Manuals / Brands / Household Appliance / Plumbing Product / ZyXEL Communications / Household Appliance / Plumbing Product

ZyXEL Communications metrogigabit switch Table 131 Management > Access Control > SNMP (continued)

1 448

Download 448 pages, 12.62 Mb

Chapter 39 Access Control

MGS3700-12C User’s Guide

376

Security

Level Select whether you want to implement authentication and/or encryption

for SNMP communication from this user. Choose:

•noauth -to use the username as the password string to send to the

SNMP manager. This is equivalent to the Get, Set and Trap

Community in SNMP v2c. This is the lowest security level.

•auth - to implement an authentication algorithm for SNMP messages

sent by this user.

•priv - to implement authentication and encryption for SNMP

messages sent by this user. This is the highest security level.

Note: The settings on the SNMP manager must be set at the same security level or higher than the security level settings on the Switch.

Authenticati

on Select an authentication algorithm. MD5 (Message Digest 5) and SHA

(Secure Hash Algorithm) are hash algorithms used to authenticate

SNMP data. SHA authentication is generally considered stronger than

MD5, but is slower.

Privacy Specify the encryption method for SNMP communication from this user.

You can choose one of the following:

•DES - Data Encryption Standard is a widely used (but breakable)

method of data encryption. It applies a 56-bit key to each 64-bit

block of data.

•AES - Advanced Encryption Standard is another method for data

encryption that also uses a secret key. AES applies a 128-bit key to

128-bit blocks of data.

Apply Click Apply to save your changes to the Switch’s run-time memory. The

Switch loses these changes if it is turned off or loses power, so use the

Save link on the top navigation panel to save your changes to the non-

volatile memory when you are done configuring.

Cancel Click Cancel to begin configuring this screen afresh.

Table 131 Management > Access Control > SNMP (continued)

LABEL DESCRIPTION

Contents

Main www.zyxel.com MGS3700-12C MetroGigabit Switch Firmware Version 3.90 Edition 15, 11/2012 Default Login Details Page About This User's Guide Intended Audience Related Documentation Note: It is recommended you use the web configurator to configure the Switch. Documentation Feedback Need More Help? Customer Support Document Conventions Warnings and Notes Warnings tell you about things that could harm you or your device.MGS3700-12C Syntax Conventions Page Safety Warnings MGS3700-12C Users Guide 7 Safety Warnings Page Contents Overview Page Table of Contents Part I: Introduction and Hardware........................................................ 23 Page Part II: Basic Configuration................................................................... 91 Page Page Page Page Page Page Part V: Management............................................................................. 357 Part VI: Troubleshooting & Product Specifications.......................... 413 Part VII: Appendices and Index ......................................................... 429 PART I Page CHAPTER 1 Getting to Know Your Switch 1.1 Introduction 1.1.1 Backbone Application Figure 1 Backbone Application 1.1.2 Bridging Example Figure 2 Bridging Application 1.1.3 High Performance Switching Example Figure 3 High Performance Switched Workgroup Application 1.1.4 IEEE 802.1Q VLAN Application Examples 1.1.4.1 Tag-based VLAN Example Figure 4 Shared Server Using VLAN Example 1.2 IPv6 Support 1.3 Ways to Manage the Switch 1.4 Good Habits for Managing the Switch Page CHAPTER 2 Hardware Installation and Connection 2.1 Installation Scenarios 2.2 Desktop Installation Procedure Figure 5 Attaching Rubber Feet 2.3 Mounting the Switch on a Rack 2.3.1 Rack-mounted Installation Requirements Failure to use the proper screws may damage the unit. 2.3.1.1 Precautions Page Page CHAPTER 3 Hardware Overview 3.1 Front Panel Figure 8 Front Panel Table 1 Front Panel Connections 3.1.1 Console Port 3.1.2 Gigabit Ethernet Ports Table 1 Front Panel Connections (continued) 3.1.2.1 Default Ethernet Negotiation Settings 3.1.2.2 Auto-crossover 3.1.3 Mini-GBIC Slots To avoid possible eye injury, do not look into an operating fiber- optic modules connectors. 3.1.3.1 Transceiver Installation Figure 9 Transceiver Installation Example Figure 10 Connecting the Fiber Optic Cables 3.1.3.2 Transceiver Removal 3.1.4 Management Port 3.1.5 Power Connector 3.1.5.1 AC Power Connection 3.1.5.2 DC Power Connection Exposed power wire is dangerous. Use extreme care when connecting a DC power source to the device. 3.1.6 Signal Slot 3.1.6.1 Connect a Sensor to the Signal Slot Page Figure 15 Daisy-chaining an External Alarm Sensor to Other Switches of the Same Model 3.2 Rear Panel Figure 16 Rear Panel 3.3 LEDs Pin Assignments Table 2 LED Descriptions 3.4 Configuring the Switch Table 2 LED Descriptions (continued) LED COLOR STATU SDESCRIPTION Page Page CHAPTER 4 The Web Configurator 4.1 Introduction 4.2 System Login C Table 3 Navigation Panel Sub-links Overview Chapter 4 The Web Configurator The following table describes the links in the navigation panel. Table 4 Navigation Panel Links LINK DESCRIPTION Chapter 4 The Web Configurator MGS3700-12C Users Guide 51 Table 4 Navigation Panel Links (continued) LINK DESCRIPTION 4.3.1 Change Your Password Figure 19 Change Administrator Login Password 4.4 Saving Your Configuration Table 4 Navigation Panel Links (continued) Note: Use the Save link when you are done with a configuration session. 4.5 Switch Lockout 4.6 Resetting the Switch 4.6.1 Reload the Configuration File Figure 20 Resetting the Switch: Via the Console Port Page Page CHAPTER 5 Initial Setup Example Figure 22 Initial Setup Network Example: VLAN 5.1 Overview 5.1.1 Creating a VLAN 5.1.2 Setting Port VID Figure 23 Initial Setup Network Example: Port VID 5.2 Configuring Switch Management IP Address Figure 24 Initial Setup Example: Management IP Address Page Page CHAPTER 6 Tutorials 6.1 How to Use DHCP Snooping on the Switch Figure 26 Tutorial: Create a VLAN and Add Ports to It Table 5 Tutorial: Settings in this Tutorial Page Figure 29 Tutorial: Set the DHCP Server Port to Trusted Figure 30 Tutorial: Enable DHCP Snooping on this VLAN Figure 31 Tutorial: Check the Binding If DHCP Snooping Works 6.2 How to Use DHCP Relay on the Switch 6.2.1 DHCP Relay Tutorial Introduction 6.2.2 Creating a VLAN Figure 33 Tutorial: Set VLAN Type to 802.1Q Page Figure 36 Tutorial: Add Tag for Frames Received on Port 2 6.2.3 Configuring DHCP Relay Figure 37 Tutorial: Set DHCP Server and Relay Information 6.2.4 Troubleshooting 6.3 How to Use PPPoE IA on the Switch Figure 38 Tutorial: PPPoE Intermediate Agentt Tutorial Overview A Port 11 - Trusted Note: For related information about PPPoE IA, see Section 32.4 on page 320. Port 12 - Trusted 6.3.1 Configuring Switch A Page Page Page Page 6.4 How to Use Error Disable and Recovery on the Switch Page 6.5 How to Set Up a Guest VLAN 6.5.1 Creating a Guest VLAN Page Page Page 6.6 How to Do Port Isolation in a VLAN 6.6.1 Creating a VLAN Page Page 6.6.2 Creating a Private VLAN Rule Page Page Page Page 7.2 Port Status Summary Figure 39 Status Table 7 Status Table 7 Status (continued) Page Chapter 7 System Status and Port Statistics MGS3700-12C Users Guide 97 Table 8 Status: Port Details (continued) Chapter 7 System Status and Port Statistics CHAPTER 8 Basic Setting 8.1 Overview 8.2 System Information Figure 41 Basic Setting > System Info Table 9 Basic Setting > System Info Table 9 Basic Setting > System Info (continued) 8.3 General Setup Figure 42 Basic Setting > General Setup Table 9 Basic Setting > System Info (continued) Table 10 Basic Setting > General Setup Table 10 Basic Setting > General Setup (continued) 8.4 Introduction to VLANs Note: VLAN is unidirectional; it only governs outgoing traffic. Table 10 Basic Setting > General Setup (continued) 8.4.1 Smart Isolation B C 8.5 Switch Setup Screen Table 11 Basic Setting > Switch Setup (continued) 8.6 IP Setup 8.6.1 Management IP Addresses Table 11 Basic Setting > Switch Setup (continued) Page Page Table 12 Basic Setting > IP Setup (continued) 8.7 Port Setup Table 13 Basic Setting > Port Setup (continued) Page PART III Advanced Page CHAPTER 9 VLAN 9.1 Introduction to IEEE 802.1Q Tagged VLANs 9.1.1 Forwarding Tagged and Untagged Frames 9.2 Automatic VLAN Registration 9.2.1 GARP 9.2.1.1 GARP Timers 9.2.2 GVRP 9.3 Port VLAN Trunking Table 14 IEEE 802.1Q VLAN Terminology Figure 46 Port VLAN Trunking 9.4 Select the VLAN Type Figure 47 Switch Setup > Select VLAN Type 9.5 Static VLAN 9.5.1 Static VLAN Status Figure 48 Advanced Application > VLAN: VLAN Status Table 15 Advanced Application > VLAN: VLAN Status 9.5.2 VLAN Details Figure 49 Advanced Application > VLAN > VLAN Detail 9.5.3 Configure a Static VLAN Table 16 Advanced Application > VLAN > VLAN Detail Figure 50 Advanced Application > VLAN > Static VLAN Table 17 Advanced Application > VLAN > Static VLAN Note: Changes in this row are copied to all the ports as soon as you Table 17 Advanced Application > VLAN > Static VLAN (continued) 9.5.4 Configure VLAN Port Settings 9.6 Subnet Based VLANs Table 18 Advanced Application > VLAN > VLAN Port Setting (continued) Figure 52 Subnet Based VLAN Application Example 9.7 Configuring Subnet Based VLAN Page 9.8 Protocol Based VLANs Table 19 Advanced Application > VLAN > VLAN Port Setting > Subnet Based VLAN Setup (continued) 9.9 Configuring Protocol Based VLAN Table 20 Advanced Application > VLAN > VLAN Port Setting > Protocol Based VLAN Setup 9.10 Create an IP-based VLAN Example Figure 56 Protocol Based VLAN Configuration Example 9.11 Port-based VLAN Setup Page Page Table 21 Port Based VLAN Setup Page CHAPTER 10 Static MAC Forward Setup 10.1 Overview 10.2 Configuring Static MAC Forwarding Figure 59 Advanced Application > Static MAC Forwarding Table 22 Advanced Application > Static MAC Forwarding Note: Static MAC addresses do not age out. Table 22 Advanced Application > Static MAC Forwarding (continued) Page CHAPTER 11 Static Multicast Forward Setup 11.1 Static Multicast Forwarding Overview 11.2 Configuring Static Multicast Forwarding Figure 63 Advanced Application > Static Multicast Forwarding example Table 23 Advanced Application > Static Multicast Forwarding Table 23 Advanced Application > Static Multicast Forwarding (continued) CHAPTER 12 Filtering Figure 64 Advanced Application > Filtering 12.1 Configure a Filtering Rule Chapter 12 Filtering Table 24 Advanced Application > FIltering CHAPTER 13 Spanning Tree Protocol 13.1 STP/RSTP Overview Note: In this users guide, STP refers to both STP and RSTP. 13.1.1 STP Terminology 13.1.2 How STP Works Table 25 STP Path Costs 13.1.3 STP Port States 13.1.4 Multiple RSTP Table 26 STP Port States Note: Each port can belong to one STP tree only. Figure 65 MRSTP Network Example 13.1.5 Multiple STP 13.1.5.1 MSTP Network Example 13.1.5.2 MST Region 13.1.5.3 MST Instance Figure 68 MSTIs in Different Regions 13.1.5.4 Common and Internal Spanning Tree (CIST) Figure 69 MSTP and Legacy RSTP Network Example 13.2 Spanning Tree Protocol Status Screen Figure 70 Advanced Application > Spanning Tree Protocol 13.3 Spanning Tree Configuration Figure 71 Advanced Application > Spanning Tree Protocol > Configuration Table 27 Advanced Application > Spanning Tree Protocol > Configuration 13.4 Configure Rapid Spanning Tree Protocol Note: Changes in this row are copied to all the ports as soon as you Table 28 Advanced Application > Spanning Tree Protocol > RSTP (continued) 13.5 Rapid Spanning Tree Protocol Status Table 28 Advanced Application > Spanning Tree Protocol > RSTP (continued) Table 29 Advanced Application > Spanning Tree Protocol > Status: RSTP 13.6 Configure Multiple Rapid Spanning Tree Protocol Note: Changes in this row are copied to all the ports as soon as you Table 30 Advanced Application > Spanning Tree Protocol > MRSTP (continued) 13.7 Multiple Rapid Spanning Tree Protocol Status Table 30 Advanced Application > Spanning Tree Protocol > MRSTP (continued) Table 31 Advanced Application > Spanning Tree Protocol > Status: MRSTP Page Table 32 Advanced Application > Spanning Tree Protocol > MSTP Note: Changes in this row are copied to all the ports as soon as you Table 32 Advanced Application > Spanning Tree Protocol > MSTP (continued) 13.9 Multiple Spanning Tree Protocol Status Table 33 Advanced Application > Spanning Tree Protocol > Status: MSTP Page CHAPTER 14 Bandwidth Control 14.1 Bandwidth Control Overview 14.1.1 CIR and PIR 14.2 Bandwidth Control Setup Figure 78 Advanced Application > Bandwidth Control Table 34 Advanced Application > Bandwidth Control Note: Changes in this row are copied to all the ports as soon as you Chapter 14 Bandwidth Control Table 34 Advanced Application > Bandwidth Control (continued) Page CHAPTER 15 Broadcast Storm Control Figure 79 Advanced Application > Broadcast Storm Control 15.1 Broadcast Storm Control Setup Chapter 15 Broadcast Storm Control Table 35 Advanced Application > Broadcast Storm Control Note: Changes in this row are copied to all the ports as soon as you CHAPTER 16 Mirroring Figure 80 Advanced Application > Mirroring 16.1 Port Mirroring Setup Table 36 Advanced Application > Mirroring Note: Changes in this row are copied to all the ports as soon as you 16.2 RMirror 16.2.1 RMirror Overview BeforeyoustartsettingRMirrorVLAN,youshouldknowalltherolesofswitchinthe network. 16.2.2 RMirror Configuration 16.2.3 Source Figure 83 Advanced Application > Mirroring> RMirror > Source Thefollowingtabledescribesthelabelsinthisscreen. Table 39 Advanced Application > Mirroring> RMirror > Source 16.2.4 Destination Table 39 Advanced Application > Mirroring> RMirror > Source Figure 84 Advanced Application > Mirroring> RMirror > Destination Table 40 Advanced Application > Mirroring> RMirror > Destination Page Page CHAPTER 17 Link Aggregation 17.1 Link Aggregation Overview 17.2 Dynamic Link Aggregation 17.2.1 Link Aggregation ID Table 42 Link Aggregation ID: Local Switch Table 43 Link Aggregation ID: Peer Switch 17.3 Link Aggregation Status Figure 86 Advanced Application > Link Aggregation Status Table 44 Advanced Application > Link Aggregation Status Table 44 Advanced Application > Link Aggregation Status (continued) 17.4 Link Aggregation Setting Figure 87 Advanced Application > Link Aggregation > Link Aggregation Setting Table 45 Advanced Application > Link Aggregation > Link Aggregation Setting Table 45 Advanced Application > Link Aggregation > Link Aggregation Setting 17.5 Link Aggregation Control Protocol 17.6 Static Trunking Example This example shows you how to create a static port trunk group for ports 2-5. Note: Changes in this row are copied to all the ports as soon as you Table 46 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP (continued) Figure 89 Trunking Example - Physical Connections A Figure 90 Trunking Example - Configuration Screen B Page CHAPTER 18 Port Authentication 18.1 Port Authentication Overview 18.1.1 IEEE 802.1x Authentication 18.1.2 MAC Authentication 18.2 Port Authentication Configuration 18.2.1 Activate IEEE 802.1x Security 18.2.2 Guest VLAN Table 47 Advanced Application > Port Authentication > 802.1x (continued) Figure 95 Guest VLAN Example Figure 96 Advanced Application > Port Authentication > 802.1x > Guest VLAN Chapter 18 Port Authentication MGS3700-12C Users Guide 201 The following table describes the labels in this screen. Table 48 Advanced Application > Port Authentication > 802.1x > Guest VLAN Note: Changes in this row are copied to all the ports as soon as you 18.2.3 Activate MAC Authentication Page Page CHAPTER 19 Port Security 19.1 About Port Security 19.2 Port Security Setup Figure 98 Advanced Application > Port Security Table 50 Advanced Application > Port Security Chapter 19 Port Security MGS3700-12C Users Guide 207 Note: Changes in this row are copied to all the ports as soon as you Table 50 Advanced Application > Port Security (continued) 19.3 VLAN MAC Address Limit Figure 99 Advanced Application > Port Security > VLAN MAC Address Limit Table 51 Advanced Application > Port Security > VLAN MAC Address Limit Table 51 Advanced Application > Port Security > VLAN MAC Address Limit Page CHAPTER 20 Classifier 20.1 About the Classifier and QoS 20.2 Configuring the Classifier Figure 100 Advanced Application > Classifier Table 52 Advanced Application > Classifier Chapter 20 Classifier MGS3700-12C Users Guide 213 Table 52 Advanced Application > Classifier (continued) 20.3 Viewing and Editing Classifier Configuration Table 53 Classifier: Summary Table Table 54 Common Ethernet Types and Protocol Numbers Table 55 Common IP Protocol Types and Protocol Numbers 20.4 Classifier Example Table 56 Common TCP and UDP Port Numbers Page Page CHAPTER 21 Policy Rule 21.1 Policy Rules Overview 21.1.1 DiffServ 21.1.2 DSCP and Per-Hop Behavior 21.2 Configuring Policy Rules Page Chapter 21 Policy Rule Table 57 Advanced Application > Policy Rule (continued) 21.3 Viewing and Editing Policy Configuration Figure 104 Advanced Application > Policy Rule: Summary Table Table 57 Advanced Application > Policy Rule (continued) Table 58 Advanced Application > Policy Rule: Summary Table Page Page CHAPTER 22 Queuing Method 22.1 Queuing Method Overview 22.1.1 Strictly Priority Queuing 22.1.2 Weighted Fair Queuing 22.1.3 Weighted Round Robin Scheduling (WRR) Page Chapter 22 Queuing Method The following table describes the labels in this screen. Table 59 Advanced Application > Queuing Method CHAPTER 23 VLAN Stacking 23.1 VLAN Stacking Overview 23.1.1 VLAN Stacking Example 23.2 VLAN Stacking Port Roles 23.3 VLAN Tag Format 23.3.1 Frame Format Table 60 VLAN Tag Format Table 61 Single and Double Tagged 802.11Q Frame Format 23.4 Configuring VLAN Stacking Chapter 23 VLAN Stacking MGS3700-12C Users Guide 235 23.4.1 Port-based Q-in-Q Note: Changes in this row are copied to all the ports as soon as you make them. Note: You can define up to four different tunnel TPIDs (including 8100) in this screen at a time. Table 63 Advanced Application > VLAN Stacking (continued) Figure 109 Advanced Application > VLAN Stacking > Port-based QinQ Table 64 Advanced Application > VLAN Stacking > Port-based QinQ 23.4.2 Selective Q-in-Q Chapter 23 VLAN Stacking Table 65 Advanced Application > VLAN Stacking > Selective QinQ (continued) CHAPTER 24 Multicast 24.1 Multicast Overview 24.1.1 IP Multicast Addresses 24.1.2 IGMP Filtering 24.2 Multicast Status Figure 111 Advanced Application > Multicast Table 66 Advanced Application > Multicast Status 24.3 Multicast Setting Figure 112 Advanced Application > Multicast > Multicast Setting Table 67 Advanced Application > Multicast > Multicast Setting Note: Changes in this row are copied to all the ports as soon as Table 67 Advanced Application > Multicast > Multicast Setting (continued) 24.4 IGMP Snooping VLAN Table 68 Advanced Application > Multicast > Multicast Setting > IGMP Snooping VLAN Note: You must also enable IGMP snooping in the Multicast Setting screen first. Note: You cannot configure the same VLAN ID as in the MVR screen. 24.5 IGMP Filtering Profile Figure 114 Advanced Application > Multicast > Multicast Setting > IGMP Filtering Profile Table 69 Advanced Application > Multicast > Multicast Setting > IGMP Filtering Profile 24.6 MVR Overview Figure 115 MVR Network Example 24.6.1 Types of MVR Ports 24.6.2 MVR Modes 24.6.3 How MVR Works 24.7 General MVR Configuration Page Chapter 24 Multicast MGS3700-12C Users Guide 251 24.8 MVR Group Configuration Note: Changes in this row are copied to all the ports as soon as you Table 70 Advanced Application > Multicast > Multicast Setting > MVR (continued) Table 71 Advanced Application > Multicast > Multicast Setting > MVR: Group Configuration 24.8.1 MVR Configuration Example Page CHAPTER 25 AAA 25.1 Authentication, Authorization and Accounting (AAA) Figure 123 AAA Server 25.1.1 Local User Accounts 25.2 AAA Screens Client AAA Server Table 72 RADIUS vs TACACS+ Page Table 73 Advanced Application > AAA > RADIUS Server Setup 25.2.2 TACACS+ Server Setup Figure 126 Advanced Application > AAA > TACACS+ Server Setup Table 73 Advanced Application > AAA > RADIUS Server Setup (continued) Table 74 Advanced Application > AAA > TACACS+ Server Setup 25.2.3 AAA Setup Figure 127 Advanced Application > AAA > AAA Setup Table 74 Advanced Application > AAA > TACACS+ Server Setup (continued) Table 75 Advanced Application > AAA > AAA Setup Table 75 Advanced Application > AAA > AAA Setup (continued) 25.2.4 Vendor Specific Attribute Table 76 Supported VSAs 25.2.4.1 Tunnel Protocol Attribute 25.3 Supported RADIUS Attributes Table 76 Supported VSAs Table 77 Supported Tunnel Protocol Attribute Note: You must also create a VLAN with the specified VID on the Switch. 25.3.1 Attributes Used for Authentication 25.3.1.1 Attributes Used for Authenticating Privilege Access 25.3.1.2 Attributes Used to Login Users 25.3.1.3 Attributes Used by the IEEE 802.1x Authentication 25.3.2 Attributes Used for Accounting 25.3.2.1 Attributes Used for Accounting System Events 25.3.2.2 Attributes Used for Accounting Exec Events Table 78 RADIUS Attributes - Exec Events via Console Table 79 RADIUS Attributes - Exec Events via Telnet/SSH 25.3.2.3 Attributes Used for Accounting IEEE 802.1x Events The attributes are listed in the following table along with the time of the session they are sent: Table 79 RADIUS Attributes - Exec Events via Telnet/SSH ATTRIBUTE START INTERIM-UPDATE STOP Table 80 RADIUS Attributes - Exec Events via 802.1x CHAPTER 26 IP Source Guard 26.1 IP Source Guard Overview 26.1.1 DHCP Snooping Overview 26.1.1.1 Trusted vs. Untrusted Ports Note: If DHCP is enabled and there are no trusted ports, DHCP requests will not succeed. 26.1.1.2 DHCP Snooping Database Figure 128 DHCP Snooping Database File Format 26.1.1.3 DHCP Relay Option 82 Information 26.1.1.4 Configuring DHCP Snooping 26.1.2 ARP Inspection Overview AXB Figure 129 Example: Man-in-the-middle Attack 26.1.2.1 ARP Inspection and MAC Address Filters 26.1.2.2 Trusted vs. Untrusted Ports 26.1.2.3 Syslog 26.2 IP Source Guard Figure 130 IP Source Guard 26.3 IP Source Guard Static Binding Table 81 IP Source Guard Figure 131 IP Source Guard Static Binding Table 82 IP Source Guard Static Binding Page Page Table 83 DHCP Snooping Table 83 DHCP Snooping (continued) 26.5 DHCP Snooping Configure Figure 133 DHCP Snooping Configure Table 83 DHCP Snooping (continued) Table 84 DHCP Snooping Configure Note: If DHCP is enabled and there are no trusted ports, DHCP requests will not succeed. Note: You have to enable DHCP snooping on the DHCP VLAN too. 26.5.1 DHCP Snooping Port Configure 26.5.2 DHCP Snooping VLAN Configure Table 85 DHCP Snooping Port Configure open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > VLAN. Figure 135 DHCP Snooping VLAN Configure Table 86 DHCP Snooping VLAN Configure Note: If DHCP is enabled and there are no trusted ports, DHCP requests will not succeed. 26.6 ARP Inspection Status Figure 136 ARP Inspection Status Table 86 DHCP Snooping VLAN Configure (continued) Table 87 ARP Inspection Status 26.6.1 ARP Inspection VLAN Status Figure 137 ARP Inspection VLAN Status Table 87 ARP Inspection Status (continued) Table 88 ARP Inspection VLAN Status 26.6.2 ARP Inspection Log Status Figure 138 ARP Inspection Log Status Table 88 ARP Inspection VLAN Status (continued) Table 89 ARP Inspection Log Status 26.7 ARP Inspection Configure Table 89 ARP Inspection Log Status (continued) Figure 139 ARP Inspection Configure Table 90 ARP Inspection Configure 26.7.1 ARP Inspection Port Configure Table 90 ARP Inspection Configure (continued) Figure 140 ARP Inspection Port Configure Table 91 ARP Inspection Port Configure 26.7.2 ARP Inspection VLAN Configure Figure 141 ARP Inspection VLAN Configure Table 91 ARP Inspection Port Configure (continued) Table 92 ARP Inspection VLAN Configure Table 92 ARP Inspection VLAN Configure (continued) Page CHAPTER 27 Loop Guard 27.1 Loop Guard Overview Figure 142 Loop Guard vs STP Page 27.2 Loop Guard Setup A P N P Table 93 Advanced Application > Loop Guard Note: Changes in this row are copied to all the ports as soon as you CHAPTER 28 VLAN Mapping 28.1 VLAN Mapping Overview Note: You can not enable VLAN mapping and VLAN stacking at the same time. 28.1.1 VLAN Mapping Example 28.2 Enabling VLAN Mapping Figure 148 VLAN Mapping Table 94 VLAN Mapping 28.3 Configuring VLAN Mapping Figure 149 VLAN Mapping Configuration Table 95 VLAN Mapping Configuration Table 95 VLAN Mapping Configuration (continued) CHAPTER 29 Layer 2 Protocol Tunneling 29.1 Layer 2 Protocol Tunneling Overview Figure 150 Layer 2 Protocol Tunneling Network Scenario Figure 151 L2PT Network Example 29.1.1 Layer 2 Protocol Tunneling Mode 29.2 Configuring Layer 2 Protocol Tunneling Chapter 29 Layer 2 Protocol Tunneling Note: Changes in this row are copied to all the ports as soon as you Table 96 Advanced Application > Layer 2 Protocol Tunneling (continued) CHAPTER 30 sFlow 30.1 sFlow Overview Figure 153 sFlow Application 30.2 sFlow Configuration Figure 154 Advanced Application > sFlow Table 97 Advanced Application > sFlow Note: Changes in this row are copied to all the ports as soon as you 30.2.1 sFlow Collector Configuration Chapter 30 sFlow The following table describes the labels in this screen. Table 98 Advanced Application > sFlow > Collector CHAPTER 31 Error Diable 31.1 CPU Protection Overview 31.2 Error-Disable Recovery Overview 31.3 The Error Disable Screen 31.4 CPU Protection Configuration 31.5 Error-Disable Detect Configuration Figure 158 Advanced Application > Errdisable > Errdisable Detect Table 99 Advanced Application > Errdisable > CPU protection Note: Changes in this row are copied to all the ports as soon as you Chapter 31 Error Diable Table 100 Advanced Application > Errdisable > Errdisable Detect Note: Changes in this row are copied to all the entries as soon as you 31.6 Error-Disable Recovery Configuration Figure 159 Advanced Application > Errdisable > Errdisable Recovery Table 101 Advanced Application > Errdisable > Errdisable Recovery Note: Changes in this row are copied to all the entries as soon as you Page CHAPTER 32 PPPoE 32.1 PPPoE Intermediate Agent Overview 32.2 PPPoE Intermediate Agent Tag Format Table 102 PPPoE Intermediate Agent Vendor-specific Tag Format 32.2.1 Sub-Option Format 32.2.1.1 Flexible Circuit ID Syntax with Identifier String and Variables Table 103 PPPoE IA Circuit ID Sub-option Format: User-defined String Table 104 PPPoE IA Remote ID Sub-option Format Table 105 PPPoE IA Circuit ID Sub-option Format: Using Identifier String and Variables 32.2.2 Port State Table 106 PPPoE IA Circuit ID Sub-option Format: Defined in WT-101 Page Chapter 32 PPPoE MGS3700-12C Users Guide 321 The following table describes the labels in this screen. 32.5 PPPoE IA Per-Port Table 107 Advanced Application > PPPoE > Intermediate Agent Page Table 108 Advanced Application > PPPoE > Intermediate Agent > Port (continued) 32.5.1 PPPoE IA Per-Port Per-VLAN Figure 163 Advanced Application > PPPoE > Intermediate Agent > Port > VLAN Table 109 Advanced Application > PPPoE > Intermediate Agent > Port > VLAN Note: Changes in this row are copied to all the VLANs as soon as you make them. 32.6 PPPoE IA for VLAN Figure 164 Advanced Application > PPPoE > Intermediate Agent > VLAN Table 109 Advanced Application > PPPoE > Intermediate Agent > Port > VLAN Table 110 Advanced Application > PPPoE > Intermediate Agent > VLAN Note: Changes in this row are copied to all the VLANs as soon as you make them. Table 110 Advanced Application > PPPoE > Intermediate Agent > VLAN (continued) CHAPTER 33 Private VLAN 33.1 Private VLAN Overview Chapter 33 Private VLAN 33.2 Configuring Private VLAN Click Advanced Application > Private VLAN in the navigation panel to display the screen as shown. Figure 166 Advanced Application > Private VLAN The following table describes the labels in this screen. Table 111 Advanced Application > Private VLAN Page Page CHAPTER 34 Green Ethernet 34.1 Green Ethernet Overview 34.2 Configuring Green Ethernet Figure 167 Advanced Application > Green Ethernet Table 112 Advanced Application > Green Ethernet Page Page Page Page CHAPTER 35 Static Route 35.1 Static Routing Overview Chapter 35 Static Route 35.2 Configuring Static Routing Click IP Application > Static Routing in the navigation panel to display the screen as shown. Figure 169 IP Application > Static Routing The following table describes the related labels you use to create a static route. Table 113 IP Application > Static Routing Table 113 IP Application > Static Routing (continued) Page CHAPTER 36 Differentiated Services 36.1 DiffServ Overview 36.1.1 DSCP and Per-Hop Behavior Figure 170 DiffServ: Differentiated Service Field 36.2 Two Rate Three Color Marker Traffic Policing 36.2.1 TRTCM-Color-blind Mode Figure 172 TRTCM-Color-blind Mode 36.2.2 TRTCM-Color-aware Mode Figure 173 TRTCM-Color-aware Mode 36.3 Activating DiffServ Page 36.3.1 Configuring 2-Rate 3 Color Marker Settings 36.4 DSCP-to-IEEE 802.1p Priority Settings Note: Changes in this row are copied to all the ports as soon as you Table 115 IP Application > DiffServ > 2-rate 3 Color Marker (continued) Table 116 Default DSCP-IEEE 802.1p Mapping 36.4.1 Configuring DSCP Settings Figure 176 IP Application > DiffServ > DSCP Setting Table 117 IP Application > DiffServ > DSCP Setting CHAPTER 37 DHCP 37.1 DHCP Overview 37.1.1 DHCP Modes 37.1.2 DHCP Configuration Options 37.2 DHCP Status Figure 177 IP Application > DHCP Status 37.3 DHCP Relay 37.3.1 DHCP Relay Agent Information Table 118 IP Application > DHCP 37.3.2 Configuring DHCP Global Relay Figure 178 IP Application > DHCP > Global Table 119 Relay Agent Information 37.3.3 Global DHCP Relay Configuration Example Figure 179 Global DHCP Relay Network Example Table 120 IP Application > DHCP > Global 37.4 Configuring DHCP VLAN Settings 37.4.1 Example: DHCP Relay for Two VLANs Table 121 IP Application > DHCP > VLAN Figure 182 DHCP Relay for Two VLANs Figure 183 DHCP Relay for Two VLANs Configuration Example Page PART V Page CHAPTER 38 Maintenance 38.1 The Maintenance Screen Figure 184 Management > Maintenance Table 122 Management > Maintenance 38.2 Load Factory Default Figure 185 Load Factory Default: Start 38.3 Save Configuration Table 122 Management > Maintenance (continued) 38.4 Reboot System Figure 186 Reboot System: Confirmation 38.5 Firmware Upgrade Figure 187 Management > Maintenance > Firmware Upgrade 38.6 Restore a Configuration File Figure 188 Management > Maintenance > Restore Configuration 38.7 Backup a Configuration File Figure 189 Management > Maintenance > Backup Configuration 38.8 FTP Command Line 38.8.1 Filename Conventions 38.8.1.1 Example FTP Commands 38.8.2 FTP Command Line Procedure Table 123 Filename Conventions 38.8.3 GUI-based FTP Clients 38.8.4 FTP Restrictions Page CHAPTER 39 Access Control Figure 190 Management > Access Control 39.1 Access Control Overview 39.2 The Access Control Main Screen 39.3 About SNMP Figure 191 SNMP Management Model 39.3.1 SNMP v3 and Security 39.3.2 Supported MIBs Table 125 SNMP Commands MGS3700-12C Users Guide 39.3.3 SNMP Traps Table 126 SNMP System Traps Table 126 SNMP System Traps (continued) Table 127 SNMP InterfaceTraps Table 127 SNMP InterfaceTraps (continued) Table 128 AAA Traps Table 128 AAA Traps (continued) Table 129 SNMP IP Traps Table 130 SNMP Switch Traps 39.3.4 Configuring SNMP Figure 192 Management > Access Control > SNMP Table 130 SNMP Switch Traps (continued) Page Table 131 Management > Access Control > SNMP (continued) 39.3.5 Configuring SNMP Trap Group Figure 193 Management > Access Control > SNMP > Trap Group Table 132 Management > Access Control > SNMP > Trap Group 39.3.6 Setting Up Login Accounts Note: It is highly recommended that you change the default administrator password (1234). Figure 194 Management > Access Control > Logins Table 133 Management > Access Control > Logins 39.4 SSH Overview Figure 195 SSH Communication Example Table 133 Management > Access Control > Logins (continued) 39.5 How SSH works Figure 196 How SSH Works 39.6 SSH Implementation on the Switch 39.6.1 Requirements for Using SSH 39.7 Introduction to HTTPS 39.8 HTTPS Example 39.8.1 Internet Explorer Warning Messages Figure 198 Security Alert Dialog Box (Internet Explorer) 39.8.2 Netscape Navigator Warning Messages Page 39.9 Service Port Access Control Figure 202 Management > Access Control > Service Access Control 39.10 Remote Management Table 134 Management > Access Control > Service Access Control Figure 203 Management > Access Control > Remote Management Table 135 Management > Access Control > Remote Management Page CHAPTER 40 Diagnostic Figure 204 Management > Diagnostic 40.1 Diagnostic Table 136 Management > Diagnostic CHAPTER 41 Syslog 41.1 Syslog Overview Table 137 Syslog Severity Levels 41.2 Syslog Setup Figure 205 Management > Syslog Table 138 Management > Syslog 41.3 Syslog Server Setup Figure 206 Management > Syslog > Syslog Server Setup Table 139 Management > Syslog > Syslog Server Setup Page CHAPTER 42 Cluster Management 42.1 Cluster Management Status Overview Table 140 ZyXEL Clustering Management Specifications 42.2 Cluster Management Status 42.2.1 Cluster Member Switch Management Table 141 Management > Cluster Management: Status Chapter 42 Cluster Management configurator home page and the home page that you'd see if you accessed it directly are different. Figure 209 Cluster Management: Cluster Member Web Configurator Screen 42.2.1.1 Uploading Firmware to a Cluster Member Switch Figure 210 Example: Uploading Firmware to a Cluster Member Switch Table 142 FTP Upload to Cluster Member Example 42.3 Clustering Management Configuration Figure 211 Management > Cluster Management > Configuration Table 143 Management > Cluster Management > Configuration Chapter 42 Cluster Management MGS3700-12C Users Guide 401 Table 143 Management > Cluster Management > Configuration (continued) Page CHAPTER 43 MAC Table 43.1 MAC Table Overview 43.2 Viewing the MAC Table Chapter 43 MAC Table MGS3700-12C Users Guide 405 The following table describes the labels in this screen. Table 144 Management > MAC Table Page CHAPTER 44 ARP Table 44.1 ARP Table Overview 44.1.1 How ARP Works 44.2 Viewing the ARP Table Figure 214 Management > ARP Table Table 145 Management > ARP Table CHAPTER 45 Configure Clone Figure 215 Management > Configure Clone 45.1 Configure Clone Chapter 45 Configure Clone Table 146 Management > Configure Clone Page Page Page Page CHAPTER 46 Troubleshooting One of the LEDs does not behave as expected. 46.1 Power, Hardware Connections, and LEDs The Switch does not turn on. None of the LEDs turn on. 46.2 Switch Access and Login I forgot the IP address for the Switch. I forgot the username and/or password. I cannot see or access the Login screen in the web configurator. I can see the Login screen, but I cannot log in to the Switch. 46.3 Switch Configuration MGS3700-12C Users Guide 419 CHAPTER 47 Product Specifications The following tables summarize the Switchs hardware and firmware features. Table 147 Hardware Specifications SPECIFICATION DESCRIPTION Table 148 Firmware Specifications Table 147 Hardware Specifications Page Note: Only upload firmware for your specific model! Table 148 Firmware Specifications Table 149 Feature Specifications Table 149 Feature Specifications (continued) Chapter 47 Product Specifications MGS3700-12C Users Guide 425 The following list, which is not exhaustive, illustrates the standards supported in the Switch. Table 150 Standards Supported STANDARD DESCRIPTION Table 150 Standards Supported (continued) STANDARD DESCRIPTION 47.1 Fan Module Removal and Installation Page Page Page APPENDIX A Common Services Table 151 Commonly Used Services Appendix A Common Services Table 151 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION Appendix A Common Services MGS3700-12C Users Guide 433 Table 151 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION Page APPENDIX B 1 1/2012 Information Copyright Disclaimer Trademarks FCC Warning CE Mark Warning: Taiwanese BSMI (Bureau of Standards, Metrology and Inspection) A Warning: Notices Viewing Certifications ZyXEL Limited Warranty Note Registration Page Index Numbers A B C D E F G H I L M N P Q R S T U V W Z