ES3500 Series
Quick Start Guide
User’s Guide
Note: It is recommended you use the Web Configurator to configure the Switch
Contents Overview
Page
Table of Contents
Part I: User’s Guide
Chapter
Page
Basic Setting
10.2 Configuring Static MAC Forwarding
Configure Multiple Rapid Spanning Tree Protocol
Multiple Rapid Spanning Tree Protocol Status
13.8.1 Multiple Spanning Tree Protocol Port Configuration
Multiple Spanning Tree Protocol Status
Link Aggregation
Port Authentication
Port Security
Classifier
Policy Rule
22.1.1 Strictly Priority Queuing
22.1.2 Weighted Fair Queuing
22.1.3 Weighted Round Robin Scheduling (WRR)
23.1.1 VLAN Stacking Example
23.3.1 Frame Format
25.2.2 TACACS+ Server Setup
25.2.3 AAA Setup
25.2.4 Vendor Specific Attribute
25.2.5 Tunnel Protocol Attribute
25.3.1 Attributes Used for Authentication
30.1 sFlow Overview
30.2 sFlow Port Configuration
30.2.1 sFlow Collector Configuration
PPPoE Intermediate Agent Overview
31.1.1 PPPoE Intermediate Agent Tag Format
36.1.1 DSCP and Per-HopBehavior
36.1.2 DiffServ Network Example
36.2.1 TRTCM-Color-blindMode
36.2.2 TRTCM-Color-awareMode
36.3.1 Configuring 2-Rate3 Color Marker Settings
39.3.5 Configuring SNMP Trap Group
ARP Table
Appendix
A Common Services
Page
Page
Page
Getting to Know Your Switch
1.1 Introduction
Sales
Figure 3 High Performance Switched Workgroup Application
For more information on VLANs, refer to Chapter 9 on page
1.2 Ways to Manage the Switch
1.3Good Habits for Managing the Switch
Page
Hardware Installation and Connection
2.1 Installation Scenarios
2.2Desktop Installation Procedure
2.3Mounting the Switch on a Rack
Page
Page
Hardware Overview
3.1 Front and Rear Panels
Chapter 3 Hardware Overview
Figure 12 ES3500-24HPRear Panel
Figure 13 ES3500-8PDFront Panel
Ethernet Ports PoE In
Figure 14 ES3500-8PDRear Panel
Page
•Type: SFP connection interface
•Connection speed: 1 Gigabit per second (Gbps)
Use the following steps to install a mini-GBICtransceiver (SFP module)
2Press the transceiver firmly until it clicks into place
4Close the transceiver’s latch (latch styles vary)
Figure 16 Connecting the Fiber Optic Cables
Use the following steps to remove a mini-GBICtransceiver (SFP module)
1Remove the fiber optic cables from the transceiver
2Open the transceiver’s latch (latch styles vary)
3Pull the transceiver out of the slot
3.2 LEDs
Table 4 ES3500-24LED Descriptions (continued)
Table 5 ES3500-24HPLED Descriptions
Table 5 ES3500-24HPLED Descriptions (continued)
Table 6 ES3500-8PDLED Descriptions
Page
The Web Configurator
4.1 Introduction
4.2System Login
4.3The Web Configurator Layout
Page
In the navigation panel, click a main link to reveal a list of submenu links
Table 7 Navigation Panel Sub-linksOverview
BASIC SETTING
ADVANCED
IP APPLICATION
Chapter 4 The Web Configurator
Table 8 Navigation Panel Links (continued)
This link takes you to a screen where you can configure the Switch to supply
power over Ethernet
Advanced Application
sFlow
This link takes you to screens where you can configure sFlow settings on the
PPPoE
use to identify and authenticate a PPPoE client
Errdisable
4.4 Saving Your Configuration
4.5 Switch Lockout
4.6Resetting the Switch
4.7 Logging Out of the Web Configurator
4.8 Help
Page
Initial Setup Example
5.1 Overview
VLAN Group ID
VID
Figure 26 Initial Setup Network Example: Port VID
link
Advanced Applications
VLAN Port Setting
PVID
5.2 Configuring Switch Management IP Address
Page
Tutorials
6.1How to Use DHCP Snooping on the Switch
Control
Tx Tagging
, activate and specify VLAN 100 as the DHCP VLAN as shown. Click
5 Click the Port link at the top right corner
6The DHCP Snooping Port Configure screen appears
The
screen appears
6.2 How to Use DHCP Relay on the Switch
DHCP Server
Port
PVID=102
3Click Advanced Application > VLAN > Static VLAN
VLAN Status
PVID
IP Application > DHCP
Global
DHCP Relay
Remote DHCP Server
6.3How to Use PPPoE IA on the Switch
Port 12 - Trusted
Port 11 - Trusted
Port 12 - Trusted
Port 5 - Untrusted
Note: For related information about PPPoE IA, see Section 31.3 on page
SWITCH
PORT CONNECTED
Intermediate Agent
Page
Trusted
Page
6.4 How to Use Error Disable and Recovery on the Switch
Page
6.5 How to Set Up a Guest VLAN
Basic Setting > Switch Setup
Page
Page
Guest Vlan
6.6How to Do Port Isolation in a VLAN
Page
Page
Follow the steps below to configure private VLAN for VLAN
1Click Advanced Application > Private VLAN
Private VLAN
VLAN ID
Page
Page
System Status and Port Statistics
7.1 Overview
7.2 Port Status Summary
Chapter 7 System Status and Port Statistics
The following table describes the labels in this screen
Table 11 Status
screen (refer to Figure 29 on page 81)
Name
Figure 29 Status > Port Details
Table 12 Status: Port Details
Table 12 Status: Port Details (continued)
duplex (F for full duplex or H for half) settings
half) and media type (Copper) settings
type (Copper or Fiber) settings
Status
Chapter 7 System Status and Port Statistics
RX CRC
Length
Runt
including the ones with CRC errors
Basic Setting
8.1 Overview
8.2 System Information
Table 13 Basic Setting > System Info
System Name
Product Model
This field displays the model number of the Switch
ZyNOS F/W
8.3 General Setup
8.4 Introduction to VLANs
Note: VLAN is unidirectional; it only governs outgoing traffic
Isolated ports: 2~6
Root port:
Designated port:
Before Smart Isolation:
8.5 Switch Setup
Table 15 Basic Setting > Switch Setup (continued)
Aging Time
Join
Leave
Leave All
8.6 IP Setup
Table 16 Basic Setting > IP Setup
Domain Name
Server
use a domain name instead of an IP address
Default Management IP Address
8.7 Port Setup
8.8 PoE
Figure 35 Powered Device Examples
PSE
PDPD
PoE
Figure 36 Basic Setting > PoE Status
Consuming Power (W)
the connected PoE-enableddevices
Allocated Power (W)
negotiating with the connected PoE device(s)
Consuming Power (W) can be less than or equal but not more than the
PoE Setup
PoE Status
Table 19 Basic Setting > PoE Setup
Select the power management mode you want the Switch to use
with lower priority do not get power to function
Page
VLAN
9.1 Introduction to IEEE 802.1Q Tagged VLANs
9.2 Automatic VLAN Registration
9.3 Port VLAN Trunking
9.4 Select the VLAN Type
9.5 Static VLAN
Section 9.1 on page
Figure 40 Advanced Application > VLAN: VLAN Status
Table 21 Advanced Application > VLAN: VLAN Status
VLAN Search
by VID
Figure 41 Advanced Application > VLAN > VLAN Detail
Table 22 Advanced Application > VLAN > VLAN Detail
VLAN Status
Click this to go to the VLAN Status screen
Port Number
Figure 42 Advanced Application > VLAN > Static VLAN
The following table describes the related labels in this screen
Table 23 Advanced Application > VLAN > Static VLAN
ACTIVE
Select this check box to activate the VLAN settings
Advanced Application > VLAN > Static VLAN (continued)
Tagging
VLAN Group ID
Clear
Click Clear to start configuring the screen again
9.6 Subnet Based VLANs
9.7 Configuring Subnet Based VLAN
Figure 45 Advanced Application > VLAN > VLAN Port Setting > Subnet Based VLAN
Check this to activate this subnet based VLANs on the Switch
DHCP-Vlan
Override
VLAN or via another DHCP server on the subnet based VLAN
9.8 Protocol Based VLANs
9.9 Configuring Protocol Based VLAN
9.10 Create an IP-basedVLAN Example
9.11Port-basedVLAN Setup
Filtering
Page
Page
Table 27 Advanced Application > VLAN: Port Based VLAN Setup
Setting
Choose All connected or Port isolation
Choose
Wizard
Static MAC Forward Setup
10.1 Overview
10.2 Configuring Static MAC Forwarding
Chapter 10 Static MAC Forward Setup
Table 28 Advanced Application > Static MAC Forwarding
clearing this
rule
Note: Static MAC addresses do not age out
Static Multicast Forward Setup
11.1 Static Multicast Forwarding Overview
11.2 Configuring Static Multicast Forwarding
to display the configuration screen as shown
Figure 55 Advanced Application > Static Multicast Forwarding
Table 29 Advanced Application > Static Multicast Forwarding
deleting it by clearing this check box
address forwarding rule. This is for identification only
Table 29 Advanced Application > Static Multicast Forwarding (continued)
specified multicast MAC address will be forwarded
Filtering
12.1 Configure a Filtering Rule
Chapter 12 Filtering
Advanced Application > FIltering (continued)
MAC
Click Clear to clear the fields to the factory defaults
which the MAC address belongs
Spanning Tree Protocol
13.1 STP/RSTP Overview
Table 32 STP Port States
PORT STATE
Note: The listening state does not exist in RSTP
MRSTP
MRSTP2
Note: Each port can belong to one STP tree only
Figure 58 STP/RSTP Network Example
Figure 59 MSTP Network Example
Page
13.2 Spanning Tree Protocol Status Screen
13.3 Spanning Tree Configuration
13.4 Configure Rapid Spanning Tree Protocol
Chapter 13 Spanning Tree Protocol
Table 34 Advanced Application > Spanning Tree Protocol > RSTP (continued)
Bridge Priority
the root switch. Select a value from the drop-downlist box
and Forwarding Delay
13.5 Rapid Spanning Tree Protocol Status
13.6 Configure Multiple Rapid Spanning Tree Protocol
13.7 Multiple Rapid Spanning Tree Protocol Status
Note: This screen is only available after you activate MRSTP on the Switch
Figure 67 Advanced Application > Spanning Tree Protocol > Status: MRSTP
Table 37 Advanced Application > Spanning Tree Protocol > Status: MRSTP
edit MRSTP settings on the Switch
Select which STP tree configuration you want to view
13.8 Configure Multiple Spanning Tree Protocol
Table 38 Advanced Application > Spanning Tree Protocol > MSTP
Click Status to display the MSTP Status screen (see Figure 70 on page 140)
on the Switch
Spanning Tree Protocol > Configuration screen to enable MSTP on the Switch
screen to enable MSTP on the Switch
Table 38 Advanced Application > Spanning Tree Protocol > MSTP (continued)
VLAN Range
remove from the VLAN range edit area in the End field
Next click:
• Add - to add this range of VLAN(s) to be mapped to the MST instance
To configure MSTP ports, click
screen
Figure 69 Advanced Application > Spanning Tree Protocol > MSTP > Port
Table 39 Advanced Application > Spanning Tree Protocol > MSTP > Port
the common settings and then make adjustments on a port-by-portbasis
13.9 Multiple Spanning Tree Protocol Status
This field displays the configuration name for this MST region
This field displays the revision number for this MST region
A configuration digest is generated from the VLAN-MSTImapping information
Digest
displays the digest when MSTP is activated on the system
Bandwidth Control
14.1 Bandwidth Control Overview
14.2 Bandwidth Control Setup
Table 41 Advanced Application > Bandwidth Control (continued)
Broadcast Storm Control
15.1 Broadcast Storm Control Setup
Chapter 15 Broadcast Storm Control
Table 42 Advanced Application > Broadcast Storm Control (continued)
Broadcast (pkt
Multicast (pkt/s)
DLF (pkt/s)
Mirroring
16.1 Port Mirroring Setup
Chapter 16 Mirroring
Advanced Application > Mirroring (continued)
set the common settings and then make adjustments on a port-by-portbasis
Mirrored
Select this option to mirror the traffic on a port
Link Aggregation
17.1 Link Aggregation Overview
17.2 Dynamic Link Aggregation
17.3 Link Aggregation Status
Chapter 17 Link Aggregation
Table 46 Advanced Application > Link Aggregation Status (continued)
Aggregator ID
enabled for this group
Criteria
17.4 Link Aggregation Setting
Advanced Application > Link Aggregation > Link Aggregation Setting (continued)
address to make sure port trunking can work properly
Select src-mac to distribute traffic based on the packet’s source MAC address
destination MAC addresses
Select src-ip to distribute traffic based on the packet’s source IP address
17.5 Link Aggregation Control Protocol
17.6 Static Trunking Example
Configure static trunking
Port Authentication
18.1 Port Authentication Overview
Chapter 18 Port Authentication
Figure 79 IEEE 802.1x Authentication Process
New Connection
Identity Request
Login Credentials
18.2 Port Authentication Configuration
Figure 82 Advanced Application > Port Authentication
Table 49 Advanced Application > Port Authentication
Select this check box to permit 802.1x authentication on the Switch
802.1x authentication on the Switch before configuring it on each port
Max-Req
Table 49 Advanced Application > Port Authentication > 802.1x (continued)
Reauth
stay connected to the port
Reauth-period
username and password to stay connected to the port
Port Authentication
Figure 84 Advanced Application > Port Authentication > 802.1x > Guest VLAN
Table 50 Advanced Application > Port Authentication > 802.1x > Guest VLAN
Select this checkbox to enable the guest VLAN feature on this port
services
Chapter 18 Port Authentication
Host-mode
(using a hub)
Select Multi-Secure to authenticate each user that connects to this port
Multi-Secure
Table 51 Advanced Application > Port Authentication > MAC Authentication
Select this check box to permit MAC authentication on the Switch
Name Prefix
authentication. You can enter up to 32 printable ASCII characters
RADIUS server
Port Security
19.1 About Port Security
19.2 Port Security Setup
Chapter 19 Port Security
Table 52 Advanced Application > Port Security
Port List
MAC freeze
display in the Static MAC Forwarding screen
Classifier
20.1 About the Classifier and QoS
20.2Configuring the Classifier
Chapter 20 Classifier
Advanced Application > Classifier
Figure 87 Advanced Application > Classifier
Table 53 Advanced Application > Classifier
Select this option to enable this rule
20.3 Viewing and Editing Classifier Configuration
Figure 88 Advanced Application > Classifier: Summary Table
Table 54 Classifier: Summary Table
Table 55 Common Ethernet Types and Protocol Number
ETHERNET TYPE
PROTOCOL NUMBER
20.4 Classifier Example
Policy Rule
21.1 Policy Rules Overview
21.2 Configuring Policy Rules
Chapter 21 Policy Rule
Advanced Applications > Policy Rule
Figure 90 Advanced Application > Policy Rule
Table 57 Advanced Application > Policy Rule
Select this option to enable the policy
Table 57 Advanced Application > Policy Rule (continued)
General
Egress Port
Type the number of an outgoing port
Specify a priority level
21.3 Viewing and Editing Policy Configuration
21.4 Policy Example
Queuing Method
22.1 Queuing Method Overview
22.2 Configuring Queuing
Table 59 Advanced Application > Queuing Method
This label shows the port you are configuring
Robin)
get more guaranteed bandwidth than queues with smaller weights
more service than queues with smaller weights
VLAN Stacking
23.1 VLAN Stacking Overview
23.2 VLAN Stacking Port Roles
Port
23.3 VLAN Tag Format
23.4 Configuring VLAN Stacking
Table 63 Advanced Application > VLAN Stacking (continued)
screen to display the screen as shown
Figure 96 Advanced Application > VLAN Stacking > Port-basedQinQ
Table 64 Advanced Application > VLAN Stacking > Port-basedQinQ
information on VLAN ID
tunnel port or cannot match any selective
Figure 97 Advanced Application > VLAN Stacking > Selective QinQ
Table 65 Advanced Application > VLAN Stacking > Selective QinQ
Check this box to activate this rule
CVID
Table 65 Advanced Application > VLAN Stacking > Selective QinQ (continued)
This shows whether this rule is activated or not
This is the descriptive name for this rule
This is the port number to which this rule is applied
This is the customer VLAN ID in the incoming packets
Multicast
24.1 Multicast Overview
24.2 Multicast Status
24.3 Multicast Setting
Table 67 Advanced Application > Multicast > Multicast Setting (continued)
Unknown
Multicast Frame
Reserved
The layer-2multicast MAC addresses used by Cisco layer-2protocols
Chapter 24 Multicast
Throttling
number of the IGMP groups a port can join is reached
Deny
multicast forwarding table entry is aged out
24.4 IGMP Snooping VLAN
24.5 IGMP Filtering Profile
24.6 MVR Overview
Figure 102 MVR Network Example
Multicast VLAN S
You can set your Switch to operate in either dynamic or compatible mode
24.7 General MVR Configuration
Figure 104 Advanced Application > Multicast > Multicast Setting > MVR
Table 70 Advanced Application > Multicast > Multicast Setting > MVR
among different subscriber VLANs on the network
Multicast VLAN
Enter the VLAN ID (1 to 4094) of the multicast VLAN
24.8 MVR Group Configuration
box
Section 24.1.1 on page
address for a multicast group
MVLAN
This field displays the starting IP address of the multicast group
News
Movie
Multicast VID
Page
AAA
25.1 Authentication, Authorization and Accounting (AAA)
25.2 AAA Screens
RADIUS Server Setup
Figure 112 Advanced Application > AAA > RADIUS Server Setup
Table 73 Advanced Application > AAA > RADIUS Server Setup
Use this section to configure your RADIUS authentication settings
This field only applies if you configure multiple RADIUS servers
Table 73 Advanced Application > AAA > RADIUS Server Setup (continued)
Shared Secret
be the same on the external RADIUS server and the Switch
entry is deleted when you click Apply
Accounting
TACACS+ Server Setup
Authentication and Accounting
Figure 113 Advanced Application > AAA > TACACS+ Server Setup
Table 74 Advanced Application > AAA > TACACS+ Server Setup
Use this section to configure your TACACS+ authentication settings
Table 74 Advanced Application > AAA > TACACS+ Server Setup (continued)
TCP Port
must be the same on the external TACACS+ server and the Switch
Use this section to configure your TACACS+ accounting settings
This is a read-onlynumber representing a TACACS+ accounting server entry
AAA Setup
Figure 114 Advanced Application > AAA > AAA Setup
Table 75 Advanced Application > AAA > AAA Setup
Privilege Enable
management)
Table 75 Advanced Application > AAA > AAA Setup (continued)
Login
authenticate administrator accounts (users for Switch management)
up the corresponding database correctly first
Method 2 and Method 3 fields
Advanced Application > AAA > AAA Setup (continued)
The Switch supports two modes of recording login events. Select:
a user ends a session
user ends a session
TACACS+ is the only method for recording Commands type of event
25.3 Supported RADIUS Attributes
the format of the
$enab
NAS-Identifier NAS-IP-Address
User-Password
NAS-Port
Acct-Status-Type
Acct-Session-ID
date+time+8-digit
sequential number
Acct-Delay-Time
Table 80 RADIUS Attributes - Exec Events via Console
IP Source Guard
26.1 IP Source Guard Overview
Page
Page
•It pretends to be computer A and responds to computer B
•It pretends to be computer B and sends a message to computer A
Chapter 12 on page
•They are stored only in volatile memory
•They do not use the same space in memory that regular MAC address filters use
26.2 IP Source Guard
26.3 IP Source Guard Static Binding
Advanced Application > IP Source Guard > Static Binding
Figure 118 IP Source Guard Static Binding
Table 82 IP Source Guard Static Binding
Enter the source MAC address in the binding
Enter the IP address assigned to the MAC address in the binding
26.4 DHCP Snooping
Table 83 DHCP Snooping (continued)
Write delay timer
update in the DHCP snooping database before it gives up
Abort timer
This field displays how long (in seconds) the Switch waits to update the DHCP
26.5 DHCP Snooping Configure
Advanced Application > IP Source Guard > DHCP Snooping > Configure
Figure 120 DHCP Snooping Configure
Table 84 DHCP Snooping Configure
snooping on specific VLAN and specify trusted ports
no trusted ports
Table 84 DHCP Snooping Configure (continued)
Renew DHCP
Enter the location of a DHCP snooping database, and click Renew if you want the
Snooping URL
snooping database than the one specified in Agent URL
Table 85 DHCP Snooping Port Configure
of the ports
Server Trusted
state
untrusted ports in the following situations:
26.6 ARP Inspection Status
Table 87 ARP Inspection Status (continued)
Expiry (sec)
can also delete the record manually (Delete)
Reason
This field displays the reason the ARP packet was discarded
Reply
Switch last restarted
Forwarded
Dropped
Advanced Application > IP Source Guard > ARP Inspection > Log Status
26.7 ARP Inspection Configure
Table 90 ARP Inspection Configure
inspection on specific VLAN and specify trusted ports
Filter Aging Time
Filter aging time
This setting has no effect on existing MAC address filters
open this screen, click
Figure 127 ARP Inspection Port Configure
Table 91 ARP Inspection Port Configure
Trusted State
The Switch does not discard ARP packets on trusted ports for any reason
Advanced Application > IP Source Guard > ARP Inspection > Configure > VLAN
Figure 128 ARP Inspection VLAN Configure
Table 92 ARP Inspection VLAN Configure
VLAN, the settings are applied to all VLANs
Log
Loop Guard
27.1 Loop Guard Overview
Page
27.2 Loop Guard Setup
Chapter 27 Loop Guard
Advanced Application > Loop Guard (continued)
VLAN Mapping
28.1 VLAN Mapping Overview
28.2 Enabling VLAN Mapping
28.3 Configuring VLAN Mapping
Page
Layer 2 Protocol Tunneling
29.1 Layer 2 Protocol Tunneling Overview
Access
Tunnel
29.2 Configuring Layer 2 Protocol Tunneling
Chapter 29 Layer 2 Protocol Tunneling
Table 96 Advanced Application > Layer 2 Protocol Tunneling (continued)
STP
based on bridge information from all (local and remote) networks
VTP
sFlow
30.1 sFlow Overview
30.2 sFlow Port Configuration
Advanced Application > sFlow (continued)
Collector
Enter the IP address of the sFlow collector
sFlow > Collector
be accessible from the Switch
Advanced Application > sFlow > Collector (continued)
PPPoE
31.1 PPPoE Intermediate Agent Overview
Chapter 31 PPPoE
Table 101 PPPoE IA Remote ID Sub-optionFormat
PPPoE > Intermediate Agent
Table 103 PPPoE IA Circuit ID Sub-optionFormat: Defined in WT-101
31.2The PPPoE Screen
31.3 PPPoE Intermediate Agent
Figure 144 Advanced Application > PPPoE > Intermediate Agent
Table 104 Advanced Application > PPPoE > Intermediate Agent
access-node
identifier
spaces are also allowed. The default is the Switch’s host name
Table 104 Advanced Application > PPPoE > Intermediate Agent (continued)
Table 105 Advanced Application > PPPoE > Intermediate Agent > Port
Chapter 31 PPPoE
Table 105 Advanced Application > PPPoE > Intermediate Agent > Port (continued)
Trusted ports are uplink ports connected to PPPoE servers
Switch forwards it to other trusted port(s)
Untrusted ports are downlink ports connected to subscribers
Intermediate Agent > Port
Table 106 Advanced Application > PPPoE > Intermediate Agent > Port > VLAN
Show Port
VLAN(s) on the port
Enter the lowest VLAN ID you want to configure in the section below
Figure 147 Advanced Application > PPPoE > Intermediate Agent > VLAN
Table 107 Advanced Application > PPPoE > Intermediate Agent > VLAN
Select this option to turn on the PPPoE Intermediate Agent on a VLAN
Error Disable
32.1 CPU Protection Overview
32.2 Error-DisableRecovery Overview
32.3 The Error Disable Screen
32.4 CPU Protection Configuration
32.5 Error-DisableDetect Configuration
32.6 Error-DisableRecovery Configuration
Table 110 Advanced Application > Errdisable > Errdisable Recovery (continued)
Interval
Enter the number of seconds (from 30 to 2592000) for the time interval
Private VLAN
33.1 Private VLAN Overview
33.2 Configuring Private VLAN
Green Ethernet
34.1 Green Ethernet Overview
34.2 Configuring Green Ethernet
Static Route
35.1 Static Routing Overview
35.2 Configuring Static Routing
Chapter 35 Static Route
Table 113 IP Application > Static Routing (continued)
Subnet Mask
This field displays the subnet mask for this destination
Gateway
Differentiated Services
36.1 DiffServ Overview
P - Platinum
G - Gold
S - Silver
36.2 Two Rate Three Color Marker Traffic Policing
36.3 Activating DiffServ
IP Application
DiffServ
Table 114 IP Application > DiffServ
Select this option to enable DiffServ on the Switch
This field displays the index number of a port on the Switch
Note: You cannot enable both TRTCM and Bandwidth Control at the same time
Figure 162 IP Application > DiffServ > 2-rate3 Color Marker
Table 115 IP Application > DiffServ > 2-rate3 Color Marker
and marks the packets based on the TRTCM settings
DiffServ
Chapter 36 Differentiated Services
IP Application > DiffServ > 2-rate3 Color Marker (continued)
Specify the Commit Information Rate (CIR) for this port
Peak
Specify the Peak Information Rate (PIR) for this port
36.4 DSCP-to-IEEE802.1p Priority Settings
Table 118 IP Application > DiffServ > DSCP Setting
0 …
This is the DSCP classification identification number
DHCP
37.1 DHCP Overview
37.2DHCP Status
37.3DHCP Relay
Figure 166 IP Application > DHCP > Global
Table 121 IP Application > DHCP > Global
Select this check box to enable DHCP relay
Remote DHCP
Enter the IP address of a DHCP server in dotted decimal notation
VLAN1
Figure 167 Global DHCP Relay Network Example
DHCP Server:
VLAN1VLAN2
DHCP Relay
37.4 Configuring DHCP VLAN Settings
IP Application > DHCP > VLAN (continued)
Figure 170 DHCP Relay for Two VLANs
DHCP:
For the example network, configure the VLAN Setting screen as shown
Figure 171 DHCP Relay for Two VLANs Configuration Example
Page
Maintenance
38.1 The Maintenance Screen
38.2 Load Factory Default
38.3Save Configuration
38.4 Reboot System
38.5Firmware Upgrade
38.6 Restore a Configuration File
38.7 Backup a Configuration File
38.8 FTP Command Line
1Launch the FTP client on your computer
2Enter open, followed by a space and the IP address of your Switch
3Press [ENTER] when prompted for a username
4Enter your password as requested (the default is “1234”)
5Enter bin to set transfer mode to binary
Remote Management
Access Control
39.1 Access Control Overview
39.2 The Access Control Main Screen
39.3 About SNMP
Figure 179 SNMP Management Model
An SNMP managed network consists of two main components: agents and a manager
Table 126 SNMP Commands
Get
Allows the manager to retrieve an object variable from the agent
1.3.6.1.4.1.890.1.5.8.61”
1.3.6.1.4.1.890.1.5.8.72”
1.3.6.1.4.1.890.1.5.8.73”
OPTION
OBJECT LABEL
Table 127 SNMP System Traps (continued)
Page
SNMP System Traps (continued)
Table 128 SNMP Interface Traps
SNMP Interface Traps (continued)
AAA Traps
AAA Traps (continued)
Table 130 SNMP IP Traps
Table 131 SNMP Switch Traps
SNMP Switch Traps (continued)
rmon
RmonRisingAlarm
This trap is sent when a variable goes
over the RMON "rising" threshold
Table 132 Management > Access Control > SNMP (continued)
Set Community
management station
Trap Community
Trap Community
Table 133 Management > Access Control > SNMP > Trap Group
SNMP Setting screen
Options
Section 39.3.3 on page 294 for individual trap descriptions
categories)
Table 134 Management > Access Control > SNMP > User
User
create accounts on the SNMP v3 manager
Specify the username of a login account on the Switch
Security Level
39.4 Setting Up Login Accounts
39.5 SSH Overview
39.6 How SSH works
39.7 SSH Implementation on the Switch
39.8 Introduction to HTTPS
HTTP
Service Access Control
39.9 HTTPS Example
Continue to this website (not recommended)
Certificate Error
View certificates
Install Certificate
This Connection is Untrusted
I Understand the Risks
Add Exception
button
Figure 191 Security Alert (Mozilla Firefox)
Confirm Security Exception
Figure 192 Security Alert (Mozilla Firefox)
39.10 Service Port Access Control
39.11 Remote Management
Access Control
Figure 195 Management > Access Control > Remote Management
Table 137 Management > Access Control > Remote Management
Entry
wish to temporarily disable the set without deleting it
Diagnostic
40.1 Diagnostic
Syslog
41.1 Syslog Overview
41.2 Syslog Setup
41.3 Syslog Server Setup
Cluster Management
42.1 Cluster Management Status Overview
42.2 Cluster Management Status
Clustering Management Status
The following table explains some of the FTP parameters
Table 144 FTP Upload to Cluster Member Example
FTP PARAMETER
User
Enter “admin”
42.3 Clustering Management Configuration
Table 145 Management > Cluster Management > Configuration (continued)
802.1Q
Clustering
The following fields relate to the switches that are potential cluster members
Candidate
MAC Table
43.1 MAC Table Overview
43.2 Viewing the MAC Table
Table 146 Management > MAC Table (continued)
Select Dynamic to MAC forwarding and click the Transfer button to change all
They also display in the Static MAC Forwarding screen
Filtering
Discard source
ARP Table
44.1 ARP Table Overview
44.2 The ARP Table Screen
Configure Clone
45.1 Configure Clone
Page
Table 148 Management > Configure Clone
Source
Source
separated by a comma or a range of ports by using a dash
Example:
Troubleshooting
46.1Power, Hardware Connections, and LEDs
Chapter 46 Troubleshooting
One of the LEDs does not behave as expected
Make sure you understand the normal behavior of the LED. See
Section 3.2 on page
2Check the hardware connections. See Section 3.1 on page
46.2 Switch Access and Login
I can see the Login screen, but I cannot log in to the Switch
3Disconnect and re-connectthe cord to the Switch
Pop-upWindows, JavaScripts and Java Permissions
•Web browser pop-upwindows from your device
•JavaScripts (enabled by default)
46.3 Switch Configuration
Page
Common Services
Appendix A Common Services
Table 149 Commonly Used Services (continued)
Page
Page
Legal Information
Page
Page
Safety Warnings
ENGLISH
DEUTSCH
ESPAÑOL
FRANÇAIS
ITALIANO
Page
107
330, 332
152
215
321
44
90
GVRP 100, 105
149
Page
setup 165, 236
supported 294, 295, 298
STP 132, 134
VID 99, 102, 103
102