FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limitations are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
no warranty or representation, expressed, implied or statutory, with respect to its products or the contents or use of this documentation and all accompanying software, and specifically disclaims its quality, performance, merchantability, or fitness for any particular purpose. Hawking Technology reserves the right to revise or update its products, software, or documentation without obligation to notify any individual or entity. Please direct all inquiries to: techsupport@hawkingtech.com.
1. Introduction 7 2. Package Contents 8 3. Hardware Installation 9 4. Initial Setup for Management 4.1 Out-of-band Terminal Mode Configuration 4.2 In-band Management through Ethernet 4.3 Telnet Management 11 11 12 14 5. Web Management 5.1 Web Management Home Page Overview 5.2 Port Status 5.3 Port Statistics 5.4 Administrator 5.4.1 IP Address/Subnet Mask/Gateway 5.4.2 Switch Settings 5.4.2.1 Basic 5.4.2.2 Module Info 5.4.2.3 Advanced 5.4.3 Console Port Information 5.4.4 Port Controls 5.4.
.4.10 SNMP/Trap Manager 5.4.11 Security Manager 5.4.12 802.1x Configuration 5.4.13 Web Cluster 5.5 TFTP Firmware Update 5.6 Configuration Backup 5.6.1 TFTP Restore Configuration 5.6.2 TFTP Backup Configuration 5.7 Reset System 5.8 Reboot 48 49 50 53 55 56 56 56 57 57 6. Console – Firmware Update 58 7. Out-of-band Management 7.1 Main Menu 7.2 Switch Static Configuration 7.2.1 Port Configuration 7.2.2 Trunk Configuration 7.2.3 VLAN Configuration 7.2.3.1 Create a VLAN Group 7.2.3.
7.2.8 MAC Address Configuration 7.2.8.1 Static MAC Address 7.2.8.2 Filtering MAC Address 7.3 Protocol Related Configuration 7.3.1 Spanning-Tree Protocol 7.3.1.1 Enabling STP 7.3.1.2 STP System Configuration 7.3.1.3 Per Port Configuration 7.3.2 SNMP 7.3.2.1 System Options 7.3.2.2 Community Strings 7.3.2.3 Trap Managers 7.3.3 GVRP 7.3.4 IGMP 7.3.4.1 LACP (Link Aggregation Control Protocol) 7.3.4.2 Working Port Setting 7.3.4.3 State Activity 7.3.4.4 LACP Status 7.3.5 802.1x Protocol 7.3.5.1 Enable 802.1x 7.3.
Hawking Technologies’ HGMS224 24-Port 10/100 Layer 2 Managed Switch (Intelligent) + 2Port Gigabit Module Slot is a high performance, web-managed SNMP (simple network management protocol) Layer 2 switch that provides users with (24) 10/100Mbps Ethernet ports and (2) 1000Mbps gigabit ports. The switch features SNMP management and remote control capabilities such as “Web Cluster”.
The complete HGMS224 package consists of: x One HGMS224 24-Port 10/100 Layer 2 Managed Switch (Intelligent) + 2-Port Gigabit Module Slot x Rack mount kit: 2 mounting brackets and screws x Four rubber feet with adhesive backing x One AC power cord x One RS-232 cable x One user’s manual x One CD Check to make sure that the unit was not damaged during shipping and that no items are missing. If you encounter a problem, please contact your dealer.
Please follow the guidelines below when choosing a location to install the switch: x The surface must support at least 3 kg. Do not place heavy objects on the switch. x Visually inspect the power cord and AC power connector. x Make sure that there is proper heat dissipation from and adequate ventilation around the switch. Desktop or Shelf Installation: When installing the switch on a desktop or shelf, it is recommended that you secure to the unit the four rubber feet that are included with the package.
x If the fans are working properly, the “Fan” LEDs will remain unlit. If either or both of the fans stop or fail, the corresponding “Fan” LED(s) will be lit red.
There are two ways to perform the initial setup for the Switch: a. “Out-of-Band Configuration” - connect your PC’s serial port to the switch’s console port with the included RS-232 serial cable and run the terminal communication program b. “In-Band Configuration”- network a PC to the switch and run a web browser or telnet. The sections below show the instructions on how to perform both operations. 4.
4.2 In-band Configuration through Ethernet In addition to terminal mode configuration, the switch also supports in-band configuration via a web browser. Web browser configuration is easier than terminal mode configuration because the user can simply connect the network-ready PC to the switch, open the web browser, go to the switch’s configuration page (by typing the switch’s IP address), and configure the switch by clicking on the subject on the menu.
Modify the Switch’s IP Address via the Out-of-Band Method 1. 2. 3. 4. 5. 6. Log into the console (default username: admin, default password: 123). Use the Tab key to select (highlight) “Switch Static Configuration” and hit Enter. Use the Tab key to select “Administration Configuration” and hit Enter. Use the Tab key to select “IP Configuration” and hit Enter. Use the Tab key to select “Edit” and hit Enter. Use the Tab key to highlight “IP Address”, enter the desired IP address (e.g., 192.168.1.
4.3 Telnet Management In addition to local terminal mode operation, the switch supports remote management through Telnet over the network or even over the Internet for browser-less environments. In this mode, before executing the Telnet program, you will again be asked to modify the IP Configuration settings as required for management via a web browser. Again, after changing the settings, save them and connect your Ethernet cable from your PC to any port on the switch.
5.1 Web Management Home Page Overview Connection Icon From this page, you can view the link status of every port on the switch. If a given port is linked, it will be represented by a connection icon (see figure above) within the switch diagram/diagnostic at the top of the page. In the column on the left side of the page, you can click on the function names to monitor and manage the switch.
5.2 Port Status This page provides a display of the current status of every port on the switch. The status depends on the user settings and the negotiation results. 1. 2. 3. 4. 5. 6. State: Displays port status: either disabled or enabled. “Unlink” will be treated as “off ”. Link Status: “Down” indicates that the port is not linked, “Up” indicates that the port is linked. (In the figure above, refer to the “Link” column for “PORT6”.
7. Rate Control (100K): Displays the rate control setting. “Ingr”: Displays the port’s effective ingress rate. “Egr”: Display the port’s effective egress rate. 8. Port Security: Display the port security is enabled or disabled. 9. Config (located beneath the “Flow Control” category) : Displays the state of the user settings. 10. Actual: Displays the negotiation results.
5.3 Port Statistics This page provides a display of the current status of the entire unit. Press the Reset button to clear all counters on this page.
5.4 Administrator Many of the management functions can be set or performed by clicking on Administrator in the left column of the page. Once you have clicked on Administrator, you will see a menu that includes the following categories: IP Address Switch Settings Console Port Info Port Controls Trunking Filter Database VLAN Configuration Spanning Tree Port Sniffer SNMP Security Manager 802.1x Configuration 5.4.
5.4.2 Switch Settings 5.4.2.1 Basic All information in the Basic section is read-only. Therefore, you will not be able to modify its contents. Description: Displays what type of device you are using. MAC Address: The unique hardware address assigned by the manufacturer (default). Firmware Version: Displays the firmware version of the switch. Hardware Version: Displays the hardware version of the switch.
5.4.2.2 Module Info All information in the Module Info section is read only. Therefore, you will not be able to modify its contents. Its purpose is to display the module card information. 5.4.2.3 Advanced Miscellaneous Settings: MAC Table Address Entry: Age-out Time: Type in the number of seconds that an inactive MAC address remains in the switch's address table. The valid range is 300-765 seconds. The default is 300 seconds.
Broadcast Storm Filter Mode: To configure broadcast storm control, enable it and set the upper threshold for individual ports. The threshold is the percentage of the port's total bandwidth used by broadcast traffic. When broadcast traffic for a port rises above the threshold you set, broadcast storm control becomes active. The valid threshold value are 5%, 10%, 15%, 20%, 25% and “Off”.
Enable Delay Bound: Limit the queuing time of low priority packets in the switch. The default “Max Delay Time” is 255ms. If the low priority packet stays in the switch longer than the “Max Delay Time”, it will be sent. The valid range is 1-255ms. QoS Policy: High Priority Levels – Priority levels from 0-7 can be mapped to high or low queues. Collisions Retry Forever: Disable – In half-duplex, the collision-retry maximum is 48 times, after which the packet will be dropped if collisions continue.
5.4.3 Console Port Information The Console has a standard UART interface to communicate with the serial port. You can use the Windows HyperTerminal program to establish a link to the switch.
5.4.4 Port Controls User may modify or change mode operation in this page. 1. State: You can enable or disable the port control for each port. 2. Auto Negotiation: You can set the auto negotiation mode to Auto, N-way (specify the speed/duplex on a specific port and enable auto-negotiation), or Force for each port. 3. Speed: You can set the speed at 100Mbps or 10Mbps for Ports 1-24. You can set the speed at 1000Mbps, 100Mbps or 10Mbps for Ports 25& 26 (depending on the module card mode). 4.
6. Rate Control: Ports 1-24 support ingress and egress rate control for each port. For example, assume that Port 1 is set at 10Mbps. You can set its effective egress rate at 1Mbps and ingress rate at 500Kbps. The device will perform flow control or backpressure to confine the ingress rate to the specified rate. Ingress: Type the effective ingress rate for a specific port. The valid range is 0 - 1000. The units are 100K. i. 0: disables rate control. ii.
5.4.5 Trunking The Link Aggregation Control Protocol (LACP) provides a standardized means for: a. exchanging information between partner systems on a link, to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation Group to which the link belongs, b. moving the link to that Link Aggregation Group, and c. enabling its transmission and reception functions in an orderly manner.
2. Group ID: You can configure up to seven trunk groups. Choose the "Group ID" and click "Get". 3. LACP: If enabled, the group is an LACP static trunking group. If disabled, the group is a local static trunking group. All ports support LACP dynamic trunking groups. If connecting to a device that also supports LACP, the LACP dynamic trunking group will be created automatically. 4. Work ports: Allows a maximum of four ports to be aggregated into each group.
2. The page shown below displays the static trunking groups. 3. The page shown below displays “Actor” and “Partner” trunking.
5.4.5.3 State Activity Active (select): The port automatically sends LACP protocol packets. N/A (not selected): The port does not automatically sends LACP protocol packets, and responds only if it receives LACP protocol packets from the opposite device. 1. A link that either has two active LACP ports, or one active port can perform dynamic LACP trunking.
5.4.6 Filter Database 5.4.6.1 IGMP Snooping The switch supports IP multicasting. You can enable the IGMP protocol in the “IGMP Snooping” section. IGMP snooping information is displayed on this page. You can view different multicast groups, VIDs and member ports in this section. IP multicast addresses range from 224.0.0.0 to 239.255.255.255.
The Internet Group Management Protocol (IGMP) is an internal protocol within the Internet Protocol (IP) suite. The IP suite manages multicast traffic by using switches, routers, and hosts that support IGMP. Enabling IGMP allows the ports to detect IGMP queries and report packets, and manage IP multicast traffic through the switch.
5.4.6.2 Static MAC Address When you add a static MAC address, it remains in the switch's address table, regardless of whether or not the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address when the disconnected or powered-off device is active on the network again. 1. 2. 3. Click on the “Static MAC Addresses” tab.
4. 5. If tag-based (IEEE 802.1Q) VLANs are set up on the switch, static addresses are associated with individual VLANs. Type in the VID (tag-based VLAN ID) to associate with the MAC address. Click the Add button. 5.4.6.3 MAC Filtering MAC address filtering allows the switch to drop unwanted traffic. Traffic is filtered based on the destination addresses. 1. In the MAC Address box, enter the MAC address that you want to filter. 2. If a tag-based (802.
5.4.7 VLAN Configuration A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain. It allows you to isolate network traffic so only members of the VLAN receive traffic from the same VLAN members. Basically, creating a VLAN from a switch is logically equivalent to reconnecting a group of network devices to another Layer 2 switch. However, all the network devices are still physically plugged into the same switch. The switch supports port-based, 802.
Port-based VLAN Packets can only be broadcast among members of the same VLAN group. Note that all unselected ports are treated as belonging to another single VLAN. If the port-based VLAN is enabled, the VLAN-tagging is ignored.
Tag-based VLAN (IEEE 802.1Q VLAN) Tag-based VLAN is an IEEE 802.1Q specification standard. Therefore, it is possible to create a VLAN across devices from different switch vendors. IEEE 802.1Q VLAN uses a technique to insert a “tag” into the Ethernet frames. Tags contain a VLAN Identifier (VID) that indicates the VLAN numbers.
5.4.7.1 Port-Based VLAN 1. 2. 3. 4. Click Add to create a new VLAN group. Enter the VLAN name and group ID, and select the members for the new VLAN. Click Apply. If there are more groups than the viewable box can display, you can click Next Page to view other VLAN groups. NOTE: If the trunk groups already exist, you can view them (ex: TRK1, TRK2…) in the menu of ports (see the section titled, “Basic” in the pages that follow), and you can configure them as the members of a VLAN.
5.4.7.2 Tag-based (IEEE 802.1Q) VLAN This page, user can create Tag-based VLAN, and enable or disable GVRP protocol. There are 256 VLAN groups to provide configure. Enable 802.1Q VLAN, the all ports on the switch belong to default VLAN, VID is 1. The default VLAN can’t be delete. GVRP (GARP [Generic Attribute Registration Protocol] VLAN Registration Protocol) GVRP allows automatic VLAN configuration between the switch and corresponding nodes.
Basic Create a VLAN and add tagged member ports to it. 1. Click on the “Basic” tab, and then click Add to reach the page shown below. 2. 3. 4. 5. Type a name for the new VLAN. Type a VID (between 2-4094). The default is 1. Choose the protocol type. From the column box on the left that displays the available ports, select the ports you would like to add click Add >>. If the trunk groups already exist, you can view them here (ex: TRK1, TRK2…) and configure them as the members of a VLAN.
6. Click Next. Then you can view the page as follows: 7. Use this page to set the outgoing frames as VLAN-tagged frames, if necessary. Then click Apply. Tag: outgoing frames that are VLAN-tagged. Untag: outgoing frames that are not VLAN-tagged.
Port VID Configure Port VID Settings From the main tag-based (IEEE 802.1Q) VLAN page, click the “Port VID” tab. Port VID (PVID) Set the port VLAN ID that will be assigned to untagged traffic on a given port. This feature is useful for accommodating devices that you want to participate in the VLAN but that don’t support tagging. Each port allows you to set one PVID; the range is 1-255 and the default PVID is 1.
Ingress Filtering Ingress filtering allows frames that belong to a specific VLAN to be forwarded if the port belongs to that VLAN. The switch has two ingress filtering rules. They are as follows: Ingress Filtering Rule 1: Only forward packets with VIDs matching this port’s configured VID. Ingress Filtering Rule 2: Drop untagged frames. 5.4.8 Spanning Tree The spanning-tree protocol (STP) is a standardized method (IEEE 802.1D) for avoiding loops in switched networks.
2. You can also view the spanning tree status of the switch. A sample is shown below.
3. You can change the settings for the STP parameters. Then click Apply. Parameter Description You can change the priority value, which is a value used to identify the root bridge. The bridge with the lowest value has the highest priority and is Priority selected as the root. Enter a number between 1 and 65535. You can change the max age value, which is the number of second bridge waits without receiving spanning-tree protocol configuration messages Max Age before attempting a reconfiguration.
4. The following parameters can be configured on each port. Click Apply after you have made the appropriate changes. Parameter Port Priority Path Cost Description You can increase the priority level for a port to become the root port. The range is 0-255, and the default setting is 128. The lowest number has the highest priority. This parameter specifies the path costs of the ports that the switch uses to determine which ports are the forwarding ports.
3. Monitored Port: The ports you want to monitor. All monitor port traffic will be copied to sniffer port. You can select max 25 monitor ports in the switch. User can choose which port that they want to monitor in only one sniffer mode. If you want to disable the function, you must select “None” in the “Analysis Port” category.
5.4.10 SNMP/Trap Manager Any network management platform that is running the Simple Network Management Protocol (SNMP) can manage the switch, provided the Management Information Base (MIB) is installed correctly on the management station. SNMP is a protocol that governs the transfer of information between management station and agent. 1. System Options: You can define a name, location, and contact person for the switch.
3. Trap Managers: A trap manager is a management station that receives traps, which are the system alerts generated by the switch. If no trap manager is defined, no traps are issued. Create a trap manager by entering the IP address of the station and a community string. 5.4.11 Security Manager On this page, you can change the user name and password as follows: 1. 2. 3. User name: Type the new user name. Password: Type the new password. Reconfirm password: Retype the new password. 4. Click Apply.
5.4.12 802.1x Configuration System Configuration 802.1x makes use of the physical access characteristics of IEEE 802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point-to-point connection characteristics, and of preventing access to that port in cases in which the authentication and authorization process fails. To enable 802.1x, go to Administrator > Switch Settings > Advanced. You can enable 802.1x at the bottom of the page.
Per Port Configuration In this page, you can select a specific port and configure the authorization state. You can select from a list of four authorization states for each port: Fu: Forces a specific port to be unauthorized. Fa: Forces a specific port to be authorized. Au: The state of a specific port is determined by the outcome of the authentication. No: The selected port is not 802.1x enabled.
Misc Configuration In this page, you can change the default configuration for the 802.1x standard: Quiet Period: Used to define periods of time during which it will not attempt to acquire a supplicant (default time is 60 seconds). Tx Period: Used to determine when an EAPOL PDU is to be transmitted (default value is 30 seconds). Supplicant Timeout: Used to determine timeout conditions in the exchanges between the supplicant and authentication server (default value is 30 seconds).
5.4.13 Web Cluster This switch provides a new management tool for you to manage a group of LAN switches through a master switch. It is called the “Web Cluster” function. This function allows the manager switch (also called “master switch”) to fetch the web pages from the managed switches to the user ‘s browser. The MIS can store information about up to 16 sets of other switches in one master switch, and easily switch to the web page of the desired Ethernet switch without remembering the IP of the host.
There are 16+1 rows in the web cluster menu. The top row, with the deep blue background, indicates the master switch IP and cannot be modified. The other 16 rows, in a lighter blue background, can be added with managed switches by clicking Add/Del Switches. In the row, there is specific information about the managed switch: host names and their IPs. If the host is a Web Cluster-supported switch, an asterisk (*) will appear before the host name.
5.5 TFTP Firmware Update The following menu options provide some system control functions to allow you to update the firmware and remote boot switch system: x x x x x Install the TFTP program (such as Turbo98, or Cisco TFTP) and then execute. Copy updated firmware image. bin into the TFTP server’s directory. Using the web management tool, select “TFTP Update Firmware”. Download the new image.bin file by clicking Apply. After the update is completed, click Reboot to restart the switch.
5.6 Configuration Backup 5.6.1 TFTP Restore Configuration Use this page to set the FTP server address. You can restore the EEPROM value from here, but you must put the image back in the FTP server; the switch will download back the flash image. 5.6.2 TFTP Backup Configuration Use this page to set the TFTP server IP address. You can save the current EEPROM value from here, and then go to the “TFTP Restore Configuration” page to restore the EEPROM value.
5.7 Reset System In this page, you can reset the switch to its default configuration. The default value is shown below. 5.8 Reboot In this page, you can reboot the switch in software reset.
Console - 1K Xmodem Firmware Update We provide a 1k Xmodem to update the firmware via the console. The X modem only works in 57600bps mode. So you must change the baud rate to 57600bps to download the firmware. There are two situations in which to use the 1K X modem to update the firmware: 1. You can enter "1K X modem receiver mode" by pressing any key within 5 seconds of the system power being turned on. 2.
2. Press the “Connect” button and you will see “CCCC…”displayed on the console. Then go to Transfer > Send File. 3. Select 1K Xmodem under the Protocol item, and list the directory for the image file folder. Then click Send.
4. Start downloading the image file. 5. Finish downloading the file and the switch system will update the firmware automatically. If the message “Update firmware…ok…” appears, the switch will reboot. Please change the baud rate to 9600bps.
Out-of-band Terminal Mode Management 1. The switch also provides a serial interface to manage and monitor the switch. You can follow the steps outlined in the “Console Port Info” section of the web interface for using the Windows HyperTerminal program to link the switch. 2. You can type a user name and password to login. The default user name is “admin” and the default password is “123 ”.
7.1 Main Menu There are six selectable items, as shown below: Switch Static Configuration: Allows you to configure the switch. Protocol Related Configuration: Allows you to configure the protocol function. Status and Counters: Displays the status of the switch. Reboot Switch: Allows you to restart the system or reset switch to its default configuration. TFTP Update Firmware: Uses TFTP to download the updated firmware. Logout: Exits the menu line program.
7.2 Switch Static Configuration You can press the Tab or Backspace keys to choose an item, and then press Enter to select the item. The action menu, shown below, applies for configuration in this section. : Allows you to exit the current page and return to previous menu. : Configures all of the items. Once you have completed making the appropriate changes, press Ctrl + A to return to the action menu line. : Saves all of the configured values.
7.2.1 Port Configuration From this page, you can manipulate the status of every port. Press Spacebar to toggle between items. 1. InRate (100K/unit): You can adjust the input rate (100K per unit). The valid range is 0-1000. 0: disables rate control. 1-1000: valid range of rate values. 2. OutRate (100K/unit): You can adjust the input rate (100K per unit). The valid range is 0-1000. 0: disables rate control. 1-1000: valid range of rate values.
3. Enabled: You can enable or disable the ports. “Yes” indicates that the port is enables. “No” indicates that the port is disabled. 4. Auto: You can set the auto-negotiation mode to either “Auto”, “N-way Force” or “Force” for each port. 5. Spd/Dpx: You can set the speed of ports 1-24 to either 100Mbps or 10Mbps. You can set the speed of ports 25 & 26 at either 1000Mbps, 100Mbps or 10Mbps (depending on the module card mode). You can set all of the ports at either full-duplex or half-duplex mode. 6.
7.2.2 Trunk Configuration This page will allow you to create a maximum of seven trunk groups. You can arbitrarily select up to four ports from ports 1-26 to build a trunk group. 1. Select on the “actions” menu 2. Press the spacebar to configure the member ports of a trunk group. You will also have to set the corresponding trunk groups between TRK1 and TRK7 to “Static” or “LACP”. “Static” – the standard/normal method of trunking.
6. All ports in the same static trunk group will be treated as a single port. So when you set the VLAN members and port configuration, they will be toggled on or off simultaneously. NOTE: If VLAN groups exist, all of the members of a static trunk group must be in the same VLAN group.
7.2.3 VLAN Configuration The page below allows you to set the VLAN mode to port-based VLAN, 802.1Q VLAN, or “Disable”.
NOTE: Whenever you change the VLAN settings, you will need to restart the switch. If the VLAN mode is set to 802.1Q VLAN, you can set PVIDs, as well as ingress filtering 1 and ingress filtering 2 in this section. 1. 2. 3. PVID (Port VID: 1-255): Type in the PVID. Non-Member Drop: Same as Ingress Filtering Rule #1 on the web interface. Only forwards packets with a VID that matches a corresponding port’s configured VID.
7.2.3.1 Create a VLAN Group Ϭʳ Create a Port-Based VLAN Create a port-based VLAN and add member/nonmember ports to it. 1. 2. 3. 4. 5. 6. Select . VLAN Name: Type in a name for the new VLAN. Grp ID: Type in the VLAN group ID. The group ID range is 1-4094. Member: Press Spacebar to choose the VLAN members. There are two options: i. Member: the port is a member port. ii. No: the port is NOT a member port. Press Ctrl + A go back to the action menu. Select to save all configured values.
Ϭʳ Create an 802.1Q VLAN Create an 802.1Q VLAN and add tagged /untagged member ports to it. 1. 2. 3. 4. 5. 6. 7. Select . VLAN Name: Type in a name for the new VLAN. VLAN ID: Type in a VID between 1-4094. The default is 1. You can configure up to 256 VLAN groups. Protocol VLAN: Press Spacebar to choose protocol types. Member: Press Spacebar to choose VLAN members. There are three options: a. UnTagged: the port is a member of this VLAN group and outgoing frames are NOT VLAN-tagged frames. b.
NOTE: If the trunk groups already exist, you can view them (ex: TRK1, TRK2…) after port 26 in the menu of ports and configure them as the members of a VLAN. 7.2.3.2 Edit/Delete a VLAN Group In this page, you can edit or delete a VLAN group. 1. Press or . 2. Choose the VLAN group that you want to edit or delete and then press Enter. 3. You can modify the VLAN items - the member ports are tagged or un-tagged - and remove member ports from the VLAN group. 4.
NOTE: 1. Pressing once will complete deletion when in delete mode. 2. The VLAN Name and VLAN ID cannot be modified. 3. The default VLAN cannot be deleted. 7.2.3.3 Groups Sorted Mode In this page, you can sort the VLAN groups by: 1. Name 2.
The Edit/Delete a VLAN group page will display the result. Shown below is the page if sorted by name.
Shown below is the page if sorted by VID. 7.2.
7.2.4.1 MAC Age Interval Type the number of seconds that an inactive MAC address remains in the switch’s address table. The valid range is 300-765 seconds. The default value is 300 seconds.
7.2.4.2 Broadcast Storm Filtering This page will allow you to configure broadcast storm control. 1. Press to configure the broadcast storm filter mode. 2. Press Spacebar to choose the threshold value. The valid threshold values are 5%, 10%, 15%, 20%, 25% and NO. The default value is 5%. 7.2.4.3 Max Bridge Transmit Delay Bound 1. Max bridge transmit delay bound: Limits the queuing time of the packets in the switch. If enabled, the queued packets that exceed the limit will be dropped.
NOTE: Make sure “Max bridge transit delay bound control” is enabled before enabling “Low Queue Delay Bound” because “Low Queue Delay Bound” can only work when “Max bridge transit delay bound control” is enabled. 7.2.4.4 Port Security A port in security mode will be “locked” without permission of the address learning. Normally only the incoming packets with SMAC already existing in the address table can be forwarded.
1. 2. 3. 4. 5. Select . Press Spacebar to choose whether to enable or disable the item. Press Ctrl + A to go back to the action menu. Select to save all configured values. You can press to configure the remaining ports; you can press to return to the last page. 7.2.4.5 Collision s Retry Forever Collisions Retry Forever: Disable – In half-duplex, if collisions occur, the system will retry 48 times before dropping the frame.
7.2.
7.2.5.1 Change Username From this page, you can change the web management username. Type in the new username, and then press . 7.2.5.2 Change Password Use this page; user can change web management login password.
7.2.5.3 Device Information From this page, you can configure the device information. 7.2.5.4 IP Configuration From this page, you can configure the IP settings.
7.2.6 Port Mirroring Configuration Port mirroring is a method of monitoring traffic in switched networks. Traffic through ports can be monitored via one designated port. Traffic through ports can be monitored by one specific port. That is, traffic going in or out of monitored ports will be duplicated into the monitoring port. Press Spacebar to change the configuration of each item. 1. Select . 2. Sniffer Mode: Press Spacebar to set the Sniffer mode to: Disable \Rx \Tx \Both. 3.
7.2.7 Priority Configuration 7.2.7.1 Port Static Priority The static priority is based on the port: if you set the port priority to high, incoming frames from this port will always be high priority frames.
7.2.7.2 802.1p Priority Configuration Queues are assigned high/low priority levels from 0-7. 1. Select . 2. Press Spacebar to select the priority level mapping to high or low queue. 3. High/Low Queue Service Ratio H/L: You can select the ratio of high priority packets and low priority packets. 4. Press Ctrl + A to go back to the action menu. 5. Select to save all configured values.
7.2.8 MAC Address Configuration 7.2.8.1 Static MAC Address When you add a static MAC address, it remains in the switch's address table, regardless of whether the device is physically connected to the switch. This saves the switch from having to relearn a device's MAC address when the disconnected or powered-off device is active on the network again. In this page, you can add/modify/delete a static MAC address.
Add static MAC address ʳ ʳ 1. Press the , keys to add static MAC addresses. ʳ 2. MAC Address: Enter the MAC address to and from which the port should permanently forward traffic, regardless of the device’s network activity. ʳ 3. Port num: Press Spacebar to select the port number. 4. VLAN ID: If tag-based (802.1Q) VLANs are set up on the switch, static addresses are associated with individual VLANs. Type the VID to associate with the MAC address. ʳ 5. Press Ctrl + A to go back to the action menu.
Edit Static MAC Addresses 1. Press the key. 2. Choose the MAC address that you want to modify and then press enter. ʳ ʳ ʳ ʳ ʳ ʳ ʳ ʳ ʳ ʳ ʳ ʳ ʳ 3. Press the key to modify all the items. ʳ 4. Press Ctrl + A to go back to the action menu, and then select to save all configured values.
Delete Static MAC Address ʳ 1. Press key to delete a filter MAC address. ʳ 2. Choose the MAC address that you want to delete and then press enter. ʳ 3. When pressing once will complete deletion on delete mode.
7.2.8.2 Filtering MAC Address MAC address filtering allows the switch to drop unwanted traffic. Traffic is filtered based on the destination addresses. In this page, you can add /modify /delete filter MAC addresses. Add filter MAC address 1. Press , to add a filter MAC address. 2. MAC Address: Type the MAC address to filter. 3. VLAN ID: If tag-based (802.1Q) VLANs are set up on the switch, type the VID to associate with the MAC address. 4.
ʳ ʳ ʳ ʳ ʳ ʳ ʳ ʳ ʳ Edit filter MAC address ʳ 1. 2. Press the key. Choose the MAC address that you want to modify and then press enter.
ʳ 3. 4. Press to modify all the items. ʳ Press Ctrl + A to go back to the action menu, and then select to save all configured values. ʳ Delete filter MAC address ʳ ʳ 1. 2. 3. Press to delete a filter MAC address. ʳ Choose the MAC address that you want to delete and then press enter. ʳ Pressing once will complete the deletion.
7.3 Protocol Related Configuration 7.3.1 Spanning-Tree Protocol The Spanning-Tree Protocol (STP) is a standardized method (IEEE 802.1D) for avoiding loops in switched networks. When STP is enabled, it ensures that only one path at a time is active between any two nodes on the network.
7.3.1.1 Enabling STP This page allows you to enable or disable the Spanning Tree function. Press Spacebar to select “Enabled” or “Disabled”.
7.3.1.2 STP System Configuration 1. You can view the spanning tree information about the Root Bridge on the left. 2. On the right, you can set new values for the STP parameters. NOTE: For parameter descriptions, please see Section 2-4-8.
7.3.1.3 Per Port Configuration 1. PortState: Displays the spanning tree status for each port – whether the port is forwarding or blocking. 2. Select . 3. PathCost: Specifies the path cost of the port that the switch uses to determine which ports are the forwarding ports. 4. Priority: This specifies the priority of port; you can make it more or less likely to become the root port. 5. Press Ctrl +A to go back to the action menu. 6. Select to save all configured values. 7.
7.3.2 SNMP Any network management running the Simple Network Management Protocol (SNMP) can be used to manage the switch. Use this page to define management stations as trap managers and to enter SNMP community strings. You can also define a name, location, and contact person for the switch.
7.3.2.1 System Options 1. 2. 3. 4. 5. 6. Press . System Name: Type a name to be used for the switch. System Contact: Type the name of contact person or organization. System Location: Type the location of the switch. Press Ctrl + A to go back to the action menu. Press to save the configured values.
7.3.2.2 Community Strings Use this page to Add/ Edit/ Delete SNMP community strings. 1. Community Name: The name of current strings. 2. Write Access: Indicates if the rights are read-only or read-write. Restricted: Read-only - enables requests accompanied by this string to display MIB-object information. Unrestricted: Read-write - enables requests accompanied by this string to display MIBobject information and to set MIB objects.
Add Community Name 1. Press --> key. 2. Community Name: Type the community name. 3. Write Access: Press Space key to select the right is restricted or unrestricted. Edit Community Name 1. Press , choose the item that you want to modify, and then press Enter. 2. Community Name: Type the new name. 3. Write Access: Press Spacebar to set the rights to “Restricted” or “Unrestricted”.
Delete Community Name 1. Press key. 2. Choose the community name that you want to delete and then press enter. 3. When pressing once will complete deletion in delete mode.
7.3.2.3 Trap Managers A trap manager is a management station that receives traps, the system alerts generated by the switch. If no trap manager is defined, no traps are issued. Create a trap manager by entering the IP address of the station and a community string. Add SNMP trap manager 1. Press , to add the trap manager. 2. IP: Type the IP address. 3. Community Name: Type the community name. 4. Press Ctrl +A to go to the actions menu. Press key to save all configured values.
Edit trap managers 1. Press key, and then choose the item that you want to modify. 2. IP: Type the new IP address 3. Community Name: Type the community name. 4. Press Ctrl +A go to actions line, press key to save all configure.
Delete trap manager 1. Press the key. 2. Choose the trap manager that you want to delete and then press Enter. 3. Pressing once will complete deletion in delete mode.
7.3.3 GVRP GVRP (GARP [Generic Attribute Registration Protocol] VLAN Registration Protocol) GVRP allows automatic VLAN configuration between the switch and corresponding nodes. For example, if the switch is connected to a device with GVRP enabled, you can activate this setting to allow dynamic VLAN configuration information to be processed by the switch. If a device sends a GVRP request using the VID of a VLAN defined on the switch, the switch will automatically add that device to the existing VLAN.
7.3.4 IGMP The Internet Group Management Protocol (IGMP) is an internal protocol of the Internet Protocol (IP) suite. This page you can enable / disable the IGMP support. 1. 2. 3. 4. Select . Press Spacebar to choose enabled / disabled. Press Ctrl + A to go back to the action menu. Select to save configured values.
7.3.4.1 LACP (Link Aggregation Control Protocol) This page can configure and view the LACP status. Note: All ports support LACP dynamic trunking groups. If connecting to a device that also supports LACP, the LACP dynamic trunking group will be created automatically. 7.3.4.2 Working Port Setting This page can set the actual work ports within the trunk group.
1. 2. 3. 4. Select . Group: Displays the trunk group ID. LACP: Displays the trunk group’s LACP status. LACP Work Port Num: The maximum number of ports that can be aggregated at the same time. If the group is LACP static trunking, the excess ports are standby and able to aggregate if work ports fail. If the group is local static trunking, the number of ports must be the same as the group member ports. NOTE: Before setting this page, you first have to set trunk groups on the Trunk Configuration page.
7.3.4.4 LACP Status When you’re setting trunking group, you can see the relational information here.
: Exit this page and return to previous menu. : Return to previous page to view. : Go to next page to view. 7.3.5 802.1x Protocol From this page, you can configure and view the 802.1x status.
7.3.5.1 Enable 802.1x 1. 2. 3. 4. Select . Press Spacebar to choose enabled/disabled. Press Ctrl + A go back to the action menu. Select to save configure value. 7.3.5.2 802.
1. 2. 3. 4. 5. 6. 7. 8. Press . Radius Server IP Address: the IP address of the authentication server. Shared Key: A key shared between this switch and the authentication server. NAS, Identifier: A string used to identify this switch. Server Port: The UDP port number used by the authentication server to authenticate. Accounting Port: The UDP port number used by the authentication server to retrieve accounting information. Press Ctrl + A to go back to the action menu.
3. Tx Period: Used to determine when an EAPOL PDU is to be transmitted (default value is 30 seconds). 4. Supplicant Timeout: Used to determine timeout conditions in the exchanges between the supplicant and authentication server (default value is 30 seconds). 5. Server Timeout: Used to determine timeout conditions in the exchanges between the authenticator and authentication server (default value is 30 seconds). 6.
7.4.1 Port Status This page displays the status of every port. Link Status: Indicates whether the port is linked or not linked. InRate: Displays the input rate control (100K/unit) setting value. OutRate: Displays the output rate control (100K/unit) setting value. Enabled: Indicates whether the port is enabled or disabled. This depends on the user setting. “Enabled” will be displayed as “Yes”, “disabled” will be displayed as “No”. If the port is unlinked, it will be listed as “No”.
: Exit the “Port Status” page, and then return to the previous menu. : Displays the previous page. : Displays the next page. 7.4.2 Port Counters The following information provides a view of the current status of the unit. : Exit the “Port Status” page and return to the previous menu. : Set all counters to 0. : Displays the previous page. : Displays the next page.
7.4.3 System Information MAC Address: The unique hardware address assigned by the manufacturer. Firmware Version: Displays the switch’s firmware version. ASIC Version: Displays the switch’s hardware version. PCBA version: Displays the board number. Serial number: Displays the serial number assigned by the manufacturer. Module 1 Type: Displays the module 1 type: 1000Tx or 100Fx ext. Depends on module card mode. Module 1 information: Displays the information saved in EEPROM of module 1.
7.5 Reboot Switch 7.5.1 Default Resets the switch to its default configuration. For default settings, please see Section 2-4-14. 7.5.2 Restart Reboot the switch in software reset.
7.6 TFTP Firmware Update This page provides you with the option to update the firmware, restore the EEPROM values, or upload current EEPROM values.
7.6.1 TFTP Firmware Update This page allows you to use TFTP to update the firmware. 1. 2. 3. 4. 5. 6. 7. 8. Start the TFTP server, and copy the firmware update version image file to the TFTP server. Press on this page. TFTP Server: Type the IP of the TFTP server. Remote File Name: Type the image file name. Press Ctrl + A to go to the action menu. Press , and the image file will begin to download. When saved successfully, the image file will have finished downloading as well.
1. 2. 3. 4. 5. 6. 7. 8. Start the TFTP server. Press on this page. TFTP Server: Type the IP of TFTP server. Remote File Name: Type the image file name. Press Ctrl + A go to action line. Press , and the image file will begin to download. When saved successfully, the image file will have finished downloading as well. Restart the switch.
7.6.3 Backup Configure File In this page, you can save the current EEPROM value to the image file. Then go to the update configure page to restore the EEPROM value. 1. 2. 3. 4. 5. 6. 7. 8. Start the TFTP server. Press on this page. TFTP Server: Type the IP of the TFTP server. Remote File Name: Type the image file name. Press Ctrl + A to go back to the action menu line. Press , and the image file will begin to download.
5.1 VLAN Application Used with Switch VLANs provide a simple solution for protecting your network against broadcast storming by creating segments based on Layer 2 Ethernet information and avoiding the complexity and heavy processing requirements of Layer 3 IP based routers. As a result, each group of stations connected to separate segmented ports forms a different isolated broadcast domain.
Benefits of VLANs: z Grouping users into logical networks for performance enhancement. z Provide effective broadcast containment between segmented ports, which prevents flooding of a network. z Offers security by completely isolating from each other the different broadcast domains connected on separate segmented ports. z Preserving current investment in equipment and cabling. z Providing an easy, flexible, and economic way to modify logical groups when needed.
5.2 Trunking Application Used with Switch Trunking allows you to increase the available bandwidth between switches by grouping ports into a trunk. Trunking can also be used to connect a server to switches if higher bandwidth service is required. You can use trunking to improve the throughput between segments. Moreover, this switch provides trunking with a fail-over function.