3Com® Baseline Switch 2916-SFP Plus and Baseline Switch 2924-SFP Plus User Guide 3CBLSG16 / 3CBLSG24 www.3Com.com Part Number 10016143 Rev.
3Com Corporation 350 Campus Drive Marlborough, MA 01752-3064 Copyright © 2007, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation.
ABOUT THIS GUIDE This guide provides information about the Web user interface for the 3Com® Baseline Switch 2916-SFP Plus and Baseline Switch 2924-SFP Plus. The Web interface is a network management system that allows you to configure, monitor, and troubleshoot your switch from a remote web browser. The Web interface web pages are easy-to-use and easy-to-navigate. User Guide Overview This section provides an overview to the User Guide.
ABOUT THIS GUIDE ■ Aggregating Ports — Provides information for configuring Link Aggregation which optimizes port usage by linking a group of ports together to form a single LAG. ■ Configuring VLANs — Provides information for configuring VLANs. VLANs are logical subgroups with a Local Area Network (LAN) which combine user stations and network devices into a single virtual LAN segment, regardless of the physical LAN segment to which they are attached.
Intended Audience Intended Audience 5 This guide is intended for network administrators familiar with IT concepts and terminology. If release notes are shipped with your product and the information there differs from the information in this guide, follow the instructions in the release notes. Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format (PDF) or HTML on the 3Com Web site: ■ Conventions http://www.3Com.
CONTENTS ABOUT THIS GUIDE User Guide Overview ................................................................................. 3 Intended Audience..................................................................................... 5 Conventions .............................................................................................. 5 Related Documentation ............................................................................. 5 1 GETTING STARTED About the Switch 2916 and 2924 ..............
3 VIEWING BASIC SETTINGS Viewing Device Settings ...........................................................................41 Viewing Color Keys ..................................................................................43 4 MANAGING DEVICE SECURITY Configuring System Access.......................................................................45 Defining RADIUS Clients...........................................................................50 Defining Port-Based Authentication (802.1X)........
Modifying VLAN Settings ....................................................................... 105 Modifying Port VLAN Settings ................................................................ 107 Removing VLANs ................................................................................... 108 9 CONFIGURING IP AND MAC ADDRESS INFORMATION Defining IP Addressing ........................................................................... 109 Configuring ARP Settings.....................................
Defining Bandwidth Settings ..................................................................151 Defining Voice VLAN ..............................................................................153 14 MANAGING SYSTEM FILES Backing Up System Files .........................................................................163 Restoring Files ........................................................................................164 Upgrade the Firmware Image .................................................
C PIN-OUTS Console Cable ....................................................................................... 189 Null Modem Cable................................................................................. 190 PC-AT Serial Cable ................................................................................. 190 Modem Cable........................................................................................ 190 Ethernet Port RJ-45 Pin Assignments ...............................................
1 GETTING STARTED This chapter contains introductory information about the 3Com® Baseline Switch 2916-SFP Plus and the Baseline Switch 2924-SFP Plus and how they can be used in your network.
CHAPTER 1: GETTING STARTED About the Switch 2916 and 2924 The Switch 2916 and Switch 2924 are Gigabit Ethernet switching products that deliver flexible three-speed performance (10/100/1000) and advanced voice-optimized features such as auto-QoS and auto-voice VLAN. This makes the switches ideal for medium businesses and small enterprises seeking to build a secure converged network.
Front Panel Detail 13 Table 1 Hardware Features (continued) Feature Switch 2916 and 2924 Ethernet, Fast Ethernet, Auto-negotiating 10/100/1000BASE-T ports and Gigabit Ethernet Ports Front Panel Detail SFP Ethernet Ports Supports fiber Gigabit Ethernet long-wave (LX), and fiber Gigabit Ethernet short-wave (SX) transceivers in any combination. Mounting 19-inch rack or standalone mounting Figure 1 shows the front panel of the Switch 2916-SFP Plus 16-Port unit.
CHAPTER 1: GETTING STARTED LED Status Indicators The 2916-SFP Plus 16-Port and 24-Port Ethernet switches provide LED indicators on the front panel for your convenience to monitor the switch. Table 2 describes the meanings of the LEDs. Table 2 Description on the LEDs of the Switch 2916 and 2924 LED Label Status Description Power Power Green The switch starts normally. The LED flashes when the system is performing power-on self test (POST). Yellow The system has failed the POST.
System Specifications System Specifications 15 Table 3 contains the system specifications of the Switch 2916 and 2924 series switches. Table 3 System specifications of the Switch 2916 and 2924 series switches Specification Switch 2916-SFP Plus 16-Port 3CBLSG16 Switch 2924-SFP Plus 24-Port 3CBLSG24 Physical dimensions (H×W×D) 44×440×173 mm (1.73 17.3 6.81 in.) Weight 2.0 kg (4.
CHAPTER 1: GETTING STARTED Installing the Switch This section contains information that you need to install and set up your 3Com switch. WARNING: Safety Information. Before you install or remove any components from the Switch or carry out any maintenance procedures, you must read the 3Com Switch Family Safety and Regulatory Information document enclosed. AVERTISSEMENT: Consignes de securite.
Setting Up for Management Setting Up for Management 17 To make full use of the features offered by your switch, and to change and monitor the way it works, you have to access the management software that resides on the switch. This is known as managing the switch. Managing the switch can help you to improve the efficiency of the switch and therefore the overall performance of your network.
CHAPTER 1: GETTING STARTED Figure 3 Web Interface Management over the Network Switch Workstation Connect over Network via web browser Refer to “Setting Up Web Interface Management” on page 25. SNMP Management You can manage a switch using any network management workstation running the Simple Network Management Protocol (SNMP) as shown in Figure 4. For example, you can use the 3Com Network Director software, available from the 3Com website.
Switch Setup Overview 19 Figure 5 Initial Switch Setup and Management Flow Diagram Plug and Play Setup Power Up the Switch.
CHAPTER 1: GETTING STARTED IP Configuration The switch’s IP configuration is determined automatically using DHCP, or manually using values you assign. Automatic IP Configuration using DHCP By default the switch tries to configure its IP Information without requesting user intervention. It tries to obtain an IP address from a DHCP server on the network. Default IP Address If no DHCP server is detected, the switch will use its default IP information. The default IP address is 169.254.x.
Using the Command Line Interface (CLI) ■ 21 Your DHCP server does not allow you to allocate static IP addresses. (Static IP addresses are necessary to ensure that the switch is always allocated the same IP information.) For most installations, 3Com recommends that you configure the switch IP information manually. This makes management simpler and more reliable as it is not dependent on a DHCP server, and eliminates the risk of the IP address changing.
CHAPTER 1: GETTING STARTED Connecting the Workstation to the Switch 1 Connect the workstation to the console port using the console cable as shown in Figure 6. Figure 6 Connecting a Workstation to the Switch using the Console Port Workstation (with terminal emulation software installed) Switch Console Port Connection Console Cable To connect the cable: a Attach the cable’s RJ-45 connector to the Console port of the switch. b Attach the other end of the cable to the workstation.
Using the Command Line Interface (CLI) 23 1 Connect to the switch Console port as described in “Connecting to the Console Port” page 21. 2 The command line interface login sequence begins as soon as the switch detects a connection to its console port. When the process completes, the Login prompt displays. 3 At the login prompt, enter admin as your user name and press Return. The Password prompt displays. 4 Press Return. If you have logged on correctly, Select menu option# should be displayed.
CHAPTER 1: GETTING STARTED 5 Enter Summary to view a summary of allocated IP addresses. The following is an example of the display from the Summary command. Select menu option# summary IP Method: default IP address: 169.254.99.51 Subnet mask: 255.255.0.0 Runtime version: 00_00_38 (date 01-Apr-2007 time 15:31:29) Bootcode version: 1.0.0.
Setting Up Web Interface Management Setting Up Web Interface Management 25 This section describes how you can set up web interface management over the network. Prerequisites ■ Ensure you have already set up the switch with IP information as described in “Methods of Managing a Switch” on page 17. ■ Ensure that the switch is connected to the network using a Category 5 twisted pair Ethernet cable with RJ-45 connectors. ■ A suitable Web browser.
CHAPTER 1: GETTING STARTED Web Management Over the Network To manage a switch using the web interface over an IP network: 1 Be sure that you know your switch’s IP address. See “IP Configuration” on page 20, and “Viewing IP Information using the Console Port” on page 23. 2 Check that your management workstation is on the same subnet as your switch. 3 Check you can communicate with the switch by entering a ping command at the DOS or CMD prompt in the following format: c:\ ping xxx.xxx.xxx.
Default Users and Passwords Default Users and Passwords 27 If you intend to manage the switch or to change the default passwords, you must log in with a valid user name and password. The switch has one default user name. The default user is listed in Table 5. Table 5 Default Users Default User Name Password admin (no password) Access Level Management — The user can access and change all manageable parameters Use the admin default user name (no password) to login and carry out initial switch setup.
2 USING THE 3COM WEB INTERFACE This section provides an introduction to the user interface, and includes the following topics: Starting the 3Com Web Interface Multi-Session Web Connections ■ Starting the 3Com Web Interface ■ Understanding the 3Com Web Interface ■ Saving the Configuration ■ Resetting the Device ■ Restoring Factory Defaults ■ Logging Off the Device This section includes the following topics: ■ Multi-Session Web Connections ■ Accessing the 3Com Web Interface The Multi-Sess
Starting the 3Com Web Interface Accessing the 3Com Web Interface 29 This section contains information on starting the 3Com Web interface. To access the 3Com user interface: 1 Open an Internet browser. 2 Enter the device IP address in the address bar and press Enter. The Enter Network Password Page opens: Figure 7 Enter Network Password Page 3 Enter your user name and password. The device default factory settings is configured with a User Name that is admin and a password that is blank.
CHAPTER 2: USING THE 3COM WEB INTERFACE Figure 8 3Com Web Interface Home Page Understanding the 3Com Web Interface The 3Com Web Interface Home Page contains the following views: ■ Tab View — Provides the device summary configuration located at the top of the home page. ■ Tree View — Provides easy navigation through the configurable device features. The main branches expand to display the sub-features.
Understanding the 3Com Web Interface Figure 9 31 Web Interface Components The following table lists the user interface components with their corresponding numbers: Table 6 Interface Components View Description 1 Tree View Tree View provides easy navigation through the configurable device features. The main branches expand to display the sub-features. 2 Tab View The Tab Area enables navigation through the different device features. Click the tabs to view all the components under a specific feature.
CHAPTER 2: USING THE 3COM WEB INTERFACE Device Representation The 3Com Web Interface Home Page contains a graphical panel representation of the device that appears within the Device View Tab. To access the Device Representation: 1 Click Device Summary > Device View. Figure 10 Device Representation 2 By selecting a specific port with your mouse, you can view the port statistics. For detailed information on configuring ports, please refer to “Configuring Ports” page 85.
Using Screen and Table Options Using Screen and Table Options 33 3Com contains screens and tables for configuring devices. This section contains the following topics: ■ Viewing Configuration Information ■ Adding Configuration Information ■ Modifying Configuration Information ■ Removing Configuration Information Viewing Configuration Information To view configuration information: 1 Click Port > Administration > Summary.
CHAPTER 2: USING THE 3COM WEB INTERFACE Adding Configuration Information User-defined information can be added to specific 3Com Web Interface pages, by opening the IP Setup Page. For example, to configure IP Setup: 1 Click Administration > IP Setup. The IP Setup Page opens: Figure 12 IP Setup Page 2 Enter requisite information in the text field. 3 Click Apply. The IP information is configured, and the device is updated.
Using Screen and Table Options 35 Modifying Configuration Information 1 Click Administration > System Access > Modify. The System Access Modify Page opens: Figure 13 System Access Modify Page 2 Modify the fields. 3 Click Apply. The access fields are modified.
CHAPTER 2: USING THE 3COM WEB INTERFACE Removing Configuration Information 1 Click Administration > System Access > Remove. The System Access Remove Page opens: Figure 14 System Access Remove Page 2 Select the user account to be deleted. 3 Click Remove. The user account is deleted, and the device is updated.
Saving the Configuration Saving the Configuration 37 Configuration changes are only saved to the device once the user saves the changes to the flash memory. The Save Configuration tab allows the latest configuration to be saved to the flash memory. To save the device configuration: 1 Click Save Configuration. The Save Configuration Page opens: Figure 15 Save Configuration Page A message appears: The operation saves your configuration. Do you wish to continue? 2 Click OK.
CHAPTER 2: USING THE 3COM WEB INTERFACE Resetting the Device The Reset Page enables resetting the device from a remote location. To prevent the current configuration from being lost, use the Save Configuration Page to save all user-defined changes to the flash memory before resetting the device. To reset the device: 1 Click Administration > Reset. The Reset Page opens: Figure 16 Reset Page 2 Click Reboot. A confirmation message is displayed. 3 Click OK.
Restoring Factory Defaults Restoring Factory Defaults 39 The Restore option appears on the Reset Page. The Restore option restores device factory defaults. To restore the device: 1 Click Administration > Reset. The Reset Page opens: Figure 18 Reset Page The Reset Page contains the following fields: ■ ■ Initialize with Current IP Address — Resets the device with the factory default settings, but maintains the current IP Address, subnet mask, and default gateway address.
CHAPTER 2: USING THE 3COM WEB INTERFACE Logging Off the Device To log off the device: 1 Click Logout. The Logout Page opens. 2 The following message appears: 3 Click OK. The 3Com Web Interface Home Page closes.
3 VIEWING BASIC SETTINGS This section contains information about viewing basic settings available from the Web interface home page, including the Device Summary page and the Color Keys page. Viewing Device Settings The Device Summary Page displays general information, including the system name, location, and contact, the system MAC address, System Object ID, System Up Time, and software, boot, and hardware versions. To view the Device Summary Settings: 1 Click Device Summary.
CHAPTER 3: VIEWING BASIC SETTINGS ■ Product Description — Displays the device model number and name ■ System Name — Defines the user-defined device name. The field range is 0-160 characters. ■ System Location — Defines the location where the system is currently running. The field range is 0-160 characters. ■ System Contact — Defines the name of the contact person. The field range is 0-160 characters. ■ Serial Number — Displays the device serial number.
Viewing Color Keys Viewing Color Keys 43 The Color Key Page provides information about the RJ45 or SFP port status. To view color keys: 1 Click Device Summary > Color Key. The Color Key Page opens: Figure 20 Color Key Page The Color Key Page contains the following fields: ■ RJ45 — Displays the port status of the RJ45 connections which are the physical interface used for terminating twisted pair type cable.
4 MANAGING DEVICE SECURITY The Management Security section provides information for configuring system access, defining RADIUS authentication, port-based authentication and defining access control lists. This section includes the following topics: ■ Configuring System Access ■ Defining RADIUS Clients ■ Defining Port-Based Authentication (802.
Configuring System Access Configuring System Access 45 Network administrators can define users, passwords, and access levels for users using the System Access Interface. The Multi-Session web feature is enabled on device and allows 10 users to be created and access the switch concurrently. Access levels provide read or read/write permissions to users for configuring the switch. Login information is managed in the local database. A unique password is required of each user.
CHAPTER 4: MANAGING DEVICE SECURITY Viewing System Access Settings The System Access Summary Page displays the current users and access levels defined on the device. To view System Access settings: 1 Click Administration > System Access > Summary. The System Access Summary Page opens: Figure 21 System Access Summary Page The System Access Summary Page contains the following fields: ■ User Name — Displays the user name.
Configuring System Access Defining System Access 47 The System Access Setup Page allows network administrators to define users, passwords, and access levels for users using the System Access Interface. Monitor users have no access to this page. 1 Click Administration > System Access > Setup. The System Access Setup Page opens: Figure 22 System Access Setup Page The System Access Setup Page contains the following fields: ■ User Name — Defines the user name.
CHAPTER 4: MANAGING DEVICE SECURITY Modifying System Access The System Access Modify Page allows network administrators to modify users, passwords, and access levels using the System Access Interface. Monitor users have no access to this page. 1 Click Administration > System Access > Modify. The System Access Modify Page opens: Figure 23 System Access Modify Page The System Access Modify Page contains the following fields: ■ User Name — Displays the user name.
Configuring System Access Removing System Access 49 The System Access Remove Page allows network administrators to remove users from the System Access Interface. Monitor users have no access to this page. To remove users: 1 Click Administration > System Access > Remove. The System Access Remove Page opens: Figure 24 System Access Remove Page The System Access Remove Page contains the following fields: ■ Remove User(s) — Select user(s) from the list below to be removed.
CHAPTER 4: MANAGING DEVICE SECURITY Defining RADIUS Clients Remote Authorization Dial-In User Service (RADIUS) servers provide additional security for networks. RADIUS servers provide a centralized authentication method for 802.1X. The default parameters are user-defined, and are applied to newly defined RADIUS servers. If new default parameters are not defined, the system default values are applied to newly defined RADIUS servers. Monitor users have no access to this page.
Defining RADIUS Clients 51 ■ Authentication Port — Identifies the authentication port. The authentication port is used to verify the RADIUS server authentication. The authenticated port default is 1812. ■ Number of Retries — Defines the number of transmitted requests sent to the RADIUS server before a failure occurs. Possible field values are 1-10. The default value is 3.
CHAPTER 4: MANAGING DEVICE SECURITY Defining Port-Based Authentication (802.1X) Port-based authentication authenticates users on a per-port basis via an external server. Only authenticated and approved system users can transmit and receive data. Ports are authenticated via the RADIUS server using the Extensible Authentication Protocol (EAP). Port-based authentication includes: ■ Authenticators — Specifies the device port which is authenticated before permitting system access.
Defining Port-Based Authentication (802.1X) Viewing 802.1X Authentication 53 The 802.1X Summary Page allows the network administrator to view port-based authentication settings. To view Port-based Authentication: 1 Click Security > 802.1X > Summary. The 802.1X Summary Page opens: Figure 26 802.1X Summary Page The 802.1X Summary Page contains the following fields: ■ Port — Displays a list of interfaces. ■ User Name — Displays the supplicant user name.
CHAPTER 4: MANAGING DEVICE SECURITY ■ ■ Guest VLAN — Indicates whether an unauthorized port is allowed to join the Guest VLAN. The possible field values are: ■ Enable — Enables an unauthorized port to join the Guest VLAN. ■ Disable — Disables an unauthorized port to join the Guest VLAN. Periodic Reauthentication — Enables periodic reauthentication on the port. ■ ■ Enable — Enables the periodic reauthentication on the port. Disable — Disables the periodic reauthentication on the port.
Defining Port-Based Authentication (802.1X) 55 To configure 802.1X Settings: 1 Click Security > 802.1X > Setup. The 802.1X Setup Page opens: Figure 27 802.1X Setup Page The 802.1X Setup Page contains the following fields: 802.1X Global Settings ■ Port Based Authentication State — Indicates if Port Authentication is enabled on the device. The possible field values are: ■ ■ ■ Disable — Disables port-based authentication on the device. This is the default value.
CHAPTER 4: MANAGING DEVICE SECURITY access. For example, a network administrator can use Guest VLANs to deny network access via port-based authentication, but grant Internet access to unauthorized users. ■ Guest VLAN ID — Specifies the guest VLAN ID. 802.1X Port Settings ■ Admin Port Control — Displays the admin port authorization state. ■ ■ ■ ■ ■ ■ Force Authorized — Places the interface into an authorized state without being authenticated.
Defining Access Control Lists Defining Access Control Lists 57 Access Control Lists (ACL) allow network managers to define classification actions and rules for specific ingress ports. Packets entering an ingress port, with an active ACL are either admitted or denied entry. If they are denied entry, the port can be disabled. For example, an ACL rule is defined states that port number 20 can receive TCP packets, however, if a UDP packet is received, the packet is dropped.
CHAPTER 4: MANAGING DEVICE SECURITY Viewing MAC Based ACLs The MAC Based ACL Summary Page displays information regarding MAC Based ACLs configured on the device. Ports are reactivated from the Interface Configuration Page. To view MAC Based ACLs: 1 Click Device > ACL > MAC Based ACL > Summary. The MAC Based ACL Summary Page opens: Figure 28 MAC Based ACL Summary Page The MAC Based ACL Summary Page contains the following fields: ■ ACL Name — Contains a list of the MAC-based ACLs.
Defining Access Control Lists ■ Ethertype — Provides an identifier that differentiates between various types of protocols. ■ Action — Indicates the ACL forwarding action. In addition, the port can be shut down, a trap can be sent to the network administrator, or packet is assigned rate limiting restrictions for forwarding. The options are as follows: ■ Permit — Forwards packets which meet the ACL criteria. ■ Deny — Drops packets which meet the ACL criteria.
CHAPTER 4: MANAGING DEVICE SECURITY Add Rules to ACL ■ Priority — Indicates the ACE priority, which determines which ACE is matched to a packet on a first-match basis. The possible field values are 1-2147483647. ■ Source MAC Address — Matches the source MAC address to which packets are addressed to the ACE. ■ Source Mask — Indicates the source MAC Address wildcard mask. Wildcards are used to mask all or part of a source MAC address. Wildcard masks specify which bits are used and which are ignored.
Defining Access Control Lists 61 packet is assigned rate limiting restrictions for forwarding. The options are as follows: ■ Permit — Forwards packets which meet the ACL criteria. ■ Deny — Drops packets which meet the ACL criteria. ■ Shutdown — Drops packet that meets the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Port Administration Setup Page. 2 Define the fields. 3 Click Apply.
CHAPTER 4: MANAGING DEVICE SECURITY Modify ■ Priority — Indicates the rule priority, which determines which rule is matched to a packet on a firstmatch basis. ■ Source MAC Address — Matches the source MAC address to which packets are addressed to the ACE. ■ Source Mask — Indicates the source MAC Address wildcard mask. Wildcards are used to mask all or part of a source address by specifying which bits are used and which are ignored.
Defining Access Control Lists ■ Permit — Forwards packets which meet the ACL criteria. ■ Deny — Drops packets which meet the ACL criteria. ■ 63 Shutdown — Drops packet that meets the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Port Administration Setup Page. 2 Define the fields. 3 Click Apply. The MAC based settings are modified, and the device is updated.
CHAPTER 4: MANAGING DEVICE SECURITY ■ Priority — Indicates the rule priority, which determines which rule is matched to a packet on a firstmatch basis. ■ Source Address — Matches the source MAC address to which packets are addressed to the ACE. ■ Destination Address — Matches the destination MAC address to which packets are addressed to the ACE. ■ VLAN ID — Matches the packet's VLAN ID to the ACE. The possible field values are 1 to 4093. ■ CoS — Classifies Class of Service of the packet.
Defining Access Control Lists Viewing IP Based ACLs 65 The IP Based ACL Summary Page displays information regarding IP Based ACLs configured on the device. To view IP Based ACLs: 1 Click Device > ACL > IP Based ACL > Summary. The IP Based ACL Summary Page opens: Figure 32 IP Based ACL Summary Page The IP Based ACL Summary Page contains the following fields: ■ ACL Name — Contains a list of the IP Based ACLs.
CHAPTER 4: MANAGING DEVICE SECURITY ■ ICMP Code — Specifies an ICMP message code for filtering ICMP packets. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. ■ IGMP Type — IGMP packets can be filtered by IGMP message type. ■ Source Address — Matches the source IP address to which packets are addressed to the ACL. ■ Source Mask — Indicates the source IP address mask.
Defining Access Control Lists 67 To configure IP Based Access Control Lists: 1 Click Device > ACL > IP Based ACL > Setup. The IP Based ACL Setup Page opens: Figure 33 IP Based ACL Setup Page The IP Based ACL Setup Page contains the following fields: ■ Selection ACL — Selects the ACL to be bound. ■ Create ACL — Defines a new user-defined IP based ACL. Add Rules to ACL ■ Priority — Defines the ACL priority. ACLs are checked on the first fit basis.
CHAPTER 4: MANAGING DEVICE SECURITY ■ Destination Port — Indicates the destination port that is used for matched packets. Enabled only when TCP or UDP are selected in the Protocol list. The field value is either user defined or Any. If Any is selected, the IP based ACL is applied to any destination port. ■ TCP Flags — If checked, enables configuration of TCP flags matched to the packet. The possible fields are: ■ ■ ■ ■ ■ ■ Urg — Urgent pointer field significant.
Defining Access Control Lists ■ ■ IGMP Type — Specifies an IGMP message type. ■ Any — Does not filter for an IGMP message type. Source IP Address — If selected, enables matching the source port IP address to which packets are addressed to the ACE, according to a wildcard mask. The field value is either user defined or Any. If Any is selected, accepts any source IP address and disables wildcard mask filtering. ■ ■ Wild Card Mask — Defines the source IP address wildcard mask.
CHAPTER 4: MANAGING DEVICE SECURITY ■ Match IP Precedence — Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. ■ Action — Indicates the ACL forwarding action. In addition, the port can be shut down, a trap can be sent to the network administrator, or packet is assigned rate limiting restrictions for forwarding. The options are as follows: ■ Permit — Forwards packets which meet the ACL criteria.
Defining Access Control Lists 71 The IP Based ACL Modify Page contains the following fields: ■ Selection ACL — Selects the ACL to be modified. Modify Rule ■ Priority — Defines the ACL priority. ACLs are checked on the first fit basis. The ACL priority defines the ACL order in the ACL list. ■ Protocol — Indicates the protocol in the ACE to which the packet is matched. ■ ■ ■ Any — Enables creating an ACL based on any protocol.
CHAPTER 4: MANAGING DEVICE SECURITY For each TCP flag, the possible field values are: ■ ■ Set — Enables the TCP flag. ■ Unset — Disables the TCP flag. ■ Don’t Care — Does not check the packet’s TCP flag. ICMP — If checked, enables filtering ICMP packets for an ICMP message type. The possible values are: ■ Select from List — Selects an ICMP message type from a list. ■ ICMP Type — Specifies an ICMP message type. ■ Any — Does not filter for an ICMP message type.
Defining Access Control Lists ■ Match DSCP — Matches the packet DSCP value to the ACL. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. ■ Match IP Precedence — Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP Precedence value is used to match packets to ACLs. ■ Action — Indicates the ACL forwarding action.
CHAPTER 4: MANAGING DEVICE SECURITY The IP Based ACL Remove Page contains the following fields: ■ ACL Name — Contains a list of the IP-based ACLs. ■ Remove ACL — Removes an ACL. The possible field values are: ■ Checked — Removes the selected IP-based ACL. ■ Unchecked — Maintains the IP-based ACL. ■ Priority — Indicates the ACL priority, which determines which ACL is matched to a packet on a first-match basis. The possible field values are 1-2147483647.
Defining Access Control Lists ■ 75 Shutdown — Drops packet that meets the ACL criteria, and disables the port to which the packet was addressed. Ports are reactivated from the Port Administration Setup Page. 2 Select an ACL to be removed. 3 Click Apply. The selected ACLs are deleted, and the device is updated. Viewing ACL Binding The ACL Binding Summary Page displays the user-defined ACLs mapped to the interfaces. To view ACL Binding: 1 Click Device > ACL > ACL Binding > Summary.
CHAPTER 4: MANAGING DEVICE SECURITY Configuring ACL Binding The ACL Binding Setup Page allows the network administrator to bind specific ports to MAC or IP Based ACLs. The monitor user has no access to this page. To define ACL Binding: 1 Click Device > ACL > ACL Binding > Summary. The ACL Binding Summary Page opens: Figure 37 ACL Binding Setup Page The ACL Binding Setup Page contains the following fields: ■ Select Port(s) — Indicates the ports to be configured.
Defining Access Control Lists Removing ACL Binding 77 The ACL Binding Remove Page allows the network administrator to remove user-defined ACLs from a selected interface. Monitor users have no access to this page. To remove ACL Binding: 1 Click Device > ACL > ACL Binding > Remove. The ACL Binding Remove Page opens: Figure 38 ACL Binding Remove Page The ACL Binding Remove Page contains the following fields: ■ Interface — Displays the port interface to which the ACL is bound.
CHAPTER 4: MANAGING DEVICE SECURITY Enabling Broadcast Storm Broadcast Storm limits the amount of Multicast and Broadcast frames accepted and forwarded by the device. When Layer 2 frames are forwarded, Broadcast and Multicast frames are flooded to all ports on the relevant VLAN. This occupies bandwidth, and loads all nodes on all ports. A Broadcast Storm is a result of an excessive amount of broadcast messages simultaneously transmitted across a network by a single port.
Enabling Broadcast Storm 79 The Broadcast Storm Setup Page contains the following fields: ■ Broadcast Storm Control — Indicates if forwarding Broadcast packet types is enabled on the interface. ■ Disabled — Disables broadcast control on the selected port. ■ Broadcast — Enables broadcast control on the selected port. ■ ■ Broadcast&Multicast — Enables broadcast and multicast control on the selected port.
5 GENERAL SYSTEM INFORMATION This section contains information about configuring general system parameters, and includes the following: Viewing System Description ■ Viewing System Description ■ Configuring System Name Information ■ Configuring System Time The Device View Page displays parameters for configuring general device information, including the system name, MAC Address, software and hardware versions, and more. 1 Click Device Summary. The Device View Page opens.
Viewing System Description 81 The Device View Page contains the following fields: ■ Product Description — Displays the device model number and name. Not user-editable. ■ System Name — Displays the user-defined device name. See “Configuring System Name Information” page 82. ■ System Location — Displays the location where the system is currently running. See page 82. ■ System Contact — Displays the name of the contact person. See “Configuring System Name Information” page 82.
CHAPTER 5: GENERAL SYSTEM INFORMATION Configuring System Name Information The System Name Page allows the Network Administrator to provide a user-defined system name, location, and contact information for the device. Monitor users have read-only permissions on this page. To configure the System Name: 1 Click Administration > System Name. The System Name Page opens: Figure 41 System Name Page The System Name Page includes the following fields: ■ System Name — Defines the user-defined device name.
Configuring System Time Configuring System Time 83 The System Time Setup Page contains fields for defining system time parameters for the local hardware clock. Daylight Savings Time can be enabled on the device. Monitor users have limited permissions on this page. Country specific times need to be added manually. To configure the System Time: 1 Click Administration > System Time.
CHAPTER 5: GENERAL SYSTEM INFORMATION ■ DST Region — Selects USA or European standard DST, or customizable DST. ■ ■ ■ USA — The device switches to DST at 2:00 a.m. from the second Sunday in March, and reverts to standard time at 2:00 a.m. on the First Sunday of November European — The device switches to DST at 1:00 am on the last Sunday in March and reverts to standard time at 1:00 am on the last Sunday in October.
6 CONFIGURING PORTS This section contains information for configuring Port Settings, and includes the following sections: Viewing Port Settings ■ Viewing Port Settings ■ Defining Port Settings ■ Viewing Port Details The Port Administration Summary Page permits the network manager to view the current port and LAG setting configuration. The Port Administration Summary Page also displays to which LAGs the port belongs.
CHAPTER 6: CONFIGURING PORTS To view Port Settings: 1 Click Port > Administration > Summary. The Port Administration Summary Page opens: Figure 43 Port Administration Summary Page The Port Administration Summary Page contains the following fields: ■ Port — Indicates the selected port number. ■ Port Status — Indicates whether the port is currently operational or non-operational. The possible field values are: ■ Up — Indicates the port is currently operating.
Viewing Port Settings ■ ■ 10M — Indicates the port is currently operating at 10 Mbps. ■ 100M — Indicates the port is currently operating at 100 Mbps. ■ 1000M — Indicates the port is currently operating at 1000 Mbps. Duplex Mode — Displays the port duplex mode. This field is configurable only when auto negotiation is disabled, and the port speed is set to 10M or 100M or 1000M per second. This field cannot be configured on LAGs.
CHAPTER 6: CONFIGURING PORTS Defining Port Settings The Port Administration Setup Page allows network managers to configure port parameters for specific ports. Monitor users have no access to this page. To configure Port Settings: 1 Click Port > Administration > Setup. The Port Administration Setup Page opens: Figure 44 Port Administration Setup Page The Port Administration Setup Page contains the following fields: ■ ■ Port State — Defines the port state.
Defining Port Settings ■ ■ 10 — Indicates the port is currently operating at 10 Mbps. ■ 100 — Indicates the port is currently operating at 100 Mbps. ■ 1000 — Indicates the port is currently operating at 1000 Mbps. ■ Auto — Use to automatically configure the port. ■ No Change — Retains the current port speed. Duplex — Displays the port duplex mode. This field is configurable only when auto negotiation is disabled, and the port speed is set to 10M or 100M. This field cannot be configured on LAGs.
CHAPTER 6: CONFIGURING PORTS Viewing Port Details The Port Detail Page displays current port parameters for specific ports. Monitor users have no access to this page. To view Port Details: 1 Click Port > Administration > Detail. The Port Detail Page opens: Figure 45 Port Detail Page The Port Detail Page contains the following fields: ■ Select a Port — Displays the current port settings. ■ Port State — Indicates the port state. The possible field values are: ■ ■ Enable — Enables the port.
Viewing Port Details ■ ■ 91 Speed — Displays the configured rate for the port. The port type determines what speed setting options are available. Port speeds can only be configured when auto negotiation is disabled. The possible field values are: ■ 10 — Indicates the port is currently operating at 10 Mbps. ■ 100 — Indicates the port is currently operating at 100 Mbps. ■ 1000 — Indicates the port is currently operating at 1000 Mbps. ■ Auto — Use to automatically configure the port.
7 AGGREGATING PORTS This section contains information for configuring Link Aggregation, which optimizes port usage by linking a group of ports together to form a single LAG. A Link Aggregated Group (LAG) aggregates ports or VLANs into a single virtual port or VLAN. Aggregating ports multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. Ensure the following: ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ All ports within a LAG must be the same media type.
Viewing Link Aggregation Viewing Link Aggregation 93 The Link Aggregation Summary Page displays port usage by linking a group of ports together to form a single LAG. Aggregating ports multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. To view Link Aggregation: 1 Click Ports > Link Aggregation > Summary.
CHAPTER 7: AGGREGATING PORTS 1 Click Ports > Link Aggregation > Create. The Link Aggregation Create Page opens: Figure 47 Link Aggregation Create Page The Link Aggregation Create Page includes the following fields: ■ Enter aggregation Group ID — Displays the group ID. The range is 1-8 groups. ■ Static — Selects the link aggregation type to be static. ■ LACP — Selects the link aggregation type to be LACP.
Modifying Link Aggregation Modifying Link Aggregation 95 The Link Aggregation Modify Page optimizes port usage by linking a group of ports together to form a single LAG. Aggregating ports multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. Monitor users have no access to this page. To modify Link Aggregation: 1 Click Ports > Link Aggregation > Modify.
CHAPTER 7: AGGREGATING PORTS Summary ■ Group ID — Displays the Link Aggregated Group ID. ■ Type — Displays the link aggregation type. ■ Member Ports — Displays the ports configured to the LAG. 2 Define the fields. 3 Click Apply. Link Aggregation is configured, and the application is updated. Removing Link Aggregation The Link Aggregation Remove Page allows the network manager to remove group IDs containing member ports. Monitor users have no access to this page.
Viewing LACP 97 The Link Aggregation Remove Page includes the following fields: ■ Select Aggregation(s) to Remove — Displays the Link Aggregation table. Each row corresponds to a Link Aggregated Group ID. The fields in the table are: ■ Group ID — Displays the Link Aggregated Group ID. ■ Type — Displays the Link Aggregation type. ■ Member Ports — Displays the ports for which the link aggregation parameters are defined. 2 Select a group ID to be removed 3 Click Remove.
CHAPTER 7: AGGREGATING PORTS The LACP Summary Page contains the following fields: Modifying LACP ■ Port — Displays the port number to which timeout and priority values are assigned. ■ Port-Priority — Displays the LACP priority value for the port. The field range is 1-65535. ■ LACP Timeout — Displays the administrative LACP timeout. The possible field values are: ■ Long — Specifies the long timeout value. ■ Short — Specifies the short timeout value.
Modifying LACP 99 The LACP Modify Page contains the following fields: ■ LACP System Priority — Specifies system priority value. The field range is 1-65535. The field default is 1 ■ Select Port — Displays the port number to which timeout and priority values are assigned. ■ LACP Port Priority — Displays the LACP priority value for the port. The field range is 1-65535. ■ LACP Timeout — Displays the administrative LACP timeout. The possible field values are: ■ Long — Specifies the long timeout value.
8 CONFIGURING VLANS This section contains the following topics: ■ ■ ■ ■ ■ ■ ■ VLAN Overview VLAN Overview Viewing VLAN Details Viewing VLAN Port Details Creating VLANs Modifying VLAN Settings Modifying Port VLAN Settings Removing VLANs VLANs are logical subgroups with a Local Area Network (LAN) which combine user stations and network devices into a single unit, regardless of the physical LAN segment to which they are attached. VLANs allow network traffic to flow more efficiently within subgroups.
VLAN tagging provides a method of transferring VLAN information between VLAN groups. VLAN1is the default VLAN. All ports are untagged members of VLAN1 by default. If any port becomes an untagged member of a different VLAN, then the port is removed from untagged membership of VLAN1. For example: If port 24 is made an untagged member of VLAN 5, the port will no longer be a member of VLAN1. However, if the port is made an tagged member of VLAN5, it still remains untagged in VLAN1.
CHAPTER 8: CONFIGURING VLANS Viewing VLAN Details The VLAN Detail Page provides information and global parameters on VLANS configured on the system. 1 Click Device > VLAN > VLAN Detail. The VLAN Detail Page opens: Figure 52 VLAN Detail Page The VLAN Detail Page contains the following information: ■ Select a VLAN to display — Selects a VLAN to be display. ■ Membership Type — Displays the membership type for each VLAN.
Viewing VLAN Port Details Viewing VLAN Port Details 103 The VLAN Port Detail Page provides displays VLAN configured ports. To view VLAN Port details: 1 Click Device > VLAN > Port Detail. The VLAN Port Detail Page opens: Figure 53 VLAN Port Detail Page The VLAN Port Detail Page contains the following information: ■ Select Port — Selects the port to be displayed. ■ Untagged membership — Indicates the port is an untagged member of the VLAN.
CHAPTER 8: CONFIGURING VLANS Creating VLANs The VLAN Setup Page allows the network administrator to create user-defined VLANs. The monitor users have no access to this page. To create VLANs: 1 Click Device > VLAN > Setup. The VLAN Setup Page opens: Figure 54 VLAN Setup Page The VLAN Setup Page contains the following fields: Create ■ VLAN IDs — Creates a VLAN ID. ■ ID — Displays the VLAN ID. ■ Name — Displays the user-defined VLAN name. Rename VLAN ■ ID — Displays the VLAN ID.
Modifying VLAN Settings 105 3 Click Create. The VLANs are configured, and the device is updated. To rename a VLAN: 1 Highlight a VLAN to be renamed from the VLAN list. 2 Enter the new name for the VLAN. 3 Click Rename. The VLAN is renamed, and the device is updated. Modifying VLAN Settings The Modify VLAN Page allows the network manager to rename VLANs and change VLAN membership. The monitor users have no access to this page. To edit VLAN Settings: 1 Click Device > VLAN > Modify VLAN.
CHAPTER 8: CONFIGURING VLANS ■ Select port to add to the VLAN — Adds a selected port to the VLAN. ■ Select Membership Type — Displays the membership type for each VLAN. The possible field values are: ■ ■ ■ ■ Untagged — Indicates the interface is an untagged member of the VLAN. Tagged — Indicates the interface is a tagged member of a VLAN. VLAN tagged packets are forwarded by the interface. The packets contain VLAN information. Not a Member — Indicates the interface is not a member of the VLAN.
Modifying Port VLAN Settings Modifying Port VLAN Settings 107 The Modify VLAN Port Page allows the network manager to modify port VLAN settings. The monitor users have no access to this page. 1 Click Device > VLAN > Modify Port. The Modify VLAN Port Page opens: Figure 56 Modify VLAN Port Page The Modify VLAN Port Page contains the following fields: ■ Select a Port — Selects a port to be modified. ■ Select Membership Type — Displays the membership type for each VLAN.
CHAPTER 8: CONFIGURING VLANS 3 Select Membership type. 4 Enter VLAN ID to be assigned to the port. 5 Click Apply. The VLANs are configured, and the device is updated. Removing VLANs The VLAN Remove Page allows the network administrator to remove VLANs. The monitor users have no access to this page. 1 Click Device > VLAN > Remove. The VLAN Remove Page opens: Figure 57 VLAN Remove Page The VLAN Remove Page contains the following fields: ■ ID — Displays the VLAN ID.
9 CONFIGURING IP AND MAC ADDRESS INFORMATION This section contains information for defining IP interfaces, and includes the following sections: Defining IP Addressing ■ Defining IP Addressing ■ Configuring ARP Settings ■ Configuring Address Tables The IP Setup Page contains fields for assigning an IP address. The default gateway is erased when the Default IP address is modified. Packets are forwarded to the default gateway when sent to a remote network. The monitor user has no access to this page.
CHAPTER 9: CONFIGURING IP AND MAC ADDRESS INFORMATION The IP Setup Page contains the following fields: ■ Configuration Method — Indicates if the IP address has been configured statically or added dynamically. The possible field values are: ■ Static — Indicates that the IP Interface is configured by the user. ■ DHCP — Indicates that the IP Interface is dynamically created. ■ IP Address — Displays the currently configured IP address. ■ Subnet Mask — Displays the currently configured subnet mask.
Configuring ARP Settings Viewing ARP Settings 111 The ARP Settings Summary Page displays the current ARP settings. To view ARP Settings: 1 Click Administration > ARP Settings > Summary. The ARP Settings Summary Page opens: Figure 59 ARP Settings Summary Page The ARP Settings Summary Page contains the following fields: ■ Interface — Indicates the VLAN for which ARP parameters are defined. ■ IP Address — Indicates the station IP address, which is associated with the MAC Address.
CHAPTER 9: CONFIGURING IP AND MAC ADDRESS INFORMATION Defining ARP Settings The ARP Settings Setup Page allows network managers to define ARP parameters for specific interfaces. The monitor users have no access to this page. To configure ARP entries: 1 Click Administration > ARP Settings > Setup. The ARP Settings Setup Page opens: Figure 60 ARP Settings Setup Page The ARP Settings Setup Page contains the following fields: ■ VLAN — Indicates the VLAN for which ARP parameters are defined.
Configuring ARP Settings Removing ARP Entries 113 The ARP Settings Remove Page provides parameters for removing ARP entries from the ARP Table. The monitor user has no access to this page. To remove ARP entries: 1 Click Administration > IP Addressing > ARP Settings > Remove. The ARP Settings Remove Page opens: Figure 61 ARP Settings Remove Page The ARP Settings Remove Page contains the following fields: ■ ■ Clear ARP Table Entries — Specifies the types of ARP entries that are cleared.
CHAPTER 9: CONFIGURING IP AND MAC ADDRESS INFORMATION ■ Interface — Indicates the VLAN for which ARP parameters are defined. ■ IP Address — Indicates the station IP address which is associated with the MAC address. ■ MAC Address — Displays the station MAC address, which is associated in the ARP table with the IP address. ■ Status — Displays the ARP table entry type. Possible field values are: ■ Dynamic — Indicates the ARP entry is learned dynamically.
Configuring Address Tables Viewing Address Table Settings 115 The Address Table Summary Page displays the current MAC address table configuration. To view Address Table settings: 1 Click Monitoring > Address Tables > Summary. The Address Table Summary Page opens: Figure 62 Address Table Summary Page The Address Table Summary Page contains the following fields: ■ State — Filters the list of MAC Addresses displayed according to the type of MAC Address configuration.
CHAPTER 9: CONFIGURING IP AND MAC ADDRESS INFORMATION ■ Viewing Port Summary Settings Config Dynamic — Indicates the MAC address is dynamically configured. ■ Port Index — Indicates the Port through which the address was learned. ■ Aging Time — Specifies the amount of time the MAC Address remains in the MAC Address before it is timed out if no traffic from the source is detected. The default value is 300 seconds.
Configuring Address Tables ■ MAC Address — Displays MAC Addresses currently listed in the MAC Addresses table, filtered by the selected value of the State field. ■ VLAN ID — Displays the VLAN ID attached to the MAC Address. ■ State — Displays a port table display based on the type of address. Possible values are: ■ ■ Adding Entries into Address Tables 117 Config Static — Indicates the MAC Address is statically configured. Config Dynamic — Indicates the MAC Address is dynamically configured.
CHAPTER 9: CONFIGURING IP AND MAC ADDRESS INFORMATION The Address Table Add Page contains the following fields: ■ VLAN ID — Assigns a VLAN ID to the user-defined MAC Address. ■ MAC Address — Defines a MAC Address to be assigned to the specific port and VLAN ID. ■ No Aging — Indicates that the MAC address assigned by the user is not aged out. ■ ■ Checked — Indicates that the Address Table entry assigned by the user is not aged out.
Configuring Address Tables Defining Aging Time 119 The Address Table Setup Page allows the network manager to define the Address Table Aging Time. The Aging Time is the amount of time the MAC Addresses remain in the Dynamic MAC Address Table before they are timed out if no traffic from the source is detected. The default value is 300 seconds. The monitor users have no access to this page. To define the Aging Time: 1 Click Monitoring > Address Tables > Setup.
CHAPTER 9: CONFIGURING IP AND MAC ADDRESS INFORMATION Removing Address Table Ports The Port Remove Page allows the network manager to remove ports from the address tables. The monitor users have no access to this page. To remove ports: 1 Click Monitoring > Address Tables > Port Remove. The Port Remove Page opens: Figure 66 Port Remove Page The Port Remove Page contains the following fields: ■ Select a Port — Displays the current port settings.
Configuring Address Tables ■ 121 Aging Time — Specifies the amount of time the MAC Address remains in the Dynamic MAC Address before it is timed out if no traffic from the source is detected. The default value is 300 seconds. 2 Select the port(s) to remove. 3 Click Remove. The selected ports are removed from the MAC address table, and the device is updated. Removing Address Tables The Address Table Remove Page allows the network manager to remove current MAC addresses from the Address Table.
CHAPTER 9: CONFIGURING IP AND MAC ADDRESS INFORMATION ■ ■ Config Static — Indicates the MAC address is statically configured. Config Dynamic — Indicates the MAC address is dynamically configured. ■ Port Index — Indicates Port Table entry number. ■ Aging Time — Specifies the amount of time the MAC Address remains in the Dynamic MAC Address before it is timed out if no traffic from the source is detected. The default value is 300 seconds. 2 Select the MAC addresses to remove. 3 Click Remove.
10 Introduction CONFIGURING IGMP SNOOPING This section contains information for configuring IGMP Snooping. When IGMP Snooping is enabled globally, all IGMP packets are forwarded to the CPU. The CPU analyzes the incoming packets and determines: ■ Which ports want to join which Multicast groups. ■ Which ports have Multicast routers generating IGMP queries. ■ Which routing protocols are forwarding packets and Multicast traffic.
CHAPTER 10: CONFIGURING IGMP SNOOPING Defining IGMP Snooping The IGMP Snooping Setup Page allows network managers to define IGMP Snooping parameters. The monitor users have read-only access to this page. 1 Click Device > IGMP Snooping > Setup. The IGMP Snooping Setup Page opens: Figure 68 IGMP Snooping Setup Page The IGMP Snooping Setup Page contains the following fields: ■ IGMP Snooping Status — Indicates if IGMP Snooping is enabled on the device.
Defining IGMP Snooping 2 Select Enable IGMP Snooping. 3 Define the fields. 4 Click Apply. IGMP Snooping is enabled, and the device is updated.
11 CONFIGURING SPANNING TREE This section contains information for configuring STP. The Spanning Tree Protocol (STP) provides tree topography for any arrangement of bridges. STP also provides a single path between end stations on a network, eliminating loops. Loops occur when alternate routes exist between hosts. Loops in an extended network can cause bridges to forward traffic indefinitely, resulting in increased traffic and reducing network efficiency.
Viewing Spanning Tree Viewing Spanning Tree 127 The Spanning Tree Summary Page displays the current Spanning Tree parameters for all ports. To view Spanning Tree Summary: 1 Click Device > Spanning Tree > Summary. The Spanning Tree Summary Page opens: Figure 69 Spanning Tree Summary Page The Spanning Tree Summary Page contains the following fields: ■ Port — The interface for which the information is displayed. ■ STP — Indicates if STP is enabled on the port.
CHAPTER 11: CONFIGURING SPANNING TREE ■ ■ Root Guard — Restricts the interface from acting as the root port of the switch. The possible field values are: ■ Enable — Indicates Root Guard is enabled on the port ■ Disable — Indicates Root Guard is disabled on the port. Port State — Displays the current STP state of a port. If enabled, the port state determines what action is taken on traffic.
Viewing Spanning Tree 129 ■ Path Cost — Indicates the port contribution to the root path cost. The path cost is adjusted to a higher or lower value, and is used to forward traffic when a path is re-routed. ■ Priority — Priority value of the port. The priority value influences the port choice when a bridge has two ports connected in a loop. The priority range is between 0 -240. The priority value is determined in increments of 16.
CHAPTER 11: CONFIGURING SPANNING TREE Defining Spanning Tree Network administrators can assign STP settings to specific interfaces using the Spanning Tree Setup Page. The monitor user has no access to this page. To configure Spanning Tree Setup: 1 Click Device > Spanning Tree > Setup.
Defining Spanning Tree Global Setting ■ ■ Spanning Tree State — Indicates whether STP is enabled on the device. The possible field values are: ■ Classic — Enables STP on the device. ■ RSTP — Enables RSTP on the device. ■ Disable — Disables STP and RSTP on the device. BPDU Handling — Determines how BPDU packets are managed when STP is disabled on the port or device. BPDUs are used to transmit spanning tree information.
CHAPTER 11: CONFIGURING SPANNING TREE Designated Root ■ Bridge ID — Identifies the Bridge priority and MAC address. ■ Root Bridge ID — Identifies the Root Bridge priority and MAC address. ■ Root Port — Indicates the port number that offers the lowest cost path from this bridge to the Root Bridge. This field is significant when the bridge is not the Root Bridge. The default is zero. ■ Root Path Cost — Specifies the cost of the path from this bridge to the Root Bridge.
Modifying Spanning Tree Modifying Spanning Tree 133 TheSpanning Tree Modify Page contains information for modifying Spanning Tree parameters. Monitor users have no access to this page. To modify Spanning Tree: 1 Click Device > Spanning Tree > Modify. The Spanning Tree Modify Page opens: Figure 71 Spanning Tree Modify Page The Spanning Tree Modify Page contains the following fields: ■ ■ STP — Indicates if STP is enabled on the port.
CHAPTER 11: CONFIGURING SPANNING TREE ■ ■ ■ Enabled — Indicates fast link is enabled on the port. ■ Auto — Enables the device to automatically establish a fast link. ■ Disabled — Indicates fast link is disabled on the port. Root Guard — Restricts the interface from acting as the root port of the switch. The possible field values are: ■ Enable — Indicates Root Guard is enabled on the port ■ Disable — Indicates Root Guard is disabled on the port.
12 CONFIGURING SNMP Simple Network Management Protocol (SNMP) provides a method for managing network devices. The device supports the following SNMP versions: SNMP v1 and v2c ■ SNMP version 1 ■ SNMP version 2c The SNMP agents maintain a list of variables, which are used to manage the device. The variables are defined in the Management Information Base (MIB). The SNMP agent defines the MIB specification format, as well as the format used to access the information over the network.
CHAPTER 12: CONFIGURING SNMP Defining SNMP Communities Access rights are managed by defining communities in the SNMP Communities Setup Page. When the community names are changed, access rights are also changed. SNMP communities are defined only for SNMP v1 and SNMP v2c. Monitor users have no access to this page. To define SNMP communities: 1 Click Administration > SNMP > Communities > Setup.
Defining SNMP Communities 137 SNMP Management ■ Management Station — Displays the management station IP address for which the SNMP community is defined. ■ Open Access (0.0.0.0) — Provides SNMP access to all the stations. Community String ■ Standard — Displays pre-defined community strings. The possible field values are: ■ Public — Displays the pre-defined public community string name. ■ Private — Displays the pre-defined private community string name.
CHAPTER 12: CONFIGURING SNMP Removing SNMP Communities The SNMP Communities Remove Page allows the system manager to remove SNMP Communities. Monitor users have no access to this page. To remove SNMP communities: 1 Click Administration > SNMP > Communities > Remove. The SNMP Communities Remove Page opens: Figure 73 SNMP Communities Remove Page The SNMP Communities Remove Page contains the following fields: ■ Remove — Removes a community.
Defining SNMP Traps ■ 139 Access Mode — Displays the access rights of the community. The possible field values are: ■ ■ Read Only — Management access is restricted to read-only, and changes cannot be made to the community. Read Write — Management access is read-write and changes can be made to the device configuration, but not to the community. 2 Select the SNMP Community to be removed. 3 Click Remove. The SNMP Community is removed, and the device is updated.
CHAPTER 12: CONFIGURING SNMP The SNMP Traps Setup Page contains the following fields: ■ Recipients IP Address — Defines the IP address to which the traps are sent. ■ Community String — Defines the community string of the trap manager. ■ Trap Version — Defines the trap type. The possible field values are: ■ SNMP V1 — Indicates that SNMP Version 1 traps are sent. ■ SNMP V2c — Indicates that SNMP Version 2 traps are sent. 2 Define the relevant fields. 3 Click Apply.
Removing SNMP Traps 141 The SNMP Traps Remove Page contains the following fields: ■ Remove — Deletes the currently selected recipient. The possible field values are: ■ ■ Checked — Removes the selected recipient from the list of recipients. Unchecked — Maintains the list of recipients. ■ Recipients IP — Defines the IP address to which the traps are sent. ■ Trap — Displays the trap type. The possible field values are: ■ ■ SNMP V1 — Indicates that SNMP Version 1 traps are sent.
13 CONFIGURING QUALITY OF SERVICE Quality of Service (QoS) provides the ability to implement QoS and priority queuing within a network. For example, certain types of traffic that require minimal delay, such as Voice, Video, and real-time traffic can be assigned a high priority queue, while other traffic can be assigned a lower priority queue. The result is an improved traffic flow for traffic with high demand.
Viewing CoS Settings Viewing CoS Settings 143 The CoS Summary Page displays CoS default settings assigned to ports. To view CoS Settings: 1 Click Device > QoS > CoS > Summary. The CoS Summary Page opens: Figure 76 CoS Summary Page The CoS Summary Page contains the following fields: ■ Interface — Displays the interface for which the CoS default value is defined. ■ Default CoS — Displays the default CoS value for incoming packets for which a VLAN priority tag is not defined.
CHAPTER 13: CONFIGURING QUALITY OF SERVICE Defining CoS The CoS Setup Page contains information for enabling QoS globally. Monitor users have no access to this page. To configure CoS Settings: 1 Click Device > QoS > CoS Setup. The CoS Setup Page opens: Figure 77 CoS Setup Page The CoS Setup Page contains the following fields: QoS Mode — Determines the QoS mode on the device: ■ Disable — Disables QoS on the device. ■ Enable — Enables QoS on the device.
Viewing CoS to Queue Viewing CoS to Queue 145 The CoS to Queue Summary Page contains a table that displays the CoS values mapped to traffic queues. To view CoS Values to Queues: 1 Click Device > QoS > CoS to Queue > Summary. The CoS to Queue Summary Page opens: Figure 78 CoS to Queue Summary Page The CoS to Queue Summary Page contains the following fields: Defining CoS to Queue ■ Class of Service — Specifies the CoS priority tag values, where zero is the lowest and 7 is the highest.
CHAPTER 13: CONFIGURING QUALITY OF SERVICE To configure CoS values to queues: 1 Click Policy > QoS General > CoS to Queue > Setup. The CoS to Queue Setup Page opens: Figure 79 CoS to Queue Setup Page The CoS to Queue Setup Page contains the following fields: ■ Restore Defaults — Restores the device factory defaults for mapping CoS values to a forwarding queue. ■ Class of Service — Specifies the CoS priority tag values, where zero is the lowest and 7 is the highest.
Viewing DSCP to Queue Viewing DSCP to Queue 147 The DSCP to Queue Summary Page contains fields for mapping DSCP settings to traffic queues. For example, a packet with a DSCP tag value of 3 can be assigned to queue 4. To view the DSCP Queue: 1 Click Device > QoS > DSCP to Queue > Summary. The DSCP to Queue Summary Page opens: Figure 80 DSCP to Queue Summary Page The DSCP to Queue Summary Page contains the following fields: ■ DSCP — Displays the incoming packet’s DSCP value.
CHAPTER 13: CONFIGURING QUALITY OF SERVICE Configuring DSCP Queue The DSCP to Queue Setup Page contains fields for mapping DSCP settings to traffic queues. For example, a packet with a DSCP tag value of 3 can be assigned to queue 1. The monitor user has no access to this page. To map CoS to Queues: 1 Click Device > QoS > DSCP to Queue > Setup.
Configuring Trust Settings Configuring Trust Settings 149 The Trust Setup Page contains information for enabling trust on configured interfaces. The original device QoS default settings can be reassigned to the interface in the Trust Setup Page. To enable Trust: 1 Click Device > QoS > Trust Setup. The Trust Setup Page opens: Figure 82 Trust Setup Page The Trust Setup Page contains the following fields: ■ Trust Mode — Defines which packet fields to use for classifying packets entering the device.
CHAPTER 13: CONFIGURING QUALITY OF SERVICE Viewing Bandwidth Settings The Bandwidth Summary Page displays bandwidth settings for a specified interface. To view Bandwidth Settings: 1 Click Device > QoS > Bandwidth > Summary. The Bandwidth Summary Page opens: Figure 83 Bandwidth Summary Page The Bandwidth Summary Page contains the following fields: ■ Interface — Displays the interface for which rate limit and shaping parameters are defined.
Defining Bandwidth Settings 151 Egress Shaping Rates ■ Defining Bandwidth Settings Status — Defines the shaping status. The possible field values are: ■ Enable — Enables egress traffic shaping for the interface. ■ Disable — Disables egress traffic shaping for the interface. ■ CIR — Defines CIR as the interface shaping type. The possible field range is 64-1,000,000,000 kbits per second. ■ CbS — Defines CbS as the interface shaping type. The possible field range is 4096-16,769,020 bytes per second.
CHAPTER 13: CONFIGURING QUALITY OF SERVICE The Bandwidth Setup Page contains the following fields: Ingress Rate Limit ■ Enable Ingress Rate Limit — Enables setting an Ingress Rate Limit. ■ Ingress Rate Limit — Indicates the traffic limit for the port. The possible field value is 3,500-1,000,000 kbps per second. Egress Shaping Rate ■ Enable Egress Shaping Rate — Enables Egress Shaping Rates. ■ Committed Information Rate (CIR) — Defines CIR as the interface shaping type.
Defining Voice VLAN Defining Voice VLAN 153 Voice VLAN allows network administrators enhance VoIP service by configuring ports to carry IP voice traffic from IP phones on a specific VLAN. VoIP traffic has a preconfigured OUI prefix in the source MAC address. Network Administrators can configure VLANs on which voice IP traffic is forwarded. Non-VoIP traffic is dropped from the Voice VLAN in auto Voice VLAN secure mode.
CHAPTER 13: CONFIGURING QUALITY OF SERVICE Viewing Voice VLANs The Voice VLAN Summary Page contains information about the Voice VLAN currently enabled on the device, including the ports enabled and included in the Voice VLAN. To view Voice VLAN Settings: 1 Click Device > QoS > VoIP > Traffic Setting > Summary.
Defining Voice VLAN ■ Ports in the Voice VLAN — Displays the ports which are included in the Voice VLAN. The possible values are: ■ ■ Defining Voice VLAN 155 Active Members — Displays dynamic ports added to the Voice VLAN in Auto mode. Static Members — Displays static ports that were manually added to the Voice VLAN. The Voice VLAN Setup Page provides information for enabling and defining Voice VLAN globally on the device.
CHAPTER 13: CONFIGURING QUALITY OF SERVICE ■ Voice VLAN Aging Time — Indicates the amount of time after the last IP phone's OUI is aged out for a specific port. The port will age out after the bridge and voice aging time. The default time is one day. The field format is Day, Hour, Minute. The aging time starts after the MAC Address is aged out from the Dynamic MAC Address table. The default time is 300 sec. For more information on defining MAC address age out time, see Defining Aging Time.
Defining Voice VLAN ■ ■ ■ ■ ■ ■ Manual — Adding a selected port/LAG to a Voice VLAN. Auto — Indicates that if traffic with an IP Phone MAC Address is transmitted on the port/LAG, the port/LAG joins the Voice VLAN. The port/LAG is aged out of the voice VLAN if the IP phone’s MAC address (with an OUI prefix) is aged out and exceeds the defined.
CHAPTER 13: CONFIGURING QUALITY OF SERVICE Viewing Voice VLAN Port Definitions The Voice VLAN Port Details Page displays the Voice VLAN port settings for specific ports. The Voice VLAN Port Details Page contains the following fields: ■ Select Port — Enables selecting specific ports to which the Voice VLAN port definitions are applied. ■ ■ Selected (Blue) — Indicates the port is selected, and Voice VLAN settings are applied to the port.
Defining Voice VLAN 159 To view Voice VLAN Port Detail Settings: 1 Click Device > QoS > VoIP > Traffic Setting > Port Detail. The Voice VLAN Port Details Page opens: Figure 88 Voice VLAN Port Details Page 2 Click a port in the Zoom View. The port is highlighted blue, and the Voice VLAN port settings are displayed in the text box. Viewing the OUI Summaries The Voice VLAN OUI Summary Page lists the Organizationally Unique Identifiers (OUIs) associated with the Voice VLAN.
CHAPTER 13: CONFIGURING QUALITY OF SERVICE To view VLAN Settings: 1 Click Device > QoS > VoIP Traffic Setting > OUI Summary. The Voice VLAN OUI Summary Page opens: Figure 89 Voice VLAN OUI Summary Page The Voice VLAN OUI Summary Page contains the following fields: OUI List ■ Telephony OUI(s) — Lists the OUIs currently enabled on the Voice VLAN. The following OUIs are enabled by default. ■ ■ ■ ■ ■ ■ ■ ■ 00:E0:BB — Assigned to 3Com IP Phones. 00:03:6B — Assigned to Cisco IP Phones.
Defining Voice VLAN Modifying OUI Definitions 161 The Voice VLAN OUI Modify Page allows network administrators to add new OUIs or to remove previously defined OUIs from the Voice VLAN. The OUI is the first half on the MAC address and is manufacture specific. While the last three bytes contain a unique station ID. The packet priority derives from the source/destination MAC prefix. The packet gets higher priority when there is a match with the OUI list.
14 MANAGING SYSTEM FILES This section contains information about managing configuration files and installing and backing up switch firmware, including the following topics: Configuration File Structure ■ Backing Up System Files ■ Restoring Files ■ Upgrade the Firmware Image ■ Activating Image Files The configuration file structure consists of the following: ■ Startup Configuration File — Contains the commands required to reconfigure the device to the same settings as when the device is powered
Backing Up System Files Backing Up System Files 163 The Backup Page permits network managers to backup the system configuration to a TFTP or HTTP server. The monitor users have no access to this page. 1 To keep your currently running configuration, click the Save Configuration item on the left side of the page. 2 Click Administration > Backup & Restore > Backup.
CHAPTER 14: MANAGING SYSTEM FILES Restoring Files The Restore Page restores files from the TFTP or HTTP server. The monitor users have no access to this page. 1 Click Administration > Backup & Restore > Restore. The Restore Page opens: Figure 92 Restore Page The Restore Page contains the following fields: ■ Download via TFTP — Enables a download from the TFTP server. ■ Download via HTTP — Enables a download from the HTTP server or HTTPS server.
Upgrade the Firmware Image Upgrade the Firmware Image 165 The Restore Image Page permits network managers to upgrade the switch firmware. ■ Note: The bootcode can only be upgraded using the Command Line Interface (CLI). See “Upgrading Software using the CLI” page 27. ■ The monitor user has no access to this page. To download the software image: 1 Click Administration > Firmware Upgrade > Restore Image.
CHAPTER 14: MANAGING SYSTEM FILES Activating Image Files The Active Image Page allows network managers to select and reset the Image files. The Device Boot is downloaded onto the device through the CLI. To upload System files: 1 Click Administration > Firmware Upgrade > Active Image. The Active Image Page opens: Figure 94 Active Image Page The Active Image Page contains the following fields: ■ Active Image After Reset — The Image file which is active on the unit after the device is reset.
15 MANAGING SYSTEM LOGS This section provides information for managing system logs. The system logs enable viewing device events in real time, and recording the events for later usage. System Logs record and manage events and report errors and informational messages. Event messages have a unique format, as per the Syslog protocols recommended message format for all error reporting.
CHAPTER 15: MANAGING SYSTEM LOGS Viewing Logs The Logging Display Page contains all system logs in a chronological order that are saved in RAM (Cache). The monitor user has read-only access to this feature. To view Logging: 1 Click Administration > Logging > Display. The Logging Display Page opens: Figure 95 Logging Display Page The Logging Display Page contains the following fields and buttons: ■ Save Preview — Saves the displayed Log table. ■ Clear Logs — Deletes all logs from the Log table.
Configuring Logging Configuring Logging 169 The Logging Setup Page contains fields for defining which events are recorded to which logs. It contains fields for enabling logs globally, and parameters for defining logs. Log messages are listed from the highest severity to the lowest severity level. The monitor users have no access to this page. To define Log Parameters: 1 Click Administration > Logging > Setup.
CHAPTER 15: MANAGING SYSTEM LOGS ■ Severity level — Indicates the minimum severity level for which a message will be logged. When a severity level is selected, all severity level choices above the selection are selected automatically. The possible field values are: ■ ■ ■ ■ ■ ■ Emergency — The highest warning level. If the device is down or not functioning properly, an emergency log message is saved to the specified logging location. Alert — The second highest warning level.
Configuring Logging ■ 171 Severity level — Indicates the minimum severity level for which a message will be logged. When a severity level is selected, all severity level choices above the selection are selected automatically. The possible field values are: ■ ■ ■ ■ ■ Emergency — The highest warning level. If the device is down or not functioning properly, an emergency log message is saved to the specified logging location. Alert — The second highest warning level.
16 VIEWING STATISTICS This section contains information about viewing port statistics. Viewing Port Statistics The Port Statistics Summary Page contains fields for viewing information about device utilization and errors that occurred on the device. To view RMON statistics: 1 Click Ports > Statistics > Summary.
Viewing Port Statistics ■ 173 Refresh Rate — Defines the amount of time that passes before the interface statistics are refreshed. The possible field values are: ■ ■ ■ ■ No Refresh — Indicates that the port statistics are not refreshed. 15 Sec — Indicates that the port statistics are refreshed every 15 seconds. 30 Sec — Indicates that the port statistics are refreshed every 30 seconds. 60 Sec — Indicates that the port statistics are refreshed every 60 seconds.
CHAPTER 16: VIEWING STATISTICS octet (Alignment Error) number. The field range to detect jabbers is between 20 ms and 150 ms. ■ Collisions — Displays the number of collisions received on the interface since the device was last refreshed. ■ Frames of 64 Bytes — Number of 64-byte frames received on the interface since the device was last refreshed. ■ Frames of 65 to 127 Bytes — Number of 65 to 127 byte frames received on the interface since the device was last refreshed.
17 MANAGING DEVICE DIAGNOSTICS This section contains information for viewing and configuring port and cable diagnostics, and includes the following topics: Configuring Port Mirroring ■ Configuring Port Mirroring ■ Viewing Cable Diagnostics Port mirroring monitors and mirrors network traffic by forwarding copies of incoming and outgoing packets from one port to a monitoring port. Port mirroring can be used as a diagnostic tool as well as a debugging feature.
CHAPTER 17: MANAGING DEVICE DIAGNOSTICS Defining Port Mirroring The Port Mirroring Setup Page contains parameters for configuring port mirroring. To enable port mirroring: 1 Click Monitoring > Port Mirroring > Setup. The Port Mirroring Setup Page opens: Figure 98 Port Mirroring Setup Page The Port Mirroring Setup Page contains the following fields: ■ Select Port Type — Defines the port that will be the monitor port (destination port) and the port that will be mirrored (source port).
Configuring Port Mirroring 177 ■ Select port — Selects the port for mirroring or monitoring. A port unavailable for mirroring is colored grey. ■ Summary — Displays the current monitor and mirror ports. The fields displayed are: ■ Monitor — Displays the monitor port. ■ Mirror In — Displays ports that are monitored on the RX. ■ Mirror Out — Displays ports that are monitored on the TX. 2 Select a port type. 3 If the Mirrored port type is selected, select Mirror In and/or Mirror Out.
CHAPTER 17: MANAGING DEVICE DIAGNOSTICS The Port Mirroring Remove Page contains the following fields: ■ Monitor — Displays the monitor port. ■ Mirror In — Displays ports that are monitored on the RX. ■ Mirror Out — Displays ports that are monitored on the TX. 2 Select the ports to be removed. 3 Click Remove. Port mirroring is removed, and the device is updated. Viewing Cable Diagnostics The Cable Diagnostics Summary Page contains fields for viewing tests on copper cables.
Viewing Cable Diagnostics 179 The Cable Diagnostics Summary Page contains the following fields: ■ Ports — Specifies the port to which the cable is connected. ■ Test Result — Displays the cable test results. Possible values are: ■ No Cable — Indicates a cable is not connected, or the cable is connected on only one side, or the cable is shorter than 1 meter. ■ Short Cable — Indicates that a short has occurred in the cable. ■ OK — Indicates that the cable passed the test.
CHAPTER 17: MANAGING DEVICE DIAGNOSTICS To test cables: 1 Click Monitoring > Cable Diagnostics > Diagnostics. The Diagnostics Page opens: Figure 101 Diagnostics Page The Diagnostics Page contains the following fields: ■ Select a Port — Specifies the port to be tested. ■ Test Result — Displays the cable test results. Possible values are: ■ ■ No Cable — Indicates that a cable is not connected to the port, or the cable is connected on only one side or the cable is shorter than 1 meter.
A 3COM NETWORK MANAGEMENT 3Com has a range of network management applications to address networks of all sizes and complexity, from small and medium businesses through large enterprises. The applications include: ■ 3Com Network Supervisor ■ 3Com Network Director ■ 3Com Network Access Manager ■ 3Com Enterprise Management Suite ■ Integration Kit with HP OpenView Network Node Manager Details of these and other 3Com Network Management Solutions can be found at www.3com.
APPENDIX A: 3COM NETWORK MANAGEMENT 3Com Network Director 3Com Network Director (3ND) is a standalone application that allows you to carry out key management and administrative tasks on midsized networks. By using 3ND you can discover, map, and monitor all your 3Com devices on the network. It simplifies tasks such as backup and restore for 3Com device configurations as well as firmware and agent upgrades.
3Com Enterprise Management Suite 3Com Enterprise Management Suite 183 3Com Enterprise Management Suite (EMS) delivers comprehensive management that is flexible and scalable enough to meet the needs of the largest enterprises and advanced networks.
B Related Standards Environmental Physical DEVICE SPECIFICATIONS AND FEATURES The 3Com® Baseline Switch 2916-SFP Plus and Baseline Switch 2924-SFP Plus have been designed to the following standards: Function 8802-3, IEEE 802.3 (Ethernet), IEEE 802.3u (Fast Ethernet), IEEE 802.3ab (Gigabit Ethernet), IEEE 802.1D (Bridging) Safety UL 60950-1, EN 60950-1, CSA 22.2 No.
Electrical Electrical Switch Features Line Frequency 50/60 Hz Input Voltage 100–240 Vac (auto range) Current Rating Switch 2916-SFP Plus Switch 2924-SFP Plus 1 Amp (Max) 1.5 Amp (Max) Maximum Power Consumption Switch 2916-SFP Plus Switch 2924-SFP Plus 58 Watts 84 Watts Max Heat Dissipation Switch 2916-SFP Plus Switch 2924-SFP Plus 198 BTU/hr 286 BTU/hr 185 This section describes the device features.
APPENDIX B: DEVICE SPECIFICATIONS AND FEATURES Table 11 Features of the Baseline Switch 2916-SFP Plus and Switch 2924-SFP Plus (continued) Feature Description Address Resolution Protocol (ARP) ARP converts between IP addresses and MAC (i.e., hardware) addresses. ARP is used to locate the MAC address corresponding to a given IP address. This allows the switch to use IP addresses for routing decisions and the corresponding MAC addresses to forward packets from one hop to the next.
Switch Features 187 Table 11 Features of the Baseline Switch 2916-SFP Plus and Switch 2924-SFP Plus (continued) Feature Description MAC Address Capacity Support The device supports up to 8K MAC addresses. The device reserves specific MAC addresses for system use. MAC Multicast Support Multicast service is a limited broadcast service, which allows one-to-many and many-to-many connections for information distribution.
APPENDIX B: DEVICE SPECIFICATIONS AND FEATURES Table 11 Features of the Baseline Switch 2916-SFP Plus and Switch 2924-SFP Plus (continued) Feature Description SNMP Alarms and Trap Logs The system logs events with severity codes and timestamps. Events are sent as SNMP traps to a Trap Recipient List. SNMP Versions 1 and 2 Simple Network Management Protocol (SNMP) over the UDP/IP protocol controls access to the system. Spanning Tree Protocol 802.
C Console Cable PIN-OUTS A Console cable is an 8-conductor RJ45-to-DB9 cable. One end of the cable has an RJ-45 plug for connecting to the switch’s Console port, and the other end has a DB-9 socket connector for connecting to the serial port on the terminal, as shown in Figure 102.
APPENDIX C: PIN-OUTS Null Modem Cable RJ-45 to RS-232 25-pin Switch 5500 Cable connector: RJ-45 female PC-AT Serial Cable Screen TxD RxD Ground RTS CTS Shell 3 2 5 7 8 1 3 2 7 4 20 Screen RxD TxD Ground RTS DTR DSR DCD DTR 6 1 4 5 6 8 CTS DSR DCD only required if screen always required required for handshake RJ-45 to 9-pin Switch 5500 Cable connector: RJ-45 female Modem Cable PC/Terminal Cable connector: 25-pin male/female PC-AT Serial Port Cable connector: 9-pin female Screen DTR Tx
Ethernet Port RJ-45 Pin Assignments Ethernet Port RJ-45 Pin Assignments 10/100 and 1000BASE-T RJ-45 connections.
D TROUBLESHOOTING This section describes problems that may arise when installing the and how to resolve these issue. This section includes the following topics: ■ Problem Management — Provides information about problem management. ■ Troubleshooting Solutions — Provides a list of troubleshooting issues and solutions for using the device. Problem Management Problem management includes isolating problems, quantifying the problems, and then applying the solution.
Troubleshooting Solutions 193 Table 12 Troubleshooting Solutions Problems Possible Cause Solution Switch does not run; power Power is disconnected. LED is off. Verify that the power cord is properly connected to the switch, and to the mains supply.
APPENDIX D: TROUBLESHOOTING Table 12 Troubleshooting Solutions (continued) Problems Possible Cause Solution Device is in a reboot loop Software fault Download and install a working or previous software version from the console No connection and the port Incorrect ethernet cable, LED is off e.g., crossed rather than straight cable, or vice versa, split pair (incorrect twisting of pairs) Check pinout and replace if necessary Fiber optical cable connection is reversed Change if necessary.
E 3COM CLI REFERENCE GUIDE This section describes using the Command Line Interface (CLI) to manage the device. The device is managed through the CLI from a direct connection to the device console port Getting Started with the Command Line Interface Console Port Using the CLI, network managers enter configuration commands and parameters to configure the device. Using the CLI is very similar to entering commands on a UNIX system.
APPENDIX E: 3COM CLI REFERENCE GUIDE 3 Press Enter. The Password prompt displays: Password: The Login information is verified, and displays the following CLI menu: Select menu option# If the password is invalid, the following message appears and Login process restarts. Incorrect Password Automatic Logout The user session is automatically terminated after 30 minutes in which no device configuration activity has occurred. The following message is displayed: Session closed by automatic logout.
CLI Commands ? 197 The ? command displays a list of CLI commands on the device. Syntax ? Default Configuration This command has no default configuration. User Guidelines There are no user guidelines for this command. Example The following displays the list presented for the ? command: Select menu option#? initialize Reset the device to factory default and reboot. ipsetup Configures IP address logout Logout from this session. ping Send echo messages reboot Power cycles the device.
APPENDIX E: 3COM CLI REFERENCE GUIDE Ping The Ping command sends ICMP echo request packets to another node on the network. Syntax ping [IP address | URL| hostname] Parameters ■ IP Address — IP address to ping. ■ URL — URL address to ping. ■ hostname — hostname to ping. (Range: 1 - 158 characters) Default Configuration This command has no default configuration. User Guidelines There are no user guidelines for this command.
CLI Commands Summary 199 The Summary command displays the current IP configuration and software versions running on the device. It is intended for devices that support separate runtime and bootcode Images. Syntax summary Default Configuration This command has no default configuration. User Guidelines There are no user guidelines for this command.
APPENDIX E: 3COM CLI REFERENCE GUIDE ipSetup The ipSetup command allows the user to define an IP address on the device either manually or via a DHCP server. Syntax ipSetup [dhcp| ip-address mask [default-gateway ip-address]] Parameters ■ ■ dhcp — Specifies the IP address is acquired automatically from the Dynamic Host Configuration Protocol (DHCP) server. ip-address mask— Specifies that the IP address and default gateway are configured manually by the user (Range: 0.0.0.0. 223.255.255.255).
CLI Commands Upgrade 201 The Upgrade command starts a system download and thereby allowing a system upgrade. Syntax upgrade [TFTP Server IP Address|Destination File Name| File Type] Parameters ■ TFTP Server IP Address — Defines the TFTP server’s IP address. ■ Source File Name — Specifies the source file name. ■ File Type — Defines the file type to be downloaded. The possible values are: runtime — Downloads the runtime software application file. ■ bootcode — Downloads the bootcode software file.
APPENDIX E: 3COM CLI REFERENCE GUIDE Initialize The Initialize command resets the device configuration to factory defaults, including the IP configuration. Syntax Initialize Default Configuration This command has no default configuration. User Guidelines The system prompts for confirmation of the request. If no response is entered within 15 seconds, timeout occurs and the command is not executed.
CLI Commands Reboot 203 The Reboot command simulates a power cycle of the device. Syntax reboot Default Configuration This command has no default configuration. User Guidelines There are no user guidelines for this command.
APPENDIX E: 3COM CLI REFERENCE GUIDE Logout The Logout command terminates the CLI session. Syntax logout Default Configuration This command has no default configuration. User Guidelines There are no user guidelines for this command. Example Select menu option: logout exiting session...
CLI Commands Password 205 The Password command changes the user’s password. Syntax password Default Configuration This command has no default configuration. User Guidelines The user needs to login to the session in order to change the password. Example Select menu option: password Change password for user: username Old password: Enter new password: Retype password: The command line interface password has been successfully changed.
F GLOSSARY Access Control List (ACL) ACLs can limit network traffic and restrict access to certain users or devices by checking each packet for certain IP or MAC (i.e., Layer 2) information. Address Resolution Protocol (ARP) ARP converts between IP addresses and MAC (i.e., hardware) addresses. ARP is used to locate the MAC address corresponding to a given IP address.
Extensible Authentication Protocol over LAN (EAPOL) Generic Multicast Registration Protocol (GMRP) EAPOL is a client authentication protocol used by this switch to verify the network access rights for any device that is plugged into the switch. A user name and password is requested by the switch, and then passed to an authentication server (e.g., RADIUS) for verification. EAPOL is implemented as part of the IEEE 802.1X Port Authentication standard.
APPENDIX F: GLOSSARY Internet Control Message Protocol (ICMP) Internet Group Management Protocol (IGMP) In-Band Management IP Multicast Filtering A network layer protocol that reports errors in processing IP packets. ICMP is also used by routers to feed back information about better routing choices. A protocol through which hosts can register with their local router for multicast services.
Multicast Switching Out-of-Band Management Port Authentication Port Mirroring Port Trunk A process whereby the switch filters incoming multicast frames for services for which no attached host has registered, or forwards them to all ports contained within the designated multicast VLAN group. Management of the network from a station not attached to the network. See IEEE 802.1X. A method whereby data on a target port is mirrored to a monitor port for troubleshooting with a logic analyzer or RMON probe.
APPENDIX F: GLOSSARY Remote Monitoring (RMON) Rapid Spanning Tree Protocol (RSTP) Secure Shell (SSH) RMON provides comprehensive network monitoring capabilities. It eliminates the polling required in standard SNMP, and can set alarms on a variety of traffic conditions, including specific error types. RSTP reduces the convergence time for network topology changes to about 10% of that required by the older IEEE 802.1D STP standard. A secure replacement for remote access functions, including Telnet.
Virtual LAN (VLAN) XModem A Virtual LAN is a collection of network nodes that share the same collision domain regardless of their physical location or connection point in the network. A VLAN serves as a logical workgroup with no physical barriers, and allows users to share information and resources as though located on the same LAN. A protocol used to transfer files between devices. Data is grouped in 128-byte blocks and error-corrected.
G OBTAINING SUPPORT FOR YOUR 3COM PRODUCTS 3Com offers product registration, case management, and repair services through eSupport.3com.com. You must have a user name and password to access these services, which are described in this appendix. Register Your Product to Gain Service Benefits To take advantage of warranty and other service benefits, you must first register your product at: http://eSupport.3com.
Access Software Downloads 213 Contact your authorized 3Com reseller or 3Com for additional product and support information. See the table of access numbers later in this appendix. Access Software Downloads You are entitled to bug fix / maintenance releases for the version of software that you initially purchased with your 3Com product. To obtain access to this software, you need to register your product and then use the Serial Number as your login. Restricted Software is available at: http://eSupport.
APPENDIX G: OBTAINING SUPPORT FOR YOUR 3COM PRODUCTS To send a product directly to 3Com for repair, you must first obtain a return materials authorization number (RMA). Products sent to 3Com without authorization numbers clearly marked on the outside of the package will be returned to the sender unopened, at the sender’s expense. If your product is registered and under warranty, you can obtain an RMA number online at http://eSupport.3com.com/. First-time users must apply for a user name and password.
Contact Us Country Telephone Number Country 215 Telephone Number You can also obtain support in this region using this URL: http://emea.3com.com/support/email.html You can also obtain non-urgent support in this region at these email addresses: Technical support and general requests: customer_support@3com.com Return material authorization: warranty_repair@3com.com Contract requests: emea_contract@3com.
REGULATORY NOTICES FCC STATEMENT This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
