3Com Unified Gigabit Wireless PoE Switch 24 User Guide 3CRUS2475

Size: px
Start display at page:

Download "3Com Unified Gigabit Wireless PoE Switch 24 User Guide 3CRUS2475"

Transcription

1 3Com Unified Gigabit Wireless PoE Switch 24 User Guide 3CRUS Part No Rev. AA Published October 2006

2 3Com Corporation 350 Campus Drive Marlborough, MA Copyright 2006, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation. 3Com Corporation reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of 3Com Corporation to provide notification of such revision or change. 3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose. 3Com may make improvements or changes in the product(s) and/or the program(s) described in this documentation at any time. If there is any software on removable media described in this documentation, it is furnished under a license agreement included with the product as a separate document, in the hard copy documentation, or on the removable media in a directory file named LICENSE.TXT or!license.txt. If you are unable to locate a copy, please contact 3Com and a copy will be provided to you. UNITED STATES GOVERNMENT LEGEND If you are a United States government agency, then this documentation and the software described herein are provided to you subject to the following: All technical data and computer software are commercial in nature and developed solely at private expense. Software is delivered as Commercial Computer Software as defined in DFARS (June 1995) or as a commercial item as defined in FAR 2.101(a) and as such is provided with only such rights as are provided in 3Com s standard commercial license for the Software. Technical data is provided with limited rights only as provided in DFAR (Nov 1995) or FAR (June 1987), whichever is applicable. You agree not to remove or deface any portion of any legend provided on any licensed program or documentation contained in, or delivered to you in conjunction with, this User Guide. Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may not be registered in other countries. 3Com and the 3Com logo are registered trademarks of 3Com Corporation. ntel and Pentium are registered trademarks of Intel Corporation. Microsoft, MS-DOS, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Novell and NetWare are registered trademarks of Novell, Inc. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd. IEEE and 802 are registered trademarks of the Institute of Electrical and Electronics Engineers, Inc. All other company and product names may be trademarks of the respective companies with which they are associated. ENVIRONMENTAL STATEMENT It is the policy of 3Com Corporation to be environmentally friendly in all operations. To uphold our policy, we are committed to: Establishing environmental performance standards that comply with national legislation and regulations. Conserving energy, materials and natural resources in all operations. Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized environmental standards. Maximizing the recyclable and reusable content of all products. Ensuring that all products can be recycled, reused and disposed of safely. Ensuring that all products are labelled according to recognized environmental standards. Improving our environmental record on a continual basis. End of Life Statement 3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components. Regulated Materials Statement 3Com products do not contain any hazardous or ozone-depleting material. Environmental Statement about the Documentation The documentation for this product is printed on paper that comes from sustainable, managed forests; it is fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally friendly, and the inks are vegetable-based with a low heavy-metal content.

3 ABOUT THIS GUIDE This guide provides information about the Web user interface for the 3Com Unified Gigabit Wireless PoE Switch 24. The Embedded Web System (EWS) is a network management system. The Embedded Web Interface configures, monitors, and troubleshoots network devices from a remote web browser. The Embedded Web Interface web pages are easy-to-use and easy-to-navigate. In addition, The Embedded Web Interface provides real time graphs and RMON statistics to help system administrators monitor network performance. This preface provides an overview to the Embedded Interface User Guide, and includes the following sections: User Guide Overview Intended Audience

4 2 CHAPTER : ABOUT THIS GUIDE User Guide Overview This section provides an overview to the Embedded Web System User Guide. The Embedded Web System User Guide provides the following sections: Configuring the Wizard Provides information for configuring the Setup wizard which enables system administrator configure basic device settings at the Setup stage or to return and reconfigure the device settings at any stage. Getting Started Provides information for using the Embedded Web Management System, including adding, editing, and deleting device configuration information. Viewing Basic Settings provides information for viewing and configuring essential information required for setting up and maintaining device settings. Section 4, Configuring Device Security Provides information for configuring both system and network security, including traffic control, ACLs, and device access methods. Managing System Information Provides information for configuring general system information including the user-defined system name, the user-defined system location, and the system contact person. Configuring Wired Ports Provides information for configuring Port Settings. Aggregating Ports Provides information for configuring Link Aggregation which optimizes port usage by linking a group of ports together to form a single LAG. Configuring VLANs Provides information for configuring VLANs. VLANs are logical subgroups with a Local Area Network (LAN) which combine user stations and network devices into a single unit, regardless of the physical LAN segment to which they are attached. Defining WLAN Provides information for configuring WLANs. A Wireless Local Area Network (WLAN) is a technology that provides network services using radio waves. Configuring IP Information Provides information for configuring IP addresses, DHCP and ARP. Configuring Mulitcast Forwarding Provides information for configuring Multicast forwarding.

5 User Guide Overview 3 Configuring Spanning Tree Provides information for configuring Classic, Rapid, and multiple Spanning Tree. Configuring Quality of Service Provides information for Basic and Advanced Quality of Service, including DSCP and CoS mapping, policies, and configuring Trust mode. Managing System Logs Provides information for viewing system logs, and configuring device log servers. Managing System Files Provides information for defining File maintenance and includes both configuration file management as well as device access. Viewing Statistics Provides information for viewing RMON and interface statistics. WLAN Country Settings Provides the individual WLAN country settings.

6 4 CHAPTER : ABOUT THIS GUIDE Intended Audience This guide is intended for network administrators familiar with IT concepts and terminology. If release notes are shipped with your product and the information there differs from the information in this guide, follow the instructions in the release notes. Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format (PDF) or HTML on the 3Com World Wide Web site: Conventions Table 1 lists conventions that are used throughout this guide. Table 1 Notice Icons Icon Notice Type Description Information note Caution Warning Information that describes important features or instructions. Information that alerts you to potential loss of data or potential damage to an application, system, or device. Information that alerts you to potential personal injury. Related Documentation In addition to this guide, other documentation available for the 3Com Unified Switch 24 include the following: Quick Start Guide: Provides installation and set-up information. Command Reference Guide: Provides complete details for using the command line interface (CLI).

7 CONTENTS ABOUT THIS GUIDE User Guide Overview 2 Intended Audience 4 Conventions 4 Related Documentation 4 1 CONFIGURING THE WIZARD Step 1 Viewing Factory Defaults 13 Step 2 Configuring System Settings 16 Step 3 Configuring IP Settings 17 Step 4 Defining Wireless Settings 18 Step 5 Saving Configured Settings 19 2 GETTING STARTED Starting the 3Com Embedded Web Interface 20 Understanding the 3Com Embedded Web Interface 22 Using Screen and Table Options 25 Saving the Configuration 30 Resetting the Device 30 Restoring Factory Defaults 31 Logging Off the Device 32 3 VIEWING BASIC SETTINGS Device Summary Section 33 Viewing Device Settings 34 Viewing Wired Settings 35 Viewing Wireless Settings 37

8 6 CONTENTS 3 MANAGING DEVICE SECURITY Configuring Management Security 39 Defining Management Access 39 Configuring Password Management 44 Defining RADIUS Authentication 48 Defining TACACS+ Authentication 50 Configuring Network Security 53 Modifying Port Authentication 56 Advanced Port-based Authentication 58 Viewing Authenticated Hosts 59 Defining Multiple Hosts 59 Defining Multiple Hosts 61 Modifying Multiple Hosts 62 Managing Port Security 64 Enabling Storm Control 68 Configuring EAP Statistics 71 Defining ACLs 73 Configuring ACLs 76 Defining MAC-based ACL Rules 78 Removing MAC-based ACLs 80 Defining IP-based ACLs 82 Defining IP-based ACLs 84 Defining IP-based ACLs 87 Removing IP-based ACLs 90 Binding ACLs 92 4 MANAGING SYSTEM INFORMATION Viewing System Description 95 Defining System Settings 97 Configuring Country Codes 98 Configuring System Name 107 Configuring System Time 108 Saving the Device Configuration 113 Resetting the Device 114

9 CONTENTS 7 5 CONFIGURING WIRED PORTS Viewing Port Settings 116 Defining Port Settings 119 Configuring Address Tables 122 Viewing Static Addresses 122 Defining Static Addresses 123 Removing Static Addresses 125 Viewing Dynamic Addresses AGGREGATING PORTS Configuring LACP 130 Defining Link Aggregation 132 Configuring Link Aggregation 132 Defining LAG Membership CONFIGURING VLANS Defining VLAN Properties 140 Defining VLAN Membership 144 Defining VLAN Interface Settings 147 Defining GVRP 151 Defining Voice VLAN DEFINING WLAN Defining Wireless Access Points 157 Defining Wireless Security 162 Configuring Wireless Access Point Security 162 Defining Wireless Rogue Handling 164 Mitigating Rogue Handling 168 Defining Wireless Radio Settings 169 Configuring Radio a Settings 174 Defining Radio a Settings 176 Managing VAPs 177 Viewing WLAN Profiles 179 Defining WLAN Profiles 181

10 8 CONTENTS Modifying WLAN Profiles 182 Removing WLAN Profiles 185 Viewing WLAN Stations 186 Removing WLAN Stations 187 Defining WLAN Power Settings CONFIGURING IP INFORMATION Defining IP Addressing 191 Configuring ARP 193 Defining ARP Interface Settings 195 Configuring Address Tables 198 Defining Static Addresses 200 Viewing Dynamic Addresses CONFIGURING MULITCAST FORWARDING Defining IGMP Snooping 205 Enabling IGMP Snooping 207 Defining Multicast Groups 209 Defining Router Groups CONFIGURING SPANNING TREE Defining Classic Spanning Tree for Ports 219 Configuring Classic Spanning Tree 222 Modifying Spanning Tree Settings 225 Defining Rapid Spanning Tree 227 Modifying Rapid Spanning Tree Settings 229 Defining Multiple Spanning Tree 232 Defining Multiple STP Instance Settings 234 Defining MSTP Port Settings CONFIGURING QUALITY OF SERVICE Quality of Service Overview 243 Defining QoS Basic Mode 243 Configuring Trust Settings 244

11 CONTENTS 9 Configure DSCP Rewrite 245 Defining QoS General Mode 247 Defining CoS Services 247 Defining Queues 250 Defining Bandwidth Settings 251 DSCP to Queue 254 Configuring DSCP Queue Mappings 255 Configuring QoS Mapping 256 Defining CoS to Queue MANAGING SYSTEM LOGS Viewing Logs 260 Configuring Logging MANAGING SYSTEM FILES Backing Up and Restoring System Files 265 Downloading the Software Image 267 Activating Image Files VIEWING STATISTICS Viewing RMON Statistics 271 Configuring RMON History 274 Modifying RMON History Entries 277 Removing RMON History Entries 279 Viewing RMON History Summeries 281 Configuring RMON Events 283 Configuring RMON Event Control 285 Configuring RMON Events Control 287 Removing RMON Events 289 Viewing RMON Events 291 Defining RMON Alarms 292 Defining RMON Alarm Setups 294 Removing RMON Alarms 298

12 10 CONTENTS A WLAN COUNTRY SETTINGS B DEVICE SPECIFICATIONS AND FEATURES Related Standards 308 Environmental 308 Physical 309 Electrical 309 Unified Switch 24 Features 310 C TROUBLESHOOTING Problem Management 316 Troubleshooting Solutions 316 GLOSSARY INDEX

13 1 CONFIGURING THE WIZARD This section contains information for configuring the Setup wizard. The 3Com Web-based Interface presents a Setup wizard as part of the Device Summary Section. The Setup wizard enables system administrator configure basic device settings at the Setup stage or to return and reconfigure the device settings at any stage. Each step in the wizard displays a set of parameters that can be manually configured by the system administrator. The wizard includes the following steps: Step 1 Viewing Factory Defaults Step 2 Configuring System Settings Step 3 Configuring IP Settings Step 4 Defining Wireless Settings Step 5 Saving Configured Settings Step 1 Viewing Factory Defaults The Welcome to the Setup Wizard Page is the first step in the wizard and it displays a summary of factory default settings. The table displays three sets of settings: System parameters, IP configuration and Wireless configuration. Each section is displayed as a step within the wizard.

14 14 SECTION 1: CONFIGURING THE WIZARD To start the Setup Wizard: 1 Click Device Summary > Wizard. The Welcome to the Setup Wizard Page opens: Figure 1 Welcome to the Setup Wizard Page Step 1 - The Setup Wizard Page contains the following sections: System Parameters Displays parameters for configuring general device information. The System Parameters are manually configured in Appendix 1. System Name Defines the user-defined device name. The field range is characters. System Location Defines the location where the system is currently running. The field range is characters. System Contact Defines the name of the contact person. The field range is characters. IP Configuration Displays parameters for assigning IP addresses. Packets are forwarded to the default IP when frames are sent to a remote network. The IP Configuration parameters are manually configured in Step 3. The section includes the following fields: Method Indicates if the IP address has been configured statically or added dynamically. The possible field values are: Manual Indicates the IP Interface is configured by the user.

15 Step 1 Viewing Factory Defaults 15 DHCP Indicates the IP Interface is dynamically created. IP Address Displays the currently configured IP address. Subnet Mask Displays the currently configured IP address mask. Default Gateway Displays the currently configured default gateway. Wireless Configuration Provides information for configuring Extended Service Sets (ESS). The Wireless Configuration parameters can be manually configured in Step 4. The section includes the following fields: SSID Name Displays the Service Set Identifier SSID for the ESS. SSIDs act as a password when a mobile device attempts to connect to the BSS. SSIDs differentiate between WLANs, therefore all access points and devices which comprise the specific WLAN must have the same SSID. Devices not providing a unique SSID are denied network access. Each SSID must be unique, and can contain up-to 32 characters. Security Type Indicates the method used to secure WLAN access. The possible field values are: Open Enables open system authentication without encryption. WEP Indicates that Wired Equivalent Privacy (WEP) is the selected WLAN security method. WEP provides the same security level as a wired LAN. WEP encrypts data over radio waves during the packet transmission. WEP keys are 40 bit or 104 bit encryption keys. WPA-PSK Indicates that Wi-Fi Protected Access (WPA) is the selected WLAN security method. WPA is based on WEP, but provides enhanced encryption using Temporal Key Integrity Protocol (TKIP). In addition, WPA improves authentication using EAP. EAP ensures that only authorized network users access the network though secure encryption systems. WPA2-PSK Indicates that WPA2-PSK is the selected WLAN security method. WPA2-PSK improves system security by encrypting signals at a higher bit rates. VLAN ID Displays the VLAN ID. The field range is Click. Start configuring the Wizard. The System Setup Page opens:

16 16 SECTION 1: CONFIGURING THE WIZARD Step 2 Configuring System Settings The System Setup Page displays basic parameters for configuring general device information. Figure 2 System Setup Page The System Setup Page contains the following fields: Master Radio Enable Enables the Master Radio. Country Code Displays a list of country codes. System Name Defines the user-defined device name. The field range is characters. System Location Defines the location where the system is currently running. The field range is characters. System Contact Defines the name of the contact person. The field range is characters. 3 Define the fields. 4 Click to move to the next stage. The IP Configuration Page opens:

17 Step 3 Configuring IP Settings 17 Step 3 Configuring IP Settings Figure 3 IP Configuration Page The IP Configuration Page contains the following fields: Configuration Method Indicates if the IP address has been configured statically or added dynamically. The possible field values are: Manual Indicates that the IP Interface is configured by the user. DHCP Indicates that the IP Interface is dynamically created. IP Address Displays the currently configured IP address. Subnet Mask Displays the currently configured IP address mask. Default Gateway Displays the currently configured default gateway. 5 Define the fields. 6 Click to move to the next stage. The Wireless Configuration Page opens: Note: The Wireless Configuration Page appears only if the Master Radio Enable checkbox was selected on the System Setup Page.

18 18 SECTION 1: CONFIGURING THE WIZARD Step 4 Defining Wireless Settings Figure 4 Wireless Configuration Page The Wireless Configuration Page contains the following fields: SSID Name Displays the Service Set Identifier SSID for the ESS. SSIDs act as a password when a mobile device attempts to connect to the BSS. SSIDs differentiate between WLANs, therefore all access points and devices which comprise the specific WLAN must have the same SSID. Devices not providing a unique SSID are denied network access. Each SSID must be unique, and can contain up-to 32 characters. Security Type Indicates the method used to secure WLAN access. The possible field values are: Open Enables open system authentication without encryption. WEP Indicates that Wired Equivalent Privacy (WEP) is the selected WLAN security method. WEP provides the same security level as a wired LAN. WEP encrypts data over radio waves during the packet transmission. WEP keys are 40 bit or 104 bit encryption keys. WPA-PSK Indicates that Wi-If Protected Access (WPA) is the selected WLAN security method. WPA is based on WEP, but provides enhanced encryption using Temporal Key Integrity

19 Step 5 Saving Configured Settings 19 Protocol (TKIP). In addition, WPA improves authentication using EAP. EAP ensures that only authorized network users access the network though secure encryption systems. WPA2-PSK Indicates that WPA2-PSK is the selected WLAN security method. WPA2-PSK improves system security by encrypting signals at a higher bit rates. Passphrase/Key Indicates the encryption key type. VLAN ID Specifies the VLAN ID. 7 Define the fields. 8 Click to move to the final stage. Step 5 Saving Configured Settings The Manual Configuration Wizard - Completed Page opens: Figure 5 Manual Configuration Wizard - Completed Page The Manual Configuration Wizard - Completed Page displays the manually configured settings. The system administrator can choose to go back and edit the parameters or, 9 Click. The manually configured settings are saved, and the device is updated.

20 2 GETTING STARTED This section provides an introduction to the user interface, and includes the following topics: Starting the 3Com Embedded Web Interface Understanding the 3Com Embedded Web Interface Saving the Configuration Resetting the Device Restoring Factory Defaults Logging Off the Device Starting the 3Com Embedded Web Interface Disable the popup blocker before beginning device configuration using the EWS. This section contains information on starting the 3Com Embedded Web interface. To access the 3Com user interface: 1 Open an Internet browser. 2 Ensure that pop-up blockers are disabled. If pop-up blockers are enable, edit, add, and device information messages may not open. 3 Enter the device IP address in the address bar and press Enter. The Enter Network Password Page opens:

21 Starting the 3Com Embedded Web Interface 21 Figure 6 Enter Network Password Page 4 Enter your user name and password. The device is configured with a user name that is admin and a password that is blank, and can be configured without entering a password. Passwords are case sensitive. To operate the device, disable all pop-ups with a popup blocker. 5 Click. The 3Com Embedded Web Interface Home Page opens:

22 22 CHAPTER 2: GETTING STARTED Figure 7 3Com Embedded Web Interface Home Page Understanding the 3Com Embedded Web Interface The 3Com Embedded Web Interface Home Page contains the following views: Tab View Tab Area provides the device summary configuration located at the top of the home page, the tab view contains a Setup Wizard and the Summary, Wired and Wireless configuration views. Tree View Tree View provides easy navigation through the configurable device features. The main branches expand to display the sub-features. Port LED Indicators Located under the Wired Tab at the top of the home page, the port LED indicators provide a visual representation of the ports on the front panel.

23 Understanding the 3Com Embedded Web Interface 23 Figure 8 Embedded Web Interface Components The following table lists the user interface components with their corresponding numbers: Table 1: Interface Components View Description 1 Tree View Tree View provides easy navigation through the configurable device features. The main branches expand to display the sub-features. 2 Tab View The Tab Area enables navigation through the different device features. Click the tabs to view all the components under a specific feature. 3 3Com Web Interface Information Tabs Provide access to online help, and contain information about the EWS. This section provides the following additional information: Device Representation Provides an explanation of the user interface buttons, including both management buttons and task icons. Using the 3Com Embedded Web Interface Management Buttons Provides instructions for adding, modifying, and deleting configuration parameters. Device Representation The 3Com Embedded Web Interface Home Page contains a graphical panel representation of the device that appears within the Wired Tab.

24 24 CHAPTER 2: GETTING STARTED To access the Device Representation: 1 Click Device Summary > Wired. Figure 9 Device Representation 2 By selecting a specific port with your mouse, you can either choose to configure the port settings or view the port statistics. For detailed information on configuring ports, please refer to Section 6 Configuring Wired Ports. Using the 3Com Embedded Web Interface Management Buttons Configuration Management buttons and icons provide an easy method of configuring device information, and include the following: Table 2: 3Com Web Interface Configuration Buttons Button Button Name Description Clear Logs Activate Apply Delete Clears system logs. Activates creation of configuration entries. Saves configuration changes to the device. Deletes configuration settings. Table 3: 3Com Web Interface Information Tabs Tab Tab Name Description Help Opens the online help. Logout Opens the Logout page.

25 Using Screen and Table Options 25 Using Screen and Table Options 3Com contains screens and tables for configuring devices. This section contains the following topics: Viewing Configuration Information Adding Configuration Information Modifying Configuration Information Removing Configuration Information

26 26 CHAPTER 2: GETTING STARTED Viewing Configuration Information To view configuration information: 1 Click Wired Ports > Port Settings > Summary. The Port Settings Summary Page opens: Figure 10 Port Settings Summary Page Adding Configuration Information User-defined information can be added to specific 3Com Web Interface pages, by opening a Setup page. To configure Password Management: 1 Click Administration > Authentication > Password Management > Setup. The Password Management Setup Page opens:

27 Using Screen and Table Options 27 Figure 11 Password Management Setup Page 2 Define the fields. 3 Click. The configuration information is saved, and the device is updated.

28 28 CHAPTER 2: GETTING STARTED Modifying Configuration Information 1 Click Wired Ports > LACP > Modify. A modification page, such as the LACP Modify Page opens: Figure 12 LACP Modify Page 2 Modify the fields. 3 Click. The fields are modified, and the information is saved to the device.

29 Using Screen and Table Options 29 Removing Configuration Information 1 Click Administration > Management Access > Remove. The Management Access [Remove] Page opens: Figure 13 Management Access [Remove] Page 2 Select the management method to be deleted. 3 Click. The Management Method is deleted, and the device is updated.

30 30 CHAPTER 2: GETTING STARTED Saving the Configuration The Save Configuration tab allows the latest configuration to be saved to the flash memory. To save the device configuration: 1 Click Save Configuration. The Save Configuration Page opens: Figure 14 Save Configuration Page A message appears: The operation will save your configuration. Do you wish to continue? 2 Click. A Configuration is saved to flash memory successful message appears. 3 Click. The configuration is saved. Resetting the Device The Reset page enables resetting the device from a remote location. To prevent the current configuration from being lost, save all changes from the running configuration file to the startup configuration file before resetting the device.

31 Restoring Factory Defaults 31 To reset the device: 1 Click Administration > Reset. The Reset page opens: Figure 15 Reset Page 2 Click. A confirmation message is displayed. 3 Click. The device is reset, and a prompt for a user name and password is displayed. 4 Enter a user name and password to reconnect to the web interface. Restoring Factory Defaults The Restore option appears on the Reset page. The Restore option restores device factory defaults.

32 32 CHAPTER 2: GETTING STARTED To Restore the device: 1 Click Administration > Reset. The Reset Page opens: Figure 16 Reset Page 2 Click. The system is restored to factory defaults. Logging Off the Device To log off the device: 1 Click. The Logout Page opens. 2 The following message appears: 3 Click. The 3Com Embedded Web Interface Home Page closes.

33 3 VIEWING BASIC SETTINGS This section contains information for viewing basic settings. The 3Com Embedded Web Interface Home Page presents a device summary section that provides the system administrator with the option to view and configure essential information required for setting up and maintaining device settings. The various views display the settings configured in the Wizard and other basic maintenance views. For further information regarding the Wizard refer to Section 3, Configuring the Wizard. Device Summary Section The Device Summary Section contains the following views: Viewing Device Settings Viewing Wired Settings Viewing Wireless Settings

34 34 CHAPTER 3: VIEWING BASIC SETTINGS Viewing Device Settings The Device Summary Page displays parameters for configuring general device information, including the system name, location, and contact, the system MAC Address, System Object ID, System Up Time, and MAC addresses, and both software, boot, and hardware versions. To view the Device Summary Page: 1 Click Device Summary. The Device Summary Page opens: Figure 17 Device Summary Page The Device Summary Page contains the following fields: Product Description Displays the device model number and name System Name Defines the user-defined device name. The field range is characters. System Location Defines the location where the system is currently running. The field range is characters. System Contact Defines the name of the contact person. The field range is characters. Serial Number Displays the device serial number. Product 3C Number Displays the 3Com device serial number.

35 Viewing Wired Settings 35 System Object ID Displays the vendor s authoritative identification of the network management subsystem contained in the entity. MAC Address Displays the device MAC address. System Up Time Displays the amount of time since the most recent device reset. The system time is displayed in the following format: Days, Hours, Minutes, and Seconds. For example, 41 days, 2 hours, 22 minutes and 15 seconds. Software Version Displays the installed software version number. Boot Version Displays the current boot version running on the device. Hardware Version Displays the current hardware version of the device. Viewing Wired Settings The Device Summary Wired Page displays port LED Indicators that include port status and basic port settings. The port status is presented with a color scheme that is described in the following table. The system administrator can view the port settings by scrolling over the relevant port with the mouse.

36 36 CHAPTER 3: VIEWING BASIC SETTINGS To view Wired Settings: 1 Click Device Summary > Wired. The Device Summary Wired Page opens: Figure 18 Device Summary Wired Page The Device Summary Wired Page contains the following fields: Poll Now Enables polling the ports for port information including speed, utilization and port status. RJ45 Displays the port status of the RJ45 (Registered Jack 45) connections which are the physical interface used for terminating twisted pair type cable. SFP Displays the port status of the Small Form Factor (SFP) optical transmitter modules that combine transmitter and receiver functions. The table includes the color and the port status: White Unconnected. No link detected. Yellow Lower speed on 10/100/1000M capable port. Green Maximum speed 10/100/1000M RJ45 or RJ45 SFP. Link detected. Light Blue SX/LX SFP. Link detected.

37 Viewing Wireless Settings 37 Light Gray Port has been set to inactive by User or Protocol. Dark Blue Port has been selected by user. Red Port or Transceiver has failed POST or Transceivers not recognized. Viewing Wireless Settings The Wireless Page displays information regarding the currently configured access points including IP Address, MAC address, the type and radio configuration and the current access point status. Ensure that the Wireless Controller Software (WCS) has been activated. To view Wireless Access Point Settings: 1 Click Device Summary > Wireless. The Wireless Page opens: Figure 19 Wireless Page The Wireless Page contains the following fields: Display Displays access points according to categories. The possible field values are: Discovered APs Displays the discovered access points. Activated APs Displays the activated access points. All Displays the access points on the network. Name Displays the user-defined access point name. IP Address Displays the IP Address assigned to the access point.

38 38 CHAPTER 3: VIEWING BASIC SETTINGS MAC Address Displays the MAC Address assigned to the access point. Type Displays the antenna type. Radios Displays the radio type attached to the access point. The possible field values are: A Indicates the radio type is a and provides specifications for wireless ATM systems. G Indicates the radio type is g that offers transmission over relatively short distances at up to 54 mbps. b/g Indicates the radio type is b/g. n Indicates the radio type that is based on MIMO (Multiple input, multiple output) technology, which uses multiple antennas at both the source (transmitter) and the destination (receiver) to minimize errors and optimize data speed. Channel Displays the access point channel used. State Displays the selected access point transceiver s status. The possible field values are: Disabled Indicates the Access Point is currently disabled. Enabled Indicates the Access point is currently enabled. Activation Indicates the access point state. The possible field values are: Activated Indicates access point is currently active. Discovered Indicates access point was discovered, but was not activated by the user. 2 Select an option from the Display drop-down list.

39 3 MANAGING DEVICE SECURITY This section provides access to security pages that contain fields for setting security parameters for ports, device management methods, users, and server security. This section contains the following topics: Configuring Management Security Configuring Network Security Configuring Management Security The Management Security section provides links that enable you to configure device management security, password management, defining RADIUS and TACACS+ authentication. This section includes the following topics: Defining Management Access Configuring Password Management Port-based Authentication Defining TACACS+ Authentication Defining Management Access Management Access are rules for accessing the device. Access to management functions can be limited on the source IP Address level. Administrative Interfaces contain management methods for accessing and managing the device. The device administrative interfaces include: Telnet SNMP HTTP Secure HTTP (HTTPS) Secure Telnet (SSH)

40 40 CHAPTER 3: MANAGING DEVICE SECURITY Management access to different management methods may differ between source IP Addresses. The Management Access Summary Page contains currently configured administrative interfaces and their activity status. Assigning an access profile to an interface denies access via other interfaces. If an access profile is assigned to any interface, the device can be accessed by all interfaces. To view Management Access: 1 Click Administration > Management Access > Summary. The Management Access Summary Page opens: Figure 20 Management Access Summary Page The Management Access Summary Page contains the following fields: Administrative Interfaces Defines the management access methods. Source IP Address Defines the interface source IP address to which the Management Access applies. The Source IP Address field is valid for a subnetwork. Prefix Length Defines the number of bits that comprise the source IP address prefix, or the network mask of the source IP address.

41 Defining Management Access 41 To configure Management Access: 1 Click Administration > Management Access > Setup. The Management Access Setup Page opens: Figure 21 Management Access Setup Page The Management Access Setup Page contains the following fields: Administrative Interfaces Defines the management access methods. The possible field values are: Telnet Assigns Telnet access to the rule. If selected, users accessing the device using Telnet meeting access profile criteria are permitted or denied access to the device. SNMP Assigns SNMP access to the rule. If selected, users accessing the device using SNMP meeting access profile criteria are permitted or denied access to the device. HTTP Assigns HTTP access to the rule. If selected, users accessing the device using HTTP meeting access profile criteria are permitted or denied access to the device. Secure HTTP (SSL) Assigns SSL access to the rule. If selected, users accessing the device using SSL meeting access profile criteria are permitted or denied access to the device. Secure Telnet (SSH) Assigns SSH access to the rule. If selected, users accessing the device using Telnet meeting access profile criteria are permitted or denied access to the device.

42 42 CHAPTER 3: MANAGING DEVICE SECURITY Source IP Address Defines the interface source IP address to which the Management Access applies. The Source IP Address field is valid for a subnetwork. Network Mask Determines what subnet the source IP Address belongs to in the network. Prefix Length Defines the number of bits that comprise the source IP address prefix, or the network mask of the source IP address. Authentication Method Binding Assigns authentication methods for accessing the system. User authentication can be performed either locally or on an external server. User authentication occurs in the order the methods are selected. If the first authentication method is not available, the next selected method is used. The possible field values are: Optional Methods The user authentication methods. The possible options are: Local Authenticates the user at the device level. The device checks the user name and password for authentication. RADIUS Authenticates the user at the RADIUS server. TACACS+ Authenticates the user at the TACACS+ Selected Methods The selected authentication method. The possible options is: None Assigns no authentication method to the authentication profile. 2 Define the fields. 3 Click. Management Access is defined, and the device is updated.

43 Defining Management Access 43 To remove Management Access Methods: 1 Click Administration > Management Access > Remove. The Management Access Remove Page opens: Figure 22 Management Access Remove Page The Management Access Remove Page contains the following fields: Remove Removes the selected access profile. The possible field values are: Checked Removes the selected access profile. Access Profiles cannot be removed when Active. Unchecked Maintains the access profiles. Management Method Defines the management method for which the rule is defined. Source IP Address Defines the interface source IP address to which the Management Access applies. The Source IP Address field is valid for a subnetwork. Prefix Length Defines the number of bits that comprise the source IP address prefix, or the network mask of the source IP address. 2 Select a Source IP to be removed. 3 Click. The Source IP is removed, and the device is updated.

44 44 CHAPTER 3: MANAGING DEVICE SECURITY Configuring Password Management Network administrators can define users, passwords, and access levels for users using the Password Management Interface. To view Password Management: 1 Click Administration > Authentication > Password Management > Summary. The Password Management Summary Page opens: Figure 23 Password Management Summary Page The Password Management Summary Page contains the following fields: User Name Displays the user name. Access Level Displays the user access level. The lowest user access level is Monitoring and the highest is Configuration. Configuration Provides the user with read and write access rights. Monitoring Provides the user with read access rights.

45 Configuring Password Management 45 To define Password Management: 1 Click Administration > Authentication > Password Management > Setup. The Password Management Setup Page opens: Figure 24 Password Management Setup Page The Password Management Setup Page contains the following fields: User Name Displays the user name. Access Level Displays the user access level. The lowest user access level is Monitoring and the highest is Configuration. Configuration Provides users read and write access rights. Monitoring Provides users read access rights. Password Defines the local user password. Local user passwords can contain up to 159 characters. Confirm Password Verifies the password. 2 Define the fields. 3 Click. The Users are created, and the device is updated.

46 46 CHAPTER 3: MANAGING DEVICE SECURITY To modify Password Management: 1 Click Administration > Authentication > Password Management > Modify. The Password Management Modify Page opens: Figure 25 Password Management Modify Page The Password Management Modify Page contains the following fields: User Name Displays the user name. Access Level Displays the user access level. The lowest user access level is Monitoring and the highest is Configuration. Configuration Provides users read and write access rights. Monitoring Provides users read access rights. Password Defines the local user password. Local user passwords can contain up to 159 characters. Confirm Password Verifies the password. 2 Select a User Name to be modified. 3 Modify the fields. 4 Click. The User settings are modified, and the device is updated.

47 Configuring Password Management 47 To remove Password Management: 1 Click Administration > Authentication > Password Management > Remove. The Password Management Remove Page opens: Figure 26 Password Management Remove Page The Password Management Remove Page contains the following fields: Remove Removes the user from the User Name list. The possible field values are: Checked Removes the selected local user. Unchecked Maintains the local users. User Name Displays the user name. Access Level Displays the user access level. The lowest user access level is Monitoring and the highest is Configuration. Configuration Provides users read and write access rights. Monitoring Provides users read access rights. 2 Select a User to be deleted. 3 Click. The User is deleted, and the device is updated.

48 48 CHAPTER 3: MANAGING DEVICE SECURITY Defining RADIUS Authentication Remote Authorization Dial-In User Service (RADIUS) servers provide additional security for networks. RADIUS servers provide a centralized authentication method for web access. The default parameters are user-defined, and are applied to newly defined RADIUS servers. If new default parameters are not defined, the system default values are applied to newly defined RADIUS servers. To configure RADIUS Servers: 1 Click Administration > Authentication > RADIUS > Setup. The Radius Authentication Setup Page opens: Figure 27 Radius Authentication Setup Page The Radius Authentication Setup Page contains the following fields: Primary Server Defines the RADIUS Primary Server authentication fields. Backup Server Defines the RADIUS Backup Server authentication fields. Host IP Address Defines the RADIUS Server IP address. Authentication Port Identifies the authentication port. The authentication port is used to verify the RADIUS server authentication. The authenticated port default is 1812.

49 Defining RADIUS Authentication 49 Number of Retries Defines the number of transmitted requests sent to the RADIUS server before a failure occurs. Possible field values are The default value is 3. Timeout for Reply Defines the amount of time (in seconds) the device waits for an answer from the RADIUS server before retrying the query, or switching to the next server. Possible field values are The default value is 3. Dead Time Defines the default amount of time (in minutes) that a RADIUS server is bypassed for service requests. The range is The default value is 0. Key String Defines the default key string used for authenticating and encrypting all RADIUS-communications between the device and the RADIUS server. This key must match the RADIUS encryption. Usage Type Specifies the RADIUS server authentication type. The default value is All. The possible field values are: Log in Indicates the RADIUS server is used for authenticating user name and passwords X Indicates the RADIUS server is used for 802.1X authentication. All Indicates the RADIUS server is used for authenticating user names and passwords, and 802.1X port authentication. 2 Define the fields. 3 Click. The RADIUS Servers are enabled, and the system is updated.

50 50 CHAPTER 3: MANAGING DEVICE SECURITY Defining TACACS+ Authentication Terminal Access Controller Access Control System (TACACS+) provides centralized security user access validation. The system supports up-to 4 TACACS+ servers. TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services: Authentication Provides authentication during login and via user names and user-defined passwords. Authorization Performed at login. Once the authentication session is completed, an authorization session starts using the authenticated user name. The TACACS+ protocol ensures network integrity through encrypted protocol exchanges between the client and TACACS+ server. The TACACS+ default parameters are user-assigned defaults. The default settings are applied to newly defined TACACS+ servers. If default values are not defined, the system defaults are applied to the new TACACS+ new servers.

51 Defining TACACS+ Authentication 51 To define TACACS+ Authentication Settings: 1 Click Administration > Authentication > TACACS+. The TACACS+ Setup Page opens: Figure 28 TACACS+ Setup Page The TACACS+ Setup Page contains the following fields: Primary Server Defines the RADIUS Primary Server authentication fields. Backup Server Defines the RADIUS Backup Server authentication fields. Host IP Address Defines the TACACS+ Server IP address. Key String Defines the default authentication and encryption key for TACACS+ communication between the device and the TACACS+ server. Authentication Port ( ) Defines the port number via which the TACACS+ session occurs. The default port is port 49. Timeout for Reply Defines the default time that passes before the connection between the device and the TACACS+ times out. The default is 5. Single Connection Maintains a single open connection between the device and the TACACS+ server. The possible field values are:

52 52 CHAPTER 3: MANAGING DEVICE SECURITY Checked Enables a single connection. Unchecked Disables a single connection. 2 Define the fields. 3 Click. The TACACS+ Server is enabled, and the device is updated.

53 Configuring Network Security 53 Configuring Network Security The Network Security section provides links that enable you to configure Port-based authentication, port security, storm control and EAP statistics. This section includes the following: Port-based Authentication Advanced Port-based Authentication Managing Port Security Enabling Storm Control Configuring EAP Statistics Binding ACLs Port-based Authentication Port-based authentication authenticates users on a per-port basis via an external server. Only authenticated and approved system users can transmit and receive data. Ports are authenticated via the RADIUS server using the Extensible Authentication Protocol (EAP). Port-based authentication includes: Authenticators Specifies the device port which is authenticated before permitting system access. Supplicants Specifies the host connected to the authenticated port requesting to access the system services. Authentication Server Specifies the server that performs the authentication on behalf of the authenticator, and indicates whether the supplicant is authorized to access system services. Port-based authentication creates two access states: Controlled Access Permits communication between the supplicant and the system, if the supplicant is authorized. Uncontrolled Access Permits uncontrolled communication regardless of the port state.

54 54 CHAPTER 3: MANAGING DEVICE SECURITY Configuring Port Authentication Settings To configure 802.1x Global Settings: 1 Click Policy > Security > 802.1x Global Settings > Setup. The 802.1x Global Settings Setup Page opens: Figure x Global Settings Setup Page The 802.1x Global Settings Setup Page contains the following fields: Port-based Authentication State Indicates if Port Authentication is enabled on the device. The possible field values are: Enable Enables port-based authentication on the device. Disable Disables port-based authentication on the device. Authentication Method Specifies the authentication method used for port authentication. The possible field values are: RADIUS Provides port authentication using the RADIUS server. RADIUS, None Provides port authentication, first using the RADIUS server. If the port is not authenticated, then no authentication method is used, and the session is permitted. None Indicates that no authentication method is used to authenticate the port. Enable Guest VLAN Provides limited network access to authorized ports. If a port is denied network access via port-based authorization,

55 Configuring Network Security 55 but the Guest VLAN is enabled, the port receives limited network access. For example, a network administrator can use Guest VLANs to deny network access via port-based authentication, but grant Internet access to unauthorized users. Guest VLAN ID Specifies the guest VLAN ID. 2 Define the fields. 3 Click. The 802.1x Global Settings are enabled, and the device is updated. To view Port-based Authentication: 1 Click Policy > Security > Port Authentication > Summary. The Port Authentication Summary Page opens: Figure 30 Port Authentication Summary Page The Port Authentication Summary Page contains the following fields: Copy from Entry Number Copies port authentication information from the selected port. To Entry Number(s) Copies port authentication information to the selected port.

56 56 CHAPTER 3: MANAGING DEVICE SECURITY Port Displays a list of interfaces on which port-based authentication is enabled. User Name Displays the supplicant user name. Current Port Control Displays the current port authorization state. Guest VLAN Indicates if the Guest VLAN is enabled. Periodic Reauthentication Indicates if Period Reauthentication is enabled on the device. Reauthentication Period Displays the time span (in seconds) in which the selected port is reauthenticated. The field default is 3600 seconds. The field range is seconds. Termination Cause Displays the reason for which the port authentication was terminated. Authenticator State Displays the current authenticator state. Modifying Port Authentication The Port Authentication Modify Page allows network managers to configure port-based authentication parameters. To modify Port-based Authentication:

57 Modifying Port Authentication 57 Authenticator State Displays the current authenticator state. 1 Click Policy > Security > Port Authentication > Modify. The Port Authentication Modify Page opens: Figure 31 Port Authentication Modify Page The Port Authentication Modify Page contains the following fields: Port Displays a list of interfaces on which port-based authentication is enabled. Admin Port Control Displays the admin port authorization state. ForceUnauthorized Indicates that either the port control is force Unauthorized and the port link is down, or the port control is Auto but a client has not been authenticated via the port. ForceAuthorized Indicates that the port control is Forced Authorized, and clients have full port access. Auto Indicates that the port control is Auto and a single client has been authenticated via the port. Current Port Control Displays the current port authorization state. Enable Guest VLAN Specifies whether the Guest VLAN is enabled on the device. The possible field values are:

58 58 CHAPTER 3: MANAGING DEVICE SECURITY Enable Enables using a Guest VLAN for unauthorized ports. If a Guest VLAN is enabled, the unauthorized port automatically joins the VLAN selected in the VLAN List field. Disable Disables port-based authentication on the device. This is the default. Enable Periodic Reauthentication Permits immediate port reauthentication. Reauthentication Period Displays the time span (in seconds) in which the selected port is reauthenticated. The field default is 3600 seconds. The field range is seconds. Authenticator State Displays the current authenticator state. Quiet Period Displays the Quiet Period. The field range is Resending EAP Defines the amount of time (in seconds) that lapses before EAP requests are resent. The field default is 30 seconds. The field range is Max EAP Requests Displays the total amount of EAP requests sent. If a response is not received after the defined period, the authentication process is restarted. The field default is 2 retries. The field range is Supplicant Timeout Displays the Supplicant Timeout. The field range is Server Timeout Displays the Server Timeout. The field range is Termination Cause Indicates the reason for which the port authentication was terminated. 2 Click. Port Authentication is enabled, and the device is updated. Advanced Port-based Authentication Advanced port-based authentication enables multiple hosts to be attached to a single port. Advanced port-based authentication requires only one host to be authorized for all hosts to have system access. If the port is unauthorized, all attached hosts are denied access to the network. Advanced port-based authentication also enables user-based authentication. Specific VLANs in the device are always available, even if specific ports attached to the VLAN are unauthorized. For example, Voice over IP does not require authentication, while data traffic requires authentication. VLANs for which authorization is not required can be

59 Viewing Authenticated Hosts 59 defined. Unauthenticated VLANs are available to users, even if the ports attached to the VLAN are defined as authorized. Advanced port-based authentication is implemented in the following modes: Single Host Mode Allows port access only to the authorized host. Multiple Host Mode Multiple hosts can be attached to a single port. Only one host must be authorized for all hosts to access the network. If the host authentication fails, or an EAPOL-logoff message is received, all attached clients are denied access to the network. Unauthenticated VLANS Are available to users, even if the ports attached to the VLAN are defined as unauthorized. Viewing Authenticated Hosts The Authenticated Hosts Page displays user port access lists. The Authenticated Hosts Page contians the following fields: User Name Contains a list of the various RADIUS servers used as authenticators, as defined in the Add User Name. Port Indicates the port number for which the User Name List applies. User Name Lists can apply to more than one port. Session Time Indicates the amount of time the user was logged on to the device. The field format is Day:Hour:Minute:Seconds, for example, 3 days:2 hours: 4 minutes: 39 seconds. Authentication Method Indicates the method by which the last session was authenticated. The possible field values are: Remote Indicates that the user was authenticated from a remote server. None Indicates that the user was not authenticated. MAC Address Indicates the supplicant MAC address was used for authentication. MAC Address Displays the supplicant MAC address. Defining Multiple Hosts The Authenticated Host Summary Page contains a list of authenticated users.

60 60 CHAPTER 3: MANAGING DEVICE SECURITY To view Authenticated Hosts: 1 Click Policy > Security > Authenticated Host > Summary. The Authenticated Host Summary Page opens: Figure 32 Authenticated Host Summary Page The Authenticated Host Summary Page contains the following fields: Port Displays the port number. Multiple Hosts User Name Lists the supplicants that were authenticated, and are permitted on each port. Session Time Displays the amount of time (in seconds) the supplicant was logged on the port. Authentication Method Displays the method by which the last session was authenticated. The possible field values are: Remote 802.1x authentication is not used on this port (port is forced-authorized). None The supplicant was not authenticated. RADIUS The supplicant was authenticated by a RADIUS server. MAC Address Displays the supplicant MAC address.

61 Defining Multiple Hosts 61 Defining Multiple Hosts The Multiple Host Summary Page allows network managers to configure advanced port-based authentication settings for specific ports and VLANs. To view Multiple Hosts: 1 Click Policy > Security > Multiple Host > Summary. The Multiple Host Summary Page opens: Figure 33 Multiple Host Summary Page The Multiple Host Summary Page contains the following fields: Port Displays the port number for which advanced port-based authentication is enabled. Multiple Hosts Indicates whether multiple hosts are enabled. Multiple hosts must be enabled in order to either disable the ingress-filter, or to use port-lock security on the selected port. Action on Violation Defines the action to be applied to packets arriving in single-host mode, from a host whose MAC address is not the supplicant MAC address. The possible field values are: Forward Forwards the packet. Discard Discards the packets. This is the default value. Shutdown Discards the packets and shuts down the port. The port remains shut down until reactivated, or until the device is reset.

62 62 CHAPTER 3: MANAGING DEVICE SECURITY Traps Indicates if traps are enabled for multiple Hosts. The possible field values are: Checked Indicates that traps are enabled for multiple hosts. Unchecked Indicates that traps are disabled for Multiple hosts. Trap Frequency Defines the time period by which traps are sent to the host. The Trap Frequency field can be defined only if multiple hosts are disabled. The field range is 1-1,000,000. The default is 10 seconds. Status Indicates the host status. If there is an asterisk (*), the port is either not linked or is down. The possible field values are: Number of Violations Indicates the number of packets that arrived on the interface in single-host mode, from a host whose MAC address is not the supplicant MAC address. Modifying Multiple Hosts The Multiple Host Modify Page allows network managers to configure advanced port-based authentication settings for specific ports and VLANs.

63 Modifying Multiple Hosts 63 To modify Multiple Hosts: 1 Click Policy > Security > Multiple Host > Modify. The Multiple Host Modify Page opens: Figure 34 Multiple Host Modify Page The Multiple Host Modify Page contains the following fields: Port Displays the port number for which advanced port-based authentication is enabled. Enable Multiple Hosts Indicates whether multiple hosts are enabled. Multiple hosts must be enabled in order to either disable the ingress-filter, or to use port-lock security on the selected port. The possible field values are: Multiple Multiple hosts are enabled. Disable Multiple hosts are disabled. Action on Violation Defines the action to be applied to packets arriving in single-host mode, from a host whose MAC address is not the supplicant MAC address. The possible field values are: Forward Forwards the packet. Discard Discards the packets. This is the default value. Shutdown Discards the packets and shuts down the port. The port remains shut down until reactivated, or until the device is reset.

64 64 CHAPTER 3: MANAGING DEVICE SECURITY Enable Traps Indicates if traps are enabled for multiple Hosts. The possible field values are: Checked Indicates that traps are enabled for multiple hosts. Unchecked Indicates that traps are disabled for multiple hosts. Trap Frequency Defines the time period by which traps are sent to the host. The Trap Frequency ( ) field can be defined only if multiple hosts are disabled. The default is 10 seconds. 2 Define the fields. 3 Click. The Multiple Host Authentication fields are modified, and the device is updated. Managing Port Security Network security can be increased by limiting access on a specific port only to users with specific MAC addresses. The MAC addresses can be dynamically learned or statically configured. Locked port security monitors both received and learned packets that are received on specific ports. Access to the locked port is limited to users with specific MAC addresses. These addresses are either manually defined on the port, or learned on that port up to the point when it is locked. When a packet is received on a locked port, and the packet source MAC address is not tied to that port (either it was learned on a different port, or it is unknown to the system), the protection mechanism is invoked, and can provide various options. Unauthorized packets arriving at a locked port are either: Forwarded Discarded with no trap Discarded with a trap Shuts down the port. Locked port security also enables storing a list of MAC addresses in the configuration file. The MAC address list can be restored after the device has been reset.

65 Managing Port Security 65 To view Port Security: 1 Click Policy > Security > Port Security > Summary. The Port Security Summary Page opens: Figure 35 Port Security Summary Page The Port Security Summary Page contains the following fields: Interface Displays the port or LAG name. Port-based Indicates the port operational status. Possible field values are: Unlocked The port is currently active and is currently receiving and transmitting traffic. Locked The port is currently disabled, and is not currently receiving or transmitting traffic. Learning Mode Defines the locked port type. The Learning Mode field is enabled only if Locked is selected in the Set Port field.the possible field values are: Classic Lock Locks the port using the classic lock mechanism. The port is immediately locked, regardless of the number of addresses that have already been learned. Limited Dynamic Lock Locks the port by deleting the current dynamic MAC addresses associated with the port. The port learns

66 66 CHAPTER 3: MANAGING DEVICE SECURITY up to the maximum addresses allowed on the port. Both relearning and aging MAC addresses are enabled. Max Entries Specifies the number of MAC address that can be learned on the port. The Max Entries field is enabled only if Locked is selected in the Set Port field. In addition, the Limited Dynamic Lock mode is selected. The field range is The default is 1. Action Defines the action to be applied to packets arriving in single-host mode, from a host whose MAC address is not the supplicant MAC address. The possible field values are: Forward Forwards the packet. Discard Discards the packets. This is the default value. Shutdown Discards the packets and shuts down the port. The port remains shut down until reactivated, or until the device is reset. Trap Enables traps when a packet is received on a locked port. Trap Frequency (Sec) The amount of time (in seconds) between traps. The field range is 1-1,000,000. The default value is 10 seconds. 2 Modify the relevant fields. 3 Click. The Port Security settings are defined, and the device is updated.

67 Managing Port Security 67 To modify Port Security: 1 Click Policy > Security > Port Security > Modify. The Port Security Modify Page opens: Figure 36 Port Security Modify Page The Port Security Modify Page contains the following fields: Interface Displays the port or LAG name. Enable Lock Interface Enables locking the port. When a port is locked, all the current addresses that had been dynamically learned by the switch on that port, are transformed to static MAC addresses. When the port is unlocked, they are removed from the static list. Learning Mode Defines the locked port type. The Learning Mode field is enabled only if Locked is selected in the Set Port field.the possible field values are: Classic Lock Locks the port using the classic lock mechanism. The port is immediately locked, regardless of the number of addresses that have already been learned. Limited Dynamic Lock Locks the port by deleting the current dynamic MAC addresses associated with the port. The port learns up to the maximum addresses allowed on the port. Both relearning and aging MAC addresses are enabled.

68 68 CHAPTER 3: MANAGING DEVICE SECURITY Max Entries Specifies the number of MAC address that can be learned on the port. The Max Entries field is enabled only if Locked is selected in the Set Port field. In addition, the Limited Dynamic Lock mode is selected. The field range is The default is 1. Action on Violation Defines the action to be applied to packets arriving in single-host mode, from a host whose MAC address is not the supplicant MAC address. The possible field values are: Forward Forwards the packet. Discard Discards the packets. This is the default value. Shutdown Discards the packets and shuts down the port. The port remains shut down until reactivated, or until the device is reset. Trap Enables traps when a packet is received on a locked port. Trap Frequency (Sec) The amount of time (in seconds) between traps. The default value is 10 seconds. 2 Define the fields. 3 Click. The Port Security settings are modified, and the device is updated. Enabling Storm Control Storm control limits the amount of Multicast, Broadcast and Unknown Unicast frames accepted and forwarded by the device. When Layer 2 frames are forwarded, Broadcast, Multicast and Unknown Unicast frames are flooded to all ports on the relevant VLAN. This occupies bandwidth, and loads all nodes on all ports. A Broadcast Storm is a result of an excessive amount of broadcast messages simultaneously transmitted across a network by a single port. Forwarded message responses are heaped onto the network, straining network resources or causing the network to time out. Storm control is enabled for all Gigabit ports by defining the packet type and the rate the packets are transmitted. The system measures the incoming Broadcast and Multicast frame rates separately on each port, and discards the frames when the rate exceeds a user-defined rate.

69 Enabling Storm Control 69 To view Storm Control Traffic: 1 Click Policy > Storm Control > Summary. The Storm Control Summary Page opens: Figure 37 Storm Control Summary Page The Storm Control Summary Page contains the following fields: Copy from Entry Number Copies the storm control parameters from the selected port. To Entry Numbers Copies the storm control parameters to the selected ports. Port Indicates the port from which storm control is enabled. Enable Broadcast Control Indicates if forwarding Broadcast packet types is enabled on the interface. Enable Enables broadcast control on the selected port. Disable Disables broadcast control on the selected port. Broadcast Rate Threshold Indicates the maximum rate (kilobits per second) at which unknown packets are forwarded. The range is 3,500-1,000,000. The default value is 3,500. Broadcast Mode Specifies the Broadcast mode currently enabled on the device. The possible field values are:

70 70 CHAPTER 3: MANAGING DEVICE SECURITY Unknown Unicast, Multicast & Broadcast Counts Unicast, Multicast, and Broadcast traffic. Multicast & Broadcast Counts Broadcast and Multicast traffic together. Broadcast Only Counts only Broadcast traffic. The Storm Control Modify Page provides fields for configuring broadcast storm control. To modify Storm Control Settings: 1 Click Policy > Storm Control > Modify. The Storm Control Modify Page opens: Figure 38 Storm Control Modify Page The Storm Control Modify Page contains the following fields: Port Indicates the port from which storm control is enabled. Enable Broadcast Control Indicates if forwarding Broadcast packet types on the interface. The possible field values are: Enable Enables storm control on the selected port. Disable Disables storm control on the selected port.

71 Configuring EAP Statistics 71 Broadcast Mode Specifies the Broadcast mode currently enabled on the device. The possible field values are: Unknown Unicast, Multicast & Broadcast Counts Unicast, Multicast, and Broadcast traffic. Multicast & Broadcast Counts Broadcast and Multicast traffic together. Broadcast Only Counts only Broadcast traffic. Broadcast Rate Threshold Indicates the maximum rate (kilobits per second) at which unknown packets are forwarded. The range is 3,500-1,000,000. The default value is 3, Modify the fields. 3 Click. Storm control is enabled on the device. Configuring EAP Statistics The EAP Statistics Summary Page contains information about EAP packets received on a specific port. To view EAP Statistics: 1 Click Policy > Security > EAP Statistics. The EAP Statistics Summary Page opens: Figure 39 EAP Statistics Summary Page The EAP Statistics Summary Page contains the following fields:

72 72 CHAPTER 3: MANAGING DEVICE SECURITY Port Displays the port number for which advanced port-based authentication is enabled. Refresh Rate Defines the amount of time that passes before the statistics are refreshed. The possible field values are: 15 Sec Indicates that the statistics are refreshed every 15 seconds. 30 Sec Indicates that the statistics are refreshed every 30 seconds. 60 Sec Indicates that the statistics are refreshed every 60 seconds. No Refresh Indicates that the statistics are not refreshed. Frames Receive Indicates the number of valid EAPOL frames received on the port. Frames Transmit Indicates the number of EAPOL frames transmitted via the port. Start Frames Receive Indicates the number of EAPOL Start frames received on the port. Log off Frames Receive Indicates the number of EAPOL Logoff frames that have been received on the port. Respond ID Frames Receive Indicates the number of EAP Resp/Id frames that have been received on the port. Respond Frames Receive Indicates the number of valid EAP Response frames received on the port. Request ID Frames Transmit Indicates the number of EAP Req/Id frames transmitted via the port. Request Frames Transmit Indicates the number of EAP Request frames transmitted via the port. Invalid Frames Receive Indicates the number of unrecognized EAPOL frames that have been received by on this port. Length Error Frames Receive Indicates the number of EAPOL frames with an invalid Packet Body Length received on this port. Last Frame Version Indicates the protocol version number attached to the most recently received EAPOL frame. Last Frame Source Indicates the source MAC address attached to the most recently received EAPOL frame.

73 Defining ACLs 73 2 Define the fields. 3 Click. The Port Statistics are displayed, and the device is updated. Defining ACLs Access Control Lists (ACL) allow network managers to define classification actions and rules for specific ingress ports. Packets entering an ingress port, with an active ACL, are either admitted or denied entry and the ingress port is disabled. If they are denied entry, the user can disable the port. For example, an ACL rule is defined that states, port number 20 can receive TCP packets, however, if a UDP packet is received, the packet is dropped. ACLs are composed of access control entries (ACEs) that are made of the filters that determine traffic classifications. The following fiters can be defined as ACEs: Source Port IP Address and Wildcard Mask Filters the packets by the Source port IP address and wildcard mask. Destination Port IP Address and Wildcard Mask Filters the packets by the Source port IP address and wildcard mask. ACE Priority Filters the packets by the ACE priority. Protocol Filters the packets by the IP protocol. DSCP Filters the packets by the DiffServ Code Point (DSCP) value. IP Precendence Filters the packets by the IP Precedence. Action Indicates the action assigned to the packet matching the ACL. Packets are forwarded or dropped. In addition, the port can be shut down, a trap can be sent to the network administrator, or packet is assigned rate limiting restrictions for forwarding.

74 74 CHAPTER 3: MANAGING DEVICE SECURITY Viewing MAC-based ACLs To view MAC-based ACLs: 1 Click Policy > ACL > MAC Based ACL > ACL Summary. The MAC-based ACL Summary Page opens: Figure 40 MAC-based ACL Summary Page The MAC-based ACL Summary Page contains the following fields: Priority Indicates the ACE priority, which determines which ACE is matched to a packet on a first-match basis. The possible field values are Source Address Indicates the source MAC address. Source Mask Indicates the MAC address Source Mask. Destination Address Indicates the destination MAC address. Destination Mask Indicated the MAC address Destination Mask. VLAN ID Specifies the VLAN ID. CoS Classifies traffic based on the CoS tag value. CoS Mask Defines the Cost of Service mask. Ethertype Provides an identifier that differentiates between various types of protocols.

75 Defining ACLs 75 Action Indicates the ACL forwarding action. Possible field values are: Permit Forwards packets which meet the ACL criteria. Deny Drops packets which meet the ACL criteria. Shutdown Drops packet that meet the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Interface Configuration Page.

76 76 CHAPTER 3: MANAGING DEVICE SECURITY Configuring ACLs 1 Click Policy > ACL > MAC Based ACL > ACL Setup. The ACL Setup Page opens: Figure 41 ACL Setup Page The ACL Setup Page contains the following fields: ACL Name Contains a list of the MAC-based ACLs. New Rule Priority Defines the rule priority. When the packet is matched to a rule, user groups are either granted permission or denied device management access. The rule number is essential to matching packets to rules, as packets are matched on a first-fit basis. Source Address Indicates the source MAC address. Source Wild Card Mask Indicates the source MAC Address wild card mask. Wild cards are used to mask all or part of a source MAC address. Wild card masks specify which bits are used and which are ignored. A wild card mask of FF:FF:FF:FF:FF:FF indicates that no bit is important. A wildcard of indicates that all bits are important. For example, if the source MAC address is E0:3B:4A:C2:CA:E2 and the wildcard mask is 00:3B:4A:C2:CA:FF, the first two bits of the MAC are used, while the last two bits are ignored. Destination Address Indicates the destination MAC address.

77 Configuring ACLs 77 Destination Wild Card Mask Indicates the destination MAC Address wild card mask. Wild cards are used to mask all or part of a destination MAC address. Wild card masks specify which bits are used and which are ignored. A wild card mask of FF:FF:FF:FF:FF indicates that no bit is important. A wild card mask of indicates that all bits are important. For example, if the destination MAC address is E0:3B:4A:C2:CA:E2 and the wildcard mask is 00:3B:4A:C2:CA:FF, the first two bits of the MAC are used, while the last two bits are ignored. VLAN ID Matches the packet's VLAN ID to the ACL. CoS Classifies traffic based on the CoS tag value. CoS Mask Defines the CoS mask used to classify network traffic. Ethertype Provides an identifier that differentiates between various types of protocols. Action Indicates the ACL forwarding action. Possible field values are: Permit Forwards packets which meet the ACL criteria. Deny Drops packets which meet the ACL criteria. Shutdown Drops packet that meet the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Interface Configuration Page. 2 Define the fields. 3 Click.

78 78 CHAPTER 3: MANAGING DEVICE SECURITY Defining MAC-based ACL Rules To define MAC-based ACL Rules: 1 Click Policy > ACL > MAC Based ACL > Rule Setup. The MAC-based ACL Rule Setup Page opens: Figure 42 MAC-based ACL Rule Setup Page The MAC-based ACL Rule Setup Page contains the following fields: ACL Name Contains a list of the MAC-based ACLs. New Rule Priority Defines the ACL priority. ACLs are checked on the first fit basis. The ACL priority defines the ACL order in the ACL list. Source Address Indicates the source MAC address. Source Wild Card Mask Indicates the source MAC Address wild card mask. Wild cards are used to mask all or part of a source MAC address. Wild card masks specify which bits are used and which are ignored. A wild card mask of FF:FF:FF:FF:FF:FF indicates that no bit is important. A wildcard of indicates that all bits are important. For example, if the source MAC address is E0:3B:4A:C2:CA:E2 and the wildcard mask is 00:3B:4A:C2:CA:FF, the first two bits of the MAC are used, while the last two bits are ignored. Destination Address Indicates the destination MAC address.

79 Defining MAC-based ACL Rules 79 Destination Wild Card Mask Indicates the destination MAC Address wild card mask. Wild cards are used to mask all or part of a destination MAC address. Wild card masks specify which bits are used and which are ignored. A wild card mask of FF:FF:FF:FF:FF indicates that no bit is important. A wild card mask of indicates that all bits are important. For example, if the destination MAC address is E0:3B:4A:C2:CA:E2 and the wildcard mask is 00:3B:4A:C2:CA:FF, the first two bits of the MAC are used, while the last two bits are ignored. VLAN ID Specifies the VLAN ID. CoS Classifies traffic based on the CoS tag value. CoS Mask Defines the CoS mask used to classify network traffic. Ethertype Provides an identifier that differentiates between various types of protocols. Action Indicates the ACL forwarding action. Possible field values are: Permit Forwards packets which meet the ACL criteria. Deny Drops packets which meet the ACL criteria. Shutdown Drops packet that meet the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Interface Configuration Page. 2 Define the fields. 3 Click. The Rule Setup settings are configured, and the device is updated.

80 80 CHAPTER 3: MANAGING DEVICE SECURITY Removing MAC-based ACLs To remove MAC-based Class Maps: 1 Click Policy > ACL > MAC Based ACL > Remove. The MAC-based ACL Remove Page opens: Figure 43 MAC-based ACL Remove Page The MAC-based ACL Remove Page contains the following fields: ACL Name Contains a list of the MAC-based ACLs. Remove ACL Enables the ACL to be removed. Priority Defines the rule priority for the MAC-based ACL. VLAN ID Specifies the VLAN ID. CoS Classifies Class of Service of the packet. CoS Mask Defines the wildcard bits to be applied to the CoS. Ethertype Provides an identifier that differentiates between various types of protocols. Action Indicates the ACL forwarding action. Possible field values are: Permit Forwards packets which meet the ACL criteria. Deny Drops packets which meet the ACL criteria.

81 Removing MAC-based ACLs 81 Shutdown Drops packet that meet the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Interface Configuration Page. 2 Select the ACL Name to be deleted. 3 Enable ACL Removal and select the ACL to be removed from the table. 4 Click the Remove Checkbox. The ACL is removed. 5 Click. The selected ACLs are deleted, and the device is updated.

82 82 CHAPTER 3: MANAGING DEVICE SECURITY Defining IP-based ACLs The IP Based ACL Page contains information for defining IP-based ACLs, including defining the ACEs defined for IP-based ACLs. To view IP-based Class Maps: 1 Click Policy > ACL > IP Based ACL > ACL Summary. The IP-based ACL Summary Page opens: Figure 44 IP-based ACL Summary Page The IP-based ACL Summary Page contains the following fields: ACL Name Contains a list of the IP-based ACLs. Priority Indicates the ACE priority that determines which ACE is matched to a packet based on a first-match basis. The possible field value is Protocol Creates an ACE based on a specific protocol. The possible field values are: IP Internet Protocol (IP). Specifies the format of packets and their addressing method. IP addresses packets and forwards the packets to the correct port. TCP Transmission Control Protocol (TCP). Enables two hosts to communicate and exchange data streams. TCP guarantees packet delivery, and guarantees packets are transmitted and received in the order the are sent.

83 Defining IP-based ACLs 83 UDP User Datagram Protocol (UDP). Communication protocol that transmits packets but does not guarantee their delivery. ICMP Internet Control Message Protocol (ICMP). The ICMP allows the gateway or destination host to communicate with the source host. For example, to report a processing error. IGMP Internet Group Management Protocol (IGMP). Allows hosts to notify their local switch or router that they want to receive transmissions assigned to a specific multicast group. Flag Type Indicates TCP flags by which the packet is classified. Flag Set Sets the indicated TCP flag that can be triggered. ICMP Type Specifies an ICMP message type for filtering ICMP packets. ICMP Code Specifies an ICMP message code for filtering ICMP packets. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. IGMP Type IGMP packets can be filtered by IGMP message type. Source Defines the TCP/UDP source port to which the ACL is matched. Destination Defines the TCP/UDP destination port. DSCP Matches the packet DSCP value to the ACL. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. The possible field range is IP - Prec. Indicates matching ip-precedence with the packet ip-precedence value. Action Indicates the ACL forwarding action.

84 84 CHAPTER 3: MANAGING DEVICE SECURITY Defining IP-based ACLs To configure IP-based Class Maps: 1 Click Policy > ACL > IP Based ACL > ACL Setup. The IP-based ACL Setup Page opens: Figure 45 IP-based ACL Setup Page The IP-based ACL Setup Page contains the following fields: ACL Name Contains a list of the IP-based ACLs. Enable New Rule Priority Enables the new rule priority. New Rule Priority Defines the ACL priority. ACLs are checked on the first fit basis. The ACL priority defines the ACL order in the ACL list. Protocol Creates an ACE based on a specific protocol. Select from List Selects a protocol from a list on which ACE can be based. Some of the possible field values are: Any Matches the protocol to any protocol. IDRP Matches the packet to the Inter-Domain Routing Protocol (IDRP). RSVP Matches the packet to the ReSerVation Protocol (RSVP).

85 Defining IP-based ACLs 85 OSPF Matches the packet to the Open Shortest Path First (OSPF) protocol. PIM Matches the packet to Protocol Independent Multicast (PIM). L2IP Matches the packet to Layer 2 Internet Protocol (L2IP). Protocol ID Adds user-defined protocols by which packets are matched to the ACE. Each protocol has a specific protocol number which is unique. The possible field range is Source Port Enables creating an ACL based on a specific protocol. Destination Port Indicates the destination port that is matched packets. Enabled only when TCP or UDP are selected in the Protocol list. Any Enables creating an ACL based on any protocol. Source Wild Card Mask Source IP address wildcard mask.wild card masks specify which bits are used and which bits are ignored. A wild card mask of indicates that no bit is important. A wildcard of indicates that all the bits are important. For example, if the source IP address and the wildcard mask is , the first eight bits of the IP address are ignored, while the last eight bits are used. Source IP Address Matches the source IP address from which packets originate to the ACL. Destination IP Address Matches the destination IP address to which packets are addressed to the ACL. Destination Wild Card Mask Indicates the destination IP Address wild card mask. Wild cards are used to mask all or part of a destination IP Address. Wild card masks specify which bits are used and which bits are ignored. A wild card mask of indicates that no bit is important. A wildcard of indicates that all bits are important. For example, if the destination IP address and the wildcard mask is , the first two bits of the IP address are used, while the last two bits are ignored. Match DSCP Matches the packet DSCP value to the ACL. Either the DSCP value or the IP Precedence value is used to match packets to ACLs.

86 86 CHAPTER 3: MANAGING DEVICE SECURITY Match IP Precedence Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. Action Indicates the ACL forwarding action. Possible field values are: Permit Forwards packets which meet the ACL criteria. Deny Drops packets which meet the ACL criteria. Shutdown Drops packet that meet the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Interface Configuration Page.

87 Defining IP-based ACLs 87 Defining IP-based ACLs To configure IP-based Rules: 1 Click Policy > ACL > IP Based ACL > Rule Setup. The IP-based ACL Rule Setup Page opens: Figure 46 IP-based ACL Rule Setup Page The IP-based ACL Rule Setup Page contains the following fields: ACL Name Contains a list of the IP-based ACLs. New Rule Priority Defines the ACL priority. ACLs are checked on the first fit basis. The ACL priority defines the ACL order in the ACL list. Protocol Enables creating an ACL based on a specific protocol. Select from List Selects a protocol from a list on which ACE can be based.some of the possible field values are: Protocol ID Adds user-defined protocols by which packets are matched to the ACE. Each protocol has a specific protocol number which is unique. The possible field range is Source Port Enables creating an ACL based on a specific protocol. Any Enables creating an ACL based on any protocol.

88 88 CHAPTER 3: MANAGING DEVICE SECURITY Destination Port Indicates the destination port that is matched packets. Enabled only when TCP or UDP are selected in the Protocol list. Any Enables creating an ACL Based on any protocol. Source IP Address Matches the source IP address to which packets are addressed to the ACL. Wild Card Mask Indicates the destination IP Address wild card mask. Wild cards are used to mask all or part of a destination IP Address. Wild card masks specify which bits are used and which bits are ignored. A wild card mask of indicates that no bit is important. A wildcard of indicates that all bits are important. For example, if the destination IP address and the wildcard mask is , the first two bits of the IP address are used, while the last two bits are ignored. Destination IP Address Matches the destination IP address to which packets are addressed to the ACL. Wild Card Mask Indicates the destination IP Address wild card mask. Wild cards are used to mask all or part of a destination IP Address. Wild card masks specify which bits are used and which bits are ignored. A wild card mask of indicates that no bit is important. A wildcard of indicates that all bits are important. For example, if the destination IP address and the wildcard mask is , the first two bits of the IP address are used, while the last two bits are ignored. Match DSCP Matches the packet DSCP value to the ACL. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. Match IP Precedence Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. Action Indicates the ACL forwarding action. Possible field values are: Permit Forwards packets which meet the ACL criteria. Deny Drops packets which meet the ACL criteria.

89 Defining IP-based ACLs 89 Shutdown Drops packet that meet the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Interface Configuration Page. 2 Select an ACL from the ACL Name drop-down list. 3 Define the rule setup fields. 4 Click. The ACL rule setup is enabled, and the device is updated.

90 90 CHAPTER 3: MANAGING DEVICE SECURITY Removing IP-based ACLs To remove IP-based ACL: 1 Click Policy > ACL > IP Based ACL > Remove ACL. The IP-based ACL Remove Page opens: Figure 47 IP-based ACL Remove Page The IP-based ACL Remove Page contains the following fields: ACL Name Contains a list of the IP-based ACLs. Remove ACL Removes an ACL. The possible field values are: Checked Removes the selected IP-based ACL. Unchecked Maintains the IP-based ACL. Priority Indicates the ACL priority, which determines which ACL is matched to a packet on a first-match basis. The possible field values are Protocol Creates an ACE based on a specific protocol. Destination Port Defines the TCP/UDP destination port. Source Port Defines the TCP/UDP source port to which the ACL is matched. Flag Set Sets the indicated TCP flag matched to the packet.

91 Removing IP-based ACLs 91 ICMP Type Specifies an ICMP message type for filtering ICMP packets. ICMP Code Specifies an ICMP message code for filtering ICMP packets. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. IGMP Type IGMP packets can be filtered by IGMP message type. DSCP Matches the packet DSCP value to the ACL. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. IP - Prec. Indicates matching ip-precedence with the packet ip-precedence value. Action Indicates the ACL forwarding action. Possible field values are: Permit Forwards packets which meet the ACL criteria. Deny Drops packets which meet the ACL criteria. Shutdown Drops packet that meet the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Interface Configuration Page. 2 Select an ACL to be removed. 3 Click. The selected ACLs are deleted, and the device is updated.

92 92 CHAPTER 3: MANAGING DEVICE SECURITY Binding ACLs To define ACL Binding: 1 Click Policy > ACL > ACL Binding > Binding Summary. The ACL Binding Summary Page opens: Figure 48 ACL Binding Summary Page The ACL Binding Summary Page contains the following fields: Ports Displays the ACL Port parameters. The possible field values are: Interface Displays the port interface for which the ACL parameters are defined. ACL Name Contains a list of ACL Names. LAGs Displays the ACL LAG parameters. The possible field values are: Interface Displays the LAG interface for which the ACL parameters are defined. ACL Name Contains a list of ACL Names.

93 Binding ACLs 93 To define ACL Binding: 1 Click Policy > ACL > ACL Binding > Binding Setup. The ACL Binding Setup Page opens: Figure 49 ACL Binding Setup Page The ACL Binding Setup Page contains the following fields: Interface Selects the Ports or LAGs interface to be configured. Ports Selects the ports interface to be bound. LAGs Selects the LAGs interface to be bound. Bind ACL Binds the interface to the ACL interface. MAC-based ACL Binds the interface to the MAC-based ACL. IP-based ACL Binds the interface to the IP-based ACL. Select ACL Selects the ACL to be bound. Define the fields. 2 Define the fields. 3 Click. The ACL Binding Page is defined, and the device is updated.

94 4 MANAGING SYSTEM INFORMATION This section contains information for configuring general system information, and includes the following: Viewing System Description Defining System Settings Configuring Country Codes Configuring System Name Configuring System Time Saving the Device Configuration

95 Viewing System Description 95 Viewing System Description The Device Summary Information Page displays parameters for configuring general device information, including the system name, location, and contact, the system MAC Address, System Object ID, System Up Time, and MAC addresses, and both software, boot, and hardware versions. To view Service Summary Information: 1 Click Device Summary. The Device Summary Information Page opens: Figure 50 Device Summary Information Page The Device Summary Information Page contains the following fields: Product Description Displays the device model number and name System Name Defines the user-defined device name. The field range is characters. System Location Defines the location where the system is currently running. The field range is characters. System Contact Defines the name of the contact person. The field range is characters. Serial Number Displays the device serial number.

96 96 CHAPTER 4: MANAGING SYSTEM INFORMATION Product 3C Number Displays the internal 3Com device serial number. System Object ID Displays the vendor s authoritative identification of the network management subsystem contained in the entity. MAC Address Displays the device MAC address. System Up Time Displays the amount of time since the most recent device reset. The system time is displayed in the following format: Days, Hours, Minutes, and Seconds. For example, 41 days, 2 hours, 22 minutes and 15 seconds. Software Version Displays the installed software version number. Boot Version Displays the current boot version running on the device. Hardware Version Displays the current hardware version of the device.

97 Defining System Settings 97 Defining System Settings The following section allows system administrators to configure advanced system settings. The section includes the following: Configuring Country Codes Configuring System Name Configuring System Time

98 98 CHAPTER 4: MANAGING SYSTEM INFORMATION Configuring Country Codes Defines the country code by which WLAN settings are set. For the complete list of country codes and settings, see WLAN Country Settings. To configure the Country Code: 1 Click Administration > Country Code. The Country Codes Page opens: Figure 51 Country Codes Page The Country Codes Page contains the following fields: Master Radio Enable Enables the master radio. Country Code Displays a list of country codes. The following are the possible country code settings:

99 Configuring Country Codes 99 Country Country Code Access Point Domain Channels Allowed Maximum Transmit Power (Radio Tx + Antenna Gain = EIRP) Frequency Range (GHz) Austria AT -E 36, 40, 44, mw EIRP Australia AU -N 36, 40, 44, 48,52, 56, 60, 64,149, 153, 157, mw EIRP mw EIRP 200 mw EIRP 1 W EIRP mw EIRP Belgium BE -E 36, 40, 44, 120 mw EIRP ,52, 56, 60, mw EIRP 1-12, mw EIRP mw EIRP Brazil BR -C 36, 40, 44, 200 mw EIRP ,52, 56, 60, 64,149, 153, 157, W EIRP W EIRP Canada CA -A 36, 40, 44, 48,52, 56, 60, 64,149, 153, 157, 161 Switzerland and Liechtenstein CH -E 36, 40, 44, 48,52, 56, 60, 64 China CN -C 149, 153, 157, 161 Cyprus CY -E 36, 40, 44, 48,52, 56, 60, 64,149, 153, 157, mw+6 dbi=200 mw, 250 mw+6 dbi=1 W, 1 W+6 dbi=4 W W+Restricted Antennas 200 mw EIRP 200 mw EIRP mw EIRP mw+6 dbi~600 mw mw+6 dbi~600 mw 50 mw+6 dbi=200 mw250 mw+6 dbi=1 W1 W+6 dbi=4 W W+Restricted Antennas

100 100 CHAPTER 4: MANAGING SYSTEM INFORMATION Country Country Code Czech Republic CZ -E 36, 40, 44, 48,52, 56, 60, 64,149, 153, 157, 161 Germany DE -E 36, 40, 44, 48,52, 56, 60, 64,104, 108, 112, 116, 120, 124, 128, 132, 140 Denmark DK -E 36, 40, 44, 48,52, 56, 60, 64,104, 108, 112, 116, 120, 124, 128, 132, 140 Estonia EE -E 36, 40, 44, 48,52, 56, 60, 64,149, 153, 157, 161 Spain ES -E Access Point Domain Channels Allowed Finland FI -E 36, 40, 44, 48,52, 56, 60, Maximum Transmit Power (Radio Tx + Antenna Gain = EIRP) 200 mw EIRP200 mw EIRP1 W EIRP mw EIRP mw EIRP200 mw EIRP1 W EIRP mw EIRP200 mw EIRP1 W EIRP mw EIRP mw+6 dbi=200 mw250 mw+6 dbi=1 W1 W+6 dbi=4 W W+Restricted Antennas mw EIRP 200 mw EIRP200 mw EIRP1 W EIRP Frequency Range (GHz) ,104, 108, 112, 116, 120, 124, 128, 132, mw EIRP

101 Configuring Country Codes 101 Country Country Code Access Point Domain Channels Allowed France FR -E 36, 40, 44, 48,52, 56, 60, 64 Maximum Transmit Power (Radio Tx + Antenna Gain = EIRP) 200 mw EIRP200 mw EIRP Frequency Range (GHz) , mw EIRP100 mw EIRP United Kingdom GB -E 36, 40, 44, 48,52, 56, 60, 64,104, 108, 200 mw EIRP200 mw EIRP1 W EIRP , 116, 120, 124, 128, 132, mw EIRP Greece GR -E mw EIRP Hong Kong HK -N 36, 40, 44, 48,52, 56, 60, 64,149, 153, 157, mw EIRP200 mw EIRP1 W+6 dbi=4 W mw EIRP Hungary HU -E 36, 40, 44, 48,52, 56, 60, mw EIRP W EIRP Indonesia ID -R N/A N/A mw EIRP Ireland IE -E 36, 40, 44, 48,52, 56, 60, mw EIRP200 mw EIRP1 W EIRP mw EIRP Israel IL -I 36, 40, 44, 48,52, 56, 60, mw EIRP200 mw EIRP

102 102 CHAPTER 4: MANAGING SYSTEM INFORMATION Country Country Code Access Point Domain Channels Allowed Maximum Transmit Power (Radio Tx + Antenna Gain = EIRP) Frequency Range (GHz) mw EIRP Israel OUTDOOR ILO 36, 40, 44, 48,52, 56, 60, mw EIRP200 mw EIRP mw EIRP India IN TBA N/A N/A N/A Iceland IS -E 36, 40, 44, 48,52, 56, 60, Italy IT -E 36, 40, 44, 48,52, 56, 60, 4 W EIRP mw EIRP200 mw EIRP1 W EIRP ,104, 108, 112, 116, 120, 124, 128, 132, mw EIRP mw EIRP200 mw EIRP1 W EIRP ,104, 108, 112, 116, 120, 124, 128, 132, mw EIRP Japan JP -J 1-3, mw EIRP100 mw EIRP mw/ MHz~200mW EIRP mw/ MHz~200mW EIRP Republic of Korea KR -C 149, 153, 157, mw+6 dbi~600 mw

103 Configuring Country Codes 103 Country Country Code Access Point Domain Channels Allowed Maximum Transmit Power (Radio Tx + Antenna Gain = EIRP) Frequency Range (GHz) mw+6 dbi~600 mw Lithuania LT -E 36, 40, 44, 48,52, 56, 60, 50 mw+6 dbi=200 mw250 mw+6 64,149, 153, dbi=1 W1 W+6 157, 161 dbi=4 W W+Restricted Antennas Luxembourg LU -E 36, 40, 44, 48,52, 56, 60, 200 mw EIRP200 mw EIRP1 W EIRP ,104, 108, 112, 116, 120, 124, 128, 132, mw EIRP Latvia LV -E 36, 40, 44, 48,52, 56, 60, 50 mw+6 dbi=200 mw250 mw+6 64,149, 153, dbi=1 W1 W+6 157, 161 dbi=4 W W+Restricted Antennas Malaysia MY -E mw EIRP Netherlands NL -E 36, 40, 44, 48,52, 56, 60, 64,104, 108, 112, 116, 120, 124, 128, 132, mw EIRP200 mw EIRP1 W EIRP

104 104 CHAPTER 4: MANAGING SYSTEM INFORMATION Country Country Code Access Point Domain Channels Allowed Maximum Transmit Power (Radio Tx + Antenna Gain = EIRP) Frequency Range (GHz) mw EIRP Norway NO -E 36, 40, 44, 48,52, 56, 60, 64,104, 108, 200 mw EIRP200 mw EIRP1 W EIRP , 116, 120, 124, 128, 132, mw EIRP New Zealand NZ -N 36, 40, 44, 48,52, 56, 60, 50 mw+6 dbi=200 mw250 mw+6 64,149, 153, dbi=1 W1 W+6 157, 161 dbi=4 W W+Restricted Antennas Philippines PH -C TBA TBA Poland PL -E 36, 40, 44, 48,52, 56, 60, Portugal PT -E 36, 40, 44, 48,52, 56, 60, 100 mw EIRP mw EIRP 1 W EIRP ,149, 153, 157, mw EIRP mw EIRP200 mw EIRP1 W EIRP ,104, 108, 112, 116, 120, 124, 128, 132, mw EIRP

105 Configuring Country Codes 105 Country Country Code Access Point Domain Channels Allowed Sweden SE -E 36, 40, 44, 48,52, 56, 60, Maximum Transmit Power (Radio Tx + Antenna Gain = EIRP) 200 mw EIRP200 mw EIRP1 W EIRP Frequency Range (GHz) ,104, 108, 112, 116, 120, 124, 128, 132, mw EIRP Singapore SG -S 36, 40, 44, 48, 52, 56, 60, 64, 149, 153, 157, mw EIRP200 mw EIRP1 W EIRP mw EIRP Slovenia SI -E 36, 40, 44, 48,52, 56, 60, 50 mw+6 dbi=200 mw250 mw+6 64,149, 153, dbi=1 W1 W+6 157, 161 dbi=4 W W+Restricted Antennas Slovak Republic SK -E 36, 40, 44, 48,52, 56, 60, 64,149, 153, 157, mw+6 dbi=200 mw250 mw+6 dbi=1 W1 W+6 dbi=4 W W+Restricted Antennas Thailand TL -R N/A N/A mw EIRP Taiwan TW -T 56, 60, 64, ,149, 153, 50 mw+6 dbi=200 mw250 mw+6 157, 161 dbi=1 W1 W+6 dbi=4 W

106 106 CHAPTER 4: MANAGING SYSTEM INFORMATION Country Country Code Access Point Domain Channels Allowed Maximum Transmit Power (Radio Tx + Antenna Gain = EIRP) Frequency Range (GHz) W EIRP United States US -A 36, 40, 44, 50 mw+6 dbi= of America 48,52, 56, 60, mw250 mw ,149, 153, dbi=1 W1 W+6 157, 161 dbi=4 W W Conducted Output United States of America USE -A 36, 40, 44, 48,52, 56, 60, mw+6 dbi=200 mw250 mw+6 dbi=1 W W Conducted Output United States of America LOW USL -A 36, 40, 44, 48,52, 56, 60, mw+6 dbi=200 mw250 mw+6 dbi=1 W W Conducted Output United States of America EXTENDED USX TBA 36, 40, 44, 48,52, 56, 60, mw+6 dbi=200 mw250 mw+6 dbi=1 W W Conducted Output South Africa ZA TBA N/A N/A W EIRP

107 Configuring System Name 107 Configuring System Name To configure the System Name: 1 Click Administration > System Name > Setup. The System Name Setup Page opens: Figure 52 System Name Setup Page The System Name Setup Page includes the following fields: System Name Defines the user-defined device name. The field range is characters. System Location Defines the location where the system is currently running. The field range is characters. System Contact Defines the name of the contact person. The field range is characters. 2 Define the fields. 3 Click. The System Name is enabled, and the device is updated.

108 108 CHAPTER 4: MANAGING SYSTEM INFORMATION Configuring System Time The Time Page contains fields for defining system time parameters for both the local hardware clock and the external SNTP clock. If the system time is kept using an external SNTP clock, and the external SNTP clock fails, the system time reverts to the local hardware clock. Daylight Savings Time can be enabled on the device. The following is a list of Daylight Savings Time start and end times in specific countries: Albania From the last weekend of March until the last weekend of October. Australia From the end of October until the end of March. Australia - Tasmania From the beginning of October until the end of March. Armenia From the last weekend of March until the last weekend of October. Austria From the last weekend of March until the last weekend of October. Bahamas From April to October, in conjunction with Daylight Savings Time in the United States. Belarus From the last weekend of March until the last weekend of October. Belgium From the last weekend of March until the last weekend of October. Brazil From the third Sunday in October until the third Saturday in March. During the period of Daylight Saving Time, Brazilian clocks go forward one hour in most of the Brazilian southeast. Chile In Easter Island, from March 9 until October 12. In the rest of the country, from the first Sunday in March or after 9th March. China China does not use Daylight Saving Time. Canada From the first Sunday in April until the last Sunday of October. Daylight Saving Time is usually regulated by provincial and territorial governments. Exceptions may exist in certain municipalities. Cuba From the last Sunday of March to the last Sunday of October. Cyprus From the last weekend of March until the last weekend of October.

109 Configuring System Time 109 Denmark From the last weekend of March until the last weekend of October. Egypt From the last Friday in April until the last Thursday in September. Estonia From the last weekend of March until the last weekend of October. Finland From the last weekend of March until the last weekend of October. France From the last weekend of March until the last weekend of October. Germany From the last weekend of March until the last weekend of October. Greece From the last weekend of March until the last weekend of October. Hungary From the last weekend of March until the last weekend of October. India India does not use Daylight Saving Time. Iran From Farvardin 1 until Mehr 1. Iraq From April 1 until October 1. Ireland From the last weekend of March until the last weekend of October. Israel Varies year-to-year. Italy From the last weekend of March until the last weekend of October. Japan Japan does not use Daylight Saving Time. Jordan From the last weekend of March until the last weekend of October. Latvia From the last weekend of March until the last weekend of October. Lebanon From the last weekend of March until the last weekend of October. Lithuania From the last weekend of March until the last weekend of October. Luxembourg From the last weekend of March until the last weekend of October.

110 110 CHAPTER 4: MANAGING SYSTEM INFORMATION Macedonia From the last weekend of March until the last weekend of October. Mexico From the first Sunday in April at 02:00 to the last Sunday in October at 02:00. Moldova From the last weekend of March until the last weekend of October. Montenegro From the last weekend of March until the last weekend of October. Netherlands From the last weekend of March until the last weekend of October. New Zealand From the first Sunday in October until the first Sunday on or after March 15. Norway From the last weekend of March until the last weekend of October. Paraguay From April 6 until September 7. Poland From the last weekend of March until the last weekend of October. Portugal From the last weekend of March until the last weekend of October. Romania From the last weekend of March until the last weekend of October. Russia From the last weekend of March until the last weekend of October. Serbia From the last weekend of March until the last weekend of October. Slovak Republic - From the last weekend of March until the last weekend of October. South Africa South Africa does not use Daylight Saving Time. Spain From the last weekend of March until the last weekend of October. Sweden From the last weekend of March until the last weekend of October. Switzerland From the last weekend of March until the last weekend of October. Syria From March 31 until October 30.

111 Configuring System Time 111 Taiwan Taiwan does not use Daylight Saving Time. Turkey From the last weekend of March until the last weekend of October. United Kingdom From the last weekend of March until the last weekend of October. United States of America From the first Sunday in April at 02:00 to the last Sunday in October at 02:00. To configure the System Time: 1 Click Administration > Time. The Time Page opens: Figure 53 Time Page The Time Page contains the following sections: Local Settings Displays the system time in the following format: Time Indicates the system time. The system time is displayed in the following format HH:MM:SS. Hour, Minute, Seconds. Day Displays the week day. The possible field range is Sunday-Saturday. Month Displays the month of the year. The possible field range is Jan-Dec. Year Displays the year. Time Zone Offset Indicates the difference between Greenwich Mean Time (GMT) and local time. For example, the Time Zone Offset

112 112 CHAPTER 4: MANAGING SYSTEM INFORMATION for Paris is GMT +1, while the Time Zone Offset for New York is GMT 5. Daylight Savings Enables automatic Daylight Savings Time (DST) on the device based on the device s location. There are two types of daylight settings, either by a specific date in a particular year or a recurring setting irrespective of the year. Define the fields. From Defines the time that DST ends each year. For example, DST ends locally every fourth Friday in October at 5:00 am. The possible field values are: Day The day of the week at which DST ends every year. The possible field range is Sunday-Saturday. Week The week within the month at which DST ends every year. The possible field range is 1-5. Month The month of the year in which DST ends every year. The possible field range is Jan.-Dec. Time The time at which DST ends every year. The field format is Hour:Minute, for example, 05:30. To Defines the time that DST begins each year. For example, DST begins locally every second Sunday in April at 5:00 am. The possible field values are: Day The day of the week from which DST begins every year. The possible field range is Sunday-Saturday. Week The week within the month from which DST begins every year. The possible field range is 1-5. Month The month of the year in which DST begins every year. The possible field range is Jan.-Dec. Time The time at which DST begins every year. The field format is Hour:Minute, for example, 02:10. Recurring Defines the time that DST starts in countries other than USA or European where the DST is constant year to year. 2 Click. The Time settings are saved, and the device is updated.

113 Saving the Device Configuration 113 Saving the Device Configuration The Save Configuration tab allows the latest configuration to be saved to the flash memory. To save the device configuration: 1 Click Save Configuration. The Save Configuration Page opens: Figure 54 Save Configuration Page The following message displays: The operation will save your configuration. Do you wish to continue?

114 114 CHAPTER 4: MANAGING SYSTEM INFORMATION Resetting the Device The Reset page enables resetting the device from a remote location. To prevent the current configuration from being lost, save all changes from the running configuration file to the startup configuration file before resetting the device.

115 5 CONFIGURING WIRED PORTS This section contains information for configuring Port Settings, and includes the following sections: Viewing Port Settings Defining Port Settings Configuring Address Tables Viewing Static Addresses Defining Static Addresses Viewing Dynamic Addresses

116 116 CHAPTER 5: CONFIGURING WIRED PORTS Viewing Port Settings The Port Setting Summary Page contains information regarding specific port settings. To view Port Settings: 1 Click Wired Ports > Port Settings > Summary. The Port Setting Summary Page opens: Figure 55 Port Setting Summary Page The Port Setting Summary Page contains the following fields: Port Indicates the selected port number. PortType Displays the type of the port. Port Status Indicates whether the port is currently operational or non-operational. The possible field values are: Up Indicates the port is currently operating. Down Indicates the port is currently not operating. Port Speed Displays the configured rate for the port. The port type determines what speed setting options are available. Port speeds can only be configured when auto negotiation is disabled. The possible field values are:

117 Viewing Port Settings M Indicates the port is currently operating at 10 Mbps. 100M Indicates the port is currently operating at 100 Mbps. 1000M Indicates the port is currently operating at 1000 Mbps. Duplex Mode Displays the port duplex mode. This field is configurable only when auto negotiation is disabled, and the port speed is set to 10M or 100M or 1000M per second. This field cannot be configured on LAGs. The possible field values are: Full The interface supports transmission between the device and its link partner in both directions simultaneously. Half The interface supports transmission between the device and the client in only one direction at a time. Auto Negotiation Displays the auto negotiation status on the port. Auto negotiation is a protocol between two link partners that enables a port to advertise its transmission rate, duplex mode, and flow control abilities to its partner. Advertisement Defines the auto negotiation setting the port advertises. The possible field values are: Max Capability Indicates that all port speeds and duplex mode settings are accepted. 10 Half Indicates that the port advertises for a 10 Mbps speed port and half duplex mode setting. 10 Full Indicates that the port advertises for a 10 Mbps speed port and full duplex mode setting. 100 Half Indicates that the port advertises for a 100 Mbps speed port and half duplex mode setting. 100 Full Indicates that the port advertises for a 100 Mbps speed port and full duplex mode setting Full Indicates that the port advertises for a 1000 Mbps speed port and full duplex mode setting. Back Pressure Displays the back pressure mode on the Port. Back pressure mode is used with half duplex mode to disable ports from receiving messages. Flow Control Displays the flow control status on the port. Operates when the port is in full duplex mode. MDI/MDIX Displays the MDI/MDIX status on the port. Hubs and switches are deliberately wired opposite the way end stations are

118 118 CHAPTER 5: CONFIGURING WIRED PORTS wired, so that when a hub or switch is connected to an end station, a straight through Ethernet cable can be used, and the pairs are matched up properly. When two hubs or switches are connected to each other, or two end stations are connected to each other, a crossover cable is used to ensure that the correct pairs are connected. The possible field values are: MDIX (Media Dependent Interface with Crossover) Use for hubs and switches. MDI (Media Dependent Interface) Use for end stations. Auto Use to automatically detect the cable type. LAG Displays the LAG for which the port setting parameters are defined.

119 Defining Port Settings 119 Defining Port Settings The Port Settings Setup Page allows network managers to configure port parameters for specific ports. To configure Port Settings: 1 Click Wired Ports> Port Settings > Setup. The Port Settings Setup Page opens: Figure 56 Port Settings Setup Page The Port Settings Setup Page contains the following fields: Port Indicates the selected port number. Description Displays a port description. Port Type Indicates the type of the port. Admin Status Indicates whether the port is currently operational or non-operational. The possible field values are: Up Indicates the port is currently operating. Down Indicates the port is currently not operating. Current Port Status Displays current port status. Reactivate Suspended Port Reactivates a port if the port has been disabled through the locked port security option.

120 120 CHAPTER 5: CONFIGURING WIRED PORTS Operational Status Indicates whether the port is currently operational or non-operational. Admin Speed Displays the configured rate for the port. The port type determines what speed setting options are available. Port speeds can only be configured when auto negotiation is disabled. The possible field values are: 10M Indicates the port is currently operating at 10 Mbps. 100M Indicates the port is currently operating at 100 Mbps. 1000M Indicates the port is currently operating at 1000 Mbps. Current Port Speed Displays the current configured port speed. Admin Duplex Displays the port duplex mode. This field is configurable only when auto negotiation is disabled, and the port speed is set to 10M or 100M. This field cannot be configured on LAGs. The possible field values are: Full The interface supports transmission between the device and its link partner in both directions simultaneously. Half The interface supports transmission between the device and the client in only one direction at a time. Current Duplex Mode Displays the current port duplex mode. Auto Negotiation Displays the auto negotiation status on the port. Auto negotiation is a protocol between two link partners that enables a port to advertise its transmission rate, duplex mode, and flow control abilities to its partner. Current Auto Negotiation Displays the current auto negotiation status on the port. Admin Advertisement Defines the auto negotiation setting the port advertises. The possible field values are: Max Capability Indicates that all port speeds and duplex mode settings are accepted. 10 Half Indicates that the port advertises for a 10 Mbps speed port and half duplex mode setting. 10 Full Indicates that the port advertises for a 10 Mbps speed port and full duplex mode setting. 100 Half Indicates that the port advertises for a 100 Mbps speed port and half duplex mode setting.

121 Defining Port Settings Full Indicates that the port advertises for a 100 Mbps speed port and full duplex mode setting Full Indicates that the port advertises for a 1000 Mbps speed port and full duplex mode setting. Current Advertisement Displays the current port advertisement. Neighbor Advertisement Indicates the neighboring ports advertisement settings. The field values are identical to the Admin Advertisement field values. Back Pressure Displays the back pressure mode on the Port. Back pressure mode is used with half duplex mode to disable ports from receiving messages. Current Back Pressure Displays the currently configured back pressure mode on the port. Flow Control Displays the flow control status on the port. Operates when the port is in full duplex mode. Current Flow Control Displays the current flow control status on the port. MDI/MDIX Displays the MDI/MDIX status on the port. Hubs and switches are deliberately wired opposite the way end stations are wired, so that when a hub or switch is connected to an end station, a straight through Ethernet cable can be used, and the pairs are matched up properly. When two hubs or switches are connected to each other, or two end stations are connected to each other, a crossover cable is used to ensure that the correct pairs are connected. The possible field values are: MDIX (Media Dependent Interface with Crossover) Use for hubs and switches. MDI (Media Dependent Interface) Use for end stations. Auto Use to automatically detect the cable type. Current MDI/MDIX Displays the current MDI/MDIX status on the port. LAG Displays the LAG for which the port setting parameters are defined. 2 Define the fields. 3 Click. The ports are enabled, and the device is updated.

122 122 CHAPTER 5: CONFIGURING WIRED PORTS Configuring Address Tables MAC addresses are stored in either the Static Address or the Dynamic Address databases. A packet addressed to a destination stored in one of the databases is forwarded immediately to the port. The Dynamic Address Table can be sorted by interface, VLAN, and MAC Address. MAC addresses are dynamically learned as packets from sources arrive at the device. Addresses are associated with ports by learning the ports from the frames source address. Frames addressed to a destination MAC address that is not associated with any port, are flooded to all ports of the relevant VLAN. Static addresses are manually configured. In order to prevent the bridging table from overflowing, dynamic MAC addresses, from which no traffic is seen for a certain period, are erased. Viewing Static Addresses To open the Figure 57: 1 Click Wired Ports > Address Tables > Static Addresses Summary. Figure 57 Static Addresses Summary Page The Static Addresses Summary Page contains the following fields: VLAN ID The VLAN ID attached to the MAC Address, and a VLAN called a Routed Interface.

123 Defining Static Addresses 123 MAC Address The MAC addresses listed in the current static addresses list. Interface The specific port or LAG to which the static MAC address is applied. Status Displays the MAC address status. Possible values are: Permanent The MAC address is permanent. Delete on Reset The MAC address is deleted when the device is reset. Delete on Time out The MAC address is deleted when a timeout occurs. Secure Used for defining static MAC Addresses for Locked ports. Defining Static Addresses The Static Address Table page contains a list of static MAC addresses. Static Address can be added and removed from the Static Address Table

124 124 CHAPTER 5: CONFIGURING WIRED PORTS page. In addition, several MAC Addresses can be defined for a single port. To open the Figure 58: 1 Click Wired Ports > Address Tables > Static Addresses > Setup. The Static Addresses Setup Page opens: Figure 58 Static Addresses Setup Page The Static Addresses Setup Page contains the following fields: Interface Displays specific port or LAG to which the static MAC address is applied. MAC address Displays the MAC addresses listed in the current static addresses list. VLAN ID Displays the VLAN ID attached to the MAC Address, and a VLAN called a Routed Interface. Routed Interfaces are the internally-used VLANs assigned to an port or trunk on which an IP address is configured. VLAN Name Displays the User-defined VLAN name. Status Displays the MAC address status. Possible values are:

125 Removing Static Addresses 125 Permanent The MAC address is permanent. Delete on Reset The MAC address is deleted when the device is reset. Delete on Time out The MAC address is deleted when a timeout occurs. Secure Used for defining static MAC Addresses for Locked ports. Removing Static Addresses To remove Static addresses: 1 Click Wired Ports > Address Tables > Static Addresses > Remove. The Figure 59 opens: Figure 59 Static Addresses Remove Page The Static Addresses Setup Page contains the following fields:

126 126 CHAPTER 5: CONFIGURING WIRED PORTS Remove Removes a specific static address. The possible field values are: Checked Removes the selected static address entries. Unchecked Maintains the current static address entries. VLAN ID The VLAN ID attached to the MAC Address, and a VLAN called a Routed Interface.Routed Interfaces are the internally-used VLANs assigned to an port or trunk on which an IP address is configured. MAC address The MAC addresses listed in the current static addresses list. Interface The specific port or LAG to which the static MAC address is applied. Status MAC address status. Possible values are: Permanent The MAC address is permanent. Delete on Reset The MAC address is deleted when the device is reset. Delete on Time out The MAC address is deleted when a timeout occurs. Secure Used for defining static MAC Addresses for Locked ports.

127 Viewing Dynamic Addresses 127 Viewing Dynamic Addresses The Dynamic MAC Address page contains information for querying information in the dynamic address table, including the interface type, MAC addresses, VLAN, and table sorting. Packets forwarded to an address stored in the address table are forwarded directly to those ports. The Dynamic MAC Address page also contains information about the aging time before a dynamic MAC address is erased, and includes parameters for querying and viewing the Dynamic Address list. The Current Address Table contains dynamic address parameters by which packets are directly forwarded to the ports. To open the Dynamic MAC Address Summary Page: 1 Click Wired Ports > Address Tables > Dynamic Addresses > Summary. The Dynamic MAC Address Summary Page opens: Figure 60 Dynamic MAC Address Summary Page The Dynamic MAC Address Summary Page contains the following fields: Aging Interval (10-630) Specifies the amount of time the MAC Address remains in the Dynamic MAC Address before it is timed out if no traffic from the source is detected. The default value is 300 seconds. Clear Table Clears the Dynamic Address table when checked.

128 128 CHAPTER 5: CONFIGURING WIRED PORTS Interface Specifies the interface for which the table is queried. There are two interface types from which to select. MAC Address Specifies the MAC address for which the table is queried. VLAN ID The VLAN ID for which the table is queried. Address Table Sort Key Specifies the means by which the Dynamic Address Table is sorted. The address table can be sorted by address, VLAN or interface.

129 6 AGGREGATING PORTS This section contains information for configuring Link Aggregation which optimizes port usage by linking a group of ports together to form a single LAG. Aggregating ports multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. The device supports both static LAGs and Link Aggregation Control Protocol (LACP) LAGs. LACP LAGs negotiate aggregating port links with other LACP ports located on a different device. If the other device ports are also LACP ports, the devices establish a LAG between them. Ensure the following: All ports within a LAG must be the same media type. A VLAN is not configured on the port. The port is not assigned to a different LAG. Auto-negotiation mode is not configured on the port. The port is in full-duplex mode. All ports in the LAG have the same ingress filtering and tagged modes. All ports in the LAG have the same back pressure and flow control modes. All ports in the LAG have the same priority. All ports in the LAG have the same transceiver type. The device supports up to 64 LAGs, and eight ports in each LAG. Ports can be configured as LACP ports only if the ports are not part of a previously configured LAG. Ports added to a LAG lose their individual port configuration. When ports are removed from the LAG, the original port configuration is applied to the ports. This section contains the following topics:

130 130 CHAPTER 6: AGGREGATING PORTS Configuring LACP Defining Link Aggregation Configuring LACP LAGs can contain different media types if the ports are operating at the same speed. Aggregated links can be set up manually or automatically established by enabling LACP on the relevant links. Aggregate ports can be linked into link-aggregation port-groups. Each group is comprised of ports with the same speed. To configure LACP Setup: 1 Click Wired Ports > LACP > Setup. The LACP Setup Page opens: Figure 61 LACP Setup Page The LACP Setup Page contains the following fields: LACP System Priority Specifies system priority value. The field range is The field default is 1. Port Displays the port number to which timeout and priority values are assigned. Port Priority Specifies port priority value. The field range is The field default is 1.

131 Configuring LACP 131 LACP Timeout Displays the administrative LACP timeout. Long Specifies a long timeout value. Short Specifies a short timeout value. To modify LACP for LAGs: 1 Click Wired Ports > LACP > Modify. The LACP Modify Page opens: Figure 62 LACP Modify Page The LACP Modify Page contains the following fields: Port Displays the port number to which timeout and priority values are assigned. LACP Port Priority Specifies port priority value. The field range is The field default is 1. LACP Timeout Displays the administrative LACP timeout. Long Specifies a long timeout value. Short Specifies a short timeout value. 2 Edit the Port Priority and LACP Timeout fields. 3 Click. The LACP settings are saved, and the device is updated.

132 132 CHAPTER 6: AGGREGATING PORTS Defining Link Aggregation This section contains the following topics: Configuring Link Aggregation Defining LAG Membership Configuring Link Aggregation The Link Aggregation Page optimizes port usage by linking a group of ports together to form a single LAG. Aggregating ports multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. To view Link Aggregation: 1 Click Wired Ports > Link Aggregation > Summary. The Link Aggregation Summary Page opens: Figure 63 Link Aggregation Summary Page The Link Aggregation Summary Page includes the following pages: LAG Displays the LAG for which the link aggregation parameters are defined. Description Displays a description of the configured LAG. Type Displays the current LAG type. Status Indicates the LAG status. The possible fields values are:

133 Configuring Link Aggregation 133 Up Indicates the LAG is active. Down Indicates the LAG is inactive. Speed Indicates the LAG speed. The possible fields values are: 10M Indicates the LAG is currently operating at 10 Mbps. 100M Indicates the LAG is currently operating at 100 Mbps. 1000M Indicates the LAG is currently operating at 1000 Mbps. Auto Negotiation Displays the auto negotiation status on the LAG. Auto negotiation is a protocol between two link partners that enables a LAG to advertise its transmission rate, duplex mode, and flow control abilities to its partner. Flow Control Displays the flow control status on the LAG. Operates when the LAG is in full duplex mode. To configure Link Aggregation: 1 Click Wired Ports > Link Aggregation > Setup. The Link Aggregation Setup Page opens: Figure 64 Link Aggregation Setup Page The Link Aggregation Setup Page includes the following pages: LAG Displays the LAG number.

134 134 CHAPTER 6: AGGREGATING PORTS Description Displays a description of the configured LAG. Type Displays the current LAG type. Admin Status Displays the LAG status. The possible fields values are: Up Indicates the LAG is active. Down Indicates the LAG is inactive. Current Status Indicates the current LAG status. Reactivate Suspended Select Reactivate Suspended field to return a suspended LAG to active status Operational Status Indicates whether the LAG is currently operational or non-operational. Admin Auto Negotiation Displays the LAG auto negotiation status. Auto negotiation is a protocol between two link partners that enables a LAG to advertise its transmission rate, duplex mode, and flow control abilities to its partner. Current Auto Negotiation Displays the current LAG auto negotiation status. Admin Advertisement Defines the auto negotiation setting the LAG advertises. The possible field values are: Max Capability Indicates that all LAG speeds and duplex mode settings are accepted. 10 Full Indicates that the LAG advertises for a 10 Mbps speed LAG and full duplex mode setting. 100 Full Indicates that the LAG advertises for a 100 Mbps speed LAG and full duplex mode setting Full Indicates that the LAG advertises for a 1000 Mbps speed LAG and full duplex mode setting. Current Advertisement Displays current auto negotiation setting that the LAG advertises. Neighbor Advertisement Indicates the neighboring port s advertisement settings. The field values are identical to the Admin Advertisement field value. Admin Speed Displays the configured rate for the LAG. The LAG type determines what speed setting options are available. LAG speeds

135 Configuring Link Aggregation 135 can only be configured when auto negotiation is disabled. The possible field values are: 10M Indicates the LAG is currently operating at 10 Mbps. 100M Indicates the LAG is currently operating at 100 Mbps. 1000M Indicates the LAG is currently operating at 1000 Mbps. Current Speed Displays the current LAG speed. Admin Flow Control Displays the flow control status on the LAG. Operates when the LAG is in full duplex mode. Current Flow Control Displays the current flow control status on the LAG. 2 Define the fields. 3 Click. Link Aggregation is configured, and the application is updated.

136 136 CHAPTER 6: AGGREGATING PORTS Defining LAG Membership The Link Aggregation Membership Page contains fields for configuring parameters for configured LAGs. The device supports up to eight ports per LAG, and eight LAGs per system. To define LAG Membership: 1 Click Wired Ports > Link Aggregation > Membership. The Link Aggregation Membership Page opens: Figure 65 Link Aggregation Membership Page The Link Aggregation Setup Page contains the following fields: LAG Specifies if the port is part of a LAG. LAG Name Displays the LAG name. LACP Displays the link operational status. Port List Displays the ports that can be assigned or removed from the LAG membership list. LAG Members Displays the ports which are currently configured to the LAG. 2 Define the fields. 3 Click. LAG Membership is established, and the device is updated.

137 Defining LAG Membership 137

138 7 CONFIGURING VLANS This section contains information for configuring VLANs. VLANs are logical subgroups with a Local Area Network (LAN) which combine user stations and network devices into a single unit, regardless of the physical LAN segment to which they are attached. VLANs allow network traffic to flow more efficiently within subgroups. VLANs use software to reduce the amount of time it takes for network changes, additions, and moves to be implemented. VLANs have no minimum number of ports, and can be created per unit, per device, or through any other logical connection combination, since they are software-based and not defined by physical attributes. VLANs function at Layer 2. Since VLANs isolate traffic within the VLAN, a Layer 3 router working at a protocol level is required to allow traffic flow between VLANs. Layer 3 routers identify segments and coordinate with VLANs. VLANs are Broadcast and Multicast domains. Broadcast and Multicast traffic is transmitted only in the VLAN in which the traffic is generated. VLAN tagging provides a method of transferring VLAN information between VLAN groups. VLAN tagging attaches a 4-byte tag to packet headers. The VLAN tag indicates to which VLAN the packets belong. VLAN tags are attached to the VLAN by either the end station or the network device. VLAN tags also contain VLAN network priority information. Combining VLANs and GARP (Generic Attribute Registration Protocol) allows network managers to define network nodes into Broadcast domains. This section contains the following topics: Defining VLAN Properties Defining VLAN Membership Defining VLAN Interface Settings

139 139 Defining Voice VLAN Defining GVRP

140 140 CHAPTER 7: CONFIGURING VLANS Defining VLAN Properties The VLAN Setup Summary provides information and global parameters on VLANS configured on the system. To view VLANs: 1 Click Policy > VLAN > Setup > Summary. The VLAN Setup Summary Page opens: Figure 66 VLAN Setup Summary Page The VLAN Setup Summary Page contains the following fields and buttons: Back Displays the following page of VLANs in the VLAN Summary table, if there is a page following the current page. Next Displays the previous page of VLANs in the VLAN Summary table, if there is a previous page. Go To Displays a specific page of VLANs in the VLAN Summary table. VLAN ID Displays the VLAN ID. The field range is VLAN Name Displays the user-defined VLAN name. Type Displays the VLAN type. The possible field values are:

141 Defining VLAN Properties 141 Dynamic Indicates the VLAN was dynamically created through GVRP. Static Indicates the VLAN is user-defined. Default Indicates the VLAN is the default VLAN. Authentication Indicates whether authentication is enabled for the specific VLAN ID. The possible field values are: Enabled Indicates authentication is disabled for the specified VLAN ID. Disabled Indicates authentication is enabled for the specified VLAN ID. The Setup Page creates VLANS on the system. To create VLANs: 1 Click Policy > VLAN > Setup > Setup. The VLAN Setup [Setup]Page opens: Figure 67 VLAN Setup [Setup]Page The Setup Page contains the following fields: VLAN ID Displays the VLAN ID. VLAN Name Displays the user-defined VLAN name. 2 Define the fields.

142 142 CHAPTER 7: CONFIGURING VLANS 3 Click. The VLANs are configured, and the device is updated. To edit VLAN Settings: 1 Click Policy > VLAN > Setup > Modify. The Modify VLAN Page opens: Figure 68 Modify VLAN Page The Modify VLAN Page contains the following fields: VLAN ID Displays the VLAN ID. VLAN Name Displays the user-defined VLAN name. Disable Authentication Indicates whether authentication is enabled for the specific VLAN ID. The possible field values are: Enable Indicates authentication is disabled for the specified VLAN ID. Disable Indicates authentication is enabled for the specified VLAN ID. 2 Modify the fields. 3 Click. The VLANs are configured, and the device is updated.

143 Defining VLAN Properties 143 To delete VLANs: 1 Click Policy > VLAN > Setup > Remove. The VLAN Remove Page opens: Figure 69 VLAN Remove Page The VLAN Remove Page contains the following fields: Remove Removes a specific VLAN. The possible field values are: Checked Removes the selected VLAN entries. Unchecked Maintains the current VLAN entries. VLAN ID Displays the VLAN ID. VLAN Name Displays the user-defined VLAN name. Type Indicates the if the VLAN was dynamically or statically created. Authentication Indicates whether authentication is enabled for the specific VLAN ID. The possible field values are: Enabled Indicates authentication is disabled for the specified VLAN ID. Disabled Indicates authentication is enabled for the specified VLAN ID. 2 Select the VLAN ID to be deleted. 3 Click. The selected VLANs are deleted, and the device is updated.

144 144 CHAPTER 7: CONFIGURING VLANS Defining VLAN Membership The VLAN Membership Summary Page contains a table that maps VLAN parameters to ports. Ports are assigned VLAN membership by toggling through the Port Control settings. To define VLAN Membership: 1 Click Policy > VLAN > Membership > Summary. The VLAN Membership Summary Page opens: Figure 70 VLAN Membership Summary Page The VLAN Membership Summary Page contains the following fields: VLAN ID Displays the user-defined VLAN ID. VLAN Name Displays the name of the VLAN VLAN Type Indicates the VLAN type. The possible field values are: Dynamic Indicates the VLAN was dynamically created through GARP. Static Indicates the VLAN is user-defined. Default Indicates the VLAN is the default VLAN. Port Indicates the port membership.

145 Defining VLAN Membership 145 LAG Indicates the LAG membership. Interface Displays the port or LAG number included in the VLAN. Interface Status Displays the port-based for each Interface. The Membership Modify Page contains a table that maps VLAN parameters to ports. Ports are assigned VLAN membership by toggling through the Port Control settings. To modify VLAN Membership: 1 Click Policy > VLAN > Membership > Modify. The VLAN Membership Modify Page opens: Figure 71 VLAN Membership Modify Page The VLAN Membership Modify Page contains the following fields: VLAN ID Displays the user-defined VLAN ID. VLAN Name Displays the name of the VLAN Interface Displays the port or LAG number included in the VLAN. Interface Status Displays the port-based for each Interface.

146 146 CHAPTER 7: CONFIGURING VLANS Exclude Excludes the interface from the VLAN. However, the interface can be added to the VLAN through GARP. Forbidden Denies the interface VLAN membership, even if GARP indicates the port is to be added. Tagged Indicates the interface is a tagged member of a VLAN. All packets forwarded by the interface are tagged. The packets contain VLAN information. Untagged Indicates the interface is a untagged member of the VLAN. 2 Modify the fields. 3 Click. VLAN membership is modified, and the device is updated.

147 Defining VLAN Interface Settings 147 Defining VLAN Interface Settings The VLAN contains fields for managing ports that are part of a VLAN. The Port Default VLAN ID (PVID) is configured on the VLAN Interface Settings Modify Page. All untagged packets arriving at the device are tagged with the port PVID. To view VLAN Settings: 1 Click Policy > VLAN > Interface Settings > Summary. The VLAN Interface Settings Summary Page opens: Figure 72 VLAN Interface Settings Summary Page The VLAN Interface Settings Summary Page contains the following fields: Port Displays the port interface settings. LAG Displays the LAG interface settings. Interface Displays the port number or LAG number included in the VLAN. Interface VLAN Mode Displays the interface mode. The possible values are: General Indicates the port belongs to VLANs, and each VLAN is user-defined as tagged or untagged (full IEEE802.1q mode).

148 148 CHAPTER 7: CONFIGURING VLANS Access Indicates a port belongs to a single untagged VLAN. When a port is in Access mode, the packet types which are accepted on the port cannot be designated. Ingress filtering cannot be enabled or disabled on an access port. Trunk Indicates the port belongs to VLANs in which all ports are tagged, except for one port that can be untagged. PVID Assigns a VLAN ID to untagged packets. The possible values are VLAN 4095 is defined as per standard and industry practice as the Discard VLAN. Packets classified to the Discard VLAN are dropped. Frame Type Specifies the packet type accepted on the port. The possible field values are: Admit Tag Only Only tagged packets are accepted on the port. Admit All Both tagged and untagged packets are accepted on the port. Ingress Filtering Indicates whether ingress filtering is enabled on the port. The possible field values are: Enable Enables ingress filtering on the device. Ingress filtering discards packets that are defined to VLANs of which the specific port is not a member. Disable Disables ingress filtering on the device.

149 Defining VLAN Interface Settings 149 To modify VLAN Interfaces: 1 Click Policy > VLAN > Interface Settings > Modify. The VLAN Interface Settings Modify Page opens: Figure 73 VLAN Interface Settings Modify Page The VLAN Interface Settings Modify Page contains the following fields: Interface Displays the port or LAG number included in the VLAN. Port VLAN Mode Displays the port mode. The possible values are: General Indicates the port belongs to VLANs, and each VLAN is user-defined as tagged or untagged (full IEEE802.1q mode). Access Indicates a port belongs to a single untagged VLAN. When a port is in Access mode, the packet types which are accepted on the port cannot be designated. Ingress filtering cannot be enabled or disabled on an access port. Trunk Indicates the port belongs to VLANs in which all ports are tagged, except for one port that can be untagged. PVID Assigns a VLAN ID to untagged packets. The possible values are VLAN 4095 is defined as per standard and industry practice as the Discard VLAN. Packets classified to the Discard VLAN are dropped.

150 150 CHAPTER 7: CONFIGURING VLANS Frame Type Specifies the packet type accepted on the port. The possible field values are: Admit Tag Only Only tagged packets are accepted on the port. Admit All Both tagged and untagged packets are accepted on the port. Ingress Filtering Indicates whether ingress filtering is enabled on the port. The possible field values are: Enable Enables ingress filtering on the device. Ingress filtering discards packets that are defined to VLANs of which the specific port is not a member. Disable Disables ingress filtering on the device. 2 Define the fields. 3 Click. The VLAN interface settings are defined, and the device is updated.

151 Defining GVRP 151 Defining GVRP GARP VLAN Registration Protocol (GVRP) is specifically provided for automatic distribution of VLAN membership information among VLAN-aware bridges. GVRP allows VLAN-aware bridges to automatically learn VLANs to bridge ports mapping, without having to individually configure each bridge and register VLAN membership. The GVRP Summary Page displays the GVRP configuration for ports and LAGS. To view GVRP Settings: 1 Click Policy > VLAN > GVRP > Summary. The GVRP Summary Page opens: Figure 74 GVRP Summary Page The GVRP Summary Page contains the following fields: GVRP Global Status Indicates if GVRP is enable on the device. The possible field values are: Enable Enables GVRP on the device. Disable Disables GVRP on the device. This is the default value.

152 152 CHAPTER 7: CONFIGURING VLANS Ports Displays the GVRP port configuration. LAGs Displays the GVRP LAGs configuration. GVRP State Indicates if GVRP is enabled on the selected interface. The possible field values are: Enable Enables GVRP on the interface. Disable Disables GVRP on the interface. This is the default value. Dynamic VLAN Creation Indicates if Dynamic VLAN creation is enabled on the interface. The possible field values are: Enabled Enables Dynamic VLAN creation on the interface. Disabled Disables Dynamic VLAN creation on the interface. GVRP Registration Indicates if VLAN registration through GVRP is enabled on the device. The possible field values are: Enabled Enables GVRP registration on the device. Disabled Disables GVRP registration on the device. To configure GVRP: 1 Click Policy > VLAN > GVRP > Modify. The GVRP Modify Page opens: Figure 75 GVRP Modify Page The GVRP Modify Page contains the following fields:

153 Defining GVRP 153 Interface Displays the port or LAG drop-down list. GVRP State Indicates if GVRP is enabled on the selected interface. The possible field values are: Enable Enables GVRP on the interface. Disable Disables GVRP on the interface. This is the default value. Dynamic VLAN Creation Indicates if Dynamic VLAN creation is enabled on the interface. The possible field values are: Enable Enables Dynamic VLAN creation on the interface. Disable Disables Dynamic VLAN creation on the interface. GVRP Registration Indicates if VLAN registration through GVRP is enabled on the device. The possible field values are: Enable Enables GVRP registration on the device. Disable Disables GVRP registration on the device. 2 Define the fields. 3 Click. GVRP is enabled, and the device is updated.

154 154 CHAPTER 7: CONFIGURING VLANS Defining Voice VLAN Voice VLANs allows network administrators enhance VoIP service by configuring access ports to carry IP voice traffic from IP phones on specific VLANs. Network Administrators can configure VLANs on which voice IP traffic is forwarded. Non-VoIP traffic is dropped from the Voice VLAN. Voice VLAN also provides QoS to VoIP, ensuring that the quality of sounds does not deteriorate if the IP traffic is received unevenly. The system currently supports one voice VLAN. When configuring Voice VLAN, ensure the following: IP phones are configured with VLAN-mode as enabled, ensuring that tagged packets are used for all communications. If the IP phone s VLAN-mode is disabled, the phone uses untagged packets. The phone uses untagged packets while retrieving the initial IP address through DHCP. The phone eventually use the Voice VLAN and start sending tagged packets. The Voice VLAN Page contains the following fields: To configure Voice VLANs: 1 Click Policy > Voice VLAN. The Voice VLAN Page opens: Figure 76 Voice VLAN Page The Voice VLAN Page contains the following fields:

155 Defining Voice VLAN 155 Activate Activates voice VLAN on the device. Voice VLAN is disabled by default. Port Indicates the ports which are members of the voice VLAN. Only ports which were defined in the VLAN membership page, are active. Secured Indicates if secure ports drop all non-voice IP traffic. The possible field values are: Checked Indicates that all ports are secured, and all non-voice IP traffic originating from the port is dropped from the VLAN. Unchecked Permits all non VoIP traffic on the VLAN with high-priority.

156 8 DEFINING WLAN This section contains information for configuring WLANs. A Wireless Local Area Network (WLAN) is a technology that provides network services using radio waves. WLAN provides wireless network service connections to all users within a defined service area. WLAN users are connected to the network via the access points. Access Points act as communication hubs for wireless networks. In additional, access points provide both encryption and bridging between and ethernet points. Access points also extend the physical size of wireless networks. When several access points are grouped, they allow network users to roam. This section includes the following topics: Defining Wireless Access Points Defining Wireless Security Configuring Wireless Access Point Security Defining Wireless Rogue Handling Mitigating Rogue Handling Defining Wireless Radio Settings Defining b/g Radio Settings Managing VAPs Configuring Radio a Settings Defining Radio a Settings Viewing WLAN Profiles Defining WLAN Profiles Modifying WLAN Profiles Removing WLAN Profiles Viewing WLAN Stations

157 Defining Wireless Access Points 157 Removing WLAN Stations Defining WLAN Power Settings Defining Wireless Access Points This section contains information for configuring and viewing general WLAN parameters. The Wireless Access Point Summary Page displays information regarding the currently configured access points including IP Address, MAC address, the type and radio configuration and the current access point status. Ensure that the Wireless Controller Software (WCS) has been activated. To view Wireless Access Points: 1 Click Wireless > Access Point > Summary. The Wireless Access Point Summary Page opens: Figure 77 Wireless Access Point Summary Page The Wireless Access Point Summary Page contains the following fields: Display Displays access points according to categories. The possible field values are: Discovered APs Displays the discovered access points. Active APs Displays the activated access points.

158 158 CHAPTER 8: DEFINING WLAN All Displays the access points on the network. Name Displays the user-defined access point name. IP Address Displays the IP Address assigned to the access point. MAC Address Displays the MAC Address assigned to the access point. Type Displays the antenna type. Radios Indicates the radio transceiver type. The field values are: A Indicates the radio type is a. G Indicates the radio type is g. b/g Indicates the radio type is b/g. n Indicates the radio type is n. Channel Displays the access point channel used. State Displays the selected access point transceiver s status. The possible field values are: Discovered Indicates access point was discovered, but was not activated by the user. Activated Indicates access point is currently active.

159 Defining Wireless Access Points 159 To configure Wireless Access Points: 1 Click Wireless > Access Point > Setup. The Wireless Access Point Setup Page opens: Figure 78 Wireless Access Point Setup Page The Wireless Access Point Setup Page contains the following fields: Access Point Displays the current Access Points. Activation State Indicates the access point state. The possible field values are: Activated Indicates access point is currently active. Discovered Indicates access point was discovered, but was not activated by the user. Name Displays the user-defined access point name. Radio b/g Enables High-frequency and longer transmission ranges. Radio a Enables radio a transmissions. 2 Define the fields. 3 Click. The Access Point is enabled, and the device is updated.

160 160 CHAPTER 8: DEFINING WLAN To Reset Access Points: 1 Click Wireless > Access Point > Reset. The Wireless Access Point Reset Page opens: Figure 79 Wireless Access Point Reset Page The Wireless Access Point Reset Page contains the following fields: Access Point Contains a list of either the user-defined access points or the MAC address assigned to wireless networks. All Resets all the access points. 2 Reset Resets the selected device.select the Access Point to be Reset. Click. The Access Point is reset, and the device is updated.

161 Defining Wireless Access Points 161 To remove Wireless Access Points: 1 Click Wireless > Access Point > Remove. The Wireless Access Point Setup Page opens: Figure 80 Wireless Access Point Remove Page The Wireless Access Point Remove Page contains the following fields: Display Displays the current Access Points. The optional displays are: All Displays all Access Points. Discovered APs Displays discovered Access Points. Active APs Displays active Access Points. Name Displays the user-defined access point name. IP Address Displays the IP Address assigned to the access point. MAC Address Displays the MAC Address assigned to the access point. Type Displays the antenna type. Radios Indicates the radio transceiver type. The field values are: A Indicates the radio type is a. G Indicates the radio type is g.

162 162 CHAPTER 8: DEFINING WLAN b/g Indicates the radio type is b/g. n Indicates the radio type is n. Channel Displays the access point channel used. State Displays the selected access point transceiver s status. The possible field values are: Discovered Indicates access point was discovered, but was not activated by the user. Activated Indicates access point is currently active. 2 Define the fields. 3 Click. The Access Point is enabled, and the device is updated. Defining Wireless Security The Wireless Configuration section in the wizard provides information for configuring Extended Service Sets (ESS). ESS are the primary method of organizing access points, security, and VLANs in a WLAN network. An ESS are a group of access points that share the same Service Set Identification (SSID). APs announce their ESS membership by SSID parameter via Beacon frames. When stations roam between the same ESS APs, stations remain connected to the same wired network domain. Since the station remains in the same broadcast domain and IP subnet, the station retains the same IP address while roaming between the same ESS APs. Configuring Wireless Access Point Security The Wireless Setup Wizard provides the option to configure access point security as part of the device s Setup wizard. The wireless configuration following the stage of configuring the basic IP Interfaces and is saved at the end of the process. To configure Access Point Security: The Access Point security is configured through the Setup Wizard that appears within the Device Summary Link.

163 Configuring Wireless Access Point Security 163 Note: The Wireless Configuration Page appears only if the Master Radio Enable checkbox was selected on the System Setup Page. 1 Click Device Summary > Wizard > Wireless Configuration. The Wireless Configuration Page opens: Figure 81 Wireless Configuration Page The Wireless Configuration Page contains the following fields: Enabled Enables the SSID configuration. SSID Name Displays the Service Set Identifier SSID for the ESS. SSIDs act as a password when a mobile device attempts to connect to the BSS. SSIDs differentiates between WLANs, therefore all access points and devices which comprise the specific WLAN must have the same SSID. Devices not providing a unique SSID are denied network access. Each SSID must be unique, and can contain up-to 32 characters. Security Type Displays the WLAN security type. The possible field values are: Open Enables open system authentication without encryption. WEP Indicates that Wired Equivalent Privacy (WEP) is the selected WLAN security method. WEP provides the same security

164 164 CHAPTER 8: DEFINING WLAN level as a wired LAN. WEP encrypts data over radio waves during the packet transmission. WEP keys are 40 bit or 104 bit encryption keys. WPA-PSK Indicates that Wi-Fi Protected Access (WPA) is the selected WLAN security method. WPA is based on WEP, but provides enhanced encryption using Temporal Key Integrity Protocol (TKIP). In addition, WPA improves authentication using EAP. EAP ensures that only authorized network users access the network though secure encryption systems. WPA2-PSK Indicates that WPA2-PSK is the selected WLAN security method. WPA2-PSK improves system security by encrypting signals at a higher bit rates. Passphrase/Key Indicates the encryption key type. 2 Define the fields. 3 Click. The Wireless Configuration is saved at the end of the wizard setup, and the device is updated. Defining Wireless Rogue Handling Access points are constantly scanning wireless channels. Scanning occurs while WLAN stations are being serviced. The WLAN rogue contains information for viewing WLAN rogue statistics. Access points then report the discovered neighbors to the system. The system filters the information and looks for rogue neighbors or known SSIDs. Access points are considered rouges if: An issue occurs in the security configuration. The access point is located in an Ad-hoc network. A Organizationally Unique Identifier (OUI) is detected in the rogue BSSID. WLAN rogues can cause disrupt WLAN service, in addition, stations which are connected to the rogue AP are disconnected.

165 Defining Wireless Rogue Handling 165 To configure Rogue Handling: 1 Click Wireless > Rogue Handling > Setup. The Rogue Handling Setup Page opens: Figure 82 Rogue Handling Setup Page The Rogue Handling Setup Page contains the following fields: Access Point Contains a list of either the user-defined access points or the MAC address assigned to wireless networks. Scanning Interval Indicates the scanning Intervals. The possible field values are: Long Scans for rouges at 240 second intervals. Short Scans for rouges at 20 second intervals. Medium Scans for rouges at 150 second intervals. Detect on Radio b/g Enables Rogue Detection on the Radio b/g range. Detect on Radio a Enables Rogue Detection on Radio a range. 2 Select the Access Point to be configured. 3 Enable Radio b/g or Radio a Rogue Handling detection.

166 166 CHAPTER 8: DEFINING WLAN 4 Click. Rouge Handling is enabled, and the device is updated. To view Wireless Rogue Handling: 1 Click Wireless > Rogue Handling > Display. The Rogue Handling Display Page opens: Figure 83 Rogue Handling Display Page The Rogue Handling Display Page contains the following fields: Sort by Defines the parameter that will be applied to displaying the table. The possible field values are: SSID Sorts according to the access point Service Set IDentifier (SSID) associated with the rogue. The SSID is the name of the ESS to which the transceiver belongs. Status Sorts according to the Rogue status. Mac Address Sorts according to the MAC address associated with the rogue WLAN device. Radio Sorts according to the selected Radio Interface. Last Time Heard Sorts according to the last time the rogue was detected on wireless network. Channel Sorts according to the access point channel used from which the rogue is transmitting.

167 Defining Wireless Rogue Handling 167 Status Defines the Rogue status. The possible field values are: Known Indicates the rogue is known to the system. Unknown Indicates the rogue is unknown to the system. 2 Select an Access Point to from the List. 3 Click. The table information is cleared. 4 Select a field from the Sort by drop-down list. 5 Once the detected access points appears in the table, define the Status for each access point. 6 Click. The table is updated, and the device is updated.

168 168 CHAPTER 8: DEFINING WLAN Mitigating Rogue Handling The Rogue Handling Mitigate Page allows network managers to configure WLAN mitigation. Deleting a rogue AP does not mitigate or suppress the rogue. If the rogue AP is still physically present and active, it will still appear in the Rogue Access Point list after scanning for rogue APs. To configure Rogue Mitigation: 1 Click Wireless > Rogue Handling > Mitigate. The Rogue Handling Mitigate Page opens: Figure 84 Rogue Handling Mitigate Page The Rogue Handling Mitigate Page contains the following fields: Sort by Defines the parameter that will be applied to displaying the table. The possible field values are: SSID Sorts according to the access point Service Set IDentifier (SSID) associated with the rogue. The SSID is the name of the ESS to which the transceiver belongs. Status Sorts according to the Rogue status. Mac Address Sorts according to the MAC address associated with the rogue WLAN device. Radio Sorts according to the selected Radio Interface.

169 Defining Wireless Radio Settings 169 Last Time Heard Sorts according the last time the rogue was detected on wireless network. Channel Sorts according to the access point channel used from which the rogue is transmitting. Mitigate Sorts by mitigated access point channels. 2 Select an option from Sort by drop-down list to display the table. 3 Once the table appears, select the check box to enable mitigation for each access point. 4 Click. The Mitigation table is updated, and the device is updated. Defining Wireless Radio Settings Defining b/g Radio Settings Access Points can have up-to two radio interfaces. However, each radio interface is configured and controlled separately. Radio interfaces inherit the common configuration parameters from the ESS configuration. This section contains information for defining WLAN Radio settings, and includes the following topics: Defining b/g Radio Settings Configuring Radio a Settings WLAN communications are transmitted via radio waves. The Defining b/g Radio Settings allows network managers to configure WLAN Radio settings for transmitting WLAN communications.

170 170 CHAPTER 8: DEFINING WLAN To view Radio b/g Settings: 1 Click Wireless > Radio b/g > Summary. The b/g Radio Summary Page opens: Figure b/g Radio Summary Page The b/g Radio Summary Page contains the following fields: Access Point Name Displays the specific access point to which the radio settings are assigned. VAP Displays the virtual access point number. SSID Broadcast Indicates SSID Broadcasting is enabled. SSID Broadcasting allows access points to advertise their presence several times per second by broadcasting beacon frames that carry the SSID Name. BSSID Defines the Basic Service set by SSID. Profile Displays the Profile Name. 2 Select the Access Point to be displayed from the drop-down list.

171 Defining Wireless Radio Settings 171 To configure the Radio b/g Settings: 1 Click Wireless > Radio b/g > Setup. The Radio b/g Setup Page opens: Figure 86 Radio b/g Setup Page The Radio b/g Setup Page contains the following fields: Access Point Displays the specific access point to which the radio settings are assigned. RTS Threshold Defines the Request-to-Send (RTS) Threshold that reduces collisions when multiple stations are within a specific common access point range but outside range of each other. Beacon Interval Indicates the access point beacon transmission rates. Short Preamble Indicates that a short preamble is enabled. Radio preambles contain data that the access point and the client devices use for sending and receiving packets. A short preamble improves the system s performance. Power Level Indicates the access point s power settings. The possible field values are: Max Defines a Maximum power setting relative to the selected country s device power regulations. Half Defines half of the maximum power relative to the selected country s device power regulations.

172 172 CHAPTER 8: DEFINING WLAN Quarter Defines a quarter of the maximum power relative to the selected country s device power regulations. Eighth Defines an eighth of the maximum power relative to the selected country s device power regulations. Minimum Sets the power to the minimum power settings relative to the selected country s device power regulations. Auto-Channel Enables access point channeling. Channel Displays the user-defined channel. 2 Select the Access Point. 3 Select the relevant Radio b/g fields. 4 Click. The Radio b/g option is enabled, and the device is updated. Managing VAPs VAPs are virtual access points and are based on (VAP) technology on a, b and g standards. VAP enables a single device to be divided, with each layer being assigned different usage rights.

173 Defining Wireless Radio Settings 173 To Manage VAPs: 1 Click Wireless > Radio b/g > Manage VAPs. The Radio b/g Manage VAPs Page opens: Figure 87 Radio b/g Manage VAPs Page The Radio b/g Manage VAPs Page contains the following fields: Access Point Name Displays the specific access point to which the radio settings are assigned. Remove Removes VAP management for the specific VAP. Select Enables VAP management for the specific VAP. VAP Displays the VAP (Virtual Access Point). BSSID Defines the Basic Service set by the SSID. Suppress SSID Broadcast Enables SSID Broadcast Suppression. Profile Displays the Profile Name. Radio Type Displays the radio type attached to the BSS. The possible field values are:

174 174 CHAPTER 8: DEFINING WLAN g Indicates that the radio attached to the BSS in g b/g Indicates that the radio attached to the BSS in b/g. Data Rate Indicates the rate at which data is transferred.. The data rage can help ensure the link quality between the client device and the access point. The default wireless data rates are 1, 2, 5.5, and 11Mbps. The possible field values are: Mandatory Indicates the device must transmit or communicate at this data rate. Optional Indicates the device can communicate at this date rate, but does not transmit at the selected data rate. Not Allowed Indicates the device cannot transmit or communicate at this data rate. 2 Select the Access Point to be configured. 3 Define the fields. 4 Click. VAP Management is enabled, and the device is updated. Configuring Radio a Settings WLAN communications are transmitted via radio waves. The Radio a Summary Page allows network managers to configure WLAN Radio settings for transmitting WLAN communications.

175 Configuring Radio a Settings 175 To view Radio a Settings: 1 Click Wireless > Radio a > Summary. The Radio a Summary Page opens: Figure 88 Radio a Summary Page The Radio a Summary Page contains the following fields: Access Point Name Displays the specific access point to which the radio settings are assigned. DFS Status Indicates the current Dynamic Frequency Selection (DFS) status. DFS permits the system to scan and switch to different channels. DFS listens for signals and monitors operating spectrums. IF DFS detects a signal, the channel associated with the signal is vacated or tagged as unavailable. The possible field values is: Scanning Indicates the system is currently scanning channels. VAP Displays the Virtual Access Point number. SSID Broadcast Indicates that SSID Broadcasting is enabled. BS SID Defines the Basic Service set by the SSID. Profile Displays the Profile Name. Select the access point to be displayed from the drop-down list.

176 176 CHAPTER 8: DEFINING WLAN Defining Radio a Settings To configure Radio a Settings: 1 Click Wireless > Radio a > Setup. The Radio a Setup Page opens: Figure 89 Radio a Setup Page The Radio a Setup Page contains the following fields: Access Point Name Displays the specific access point to which the radio settings are assigned. RTS Threshold Defines the Request-to-Send (RTS) Threshold that reduces collisions when multiple stations are within a specific common access point range but outside range of each other. Beacon Interval Indicates the access point beacon transmission rates. Power Level Indicates the access point s power setting. The possible field values are:

177 Managing VAPs 177 Max Defines a Maximum power setting relative to the selected country s device power regulations. Half Defines half of the maximum power relative to the selected country s device power regulations. Quarter Defines a quarter of the maximum power relative to the selected country s device power regulations. Eighth Defines an eighth of the maximum power relative to the selected country s device power regulations. Minimum Sets the power to the minimum power settings relative to the selected country s device power regulations. Auto-Channel Enables the access point channeling. Channel Displays the user-defined access point channel. 2 Select the Access Point. 3 Define the Radio a fields. 4 Click. The Radio a option is enabled, and the device is updated. Managing VAPs VAPs are virtual access points and is based on (VAP) technology on a, b and g standards. VAP enables a single device to be divided, with each layer being assigned different usage rights.

178 178 CHAPTER 8: DEFINING WLAN To manage VAPs: 1 Click Wireless > Radio a > Manage VAPs. The Radio a Manage VAPs Page opens: Figure 90 Radio a Manage VAPs Page The Radio a Manage VAPs Page contains the following fields: Access Point Name Displays the specific access point to which the radio settings are assigned. Remove Removes VAP management for the specific VAP. Select Enables VAP management for the specific VAP. VAP Displays the VAP (Virtual Access Point). VAP Enabled Enables VAP management. BSSID Defines the Basic Service set by the SSID. Suppress SSID Broadcast Enables SSID Broadcast Suppression. Profile Displays the Profile Name. Radio Type Displays the radio type attached to the BSS. The possible field values are:

179 Viewing WLAN Profiles a Indicates that the radio attached to the BSS in a. Data Rate - Indicates the rate at which data is transferred.. The data rage can help ensure the link quality between the client device and the access point. The default wireless data rates are 1, 2, 5.5, and 11Mbps. The possible field values are: Mandatory Indicates the device must transmit or communicate at this data rate. Optional Indicates the device can communicate at this date rate, but does not transmit at the selected data rate. Not Allowed Indicates the device cannot transmit or communicate at this data rate. Viewing WLAN Profiles The Profiles Summary Page allows network managers to define profiles and rules for accessing the device. Just one profile can be defined per ESS and contains configurations of security type, MAC address filtering, load

180 180 CHAPTER 8: DEFINING WLAN balancing, QoS and VLAN are belonged to this ESS. Viewing Wireless Profiles: 1 Click Wireless > Profiles> Summary. The Profiles Summary Page Profiles Summary Page opens: Figure 91 Profiles Summary Page Profile Name SSID Displays the Profile Name. QoS Mode Determines the QoS mode on the interface. The possible values are: WMM Indicates that QoS is enabled for Wi-Fi Multimedia (EDCF). None Indicates that QoS mode is disabled. MAC Address Control Status Indciates the MAC address control status. Security Suite Defines the WLAN Security method applied. VLAN Defines the VLAN associated with the access point.

181 Defining WLAN Profiles 181 Defining WLAN Profiles To configure WLAN profiles: 1 Click Wireless > Profiles > Setup. The Profiles Summary Page Profiles Setup Page opens: Figure 92 Profiles Setup Page The Profiles Setup Page contains the following fields: Profile Name (SSID) Displays the user-defined WLAN profile name. Profile Name Index Displays the WLAN profile index.

182 182 CHAPTER 8: DEFINING WLAN Modifying WLAN Profiles To Modify the Profiles Page: 1 Click Wireless > Profiles > Modify. The Profiles Modify Page Profiles Modify Page opens: Figure 93 Profiles Modify Page The Profiles Modify Page contains the following fields: Profile Name (SSID) Displays the user-defined WLAN profile name. Rename SSID Enables renaming of SSID. Load Balancing Enables the even distribution of data or processing packets across available network resources. For example, load balancing may distribute the incoming packets evenly to all servers, or redirect the packets to the next available server. Disable Indicates that load balancing is not enabled for the wireless network. If load balancing is not enabled, the system autonomously provides services to stations. However, this may result in uneven stations distribution between AP.

183 Modifying WLAN Profiles 183 At Association Enables load balancing with the associated station. Stations can be moved to an adjacent access point when load balancing is set to At Association. Services are assigned when the stations associate with the access point. If there is a access point which is not as busy, the station to access point association is rejected. Periodically Enables load balancing to occur at a fixed time period. Stations are moved to less busy APs in the ESS based on load balancing periods. QoS Mode Determines the QoS mode on the interface. The possible values are: WMM Indicates that QoS is enabled for Wi-Fi Multimedia (EDCF). None Indicates that QoS mode is disabled. VLAN Displays the VLAN mapped to the SSID. Security Type Defines the WLAN Security type. The security type options are: Open Enables open system authentication without encryption. WEP Indicates that Wired Equivalent Privacy (WEP) is the selected WLAN security method. WEP provides the same security level as a wired LAN. WEP encrypts data over radio waves during the packet transmission. WEP keys are 40 bit or 104 bit encryption keys. Open WEP Enables Open WEP. Open WEP authenticates only with WEP encryption. Open-WEP, shared WEP, and Open-shared-WEP security suites cannot be enabled simultaneously. Shared WEP Enables Shared WEP. Shared authentication only with WEP encryption. Open-Shared WEP Enables Shared WEP. Open or shared authenticates with WEP encryption. Key Input Indicates the key type used for authentication. The possible field values are: Hex Authenticates using an Hex key. One hexadecimal character is 4 bits.

184 184 CHAPTER 8: DEFINING WLAN ASCII Authenticates using an ASCII key. Each letter, number, or symbol, is 8 bits. WEP Key Indicates the WEP key used for authentication. WPA Indicates that Wi-Fi Protected Access (WPA) is the selected WLAN security method. WPA is based on WEP, but provides enhanced encryption using Temporal Key Integrity Protocol (TKIP). In addition, WEP improves authentication using EAP. EAP ensures that only authorized network users access the network though secure encryption systems. WPA2-PSK Indicates that WPA2-PSK is the selected WLAN security method. Network Key Indicates that network key is the selected WLAN security method. WPA2-PSK Indicates that WPA2-PSK is the selected WLAN security method. WPA2-PSK improves system security by encrypting signals at a higher bit rates. Network Key Indicates that network key is the selected WLAN security method X Indicates that 802.1x authentication is enabled. MAC Address Control List Displays the MAC addresses on which the WLAN profile is enabled. Disable Disables source MAC address filtering on an ESS. Deny Denies stations with a MAC address in the MAC-address-filtering list. Permit Permits only stations with a MAC address in the MAC-address-filtering list Add MAC Address Allows network managers to create new MAC address for filtering. New MAC Address Creates a new MAC address for filtering. Select from List Allows network managers to select a previously created MAC address from the list. Remove Selected MAC Address Deletes MAC addresses.

185 Removing WLAN Profiles 185 Removing WLAN Profiles The Profiles Remove Page allows network managers to delete profiles and rules for accessing the device. Deleting Wireless Profiles: 1 Click Wireless > Profiles > Remove. The Profiles Summary Page Profiles Remove Page opens: Figure 94 Profiles Remove Page The Profiles Remove Page contains the following fields: Profile Name SSID Displays the Profile Name. QoS Mode Determines the QoS mode on the interface. The possible values are: WMM Indicates that QoS is enabled for Wi-Fi Multimedia (EDCF). None Indicates that QoS mode is disabled. MAC Address Control Status Indciates the MAC address control status. Security Suite Defines the WLAN Security method applied. VLAN Defines the VLAN associated with the access point.

186 186 CHAPTER 8: DEFINING WLAN Viewing WLAN Stations The Wireless Stations Summary Page provides information to network manager regarding the stations associated with the access point. To view the WLAN stations: 1 Click Wireless > Stations > Summary. The Wireless Stations Summary Page opens: Figure 95 Wireless Stations Summary Page The Wireless Stations Summary Page contains the following fields: MAC Address Displays the MAC address attached to the WLAN station. Type Displays the WLAN IP Address Displays the WLAN station s IP address. State Indicates the station s current status. The possible field values are: Associated Indicates that the station is currently associated with the wireless network but has not been authorized and authenticated. Authorized Indicates that the station is currently in the authorization process and waiting for authentication.

187 Removing WLAN Stations 187 Authenticated Indicates that the station has been authenticated. Access Point Displays the access point associated with the wireless station. SSID Displays the SSID associated with the wireless network. Security Displays Security suite used to protect station communications. VLAN Displays the VLAN on which the WLAN station is located. Session Time Indicates the amount of time the station has been connected to the access point. Removing WLAN Stations The Removing WLAN Stations page provides information to network manager regarding removing stations associated with the access point. To remove WLAN stations Figure 96 Removing Wireless Stations Page: The Removing WLAN Stations page contains the following fields:

188 188 CHAPTER 8: DEFINING WLAN Remove Removes stations associated with the access point. The possible field values for: Checked Removes the selected WLAN stations Unchecked Maintains the WLAN stations. MAC Address Displays the MAC address attached to the WLAN station. Type Displays the WLAN station type. IP Address Displays the WLAN station s IP address. State Indicates the station s current status. The possible field values are: Associated Indicates that the station is currently associated with the wireless network but has not been authorized and authenticated. Authorized Indicates that the station is currently in the authorization process and waiting for authentication. Authenticated Indicates that the station has been authenticated. Access Point Displays the access point associated with the wireless station. SSID Displays the SSID associated with the wireless network. Security Displays Security suite used to protect station communications. VLAN Displays the VLAN on which the WLAN station is located. Session Time Indicates the amount of time the station has been connected to the access point.

189 Defining WLAN Power Settings 189 Defining WLAN Power Settings The WLAN Radio Power Settings Page allows network managers to define WLAN radio power settings. To define WLAN radio power settings: 1 Click Wireless > Power Settings. The WLAN Radio Power Settings Page opens: Figure 97 WLAN Radio Power Settings Page The WLAN Radio Power Settings Page contains the following fields: Auto Adjust Signal Strength Enables adjusting the target signal strength received by closest access point. The possible field values are: Checked Enables automatic signal adjustments. Unchecked Disables automatic signal adjustments.

190 9 CONFIGURING IP INFORMATION This section contains information for defining IP interfaces, and includes the following sections: Defining IP Addressing Configuring ARP Configuring Address Tables

191 Defining IP Addressing 191 Defining IP Addressing The IP Interface Setup Page contains fields for assigning IP addresses. Packets are forwarded to the default IP when frames are sent to a remote network. The configured IP address must belong to the same IP address subnet of one of the IP interfaces. To define an IP interface: 1 Click Administration > IP Addressing > IP Interface > Setup. The IP Interface Setup Page opens: Figure 98 IP Interface Setup Page The IP Interface Setup Page contains the following fields: Configuration Method Indicates if the IP address has been configured statically or added dynamically. The possible field values are: Static Indicates that the IP Interface is configured by the user. DHCP Indicates that the IP Interface is dynamically created. IP Address Displays the currently configured IP address. Subnet Mask Displays the currently configured IP address mask. Default Gateway Displays the currently configured default gateway. 2 Select Manual or DHCP mode.

192 192 CHAPTER 9: CONFIGURING IP INFORMATION 3 If Manual has been selected, configure the IP Address, Subnet Mask and Default Gateway. 4 Click. The IP configuration is enabled, and the device is updated.

193 Configuring ARP 193 Configuring ARP The Address Resolution Protocol (ARP) converts IP addresses into physical addresses, and maps the IP address to a MAC address. ARP allows a host to communicate with other hosts only when the IP address of its neighbors is known. To view ARP Settings: 1 Click Administration > IP Addressing > ARP Settings > Summary. The ARP Settings Summary Page opens: Figure 99 ARP Settings Summary Page The ARP Settings Summary Page contains the following fields: Interface Displays the interface type for which ARP parameters are displayed. The possible field value is: VLAN Indicates the VLAN for which ARP parameters are defined. IP Address Indicates the station IP address, which is associated with the MAC Address. MAC Address Displays the station MAC address, which is associated in the ARP table with the IP address. Status Displays the ARP table entry type. Possible field values are: Dynamic Indicates the ARP entry is learned dynamically.

194 194 CHAPTER 9: CONFIGURING IP INFORMATION Static Indicates the ARP entry is a static entry.

195 Defining ARP Interface Settings 195 Defining ARP Interface Settings To configure ARP Entries: 1 Click Administration > IP Addressing > ARP Settings > Setup. The ARP Settings Setup Page opens: Figure 100 ARP Settings Setup Page The ARP Settings Setup Page allows network managers to define ARP parameters for specific interfaces. The ARP Settings Setup Page contains the following fields: Interface Displays the interface type for which ARP parameters are displayed. The possible field value is: VLAN Indicates the VLAN for which ARP parameters are defined. IP Address Indicates the station IP address, which is associated with the MAC address filled in below. MAC Address Displays the station MAC address, which is associated in the ARP table with the IP address. ARP Entry Age Out Specifies the amount of time (in seconds) that passes between ARP Table entry requests. Following the ARP Entry Age period, the entry is deleted from the table. The range is The default value is seconds.

196 196 CHAPTER 9: CONFIGURING IP INFORMATION Removing ARP Entries Clear ARP Table Entries Specifies the types of ARP entries that are cleared. The possible values are: None Maintains the ARP entries. All Clears all ARP entries. Dynamic Clears only dynamic ARP entries. Static Clears only static ARP entries. 2 Define the fields. 3 Click. The ARP parameters are defined, and the device is updated. To remove ARP Entries: 1 Click Administration > IP Addressing > ARP Settings > Remove. The ARP Settings Remove Page opens: Figure 101 ARP Settings Remove Page The ARP Settings Remove Page provides parameters for removing ARP entries from the ARP Table. The ARP Settings Remove Page contains the following fields: Remove Removes a specific ARP entry. The possible field values are: Checked Removes the selected ARP entries.

197 Defining ARP Interface Settings 197 Unchecked Maintains the current ARP entries.

198 198 CHAPTER 9: CONFIGURING IP INFORMATION Configuring Address Tables MAC addresses are stored in either the Static Address or the Dynamic Address databases. A packet addressed to a destination stored in one of the databases is forwarded immediately to the port. The Dynamic Address Table can be sorted by interface, VLAN, and MAC Address. MAC addresses are dynamically learned as packets from sources arrive at the device. Addresses are associated with ports by learning the ports from the frames source address. Frames addressed to a destination MAC address that is not associated with any port, are flooded to all ports of the relevant VLAN. Static addresses are manually configured. In order to prevent the bridging table from overflowing, dynamic MAC addresses, from which no traffic is seen for a certain period, are erased. 1 Click Wired Ports>Address Tables > Static Addresses. The Port Settings Setup Page opens: Figure 102 Static Addresses Summary Page The Static Addresses Summary Page contains the following fields: VLAN ID Displays the VLAN ID. MAC Address Displays the static MAC address. Interface Displays the interface.

199 Configuring Address Tables 199 Status Displays the static address status. The possible field values are: Permanent The MAC address is permanent. Delete on Reset The MAC address is deleted when the device is reset. Delete on Time out The MAC address is deleted when a timeout occurs. Secure Used for defining static MAC Addresses for Locked ports.

200 200 CHAPTER 9: CONFIGURING IP INFORMATION Defining Static Addresses The Static Addresses Setup Page contains a list of static MAC addresses. Static Address can be added and removed from the Static Address Table page. In addition, several MAC Addresses can be defined for a single port. 1 Click Wired Ports>Address Tables > Static Addresses. The Static Addresses Setup Page opens: Figure 103 Static Addresses Setup Page The Static Addresses Setup Page contains the following fields: Interface The specific port or LAG to which the static MAC address is applied. MAC address The MAC addresses listed in the current static addresses list. VLAN ID The VLAN ID attached to the MAC Address, and a VLAN called a Routed Interface.Routed Interfaces are the internally-used VLANs assigned to an port or trunk on which an IP address is configured. VLAN Name User-defined VLAN name. Status MAC address status. Possible values are: Permanent The MAC address is permanent. Delete on Reset The MAC address is deleted when the device is reset.

201 Defining Static Addresses 201 Delete on Time out The MAC address is deleted when a timeout occurs. Secure Used for defining static MAC Addresses for Locked ports.

202 202 CHAPTER 9: CONFIGURING IP INFORMATION Viewing Dynamic Addresses The Dynamic MAC Address contains information for querying information in the dynamic address table, including the interface type, MAC addresses, VLAN, and table sorting. Packets forwarded to an address stored in the address table are forwarded directly to those ports. The Dynamic MAC Address page also contains information about the aging time before a dynamic MAC address is erased, and includes parameters for querying and viewing the Dynamic Address list. The Current Address Table contains dynamic address parameters by which packets are directly forwarded to the ports. Click Wired Ports >Address Tables > Dynamic Addresses. The Dynamic Addresses Summary Page opens: Figure 104 Dynamic Addresses Summary Page The Dynamic Addresses Summary Page contains the following fields and button: Query Updates the Dynamic Address table.

203 Viewing Dynamic Addresses 203 Aging Interval (10-630) Specifies the amount of time the MAC Address remains in the Dynamic MAC Address before it is timed out if no traffic from the source is detected. The default value is 300 seconds. Clear Table Clears the Dynamic Address table when checked. Interface Specifies the interface for which the table is queried. There are two interface types from which to select. Port or LAG MAC Address Specifies the MAC address for which the table is queried. VLAN ID The VLAN ID for which the table is queried. Address Table Sort Key Specifies the means by which the Dynamic Address Table is sorted. The address table can be sorted by address, VLAN or interface. 2 Select the check box to remove the selected ARP entries. 3 Click. The ARP entries are deleted, and the device is updated.

204 10 CONFIGURING MULITCAST FORWARDING This section contains information for configuring Multicast forwarding, and includes the following sections: Defining IGMP Snooping Defining Multicast Groups Defining Router Groups

205 Defining IGMP Snooping 205 Defining IGMP Snooping When IGMP Snooping is enabled globally, all IGMP packets are forwarded to the CPU. The CPU analyzes the incoming packets and determines: Which ports want to join which Multicast groups. Which ports have Multicast routers generating IGMP queries. Which routing protocols are forwarding packets and Multicast traffic. Ports requesting to join a specific Multicast group issue an IGMP report, specifying that Multicast group is accepting members. This results in the creation of the Multicast filtering database. To view IGMP Snooping configuration: 1 Click Policy > Multicast > IGMP Snooping > Summary. The IGMP Snooping Summary Page opens: Figure 105 IGMP Snooping Summary Page The IGMP Snooping Summary Page contains the following fields: VLAN ID Specifies the VLAN ID. IGMP Snooping Status Indicates if IGMP snooping is enabled on the VLAN. The possible field values are:

206 206 CHAPTER 10: CONFIGURING MULITCAST FORWARDING Enabled Enables IGMP Snooping on the VLAN. Disabled Disables IGMP Snooping on the VLAN. Auto Learn Indicates if Auto Learn is enabled on the device. If Auto Learn is enabled, the devices automatically learns where other Multicast groups are located. Enables or disables Auto Learn on the Ethernet device. The possible field values are: Enabled Enables auto learn. Disabled Disables auto learn. Host Timeout Indicates the amount of time host waits to receive a message before timing out. The field range is The default time is 260 seconds. MRouter Timeout Indicates the amount of the time the Multicast router waits to receive a message before it times out. The field range is The default value is 300 seconds. Leave Timeout Indicates the amount of time the host waits, after requesting to leave the IGMP group and not receiving a Join message from another station, before timing out. If a Leave Timeout occurs, the switch notifies the Multicast device to stop sending traffic The Leave Timeout value is either user-defined, or an immediate leave value. The field range is The default timeout is 10 seconds.

207 Enabling IGMP Snooping 207 Enabling IGMP Snooping The IGMP Snooping Setup Page allows network manages to define IGMP Snooping parameters: To enable IGMP Snooping: 1 Click Policy > Multicast > IGMP Snooping > Setup. The IGMP Snooping Setup Page opens: Figure 106 IGMP Snooping Setup Page The IGMP Snooping Setup Page contains the following fields: IGMP Snooping Status Indicates if IGMP Snooping is enabled on the device. IGMP Snooping can be enabled only if Bridge Multicast Filtering is enabled. The possible field values are: Enable Indicates that IGMP Snooping is enabled on the device. Disable Indicates that IGMP Snooping is disabled on the device. VLAN ID Specifies the VLAN ID. IGMP Snooping Status Indicates if IGMP snooping is enabled on the VLAN. The possible field values are: Enable Enables IGMP Snooping on the VLAN. Disable Disables IGMP Snooping on the VLAN.

208 208 CHAPTER 10: CONFIGURING MULITCAST FORWARDING Auto Learn Indicates if Auto Learn is enabled on the device. If Auto Learn is enabled, the devices automatically learns where other Multicast groups are located. Enables or disables Auto Learn on the Ethernet device. The possible field values are: Enable Enables auto learn. Disable Disables auto learn. Host Timeout Indicates the amount of time host waits to receive a message before timing out. The default time is 260 seconds. MRouter Timeout Indicates the amount of the time the Multicast router waits to receive a message before it times out. The default value is 300 seconds. Leave Timeout Indicates the amount of time the host waits, after requesting to leave the IGMP group and not receiving a Join message from another station, before timing out. If a Leave Timeout occurs, the switch notifies the Multicast device to stop sending traffic The Leave Timeout value is either user-defined, or an immediate leave value. The default timeout is 10 seconds. 2 Select Enable IGMP Snooping. 3 Define the fields. 4 Click. IGMP Snooping is enabled, and the device is updated.

209 Defining Multicast Groups 209 Defining Multicast Groups The Multicast Group Summary Page displays the ports and LAGs attached to the Multicast service group in the Ports and LAGs tables. The Port and LAG tables also reflect the manner in which the port or LAGs joined the Multicast group. Ports can be added either to existing groups or to new Multicast service groups. The Multicast Group Summary Page permits new Multicast service groups to be created. The Multicast Group Summary Page also assigns ports to a specific Multicast service address group. To view Multicast Groups: 1 Click Policy > Multicast > Multicast Group > Group Summary. The Multicast Group Summary Page opens: Figure 107 Multicast Group Summary Page The Multicast Group Summary Page contains the following information: VLAN ID Identifies a VLAN and contains information about the Multicast group address. Multicast Address Identifies the Multicast group MAC address/ip address.

210 210 CHAPTER 10: CONFIGURING MULITCAST FORWARDING To enable Multicast Filtering: 1 Click Policy > Multicast > Multicast Group > Setup Group. The Multicast Group Setup Page opens: Figure 108 Multicast Group Setup Page The Multicast Group Setup Page contains the following information: Enables Bridge Multicast Filtering Indicate if bridge Multicast filtering is enabled on the device. The possible field values are: Enabled Enables Multicast filtering on the device. Disabled Disables Multicast filtering on the device. If Multicast filtering is disabled, Multicast frames are flooded to all ports in the relevant VLAN. Disabled is the default value. VLAN ID Identifies a VLAN and contains information about the Multicast group address. Bridge Multicast IP Address Identifies the Multicast group IP address. Bridge Multicast MAC Address Identifies the Multicast group MAC address. 2 Define the fields. 3 Click. The Multicast group is defined, and the device is updated.

211 Defining Multicast Groups 211 To configure Port Setup: 1 Click Policy > Multicast > Multicast Group > Setup Port. The Multicast Port Setup Page opens: Figure 109 Multicast Port Setup Page The Multicast Port Setup Page contains the following information: VLAN ID Identifies a VLAN and contains information about the Multicast group address. Bridge Multicast IP Address Identifies the Multicast group IP address. Bridge Multicast IP Address Identifies the Multicast group MAC address. Interface Displays the port number. Interface Status Indicates the port status. The possible field values are: Static Attaches the port to the Multicast group as static member. Forbidden Indicates the port is not included in the Multicast group, even if IGMP snooping designated the port to join a Multicast group.

212 212 CHAPTER 10: CONFIGURING MULITCAST FORWARDING Excluded Excludes the interface from the Multicast group. None Indicates the port is not part of a Multicast group. 2 Select the Interface Status. 3 Click. The Interface Status is set, and the device is enabled. To view Port Details: 1 Click Policy > Multicast > Multicast Group > Port Details. The Multicast Port Details Page opens: Figure 110 Multicast Port Details Page The Multicast Port Details Page contains the following information: VLAN ID Identifies a VLAN and contains information about the Multicast group address. Bridge Multicast Address Identifies the Multicast group MAC/IP address. Ports/LAG Ports that can be added to a Multicast service. Interface Displays the port number. Interface Status Indicates the port status. The possible field values are:

213 Defining Multicast Groups 213 Static Attaches the port to the Multicast group as static member. Forbidden Indicates the port is not included in the Multicast group, even if IGMP snooping designated the port to join a Multicast group. Excluded Excludes the interface from the Multicast group. None Indicates the port is not part of a Multicast group. To remove Multicast Groups: 1 Click Policy > Multicast > Multicast Group > Remove Group. The Multicast Port Remove Group Page opens: Figure 111 Multicast Port Remove Group Page The Multicast Port Remove Group Page contains the following information: Remove Removes the selected access profile. The possible field values are: Checked Removes the selected multicast group. Unchecked Maintains the selected multicast group. VLAN ID Identifies a VLAN and contains information about the Multicast group address.

214 214 CHAPTER 10: CONFIGURING MULITCAST FORWARDING Multicast Address Identifies the Multicast group MAC/IP address. 2 Select the VLAN ID to be removed. 3 Click. The Multicast group is deleted, and the device is updated.

215 Defining Router Groups 215 Defining Router Groups The Multicast Router Group Summary Page allows net work managers to define Multicast groups. To view Multicast Router Groups: 1 Click Policy > Multicast > Router Group. The Multicast Router Group Summary Page opens: Figure 112 Multicast Router Group Summary Page The Multicast Router Group Summary Page contains the following information: VLAN ID Identifies a VLAN and contains information about the Multicast group address. Ports/LAG Displays status table according to Port/LAG. Interface Displays the port number. Interface Status Indicates the port status. The possible field values are: Static Attaches the port to the Multicast group as static member. Forbidden Indicates the port is not included in the Multicast group, even if IGMP snooping designated the port to join a Multicast group.

216 216 CHAPTER 10: CONFIGURING MULITCAST FORWARDING Excluded Excludes the interface from the Multicast group. None Indicates the port is not part of a Multicast group To modify Multicast Router Group Status: 1 Click Policy > Multicast > Router Group. The Multicast Router Group Modify Page opens: Figure 113 Multicast Router Group Modify Page The Multicast Router Group Modify Page contains the following information: VLAN ID Identifies a VLAN and contains information about the Multicast group address. Interface Displays the port number. Interface Status Indicates the port status. The possible field values are: Static Attaches the port to the Multicast group as static member. Forbidden Indicates the port is not included in the Multicast group, even if IGMP snooping designated the port to join a Multicast group. Excluded Excludes the interface from the Multicast group. None Indicates the port is not part of a Multicast group.

217 Defining Router Groups Modify the Interface Status. 3 Click. The Interface Status is modified, and the device is updated.

218 11 CONFIGURING SPANNING TREE This section contains information for configuring STP. The Spanning Tree Protocol (STP) provides tree topography for any arrangement of bridges. STP also provides a single path between end stations on a network, eliminating loops. Loops occur when alternate routes exist between hosts. Loops in an extended network can cause bridges to forward traffic indefinitely, resulting in increased traffic and reducing network efficiency. The device supports the following STP versions: Classic STP Provides a single path between end stations, avoiding and eliminating loops. For more information on configuring Classic STP, see Defining Classic Spanning Tree for Ports. Rapid STP Detects and uses network topologies that provide faster convergence of the spanning tree, without creating forwarding loops. For more information on configuring Rapid STP, see Defining Rapid Spanning Tree. Multiple STP Provides various load balancing scenarios. For example, if port A is blocked in one STP instance, the same port can be placed in the Forwarding State in another STP instance. For more information on configuring Multiple STP, see Defining Multiple Spanning Tree. This section contains the following topics: Configuring Classic Spanning Tree Defining Rapid Spanning Tree Defining Multiple Spanning Tree

219 Defining Classic Spanning Tree for Ports 219 Defining Classic Spanning Tree for Ports Network administrators can assign STP settings to specific interfaces using the Classic STP Summary Page. The Global LAGs section displays the STP information for Link Aggregated Groups. To assign STP settings to an interface: To view Classic STP: 1 Click Policy > Spanning Tree > Classic STP > Summary. The Classic STP Summary Page opens: Figure 114 Classic STP Summary Page The Classic STP Summary Page contains the following fields: Port The interface for which the information is displayed. STP Indicates if STP is enabled on the port. The possible field values are: Enable Indicates that STP is enabled on the port. Disable Indicates that STP is disabled on the port. Port Fast Indicates if Fast Link is enabled on the port. If Fast Link mode is enabled for a port, the Port State is automatically placed in

220 220 CHAPTER 11: CONFIGURING SPANNING TREE the Forwarding state when the port link is up. Fast Link optimizes the STP protocol convergence. STP convergence can take seconds in large networks. Root Guard Restricts the interface from acting as the root port of the switch. Port State Displays the current STP state of a port. If enabled, the port state determines what forwarding action is taken on traffic. Possible port states are: Forwarding Indicates that the port forwards traffic while learning MAC addresses. Port Role Displays the port role assigned by the STP algorithm to provide to STP paths. The possible field values are: Root Provides the lowest cost path to forward packets to the root switch. Designated The port or LAG through which the designated switch is attached to the LAN. Alternate Provides an alternate path to the root switch from the root interface. Backup Provides a backup path to the designated port path toward the Spanning Tree leaves. Backup ports occur only when two ports are connected in a loop by a point-to-point link, or when a LAN has two or more connections connected to a shared segment. Disabled The port is not participating in the Spanning Tree. Speed Indicates the speed at which the port is operating. Path Cost Indicates the port contribution to the root path cost. The path cost is adjusted to a higher or lower value, and is used to forward traffic when a path is re-routed. Priority Priority value of the port. The priority value influences the port choice when a bridge has two ports connected in a loop. The priority range is between The priority value is determined in increments of 16. Designated Bridge ID Indicates the bridge priority and the MAC Address of the designated bridge. Designated Port ID Indicates the selected port priority and interface.

221 Defining Classic Spanning Tree for Ports 221 Designated Cost Indicates the cost of the port participating in the STP topology. Ports with a lower cost are less likely to be blocked if STP detects loops. Forward Transitions Indicates the number of times the port has changed from Forwarding state to Blocking state.

222 222 CHAPTER 11: CONFIGURING SPANNING TREE Configuring Classic Spanning Tree To configure Classic STP Setup: 1 Click Policy > Spanning Tree > Classic STP > Setup. The Classic STP Setup Page opens: Figure 115 Classic STP Setup Page The Classic STP Setup Page contains the following fields: Global Settings Bridge Settings Designated Root Settings Global Setting Parameters Spanning Tree State Indicates whether STP is enabled on the device. The possible field values are: Enable Enables STP on the device. Disable Disables STP on the device. STP Operation Mode Specifies the STP mode that is enabled on the device. The possible field values are:

223 Configuring Classic Spanning Tree 223 Classic STP Enables Classic STP on the device. This is the default value. Rapid STP Enables Rapid STP on the device. Multiple STP Enables Multiple STP on the device. BPDU Handling Determines how BPDU packets are managed when STP is disabled on the port or device. BPDUs are used to transmit spanning tree information. The possible field values are: Filtering Filters BPDU packets when spanning tree is disabled on an interface. This is the default value. Flooding Floods BPDU packets when spanning tree is disabled on an interface. Path Cost Default Values Specifies the method used to assign default path cost to STP ports. The possible field values are: Short Specifies 1 through 65,535 range for port path cost. This is the default value. Long Specifies 1 through 200,000,000 range for port path cost. The default path cost assigned to an interface varies according to the selected method (Hello Time, Max Age, or Forward Delay). Bridge Setting Parameters Priority Specifies the bridge priority value. When switches or bridges are running STP, each is assigned a priority. After exchanging BPDUs, the device with the lowest priority value becomes the Root Bridge. The field range is The default value is The port priority value is provided in increments of Hello Time (1-10) Specifies the device Hello Time. The Hello Time indicates the amount of time in seconds a Root Bridge waits between configuration messages. The default is 2 seconds. Max Age (6-40) Specifies the device Maximum Age Time. The Maximum Age Time is the amount of time in seconds a bridge waits before sending configuration messages. The default Maximum Age Time is 20 seconds. Forward Delay (4-30) Specifies the device Forward Delay Time. The Forward Delay Time is the amount of time in seconds a bridge remains in a listening and learning state before forwarding packets. The default is 15 seconds. Designated Root Parameters

224 224 CHAPTER 11: CONFIGURING SPANNING TREE Bridge ID Identifies the Bridge priority and MAC address. Root Bridge ID Identifies the Root Bridge priority and MAC address. Root Port Indicates the port number that offers the lowest cost path from this bridge to the Root Bridge. This field is significant when the bridge is not the Root Bridge. The default is zero. Root Path Cost Specifies the cost of the path from this bridge to the Root Bridge. Topology Changes Counts Specifies the total amount of STP state changes that have occurred. Last Topology Change Indicates the amount of time that has elapsed since the bridge was initialized or reset, and the last topographic change that occurred. The time is displayed in a day-hour-minute-second format, such as 2 days 5 hours 10 minutes and 4 seconds. 2 Define the fields. 3 Click. STP is enabled, and the device is updated.

225 Modifying Spanning Tree Settings 225 Modifying Spanning Tree Settings To modify Classic STP: 1 Click Policy > Spanning Tree > Classic STP > Modify. The Classic STP Modify Page opens: Figure 116 Classic STP Modify Page The Classic STP Modify Page contains the following fields: Interface The interface for which the information is displayed. STP Indicates if STP is enabled on the port. The possible field values are: Enabled Indicates that STP is enabled on the port. Disabled Indicates that STP is disabled on the port. Port Fast Indicates if Fast Link is enabled on the port. If Fast Link mode is enabled for a port, the Port State is automatically placed in the Forwarding state when the port link is up. Fast Link optimizes the STP protocol convergence. STP convergence can take seconds in large networks. Root Guard Restricts the interface from acting as the root port of the switch.

226 226 CHAPTER 11: CONFIGURING SPANNING TREE Port State Displays the current STP state of a port. If enabled, the port state determines what forwarding action is taken on traffic. Possible port states are: Forwarding Indicates that the port forwards traffic while learning MAC addresses. Speed Indicates the speed at which the port is operating. Default Path Cost Indicates that default path cost is enabled. Path Cost Indicates the port contribution to the root path cost. The path cost is adjusted to a higher or lower value, and is used to forward traffic when a path is re-routed. The field range is 1-200,000,000. Priority Priority value of the port. The priority value influences the port choice when a bridge has two ports connected in a loop. The priority value is between The priority value is determined in increments of 16. Designated Bridge ID Indicates the bridge priority and the MAC Address of the designated bridge. Designated Port ID Indicates the selected port priority and interface. Designated Cost Indicates the cost of the port participating in the STP topology. Ports with a lower cost are less likely to be blocked if STP detects loops. 2 Define the fields. 3 Click. Classic STP is modified on the interface, and the device is updated.

227 Defining Rapid Spanning Tree 227 Defining Rapid Spanning Tree While Classic STP prevents Layer 2 forwarding loops in a general network topology, convergence can take between seconds. This time may delay detecting possible loops and propagating status topology changes. Rapid Spanning Tree Protocol (RSTP) detects and uses network topologies that allow a faster STP convergence without creating forwarding loops. The Global System LAG information displays the same field information as the ports, but represent the LAG RSTP information. To define RSTP: 1 Click Policy > Spanning Tree > Rapid STP > Summary. The RSTP Summary Page opens: Figure 117 RSTP Summary Page The RSTP Summary Page contains the following fields: Interface Displays the port or LAG on which Rapid STP is enabled. Role Displays the port role assigned by the STP algorithm to provide to STP paths. The possible field values are: Root Provides the lowest cost path to forward packets to the root switch.

228 228 CHAPTER 11: CONFIGURING SPANNING TREE Designated The port or LAG through which the designated switch is attached to the LAN. Alternate Provides an alternate path to the root switch from the root interface. Backup Provides a backup path to the designated port path toward the Spanning Tree leaves. Backup ports occur only when two ports are connected in a loop by a point-to-point link, or when a LAN has two or more connections connected to a shared segment. Disabled The port is not participating in the Spanning Tree. Mode Displays the current STP mode. The STP Operation Mode is selected in the Global STP Properties Page. The possible field values are: Classic STP Classic STP is enabled on the device. Rapid STP Rapid STP is enabled on the device. Multiple STP Multiple STP is enabled on the device. Port Status Displays the current STP state of a port. If enabled, the port state determines what forwarding action is taken on traffic. Possible port states are: Disabled Indicates that STP is currently disabled on the port. The port forwards traffic while learning MAC addresses. Blocking Indicates that the port is currently blocked and cannot forward traffic or learn MAC addresses. Blocking is displayed when Classic STP is enabled. Fast Link Operational Status Indicates whether Fast Link is enabled or disabled for the port or LAG. If Fast Link is enabled for a port, the port is Automatically placed in the forwarding state. Point-to-Point Operational Status Displays the point-to-point operating state. Migrate to RSTP Indicates whether sending Link Control Protocol (LCP) packets to configure and test the data link is enabled. The possible field values are: Activate Activates port migration to Rapid STP. 2 Click. The selected port is migrated to RSTP.

229 Modifying Rapid Spanning Tree Settings 229 Modifying Rapid Spanning Tree Settings To modify Rapid STP: 1 Click Policy > Spanning Tree > Rapid STP > Modify. The RSTP Summary Page opens: Figure 118 Rapid STP Modify Page The Rapid STP Modify Page contains the following fields: Interface Displays the port or LAG on which Rapid STP is enabled. Role Displays the port role assigned by the STP algorithm to provide to STP paths. The possible field values are: Root Provides the lowest cost path to forward packets to the root switch. Designated The port or LAG through which the designated switch is attached to the LAN. Alternate Provides an alternate path to the root switch from the root interface.. Backup Provides a backup path to the designated port path toward the Spanning Tree leaves. Backup ports occur only when

230 230 CHAPTER 11: CONFIGURING SPANNING TREE two ports are connected in a loop by a point-to-point link, or when a LAN has two or more connections connected to a shared segment. Disabled The port is not participating in the Spanning Tree. Mode Displays the current STP mode. The STP Operation Mode is selected in the Global STP Properties Page. The possible field values are: Classic STP Classic STP is enabled on the device. Rapid STP Rapid STP is enabled on the device. Multiple STP Multiple STP is enabled on the device. Fast Link Operational Status Indicates whether Fast Link is enabled or disabled for the port or LAG. If Fast Link is enabled for a port, the port is Automatically placed in the forwarding state. Port State Displays the current STP state of a port. If enabled, the port state determines what forwarding action is taken on traffic. Possible port states are: Disabled Indicates that STP is currently disabled on the port. The port forwards traffic while learning MAC addresses. Blocking Indicates that the port is currently blocked and cannot forward traffic or learn MAC addresses. Blocking is displayed when Classic STP is enabled. Point-to-Point Admin Status Indicates whether a point-to-point link is established, or if the device is permitted to establish a point-to-point link. The possible field values are: Auto Detects and enables the point-to-point link automatically. Enable Enables the device to establish a point-to-point link, or is configured to automatically establish a point-to-point link. To establish communications over a point-to-point link, the originating PPP first sends Link Control Protocol (LCP) packets to configure and test the data link. After a link is established and optional facilities are negotiated as needed by the LCP, the originating PPP sends Network Control Protocol (NCP) packets to select and configure one or more network layer protocols. When each of the chosen network layer protocols has been configured, packets from each network layer protocol can be sent over the link. The link remains configured for communications until explicit LCP or NCP packets close the link, or until some external event occurs.

231 Modifying Rapid Spanning Tree Settings 231 This is the actual switch port link type. It may differ from the administrative state. Disable Disables point-to-point link. Point-to-Point Operational Status Displays the point-to-point operating state. 2 Click. The Rapid STP Interface settings are modified, and the device is updated.

232 232 CHAPTER 11: CONFIGURING SPANNING TREE Defining Multiple Spanning Tree Multiple Spanning Tree (MSTP) provides differing load balancing scenarios. For example, while port A is blocked in one STP instance, the same port can be placed in the Forwarding state in another STP instance. The Multiple STP Setup Page contains information for defining global MSTP settings, including region names, MSTP revisions, and maximum hops. To configure Multiple STP: 1 Click Policy > Spanning Tree > Multiple STP > Setup. The Multiple STP Setup Page opens: Figure 119 Multiple STP Setup Page The Multiple STP Setup Page contains the following fields: Region Name User-defined STP region name. Revision An unsigned 16-bit number that identifies the revision of the current MSTP configuration. The revision number is required as part of the MSTP configuration. The possible field range is Max Hops Specifies the total number of hops that occur in a specific region before the BPDU is discarded. Once the BPDU is discarded, the port information is aged out. The possible field range is The field default is 20 hops. IST Master Identifies the Spanning Tree Master instance. The IST Master is the specified instance root.

233 Defining Multiple Spanning Tree Define the fields. 3 Click. The Multiple STP properties are defined, and the device is updated.

234 234 CHAPTER 11: CONFIGURING SPANNING TREE Defining Multiple STP Instance Settings MSTP maps VLANs into STP instances. Packets assigned to various VLANs are transmitted along different paths within Multiple Spanning Tree Regions (MST Regions). Regions are one or more Multiple Spanning Tree bridges by which frames can be transmitted. In configuring MSTP, the MST region to which the device belongs is defined. A configuration consists of the name, revision, and region to which the device belongs. Network administrators can define the MSTP instance settings using the Multiple STP Instance Summary Page. To view Multiple STP: 1 Click Policy > Spanning Tree > Multiple STP> Instance Summary. The Multiple STP Instance Summary Page opens: Figure 120 Multiple STP Instance Summary Page The Multiple STP Instance Summary Page contains the following fields: Instance ID Specifies the VLAN group to which the interface is assigned. Included VLAN Maps the selected VLANs to the selected instance. Each VLAN belongs to one instance.

235 Defining Multiple STP Instance Settings 235 Bridge Priority Specifies the selected spanning tree instance device priority. The field range is Designated Root Bridge ID Indicates the ID of the bridge with the lowest path cost to the instance ID. Root Port Indicates the selected instance s root port. Root Path Cost Indicates the selected instance s path cost. Bridge ID Indicates the bridge ID of the selected instance. Remaining Hops Indicates the number of hops remaining to the next destination. 2 Define the fields. 3 Click. The MSTP instance is displayed, and the device is updated. To configure Multiple STP Configuration Table: 1 Click Policy > Spanning Tree > Multiple STP > Modify Instance. The Multiple STP Instance Summary Page opens: Figure 121 Multiple STP Modify Instance Page The Multiple STP Modify Instance Page contains the following fields:

236 236 CHAPTER 11: CONFIGURING SPANNING TREE VLAN Specifies the VLAN to be assigned to the Instance ID. Instance ID Specifies the VLAN group to which the VLAN is assigned. 2 Define the Instance ID field. 3 Click. The Multiple STP Instances are assigned, and the device is updated. To view Multiple STP Port Settings: 1 Click Policy > Spanning Tree > Multiple STP > Port Summary. The Multiple STP Port Summary Page opens: Figure 122 Multiple STP Port Summary Page The Multiple STP Port Summary Page contains the following fields: Interface The interface for which the information is displayed. Role Displays the port role assigned by the STP algorithm to provide to STP paths. The possible field values are: Root Provides the lowest cost path to forward packets to the root switch. Designated The port or LAG through which the designated switch is attached to the LAN.

237 Defining Multiple STP Instance Settings 237 Alternate Provides an alternate path to the root switch from the root interface. Backup Provides a backup path to the designated port path toward the Spanning Tree leaves. Backup ports occur only when two ports are connected in a loop by a point-to-point link, or when a LAN has two or more connections connected to a shared segment. Disabled The port is not participating in the Spanning Tree. Mode Indicates the STP mode by which STP is enabled on the device. The possible field values are: Classic STP Classic STP is enabled on the device. This is the default value. Rapid STP Rapid STP is enabled on the device. Multiple STP Multiple STP is enabled on the device. Type Indicates whether the port is a Boundary or Master port. The possible field values are: Boundary Port Indicates that the port is a Boundary port. A Boundary port attaches MST bridges to LANs in an outlying region. If the port is a Boundary port, this field also indicates whether the device on the other side of the link is working in RSTP or STP mode Master Port Indicates the port is a master port. A Master port provides connectivity from a MSTP region to the outlying CIST root. Port Priority Priority value of the port. The priority value influences the port choice when a bridge has two ports connected in a loop. The priority range is between The priority value is determined in increments of 16. Path Cost Indicates the port contribution to the root path cost. The path cost is adjusted to a higher or lower value, and is used to forward traffic when a path is re-routed. Port State Displays the current STP state of a port. If enabled, the port state determines what forwarding action is taken on traffic. Possible port states are: Forwarding Indicates that the port forwards traffic while learning MAC addresses. Designated Cost Indicates the cost of the port participating in the STP topology. Ports with a lower cost are less likely to be blocked if STP detects loops.

238 238 CHAPTER 11: CONFIGURING SPANNING TREE Designated Bridge ID Indicates the bridge priority and the MAC Address of the designated bridge. Designated Port ID Indicates the selected port priority and interface. Remaining Hops Indicates the number of hops remaining to the next destination.

239 Defining MSTP Port Settings 239 Defining MSTP Port Settings Network Administrators can assign MSTP port settings in the Multiple STP Modify Port Page. To define Multiple STP Port settings: 1 Click Policy > Spanning Tree > Multiple STP > Modify Port. The Multiple STP Modify Port Page opens: Figure 123 Multiple STP Modify Port Page The Multiple STP Modify Port Page contains the following fields: Instance ID Lists the MSTP instances configured on the device. Possible field range is Port State Indicates whether the port is enabled for the specific instance. The possible field values are: Enabled Enables the port for the specific instance. Disabled Disables the port for the specific instance. Type Indicates whether the port is a Boundary or Master port. The possible field values are: Boundary Port Indicates that the port is a Boundary port. A Boundary port attaches MST bridges to LANs in an outlying region.

240 240 CHAPTER 11: CONFIGURING SPANNING TREE If the port is a Boundary port, this field also indicates whether the device on the other side of the link is working in RSTP or STP mode Master Port Indicates the port is a master port. A Master port provides connectivity from a MSTP region to the outlying CIST root. Role Indicates the port role assigned by the STP algorithm to provide to STP paths. The possible field values are: Root Provides the lowest cost path to forward packets to the root device. Designated Indicates the port or LAG through which the designated device is attached to the LAN. Alternate Provides an alternate path to the root device from the root interface. Backup Provides a backup path to the designated port path toward the Spanning Tree leaves. Backup ports occur only when two ports are connected in a loop by a point-to-point link or when a LAN has two or more connections connected to a shared segment. Disabled Indicates the port is not participating in the Spanning Tree. Mode Indicates the STP mode by which STP is enabled on the device. The possible field values are: Classic STP Classic STP is enabled on the device. This is the default value. Rapid STP Rapid STP is enabled on the device. Multiple STP Multiple STP is enabled on the device. Interface Priority Defines the interface priority for the specified instance. The field range is The default value is 128. Path Cost Indicates the port contribution to the Spanning Tree instance. The range should always be 1-200,000,000. Designated Bridge ID Displays the ID of the bridge that connects the link or shared LAN to the root. Designated Port ID Displays the ID of the port on the designated bridge that connects the link or the shared LAN to the root. Designated Cost Indicates that the default path cost is assigned according to the method selected on the Spanning Tree Global Settings page.

241 Defining MSTP Port Settings 241 Forward Transitions Indicates the number of times the LAG State has changed from a Forwarding state to a Blocking state. Remain Hops Indicates the hops remaining to the next destination.define the Instance ID, MSTP Port Status and the Interface Priority fields. 2 Click. The Multiple STP ports are assigned, and the device is updated.

242 12 CONFIGURING QUALITY OF SERVICE This section contains information for configuring QoS, and includes the following topics: Quality of Service Overview Defining QoS Basic Mode Defining QoS General Mode Configuring QoS Mapping

243 Quality of Service Overview 243 Quality of Service Overview Quality of Service (QoS) provides the ability to implement QoS and priority queuing within a network. For example, certain types of traffic that require minimal delay, such as Voice, Video, and real-time traffic can be assigned a high priority queue, while other traffic can be assigned a lower priority queue. The result is an improved traffic flow for traffic with high demand. QoS is defined by: Classification Specifies which packet fields are matched to specific values. All packets matching the user-defined specifications are classified together. Action Defines traffic management where packets are forwarded are based on packet information, and packet field values such as VLAN Priority Tag (VPT) and DiffServ Code Point (DSCP). VPT Classification Information VLAN Priority Tags (VPT) are used to classify packets by mapping packets to one of the egress queues. VPT-to-queue assignments are user-definable. Packets arriving untagged are assigned a default VPT value, which is set on a per-port basis. The assigned VPT is used to map the packet to the egress queue. Defining QoS Basic Mode This section contains information for defining QoS basic settings and includes the following topics: Configuring Trust Settings Configure DSCP Rewrite

244 244 CHAPTER 12: CONFIGURING QUALITY OF SERVICE Configuring Trust Settings The Trust Setup Page contains information for enabling trust on configured interfaces. The original device QoS default settings can be reassigned to the interface in the Trust Setup Page. To enable Trust: 1 Click Policy > QoS Basic Mode > Trust. The Trust Setup Page opens: Figure 124 Trust Setup Page The Trust Setup Page contains the following fields: Trust Mode Defines which packet fields to use for classifying packets entering the device. When no rules are defined, the traffic containing the predefined packet CoS field is mapped according to the relevant trust modes table. Traffic not containing a predefined packet field is mapped to best effort. The possible Trust Mode field values are: CoS Classifies traffic based on the CoS tag value. DSCP Classifies traffic based on the DSCP tag value. Always Rewrite DSCP Enables Rewrite DSCP classified traffic. 2 Define the fields. 3 Click. Trust mode is enabled on the device.

245 Configure DSCP Rewrite 245 Configure DSCP Rewrite The DSCP Rewrite Summary page allows network managers to assign new DSCP values to incoming packets. To view DSCP Rewrite Values: 1 Click Policy > QoS Basic Mode > DSCP Rewrite > Summary. The DSCP Rewrite Summary Page opens: Figure 125 DSCP Rewrite Summary Page The DSCP Rewrite Summary Page contains the following fields: DSCP In Displays the incoming packet s DSCP value. DSCP Out Displays the outgoing packet s DSCP value.

246 246 CHAPTER 12: CONFIGURING QUALITY OF SERVICE To rewrite DSCP values: 1 Click Policy > QoS Basic Mode > DSCP Rewrite > Setup. The DSCP Rewrite Setup Page opens: Figure 126 DSCP Rewrite Setup Page The DSCP Rewrite Setup Page contains the following fields: DSCP In Displays the incoming packet s DSCP value. DSCP Out Displays the outgoing packet s DSCP value. 2 Select an DSCP Out value for each DSCP In entry. 3 Click. The DSCP values are updated on the device.

247 Defining QoS General Mode 247 Defining QoS General Mode This section contains information for configuring QoS general mode, and includes the following topics: Defining CoS Services Defining Queues Defining Bandwidth Settings DSCP to Queue Defining CoS Services To view CoS Settings: 1 Click Policy > QoS General > CoS > Summary. The CoS Summary Page opens: Figure 127 CoS Summary Page The CoS Summary Page contains the following fields: QoS Mode Determines the QoS mode on the interface. The possible values are: Disable Disables QoS on the interface. Basic Enables Basic mode on the device. Advanced Enables the Advanced QoS mode on the device.

248 248 CHAPTER 12: CONFIGURING QUALITY OF SERVICE Interface Displays the interface for which the global QoS parameters are defined. Default CoS Displays the default CoS value for incoming packets for which a VLAN tag is not defined. The possible field values are 0-7. The default CoS is 0. Restore Defaults Displays the device factory defaults for mapping CoS values to a forwarding queue. 2 Select the Restore Defaults field to restore Interface factory defaults. To configure CoS Settings: 1 Click Policy > QoS General > CoS > Modify. The CoS Modify Page opens: Figure 128 CoS Modify Page The CoS Modify Page contains the following fields: QoS Mode Determines the QoS mode on the interface. The possible values are: Disable Disables QoS on the interface. Basic Enables Basic mode on the device. Advanced Enables the Advanced QoS mode on the device. Interface Displays the interface for which the global QoS parameters are defined. The possible values are:

249 Defining CoS Services 249 Port Selects the port for which the global QoS parameters are defined. LAG Selects the LAG for which the global QoS parameters are defined. Set Default User Priority Determines the default CoS value for incoming packets for which a VLAN tag is not defined. The possible field values are 0-7. The default CoS is 0. 2 Define the fields. 3 Click. CoS is enabled on the device, and the device is updated.

250 250 CHAPTER 12: CONFIGURING QUALITY OF SERVICE Defining Queues The Queue Setup Page contains fields for defining the QoS queue forwarding types. To set Queue Settings: 1 Click Policy > QoS General > Queue > Setup. The Queue Setup Page opens: Figure 129 Queue Setup Page The Queue Setup Page contains the following fields: Strict Priority Specifies whether traffic scheduling is based strictly on the queue priority. WRR Assigns WRR weights to queues. This field is enabled only for queues in WRR queue mode. When WRR is selected, the weight are assigned to queues in the ratio 1:2:4:8. 2 Select the Strict Priority or WRR field. 3 Click. The queue settings are set, and the device is updated.

251 Defining Bandwidth Settings 251 Defining Bandwidth Settings The Bandwidth Summary Page allows network managers to define the bandwidth settings for a specified egress interface. Modifying queue scheduling affects the queue settings globally. Viewing Bandwidth Settings Queue shaping can be based per queue and/or per interface. Shaping is determined by the lower specified value. The queue shaping type is selected in the Bandwidth Summary Page. To view Bandwidth Settings: 1 Click Policy > QoS General > Bandwidth > Summary. The Bandwidth Summary Page opens: Figure 130 Bandwidth Summary Page The Bandwidth Summary Page contains the following fields: Interface Displays the interface for which the global QoS parameters are defined. Ingress Rate Limit Status Indicates if rate limiting is defined on the interface. The field range is 1-1,000,000 kbits per second. The possible field values are: Enable Enables ingress rate limiting on the interface. Disable Disables ingress rate limiting on the interface.

252 252 CHAPTER 12: CONFIGURING QUALITY OF SERVICE Egress Shaping Rates Configures the traffic shaping type for selected interfaces. The possible field values are: Status Defines the shaping status. CIR Defines CIR as the queue shaping type. The possible field range is 64-1,000,000,000 kbits per second. CbS Defines CbS as the queue shaping type. The possible field range is ,769,020 kbits per second. To configure Bandwidth Settings: 1 Click Policy > QoS General > Bandwidth > Setup. The Bandwidth Setup Page opens: Figure 131 Bandwidth Setup Page The Bandwidth Setup Page contains the following fields: Interface Displays the interface for which the global QoS parameters are defined. The possible values are: Port Selects the port for which the global QoS parameters are defined. LAG Selects the LAG for which the global QoS parameters are defined. Enable Ingress Rate Limit Enables setting an Ingress Rate Limit. Ingress Rate Limit Indicates the traffic limit for the port.

253 Defining Bandwidth Settings 253 Enable Egress Shaping Rate Enable Egress Shaping Rates. Committed Information Rate (CIR) Defines CIR as the queue shaping type. The possible field value is ,000,000,000 bits per second. Committed Burst Size (CbS) Defines CbS as the queue shaping type. The possible field value is ,000,000 bytes. 2 Define the fields. 3 Click. The bandwidth is defined, and the device is updated.

254 254 CHAPTER 12: CONFIGURING QUALITY OF SERVICE DSCP to Queue The DSCP Queue contains fields for mapping DSCP settings to traffic queues. For example, a packet with a DSCP tag value of 3 can be assigned to queue 2. To view the DSCP Queue: 1 Click Policy > QoS General > DSCP to Queue > Summary. The DSCP to Queue Summary Page opens: Figure 132 DSCP to Queue Summary Page The DSCP to Queue Summary Page contains the following fields: DSCP Displays the incoming packet s DSCP value. Queue Specifies the traffic forwarding queue to which the DSCP priority is mapped. Eight traffic priority queues are supported.

255 Configuring DSCP Queue Mappings 255 Configuring DSCP Queue Mappings The DSCP to Queue Setup Page contains fields for mapping DSCP settings to traffic queues. For example, a packet with a DSCP tag value of 3 can be assigned to queue 2. To map General CoS to Queues: 1 Click Policy > QoS General > DSCP to Queue > Setup. The DSCP to Queue Setup Page opens: Figure 133 DSCP to Queue Setup Page The DSCP to Queue Setup Page contains the following fields: DSCP Displays the incoming packet s DSCP value. Queue Specifies the traffic forwarding queue to which the DSCP priority is mapped. Eight traffic priority queues are supported. 2 Define the queue number in the Queue field next to the required DSCP value. 3 Click. The DSCP values are mapped to a queue, and the device is updated.

256 256 CHAPTER 12: CONFIGURING QUALITY OF SERVICE Configuring QoS Mapping This section contains information for mapping CoS and DSCP values to queues, and includes the following sections: Defining CoS to Queue Defining Class Maps

257 Defining CoS to Queue 257 Defining CoS to Queue The CoS to Queue Summary Page contains fields for mapping CoS values to traffic queues. To view CoS Values to Queues: 1 Click Policy > QoS General > CoS to Queue > Summary. The CoS to Queue Summary Page opens: Figure 134 CoS to Queue Summary Page The CoS to Queue Summary Page contains the following fields: Class of Service Specifies the CoS priority tag values, where zero is the lowest and 7 is the highest. Queue Defines the traffic forwarding queue to which the CoS priority is mapped. Eight traffic priority queues are supported. The CoS to Queue Setup Page contains fields for mapping CoS values to traffic queues.

258 258 CHAPTER 12: CONFIGURING QUALITY OF SERVICE To configure CoS values to queues: 1 Click Policy > QoS General > CoS to Queue > Setup. The CoS to Queue Setup Page opens: Figure 135 CoS to Queue Setup Page The CoS to Queue Setup Page contains the following fields: Restore Defaults Restores the device factory defaults for mapping CoS values to a forwarding queue. Class of Service Specifies the CoS priority tag values, where zero is the lowest and 7 is the highest. Queue Defines the traffic forwarding queue to which the CoS priority is mapped. Eight traffic priority queues are supported. 2 Define the queue number in the Queue field next to the required CoS value. 3 Click. The CoS value is mapped to a queue, and the device is updated.

259 13 MANAGING SYSTEM LOGS This section provides information for managing system logs. The system logs enable viewing device events in real time, and recording the events for later usage. System Logs record and manage events and report errors and informational messages. Event messages have a unique format, as per the Syslog protocols recommended message format for all error reporting. For example, Syslog and local device reporting messages are assigned a severity code, and include a message mnemonic, which identifies the source application generating the message. It allows messages to be filtered based on their urgency or relevancy. Each message severity determines the set of event logging devices that are sent per each event message. The following table lists the log severity levels: Table 4 System Log Severity Levels Severity Level Message Emergency Highest The system is not functioning. (0) Alert 1 The system needs immediate attention. Critical 2 The system is in a critical state. Error 3 A system error has occurred. Warning 4 A system warning has occurred. Notice 5 The system is functioning properly, but a system notice has occurred. Informational 6 Provides device information. Debug 7 Provides detailed information about the log. If a Debug error occurs, contact Customer Tech Support. This section includes the following topics: Viewing Logs Configuring Logging

260 260 CHAPTER 13: MANAGING SYSTEM LOGS Viewing Logs The Logging Display Page contains all system logs in a chronological order that are saved in RAM (Cache). To view Logging: 1 Click Administration > Logging > Display. The Logging Display Page opens: Figure 136 Logging Display Page The Logging Display Page contains the following fields and buttons: Save Preview Saves the displayed Log table. Clear Logs Deletes all logs from the Log table. Log Time Displays the time at which the log was generated. Severity Displays the log severity. Description Displays the log message text. 2 Click. The selected logs are cleared, and the device is updated.

261 Configuring Logging 261 Configuring Logging The Logging Setup Page contains fields for defining which events are recorded to which logs. It contains fields for enabling logs globally, and parameters for defining logs. Log messages are listed from the highest severity to the lowest severity level. To define Log Parameters: 1 Click Administration > Logging > Setup. The Logging Setup Page opens: Figure 137 Logging Setup Page The Logging Setup Page contains the following fields: Enable Local Logging Indicates if device local logs for Cache, File, and Server Logs are enabled. Console logs are enabled by default. The possible field values are: Checked Enables device logs. Unchecked Disables device logs. Emergency The highest warning level. If the device is down or not functioning properly, an emergency log message is saved to the specified logging location. Alert The second highest warning level. An alert log is saved, if there is a serious device malfunction; for example, all device features are down.

262 262 CHAPTER 13: MANAGING SYSTEM LOGS Critical The third highest warning level. A critical log is saved if a critical device malfunction occurs; for example, two device ports are not functioning, while the rest of the device ports remain functional. Error A device error has occurred, for example, if a single port is offline. Warning The lowest level of a device warning. The device is functioning, but an operational problem has occurred. Notice Provides device information. Info Provides device information. Debug Provides debugging messages. Not Active Provides no messages. When a severity level is selected, all severity level choices above the selection are selected automatically. Enable Syslogging Indicates if device local logs are enabled. The possible field values: Checked Enables device logs. Unchecked Disables device logs. Emergency The highest warning level. If the device is down or not functioning properly, an emergency log message is saved to the specified logging location. Alert The second highest warning level. An alert log is saved, if there is a serious device malfunction; for example, all device features are down. Critical The third highest warning level. A critical log is saved if a critical device malfunction occurs; for example, two device ports are not functioning, while the rest of the device ports remain functional. Error A device error has occurred, for example, if a single port is offline. Warning The lowest level of a device warning. The device is functioning, but an operational problem has occurred. Note Provides device information. Informational Provides device information.

263 Configuring Logging 263 Debug Provides debugging messages. Syslog IP Address Defines IP Address to upload syslog messages. Syslog Port Defines the Port through which syslog messages are uploaded. 2 Enable Logging and define the fields. 3 Click. The log parameters are set, and the device is updated.

264 14 MANAGING SYSTEM FILES The configuration file structure consists of the following configuration files: Startup Configuration File Contains the commands required to reconfigure the device to the same settings as when the device is powered down or rebooted. The Startup file is created by copying the configuration commands from the Running Configuration file or the Backup Configuration file. Running Configuration File Contains all configuration file commands, as well as all commands entered during the current session. After the device is powered down or rebooted, all commands stored in the Running Configuration file are lost. During the startup process, all commands in the Startup file are copied to the Running Configuration File and applied to the device. During the session, all new commands entered are added to the commands existing in the Running Configuration file. Commands are not overwritten. To update the Startup file, before powering down the device, the Running Configuration file must be copied to the Startup Configuration file. The next time the device is restarted, the commands are copied back into the Running Configuration file from the Startup Configuration file. Image files Software upgrades are used when a new version file is downloaded. The file is checked for the right format, and that it is complete. After a successful download, the new version is marked, and is used after the device is reset. This section contains information for defining File maintenance and includes both configuration file management as well as device access. This section contains the following topics: Backing Up and Restoring System Files Downloading the Software Image Activating Image Files

265 Backing Up and Restoring System Files 265 Backing Up and Restoring System Files There are two types of files, firmware files and configuration files. The firmware files manage the device, and the configuration files configure the device for transmissions. Only one type of download can be performed at any one time. To download a file: The Backup & Restore Configurations Page contains parameters for downloading system files. To download System Files: 1 Click Administration > Backup & Restore Configurations > Restore. The Backup & Restore Configurations Page opens: Figure 138 Backup & Restore Configurations Page The Backup & Restore Configurations Page contains the following fields: Download via TFTP Enables initiating a download via the TFTP server. Download via HTTP Enables initiating a download via the HTTP server or HTTPS server. Configuration Download Indicates that the download is for configuration files. TFTP Server IP Address Specifies the TFTP Server IP Address from which the configuration files are downloaded.

266 266 CHAPTER 14: MANAGING SYSTEM FILES Source File Name Specifies the configuration files to be downloaded. Destination File Specifies the destination file to which to the configuration file is downloaded. The possible field values are: Running Configuration Downloads commands into the Running Configuration file. Startup Configuration Downloads the Startup Configuration file, and overwrites the old Startup Configuration file.

267 Downloading the Software Image 267 Downloading the Software Image The Get Image Page permits network managers to retrieve the device software or the device boot code. To download the software image: 1 Click Administration > Software Update. The Get Image Page opens: Figure 139 Get Image Page The Get Image Page contains the following fields: Download via TFTP Enables initiating a download via the TFTP server. Download via HTTP Enables initiating a download via the HTTP server or HTTPS server. TFTP Server IP Address Specifies the TFTP Server IP Address from which the configuration files are downloaded. Source File Name Specifies the configuration files to be downloaded. Destination File Specifies the destination file to which to the configuration file is downloaded. The possible field values are:

268 268 CHAPTER 14: MANAGING SYSTEM FILES Running Configuration Downloads commands into the Running Configuration file. Startup Configuration Downloads the Startup Configuration file, and overwrites the old Startup Configuration file. 2 Define the fields. 3 Click. The files are downloaded, and the device is updated.

269 Activating Image Files 269 Activating Image Files The Active Image Page allows network managers to select and reset the Image files. To upload System Files: 1 Click Administration > Backup & Restore > Active Image. The Active Image Page opens: Figure 140 Active Image Page The Active Image Page contains the following fields: Active Image The Image file which is currently active on the unit. After Reset The Image file which is active on the unit after the device is reset. The possible field values are: Image 1 Activates Image file 1 after the device is reset. Image 2 Activates Image file 2 after the device is reset.

270 15 VIEWING STATISTICS This section contains information for viewing and configuring RMON statistics, and contains the following sections: Viewing RMON Statistics Configuring RMON History Configuring RMON Events Defining RMON Alarms

271 Viewing RMON Statistics 271 Viewing RMON Statistics The RMON Statistics Page contains fields for viewing information about device utilization and errors that occurred on the device. To view RMON statistics: 1 Click Wired Ports > Stats > RMON Statistics > Display. The RMON Statistics Page opens: Figure 141 RMON Statistics Page The RMON Statistics Page contains the following fields: Interface Indicates the device for which statistics are displayed. The possible field values are: Port Defines the specific port for which RMON statistics are displayed. LAG Defines the specific LAG for which RMON statistics are displayed. Refresh Rate Defines the amount of time that passes before the interface statistics are refreshed. The possible field values are: No Refresh Indicates that the RMON Statistics are not refreshed. 15 Sec Indicates that the RMON statistics are refreshed every 15 seconds. 30 Sec Indicates that the RMON statistics are refreshed every 30 seconds.

272 272 CHAPTER 15: VIEWING STATISTICS 60 Sec Indicates that the RMON statistics are refreshed every 60 seconds. Received Bytes (Octets) Displays the number of octets received on the interface since the device was last refreshed. This number includes bad packets and FCS octets, but excludes framing bits. Received Packets Displays the number of packets received on the interface, including bad packets, Multicast and broadcast packets, since the device was last refreshed. Broadcast Packets Received Displays the number of good broadcast packets received on the interface since the device was last refreshed. This number does not include Multicast packets. Multicast Packets Received Displays the number of good Multicast packets received on the interface since the device was last refreshed. CRC & Align Errors Displays the number of CRC and Align errors that have occurred on the interface since the device was last refreshed. Undersize Packets Displays the number of undersized packets (less than 64 octets) received on the interface since the device was last refreshed. Oversize Packets Displays the number of oversized packets (over 1518 octets) received on the interface since the device was last refreshed. Fragments Displays the number of fragments (packets with less than 64 octets, excluding framing bits, but including FCS octets) received on the interface since the device was last refreshed. Jabbers Displays the total number of received packets that were longer than 1518 octets. This number excludes frame bits, but includes FCS octets that had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a non-integral octet (Alignment Error) number. The field range to detect jabbers is between 20 ms and 150 ms. Collisions Displays the number of collisions received on the interface since the device was last refreshed. Frames of 64 Bytes Number of 64-byte frames received on the interface since the device was last refreshed.

273 Viewing RMON Statistics 273 Frames of 65 to 127 Bytes Number of 65 to 127 byte frames received on the interface since the device was last refreshed. Frames of 128 to 255 Bytes Number of 128 to 255 byte frames received on the interface since the device was last refreshed. Frames of 256 to 511 Bytes Number of 256 to 511 byte frames received on the interface since the device was last refreshed. Frames of 512 to 1023 Bytes Number of 512 to 1023 byte frames received on the interface since the device was last refreshed. Frames of 1024 to 1518 Bytes Number of 1024 to 1518 byte frames received on the interface since the device was last refreshed. 2 Select a port. The RMON statistics are displayed. 3 Click. The RMON statistics counters are cleared and the new statistics are displayed.

274 274 CHAPTER 15: VIEWING STATISTICS Configuring RMON History The RMON History Control Summary Page contains information about samples of data taken from ports. For example, the samples may include interface definitions or polling periods. To view RMON History: 1 Click Wired Ports > Stats > RMON History > Control Summary. The RMON History Control Summary Page opens: Figure 142 RMON History Control Summary Page The RMON History Control Summary Page contains the following fields: History Entry No. Displays the entry number for the History Control Table page. Source Interface Displays the interface from which the history samples were taken. The possible field values are: Port Specifies the port from which the RMON information was taken. Sampling Interval Indicates in seconds the time that samplings are taken from the ports. The field range is The default is 1800 seconds (equal to 30 minutes). Sampling Requested Displays the number of samples to be saved. The field range is The default value is 50.

275 Configuring RMON History 275 Current Number of Samples Displays the current number of samples taken. Owner Displays the RMON station or user that requested the RMON information. The field range is 0-20 characters. To configure RMON History: 1 Click Wired Ports > Stats > RMON History > Control Setup. The RMON History Control Setup Page opens: Figure 143 RMON History Control Setup Page The RMON History Control Setup Page contains the following fields: New History Entry No. Displays the new entry number for the History Control Table page. Source Interface Displays the interface from which the history samples were taken. The possible field values are: Port Specifies the port from which the RMON information was taken. Owner Displays the RMON station or user that requested the RMON information. The field range is 0-20 characters. Max No. of Samples to Keep Number of samples to be saved. The default value is 50.

SuperStack 3 Switch 3848 Implementation Guide

SuperStack 3 Switch 3848 Implementation Guide SuperStack 3 Switch 3848 Implementation Guide 3CR17402-91 http://www.3com.com/ Part No. DUA1740-2BAA01 Published April 2004 3Com Corporation 350 Campus Drive Marlborough, MA USA 01752-3064 Copyright 2004,

More information

OfficeConnect Managed Switch 9 and Switch 9 FX Implementation Guide

OfficeConnect Managed Switch 9 and Switch 9 FX Implementation Guide OfficeConnect Managed Switch 9 and Switch 9 FX Implementation Guide 3CR16708-91 3CR16709-91 http://www.3com.com/ Part No. DUA1670-8BAA01 Published January 2005 3Com Corporation 350 Campus Drive Marlborough,

More information

SuperStack 3 Switch Implementation Guide

SuperStack 3 Switch Implementation Guide SuperStack 3 Switch Implementation Guide Generic guide for units in the SuperStack 3 Switch 4400 Series: 3C17203, 3C17204, 3C17205, 3C17206 http://www.3com.com/ Part No. DUA1720-3BAA04 Published January

More information

SuperStack 3 Switch 4200 Series Implementation Guide

SuperStack 3 Switch 4200 Series Implementation Guide SuperStack 3 Switch 4200 Series Implementation Guide Generic guide for units in the SuperStack 3 Switch 4200 Series: 3C17300 3C17302 3C17304 http://www.3com.com/ Part No. DUA1730-0BAA02 Published November

More information

3Com exchange Call Center Agent User Guide

3Com exchange Call Center Agent User Guide 3Com exchange Call Center Agent User Guide Version 4.33 http://www.3com.com Part Number: 900-0147-01 Rev AA Published May 2004 3Com Corporation, 350 Campus Drive, Marlborough MA 01752-3064 Copyright 2004,

More information

exchange Call Center Agent Guide

exchange Call Center Agent Guide exchange Call Center Agent Guide Version 4.6 NBX System Release 6.5 http://www.3com.com Part Number: 900-0419-01 Published April 2009 3Com Corporation, 350 Campus Drive, Marlborough MA 01752-3064 Copyright

More information

3Com exchange Call Center Administration Guide

3Com exchange Call Center Administration Guide 3Com exchange Call Center Administration Guide Version 4.33 http://www.3com.com Part Number 900-0146-01 Rev AA Published May 2004 3Com Corporation, 350 Campus Drive, Marlborough, MA 01752-3064 Copyright

More information

Management Software AT-S101. User s Guide. For use with the AT-GS950/8POE Gigabit Ethernet WebSmart Switch. Version Rev.

Management Software AT-S101. User s Guide. For use with the AT-GS950/8POE Gigabit Ethernet WebSmart Switch. Version Rev. Management Software AT-S101 User s Guide For use with the AT-GS950/8POE Gigabit Ethernet WebSmart Switch Version 1.0.0 613-000985 Rev. A Copyright 2008 Allied Telesis, Inc. All rights reserved. No part

More information

AT-GS950/8. AT-GS950/8 Web Interface User Guide AT-S113 Version [ ] Gigabit Ethernet Switch Rev A

AT-GS950/8. AT-GS950/8 Web Interface User Guide AT-S113 Version [ ] Gigabit Ethernet Switch Rev A AT-GS950/8 Gigabit Ethernet Switch AT-GS950/8 Web Interface User Guide AT-S113 Version 1.1.0 [1.00.021] 613-001856 Rev A Copyright 2013 Allied Telesis, Inc. All rights reserved. No part of this publication

More information

OfficeConnect Wireless Cable/DSL Gateway User Guide

OfficeConnect Wireless Cable/DSL Gateway User Guide OfficeConnect Wireless Cable/DSL Gateway User Guide 3CRWE51196 http://www.3com.com/ Part No. DUA5119-6AAA01 Published April 2002 3Com Corporation 5400 Bayfront Plaza Santa Clara, California 95052-8145

More information

SuperStack 3 Switch Implementation Guide

SuperStack 3 Switch Implementation Guide SuperStack 3 Switch Implementation Guide For units in the SuperStack 3 Switch 4900 Series http://www.3com.com/ Part No. DUA1770-0BAA05 Rev. 01 Published November 2002 3Com Corporation 5400 Bayfront Plaza

More information

AT-GS950/10PS Switch Web Interface User s Guide AT-S110 [ ]

AT-GS950/10PS Switch Web Interface User s Guide AT-S110 [ ] AT-GS950/10PS Gigabit Ethernet PoE+ Switch AT-GS950/10PS Switch Web Interface User s Guide AT-S110 [1.00.013] 613-001770 Rev A Copyright 2013 Allied Telesis, Inc. All rights reserved. No part of this publication

More information

LevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0

LevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0 LevelOne WAP-0005 108Mbps PoE Wireless AP User Manual V3.0.0 i TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 FIGURE 1: WIRELESS ACCESS POINT... 1 FEATURES OF YOUR WIRELESS ACCESS POINT... 1 Security Features...

More information

Configuring the Access Point/Bridge for the First Time

Configuring the Access Point/Bridge for the First Time CHAPTER 2 Configuring the Access Point/Bridge for the First Time This chapter describes how to configure basic settings on your access point/bridge for the first time. You can configure all the settings

More information

V7350 Unified Messaging Suite User Guide

V7350 Unified Messaging Suite User Guide V7350 Unified Messaging Suite User Guide VCX V7000 IP Telephony Solution System Release 5.0 Part Number 900-0195-01 AA Published August 2004 http://www.3com.com/ 3Com Corporation 350 Campus Drive Marlborough,

More information

Oct 2007 Version 1.01

Oct 2007 Version 1.01 Oct 2007 Version 1.01 Table of Contents Introduction...4 System Requirement...4 Getting Started...4 Installing the Smart WLAN Manager...5 Discovering the Switch and AP...9 Understanding the Screen Layout...12

More information

A Division of Cisco Systems, Inc. GHz 2, g. Wireless-G. User Guide. Access Point WIRELESS WAP54G (EU/LA/UK) Model No.

A Division of Cisco Systems, Inc. GHz 2, g. Wireless-G. User Guide. Access Point WIRELESS WAP54G (EU/LA/UK) Model No. A Division of Cisco Systems, Inc. GHz 2,4 802.11g WIRELESS Wireless-G Access Point User Guide Model No. WAP54G (EU/LA/UK) Copyright and Trademarks Specifications are subject to change without notice. Linksys

More information

Light Mesh AP. User s Guide. 2009/2/20 v1.0 draft

Light Mesh AP. User s Guide. 2009/2/20 v1.0 draft Light Mesh AP User s Guide 2009/2/20 v1.0 draft i FCC Certifications This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules.

More information

ProSAFE 8-Port and 16-Port 10-Gigabit Ethernet Web Managed Switch Models XS708Ev2 and XS716E User Manual

ProSAFE 8-Port and 16-Port 10-Gigabit Ethernet Web Managed Switch Models XS708Ev2 and XS716E User Manual ProSAFE 8-Port and 16-Port 10-Gigabit Ethernet Web Managed Switch Models XS708Ev2 and XS716E User Manual March 2017 202-11656-03 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing

More information

3Com Baseline Switch 2916-SFP Plus and Baseline Switch 2924-SFP Plus User Guide 3CBLSG16 / 3CBLSG24

3Com Baseline Switch 2916-SFP Plus and Baseline Switch 2924-SFP Plus User Guide 3CBLSG16 / 3CBLSG24 3Com Baseline Switch 2916-SFP Plus and Baseline Switch 2924-SFP Plus User Guide 3CBLSG16 / 3CBLSG24 www.3com.com Part Number 10016143 Rev. AA Published May 2007 3Com Corporation 350 Campus Drive Marlborough,

More information

A Division of Cisco Systems, Inc. GHz g. Wireless-G. User Guide. Access Point WIRELESS. WAP54G v2. Model No.

A Division of Cisco Systems, Inc. GHz g. Wireless-G. User Guide. Access Point WIRELESS. WAP54G v2. Model No. A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G Access Point User Guide Model No. WAP54G v2 Copyright and Trademarks Specifications are subject to change without notice. Linksys is

More information

Management Software AT-S79. User s Guide. For use with the AT-GS950/16 and AT-GS950/24 Smart Switches. Version Rev.

Management Software AT-S79. User s Guide. For use with the AT-GS950/16 and AT-GS950/24 Smart Switches. Version Rev. Management Software AT-S79 User s Guide For use with the AT-GS950/16 and AT-GS950/24 Smart Switches Version 1.0.0 613-000207 Rev. A Copyright 2005 Allied Telesyn, Inc. All rights reserved. No part of this

More information

ProSAFE 8-Port 10-Gigabit Web Managed Switch Model XS708Ev2 User Manual

ProSAFE 8-Port 10-Gigabit Web Managed Switch Model XS708Ev2 User Manual ProSAFE 8-Port 10-Gigabit Web Managed Switch Model XS708Ev2 User Manual April 2016 202-11656-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. You

More information

Wireless Access Point

Wireless Access Point 802.11g / 802.11b / WPA Wireless Access Point User's Guide TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 Features of your Wireless Access Point... 1 Package Contents... 4 Physical Details... 4 CHAPTER

More information

11 Mbps Wireless LAN PC Card User Guide

11 Mbps Wireless LAN PC Card User Guide 11 Mbps Wireless LAN PC Card User Guide Full featured wireless local area networking made simple. Version 2.0 http://www.3com.com/ http://support.3com.com/warrantyregistration/register.pl Published March

More information

ProSafe Plus Switch Utility

ProSafe Plus Switch Utility ProSafe Plus Switch Utility User Guide 350 East Plumeria Drive San Jose, CA 95134 USA May 2012 202-10524-04 2012 NETGEAR, Inc. All rights reserved No part of this publication maybe reproduced, transmitted,

More information

Getting Started. Contents

Getting Started. Contents Contents 1 Contents Introduction................................................... 1-2 Conventions................................................... 1-2 Feature Descriptions by Model................................

More information

3Com Switch 4800G Family IRF Configuration Guide

3Com Switch 4800G Family IRF Configuration Guide 3Com Switch 4800G Family IRF Configuration Guide Switch 4800G 24-Port Switch 4800G 48-Port Switch 4800G PWR 24-Port Switch 4800G PWR 48-Port Switch 4800G 24-Port SFP Product Version: Release 2202 Manual

More information

UNIFIED ACCESS POINT ADMINISTRATOR S GUIDE

UNIFIED ACCESS POINT ADMINISTRATOR S GUIDE UNIFIED ACCESS POINT ADMINISTRATOR S GUIDE PRODUCT MODEL: DWL-2600AP, DWL-3600AP, DWL-6600AP, DWL-8600AP, DWL-8610AP UNIFIED WIRED & WIRELESS ACCESS SYSTEM RELEASE 5.00 OCTOBER 2014 COPYRIGHT 2014. ALL

More information

Figure 35: Active Directory Screen 6. Select the Group Policy tab, choose Default Domain Policy then click Edit.

Figure 35: Active Directory Screen 6. Select the Group Policy tab, choose Default Domain Policy then click Edit. PC and Server Configuration Figure 35: Active Directory Screen 6. Select the Group Policy tab, choose Default Domain Policy then click Edit. Figure 36: Group Policy Tab 7. Select Computer Configuration

More information

48-Port 10/100/1000BASE-T + 4-Port 100/1000BASE-X SFP Gigabit Managed Switch GS T4S

48-Port 10/100/1000BASE-T + 4-Port 100/1000BASE-X SFP Gigabit Managed Switch GS T4S 48-Port 10/100/1000BASE-T + 4-Port 100/1000BASE-X SFP Gigabit Managed Switch GS-4210-48T4S Outlines Product Overview Product Benefits Applications Appendix Product Features 2 / 42 Product Overview Layer

More information

Wireless Access Point

Wireless Access Point 802.11g / 802.11b / WPA Wireless Access Point User Guide TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 Features of your Wireless Access Point... 1 Package Contents... 4 Physical Details... 4 CHAPTER 2

More information

Professional Access Point Administrator Guide

Professional Access Point Administrator Guide R46.1224.00 rev 2.0 07/06 Professional Access Point U.S. Robotics Corporation 935 National Parkway Schaumburg, Illinois 60173-5157 USA No part of this documentation may be reproduced in any form or by

More information

Peplink SD Switch User Manual. Published on October 25th, 2018

Peplink SD Switch User Manual. Published on October 25th, 2018 Peplink SD Switch User Manual Published on October 25th, 2018 1 Table of Contents Switch Layout 4 Specifications 5 Hardware Overview 6 Quick Start Functions 7 Reset Switch 7 Connect Ethernet 7 Connect

More information

A Division of Cisco Systems, Inc. GHz g. Wireless-G. Access Point. User Guide WIRELESS. WAP54G ver Model No.

A Division of Cisco Systems, Inc. GHz g. Wireless-G. Access Point. User Guide WIRELESS. WAP54G ver Model No. A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G Access Point User Guide Model No. WAP54G ver. 3.1 Copyright and Trademarks Specifications are subject to change without notice. Linksys

More information

802.11N Wireless Broadband Router

802.11N Wireless Broadband Router 802.11N Wireless Broadband Router Pre-N Wireless Access Point Broadband Internet Access WPS 4-Port Switching Hub User's Guide Table of Contents CHAPTER 1 INTRODUCTION... 1 Wireless Router Features... 1

More information

AirCruiser G Wireless Router GN-BR01G

AirCruiser G Wireless Router GN-BR01G AirCruiser G Wireless Router GN-BR01G User s Guide i Contents Chapter 1 Introduction... 1 Overview...1 Features...1 Package Contents...2 AirCruiser G Wireless Router Rear Panel...2 AirCruiser G Wireless

More information

FortiNAC. Cisco Airespace Wireless Controller Integration. Version: 8.x. Date: 8/28/2018. Rev: B

FortiNAC. Cisco Airespace Wireless Controller Integration. Version: 8.x. Date: 8/28/2018. Rev: B FortiNAC Cisco Airespace Wireless Controller Integration Version: 8.x Date: 8/28/2018 Rev: B FORTINET DOCUMENT LIBRARY http://docs.fortinet.com FORTINET VIDEO GUIDE http://video.fortinet.com FORTINET KNOWLEDGE

More information

AOS-W 6.4. Quick Start Guide. Install the Switch. Initial Setup Using the WebUI Setup Wizard

AOS-W 6.4. Quick Start Guide. Install the Switch. Initial Setup Using the WebUI Setup Wizard AOS-W 6.4 Quick Start Guide This document describes the initial setup of an Alcatel-Lucent user-centric network that consists of an Alcatel-Lucent switch and Alcatel-Lucent Access Points (APs). The installation

More information

DWS-4000 Series DWL-3600AP DWL-6600AP

DWS-4000 Series DWL-3600AP DWL-6600AP Unified Wired & Wireless Access System Configuration Guide Product Model: Release 1.0 DWS-4000 Series DWL-8600AP DWL-6600AP DWL-3600AP Page 1 Table of Contents 1. Scenario 1 - Basic L2 Edge Setup: 1 Unified

More information

Preliminary. NBX Telephone Guide

Preliminary. NBX Telephone Guide NBX Telephone Guide Telephones NBX 3102 Business Telephone NBX 2102 Business Telephone NBX 2102-IR Business Telephone NBX 1102 Business Telephone NBX 3101 Basic Telephone NBX 3101SP Basic Telephone NBX

More information

LevelOne WBR User s Manual. 11g Wireless ADSL VPN Router. Ver

LevelOne WBR User s Manual. 11g Wireless ADSL VPN Router. Ver LevelOne WBR-3407 11g Wireless ADSL VPN Router User s Manual Ver 1.00-0510 Table of Contents CHAPTER 1 INTRODUCTION... 1 Wireless ADSL Router Features... 1 Package Contents... 5 Physical Details... 6 CHAPTER

More information

User Guide. 450Mbps/300Mbps Wireless N Access Point TL-WA901ND/TL-WA801ND REV

User Guide. 450Mbps/300Mbps Wireless N Access Point TL-WA901ND/TL-WA801ND REV User Guide 450Mbps/300Mbps Wireless N Access Point TL-WA901ND/TL-WA801ND REV4.0.0 1910011930 Contents About This Guide...1 Chapter 1. Get to Know About Your Access Point.................... 2 1. 1. Product

More information

IEEE a/ac/n/b/g Outdoor Stand-Alone Access Point. Management Guide. ECWO Series. Software Release v1.0.1.

IEEE a/ac/n/b/g Outdoor Stand-Alone Access Point. Management Guide. ECWO Series.   Software Release v1.0.1. IEEE 802.11a/ac/n/b/g Outdoor Stand-Alone Access Point ECWO Series Management Guide Software Release v1.0.1.1 www.edge-core.com Management Guide ECWO Series Outdoor Stand-Alone Access Points 2.4 GHz, 5

More information

SWP-0208G, 8+2SFP. 8-Port Gigabit Web Smart Switch. User s Manual

SWP-0208G, 8+2SFP. 8-Port Gigabit Web Smart Switch. User s Manual SWP-0208G 1 SWP-0208G, 8+2SFP 8-Port Gigabit Web Smart Switch User s Manual Version: 3.4 April 1, 2008 2 TABLE OF CONTENT 1.0 INTRODUCTION...4 1.1 MAIN FEATURES...4 1.2 START TO MANAGE THIS SWITCH...6

More information

MSM320, MSM410, MSM422, MSM430,

MSM320, MSM410, MSM422, MSM430, Polycom VIEW Certified Configuration Guide Hewlett-Packard MSM710/720/760/765 Wireless LAN Controller With MSM310, MSM320, MSM410, MSM422, MSM430, MSM46x APs September 2012 1725-36068-001 Rev H Trademarks

More information

ES Port Managed Gigabit Switch with 4 SFP ports

ES Port Managed Gigabit Switch with 4 SFP ports ES220-28 28-Port Managed Gigabit Switch with 4 SFP ports Overview With the increasing number of wired and wireless network device, the SOARNEX SOAR series, ES220-28, provides a cost-effective solution

More information

48-Port Gigabit Ethernet Smart Managed Plus Switch User Manual

48-Port Gigabit Ethernet Smart Managed Plus Switch User Manual 48-Port Gigabit Ethernet Smart Managed Plus Switch User Manual Model GS750E July 2017 202-11784-01 350 E. Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. You

More information

Software Update C.09.xx Release Notes for the HP Procurve Switches 1600M, 2400M, 2424M, 4000M, and 8000M

Software Update C.09.xx Release Notes for the HP Procurve Switches 1600M, 2400M, 2424M, 4000M, and 8000M Software Update C.09.xx Release Notes for the HP Procurve Switches 1600M, 2400M, 2424M, 4000M, and 8000M Topics: TACACS+ Authentication for Centralized Control of Switch Access Security (page 7) CDP (page

More information

WRE6505 v2. User s Guide. Quick Start Guide. Wireless AC750 Range Extender. Default Login Details. Version 1.00 Edition 1, 10/2016

WRE6505 v2. User s Guide. Quick Start Guide. Wireless AC750 Range Extender. Default Login Details. Version 1.00 Edition 1, 10/2016 WRE6505 v2 Wireless AC750 Range Extender Version 1.00 Edition 1, 10/2016 Quick Start Guide User s Guide Default Login Details Web Address http://zyxelsetup http://dhcp-assigned IP www.zyxel.comhttp://192.168.1.2

More information

MSC-5100 Promotional Bundle Quickstart

MSC-5100 Promotional Bundle Quickstart MSC-5100 Promotional Bundle Quickstart This Quickstart shows you how to install, configure, and use the MSC-5100 Promotional Bundle. For detailed configuration and operating information on the MSC-5100

More information

Quick Start Guide for Standalone EAP

Quick Start Guide for Standalone EAP Quick Start Guide for Standalone EAP CHAPTERS 1. Determine the Management Method 2. Build the Network Topology 3. Log In to the EAP 4. Edit the SSID 5. Configure and Manage the EAP This guide applies to:

More information

FortiNAC Motorola Wireless Controllers Integration

FortiNAC Motorola Wireless Controllers Integration FortiNAC Motorola Wireless Controllers Integration Version: 8.x Date: 8/29/2018 Rev: B FORTINET DOCUMENT LIBRARY http://docs.fortinet.com FORTINET VIDEO GUIDE http://video.fortinet.com FORTINET KNOWLEDGE

More information

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch LGB1110A LGB1126A-R2 Product Data Sheet Gigabit Managed Ethernet Switch Features Overview LGB1110A The Gigabit Managed Ethernet Switches offer L2 features plus advanced L3 features such as Static Route

More information

TECHNICAL NOTE MSM & CLEARPASS HOW TO CONFIGURE HPE MSM CONTROLLERS WITH ARUBA CLEARPASS VERSION 3, JUNE 2016

TECHNICAL NOTE MSM & CLEARPASS HOW TO CONFIGURE HPE MSM CONTROLLERS WITH ARUBA CLEARPASS VERSION 3, JUNE 2016 HOW TO CONFIGURE HPE MSM CONTROLLERS WITH ARUBA CLEARPASS VERSION 3, JUNE 2016 CONTENTS Introduction... 5 MSM and AP Deployment Options... 5 MSM User Interfaces... 6 Assumptions... 7 Network Diagram...

More information

Wireless USB Port Multi-Functional Printer Server. Model # AMPS240W. User s Manual. Ver. 1A

Wireless USB Port Multi-Functional Printer Server. Model # AMPS240W. User s Manual. Ver. 1A Wireless USB 2.0 1-Port Multi-Functional Printer Server Model # AMPS240W User s Manual Ver. 1A Table of Contents 1 Introduction...3 1.1 Package Contents... 3 1.2 System Requirements... 3 2 Multi-Functional

More information

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide. Figure 9-1 Port Security Global Settings window

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide. Figure 9-1 Port Security Global Settings window 9. Security DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide Port Security 802.1X AAA RADIUS TACACS IMPB DHCP Server Screening ARP Spoofing Prevention MAC Authentication Web-based

More information

802.11ac Wireless Access Point Model WAC104

802.11ac Wireless Access Point Model WAC104 Point Model WAC104 User Manual October 2016 202-11698-01 350 E. Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. You can visit www.netgear.com/support to register

More information

Chapter 3 Wireless Configuration

Chapter 3 Wireless Configuration Chapter 3 Wireless Configuration This chapter describes how to configure the wireless features of your WNR854T router. In planning your wireless network, you should consider the level of security required.

More information

8-Port 10/100/1000 Gigabit Switch. User Guide. with WebView WIRED SRW2008/SRW2008P/SRW2008MP. Model No.

8-Port 10/100/1000 Gigabit Switch. User Guide. with WebView WIRED SRW2008/SRW2008P/SRW2008MP. Model No. 8-Port 10/100/1000 Gigabit Switch with WebView WIRED User Guide Model No. SRW2008/SRW2008P/SRW2008MP Copyright and Trademarks Specifications are subject to change without notice. Linksys is a registered

More information

Peplink SD Switch User Manual

Peplink SD Switch User Manual Peplink SD Switch User Manual Peplink Products: Peplink SD Switch 8-ports/24-ports/48-ports Peplink SD Switch Firmware 1.2.0 Published on December 10, 2018 Copyright & Trademarks Copyright & trademark

More information

Security SSID Selection: Broadcast SSID:

Security SSID Selection: Broadcast SSID: 69 Security SSID Selection: Broadcast SSID: WMM: Encryption: Select the SSID that the security settings will apply to. If Disabled, then the device will not be broadcasting the SSID. Therefore it will

More information

UNIFIED ACCESS POINT ADMINISTRATOR S GUIDE

UNIFIED ACCESS POINT ADMINISTRATOR S GUIDE UNIFIED ACCESS POINT ADMINISTRATOR S GUIDE PRODUCT MODEL: DWL-2600AP, DWL-3600AP, DWL-3610AP, DWL-6600AP, DWL-6610AP, DWL-6610APE, DWL-6700AP, DWL-8600AP, DWL-8610AP, DWL-8710AP,DWL-6620APS, DWL-7620AP

More information

EX2500 Ethernet Switch 3.0 Release Notes

EX2500 Ethernet Switch 3.0 Release Notes EX2500 Ethernet Switch 3.0 Release Notes Release 3.0R1 24 April 2009 Part Number: 530-029707-01 Revision 2 These release notes accompany Release 3.0R1 of the Juniper Networks EX2500 Ethernet Switches and

More information

OfficeConnect 11Mbps Wireless Access Point User Guide 3CRWE41196

OfficeConnect 11Mbps Wireless Access Point User Guide 3CRWE41196 OfficeConnect 11Mbps Wireless Access Point User Guide 3CRWE41196 http://www.3com.com/ Part No. DUA4119-6AAA01 Published March 2003 3Com Corporation 5500 Great America Parkway Santa Clara, California 95052-8145

More information

Chapter 1 Introduction

Chapter 1 Introduction Copyright Statement is the registered trademark of Zonet Technology Inc. All the products and product names mentioned herein are the trademarks or registered trademarks of their respective holders. Copyright

More information

Figure 5-25: Setup Wizard s Safe Surfing Screen

Figure 5-25: Setup Wizard s Safe Surfing Screen 4. After the settings have been saved, the Safe Surfing screen will appear. Click the Norton Internet Security Suite button to install the special edition of Norton Internet Security on your computer,

More information

54Mbps Pocket Wireless Access Point (WL-330g)

54Mbps Pocket Wireless Access Point (WL-330g) 54Mbps Pocket Wireless Access Point (WL-330g) Copyright 2004 ASUSTeK COMPUTER INC. All Rights Reserved. Contents Conventions... 2 Welcome!... 3 Package contents... 3 System requirements... 3 Device installation...

More information

ADMINISTRATION GUIDE Cisco Small Business 200 Series Smart Switch Administration Guide Release 1.1

ADMINISTRATION GUIDE Cisco Small Business 200 Series Smart Switch Administration Guide Release 1.1 ADMINISTRATION GUIDE Cisco Small Business 200 Series Smart Switch Administration Guide Release 1.1 10/100 Switches SF200-24, SF200-24P, SF200-48, SF200-48P Gigabit Switches SG200-18, SG200-26, SG200-26P,

More information

OfficeConnect Wireless 11g Cable/DSL Router User Guide

OfficeConnect Wireless 11g Cable/DSL Router User Guide OfficeConnect Wireless 11g Cable/DSL Router User Guide 3CRWE554G72T 3CRWE554G72TU http://www.3com.com/ Part No. DUA0554-TAAA01 Rev. 01 Published June 2004 3Com Corporation 350 Campus Drive Marlborough,

More information

WRE6606. User s Guide. Quick Start Guide. Dual-Band Wireless AC1300 Access Point. Default Login Details. Version 1.00 (ABDU.0) Edition 1, 10/2016

WRE6606. User s Guide. Quick Start Guide. Dual-Band Wireless AC1300 Access Point. Default Login Details. Version 1.00 (ABDU.0) Edition 1, 10/2016 WRE6606 Dual-Band Wireless AC1300 Access Point Version 1.00 (ABDU.0) Edition 1, 10/2016 Quick Start Guide User s Guide Default Login Details Web Address http://zyxelsetup http://dhcp-assigned IP www.zyxel.comhttp://192.168.1.2

More information

IP806GA/GB Wireless ADSL Router

IP806GA/GB Wireless ADSL Router IP806GA/GB Wireless ADSL Router 802.11g/802.11b Wireless Access Point ADSL Modem NAT Router 4-Port Switching Hub User's Guide Table of Contents CHAPTER 1 INTRODUCTION... 1 Wireless ADSL Router Features...

More information

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch LGB1110A LGB1152A Product Data Sheet Gigabit Managed Ethernet Switch LGB1110A OVERVIEW The Gigabit Managed Ethernet Switches offer L2 features plus advanced L3 features such as Static Route for Enterprise

More information

Gigabit Managed Ethernet Switch

Gigabit Managed Ethernet Switch LGB1110A LGB1126A-R2 LGB1152A Product Data Sheet Gigabit Managed Ethernet Switch FEATURES L2+ features make the switch easy to manage, provide robust security, and QoS. Offers a built-in device management

More information

Product features. Applications

Product features. Applications Applications Layer 2+ VLAN static routing application The managed switch features a built-in, robust IPv4/IPv6 Layer 3 traffic static routing protocol to ensure reliable routing between VLANs and network

More information

802.11a g Dual Band Wireless Access Point. User s Manual

802.11a g Dual Band Wireless Access Point. User s Manual 802.11a+802.11g Dual Band Wireless Access Point User s Manual 0 Chapter 1 Introduction 1.1 Feature Fully interoperable with IEEE 802.11b compliant products. High-Speed data transfer rate up to 11Mbps.

More information

1 Mojo S-2000 Series Managed PoE Switches

1 Mojo S-2000 Series Managed PoE Switches Datasheet 1 Mojo S-2000 Series Managed PoE Switches Highlighted Features Mojo cloud-managed switch 8-port, 24-port, and 48-port models 130 / 370 / 740 Watt power budget PoE & PoE+ Support (802.3af/at)

More information

OfficeConnect 11g Cable/DSL Router User Guide 3CRWE554G72T 3CRWE554G72TU

OfficeConnect 11g Cable/DSL Router User Guide 3CRWE554G72T 3CRWE554G72TU OfficeConnect 11g Cable/DSL Router User Guide 3CRWE554G72T 3CRWE554G72TU http://www.3com.com/ Part No. DUA0554-TAAA01 Rev. 01 Published June 2004 3Com Corporation 5500 Bayfront Plaza Santa Clara, California

More information

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo Vendor: HP Exam Code: HP2-Z32 Exam Name: Implementing HP MSM Wireless Networks Version: Demo QUESTION 1 A network administrator deploys several HP MSM APs and an HP MSM Controller. The APs discover the

More information

Insight Managed Smart Cloud Wireless Access Point User Manual

Insight Managed Smart Cloud Wireless Access Point User Manual Insight Managed Smart Cloud Wireless Access Point User Manual Model WAC510 February 2018 202-11840-03 350 E. Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product.

More information

OmniVista 3.5 Discovery Help

OmniVista 3.5 Discovery Help Using Discovery Open the Discovery application by clicking Discovery in the Task Bar, selecting Discovery from the Applications menu, or by clicking the Discovery icon in the Topology Toolbar. The Discovery

More information

For more information, see "Provision APs for Mesh" on page 6 6. Connect your APs to the network. See "Install the APs" on page 6

For more information, see Provision APs for Mesh on page 6 6. Connect your APs to the network. See Install the APs on page 6 AOS-W 3.4.1 Quick Start Guide This document describes the initial setup of an Alcatel-Lucent user-centric network that consists of an Alcatel-Lucent switch and Alcatel-Lucent Access Points (APs). The installation

More information

VCX Administration Guide

VCX Administration Guide VCX Administration Guide VCX IP Telephony Solution VCX Telephones and Attendant Console CDR Reporting Application Convergence Applications Suite System Release 8.0 Part Number 900-0499-01 Rev AA Published

More information

802.11N Wireless ADSL Router

802.11N Wireless ADSL Router 802.11N Wireless ADSL Router Pre-N Wireless Access Point ADSL Modem NAT Router WPS 4-Port Switching Hub User's Guide Table of Contents CHAPTER 1 INTRODUCTION...1 Wireless ADSL Router Features...1 Package

More information

ArubaOS 6.2. Quick Start Guide. Install the Controller. Initial Setup Using the WebUI Setup Wizard

ArubaOS 6.2. Quick Start Guide. Install the Controller. Initial Setup Using the WebUI Setup Wizard ArubaOS 6.2 Quick Start Guide This document describes the initial setup of an Aruba user-centric network that consists of an Aruba controller and Aruba Access Points (APs). The installation consists of

More information

MARQUE : REFERENCE : CODIC : NETGEAR GSS108E-100EUS NOTICE

MARQUE : REFERENCE : CODIC : NETGEAR GSS108E-100EUS NOTICE MARQUE : REFERENCE : CODIC : NETGEAR GSS108E-100EUS 4254961 NOTICE ProSAFE 8-Port and 16-Port Gigabit Web Managed Click Switch Model GSS108E and GSS116E User Manual May 2016 202-11520-03 350 East Plumeria

More information

MIMO Wireless Broadband Route r User s Manual 1

MIMO Wireless Broadband Route r User s Manual 1 MIMO Wireless Broadband Router User s Manual 1 Introduction...4 Features...4 Minimum Requirements...4 Package Content...4 Note...4 Get to know the Broadband Router...5 Back Panel...5 Front Panel...6 Setup

More information

ProSAFE Easy-Mount 8-Port Gigabit Ethernet PoE+ Web Managed Switch

ProSAFE Easy-Mount 8-Port Gigabit Ethernet PoE+ Web Managed Switch ProSAFE Easy-Mount 8-Port Gigabit Ethernet PoE+ Web Managed Switch Model GS408EPP User Manual December 2016 202-11693-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing

More information

Table of Contents. Chapter 1 Product Overview Features Package Contents LED Indicator and Panel Description...

Table of Contents. Chapter 1 Product Overview Features Package Contents LED Indicator and Panel Description... Copyright Statement is the registered trademark of Monoprice. All the products and product names mentioned herein are the trademarks or registered trademarks of their respective holders. Copyright of the

More information

3Com exchange Call Center Installation and Getting Started Guide

3Com exchange Call Center Installation and Getting Started Guide 3Com exchange Call Center Installation and Getting Started Guide Version 4.33 http://www.3com.com Part Number 900-0149-01 Rev AB Published July 2004 3Com Corporation, 350 Campus Drive, Marlborough, MA

More information

11N Wireless PCI Adapter User Guide -6-

11N Wireless PCI Adapter User Guide -6- -6- Copyright Statement is the registered trademark of Shenzhen Tenda Technology Co., Ltd. All the products and product names mentioned herein are the trademarks or registered trademarks of their respective

More information

8-Port Gigabit Ethernet Smart Managed Plus Switch with 2-Port 10G/Multi-Gig Uplinks User Manual

8-Port Gigabit Ethernet Smart Managed Plus Switch with 2-Port 10G/Multi-Gig Uplinks User Manual 8-Port Gigabit Ethernet Smart Managed Plus Switch with 2-Port 10G/Multi-Gig Uplinks User Manual Model GS110EMX December 2017 202-11810-03 350 E. Plumeria Drive San Jose, CA 95134 USA Support Thank you

More information

User Handbook. Switch Series. Default Login Details. Version 1.0 Edition

User Handbook. Switch Series. Default Login Details. Version 1.0 Edition User Handbook Switch Series Zyxel GS1920 / GS2210 / XGS2210 / GS3700 / XGS3700 / XGS4600 / XS1920 / XS3700 Default Login Details LAN IP Address https://192.168.1.1 User Name admin Password 1234 Version

More information

Wireless 11n Smart Repeater AP (1T1R)

Wireless 11n Smart Repeater AP (1T1R) (1T1R) 2014 Table of Contents 1. Introduction...3 1.1 Package contents... 3 1.2 Product Features... 3 1.3 Front Panel Description... 4 1.4 Rear Panel Description... 5 2. Installation...6 2.1 Hardware Installation...

More information

FortiNAC. HiPath. Enterasys. Siemens. Extreme. Wireless Integration. Version: 8.x. Date: 8/28/2018. Rev: B

FortiNAC. HiPath. Enterasys. Siemens. Extreme. Wireless Integration. Version: 8.x. Date: 8/28/2018. Rev: B FortiNAC HiPath Enterasys Siemens Extreme Wireless Integration Version: 8.x Date: 8/28/2018 Rev: B FORTINET DOCUMENT LIBRARY http://docs.fortinet.com FORTINET VIDEO GUIDE http://video.fortinet.com FORTINET

More information

Table of Contents. Page ii

Table of Contents. Page ii Table of Contents Chapter 1 Introduction 1 Features... 1 Safety Instructions... 1 Package Contents... 2 Physical Details... 3 Chapter 2 Setup 5 Overview... 5 Using the Windows Wizard... 5 Chapter 3 Web-Based

More information

EP Port Managed Gigabit Switch with 4 x IEEE 802.3at + 20 x IEEE 802.3af PoE

EP Port Managed Gigabit Switch with 4 x IEEE 802.3at + 20 x IEEE 802.3af PoE EP220-28-193 28-Port Managed Gigabit Switch with 4 x IEEE 802.3at + 20 x IEEE 802.3af PoE Overview To fulfill the needs of higher power requirement of PoE network applications with Gigabit speed transmission,

More information

11N Wireless PCI Adapter User Guide

11N Wireless PCI Adapter User Guide -- 1 -- Copyright Statement is the registered trademark of Shenzhen Tenda Technology Co., Ltd. All the products and product names mentioned herein are the trademarks or registered trademarks of their respective

More information

LiteStation2 LiteStation5 User s Guide

LiteStation2 LiteStation5 User s Guide LiteStation2 LiteStation5 User s Guide Contents Contents... 2 Introduction... 3 Quick Setup Guide... 4 Configuration Guide... 8 Main Settings... 9 Link Setup... 10 Basic Wireless Settings... 10 Wireless

More information

ASIT-33018PFM. 18-Port Full Gigabit Managed PoE Switch (ASIT-33018PFM) 18-Port Full Gigabit Managed PoE Switch.

ASIT-33018PFM. 18-Port Full Gigabit Managed PoE Switch (ASIT-33018PFM) 18-Port Full Gigabit Managed PoE Switch. () Introduction Description 16 * 10/100/1000M PoE ports + 2 * Gigabit SFP optical ports. L2+ function with better performance of management, safety & QoS etc. Supprt Layer 2 switching function, including

More information