two Dedicated SFP ports...
Page 270: Gs748T Switch Features And Defaults
GS748T Smart Switch GS748T Switch Features and Defaults Port Characteristics Feature Sets Supported Default Auto negotiation/static All ports Auto negotiation speed/duplex Auto MDI/MDIX Enabled 802.3x flow control/back pressure 1 (per system) Disabled Port mirroring Disabled Port trunking (aggregation) Pre-configured 802.1D spanning tree Disabled 802.1w RSTP...
Page 271: Quality Of Service
GS748T Smart Switch Quality of Service Feature Sets Supported Default Number of queues Port based 802.1p Enabled DSCP Disabled Rate limiting All ports Disabled Auto-QoS All ports Disabled Security Feature Sets Supported Default 802.1X All ports Disabled MAC ACL 100 (Shared with IPv4/IPv6 ACLs) All MAC packets allowed...
Page 272: System Setup And Maintenance
GS748T Smart Switch System Setup and Maintenance Feature Sets Supported Default Boot code update DHCP/manual IP DHCP enabled/192.168.0.239 Default gateway 192.168.0.254 System name configuration NULL Configuration save/restore Firmware upgrade Restore defaults 1 (Web and front-panel button) Dual image support Enabled...
Page 273: Other Features
GS748T Smart Switch Other Features Feature Sets Supported Default IGMP snooping v1/v2/v3 All ports Disabled Configurations upload/download EAPoL flooding All ports Disabled BPDU flooding All ports Disabled Static multicast groups Disabled Filter multicast control Disabled Number of static routes Number of routed VLANs...
Page 274 GS748T Smart Switch...
Page 275: Appendix B Configuration Examples
Configuration Examples This chapter contains information about how to configure the following features: • Virtual Local Area Networks (VLANs) on page 275 • Access Control Lists (ACLs) on page 278 • Differentiated Services (DiffServ) on page 281 • 802.1X on page 286 •...
Page 276 GS748T Smart Switch VLANs have a number of advantages: • It is easy to do network segmentation. Users that communicate most frequently with each other can be grouped into common VLANs, regardless of physical location. Each group’s traffic is contained largely within the VLAN, reducing extraneous traffic and improving the efficiency of the whole network.
Page 277: Vlan Example Configuration
GS748T Smart Switch VLAN Example Configuration This example demonstrates several scenarios of VLAN use and describes how the switch handles tagged and untagged traffic. In this example, you create two new VLANs, change the port membership for default VLAN 1, and assign port members to the two new VLANs:...
Page 278: Access Control Lists (Acls)
Apply the access list to an interface in the inbound direction. The GS748T Smart Switch allows ACLs to be bound to physical ports and LAGs.The switch software supports MAC ACLs and IP ACLs.
Page 279 GS748T Smart Switch • Destination MAC Mask: 00:00:00:00:FF:FF • Source MAC: 02:02:1A:BC:DE:EF • Source MAC Mask: 00:00:00:00:FF:FF • VLAN ID: 200 For detailed information about MAC ACL rules, see MAC Rules on page 207. From the MAC Binding Configuration screen, assign the Sales_ACL to Ethernet ports 6, 7,...
Page 280: Standard Ip Acl Example Configuration
GS748T Smart Switch Click Apply (See MAC Binding Configuration on page 209). The MAC Binding Table displays the interface and MAC ACL binding information (See MAC Binding Table on page 210). The ACL named Sales_ACL looks for Ethernet frames with destination and source MAC addresses and MAC masks defined in the rule.
Page 281: Differentiated Services (Diffserv)
Integrated Services: network resources are apportioned based on request and are reserved (resource reservation) according to network management policy (RSVP, for example). • Differentiated Services: network resources are apportioned based on traffic classification and priority, giving preferential treatment to data with strict timing requirements. The GS748T Smart Switch supports DiffServ.
Page 282: Class
GS748T Smart Switch The DiffServ feature contains a number of conceptual QoS building blocks you can use to construct a differentiated service network. Use these same blocks in different ways to build other types of QoS architectures. There are 3 key QoS building blocks needed to configure DiffServ: •...
Page 283: Creating Policies
GS748T Smart Switch To configure DiffServ, you must define service levels, namely the forwarding classes/PHBs identified by a given DSCP value, on the egress interface. These service levels are defined by configuring BA classes for each. Creating Policies Use DiffServ policies to associate a collection of classes that you configure with one or more QoS policy statements.
Page 284: Diffserv Example Configuration
GS748T Smart Switch Color Mode Awareness: Policing in the DiffServ feature uses either color blind or color aware mode. Color blind mode ignores the coloration (marking) of the incoming packet. Color aware mode takes into consideration the current packet marking when determining the policing outcome.
Page 285 GS748T Smart Switch From the Policy Configuration screen, create a new policy with the following settings: • Policy Selector: Policy1 • Member Class: Class1 For more information about this screen, see Policy Configuration on page 163. Click Add to add the new policy.
Page 286: 286
(the system that requests authentication), as well as between the authenticator and the authentication server. The GS748T Smart Switch supports a guest VLAN, which allows unauthenticated users to have limited access to the network resources.
Page 287: 802.1X Example Configuration
Supplicant on behalf of the Authenticator. All three roles are required in order to complete an authentication exchange. The GS748T Smart Switch supports the Authenticator role only, in which the PAE is responsible for communicating with the Supplicant. The Authenticator PAE is also...
Page 288 (See Authentication List Configuration on page 179). This example enables 802.1X-based port security on the GS748T switch and prompts the hosts connected on ports g1–g8 for an 802.1X-based authentication. The switch passes the authentication information to the configured RADIUS server.
Page 289: Mstp
GS748T Smart Switch MSTP Spanning Tree Protocol (STP) runs on bridged networks to help eliminate loops. If a bridge loop occurs, the network can become flooded with traffic. IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) supports multiple instances of Spanning Tree to efficiently channel VLAN traffic over different interfaces.
Page 290 GS748T Smart Switch An MST Region comprises of one or more MSTP Bridges with the same MST Configuration Identifier, using the same MSTIs, and which have no Bridges attached that cannot receive and transmit MSTP BPDUs. The MST Configuration Identifier has the following components:...
Page 291: Mstp Example Configuration
GS748T Smart Switch MSTP Example Configuration This example shows how to create an MSTP instance from the GS748T switch. The example network has three different GS748T switches that serve different locations in the network. In this example, ports g1–g5 are connected to host stations, so those links are not subject to network loops.
Page 292 GS748T Smart Switch If you do not specify a root bridge and all switches have the same Bridge Priority value, the switch with the lowest MAC address is elected as the root bridge (see Configuration on page 99). From the CST Port Configuration screen, select ports g1–g8 and select Enable from the...
Page 293: Vlan Routing
To forward traffic across VLAN boundaries, a layer 3 device, such as router, is required. The GS748T Smart Switch can act as a layer 3 device when you configure VLAN routing interfaces. VLAN routing interfaces make it possible to transmit traffic between VLANs while still containing broadcast traffic within VLAN boundaries.
Page 294 GS748T Smart Switch This example shows how to configure the GS748T switch with the following settings: • Port g3 is a tagged member of VLAN 10 and uses VLAN 10 as the port VLAN ID (PVID). • Port g20 is a tagged member of VLAN 20 uses VLAN 20 as the PVID.
Page 295 GS748T Smart Switch From the Routing > VLAN > VLAN Routing page: • Configure VLAN 10 with an IP address of 192.168.10.3 and subnet mask of 255.255.255.0. • Configure VLAN 20 with an IP address of 192.168.20.15 and subnet mask of 255.255.255.0.
Page 296: Appendix C Notification Of Compliance
FCC Declaration Of Conformity We, NETGEAR, Inc., 350 East Plumeria Drive, San Jose, CA 95134, declare under our sole responsibility that the GS748T Smart Switch complies with Part 15 of FCC Rules. Operation is subject to the following two conditions: •...
Page 297: European Union
Canadian Department of Communications Radio Interference Regulations This digital apparatus, GS748T Smart Switch, does not exceed the Class B limits for radio-noise emissions from digital apparatus as set out in the Radio Interference Regulations of the Canadian Department of Communications.
Page 298 GS748T Smart Switch GPL License Agreement GPL may be included in this product; to view the GPL license agreement go to ftp://downloads.netgear.com/files/GPLnotice.pdf For GNU General Public License (GPL) related information, visit http://support.netgear.com/app/answers/detail/a_id/2649...
Page 299: Index
Index Numerics DiffServ 802.1X Dual Image example configuration Dynamic Address Dynamic Host Global Green Ethernet access control HTTP ACL example configuration IGMP Snooping ACLs LACP management interface LACP Port Wizard LLDP ACL Wizard MAC Filter Management Access Cache MST Port configuring Network Settings on the Administrative System Entry configuration...
Page 300 GS748T Smart Switch DiffServ physical queue configuration IP address administrative system download switch a file IP DSCP files via HTTP Mapping from a remote system software IPv6 network interface Dual Image Status IPv6 network configuration IPv6 Network Configuration IPv6 Network Interface IPv6 Neighbor Table...
Page 301 GS748T Smart Switch SNTP Global Status global status server configuration server status password change storm control login Ping example configuration port Status authentication Stratum summary product registration 802.1p to Queue Mapping RADIUS TACACS+ server folder statistics settings VLAN assignment technical support...
Page 302 GS748T Smart Switch managing RADIUS-based assignment voice Voice VLAN OUI VoIP Web interface panel...

NETGEAR GS748T Software Administration Manual

Chapter 1 Getting Started

Chapter 2 Configuring System Information

Management

System Information

IP Configuration

Ipv6 Network Configuration

Ipv6 Network Neighbor

Time

Denial of Service

Dns

Green Ethernet

Snmp

Lldp

Services - DHCP Filtering

Chapter 3 Configuring Switching Information

Ports

Port Configuration

Flow Control

Link Aggregation Groups

Vlans

Voice VLAN

Auto-Voip Configuration

Spanning Tree Protocol

Multicast

Forwarding Database

Chapter 4 Configuring Routing

Chapter 5 Configuring Quality of Service

Chapter 6 Managing Device Security

MAC Filter Configuration

MAC Filter Summary

Storm Control

Port Security Configuration

Port Security Interface Configuration

Security MAC Address

Protected Ports Membership

MAC ACL MAC Rules

Mac Acl

MAC Rules

MAC Binding Configuration

MAC Binding Table

Ip Acl

IP Rules

IP Extended Rules

Ipv6 ACL

Ipv6 Rules

IP Binding Configuration

IP Binding Table

Chapter 7 Monitoring the System

Chapter 8 Maintenance

Chapter 9 Help

Appendix A Hardware Specifications and Default Values

Appendix B Configuration Examples

Appendix C Notification of Compliance

Index

Quick Links

Need help?

Questions and answers

Related Manuals for NETGEAR GS748T

Summary of Contents for NETGEAR GS748T