Management Software ® AT-S63 ◆ Web Browser Interface User’s Guide AT-9424T/SP AND AT-9424T/GB LAYER 2+ GIGABIT ETHERNET SWITCHES VERSION 1.0.
Copyright © 2004 Allied Telesyn, Inc. All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn, Inc. Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. Netscape Navigator is a registered trademark of Netscape Communications Corporation. All other product names, company names, logos or other designations mentioned herein are trademarks or registered trademarks of their respective owners. Allied Telesyn, Inc.
Contents Figures .......................................................................................................................................................................................................................9 Tables ...................................................................................................................................................................................................................... 13 Preface ............................................
Contents Rebooting a Switch .............................................................................................................................................................................................48 Pinging a Remote System .................................................................................................................................................................................49 Returning the AT-S63 Management Software to the Factory Default Values ................
AT-S63 Management Software Web Browser Interface User’s Guide Chapter 11 Event Log ............................................................................................................................................................................................................127 Enabling or Disabling the Event Log ..........................................................................................................................................................128 Displaying Events ........
Contents Modifying a User Table Entry .............................................................................................................................................................. 211 Configuring the SNMPv3 View Table ......................................................................................................................................................... 214 Creating a View Table Entry ..........................................................................................
AT-S63 Management Software Web Browser Interface User’s Guide Displaying the GVRP Port Configuration ..................................................................................................................................................291 Displaying the GVRP Database .....................................................................................................................................................................292 Displaying the GVRP State Machine ............................
Contents Switch Administration Default Settings .......................................................................................................................................... 361 System Software Default Settings ..................................................................................................................................................... 361 Enhanced Stacking Default Setting ...................................................................................................
Figures Figure 1: Entering a Switch’s IP Address in the URL Field ..................................................................................................................... 32 Figure 2: AT-S63 Login Page ............................................................................................................................................................................ 33 Figure 3: Home page ....................................................................................................
Figures Figure 38: Event Log Example Displayed in Normal Mode ................................................................................................................ 134 Figure 39: Event Log Example Displayed in Full Mode ....................................................................................................................... 135 Figure 40: CoS Tab (Configuration) .........................................................................................................................
AT-S63 Management Software Web Browser Interface User’s Guide Figure 93: Modify SNMPv3 Community Page .........................................................................................................................................256 Figure 94: SNMP Tab (Monitoring) ..............................................................................................................................................................259 Figure 95: SNMPv3 User Table Tab (Monitoring) ...........................
Figures 12
Tables Table 1: Table 2: Table 3: Table 4: Table 5: Table 6: Table 7: Table 8: AT-S63 Software Modules .............................................................................................................................................................132 Event Severity Levels ......................................................................................................................................................................134 Default Mappings of IEEE 802.
Tables 14
Preface This guide contains instructions on how to configure an AT-9400 Series Layer 2+ Gigabit Ethernet Switch using the AT-S63 management software and the web browser user interface. How This Guide is Organized This manual is divided into three sections. Section I: Basic Features The chapters in this section explain how to start a local management session and perform some basic tasks such as configuring switch and port parameters, port trunking, and enhanced stacking.
Preface To manage the switch using the command line interface, refer to the AT-S63 Management Software Command Line Interface User’s Guide. Caution The software described in this documentation contains certain cryptographic functionality and its export is restricted by U.S. law. As of this writing, it has been submitted for review as a “retail encryption item” in accordance with the Export Administration Regulations, 15 C.F.R. Part 730-772, promulgated by the U.S.
AT-S63 Management Software Web Browser Interface User’s Guide Document Conventions This document uses the following conventions: Note Notes provide additional information. Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data. Warning Warnings inform you that performing or omitting a specific action may result in bodily injury.
Preface Where to Find Web-based Guides The installation and user guides for all Allied Telesyn products are available in portable document format (PDF) from on our web site at www.alliedtelesyn.com. You can view the documents online or download them onto a local workstation or server.
AT-S63 Management Software Web Browser Interface User’s Guide Contacting Allied Telesyn This section provides Allied Telesyn contact information for technical support as well as sales or corporate information. Online Support You can request technical support online by accessing the Allied Telesyn Knowledge Base at www.alliedtelesyn.com/kb. You can use the Knowledge Base to submit questions to our technical support staff and review answers to previously asked questions.
Preface Management Software Updates New releases of management software for our managed products can be downloaded from either of the following Internet sites: ❑ Allied Telesyn web site: www.alliedtelesyn.com ❑ Allied Telesyn FTP server: ftp://ftp.alliedtelesyn.com If you prefer to download new software from the Allied Telesyn FTP server using your workstation’s command prompt, you need the FTP client software and you must log in to the server.
Chapter 1 Overview This chapter describes the AT-S63 software functions, the types of sessions you can use to access the software, and the management access levels.
Chapter 1: Overview Management Overview The AT-S63 management software is intended for the AT-9400 Series switches. You use the software to monitor and adjust the switch’s operating parameters.
AT-S63 Management Software Web Browser Interface User’s Guide There are four ways to access the management software on an AT-9400 Series switch. These methods are referred to in this guide as management sessions. They are: ❑ Local management session ❑ Telnet management session ❑ Web browser management session ❑ SNMP management session The following sections in this chapter briefly describe each type of management session.
Chapter 1: Overview Local Management Session You establish a local management session with an AT-9400 Series switch by connecting a terminal or a PC with a terminal emulator program to the terminal port on the switch, using the RJ-45 to RS-232 management cable included with the switch. The terminal port is located on the front panel of the AT-9400 Series switch.
AT-S63 Management Software Web Browser Interface User’s Guide Telnet Management Session You can use any management station on your network that has the Telnet application to manage an AT-9400 Series switch. This type of management session is referred to in this guide as a remote management session because you do not need to be in the wiring closet where the switch is located. You can manage the switch from any workstation on the network that has the application protocol.
Chapter 1: Overview Web Browser Management Session You can also use a web browser to manage a switch. This too is referred to as remote management, just like a Telnet management session. You can manage a switch from any workstation on your network that has a web browser. It also uses the enhanced stacking feature. This means there needs to be just one switch on the subnet with an Internet Protocol (IP) address for you to be able to manage all the switches with a web browser.
AT-S63 Management Software Web Browser Interface User’s Guide SNMP Management Session Another way to remotely manage the switch is with an SNMP management program. A familiarity with using management information base (MIB) objects is necessary for this type of management.
Chapter 1: Overview Management Access Levels There are two levels of management access in the AT-S63 management software: manager and operator. When you log in as a manager, you can view and configure all of a switch’s operating parameters. When you log in as an operator, you can only view the operating parameters; you cannot change any values. You log in as a manager or an operator by entering the appropriate username and password when you start an AT-S63 management session.
Section I Basic Features The chapters in this section provide information and procedures for basic switch setup and include: ❑ Chapter 2, ”Starting a Web Browser Management Session” on page 31 ❑ Chapter 3, ”Basic Switch Parameters” on page 39 ❑ Chapter 4, ”SNMPv1 and SNMPv2c” on page 53 ❑ Chapter 5, ”Enhanced Stacking” on page 65 ❑ Chapter 6, ”Port Parameters” on page 73 ❑ Chapter 7, ”MAC Address Table” on page 89 ❑ Chapter 8, ”Port Trunking” on page 99 ❑ Chapter 9, ”Port Mirroring” on page 109 29
Chapter 2 Starting a Web Browser Management Session This chapter contains the procedure for starting, saving, and quitting a web browser management session on an AT-9400 Series switch.
Chapter 2: Starting a Web Browser Management Session Starting a Web Browser Management Session To establish a web browser management session with an AT-9400 Series switch, there must be at least one switch in the subnet that has been assigned an IP address and whose stacking status has been changed to master switch. After you start a web browser management session on the master switch, you can manage all the enhanced stacking switches that reside in the same subnet.
AT-S63 Management Software Web Browser Interface User’s Guide The AT-S63 management software displays the login page, as shown in Figure 2. Figure 2. AT-S63 Login Page 3. Enter a user name and password. For manager access, enter “manager” as the user name. The default password is “friend.” For operator access, enter “operator” as the user name. The default password is “operator.” Login names and passwords are casesensitive.
Chapter 2: Starting a Web Browser Management Session The home page is shown in Figure 3. Figure 3. Home page The main menu is on the left side of the home page. It consists of the following selections: ❑ Enhanced Stacking ❑ Configuration ❑ Monitoring ❑ Logout Note The Enhanced Stacking selection is included in the menu only if the switch is a master switch. A web browser management session remains active even if you link to other sites.
AT-S63 Management Software Web Browser Interface User’s Guide Web Browser Tools You can use the web browser tools to move around the management pages. Selecting Back on your browser’s toolbar returns you to the previous display. You can also use the browser’s bookmark feature to save the link to the switch.
Chapter 2: Starting a Web Browser Management Session Saving Your Parameter Changes When you make a change to a switch parameter, the change is, in most cases, immediately activated as soon as you click the Apply button on the page. However, a change to a switch parameter is initially saved only to temporary memory. It is lost the next time you reset or power cycle the unit. To permanently save a change, you must click the Save Changes button. This button is located on the General tab.
AT-S63 Management Software Web Browser Interface User’s Guide Quitting a Web Browser Management Session To exit a web browser management session, select the Logout option from the main menu.
Chapter 2: Starting a Web Browser Management Session 38 Section I: Basic Features
Chapter 3 Basic Switch Parameters This chapter contains the following sections: ❑ ”Configuring an IP Address and Switch Name” on page 40 ❑ ”Activating the BOOTP and DHCP Client Software” on page 43 ❑ ”Displaying System Information” on page 44 ❑ ”Configuring the Manager and Operator Passwords” on page 46 ❑ ”Rebooting a Switch” on page 48 ❑ ”Pinging a Remote System” on page 49 ❑ ”Returning the AT-S63 Management Software to the Factory Default Values” on page 50 Section I: Basic Features 39
Chapter 3: Basic Switch Parameters Configuring an IP Address and Switch Name Note For guidelines about when to assign an IP address, subnet address, and gateway address to an AT-9400 Series switch, refer to “When Does a Switch Need an IP Address?” in Chapter 3, “Basic Switch Parameters,” in the AT-S63 Management Software Menus Interface User’s Guide. To set basic switch parameters for an AT-9400 Series switch, perform the following procedure: 1. From the home page, select Configuration.
AT-S63 Management Software Web Browser Interface User’s Guide Note This procedure describes the parameters in the Administration section of the tab. The Passwords section is described in ”Configuring the Manager and Operator Passwords” on page 46. The DHCP/BOOTP option is described in ”Activating the BOOTP and DHCP Client Software” on page 43. The maximum aging timer option is described in ”Changing the Aging Time” on page 97.
Chapter 3: Basic Switch Parameters IP Address This parameter specifies the IP address of the switch. You must specify an IP address if you want the switch to function as the Master switch of an enhanced stack. The IP address must be entered in the format: xxx.xxx.xxx.xxx. The default value is 0.0.0.0. Subnet Mask This parameter specifies the subnet mask for the switch. You must specify a subnet mask if you assigned an IP address to the switch. The subnet mask must be entered in the format: xxx.xxx.xxx.xxx.
AT-S63 Management Software Web Browser Interface User’s Guide Activating the BOOTP and DHCP Client Software For background information on BOOTP and DHCP, refer to Chapter 3, “Basic Switch Parameters,” in the AT-S63 Management Software Menus Interface User’s Guide. To activate or deactivate the BOOTP and DHCP client software on the switch from a web browser management session, perform the following procedure: 1. From the home page, select Configuration.
Chapter 3: Basic Switch Parameters Displaying System Information To view basic information about the switch, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6. Figure 6. General Tab (Monitoring) The General section displays the following information: System Name The name of the switch. Administrator The name of the network administrator responsible for managing the switch.
AT-S63 Management Software Web Browser Interface User’s Guide DHCP/BOOTP The status of the DHCP and BOOTP client software. If enabled, the switch is obtaining its IP information from a DHCP and BOOTP server on the network. If disabled, the IP address must be manually entered. MAC Address Aging Timer The time interval an inactive dynamic MAC address can remain in the MAC address table before it is deleted. IP Address The switch’s IP address. Subnet Mask The switch’s subnet mask.
Chapter 3: Basic Switch Parameters Configuring the Manager and Operator Passwords There are two levels of management access on an AT-9400 Series switch: manager and operator. When you log in as a manager, you can view and configure all of a switch’s operating parameters. When you log in as an operator, you can only view the operating parameters; you cannot change any values. You log in as a manager or an operator by entering the appropriate username and password when you start an AT-S63 management session.
AT-S63 Management Software Web Browser Interface User’s Guide Operator Password Confirm Operator Password Use these parameters to change the operator’s login password for the switch. The password can be from 0 to 16 characters in length. The same password is used for both local and remote management sessions. To create a new password, enter the new password into both fields. The default password for operator is “operator.” The password is case sensitive.
Chapter 3: Basic Switch Parameters Rebooting a Switch Note Any parameters changes that have not been saved are discarded when a system is reset. To save parameter changes, refer to ”Saving Your Parameter Changes” on page 36. To reboot a switch, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Click Reset. A confirmation prompt is displayed. 3.
AT-S63 Management Software Web Browser Interface User’s Guide Pinging a Remote System You can instruct the switch to ping a node on your network. This procedure is useful in determining whether a valid link exists between the switch and another device. To ping a network device, perform the following procedure: 1. From the home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the Ping Client tab.
Chapter 3: Basic Switch Parameters Returning the AT-S63 Management Software to the Factory Default Values The procedure in this section returns all AT-S63 management software parameters to their default values. Please note the following before you perform this procedure: ❑ Returning all parameter settings to their default values also deletes any port-based or tagged VLANs you created on the switch. ❑ This procedure does not delete files from the AT-S63 file system.
AT-S63 Management Software Web Browser Interface User’s Guide The System Utilities tab is shown in Figure 8. Figure 8. System Utilities Tab (Configuration) 3. Click the Reboot Switch After Setting Defaults checkbox. 4. Click Apply. The web browser displays the following prompt: This page may no longer be available while the switch reboots. Do you want to continue? 5.
Chapter 3: Basic Switch Parameters 52 Section I: Basic Features
Chapter 4 SNMPv1 and SNMPv2c This chapter explains how to activate SNMP management on the switch and how to create, modify, and delete SNMPv1 and SNMPv2c community strings.
Chapter 4: SNMPv1 and SNMPv2c Enabling or Disabling SNMP Management To enable or disable SNMP management on the switch, perform the following procedure: 1. From the Home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the SNMP tab. The SNMP tab is shown in Figure 9. Figure 9. SNMP Tab (Configuration) 3. Click the Enable SNMP Access checkbox to enable or disable SNMP management.
AT-S63 Management Software Web Browser Interface User’s Guide 5. Click Apply. A change to SNMP access is immediately activated on the switch. The community strings that already exist on the switch are displayed in a table. 6. To permanently save the change, return to the General tab on the System page and click Save Changes.
Chapter 4: SNMPv1 and SNMPv2c Creating a New SNMPv1 and SNMPv2c Community To create a new SNMPv1 and SNMPv2c community, perform the following procedure: 1. From the Home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the SNMP tab. The SNMP tab is shown in Figure 9 on page 54. 3. In the SNMPv1 & SNMPv2c section, click Configure. The SNMPv1 & SNMPv2c Communities tab is shown in Figure 10. Figure 10.
AT-S63 Management Software Web Browser Interface User’s Guide The Add New SNMPv1 & SNMPv2c Community page is shown in Figure 11. Figure 11. Add New SNMPv1 & SNMPv2c Community Page 5. Configure the following parameters: Community Name Enter an SNMP community name that consists of up to 15 alphanumeric characters. Status Click Enable to enable the SNMP community. Click Disable to disable the SNMP community. Access Mode Click Read Only to allow read access to the SNMP community.
Chapter 4: SNMPv1 and SNMPv2c Manager IP Address1 through Manager IP Address 8 Enter an IP Address of a switch that is permitted SNMP manager access to the current switch. You can enter up to 8 Manager IP Addresses. Trap Receiver IP Address 1 through Trap Receiver IP Address 8 Use the above selections to specify the IP addresses of up to 8 trap receivers on your network that can receive traps from the switch. 6. Click Apply. 7. To save your changes, return to the General tab and click Save Changes.
AT-S63 Management Software Web Browser Interface User’s Guide Modifying an SNMPv1 and SNMPv2c Community To modify an SNMPv1 and SNMPv2c community, perform the following procedure: 1. From the Home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the SNMP tab. The SNMP tab is shown in Figure 9 on page 54. 3. In the SNMPv1 & SNMPv2c section, click Configure.
Chapter 4: SNMPv1 and SNMPv2c 5. Modify the following parameters: Community Name This field is not configurable from this page. It is the name of the SNMP community. Status Click Enable to enable the SNMP community. Click Disable to disable the SNMP community. Access Mode Click Read Only to allow read access to the SNMP community. Click Read-Write to allow read-write access to the SNMP community. Allow Any Station Click this option to allow any SNMP manager to access the switch.
AT-S63 Management Software Web Browser Interface User’s Guide Deleting an SNMPv1 and SNMPv2c Community To delete an existing SNMPv1 and SNMPv2c community, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the SNMP tab. The SNMP tab is shown in Figure 9 on page 54. 3. In the SNMPv1 & SNMPv2c section, click Configure.
Chapter 4: SNMPv1 and SNMPv2c Displaying the SNMPv1 and SNMPv2c Communities To display the SNMPv1 and SNMPv2c communities, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the SNMP tab. The SNMP tab is shown in Figure 13. Figure 13. SNMP Tab (Monitoring) 3. In the SNMPv1 & SNMPv2c section, click View.
AT-S63 Management Software Web Browser Interface User’s Guide The SNMPv1 & SNMPv2c Communities tab is shown in Figure 14. Figure 14. SNMPv1 & SNMPv2c Communities Tab (Monitoring) The SNMPv1 & SNMPv2c Communities tab displays a table that contains the following columns of information: Community Name The SNMP community name. Access Mode The access mode for access to that community. The possible settings are Read Only and Read/Write.
Chapter 4: SNMPv1 and SNMPv2c Status The community status, one of the following settings: Enabled - The community is enabled. Disabled - The community is disabled.
Chapter 5 Enhanced Stacking This chapter contains the following procedures for setting up enhanced stacking: ❑ ”Setting a Switch’s Enhanced Stacking Status” on page 66 ❑ ”Selecting a Switch in an Enhanced Stack” on page 68 ❑ ”Returning to the Master Switch” on page 71 ❑ ”Displaying the Enhanced Stacking Status” on page 72 Note For background information on enhanced stacking, refer to Chapter 5, “Enhanced Stacking,” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 5: Enhanced Stacking Setting a Switch’s Enhanced Stacking Status The enhanced stacking status of the switch can be master, slave, or unavailable. Each status is described below: ❑ Master - A master switch of a stack can be used to manage other enhanced stacking switches in a subnet. After you have established a local or remote management session with the master switch, you can access and manage the other enhanced stacking switches in the subnet. A master switch must have a unique IP address.
AT-S63 Management Software Web Browser Interface User’s Guide The Enhanced Stacking tab is shown in Figure 15. Figure 15. Enhanced Stacking Tab (Configuration) 4. Click the desired enhanced stacking status for the switch. The default is Slave. 5. Click Apply. The new enhanced stacking status is immediately activated on the switch. 6. To permanently save the change, return to the General tab on the System page and click Save Changes.
Chapter 5: Enhanced Stacking Selecting a Switch in an Enhanced Stack Before you perform any procedure on a switch in an enhanced stack, check to be sure that you are performing it on the correct switch. If you assigned system names to your switches, identifying your switches is easy. The AT-S63 management software displays the name of the switch being managed at the top of every management menu.
AT-S63 Management Software Web Browser Interface User’s Guide The master switch polls the network for the slave and master enhanced stacking switches in the subnet and displays a list of the switches in the Stacking Switches page. An example is shown in Figure 16. Figure 16. Stacking Switches Page Note The master switch on which you started the management session is not included in the list, nor are any switches with an enhanced stacking status of Unavailable.
Chapter 5: Enhanced Stacking 4. Enter a user name and password for the switch when prompted. The home page of the selected switch is displayed. You can now manage the switch.
AT-S63 Management Software Web Browser Interface User’s Guide Returning to the Master Switch When you are finished managing a slave switch and want to manage another switch in the stack, return to the Home page of the switch and select Disconnect from the menu. This returns you to the Enhanced Stacking page in Figure 16 on page 69. When you see that page, you are again addressing the master switch from which you started the management session.
Chapter 5: Enhanced Stacking Displaying the Enhanced Stacking Status To display the enhanced stacking status of the switch, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select Layer 2. The Layer 2 page is displayed with the MAC Address tab selected by default, as shown in Figure 25 on page 94. 3.
Chapter 6 Port Parameters This chapter explains how to view and change the parameter settings for the individual ports on a switch. Examples of the parameters that you can adjust include port speed and duplex mode.
Chapter 6: Port Parameters Configuring Port Parameters To configure the parameter settings of a port on the switch, perform the following procedure: 1. From the Home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 1 option. 3. Select the Port Settings tab. The Port Settings tab is shown in Figure 18. Figure 18. Port Settings Tab (Configuration) 4.
AT-S63 Management Software Web Browser Interface User’s Guide The Port Configuration page is shown Figure 19. Figure 19. Port Configuration Page 6. Adjust the following parameters as necessary. Port Name Use this selection to assign a name to a port. The name can be from one to fifteen alphanumeric characters. Spaces are allowed, but you should not use special characters, such as asterisks or exclamation points. (You cannot assign a name when you are configuring more than one port.
Chapter 6: Port Parameters Disabled - The port does not receive or forward packets. Speed and Duplex You use this selection to configure a port for autonegotiation or to manually set a port’s speed and duplex mode. If you select Auto-Negotiate for autonegotiation, which is the default setting, the switch sets both speed and duplex mode for the port automatically.
AT-S63 Management Software Web Browser Interface User’s Guide redundant port automatically transitions to Auto-Negotiate to match the speed of the primary uplink port and you cannot configure the MDI/MDIX crossover parameter. Note 1000 Mbps speed is only available when you set the port to autonegotiate. You cannot set this manually. If you select all ports, the Speed and Duplex setting displays “Not Configurable,” because all ports are set to autonegotiate.
Chapter 6: Port Parameters pause packet notifies the end node to stop transmitting for a specified period of time. The possible settings are: Auto - The port uses flow control if it detects that the end node is using it. Disabled - No flow control on the port. This is the default. Enabled - Flow control is activated. For further information about flow control, refer to Chapter 6, “Port Parameters,” in the AT-S63 Management Software Menus Interface User’s Guide.
AT-S63 Management Software Web Browser Interface User’s Guide Unknown Unicast Rate Limit Use this parameter to enable or disable ingress unknown unicast packet limits and specify a rate limit for the ingress unknown unicast packets. The possible settings are: Enabled - Unknown unicast packet ingress rate limiting is enabled. Disabled - Unknown unicast packet ingress rate limiting is disabled. This is the default. You can also set the rate limit in packets per second. The range is 0 to 262143.
Chapter 6: Port Parameters Note Ports 23 and 24 are always set to Auto, and you cannot change the setting. Note The Auto setting is not available if you set a port’s speed and duplex mode manually. 7. After you have made the desired changes, click Apply. The switch activates the parameter changes on the port. 8. To permanently save the change, return to the General tab on the System page and click Save Changes.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying Port Status To display the status of a switch port, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 1 option. The Layer 1 page is displayed with the Port Settings tab selected by default, as shown in Figure 20. Figure 20.
Chapter 6: Port Parameters The Port Status page is shown in Figure 21. Figure 21. Port Status Page The Port Status page displays a table that contains the following columns of information: Port The port number. Name The name of the port. Link The status of the link between the port and the end node connected to the port. The possible settings are: Up - A valid link exists between the port and the end node. Down - The port and the end node have not established a valid link.
AT-S63 Management Software Web Browser Interface User’s Guide Speed The operating speed of the port. The possible settings are: 0010 - 10 Mbps 0100 - 100 Mbps 1000 - 1000 Mbps Duplex The duplex mode of the port. The possible settings are halfduplex and full-duplex. PVID The VLAN identifier (VID) of the VLAN in which the port is an untagged member. This column does not include the VIDs of the VLANs where the port is a tagged member. Flow Control The port’s flow control setting.
Chapter 6: Port Parameters Rate Limiting The limit on the number of ingress packets of a particular type that the port accepts per second. The possible settings are: B-Broadcast - Status of broadcast packet rate limit (enabled or disabled) and number of packets per second. UM-Unknown Multicast - Status of unknown multicast packet filtering (enabled or disabled) and number of packets per second.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying Port Statistics To display the statistics of a switch port, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 1 option. The Layer 1 page is displayed with the Port Settings tab selected by default, as shown in Figure 20 on page 81.
Chapter 6: Port Parameters Bytes Sent Number of bytes transmitted from the port. Frames Received Number of frames received on the port. Frames Sent Number of frames transmitted from the port. Broadcast Frames Received Number of broadcast frames received on the port. Broadcast Frames Sent Number of broadcast frames transmitted from the port. Multicast Frames Received Number of multicast frames received on the port. Multicast Frames Sent Number of multicast frames transmitted from the port.
AT-S63 Management Software Web Browser Interface User’s Guide frames with frame check sequence (FCS) errors (CRC errors) received on the port. Dropped Frames Number of frames successfully received and buffered by the port, but discarded and not forwarded. 5. To clear all the counters for the selected port, click Clear. To clear the counters for all ports on the switch, click Clear All.
Chapter 6: Port Parameters Resetting a Port to the Default Settings To reset a port to the default settings, perform the following procedure: 1. From the Home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 1 option. 3. Select the Port Settings tab. The Port Settings tab is shown in Figure 18 on page 74. 4.
Chapter 7 MAC Address Table This chapter contains instructions on how to add and view the dynamic and static addresses in the MAC address table of the switch.
Chapter 7: MAC Address Table Adding Static Unicast and Multicast MAC Addresses This section contains the procedure for assigning a static unicast or multicast address to a port on the switch. You can assign up to 255 static MAC addresses per port. To add a static address to the MAC address table, perform the following procedure: 1. From the Home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2.
AT-S63 Management Software Web Browser Interface User’s Guide 3. To add a static unicast address, in the View/Add Unicast MAC Addresses section, click Add. To add a static multicast address, in the View/Add Multicast MAC Addresses section, click Add. The Add MAC Address page is shown in Figure 24. Figure 24. Add MAC Address Page 4. Adjust the following parameters as necessary. MAC Address The new static unicast or multicast MAC address.
Chapter 7: MAC Address Table Deleting Unicast and Multicast MAC Addresses To delete a static or dynamic unicast or multicast MAC address from the switch, perform the following procedure: 1. From the Home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2 option. The Layer 2 page opens with the MAC Address tab selected by default, as shown in Figure 23 on page 90. 3.
AT-S63 Management Software Web Browser Interface User’s Guide Deleting All Dynamic MAC Addresses To delete all the dynamic MAC addresses, unicast or multicast, perform the following procedure: 1. From the Home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2 option. The Layer 2 page opens with the MAC Address tab selected by default, as shown in Figure 23 on page 90. 3.
Chapter 7: MAC Address Table Displaying the MAC Address Tables To view the MAC address table, perform the following procedure: 1. From the Home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab displayed by default, as shown in Figure 25. Figure 25. MAC Address Tab (Monitoring) The tab contains two sections.
AT-S63 Management Software Web Browser Interface User’s Guide View Static Displays just the static addresses assigned to the ports on the switch. View Dynamic Displays only the dynamic addresses learned on the ports on the switch. View MAC Addresses on Port Displays the dynamic and static MAC addresses of a particular port. You can specify more than one port at a time. View MAC Addresses for VLAN Displays the static and dynamic addresses learned on the tagged and untagged ports of a specific VLAN.
Chapter 7: MAC Address Table Figure 26 shows an example of viewing all unicast MAC addresses. Figure 26. View MAC Addresses Page The View MAC Addresses page displays a table that contains the following columns of information: VLAN ID The ID number of the VLAN where the port is a member. MAC Address The static or dynamic unicast MAC address. Port(s) The port on which the address was learned or assigned. The MAC address with port “CPU” is the address of the switch.
AT-S63 Management Software Web Browser Interface User’s Guide Changing the Aging Time The switch uses the aging time to delete inactive dynamic MAC addresses from the MAC address table. When the switch detects that no packets have been sent to or received from a particular MAC address in the table after the period specified by the aging time, the switch deletes the address. This prevents the table from becoming full of addresses of nodes that are no longer active.
Chapter 7: MAC Address Table 98 Section I: Basic Features
Chapter 8 Port Trunking This chapter contains the procedure for creating, modifying, or deleting a port trunk. The sections in this chapter are: ❑ ”Creating a Port Trunk” on page 100 ❑ ”Modifying a Port Trunk” on page 103 ❑ ”Deleting a Port Trunk” on page 105 ❑ ”Displaying the Port Trunks” on page 106 Note For background information on port trunking, refer to Chapter 8, “Port Trunking,” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 8: Port Trunking Creating a Port Trunk Caution Do not connect the cables of a port trunk to the ports on the switch until after you have configured the ports on both the switch and the end node. Connecting the cables prior to configuring the ports can create loops in your network topology. Loops can result in broadcast storms, which can adversely effect the operation of your network. If you are deleting a port trunk, disconnect the cables from the ports before you delete the trunk.
AT-S63 Management Software Web Browser Interface User’s Guide The Add New Trunk page is shown in Figure 28. Figure 28. Add New Trunk Page 5. Adjust the following parameters as necessary. Trunk Name The name for the port trunk. The name can be up to 16 alphanumeric characters. No spaces or special characters, such as asterisks and exclamation points, are allowed. Each trunk must be given a unique name. Trunk Method Select a load distribution method.
Chapter 8: Port Trunking 1000 Mbps. If the other ports in the trunk are operating at a different speed, port trunking may be unpredictable. Because of these port speed variables, Allied Telesyn suggests that you not include port 23R or 24R in a port trunk. 7. Click Apply. The new port trunk is now active on the switch. 8. To permanently save the change, return to the General tab on the System page and click Save Changes.
AT-S63 Management Software Web Browser Interface User’s Guide Modifying a Port Trunk This section contains the procedure for modifying a port trunk on the switch. You can change the name of a trunk and the ports that constitute the trunk. You cannot change the load distribute method.
Chapter 8: Port Trunking The Modify Trunk page is shown in Figure 29. Figure 29. Modify Trunk Page Note You cannot change the Trunk ID number or the load distribution method of a port trunk. 5. Adjust the following parameter as necessary. Trunk Name The name can be up to 16 alphanumeric characters. No spaces or special characters, such as asterisks and exclamation points, are allowed. Each trunk must have a unique name. 6.
AT-S63 Management Software Web Browser Interface User’s Guide Deleting a Port Trunk Caution Disconnect the cables from the port trunk on the switch before performing the following procedure: Deleting a port trunk without first disconnecting the cables can create loops in your network topology. Data loops can result in broadcast storms and poor network performance. To delete a port trunk from the switch, perform the following procedure: 1. From the home page, select Configuration.
Chapter 8: Port Trunking Displaying the Port Trunks To display the port trunks, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44 2. From the Monitoring menu, select the Layer 1 option. The Layer 1 page is displayed with the Port Settings tab selected by default, as shown in Figure 20 on page 81. 3. Select the Port Trunking tab.
AT-S63 Management Software Web Browser Interface User’s Guide SI - Source IP address (Layer 3) DI - Destination IP address (Layer 3) SI/DI - Source IP address /destination IP address (Layer 3) Ports The ports of the trunk.
Chapter 8: Port Trunking 108 Section I: Basic Features
Chapter 9 Port Mirroring This chapter contains the procedure for creating or deleting a port mirror. The sections in the chapter include: ❑ ”Creating a Port Mirror” on page 110 ❑ ”Modifying a Port Mirror” on page 113 ❑ ”Disabling a Port Mirror” on page 114 ❑ ”Deleting a Port Mirror” on page 115 ❑ ”Displaying the Port Mirror” on page 116 Note For background information on port mirroring, refer to Chapter 9, “Port Mirroring,” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 9: Port Mirroring Creating a Port Mirror To create a port mirror, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 1 option. The Layer 1 page opens with the Port Settings tab displayed by default, as shown in Figure 18 on page 74. 3. Select the Port Mirroring tab. The Port Mirroring tab is shown in Figure 31.
AT-S63 Management Software Web Browser Interface User’s Guide The Modify Mirror page is shown in Figure 32. Figure 32. Modify Mirror Page 5. Click the ports of the port mirror. Clicking a port toggles it through the possible settings, which are as follows: The destination (mirror) port. There can be only one destination port. A source port. The port’s ingress traffic is mirrored to the destination port. A source port. The port’s egress traffic is mirrored to the destination port. A source port.
Chapter 9: Port Mirroring Figure 33 shows an example of the Modify Mirror page configured for a port mirror. The egress traffic on ports 11 and 12 is being mirrored to the destination port 5. Figure 33. Example of a Modify Mirror Page 6. After selecting the destination and source ports, click the Enable Mirror check box. 7. Click Apply. The port mirror is now active on the switch. You can connect a data analyzer to the destination port to monitor the traffic on the source ports. 8.
AT-S63 Management Software Web Browser Interface User’s Guide Modifying a Port Mirror To modify a port mirror, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 1 option. The Layer 1 page opens with the Port Settings tab displayed by default, as shown in Figure 18 on page 74. 3. Select the Port Mirroring tab.
Chapter 9: Port Mirroring Disabling a Port Mirror To disable a port mirror, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 1 option. The Layer 1 page opens with the Port Settings tab displayed by default, as shown in Figure 18 on page 74. 3. Select the Port Mirroring tab.
AT-S63 Management Software Web Browser Interface User’s Guide Deleting a Port Mirror To delete a port mirror, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 1 option. The Layer 1 page opens with the Port Settings tab displayed by default, as shown in Figure 18 on page 74. 3. Select the Port Mirroring tab.
Chapter 9: Port Mirroring Displaying the Port Mirror To display the port mirror, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44 2. From the Monitoring menu, select the Layer 1 option. The Layer 1 page is displayed with the Port Settings tab selected by default, as shown in Figure 20 on page 81. 3. Select the Port Mirroring tab.
AT-S63 Management Software Web Browser Interface User’s Guide Enabled - Traffic is being copied to the destination port. Disabled - No traffic is being mirrored.
Chapter 9: Port Mirroring 118 Section I: Basic Features
Section II Advanced Features The chapters in this section explain additional switch management features of the AT-S63 management software.
Section II: Advanced Features
Chapter 10 File Downloads and Uploads This chapter contains the procedure for downloading a new AT-S63 image file onto the switch. This chapter also contains procedures for uploading and downloading system files, such as a boot configuration file, from the file system in the switch.
Chapter 10: File Downloads and Uploads Downloading a File This procedure explains how to download a file from a TFTP server on your network to the switch using the web browser interface. You can download any of the following files: ❑ AT-S63 image file ❑ Boot configuration file ❑ Public key ❑ CA certificate Note The public key and CA certificate are supported only on the version of AT-S63 management software that features SSL, PKI, and SSH security.
AT-S63 Management Software Web Browser Interface User’s Guide 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default. 2. Select the System Utilities tab. The System Utilities tab is shown in Figure 35. Figure 35. System Utilities Tab (Configuration) Note You use the top portion of the tab to return the switch to its factory default settings.
Chapter 10: File Downloads and Uploads Image Select this option if you are downloading the AT-S63 image file. Default Config Select this option if you are downloading a configuration file and you want the file to be designated as the active boot configuration file. General Select this option if you are downloading a CA certificate or encryption key, or a configuration file that you do not want designated as the active boot configuration file. 8. Click Apply.
AT-S63 Management Software Web Browser Interface User’s Guide Uploading a File This procedure explains how to upload a file from the switch’s file system to a TFTP server on your network using the web browser interface.
Chapter 10: File Downloads and Uploads 4. In the TFTP Operation field, click Upload. 5. In the TFTP Remote Filename field, enter a name for the file. This is the name that the file is stored as on the TFTP server. 6. In the TFTP Local Filename field, enter the name of the file in the switch’s file system that you want to upload to the TFTP server. Note The TFTP File Type options are not used when uploading a file. 7. Click Apply. The management software notifies you when the upload is complete.
Chapter 11 Event Log This chapter describes the event log that allows you to view information about network activity. Sections in the chapter include: ❑ ”Enabling or Disabling the Event Log” on page 128 ❑ ”Displaying Events” on page 130 ❑ ”Disabling the Event Log” on page 137 ❑ ”Clearing the Event Log” on page 138 ❑ ”Saving the Event Log to a File” on page 139 For more information about the event log, refer to the AT-S63 Management Software Web Browser Interface User’s Guide.
Chapter 11: Event Log Enabling or Disabling the Event Log To enable or disable the event log, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the Event Log tab. The Event log tab is shown in Figure 36. Figure 36. Event Log Tab (Configuration) 3.
AT-S63 Management Software Web Browser Interface User’s Guide 4. To determine what action the switch takes when the event log reaches its maximum capacity, for the Log Full Action, click one of the following: Wrap When the event log reaches its maximum capacity, this option deletes old entries and continues to add new entries. This is the default. Halt When the log file reaches its maximum capacity, the log stops adding new entries. 5. Click Apply to activate the settings on the switch. 6.
Chapter 11: Event Log Displaying Events Each time that you want to view the event log, you must choose how and what you want displayed. The event log settings are not saved. To specify the type of events you want to display in the event log, perform the following procedure: 1. From the home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44.
AT-S63 Management Software Web Browser Interface User’s Guide Temporary (Memory) Displays the events stored in temporary memory. This selection stores approximately 4,000 events. If the switch has been running for some time without a reset or power cycle, select Temporary. This is the default. Permanent (NVS) Displays events stored in nonvolatile memory, which stores no more than 2,000 events.
Chapter 11: Event Log Normal Displays the time, module, severity, and description for each event. This is the default. An example of Normal mode is shown in Figure 38 on page 134. Full Displays the same information as Normal, plus the file name, line number, and event ID. An example of Full mode is shown in Figure 39 on page 135. 7. To display events of a particular AT-S63 software module, from the Module Selections list, select one or more of the modules listed in Table 1.
AT-S63 Management Software Web Browser Interface User’s Guide Table 1.
Chapter 11: Event Log Figure 38 shows an example of an event log in Normal mode. Figure 38. Event Log Example Displayed in Normal Mode The events are displayed in a table. The columns in the table shown in normal display mode are described below: S (Severity) The event’s severity. The severity codes and their corresponding severity level and description are shown in Table 2. Table 2. Event Severity Levels Severity Severity Level Code Description E Error Switch operation is severely impaired.
AT-S63 Management Software Web Browser Interface User’s Guide Event This item contains two parts. The first part is the name of the module within the AT-S63 management software that generated the event. The second part is a description of the event. When you display the events in full mode, more information is included. Figure 39 shows the same portion of the event log in Figure 38 on page 134 but displayed in full mode. Figure 39.
Chapter 11: Event Log To clear the current event log, go to ”Clearing the Event Log” on page 138.
AT-S63 Management Software Web Browser Interface User’s Guide Disabling the Event Log To activate or deactivate the event log, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the Event Log tab. The Event log tab is shown in Figure 36 on page 128. 3. In the Log Settings section, for the Status, click Disabled. 4. Click Apply to activate the settings on the switch.
Chapter 11: Event Log Clearing the Event Log You can clear the event log to remove old events and start fresh. To clear the event log, do the following: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the Event Log tab. The Event log tab is shown in Figure 36 on page 128. 3. In the Log Settings section, click the Clear Log checkbox. 4.
AT-S63 Management Software Web Browser Interface User’s Guide Saving the Event Log to a File You can save the event log to a file to review later. The file is saved as an ASCII file so that you can also email the file to someone else for troubleshooting. To save the event log to a file, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the Event Log tab.
Chapter 11: Event Log 140 Section II: Advanced Features
Chapter 12 Quality of Service This chapter contains instructions on how to configure Quality of Service (QoS).
Chapter 12: Quality of Service Configuring CoS This procedure explains how to change the egress queue used to handle untagged ingress packets on a port. This procedure also overrides the priority levels in tagged ingress packets. To configure CoS, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the QoS option.
AT-S63 Management Software Web Browser Interface User’s Guide The CoS Setting for Port page is shown in Figure 41. Figure 41. CoS Setting for Port Page 5. Use the Priority list to select a value from Level 1 to Level 7 that corresponds to the egress queue where you want all untagged ingress packets on the port to be stored. For example, if you select Level 4, all untagged packets received on the port are stored in egress queue Q2 of the egress port. The default is Level 0, which corresponds to Q0.
Chapter 12: Quality of Service Note The tagged information in a packet is not changed as the packet traverses the switch. A tagged packet exits the switch with the same priority level that it had when it entered. The default for this parameter is No, meaning that the priority level of tagged packets is determined by the priority level specified in the packet itself. 7. Click Apply. Configuration changes are immediately activated on the switch. 8.
AT-S63 Management Software Web Browser Interface User’s Guide Mapping CoS Priorities to Egress Queues This procedure explains how to change the default mappings of CoS priorities to egress priority queues, as shown in Table 3 on page 143. This is set at the switch level. You cannot set this on a per-port basis. To change the mappings, perform the following procedure: 1. From the home page, select Configuration.
Chapter 12: Quality of Service The Scheduling tab is shown in Figure 42. Figure 42. QoS Scheduling Tab (Configuration) Note The Configure Egress Weights section in the tab is explained in the next procedure, ”Configuring Egress Scheduling” on page 148. 4. In the Configure CoS Queues to Egress Queues section of the tab, click the list for a CoS priority whose queue assignment you want to change and select the new queue.
AT-S63 Management Software Web Browser Interface User’s Guide 7. To permanently save the change, return to the General tab on the System page and click Save Changes. For more information about what the Save Changes button does, refer to ”Saving Your Parameter Changes” on page 36.
Chapter 12: Quality of Service Configuring Egress Scheduling This procedure explains how to select and configure a scheduling method for QoS. Scheduling determines the order in which the ports handle packets in their egress queues. For an explanation of the two scheduling methods, refer to “Scheduling” in Chapter 13, “Quality of Service,” in the AT-S63 Management Software Menus Interface User’s Guide. Scheduling is set at the switch level. You cannot set this at the port level.
AT-S63 Management Software Web Browser Interface User’s Guide Table 4. Example of Weighted Round Robin Priority (Continued) Port Egress Queue Maximum Number of Packets Q2 10 Q1 5 Q0 1 Leaving the default value of 1 for each queue results in all egress queues being given the same priority. 6. Click Apply. 7. To permanently save the change, return to the General tab on the System page and click Save Changes.
Chapter 12: Quality of Service Displaying the CoS Settings To display the CoS settings, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44 2. From the Monitoring menu, select the QoS option. The QoS page is displayed with the CoS tab selected by default, as shown in Figure 43. Figure 43. CoS Tab (Monitoring) 3. Click the port where you want to view the settings.
AT-S63 Management Software Web Browser Interface User’s Guide The CoS Setting for Port page displays a table that contains the following columns of information: Port The port number. VLAN ID The VLAN of which the port is a member. Default Priority The default priority level for this port. Override Priority Whether or not the default priority should be overridden.
Chapter 12: Quality of Service Displaying the QoS Schedule To display the QoS schedule, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44 2. From the Monitoring menu, select the QoS option. The QoS page is displayed with the CoS tab selected by default, as shown in Figure 43 on page 150. 3. Select the Scheduling tab. The Scheduling tab is shown in Figure 45. Figure 45.
Chapter 13 IGMP Snooping This chapter describes how to configure the IGMP snooping feature on the switch. The sections in the chapter include: ❑ ”Configuring IGMP Snooping” on page 154 ❑ ”Displaying a List of Host Nodes” on page 157 ❑ ”Displaying a List of Multicast Routers” on page 160 Note For background information, refer to Chapter 14, “IGMP Snooping,” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 13: IGMP Snooping Configuring IGMP Snooping To configure IGMP snooping, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40 2. Select the IGMP tab. The IGMP tab is shown in Figure 46. Figure 46. IGMP Tab (Configuration) 3. Adjust the following parameters as necessary. Enable IGMP Snooping Status Enables and disables IGMP snooping on the switch.
AT-S63 Management Software Web Browser Interface User’s Guide forwards the leave request to the router and simultaneously ceases transmission of any further multicast packets out the port where the host node is connected. The Intermediate (Multi-Host) setting is appropriate if there is more than one host node connected to a switch port, such as when a port is connected to an Ethernet hub to which multiple host nodes are connected.
Chapter 13: IGMP Snooping addresses, leaving no room for dynamic or static MAC addresses. The range is 1 address to 2048 addresses. The default is 256 multicast addresses. 4. Click Apply. 5. To permanently save the change, return to the General tab on the System page and click Save Changes. For more information about what the Save Changes button does, refer to ”Saving Your Parameter Changes” on page 36.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying a List of Host Nodes You can use the AT-S63 management software to display a list of the multicast groups on a switch, as well as the host nodes. You can also view the multicast routers. A multicast router is a router that is receiving multicast packets from a multicast application and transmitting the packets to host nodes. To view host nodes, perform the following procedure: 1. From the Home page, select Monitoring.
Chapter 13: IGMP Snooping Multicast Router Ports Mode How the router ports are determined. The possible settings are: Auto-Detect - The switch determines the ports automatically. Port number - The selected router ports. Host/Router Timeout Interval The time period in seconds after which the switch determines that a host node has become inactive. Maximum Multicast Groups The maximum number of multicast groups the switch learns. 3.
AT-S63 Management Software Web Browser Interface User’s Guide Status Indicates IGMP group status of the port. The possible settings are: Active - The port is active in the IGMP group. Left Group - The port is not active in the IGMP group.
Chapter 13: IGMP Snooping Displaying a List of Multicast Routers To view multicast routers, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the IGMP tab. The IGMP tab is shown in Figure 47 on page 157. 3. To view the multicast routers, click View Multicast Router List and then click View. The View Multicast Routers List is shown in Figure 49. Figure 49.
AT-S63 Management Software Web Browser Interface User’s Guide If the routers are static routers (specified with the Manual Select option on the Configuration IGMP page), then the View Multicast Routers List page opens, as shown in Figure 50. Figure 50.
Chapter 13: IGMP Snooping 162 Section II: Advanced Features
Chapter 14 STP and RSTP This chapter explains how to configure the STP and RSTP parameters on an AT-9400 Series switch. The sections in the chapter include: ❑ ”Enabling or Disabling a Spanning Tree Protocol” on page 164 ❑ ”Configuring STP” on page 166 ❑ ”Configuring RSTP” on page 174 Note For background information on spanning tree, refer to Chapter 16, “STP and RSTP,” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 14: STP and RSTP Enabling or Disabling a Spanning Tree Protocol To enable or disable spanning tree on the switch, perform the following procedure: 1. From the Home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab shown by default, as shown in Figure 23 on page 90. 3. Select the Spanning Tree tab.
AT-S63 Management Software Web Browser Interface User’s Guide 7. If you activated STP, go to ”Configuring STP” on page 166. If you activated RSTP go to Step ”Configuring RSTP” on page 174. If you activated MSTP, go to Chapter 15, ”MSTP” on page 181.
Chapter 14: STP and RSTP Configuring STP Caution The bridge provides default STP parameters that are adequate for most networks. Changing them without prior experience and an understanding of how STP works might have a negative effect on your network. You should consult the IEEE 802.1d standard before changing any of the STP parameters. To configure STP, perform the following procedure: 1. From the Home page, select Configuration.
AT-S63 Management Software Web Browser Interface User’s Guide The Configure STP Parameters tab is shown in Figure 52. Figure 52. Configure STP Parameters Tab (Configuration) Note The Defaults button returns all STP settings to the default settings. 5. Adjust the following parameters as necessary. Bridge Priority The priority number for the bridge. This number is used in determining the root bridge for RSTP. The bridge with the lowest priority number is selected as the root bridge.
Chapter 14: STP and RSTP parameter can be from 0 (zero) to 61,440 in increments of 4096, with 0 being the highest priority. For a list of the increments, refer to Table 5. Table 5.
AT-S63 Management Software Web Browser Interface User’s Guide MaxAge must be less than (2 x (ForwardingDelay - 1)) Note The aging time for BPDUs is different from the aging time used by the MAC address table. Bridge Identifier The MAC address of the bridge. The bridge identifier is used as a tie breaker in the selection of the root bridge when two or more bridges have the same bridge priority value. This value cannot be changed. 6. After you have made the desired changes, click Apply. 7.
Chapter 14: STP and RSTP Table 6. Port Priority Value Increments (Continued) Increment Bridge Priority Increment Bridge Priority 4 64 12 192 5 80 13 208 6 96 14 224 7 112 15 240 Port Cost The spanning tree algorithm uses the cost parameter to decide which port provides the lowest cost path to the root bridge for that LAN. The range is 0 to 65,535. The default setting is Autodetect, which sets port cost depending on the speed of the port.
AT-S63 Management Software Web Browser Interface User’s Guide The Spanning Tree tab is shown in Figure 54. Figure 54. Spanning Tree Tab (Monitoring) 4. Click View. The Monitor STP Parameters tab is shown in Figure 55. Figure 55. Monitor STP Parameters Tab (Monitoring) 5. To view port settings, click a port in the switch and click Status or Settings.
Chapter 14: STP and RSTP The STP Settings page is shown in Figure 56. Figure 56. STP Settings Page The STP Settings page displays a table that contains the following columns of information: Port Port number. State Current state of the port. The possible states are Enabled or Disabled. Cost Port cost of the port. The default is Auto-Update. Priority The number used as a tie-breaker when two or more ports have equal costs to the root bridge. 6. Click OK to close the page.
AT-S63 Management Software Web Browser Interface User’s Guide The Configure STP Parameters tab is shown in Figure 52 on page 167. 5. Click Defaults. The STP defaults are shown in ”STP, RSTP, and MSTP Default Settings” on page 369.
Chapter 14: STP and RSTP Configuring RSTP Caution The bridge provides default RSTP parameters that are adequate for most networks. Changing them without prior experience and an understanding of how RSTP works might have a negative effect on your network. You should consult the IEEE 802.1w standard before changing any of the RSTP parameters. To configure RSTP, perform the following procedure: 1. From the Home page, select Configuration.
AT-S63 Management Software Web Browser Interface User’s Guide The Configure RSTP Bridge Parameters tab is shown in Figure 57. Figure 57. Configure RSTP Parameters Tab (Configuration) 5. Adjust the following parameters as necessary. Force Version This selection determines whether the bridge operates with RSTP or in an STP-compatible mode. If you select RSTP, the bridge operates all ports in RSTP, except for those ports that receive STP BPDU packets.
Chapter 14: STP and RSTP Bridge Hello Time The time interval between generating and sending configuration messages by the bridge. This parameter can be from 1 to 10 seconds. The default is 2 seconds. Bridge Forwarding The waiting period before a bridge changes to a new state, for example, becomes the new root bridge after the topology changes. If the bridge transitions too soon, not all links may have yet adapted to the change, possibly resulting in a network loop. The range is 4 to 30 seconds.
AT-S63 Management Software Web Browser Interface User’s Guide The RSTP Settings - Port(s) page is shown in Figure 58. Figure 58. RSTP Settings - Port(s) Page 8. Adjust the following parameters as necessary. Port Priority This parameter is used as a tie breaker when two or more ports are determined to have equal costs to the root bridge. The range is 0 to 240 in increments of 16. The default value is 8 (priority value 128). For a list of the increments, refer to Table 6 on page 169.
Chapter 14: STP and RSTP 10. To permanently save the change, return to the General tab on the System page and click Save Changes. For more information about what the Save Changes button does, refer to ”Saving Your Parameter Changes” on page 36. Note All changes to a port’s RSTP settings, with the exception of port cost, are activated immediately. A change to the port cost value requires you to reset the switch. A new port cost value is not implemented until the unit is reset.
AT-S63 Management Software Web Browser Interface User’s Guide The Spanning Tree tab is displayed, as shown in Figure 54 on page 171. This tab displays information on whether spanning tree is enable or disabled and which protocol version, STP or RSTP, is active. 4. Click View. The Monitor RSTP Parameters tab is shown in Figure 59. Figure 59. Monitor RSTP Parameters Tab (Monitoring) 5. To view port settings, click a port in the switch and click Status or Settings.
Chapter 14: STP and RSTP The RSTP Settings page displays a table that contains the following columns of information: Port The port number. Edge-Port Whether or not the port is operating as an edge port. The possible settings are Yes and No. Point-to-Point Whether or not the port is functioning as a point-to-point port. The possible settings are Yes, No, and Auto Detect. Cost Port cost of the port. The default is Auto Update.
Chapter 15 MSTP This chapter explains how to configure MSTP parameters on an AT-9400 Series switch using a web browser management session.
Chapter 15: MSTP Enabling MSTP The AT-9400 Series switch can support the three spanning tree protocols STP, RSTP, and MSTP. However, only one spanning tree protocol can be active on the switch at a time. So before you can enable a spanning tree protocol, you must first select it as the active spanning tree protocol. After you select it, you can then enable or disable it.
AT-S63 Management Software Web Browser Interface User’s Guide 4. To change the active spanning tree protocol on the switch, click STP, RSTP, or MSTP in the Active Protocol Version section of the tab. The default is RSTP. Note Only one spanning tree protocol can be active on the switch at a time. 5. To enable or disable the active spanning tree protocol on the switch, click the Enable Spanning Tree check box.
Chapter 15: MSTP Configuring MSTP This section contains the following procedures: ❑ ”Configuring MSTP Parameters” on page 184 ❑ ”Configuring the CIST Priority” on page 187 ❑ ”Creating, Deleting, or Modifying MSTI IDs” on page 189 ❑ ”Adding, Removing, or Modifying VLAN Associations to MSTIs” on page 192 ❑ ”Configuring MSTP Port Parameters” on page 195 Note MSTP must be selected as the active spanning tree protocol on the switch before you can configure it.
AT-S63 Management Software Web Browser Interface User’s Guide Figure 62. Configure MSTP Parameters Tab (Configuration) Note This procedure explains the Configure MSTP Parameters section of the page. The CIST/MSTI Table is explained in ”Adding, Removing, or Modifying VLAN Associations to MSTIs” on page 192. The graphic image of the switch is described in ”Configuring MSTP Port Parameters” on page 195. Adjust the following parameters as necessary.
Chapter 15: MSTP Force Version This selection determines whether the bridge operates with MSTP or in an STP-compatible mode. If you select MSTP, the bridge operates all ports in MSTP, except those ports that receive STP or RSTP BPDU packets. If you select Force STP Compatible, the bridge uses its MSTP parameter settings, but sends only STP BPDU packets from the ports. The default is MSTP. Bridge Hello Time The time interval between generating and sending configuration messages by the bridge.
AT-S63 Management Software Web Browser Interface User’s Guide Bridge Max Hops MSTP regions use this parameter to discard BPDUs. The Max Hop counter in a BPDU is decremented every time the BPDU crosses an MSTP region boundary. After the counter reaches zero, the BPDU is deleted. Revision Level The revision level of an MSTP region. This is an arbitrary number that you assign to a region. The revision level must be the same on all bridges in a region.
Chapter 15: MSTP 6. Click Apply. 7. To permanently save the change, return to the General tab on the System page and click Save Changes. For more information about what the Save Changes button does, refer to ”Saving Your Parameter Changes” on page 36.
AT-S63 Management Software Web Browser Interface User’s Guide Creating, Deleting, or Modifying MSTI IDs To create, delete, or modify MSTI IDs, perform one of the following procedures. Creating an MSTI ID To create an MSTI ID, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2 option.
Chapter 15: MSTP parameter is used in selecting a regional root for the MSTI. For a list of the increments, refer to Table 5, ”Bridge Priority Value Increments” on page 168. The default is 0. 8. Click Apply. 9. To permanently save the change, return to the General tab on the System page and click Save Changes. For more information about what the Save Changes button does, refer to ”Saving Your Parameter Changes” on page 36. 10. Repeat this procedure to create more MSTI IDs.
AT-S63 Management Software Web Browser Interface User’s Guide 2. From the Configuration menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab selected by default, as shown in Figure 23 on page 90. 3. Select the Spanning Tree tab. The Spanning Tree tab is shown in Figure 51 on page 164. 4. Click Configure. The expanded MSTP Spanning Tree tab is shown in Figure 62 on page 185. 5.
Chapter 15: MSTP Adding, Removing, or Modifying VLAN Associations to MSTIs This section explains how to add or remove VLANs associated to MSTI IDs. Adding a VLAN Association To add a VLAN association, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2 option.
AT-S63 Management Software Web Browser Interface User’s Guide 3. Select the Spanning Tree tab. The Spanning Tree tab is shown in Figure 51 on page 164. 4. Click Configure. The expanded MSTP Spanning Tree tab is shown in Figure 62 on page 185. 5. In the CIST/MSTI Table section of the tab, the VLAN Associations field, remove the VIDs of the VLANS that you no longer want to be associated with this MSTI. You can specify more than one VID at a time (for example, 2,4,7). 6. Click Apply. 7.
Chapter 15: MSTP For more information about what the Save Changes button does, refer to ”Saving Your Parameter Changes” on page 36.
AT-S63 Management Software Web Browser Interface User’s Guide Configuring MSTP Port Parameters To configure MSTP port parameters, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab selected by default, as shown in Figure 23 on page 90. 3.
Chapter 15: MSTP range is 0 to 240 in increments of 16. The default value is 8 (priority value is 128). For a list of the increments, refer to Table 6, ”Port Priority Value Increments” on page 169. Port Internal Path Cost The port cost of the port if the port is connected to a bridge which is part of the same MSTP region. The range is 0 to 200,000,000. The default setting is Auto-detect, which sets port cost depending on the speed of the port.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying the MSTP Port Configuration To display the MSTP port configuration, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Monitoring Layer 2 page is displayed with the MAC Address tab selected by default, as shown in Figure 25 on page 94. 3.
Chapter 15: MSTP The Monitor MSTP Parameters tab is shown in Figure 66. Figure 66. Monitor MSTP Parameters Tab (Monitoring) 4. Click a port in the switch and click Settings. You can select more than one port. The MSTP Settings - Port (s) page is shown in Figure 67. Figure 67.
AT-S63 Management Software Web Browser Interface User’s Guide The MSTP Settings page displays a table that contains the following columns of information: Port The port number. Edge-Port Whether or not the port is functioning as an edge port. The possible settings are Yes and No. Point-to-Point Whether or not the port is functioning as a point-to-point port. The possible settings are Yes, No, and Auto-Detect.
Chapter 15: MSTP Displaying the MSTP Port Status To display MSTP port status, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Monitoring Layer 2 page is displayed with the MAC Address tab selected by default, as shown in Figure 25 on page 94. 3. Select the Spanning Tree tab.
AT-S63 Management Software Web Browser Interface User’s Guide Disabled - The port has not established a link with its end node. Role The MSTP role of the port. The possible roles are: Root - The port that is connected to the root switch, directly or through other switches, with the least path cost. Alternate - The port offers an alternate path in the direction of the root switch. Backup - The port on a designated switch that provides a backup for the path provided by the designated port.
Chapter 15: MSTP Resetting MSTP to the Default Settings To reset MSTP to the factory default settings, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab selected by default, as shown in Figure 23 on page 90. 3. Select the Spanning Tree tab.
Chapter 16 SNMPv3 This chapter provides the following procedures for configuring SNMPv3 parameters using a web browser management session: ❑ ”Configuring the SNMPv3 Protocol” on page 204 ❑ ”Enabling or Disabling SNMP Management” on page 205 ❑ ”Configuring the SNMPv3 User Table” on page 207 ❑ ”Configuring the SNMPv3 View Table” on page 214 ❑ ”Configuring the SNMPv3 Access Table” on page 220 ❑ ”Configuring the SNMPv3 SecurityToGroup Table” on page 227 ❑ ”Configuring the SNMPv3 Notify Table” on page 233 ❑ ”C
Chapter 16: SNMPv3 Configuring the SNMPv3 Protocol To configure the SNMPv3 protocol, you need to first enable SNMP access on the switch. Then you configure the SNMPv3 tables.
AT-S63 Management Software Web Browser Interface User’s Guide Enabling or Disabling SNMP Management In order to allow an SNMP manager or host to access the switch you need to enable SNMP access. In addition, to allow the switch to send a trap when it receives a login attempt from an unauthenticated user, you need to enable authentication failure traps. This section provides a procedure to accomplish both of these tasks.
Chapter 16: SNMPv3 3. Click the Enable SNMP Access checkbox to enable or disable SNMP management. A check in the box indicates that the feature is enabled, meaning that the switch can be managed from an SNMP management station. No check indicates that the feature is disabled. The default is disabled. Use this parameter to enable the switch to be remotely managed with an SNMP application program. Note If the Enable SNMP Access check box is not checked, the switch cannot be managed through SNMP.
AT-S63 Management Software Web Browser Interface User’s Guide Configuring the SNMPv3 User Table You can create, delete, and modify an SNMPv3 User Table entry. See the following procedures: ❑ ”Creating a User Table Entry” on page 207 ❑ ”Deleting a User Table Entry” on page 210 ❑ ”Modifying a User Table Entry” on page 211 For reference information about the SNMPv3 User Table, see Chapter 18, “SNMPv3” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 16: SNMPv3 The SNMPv3 User Table tab is shown in Figure 70. Figure 70. SNMPv3 User Table Tab (Configuration) 4. Click Add. The Add New SNMPv3 User page is shown in Figure 71. Figure 71. Add New SNMPv3 User Page 5. In the User Name field, enter a name, or logon id, that consists of up to 32 alphnumeric characters 6. In the Authentication Protocol field, enter an authentication protocol. This is an optional parameter.
AT-S63 Management Software Web Browser Interface User’s Guide Select one of the following: MD5 This value represents the MD5 authentication protocol. With this selection, users (SNMP entities) are authenticated with the MD5 authentication protocol after a message is received. This algorithm generates the message digest. The user is authenticated when the authentication protocol checks the message digest. With the MD5 selection, you can configure a Privacy Protocol.
Chapter 16: SNMPv3 None Select this value if you do not want a privacy protocol for this User Table entry. With this selection, messages transmitted between the host and the switch are not encrypted. 10. In the Privacy Password field, enter a privacy password of up to 32 alphnumeric characters. 11. In the Confirm Privacy Password field, re-enter the privacy password. 12.
AT-S63 Management Software Web Browser Interface User’s Guide 4. Click the button next to the User Table entry that you want to delete and then click Remove. A warning message is displayed. 5. Click OK. 6. To save your changes, return to the General tab and click Save Changes. Modifying a User Table Entry To modify an entry SNMPv3 User Table, perform the following procedure: 1. From the home page, select Configuration.
Chapter 16: SNMPv3 5. In the Authentication Protocol field, enter an authentication protocol. This is an optional parameter. Select one of the following: MD5 This value represents the MD5 authentication protocol. With this selection, users (SNMP entities) are authenticated with the MD5 authentication protocol after a message is received. This algorithm generates the message digest. The user is authenticated when the authentication protocol checks the message digest.
AT-S63 Management Software Web Browser Interface User’s Guide DES Select this value to make the DES privacy (or encryption) protocol the privacy protocol for this User Table entry. With this selection, messages transmitted between the host and the switch are encrypted with the DES protocol. None Select this value if you do not want a privacy protocol for this User Table entry. With this selection, messages transmitted between the host and the switch are not encrypted. 9.
Chapter 16: SNMPv3 Configuring the SNMPv3 View Table You can create, delete, and modify an SNMPv3 View Table entry. See the following procedures: ❑ ”Creating a View Table Entry” on page 214 ❑ ”Deleting a View Table Entry” on page 217 ❑ ”Modifying a View Table Entry” on page 218 For reference information about the SNMPv3 View Table, see Chapter 18, “SNMPv3” in the AT-S63 Management Software Menus Interface User’s Guide.
AT-S63 Management Software Web Browser Interface User’s Guide The SNMPv3 View Table tab is shown in Figure 73. Figure 73. SNMPv3 View Table Tab (Configuration) 4. Click Add. The Add New SNMPv3 View page is shown in Figure 74. Figure 74. Add New SNMPv3 View Page 5. In the View Name field, enter a descriptive name for this view. Assign a name that reflects the subtree OID, for example, “internet.” Enter a unique name of up to 32 alphnumeric characters.
Chapter 16: SNMPv3 Note The “defaultViewAll” value is the default entry for the SNMPv1 and SNMPv2c configuration. You cannot use the default value for an SNMPv3 View Table entry. 6. In the Subtree OID field, enter a subtree that this view will or will not be permitted to display. You can enter either a numeric value in hex format or the equivalent text name. For example, the OID hex format for TCP/IP is: 1.3.6.1.2.1.6 The text format is for TCP/IP is: tcp 7.
AT-S63 Management Software Web Browser Interface User’s Guide Volatile Select this storage type if you do not want the ability to save an entry in the View Table. After making changes to a View Table entry with a Volatile storage type, Save Changes does not appear on the General tab. NonVolatile Select this storage type if you want the ability to save an entry in the View Table. After making changes to a View Table entry with a NonVolatile storage type, Save Changes appears on the General tab.
Chapter 16: SNMPv3 Modifying a View Table Entry To modify an entry in the SNMPv3 View Table, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the SNMP tab. The SNMP tab is shown in Figure 69 on page 205. 3. In the SNMPv3 section, click the button next to Configure View Table and then click Configure at the bottom of the tab.
AT-S63 Management Software Web Browser Interface User’s Guide To restrict the user’s view to the third row (all columns) of the MIB ifEntry.0.3, enter the following value for the Subtree Mask parameter ff:bf 6. In the View Type field, enter one of the following view types: Included Enter this value to permit the View Name to see the subtree specified above. Excluded Enter this value to not permit the View Name to see the subtree specified above. 7.
Chapter 16: SNMPv3 Configuring the SNMPv3 Access Table You can create, delete, and modify an SNMPv3 Access Table entry. See the following procedures: ❑ ”Creating an Access Table” on page 220 ❑ ”Deleting an Access Table Entry” on page 224 ❑ ”Modifying an Access Table Entry” on page 224 For information about the SNMPv3 Access Table, see Chapter 18, “SNMPv3” in the AT-S63 Management Software Menus Interface User’s Guide.
AT-S63 Management Software Web Browser Interface User’s Guide Figure 76. SNMPv3 Access Table Tab (Configuration) 4. To create an SNMPv3 Access Table entry, click Add. The Add New SNMPv3 Access page is shown in Figure 77. Figure 77. Add New SNMPv3 Access Page 5. In the Group Name field, enter a descriptive name of the group. The Group Name can consist of up to 32 alphnumeric characters.
Chapter 16: SNMPv3 Note The Context Prefix field is a read only field. The Context Prefix field is always set to null. 6. In the Read View Name field, enter a value that you configured with the View Name parameter in the SNMPv3 View Table. This parameter allows the users assigned to this Group Name to view the information specified by the View Table entry. This value does not need to be unique. 7.
AT-S63 Management Software Web Browser Interface User’s Guide authenticate SNMP entities and you do not want to encrypt messages using a privacy protocol. This option provides the least security. Note If you have selected SNMPv1 or SNMPv2c, N-NoAuthNoPriv is the only security level you can select. Authentication This option permits an authentication protocol, but not a privacy protocol.
Chapter 16: SNMPv3 13. To save your changes, return to the General tab and click Save Changes. Deleting an Access Table Entry To delete an entry in the SNMPv3 Access Table, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the SNMP tab. The SNMP tab is shown in Figure 69 on page 205. 3.
AT-S63 Management Software Web Browser Interface User’s Guide The Modify SNMPv3 Access page is shown in Figure 78. Figure 78. Modify SNMPv3 Access Page Note The Context Prefix field is a read-only field. The Context Prefix field is always set to null. 6. In the Read View Name field, enter a value that you configured with the View Name parameter in the View Table. This parameter allows the users assigned to this Group Name to view the information specified by the View Table entry.
Chapter 16: SNMPv3 Note The Context Match field is a read only field. The Context Match field is always set to Exact. 9. In the Storage Type field, select one of the following storage types for this table entry: Volatile Select this storage type if you do not want the ability to save an entry in the Access Table. After making changes to an Access Table entry with a Volatile storage type, Save Changes does not appear on the General tab.
AT-S63 Management Software Web Browser Interface User’s Guide Configuring the SNMPv3 SecurityToGroup Table You can create, delete, and modify an SNMPv3 SecurityToGroup Table entry.
Chapter 16: SNMPv3 The SNMPv3 SecurityToGroup Table tab is shown in Figure 79. Figure 79. SNMPv3 SecurityToGroup Table Tab (Configuration) 4. To create an SNMPv3 SecurityToGroup Table entry, click Add. The Add New SNMPv3 SecurityToGroup page is shown in Figure 80. Figure 80. Add New SNMPv3 SecurityToGroup Page 5. In the Security Model field, select the SNMP protocol that was configured for this User Name.
AT-S63 Management Software Web Browser Interface User’s Guide v2c Select this value to associate the Group Name with the SNMPv2c protocol. v3 Select this value to associate the Group Name with the SNMPv3 protocol. 6. In the Security Name field, enter the User Name that you want to associate with a group. Enter a User Name that you configured in ”Creating a User Table Entry” on page 207. 7. In the Group Name field, enter a Group Name that you configured in the Access Table.
Chapter 16: SNMPv3 9. Click Apply. 10. To save your changes, return to the General tab and click Save Changes. Deleting a SecurityToGroup Table Entry To delete an entry SNMPv3 SecurityToGroup Table, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the SNMP tab. The SNMP tab is shown in Figure 69 on page 205. 3.
AT-S63 Management Software Web Browser Interface User’s Guide 4. Click the button next to the SecurityToGroup Table entry that you want to change, and then click Modify. The Modify SNMPv3 SecurityToGroup page is shown in Figure 81. Figure 81. Modify SNMPv3 SecurityToGroup Page 5. In the Group Name field, enter a Group Name that you configured in the SNMPv3 Access Table. See ”Creating an Access Table” on page 220.
Chapter 16: SNMPv3 Note The Row Status parameter is a read-only field in the web browser interface. The Active value indicates the SNMPv3 SecurityToGroup Table entry takes effect immediately. 7. Click Apply to update the SNMPv3 SecurityToGroup Table. 8. To save your changes, return to the General tab and click Save Changes.
AT-S63 Management Software Web Browser Interface User’s Guide Configuring the SNMPv3 Notify Table You can create, delete, and modify an SNMPv3 Notify Table entry. See the following procedures: ❑ ”Creating a Notify Table Entry” on page 233 ❑ ”Deleting a Notify Table Entry” on page 235 ❑ ”Modifying a Notify Table Entry” on page 236 For reference information about the SNMPv3 Notify Table, see Chapter 18, “SNMPv3” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 16: SNMPv3 The SNMPv3 Notify Table tab is shown in Figure 82. Figure 82. SNMPv3 Notify Table Tab (Configuration) 4. Click Add. The Add New SNMPv3 Notify page is shown in Figure 83. Figure 83. Add New SNMPv3 Notify Page 5. In the Notify Name field, enter the name associated with this trap message. Enter a descriptive name of up to 32 alphnumeric characters.
AT-S63 Management Software Web Browser Interface User’s Guide 7. In the Notify Type field, enter one of the following message types: Trap Indicates this notify table is used to send traps. With this message type, the switch does not expects a response from the host. Inform Indicates this notify table is used to send inform messages. With this message type, the switch expects a response from the host. 8.
Chapter 16: SNMPv3 4. Click the button next to the Notify Table entry that you want to delete, and then click Remove. A warning message is displayed. 5. Click OK. 6. To save your changes, return to the General tab and click Save Changes. Modifying a Notify Table Entry To modify an entry in the SNMPv3 Notify Table, perform the following procedure: 1. From the home page, select Configuration.
AT-S63 Management Software Web Browser Interface User’s Guide Trap Indicates this notify table is used to send traps. With this message type, the switch does not expects a response from the host. Inform Indicates this notify table is used to send inform messages. With this message type, the switch expects a response from the host. 7.
Chapter 16: SNMPv3 Configuring the SNMPv3 Target Address Table You can create, delete, and modify an SNMPv3 Target Address Table entry. See the following procedures: ❑ ”Creating a Target Address Table Entry” on page 238 ❑ ”Deleting a Target Address Table Entry” on page 241 ❑ ”Modifying Target Address Table Entry” on page 242 For reference information about the SNMPv3 Target Address Table, see Chapter 18, “SNMPv3” in the AT-S63 Management Software Menus Interface User’s Guide.
AT-S63 Management Software Web Browser Interface User’s Guide The SNMPv3 Target Address Table tab is shown in Figure 85. Figure 85. SNMPv3 Target Address Table Tab (Configuration) 4. Click Add. The Add New SNMPv3 Target Address page is shown in Figure 86. Figure 86. Add New SNMPv3 Target Address Page 5. In the Target Address Name field, enter the name of the SNMP manager, or host, that manages the SNMP activity on your switch.
Chapter 16: SNMPv3 You can enter a name of up to 32 alphnumeric characters. 6. In the IP Address field, enter the IP address of the host. Use the following format for an IP address: XXX.XXX.XXX.XXX 7. In the UDP Port Number field, enter a UDP port number. You can enter a UDP port in the range of 0 to 65,535. The default UDP port is 162. 8. In the Timeout field, enter a timeout value in milliseconds. When an Inform message is generated, it requires a response from the switch.
AT-S63 Management Software Web Browser Interface User’s Guide Volatile Select this storage type if you do not want the ability to save an entry in the Target Address Table. After making changes to a Target Address Table entry with a Volatile storage type, Save Changes does not appear on the General tab. NonVolatile Select this storage type if you want the ability to save an entry in the Target Address Table.
Chapter 16: SNMPv3 7. To save your changes, return to the General tab and click Save Changes. Modifying Target Address Table Entry To modify an entry in the SNMPv3 Target Address Table, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the SNMP tab. The SNMP tab is shown in Figure 69 on page 205. 3.
AT-S63 Management Software Web Browser Interface User’s Guide Use the following format for an IP address: XXX.XXX.XXX.XXX 7. In the UDP Port Number field, enter a UDP port number. You can enter a UDP port in the range of 0 to 65,535. The default UDP port is 162. 8. In the Timeout field, enter a timeout value in milliseconds. When an Inform message is generated, it requires a response from the switch. The timeout value determines how long the switch considers the Inform message an active message.
Chapter 16: SNMPv3 NonVolatile Select this storage type if you want the ability to save an entry in the Target Address Table. After making changes to an Target Address Table entry with a NonVolatile storage type, Save Changes appears on the General tab. Allied Telesyn recommends this storage type. 13. Click Apply to update the SNMPv3 Target Address Table. 14. To save your changes, return to the General tab and click Save Changes.
AT-S63 Management Software Web Browser Interface User’s Guide Configuring the SNMPv3 Target Parameters Table You can create, delete, and modify an SNMPv3 Target Parameters Table entry.
Chapter 16: SNMPv3 The Add New SNMPv3 Target Parameter page is shown in Figure 89. Figure 89. Add New SNMPv3 Target Parameters Page 5. In the Target Parameters Name field, enter a name of the SNMP manager or host. Enter a value of up to 32 alphnumeric characters. Note Enter a value for the Message Processing Model parameter only if you select SNMPv1 or SNMPv2c as the Security Model.
AT-S63 Management Software Web Browser Interface User’s Guide v1 Select this value to associate the Security Name, or User Name, with the SNMPv1 protocol. v2c Select this value to associate the Security Name, or User Name, with the SNMPv2c protocol. v3 Select this value to associate the Security Name, or User Name, with the SNMPv3 protocol. 8. In the Security Name field, enter a User Name that you previously configured with the SNMPv3 User Table. See ”Creating a User Table Entry” on page 207. 9.
Chapter 16: SNMPv3 10. In the Storage Type parameter, select one of the following storage types for this table entry: Volatile Select this storage type if you do not want the ability to save an entry in the Target Parameters Table. After making changes to a Target Parameters Table entry with a Volatile storage type, then Save Changes does not appear on the Configuration Tab. NonVolatile Select this storage type if you want the ability to save an entry in the Target Parameters Table.
AT-S63 Management Software Web Browser Interface User’s Guide 6. To save your changes, return to the General tab and click Save Changes. Modifying a Target Parameters Table Entry To modify an entry in the SNMPv3 Target Parameters Table, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the SNMP tab. The SNMP tab is shown in Figure 69 on page 205. 3.
Chapter 16: SNMPv3 5. In the Message Processing Model field, enter a Security Model that is used to process messages. Select one of the following SNMP protocols: v1 Select this value to process messages with the SNMPv1 protocol. v2c Select this value to process messages with the SNMPv2c protocol. v3 Select this value to process messages with the SNMPv3 protocol. 6. In the Security Model field, select one of the following SNMP protocols as the Security Model for this Security Name, or User Name.
AT-S63 Management Software Web Browser Interface User’s Guide Note If you have selected SNMPv1 or SNMPv2c as the Security Model, you must select No Authentication/Privacy as the Security Level. Authentication This option represents authentication, but no privacy protocol. Select this security level if you want to authenticate SNMP users, but you do not want to encrypt messages using a privacy protocol.You can select this value if you configured the Security Model parameter with the SNMPv3 protocol.
Chapter 16: SNMPv3 Configuring the SNMPv3 Community Table You can create, delete, and modify an SNMPv3 Community Table entry. See the following procedures: ❑ ”Creating an SNMPv3 Community Table Entry” on page 252 ❑ ”Deleting an SNMPv3 Community Table Entry” on page 255 ❑ ”Modifying an SNMPv3 Community Table Entry” on page 255 For reference information about the SNMPv3 Community Table, see Chapter 18, “SNMPv3” in the AT-S63 Management Software Menus Interface User’s Guide.
AT-S63 Management Software Web Browser Interface User’s Guide The SNMPv3 Community Table tab is shown in Figure 91. Figure 91. SNMPv3 Community Table Tab (Configuration) 4. Click Add. The Add New SNMPv3 Community page is shown in Figure 92. Figure 92. Add New SNMPv3 Community Page 5. In the Community Index field, enter a numerical value for this Community. This parameter is used to index the other parameters in an SNMPv3 Community Table entry. Enter a value of up to 32alphanumeric characters. 6.
Chapter 16: SNMPv3 The value of the Community Name parameter acts as a password for the SNMPv3 Community Table entry. This parameter is case sensitive. Note Allied Telesyn recommends that you select SNMP Community Names carefully to ensure these names are known only to authorized personnel. 7. In the Security Name field, enter a name of an SNMPv1 and SNMPv2c user. This name must be unique. Enter a value of up to 32 alphnumeric characters.
AT-S63 Management Software Web Browser Interface User’s Guide 10. Click Apply. 11. To save your changes, return to the General tab and click Save Changes. Deleting an SNMPv3 Community Table Entry To delete an entry in the SNMPv3 Community Table, perform the following procedure: 1. From the home page, select Configuration. The Configuration System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. Select the SNMP tab.
Chapter 16: SNMPv3 4. Click the button next to the SNMPv3 Community Table entry that you want to change and then click Modify. The Modify SNMPv3 Community page is shown in Figure 93. Figure 93. Modify SNMPv3 Community Page 5. In the Community Name field, enter a Community Name of up to 64alphanumeric characters. The value of the Community Name parameter acts as a password for the SNMPv3 Community Table entry. This parameter is case sensitive.
AT-S63 Management Software Web Browser Interface User’s Guide The Transport Tag parameter links an SNMPv3 Community Table entry with an SNMPv3 Target Address Table entry. Add the value you configure for the Transport Tag parameter to the Tag List parameter in the Target Address Table as desired. See ”Creating a Target Address Table Entry” on page 238. 8.
Chapter 16: SNMPv3 Displaying SNMPv3 Tables This section contains procedures to display the SNMPv3 Tables.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying User Table Entries To display entries in the SNMPv3 User Table, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the SNMP tab. The SNMP tab is shown in Figure 94. Figure 94. SNMP Tab (Monitoring) 3.
Chapter 16: SNMPv3 The SNMPv3 User Table tab is shown in Figure 95. Figure 95.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying View Table Entries To display entries in the SNMPv3 View Table, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the SNMP tab. The SNMP tab is shown in Figure 94 on page 259. 3.
Chapter 16: SNMPv3 Displaying Access Table Entries To display entries in the SNMPv3 Access Table, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the SNMP tab. The SNMP tab is shown in Figure 94 on page 259. 3. In the SNMPv3 section, click the button next to View Access Table and then click View at the bottom of the tab.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying SecurityToGroup Table Entries To display entries in the SNMPv3 SecurityToGroup Table, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the SNMP tab. The SNMP tab is shown in Figure 94 on page 259. 3.
Chapter 16: SNMPv3 Displaying Notify Table Entries To display entries in the SNMPv3 Notify Table, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the SNMP tab. The SNMP tab is shown in Figure 94 on page 259. 3. In the SNMPv3 section, click the button next to View Notify Table and then click View at the bottom of the tab.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying Target Address Table Entries To display entries in the SNMPv3 Target Address Table, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the SNMP Tab. The SNMP tab is shown in Figure 94 on page 259. 3.
Chapter 16: SNMPv3 Displaying Target Parameters Table Entries To display entries in the SNMPv3 Target Parameters Table, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the SNMP tab. The SNMP tab is shown in Figure 94 on page 259. 3.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying SNMPv3 Community Table Entries To display entries in the SNMPv3 Community Table, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the SNMP tab. The SNMP tab is shown in Figure 94 on page 259. 3.
Chapter 16: SNMPv3 268 Section II: Advanced Features
Section III VLANs The chapters in this section explain how to set up security on an AT-9400 Series switch.
Section III: VLANs
Chapter 17 Virtual LANs This chapter explains how to create, modify, and delete port-based and tagged VLANs. This chapter also explains how to select a multiple VLAN mode.
Chapter 17: Virtual LANs Creating a New Port-Based or Tagged VLAN To create a new port-based or tagged VLAN, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab selected by default, as shown in Figure 23 on page 90. 3. Select the VLAN tab.
AT-S63 Management Software Web Browser Interface User’s Guide The VLAN Mode and Uplink Port options are explained in ”Selecting a VLAN Mode” on page 279. The Mgmt. VLAN ID option is explained in ”Specifying a Management VLAN” on page 283. The tab displays an existing VLANs on the switch. 4. To add a new VLAN, click Add. The Add New VLAN page is shown in Figure 104. Figure 104. Add New VLAN Page 5. Adjust the following parameters as necessary. VID Enter a VID value for the new VLAN.
Chapter 17: Virtual LANs the network. To prevent inadvertently using the same VID for two different VLANs, you should keep a list of all your network VLANs and their VID values. Name Specify a name for the new VLAN. The name can be from one to fifteen alphanumeric characters in length. The name should reflect the function of the nodes that are part of the VLAN (for example, Sales or Accounting). The name cannot contain spaces or special characters, such as asterisks (*) or exclamation points (!).
AT-S63 Management Software Web Browser Interface User’s Guide The new user-configured VLAN is now ready for network operations. 8. To permanently save the change, return to the General tab on the System page and click Save Changes. For more information about what the Save Changes button does, refer to ”Saving Your Parameter Changes” on page 36.
Chapter 17: Virtual LANs Modifying a VLAN This procedure explains how to add or remove ports from a VLAN. When modifying a VLAN, note the following: ❑ You cannot change the VID of a VLAN. ❑ You cannot change the name of a VLAN from a web browser management session, but you can from a local or Telnet session. ❑ You cannot modify VLANs when the switch is operating in one of the multiple VLAN modes. To modify a VLAN, perform the following procedure: 1. From the home page, select Configuration.
AT-S63 Management Software Web Browser Interface User’s Guide 7. Click Apply. Note Untagged ports that are added to a VLAN are automatically removed from their current untagged VLAN assignment. Untagged ports that are removed from a VLAN are returned to the Default_VLAN. Removing an untagged port from the Default_VLAN without assigning it to another VLAN leaves the port as an untagged member of no VLAN. The modified VLAN is now ready for network operations. 8.
Chapter 17: Virtual LANs Deleting a VLAN To delete a port-based or tagged VLAN from the switch, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab selected by default, as shown in Figure 23 on page 90. 3. Select the VLAN tab.
AT-S63 Management Software Web Browser Interface User’s Guide Selecting a VLAN Mode The AT-S63 management software features three VLAN modes: ❑ Port-based and tagged VLAN Mode (default mode) ❑ IEEE 802.1Q-compliant Multiple VLAN Mode ❑ Non-IEEE 802.1Q compliant Multiple VLAN Mode For background information on port-based and tagged VLANs, refer to Chapter 19, “Port-based and Tagged VLANs,” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 17: Virtual LANs 5. If you select one of the multiple VLAN modes, specify an uplink port in the Uplink Port field. This port functions as the uplink port for the VLANs. The default is port 1. 6. Click Apply. The new mode is automatically activated on the switch. 7. To permanently save the change, return to the General tab on the System page and click Save Changes. For more information about what the Save Changes button does, refer to ”Saving Your Parameter Changes” on page 36.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying VLANs To display the current VLANs on a switch, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab selected by default, as shown in Figure 25 on page 94. 3. Select the VLAN tab.
Chapter 17: Virtual LANs Multiple - The non-IEEE 802.1Q-compliant multiple VLAN mode. Management VLAN ID VLAN ID of the management VLAN. The lower part of the tab displays a table that contains the following columns of information: VLAN ID The VID number assigned to the VLAN. (Client) Name The name of the VLAN. If the switch is operating in one of the multiple VLAN modes, the names of the VLANs start with “Client,” with the exception of the VLAN containing the uplink port, which starts with “Uplink.
AT-S63 Management Software Web Browser Interface User’s Guide Specifying a Management VLAN The management VLAN is the VLAN through which an AT-9400 Series switch expects to receive management packets. This VLAN is important if you are managing a switch remotely or using the enhanced stacking feature of the switch. For more details about specifying a management VLAN, see Chapter 19, “Port-based and Tagged VLANs,” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 17: Virtual LANs 284 Section III: VLANs
Chapter 18 GARP VLAN Registration Protocol (GVRP) This chapter contains instructions on how to configure GARP VLAN Registration Protocol (GVRP).
Chapter 18: GARP VLAN Registration Protocol (GVRP) Configuring GVRP To configure GVRP, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2option. The Layer 2 page is displayed with the MAC Address tab displayed by default, as shown in Figure 23 on page 90. 3. Select the GVRP tab. The GVRP tab is shown in Figure 106. Figure 106.
AT-S63 Management Software Web Browser Interface User’s Guide Join Time Use this parameter to specify the join time. The range is 10 to 60 centiseconds and the default is 20 centiseconds. Enable GIP Click to enable GIP, which is required to propagate VLAN information among the ports of the switch. Leave All Time The range is 500 to 300 centiseconds and the default is 1000 centiseconds. 5. Click Apply. Configuration changes are immediately activated on the switch. 6.
Chapter 18: GARP VLAN Registration Protocol (GVRP) Enabling or Disabling GVRP on a Port To enable or disable GVRP on a port, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Layer 2option. The Layer 2 page is displayed with the MAC Address tab displayed by default, as shown in Figure 23 on page 90. 3. Select the GVRP tab.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying the GVRP Configuration To display the GVRP configuration, perform the following procedure: 1. From the Home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab displayed by default, as shown in Figure 25 on page 94. 3. Select the GVRP tab.
Chapter 18: GARP VLAN Registration Protocol (GVRP) GIP The GIP status, Enabled or Disabled. Leave All Time The range is 500 to 300 centiseconds and the default is 1000 centiseconds.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying the GVRP Port Configuration To display the GVRP port configuration, perform the following procedure: 1. From the Home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab displayed by default, as shown in Figure 25 on page 94. 3. Select the GVRP tab.
Chapter 18: GARP VLAN Registration Protocol (GVRP) Displaying the GVRP Database To display the GVRP database, perform the following procedure: 1. From the Home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab displayed by default, as shown in Figure 25 on page 94. 3. Select the GVRP tab.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying the GVRP State Machine To display the GVRP state machine, perform the following procedure: 1. From the Home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab displayed by default, as shown in Figure 25 on page 94. 3. Select the GVRP tab.
Chapter 18: GARP VLAN Registration Protocol (GVRP) Table 7. GVRP State Machine Parameters (Continued) Parameter Meaning App Applicant state machine for the GID index on that particular port.
AT-S63 Management Software Web Browser Interface User’s Guide Table 7.
Chapter 18: GARP VLAN Registration Protocol (GVRP) Displaying the GVRP Counters To display the GVRP counters, perform the following procedure: 1. From the Home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab displayed by default, as shown in Figure 25 on page 94. 3. Select the GVRP tab.
AT-S63 Management Software Web Browser Interface User’s Guide The GVRP Counters page provides the information shown in Table 8. Table 8. GVRP Counters Section III: VLANs Parameter Meaning Receive: Total GARP Packets Total number of GARP PDUs received by this GARP application. Transmit: Total GARP Packets Total number of GARP PDUs transmitted by this GARP application. Receive: Invalid GARP Packets Number of invalid GARP PDUs received by this GARP application.
Chapter 18: GARP VLAN Registration Protocol (GVRP) Table 8. GVRP Counters (Continued) 298 Parameter Meaning Receive GARP Messages: LeaveAll Number of GARP LeaveAll messages received by the GARP application. Transmit: GARP Messages: LeaveAll Number of GARP LeaveAll messages transmitted by the GARP application. Receive GARP Messages: JoinEmpty Total number of GARP JoinEmpty messages received for all attributes in the GARP application.
AT-S63 Management Software Web Browser Interface User’s Guide Table 8. GVRP Counters (Continued) Section III: VLANs Parameter Meaning Receive GARP Messages: Bad Message Number of GARP messages that had an invalid Attribute Type value, an invalid Attribute Length value or an invalid Attribute Event value. Receive GARP Messages: Bad Attribute Number of GARP messages that had an invalid Attribute Value value.
Chapter 18: GARP VLAN Registration Protocol (GVRP) Displaying the GIP Connected Ports Ring To display the GIP connected ports ring, perform the following procedure: 1. From the Home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab displayed by default, as shown in Figure 25 on page 94. 3. Select the GVRP tab.
AT-S63 Management Software Web Browser Interface User’s Guide connected ring. If no ports exist in the GIP connected ring, “No ports are connected” is displayed. If the GARP application has no ports, “No ports have been assigned” is displayed.
Chapter 18: GARP VLAN Registration Protocol (GVRP) 302 Section III: VLANs
Section IV Security The chapters in this section explain how to set up security on an AT-9400 Series switch. The chapters include: ❑ Chapter 19, ”Port Security” on page 305 ❑ Chapter 20, ”Encryption Keys, PKI, and SSL” on page 309 ❑ Chapter 21, ”Secure Shell (SSH)” on page 317 ❑ Chapter 22, ”TACACS+ and RADIUS” on page 323 ❑ Chapter 23, ”802.
Section IV: Security
Chapter 19 Port Security This chapter explains how to display the MAC address security levels on the ports on the switch. It contains the following section: ❑ ”Displaying the MAC Address Security Level” on page 306 Note For background information on port security, refer to Chapter 23, “Port Security,” in the AT-S63 Management Software Menus Interface User’s Guide. Note You cannot configure the MAC address security feature using the web browser interface.
Chapter 19: Port Security Displaying the MAC Address Security Level To display the MAC address security level of a port, perform the following procedure: 1. From the Home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Monitoring menu, select the Layer 2 option. The Layer 2 page is displayed with the MAC Address tab displayed by default, as shown in Figure 25 on page 94. 3. Select the Port Security tab.
AT-S63 Management Software Web Browser Interface User’s Guide The Security for Port(s) page is shown in Figure 115. Figure 115. Security for Port(s) Page The Security for Ports page displays a table that contains the following columns of information: Port The number of the port. Security Mode The active security mode on the switch. Intruder Action The column specifies the action taken by the switch if a port receives an invalid packet.
Chapter 19: Port Security 308 Section IV: Security
Chapter 20 Encryption Keys, PKI, and SSL This chapter explains how to view the encryption keys, PKI-based certificates, and SSL settings and includes the following sections: ❑ ”Displaying the Encryption Keys” on page 310 ❑ ”Displaying the PKI Settings and Certificates” on page 312 ❑ ”Displaying the SSL Settings” on page 315 Note To configure encryption keys, PKI, or SSL, you must use the AT-S63 menus or CLI interface.
Chapter 20: Encryption Keys, PKI, and SSL Displaying the Encryption Keys To configure the encryption keys, you must use the AT-S63 menus or command line interface. For more information about encryption keys, refer to the AT-S63 Management Software Menus Interface User’s Guide. To display the encryption keys, perform the following procedure: 1. From the Home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2.
AT-S63 Management Software Web Browser Interface User’s Guide The Keys tab is shown in Figure 117. Figure 117. Keys Tab (Monitoring) The Keys tab displays a table that contains the following columns of information: ID The identification number of the key. Algorithm The algorithm used in creating the encryption. This is always RSA - Private. Length The length of the key in bits. Digest The CRC32 value of the MD5 digest of the public key. Description The key’s description.
Chapter 20: Encryption Keys, PKI, and SSL Displaying the PKI Settings and Certificates You can view the current PKI settings and certificates on the switch. To configure the PKI settings and certificates, you must use the AT-S63 menus or command line interface. For more information about PKI, refer to the AT-S63 Management Software Menus Interface User’s Guide. To display the PKI settings and certificates, perform the following procedure: 1. From the Home page, select Monitoring.
AT-S63 Management Software Web Browser Interface User’s Guide Name The certificate name. State The state of the certificate, one of the following: Trusted - The certificate is from a trusted CA. Untrusted - The certificate is from an untrusted CA. MTrust (Manually Trusted) The certificate has been manually verified that it is from a trusted or untrusted authority. Type The certificate type, one of the following: EE - The certificate was issued by a CA. CA - The certificate belongs to a CA.
Chapter 20: Encryption Keys, PKI, and SSL Name The name of the certificate. State Whether the certificate is Trusted or Untrusted. Manually Trusted You verified the certificate is from a trusted or untrusted authority. Type The type of the certificate. The options are EE, SELF, and CA. Source The certificate was created on the switch. Version The version number of the AT-S63 management software. Serial Number The certificate’s serial number. Signature Algorithm The signature algorithm of the certificate.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying the SSL Settings To configure the SSL settings, you must use the AT-S63 menus or command line interface. For information, refer to the AT-S63 Management Software Menus Interface User’s Guide and the AT-S63 Management Software Command Line Interface User’s Guide. To display the SSL settings, perform the following procedure: 1. From the Home page, select Monitoring.
Chapter 20: Encryption Keys, PKI, and SSL 316 Section IV: Security
Chapter 21 Secure Shell (SSH) This chapter explains how to configure the Secure Shell (SSH) protocol and contains the following sections: ❑ ”Configuring SSH” on page 318 ❑ ”Displaying the SSH Settings” on page 320 Note For background information on SSH, refer to Chapter 28, “Secure Shell (SSH),” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 21: Secure Shell (SSH) Configuring SSH To display the MAC address security level of a port, perform the following procedure: 1. From the Home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Configuration menu, select the Security option. The Security page is displayed with the 802.1x Port Access tab displayed by default, as shown in Figure 129 on page 334. 3. Select the Secure Shell tab.
AT-S63 Management Software Web Browser Interface User’s Guide Server Expiry Time Set the time, in hours, for the server key to expire. This timer determines how often the server key is regenerated. A server key is regenerated for security purposes. A server key is only valid for the time period configured in the Server Key Expiry (Expiration) Time timer. Allied Telesyn recommends that you set this field to 1. With this setting, a new key is generated every hour.
Chapter 21: Secure Shell (SSH) Displaying the SSH Settings To view the Secure Shell settings, perform the following procedure: 1. From the Home page, select Monitoring. The System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. From the Configuration menu, select the Security option. The Security page is displayed with the 802.1x Port Access tab displayed by default, as shown in Figure 6 on page 44. 3. Select the Secure Shell tab.
AT-S63 Management Software Web Browser Interface User’s Guide Server Port The well-known port for SSH. The default is port 22. Host Key ID The host key ID defined for SSH. Server Key ID Server key ID defined for SSH. Server Key Expiry Time Length of time, in hours, until the server key is regenerated. The default is 0 hours which means the server key is not regenerated. Login Timeout Time, in seconds, until a SSH server is released from an incomplete connection with a SSH client.
Chapter 21: Secure Shell (SSH) 322 Section IV: Security
Chapter 22 TACACS+ and RADIUS This chapter contains instructions on how to configure the authentication protocols.
Chapter 22: TACACS+ and RADIUS Enabling or Disabling TACACS+ or RADIUS To enable or disable the authentication protocols, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40 2. Select the Server-based Authentication tab. The Server-based Authentication tab is shown in Figure 123. Figure 123. Server-based Authentication Tab (Configuration) 3.
AT-S63 Management Software Web Browser Interface User’s Guide Configuring TACACS+ To configure TACACS+, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40 2. Select the Server-based Authentication tab. The Server-based Authentication tab is shown in Figure 123 on page 324. 3.
Chapter 22: TACACS+ and RADIUS not responded, the switch queries the next TACACS+ server in the list. If there are no more servers, the switch defaults to the standard Manager and Operator accounts. The default is 30 seconds. The range is 1 to 30 seconds. IP Address and Encryption Key Use these fields to specify the IP addresses and encryption secrets of up to three network servers containing TACACS+ server software.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying the TACACS+ Settings To display the TACACS+ settings on the switch, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the Server-based Authentication tab. The Server-based Authentication tab is shown in Figure 125. Figure 125.
Chapter 22: TACACS+ and RADIUS The TACACS+ client configuration page is shown in Figure 126. Figure 126. TACACS+ Client Configuration Page The upper portion of the page provides the following information: Global Secret The TACACS+ server encryption secret. Global Server Timeout The maximum amount of time the switch waits for a response from a TACACS+ server before assuming the server cannot respond.
AT-S63 Management Software Web Browser Interface User’s Guide Configuring RADIUS To configure RADIUS, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40 2. Select the Server-based Authentication tab. The Server-based Authentication tab is shown in Figure 123 on page 324. 3. In lower section of the Server-based Authentication tab, click RADIUS Configuration and click Configure.
Chapter 22: TACACS+ and RADIUS not responded, the switch queries the next TACACS+ server in the list. If there no more servers, the switch defaults to the standard Manager and Operator accounts. The default is 30 seconds. The range is 1 to 30 seconds. IP Address, Port #, and Encryption Key Use these fields to specify the IP address, UDP port number, and encryption key of each RADIUS server. You can specify up to a maximum of three servers.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying the RADIUS Settings To display the RADIUS settings on the switch, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44. 2. Select the Server-based Authentication tab. The Server-based Authentication tab is shown in Figure 125 on page 327.
Chapter 22: TACACS+ and RADIUS Global Server Timeout The maximum amount of time the switch waits for a response from a RADIUS server before assuming the server cannot respond. The lower portion of the page displays a table that contains the following columns of information: Server # The server number, one of three. IP Address IP address of the RADIUS server. Port Port of the RADIUS server. Encryption Key Encryption key for that server.
Chapter 23 802.1x Port-based Network Access Control This chapter contains instructions on how to configure the 802.1x Portbased Network Access Control feature on the switch. The chapter contains the following sections: ❑ ”Setting Port Roles” on page 334 ❑ ”Enabling or Disabling 802.
Chapter 23: 802.1x Port-based Network Access Control Setting Port Roles To set port roles for port-based network access control, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Security option. The Security page is displayed with the 802.1x Port Access tab selected by default, as shown in Figure 129. Figure 129. 802.
AT-S63 Management Software Web Browser Interface User’s Guide 3. To set a port’s role, click on the port. The selected port turns white. You can select more than one port at a time. 4. Click Port Role. The Port Role Configuration page is shown in Figure 130. Figure 130. Port Role Configuration Page 5. Select the desired role for the port. The possible settings are: None The port is not to participate in port-based access control. This is the default setting.
Chapter 23: 802.1x Port-based Network Access Control Enabling or Disabling 802.1x Port-based Network Access Control To enable or disable 802.1x Port-based Network Access Control, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Security option. The Security page is displayed with the 802.
AT-S63 Management Software Web Browser Interface User’s Guide Configuring Authenticator Port Parameters To configure authenticator port parameters, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Security option. The Security page is displayed with the 802.1x Port Access tab selected by default, as shown in Figure 129 on page 334.
Chapter 23: 802.1x Port-based Network Access Control Port Control The possible settings are: Force-authorized - Disables IEEE 802.1X port-based authentication and causes the port to transition to the authorized state without any authentication exchange required. The port transmits and receives normal traffic without 802.1x-based authentication of the client.
AT-S63 Management Software Web Browser Interface User’s Guide Max Requests Specifies the maximum number of times that the switch retransmits an EAP Request packet to the client before it times out the authentication session. The default value for this parameter is 2 retransmissions. The range is 1 to 10 retransmissions. 6. Click Apply. 7. To permanently save the change, return to the General tab on the System page and click Save Changes.
Chapter 23: 802.1x Port-based Network Access Control Configuring Supplicant Port Parameters To configure supplicant port parameters, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Security option. The Security page is displayed with the 802.1x Port Access tab selected by default, as shown in Figure 129 on page 334. 3.
AT-S63 Management Software Web Browser Interface User’s Guide Auth Period Specifies the period of time in seconds that the supplicant waits for a reply from the authenticator after sending an EAP-Response frame. The range is 1 to 60 seconds. The default is 30 seconds. Held Period Specifies the amount of time in seconds the supplicant is to refrain from retrying to re-contact the authenticator in the event the end user provides an invalid username and/or password.
Chapter 23: 802.1x Port-based Network Access Control Displaying the Port-based Network Access Control Parameters You can display information about the port-based network access control status and settings of the ports on the switch. This section contains the following procedures: ❑ ”Displaying the Port Status” (next) ❑ ”Displaying the Port Settings” on page 343 Displaying the Port Status To display the port-based network access control port status, perform the following procedure: 1.
AT-S63 Management Software Web Browser Interface User’s Guide 3. To see the status of the port, click the port and click Status. You can select more than one port at a time. The Port Access Port Status page is shown in Figure 134. Figure 134. Port Access Port Status Page The Port Access Port Status page displays a table that contains the following columns of information: Port The port number. Port Role The port role: None, Authenticator, or Supplicant.
Chapter 23: 802.1x Port-based Network Access Control Note To view the settings of multiple ports, you must select ports that have the same port role (authenticator or supplicant). For authenticator port(s), the Authenticator Port Parameters page is displayed, as shown in Figure 135. Figure 135. Authenticator Port Parameters Page The Authenticator Port Parameters page displays a table that contains the following columns of information: Port The port number. PortCtrl The port control setting.
AT-S63 Management Software Web Browser Interface User’s Guide MaxReq The maximum number of times that the switch retransmits an EAP Request packet to the client before it times out the authentication session. For supplicant port(s), the Supplicant Port Parameters Page is displayed, as shown in Figure 136. Figure 136. Supplicant Port Parameters Page The Supplicant Port Parameters page displays a table that contains the following columns of information: Port The port number.
Chapter 23: 802.1x Port-based Network Access Control RADIUS Accounting The AT-S63 management software supports RADIUS accounting for ports operating in the Authenticator role. The accounting information sent by the switch to a RADIUS server includes the date and time when clients log on and log off, as well as the number of packets sent and received by a switch port during a client session. For background information on this feature, refer to Chapter 29, “802.
AT-S63 Management Software Web Browser Interface User’s Guide 3. In the Configure RADIUS Accounting section, adjust the following parameters as necessary. Enable Accounting This parameter activates or deactivates RADIUS accounting on the switch. Select Enabled to activate the feature or Disabled to deactivate it. The default is Disabled. Trigger Type This parameter specifies the action that causes the switch to send accounting information to the RADIUS server.
Chapter 23: 802.1x Port-based Network Access Control The Security page is displayed with the 802.1x Port Access tab selected by default, as shown in Figure 138. Figure 138. 802.1x Port Access Tab (Monitoring) The RADIUS Accounting section provides the following information: Accounting The status of RADIUS accounting, either Enabled or Disabled. Trigger Type The action that causes the switch to send accounting information to the RADIUS server.
AT-S63 Management Software Web Browser Interface User’s Guide Accounting Update Whether or not the switch sends interim accounting updates to the RADIUS server. The options are Enabled or Disabled. Update Interval The intervals, in seconds, at which the switch sends interim accounting updates to the RADIUS server. The graphical image of the switch and the Status and Settings buttons refer to the 802.
Chapter 23: 802.
Chapter 24 Denial of Service Defense This chapter contains instructions on how to configure the Denial of Service defense feature on the switch. The sections include: ❑ ”Configuring Denial of Service Defense” on page 352 ❑ ”Displaying the DoS Settings” on page 355 Note For background information on denial of service defense, refer to Chapter 31, “Denial of Service Defense,” in the AT-S63 Management Software Menus Interface User’s Guide.
Chapter 24: Denial of Service Defense Configuring Denial of Service Defense To configure the ports on the switch for Denial of Service attack defense, perform the following procedure: 1. From the home page, select Configuration. The System page is displayed with the General tab selected by default, as shown in Figure 5 on page 40. 2. From the Configuration menu, select the Security option. The Security page is displayed with the 802.
AT-S63 Management Software Web Browser Interface User’s Guide b. In the DoS Subnet Mask field, enter the LAN’s mask. enter the mask. A binary “1” indicates the switch should filter on the corresponding bit of the IP address, while a “0” indicates that it should not. As an example, assume that the devices connected to a switch are using the IP address range 149.11.11.1 to 149.11.11.50. The mask would be 0.0.0.63. c.
Chapter 24: Denial of Service Defense 8. Adjust the settings as needed. The parameters are described below. Status Click Enable or Disable to enable or disable DoS on the selected ports. Action The action a port takes when an intruder packet is received. Although five possible selections are shown in the Action list box, they all do the same thing: block the packet, record the event, and drop the packet. Mirror Port This option applies to the Land, Tear Drop, Ping of Death, and IP Options.
AT-S63 Management Software Web Browser Interface User’s Guide Displaying the DoS Settings To display the DoS settings, perform the following procedure: 1. From the Home page, select Monitoring. The Monitoring System page is displayed with the General tab selected by default, as shown in Figure 6 on page 44 2. From the Monitoring menu, select the Security option. The Security page opens with the 802.1x Port Access tab selected by default, as shown in Figure 133 on page 342. 3. Select the DoS tab.
Chapter 24: Denial of Service Defense The DoS Monitor for Port page opens, as shown in Figure 142. Figure 142. DoS Monitor for Ports Page The page displays a table that contains the following columns of information: Port The port number. Status Whether DoS is enabled or disabled on the port. Type The type of DoS prevention. Action The action a port takes when an intruder packet is received.
Appendix A AT-S63 Default Settings This appendix lists the AT-S63 factory default settings.
Appendix A: AT-S63 Default Settings ❑ ”Management Access Control List Default Setting” on page 380 358
AT-S63 Management Software Web Browser Interface User’s Guide Basic Switch Default Settings This section lists the default settings for basic switch parameters.
Appendix A: AT-S63 Default Settings Management Interface Setting Default Console Disconnect Timer Interval 10 minutes Note Login names and passwords are case sensitive. RJ-45 Serial Terminal Port Default Settings SNTP Default Settings 360 The following table lists the RJ-45 serial terminal port default settings. RJ-45 Port Setting Default Data Bits 8 Stop Bits 1 Parity None Flow Control None Baud Rate 9600 bps The following table lists the SNTP default settings.
AT-S63 Management Software Web Browser Interface User’s Guide Switch Administration Default Settings System Software Default Settings The following table describes the switch administration default settings. Administration Setting Default IP Address 0.0.0.0 Subnet Mask 0.0.0.0 Gateway Address 0.0.0.0 System Name None Administrator None Comments None BOOTP/DHCP Disabled MAC Address Aging Time 300 seconds The following table lists the system software default settings.
Appendix A: AT-S63 Default Settings Enhanced Stacking Default Setting The following table lists the enhanced stacking default setting.
AT-S63 Management Software Web Browser Interface User’s Guide SNMP Default Settings The following table describes the SNMP default settings.
Appendix A: AT-S63 Default Settings Port Configuration Default Settings The following table lists the port configuration default settings.
AT-S63 Management Software Web Browser Interface User’s Guide Event Log Default Settings The following table lists the event log default settings.
Appendix A: AT-S63 Default Settings Quality of Service The following table lists the default mappings of IEEE 802.1p priority levels to egress port priority queues 366 IEEE 802.
AT-S63 Management Software Web Browser Interface User’s Guide IGMP Snooping Default Settings The following table lists the IGMP Snooping default settings.
Appendix A: AT-S63 Default Settings Denial of Service Prevention Default Settings The following table lists the default settings for the Denial of Service prevention feature. 368 Denial of Service Prevention Setting Default IP Address 0.0.0.0 Subnet Mask 0.0.0.
AT-S63 Management Software Web Browser Interface User’s Guide STP, RSTP, and MSTP Default Settings This section provides the spanning tree, STP RSTP, and MSTP, default settings. Spanning Tree Switch Settings STP Default Settings RSTP Default Settings The following table describes the Spanning Tree Protocol default settings for the switch. STP Switch Setting Default Spanning Tree Status Disabled Active Protocol Version RSTP The following table describes the STP default settings.
Appendix A: AT-S63 Default Settings MSTP Default Settings 370 RSTP Setting Default Port Priority 128 The following table lists the MSTP default settings.
AT-S63 Management Software Web Browser Interface User’s Guide VLAN Default Settings This section provides VLAN default settings.
Appendix A: AT-S63 Default Settings GVRP Default Settings This section provides the default settings for GVRP.
AT-S63 Management Software Web Browser Interface User’s Guide Port Security Default Settings The following table lists the port security default settings.
Appendix A: AT-S63 Default Settings 802.1x Port-Based Network Access Control Default Settings The following table describes the 802.1x Port-based Network Access Control default settings. 802.1x Port-based Network Access Control Settings Default Port Access Control Disabled Authentication Method RADIUS EAP Port Role None The following table lists the default settings for RADIUS accounting.
AT-S63 Management Software Web Browser Interface User’s Guide Web Server Default Settings The following table lists the web server default settings.
Appendix A: AT-S63 Default Settings SSL Default Settings The following table lists the SSL default settings.
AT-S63 Management Software Web Browser Interface User’s Guide PKI Default Settings The following table lists the PKI default settings, including the generate enrollment request settings.
Appendix A: AT-S63 Default Settings SSH Default Settings The following table lists the SSH default settings.
AT-S63 Management Software Web Browser Interface User’s Guide Server-Based Authentication Default Settings This section describes the server-based authentication, RADIUS, and TACACS+ client default settings. Server-Based Authentication Default Settings RADIUS Default Settings TACACS+ Client Default Settings The following table describes the server-based authentication default settings.
Appendix A: AT-S63 Default Settings Management Access Control List Default Setting The following table lists the default setting for the Management Access Control List.
Index Numerics 802.
Index C ciphers available parameter 321 CIST priority parameter 187 Class of Service (CoS) configuring 142 mapping to egress queues 145 schedule, displaying 152 scheduling, configuring 148 settings, displaying 150 Common and Internal Spanning Tree (CIST), configuring 187 community name SNMPv1 and SNMPv2c 57 SNMPv3 protocol 253, 256 configuration file, default name 359 console disconnect interval, default setting 360 console startup mode, default setting 361 D data compression parameter 321 daylight savings
AT-S63 Management Software Web Browser Interface User’s Guide Rapid Spanning Tree Protocol (RSTP) 176 Spanning Tree Protocol (STP) 168 HOL blocking, default setting 364 host key ID parameter 318 host nodes, displaying 157 host/router timeout interval configuring 155, 158 default setting 367 I ingress packet threshold 78 Internet Group Management Protocol (IGMP) snooping configuring 154 default settings 367 disabling 154, 157 displaying 157 enabling 154, 157 Internet Protocol (IP) address configuring 42 def
Index MSTI ID creating 189 deleting 190 modifying 190 removing a VLAN association 192 Multiple Spanning Tree Protocol (MSTP) associating VLANs to MSTI IDs 192 bridge forwarding delay 186 bridge hello time 186 bridge max age 186 bridge settings, configuring 184 configuration name 186 configuring 184 connecting to VLANs 192 default settings 370 disabling 182 edge port 196 enabling 182 force version 186 max hops 187 MSTI ID creating 189 deleting 190 modifying 190 parameters configuring 184 parameters, display
AT-S63 Management Software Web Browser Interface User’s Guide deleting 105 displaying 106 modifying 103 port-based VLAN creating 272 deleting 278 displaying 281 modifying 276 Public Key Infrastructure (PKI) default settings 377 settings, displaying 312 Q Quality of Service (QoS), default settings 366 quiet period, configuring 338 R RADIUS configuring 329 default settings 379 disabling 324 displaying settings 331 enabling 324 server timeout 332 RADIUS accounting configuring 346 settings, displaying 347 RADI
Index modifying 255 SNMPv3 Notify Table entry creating 233 deleting 235 displaying 264 modifying 236 SNMPv3 SecurityToGroup Table entry creating 227 deleting 230 displaying 263 modifying 230 SNMPv3 Target Address Table entry creating 238 deleting 241 displaying 265 modifying 242 SNMPv3 Target Parameters Table entry creating 245 deleting 248 displaying 266 modifying 249 SNMPv3 User Table entry creating 207 deleting 210 displaying 259 modifying 211 SNMPv3 View Table entry creating 214 deleting 217 displaying
AT-S63 Management Software Web Browser Interface User’s Guide configuring 341 default 33 user password, configuring 341 UTC offset, default setting 360 V versions supported (SSH) parameter 320 virtual LAN (VLAN) associating to MSTI IDs 192 creating 272 default settings 371 deleting 278 displaying 281 mode, selecting 279 modifying 276 VLAN name, default setting 371 W web browser management session defined 26 limitations 26 quitting 37 starting 32 web server, default settings 375 387
Index 388
