APS Series Gigabit Managed Switches APS-10T2SFP APS-26T6SFP APS-48T4SFP APS-24T4S4SP APS-48T4S4SP User Manual Version: 1.0.
APS User Manual About this Guide ____________________________________________________________ 6 Compliances and Safety Statements ____________________________________________ 7 Introduction _____________________________________________________________ 11 Overview ____________________________________________________________________ 11 1. Operation of the Web-based Management ___________________________________ 12 1.1 System________________________________________________________________ 14 1.1.
APS User Manual 1.2.1-4 Detailed Statistics _______________________________________________________________ 53 1.2.1-5 QoS Statistics ___________________________________________________________________ 55 1.2.1-6 SFP Information _________________________________________________________________ 56 1.2.1-7 EEE ___________________________________________________________________________ 58 1.2.2 ACL _____________________________________________________________________ 60 1.2.
APS User Manual 1.2.8-1 LLDP Configuration _____________________________________________________________ 135 1.2.8-2 LLDP Neighbors ________________________________________________________________ 138 1.2.8-3 LLDP-MED Configuration _________________________________________________________ 140 1.2.8-4 LLDP-MED Neighbors ____________________________________________________________ 147 1.2.8-5 EEE __________________________________________________________________________ 152 1.2.
APS User Manual 1.2.15-5 Port Tag Remarking ____________________________________________________________ 212 1.2.15-6 Port DSCP ____________________________________________________________________ 215 1.2.15-7 DSCP-based QoS ______________________________________________________________ 217 1.2.15-8 DSCP Translation ______________________________________________________________ 219 1.2.15-9 DSCP Classification _____________________________________________________________ 221 1.2.
APS User Manual 1.3.5-2 Switch Status __________________________________________________________________ 284 1.3.5-3 Port Status ____________________________________________________________________ 286 1.3.6 AAA ___________________________________________________________________ 287 1.3.6-1 Configuration __________________________________________________________________ 287 1.3.6-2 RADIUS Overview _______________________________________________________________ 291 1.3.
APS User Manual About this Guide Purpose this guide gives specific information on how to operate and use the management functions of the switch. Audience The guide is intended for use by network administrators who are responsible for operating and maintaining network equipment; consequently, it assumes a basic working knowledge of general switch functions, the Internet Protocol (IP), and Simple Network Management Protocol (SNMP). Warranty The APS series comes with a standard 3 year warranty.
APS User Manual Compliances and Safety Statements Federal Communications Commission (FCC) Statement This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
APS User Manual - Radio-frequency electromagnetic field according to IEC 61000-43:2006+A1:2007+A2:2010 - Electrical fast transient/burst according to IEC 61000-4-4:2010 - Surge immunity test according to IEC 61000-4-5:2005 - Immunity to conducted disturbances, Induced by radio-frequency Fields: IEC 61000-4-6:2008 - Power frequency magnetic field immunity test according to IEC 61000-4-8:2009 - Voltage dips, short interruptions and voltage variations immunity test According to IEC 61000-4-11:2004 LVD: - EN6
APS User Manual SAFETY PRECAUTIONS Read the following information carefully before operating the device. Please follow the following precaution items to protect the device from risks and damage caused by fire and electric power: Use the power adapter that is included with the device package. Pay attention to the power load of the outlet or prolonged lines. An overburdened power outlet or damaged cords and plugs may cause electric shock or fire.
APS User Manual Fig. Additional arrester installed between outdoor device and this switch NOTE: The switch is indoor device; if it will be used in outdoor environment or connects with some outdoor device, then it must use a lightning arrester to protect the switch WARNING: Self-demolition of Product is strictly prohibited. Damage caused by self-demolition will result in voiding the switches warranty. Do not place product in outdoor locations.
APS User Manual Introduction Overview In this user’s manual, we will explain how to configure and monitor the APS Series switches through the Web Management Interface. The APS Series, the next generation Web managed switches from Alloy, are a portfolio of affordable managed switches that provides a reliable infrastructure for your business network.
APS User Manual 1. Operation of the Web-based Management This chapter instructs you on how to configure and manage the APS Series switches through the web user interface. With this facility, you can easily access and monitor the switch through any of the Ethernet ports and view the status of the switch, including MIBs status, each port activity, Spanning tree status, port aggregation status, multicast traffic, VLAN and priority status, even illegal access record and so on.
APS User Manual Fig.
APS User Manual 1.1 System This chapter describes the basic configuration tasks required to configure the system information on the APS Series switches. The System Information page is the default page and will be the first page you see when you log into the switches web interface. 1.1.
APS User Manual Parameter Description Model Name: The model name of this device. System Description: A brief description of this device. Location: A user-defined value describing the location of the switch. Contact: A user-defined value, normally the system/network administrator details will be entered here. Device Name: A user-defined value, give the switch a descriptive name for easy identification. System Date: Shows the system time and date of the switch.
APS User Manual Maximum Frame Size: Displays the switches maximum supported frame size. 1.1.1-2 Configuration The Contact Information, name and the location of switch and can all be configured here. Web Interface To configure the contact information via the web interface: 1 Click System, System Information and Configuration. 2 Enter the required Contact, Device Name and Location details in the fields provided. 3 Click Save to apply your changes. Fig.
APS User Manual System Location: The physical location of the switch (e.g., telephone closet, 3rd floor). The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 32 to 126. 1.1.1-3 CPU Load This page displays the CPU load, using an SVG graph. The load is measured as averaged over the last 100ms, 1sec and 10 seconds intervals. The last 120 samples are graphed, and the last numbers are displayed as text as well.
APS User Manual 1.1.2 Time The page is used to configure the time setting on the switch. Time can be set manually or via a NTP server. By default NTP is used and is set to au.pool.ntp.org. 1.1.2-1 Manual The time for the switch can set manually or via a NTP Server. When setting manually simply enter the date and time into the paces provided. Web Interface To configure the time settings via the Web Interface: 1. Click System, Time and Manual. 2. Select use Local Settings. 3.
APS User Manual Parameter Description Clock Source: Select what clock source the switch will use for its time configuration. Use Local Settings allows you to manually set the time, or use NTP Server to allow the switch to sync it’s time with an external NTP time server. Local Time: Displays the current time when using NTP Server, or is used to set the time when using Local Settings. Time Zone Offset: Provide the time zone offset relative to UTC/GMT. The offset is given in minutes east of GMT.
APS User Manual 1.1.2-2 NTP NTP (Network Time Protocol) is a protocol used to sync devices on the network with a time server. Web Interface To configure the NTP Settings via the Web Interface: 1. Click System, Time and NTP. 2. Enter the required Server addresses in to the fields provided. Up to 5 NTP servers can be configured. 3. Click Save to apply your changes. Fig.
APS User Manual 1.1.3 Account The Accounts function is used by the administrator to create, modify and delete users. The administrator can modify any guest user’s settings including the privilege level and the guest user password. The guest user only has rights to modify their own password. Only one administrator account can be configured and up to four Guest accounts can be created. 1.1.3-1 Users This page provides an overview of the current users.
APS User Manual Fig. 8 Adding a New User Parameter Description User Name: The name identifying the user, enter the username that you want to create. Password: Enter the required password. The password length can be between 0 and 255 characters. Password (again): Re-enter the password from the password field. Privilege Level: Used to assign the privilege level of the user being created. The allowed privilege range is from 1 through to 15.
APS User Manual 1.1.3-2 Privilege Level This page provides the administrator a way to give users access to the management interface of the switch. Privilege levels can be set for a variety of different switch functions. Each function is assigned to a group and a privilege level from 1 through to 15 can be assigned to each group. Web Interface To configure the Privilege Level settings via the Web Interface: 1. Click System, Account and Privilege Level. 2. Specify the privilege level for each of the groups.
APS User Manual 1.1.4 IP IP is an acronym for Internet Protocol. It is a protocol used for communicating data across an internet network. IP is a "best effort" system, which means that no packet of information sent over is assured to reach its destination in the same condition it was sent.
APS User Manual Fig. 10 IPv4 Address Configuration Parameter Description DHCP Client: Enable the DHCP Client by checking the tick box. When selected, the switch will obtain an IP Address from your DHCP Server. If the switch does not receive an IP Address the Default IP Address will be used. Renew: Click the Renew button to renew the DHCP lease from the DHCP Server. IP Address: Enter the required static IP Address in dotted decimal notation.
APS User Manual 1.1.4-2 IPv6 The APS Series switches support both dynamically assigned and statically configured IP Addresses. If you are running a DHCP server on your network the switch can obtain an IP Address from the DHCP if DHCP Client is enabled. If not the switches IP settings must be configured manually. Please change the IP Address of the switch to suit your networks requirements. Web Interface To configure the IPv6 settings via the Web Interface: 1. Click System, IP and IPv6. 2.
APS User Manual Prefix: Enter the IPv6 Prefix of this switch. The allowed range is 1 to 128. Gateway: Enter the required IPv6 Gateway Address.
APS User Manual 1.1.5 Syslog The APS Series Switches support offloading system messages to a Syslog Server. A Syslog is a standard for logging program messages. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. It is supported by a wide variety of devices and receivers across multiple platforms. 1.1.
APS User Manual Syslog Level: Indicates what messages will be sent to the Syslog server. 1.1.5-2 Log This section display’s the system logging locally on the switch. Web Interface To view the System Logs via the Web Interface: 1. Click System, Syslog and Logs. Fig. 13 System Logs Parameter Description Auto-refresh: Select the Auto-refresh check box to enable the auto-refresh function. This enables the screen to refresh automatically. Level: Select the level of logging to be displayed on the screen.
APS User Manual 1.1.5-3 Detailed Log This section is used to display events ID’s in more detail. Web Interface To view the Detailed System Logs via the Web Interface: 1. Click System, Syslog and Detailed Logs. 2. Enter the Event ID into the ID filed to display the event in more detail. Fig. 13 Detailed System logs Parameter Description ID: Enter the Event ID of the log event you want to view in detail. Message: Displays the detailed message of the log event.
APS User Manual 1.1.6 SNMP The APS Series Switches support SNMP and can be managed by any Network Management System (NMS). SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent and traverses the Object Identity (OID) of the management Information Base (MIB), described in the form of SMI syntax. A SNMP agent is running on the switch and if enabled will respond to the requests issued by a SNMP manager. 1.1.
APS User Manual 1.1.6-2 Configuration This section is used to configure the GET and SET community names. In this section you can also enable or disable the SET community. By doing this the NMS server will not be able to write configuration parameters to the switch. Web Interface To configure the GET and SET communities names via the Web Interface: 1. Click System, SNMP and Configuration. 2. Enter the GET and SET community names. 3.
APS User Manual 1.1.6-3 Communities This section is used to configure additional communities. These communities can be used to secure the SNMP information by allowing only certain users and IP Addresses to be able to access a specific community. The maximum number of communities that can be created is four. Web Interface To configure communities via the Web Interface: 1. Click System, SNMP and Communities. 2. Click add new community. 3.
APS User Manual Fig. 17 SNMP Add New Community window Parameter Description Delete: Select the delete button next to the community you would like to delete. Community: Enter a valid community name. Valid length is from 1 to 32. The community string will be treated as a security name and map a SNMPc1 or SNMPv2c community string. Username: The Username string is used to permit access to the SNMP agent. The length of the Username can be from 1 to 32 characters.
APS User Manual 1.1.6-4 Users SNMPv3 brings some important and much needed authentication and encryption options to the SNMP protocol. This section is used to configure SNMPv3 users. Web Interface To configure SNMP Users via the Web Interface: 1. Click System, SNMP and Users. 2. Click on Add New User to configure a new user. Enter the required user details. 3. Click Save to apply your changes. Fig.
APS User Manual Fig. 19 adding a new SNMPv3 User Parameter Description Delete: Select the delete button next to the community you would like to delete. Username: Enter a username to identify the user. Allowed length is 1 to 32 characters. Security Level: Indicates the security model set for the user.
APS User Manual DES: Select to use the DES encryption method once the Privacy Protocol has been set for a user it cannot be changed. If you need to modify the Privacy Protocol you will need to delete and recreate the user. Privacy Password: The password used for both the DES Privacy Protocol. The allowed password length is 8 to 32 characters.
APS User Manual 1.1.6-5 Groups This section is used to configure SNMPv3 groups. Web Interface To configure SNMP Groups via the Web Interface: 1. Click System, SNMP and Groups. 2. Click on Add New Group to configure a new Group. Enter the required group details. 3. Click Save to apply your changes. Fig. 12 SNMPv3 Group Parameter Description Delete: Select the tick box and click the apply button to delete a Group. Add New Group: Used to add a new group.
APS User Manual Fig. 13 Add a new SNMPv3 Group Parameter Description Delete: Select the delete button next to the group you would like to delete. Security Model: Select the required security model that the group will belong to. Options are: v1: Reserved for SNMPv1 and will be available once a SNMPv1 community has been created in the communities section.
APS User Manual 1.1.6-6 Views This section is used to configure SNMPv3 views. Web Interface To configure SNMP Views via the Web Interface: 1. Click System, SNMP and Views. 2. Click on Add New View to configure a new View. Enter the required view details. 3. Click Save to apply your changes. Fig. 14 SNMPv3 View Parameter Description Delete: Select the tick box and click the apply button to delete a View. Add New View: Used to add a new view.
APS User Manual Fig. 15 Add a new SNMPv3 View Parameter Description Delete: Select the delete button next to the view you would like to delete. View Name: Enter a view name to identify the view you are creating. Allowed length of 1 to 32 characters. View Type: Select the view type from the options below: Included: Used to allow a particular OID subtree to be displayed in the view. Excluded: Used to block a particular OID subtree from being displayed.
APS User Manual 1.1.6-7 Access This section is used to configure SNMPv3 access lists. Web Interface To configure SNMP Access lists via the Web Interface: 1. Click System, SNMP and Access. 2. Click Add new Access. 3. Specify the SNMP Access parameters. 4. Click Save to apply your changes. Fig. 16 SNMPv3 Access Parameter Description Delete: Select the tick box and click the apply button to delete an Access rule. Add New Access: Used to add a new Access rule.
APS User Manual Fig. 17 Add a new SNMPv3 Access Rule Parameter Description Delete: Select the delete button next to the Access Rule you would like to delete. Group Name: Select the Group name from the drop down box. Please ensure you have created a group from the Group section. (See section 1.1.6-5) Security Model: Select the required security model that the group will belong to.
APS User Manual Write View Name: The name of the MIB view defining the MIB objects for which this request may potentially set new values. The allowed string length is 1 to 32. 1.1.6-8 Trap This section is used to create SNMP traps. Web Interface To configure SNMP Traps via the Web Interface: 1. Click System, SNMP and Trap. 2. Select an SNMP Trap number and click the number to add the trap information. Up to 6 traps can be configured. 3.
APS User Manual Fig. 19 Add a new SNMP Trap Parameter Description Trap Version: Select the required Trap Version SNMP v1, v2c or v3 trap. Server IP: Enter the IP Address of the server that will receive the SNMP Traps. UDP Port: Enter the UDP port used for sending the SNMP Traps, default is 162. Community/Security: Enter the Community/Security name, this value can be 1 to 32 characters in length. Security Level: Select the type of information you want sent in the SNMP Trap.
APS User Manual Privacy Password: The password used for both the DES Privacy Protocol. The allowed password length is 8 to 32 characters.
APS User Manual 1.2 Configuration This chapter describes the network configuration options available in the APS Series of switches. All Layer 2 features such as VLAN’s, Port Trunking, IGMP, ACL’s and QoS can be configured in this section. 1.2.1 Port The Port section is used to configure specific port parameters and view statistics related to individual ports. 1.2.1-1 Configuration Use this section to configure parameters for each of the ports.
APS User Manual Parameter Description Port: The logical port number for the switch. Link: The current link state of the port is shown. Green indicates link is active, Red indicates the link is down. Speed-Current: Displays the current port link speed. Speed-Configured: Here you can force the speed of a port. Forcing the speed of a port is not recommended and should only be done if you are having linking issues when connecting to a particular device.
APS User Manual ActiPHY: Link down power savings enabled. Power saving occurs if no active link. PerfectReach: Link up power savings enabled. Reduced power used by the port depending on the length of the cable. Enabled: Both Link up and Link Down power saving mechanisms enabled. NOTE: At the top of the column there is an *. The * is a global setting and a way of changing the settings for every port simultaneously.
APS User Manual 1.2.1-2 Port Description Use this section to help identify what devices are connected to each port of your switch. Each Port can have a description assigned to it. Web Interface To add a description to the ports of the switch via the Web Interface: 1. Click Configuration, Port and Description. 2. Enter the description for the required ports. 3. Click Apply to save changes or Reset to return to previous values. Fig.
APS User Manual 1.2.1-3 Traffic Overview Use this section to view basic traffic statistics for each of the switch ports. Web Interface To view the port statistics via the Web Interface: 1. Click Configuration, Port and Traffic Overview. 2. Click on an individual port number to show the detailed statistics for that port. 3.
APS User Manual Filtered: The number of filtered frames received by the switch. Auto-Refresh: To enable auto-refreshing of the statistics on the screen, tick this tick box. Refresh: Used to manually refresh the statistics. Clear: Used to clear the current statistical data.
APS User Manual 1.2.1-4 Detailed Statistics This sections displays in depth details of the traffic being transmitted and received by the switch. If you are having problems on your network, this page can be useful for diagnosing packet errors being received or transmitted by the switch. Web Interface To view the detailed port statistics via the Web Interface: 1. Click Configuration, Port and Detailed Statistics. 2. Select the Port you would like to view from the drop down box near the top of the page. 3.
APS User Manual Clear: Used to clear the current statistical data. Receive Total: The total number of received Rx traffic including good and bad packets. Types of traffic displayed are Rx Packets, Rx Octets, Rx Unicast, Rx Multicast, Rx Broadcast and Rx Pause packets. Transmit Total: The total number of transmitted Tx traffic including good and bad packets. Types of traffic displayed are Tx Packets, Tx Octets, Tx Unicast, Tx Multicast, Tx Broadcast and Tx Pause packets.
APS User Manual 1.2.1-5 QoS Statistics This section displays the QoS Queuing details for each of the ports. By clicking on an individual port detailed statistic can be shown. Web Interface To view the detailed QoS statistics via the Web Interface: 1. Click Configuration, Port and QoS Statistics. 2. Click on an individual port number to show the detailed statistics for that port. 3.
APS User Manual 1.2.1-6 SFP Information This section displays the detailed information regarding the SFP module(s) installed in the switch. Web Interface To view the detailed SFP Information via the Web Interface: 1. Click Configuration, Port and SFP Information. 2. Select the port you want to view. 3. If you would like the page to auto-refresh the SFP Information, check the Auto-Refresh tick box at the top of the page, or alternatively hit the refresh button to refresh the page manually. Fig.
APS User Manual Vendor Name: Vendor’s name of the SFP Module. Vendor P/N: The part number of the Vendors SFP module. Vendor Revision: The revision number of the Vendors SFP module. Vendor Serial Number: The serial number of the SFP module. Date Code: Date the SFP module was manufactured. Temperature: Shows the current temperature of the SFP module. Vcc: Shows the current DC voltage being used by the SFP module. Mon1 (Bias): Shows the Bias current of the SFP module in mA.
APS User Manual 1.2.1-7 EEE EEE is a power saving option that reduces the power usage when there is very low traffic utilization (or no traffic). EEE works by powering down circuits when there is no traffic. When a port has data to be transmitted all circuits are powered up. The time it takes to power up the circuits is called the wakeup time. The default wakeup time is 17 µs for 1Gbit links and 30 µs for other link speeds.
APS User Manual Fig. 26 EEE Configuration Parameter Description Port: Physical port of the switch. EEE Enabled: Used to enable or disable EEE for each port. EEE Urgent Queues: Queues set will activate transmission of data as soon as it is available. If no queue is set then transmission of data will only occur once 3000 bytes are ready to be transmitted. Queues 1 to 8 are mapped to QoS Queues 0 to 7. E.g. EEE Urgent Queue 1 uses QoS Queue 0.
APS User Manual 1.2.2 ACL The APS Series switches access control list (ACL) is probably the most commonly used object in the IOS. It is used for packet filtering but also for selecting types of traffic to be analyzed, forwarded, or influenced in some way. The ACLs are divided into EtherTypes, IPv4, ARP protocol, MAC and VLAN parameters etc. Here we will just go over the standard and extended access lists for TCP/IP.
APS User Manual Fig. 27 Port ACL Configuration Parameter Description Port: Physical port of the switch. Policy ID: Select the Policy to apply to this port. The allowed vales are 1 through 8. The default value is 1. Action: Select whether forwarding is permitted (Permit) or denied (Deny). The default value is Permit. Rate Limiter ID: Select which rate limiter to apply on this port. The allowed values are Disabled or the values 1 through 16. The default value is Disabled.
APS User Manual Disabled: Frames received on the port are not mirrored. The default value is "Disabled". Logging: Specify the logging operation of this port. The allowed values are: Enabled: Frames received on the port are stored in the System Log. Disabled: Frames received on the port are not logged. The default value is Disabled. Please note that the System Log memory size and logging rate is limited. Shutdown: Specify the port shut down operation of this port.
APS User Manual 1.2.2-2 Rate Limiters The section describes how to configure the ACL Rate Limiting Parameters. Up to 16 different rate limits can be set and applied to individual ports. Rate Limits can be set in either pps (Packets Per Second) or Kbps (Kilo Bits Per Second). Only 1 rate limit can be applied to each port. Web Interface To configure the ACL Rate Limiters via the Web Interface: 1. Click Configuration, ACL and Rate Limiters. 2. Configure up to 16 Rate Limiters, using either pps or Kbps. 3.
APS User Manual Unit: Select to limit traffic in units of either pps (Packets Per Second) or Kbps (Kilo Bits Per Second). Reset Button: Used to reset unsaved changes to original configuration. Apply: Used to save the settings configured on this page.
APS User Manual 1.2.2-3 Access Control List The section describes how to configure Access Control List rules. An Access Control List (ACL) is a sequential list of permit or deny conditions that apply to IP addresses, MAC addresses, or other more specific criteria. This switch tests ingress packets against the conditions in an ACL one by one. A packet will be accepted as soon as it matches a permit rule, or dropped as soon as it matches a deny rule. If no rules match, the frame is accepted.
APS User Manual Fig. 29 Access Control List Rules Fig.
APS User Manual Parameter Description Ingress Port: Indicates the ingress port of the ACE. Possible values are: Any: The ACE will match any ingress port. Policy: The ACE will match ingress ports with a specific policy (Policy must be created in the Ports Section before it will appear in the list). Port: The ACE will match a specific ingress port. Policy / Bitmask: Indicates the Policy or Bitmask that the filter will match. Frame Type: Indicates the frame type of the ACE.
APS User Manual following buttons: Inserts a new ACE before the current row. Edits the ACE row. Moves the ACE up the list. Moves the ACE down the list. Deletes the ACE. The lowest plus sign adds a new entry at the bottom of the ACE listings. Refresh Button: Used to refresh the values displayed in the ACL section. Clear Button: Used to clear the selected ALC entry. Remove All: Used to remove all entries from the ACL list.
APS User Manual DMAC Filter: The type of destination MAC address. Options: Any, MC - multicast, BC broadcast, UC - unicast, Specific Default: Any Ethernet – EtherType Filter Parameters EtherType Filter: This option can only be used to filter Ethernet II formatted packets. Options: Any, Specific (600-ffff hex) Default: Any a detailed listing of Ethernet protocol types can be found in RFC1060. A few of the more common types include 0800 (IP), 0806(ARP), 8137 (IPX).
APS User Manual Target IP Filter: Specifies the destination IP address. Any: no target IP filter is specified Host: specifies the target IP address in the Target IP Address field. Network: specifies the target IP address and target IP mask in the Target IP Address and Target IP Mask fields Default: Any ARP SMAC Match: Specifies whether frames can be matched according to their sender hardware address (SHA) field settings. Any: any value is allowed. 0: ARP frames where SHA is not equal to the SMAC address.
APS User Manual 1: ARP/RARP frames where the PRO is equal to IP (0x800) must match this entry. Default: Any IPv4 – MAC Parameters DMAC Filter: The type of destination MAC address. Options: Any, MC - multicast, BC broadcast, UC - unicast, Specific Default: Any IPv4 – IP Parameters IP Protocol Filter: The type of destination MAC address. Options: Any, MC - multicast, BC broadcast, UC - unicast, Specific Default: Any The following additional fields are displayed when these protocol filters are selected.
APS User Manual TCP FIN: Specifies the TCP "No more data from sender" (FIN) value for this rule. Any: any value is allowed. 0: TCP frames where the FIN field is set must not match this entry. 1: TCP frames where the FIN field is set must match this entry. Default: Any TCP SYN: Specifies the TCP "Synchronize sequence numbers" (SYN) value for this rule. Any: any value is allowed. 0: TCP frames where the SYN field is set must not match this entry.
APS User Manual IP Fragment: Specifies the fragment offset settings for this rule. This involves the settings for the More Fragments (MF) bit and the Fragment Offset (FRAG OFFSET) field for an IPv4 frame. Any: any value is allowed. Yes: IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must match this entry. No: IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must not match this entry.
APS User Manual use ACL-based mirroring, enable the Mirror parameter on the ACE Configuration page. Then open the Mirror Configuration page, set the "Port to mirror on" field to the required destination port, and leave the "Mode" field Disabled. Logging: Enables logging of matching frames to the system log. Default: Disabled Open the System Log Information menu to view any entries stored in the system log for this entry. Related entries will be displayed under the "Info" or "All" logging levels.
APS User Manual 1.2.2-4 ACL Status The section displays the current ACL rules configured on the switch Web Interface To view the ACL Rate rules via the Web Interface: 1. Click Configuration, ACL and ACL Status. 2. If you would like the page to auto-refresh the ACL Information, check the Auto-Refresh tick box at the top of the page, or alternatively hit the refresh button to refresh the page manually. Fig. 31 Viewing the Access Control List Rules Parameter Description User: Indicates the ACL user.
APS User Manual IPv4: The ACE will match all IPv4 frames. IPv4/ICMP: The ACE will match IPv4 frames with ICMP protocol. IPv4/UDP: The ACE will match IPv4 frames with UDP protocol. IPv4/TCP: The ACE will match IPv4 frames with TCP protocol. IPv4/Other: The ACE will match IPv4 frames, which are not ICMP/UDP/TCP. IPv6: The ACE will match all IPv6 standard frames. Action: Indicates the forwarding action of the ACE. Permit: Frames matching the ACE may be forwarded and learned.
APS User Manual 1.2.3 Aggregation The APS Series switches support two types of link aggregation, Static Trunk and LACP. Static Trunk is a non-protocol based aggregation method where the connections are determined via source and destination MAC Addresses. LACP is an IEEE standardized protocol used to aggregate ports. Because it is an IEEE standard LACP trunking or aggregation can be used across multi-vendor equipment. By Aggregating ports between two devices this allows the bandwidth to be increased.
APS User Manual Fig. 32 Configuring a static trunk group Parameter Description Source MAC Address: Destination MAC Address: IP Address: The Source MAC address can be used to calculate the destination port for the frame. Check to enable the use of the Source MAC address, or uncheck to disable. By default, Source MAC Address is enabled. The Destination MAC Address can be used to calculate the destination port for the frame. Check to enable the use of the Destination MAC Address, or uncheck to disable.
APS User Manual Port Members: Each switch port is listed for each group ID. Select a radio button to include a port in a trunk group, or select normal to remove the port from a trunk group. By default, no ports belong to any trunk group. Only full duplex ports can join a trunk group and ports must be the same speed in each group. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.3-2 LACP Ports using Link Aggregation Control Protocol (according to IEEE 802.3ad specification) as their trunking method can choose their unique LACP Group ID to form a logical “trunked port”. The benefit of using LACP is that a port makes an agreement with its peer port before it becomes a ready member of a “trunk group” (also called aggregator). LACP is safer than other trunking methods, such as static trunking. 1.2.
APS User Manual Parameter Description Port: Physical port of the switch. LACP Enabled: Used to enable or disable LACP on the desired port. To enable LACP on an individual port check the tick box. Key: The Key is used to determine a specific trunk/aggregation group. The key can be generated automatically by the switch or you can enter a key manually. If entering manually valid values are 1 through to 65535. For multiple ports to belong to the same group the key must be the same on each port.
APS User Manual 1.2.3-2-2 System Status This section displays the current status of the LACP groups. Web Interface To view the LACP status via the Web Interface: 1. Click Configuration, Aggregation, LACP and System Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Parameter Description Fig. 34 LACP Status Aggr ID: The Aggregation ID associated with this aggregation instance.
APS User Manual 1.2.3-2-3 Port Status This section displays the current port status of the LACP groups. Web Interface To view the Port status via the Web Interface: 1. Click Configuration, Aggregation, LACP and Port Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Parameter Description Fig. 35 Port Status Port: Physical port of the switch.
APS User Manual Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
APS User Manual 1.2.3-2-4 Port Statistics This section displays the current port statistics relating to the LACP information. Web Interface To view the Port statistics via the Web Interface: 1. Click Configuration, Aggregation, LACP and Port Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 36 LACP Port Statistics Parameter Description Port: Physical port of the switch.
APS User Manual Refresh: Used to manually refresh the information on the page.
APS User Manual 1.2.4 Spanning Tree The Spanning Tree Protocol (STP) can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices (that is, an STP-compliant switch, bridge or router) in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
APS User Manual STP mode may be useful for supporting applications and protocols whose frames may arrive out of sequence or duplicated, for example NetBeui. RSTP Rapid Spanning Tree Protocol (RSTP) also creates a single spanning tree over a network. Compared with STP, RSTP provides for more rapid convergence to an active spanning tree topology. RSTP is defined in IEEE standard 802.1D-2004.
APS User Manual 1.2.4-1 Bridge Settings This section is used to configure the spanning tree bridge settings, allowing full configuration of all spanning tree parameters. Here you can select what Spanning Tree Protocol you would like the switch to use, STP, RSTP or MSTP. Web Interface To configure the Bridge Settings for STP via the Web Interface: 1. Click Configuration, Spanning Tree and Bridge Settings. 2. Select the required STP protocol and configure the appropriate basic and advanced STP parameters. 3.
APS User Manual MSTP operation, this is the priority of the CIST. Otherwise, this is the priority of the STP/RSTP Bridge. Default is 32768. Forward Delay: The delay used by STP Bridges to transit Root and Designated Ports to Forwarding state (used in STP compatible mode). Valid values are in the range 4 to 30 seconds. Default is 15 seconds. Max Age: The maximum age of the information transmitted by the Bridge, when it is the Root Bridge.
APS User Manual 1.2.4-2 MSTI Mapping This section is used to map VLAN’s to MSTI’s when using the MSTP protocol. MSTP enables the grouping and mapping of VLANs to different spanning tree instances. So, an MST Instance (MSTI) is a particular set of VLANs that are all using the same spanning tree. In a network where all VLANs span all links of the network, judicious choice of bridge priorities for different MSTIs can result in different switches becoming root bridges for different MSTIs.
APS User Manual Parameter Description Configuration Name: The name identifying the VLAN to MSTI mapping. Bridges must share the name and revision, as well as the VLAN-to-MSTI mapping configuration in order to share spanning trees for MSTI's (Intra-region). The name must be no more than 32 characters. Configuration Revision: The revision of the MSTI configuration. This must be an integer between 0 and 65535. MSTI: The bridge instance.
APS User Manual 1.2.4-3 MSTI Priorities This section is used to manually change the priority of the STP bridge instances. The CIST (Common and Internal Spanning Tree) is the default Bridge Instance when using MSTP and is always active. Any VLAN that has not been assigned to a MIST is assigned to the CIST. The lower the priority value, the higher the priority the bridge has. Web Interface To configure the MSTI Priorities for MSTP via the Web Interface: 1.
APS User Manual 1.2.4-4 CIST Ports This section is used to configure individual STP Parameters for each port. Here you can enable and disable STP on individual ports, configure the ports as AdminEdge ports, give certain ports higher priority than others and much more. Web Interface To configure the CIST Port Parameters via the Web Interface: 1. Click Configuration, Spanning Tree and CIST Ports. 2. Select and configure the appropriate settings. 3.
APS User Manual entered. The path cost is used when establishing the active topology of the network. Lower path cost ports are chosen as forwarding ports in favour of higher path cost ports. Valid values are in the range 1 to 200000000. Priority: Controls the port priority. This can be used to control priority of ports having identical port cost. Admin Edge: The Admin Edge function allows ports to be configured as Edge or Non-Edge ports.
APS User Manual Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page. 1.2.4-5 MSTI Ports This section is used to configure MSTI Port parameters. An MSTI Port is a virtual port and each MSTI has its own virtual port. The MSTI must be configured before the individual port configuration options can be applied.
APS User Manual Fig. 43 MSTI Port Configuration Parameter Description Port: Physical port of the switch. Path Cost: Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended values. Using a Specific setting, a user-defined value can be entered. The path cost is used when establishing the active topology of the network.
APS User Manual 1.2.4-6 Bridge Status This section is used to display the status information for each of the configured STP Bridges. Web Interface To view the Bridge Status via the Web Interface: 1. Click Configuration, Spanning Tree and Bridge Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 44 Bridge Status Information Parameter Description MSTI: The Bridge Instance.
APS User Manual Topology Flag: The current state of the Topology Change Flag of this Bridge instance. Topology Change Last: The time since the last Topology Change occurred. Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
APS User Manual 1.2.4-7 Port Status This section is used to display the status information for each of the configured STP CIST Ports. Web Interface To view the STP CIST Port Status via the Web Interface: 1. Click Configuration, Spanning Tree and Port Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 45 Port Status Information Parameter Description Port: Physical port of the switch.
APS User Manual Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
APS User Manual 1.2.4-8 Port Statistics This section is used to display the port statistics for of the configured STP CIST Ports. Web Interface To view the Port Statistics via the Web Interface: 1. Click Configuration, Spanning Tree and Port Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 46 Port Statistics Parameter Description Port: Physical port of the switch.
APS User Manual TCN: The number of (legacy) Topology Change Notification BPDU's received/transmitted on the port. Discarded Unknown: The number of unknown Spanning Tree BPDU's received (and discarded) on the port. Discarded Illegal: The number of illegal Spanning Tree BPDU's received (and discarded) on the port. Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
APS User Manual 1.2.5 IGMP Snooping IGMP Snooping is a way for Layer 2 switches to reduce the amount of multicast traffic on a LAN. Without IGMP Snooping, Layer 2 switches handle IP multicast traffic in the same manner as broadcast traffic and forward multicast frames received on one port to all other ports in the same VLAN.
APS User Manual group specific query asking whether any hosts still want to remain members of that specific group. If no hosts respond with join messages for that group, then the querier knows that there are no hosts on its LAN that are still members of that group. This means that for that specific group, it can ask to be pruned from the multicast tree. IGMP version 3 removed the Leave message. Instead a host leaves a group by sending a join message with no source specified.
APS User Manual Parameter Description Snooping Enabled: Enable IGMP Snooping on the switch. Unregister IPMCv4 Flooding Enabled: Enable unregistered IPMCv4 flooding enabled. IGMP SSM Range: SSM (Source –Specific Multicast) range allows SSM-aware hosts and routers that run the SSM service model to use groups in the configured address range. Format: / Proxy Enabled: Enable IGMP Proxy.
APS User Manual 1.2.5-2 VLAN Configuration This section is used to configure specific IGMP Settings for each of the configured VLAN groups. IGMP Snooping can be enable or disabled for every individual VLAN group. 20 VLAN groups will be displayed on the screen by default this can be increased to a maximum of 99. The VLAN with the lowest VID will be displayed at the top of the table. To browse to additional pages use the arrow keys at the top of the page.
APS User Manual Snooping Enabled: Enable IGMP Snooping for each individual VLAN group. A maximum of 32 VLAN’s can be enabled at any one time. IGMP Querier: A router is used to send IGMP query messages to IGMP enabled hosts. The IGMP router can also be called the IGMP Querier. This option is used to enable the IGMP Querier function on an individual VLAN.
APS User Manual 1.2.5-3 Port Group Filtering With this feature, you can filter multicast joins on a per-port basis by configuring IP multicast profiles and associating them with individual switch ports. An IGMP profile can contain one or more multicast groups and when applied to a port to deny access to that port on the configured multicast address.
APS User Manual Parameter Description Delete: Check to delete the entry, and click Apply save the changes and remove the selected entry. Port: Select the Port you would like to enable filtering for the configured Multicast address. Filtering Groups: Enter the IP Address of the Multicast group to be filtered. Valid values are 224.x.y.z to 239.x.y.z. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.5-4 Status This section is used to view the status of all configured IGMP parameters on the APS Series switches. Web Interface To view the IGMP Status via the Web Interface: 1. Click Configuration, IGMP Snooping and Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 50 IGMP Status Parameter Description VLAN ID: The VLAN ID of the entry.
APS User Manual V1 Reports Received: The number of Received V1 Reports. V2 Reports Received: The number of Received V2 Reports. V3 Reports Received: The number of Received V3 Reports. V2 Leaves Received: The number of Received V2 Leaves. Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
APS User Manual 1.2.5-5 Groups Information This section displays the learnt IGMP groups. The IGMP Group Table is sorted first by VLAN ID, and then by group. They will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached the text "No more entries" is shown in the displayed table. Use the button to start over. Web Interface To view the IGMP Group Information via the Web Interface: 1. Click Configuration, IGMP Snooping and Groups Information. 2.
APS User Manual Refresh: Used to manually refresh the information on the page. <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch.
APS User Manual 1.2.5-6 IPv4 SSM Information Source Specific Multicast (SSM) is a datagram delivery model that best supports one-to-many applications, also known as broadcast applications. SSM is a core network technology of IP multicast targeted for audio and video broadcast application environments. For the SSM delivery mode, an IP multicast receiver host must use IGMP Version 3 (IGMPv3) to subscribe to channel (S, G).
APS User Manual Fig. 52 IPv4 SSM information Parameter Description VLAN ID: The VLAN ID of the entry. Group: Multicast Group Address. Port: Physical port number of the switch. Mode: Indicates the filtering mode maintained per (VLAN ID, port number, Group Address) basis. It can be either Include or Exclude. Source Address: Source IP Address of the group, current limit on the system for filtering is 128 IP addresses. Type: Indicates the type, either Allow or Deny.
APS User Manual 1.2.6 MLD Snooping Multicast Listener Discovery (MLD) snooping constrains the flooding of IPv6 multicast traffic on VLANs on a switch. When MLD snooping is enabled on a VLAN, the APS Series Switches examine MLD messages between hosts and multicast routers and learn which hosts are interested in receiving traffic for a multicast group.
APS User Manual Fig. 53 MLD Snooping Configuration Parameter Description Snooping Enabled: Enable MLD Snooping on the switch. Unregister IPMCv6 Flooding Enabled: Enable unregistered IPMCv6 flooding enabled. MLD SSM Range: SSM (Source –Specific Multicast) range allows SSM-aware hosts and routers that run the SSM service model to use groups in the configured address range. Format: / Proxy Enabled: Enable MLD Proxy.
APS User Manual Throttling: Throttling is used to limit the amount of IPv6 multicast groups a switch port can belong to. Valid values are unlimited or 1 through to 10. Default is unlimited.
APS User Manual 1.2.6-2 VLAN Configuration This section is used to configure specific MLD Settings for each of the configured VLAN groups. MLD Snooping can be enabled or disabled for every individual VLAN group. 20 VLAN groups will be displayed on the screen by default this can be increased to a maximum of 99. The VLAN with the lowest VID will be displayed at the top of the table. To browse to additional pages use the arrow keys at the top of the page.
APS User Manual Snooping Enabled: Enable MLD Snooping for each individual VLAN group. A maximum of 32 VLAN’s can be enabled at any one time. MLD Querier: A router is used to send MLD query messages to MLD enabled hosts. The MLD router can also be called the MLD Querier. This option is used to enable the MLD Querier function on an individual VLAN.
APS User Manual 1.2.6-3 Port Group Filtering With this feature, you can filter multicast joins on a per-port basis by configuring IP multicast profiles and associating them with individual switch ports. An IGMP profile can contain one or more multicast groups and when applied to a port to deny access to that port on the configured multicast address.
APS User Manual Parameter Description Delete: Check to delete the entry, and click Apply save the changes and remove the selected entry. Port: Select the Port you would like to enable filtering for the configured Multicast address. Filtering Groups: Enter the IP Address of the Multicast group to be filtered. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.6-4 Status This section is used to view the status of all configured MLD parameters on the APS Series switches. Web Interface To view the MLD Status via the Web Interface: 1. Click Configuration, MLD Snooping and Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 56 MLD Status Parameter Description VLAN ID: The VLAN ID of the entry.
APS User Manual V1 Reports Received: The number of Received V1 Reports. V2 Reports Received: The number of Received V2 Reports. V1 Leaves Received: The number of Received V2 Leaves. Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
APS User Manual 1.2.6-5 Groups Information This section displays the learnt MLD groups. The MLD Group Table is sorted first by VLAN ID, and then by group. They will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached the text "No more entries" is shown in the displayed table. Use the button to start over. Web Interface To view the MLD Group Information via the Web Interface: 1. Click Configuration, MLD Snooping and Groups Information. 2.
APS User Manual Refresh: Used to manually refresh the information on the page. <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch.
APS User Manual 1.2.6-6 IPv6 SSM Information Source Specific Multicast (SSM) is a datagram delivery model that best supports one-to-many applications, also known as broadcast applications. SSM is a core network technology of IP multicast targeted for audio and video broadcast application environments. For the SSM delivery mode, an IP multicast receiver host must use IGMP Version 3 (IGMPv3) to subscribe to channel (S, G).
APS User Manual Parameter Description VLAN ID: The VLAN ID of the entry. Group: Multicast Group Address. Port: Physical port number of the switch. Mode: Indicates the filtering mode maintained per (VLAN ID, port number, Group Address) basis. It can be either Include or Exclude. Source Address: Source IP Address of the group, current limit on the system for filtering is 128 IP addresses. Type: Indicates the type, either Allow or Deny.
APS User Manual 1.2.7 MVR Multicast VLAN registration (MVR) allows you to efficiently distribute IPTV multicast streAPS across an Ethernet ring-based Layer 2 network and reduce the amount of bandwidth consumed by this multicast traffic. In a standard Layer 2 network, a multicast stream received on one VLAN is never distributed to interfaces outside that VLAN. If hosts in multiple VLANs request the same multicast stream, a separate copy of that multicast stream is distributed to the requesting VLANs.
APS User Manual Fig. 59 MVR Configuration Parameter Description MVR Mode: Used to enable or disable MVR globally on the switch. VLAN ID: Specify the VLAN ID used for Multicasting. Port: Physical port of the switch. Mode: Enable MVR on a per port basis. Type: Specify the port type, this can be either Receiver or Source. When set to source, the port should be connected to a device that is sending the multicast stream.
APS User Manual 1.2.7-2 Groups Information This section displays the learnt MVR groups. The MVR Group Table is sorted first by VLAN ID, and then by group. They will use the last entry of the currently displayed table as a basis for the next lookup. When the end is reached the text "No more entries" is shown in the displayed table. Use the button to start over. Web Interface To view the MVR Group Information via the Web Interface: 1. Click Configuration, MVR and Groups Information. 2.
APS User Manual Refresh: Used to manually refresh the information on the page. <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch. 1.2.7-3 Statistics This section is used to view the statistics of all configured MVR parameters on the APS Series switches. Web Interface To view the MVR Statistics via the Web Interface: 1. Click Configuration, MVR and Statistics. 2.
APS User Manual V3 Reports Received: The number of Received V3 Reports. V2 Leaves Received: The number of Received V2 Leaves. Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
APS User Manual 1.2.8 LLDP LLDP enables Ethernet network devices, such as switches and routers, to transmit and/or receive device-related information to or from directly connected devices on the network, and to store such information learned about other devices. The data sent and received by LLDP is useful for many reasons. The switch can discover neighbours—other devices directly connected to it.
APS User Manual Fig. 62 LLDP Configuration Parameter Description Tx Interval: The switch will periodically transmit LLDP frames to its neighbours to ensure the discovery information is kept up to date. The interval between each LLDP frame is determined by the Tx Interval value. Valid values are restricted to 5 – 32768 seconds. Tx Hold: Each LLDP frame contains information about how long the information in the LLDP frame shall be considered valid.
APS User Manual Port: Physical port of the switch. Mode: Used to select the LLDP mode for each port. RX Only – The switch will not transmit LLDP frames from this port, but is able to receive LLDP frames from other devices. TX Only – Any received LLDP frames will be dropped, but the switch is able to send LLDP frames. Disabled – The switch will drop incoming LLDP frames and will not transmit LLDP information. Enabled – The switch can send and receive LLDP frames.
APS User Manual 1.2.8-2 LLDP Neighbors This section is used to display the neighbors that have been discovered by the APS Series switch. Web Interface To view the LLDP neighbors via the Web Interface: 1. Click Configuration, LLDP and LLDP Neighbors. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig.
APS User Manual System Capabilities: System Capabilities describes the neighbour unit's capabilities. The possible capabilities are: Other, Repeater, Bridge, WLAN Access Point, Router, Telephone, DOCSIS cable device, Station only or Reserved. When a capability is enabled, the capability is followed by (+). If the capability is disabled, the capability is followed by (-). System Description: System Description is the port description advertised by the neighbour unit.
APS User Manual 1.2.8-3 LLDP-MED Configuration Media Endpoint Discovery is an enhancement of LLDP, known as LLDP-MED that provides the following facilities: Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority and Differentiated services (Diffserv) settings) enabling plug and play networking. Device location discovery to allow creation of location databases and, in the case of Voice over Internet Protocol (VoIP), Enhanced 911 services.
APS User Manual Fig. 64 LLDP-MED Configuration Parameter Description Fast Start Repeat Count: Rapid startup and Emergency Call Service Location Identification Discovery of endpoints is a critically important aspect of VoIP systems in general.
APS User Manual given that 4 LLDP frames with a 1 second interval will be transmitted, when an LLDP frame with new information is received. It should be noted that LLDP-MED and the LLDP-MED Fast Start mechanism is only intended to run on links between LLDP-MED Network Connectivity Devices and Endpoint Devices, and as such does not apply to links between LAN infrastructure elements, including Network Connectivity Devices, or other types of links.
APS User Manual Country Code: The two-letter ISO 3166 country code in capital ASCII letters - Example: DK, DE or US. State: National subdivisions (state, canton, region, province, prefecture). County: County, parish, gun (Japan), district. City: City, township, shi (Japan) - Example: Melbourne. City District: City division, borough, city district, ward, chou (Japan). Block: Neighbourhood, block. Street: Street name. Leading Street Direction: Leading street direction - Example: N.
APS User Manual Emergency Call Service: Emergency Call Service (e.g. 000 and others), such as defined by TIA or NENA. Policies: Network Policy Discovery enables the efficient discovery and diagnosis of mismatch issues with the VLAN configuration, along with the associated Layer 2 and Layer 3 attributes, which apply for a set of specific protocol applications on that port.
APS User Manual Policy ID: ID for the policy. This is auto generated and shall be used when selecting the policies that shall be mapped to the specific ports. Application Type: Intended use of the application types: 1. Voice - for use by dedicated IP Telephony handsets and other similar appliances supporting interactive voice services. These devices are typically deployed on a separate VLAN for ease of deployment and enhanced security by isolation from data applications. 2.
APS User Manual 8. Video Signalling (conditional) - for use in network topologies that require a separate policy for the video signalling than for the video media. This application type should not be advertised if all the same network policies apply as those advertised in the Video Conferencing application policy. Tag: Tag indicating whether the specified application type is using a 'tagged' or an 'untagged' VLAN.
APS User Manual 1.2.8-4 LLDP-MED Neighbors This page provides a status overview of all LLDP-MED neighbors. The displayed table contains a row for each port on which an LLDP neighbour is detected. This function applies to VoIP devices which support LLDP-MED. Web Interface To view the LLDP-MED neighbors that have been learnt from the switch via the Web Interface: 1. Click Configuration, LLDP and LLDP-MED Neighbors. 2.
APS User Manual Devices. An LLDP-MED Network Connectivity Device is a LAN access device based on any of the following technologies: 1. LAN Switch/Router 2. IEEE 802.1 Bridge 3. IEEE 802.3 Repeater (included for historical reasons) 4. IEEE 802.11 Wireless Access Point 5. Any device that supports the IEEE 802.1AB and MED extensions defined by TIA-1057 and can relay IEEE 802 frames via any method.
APS User Manual Discovery services defined in this class include media-type-specific network layer policy discovery. LLDP-MED Communication Endpoint (Class III): LLDP-MED Capabilities: Application Type: The LLDP-MED Communication Endpoint (Class III) definition is applicable to all endpoint products that act as end user communication appliances supporting IP media.
APS User Manual 4. Guest Voice Signalling - for use in network topologies that require a different policy for the guest voice signalling than for the guest voice media. 5. Softphone Voice - for use by softphone applications on typical data centric devices, such as PCs or laptops. 6. Video Conferencing - for use by dedicated Video Conferencing equipment and other similar appliances supporting real-time interactive video/audio services. 7.
APS User Manual Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
APS User Manual 1.2.8-5 EEE This page provides an overview of EEE information exchanged by LLDP. Web Interface To view the LLDP EEE information that has been discovered from the switch via the Web Interface: 1. Click Configuration, LLDP and EEE. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig.
APS User Manual savings, this provides the transmitter with additional information that it may use for a more efficient allocation. Systems that do not implement this option default the value to be the same as that of the Receive Tw_sys_tx. Echo Tx Tw: The link partner's Echo Tx Tw value. The respective echo values shall be defined as the local link partner’s reflection (echo) of the remote link partners respective values.
APS User Manual 1.2.8-6 Port Statistics This section displays two types of counters. Global counters are counters that refer to the whole switch, while local counters refer to per port counters for the currently selected switch. Web Interface To view the LLDP Port Statistics from the switch via the Web Interface: 1. Click Configuration, LLDP and Port Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3.
APS User Manual Total Neighbours Entries Dropped: Shows the number of new entries dropped since switch reboot. Total Neighbours Entries Aged Out: Shows the number of entries deleted due to Time-To-Live expiring. Local Port: The Port on which LLDP frames are received or transmitted. Tx Frames: The number of LLDP frames transmitted on the port. Rx Frames: The number of LLDP frames received on the port. Rx Errors: The number of received LLDP frames containing some kind of error.
APS User Manual 1.2.9 POE PoE or Power over Ethernet is an IEEE standard used to pass electrical power along with data over standard Ethernet Cable. Utilising 2 of the 4 pairs of an Ethernet Cable PoE provides up to 15.4W (IEEE 802.3af) or 25.5W (IEEE 802.3at) of power. PoE is used to power devices such as IP Phones, Wireless Access Points and IP Cameras.
APS User Manual Fig. 68 PoE Configuration Parameter Description Primary Power Supply: This is a read only value and displays the total power available for PoE power. Retry Time: The time before the switch will try and negotiate the supply of power to a connected device. Port: Physical port of the switch. PoE Mode: Used to enable or disable PoE on the selected port. Priority: A priority can be set per port.
APS User Manual 1.2.9-2 Status This section is used display the PoE status of each of the ports. Information such as the PoE Class and how much power the device is using can be viewed here. Web Interface To view the status of each PoE Port via the Web Interface: 1. Click Configuration, PoE and Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig.
APS User Manual Power Used: The actual power being drawn by the connected PoE device. Current Used: Displays the current being drawn by the connected PoE device. Priority: The current priority set for the port. Port Status: Displays the status of the port. No PD Detected: No PoE device is connected to the port. PoE Turned On: Indicates that a PoE device is connected to the port and is drawing power.
APS User Manual 1.2.9-3 Power Delay This section is used to configure time periods in which particular ports will power on the connected PoE devices. Web Interface To configure the PoE Power Delay function via the Web Interface: 1. Click Configuration, PoE and Power Delay. 2. Enable or Disable the Power Delay function for each port and set the delay period in seconds. 3. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig.
APS User Manual Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.9-4 Auto Checking The APS Series PoE switches have a feature that allows the administrator to constantly monitor the PD device connected to the switch. Periodically it will ping the device, if there is no response the switch can reboot the device. Web Interface To configure the PoE Auto Checking function via the Web Interface: 1. Click Configuration, PoE and Auto Checking. 2. Enter the IP Address and time intervals into the sections provided. 3.
APS User Manual Retry Time: How many times the switch will try and ping the device before the failure is logged and the Failure Action is implemented. Default is 3. Failure Log: Displays the amount of errors and the amount of times the device has entered the failure state. Failure Action: Select the appropriate action to be performed once the PD device cannot be detected. Options are Nothing and Reboot Remote PD.
APS User Manual 1.2.9-5 Scheduling The APS Series PoE switches support a PoE Scheduling feature that allows the administrator to power off devices when they are not in use. This can be used as a power saving feature to limit the amount of power draw of the switch. Web Interface To configure the PoE Scheduling function via the Web Interface: 1. Click Configuration, PoE and Scheduling. 2. Select the port from the drop down box and select to enable or disable the scheduling feature. 3.
APS User Manual Select All: This is used to enable the device to be powered on at all times. Time and Day: Select the appropriate time and day by selecting the check boxes. By selecting these check box it states when the device will be powered on. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.10 Filtering Data Base Switching of frames is based upon the Destination MAC address contained in the frame. The switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the Destination MAC address in the frame). This table contains both static and dynamic entries.
APS User Manual Parameter Description Aging Configuration: By default, dynamic entries are removed from the MAC table after 300 seconds. This removal is also called aging. Configure aging time by entering a value here in seconds. The allowed range is 10 to 1000000 seconds. Disable the automatic aging of dynamic entries by checking Disable automatic aging.
APS User Manual 1.2.10-2 Dynamic MAC Table Entries in the MAC Table are shown on this page. The MAC Table contains up to 8192 entries, and is sorted first by VLAN ID, then by MAC address. Web Interface To view the MAC Address that have been learnt by the switch via the Web Interface: 1. Click Configuration, Filtering Database and Dynamic MAC Table. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information.
APS User Manual 1.2.11 VLAN The virtual LAN (VLAN) allows you to group physically separate users into the same broadcast domain. The use of VLANs improves security, segmentation, and flexibility. The use of VLANs also decreases the cost of arranging users, because no extra cabling is required. VLANs allow an administrator to define user groups logically rather than by their physical locations.
APS User Manual Fig. 75 VLAN Membership Parameter Description Delete: To delete a VLAN entry, tick the check box next to the corresponding VLAN entry. After you press the Apply the entry will be deleted. VLAN ID: The VLAN ID of the entry. VLAN Name: Enter a descriptive name for the VLAN. VLAN Names can contain alphanumeric characters. Port Members: A row of check boxes for each port is displayed for each VLAN ID. To include a port in a VLAN, check the box.
APS User Manual 1.2.11-2 Ports This section is used to configure Port specific parameters for your VLAN’s. Here we can configure a port as a Tagged (Trunk) or Untagged (Access) port or as a Hybrid port allowing both tagged and untagged frames. Web Interface To configure the Port settings via the Web Interface: 1. Click Configuration, VLAN and Ports. 2. Configure the parameters required for all ports. 3. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig.
APS User Manual Port Type: There are several port types that can be selected depending on the role of the port. The port type available are Unaware, (Customer) C-Port, (Service) S-Port and S-Custom Port: Unaware – This port type can be used when the configured port is an untagged port. All received packets will be tagged with the corresponding PVID. This port type can also be used when using Q-in-Q VLAN’s as this port type will allow a Tagged Port to re-Tagged for Q-in-Q, as long as the TPID is 0x8100.
APS User Manual not a member of the classified VLAN of the frame, the frame is discarded. By default, ingress filtering is disabled. Frame Type: Determines whether the port accepts all frames or only tagged/untagged frames. This parameter affects VLAN ingress processing. If the port only accepts tagged frames, untagged frames received on the port are discarded. By default, the field is set to All.
APS User Manual 1.2.11-3 Switch Status This section is used to view the currently configured VLAN groups. VLAN groups which have been learnt from other protocols such as GVRP can also be viewed here. Web Interface To view the current VLAN groups via the Web Interface: 1. Click Configuration, VLAN and Switch Status. 2. If you want to view specific VLAN groups based on a particular protocol, select the protocol from the drop down box near the top of the page.
APS User Manual Refresh: Used to manually refresh the information on the page. <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch.
APS User Manual 1.2.11-4 Port Status This section is used to view the port specific values relating to the VLAN information. Web Interface To view the current Port Information via the Web Interface: 1. Click Configuration, VLAN and Port Status. 2. If you want to view specific Port information based on a particular protocol used, select the protocol from the drop down box near the top of the page. Only Port Information relating to that protocol will be displayed. 3.
APS User Manual Port Type: Displays the currently configured port type, values are unaware, C-Port, SPort and S-Custom-Port. For a full explanation of these parameters see section 1.2.10-2. Ingress Filtering: Displays whether the port has ingress filtering enabled or disabled. Frame Type: Displays what type of packets can be received by the port, Tagged, UnTagged or All. Tx Tag: Displays whether outgoing packets are tagged or untagged. UVID: Displays the UVID (Untagged VID).
APS User Manual 1.2.11-5 Private VLAN A private VLAN allows the administrator to configure a VLAN which contains switch ports that are restricted, such that they can only communicate with a given uplink port. The restricted ports are called private ports. Each private VLAN typically contains many private ports, and a single uplink. The uplink will typically be a port (or link aggregation group) connected to a router, firewall, server, provider network, or similar central resource.
APS User Manual Fig. 79 Private VLAN Membership Parameter Description Delete: To delete a Private VLAN entry, tick the box and press the Apply button. PVLAN ID: Indicates the VLAN ID of the private VLAN. Port Members: Displays the port members that belong to a particular VLAN group. If the check box it ticked it means that port belongs to that VLAN group. Add New Private VLAN: Click to add a new private VLAN. An empty row is added to the table, and the private VLAN can be configured as needed.
APS User Manual 1.2.11-5-2 Port Isolation Port Isolation allows the administrator to configure ports so they can only communicate with certain ports, even though they are in the same VLAN group. A typical scenario is where you need to block all ports from communicating with each other, but allow all ports to communicate with a single uplink port. This section is used to configure how each port will communicate with other ports within the same private VLAN.
APS User Manual 1.2.11-6 MAC-based VLAN One of the most common ways of grouping VLAN members is by port, hence the name port-based VLAN. Typically, the device adds the same VLAN tag to untagged packets that are received through the same port. Later on, these packets can be forwarded in the same VLAN. Port-based VLAN’s are easy to configure, and applies to networks where the locations of terminal devices are relatively fixed.
APS User Manual Fig. 81 MAC-based VLAN Configuration Parameter Description Delete: To delete a MAC-based VLAN entry, check this box and press Apply. The entry will be deleted on the selected switch. MAC Address: Indicates the MAC Address. VLAN ID: Indicates the VLAN ID. Port Members: A row of check boxes for each port is displayed for each MAC-based VLAN entry. To include a port in a MAC-based VLAN, check the box. To remove or exclude the port from the MAC-based VLAN, make sure the box is unchecked.
APS User Manual 1.2.11-6-2 Status This section displays the current MAC-based VLAN groups configured on the switch. Web Interface To view the MAC-based VLAN groups via the Web Interface: 1. Click Configuration, VLAN, MAC-based VLAN’s and Status. 2. Select to view Combined, Static or NAS based MAC entries by using the drop down box near the top of the screen. 3. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 4. Click Refresh to manually refresh the information.
APS User Manual 1.2.11-7 Protocol-based VLAN This section describes Protocol -based VLAN, the APS Series support Protocols including Ethernet LLC and SNAP. LLC The Logical Link Control (LLC) data communication protocol layer is the upper sub-layer of the Data Link Layer (which is itself layer 2, just above the Physical Layer) in the seven-layer OSI reference model.
APS User Manual Fig. 83 Protocol-based VLAN’s Parameter Description Delete: To delete a Protocol-based VLAN entry, check this box and press Apply. The entry will be deleted on the selected switch. Frame Type: Select the frame type for the group, valid values are Ethernet, LLC and SNAP. NOTE: Once you change the Frame type field, the valid value of the following text field will vary depending on the new frame type you have selected.
APS User Manual a. OUI: OUI (Organizationally Unique Identifier) is value in format of xx-xx-xx where each pair (xx) in string is a hexadecimal value ranges from 0x00-0xff. b. PID: If the OUI is hexadecimal 000000, the protocol ID is the Ethernet type (EtherType) field value for the protocol running on top of SNAP; if the OUI is an OUI for a particular organization, the protocol ID is a value assigned by that organization to the protocol running on top of SNAP.
APS User Manual 1.2.11-7-2 Group to VLAN This section is used to map the groups configured in section 1.2.10-7-1 to a VLAN Group. Web Interface To map the protocol group to a VLAN group via the Web Interface: 1. Click Configuration, VLAN, Protocol-based VLAN’s and Group to VLAN. 2. Specify the Group Name and enter a valid VLAN ID. 3. Select the required ports for the group, by ticking the check box corresponding to the port number. 4.
APS User Manual VLAN ID: Indicates the ID to which the Group Name will be mapped. A valid VLAN ID ranges from 1-4095. Port Members: A row of check boxes for each port is displayed for each Group Name to VLAN ID mapping. To include a port in a mapping, check the box. To remove or exclude the port from the mapping, make sure the box is unchecked. By default, no ports are members, and all boxes are unchecked. Add New Entry: Click to add a new entry to the mapping table.
APS User Manual 1.2.12 Voice VLAN The Voice VLAN function is used for networks where both data and voice traffic are running on the same network. By using a dedicated VLAN for voice traffic it allows the administrator to prioritize this traffic to ensure voice quality is kept to an optimum level. 1.2.12-1 Configuration This section is used to configure the Voice VLAN settings on the APS Series switches. The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone.
APS User Manual Fig. 85 Voice VLAN Configuration Parameter Description Mode: Select to enable or disable the Voice VLAN function. Please Note: MSTP must be disabled when using Voice VLAN to avoid conflicting ingress filtering information. VLAN ID: Specify a unique VLAN ID for the voice VLAN. This VLAN ID cannot be the same as any other VLAN ID configured on the switch. The allowed range is 1 to 4095. Aging Time: Indicates the Voice VLAN secure learning aging time.
APS User Manual Auto: Will auto detect whether an IP Phone is connected to the port and will automatically join the Voice VLAN. Forced: Will force the port to be part of the Voice VLAN. Security: Used to enable or disable the Voice VLAN port security mode. When the function is enabled, all non-IP Phone MAC addresses in the Voice VLAN will be blocked for 10 seconds. Discovery Protocol: Indicates the Voice VLAN port discovery protocol. It will only work when auto detect mode is enabled.
APS User Manual 1.2.12-2 OUI This section is used to configure the Voice VLAN OUI table. The maximum number of entries is 16. Modifying the OUI table will restart auto detection of OUI process. Web Interface To configure the Voice VLAN OUI settings via the Web Interface: 1. Click Configuration, Voice VLAN and OUI. 2. Click Add New Entry to add additional OUI information. 3. Specify the OUI and Description. 4. Click the Apply button to save your changes or the Reset button to revert to previous settings.
APS User Manual Description: The description of OUI address. Normally, it describes which vendor telephony device it belongs to. The allowed string length is 0 to 32. Add New Entry: Click to add a new entry to the Voice VLAN OUI table. An empty row is added to the table, please enter the Telephony OUI and Description. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.13 GARP The Generic Attribute Registration Protocol (GARP) provides a generic framework whereby devices in a bridged LAN, e.g. end stations and switches, can register and de-register attribute values, such as VLAN Identifiers, with each other. In doing so, the attributes are propagated to devices in the bridged LAN, and these devices form a reachability tree that is a subset of an active topology.
APS User Manual Fig. 87 GARP Configuration Parameter Description Port: Physical port of the switch. Timer Values: To set the GARP Join Timer, Leave Timer and Leave All Timer, the units are set in micro seconds. Join Timer: The default value for the Join Timer is 200ms. Leave Timer: The default value for the Leave Timer is 600ms. Valid values are 600 to 1000ms. Leave All Timer: The default value for the Leave All Timer is 10000ms. Application: The only supported application currently is GVRP.
APS User Manual Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.13-2 Statistics This page allows you to view the GARP Statistics for all switch ports. Web Interface To view the GARP Statistics via the Web Interface: 1. Click Configuration, GARP and Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 88 GARP Statistics Parameter Description Port: Physical port of the switch.
APS User Manual 1.2.14 GVRP The GARP VLAN Registration Protocol (GVRP) allows network devices to share VLAN information and to use the information to modify existing VLANs or create new VLANs, automatically. This makes it easier to manage VLANs that span more than one switch. Without GVRP, you have to manually configure your switches to ensure that the various parts of the VLANs can communicate with each other across the different switches.
APS User Manual 3. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig. 89 GVRP Configuration Parameter Description GVRP Mode: Used to enable or disable GVRP globally for the switch. Port: Physical port of the switch. GVRP Mode: Here you can enable or disable GVRP for a particular port. GVRP rrole: This parameter controls if the VLAN registration on the port is restricted or not.
APS User Manual 1.2.14-2 Statistics This page allows you to view the GVRP Statistics for all switch ports. Web Interface To view the GVRP Statistics via the Web Interface: 1. Click Configuration, GVRP and Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 90 GVRP Statistics Parameter Description Port: Physical port of the switch.
APS User Manual 1.2.15 QoS The APS Series switches support four QoS queues per port with strict or weighted fair queuing scheduling. It supports QoS Control Lists (QCL) for advance programmable QoS classification, based on IEEE 802.1p, Ethertype, VID, IPv4/IPv6 DSCP and UDP/TCP ports and ranges. High flexibility in the classification of incoming frames to a QoS class.
APS User Manual Fig. 91 QoS Port Classification Parameter Description Port: Physical port of the switch. QoS Class: Controls the default QoS class, i.e., the QoS class for frames not classified in any other way. There is a one to one mapping between QoS class, queue and priority. A QoS class of 0 (zero) has the lowest priority.
APS User Manual DSCP Based: Click to Enable DSCP Based QoS Ingress Port Classification. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page. 1.2.15-2 Port Policing This section provides an overview of QoS Ingress Port Policers for all switch ports The Port Policing is useful in constraining traffic flows and marking frames above specific rates.
APS User Manual Parameter Description Port: Physical port of the switch. Mode: Check the box next to the corresponding port to enable Ingress port policing. Rate: Set the Rate that you want to limit the ingress bandwidth to. Default vale is 500. Unit: Select the required speed type in units of kbps, Mbps, fps or kfps. Flow Control: Check the box to enable Flow Control on the selected port. Reset Button: Used to reset unsaved changes to original configuration.
APS User Manual Fig. 93 Port Scheduling Fig.
APS User Manual Fig. 95 Port Scheduling – Weighted Parameter Description QoS Egress Port Schedulers Port: Physical port of the switch. Mode: Displays the configured Mode type, Strict Priority or Weighted. Weight (Q0-5): Shows the current weight for this queue and corresponding port. QoS Egress Port Scheduler and Shapers (Strict Priority) Scheduler Mode: Select the required Scheduler Mode for the port, Strict Priority or Weighted.
APS User Manual Port Shaper Rate: Enter the required bandwidth rate, maximum values are based on the speed on the port. If running at 1Gb, 1000000 Kbps or 1000Mbps. Default value is 500. Port Shaper Unit: Select whether the shaping rate is measured in kbps or Mbps. Default is kbps. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.15-4 Port Shaping This section provides an overview of QoS Egress Port shaping for all switch ports. Web Interface To configure the QoS Port Shaping settings via the Web Interface: 1. Click Configuration, QoS and Port Shaping. 2. Click on the required port to configure the shaping options. 3. You will now be prompted with another screen, here you can select to use Strict Priority or Weighted. 4.
APS User Manual Fig. 97 Port Shaping – Strict Priority Fig. 98 Port Shaping – Weighted Parameter Description QoS Egress Port Shapers Port: Physical port of the switch.
APS User Manual Mode: Displays the configured Mode type, Strict Priority or Weighted. Weight (Q0-5): Shows the current weight for this queue and corresponding port. QoS Egress Port Scheduler and Shapers (Strict Priority) Scheduler Mode: Select the required Scheduler Mode for the port, Strict Priority or Weighted. Queue Shaper Enable: Tick the box next to the appropriate queue to enable the Queue Shaper.
APS User Manual Queue Scheduler Weight: Controls the weight of the queue. This is a percentage of total bandwidth available, valid values 1 to 100. Default is 17. Queue Scheduler Percent: Shows the weight in percent for this queue. Port Shaper Enable: Tick the box to enable Port shaping on the selected port. Port Shaper Rate: Enter the required bandwidth rate, maximum values are based on the speed on the port. If running at 1Gb, 1000000 Kbps or 1000Mbps. Default value is 500.
APS User Manual 1.2.15-5 Port Tag Remarking This section provides an overview of QoS Egress Port Tag Remarking all switch ports. Web Interface To configure the QoS Port Tag Remarking settings via the Web Interface: 1. Click Configuration, QoS and Port Tag Remarking. 2. Click on the port you want to configure. 3. Select the required Mode, Classified, Default or Mapped. 4. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig.
APS User Manual Fig. 100 Port Tag Remarking – Classified Mode Fig.
APS User Manual Fig. 102 Port Tag Remarking – Mapped Mode Parameter Description Port: Physical port of the switch. Mode: Shows the tag remarking mode for this port. Classified: Use classified PCP/DEI values. Default: Use default PCP/DEI values. Mapped: Use mapped versions of QoS class and DP level. Tag Remarking Mode (Classified): When set to Classified no configuration is necessary. Tag Remarking Mode (Default): When set to Default the Administrator can manually set the PCP and DEI Values.
APS User Manual 1.2.15-6 Port DSCP This section provides an overview of QoS Port DSCP settings for all switch ports. Web Interface To configure the QoS Port DSCP settings via the Web Interface: 1. Click Configuration, QoS and Port DSCP. 2. Check the tick box next to each corresponding port to enable the DSCP feature. 3. Specify the Ingress Classify parameter and whether the Egress packets will be rewritten. 4. Click the Apply button to save your changes or the Reset button to revert to previous settings.
APS User Manual enabled as specified in DSCP Translation window for the specific DSCP. All: Classify all DSCP values. Egress Rewrite: DSCP Values can be rewritten based on the below parameters: Disable: No Egress rewrite. Enable: Rewrite enable without remapping the DSCP value. Remap DP Unaware: Frame with DSCP from analyser is remapped and remarked with the remapped DSCP value. The mapped DSCP value is always taken from the DSCP Translation table.
APS User Manual 1.2.15-7 DSCP-based QoS This section is used to configure DSCP-based QoS settings for all switch ports. Web Interface To configure the DSCP-based QoS settings via the Web Interface: 1. Click Configuration, QoS and DSCP-based QoS. 2. Specify whether the DSCP value is trusted, and set the corresponding QoS value and DP level used for ingress processing. 3. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig.
APS User Manual DPL: Drop Precedence Level to which the corresponding DSCP value is classified for ingress processing. Range: 0-1, where 1 is the higher drop priority; Default value is 0. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.15-8 DSCP Translation This section is used to configure DSCP translation for ingress traffic or DSCP re-mapping for egress traffic. Web Interface To configure the DSCP Translation settings via the Web Interface: 1. Click Configuration, QoS and DSCP Translation. 2. Set the required ingress translation and egress re-mapping parameters. 3. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig.
APS User Manual Egress Remap DP0: Re-maps DP0 field to selected DSCP value. DP0 indicates a drop precedence with a low priority. Egress Remap DP1: Re-maps DP1 field to selected DSCP value. DP1 indicates a drop precedence with a high priority. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.15-9 DSCP Classification This section is used to map DSCP values to a QoS class and drop precedence level. Web Interface To configure the DSCP Classification settings via the Web Interface: 1. Click Configuration, QoS and DSCP Classification. 2. Map the DSCP values to a corresponding QoS class and drop precedence level. 3. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig.
APS User Manual 1.2.15-10 QoS Control List Use the QoS Control List Configuration page to configure Quality of Service policies for handling ingress packets based on Ethernet type, VLAN ID, TCP/UDP port, DSCP, ToS, or VLAN priority tag. Once a QCE is mapped to a port, traffic matching the first entry in the QoS Control List is assigned to the QoS class, drop precedence level, and DSCP value defined by that entry. Traffic not matching any of the QCEs are classified to the default QoS Class for the port.
APS User Manual Fig. 108 Adding a QoS Control List Entry Parameter Description QCE: Quality Control Entry Index. Port: Physical port of the switch. Frame Type: Indicates the type of frame to look for in incoming frames. Possible frame types are: Any, Ethernet, LLC, SNAP, IPv4, and IPv6. SMAC: The OUI field of the source MAC address, i.e. the first three octets (bytes) of the MAC address. DMAC: The type of destination MAC address. Possible values are: Any, Broadcast, Multicast, and Unicast.
APS User Manual queue corresponding to the specified QoS class. DPL – The drop precedence level will be set to the specified value. DSCP – The DSCP value will be set the specified value. Inserts a new QCE before the current row. Edits the QCE. Moves the QCE up the list. Moves the QCE down the list. Deletes the QCE. The lowest plus sign adds a new entry at the bottom of the QCE listings Fig. 109 Functions of QCE Control Buttons QCE Configuration: Port Members – The ports assigned to this entry.
APS User Manual Frame Type: The supported Frame Types are listed below: Any – Allow all types of frames. Ethernet – This option can only be used to filter Ethernet II formatted packets. Options: Any, Specific – 600-ffff hex; Default: ffff Note that 800 (IPv4) and 86DD (IPv6) are excluded. A detailed listing of Ethernet protocol types can be found in RFC1060. A few of the more common types include 0800 (IP), 0806(ARP), 8137 (IPX).
APS User Manual DSCP – Diffserv Code Point value. (Options: Any, specific value of 0-63, BE, CS1-CS7, EF or AF11-AF43, or Range; Default: Any) IPv6 – IPv6 frame type includes the same settings as those used for IPv4, except for the Source IP. When configuring a specific IPv6source address, enter the least significant 32 bits (a.b.c.d) using the same type of mask as that used for an IPv4 address. Sport – Source TCP/UDP port. (Any, Specific/Range: 0-65535) Dport – Destination TCP/UDP port.
APS User Manual 1.2.15-11 QCL Status Displays the current QCL (QoS Control List) entries configured on the switch. Web Interface To view the QCL via the Web Interface: 1. Click Configuration, QoS and QCL Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 110 QoS Control List Status Parameter Description User: Displays the QCL user type. QCE#: Displays the QCE Index number.
APS User Manual Refresh: Used to manually refresh the information on the page. Resolve Conflict: Click to resolve any current QCE conflicts that have occurred.
APS User Manual 1.2.15-12 Storm Control Use the Storm Control Configuration page to set limits on broadcast, multicast and unknown unicast traffic to control traffic storms which may occur when a network device is malfunctioning, the network is not properly configured, or application progrAPS are not well designed or properly configured. Traffic storms caused by any of these problems can severely degrade performance or bring your network to a complete halt.
APS User Manual Parameter Description Frame Type: Specifies broadcast, multicast or unknown unicast traffic. Status: Enables or Disables Storm Control. Rate (pps): The threshold above which packets are dropped. This limit can be set by specifying a value in pps, or by selecting one of the options in Kpps (i.e., marked with the suffix "K").
APS User Manual 1.2.16 s-Flow Agent The APS Series switches support s-Flow network monitoring. sFlow is a sampling technology that meets the key requirements for a network traffic monitoring solution: sFlow provides a network-wide view of usage and active routes. It is a scalable technique for measuring network traffic, collecting, storing, and analyzing traffic data. This enables tens of thousands of interfaces to be monitored from a single location.
APS User Manual 3. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig. 112 s-Flow Agent Collector Settings Parameter Description Receiver ID: The "Receiver ID" input field allows the user to input the receiver ID. Currently one ID is supported as one collector is supported. IP Type: Here you can select to whether the Collector has an IPv4 or IPv6 Address. IP Address: Enter the IP Address of the s-Flow Agent Collector.
APS User Manual Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page. 1.2.16-2 Sampler This section is used to configure the s-Flow sampling rate that is sent to the receiver. An average of 1 out of N packets/operations is randomly sampled.
APS User Manual Fig. 114 s-Flow Agent Sampler Port Settings Parameter Description s-Flow Ports: Displays the ports that s-Flow is configured. s-Flow Instance: Configured sFlow instance for the port number. Sampler Type: Sampler types available are None, RX, TX and All. Default is None. Sampling Rate: Configured sampling rates of the port. Max Hdr Size: Configured size of the header of the sampled frame. Polling Interval: Configured polling interval for the counter sampling.
APS User Manual 1.2.17 Loop Protection The APS Series switches support a Loop protection mechanism. Loop Protection can be used in environments that have devices that do not support the spanning tree protocol. If the switch receives a packet containing its own MAC address the port will be locked. 1.2.17-1 Configuration This section allows you to configure the Loop Protection settings for the switch. Web Interface To configure the Loop Protection settings via the Web Interface: 1.
APS User Manual Transmission Time: The interval between each loop protection PDU sent on each port. Valid values are 1 to 10 seconds. Shutdown Time: The period (in seconds) for which a port will be kept disabled in the event of a loop is detection (and the port action is to shut down the port). Valid values are 0 to 604800 seconds (7 days). A value of zero will keep a port disabled (until next device restart). Port: Physical port of the switch.
APS User Manual 1.2.17-2 Status This section displays the Loop Protection status of individual ports. Web Interface To view the Loop Protection status via the Web Interface: 1. Click Configuration, Loop Protection and Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Parameter Description Fig. 116 Loop Protection Status Port: Physical port of the switch.
APS User Manual 1.2.18 Single IP The APS Series switches support Single IP Management. Single IP Management (SIM), is a simple and useful method to optimize network utilities and management, it is designed to manage a group of switches as a single entity, called a SIM group. Implementing the SIM feature will have the following advantages for users Simplify management of small workgroups or wiring closets while scaling networks to handle increased bandwidth demand.
APS User Manual Parameter Description Mode: Is used to disable the SIP function or set the device as a Master or Slave. Possible modes are: Disable: Disable operation of Single IP Management. Master: Enable Single IP Management and run as a Master Switch. Running as the master switch the user will connect to the Master switches IP Address and can then control the Slave switches in the same SIP group. Slave: Enable Single IP Management and run as a Slave Switch.
APS User Manual 1.2.18-2 Information This section displays the slave devices and allows the administrator access to these switches. Web Interface To view and configure the slave switches of the Single IP Management group via the Web Interface: 1. Click Configuration, Single IP and Information. 2. Click on the index number of the relevant switch you would like to connect to. 3. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 4.
APS User Manual NOTE: When you click the index link you will be redirected to the web interface of the slave device.
APS User Manual 1.2.19 Easy Port The APS Series switches support a feature called Easy Port, which provides a convenient way to save and share common configurations. You can use it to enable features and settings based on the location of a switch in the network and for mass configuration deployments across the network. Predefined ports settings can be applied to particular ports for installations of IP Phones, Wireless Access Points and IP Cameras.
APS User Manual sure the box is unchecked. By default, no ports are members. Role: The port role is based on the type of devices to be connected to the switch ports. Scroll to select the type of device that will connect to the port. Options are IP-Phone, IP-CAM and WIFI-AP. Access VLAN: Used to set the Access VLAN ID. Allowed range is 1 to 4095. VLAN Mode: Scroll to select the Port Egress Rule. The allowed values are Hybrid, Trunk or Access. This parameter affects VLAN egress processing.
APS User Manual Security-enabled port. Since all ports draw from the same pool, it may happen that a configured maximum cannot be granted, if the remaining ports have already used all available MAC addresses. Spanning Tree Admin Edge: Controls whether the operEdge flag should start as set or cleared. (The initial operEdge state when a port is initialized). Spanning Tree BPDU Guard: If enabled, causes the port to disable itself upon receiving valid BPDU's.
APS User Manual 1.2.20 Mirroring The APS Series switches support traffic mirroring to capture and analyze real time traffic. You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the source port in a completely unobtrusive manner. Mirror Configuration is to monitor the traffic of the network.
APS User Manual Parameter Description Port to Mirror on: Port to mirror also known as the mirror port. Frames from ports that have either source (rx) or destination (tx) mirroring enabled are mirrored on this port. Disabled disables mirroring. Port: Physical port of the switch. Mode: Used to select the Mirror Mode. Rx only: Frames received on this port are mirrored on the mirror port. Frames transmitted are not mirrored. Tx only: Frames transmitted on this port are mirrored on the mirror port.
APS User Manual 1.2.21 Trap Event Severity The APS Series switches support trap events that can alert the administrator if a particular event occurs. This section is used to customize the severity levels of the trap events. Administrators can manually configure each event to have a Severity level of Emerg, Alert, Crit, Error, Warning, Notice, Info and Debug. Web Interface To configure the Trap Event Severity levels via the Web Interface: 1. Click Configuration and Trap Event Severity. 2.
APS User Manual <3> Error: Error conditions. <4> Warning: Warning conditions. <5> Notice: Normal but significant conditions. <6> Information: Information messages. <7> Debug: Debug-level messages. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.22 SMTP Configuration The APS Series switches support trap events that can alert the administrator if a particular event occurs. This section is used to configure the mail server settings that will be used to send the emails. Email Addresses can also be configured here, these will be the addresses the events will be sent to. Web Interface To configure the SMTP Configuration settings via the Web Interface: 1. Click Configuration and SMTP Configuration. 2.
APS User Manual Email Address 1 – 6: Enter up to 6 email address to receive the trap events. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.2.23 UPnP The APS Series switches support UPnP. UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly and to simplify the implementation of networks in the home (data sharing, communications, and entertainment) and in corporate environments for simplified installation of computer components. Web Interface To configure the UPnP settings via the Web Interface: 1. Click Configuration and UPnP. 2. Select to enable or disable UPnP. 3.
APS User Manual related packets to CPU. The ACEs are automatically removed when the mode is disabled. TTL: The TTL value is used by UPnP to send SSDP advertisement messages. Valid values are in the range 1 to 255. Advertising Duration: The duration, carried in SSDP packets, is used to inform a control point or control points how often it or they should receive an SSDP advertisement message from this switch.
APS User Manual 1.3 Security This chapter describes the Security configuration options available in the APS Series of switches. Features such as IP Source Guard, Port Security, HTTPS, DHCP Snooping, DHCP Relay and many more can be configured from this section. 1.3.1 IP Source Guard The APS Series switches support IP Source Guard. IP Source Guard can be used to help secure your switch from IP based spoofing attacks. 1.3.
APS User Manual Parameter Description Mode: Enable the Global IP Source Guard or disable the Global IP Source Guard. All configured ACEs will be lost when the mode is enabled. Port: Physical port of the switch. Mode: Select to enable or disable the IP Source Guard function on the select port. The global IP Source Guard Mode must also be enabled, when enabling each individual port. Max. Dynamic Clients: Specify the maximum number of dynamic clients that can be learnt on any given port.
APS User Manual 1.3.1-2 Static Table This section is used to enter Static IP addresses into the APS switch. Web Interface To enter Static IP Addresses into the Static Table via the Web Interface: 1. Click Security, IP Source Guard and Static Table. 2. Click on Add New Entry. 3. Specify the Port, VLAN ID, IP Address and MAC Address. 4. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig.
APS User Manual Add New Entry: Click to add a new static entry. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.3.1-3 Dynamic Table This section is used to view the dynamic IP Source Guard entries. Web Interface To view the Dynamic IP Addresses via the Web Interface: 1. Click Security, IP Source Guard and Dynamic Table. 2. To filter the entries you can select the Start from Port, VLAN ID and or IP Address. 3. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 4. Click Refresh to manually refresh the information. Fig.
APS User Manual <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch.
APS User Manual 1.3.2 ARP Inspection The APS Series switches supports ARP Inspection. This allows the switch to intercept and examine all ARP request and response packets in a subnet and discard those packets with invalid IP to MAC address bindings. 1.3.2-1 Configuration This section is used to configure the ARP Inspection settings for the APS switch. Web Interface To configure the ARP Inspection settings of the switch via the Web Interface: 1. Click Security, ARP Inspection and Configuration. 2.
APS User Manual Mode: Select to enable or disable the ARP Inspection function on the select port. The global ARP Inspection Mode must also be enabled, when enabling each individual port. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.3.2-2 Static Table This section is used to enter Static ARP entries into the APS switch. Web Interface To enter Static ARP entries into the Static Table via the Web Interface: 1. Click Security, ARP Inspection and Static Table. 2. Click on Add New Entry. 3. Specify the Port, VLAN ID, IP Address and MAC Address. 4. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig.
APS User Manual Add New Entry: Click to add a new static entry. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.3.2-3 Dynamic Table This section is used to view the dynamic ARP Inspection entries. Web Interface To view the Dynamic ARP entries via the Web Interface: 1. Click Security, ARP Inspection and Dynamic Table. 2. To filter the entries you can select the Start from Port, VLAN ID and or IP Address. 3. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 4. Click Refresh to manually refresh the information. Fig.
APS User Manual <<, >>: The arrow keys are used to navigate between the pages, displaying the current VLAN’s configured on the switch.
APS User Manual 1.3.3 DHCP Snooping The APS Series switches supports DHCP Snooping. The section describes how to configure the DHCP Snooping parameters of the switch. DHCP Snooping can prevent attackers from adding their own DHCP servers on the network. 1.3.3-1 Configuration This section is used to configure the DHCP Snooping settings for the APS switch. Web Interface To configure the DHCP Snooping settings of the switch via the Web Interface: 1. Click Security, DHCP Snooping and Configuration. 2.
APS User Manual to trusted ports and only allow reply packets from trusted ports. Disabled: Disable DHCP snooping mode operation. Port: Physical port of the switch. Mode: Indicates the DHCP snooping port mode. Possible port modes are: Trusted: Configures the port as trusted source of the DHCP messages. Untrusted: Configures the port as untrusted source of the DHCP messages. Reset Button: Used to reset unsaved changes to original configuration.
APS User Manual 1.3.3-2 Statistics This section is used to view the DHCP Snooping Statistics for the APS switch. Web Interface To view the DHCP Snooping Statistics of the switch via the Web Interface: 1. Click Security, DHCP Snooping and Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig.
APS User Manual Rx and Tx ACK: The number of ACK (option 53 with value 5) packets received and transmitted. Rx and Tx NAK: The number of NAK (option 53 with value 6) packets received and transmitted. Rx and Tx Release: The number of release (option 53 with value 7) packets received and transmitted. Rx and Tx Inform: The number of inform (option 53 with value 8) packets received and transmitted.
APS User Manual 1.3.4 DHCP Replay The APS Series switches supports the DHCP Relay function. DHCP Relays are used to forward DHCP requests to other DHCP Server on the same or on another subnet. This section is used to configure the DHCP Relay parameters. 1.3.4-1 Configuration This section is used to configure the DHCP Relay settings for the APS switch. Web Interface To configure the DHCP Relay settings of the switch via the Web Interface: 1. Click Security, DHCP Relay and Configuration. 2.
APS User Manual Parameter Description Relay Mode: Indicates the DHCP relay mode operation. Possible modes are: Enabled: Enable DHCP relay mode. When the DHCP relay is enabled, the agent forwards and transfers DHCP messages between the clients and the server when they are not in the same subnet domain. Disabled: Disable the DHCP relay. Relay Server: Indicates the DHCP relay server IP address.
APS User Manual 1.3.4-2 Statistics This section is used to view the DHCP Relay Statistics for the APS switch. Web Interface To view the DHCP Relay Statistics via the Web Interface: 1. Click Security, DHCP Relay and Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig.
APS User Manual Receive Bad Circuit ID: The number of packets whose Circuit ID option did not match known circuit ID. Receive Bad Remote ID: The number of packets whose Remote ID option did not match known Remote ID. Client Statistics Transmit to Client: The number of relayed packets from server to client. Transmit Error: The number of packets that resulted in error while being sent to servers. Receive from Client: The number of received packets from server.
APS User Manual 1.3.5 NAS The APS Series switches supports a NAS (Network Access Server) function which allows users connection to a variety of resources, including the internet. Particular settings can be applied to this user based on authentication to a RADIUS Server. Functions such as 802.1x and Mac based Authentication can be used to authenticate users onto the network allowing them access to these shared resources. 1.3.
APS User Manual Parameter Description Mode: Indicates if NAS is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames. Reauthentication Enabled: If checked, successfully authenticated supplicants/clients are reauthenticated after the interval specified by the Reauthentication Period. Reauthentication for 802.1X-enabled ports can be used to detect if a new device is plugged into a switch port or if a supplicant is no longer attached.
APS User Manual whether the client is still attached or not, and the only way to free any resources is to age the entry. Hold Time: This setting applies to the following modes, i.e. modes using the Port Security functionality to secure MAC addresses: • Single 802.1X • Multi 802.1X • MAC-Based Auth.
APS User Manual assigned VLAN is enabled on that port. When unchecked, RADIUS-server assigned VLAN is disabled on all ports. Guest VLAN Enabled: A Guest VLAN is a special VLAN - typically with limited network access - on which 802.1X-unaware clients are placed after a network administratordefined timeout. The switch follows a set of rules for entering and leaving the Guest VLAN as listed below. The "Guest VLAN Enabled" checkbox provides a quick way to globally enable/disable Guest VLAN functionality.
APS User Manual frame when the port link comes up, and any client on the port will be allowed network access without authentication. Force Unauthorized: In this mode, the switch will send one EAPOL Failure frame when the port link comes up, and any client on the port will be disallowed network access. Port-based 802.1X: In the 802.1X-world, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the authentication server.
APS User Manual scenario will loop forever. Therefore, the server timeout should be smaller than the supplicant's EAPOL Start frame retransmission rate. Single 802.1X: In port-based 802.1X authentication, once a supplicant is successfully authenticated on a port, the whole port is opened for network traffic. This allows other clients connected to the port (for instance through a hub) to piggy-back on the successfully authenticated client and get network access even though they really aren't authenticated.
APS User Manual destination MAC address for EAPOL frames sent from the switch towards the supplicant, since that would cause all supplicants attached to the port to reply to requests sent from the switch. Instead, the switch uses the supplicant's MAC address, which is obtained from the first EAPOL Start or EAPOL Response Identity frame sent by the supplicant. An exception to this is when no supplicants are attached.
APS User Manual RADIUS-Assigned QoS Enabled: When RADIUS-Assigned QoS is both globally enabled and enabled (checked) on a given port, the switch reacts to QoS Class information carried in the RADIUS Access-Accept packet transmitted by the RADIUS server when a supplicant is successfully authenticated. If present and valid, traffic received on the supplicant's port will be classified to the given QoS Class.
APS User Manual • Port-based 802.1X • Single 802.1X For trouble-shooting VLAN assignments, use the "Monitor→VLANs→VLAN Membership and VLAN Port" pages. These pages show which modules have (temporarily) overridden the current Port VLAN configuration. RADIUS attributes used in identifying a VLAN ID: RFC2868 and RFC3580 form the basis for the attributes used in identifying a VLAN ID in an Access-Accept packet.
APS User Manual or the port's Admin State is changed), and if not, the port will be placed in the Guest VLAN. Otherwise it will not move to the Guest VLAN, but continue transmitting EAPOL Request Identity frames at the rate given by EAPOL Timeout. Once in the Guest VLAN, the port is considered authenticated, and all attached clients on the port are allowed access on this VLAN. The switch will not transmit an EAPOL Success frame when entering the Guest VLAN.
APS User Manual Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.3.5-2 Switch Status This section is used to view the NAS Status Information on the APS switch. Web Interface To view the NAS information via the Web Interface: 1. Click Security, NAS and Switch Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 135 Network Access Server Status Parameter Description Port: Physical port of the switch.
APS User Manual Last Source: The source MAC address carried in the most recently received EAPOL frame for EAPOL-based authentication, and the most recently received frame from a new client for MAC-based authentication. Last ID: The user name (supplicant identity) carried in the most recently received Response Identity EAPOL frame for EAPOL-based authentication, and the source MAC address from the most recently received frame from a new client for MAC-based authentication.
APS User Manual 1.3.5-3 Port Status This section is used to view the Port Status of the NAS function on the APS switch. Web Interface To view the Port related NAS information via the Web Interface: 1. Click Security, NAS and Port Status. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig. 136 Network Access Server Port Status Parameter Description Admin State: The port's current administrative state.
APS User Manual 1.3.6 AAA The APS Series switches supports AAA (Authentication, Authorization, Accounting) to provide access control to your network. The AAA server can be a TACACS+ or RADIUS server to create and manage objects that contain settings for using AAA servers. 1.3.6-1 Configuration This section is used to configure the AAA settings for the APS switch. Web Interface To configure a Common Configuration of AAA in the web interface: 1. Click Security, AAA and Configuration. 2.
APS User Manual 1. Check “Enabled”. 2. Specify IP address or Hostname for TACACS+ Server. 3. Specify Authentication Port for TACACS+ Server (Default is 49). 4. Specify the Secret with TACACS+ Server. Fig. 137 AAA Configuration Parameter Description Timeout: The Timeout, which can be set to a number between 3 and 3600 seconds, is the maximum time to wait for a reply from a server.
APS User Manual Setting the Dead Time to a value greater than 0 (zero) will enable this feature, but only if more than one server has been configured. TACACS+ Authorization and Accounting Configuration Authorisation: Every command will be authorized by the TACACS+ server when enabled. The authorization table on the TACACS+ server is able to configure which command can be passed successfully. For example, TACACS+ server is set to accept STP command but deny VLAN command.
APS User Manual IP Address/Hostname: The IP address or hostname of the RADIUS Accounting Server. IP address is expressed in dotted decimal notation. Port: The UDP port to use on the RADIUS Accounting Server. If the port is set to 0 (zero), the default port (1813) is used on the RADIUS Accounting Server. Secret: The secret - up to 29 characters long - shared between the RADIUS Accounting Server and the switch.
APS User Manual 1.3.6-2 RADIUS Overview This section is used show you an overview of the status of the RADIUS Authentication and Accounting servers. Web Interface To view the RADIUS Server overview in the web interface: 1. Click Security, AAA and RADIUS Overview. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig.
APS User Manual Not Ready: The server is enabled, but IP communication is not yet up and running. Ready: The server is enabled, IP communication is up and running, and the RADIUS module is ready to accept access attempts. Dead (X seconds left): Access attempts were made to this server, but it did not reply within the configured timeout. The server has temporarily been disabled, but will get re-enabled when the dead-time expires. The number of seconds left before this occurs is displayed in parentheses.
APS User Manual 1.3.6-3 RADIUS Details This section shows you detailed information of the RADIUS Accounting and Authentication Statistics. Web Interface To view the RADIUS Detailed Information in the web interface: 1. Click Security, AAA and RADIUS Details. 2. Specify the Server you wish to view statistics for. 3. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 4. Click Refresh to manually refresh the information. Fig.
APS User Manual server. Rx Access Rejects The number of RADIUS Access-Reject radiusAuthClientExtAccessR packets (valid or invalid) received from the ejects server. Rx Access Challenges The number of RADIUS Access-Challenge radiusAuthClientExtAccessC packets (valid or invalid) received from the hallenges server. Rx Malformed Access Responses The number of malformed RADIUS AccessResponse packets received from the server.
APS User Manual This variable is incremented when an Access-Request is sent and decremented due to receipt of an Access-Accept, AccessReject, Access-Challenge, timeout, or retransmission. Tx Timeouts Other Info: The number of authentication timeouts to the server. After a timeout, the client may retry to the same server, send to a radiusAuthClientExtTimeou different server, or give up. A retry to the same server is counted as a retransmit as ts well as a timeout.
APS User Manual Access-Request that matched it from the RADIUS authentication server. The granularity of this measurement is 100 ms. A value of 0 ms indicates that there hasn't been round-trip communication with the server yet. RADIUS Accounting Statistics Packet Counters: Direction RADIUS authentication server packet counter. There are five receive and four transmit counters.
APS User Manual retransmitted to the RADIUS accounting server. sions Tx Tx Other Info: Pending Requests The number of RADIUS packets destined for the server that have not yet timed out or received a response. radiusAccClientExtPendingRe This variable is incremented when a quests Request is sent and decremented due to receipt of a Response, timeout, or retransmission. Timeouts The number of accounting timeouts to the server.
APS User Manual dead-time expires. The number of seconds left before this occurs is displayed in parentheses. This state is only reachable when more than one server is enabled. RoundTrip Time The time interval (measured in milliseconds) between the most recent Response and the Request that matched it from the RADIUS radiusAccClientExtRoundTripTime accounting server. The granularity of this measurement is 100 ms. A value of 0 ms indicates that there hasn't been round-trip communication with the server yet.
APS User Manual 1.3.7 Port Security The APS Series switches supports a Port Security function allowing the administrator to specify the amount MAC Addresses allowed to be accessed by an individual port. 1.3.7-1 Limit Control This section is used to configure the amount of MAC Addresses allowed to by the port and you can also specify the action taken once this configured threshold has been reached Web Interface To configure the Port Security limitations via the web interface: 1.
APS User Manual Aging Enabled: If checked, secured MAC addresses are subject to aging as discussed under Aging Period. Aging Period: If Aging Enabled is checked, then the aging period is controlled with this input. If other modules are using the underlying port security for securing MAC addresses, they may have other requirements to the aging period. The underlying port security will use the shorter requested aging period of all modules that use the functionality.
APS User Manual Trap: If Limit + 1 MAC addresses is seen on the port, send an SNMP trap. If Aging is disabled, only one SNMP trap will be sent, but with Aging enabled, new SNMP traps will be sent every time the limit is exceeded. Shutdown: If Limit + 1 MAC addresses is seen on the port, shut down the port. This implies that all secured MAC addresses will be removed from the port, and no new address will be learned.
APS User Manual 1.3.7-2 Switch Status This section shows the Port Security status. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for software-based learning. In this mode, frames from unknown MAC addresses are passed on to the port security module, which in turn asks all user modules whether to allow this new MAC address to forward or block it.
APS User Manual Abbr: A one-letter abbreviation of the user module. This is used in the Users column in the port status table. Port Status Port: The port number for which the status applies. Click the port number to see the status for this particular port. Users: Each of the user modules has a column that shows whether that module has enabled Port Security or not.
APS User Manual 1.3.7-3 Port Status This section shows the MAC addresses secured by the Port Security module. Port Security is a module with no direct configuration. Configuration comes indirectly from other modules - the user modules. When a user module has enabled port security on a port, the port is set-up for softwarebased learning.
APS User Manual Parameter Description MAC Address and VLAN ID: The MAC address and VLAN ID that is seen on this port. If no MAC addresses are learnt, a single row stating "No MAC addresses attached" is displayed. State: Indicates whether the corresponding MAC address is blocked or forwarding. In the blocked state, it will not be allowed to transmit or receive traffic. Time of Addition: Shows the date and time when this MAC address was first seen on the port.
APS User Manual 1.3.8 Access Management The APS Series switches supports a number of methods for configuring the switch. This section is used to allow/deny specific IP Addresses from accessing HTTP/HTTPS, SNMP or Telnet/SSH access. 1.3.8-1 Configuration This section is used to configure the Access Management function of the APS Series switch. Web Interface To configure the Access Management settings via the web interface: 1. Click Security, Access Management and Configuration. 2. Click Add New Entry. 3.
APS User Manual Delete: Check to delete the entry. It will be deleted during the next save. Start IP Address: Indicates the start IP address for the access management entry. End IP Address: Indicates the end IP address for the access management entry. HTTP/HTTPS: Indicates that the host can access the switch from HTTP/HTTPS interface if the host IP address matches the IP address range provided in the entry.
APS User Manual 1.3.8-2 Statistics This section is used to view the statistics of the Access Management function of the APS Series switch. Web Interface To view the Access Management statistics via the web interface: 1. Click Security, Access Management and Statistics. 2. If you want to auto-refresh the information you will need to check the Auto-Refresh tick box. 3. Click Refresh to manually refresh the information. Fig.
APS User Manual Auto-Refresh: Tick the box to enable the information to be automatically refreshed. Refresh: Used to manually refresh the information on the page.
APS User Manual 1.3.9 SSH The APS Series switches supports SSH access to the management interface. SSH is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication. Web Interface To enable/disable SSH via the web interface: 1. Click Security and SSH. 2. Select to enable or disable SSH. 3. Click the Apply button to save your changes or the Reset button to revert to previous settings. Fig.
APS User Manual 1.3.10 HTTPS The APS Series switches supports HTTPS access to the management interface. HTTPS is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication via the browser. Web Interface To enable/disable HTTPS via the web interface: 1. Click Security and HTTPS. 2. Select to enable or disable HTTPS. 3. Select to enable Automatic Redirect of HTTP to HTTPS 4.
APS User Manual Enabled: Enable HTTPS redirect mode operation. Disabled: Disable HTTPS redirect mode operation. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.3.11 Auth Method The APS Series switches support different ways of authenticating a user when logging into the management of the switch. Authentication can be done locally, via TACACS+ or via RADIUS. Web Interface To configure the Authentication Method via the web interface: 1. Click Security and Auth Method. 2. Select the Authentication method for console, telent, ssh and web access. 3. Select to enable Fallback. 4.
APS User Manual Fallback: Enable fallback to local authentication by checking this box. If none of the configured authentication servers are alive, the local user database is used for authentication. This is only possible if the Authentication Method is set to a value other than 'none' or 'local'. Reset Button: Used to reset unsaved changes to original configuration. Apply Button: Used to save the settings configured on this page.
APS User Manual 1.4 Maintenance This chapter describes all of the switch Maintenance configuration tasks to enhance the performance of the switch, including Restart Device, Firmware upgrade, Save/Restore, Import/Export, and Diagnostics. 1.4.1 Restart Device This section explains how to restart the device. Web Interface To restart the switch via the Web Interface: 1. Click Maintenance and Restart Device. 2. Click Yes to restart the device. Fig.
APS User Manual 1.4.2 Firmware This section is used to upgrade the firmware in the APS Series switches. Firmware updates are provided periodically to provide bug fixes and features enhancements. The APS Series switches support Dual Firmware Images, allowing the administrator to upload two firmware images into the switch. This allows you to easily roll back to a previous version, if you have issues with a new firmware that you have loaded. 1.4.
APS User Manual WARNING: While the firmware is being updated, Web access appears to be defunct. The front LED flashes Green/Off with a frequency of 10 Hz while the firmware update is in progress. Do not restart or power off the device at this time or the switch may fail to function afterwards.
APS User Manual 1.4.2-2 Firmware Selection This section is used to switch between the latest uploaded firmware image and the previously uploaded firmware image. This page displays both firmware file details including the version number. Web Interface To select the required firmware to be used in the switch via the Web Interface: 1. Click Maintenance, Firmware and Firmware Selection. 2. Click on the Activate Alternate Image button to switch to the old firmware version. Fig.
APS User Manual NOTE: 1. In case the active firmware image is the alternate image, only the "Active Image" table is shown. In this case, the Activate Alternate Image button is also disabled. 2. If the alternate image is active (due to a corruption of the primary image or by manual intervention), uploading a new firmware image to the device will automatically use the primary image slot and activate this. 3. The firmware version and date information may be empty for older firmware releases.
APS User Manual 1.4.3 Save/Restore This section is used to backup, restore, and save the configuration in the switch. 1.4.3-1 Factory Defaults This section is used to reset the switch back to its factory default settings. Web Interface To Factory Default the switch via the Web Interface: 1. Click Maintenance, Save/Restore and Factory Defaults. 2. Select to set the IP Address back to Factory Default, or leave it as previously configured. 3.
APS User Manual 1.4.3-2 Save Start This section describes how to save the Switch Start configuration. Any current configuration files will be saved as XML format. This must be performed after configuration of the switch. If the Start configuration is not saved after the switch has been powered off it will revert back to previous settings. Web Interface To Save the Startup Configuration in the switch via the Web Interface: 1. Click Maintenance, Save/Restore and Save Start. 2. Press Save. Fig.
APS User Manual 1.4.3-3 Save User This section describes how to save the Switch User configuration. Any current configuration files will be saved as XML format. Web Interface To Save the User Configuration in the switch via the Web Interface: 1. Click Maintenance, Save/Restore and Save User. 2. Press Save. Fig. 153 Save User Configuration Parameter Description Save: Save Start Up Configuration.
APS User Manual 1.4.3-4 Restore User This section describes how to restore user’s information back to the switch. Any current configuration files will be restored via XML format. Web Interface To Restore the User Configuration in the switch via the Web Interface: 1. Click Maintenance, Save/Restore and Restore User. 2. Press Save. Fig. 154 Restore User Configuration Parameter Description Save: Save Start Up Configuration.
APS User Manual 1.4.4 Export/Import This section describes how to export and import the Switch configuration. Any current configuration files will be exported as XML format. 1.4.4-1 Export Configuration This section is used to Save / Export the currently running configuration file of the switch. Web Interface To Save the configuration file of the switch via the Web Interface: 1. Click Maintenance, Export/Import and Export Configuration. 2. Click Save to save the configuration file in XML format. Fig.
APS User Manual 1.4.4-2 Import Configuration This section is used to Import a saved configuration file into the switch. Web Interface To Import a configuration file into the switch via the Web Interface: 1. Click Maintenance, Export/Import and Import Configuration. 2. Click Choose File to browse for the previously saved configuration file. 3. Click upload to load the file into the switch. Fig.
APS User Manual 1.4.5 Diagnostics This section provides a set of basic system diagnosis. It lets users know whether the system is healthy or needs to be fixed. Users can also check network connectivity issues with the Ping command. The basic system check includes ICMP Ping, ICMPv6, and VeriPHY Cable Diagnostics. 1.4.5-1 Ping This section is used to test network connectivity issues using the Ping command. Web Interface To test network connectivity using the switch via the Web Interface: 1.
APS User Manual Parameter Description IP Address: The destination IP Address you want to ping it. Ping Length: The payload size of the ICMP packet. Values range from 2 bytes to 1452 bytes. Ping Count: The count of the ICMP packet. Values range from 1 time to 60 times. Ping Interval: The interval of the ICMP packet. Values range from 0 second to 30 seconds.
APS User Manual 1.4.5-2 Ping6 This section is used to test network connectivity issues using the Ping IPv6 command. Web Interface To test IPv6 network connectivity using the switch via the Web Interface: 1. Click Maintenance, Diagnostics and Ping. 2. Enter the IP Address of the device you are trying to communicate with. 3. Set the ping Data Length, Ping Count and Ping Interval. 4. Click the Start button to commence the test. Fig.
APS User Manual 1.4.5-3 VeriPHY This section is used for running the VeriPHY Cable Diagnostics. Press to run the diagnostics. This will take approximately 5 seconds. If all ports are selected, this can take approximately 15 seconds. When completed, the page refreshes automatically, and you can view the cable diagnostics results in the cable status table. Note that VeriPHY is only accurate for cables of length 7 -140 meters.10 and 100 Mbps ports will be linked down while running VeriPHY.
APS User Manual 2. Specifications APS Series Model 10T2SFP 24T6SFP 48T4SFP 24T4S4SFP 48T4S4SFP 10x GbE 26x GbE 48x GbE 28x GbE 52x GbE UTP (10/100/1000Mbps) 8 20 44 20 44 UTP/(100M/1G) SFP 2 4 4 4 4 SFP (100M/1G) - 2 - - - SFP+ (1G/10G) - - - 4 4 8 24 48 24 48 UTP Ports 1-8 UTP Ports 1-24 UTP Ports 1-48 UTP Ports 124 UTP Ports 148 Interface Total Ports, comprising Power Over Ethernet Total IEEE 802.
APS User Manual per group VLAN Voice VLAN GVRP DHCP Relay group per group group group 4K VLAN’s: Port based VLAN’s; 802.1Q; MAC Based VLAN’s; Management VLAN; Private VLAN Voice traffic is automatically assigned to a voice-specific VLAN and treated with appropriate levels of QoS Supported Relay of DHCP traffic to DHCP server in different VLAN. Works with DHCP Option 82 IGMP Snooping V1, V2 and v3 .
APS User Manual (DSCP) / IP precedence, TCP/ UDP source and destination ports, 802.1p priority, Ethernet type, Internet Control Message Protocol (ICMP) packets, IGMP packets, TCP flag. Port Security Locks MAC Addresses to ports, and limits the number of learned MAC addresses Quality of Service H/W Priority Queue Scheduling Supports 8 hardware priority queues Strict priority and weighted round-robin (WRR). Queue assignment based on DSCP and class of service (802.1p/ CoS) Classification Port based; 802.
APS User Manual Automatically turns off power on Gigabit Ethernet RJ-45 port when detecting link down or client idle. Active mode is resumed without loss of any packets when the switch detects link up. Cable length detection Adjusts the signal strength based on the cable length. Reduces the power consumption for shorter cables. Discovery LLDP IEEE802.1AB - Link Layer Detection Protocol with LLDP-MED extensions Environmental Specifications Dimensions (WxHxD, mm) 280 x 44 x 166 Case Desktop Weight 1.