Layer 2/Layer 3 Web Smart Gigabit Switch BS-GS Series User Manual www.buffaloamericas.com 35020643-04 2015.
Contents Chapter 1 Initial Settings..................................................6 Product Requirements..........................................................................6 Install Business Switch Configuration Tool.........................................6 Change Switch's IP Address..................................................................7 Open Settings......................................................................................10 Configure Date and Time.........................
SNMP Trap......................................................................................................26 SNMPv3 User..................................................................................................27 LLDP.....................................................................................................28 LLDP Properties.............................................................................................28 LLDP Port.........................................................
QoS Mapping..................................................................................................43 VoIP Auto Priority..........................................................................................44 IPv4/MAC Policy.............................................................................................44 IPv6 Policy......................................................................................................47 Port Settings.................................................
IGMP Router Port...........................................................................................62 MLD......................................................................................................63 Status..............................................................................................................63 MLD Settings..................................................................................................63 MLD Querier..................................................
Port Order.......................................................................................................76 MAC Order......................................................................................................77 Statistics...............................................................................................77 Logs......................................................................................................79 Syslog Settings.................................................
Chapter 1 Initial Settings Product Requirements Compatible Devices, Browsers, and OSs Compatible Devices to Connect to BS-GS 1000BASE-T/100BASE-TX/10BASE-T compatible devices (PCs, Mac, NAS, switches) Compatible Browsers to Enter Settings Internet Explorer 8/9/10/11 Mozilla Firefox Google Chrome Safari Refer to our website to confirm the latest information of the compatible browser versions. Business Switch Configuration Tool's Compatible OSs Windows 8.
BS-GS2024: http://d.buffalo.jp/BS-GS2024/ BS-GS2024P: http://d.buffalo.jp/BS-GS2024P/ BS-GS2048: http://d.buffalo.jp/BS-GS2048/ Change Switch's IP Address To enter Settings, the switch’s web user interface, the switch’s IP address should belong to the same segment as your PC’s IP address. 1 Connect the switch to your PC and your network with an Ethernet cable (sold separately). Confirm that link/act LED of the connected port is on.
4 Select the switch and click [Next]. 5 Click [Change IP Address].
6 7 Configure the switch's IP address to match the segment of the IP address of your PC and click [Next]. If the password input screen is displayed, enter "password" and click [Next]. Click [Back to Select Switch].
Open Settings 1 Configure the switch's IP address referring to "Change Switch's IP Address" above. 2 Double-click the "Business Switch Configuration Tool" icon to open Business Switch Configuration Tool. 3 Click [Next] to start searching for the switch. 4 Select the switch and click [Next].
5 6 Click [Settings (Web Admin Interface)]. Click OK to launch a web browser and display the login screen. Enter "admin" as the username and "password" as the password, then click [Log In]. Configure Date and Time To configure the date and time, refer to the following procedure. 1 Open Settings. 2 Navigate to [Basic] - [Date & Time].
3 Configure each settings and click [Apply]. Note: Enter the IP address or FQDN of the NTP server to change the NTP server. You may enter 4-255 characters. To use FQDN, you have to configure DNS settings separately. Change Username and Password To change the default username and password from "admin" and "password", refer to the following procedure. 1 Open Settings. 2 Navigate to [Basic] - [System Security] - [Administration Account].
MAC Address Learning This switch uses SVL (Shared VLAN Learning) to learn MAC addresses. SVL is a method that retains a shared MAC address table for the entire switch. It differs from IVL, which retains a MAC address table for each VLAN. Be sure you understand how SVL works before you create a VLAN with the switch. Differences between Operation of SVL and IVL SVL When PC 1 and PC 3 communicate, PC 3 is learned by port 1 on switch 2 so PC 2 and PC 3 cannot communicate.
Chapter 2 Settings Refer to the “Open Settings” section in chapter 1 to access Settings. Menu System Information Basic System VLAN Routing SNMP LLDP Displays the switch's information.
QoS QoS Settings QoS Mapping VoIP Auto Priority DiffServ IPv4/MAC Policy IPv6 Policy Port Settings IPv4/MAC Priority Security IPv6 Priority Status Auto DoS Attack Prevention DHCP Snooping DHCP Table Authentication Status RADIUS Port Authentication Port Trunking Traffic Control Mirroring Spanning Tree Protocol IGMP MLD ACL STP Settings Status Ports Status IGMP Settings IGMP Querier IGMP Router Port Status MLD Settings MLD Querier MLD Router Port ACL Wizard MAC ACL IPv4 ACL IPv6 ACL Ports IPv4/MAC P
Reboot Initialize ARP Table (L3 mode only) Port Order IP Address Order Port Order MAC Order MAC Address Table Statistics Logs Syslog Settings Network Diagnostics Cable Diagnostics Reboot the switch. Initialize the switch. Displays the ARP table ordered by ports. Displays the ARP table ordered by IP addresses. Displays the MAC address table ordered by ports. Displays the MAC address table ordered by MAC addresses. Displays the switch's statistics. Displays log information.
System Configure the switch's name, location, and contact. Switch Name Location Contact Enter the switch's name. You may enter up to 50 alphanumeric characters, hyphens, and underscores. Enter the location of the switch. You may enter up to 50 alphanumeric characters, hyphens, underscores, and spaces. Enter the contact information of the switch. You may enter up to 50 alphanumeric characters, hyphens, underscores, and spaces. VLAN VLAN Settings Confirm VLAN status and configure new VLAN.
Mode VLAN Status VLAN ID VLAN Name Management VLAN Tagged Untagged Not Member Reset Uplink Downlink Select a VLAN mode from “VLAN Settings” or “Privacy Separator”. Privacy separator is a mode that enables communication to the router from a port but blocks communication between ports. Note: VLAN and privacy separator cannot be used at the same time. Displays current VLAN and PVID (Port VLAN ID) status. Click [Edit] to edit the VLAN selected. Click [Delete] to delete the VLAN selected.
Default Gateway Method of Acquiring DNS Server Address Primary DNS Server Secondary DNS Server IPv6 Obtain IPv6 address automatically DHCPv6 Client Link Local Address Static Global Address Static Default Gateway Dynamic Global Address Dynamic Default Gateway Enter the switch's default gateway if you select [Static IP Address] as the connection method. Select a method of obtaining the DNS server's IP address. Enter the primary DNS server's IP address. Enter the secondary DNS server's IP address.
In L3 mode Mode VLAN Status VLAN ID VLAN Name Management VLAN IPv4 Address Tagged Untagged Not Member Reset Uplink Downlink Privacy separator cannot be used when the switch is in L3 mode. Displays current VLAN and PVID (Port VLAN ID) status. Click [Edit] to edit the VLAN selected. Click [Delete] to delete the VLAN selected. VLAN 1 cannot be deleted. Specify the VLAN ID from 2-4094. Enter the VLAN name. You may enter up to 17 alphanumeric characters, hyphens, and underscores.
The following screen is displayed when you select VLAN 1 and click [Edit]. Method of Acquiring DNS Server Address Primary DNS Server Secondary DNS Server IPv6 Obtain IPv6 address automatically DHCPv6 Client Link Local Address Static Global Address Static Default Gateway Dynamic Global Address Dynamic Default Gateway Select a method of obtaining the DNS server's IP address. Enter the primary DNS server's IP address. Enter the secondary DNS server's IP address. Check “Enable” to enable IPv6.
VLAN Ports Configure PVID (Port VLAN ID). PVID Acceptable Frame Type Ingress Filter Protected Port Specify the port VLAN ID. The received untagged frames will be recognized as the specified VLAN ID. (1-4094) Admit All Receive both untagged and tagged frames. Tag Only Receive tagged frames only and drop untagged frames. Enable Drop frames if the received frame's VLAN ID is not a member of incoming port's VLAN. Disable All tagged and untagged frames will be received.
Routing L2/L3 Settings Configure the layer mode of the switch. Specify the layer mode from the following. Mode L3 mode The switch works as a layer 3 switch. L2 mode The switch works as a layer 2 switch. Note: Switching the mode will delete static routing settings and all VLANs except VLAN 1. Static Routing Displayed only when the switch is in L3 mode. Configure the gateway to reach the specified network. Number of Static Routings Default Gateway Displays the number of enabled static routings.
Add the static routing setting to the table by entering the following items. Up to 32 static routes can be created. Static Routing Table Setting Static Routing Table Network Enter the IP address of the network that you need to configure the static routing for. Subnet Mask Enter the subnet mask of the network. Gateway Enter the IP address of the gateway to reach the specified network. Displays the static routing information. SNMP Settings To use SNMP, SNMP monitoring software is needed.
SNMP Host Table Configure the SNMP host table. Note: To delete the registered host, make “Hostname” and “IP Address” field blank and click [Apply]. Host Authentication Hostname IP Address Community Enable/disable SNMP host authentication. Enable SNMP service will be provided from SNMP manager only. Read/write authority depends on the community. Disable Receive SNMP requests from any hosts. Read/write authority depends on the community. Enter a hostname to permit SNMP requests.
SNMP Trap Configure SNMP traps. Note: To use SNMP traps, register the host to the host table on the [Basic] - [SNMP] - [SNMP Host Table] page and enable “trap” for that community. Compatible traps: 0 coldStart 1 warmStart 2 LinkDown (Link Up/Down) 3 LinkUp (Link Up/Down) 4 authenticationFailure (Authentication Trap) 6 topoligyChange (STP) 7 Loop detection (Loop Detection) Private MIB OID: 1.3.6.1.4.1.5227.28.1.1.1 8 Trunk (Trunk) Private MIB OID: 1.3.6.1.4.1.5227.28.1.1.
SNMPv3 User Configure information of users who are authenticated with SNMPv3. SNMPv3 will authenticate users using username and the authentication can be encrypted. This switch is compatible with the following authentication and encryption method. Authentication method: HMAC-MD5-96/HMAC-SHA-96 Encryption method: CBC-DES/CFB-AES-128 Engine ID Username Access Control Authentication Method Authentication Key Encryption Encryption Key This is the switch’s unique ID to identify SNMP engine.
LLDP LLDP Properties Configure LLDP. TLV Advertised Interval Hold Multiplier Reinitializing Delay Transmit Delay Fast Start Duration Enter the interval of sending LLDP packets. (5-32768 seconds) Enter the amount of time of TTL (Time To Live: the time that LLDP packets are held before the packets are discarded) measured in multiples of the TLV advertised interval. (2-10) Enter the time that passes between disabling and reinitializing LLDP.
LLDP Port Configure LLDP for each port. Status Notification Port Description TLV System Name TLV System Description TLV System Capabilities TLV Management Address TLV Disable Disable LLDP. Tx Only Enable transmitting LLDP packets only. Rx Only Enable receiving LLDP packets only. Tx and Rx Enable transmitting and receiving LLDP packets. If enabled, SNMP traps will be sent to the SNMP server when the neighbor table is updated. Note: To use notification, configure SNMP manager and SNMP trap settings.
LLDP-MED Port Configure LLDP-MED for each port. Status Notification Capabilities TLV Network Policy TLV Extend Power TLV Software Revision TLV If enabled, LLDP-MED will be transmitted. Note: To use this functionality, configure the status to [Tx Only] or [Tx and Rx] on the [LLDP Port] page. If enabled, the SNMP trap will be sent to the SNMP server when the LLDP-MED information in the neighbor table is updated. Note: To use notification, configure SNMP manager and SNMP trap settings.
System Name Displays the system name of the detected devices. Note: To use this functionality, configure the status to [Rx Only] or [Tx and Rx] on the [Basic] - [LLDP] - [LLDP Port] page. MAC Addresses Static MAC Filtering Configure the filtering of MAC addresses that are registered manually. Only the frames with registered MAC address as a source MAC address can pass through the ports that the MAC address is registered to.
Dynamic MAC Filtering Configure the dynamic MAC filtering that enables you to set the number of MAC address learn limits for each port. Dynamic MAC Filtering Number Check “Enable” to enable dynamic MAC filtering. Enter the number of MAC address learning limits of each port. (1-16384) Notes: • If the port's “Number” field is left blank, all MAC addresses can pass through that port. • The number of MAC address learn limits can be set between 1-16384 for each port.
Convert MAC Address Add dynamic MAC addresses to static MAC filtering table to filter them in static MAC filtering. Add to Static MAC Filtering Table from Dynamic MAC Address Select a port number to display the dynamic MAC addresses that was learned from the port. Select MAC addresses to add to the static MAC filtering table and click [Add]. Static MAC Address Register the static MAC address to the MAC address table.
MAC Address Aging Configure MAC address aging time. MAC address aging time is the time between the last reference of the MAC address and deleting MAC address. Aging Time Enter the aging time. Port Settings Status Displays the port status. Name Admin Link Status Autonegotiation Speed/Duplex Flow Control IEEE 802.3az APD Jumbo Frame Displays the port name. Displays whether the port is enabled (on) or disabled (off ). Displays whether the link is up or down.
Speed/Mode Settings Configure ports settings such as the transmission rate or flow control. Name Admin Mode Flow Control IEEE 802.3az APD Jumbo Frame Speed/Duplex Enter the port name. You may enter up to 15 alphanumeric characters, hyphens, underscores, and spaces. Check to enable the port. Select the transmission rate and duplex. Check to enable flow control. Check to enable IEEE802.3az. Check to enable APD (auto power down). If enabled, power consumption of link down ports can be reduced.
System Security Administration Account Configure the username and password. Username Password Confirm Enter the new username. You may enter up to 8 alphanumeric characters, hyphens, and underscores. Enter the new password. You may enter up to 8 alphanumeric characters, hyphens, and underscores. Enter the new password again. Access Management Configure each administration interface.
Certificate Upload or download the certificate. You have to prepare a certificate for HTTPS communication by yourself. The compatible certificate types are: Certificate Type X.
Date & Time Configure whether to manually set the date and time or automatically using a SNTP server. SNTP Time Server IP/FQDN Update Interval Time Zone Enable to automatically obtain the time from SNTP server. Configure the time when SNTP is disabled. Enter the SNTP server IP address or FQDN. To enter the FQDN, DNS settings must be configured. Enter the interval which time is obtained from the SNTP server. Configure the time zone.
PoE This functionality is for PoE-compatible switches only. Status Displays the PoE status. Power PoE Status Power Class Priority Supplied Power Current Displays the maximum power, power being used, and available power. Displays if PoE is enabled (on) or disabled (off ). Displays the power feeding status. Displays the connected device's class. Displays the priority of each port. Displays the supplied power of each port. Displays the supplied current of each port.
PoE Profiles Configure PoE settings of each profile that is used in [Power Profile] page. Profile Name PoE Priority High Power Turn Off LEDs? Initialize To change the profile name, enter a new profile name and click [Modify]. Enable or disable PoE functionality. Configure the priority of PoE power feeding. When the supplied power exceeds maximum power, the switch will supply power to the ports in the order of priority. Configure the high-powered power feeding function.
Copy Profile Select the source and destination profiles and click [Copy Profiles] to copy them. Notes: • Click [Apply] to apply the current settings to all profiles. • To use dynamic power feeding by LLDP, configure the status to [Tx and Rx] on the [Basic] - [LLDP] - [LLDP Port] page. • If the supplied power exceeds the maximum power, the switch will supply power to the port in the order of the port number. Power Profile Configure the power saving schedule. Schedule Manual Switch the profile manually.
Date Day of Week Period Select Profile Profile Use profile from Schedule Enter the date to add to the schedule if “Date” is selected as the timetable type. Select the day of week to add to the schedule if “Day of week and time” is selected as the timetable type. Select the time frame while the schedule is enabled if “Day of week and time” is selected as the timetable type. Select a method of specifying the profile.
QoS Mapping Configure port-based priority for DSCP, CoS, and IP precedence. Port Priority DSCP Mapping CoS Mapping IP Precedence Mapping Priority Configure the priority of each port. Configure the DSCP priority value from 0-63. Configure the CoS priority value from 0-7. Configure the IP precedence priority value from 0-7. Configure the priority from 0-7. Note: DSCP mapping, CoS mapping, and IP precedence mapping is displayed when each type is selected.
VoIP Auto Priority Configure the priority of SIP, H.323, SCCP. VoIP Auto Priority CoS Check to enable VoIP auto priority. Click [Show Detail] to enable or disable this functionality for each port. Applied to the VoIP packets of SIP, H.323, SCCP only. If QoS is enabled, it is handled in accordance with CoS priority. IPv4/MAC Policy Create DiffServ policies. IPv4 and MAC addresses can be specified here. The enabled policies will be applied when the packet or frame enters to the switch.
Policy Name CoS Destination MAC Address Source MAC Address EtherType VLAN Protocol Destination IPv4 Address Destination Port Source IPv4 Address Source Port Service Type Displays the selected policy name. Adds the CoS value to the policy condition. Adds the frame’s destination MAC address to the policy condition. For instructions on how to enter the address, refer to “About Address and Mask” section below. Adds the frame’s source MAC address to the policy condition.
Select the action for when the frames satisfy the condition. DiffServ Policy Permit Permits forwarding the frames and packets. Deny Discards the frames and packets. Egress Queue Changes the processing priority of the frames and packets. Remark CoS Rewrites CoS value of the frames and packets. Remark DSCP Rewrites DSCP value of the frames and packets. Remark IP Precedence Rewrites IP precedence value of the frames and packets. Profile Action Processes the frames and packets depending on the committed rate.
IPv6 Policy Create DiffServ policies. IPv6 addresses can be specified here. The enabled policies will be applied when the packet or frame enters the switch. Current Number of Policies Current Number of Active Policies Policy Name Displays the number of created policies. Displays the number of active policies. Enter the policy name into the blank field and click [Apply] to create a new policy. Click [Show Detail] to configure the policy in detail.
Select the action for when the frames satisfy the condition. DiffServ Policy Permit Permits forwarding the frames and packets. Deny Discards the frames and packets. Egress Queue Changes the processing priority of the frames and packets. Remark CoS Rewrites CoS value of the frames and packets. Remark DSCP Rewrites DSCP value of the frames and packets. Remark IP Precedence Rewrites IP precedence value of the frames and packets. Profile Action Processes the frames and packets depending on the committed rate.
Port Settings Configure the ports to apply DiffServ policies. The ports specified by ACL rules cannot be specified. Current Number of Active Policies Current Number of Active IPv6 Policies Port Settings IPv4/MAC (IPv6) ACL Rule List Displays the number of active IPv4 and MAC address-based policies. Displays the number of active IPv6 address-based policies. Select a policy name and ports, then click [Apply]. Displays the selected policy's conditions.
IPv6 Policy List Move Policy Displays the list of IPv6 address-based policies. Policies are listed in order of the priority. Select a policy and enter the policy number that the selected policy moves to before (or after). Select [Before] or [After] and click [Move] to change the priority of the policy. Status Displays the DiffServ status. Policy List IPv4/MAC Policy List IPv6 Policy List Displays the list of policies. Policies are listed in order of the priority.
TCP Flag Fragment If enabled, the illegal TCP flagged packets will be dropped. This will not be applied to the fragment packets. If checked, the configuration of [TCP Flag] will be applied also to the fragment packets. DHCP Snooping Configure DHCP snooping. DHCP snooping is a function to prevent leasing IP addresses when an illegal DHCP server is connected. DHCP Snooping DHCP Option 82 Rate Limit (pps) Status Check to enable DHCP snooping. Add option 82 to the DHCP packets received from DHCP clients.
DHCP Table Displays the DHCP clients that obtained an IPv4 address from the DHCP server via the switch. Up to 256 clients can be listed. Note: DHCP table can be used only when DHCP snooping is enabled. MAC Address IPv4 Address Lease Time VLAN ID Port Displays the DHCP client’s MAC address. Displays the IPv4 address that DHCP client obtained. Displays the lease period of the IPv4 address. Displays the VLAN ID that the DHCP client belongs to. Displays the port number that the DHCP client is connected to.
Primary/Secondary Authentication Status Displays if each server is enabled or disabled, and the server's IP address and port number. Displays the authentication status of each port. RADIUS Configure RADIUS server. Authentication Authentication Server IP Authentication Server Port Shared Secret Reset Timer Advanced Check to enable authentication server. Enter the authentication server's IP address. Enter the authentication server's port number.
RADIUS Server Settings to Use Dynamic VLAN When dynamic VLAN is enabled, add the following attributes to the RADIUS server. Attribute Value Tunnel-Type 13 (VLAN) Tunnel-Medium-Type 6 (IEEE-802) Tunnel-Private-Group-ID VLAN ID that the authenticated user will belong to Port Authentication Configure authentication settings for each port. Prepare an authentication server (RADIUS server) separately. 802.1X Port 802.1X MAC By MAC EAP Passthrough Authenticate 802.1X based on the port.
Guest VLAN Click “Enable” to enable guest VLAN functionality. Enter each port’s guest VLAN period and the VLAN ID to be assigned to users who could not be authenticated by the time the guest VLAN period expires. Notes: • Only the guest VLAN settings of ports using 802.1X port authentication are enabled. • If the port’s guest VLAN ID is “0”, guest VLAN of that port is disabled. The MAC authentication port authenticates using the source MAC address when it receives IP packets.
Trunk Mode Trunk Key Trunk Name System Priority Member Select a trunk mode. Enter the key to identify the trunk group. Enter the trunk name. Enter the priority that is used to decide whose settings are used when the trunk is constructed. The settings of the device whose system priority is the minimum will be used. If the system priorities are the same, the settings of the device whose MAC address is smaller will be used. Select ports to join the trunk member.
Mirroring Configure to monitor the traffic (copy the contents of communication from source to destination). Enable Source Port Destination Port Check to enable mirroring. Select ports to be monitored. Select ports to monitor the traffic. Spanning Tree Protocol STP Settings Configure STP settings.
Configuration Digest (MSTP only) MSTI Settings (MSTP only) MSTP Status (MSTP only) Displays the MSTI status as MD5 digest message. To add MSTI ID, enter the MSTI ID and bridge priority, select VLAN ID(s) to belong to, then click [Add]. Displays the MSTI configuration status. Select an MSTI ID and click [Edit] to add or delete the VLAN ID(s) and change the bridge priority value. Note: • To use spanning tree, all devices in the segment must be compatible with spanning tree.
Max Age Forward Delay Max Hop Count (STP/RSTP only) Root Bridge Priority (STP/RSTP only) Root MAC Address (MSTP only) CIST Root Bridge Priority (MSTP only) CIST Root MAC Address (MSTP only) Regional Root Bridge Priority (MSTP only) Regional Root MAC Address (MSTP only) Switch MAC Address Priority Path Cost Fastlink Status Role Displays the maximum time that passes before trying to reconfigure when this switch doesn't receive BPDU.
Ports Configure STP settings for each port. Path cost can be switched between “Auto” and “Manual”. Priority Path Cost Fastlink Enter the port priority in hexadecimal format. This is used to decide the path to the root bridge. If path cost is set to “Manual”, you can edit the value. This is used to decide the path to the root bridge. If enabled, the port will be in forwarding status immediately. It is recommended to enable fastlink to the port a PC is connected to.
IGMP Status Displays the IGMP status. IGMP Status Router Port Status Displays the multicast address table. Displays the port connected to the multicast router (server). IGMP Settings Configure IGMP snooping. This product is compatible with IGMP snooping v1, v2, and v3. IGMP Snooping Filter Unknown Multicasts Host Timeout Router Port Timeout Check to enable IGMP snooping.
IGMP Querier If IGMP querier is enabled, IGMP snooping can be enabled even if no multicast router is connected. IGMP Querier Querier Interval Check to enable IGMP querier. IGMP queries will be forwarded from each VLAN. Configure the transmit interval for the querier that confirms the existence of multicast group’s member. Querier Source IPv4 Address Enter the source IPv4 address of the querier. Max Response Time Configure the time between transmitting the querier and response from the member.
MLD Status Displays the MLD status. MLD Status Router Port Status Displays the multicast address table. Displays the port connected to the multicast router (server). MLD Settings Configure MLD snooping. MLD Snooping Filter Unknown Multicasts Host Timeout Router Port Timeout Check to enable MLD snooping. If enabled, you can prevent the flooding of multicast packets except for the port connected to the host which joins the multicast group.
MLD Querier If MLD querier is enabled, MLD snooping can be enabled even if no multicast router is connected. MLD Querier Querier Interval Check to enable MLD querier. MLD queries will be forwarded from each VLAN. Configure the transmit interval for the querier that confirms the existence of multicast group’s member. Querier Source IPv6 Address Enter the source IPv6 address of the querier. Max Response Time Configure the time between transmitting the querier and response from the member.
ACL ACL Wizard Configure ACLs with the wizard. Follow the directions on the screen. Based on source MAC address Based on destination MAC address Based on source IPv4 address Based on destination IPv4 address Based on source IPv6 address Based on destination IPv6 address Configure to permit or deny the specified source MAC address. Configure to permit or deny the specified destination MAC address. Configure to permit or deny the specified source IPv4 address.
The following screen is displayed when [Show Detail] is clicked. Up to 10 rules can be configured per group. ACL Rule List Move Rule ACL Group Name CoS Destination MAC Address Source MAC Address Ether Type VLAN Permit/Deny Egress Queue Redirect Port Displays the list of rules in the ACL group. Rules are listed in order of the priority. Select a rule and enter the rule number that the selected rule moves to before (or after). Select [Before] or [After] and click [Move] to move the priority of the rule.
Enter “00:11:22:33:ab:cd:ef” in the address field and also enter “00:00:00:00:00:00” in the mask field. IPv4 ACL Create IPv4 address-based ACLs. Current Number of Groups Current Number of Active Rules ACL Group Name Number of Rules Displays the number of ACL groups. Displays the number of active rules for ACLs. Displays the ACL group name. To create new ACLs, enter the group name and click [Apply]. Click [Show Detail] to add rules to the ACL group.
Service Type Permit/Deny Egress Queue Configure the filtering rule based on the frame's service type. If [IP DSCP] or [IP Precedence] is selected, only 1 value can be permitted or denied. If [IP ToS] is selected, you can specify the range of values which is permitted or denied. Refer to “About IP ToS Mask” section below for details. Select if the frames that satisfy the requirement can be forwarded to the other port or not. Permit Forwards the incoming frames to the other port.
ACL Group Name Number of Rules Displays the ACL group name. To create new ACLs, enter the group name and click [Apply]. Click [Show Detail] to add rules to the ACL group. To change the group name, select a group, enter the new name and click [Rename]. Displays the number of rules of each ACL group. The following screen is displayed when [Show Detail] is clicked. Up to 10 rules can be configured per group.
Ports Configure the ports to apply ACL groups. A total of up to 126 MAC ACL and IP ACL rules may be applied to the ports. Current Number of Active IPv4/MAC ACL Rules Current Number of Active IPv6 ACL Rules Port Settings MAC (IPv4/IPv6) ACL Rule List Displays the number of active rules for IPv4/MAC ACLs. Displays the number of active rules for IPv6 ACLs. Select an ACL group name and ports, then click [Apply]. Displays the selected ACL group's rules.
IPv6 Priority Configure IPv6 ACL group’s priority. IPv6 ACL takes a priority than MAC and IPv4 ACL. IPv6 ACL Group List Move Group Displays the list of ACL groups. Groups are listed in order of the priority. Select a group and enter the group number that the selected group moves to before (or after). Select [Before] or [After] and click [Move] to move the priority of the group. Status Displays the ACL status.
Loop Prevention Configure loop prevention functionality. Configure the switch's action when a loop is detected. Action Disable for MAC Thrashing LDF Receive Rate Received Data Threshold Ignore When a loop is detected, the switch will do nothing for the port itself; the diag LED and loopdetected port's LED will blink for the time configured in [Disable for] section. If a loop is detected again, it will blink and continue until the loop is resolved.
one depending on your network environment. Action when the loop is detected How to resolve the loop Recommended Environment Loop Prevention Temporarily disables the port. After the configured time passes, the port will be enabled again. Resolve manually Data can be transmitted temporarily while the port is disabled. Data cannot be transmitted until the loop is resolved unless storm control is enabled. Spanning Tree Blocks the port and switches the transmission route automatically.
Update Firmware Update firmware with the local firmware file. Select a file image to update and click [Browse] to select the firmware image, then click [Update]. Notes: • Do not turn off the switch or close the browser while updating. • To finish the update, reboot the switch. File Image Select a file image to update. Dual Image The switch can save up to 2 firmware files and can be configured to choose one for booting. Image Name Action Image Description Select an image to change the action.
Back Up and Restore Settings Save or restore the switch's settings. Back Up Settings Restore Settings Click [Save] to save current settings to a file. Click [Browse] to select a settings file and click [Restore] to start restoring. Note: To finish restoring, reboot the switch. Reboot Reboot the switch. Reboot Click [Reboot] to reboot the switch. Initialize Restore the switch settings to the factory default.
ARP Table Displayed only when the switch is in L3 mode. ARP table can record up to 510 devices. Port Order Displays the IP addresses and the MAC addresses of the connected devices with the port order. Select a port from the dropdown menu to display the devices that is connected to the selected port. IP Address Order Displays the IP addresses and the MAC addresses of the connected devices with the IP address order. MAC Address Table Port Order Displays the MAC address table with the port order.
MAC Order Displays the MAC address table with the MAC address order. Note: “Authenticated” is displayed on “Device Authentication” section only when the PC is authenticated using 802.1X MAC or MAC authentication method. Statistics Displays the switch's statistics. Note: Each maximum value is 4,294,967,295. If this is reached or exceeded, the value will reset to 0. Rebooting the switch will also reset the value to 0.
Port Statistics EAP Statistics Displays the number of total received/sent packets of the selected port. Displays the number of total received/sent EAP packets of the selected port. The following items appear when [Show Detail] is clicked. Received Octets Displays the number of total received octets. Received Unicast Packets Displays the number of received unicast packets. Received Multicast Packets Displays the number of received multicast packets.
Logs Displays the switch's log information. Notes: • Up to 512 logs can be recorded to this switch in total. If exceeded, logs will be deleted in order of oldest. • When the switch is turned off, all logs will be deleted. Sort Select a type of log to display. Syslog Settings Configure syslog to transfer logs. Transfer Logs IP Address Attach Header Type Check to enable syslog server. Enter the syslog server's IP address. Select an item to attach to the header of the transmitted data.
Network Diagnostics Execute a communication test to the specified IP address. Ping Traceroute Enter the IPv4/IPv6 address or FQDN and click [Apply] to execute a ping test to the destination. Enter the IPv4 address or FQDN and click [Apply] to execute a traceroute test to the destination. To enter the FQDN, configure DNS server settings on [Basic] - [VLAN] - [VLAN Settings] page in advance.
Displays the status of each Ethernet cable. Cable Status Open Ethernet cable is not connected. OK Ethernet cable is connected without any issues. Short Ethernet cable may be shorting out. Unknown Cannot check the cable status.
Chapter 3 Troubleshooting LED Is Not Lit, Abnormal Lighting or Blinking The power LED is not lit. The diag LED is blinking red. The link/act LED is not lit. Cannot initialize with the reset button on the switch • Confirm that the AC adapter or power cable is connected to the inlet. • If it blinks once per a second, a loop is detected. Check the cabling. • If your switch has fans and its diag LED is blinking fast, a fan error may be occurring. Disconnect the power cable and reconnect it.
Appendix A Specification Product Specification Refer to the quick setup guide to check the hardware specification. Note: Only use the cables and accessories that are included in the package. Don't use other accessories or cables unless specifically instructed to in the documentation.
PoE Port Specification (Only for PoE-compatible devices) (Alternative A) Pin Number Power 1 Negative Vpse 2 Negative Vpse 3 Positive Vpse 4 5 6 Positive Vpse 7 8 - Factory Default Settings System VLAN Settings VLAN VLAN Ports Routing SNMP Settings L2/L3 Settings Static Routing (L3 mode only) SNMP Community Table SNMP Host Table Switch Name Location Contact VLAN Mode VLAN ID VLAN Name Management VLAN Connection Method IPv4 Address Subnet Mask Default Gateway Method of Acquiring DNS Server Address Prim
SNMP Trap SNMP Settings SNMPv3 User LLDP Properties LLDP LLDP Port LLDP-MED Port MAC Addresses Static MAC Filtering Dynamic MAC Filtering MAC Address Aging Port Settings Speed/Mode Settings Administration Account System Security Access Management Authentication Trap Link Up/Down STP Loop Detection Trunk Username Access Control Authentication Method Authentication Key Encryption Encryption Key TLV Advertised Interval Hold Multiplier Reinitializing Delay Transmit Delay Fast Start Duration Status N
System Security Access Management Date & Time HTTPS Session Timeout Maximum HTTPS Session Number SNTP Time Server IP/FQDN Update Interval Time Zone PoE (PoE-compatible product only) PoE Profiles Power Profiles QoS Settings QoS QoS Mapping VoIP Auto Priority Auto DoS Attack Prevention Security DHCP Snooping Profile Name PoE Priority High Power Turn Off LEDs? Schedule Manual Profile Setting View QoS Schedule Method Priority Type Port Priority CoS Mapping VoIP Auto Priority CoS LAND Attack Minimum T
Authentication Port Authentication Port Trunking Traffic Control 802.1X Port 802.
MLD Settings MLD MLD Querier Settings Loop Prevention DHCP Relay Syslog Settings MLD Snooping Filter Unknown Multicast Host Timeout Router Port Timeout MLD Querier Querier Interval Querier Source IPv6 Address Max Response Time Action Disable for MAC Thrashing LDF Receive Rate Received Data Threshold DHCP Relay for VLANs DHCP Relay Settings DHCP Server IP Address Transfer Logs IP Address Attach Header Configuration Authentication Device System Company Information Buffalo Americas, Inc.