Planet Technology SGSW-24040R, WGSW-24040R guide

User’s Manual of WGSW-24040 / WGSW-24040R

SGSW-24040 / SGSW-24040R

The page includes the following fields:

ObjectDescription

•Set up Policy Rules Set up the default policy rules for Client ports, Server ports, Network ports and Guest ports.

•Set up Port Policies Group ports into several types according to different ACL policies.

•Set up Typical Network Set up the specific ACL for different typical network application access control.

Application Rules

•Set up Source MAC Strictly control the network traffic by only allowing incoming frames that match the and Source IP Binding source IP and source MAC on specific port.

• Set up DoS Attack	Set up the specific ACL to detect DoS attack.
Detection Rules

4.11.3.1 Set up Policy Rules

Set up the default policy rules for Client ports, Server ports, Network ports, and Guest ports.

Policy 2 for client ports: Limit the allowed rate of broadcast and multicast frames.

Policy 3 for server ports: Common server access only. (DHCP, FTP, Mail, and WEB server)

Policy 4 for network ports: Limit the allowed rate of TCP SYN flooding and ICMP flooding.

Policy 5 for guest ports: Internet access only.

The screen in Figure 4-11-3appears.

Figure 4-11-3Set up Policy Rules page screenshot

169

Image 169

Planet Technology SGSW-24040R Policy 5 for guest ports Internet access only, 11-3Set up Policy Rules page screenshot

Contents

User’s Manual Disclaimer TrademarksFCC Warning CE Mark Warning Weee Warning Table of Conetnts 5.1 118 105132 140 181 159185 187 212 208 237 229244 257 251265 277 272282 287 293 290295 297 Product Description Packet Contents High Performance How to Use This Manual High-performance 5GbE Stacking interface ¾ Layer 2 Features Product Features¾ Physical Port 24-Port 10/100/1000Base-T Gigabit Ethernet RJ-45 ¾ Security ¾ Multicast¾ Management ¾ Stacking Hardware Specification Product Specification Traffic classification based, Strict priority and WRR Hardware Description Switch Front PanelGigabit TP interface Gigabit SFP slots About 1~3 second Reset buttonStack ID Master LED LED Indications Speed 1000Mbps 1000Base-SX/LX SFP interfaces Shared Port-21~Port-24Off To indicate that the SFP port is link down 5Rear panel of WGSW-24040 Switch Rear Panel Stack ports AC Power ReceptacleCascade UP 9SGSW-24040 / SGSW-24040R Stack Ports DC Power Connector Desktop Installation Install the Switch Rack Mounting Supply power to the Managed Switch 13Plug-in the SFP transceiver Installing the SFP transceiver „ Connect the fiber cable „ Approved Planet SFP Transceivers„ Remove the transceiver module Page Power switch in the OFF position and the DC power is OFF Connecting DC Power Supply WGSW-24040R / SGSW-24040R SGSW-24040 / SGSW-24040R Stack Installation Management Stacking Connecting Stacking cable Stack ID Master LED 21Separated Stack connection This chapter covers the following topics Requirements Administration Console Management Access OverviewMethod Advantages Disadvantages „ 115200 bps „ 8 data bits „ No parity „ 1 stop bit Direct Access Web Management 4Web main screen of Managed Switch Protocols SNMP-Based Network ManagementVirtual Terminal Protocols Management Architecture Snmp Protocol About Web-based Management WEB Configuration Http//192.168.0.100 „ Logging on the switchPage Panel Display Main WEBState RJ-45 Ports SFP Ports Stack Ports Main Menu 5WGSW/SGSW Managed Switch Main Funcrions Menu System IP Configuration System Information Page IP Configuration Old Password User AuthenticationNew Password Password Sntp Configuration Click System Web Firmware Upgrade WEB Firmware Upgrade Upgrade button Tftp Firmware UpgradeClick System -TFTP Firmware Upgrade Tftp Server IP 8TFTP Firmware upgrade pop-up message „ Configuration Download Configuration Save „ Configuration Upload Configuration UploadPage Factory Default System Reboot 18Set Start-up screenshot „ Example 1 Save Current Configuration setting 19Download system software screenshot „ Example 2 Downloading System Software from a Server „ Example 3 Downloading Configuration Settings from a Server „ Example 4 Saving or Restoring Configuration Settings Simple Network Management Protocol Snmp System ConfigurationSnmp Overview Snmp Operations Version ModeRead Community Write Community Snmp Trap Configuration Snmp System Information ConfigurationSystem Contact System Name Trap Version Trap ModeTrap Community Trap Destination SNMPv3 Accesses Configuration SNMPv3 ConfigurationDelete Group Name Security Model SNMPv3 Communities ConfigurationSecurity Level Read View Name Security Name SNMPv3 Groups Configuration Authentication SNMPv3 Users ConfigurationUser Name Protocol Privacy Password SNMPv3 Views ConfigurationPrivacy Protocol View Name View Type „ Example Add a new SNMPv3 userOID Subtree 9SNMPv3 Users-NEW page screenshot „ Example Add a new SNMPv3 Group 11SNMPv3 Groups-NEW page screenshot Port Management Port Configuration Port Power ControlLink Flow Control 2Port Statistics Overview page screenshot Port Statistics Overview Detailed Port Statistics Receive Total and Transmit Total Receive Error CountersReceive and Transmit Size Counters Receive and Transmit Queue Counters Transmit Error Counters Port Mirroring ConfigurationTx Drops Port to mirror to Mirror Port Configuration 6Port Mirror Configuration page screenshot „ Sgsw Stackable Switch 1Link Aggregation Link AggregationPage Static Aggregation Group Configuration Static Aggregation ConfigurationHash Code Contributors Destination MAC Group ID LocalityPort Members Lacp Enabled Lacp ConfigurationKey Role Lacp Port Status Lacp System Status Partner Port Lacp Lacp Transmitted Lacp statisticsLacp Received Discarded Vlan Overview Vlan Ieee 802.1Q Standard Ieee 802.1Q Vlan 802.1Q Vlan Tags Port Vlan ID Vlan Classification Vlan Basic Information ObjectDescription Vlan ModeSupported VLANs VLANs Vlan Learning Understand nomenclature of the Switch Vlan Port Configuration Pvid This is the logical port number for this row Link Type In-Q ModeEther type Port Vlan ID „ Adding Static Members to VLANs Vlan Index Vlan Membership ConfigurationVlan ID Overview Private Vlan Configuration„ Promiscuous ports „ Isolated ports Isolated Pvlan Port TypePromiscuous Bridge Protocol Data Units Rapid Spanning Tree Protocol STP Port States Creating a Stable STP TopologyPort transitions from one state to another as follows Except by setting priority ConfigurableSTP Parameters STP Operation Levels Below Forward Delay Timer Maximum Age TimerVariable Description Default Value Port Priority Default Spanning-Tree Configuration Feature Default Value Illustration of STP 110 Forward Delay Rstp System ConfigurationSystem Priority Max Age Rstp Bridge Status Rstp Enabled Rstp Port ConfigurationPath Cost Edge PriorityPoint2Point Port Type Link Type Ieee 802.1w-2001 Ethernet Rstp Port Status Rstp Rstp Port StatisticsSTP TCN Understand QOS Quality of ServiceQoS Terminology QCL # QoS Control List ConfigurationQCE Type Frame.The following QCE types are supported Type Value QoS Control Entry ConfigurationTraffic Class Port QoS Configuration Queuing Mode Default ClassQueue Weighted User Priority Set up Policy Rules QCL Configuration WizardApplication Rules QCL ID Includes the folling fileds Object DescriptionFrames that hit this QCE are set to match this specific QCL Port in a QCL member, click the radio button Audio and Video Set up Typical Network Application RulesGames Buttons User DefinitionSelect the QCL ID to which these QCEs apply Set up ToS Precedence Mapping Set up Vlan Tag Priority Mapping QoS Statistics Bandwidth Control Frame Type Storm Control ConfigurationStatus Rate Igmp Snooping MulticastAbout the Internet Group Management Protocol Igmp Snooping 133 0x17 Igmp Versions 10x12 „ Igmp Querier Idle Member Flooding enabled Igmp Snooping ConfigurationEnabled Igmp Querier Igmp Snooping Router Port Igmp Port Related ConfigurationFast Leave Object Description Igmp Snooping StatusVlan ID of the entry Multicast Address Table Overview of 802.1X Port-Based Authentication Ieee 802.1X Network Access ControlOverview of MAC-Based Authentication „ Device Roles Understanding Ieee 802.1X Port-Based Authentication „ Authentication Initiation and Message Exchange „ Ports in Authorized and Unauthorized States 10-2EAP message exchange Radius IP 10.2 802.1X System ConfigurationRadius Secret Enabled ReauthenticationEAP Timeout Period 10.3 802.1X and MAC-Based Authentication Port Configuration Max Clients Port State Restart State 10.4 802.1X Port StatusLast Source Last ID 10-6802.1X Statistics Port 1 page screenshot 10.5 802.1X and MAC-Based Authentication Statistics Direction Name Ieee Name Description Eapol Counters Description Port-based Radius Counters Direction Name Ieee NameMAC-based Port- and MAC-based MAC-based „ Last Supplicant/Client Info Windows Platform Radius Server Configuration 155 „ Configure Sample EAP-MD5 Authentication 10.7 802.1X Client Configuration 157 158 Access Control List Configuration Access Control ListsIngress Port Rate Limiter ActionPort Copy Logging Switch ACE Configuration „ Vlan Parameters „ MAC ParametersSmac Filter Dmac Filter ARP/ Rarp „ ARP Parameters IP/Ethernet Length „ IP ParametersEthernet IP Protocol Filter IP TTL „ TCP/UDP Parameters „ Icmp Parameters TCP SYN TCP FINTCP PSH TCP ACK „ Ethernet Type Parameters ACL Configuration wizardEtherType Filter 11-3Set up Policy Rules page screenshot Policy 5 for guest ports Internet access only Policy ID Set up Port Policies Instant Messaging Common ServersMSN Messenger Google Talk Yahoo Messenger Ethernet Type Others NetBIOS Ping Request Ping ReplySnmp Traps 173 Binding Enabled Set up Source MAC and Source IP BindingSource IP Address UDP DoS Fraggle Set up DoS Attack Detection Rules Icmp DoS Smurf Death Port n Switch nPolicy n Deny Rate Limiter ID ACL Rate Limiter Configuration16K 32K 64K 128K 512K ACL Ports Configuration 180 Aging Configuration MAC Address Table ConfigurationRange 10-10000000 seconds Default 300 seconds Address Table Static MAC Table Configuration Dynamic MAC Table MAC Address Table StatusNavigating the MAC Table MAC Table Columns 184 MAC Table Learning DisableAuto Secure 186 Link Layer Discovery Protocol Lldp „ Lldp Parameters Lldp ConfigurationTx Interval Tx Delay „ 4.14.2.2 Lldp Port ConfigurationTx Hold Tx Reinit Sys Name Port DescrSys Descr Sys Capa Lldp Neighbor „ Global Counters Lldp Statistics Local Counters Network Diagnastics Cable DiagnosticsCable Status Destination IP Address PingPing Size „ Ring topology „ Chain topology same as a disconnected ring Stacking SGSW-24040 / SGSW-24040R 197 „ Assigning and Swapping Switch IDs Switch IDs„ Removing a Switch From the Stack „ Replacing a Switch Master Election „ General Switch ID Assignment RulesStack Redundancy Utilize all stack links in the ring Shortest Path Forwarding Stack Configuration Stack Information Master Switch„ Stack Topology „ Stack List „ Master Forwarding Table 16-10Port State Overview page screenshot Stack Port State Ovewview Stack Example „ Identify the Master Switch 206 207 Logon to the Console Accessing the CLI „ Configure IP address Configure IP address Subnet Mask Gateway Switch/ ip setup 192.168.1.100 255.255.255.0 Telnet login Command Groups System CommandSystem Configuration Syntax System Restore Default System RebootExample System Name Default SettingSystem Prompt System Sntp System Password System Firmware Load System Timezone 217 Syntax IP ConfigurationParameters IP Ping IP Setup 220 Port Configuration Port Management CommandPort State Port Flow Control Port Mode Port Maximum Frame Port Excessive Port Power Port VeriPHY Port Statistics Port Numbers Mirror Port Mirror ConfigurationMirror SID Mirror Mode Aggregation Configuration Link Aggregation CommandAggregation Add Parameters portlist Port list Aggregation Lookup Aggregation Delete Aggregation Mode Lacp Configuration Lacp Key Lacp Mode Lacp Status Lacp Role Lacp Statistics 236 Vlan Configuration Vlan Configuration CommandVlan Mode All Vlan Frame TypeTagged Allow tagged frames only Vlan Link Type Vlan Ingress Filter Vlan Ethernet Type Vlan Q-in-Q ModeMan Set out layer Vlan tag ether type MAN Vlan Delete Vlan Add Vlan Lookup Pvlan Isolate Pvlan Configuration Rstp Configuration Spanning Tree Protocol CommandRstp SysPrio Rstp Age Rstp Delay Normal Rstp Default Setting Rstp ModeRstp Version Rstp Priority Rstp Cost Rstp P2P Rstp Edge Rstp Status Rstp mCheck Rstp Statistics Igmp Configuration Multicast Configuration CommandIgmp Mode Igmp State Igmp Fast Leave Igmp Querier Igmp Router Igmp Groups Igmp FloodingIgmp Status 256 QoS Configuration Quality of Service CommandQoS Default QoS Classes QoS QCL Port QoS Tag Priority QoS QCL Add Qclid QCL ID Default SettingParameters Qclid Qceid QoS QCL Lookup QoS QCL Delete QoS Weight QoS ModeQoS Rate Limiter QoS Shaper QoS Multicast QoS Unicast QoS Broadcast Dot1x Configuration 802.1x Port Access Control CommandDotx1 Mode Dot1x Server Dot1x Status Dot1x Secret Dot1x Authenticate Dot1x Period Dot1x Re-authentication Dot1x Statistics Dot1x Timeout Dot1x Agetime Dot1x ClientsParameters Portlist Dot1x Holdtime ACL Configuration Access Control List CommandACL Action ACL Rate ACL Policy ACL Add ACL Delete ACL Lookup MAC Configuration MAC Address Table CommandMac Add MAC Lookup MAC Delete MAC Learning MAC Age Time MAC Statistics MAC Dump MAC Flash Lldp Configuration Lldp CommandLldp Mode Lldp Interval Lldp Optional TLV Lldp Hold Lldp Delay Lldp Information Lldp Reinit Lldp Statistics Stack List Stack Management CommandStack Master Reelect Stack SID Swap Stack SelectStack SID Delect Stack SID Asign Forwarding & Filtering LearningStore-and-Forward If attached device is 100Base-TX port will set to Auto-Negotiation 292 Performance is bad Solution Link LED is not lit SolutionWhy the Switch doesnt connect to the network Solution Switch does not power up Solution „ While IP Address be changed or forgotten admin password Stacking not functioning Solution RJ-45 Connector pin assignment Contact Switchs RJ-45 Pin Assignments10/100Mbps, 10/100Base-TX = Brown Straight Cable Straight Cable= Brown ACL ACEAggregation ARP Dhcp DESDNS DoS Ethernet Type DscpFTP Http Ieee IcmpIgmp Imap Lldp IpmcMAC Table MD5 NetBIOSMirroring NFS Policer PingPOP3 Private Vlan QoS QCLRarp Samba Smtp SHASnmp Sntp Telnet TCPTftp ToS UDP 308