System information

ManualsBrandsComnet ManualsComputer equipmentCWGE2FE8MSPOE

INSTALLATION AND OPERATION MANUAL

CWGE2FE8MSPOE

COMMERCIAL GRADE MANAGED ETHERNET SWITCH:

(8) 10/100TX RJ45 +

(2) 10/100/1000TX OR 100/1000 FX SFP PORTS

WITH POWER OVER ETHERNET (POE)

V1.0 – September 2010

The ComNet™ CWGE2FE8MSPOE Managed Ethernet Switch provides transmission of (8) 10/100 BASE-TX and

(2) 10/100/1000TX or 100/1000FX combo ports. These units are available for use with either conventional

CAT-5e copper or optical transmission media. The 8 electrical ports support the 10/100 Mbps Ethernet IEEE

802.3 protocol, and auto-negotiating and auto-MDI/MDIX features are provided for simplicity and ease of

installation. All 8 ports support IEEE.802.3af based POE (Max total PoE budget is 77W). 2 ports are 10/100/1000

configurable for copper or fiber media for use with multimode or single mode optical fiber, selected by optional

SFP modules. These network managed layer 2 switches are optically (100/1000 BASE-FX) and electrically

compatible with any IEEE 802.3 compliant Ethernet devices. Plug-and-play design ensures ease of installation,

and no electrical or optical adjustments are ever required. The CWGE2FE8MSPOE incorporates LED indicators for

monitoring the operating status of the managed switch and network.

Summary of content (143 pages)

PAGE 1
INSTALLATION AND OPERATION MANUAL CWGE2FE8MSPOE COMMERCIAL GRADE MANAGED ETHERNET SWITCH: (8) 10/100TX RJ45 + (2) 10/100/1000TX OR 100/1000 FX SFP PORTS WITH POWER OVER ETHERNET (POE) V1.0 – September 2010 The ComNet™ CWGE2FE8MSPOE Managed Ethernet Switch provides transmission of (8) 10/100 BASE-TX and (2) 10/100/1000TX or 100/1000FX combo ports. These units are available for use with either conventional CAT-5e copper or optical transmission media.
PAGE 2
FCC Warning This Equipment has been tested and found to comply with the limits for a Class-A digital device, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses, and can radiate radio frequency energy. It may cause harmful interference to radio communications if the equipment is not installed and used in accordance with the instructions.
PAGE 3
Content FCC Warning........................................................................................i CE Mark Warning .................................................................................i Introduction ............................................................................1 Features ............................................................................................. 2 Hardware Feature ..............................................................................
PAGE 4
System Commands Set ................................................................................... 20 Port Commands Set ........................................................................................ 23 Trunk Commands Set...................................................................................... 27 VLAN Commands Set...................................................................................... 28 QOS Commands Set ...............................................................
PAGE 5
System Event Log Configuration...................................................... 62 System Event Log—Syslog Configuration ....................................... 62 System Event Log—SMTP Configuration ........................................ 64 System Event Log—Event Configuration ......................................... 66 SNTP Configuration ......................................................................... 68 IP Security .........................................................................
PAGE 6
QoS Configuration.......................................................................... 110 QoS Policy and Priority Type......................................................................... 110 Port-Based Priority......................................................................................... 112 COS Configuration......................................................................................... 112 TOS Configuration ....................................................................
PAGE 7
Appendix.............................................................................134 Console Port Pin Assignments.......................................................
PAGE 8
Introduction Power-over-Ethernet (PoE) eliminates the need to run VAC power to other devices on a wired LAN. Using a Power-over-Ethernet system installers needs to run only a single Category 5 Ethernet cable that carries both power and data to each device. This allows greater flexibility in the location of network devices and significantly decreases installation costs in many cases.
PAGE 9
Features  System Interface/Performance  RJ-45 ports support Auto MDI/MDI-X Function  Embedded 8-port PoE function  Store-and-Forward Switching Architecture  Back-plane (Switching Fabric): 5.6Gbps  1Mbits Packet Buffer  8K MAC Address Table  VLAN  Port Based VLAN  Supports 802.1 Q Tag VLAN  GVRP  Port Trunk with LACP  QoS (Quality of Service)  Supports IEEE 802.
PAGE 10
 X-ring  X-ring, Dual Homing, and Couple Ring Topology  Provides redundant backup feature and the recovery time below 300ms  Bandwidth Control  Ingress Packet Filter and Egress Rate Limit  Broadcast / Multicast / Flooded Unicast Packet Filter Control  System Event Log  System Log Server/Client  SMTP e-mail Alert  SNMP Trap  Device cold start  Authentication failure  X-ring topology changed  Port Link up/Link down  TFTP Firmware Update and System Configuration Restore and B
PAGE 11
Hardware Feature IEEE802.3 10Base-T IEEE 802.3u 100Base-TX IEEE 802.3z Gigabit fiber IEEE 802.3ab 1000Base-T IEEE 802.3x Flow control and Back pressure Standard IEEE 802.3ad Port trunk with LACP IEEE 802.1d Spanning tree protocol IEEE 802.1w Rapid spanning tree IEEE 802.1p Class of service IEEE 802.1Q VLAN Tagging IEEE 802.1x user authentication IEEE 802.3af Power Over Ethernet Back-plane (Switching Fabric): 5.6Gbps Switch architecture Packet throughput ability (Full-Duplex): 8.
PAGE 12
DRAM 32Mbytes 100Base-T: 8x RJ-45 with auto MDI/MDI-X and PoE Connector inject function 10/100/1000T/ 100/1000Mini-GBIC Combo: 2 x RJ-45 + 2 x 100/1000 SFP sockets RJ-45 port # 1~# 8 support IEEE 802.3af End-point, Alternative A mode. PoE Pin Assignment Per port provides 15.4W ability Positive (VCC+): RJ-45 pin 1, 2 Negative (VCC-): RJ-45 pin 3, 6 System Power (Green) 10/100TX Port: Link/Activity (Green), 100Mbps (Green), LED PoE (Green).
PAGE 13
Operating Environment 0oC ~ 50oC, 5%~95%RH Storage Environment -40oC ~ 70oC, 5%~95%RH Dimensions 217mm(W) x 43mm(H) x 140mm(D) EMI FCC Class A CE Safety LVD 6
PAGE 14
Software Feature SNMP v1 Management SNMP v2c SNMP v3 Web/Telnet/Console (CLI) Port based VLAN VLAN IEEE802.1Q Tag VLAN(256 entries) / VLAN ID(Up to 4K, VLAN ID can be assigned from 1 to 4094) GVRP (256 Groups) Port Trunk with LACP Port Trunk: 4 trunk groups of maximum 4 LACP trunk members Spanning Tree IEEE802.1d Spanning tree IEEE802.
PAGE 15
Port Security Port Mirror Supports100 entries of MAC address for static MAC and another 100 for MAC filter Supports 3 mirroring types: “RX, TX and Both packet” Supports IGMP snooping v1 and v2 IGMP 256 multicast groups IGMP query mode Supports 10 IP addresses that have permission to IP Security access the switch management to prevent unauthorized intruder Ingress rate limiting packet type: all of frames, broadcast, multicast, Flooded Unicast and Bandwidth broadcast packet.
PAGE 16
1. Device cold start 2. Authentication failure SNMP Trap 3. X-ring topology changed 4.
PAGE 17
Package Contents Unpack the packing of the CWGE2FE8MSPOE Managed Switch then verify them against the checklist below.  CWGE2FE8MSPOE Managed Switch x 1  Rubber Pads x 4  RS-232 cable x 1  Power Adaptor x 1  Power Cord x 1  User Manual x 1 Compare the contents of the package with the standard checklist above. If any item is missing or damaged, please contact the local dealer for exchanging.
PAGE 18
Hardware Description This section mainly describes the hardware of the CWGE2FE8MSPOE Managed Switch and gives a physical and functional overview on the certain switch. Physical Dimension The physical dimensions of CWGE2FE8MSPOE Managed Switch are 217mm(W) x 43mm(H) x 140mm(H).
PAGE 19
to another switch or workstation without changing non-crossover or crossover cabling.  Mini-GBIC port: The appropriate replaceable Mini-GBIC port is available with a variety of different transmitter and receiver types, allowing users to select the appropriate transceiver for each link to provide the required optical reach over the available optical fiber type.
PAGE 20
Rear Panel The power plug is located on the rear panel of the CWGE2FE8MSPOE Managed Switch as shown below. The switch will work with AC in the voltage range of AC 100-240V with Frequency of 50-60Hz.
PAGE 21
Desktop Installation Set the switch on a sufficiently large flat space with a power outlet nearby. The surface where you put the switch should be clean, smooth, level and sturdy. Make sure there is enough space around the switch to allow air circulation. Attaching Rubber Pads A. Make sure mounting surface on the bottom of the switch is grease and dust free. B. Remove adhesive backing from your Rubber Pads. C. Apply the Rubber Pads to each corner on the bottom of the switch.
PAGE 22
Network Application This section provides a few samples of network topology in which the switch is used. In general, the PoE Managed Switch is designed as a segment switch that has a large address table (8000 MAC addresses) and high performance to deal with interconnecting networking segments. Using the uplink port (Gbps Combo port), the switch can connect with another switch or hub to interconnect other small-switch workgroups to form a larger switch network.
PAGE 23
Segment Bridge For enterprise networks where large data broadcasts are constantly processed, this switch is an ideal solution for department users to connect to the corporate backbone. In the illustration below, two managed PoE switches with PCs, print server, local server, wireless AP (IEEE 802.3af compliant), and IP camera (IEEE 802.3af compliant) attached are both connect to the core switch. All the devices in this network can communicate with each other through the core switch.
PAGE 24
Console Management Login in the Console Interface When the connection between switch and PC is ready, turn on the PC and run a terminal emulation program or Hyper Terminal and configure its communication parameters to match the following default characteristics of the console port: Baud Rate: 9600 bps Data Bits: 8 Parity: none Stop Bit: 1 Flow control: None The settings of communication parameters After having finished the parameter settings, click “OK“.
PAGE 25
CLI Management The system supports console management—CLI command. After you log in to the system, you will see a command prompt. To enter CLI management interface, enter “enable” command. The following table lists the CLI commands and description. CLI command interface Commands Level Modes Access Method Prompt Exit Method About This Mode1 The user commands available at the user level are a subset of those User EXEC Begin a session with switch> your switch.
PAGE 26
Configura configure tion (config)# privileged parameters that apply to command EXEC your switch as a whole. while in mode, privileged enter exit EXEC mode. or end Enter the vlan database To exit to VLAN command switch user EXEC Use this mode to configure database while in (vlan)# mode, VLAN-specific parameters. privileged enter exit. EXEC mode.
PAGE 27
Commands Set List User EXEC E Privileged EXEC P Global configuration G VLAN database V Interface configuration I System Commands Set Netstar Commands show config Level Description E Show switch Example switch>show config configuration show terminal P Show console switch#show terminal information write memory P Save user switch#write memory configuration into permanent memory (flash rom) system name G [System Name] system location G G [System Description] system contact G [System
PAGE 28
ip address G [Ip-address] Configure the IP switch(config)#ip address address of switch 192.168.10.1 255.255.255.0 [Subnet-mask] 192.168.10.
PAGE 29
dhcpserver dnsip G [DNS IP] dhcpserver leasetime G [Hours] dhcpserver ipbinding I [IP address] Configure DNS IP for switch(config)#dhcpserver dnsip DHCP clients 192.168.1.1 Configure lease time switch(config)#dhcpserver (in hour) leasetime 1 Set static IP for DHCP switch(config)#interface clients by port fastEthernet 2 switch(config)#dhcpserver ipbinding 192.168.1.
PAGE 30
no security G Disable IP security switch(config)#no security function no security http G Disable IP security of switch(config)#no security http HTTP server no security telnet G Disable IP security of switch(config)#no security telnet telnet server Port Commands Set Netstar Commands interface fastEthernet Level Description G [Portid] duplex I [full | half] Example Choose the port for switch(config)#interface modification.
PAGE 31
security enable I Enable security of switch(config)#interface interface fastEthernet 2 switch(config-if)#security enable no security I Disable security of switch(config)#interface interface fastEthernet 2 switch(config-if)#no security bandwidth type all I Set interface ingress switch(config)#interface limit frame type to fastEthernet 2 ‘accept all frame’ switch(config-if)#bandwidth type all bandwidth type I Set interface ingress switch(config)#interface broadcast-multicast-floo limi
PAGE 32
bandwidth out Set interface output switch(config)#interface [Value] bandwidth. Rate fastEthernet 2 Range is from 100 switch(config-if)#bandwidth out kbps to 102400 kbps 100 or to 256000 kbps for giga ports, and zero means no limit.
PAGE 33
show interface I accounting show interface statistic switch(config)#interface counter fastEthernet 2 switch(config-if)#show interface accounting no accounting I Clear interface switch(config)#interface accounting information fastEthernet 2 switch(config-if)#no accounting 26
PAGE 34
Trunk Commands Set Netstar Commands aggregator priority Level Description G [1~65535] aggregator activityport G Example Set port group system switch(config)#aggregator priority priority 22 Set activity port switch(config)#aggregator [Group ID] activityport 2 [Port Numbers] aggregator group G Assign a trunk group switch(config)#aggregator group [GroupID] [Port-list] with LACP active.
PAGE 35
aggregator group G Assign a static trunk switch(config)#aggregator group [GroupID] [Port-list] group. 1 2-4 nolacp nolacp [GroupID] :1~4 or [Port-list]:Member port switch(config)#aggregator group list, This parameter 1 3,1,2 nolacp could be a port range(ex.1-4) or a port list separate by a comma(ex.
PAGE 36
no vlan V No VLAN Switch(vlan)#no vlan Ported based VLAN configuration vlan port-based V grpname Add new port based switch(vlan)#vlan port-based VALN grpname test grpid 2 port 2-4 [Group Name] or grpid switch(vlan)#vlan port-based [GroupID] grpname test grpid 2 port 2,3,4 port [PortNumbers] show vlan [GroupID] or show vlan no vlan group [GroupID] V Show VLAN switch(vlan)#show vlan 23 information V Delete port base group switch(vlan)#no vlan group 2 ID IEEE 802.
PAGE 37
vlan 8021q port [PortNumber] hybrid-link untag [UntaggedVID] tag [TaggedVID List] V Assign a hybrid link for switch(vlan)#vlan 8021q port 3 VLAN by port, if the hybrid-link untag 4 tag 3,6,8 port belong to a trunk or vlan 8021q trunk [PortNumber] access-link untag [UntaggedVID] V vlan 8021q trunk [PortNumber] trunk-link tag V group, this command switch(vlan)#vlan 8021q port 3 can’t be applied.
PAGE 38
spanning-tree priority G [0~61440] spanning-tree max-age Configure spanning switch(config)#spanning-tree tree priority parameter priority 32768 G [seconds] Use the spanning-tree switch(config)#spanning-tree max-age global max-age 15 configuration command to change the interval between messages the spanning tree receives from the root switch.
PAGE 39
spanning-tree G forward-time [seconds] Use the spanning-tree switch(config)#spanning-tree forward-time global forward-time 20 configuration command to set the forwarding-time for the specified spanning-tree instances. The forwarding time determines how long each of the listening and stp-path-cost [1~200000000] I learning states last before the port begins forwarding.
PAGE 40
stp-path-priority I [Port Priority] Use the spanning-tree switch(config)#interface port-priority interface fastEthernet 2 configuration switch(config-if)#stp-path-priority command to configure 128 a port priority that is used when two switches tie for position as the root switch. stp-admin-p2p I [Auto|True|False] Admin P2P of STP switch(config)#interface priority on this fastEthernet 2 interface.
PAGE 41
QOS Commands Set Netstar Commands qos policy Level Description G [weighted-fair|strict] qos prioritytype G [port-based|cos-only|tos Example Select QOS policy switch(config)#qos policy scheduling weighted-fair Setting of QOS priority switch(config)#qos prioritytype type -only|cos-first|tos-first] qos priority portbased [Port] [lowest|low|middle|high] qos priority cos [Priority][lowest|low|mid dle|high] qos priority tos G Configure Port-based switch(config)#qos priority Priority G portbased 1 l
PAGE 42
IGMP Commands Set Netstar Commands igmp enable Level Description G Enable IGMP Example switch(config)#igmp enable snooping function Igmp query auto G Set IGMP query to switch(config)#Igmp query auto auto mode Igmp query enable G Set IGMP query to switch(config)#Igmp query enable enable mode show igmp P configuration igmp multi Displays the details of switch#show igmp configuration an IGMP configuration.
PAGE 43
show mac-address-table P static show mac-address-table P filter no mac-address-table I Show static MAC switch#show mac-address-table address table static Show filter MAC switch#show mac-address-table address table.
PAGE 44
SNMP Commands Set Netstar Commands snmp system-name Level Description G [System Name] snmp system-location G [System Location] snmp system-contact G [System Contact] snmp agent-mode G [v1v2c|v3|v1v2cv3] snmp Set SNMP agent switch(config)#snmp system name system-name l2switch Set SNMP agent switch(config)#snmp system location system-location lab Set SNMP agent switch(config)#snmp system contact system-contact where Select the agent mode switch(config)#snmp agent-mode of SNMP G communit
PAGE 45
snmpv3 user G Configure the switch(config)#snmpv3 user [User Name] userprofile for test01 group G1 password group SNMPV3 agent. AuthPW PrivPW [Group Name] Privacy password password could be empty.
PAGE 46
show snmp P Show SNMP switch#show snmp configuration no snmp G community-strings Remove the specified switch(config)#no snmp community. community-strings public Remove the SNMP switch(config)#no snmp-server server host. host 192.168.1.50 [Community] no snmp-server host G [Host-address] no snmpv3 user G [User Name] Remove specified user switch(config)#no snmpv3 user of SNMPv3 agent.
PAGE 47
Port Mirroring Commands Set Netstar Commands monitor rx Level Description G Example Set RX destination port switch(config)#monitor rx of monitor function monitor tx G Set TX destination port switch(config)#monitor tx of monitor function show monitor P Show port monitor switch#show monitor information monitor I [RX|TX|Both] Configure source port switch(config)#interface of monitor function fastEthernet 2 switch(config-if)#monitor RX show monitor I Show port monitor switch(config)#interface
PAGE 48
802.1x Commands Set Netstar Commands 8021x enable Level Description G Example Use the 802.1x global switch(config)# 8021x enable configuration command to enable 802.1x protocols. 8021x system radiusip G [IP address] Use the 802.1x system switch(config)# 8021x system radius IP global radiusip 192.168.1.1 configuration command to change the radius server IP. 8021x system serverport G [port ID] Use the 802.
PAGE 49
8021x system nasid G [words] Use the 802.1x system switch(config)# 8021x system nasid global nasid test1 configuration command to change the NAS ID 8021x misc quietperiod G [sec.] Use the 802.1x misc switch(config)# 8021x misc quiet period global quietperiod 10 configuration command to specify the quiet period value of the switch. 8021x misc txperiod G [sec.] Use the 802.1x misc switch(config)# 8021x misc TX period global txperiod 5 configuration command to set the TX period.
PAGE 50
8021x misc maxrequest G [number] Use the 802.1x misc switch(config)# 8021x misc max request global maxrequest 3 configuration command to set the MAX requests. 8021x misc G reauthperiod [sec.] Use the 802.1x misc switch(config)# 8021x misc reauth period global reauthperiod 3000 configuration command to set the reauth period. 8021x portstate I Use the 802.
PAGE 51
TFTP Commands Set Netstar Commands backup Level Description G flash:backup_cfg Defaults Example Save configuration to switch(config)#backup TFTP and need to flash:backup_cfg specify the IP of TFTP server and the file name of image. restore flash:restore_cfg G Get configuration from switch(config)#restore TFTP server and need to flash:restore_cfg specify the IP of TFTP server and the file name of image.
PAGE 52
system capacitive-detect P [Enable|Disable] system power-limit P [Value] Set PoE system switch(poe)# system Capacitive Detection capacitive-detect enable Set Poe system Power switch(poe)# system power-limit Limit 90 P Set PoE port State switch(poe)# port 1 state disable P Set PoE port Power switch(poe)# port 1 plfc enable Value[0~96] port 1 state disable port [PortNumbers] stace [Enable|Disable] port 1 plfc enable port [PortNumbers] plfc Limit from [Enable|Disable] Classification port 1
PAGE 53
SystemLog, SMTP and Event Commands Set Netstar Commands systemlog ip Level Description G [IP address] systemlog mode Set System log server switch(config)# systemlog ip IP address. G Example 192.168.1.100 Specified the log mode switch(config)# systemlog mode [client|server|both] both show systemlog E Displays system log.
PAGE 54
event device-cold-start G [Systemlog|SMTP|Both] event G authentication-failure Set cold start event switch(config)#event type device-cold-start both Set Authentication switch(config)#event failure event type authentication-failure both Set X-ring topology switch(config)#event changed event type ring-topology-change both Set port event for switch(config)#interface system log fastethernet 3 [Systemlog|SMTP|Both] event G ring-topology-change [Systemlog|SMTP|Both] event systemlog I [Lin
PAGE 55
no event smpt I Disable port event for switch(config)#interface SMTP fastethernet 3 switch(config-if)#no event smtp SNTP Commands Set Netstar Commands Level Description Example sntp enable G Enable SNTP function switch(config)#sntp enable sntp daylight G Enable daylight saving switch(config)#sntp daylight time, if SNTP function is inactive, this command can’t be applied.
PAGE 56
sntp timezone G [Timezone] Set timezone index, switch(config)#sntp timezone 22 use ‘show sntp timzezone’ command to get more information of index number show sntp P Show SNTP switch#show sntp information show sntp timezone P Show index number of switch#show sntp timezone time zone list no sntp G Disable SNTP function switch(config)#no sntp no sntp daylight G Disable daylight switch(config)#no sntp daylight saving time X-ring Commands Set Netstar Commands Level Description Example rin
PAGE 57
show ring P Show the information switch#show ring of X-Ring no ring G Disable X-ring switch(config)#no ring no ring master G Disable ring master switch(config)# no ring master no ring couplering G Disable couple ring switch(config)# no ring couplering no ring dualhoming G Disable dual homing switch(config)# no ring dualhoming 50
PAGE 58
Web-Based Management This section introduces the configuration and functions of the Web-Based management function. About Web-based Management There is an embedded HTML web site residing in the flash memory on the CPU board of the switch, which offers advanced management features and allows users to manage the switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. The Web-Based Management supports Internet Explorer 6.0 or later version.
PAGE 59
System Login 1. Launch the Internet Explorer on the PC 2. Key in “http:// “+” the IP address of the switch”, and then Press “Enter”. 3. The login screen will appear right after 4. Key in the user name and password. The default user name and password are the same as ‘admin’. 5. Press Enter or click the OK button, and then the home screen of the Web-based management appears. Note: The web interface features shown below are introduced by the screen displays of the CWGE2FE8MSPOE switch.
PAGE 60
System Information User can assign the system name, description, location and contact personnel to identify the switch. The version table below is a read-only field to show the basic information of the switch.  System Name: Assign the system name of the switch (The maximum length is 80 bytes)  System Description: Describes the switch (The maximum length is 80 bytes).  System Location: Assign the switch physical location (The maximum length is 80 bytes).
PAGE 61
IP Configuration The switch is a network device that needs to be assigned an IP address to be identified on the network. Users have to decide a means of assigning an IP address to the switch.  DHCP Client: Enable or disable the DHCP client function. When DHCP client function is enabled, the switch will be assigned an IP address from the network DHCP server. The default IP address will be replaced by the assigned IP address on DHCP server.
PAGE 62
IP Configuration interface DHCP Configuration DHCP is the abbreviation of Dynamic Host Configuration Protocol that is a protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device's IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses.
PAGE 63
DHCP Server Configuration The system provides the DHCP server function. By enabling the DHCP server function, the switch system will be a DHCP server.  DHCP Server: Enable or Disable the DHCP Server function. Enable:—the switch will be the DHCP server on your local network  Low IP Address: The dynamic IP range. Low IP address is the beginning of the dynamic IP range. For example: dynamic IP range is from 192.168.1.100 ~ 192.168.1.200. In contrast, 192.168.1.
PAGE 64
DHCP Client Entries When the DHCP server function is enabled, the system will collect the DHCP client information including the assigned IP address, the MAC address of the client device, the IP assigning type, status and lease time.
PAGE 65
Port and IP Binding Assign the dynamic IP address bound with the port to the connected client. The user is allowed to fill each port column with one particular IP address. When the device is connecting to the port and asks for an IP assignment, the system will assign the IP address bound with the port.
PAGE 66
TFTP - Update Firmware It provides the functions allowing the user to update the switch firmware via the Trivial File Transfer Protocol (TFTP) server. Before updating, make sure the TFTP server is ready and the firmware image is located on the TFTP server.  TFTP Server IP Address: Key in the TFTP server IP  Firmware File Name: The name of firmware image  And then, click .
PAGE 67
TFTP - Restore Configuration You can restore a previous backup configuration from the TFTP server to recover the settings. Before doing that, you must locate the image file on the TFTP server first and the switch will download back the flash image.  TFTP Server IP Address: Type in the TFTP server IP.  Restore File Name: Type in the correct file name for restoring.  Click .
PAGE 68
TFTP - Backup Configuration You can back up the current configuration from flash ROM to the TFTP server for the purpose of recovering the configuration later. It helps you to avoid wasting time on configuring the settings by backing up the configuration.  TFTP Server IP Address: Type in the TFTP server IP.  Backup File Name: Type in the file name.  Click .
PAGE 69
System Event Log Configuration This page allows the user to decide whether to send the system event log, and select the mode which the system event log will be sent to client only, server only, or both client and server. What kind of event log will be issued to the client/server depends on the selection on the Event Configuration tab. There are four types of event—Device Cold Start, Authentication Failure, X-Ring Topology Change, and Port Event—available to be issued as the event log.
PAGE 70
Syslog Configuration interface 63
PAGE 71
System Event Log—SMTP Configuration Simple Mail Transfer Protocol (SMTP) is the standard for email transmissions across the network. You can configure the SMTP server IP, sender, mail account, password, and the recipient email addresses that the e-mail alert will be sent to. There are also four types of events—Device Cold Start, Authentication Failure, X-Ring Topology Change, and Port Event—available to be issued as the e-mail alert.
PAGE 72
SMTP Configuration interface 65
PAGE 73
System Event Log—Event Configuration Having ticked the Syslog/SMTP checkboxes, the event log/email alert will be sent to the system log server and the SMTP server respectively. Also, Port event log/alert (link up, link down, and both) can be sent to the system log server/SMTP server respectively by setting the trigger condition.  System event selection: There are 3 event types—Device Cold Start, Authentication Failure, and X-ring Topology Change.
PAGE 74
Event Configuration interface 67
PAGE 75
SNTP Configuration SNTP (Simple Network Time Protocol) is a simplified version of NTP that is an Internet protocol used to synchronize the clocks of computers to a time reference. Because time usually just advances, the time on different node stations will be different. With the communicating programs running on those devices, it would cause time to jump forward and back, a non-desirable effect.
PAGE 76
AST - Atlantic Standard -4 hours 8 am -5 hours 7 am -6 hours 6 am -7 hours 5 am -8 hours 4 am ALA - Alaskan Standard -9 hours 3 am HAW - Hawaiian Standard -10 hours 2 am Nome, Alaska -11 hours 1 am +1 hour 1 pm EET - Eastern European, USSR Zone 1 +2 hours 2 pm BT - Baghdad, USSR Zone 2 +3 hours 3 pm ZP4 - USSR Zone 3 +4 hours 4 pm ZP5 - USSR Zone 4 +5 hours 5 pm ZP6 - USSR Zone 5 +6 hours 6 pm WAST - West Australian Standard +7 hours 7 pm CCT - China Coast, USSR Zone
PAGE 77
 SNTP Sever URL: Set the SNTP server IP address. You can assign a local network time server IP address or an internet time server IP address.  Switch Timer: When the switch has successfully connected to the SNTP server whose IP address was assigned in the column field of SNTP Server URL, the current coordinated time is displayed here.  Daylight Saving Period: Set up the Daylight Saving beginning date/time and Daylight Saving ending date/time.
PAGE 78
IP Security IP security function allows the user to assign 10 specific IP addresses that have permission to manage the switch through the http and telnet services for the securing switch management. The purpose of giving the limited IP addresses permission is to allow only the authorized personnel/device can do the management task on the switch.
PAGE 79
IP Security interface 72
PAGE 80
User Authentication Change web management login user name and password for the management security issue.
PAGE 81
Port Statistics The following chart provides the current statistic information that displays the real-time packet transfer status for each port. The user might use the information to plan and implement the network, or check and find the problem when the collision or heavy traffic occurs.  Port: The index column of the ports.  Type: Displays the connection media type of the port.  Link: The status of linking—‘Up’ or ‘Down’.
PAGE 82
Port Statistics interface 75
PAGE 83
Port Control In Port control you can configure the settings of each port to control the connection parameters, and the status of each port is listed beneath.  Port: Use the scroll bar and click on the port number to choose the port to be configured.  State: Current port state. The port can be set to disable or enable mode. If the port state is set as ‘Disable’, it will not receive or transmit any packet.  Negotiation: Auto and Force.
PAGE 84
Port Control interface 77
PAGE 85
Port Trunk Port trunking is the combination of several ports or network cables to expand the connection speed beyond the limits of any one single port or network cable. Link Aggregation Control Protocol (LACP), that is a protocol running on layer 2, provides a standardized means in accordance with IEEE 802.3ad to bundle several physical ports together to form a single logical channel.
PAGE 86
be aggregated in a trunk group. Click and the ports focused in the right side will be shifted to the left side. To remove unwanted ports, select the ports and . click  When LACP enabled, you can configure LACP Active/Passive status for each port on the State Activity tab.  Click .  Use to delete Trunk Group. Select the Group ID and click .
PAGE 87
Port Trunk—Aggregator Information  LACP disabled Having set up the aggregator setting with LACP disabled, you will see the local static trunk group information on the tab of Aggregator Information.
PAGE 88
Static Trunking Group information  Group Key: This is a read-only column field that displays the trunk group ID.  Port Member: This is a read-only column field that displays the members of this static trunk group.
PAGE 89
 LACP enabled Having set up the aggregator setting with LACP enabled, you will see the trunking group information between two switches on the tab of Aggregator Information.  Switch 1 configuration 1. Set System Priority of the trunk group. The default is 1. 2. Select a trunk group ID by pull down the drop-down menu bar. 3. Enable LACP. 4. Include the member ports by clicking the Add button after selecting the port number and the column field of Work Ports changes automatically.
PAGE 90
Aggregation Information of Switch 1 5. Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above after the two switches configured.
PAGE 91
 Switch 2 configuration Switch 2 configuration interface 1. Set System Priority of the trunk group. The default is 1. 2. Select a trunk group ID by pull down the drop-down menu bar. 3. Enable LACP. 4. Include the member ports by clicking the Add button after selecting the port number and the column field of Work Ports changes automatically.
PAGE 92
Aggregation Information of Switch 2 5. Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above after the two switches configured.
PAGE 93
Port Trunk—State Activity Having set up the LACP aggregator on the tab of Aggregator Setting, you can configure the state activity for the members of the LACP trunk group. You can select or cancel the checkbox beside the state label. When you remove the select mark of the port and click , the port state activity will change to Passive.  Active: The port automatically sends LACP protocol packets.
PAGE 94
State Activity of Switch 2 87
PAGE 95
Port Mirroring The Port mirroring is a method for monitoring traffic in switched networks. Traffic through ports can be monitored by one specific port, that means traffic goes in or out monitored (source) ports will be duplicated into mirror (destination) port.  Destination Port: There is only one port that can be selected to be destination (mirror) port for monitoring both RX and TX traffic that come from source port.
PAGE 96
Rate Limiting You can set up every port’s bandwidth rate and frame limitation type.  Ingress Limit Frame type: select the frame type that wants to filter. There are four frame types for selecting:  All  Broadcast/Multicast/Flooded Unicast  Broadcast/Multicast  Broadcast only Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast and Broadcast only types are only for ingress frames. The egress rate only supports All type.
PAGE 97
1 is 10Mbps, users can set it’s effective egress rate is 1Mbps, ingress rate is 500Kbps. The switch performs the ingress rate by packet counter to meet the specified rate   Ingress: Enter the port effective ingress rate (The default value is “0”).  Egress: Enter the port effective egress rate (The default value is “0”).
PAGE 98
VLAN configuration—Port-based VLAN A port-based VLAN basically consists of its members—ports, that means the VLAN is created by grouping the selected ports. This method provides the convenience for users to configure a simple VLAN easily without complicated steps. Packets can only go among members of the same VLAN group. Note; all unselected ports are treated as belonging to another single VLAN. If the port-based VLAN is enabled, the VLAN-tagging is ignored.
PAGE 99
 Pull down the selection item and focus on Port Based then press to set the VLAN Operation Mode in Port Based mode.  Click to add a new VLAN group (The maximum VLAN groups are up to 64). VLAN—Port Based Add interface  Enter the group name and VLAN ID. Add the selected port number into the right field to group these members to be a VLAN group, or remove any of them listed in the right field from the VLAN.
PAGE 100
 And then, click to have the configuration take effect.  You will see the VLAN list displays. VLAN—Port Based Edit/Delete interface  Use to delete the VLAN.  Use to modify group name, VLAN ID, or add/remove the members of the existing VLAN group. [NOTE] Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when switch power off.
PAGE 101
802.1Q VLAN Virtual Local Area Network (VLAN) can be implemented on the switch to logically create different broadcast domains. When the 802.1Q VLAN function is enabled, all ports on the switch belong to default VLAN of VID 1, which means they are logically regarded as members of the same broadcast domain. The valid VLAN ID is in the range of number between 1 and 4094. The amount of VLAN groups is up to 256 including default VLAN that cannot be deleted. Each member port of 802.
PAGE 102
802.1Q Configuration  Pull down the selection item and focus on 802.1Q then press to set the VLAN Operation Mode in 802.1Q mode.  Enable GVRP Protocol: GVRP (GARP VLAN Registration Protocol) is a protocol that facilitates control of virtual local area networks (VLANs) within a larger network. GVRP conforms to the IEEE 802.1Q specification, which defines a method of tagging frames with VLAN configuration data.
PAGE 103
 Trunk Link: A segment that provides the link path for one or more VLAN-aware devices (switches). A Trunk Port, connected to the trunk link, has an understanding of tagged frame, which is used for the communication among VLANs across switches. Which frames of the specified VIDs will be forwarded depends on the values filled in the Tagged VID column field. Please insert a comma between two VIDs. Note: 1.
PAGE 104
802.1Q VLAN interface Group Configuration Edit the existing VLAN Group.  Select the VLAN group in the table list.  Click .
PAGE 105
Group Configuration interface  You can modify the VLAN group name and VLAN ID.
PAGE 106
Group Configuration interface  Click . Rapid Spanning Tree The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol and provides for faster spanning tree convergence after a topology change. The system also supports STP and the system will auto-detect the connected device that is running STP or RSTP protocol. RSTP—System Configuration  The user can view spanning tree information of Root Bridge.  The user can modify RSTP state. After modification, click  .
PAGE 107
 Priority (0-61440): The switch with the lowest value has the highest priority and is selected as the root. If the value is changed, the user must reboot the switch. The value must be a multiple of 4094 according to the protocol standard rule.  Max Age (6-40): The number of seconds a switch waits without receiving Spanning-tree Protocol configuration messages before attempting a reconfiguration. Enter a value between 6 through 40.
PAGE 108
RSTP System Configuration interface 101
PAGE 109
RSTP—Port Configuration This web page provides the port configuration interface for RSTP. You can assign a higher or lower priority to each port. Rapid spanning tree will have the port with the higher priority in forwarding state and block other ports to make certain that there is no loop in the LAN.  Select the port in the port column field.  Path Cost: The cost of the path to the other bridge from this transmitting bridge at the specified port. Enter a number 1 through 200,000,000.
PAGE 110
RSTP Port Configuration interface 103
PAGE 111
SNMP Configuration Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes (servers, workstations, routers, switches and hubs etc.) on an IP network. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. Network management systems learn of problems by receiving traps or change notices from network devices implementing SNMP.
PAGE 112
SNMP System Configuration interface 105
PAGE 113
Trap Configuration A trap manager is a management station that receives the trap messages generated by the switch. If no trap manager is defined, no traps will be issued. To define a management station as a trap manager, assign an IP address, enter the SNMP community strings, and select the SNMP trap version.  IP Address: Enter the IP address of the trap manager.  Community: Enter the community string for the trap station.  Trap Version: Select the SNMP trap version type—v1 or v2c.
PAGE 114
SNMPv3 Configuration Configure the SNMP v3 function. Context Table Configure SNMP v3 context table. Assign the context name of context table. Click to add context name. User Profile Configure SNMP v3 user table..  User ID: Set up the user name.  Authentication Password: Set up the authentication password.  Privacy Password: Set up the private password.  Click to add context name.  Click to remove unwanted context name. Group Table Configure SNMP v3 group table.
PAGE 115
SNMP v3 configuration interface Access Table Configure SNMP v3 access table.  Context Prefix: Set up the context name.  Group Name: Set up the group.  Security Level: Set up the access level.
PAGE 116
 Context Match Rule: Select the context match rule.  Read View Name: Set up the read view.  Write View Name: Set up the write view.  Notify View Name: Set up the notify view.  Click to add context name.  Click to remove unwanted context name. MIBview Table Configure MIB view table.  ViewName: Set up the name.  Sub-Oid Tree: Fill the Sub OID.  Type: Select the type – exclude or included.  Click to add context name.  Click to remove unwanted context name.
PAGE 117
QoS Configuration Quality of Service (QoS) is the ability to provide different priority to different applications, users or data flows, or to guarantee a certain level of performance to a data flow.
PAGE 118
QoS Configuration interface 111
PAGE 119
Port-Based Priority Configure per port priority level.  Port: Each port has 4 priority levels – High, Middle, Low, and Lowest.  Click . COS Configuration Set up the COS priority level.  COS priority: Set up the COS priority level 0~7 –High, Middle, Low, Lowest.  Click . TOS Configuration Set up the TOS priority.  TOS priority: The system provides 0~63 TOS priority level. Each level has 4 types of priority – high, middle, low, and lowest.
PAGE 120
IGMP Configuration The Internet Group Management Protocol (IGMP) is an internal protocol of the Internet Protocol (IP) suite. IP manages multicast traffic by using switches, routers, and hosts that support IGMP. Enabling IGMP allows the ports to detect IGMP queries and report packets and manage IP multicast traffic through the switch.
PAGE 121
IGMP Configuration interface X-Ring X-Ring provides a faster redundant recovery than Spanning Tree topology. The action is similar to STP or RSTP, but the algorithms not the same. In the X-Ring topology, every switch should enable X-Ring function and assign two member ports in the ring. Only one switch in the X-Ring group would be set as a master switch that would be blocked, called backup port, and another port is called working port.
PAGE 122
The system also supports the coupling ring that can connect 2 or more X-Ring group for the redundant backup function and dual homing function that prevent connection lose between X-Ring group and upper level/core switch.  Enable X-Ring: Enable the X-Ring function. Mark the check box to enable the X-Ring function.  Enable Ring Master: Mark the check box to enable this machine to be the ring-master.  1st & 2nd Ring Ports: Pull down the selection menu to assign two ports as the member ports.
PAGE 123
X-ring Interface Note When the X-Ring function enable, user must disable the RSTP. The X-Ring function and RSTP function cannot exist in a switch at the same time. Remember to execute the ‘Save Configuration’ action, otherwise the new configuration will lose when switch power off.
PAGE 124
LLDP Link Layer Discovery Protocol (LLDP) is defined in the IEEE 802.1AB, it is an emerging standard which provides a solution for the configuration issues caused by expanding LANs. LLDP specifically defines a standard method for Ethernet network devices such as switches, routers and wireless LAN access points to advertise information about themselves to other nodes on the network and store the information they discover. LLDP runs on all 802 media.
PAGE 125
Multicast Filtering Multicasts are similar to broadcasts, they are sent to all end stations on a LAN or VLAN. End units can receive the multicast traffic if the connected ports have been included in the specific multicast groups. With multicast filtering, network devices only forward multicast traffic to the ports that are connected to the registered end units.  IP Address: Assign a multicast group IP address in the range of 224.0.0.0 ~ 239.255.255.255.
PAGE 126
Security—802.1X/Radius Configuration 802.1x is an IEEE authentication specification which prevents the client from accessing a wireless access point or wired switch until it provides authority, like the user name and password that are verified by an authentication server (such as RADIUS server). System Configuration After enabling the IEEE 802.1X function, you can configure the parameters of this function.  IEEE 802.1x Protocol: Enable or disable 802.1x protocol.
PAGE 127
802.
PAGE 128
802.1x Port Configuration You can configure 802.1x authentication state for each port. The State provides Disable, Accept, Reject and Authorize.  Reject: The specified port is required to be held in the unauthorized state.  Accept: The specified port is required to be held in the authorized state.  Authorized: The specified port is set to the authorized or unauthorized state in accordance with the outcome of an authentication exchange between the supplicant and the authentication server.
PAGE 129
802.1x Per Port Setting interface Misc Configuration  Quiet Period: Set the period that the port does not try to acquire a supplicant.  TX Period: Set the period the port waits for retransmit next EAPOL PDU during an authentication session.  Supplicant Timeout: Set the period of time the switch waits for a supplicant response to an EAP request.  Server Timeout: Set the period of time the switch waits for a server response to an authentication request.
PAGE 130
authentication fails and the authentication session ends.  Reauth period: Set the period of time that clients connected must be re-authenticated.  Click . 802.
PAGE 131
MAC Address Table Use the MAC address table to ensure the port security. Static MAC Address You can add a static MAC address; it remains in the switch's address table, regardless of whether the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address when the disconnected or powered-off device is active on the network again. You can add/ modify/delete a static MAC address.
PAGE 132
Static MAC Addresses interface MAC Filtering By filtering MAC address, the switch can easily filter pre-configured MAC address and reduce the un-safety. You can add and delete filtering MAC address.
PAGE 133
MAC Filtering interface 1. MAC Address: Enter the MAC address that you want to filter. 2. Click 3. If you want to delete the MAC address from filtering table, select the MAC address and click . . All MAC Addresses You can view the port information of the connected device’s MAC address and related devices’ MAC address. 1. Select the port. 2. The selected port of dynamic & static MAC address information will be displayed here. 3.
PAGE 134
All MAC Address interface 127
PAGE 135
Power over Ethernet This segment shows the Power over Ethernet function. PoE Status  Maximum Power Available: Displays the maximum power supply in Watts.  Actual Power Consumption: This column shows the real-time total power consumption.  System Power Limit: User can modify the value to this column field to limit the total output power for the system.  Main Supply Voltage: This column shows the output voltage of the system for PoE ports.
PAGE 136
 AC Disconnect: Tick this checkbox to monitor the AC impedance on the port terminals and removes power when the impedance rises above a certain value, for a certain period (for details, see the IEEE 802.3af specification).  Capacitive Detection: If the port and capacitive detection are enabled, the capacitances state reads in the voltage result from the constant current. This is then subtracted from the pre-capacitance voltage to get a charge rate.
PAGE 137
Factory Default to reset all configurations to the default Reset switch to default configuration. Click value. Factory Default interface Save Configuration Save all configurations that you have made in the system. To ensure the all configuration swill be saved. Click to save the all configurations to the flash memory.
PAGE 138
System Reboot to reboot the system. Reboot the switch in software reset.
PAGE 139
Problem Solving This section is intended to help solve the most common problems on the PoE Managed Switch. Incorrect connections The switch port can automatically detect straight or crossover cable when you link switch with other Ethernet device. For the RJ-45 connector should use correct UTP or STP cable, 10/100Mbps port use 2-pairs twisted cable and Gigabit 1000T port use 4 pairs twisted cable. If the RJ-45 connector is not correctly pinned on right position then the link will fail.
PAGE 140
 Improper Network Topologies It is important to make sure that you have a valid network topology. Common topology faults include excessive cable length and too many repeaters (hubs) between end nodes. In addition, you should make sure that your network topology contains no data path loops. Between any two end nodes, there should be only one active cabling path at any time. Data path loops will cause broadcast storms that will severely impact your network performance.
PAGE 141
Appendix Console Port Pin Assignments The DB-9 serial port on the switch is used to connect to the switch for out-of-band console configuration. The console—command line interface can be accessed from a terminal or a PC running a terminal emulation program. The pin assignments used to connect to the serial port are provided in the following tables.
PAGE 142
 Console Port to 9-Pin DTE Port on PC Switch’s 9-Pin Serial CCITT Signal PC’s Port 9-Pin DTE Port 2 RXD <---------RXD ------------ 3 TxD 3 TXD -----------TXD ----------> 2 RxD 5 SGND -----------SGND ---------- 5 SGND 135
PAGE 143
ComNet Customer Service Customer Care is ComNet Technology’s global service center, where our professional staff are ready to answer your questions at any time. Email address of ComNet Global Service Center: customercare@ComNet.