IntraCore® IC36240 Series Layer 2+ Gigabit Ethernet Switch User’s Manual
IntraCore IC36240 Layer 2+ Gigabit Ethernet Switch User’s Manual Asante Technologies, Inc. 2223 Oakland Road San Jose, CA 95131 USA SALES 800-662-9686 Home/Office Solutions 800-303-9121 Enterprise Solutions 408-435-8388 TECHNICAL SUPPORT 801-566-8991: Worldwide 801-566-3787: Fax www.asante.com/support support@asante.com SWITCH DEFAULTS IP address: 192.168.0.1 Password: Asante Copyright © 2005 Asante Technologies, Inc. All rights reserved.
Table of Contents Table of Contents...........................................................................................................................................................3 Chapter 1: Introduction...................................................................................................................................................8 1.1 Features .....................................................................................................................................
3.2 Connecting to a PC ............................................................................................................................................19 3.3 Passwords and Privileges Commands ...............................................................................................................20 3.3.1 Privileges Commands ..................................................................................................................................20 3.3.2 Enable Password ............
4.8.5 Scrolling Down a Line or a Screen ...............................................................................................................35 4.8.6 Redisplaying the Current Command Line ....................................................................................................35 4.8.7 Transposing Mistyped Characters ...............................................................................................................36 4.8.8 Controlling Capitalization ..........................
.4 Using Access Lists .............................................................................................................................................57 6.4.1 Create a Standard Access List.....................................................................................................................60 6.4.2 Create a MAC Access List ...........................................................................................................................61 6.4.
9.4 Spanning Tree Protocol Configuration................................................................................................................81 9.4.1 STP Port Configuration ................................................................................................................................82 9.4.2 Global STP Bridge Configuration .................................................................................................................83 9.5 SNMP Configuration.....................
Chapter 1: Introduction The IntraCore IC36240 24-port Layer 2+ Managed Gigabit Switch is a high-performance network switch used to reduce network congestion and application response times. The 24-port IntraCore IC36240 multi-protocol switch supports Layer 2+ and Gigabit Ethernet switching. The switch has 24 10/100/1000BaseT ports with Auto-Uplink and has 4 combination ports used for sharing with SFP mini GBICs. Gigabit fiber technology is used to connect two switches together.
1.2 Package Contents The following items are included in the switch’s package: • Switch • AC power cord • USB cable for management console port • RS232 null-modem cable for management console port • Rack mount brackets with screws • IntraCore IC36240 CD-ROM • Release Note Contact your dealer immediately if any of these items is missing. 1.3 Front and Back Panel Descriptions The following section describes the front and back panels of the IntraCore IC36240 Series switches.
1.3.1 LEDs The IC36240 front panel LED display allows you to monitor the status of the switch. The IC36240 has one power LED indicator, one (optional) external power LED and one fan LED. There are also LED indicators for each of the 24 ports. Refer to the following table for LED information. LED System Color Green Description Power is on and the system is operating normally. Green Flashing Flashing during self-test, initialization, or downloading.
1.4 Management and Configuration The switch is managed using Command Line Interface (CLI) in order to access several different command modes. Entering a question mark (?) at each command mode’s prompt provides a list of commands. 1.4.1 Console Interface Support for local, out-of-band management is delivered through a terminal or modem attached to the EIA/TIA-232 or USB interface. You can access the switch by connecting a PC or terminal to the console port of the switch, via a serial cable.
Chapter 2: Hardware Installation and Setup Use the following guidelines to easily install the switch, ensuring that it has the proper power supply and environment. 2.1 Installation Overview Follow these steps to install the IntraCore IC36240 switch: 1. Open the box and check the contents. See Chapter 1.2 Package Contents for a complete list of the items included with the IntraCore IC36240 switch. 2. Install the switch in an equipment or wall rack, or prepare it for desktop placement. 3.
2.1.2 Recommended Installation Tools You need the following additional tools and equipment to install the switch into an equipment rack: • Flat head screwdriver • Phillips head screwdriver • Antistatic mat or foam 2.1.3 Power Requirements The electrical outlet should be properly grounded, located near the switch and be easily accessible. Make sure the power source adheres to the following guidelines: • Power: Auto Switching AC, 90-240 VAC • Frequency range: 50/60 Hz 2.1.
5. Place the switch in the equipment rack. 6. Secure the switch by securing its mounting brackets onto the equipment rack with the appropriate screws (supplied). Important: Make sure the switch is supported until all the mounting screws for each bracket are secured to the equipment rack. Failure to do so could cause the switch to fall, which may result in personal injury or damage to the switch. 2.2.
To verify the primary power status, use the Switch# show system command. Under System Information, you see the power unit status. System Information -----------------System up for: 000day(s), 01hr(s), 46min(s), 54sec(s) PROM Image Version/Date: 1.00C/Nov 11 2004 17:03:04 DRAM Size: 64.0MB Flash Size: 8.0MB Config NVRAM Size: 128KB Console Baud Rate: 9600 bps Serial No.
Important: The switch must be located within 100 meters of its attached 10BaseT or 100BaseTX devices. Use the following guidelines to determine the cabling requirements for the network devices: • Connecting to Network Station: Category 5 UTP (Unshielded Twisted-Pair) straight-through cable (100 m maximum) with RJ-45 connectors • Connecting to Repeater/Hub/Switch’s Uplink port: Category 5, UTP straight-through cable (100 m maximum) with RJ-45 connectors Note: These switches have no specific uplink ports.
• 1000BaseLH GBIC: Cables with SC-type fiber connectors; 10µ single-mode fiber media up to 20 km (65,617') • 1000BaseLX Long Haul GBIC: Cables with SC-type fiber connectors; 10µ single-mode fiber media up to 100 km (328,100') • 1000BaseLZ GBIC: Cables with SC-type fiber connectors; 10µ single-mode fiber media up to 120 km (393,701') • 1000BaseT: Category 5 or better Unshielded Twisted Pair (UTP) cable up to 100 m (328.
Chapter 3: Initial Software Setup Configure the switch by connecting directly to it through a console (out-of-band management), running a terminal emulation program, such as HyperTerminal or by using telnet. 3.1 Connecting to a Console To connect the switch to a console or computer, set up the system in the following manner: 1. Plug power cord into the back of the switch. 2. Attach a straight-through serial cable between the RS232 console port and a COM port on the PC. 3.
e. Press the Configuration button from the Connect To window. e f. Set the data rate to 9600 Baud. g. Set data format to 8 data bits, 1 stop bit and no parity. h. Set flow control to NONE. f g h Now that terminal is set up correctly, power on the switch. The boot sequence will display in the terminal. After connecting to the console, the following appears: User Access Verification Password: The initial default password for access using either the console or telnet is Asante (case-sensitive).
3.3 Passwords and Privileges Commands The switch has not default password, which allows anyone on the network access to various privilege levels. To prevent unauthorized changes to the switch’s configuration, you should set an enable password for access to switch management. Follow the example below to assign a privileged password.
3.3.3 Password To specify a password on a line, use the password command in line configuration mode. Use the no form of this command to remove the password.
3.4 Login Security Two methods are available on the IntraCore IC36240 to configure an authentication query process for better login security: the username command for the global configuration mode and password and login commands from the line configuration mode. 3.4.1 The username Command To establish a username-based authentication system, use the username command in global configuration mode. This method is more effective because authentication is determined on a user basis.
5. Type ip address and the new address. The following screen appears: Switch> enable Switch# configure Switch(config)# ip address 192.168.123.254/24 Switch(config)# end Switch# show ip Dhcp Client Enabled ..........: No IP Address ...................: 192.108.250.51 Subnet Mask ..................: 255.255.255.0 Default Gateway ..............: 192.108.250.5 HTTP Server ..................: Enabled HTTP Port ....................: 80 Switch# write file Writing current-config to startup-config. Please wait.
Chapter 4: Understanding the Command Line Interface (CLI) The switch utilizes Command Line Interface (CLI) to provide access to several different command modes. Each command mode provides a group of related commands. After logging into the system, you are automatically in the user top (user EXEC) mode. From the user top mode you can enter into the privileged top (privileged EXEC) mode.
To list the commands available in user top mode, enter a question mark (?). Use a space and a question mark (?) after entering a command to see all the options for that particular command. Command Purpose ? Lists the user EXEC commands. show ? Lists all the options available for the given command.
In general, the top (privileged) commands allow you to change terminal settings on a temporary basis, perform basic tests, and list system information. To list the commands available in top mode, enter a question mark (?) at the prompt, as shown in the following example. Enter a question mark (?) after a command to see all the options for that command.
To exit global configuration command mode and return to privileged EXEC mode, use one of the following commands: Command Purpose exit end Exits global configuration mode and returns to privileged EXEC mode. Ctrl-Z To list the commands available in global configuration mode, enter a question mark (?) at the prompt, as shown in the following example. Enter a question mark (?) after a specific command to see all the options for that command.
4.3.1 Interface Configuration Mode Many features are enabled on a per-interface basis. Interface configuration commands modify the operation of an interface such as an Ethernet or serial port. Interface configuration commands always follow an interface global configuration command, which defines the interface type as Ethernet. In the following example shows configuration of Ethernet interface (eth1). The new prompt, Switch(config-ifeth1)#, indicates the interface configuration mode.
In the following example, the switch shows the multiple Spanning Trees (MST) command.
To get help specific to a command mode, a command, a keyword, or an argument, perform one of the following commands: Command Purpose Help Obtain a brief description of the help system in any command mode. ? List all commands available for a particular command mode. When using context-sensitive help, the space (or lack of a space) before the question mark (?) is significant.
Switch# configure ? configure Enter configuration mode Note that in the example below, if you enter the ip command followed by the Return Key or Enter, the system returns the prompt that the command is incomplete. Switch# ip % Command incomplete. Switch# Generally, uppercase letters represent variables. For example, after entering a command, such as hostname, and using a space and a question mark, you will be prompted for the new name, represented by WORD.
4.6 Using CLI Command History The CLI user interface provides a history or record of commands that you have entered. This feature is particularly useful for recalling long or complex commands or entries, including access lists. To recall commands from the history buffer, use one of the following commands: Keystrokes/Command Purpose Press Ctrl-P or the up arrow key Recall commands in the history buffer, beginning with the most recent command. Repeat the key sequence to recall successively older commands.
4.8.1 Moving Around on the Command Line Use the following keystrokes to move the cursor around on the command line in order to make corrections or changes: Keystrokes Purpose Press Ctrl-B or the left arrow. Move the cursor back one character. Press Ctrl-F or the right arrow. Move the cursor forward one character. Press Ctrl-A. Move the cursor to the beginning of the command line. Press Ctrl-E. Move the cursor to the end of the command line. Press Esc B. Move the cursor back one word.
4.8.3 Editing Command Lines That Wrap The enhanced editing feature provides a wraparound for commands that extend beyond a single line on the screen. When the cursor reaches the right margin, the command line shifts eight spaces to the left. You cannot see the first eight characters of the line, but you can scroll back and check the syntax at the beginning of the command.
When you have completed the entry, press Ctrl-A to check the complete syntax before pressing Enter to execute the command. The dollar sign ($) appears at the end of the line to indicate that the line has been scrolled to the right: Switch(config)# access-list 101 permit icmp 192.168.123.0 0.0.0.255 192$ Use line wrapping in conjunction with the command history feature to recall and modify previous complex command entries. 4.8.
4.8.7 Transposing Mistyped Characters If you have mistyped a command entry, you can transpose the mistyped characters by using the following command: Keystrokes Purpose Press Ctrl-T. Transpose the character to the left of the cursor with the character located at the cursor. 4.8.8 Controlling Capitalization You can toggle between uppercase and lowercase letters with simple keystroke sequences. To do so, use the following command: Keystrokes Purpose Press Esc C. Capitalize at the cursor.
Chapter 5: Managing the System and Configuration Files This chapter explains how to manage the system information, as well as how to manage the configuration files for the IntraCore IC36240. 5.
5.1.2 Specifying the Hostname The factory-assigned default host name is Switch. To specify or modify the host name for the network, use the hostname global configuration command. Command Purpose hostname name This system’s hostname. 5.1.3 Changing the Password The switch ships with a default of no password for privilege mode, which allows immediate access to anyone on the network. In order to guard against unauthorized access, only the administrator should be allowed to change the password.
To log messages, use the following command in global configuration mode. Command Purpose logging address IP address of the host to be used as a syslog server. logging facility Facility parameters for syslog messages. logging trap Set syslog server logging level. 5.1.6 Displaying the Operating Configuration The configuration file may be displayed from the EXEC (enable) mode.
You can add comments to a configuration file describing the commands you have entered. Precede a comment with an exclamation point (!). Use the following commands to configure the software from the terminal. Command Purpose configure Enters global configuration mode and select the terminal option. Switch(config)# The global configuration prompt. Enter the necessary configuration commands. copy running-config startup-config Saves the configuration file to your startup configuration.
The following is an example of copying the startup-config for use on the switch. Switch# copy startup-config ? running-config Update (merge with) current system configuration tftp:[//A.B.C.
The following is an example of copying the running-config for use on the switch. Switch# copy running-config ? startup-config Copy to startup configuration tftp:[//A.B.C.D/filename] Copy to tftp: file system Switch# copy running-config tftp Enter TFTP Server IP Address [A.B.C.D]? Enter file name 'my-config' to copy? Reply to any prompts for additional information or confirmation.
In the following example, the software is configured from the file my-config at IP address 192.168.123.59: Switch# copy tftp://192.168.123.59/my-confg running-config Download file ‘my-config’ from 192.168.123.59 to running-config? [y/n] y Accessing tftp://192.168.123.59/my-config... [OK] 487 bytes copied in time <1 sec Updating running-config... To clear the saved configuration, use the following command from privileged mode: Switch# erase startup-config 5.
5.3.3 Security Levels SNMPv3 has three levels of security. The lowest level does not provide authentication or privacy (noAuthNoPriv). This level is comparable to SNMPv1. The second level provides authentication, but no privacy (AuthNoPriv). The highest level provides authentication and security (AuthPriv). Based on protection needs you should use some combination of these security levels.
To set up the community access string to permit access to the SNMP, use the following command from the global command mode. Command Purpose Snmp-server community string [view view-name] {ro | rw} [access-list-number] Define the community access string. The access-list-number parameter is numbered from 1–99 and 1300–1999. Establish the Contact and Location of the SNMP Agent Set the system contact and the location of the SNMP agent so that these descriptions can be accessed through the configuration file.
5.3.5 SNMP Configuration Commands Command Purpose snmp-server Enable the SNMP agent. The first snmp-server global configuration command enables SNMP. snmp-server engineID {local engineidstring|remote host-ip-address [udp-port port-number] engineid-string} Set Engine ID for local or remote devices. The remote engine ID is used to create users that can send SNMPv3 traps. snmp-server view view-name subtree [subtree-mask] [included | excluded] Define the SNMP server view.
All of the bridges (a switch is a complex bridge) on the network communicate with each other using special packets of data called Bridge Protocol Data Units (BPDUs).
Reducing the values of these timers makes the spanning tree react faster when the topology changes, but may cause temporary loops as the tree stabilizes in its new configuration. Increasing the values of these timers makes the spanning tree react more slowly to changes in topology, but will make an unintended reconfiguration less likely. All of the bridges on the network will use the values set by the root bridge. It is only necessary to reconfigure that bridge if changing the parameters. 5.4.
• Alternate port—offers an alternate path toward the root switch to that provided by the current root port. • Backup port—acts as a backup for the path provided by a designated port toward the leaves of the spanning tree. A backup port can exist only when two ports are connected together in a loop-back by a point-to-point link or when a switch has two or more connections to a shared LAN segment. • Disabled port—has no role in the operation of the spanning tree.
Configuring Link Type Use the following interface mode command to configure port link-type: Switch(config)# interface eth1 Switch(config-if-eth1)#spanning-tree link-type {point-to-point|shared} By default, the link type is determined from the duplex mode of the interface: a full-duplex port is considered to have a point-to-point connection; a half-duplex port is considered to have a shared connection.
5.4.4 Multiple Spanning-Tree (MST) MST extends the IEEE 802.1w rapid spanning tree (RST) algorithm to multiple spanning trees. This extension provides both rapid convergence and load balancing in a VLAN environment. MST allows you to build multiple spanning trees over trunks. You can group and associate VLANs to spanning tree instances. Each instance can have a topology independent of other spanning tree instances.
5.5 Configuring VLAN VLANs are used to organize any group of network nodes into separate broadcast domains. VLANs confine broadcast traffic to the originating group and eliminate broadcast storms in large networks. VLANs provide a secure and efficient network environment. VLANs are based on untagged port groups, or traffic can be explicitly tagged to identify the VLAN group to which it belongs. Untagged VLANs can be used for small networks attached to a single switch.
5.6 MAC Address Table The MAC Address Table is a table of node addresses that the switch automatically builds by “learning.” It performs this task by monitoring the packets that pass through the switch, checking the source and destination addresses, and then recording the source address information in the table.
Chapter 6: Configuring IP The Internet Protocol (IP) is a packet-based protocol used to exchange data over computer networks. All other IP protocols are built on the foundation. IP is a network-layer protocol that contains addressing and control information that allows data packets to be routed. This section describes how to configure the Internet Protocol (IP). A number of tasks are associated with configuring IP. A basic and required task for configuring IP is to assign IP addresses to network interfaces.
6.2 Establish Address Resolution A device in the IP can have both a local address (which uniquely identifies the device on its local segment or LAN) and a network address (which identifies the network to which the device belongs). The local address is more properly known as a data link address because it is contained in the data link layer (Layer 2 of the OSI model) part of the packet header and is read by data link devices (bridges and all device interfaces, for example).
6.3 Managing IP Multicast Traffic Multicast traffic is a means to transmit a multimedia stream from the Internet (a video conference, for example) without requiring a TCP connection from every remote host that wants to receive the stream. Traditional IP communication allows a host to send packets to one host (unicast transmission) or to all hosts (broadcast transmission). IP multicast provides a third scheme, allowing a host to send packets to a group of hosts (group transmission).
All systems on the subnet must support the same version. The switch does not automatically detect Version 1 systems and switch to Version 1. Configure the switch for Version 2 if all devices on the subnet support IGMP version 2. To control which version of IGMP the switch uses, use the following command in configuration mode: Command Purpose ip igmp version {2 | 1} vlan <1-4093> Select the IGMP version that the switch uses in a vlan.
When configuring an access list, you can add multiple statements by adding criteria to the same numbered list. The order of the statements is important, as the switch tests addresses against the criteria in an access list one by one (in the order the statements are entered) until it finds a match. The first match determines whether the system accepts or rejects the address. Because the system stops testing conditions after the first match, the order of the conditions is critical.
Other types of traffic to consider include the following.
6.4.1 Create a Standard Access List Standard access lists filter at Layer 3, and can allow or block access to networks and host addresses. The parameters for a standard access list are described below: • Access list number (1–99): Identifies the access list to which an entry belongs. There is no limit to how many entries make up an access list, other than available memory • Remark: Access list entry comment.
6.4.2 Create a MAC Access List The IntraCore IC36240 has a 16K Mac address. The parameters for a MAC access list are described below: • MAC access-list standard (700-799): Identifies the access list to which an entry belongs. There is no limit to how many entries make up a MAC access list, other than available memory. • MAC access list extended (1100–1199): Identifies the access list to which an entry belongs. The following is sample output from the mac access-list command.
In the following example, an extended access list is created to deny FTP and allow all other traffic from subnet 192.168.123.0 to be forwarded to all other networks or subnets. Note: Remember when the cursor reaches the right margin, the command line shifts 8 spaces to the left. You cannot see the first eight characters of the line, but you can scroll back and check the syntax at the beginning of the command, using Ctrl-B or the left arrow keys.
6.4.4 Creating an Access List with a Name From the global configuration mode, you can also create access lists. Using the Switch(config)#ip command you can name your access list, rather than using a number. The new prompt reflects the named access list mode.
6.4.6 Configuring Common Access Lists This section provides examples the most common ACLs used when configuring a network. Change the IP addresses in the following examples when using them in your network. The following example shows denying special-use address sources. Switch(config)# Switch(config)# Switch(config)# Switch(config)# access-list access-list access-list access-list 110 110 110 110 deny deny deny deny ip ip ip ip 127.0.0.0 0.255.255.255 any 192.0.2.0 0.0.0.255 any 224.0.0.0 31.255.255.
The following example shows explicitly denying all other DNS traffic. Switch(config)# access-list 110 deny udp any any eq 53 Switch(config)# access-list 110 deny tcp any any eq 53 The following example shows explicitly permitting internet-sourced connections to publicly accessible servers.
Chapter 7: VLAN Configuration A VLAN is a group of end stations with a common set of requirements, independent of physical location. VLANs have the same attributes as a physical LAN but allow you to group end stations even if they are not located physically on the same LAN segment. Usually VLANs are associated with IP subnetworks. For example, all the end stations in a particular IP subnet belong to the same VLAN. Traffic between VLANs is assigned.
First, a VLAN is created and named tester. Switch# configure Switch(config)# vlan 2 Switch(config-vlan)# name tester Switch(config-vlan)# exit Switch(config)# exit Switch# show vlan In the output of the show vlan command, the new VLAN will be listed, but will not yet be active. Next, choose a switchport to belong to VLAN 2.
7.2 VLAN Port Membership Modes Assign a switchport to a VLAN by designating a membership mode. The membership mode determines the type of traffic the port carries and the number of VLANs that belong to a specific port. The following is a list of the membership modes: • Static Access • Trunk (IEEE 802.1Q) 7.2.1 Static Access A static-access port can belong to one VLAN and is manually assigned to that VLAN.
Use the following commands, beginning in config mode, to configure the VLAN Allowed List for the trunk port: Command Purpose interface IFNAME Enter the interface name to access the interface configuration mode. switchport mode trunk This command designates the interface as IEEE 802.1q trunkaccess mode. Use the no form of this command to reset to the default of staticaccess mode.
Chapter 8: Quality of Service Configuration Quality of Service (QoS) is a general term referring to various methods of traffic management you can employ on your network to ensure that traffic you identify as high-priority can use a sufficient share of the available bandwidth. The IC36240 supports the following QoS methods: • Weighted Fair Queuing • Priority Queuing • Traffic-Shape • Rate-Limit 8.1.1 Configuring Weighted Fair Queuing For flow-based WFQ, packets are classified by flow.
queues; the queue with the highest priority is serviced first until it is empty, then the lower queues are serviced in sequence. 8.2.1 Defining the Priority List A priority list contains the definitions for a set of priority queues. The priority list specifies in which queue a packet will be placed. In order to perform queuing using a priority list, you must assign the list to an interface. The same priority list can be applied to multiple interfaces.
8.4.2 Configuring Traffic Shaping for an Access List To configure traffic shaping for outbound traffic on an access list, use the following commands beginning in global configuration mode: Command Purpose access-list access-list-number Assigns traffic to an access list. interface interface-type-number Enters interface configuration mode. traffic-shape group access-list-number bit-rate Configures traffic shaping for outbound traffic on an interface for the specified access list.
The following examples show setting the rate of interface Ethernet 1 to 100M, setting an associated access list and limiting the rate of the access list on the interface to 200M. Switch(config)# inter eth1 Switch(config-if-eth1)# rate-limit input 100000000 Switch(config-if-eth1)# access-list 1 permit 192.203.56.
Chapter 9: Configuring the Switch Using the GUI This chapter provides and overview of configuring the switch with the graphical user interface (GUI). For more information about the different features and how to implement them refer to the chapters specific to that function. Refer to the following example for the commands required to set the GUI: Switch# configure Switch(config)# ip http server At your web browser enter the IP address for the switch to launch the GUI.
• System Check Information • Save The following example shows the main screen menu bar. 9.2 Information Screens To monitor the switch use the two information screens. The following sections describe the Front Panel and the General Information screens. 9.2.1 Front Panel Information Screen Use this section to access general information about the switch, the state of each port, the link status, the type of link, the mode, and port name.
Use this screen to view statistics about all the ports on the switch. The following example shows the Front Panel information screen. Click on a specific port number hyperlink to go to the Port Configuration and Port Statistics Information screen. Refer to section 9.3.1 for information on the Port Configuration and Port Statistics screen. 9.2.2 General Information Screen From the general information screen you can view the system version and the system clock.
The table below lists the traditional classes and ranges of IP addresses and their status. Class Address or Range Status A 0.0.0.0 1.0.0.0 to 126.0.0.0 127.0.0.0 Reserved Available Reserved B 128.0.0.0 to 191.0.0.0 255.255.255.0 Available C 192.0.0.0 to 223.255.255.0 Available D 224.0.0.0 to 239.255.255.255 Multicast group addresses E 240.0.0.0 to 255.255.255.254 255.255.255.
9.3 Port Configuration Menu From the port configuration screen, you can view current information and configure individual ports. To access the Port Configuration screen, click on Port Config in the menu bar on the left side of the screen. To configure individual ports click on the port number on the left side of the screen. To configure a port, click on the port number on the left side of the screen. The following example shows the Port Configuration screen.
1. • You are now at the Port Configuration and Port Statistics screen. From this screen, you can set the port status, auto-negotiation, flow control, and default priority. You also use this screen to view and manage traffic on a specific port. The following is an example of the screen. 4. 79 Click on the port number from the Front Panel Information Screen Set the defaults for the following: a.
a b c d e From this screen, you can also navigate between different ports and go to different units in the network. To go to another port number change the port number at the top of the screen and press Go. Select port number Press go You can set how the system updates the statistics about the selected port you selecting Auto or Manual and press Refresh.
9.4 Spanning Tree Protocol Configuration The Spanning Tree Protocol (STP) is part of the IEEE 802.1D standard. It provides for a redundant network without the redundant traffic through closed paths. For example, in a network without spanning tree protocol, a message is broadcast through multiple paths, leading to an unending packet-passing cycle. This in turn causes a great amount of extra network traffic, leading to network downtime.
Use the Spanning Tree Protocol Configuration screen to view information and configure spanning trees. The information about current spanning trees displayed on the left side of the screen include the bridge ID, designated root, root port, root port cost, hello time, maximum age and forward delay information. Use the right side of the screen to enable or disable Global STP Status, change the bridge priority, bridge hello time, bridge maximum age and bridge forward delay.
The lower the assigned port path cost is, the more likely that port will be accessed. The default port path cost for a 10 Mbps or 100 Mbps port is the result of the equation: Path cost = 1000/LAN speed (in Mbps) Therefore, for 10 Mbps ports, the default port path cost is 100. For 100 Mbps ports, it is 10. To allow for faster networks, the port path cost for a 1000 Mbps port is set by the standard at 4.
• Select the ports on each bridge that forward traffic, and place the redundant ports in blocking states To change the global STP status, select the desired state from the drop down menu. Use this screen to change the bridge priority, hello time maximum age, forward delay by entering the desired time in the text boxes and pressing Apply Changes. The allowed ranges are next to each text box. To restore the defaults press the restore button.
Use this screen to set the read/write access and to enable or disable the trap authentication for this switch. The default SNMP read community access is public; the default SNMP write community access is private; the default trap authentication is disable. You can also set SNMP Traps for specific IP addresses allowing them to have access to communities that is different then the default set for the switch. To access the SNMP Configuration screen click on the SNMP button on the left side of the screen.
1 2 3 4 5 To restore the defaults press the Restore button. 9.6 Address Table Screen Use this screen to view IP address tables. From the main screen you can view the status of each ports, the address counts of the VID, IP and MAC addresses. You can search for specific IP and MAC addresses and sort the results either IP or MAC. The display is sorted by IP address.
The following example shows the Address Table screen. Click on the port number to filter the display and show the address table for a specific port.
The following screen shows the output from selecting Port 1. The Address table at the bottom of the screen filtered out all the ports except port 1. The MAC address of the switch is identified as “self”. To sort the Address Table by IP address, click the Sort by IP button. The table is now sorted numerically by IP address. The MAC Address Table is a table of node addresses that the switch automatically builds by “learning.
To sort the Address Table by MAC address, click the Sort by MAC button. Your table will be sorted numerically by MAC address. 9.7 VLAN Configuration VLANs are used to organize any group of network nodes into separate broadcast domains. VLANs confine broadcast traffic to the originating group and eliminate broadcast storms in large networks. VLANs provide a secure and efficient network environment.
To access the VLAN configuration screen click on VLAN in the menu bar on the left side of the screen To sort the display enter the VLAN ID number you want the display to start with and press GO. The following example shows the output from the VLAN Group information screen. Assign a switchport to a VLAN by designating a membership mode. The membership mode determines the type of traffic the port carries and the number of VLANs allowed on that port.
3. Click Apply 2 4 4. 3 Asante Click on the VLAN ID number in the VLAN table to move to the configuration page for the new VLAN From the VLAN Group Configuration page, you can enable or disable the management access and link a VLAN to a specific port. Use the VLAN feature to partition a single IntraCore IC36240 into a VLAN each containing its own set of ports. Packets are forwarded only between ports belonging to the same VLAN.
The following example shows output from creating a new VLAN (4) with the name Asante and assigning it to port 7. To remove a VLAN from an associated port follow these steps: 1. Click the membership check box of the desired port to deselect the association. 2. Click on the Remove unchecked member button. 9.8 IGMP Configuration The Internet Group Management Protocol (IGMP) manages the multicast groups on a LAN. IP hosts use IGMP to report their group membership to directly connected multicast switches.
To access the IGMP configuration screen click on the IGMP button in the menu bar on the left side of the screen. The following example shows the IGMP main screen. Use this screen to view the IGMP information. To enable or disable IGMP on a specific VLAN by entering the VLAN ID number selecting the desired state and clicking apply. Click on the VLAN ID number access the advanced IGMP configuration screen. Follow these steps to enable or disable the transmit query packet status 93 1.
3. Click Apply 1 2 3 To configure a specific VLAN click on the VLAN ID number access the advanced IGMP configuration screen. The following example shows the IGMP information for VLAN1. Multicast switches send IGMP host-query messages to discover which multicast groups are present on attached networks. These messages are sent to the all-systems group address of 224.0.0.1 with a time-to-live (TTL) value of 1.
3. Click Apply 1 2 3 9.9 Web CLI Screen Use the Web Command Line Interface (CLI) screen to use access the CLI from an http server. This feature provides the flexibility of the CLI with the usability of the GUI. You can set the clock, ping the system and show the running configuration. To access the Web CLI Screen click on the Web CLI button in the menu bar on the left side of the screen.
The following example shows the main access point of the CLI from the Web interface. 9.10 System Clock Menu You can set the system clock from the System Clock Menu. After selecting the correct date and time for the system click apply. The operation resets the switch using the time you specify. This operation takes a few minutes to complete. View the changes using the General Information menu or the show system clock command in the Web CLI menu. From this menu enter the following: 1.
After you set the desired date and time click apply. 9.11 Save Click on Save to automatically retain any configuration changes you made.
Appendix A: Basic Troubleshooting In the unlikely event that the switch does not operate properly, follow the troubleshooting tips below. If more help is needed, contact Asante’s technical support at www.asante.com/support. Problem Possible Solutions The Power LED is not lit. Check the power connection. Plug the power cord into another known working AC outlet. The primary power supply has failed. Install the optional external power supply and have the primary power supply serviced as soon as possible.
Appendix B: Specifications The sections below list the features and product specifications for the IntraCore IC36240 switch. Connectors: 24 RJ-45 auto-MDI/MDIX Ports 24 10/100/1000BaseT ports that have auto-negotiation for speed, duplex mode and flow control Gig Modular Ports 4 SFP slots for 1000SX or 1000LX transceiver that is auto-disabling 1000BaseT port when link is activated.
Security User password, SNMP access filter, port security (MAC address filter with notification), 802.1x (port-based, L2/L4 ACL, RADIUS, TACACS+ Management Male DB9 RS-232 DTE (auto baud to 115k), USB, Cisco CLI x 4 sessions, Web RMON (1, 2, 3, 9), port mirroring Firmware Upgrade TFTP, dual banks of code and configuration SNMP v1, v2, v3 Logs System, Crash, Error B.1 Standards Compliance IEEEE: IEEE 802.1D spanning tree and bridge filters IEEE 802.1p prioritization (class of service) IEEE 802.
Appendix C: FCC Compliance and Warranty Statements C.1 FCC Compliance Statement This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
C.3 IntraCare Warranty Statement Products: IntraCore IC36240 Duration: 3 years Advanced Warranty United States: Second Business Day Replacement: Other countries: See your local distributor or reseller 1. Asante Technologies warrants (to the original end-user purchaser) the covered IntraCore products against defects in materials and workmanship for the period specified above.
Appendix D: Online Warranty Registration Please register this product online at http://www.asante.com/support/supRegistration.asp or by filling out and mailing the card below.
Index Access List global configuration mode ....................................26 apply.....................................................................63 GUI .......................................................................95 classification .........................................................58 history...................................................................32 configuring standard .............................................60 interface configuration mode .................
ping.......................................................................38 traffic shaping access list......................................72 save, GUI .............................................................97 traffic shaping interface ........................................72 show running-config .............................................39 VLAN ........................................................29, 52, 89 show system.........................................................
general information screen ...................................76 assign addresses............................................54, 76 IGMP configuration...............................................93 configuration ...................................................54, 76 IP address tables..................................................86 GUI .......................................................................86 MAC address........................................................
default...................................................................11 environment..........................................................13 privileged ..............................................................20 power....................................................................13 security .................................................................22 tools......................................................................13 setting...........................................
default...................................................................50 Troubleshooting .......................................................98 forward time..........................................................47 VLAN global configuration ..............................................83 configuration .........................................................52 GUI .......................................................................81 configuration, GUI....................................