User's Manual
Table Of Contents
- 8-Port Multi-Gigabit Smart Managed Pro Switch with Two 10G Ports
- Contents
- 1 Get Started
- 2 Configure System Information
- View and Configure the Switch Management Settings
- View or Define System Information and View Software Versions
- View the System CPU Status
- View USB Device Information
- Configure the IPv4 Address for the Network Interface and Management VLAN
- Configure the IPv6 Address for the Network Interface
- View the IPv6 Network Neighbor
- Configure the Time Settings
- Configure DNS Settings
- Configure Green Ethernet Settings
- Use the Device View
- Configure Power over Ethernet
- Configure SNMP
- Configure LLDP
- Configure DHCP Snooping
- Set Up PoE Timer Schedules
- View and Configure the Switch Management Settings
- 3 Configure Switching
- Configure Port Settings and Flow Control
- Configure Link Aggregation Groups
- Configure VLANs
- Configure VLAN Settings
- Configure VLAN Membership
- View VLAN Status
- Configure Port PVID Settings
- Configure MAC-Based VLAN Groups
- Manually Add Members to or Remove Them From a MAC-Based VLAN Group
- Configure Protocol-Based VLAN Groups
- Manually Add Members to or Remove Them From a Protocol-Based VLAN Group
- Configure GARP Switch Settings
- Configure GARP Ports
- Configure a Voice VLAN
- Configure Auto-VoIP
- Configure Spanning Tree Protocol
- Configure Multicast
- View the MFDB Table
- View the MFDB Statistics
- Configure Auto-Video
- IGMP Snooping Overview
- Configure the Global IGMP Snooping Settings
- View the IGMP Snooping Table
- Configure IGMP Snooping for VLANs
- Modify IGMP Snooping Settings for a VLAN
- Disable IGMP Snooping on a VLAN and Remove It From the Table
- IGMP Snooping Querier Overview
- Configure IGMP Snooping Querier
- Configure IGMP Snooping Querier for VLANs
- Display the IGMP Snooping Querier for VLAN Status
- MLD Snooping Overview
- Configure the Global MLD Snooping Settings
- Configure MLD Snooping for a VLAN
- View, Search, and Manage the MAC Address Table
- 4 Configure Routing
- IP Routing Overview
- Configure IP Settings
- Configure VLAN Routing
- Manage IPv4 Routes
- Configure Address Resolution Protocol
- Configure IPv6
- Configure IPv6 Global Settings
- Add a Static IPv6 Route
- Change the Preference for a Static IPv6 Route
- Remove a Static IPv6 Route
- View the IPv6 Route Table
- Configure IPv6 VLAN Interface Settings
- Add an IPv6 Global Address to an IPv6 VLAN
- Change the Settings for an IPv6 Global Address on an IPv6 VLAN
- Remove an IPv6 Global Address From an IPv6 VLAN
- Add an IPv6 Prefix for Advertisement on an IPv6 VLAN
- Change the Settings for an IPv6 Prefix for Advertisement on an IPv6 VLAN
- Remove an IPv6 Prefix From an IPv6 VLAN
- View IPv6 Statistics for an Interface
- View or Clear the IPv6 Neighbor Table
- 5 Configure Quality of Service
- 6 Manage Device Security
- Management Security Settings
- Configure Management Access
- Configure Port Authentication
- Set Up Traffic Control
- Configure Access Control Lists
- Use the ACL Wizard to Create a Simple ACL
- Configure a Basic MAC ACL
- Configure MAC ACL Rules
- Configure MAC Bindings
- View or Delete MAC ACL Bindings in the MAC Binding Table
- Configure an IP ACL
- Configure Rules for a Basic IP ACL
- Configure Rules for an Extended IP ACL
- Configure an IPv6 ACL
- Configure IPv6 Rules
- Configure IP ACL Interface Bindings
- View or Delete IP ACL Bindings in the IP ACL Binding Table
- 7 Monitor the System
- 8 Maintain the Switch and Perform Troubleshooting
- A Configuration Examples
- B Hardware Specifications and Default Settings
Smart Managed Pro Switches MS510TX and MS510TXPP
Manage Device Security User Manual281
• Src IP Mask. In the Src IP Mask field, enter a source IP mask, using dotted-decimal
notation, to be compared to a packet’s source IP mask as a match criterion for the
selected IP ACL rule.
Wildcard masks determine which bits are used and which bits are ignored. A wildcard
mask of 255.255.255.255 indicates that none of the bits are important. A wildcard
mask of 0.0.0.0 indicates that all of the bits are important. Wildcard masking for ACLs
operates differently from a subnet mask. A wildcard mask is in essence the inverse of
a subnet mask. For example, to apply the rule to all hosts in the 192.168.1.0/24
subnet, enter 0.0.0.255 in the Src IP Mask field. This field is required when you
configure a source IP address.
• Source L4 port. The options are available only when the protocol is set to TCP or UDP.
Use the source L4 port option to specify relevant matching conditions for L4 port
numbers in the extended ACL rule.
The source port protocols are domain, echo, ftp, ftpdata, http, smtp, snmp, telnet,
tftp, and www. Each of these values translates into its equivalent port number.
Select Other from the menu to enter a port number from 0 to 65535.
• Destination IP Address. In the Destination IP Address field, enter a destination IP
address, using dotted-decimal notation, to be compared to a packet’s destination IP
address as a match criterion for the selected IP ACL rule.
• Dst IP Mask. In the Dst IP Mask field, enter a destination IP mask, using
dotted-decimal notation, to be compared to a packet’s destination IP mask as a match
criterion for the selected IP ACL rule.
Wildcard masks determine which bits are used and which bits are ignored. A wildcard
mask of 255.255.255.255 indicates that none of the bits are important. A wildcard
mask of 0.0.0.0 indicates that all of the bits are important. Wildcard masking for ACLs
operates differently from a subnet mask. A wildcard mask is in essence the inverse of
a subnet mask. For example, to apply the rule to all hosts in the 192.168.1.0/24
subnet, enter 0.0.0.255 in the Dst IP Mask field. This field is required when you
configure a destination IP address.
• Destination L4 port. The options are available only when the protocol is set to TCP or
UDP. Use the destination L4 port option to specify relevant matching conditions for L4
port numbers in the extended ACL rule.
The destination port protocols are domain, echo, ftp, ftpdata, http, smtp, snmp,
telnet, tftp, and www. Each of these values translates into its equivalent port number.
Select Other from the menu to enter a port number from 0 to 65535.
• Service Type. Select either the None radio button to ignore a service type match
condition or the IP DSCP radio button for an IP DSCP service type match condition
for the extended IP ACL rule.
If you select the IP DSCP radio button, select one of the IP DiffServ Code Point
(DSCP) keywords from the menu. The DSCP is defined as the high-order 6 bits of the
service type octet in the IP header. To specify a numeric value, select Other from the
menu and enter a numeric value from 0 to 63.