Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches with 2 SFP 1G & 2 SFP+ 10G Fiber Ports Models GC728X , GC728XP GC752X , GC752XP User Manual August 2018 202-11864-03 350 East Plumeria Drive San Jose, CA 95134 USA
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Support Thank you for purchasing this NETGEAR product. You can visit https://www.netgear.com/support/ to register your product, get help, access the latest downloads and user manuals, and join our community. We recommend that you use only official NETGEAR support resources. Conformity For the current EU Declaration of Conformity, visit http://kb.netgear.com/app/answers/detail/a_id/11621.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Contents Chapter 1 Getting Started Switch Management Options and Default Management Mode . . . . . . . . . . . . . 10 Available Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Web Browser Requirements and Supported Browsers . . . . . . . . . . . . . . . . . . . . 11 User-Defined Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure LLDP Global Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Configure LLDP Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 View the LLDP-MED Network Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Configure the LLDP-MED Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View the MFDB Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Configure the Auto-Video Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 Configure IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 Configure an IGMP Snooping Querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Map DSCP Values to Queues. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225 Manage Differentiated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 Overview of Defining DiffServ. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 Configure DiffServ Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Rules for an IPv6 ACL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326 Configure IP ACL Interface Bindings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333 View or Delete IP ACL Bindings in the IP ACL Binding Table . . . . . . . . . . . . . 335 Configure VLAN ACL Bindings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View or Clear the Switch Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 View or Clear Port Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381 View or Clear Detailed Port Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383 View or Clear EAP Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1. 1 Getting Started This manual describes how you can configure and monitor the following NETGEAR Insight managed switches by using the local browser–based management interface (which is not the default management mode): • • • • Model GC728X. Insight Managed 28-Port Gigabit Ethernet Smart Cloud Switch with 2 SFP 1G & 2 SFP+ 10G Fiber Ports Model GC728XP. Insight Managed 28-Port Gigabit Ethernet PoE+ Smart Cloud Switch with 2 SFP 1G & 2 SFP+ 10G Fiber Ports Model GC752X.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Switch Management Options and Default Management Mode If you prefer, you can use the switch as a plug-and-play device, so you do not need to set up a custom configuration. Just connect power, connect to your network and to your other devices, and you’re done. The switch is designed for management by the NETGEAR Insight app on a smartphone or tablet.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches the device remotely or through the cloud, you can return the management mode to NETGEAR Insight Mobile App and Insight Cloud Portal at any time so that you can manage the switch with the Insight app or Insight Cloud portal.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches User-Defined Fields In the local browser interface, user-defined fields can contain 1 to 159 characters, unless otherwise noted in the field label on the configuration page. All alphanumeric and special characters can be used except for the following (unless specifically noted for that feature): Table 1. Disallowed characters in user-defined fields Character Definition Character Definition \ Backslash < Less than / Forward s
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Access the Switch When you use the local browser interface, for easiest access, we recommend that you cable the switch to a network with a router or DHCP server that assigns IP addresses, power on the switch, and then use a computer that is connected to the same network as the switch (on-network, see Access the Switch On-Network on page 13).
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 8. Double-click GCmodel (xx:xx:xx:xx:xx:xx) (where GCmodel is the model number of your switch and xx:xx:xx:xx:xx:xx is the MAC address of the switch). The login page of the local browser interface opens. 9. Enter the password. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select Safari > Preferences. The General page displays. 6. Click the Advanced tab. The Advanced page displays. 7. Select the Include Bonjour in the Bookmarks Menu check box. 8. Close the Advanced page. 9.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To access the DHCP server and use a web browser to access the switch that is connected to a network: 1. Cable the switch to a network with a router or DHCP server that manages IP addresses. 2. Power on the switch. The DHCP server assigns the switch an IP address. 3. Connect your computer to the same network as the switch. You can use a WiFi or wired network connection. 4.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Determine the Switch IP Address Using the NETGEAR Insight App and Access the Switch On-Network To use the NETGEAR Insight app and a web browser to access the switch that is connected to a network: 1. On your iOS or Android mobile device, go to the app store, search for NETGEAR Insight, and download the app. 2.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 14. Select the Direct Connect Web-browser Interface radio button. 15. Click the Apply button. Your settings are saved. The System Information page closes, any current Insight-manageable device settings are saved to the cloud server, and the login window displays again. 16. When prompted, enter the password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 11. Select the Direct Connect Web-browser Interface radio button. 12. Click the Apply button. Your settings are saved. The System Information page closes, any current Insight-manageable device settings are saved to the cloud server, and the login window displays again. 13. When prompted, enter the password. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. Click the OK button to close the notification. The System Information page displays. 7. Select the Direct Connect Web-browser Interface radio button. 8. Click the Apply button. Your settings are saved. The System Information page closes, any current Insight-manageable device settings are saved to the cloud server, and the login window displays again. 9. When prompted, enter the password. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Change the Management Mode to Direct Connect Web-browser Interface Note: If you already accessed the local browser interface (see Access the Switch on page 13), you can skip this section. To change the management mode of the switch to Direct Connect Web-browser Interface: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Change the Management Mode Back to NETGEAR Insight Mobile App and Insight Cloud Portal To change the management mode of the switch back to NETGEAR Insight Mobile App and Insight Cloud Portal: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches If you do not claim (register) the device and add it to an Insight network using the Insight app, you can manually register the switch using the local browser interface as described in the following procedure or you can visit the NETGEAR website for registration at my.netgear.com. To register the switch through the local browser interface: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Use these links as follows: • To display all ports, click the 1 link. The LAGs are not displayed. • To display all LAGs, click the LAGS link. The ports are not displayed. • To display all ports and LAGs, click the All link. The procedures in this section describe how to select the ports and LAGs to configure. The procedures assume that you are already logged in to the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. Configure the desired settings. 4. Click the Apply button. Your settings are saved. Local Browser Interface Device View The Device View page displays the ports on the switch. This graphic provides an alternate way to navigate to configuration and monitoring options. The graphic also provides information about device ports, current configuration and status, tables, and feature components. To use the Device View: 1.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The left port LED indicates the connection, speed, and traffic status: • Solid gray. The port is not connected. This is the default state. • Solid green. The port is operating at its maximum speed. • Blinking green. The port is transmitting or receiving traffic at its maximum speed • Solid amber The port is operating at below its maximum speed. • Blinking amber.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The previous figure shows the Device View page for model GC728XP. 7. To display the main menu that contains the same options as the navigation menu at the top of the page, right-click the graphic without clicking a specific port. The previous figure shows the Device View page for model GC728XP.
2.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View and Configure the Switch Management Settings This section describes how to display the switch status and specify some basic switch information, such as the management interface IP address, system clock settings, and DNS information.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Define the following fields: • System Name. Enter the name to identify this switch. You can use up to 255 alphanumeric characters. • System Location. Enter the location of this switch. You can use up to 255 alphanumeric characters. • System Contact. Enter the contact person for this switch. You can use up to 255 alphanumeric characters. 6. Click the Apply button. Your settings are saved.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View the Temperature Sensor Information You can view the current temperature of the temperature sensors. The temperature is instant and can be updated with the latest information about the switch when you click the Refresh button. The maximum temperature of the temperature sensors depends on the actual hardware. To view temperature information: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View the Fan Status You can view the status of the fans. These fans remove the heat generated by the power, CPU, and other components, and allow the switch to function normally. To view the fan status: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired network connection, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View the Power Supplies You can view s the status of the power supplies. To view the power supplies status: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired network connection, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View the Software Versions You can view the software versions that are running on the switch. To view the software versions: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired network connection, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches You can use a WiFi or wired network connection, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure the CPU Thresholds The CPU utilization threshold notification feature allows you to configure thresholds that, when exceeded, trigger a notification. The notification occurs through SNMP trap and syslog messages. To configure the CPU thresholds: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure the IPv4 Address for the Network Interface and Management VLAN You can configure network information for the network interface, which is the logical interface used for in-band connectivity with the switch through any of the switch’s ports. You also use the IPv4 address of the network interface to connect to the switch through the local browser interface.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Default Gateway. The default gateway for the IP interface. The default value is 192.168.0.254. 8. Specify the VLAN ID for the management VLAN. The management VLAN is used to establish an IP connection to the switch from a computer that is connected to a port in the same VLAN. If not specified, the active management VLAN ID is 1 (default), which allows an IP connection to be established through any port.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches When in-band connectivity is established, you can change the IPv6 information through the local browser interface. To configure the IPv6 address for the network interface: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches b. In the EUI64 menu, select True to enable the Extended Universal Identifier (EUI) flag for IPv6 address, or select False to omit the EUI flag. c. Click the Add button. 10. Click the Apply button. Your settings are saved. View the IPv6 Network Neighbor You can view information about the IPv6 neighbors that the switch discovers through the Neighbor Discovery Protocol (NDP). To view the IPv6 neighbor table: 1.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 9. IPv6 network interface neighbor table information (continued) Field Description Neighbor State The state of the neighboring switch: • reachable (1). The neighbor is reachable from the switch. • stale (2). Information about the neighbor is scheduled for deletion. • delay (3). No information was received from the neighbor during the delay period. • probe (4). The switch is attempting to probe the neighbor. • unknown (5).
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Note: If you do not enter a date and time, the switch calculates the date and time using the CPU’s clock cycle. 9. Click the Apply button. Your settings are saved. Configure the Time Settings With SNTP To configure the time by using SNTP: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Broadcast. SNTP operates in the same manner as multicast mode but uses a local broadcast address instead of a multicast address. The broadcast address provides a single-subnet scope while a multicast address provides an Internet-wide scope. The default value is Disable. 8.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches See the description for Time Zone Name in Step 14 for more information. The allowed range is 0 to 59. The default value is 0. 17. Click the Apply button. Your settings are saved. Modify the Global SNTP Settings To modify the global SNTP settings: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The allowed range is 1025 to 65535 and the value 123. The default value is 123. When the default value is configured, the actual client port value used in SNTP packets is assigned by the operating system. 8. In the Unicast Poll Interval field, specify the number of seconds between unicast poll requests expressed as a power of 2. The allowed range is 6 to 10. The default value is 6. 9.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View SNTP Global Status When you select the SNTP option as the clock source, the SNTP global status is displayed below the SNTP Global Configuration section of the page. The SNTP Global Status table displays information about the system’s SNTP client. To view SNTP global status: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 10. SNTP Global Status information (continued) Field Description Last Attempt Status The status of the last SNTP request or unsolicited message for both unicast and broadcast modes. If no message was received from a server, a status of Other is displayed. These values are appropriate for all operational modes. • Other. The status of the last request is unknown. • Success.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following is an example of strata: • Stratum 0. A real-time clock is used as the time source, for example, a GPS system. • Stratum 1. A server that is directly linked to a Stratum 0 time source is used. Stratum 1 time servers provide primary network time standards. • Stratum 2. The time source is distanced from the Stratum 1 server over a network path.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select System > Management > Time > SNTP Server Configuration. The SNTP Server Configuration page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 11. SNTP Server Status information Field Description Address All the existing server addresses. If no server configuration exists, a message stating that no SNTP server exists displays on the page. Last Update Time The local date and time (UTC) that the response from the server was used to update the system clock. Last Attempt Time The local date and time (UTC) that the SNTP server was last queried.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 5. Select System > Management > Time > SNTP Server Configuration. The SNTP Server Configuration page displays. 6. Select the check box next to the configured server. 7. Specify new values in the available fields. 8. Click the Apply button. Your settings are saved. Remove an SNTP Server To remove an SNTP server: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To configure the daylight saving time settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Field Description Ends At These fields are used to configure the end values of date and time. • Week. Configure the end week. • Day. Configure the end day. • Month. Configure the end month. • Hours. Configure the end hour. • Minutes. Configure the end minutes. Offset Configure recurring offset in minutes. The valid range is 1–1440 minutes. Zone Configure the time zone.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Denial of Service Settings You can configure the Denial of Service (DoS) settings for the switch. The switch provides support for classifying and blocking specific types of DoS attacks. Configure Auto-DoS You can automatically enable all the DoS features available on the switch, except for the L4 Port attack.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Denial of Service The Denial of Service Configuration page allows you to select which types of DoS attacks the switch monitors and blocks. To configure individual DoS settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Denial of Service ICMP Fragment. Enabling ICMP Fragment DoS prevention causes the switch to drop ICMP fragmented packets. • Denial of Service SIP=DIP. Enabling SIP=DIP DoS prevention causes the switch to drop packets with a source IP address equal to the destination IP address. • Denial of Service SMAC=DMAC.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table displays DNS Server Configuration information. Table 13. DNS Server Configuration information Field Description ID The identification of the DNS Server. Preference Shows the preference of the DNS server. The preferences are determined by the order in which they were entered. Configure and View Host Name-to-IP Address Information You can manually map host names to IP addresses or view dynamic host mappings.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Remove an Entry From the Dynamic Host Mapping Table To remove an entry from the dynamic host mapping table: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select System > Management > DNS > Host Configuration. The DNS Host Configuration page display. 6. Select the check box next to the entry to update. 7. Enter the new information in the appropriate field. 8. Click the Apply button. Your settings are saved. 9. To clear all the dynamic host name entries from the list, click the Clear button. The Dynamic Host Mapping table shows host name-to-IP address entries that the switch learned.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The Green Ethernet Configuration page displays. 6. Select the Auto Power Down Mode Disable or Enable radio button. By default, this mode is disabled. When a port link is down, the underlying physical layer goes down for a short period and then checks for port link pulses again so that autonegotiation remains possible. In this way, the switch saves power when no link partner is present for the port. 7.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. Do one of the following: • In the Go To Interface field, enter the port using the respective naming convention (for example, g1 or l1), and click the Go button. The entry corresponding to the specified interface is selected. For more information about naming conventions, see Interface Naming Conventions on page 12. • Select the port. 7. Select the Auto Power Down Mode Disable or Enable radio button.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select System > Management > Green Ethernet > Green Ethernet Details. The Green Ethernet Details page displays. 6. From the Interface menu, select the interface. 7.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 15. Green Ethernet Local Device Information (continued) Field Description Tw_sys_tx (uSec) Integer that indicates the value of Tw_sys that the local system can support. Tw_sys_tx Echo (uSec) Integer that indicates the remote system’s Transmit Tw_sys that was used by the local system to compute the Tw_sys that it wants to request from the remote system.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 5. Select System > Management > Green Ethernet >Green Ethernet Details. The Green Ethernet Details page displays. 6. Scroll down to the Remote Device Information section. 7. Select the interface. The following table describes the nonconfigurable fields. Table 16. Green Ethernet Remote Device Information Field Description Remote ID The remote client identifier assigned to the remote system.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select System > Management > Green Ethernet > Green Ethernet Summary. The Green Ethernet Statistics Summary page displays. 6. To refresh the page, click the Refresh button. The following table describes the nonconfigurable fields. Table 17. Green Ethernet Statistics Summary information Field Description Current Power Consumption (mW) Estimated power consumption by all ports of the switch in mWatts.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select System > Management > Green Ethernet > Green Ethernet LPI History. The Green Ethernet LPI History page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Manage the Bonjour Settings To manage the Bonjour settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select System > Management > Bonjour > Bonjour Details. The Bonjour Information page displays. The page also shows the Published Services section.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 5. Select System > Management > LED Control. 6. Select the System LEDs On or Off radio button. By default, the On radio button is selected and the system LEDs are enabled. When you select the Off radio button, the Cloud LED is disabled, and for models GC728XP and GC752XP, the Max PoE LED is disabled. 7. Select the Port LEDs On or Off radio button.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure the SNMPv1/v2 Community Only the communities that you define can access to the switch using the SNMP V1 and SNMP V2 protocols. Only those communities with read/write level access can be used to change the configuration using SNMP. Add an SNMP Community: To add an SNMP community: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches If you select Enable, the community name must be unique among all valid community names or the set requests are rejected. If you select Disable, the community name becomes invalid. 11. Click the Add button. The selected community is added. Modify an Existing SNMP Community To modify an existing SNMP community: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The login window opens. 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select System > SNMP > SNMPv1/v2 > Community Configuration. The Community Configuration page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 7. From the Version menu, select the trap version to be used by the SNMP trap receiver: • SNMPv1. The switch uses SNMPv1 to send traps to the receiver. • SNMPv2. The switch uses SNMPv2 to send traps to the receiver. 8. In the Community String field, specify the name of the SNMP community that includes the SNMP management host and the SNMP agent on the device. This name can be up to 16 characters and is case-sensitive.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Delete an SNMP Trap Recipient To delete an SNMP trap recipient: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select System > SNMP > SNMPv1/v2 > Trap Flags. The Trap Flags page displays. 6. Configure the following options: • Authentication.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View the Supported MIBs This page displays a list of all MIBs supported by the switch. To view the supported MIBs: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • View Local LLDP Information on page 87 • View LLDP Neighbors Information on page 89 LLDP is a one-way protocol without any request/response sequences. Information is advertised by stations implementing the transmit function, and is received and processed by stations implementing the receive function. The transmit and receive functions can be enabled or disabled separately per port.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. To configure nondefault values for the following LLDP properties, specify the following options: • TLV Advertised Interval. The number of seconds between transmissions of LLDP advertisements. • Hold Multiplier. The transmit interval multiplier value, in which the transmit hold multiplier multiplied by the transmit interval is the time to live (TTL) value that the switch advertises to its neighbors. • Reinitializing Delay.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. Select one or more interfaces by taking one of the following actions: • To configure a single interface, select the check box associated with the port, or type the port number in the Go To Interface field and click the Go button. • To configure multiple interfaces with the same settings, select the check box associated with each interface.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To view LLDP-MED network policy information for an interface: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 21. LLDP-MED network policy information (continued) Field Description VLAN ID The VLAN ID associated with the policy. VLAN Type Indicates whether the VLAN associated with the policy is tagged or untagged. User Priority The priority associated with the policy. DSCP The DSCP associated with a particular policy type.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Network Policy. When the network policy is enabled, the port transmits the network policy TLV in LLDP frames. • Extended MDI-PSE. When the extended MDI-PSE is enabled, the port transmits the extended PSE TLV in LLDP frames. 8. Click the Apply button. Your settings are saved. LLDP-MED Neighbors Information You can display the LLDP-MED neighbor or remote device information for an interface.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Field Description This section of the page specifies the supported and enabled capabilities that are received in MED TLV on this port. Supported Capabilities Specifies supported capabilities that are received in MED TLV on this port. Enabled Capabilities Specifies enabled capabilities that are received in MED TLV on this port. Device Class Specifies device class as advertised by the device remotely connected to the port.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Field Description Extended PoE This section of the page specifies if the remote device is a PoE device. Device Type Specifies the remote device’s PoE device type connected to this port. Extended PoE PSE This section of the page specifies if extended PSE TLV is received in LLDP frame on this port. Device Type Specifies the remote device’s PoE device type connected to this port.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select System > Advanced > LLDP > Local Information. The page that displays shows the Device Information section and the Port Information section. The page includes only the interfaces on which LLDP is enabled. The following table describes the LLDP device information and port summary information. Field Description Device Information Chassis ID Subtype The type of information used to identify the switch in the Chassis ID field.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Field Description MAC/PHY Details Auto Negotiation Supported Indicates whether the interface supports port speed autonegotiation. The possible values are True and False. Auto Negotiation Enabled The port speed autonegotiation support status. The possible values are True (enabled) or False (disabled).
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select System > Advanced > LLDP > Neighbor Information. The Neighbor Information page displays.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Field Description Port ID Subtype The type of data displayed in the remote system’s Port ID field. Port ID The physical address of the port on the remote system from which the data was sent. Port Description The user-defined description of the port. System Name The system name associated with the remote device. System Description The description of the selected port associated with the remote system.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Field Description PoE Power Priority The PoE power priority advertised by the remote device. PoE Power Value The PoE power value advertised by the remote device. Hardware Revision The hardware version advertised by the remote device. Firmware Revision The firmware version advertised by the remote device. Software Revision The software version advertised by the remote device.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure DHCP L2 Relay and DHCP Snooping The switch supports DHCP L2 Relay, DHCP snooping, and Dynamic ARP Inspection (DAI). DHCP snooping and DAI are Layer 2 security features that examine traffic to help prevent accidental and malicious attacks on the switch or network.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select System> Services > DHCP L2 Relay > DHCP L2 Relay Global Configuration. The DHCP L2 Relay Global Configuration page displays. 6. Select the Admin Mode Enable radio button. The default admin mode is disabled. 7. Click the Apply button. Your settings are saved. Configure the DHCP L2 Relay Settings for a VLAN You can configure the DHCP L2 relay settings for a VLAN. To configure the DHCP L2 relay settings for a VLAN: 1.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Your settings are saved. Configure the DHCP L2 Relay Interface Settings You can configure the DHCP L2 relay interface settings. To configure the DHCP L2 relay interface settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View or Clear the DHCP L2 Relay Interface Statistics You can view information about the DHCP L2 relay interfaces. To view or clear the DHCP L2 relay interface statistics: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Field Description Trusted Server Messages The number of DHCP message without option82 received from a trusted server. Without Opt82 Trusted Client Messages Without Opt82 The number of DHCP message without option82 received from a trusted client. 8. To refresh the page with the latest information about the switch, click the Refresh button. 9. To clear all interfaces statistics, click the Clear button.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select System> Services > DHCP Snooping > Global Configuration. The DHCP Snooping Global Configuration page displays. 6. Select the DHCP Snooping Mode Enable radio button. 7. To enable the verification of the sender’s MAC address for DHCP snooping, select the MAC Address Validation Enable radio button.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To configure DHCP snooping interface settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches When enabled, the DHCP snooping feature generates a log message when an invalid packet is received and dropped by the interface. 10. In the Rate Limit(pps) field, specify the rate limit value for DHCP snooping purposes. If the incoming rate of DHCP packets per second exceeds the configured burst interval per second, the port shuts down.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 10. Click the Add button. The DHCP snooping binding entry is added to the database. The Dynamic Binding Configuration table shows information about the DHCP bindings that were dynamically (that is, automatically) learned on each interface on which DHCP snooping is enabled. The following table describes the dynamic bindings information. Table 22.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Local. The binding table is stored locally on the switch. • Remote. The binding table is stored on a remote TFTP server. If the database is stored on a remote server, specify the following information: a. In the Remote IP Address field, enter the IP address of the TFTP server. b. In the Remote File Name field, enter the file name of the DHCP snooping bindings database in which the bindings are stored. 7.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the DHCP snooping statistics. Table 23. DHCP Snooping Statistics information Field Description Interface The interface associated with the rest of the data in the row. MAC Verify Failures The number of DHCP messages that were dropped because the source MAC address and client hardware address did not match. MAC address verification is performed only if it is globally enabled.
3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Port Settings You can view, configure, and monitor the physical port information for the ports (that is, the physical interfaces) on the switch. To configure port settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 11. In the Speed field, specify the speed value for the selected port. - Auto. All supported speeds. If you select Auto, the duplex mode and speed are set by the autonegotiation process. The port’s maximum capability (full duplex and 1000 Mbps) are advertised. Otherwise, your selection determines the port’s duplex mode and transmission rate. The default setting is Auto. - 10. 10 Mbits/sec. - 100. 100 Mbits/sec. - 1000.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches frame to stop traffic on the port if the amount of memory used by the packets on the port exceeds a preconfigured threshold and responds to pause requests from partner devices. The paused port does not forward packets for the time that is specified in the pause frame. When the pause frame time elapses, or the utilization returns to a specified low threshold, the switch enables the port to again transmit frames.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches A LAG interface can be either static or dynamic, but not both. All members of a LAG must participate in the same protocols. A static port channel interface does not require a partner system to be able to aggregate its member ports. The switch supports static LAGs. When a port is added to a LAG as a static member, the port neither transmits nor receives LACPDUs.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • 2 Dest MAC, VLAN, EType, incoming port. This mode uses the destination MAC address, VLAN, EtherType, and incoming port that are associated with the packet. • 3 Src/Dest MAC, VLAN, EType, incoming port. This mode uses the source and destination MAC addresses, VLAN, EtherType, and incoming port that are associated with the packet. This is the default mode. • 4 Src IP and Src TCP/UDP Port fields.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure LAG Membership You can select two or more full-duplex Ethernet links to be aggregated together to form a link aggregation group (LAG), which is also known as a port channel. The switch can treat the port channel as a single link. To configure LAG membership: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Set the LACP System Priority The LACP configuration page is used to set the LACP system priority. To configure LACP: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The login window opens. 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Switching> LAG > Advanced > LACP Port Configuration. The LACP Port Priority page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches can either reject it or insert a tag using its default VLAN ID. A given port can handle traffic for more than one VLAN, but it can support only one default VLAN ID. You can define VLAN groups stored in the VLAN membership table. The switch supports up to 256 VLANs. VLAN 1 is created by default and is the default VLAN of which all ports are members. VLAN 4089 is also created by default and is the Auto-Video VLAN.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The VLAN is added to the switch. 10. Click the Apply button. Your settings are saved. Delete a VLAN To delete a VLAN from the switch: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The login window opens. 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Switching> VLAN > Advanced > VLAN Trunking Configuration.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Note the following: • Use a dash (–) to specify a range. • Use a comma (,) to separate VLANs in a list. Spaces are not permitted. • A zero value means that you want to clear the allowed VLANs. • The All value means that you want to set all VLANs to the range (1 to 4093). 12. Click the Apply button. Your settings are saved. The following table shows the nonconfigurable information on the page. Table 26.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. In the VLAN ID menu, select the VLAN ID. 7. In the Group Operation menu, select one of the following options, which applies to all ports in the VLAN: • Untag All. For all ports that are members of the VLAN, tags are removed from all egress packets. • Tag All. For all ports that are members of the VLAN, all egress packets are tagged. • Remove All. All ports are removed from the VLAN. 8.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the nonconfigurable information displayed on the page. Table 27. Advanced VLAN membership Field Definition VLAN Name The name for the VLAN that you selected. It can be up to 32 alphanumeric characters long, including blanks. VLAN ID 1 always uses the name Default. VLAN Type The type of the VLAN you selected: • Default (VLAN ID = 1). Always present. • Static. A VLAN that you configured.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 28. VLAN status (continued) Field Definition VLAN Type The VLAN type: • Default (VLAN ID = 1). Always present. • Static. A VLAN that you added. • Auto-Video. (VLAN ID = 4089). Always present. Member Ports The ports that are included in the VLAN. Configure Port PVID Settings You can assign a port VLAN ID (PVID) to an interface. The following requirements apply to a PVID: • You must define a PVID for all ports.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • To configure all interfaces with the same settings, select the check box in the heading row. 8. In the PVID field, specify the VLAN ID to assign to untagged or priority-tagged frames received on this port. The default is 1. 9. In the VLAN Member field, specify the VLAN ID or list of VLANs of a member port. VLAN IDs range from 1 to 4093. The default is 1.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the nonconfigurable fields. Table 29. Nonconfigurable fields on the PVID Configuration page Field Description Current Ingress Filtering Indicates whether ingress filtering is enabled for the interface. Untagged VLANs The number of untagged VLANs for the interface. Tagged VLANs The number of tagged VLANs for the interface. Forbidden VLANs The number of forbidden VLANs for the interface.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Switching> VLAN > Advanced > MAC Based VLAN. The MAC Based VLAN Configuration page displays. 6. In the MAC Address field, enter a valid MAC address to be bound to a VLAN ID.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Protocol-Based VLAN Groups You can use a protocol-based VLAN to define filtering criteria for untagged packets. By default, if you do not configure any port-based (IEEE 802.1Q) or protocol-based VLANs, untagged packets are assigned to VLAN 1. You can override this behavior by defining either port-based VLANs or protocol-based VLANs, or both. Tagged packets are always handled according to the IEEE 802.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches You can enter keywords such as arp, ip, and ipx. Separate keywords with a comma. You can also enter hexadecimal or decimal values in the range of 0x0600 (1536) to 0xFFFF (65535). 9. In the VLAN ID field, enter the VLAN ID. The ID can be any number in the range of 1 to 4093. All the ports in the group assign this VLAN ID to untagged packets received for the protocols that you included in this group. 10. Click the Add button.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 7. In the Ports table and LAG table, click each port and LAG that you want to include in the protocol-based VLAN group. A protocol-based VLAN group can include both port and LAGs. A selected port or LAG is displayed by a check mark. 8. Click the Apply button Your settings are saved. 9. To view the members of the group, click the Current members button. A pop-up window opens and displays the list of current members.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • To configure all interfaces with the same settings, select the check box in the heading row. 8. From the Interface Mode menu, select the voice VLAN mode for selected interfaces: • Disable. This is the default value. • None. Allow the IP phone to use its own configuration to send untagged voice traffic. • VLAN ID. Configure the phone to send tagged voice traffic.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Protocol-Based Port Settings To prioritize time-sensitive voice traffic over data traffic, protocol-based Auto-VoIP checks for packets carrying the following VoIP protocols: • Session Initiation Protocol (SIP) • H.323 • Signalling Connection Control Part (SCCP) VoIP frames that are received on ports that for which the Auto-VoIP feature is enabled are marked with the specified CoS traffic class value.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 10. From the Auto VoIP Mode menu, select Disable or Enable. Auto-VoIP is disabled by default. The Operational Status field displays the current operational status of each interface. 11. Click the Apply button. Your settings are saved. Configure Auto-VoIP OUI-Based Properties With Organizationally Unique Identifier (OUI)–based Auto-VoIP, voice prioritization is provided based on OUI bits.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure OUI-Based Port Settings The port settings page allows you to configure the OUI port settings. To configure OUI-based port settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Manage the OUI Table Device hardware manufacturers can include an OUI in a network adapter to help identify a hardware device. The OUI is a unique 24-bit number assigned by the IEEE registration authority.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. In the Telephony OUI(s) field, specify the VoIP OUI prefix to be added in the format AA:BB:CC. Up to 128 OUIs can be configured. 7. In the Description field, enter the description for the OUI. The maximum length of description is 32 characters.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. Select the check box next to each OUI prefix to be removed. 7. Click the Delete button. The telephony OUI entries are removed. Display the Auto-VoIP Status You can display the Auto-VoIP status. To view the Auto-VoIP status: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Spanning Tree Protocol Overview Classic STP provides a single path between end stations, avoiding and eliminating loops. For information on configuring Common STP, see Configure CST Port Settings on page 137. Multiple Spanning Tree Protocol (MSTP) supports multiple instances of spanning tree to efficiently channel VLAN traffic over different interfaces. Each instance of the spanning tree behaves in the manner specified in IEEE 802.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The Global Settings page displays. 6. Configure the following options: • Spanning Tree State. Enable or disable the spanning tree operation on the switch. • STP Operation Mode. Specify the STP version for the switch. The options are STP, RSTP, and MSTP. For more information, see Spanning Tree Protocol Overview on page 134. • Configuration Name. Specify an identifier used to identify the configuration currently being used.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 32. STP configuration status (continued) Field Description Forward Delay (secs) The derived value of the Root Port Bridge Forward Delay parameter. Hold Time (secs) Minimum time in seconds between the transmission of configuration BPDUs. CST Regional Root Priority and base MAC address of the CST regional root. CST Path Cost Path cost to the CST tree regional root.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Bridge Max Age (secs). The bridge maximum age time for the Common and Internal Spanning Tree (CST), which indicates the time in seconds a bridge must wait before implementing a topological change. The valid range is 6–40, and the value must be less than or equal to (2 * Bridge Forward Delay) – 1 and greater than or equal to 2 * (Bridge Hello Time +1). The default value is 20. • Bridge Hello Time (secs).
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Specify a value in the range of 0 to 200000000. The default is 0. When the path cost is set to 0, the value is updated with the external path cost from a received STP packet. 13. In the Priority field, specify the priority for a particular port within the CST. The port priority is set in multiples of 16. For example if you attempt to set the priority to any value between 0 and 15, it is set to 0.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Switching > STP > Advanced > CST Port Status. The CST Port Status page displays. 6. To refresh the page with the latest information about the switch, click the Refresh button.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View Rapid STP Information You can view information about the Rapid Spanning Tree (RSTP) port status. To view information about RSTP: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Manage MST Settings You can configure a multiple spanning tree (MST) on the switch. Configure an MST Instance To configure an MST instance: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches For each configured instance, the information described in the following table displays on the page. Table 37. MST configuration Field Description Bridge Identifier The bridge identifier for the selected MST instance. It is made up using the bridge priority and the base MAC address of the bridge. Last TCN The time in day:hour:minute:second format since the topology of the selected MST instance last changed.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 8. Click the Apply button. Your settings are saved. Delete an MST Instance To delete an MST instance: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the read-only MST port configuration information displayed on the Spanning Tree CST Configuration page. Table 38. MST port status information Field Description Operational Port Path Cost The operational path cost for the port in the MST instance. Auto-calculated Port Path Cost Indicates whether the path cost is automatically calculated (Enabled) or not (Disabled).
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View STP Statistics You can view information about the number and type of bridge protocol data units (BPDUs) transmitted and received on each port. To view Spanning Tree statistics: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Multicast Multicast IP traffic is traffic that is destined to a host group. Host groups for IPv4 multicast are identified by class D addresses, which range from 224.0.0.0 to 239.255.255.255. Host groups for IPv6 multicast are identified by the prefix ff00::/8. View or Clear the MFDB Table The Multicast Forwarding Database holds the port membership information for all active multicast address entries.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the information in the MFDB table. Table 40. MFDB table information Field Description MAC Address The multicast MAC address for which you requested data. VLAN ID The VLAN ID to which the multicast MAC address is related. Component The component that is responsible for this entry in the Multicast Forwarding Database. Possible values are IGMP snooping, GMRP, Static Filtering and MLD snooping.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the MFDB Statistics fields. Table 41. MFDB Statistics information Field Description Max MFDB Table Entries The maximum number of entries that the Multicast Forwarding Database table can hold. Most MFDB Entries Since The largest number of entries that were present in the Multicast Forwarding Last Reset Database table since last reset. This value is also known as the MFDB high-water mark.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure IGMP Snooping Internet Group Management Protocol (IGMP) snooping is a feature that allows a switch to forward multicast traffic intelligently. Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure IGMP Snooping Globally You can configure the parameters for IGMP snooping, which is used to build forwarding lists for multicast traffic. To configure IGMP snooping globally: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 42. IGMP Snooping Configuration information (continued) Field Description VLAN IDs Enabled For IGMP Snooping The IDs of the VLANs that are enabled for IGMP snooping. VLAN IDs Enabled For IGMP Snooping Querier The IDs of the VLANs that are enabled for IGMP snooping querier. Configure IGMP Snooping for Interfaces To configure IGMP snooping for interfaces: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Enter a value between 1 and 3600 seconds. The default is 260 seconds. 10. In the Max Response Time field, specify the time that the switch must wait after sending a query on an interface because it did not receive a report for a particular group on that interface. Enter a value greater or equal to 1 and less than the group membership interval in seconds. The default is 10 seconds.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Enter six two-digit hexadecimal numbers separated by colons, for example 00:01:23:43:45:67. 7. Click the Go button. If the address exists, the entry is displayed. An exact match is required. 8. To refresh the page with the latest information about the switch, click the Refresh button. 9. To clear the information, click the Clear button. The following table describes the information in the IGMP snooping table. Table 43.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The IGMP Snooping VLAN Configuration page displays. 6. To enable IGMP snooping on a VLAN, in the VLAN ID field, enter the VLAN ID. 7. Configure the IGMP snooping values: • Admin Mode. Enable or disable IGMP snooping for the specified VLAN ID. The default is Disable. • Fast Leave Mode. Enable or disable the IGMP snooping fast leave mode for the specified VLAN ID. The default is Disable. • Host Timeout.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Switching> Multicast > IGMP Snooping > IGMP Snooping VLAN Configuration. The IGMP Snooping VLAN Configuration page displays. 6. Select the check box next to the VLAN ID. 7.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches accordingly. It is required only if you want to make sure that the multicast router always receives IGMP packets from the switch in a complex network. To configure multicast router interfaces: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To configure a multicast router VLAN: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure the Global IGMP Snooping Querier Settings You can configure the global settings for an IGMP snooping querier. To configure the global IGMP snooping querier settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure an IGMP Snooping Querier for a VLAN You can configure an IGMP snooping querier for use with a VLAN on the network. To configure an IGMP querier snooping for a VLAN: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Remove an IGMP Snooping Querier From a VLAN You can remove an IGMP snooping querier from a VLAN. To remove an IGMP snooping querier from a VLAN: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 5. Select Switching> Multicast > IGMP Snooping Querier > Querier VLAN Status. The Querier VLAN Status page displays. 6. To refresh the page with the latest information about the switch, click the Refresh button. The following table describes the nonconfigurable information displayed on the page. Table 44.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches nodes. MLD is derived from IGMP; MLD version 1 (MLDv1) is equivalent to IGMPv2 and MLD version 2 (MLDv2) is equivalent to IGMPv3. MLD is a subprotocol of Internet Control Message Protocol version 6 (ICMPv6), and MLD messages are a subset of ICMPv6 messages, identified in IPv6 packets by a preceding Next Header value of 58.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 7. Click the Apply button. Your settings are saved. 8. To refresh the page with the latest information about the switch, click the Refresh button. The following table describes the nonconfigurable MLD Snooping Configuration fields. Table 45. MLD Snooping Configuration information Field Definition Multicast Control Frame Count The number of multicast control frames that were processed by the CPU.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • To configure all interfaces with the same settings, select the check box in the heading row. 8. From the Admin Mode menu, select to enable or disable the interface mode for the selected interface for MLD snooping for the switch. The default is Disable. 9.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Switching> Multicast > MLD Snooping > MLD VLAN Configuration. The MLD VLAN Configuration page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 5. Select Switching> Multicast > MLD Snooping > MLD VLAN Configuration. The MLD VLAN Configuration page displays. 6. Select the check box for the VLAN ID. 7. Click the Delete button. Your settings are saved. MLD snooping is no longer supported on the VLAN. The VLAN itself is not deleted.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure a Multicast Router VLAN for MLD Snooping To configure a multicast router VLAN for MLD snooping: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Switching> Multicast > MLD Snooping > Querier Configuration. The MLD Snooping Querier Configuration page displays. 6. Configure the following settings: • Querier Admin Mode.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Switching> Multicast > MLD Snooping > Querier VLAN Configuration. The MLD Snooping Querier VLAN Configuration page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Remove an MLD Snooping Querier From a VLAN You can remove an MLD snooping querier from a VLAN. To remove an MLD snooping querier from a VLAN: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 47. MAC Address Table information (continued) Field Description Interface The interface on which the address was learned. Status The status of this entry, which can be one of the following: • Static. The instance was added by the system or a user and cannot be relearned. • Learned. The instance was learned, and is being used. • Management.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Add a Static MAC Address You can manually add MAC addresses to the MAC address table. Such MAC addresses are static MAC addresses. To add a static MAC address: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The login window opens. 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Switching > Address Table > Advanced > Static MAC Address.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches enable loop protection globally before you can enable and configure it at the interface level. Loop protection is supported on physical interfaces and static LAG interfaces, but not on dynamic LAG interfaces. Configure Global Layer 2 Loop Protection To configure global Layer 2 loop protection: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The range is from 0 to 604800 seconds. The default is 0 seconds. 10. Click the Apply button. Your settings are saved. Configure Layer 2 Loop Protection on a Port To configure Layer 2 loop protection on a port: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • To display all ports and LAGs, click the All link. • In the Go To Port field, type the port number, for example g18, and click the Go button. 7. In the Port field, select the port for which data is to be displayed or configured. 8. From the Keep Alive menu, select Enable or Disable to specify whether keep-alives are enabled on an interface. The default is Disable. 9.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Switching 180
4. 4 Configuring Routing This chapter covers the following topics.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches How the Switch Handles Routing For each incoming packet, the switch uses the destination MAC address to determine if the address matches a configured routing interface. If it does, the switch searches the host table for a matching destination IP address: • The host table contains a matching IP address.The packet is routed to the host. • The host table does not contain a matching IP address.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. Select the Routing Mode Enable radio button. 7. Click the Apply button. The following table describes the nonconfigurable information displayed on the page. Table 49. IP Configuration information Field Description Default Time to Live The default value that is inserted into the Time-To-Live field of the IP header of datagrams originated by the switch, if a TTL value is not supplied by the transport layer protocol.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the nonconfigurable information displayed on the page. Table 50. IP routing statistics information Field Description IpInReceives The total number of input datagrams received from interfaces, including those received in error.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 50. IP routing statistics information (continued) Field Description IpReasmFails The number of failures detected by the IP reassembly algorithm (for example, because of timing out, errors, and so on). This is not necessarily a count of discarded IP fragments because some algorithms can lose track of the number of fragments by combining them as they are received.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 50. IP routing statistics information (continued) Field Description IcmpOutParmProbs The number of ICMP Parameter Problem messages sent. IcmpOutSrcQuenchs The number of ICMP Source Quench messages sent. IcmpOutRedirects The number of ICMP Redirect messages sent. Because hosts do not send redirects, this counter is always zero for a host. IcmpOutEchos The number of ICMP Echo (request) messages sent.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The IPv6 Global Configuration page displays. 6. To globally enable IPv6 unicast routing, select the IPv6 Unicast Routing Enable radio button. By default, IPv6 unicast routing is disabled and the Disable radio button is selected. 7. In the Hop Limit field, enter the number for the unicast hop count that is used in IPv6 packets that originate in the switch. The value is also included in router advertisements.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • All Routes. Show all active IPv6 routes. • Best Routes Only. Show only the best active routes. • Configured Routes Only. Show only the manually configured routes. 7. To refresh the page with the latest information about the switch, click the Update button. The following table describes the nonconfigurable information displayed on the page. Table 51.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Routing> IPv6 > Advanced > VLAN Configuration. The IPv6 Global Configuration page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 14. In the Adv NS Interval field, specify the retransmission time of router advertisements that are sent from the interface. A value of 0 means the interval is not specified. The range of the neighbor solicit interval is 1000 to 4294967295. The default is 0. 15. In the Adv Reachable Interval field, specify the router advertisement time. This is the time allocated to consider the neighbors reachable after ND confirmation.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Manage IPv6 Prefixes for Advertisement on an IPv6 VLAN When you add an IPv6 prefix for advertisement on an IPv6 VLAN, the prefix is advertised on all interfaces that are members of the VLAN. You can change and remove existing IPv6 prefixes. Add an IPv6 Prefix for Advertisement on an IPv6 VLAN To add an IPv6 prefix for advertisement on an IPv6 VLAN: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 12. From the Onlink Flag menu, select Enable or Disable to specify whether the selected prefix can be used for on-link determination. The default is Enable. 13. From the Autonomous Flag menu, select Enable or Disable to specify whether the selected prefix can be used for autonomous address configuration. The default value is Enable. The Current State field displays the state of the IPV6 address.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 9. Click the Apply button. Your settings are saved. Remove an IPv6 Prefix From an IPv6 VLAN You can remove one or more IPv6 prefixes from an IPv6 VLAN. You cannot remove the default IPv6 prefix. To remove one or more IPv6 prefixes from an IPv6 VLAN: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The login window opens. 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Routing> IPv6 > Advanced > Statistics. The IPv6 Statistics page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 53. IPv6 Statistics information (continued) Field Description Received Datagrams Discarded Due To Truncated Data The number of input datagrams discarded because datagram frame did not carry enough data. Received Datagrams Discarded Other The number of input IPv6 datagrams for which no problems were encountered to prevent their continued processing, but that were discarded for reasons such as lack of buffer space.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the nonconfigurable ICMPv6 information displayed on the page. Table 54. ICMPv6 Statistics information Field Description Total ICMPv6 Messages Received The total number of ICMP messages received by the interface, which includes all those counted by IPv6IfIcmpInErrors. This interface is the interface to which the ICMP messages were addressed, which might not be the input interface for the messages.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 54. ICMPv6 Statistics information (continued) Field Description ICMPv6 Group Membership Reduction Messages Received The number of ICMPv6 Group Membership Reduction messages received by the interface. Total ICMPv6 Messages Transmitted The total number of ICMP messages that this interface attempted to send. This counter includes all those counted by icmpOutErrors.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 54. ICMPv6 Statistics information (continued) Field Description ICMPv6 Group Membership Reduction Messages Transmitted The number of ICMPv6 Group Membership Reduction messages sent. ICMPv6 Duplicate Address Detects The number of duplicate addresses detected by the interface. View the IPv6 Neighbor Table To view or clear the IPv6 Neighbor Table: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the nonconfigurable information displayed on the page. Table 55. IPv6 Neighbor Table information Field Description Interface The interface whose settings are displayed in the current table row. IPv6 Address The IPv6 address of the neighbor or interface. MAC Address The MAC address associated with an interface. isRtr Indicates whether the neighbor is a router.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches IPv6 routes associated with these management interfaces and IPv6 routes associated with routing interfaces. Configuration of 127-bit IPv6 prefixes on the routing/host IPv6 interfaces is supported. You can distinguishes between static routes by specifying a route preference value. A static route with a lower preference value is a more preferred static route.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 12. Click the Add button. The route is added. Change the Preference for a Static IPv6 Route To change the preference for a static IPv6 route: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Routing> IPv6 > Advanced > Static Route Configuration. The Configure Routes page displays. 6. Select one or more check boxes for static IPv6 routes. 7. Click the Delete button.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the nonconfigurable information displayed on the page. Table 56. IPv6v Route Table information Field Description Number of Routes The total number of active routes in the route table. IPv6 Prefix The network prefix for the active route. Prefix Length The prefix length for the active route. Protocol The type of protocol for the active route.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The IPv6 Route Preference page displays. 6. In the Static field, specify the static route preference value for the switch. The range is 1 to 255. The default value is 1. 7. Click the Apply button. Your settings are saved. The Local field displays the local preference. Configure Routing VLANs You can configure the switch software with some ports supporting VLANs and some supporting routing.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To configure VLAN routing using the VLAN routing wizard: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 9. In the Ports table, click each port once, twice, or three times to configure one of the following modes or reset the port to the default settings: • T (Tagged). Select the ports on which all frames transmitted for this VLAN are tagged. The ports that are selected are included in the VLAN. • U (Untagged). Select the ports on which all frames transmitted for this VLAN are untagged.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 5. Select Routing > VLAN > VLAN Routing Configuration. The VLAN Routing Configuration page displays. The table displays any existing routing VLANs. 6. To add a routing VLAN by changing a regular VLAN into a routing VLAN, do the following: a. From the VLAN menu, select the VLAN that you want to configure for VLAN routing.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Routing > VLAN > VLAN Routing Configuration. The VLAN Routing Configuration page displays. 6. From the VLAN list, select the VLAN. 7. Change the settings as needed. 8.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Router Discovery The Router Discovery protocol is used by hosts to identify operational routers (or routing interfaces) on the subnet. Router discovery messages can be of two types: router advertisements and router solicitations. The protocol requires each router to periodically advertise the IP addresses that it is associated with. Hosts listen for these advertisements and discover the IP addresses of neighboring routers.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 11. In the Advertise Lifetime field, specify the value (in seconds) to be used as the lifetime field in router advertisements sent from the interface. This is the maximum length of time that the advertised addresses are to be considered as valid router addresses by hosts. The default is 1800 seconds. 12.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 8. For a static route only, in the Subnet Mask field, specify the subnet mask. Also referred to as the network mask, the mask indicates the portion of the IP address that identifies the attached network. 9. In the Next Hop IP Address field, specify the next hop IP address. This is the outgoing router IP address to use when forwarding traffic to the next router (if any) in the path towards the destination.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Delete Routes To delete one or more static routes: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches device stores the sender’s information in its ARP cache. Newer information always replaces existing content in the ARP cache. If you move a device in the network, the device’s MAC address can become associated with another IP address. Or if you reconfigure, disconnect, or power off the device, the device’s IP address can disappear from the network altogether.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table provides information included in the management VLAN ARP cache section. Table 59. ARP cache information Field Description IP Address The associated IP address of a device on a subnet attached to one of the switch’s existing routing interfaces. Port The associated interface of the connection. MAC Address The MAC address of the device.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Routing > ARP > Advanced > ARP Create. The Static ARP Configuration page displays. The page also shows the Routing VLANs ARP Cache section. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. In the Age Time field, specify the number of seconds for an ARP entry to age out. 7. In the Response Time field, specify the number of seconds that the switch must wait for a response to an ARP request. 8. In the Retries field, specify the maximum number of times that the switch retries an ARP request. 9. In the Cache Size field, specify the maximum number of entries for the ARP cache. 10.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 7. If you select Specific Dynamic/Gateway Entry or Specific Static Entry from the Remove From Table menu, enter the IP address of the entry that must be removed from the ARP table. 8. Click the Apply button. Your settings are saved.
5. Configure Quality of Service 5 In a switch, each physical port consists of one or more queues for transmitting packets on the attached network. Multiple queues per port are often provided to give preference to certain packets over others based on user-defined criteria. When a packet is queued for transmission in a port, the rate at which it is serviced depends on how the queue is configured and possibly the amount of traffic present in the other queues of the port.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Manage Class of Service The Class of Service (CoS) queueing feature lets you directly configure certain aspects of switch queueing. This provides the desired QoS behavior for different types of network traffic when the complexities of DiffServ are not required. The priority of a packet arriving at an interface can be used to steer the packet to the appropriate outbound CoS queue through a mapping table.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select QoS> CoS > Basic > CoS Configuration. 6. Either configure the same CoS trust mode settings for all CoS-configurable interfaces or configure CoS settings per interface.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure CoS Interface Settings for an Interface You can configure the trust mode for one or more interfaces and apply an interface shaping rate to all interfaces or to a specific interface. To configure CoS settings for an interface: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • 802.1p. The eight priority tags that are specified in IEEE 802.1p are p0 to p7. The QoS setting lets you map each of the eight priority levels to one of seven internal hardware priority queues. The default value is 802.1p. • DSCP. The six most significant bits of the DiffServ field are called the Differentiated Services Code Point (DSCP) bits. 9. In the Interface Shaping Rate field, specify the maximum allowed bandwidth.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. To display information for all ports and LAGs, click the All link. 7. Select one or more interfaces by taking one of the following actions: • To configure a single interface, select the check box associated with the port, or type the port number in the Go To Interface field and click the Go button. • To configure multiple interfaces with the same settings, select the check box associated with each interface.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To map 802.1p priorities to queues: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Map DSCP Values to Queues You can map an internal traffic class to a DSCP value. To map DSCP values to queues: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Expedited Forwarding (EF) PHB. These values are used to prioritize traffic for real-time applications. In many situations, if the network exceeded traffic and you need some bandwidth guaranteed for an application, the EF traffic must receive this rate independently of the intensity of any other traffic attempting to transit the node. 7. Click the Apply button. Your settings are saved.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Packet processing begins by testing the match criteria for a packet. The All class type option specifies that each match criteria within a class must evaluate to true for a packet to match that class. The Any class type option specifies that at least one match criteria must evaluate to true for a packet to match that class. Classes are tested in the order in which they were added to the policy.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. Select the administrative mode for DiffServ: • Enable. Differentiated services are active. This is the default setting. • Disable. The DiffServ configuration is retained and can be changed but is not active. 7. Click the Apply button. Your settings are saved. The following table describes the information displayed in the Status table on the DiffServ Configuration page. Table 61.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select QoS > DiffServ > Advanced > Class Configuration. 6. In the Class Name field, enter a class name.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 10. Define the criteria that must be associated the DiffServ class: • Match Every. Select this radio button to add a match condition that considers all packets to belong to the class. The only selection from the Match Every menu is Any. • Reference Class. Select this radio button to reference another class for criteria.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • • Source MAC. Select this radio button to require a packet’s source MAC address to match the specified MAC address. After you select this radio button, use the following fields to configure the source MAC address match criteria: - Address. The source MAC address to match. The source MAC address is specified as six two-digit hexadecimal numbers separated by colons. - Mask.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Destination L4 Port. Select this radio button to require a packet’s TCP/UDP destination port to match the specified protocol, which you must select from the menu. The range is 0 to 65535. The menu includes Other as an option for unnamed ports. • IP DSCP. Select this radio button to require the packet’s IP DiffServ Code Point (DSCP) value to match the specified IP DSCP keyword code, which you must select from the menu.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select QoS > DiffServ > Advanced > Class Configuration. The Class Name page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Delete a DiffServ Class To delete a DiffServ class: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Packets that match an IPv6 classifier are allowed to be marked using only the 802.1p (CoS) field or the IP DSCP field in the traffic Class octet. IP precedence is not defined for IPv6. This is not an appropriate type of packet marking. IPv6 ACL/DiffServ assignment is appropriate for LAG interfaces. The procedures described by an ACL or DiffServ policy are equally applicable on a LAG interface.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 9. After creating the class, click the class name. The class name is a hyperlink to the page on which you can define the class configuration. 10. Define the criteria that must be associated the IPv6 DiffServ class: • Match Every. Select this radio button to add a match condition that considers all packets to belong to the class. The only selection from the Match Every menu is Any. • Reference Class.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Destination Prefix/Length. Select this radio button to require a packet’s destination prefix and prefix length to match the specified source IPv6 prefix and prefix length. Prefix must always be specified with the prefix length. The prefix can be in the hexadecimal range from 0 to FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF and the prefix length can be in the range from 0 to 128. • Destination L4 Port.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select QoS > DiffServ > Advanced > IPv6 Class Configuration. The Class Name page displays. 6. Select the check box next to the class name. 7.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Delete an IPv6 DiffServ Class To delete an IPv6 DiffServ class: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select QoS > DiffServ > Advanced > Policy Configuration. 6. Enter a policy name in the Policy Name field. You cannot specify the policy type.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 10. From the Assign Queue menu, select the queue to which packets of this policy class must be assigned. This is an integer value in the range 0 to 7. 11. Configure the policy attributes: • Drop. Select this radio button to require each inbound packet to be dropped. • Mark VLAN CoS. Select this radio button to specify the VLAN priority, which you must select from the menu.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The Conform Action section and Violate Action section list the actions to be taken on conforming packets according to the policing metrics. By default, both conforming packets and violating packets are sent. In both the Conform Action section and the Violate Action section, select one of the following actions: • Send. Packets are forwarded unmodified. This is the default confirming action and the default violating action. • Drop.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The login window opens. 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select QoS > DiffServ > Advanced > Policy Configuration. The Policy Configuration page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Remove a Class From an Existing DiffServ Policy To remove a class from an existing DiffServ policy: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select QoS > DiffServ > Advanced > Policy Configuration. The Policy Configuration page displays. 6. Select the check box next to the policy name. 7. Click the Delete button. The policy is removed. Configure the DiffServ Service Interface You can activate a policy on an interface. Attach a DiffServ Policy to an Interface To attach a DiffServ policy to an interface: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • To configure multiple interfaces with the same settings, select the check box associated with each interface. • To configure all interfaces with the same settings, select the check box in the heading row. 8. From the Policy Name menu, select a policy name. 9. Click the Apply button. Your settings are saved. The following table describes the nonconfigurable information displayed on the page. Table 65.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View DiffServ Service Statistics You can display service-level statistical information about all interfaces to which DiffServ policies are attached. To view the DiffServ service statistics: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 66. DiffServ Service Statistics information (continued) Field Description Discarded Packets The total number of packets that are discarded for all class instances in this service policy for any reason due to DiffServ treatment. This is the overall count per interface, per direction. The discarded packets are supported in the inbound direction but not in the outbound direction.
6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Management Security Settings You can configure the login password, Remote Authorization Dial-In User Service (RADIUS) settings, Terminal Access Controller Access Control System (TACACS) settings, and authentication lists. Change the Password You can change the login password. To change the login password for the management interface: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Reset the Password to the Default Password You can reset the password to the default password, which is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches RADIUS Overview RADIUS servers provide additional security for networks. The RADIUS server maintains a user database, which contains per-user authentication information. The switch passes information to the configured RADIUS server, which can authenticate a user name and password before authorizing use of the network.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches is the server configured as the primary server. If no servers are configured as the primary server, the current server is the most recently added RADIUS server. 6. In the Max Number of Retransmits field, specify the maximum number of times a request packet is retransmitted to the RADIUS server. The valid range is from 1 to 15. The default value is 4.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure a RADIUS Authentication Server on the Switch Use the RADIUS Server Configuration page to view and configure various settings for a RADIUS server configured on the switch. Add a Primary RADIUS Authentication Server to the Switch To add a primary RADIUS authentication server to the switch and view the RADIUS authentication server statistics: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The message authenticator adds protection to RADIUS messages by using an MD5 hash to encrypt each message. The shared secret is used as the key, and if the message fails to be verified by the RADIUS server, it is discarded. 12. Click the Add button. The server is added to the switch. 13. Click the Apply button. Your settings are saved. 14.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Modify the Settings for a RADIUS Authentication Server on the Switch To modify the settings for a RADIUS authentication server on the switch: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select Security > Management Security > RADIUS > Server Configuration. The Server Configuration page displays. 6. Select the check box next to the IP address of the server to remove. 7. Click the Delete button. The RADIUS server is removed. 8. Click the Apply button. Your settings are saved.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 9. In the Secret field, type the shared secret to use with the specified accounting server. 10. From the Accounting Mode menu, select Enable to enable the RADIUS accounting mode. 11. Click the Add button. The server is added to the switch. 12. Click the Apply button. Your settings are saved. The following table describes the RADIUS server statistics displayed on the page. 13.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Modify the Settings for a RADIUS Accounting Server on the Switch To modify the settings for a RADIUS accounting server on the switch: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select Security > Management Security > RADIUS > Accounting Server Configuration. The Accounting Server Configuration page displays. 6. Select the check box next to the IP address of the server to remove. 7. Click the Delete button. The RADIUS accounting server is removed. 8. Click the Apply button. Your settings are saved.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The TACACS+ Configuration page displays. 6. In the Key String field, specify the authentication and encryption key for TACACS+ communications between the switch and the TACACS+ server. The valid range is 0–128. The key must match the key configured on the TACACS+ server. 7. In the Connection Timeout field, specify the maximum number of seconds allowed to establish a TCP connection between the switch and the TACACS+ server.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 9. In the Key String field, specify the authentication and encryption key for TACACS+ communications between the device and the TACACS+ server. The valid range is 0–128. The key must match the key used on the TACACS+ server. 10. In the Connection Timeout field, specify the time that passes before the connection between the device and the TACACS+ server times out. The range is 1–30.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 7. From the menu in the 1 column, select the authentication method that must be used first in the selected authentication login list. If you select a method that does not time out as the first method, such as Local, no other method is tried, even if you specified more than one method. User authentication occurs in the order the methods are selected. Possible methods are as follows: • Local.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Security > Management Security > Authentication List > HTTPS Authentication List.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure the Dot1x Authentication List The Dot1x authentication list defines the IEEE 802.1X authentication method used for the default list. The default list is dot1xList. To configure the dot1x authentication list: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Management Access You can configure HTTP and secure HTTP access to the switch management interface. You can also configure access control profiles and access rules. Configure HTTP Settings You can configure the settings for HTTP access to the switch. To configure the HTTP server settings: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 9. Click the Apply button. Your settings are saved. HTTPS Configuration Secure HTTP enables the transmission of HTTP over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) connection. When you manage the switch by using a web interface, Secure HTTP can help ensure that communication between the management system and the switch is protected from eavesdroppers and man-in-the-middle attacks.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 9. In the HTTPS Port field, type the HTTPS port number. The value must be in the range of 1025 to 65535. Port 443 is the default value. The configured value is displayed. 10. In the HTTPS Session Soft Timeout (Minutes) field, enter the inactivity time-out for HTTPS sessions. The value must be in the range of 1 to 60 minutes. The default value is 5 minutes. The configured value is displayed.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 5. Select Security > Access > HTTPS > Certificate Management. The Certificate Management page displays. The Certificate Present field displays whether a certificate is present on the switch. 6. In the Certificate Management area, select Generate Certificates. 7. Click the Apply button. The switch generates an SSL certificate.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Before you download a file to the switch, the following conditions must be true: • The file to download from the TFTP server is on the server in the appropriate directory. • The file is in the correct format. • The switch contains a path to the TFTP server. To configure the certificate download settings for HTTPS sessions: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches You can enter up to 96 characters. The default is blank. 10. In the Remote File Name field, enter the name of the file on the TFTP server to download. You can enter up to 32 characters. The default is blank. 11. Select the Start File Transfer check box. 12. Click the Apply button. The file transfer starts. A status message displays during the transfer and upon successful completion of the transfer.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The Packets Filtered field displays the number of packets filtered. 8. Click the Apply button. Your settings are saved. 9. To refresh the page with the latest information about the switch, click the Refresh button. The following table describes the nonconfigurable data that is displayed. Table 70. Access profile configuration profile summary Field Description Rule Type The action performed when the rules match.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Security > Access > Access Control > Access Rule Configuration. The Access Rule Configuration page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Global 802.1X Settings You can configure global port access control settings on the switch. To globally enable all 802.1X features: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches If RADIUS-assigned VLANs are enabled, the RADIUS server is includes the VLAN ID in the 802.1X tunnel attributes of its response message to the device. If dynamic VLAN creation is enabled on the device and the RADIUS-assigned VLAN does not exist, then the assigned VLAN is dynamically created. This implies that the client can connect from any port and can get assigned to the appropriate VLAN.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 8. Specify the following settings: • Port Control. Defines the port authorization state. The control mode is set only if the link status of the port is link up. Select one of the following options: - Auto. The switch automatically detects the mode of the interface. - Authorized. The switch places the interface into an authorized state without being authenticated.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Supplicant Timeout. Specify the supplicant time-out for the selected port. The supplicant time-out is the value, in seconds, after which the supplicant times out. • Server Timeout. Specify the time that elapses before the switch resends a request to the authentication server. 9. Click the Apply button. Your settings are saved. The following table describes the port authentication status information available on the page.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Initialize 802.1X on a Port To initialize 802.1X on a port: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 5. Select Security > Port Authentication > Advanced > Port Authentication. The Port Authentication page displays. 6. Select the check box associated with the port to reauthenticate. 7. Click the Reauthenticate button. The selected port is forced to restart the authentication process.This button is available only if the control mode is auto. If the button is not selectable, it is grayed out.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the fields on the Port Summary page. Table 72. Port summary Field Description Port The port for which the settings are displayed in the current table row. Control Mode Indicates the configured control mode for the port. Possible values are as follows: • Auto. The switch sets the port mode based on the authentication exchanges between the supplicant, authenticator, and the authentication server.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The login window opens. 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Security > Port Authentication > Advanced > Client Summary. The Client Summary page displays.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Set Up Traffic Control You can configure MAC filters, storm control, port security, protected port, and private VLAN settings. Manage MAC Filtering You can create MAC filters that limit the traffic allowed into and out of specified ports on the switch. Create a MAC Filter To create a MAC filter: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 9. In the Port and LAG tables in the Source Port Members section, select the ports and LAGs that must be included in the inbound filter. If a packet with the MAC address and VLAN ID that you specify is received on a port that is not part of the inbound filter, the packet is dropped. 10. In the Port and LAG tables in the Destination Port Members section, select the ports and LAGs that must be included in the outbound filter.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View the MAC Filter Summary You can view the MAC filters that are configured on the switch. To view the MAC filter summary: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To configure storm control settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 10. Click the Apply button. Your settings are saved. 11. To enable or disable storm control for one or more ports or to specify different threshold and control action settings for one or more ports, do the following: a.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To configure port security settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View Learned MAC Addresses and Convert Them to Static MAC Addresses You can convert a dynamically learned MAC address to a statically locked address. To view learned MAC addresses for an individual interface or LAG and convert these MAC addresses to static MAC addresses: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 11. To convert the dynamically learned MAC address to a statically locked addresses, select the Convert Dynamic Address to Static check box. 12. Click the Apply button. The dynamic MAC address entries are converted to static MAC address entries in a numerically ascending order until the static limit is reached.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure a Private VLAN A private VLAN contains switch ports that cannot communicate with each other, but can access another network. These ports are called private ports. Each private VLAN contains one or more private ports and a single uplink port or uplink aggregation group. Note that all traffic between private ports is blocked at all layers, not just Layer 2 traffic, but also traffic such as FTP, HTTP, and Telnet.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure Private VLAN Association Settings To configure private VLAN association: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Security > Traffic Control > Private VLAN > Private Vlan Host Interface Configuration.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Security > Traffic Control > Private VLAN > Private Vlan Promiscuous Interface Configuration. The Private VLAN Promiscuous Interface Configuration page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To configure an ACL: 1. Create an IPv4-based or IPv6-based or MAC-based ACL ID. 2. Create a rule and assign it to a unique ACL ID. 3. Define the rules, which can identify protocols, source, and destination IP and MAC addresses, and other packet-matching criteria. 4. Use the ID number to assign the ACL to a port or to a LAG. To view ACL configuration examples, see Access Control Lists (ACLs) on page 407.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following figure show the page for models GC752X and GC752XP. Models GC728X and GC728XP support 24 Ethernet ports but the same number of LAGs (24). 6. From the ACL Type menu, select the type of ACL. You can select from the following ACL types: • ACL Based on Destination MAC. Creates an ACL based on the destination MAC address, destination MAC mask, and VLAN. • ACL Based on Source MAC.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 7. In the Sequence Number field, enter a whole number in the range of 1 to 2147483647 that is used to identify the rule. 8. From the Action menu, select Permit or Deny to specify the action that must be taken if a packet matches the rule’s criteria. If a packet matches a rule with a permit action, the packet is allowed to continue toward its destination. If a packet matches a rule with a deny action, the packet is dropped. 9.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches ACL Based On Fields Source IPv4 L4 Port • • Source L4 port (protocol). Specify the source IPv4 L4 port protocol. Source L4 port (value). Specify the source IPv4 L4 port value. Destination IPv6 L4 Port • • Destination L4 port (protocol). Specify the destination IPv6 L4 port protocol. Destination L4 port (value). Specify the destination IPv6 L4 port value. • • Source L4 port (protocol).
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches ACL Wizard Example In the following figure, the ACL rule is configured to check for packet matches on ports 4, 5, and 9 and on LAG 1. Only the Inbound option is valid. Packets that include a source address in the 192.168.3.0/16 network are permitted to be forwarded by the interfaces. All other packets are dropped because every ACL includes an implicit deny all rule as the last rule.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Add a MAC ACL To add a MAC ACL: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Configure MAC ACL Rules You can define rules for MAC-based ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. A default deny all rule is the last rule of every list. Add a Rule to a MAC ACL To add a rule to a MAC ACL: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The valid range of queue IDs is 0 to 7. 10. From the Mirror Interface menu, select the specific egress interface to which the matching traffic stream must be copied, in addition to being forwarded normally by the switch. This field cannot be set if a redirect interface is already configured for the ACL rule. This field is visible for a Permit action. 11.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • IPX • MPLS multicast • MPLS unicast • NetBios • Novell • PPPoE • RARP • User Value 17. If you select User Value from the EtherType menu, in the EtherType User Value field, specify the customized EtherType value that must be used when you select User Value from the EtherType Key menu. This value must be compared against the information in an Ethernet frame. The valid range of values is 0x0600 to 0xFFFF. 18.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Change the Match Criteria for a MAC Rule To change the match criteria for a MAC rule: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select Security > ACL > Basic > MAC Rules. The MAC Rules page displays. 6. Select the check box that is associated with the rule. 7. Click the Delete button. The rule is removed. Configure MAC Bindings When an ACL is bound to an interface, all the rules that are defined are applied to the selected interface. You can assign MAC ACL lists to ACL priorities and interfaces. To configure MAC bindings: 1.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. From the ACL ID menu, select an ACL. The fixed selection from the Direction menu is Inbound, which means that MAC ACL rules are applied to traffic entering the interface. 7. In the Sequence Number field, optionally specify a number to indicate the order of the access list relative to other access lists already assigned to the interface and direction. A low number indicates high precedence order.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the information displayed in the Interface Binding Status table. Table 77. Interface Binding Status table Field Description Interface The interface of the ACL assigned. Direction The selected packet filtering direction for the ACL. ACL Type The type of ACL assigned to the selected interface and direction.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the information that is displayed in the MAC Binding Table. Table 78. MAC Binding Table Field Description Interface The interface of the ACL assigned. Direction The selected packet filtering direction for the ACL. ACL Type The type of ACL assigned to the selected interface and direction. ACL ID The ACL name identifying the ACL assigned to the selected interface and direction.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The Current Number of ACL field displays the current number of all ACLs configured on the switch. The Maximum ACL field displays the maximum number of IP ACLs that can be configured on the switch. 6. In the IP ACL ID field, specify the ACL ID or IP ACL name, which depends on the IP ACL type. The IP ACL ID is an integer in the following range: • 1–99.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. Select the check box that is associated with the IP ACL. 7. Click the Delete button. The IP ACL is removed. Configure Rules for a Basic IP ACL You can define rules for IP-based standard ACLs (basic ACLs). The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. Note: An implicit deny all rule is included at the end of an ACL list.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches If no rules exist, the Basic ACL Rule Table shows the message No rules have been configured for this ACL. If one or more rules exist for the ACL, the rules display in the Basic ACL Rule Table. 6. From the ACL ID menu, select the IP ACL for which you want to add a rule. For basic IP ACLs, this must be an ID in the range from 1 to 99. 7. Click the Add button. 8. Specify the following match criteria for the rule: • Sequence Number.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Mirror Interface. From the Mirror Interface menu, select the specific egress interface to which the matching traffic stream must be copied, in addition to being forwarded normally by the switch. This field cannot be set if a redirect interface is already configured for the IP ACL rule. This field is visible for a Permit action. • Redirect Interface.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. From the ACL ID menu, select the ACL that includes the rule that you want to modify. 7. In the Basic ACL Rule Table, click the rule. The rule is a hyperlink. The Standard ACL Rule Configuration page displays. 8. Modify the basic IP ACL rule criteria. 9. Click the Apply button. Your settings are saved. Delete a Basic IP ACL RUle To delete a basic IP ACL rule: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Add a Rule for an Extended IP ACL To add a rule for an extended IP ACL: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The previous figure does not show the rightmost fields. 8. Configure the following match criteria for the rule: • Sequence Number. Enter a whole number in the range of 1 to 2147483647 that is used to identify the rule. An extended IP ACL can contain up to 50 rules. • Action. Select the ACL forwarding action, which is one of the following: - Permit. Forward packets that meet the ACL criteria. - Deny.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • • Interface. For a Permit action, use either a mirror interface or a redirect interface: - Select the Mirror Interface radio button and use the menu to specify the egress interface to which the matching traffic stream is copied, in addition to being forwarded normally by the device.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The relevant matching conditions for L4 port numbers are as follows: - • Equal. IP ACL rule matches only if the Layer 4 source port number is equal to the specified port number or port protocol. • Not Equal. IP ACL rule matches only if the Layer 4 source port number is not equal to the specified port number or port protocol. • Less Than.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Dst L4. The options are available only when the protocol is set to TCP or UDP. Use the destination L4 port option to specify relevant matching conditions for L4 port numbers in the extended ACL rule. You can select either the Port radio button or the Range radio button: - Port radio button. If you select the Port radio button, you can either enter the port number yourself or select one of the following protocols from the menu.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The wildcard mask determines which bits are used and which bits are ignored. A wildcard mask of 0.0.0.0 indicates that none of the bits are important. A wildcard of 255.255.255.255 indicates that all of the bits are important. • IGMP Type. If you specify the IGMP type, the IP ACL rule matches the specified IGMP message type. Possible values are in the range 0 to 255. If this field is left empty, it means any. • ICMP.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches - IP TOS. This is an optional configuration. The IP ToS field in a packet is defined as all 8 bits of the service type octet in the IP header. The ToS bits value is a hexadecimal number that is composed of numbers 00 to 09 and AA to FF. The ToS mask value is a hexadecimal number that is composed of numbers 00 to FF.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Delete an Extended IP ACL Rule To delete an extended IP ACL rule: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Security > ACL > Advanced > IPv6 ACL. The IPV6 Configuration page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select Security > ACL > Advanced > IPv6 ACL. The IPv6 Configuration page displays. 6. Select the check box that is associated with the IPv6 ACL. 7. Click the Delete button. The IPv6 ACL is removed. Configure Rules for an IPv6 ACL You can define rules for IPv6 ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The previous figure does not show all columns. If no rules exists, the IPv6 ACL Rule Table shows the message No rules have been configured for this ACL. If one or more rules exist for the ACL, the rules display in the IPv6 ACL Rule Table. 6. From the ACL Name menu, select the IPv6 ACL for which you want to add a rule. 7. Click the Add button. The previous figure does not show the rightmost fields. 8.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Action. Select the ACL forwarding action by selecting one of the following radio buttons: - Permit. Forward packets that meet the ACL criteria. - Deny. Drop packets that meet the ACL criteria. • Egress Queue. If you select the Permit radio button, select the hardware egress queue identifier that is used to handle all packets matching this IPv6 ACL rule. The range of queue IDs is 0 to 7. • Logging.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Src L4. The options are available only when the protocol is set to TCP or UDP. Use the source L4 port option to specify relevant matching conditions for L4 port numbers in the extended ACL rule. You can select either the Port radio button or the Range radio button: - Port radio button.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Dst. In the Dst field, enter a destination IPv6 address to be compared to a packet’s destination IPv6 address as a match criterion for the selected IPv6 ACL rule: - If you select the IPv6 Address radio button, enter an IPv6 address to apply this criteria. If this field is left empty, it means any. - If you select the Host radio button, enter a host source IPv6 address to match the specified IPv6 address.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches You can either enter the port range yourself or select one of the following protocols from the menu: • The destination IP TCP port protocols are domain, echo, ftp, ftpdata, www-http, smtp, telnet, pop2, pop3, and bgp. • The destination IP UDP port protocols are domain, echo, snmp, ntp, rip, time, who, and tftp.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches that is used by end stations to signify Quality of Service handling in routers. The flow label can specified within the range 0 to 1048575. • IPv6 DSCP Service. Specify the IP DiffServ Code Point (DSCP) field. This is an optional configuration. The DSCP is defined as the high-order 6 bits of the service type octet in the IPv6 header. Enter an integer from 0 to 63. To select the IPv6 DSCP, select one of the DSCP keywords.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Delete an IPv6 ACL Rule To delete an IPv6 ACL rule: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Security > ACL > Advanced > IP Binding Configuration. The following figure show the page for models GC752X and GC752XP.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The Ports and LAG tables display the available and valid interfaces for ACL binding. All nonrouting physical interfaces, VLAN interfaces, and interfaces participating in LAGs are listed. 9. Click the Apply button. Your settings are saved. The following table describes the nonconfigurable information displayed on the page. Table 80. IP Binding Status table Field Description Interface The selected interface.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. To delete an IP ACL-to-interface binding, do the following: a. Select the check box next to the interface. b. Click the Delete button. The binding is removed. The following table describes the information displayed in the IP ACL Binding Table. Table 81. IP ACL Binding Table Field Description Interface The interface. Direction The selected packet filtering direction for the ACL.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. In the VLAN ID field, enter the VLAN ID to which the binding must apply. 7. From the Direction menu, select the packet filtering direction. 8. In the Sequence Number field, enter an optional sequence number. You can specify an optional sequence number to indicate the order of this access list relative to other access lists that are already assigned to the VLAN ID and selected direction.
7.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Reboot the Switch You can reboot the switch from the local browser interface. Note: The switch provides a recessed multi-function Reset button that lets you reboot (power-cycle) the switch. To reboot the switch, press the Reset button on the front panel for about two seconds. (Do not press the button for more than five seconds!) The switch restarts but retains its custom settings. To reboot the switch: 1.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches password. The default management mode is reset to NETGEAR Insight Mobile App and Insight Cloud Portal. For information about reconnecting to the switch, see Access the Switch on page 13. For information about changing the management mode, see Change the Management Mode of the Switch on page 20.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Export a File From the Switch You can export configuration (ASCII or log ASCII) files from the switch to a file server by using TFTP or HTTP or to a USB storage device.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Tech Support. The tech support file is a text-base file that contains a variety of hardware, software, and configuration information that can assist in device and network troubleshooting. • Crash Logs. Specify the crash logs to retrieve them. 7. From the Server Address Type menu, select the format for the Server Address field: • IPv4. Indicates that the TFTP server address is an IP address in dotted-decimal format.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Maintenance > Export > HTTP File Export. The HTTP File Export page displays. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 5. Select Maintenance > Export > USB File Export. The Export File to USB page displays. The default and only possible selection from the File Type menu is Text Configuration. A text-based configuration file enables you to edit a configured text file (startup-config) offline as needed.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Upgrade the Software or Download a File to the Switch Using TFTP You can upgrade software and download the image file, the configuration files, and SSL files from a TFTP server to the switch. Before you download a file to the switch, the following conditions must be true: • • • The file to download from the TFTP server is on the server in the appropriate directory. The file is in the correct format.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • SSH-2 RSA Key PEM File. SSH-2 Rivest-Shamir-Adelman (RSA) Key File (PEM Encoded). • SSH-2 DSA Key PEM File. SSH-2 Digital Signature Algorithm (DSA) Key File (PEM Encoded). • SSL Trusted Root Certificate PEM File. SSL Trusted Root Certificate File (PEM Encoded). • SSL Server Certificate PEM File. SSL Server Certificate File (PEM Encoded). • SSL DH Weak Encryption Parameter PEM File.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 13. If you selected SFTP or SCP from the Transfer Mode menu, specify the following credentials: • User Name. The user name to log in the server. • Password. The password to log in the server. 14. Select the Start File Transfer check box. 15. Click the Apply button. The file transfer begins. The page displays information about the progress of the file transfer.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches image. This is a safety feature for faults occurring during the boot upgrade process. The default setting is Software. • Text Configuration. A text-based configuration file enables you to edit a configured text file (startup-config) offline as needed.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Note: After a text configuration file is downloaded, the switch applies the configuration automatically. Upgrade the Software or Download a File to the Switch Using a USB Device You can upgrade the software and download files of various types from a USB storage device to the switch. To upgrade the software or download a file a from a USB storage device to the switch: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 7. If the selection from the File Type menu is Software, the Image Name menu is displayed and you must select the software image that must be downloaded to the switch: • image1. Select image1 to download image1. • image2. Select image2 to download image2. Note: We recommended that you do not overwrite the active image. If you do so, the switch displays a warning that you are trying to overwrite the active image. 8.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Copy an Image You can copy an image from one location (primary or backup) to another. To copy an image: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 5. Select Maintenance > Image Management > Dual Image > Dual Image Configuration. The Dual Image Configuration page displays. 6. From the Image Name menu, select the image that is not the image displayed in the Current-active field. The Current-active field displays the name of the active image. You cannot delete the active image. 7. Select the Delete Image check box. 8. Click the Apply button.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 82. Dual Image Status information (continued) Field Description Next-active The image to be used on the next restart of this switch. Image1 Description The description associated with the image1 code file. Image2 Description The description associated with the image2 code file. Perform Troubleshooting Tasks You can send a ping or a traceroute.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To send an IPv6 ping: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired connection to connect your computer to the network, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Interface. The interface that must be used when echo request packets are sent. With this selection, the Interface menu displays and you must select an interface as the source. 12. Click the Apply button. The specified address is pinged. The results are displayed below the configurable data in the Results field.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default value is 30. The range is 1 to 255. 9. In the Init TTL field, enter the initial TTL to be used. The default value is 1. The range is 1 to 255. 10. In the MaxFail field, enter the maximum number of failures allowed in the session. The default value is 5. The range is 1 to 255. 11. In the Interval field, enter the time between probes in seconds. The default value is 3. The range is 1 to 60. 12.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 15. Click the Apply button. A traceroute request is sent to the specified IP address or host name. The results are displayed below the configurable data in the Results field. Enable Remote Diagnostics You can enable or disable the option to access the switch remotely. When remote access is enabled, you can perform diagnostics services. To enable remote diagnostics: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches CAUTION: Make sure that the Write Core check box is cleared when you click the Apply button. Otherwise, the switch reboots. b. Click the Apply button. A pop-up window opens and displays the test results. You can verify if the configured settings are correct and if the USB device is accessible. The core dump file name that you entered in the File Name field is used as the destination. 13.
8. Manage Power over Ethernet This chapter covers the following topics: • PoE Overview • Device Class Power Requirements • Power Allocation and Power Budget • Configure the Global PoE Settings • Manage and View the PoE+ Port Configuration • Reset One or More PoE+ Ports • Set Up PoE Timer Schedules Note: This chapter applies to models GC728XP and GC752XP. Models GC728X and GC752X do not support Power over Ethernet.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches PoE Overview Model GC728XP includes 24 PoE plus (PoE+) ports. Model GC752XP includes 48 PoE+ ports The following table shows the capacity for each model. Table 83. PoE capacities for each model Model Maximum PoE Power Per Port Maximum Power Budget Across All Active PoE Ports GC728X PoE is not supported PoE is not supported GC728XP 30W PoE+ (IEEE 802.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table shows the device classes for PoE+ devices adhering to the IEEE 802.3at standard. The device classes for PoE devices adhering to the IEEE 802.3af standard are identical with the exception that Device Class 4 is not supported. Table 84.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches To determine the delivered power by PoE+ ports: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired network connection, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select System > PoE > Basic > PoE Configuration. 6.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Manage and View the PoE+ Port Configuration Depending on the model, the switch includes 24 or 48 PoE+ ports. To manage and view the PoE+ port settings: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired network connection, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The settings that you configure apply to all selected PoE+ ports. Menu Item Description Port Power Select the administrative mode of the port: • Enable. The port’s capacity to deliver power is enabled. This is the default setting. • Disable. The port’s capacity to deliver power is disabled.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Menu Item Description Detection Type The detection type specifies how the port detects the attached PD. Select one of the following types: • IEEE 802. The port performs a 4-point resistive detection. This is the default setting. • 4pt 802.3af + Legacy. The port performs a 4-point resistive detection, and if required, continues with legacy detection. • Legacy. The port performs legacy detection.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Field Description Fault Status The error description when the PoE port is in a fault state. The possible values are as follows: • No Error. The port is not in any error state and can provide power. • MPS Absent. The port detected the absence of the main power supply, preventing the port from providing power. • Short. The port detected a short circuit condition, preventing the port from providing power. • Overload.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Set Up PoE Timer Schedules The switch lets you define multiple timer schedules that you can use for PoE power delivery to attached PDs. After you create a timer schedule, you can associate it with one or more PoE+ ports (see Manage and View the PoE+ Port Configuration on page 368). You can use a separate timer schedule for each PoE+ port.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Specify the Settings for an Absolute PoE Timer Schedule An absolute timer schedule applies to specific dates and times. The schedule is executed once only. To specify the settings for a PoE timer schedule that uses specific dates and times: 1. Connect your computer to the same network as the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches d. Next to the Date End field, click the calendar icon and use the menus in the pop-up window to enter the date in the DD-Mon-YYYY format to specify when the timer schedule must stop. 8. Click the Add button. The entry for the timer schedule is added.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Selecting an existing entry lets you make changes to that entry. 7. In the Timer Schedule Configuration section, specify the recurrence pattern: a. In the Time Start field, enter the time of day in the HH:MM format to specify when the timer schedule must start. b. In the Time End field, enter the time of day in the HH:MM format to specify when the timer schedule must stop. c.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The System Information page displays. 5. Select System > Timer Schedule > Advanced > Timer Schedule Configuration. The Timer Schedule Configuration page displays. 6. From the Timer Schedule Name menu, select the schedule name. 7. From the Timer Schedule Type menu, select the schedule type. 8. From the Timer Schedule Entry menu, select the schedule entry. 9. Click the Delete button. The entry is deleted.
9. 9 Monitor the System This chapter contains the following sections.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Monitor the Switch and the Ports The following sections describe how you can view a variety of information about the amount and type of traffic that is transmitted from and received on the switch: • View or Clear the Switch Statistics on page 379 • View or Clear Port Statistics on page 381 • View or Clear Detailed Port Statistics on page 383 • View or Clear EAP Statistics on page 389 • Perform a Cable Test on page 391 View
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the switch statistics displayed on the page. Table 86. Switch statistics Field Description ifIndex The interface index of the interface table entry associated with the processor of this switch. Octets Received The total number of octets of data received by the processor (excluding framing bits, but including FCS octets).
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 86. Switch statistics (continued) Field Description Static VLAN Entries The number of active VLAN entries that were created statically on the switch. VLAN Deletes The number of VLANs that were created and then deleted on the switch since the last reboot. Time Since Counters Last Cleared The elapsed time, in days, hours, minutes, and seconds, since the statistics for the switch were last cleared.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the per-port statistics displayed on the page. Table 87. Port statistics Field Description Interface The interface for which the statistics are displayed. Total Packets Received Without Errors The total number of packets received that were without errors. Packets Received With Error The number of inbound packets that contained errors, preventing them from being delivered to a higher-layer protocol.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. Select the check box in the heading of the table. 7. Click the Clear button. All counters are reset to 0. Reset Counters for a Specific Interface To reset the counters for a specific interface: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired network connection, or connect directly to a switch that is off-network using an Ethernet cable. 2. Launch a web browser. 3.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 88. Detailed port statistics (continued) Field Description STP State The port's current Spanning Tree state. This state controls what action a port takes on receipt of a frame. If the bridge detects a malfunctioning port, it places that port into the broken state. The states are defined in IEEE 802.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 88. Detailed port statistics (continued) Field Description Packets RX and TX 1024-1518 Octets The total number of packets (including bad packets) received and transmitted that were between 1024 and 1518 octets in length inclusive (excluding framing bits but including FCS octets).
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 88. Detailed port statistics (continued) Field Description Multicast Packets Received The total number of well-formed packets received that were directed to a multicast address. This number does not include packets directed to the broadcast address. Broadcast Packets Received The total number of well-formed packets received that were directed to the broadcast address. This does not include multicast packets.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 88. Detailed port statistics (continued) Field Description Packets Transmitted 64 Octets The total number of packets (including bad packets) received that were 64 octets in length (excluding framing bits but including FCS octets).
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 88. Detailed port statistics (continued) Field Description Single Collision Frames The number of successfully transmitted frames for which transmission was inhibited by exactly one collision. Multiple Collision Frames The number of successfully transmitted frames for which transmission was inhibited by more than one collision.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Monitoring > Ports > EAP Statistics. The EAP Statistics page displays. 6. To refresh the page with the latest information about the switch, click the Refresh button. 7.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 89. EAP statistics Field Description EAP Request/ID Frames Transmitted The number of transmitted EAP request/identity frames. EAP Request Frames Transmitted The number of transmitted EAP request frames (other than request/identity frames). Perform a Cable Test You can test and view information about the cables that are connected to switch ports. To perform a cable test: 1.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The following table describes the nonconfigurable information displayed on the page. Table 90. Cable Test information Field Description Cable Status Indicates the cable status: • Normal. The cable is working correctly. • Open. The cable is disconnected or a faulty connector exists. • Short. An electrical short exists in the cable. • Cable Test Failed. The cable status could not be determined. The cable might in fact be working.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches console log. Messages logged to a collector or relay through syslog support the same format as well. The following example shows the standard format for a log message: <14>2017-09-02 16:35:40 10.131.12.183-1 UNKN[2176789276]: main_login.c(179) 3855 %% HTTP Session 19 initiated for user admin connected from 10.27.64.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches message logged. Messages logged to a collector or relay through syslog use a format identical to the previous message. Manage the Flash Log The flash log is a persistent log, that is, is a log that is stored in persistent storage. Persistent storage survives across platform reboots. The first log type is the system startup log. The system startup log stores the first 32 messages received after system reboot.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches - Critical (2). The third-highest warning level. A critical log message is saved if a critical device malfunction occurs, for example, two device ports are not functioning, while the rest of the device ports remain functional. - Error (3). A device error occurred, such as a port being offline. - Warning (4). The lowest level of a device warning. - Notice (5). Normal but significant conditions.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The default password is password. If you added the switch to a network on the Insight app before and you did not yet change the password through the local browser interface, enter your Insight network password. The System Information page displays. 5. Select Monitoring > Logs > Server Log. The Server Log Configuration page displays. 6. Specify the following settings: • IP Address Type.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 2. Launch a web browser. 3. In the address field of your web browser, enter the IP address of the switch. If you do not know the IP address of the switch, see Access the Switch on page 13. The login window opens. 4. Enter the switch’s password in the password field. The default password is password.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches View or Clear the Trap Logs You can view information about the SNMP traps generated on the switch. The information can be retrieved as a file. You can also display information about the traps that were sent. View the trap logs or clear the counters: 1. Connect your computer to the same network as the switch. You can use a WiFi or wired network connection, or connect directly to a switch that is off-network using an Ethernet cable.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 91. Trap Logs information (continued) Field Description System Up Time The time when the trap occurred, expressed in days, hours, minutes, and seconds, since the last reboot of the switch. Trap Information identifying the trap. View or Clear the Event Log You can display the event log, which is used to hold error messages for catastrophic events.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 92. Event Logs information (continued) Field Description Line The line number of the event. Task Id The task ID of the event. Code The event code. Time The time the event occurred. Configure Port Mirroring Port mirroring selects the network traffic for analysis by a network analyzer. This is done for specific ports of the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. Select an Admin Mode radio button: • True. Port mirroring is enabled. • False. Port mirroring is enabled. 7. From the Destination Port menu, select the destination port to which port traffic must be copied. You can configure only one destination port on the system. The port functions as a probe port and receives traffic from all configured source ports. If no port is configured, None is displayed. The default is None.
A. Configuration Examples This appendix contains information about how to configure the following features. The appendix covers the following topics: • Virtual Local Area Networks (VLANs) • Access Control Lists (ACLs) • Differentiated Services (DiffServ) • 802.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Virtual Local Area Networks (VLANs) A local area network (LAN) can generally be defined as a broadcast domain. Hubs, bridges, or switches in the same physical segment or segments connect all end node devices. End nodes can communicate with each other without the need for a router. Routers connect LANs together, routing the traffic to the appropriate port.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Packets leaving the switch are either tagged or untagged, depending on the setting for that port’s VLAN membership properties. A U for a given port means that packets leaving the switch from that port are untagged. Inversely, a T for a given port means that packets leaving the switch from that port are tagged with the VLAN ID that is associated with the port.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches untagged packet as it leaves port 6. For port 5, the outgoing packet leaves as a tagged packet with VLAN ID 20. Access Control Lists (ACLs) ACLs ensure that only authorized users can access specific resources while blocking off any unwarranted attempts to reach network resources.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches • Match Every. False • CoS. 0 • Destination MAC. 01:02:1A:BC:DE:EF • Destination MAC Mask. 00:00:00:00:FF:FF • EtherType. User Value. • Source MAC. 02:02:1A:BC:DE:EF • Source MAC Mask. 00:00:00:00:FF:FF • VLAN ID. 2 3. On the MAC Binding Configuration page (see Configure MAC Bindings on page 308), assign the Sales_ACL to ports 6, 7, and 8, and then click the Apply button.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 4. On the IP Rules page (see Configure Rules for a Basic IP ACL on page 313), create a second rule for IP ACL 1 with the following settings: • Sequence Number. 2 • Action. Permit • Match Every. True 5. Click the Add button. 6. On the IP Binding Configuration page (see Configure IP ACL Interface Bindings on page 333), assign ACL ID 1 to the interface Gigabit ports 2, 3, and 4, and assign a sequence number of 1.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches The DiffServ feature contains a number of conceptual QoS building blocks that you can use to construct a differentiated service network. Use these same blocks in different ways to build other types of QoS architectures.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Creating Policies Use DiffServ policies to associate a collection of classes that you configure with one or more QoS policy statements. The result of this association is referred to as a policy. From a DiffServ perspective, two types of policies exist: • Traffic Conditioning Policy. A policy that is applied to a DiffServ traffic class. • Service Provisioning Policy. A policy that is applied to a DiffServ service level.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches used as the conforming color. You can also specify the color of traffic that exceeds the threshold. • Counting. Updating octet and packet statistics to keep track of data handling along traffic paths within DiffServ. In this DiffServ feature, counters are not explicitly configured by the user, but are designed into the system based on the DiffServ policy being created.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 7. Click the Policy1 hyperlink to view the Policy Class Configuration page for this policy. 8. Configure the Policy attributes as follows: • Assign Queue. 3 • Policy Attribute. Simple Policy • Color Mode. Color Blind • Committed Rate. 1000000 Kbps • Committed Burst Size. 128 KB • Confirm Action. Send • Violate Action. Drop For more information about this page, see Create and Configure a DiffServ Policy on page 239. 9.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches authentication server) and the supplicant (the system that requests authentication), as well as between the authenticator and the authentication server. The switch can support a guest VLAN, which allows unauthenticated users limited access to the network resources. Note: You can use QoS features to provide rate limiting on the guest VLAN to limit the network resources that the guest VLAN provides. Another 802.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Figure 1. 802.1X authentication roles 802.1X Example Configuration This example shows how to configure the switch so that 802.1X-based authentication is required on the ports in a corporate conference room (1/0/5–1/0/8). These ports are available to visitors and must be authenticated before access is granted to the network. The authentication is handled by an external RADIUS server.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches 6. On the Server Configuration page (see Configure a RADIUS Authentication Server on the Switch on page 254), configure a RADIUS server with the following settings: • Server Address. 192.168.10.23 • Secret Configured. Yes • Secret. secret123 • Active. Primary 7. Click the Add button. 8.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches the IST within the region, that the assignment is consistent among all the networking devices in the region, and that the stable connectivity of each MSTI and IST at the boundary of the region matches that of the CST.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches MSTP Example Configuration This example shows how to create an MSTP instance from the switch. The example network includes three different switches that serve different locations in the network. In this example, ports 1/0/1–1/0/5 are connected to host stations, so those links are not subject to network loops. Ports 1/0/6–1/0/8 are connected across switches 1, 2, and 3. Figure 2.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches If you do not specify a root bridge and all switches are assigned the same bridge priority value, the switch with the lowest MAC address is elected as the root bridge. 5. On the Port Configuration page (fro CST) for each switch, select ports 1/0/1–1/0/8 and select Enable from the STP Status menu (see Configure CST Port Settings on page 137). 6. Click the Apply button. 7.
B.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Switch Specifications The switch conforms to the TCP/IP, UDP, HTTP, ICMP, TFTP, DHCP, IEEE 802.1D, IEEE 802.1p, and IEEE 802.1Q standards. Table 93.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Switch Features and Defaults The tables in this section provide information about the switch features and default values. Table 94.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 94. Feature Default Values and Default State (continued) Feature Name/Parameter Default Virtual LAN (IEEE 802.1Q) Default VLANs 1 (Default) All ports are members of the default VLAN. 4089 (Auto-Video) No ports are members of the Auto-Video VLAN. PVID 1 Acceptable Frame Types Admit All Ingress Filtering Disabled Port Priority 0 Jumbo Frames Maximum Frame Size 1518 Flow Control Admin Mode Disabled 802.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 94.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 94.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 94. Feature Default Values and Default State (continued) Feature Name/Parameter Default 802.1p to Queue Mapping (802.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 94.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 94. Feature Default Values and Default State (continued) Feature Name/Parameter Default Interface Shaping Rate 0 802.1p to Queue Mapping (802.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 95. Port characteristics Feature Sets Supported Default Static 802.1Q tagging 256 VID = 1 Max member ports are equal to the number of ports on the switch.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 99. System setup and maintenance Feature Sets Supported Default Boot code update 1 N/A DHCP/manual IP 1 DHCP enabled/192.168.0.239 Default gateway 1 192.168.0.254 System name configuration 1 NULL Configuration save/restore 1 N/A Firmware upgrade 1 N/A Restore defaults 1 (web and front-panel button) N/A Dual image support 1 Enabled Factory reset 1 N/A Table 100.
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches Table 101.
