Manuale d’uso / di manutenzione del prodotto GS2200-8/24 del fabbricante ZyXEL Communications
Vai alla pagina of 332
www .zyxel.com GS2200-8/24 Series Intelligent Layer 2 GbE Switch Copyright © 201 1 ZyXEL Communications Corporation Firmware V ersi on 4.00 Edition 1, 12/2011 Default Login Details IP Address http://192.
.
About This User's Guide GS2200-8/24 User’s Gui de 3 About This User's Guide IMPORT ANT! READ CAREFULL Y BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Intended Audience This manual is intended for people who want to configure the S w itch us ing the web configurator .
About This User's Guide GS2200-8/24 User’s Gui de 4 Need More Help? More help is available at www .zyxel.com. • Download Library Search for the latest product updates and documentation from this link.
About This User's Guide GS2200-8/24 User’s Gui de 5 • Brief description of the problem and the steps you took to solve it..
Document Conventions GS2200-8/24 User’s Gui de 6 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User’ s Guide.
Document Conventions GS2200-8/24 User’s Gui de 7 Server DSLAM Firewall Te l e p h o n e Ro u t er.
Safety Warnings GS2200-8/24 User’s Gui de 8 Safety Warnings • Do NOT use this pro duct near water , for example, in a wet basement or near a swimming pool. • Do NOT expose y our device to da mpness, dust or corros ive liquids. • Do NOT stor e things on the device.
Contents Overview GS2200-8/24 User’s Gui de 9 Contents Overview User ’ s Guide ......................................................................................... ......................... ..................... 21 Getting to Know Y our Sw itch .
Contents Overview GS2200-8/24 User’s Gui de 10 Diagnostic ................ ............. ................. ................ ............. ................ ................ ......... ................. ........ 285 Syslog ............. ...............
Table of Contents GS2200-8/24 User’s Gui de 11 Table of Contents About This User's Guide ................................................................................. ....................... .............. 3 Document Conventions ...........
Table of Contents GS2200-8/24 User’s Gui de 12 3.2.4 Power Connector .................... ... ... ... ... ............. .... ... ... ... .... ... ... ... ............. ... .... ... ... ... ... .. ........ .... 35 3.3 LEDs ............. ... .... ....
Table of Contents GS2200-8/24 User’s Gui de 13 Chapter 8 Basic Setting .............................................. .......................................... ......................... ..................... 66 8.1 Overview ................ ... ...
Table of Contents GS2200-8/24 User’s Gui de 14 1 1.2 Conf iguring S tatic Multicast Forwarding ........ ................ ................ ................ ................ ......... ...... 104 Chapter 12 Filtering ...................................
Table of Contents GS2200-8/24 User’s Gui de 15 16.1.1 What Y ou Can Do ................. ................ ............. ............. ............ ................. ............ .... ........ 134 16.2 Port Mirroring Setup ...... ....................
Table of Contents GS2200-8/24 User’s Gui de 16 21.2.1 Viewing and Editin g Policy Configuration ............... ................ ................ ................ ............ 163 21.3 Policy Example ........ ................ ............. ...... ..
Table of Contents GS2200-8/24 User’s Gui de 17 25.3 IP Source Guard S tatic Bi nding ..... ... ... ... ... .... ............. ... ... ... .... ... ............. ... ... ... .... ... ... ........ .......... 195 25.4 DHCP Snooping ............... ... .
Table of Contents GS2200-8/24 User’s Gui de 18 29.1.1 What Y ou Can Do ................. ................ ............. ............. ............ ................. ............ .... ........ 231 29.1.2 What Y ou Need to Know ....... ............ ..
Table of Contents GS2200-8/24 User’s Gui de 19 34.1.1 What Y ou Can Do ................. ................ ............. ............. ............ ................. ............ .... ........ 255 34.2 The Mainte nance Screen ...... ... .... ... ... .
Table of Contents GS2200-8/24 User’s Gui de 20 Chapter 38 Cluster Management .................................. ..................................................... ...................... ........... 290 38.1 Overview ....... ................ .....
21 P ART I User ’ s Guide.
22.
GS2200-8/24 User’s Gui de 23 C HAPTER 1 Getting to Know Your Switch 1.1 Introduction This chapter introduces the main features and applications of the Switch. The Switch is a lay er-2 standalone Ethernet switch with additional layer -2, layer-3, and la yer-4 features suitable for Ethernets.
Chapter 1 Getting to Know Your Switch GS2200-8/24 User’s Gui de 24 In this example, all computers can share high-spe ed applic ations on the serv er . T o expand the network, simply add more networking devices such as switches, routers, computers, print servers etc.
Chapter 1 Getting to Know Your Switch GS2200-8/24 User’s Gui de 25 Switching to higher-speed LANs such as A TM (Asy nchronous T ransmission Mode) is not feasible for most people due to the expense of replacing all existing Ethernet cables and adapter cards, restructuring your network and complex maintenance.
Chapter 1 Getting to Know Your Switch GS2200-8/24 User’s Gui de 26 Shared resources such as a server can be used by all ports in the same VLAN as the server . In the following figure only ports that need access to th e server need to be part of VLAN 1.
GS2200-8/24 User’s Gui de 27 C HAPTER 2 Hardware Installation and Connection 2.1 Inst allation Scenarios This chapter shows you how to install and connect the Sw itch. The Switch can be placed on a desktop or r ack-mounted on a stan dard EIA rack. Use the rubber feet in a desktop installation and the br ackets in a r ack -mounted installation.
Chapter 2 Hardware Installation and Connection GS2200-8/24 User’s Gui de 28 • Make sure the position of the S witch does not make the rack unstable or top-heavy . T ake all necessary precautions to anchor the rack securely before installing the unit.
Chapter 2 Hardware Install ation and Conne ction GS2200-8/24 User’s Gui de 29 2.3.3 Mounting the Switch on a Rack 1 Po sition a mounting bracket (that is already attached to the Switch) on one side of the rack, lining up the two screw holes on the brack e t with the screw holes on the side o f the rack.
Chapter 2 Hardware Installation and Connection GS2200-8/24 User’s Gui de 30 2 Align the holes on the back of the Switch with the screws on the wall. Hang the Switch on the screws. Figure 7 W all-mounting Example The Switch should be wall-mounted horizont ally .
GS2200-8/24 User’s Gui de 31 C HAPTER 3 Hardware Panels 3.1 Overview This chapter describes the front panel and rear pa nel of the Switch and shows you how to make the hardware connections. 3.2 Front Panels The following figure shows the front panel of the S witch.
Chapter 3 Hardware Pan els GS2200-8/24 User’s Gui de 32 Figure 1 1 Front Panel (GS2200-24) Figure 12 Front Panel (GS2200-24P) The following table describes the port labels on the front panel.
Chapter 3 Hardware Panels GS2200-8/24 User’s Gui de 33 3.2.1 Console Port For local management, y ou can use a computer with terminal emulation software configured to the following parameters: • V.
Chapter 3 Hardware Pan els GS2200-8/24 User’s Gui de 34 signal on the cable and using half duplex mode. Wh en the Switch ’ s auto-negotiation is turned off , an Ethernet port uses the pre-configur.
Chapter 3 Hardware Panels GS2200-8/24 User’s Gui de 35 5 Connect the fiber optic cables to the transceiv er . Figure 13 T ransceiver Installation Example Figure 14 Connecting the Fiber Optic Cables 3.2.3.2 T r ansceiver Removal Use the following steps to remo ve a mini-GBIC tr ansceiver (SFP module).
Chapter 3 Hardware Pan els GS2200-8/24 User’s Gui de 36 T o connect power to the Switch, insert the female end of the power cord to the AC power receptacle on the front panel. Connect the other end of the supplied power cord to a power outlet. Mak e sure that no objects obstruct the airflow of the fans (located on the side of th e unit).
37 P ART II T echnical Reference.
38.
GS2200-8/24 User’s Gui de 39 C HAPTER 4 The Web Configurator 4.1 Overview This section introduces the configur a tion and functions of the web configur ator . The web configurator is an HTML -based management interface that allows easy Switch setup and management via Intern et browser .
Chapter 4 The Web Configurator GS2200-8/24 User’s Gui de 40 4.3 The S t atus Screen The Status screen is the first screen that displays when you access the web configur ator . This guide uses the GS2200-24P screens as an example. The scr eens may vary slightly for different models.
Chapter 4 The Web Con figurator GS2200-8/24 User’s Gui de 41 E - Click this link to display web help pages. Th e help pages provide descriptions for all of the configuration screens. In the navigation panel, click a main link to reveal a list of submenu links.
Chapter 4 The Web Configurator GS2200-8/24 User’s Gui de 42 VLAN This link takes you to scre ens whe r e yo u can conf igure port -based or 802.1Q VLAN (dependi ng on what you co nfigured i n the Sw itch Set up menu). Y ou can also c onfigure a protocol based VLAN or a subnet based VLAN in th ese screens .
Chapter 4 The Web Con figurator GS2200-8/24 User’s Gui de 43 DiffServ This link takes you to screens wher e yo u can enable DiffServ , configure marking rules and set DSCP-to-IEEE802.1p mappings. DHCP This link takes you to screens whe re you can configure the DHCP settings.
Chapter 4 The Web Configurator GS2200-8/24 User’s Gui de 44 4.3.1 Change Y our Password After you log in for the first time, it is recommended y ou change the default administrator password. Click Management > Access Control > Logins to display the next screen.
Chapter 4 The Web Con figurator GS2200-8/24 User’s Gui de 45 2 Delete all port-based VLANs with the CPU port as a member . The “CPU port” is the management port of the Switch. 3 Filter all traffic to the CPU port. 4 Disable all ports. 5 Misconfigure the text configuration file.
Chapter 4 The Web Configurator GS2200-8/24 User’s Gui de 46 4.7 Logging Out of the W eb Configurator Click Logout in a screen to exit the web configur ator . Y ou have to log in with your password again after you log out. This is recommended after you finish a management session for security reasons.
GS2200-8/24 User’s Gui de 47 C HAPTER 5 Initial Setup Example 5.1 Overview This chapter shows how to set up th e Switch for an example network. The following lists the configuration steps fo r the initial setup: • Create a VLAN • Set port VLAN ID • Configure the Switch IP management address 5.
Chapter 5 Initial Setup Ex am ple GS2200-8/24 User’s Gui de 48 1 Click Advanced Application > VL AN in the navigation panel and click the Static VLAN link. 2 In the Static VLAN screen, select ACTIVE , enter a descriptive name in the Name field and enter 2 in the VLAN Group ID field for the VLAN2 network.
Chapter 5 Initial Se tup Example GS2200-8/24 User’s Gui de 49 In the example netw ork, conf igure 2 as the port VID on port 1 so that any untagged fr ames received on that port get sent to VLAN 2. Figure 23 Initial Setup Network Example: Port VID 1 Click Advanced Applications > VLAN in the navigation panel.
Chapter 5 Initial Setup Ex am ple GS2200-8/24 User’s Gui de 50 1 Connect your computer to any Ethernet port on the Switch. Mak e sure your computer is in the same subnet as the Switch. 2 Open your web browser and enter 192.1 68.1.1 (the de fault IP address) in the addre ss bar to access the web configurator .
GS2200-8/24 User’s Gui de 51 C HAPTER 6 Tutorials 6.1 Overview This chapter provides some examples of using th e web configur ator to set up and use the Switch. The tutorials include: • How to Use DHCP Snooping on the S witch • How to Use DHCP R elay on the Sw itch 6.
Chapter 6 Tutorials GS2200-8/24 User’s Gui de 52 2 Go to Advanced Application > VLAN > Static VLAN , and create a VL AN with ID of 100. Add ports 5, 6 and 7 in the VLAN by selecting Fixed in the Control fie ld as show n. Deselect Tx Tagging because you don’t want outgoing traffic to contain this VLAN tag.
Chapter 6 Tutorials GS2200-8/24 User’s Gui de 53 4 Go to Advanced Application > IP Source Guard > DHCP snooping > Configure , activate and specify VLAN 100 as the DHCP VLAN as shown. C lick Apply . Figure 28 T utorial: Specify DHC P VL AN 5 Click the Port link at the top right corner .
Chapter 6 Tutorials GS2200-8/24 User’s Gui de 54 7 Go to Advanced Application > IP Source Guard > DHCP snooping > Configure > VLAN , show VLAN 100 by entering 100 in the St art VID and End VID fiel ds an d click Ap ply . Then select Yes in the Enabl ed field of the VLAN 100 entry shown at the bottom section of the screen.
Chapter 6 Tutorials GS2200-8/24 User’s Gui de 55 6.3.1 DHCP Relay T u torial Introduction In this example, you have configured your DHCP server (192.168.2.3) and want to have it assign a specific IP address (say 172.16.1.18) to DHCP client A based on the system name, VLAN ID and port number in the DHCP request.
Chapter 6 Tutorials GS2200-8/24 User’s Gui de 56 2 Go to Basic Setting > Switch Setup and set the VLAN t ype to 802.1 Q . Click Apply to save the settings to the run-time memory . Figure 33 T utorial: Set VLAN T ype to 802.1Q 3 Click Advanced Application > VLAN > Static VLAN .
Chapter 6 Tutorials GS2200-8/24 User’s Gui de 57 7 Click Add to save the settings to the run-time memory . Settings in the run-time memory are lost when the Switch’ s power is turned off .
Chapter 6 Tutorials GS2200-8/24 User’s Gui de 58 10 Click Apply to save your changes back to the run-time memory . Figure 36 T utorial: Add T ag for Frames R eceived on Port 2 11 Click the Save link in the upper right corner of the web configurator to save yo ur configuration permanently .
Chapter 6 Tutorials GS2200-8/24 User’s Gui de 59 5 Click Apply to save your changes back to the run-time memory . Figure 37 T utorial: Set DHCP Server and R e lay Information 6 Click the Save link in the upper right corner of the web configurator to save yo ur configuration permanently .
GS2200-8/24 User’s Gui de 60 C HAPTER 7 System Status and Port Statistics 7.1 Overview This chapter describes the screens for system status (web configurator home page), port details and P oE status. The home screen of the web configurator displays a port statistical summary with links to each port showing statistical details.
Chapter 7 System Status and Port Statistics GS2200-8/24 User’s Gui de 61 7.2 Port S t atus Summary T o view the port statistics, click Status in all web configurator screens to display the Status screen as shown next. Figure 38 Status (GS2200-24) Figure 39 Status (GS2200-24P) The following table describes the labels in this screen.
Chapter 7 System Status and Port Statistics GS2200-8/24 User’s Gui de 62 Link This field displays the speed (either 100M for 100Mbps or 1000M for 1000Mbps) and t he duplex ( F for full duplex or H for half ). It also shows th e cable type ( Copper or Fiber ) for the combo ports.
Chapter 7 System Status and Port Statistics GS2200-8/24 User’s Gui de 63 7.2.1 St atus: Port Det ails Click a number in the Port column in the Status screen to display individual port statistics. Use this screen to check status and detailed performance data about an individual port on the Switch.
Chapter 7 System Status and Port Statistics GS2200-8/24 User’s Gui de 64 Status If STP (Spanning T ree Protocol) is enabled, th is fi eld displays the STP s tate of the port (see Sectio n 13.1 on page 109 for more information). If STP is disabled, this field displays FORWARDING if the link is up, otherwi se, it displays STOP .
Chapter 7 System Status and Port Statistics GS2200-8/24 User’s Gui de 65 128-255 This field shows t he number of packets (inc ludin g bad packets) rece ived that were between 128 and 255 octets in length. 256-511 This field shows t he number of packets (inc ludin g bad packets) rece ived that were between 256 and 511 octets in length.
GS2200-8/24 User’s Gui de 66 C HAPTER 8 Basic Setting 8.1 Overview This chapter describes how to configure the System Info , General Set up , Switch Setup , IP Setup , Port Setup , and PoE screens. 8.1.1 What Y ou Can Do •U s e t h e System Info screen ( Section 8.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 67 8.2 System Information In the navigation panel, click Basic Setting > System Info to display the screen as shown. Y ou can check the firmware v ersion number . Figure 41 Basic Setting > System Info The following table describes the labels in this screen.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 68 Fa n S p e e d (RPM) A properly function ing fan is an es sential co mpon ent (along with a sufficiently ven tilated, cool operating environment) in order for the device to stay within the temperature threshold.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 69 8.3 General Setup Use this screen to configure general settings such as the system name and time. Click Bas ic Setting > General Se tup in the navigation panel to display the screen as shown. Figure 42 Basic Setting > General Setup The following table describes the labels in this screen.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 70 8.4 Introduction to VLANs A VLAN (Virtual Local Area Network) allows a ph ysic al network to be partitioned into multiple logical networks. Devices on a logical network belong to on e gr ou p. A d ev i ce ca n be lo ng t o m or e t ha n on e group.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 71 VLAN also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain. In traditional switched environments, all broadcast pack ets go to each and every individual port.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 72 8.6 IP Setup Use the IP Setup screen to configure the Switch IP addres s, default gateway device, the default domain name server and the management VLAN ID. The default gateway specifies the IP address of the default gateway (next hop) for outgoing traffic.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 73 8.6.1 Manage ment IP Addresses The Switch needs an IP address for it to be ma naged over the network. The factory default IP address is 192.168.1.1. The subnet mask specifies the network number portion of an IP address.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 74 DHCP Client Select this option if y ou have a DHCP server that can as sign the Switch an IP address, subnet mask, a default gateway IP addres s and a domain name server IP address automatically .
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 75 8.7 Port Setup Use this screen to configure Switch port settings. Click Basic Setting > Port Setup in the navigation panel to displa y the configur ation screen. Figure 45 Basic Setting > Port Setup The following table describes the labels in this screen.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 76 8.8 PoE S t atus Note: The following screens are av aila ble for the GS2200-8HP or GS2200-24P model only . Some features are only available for the Ethernet port s (1 to 8 or 1 to 24). Speed/Duplex Select the spee d and the duplex mode of the Et hernet conn ection on this port.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 77 The GS2200-8HP supports the IEEE 802.3at High Power over Ethernet (P oE) standard and the GS2200-24P supports the IEEE 802.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 78 T o vie w the current amount of power that PDs are receiving from the Switch, click Basic Setting > PoE . Figure 47 Basic Setting > PoE Status The following table describes the labels in this screen.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 79 8.8.1 PoE Setup Use this screen to set the priority levels for the Switch in distributing power to PDs.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 80 Click the PoE Setup link in the Basic Setting > PoE Status screen. The following screen opens. Figure 48 Basic Setting > PoE > P oE Setup The following table describes the labels in this screen.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 81 Apply Click Apply to save your changes to the Switc h’s run-time memory . The Switch loses thes e changes if it is turned off or loses power , so use the Save link on the top navigati on panel to save your changes to the non-volatile memory when you are done co nfigu ring.
Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 82.
GS2200-8/24 User’s Gui de 83 C HAPTER 9 VLAN 9.1 Overview This chapter shows you how to configure 802.1Q ta gged and port-based VLANs. The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. 9.1.1 What Y ou Can Do •U s e t h e VLAN Status screen ( Section 9.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 84 level is significant and the default VID of the ingre ss port is giv en as the VID of the fr ame. Of the 4096 possible VIDs, a VID of 0 is used to identify priority frames and value 4095 (FFF) is reserved, so the maximum possible VLAN configur ations are 4,094.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 85 9.1.2.2 Port VLAN T runking Enable VLAN Trunking on a port to allow fr ames belonging to unknown VLAN groups to pass through that port. This is useful if you want to set up VLAN groups on end devices without ha ving to configure the same VLAN grou ps on intermediary devices.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 86 St atic VLAN Use a static VLAN to decide whether an incoming fr ame on a port should be • sent to a VLAN grou p as normal depending on its VLAN tag. • sent to a group whether it has a VLAN tag or not. • blocked from a VLAN group regardless of its VLAN tag.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 87 9.2.1 VLAN Det ails Use this screen to view detailed port settings and status of the VLAN group . Click on an index number in the VLAN Status screen to display VLAN details. Figure 52 Advanced Application > VLAN > VLAN Detail The following table describes the labels in this screen.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 88 9.3 Configure a S t atic VLAN Use this screen to configure and view 802.1Q VLAN parameters for the S witch. T o configure a static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 89 * Settings in this row apply to all ports. Use this row only if y ou want to make so me settings t he same for all ports. Use this row first to set the common settings and then ma ke adjustments on a port -by-port basis.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 90 9.4 Configure VLAN Port Settings Use the VLAN Port Setting screen to configure the static VLAN (IEEE 802.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 91 9.5 Subnet Based VLANs Subnet based VLANs allow you to group traffic into logical VLANs based on the source IP subnet you specify . When a frame is received on a port, the S w itch checks if a tag is added already and the IP subnet it c ame from.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 92 untagged incoming frames will be classified based on their source IP subnet and prioritized accordingly . That is video services receiv e the highest priority and data the lowest. Figure 55 Subnet Based VLAN Application Example 9.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 93 Figure 56 Advanced Application > VLAN > VLAN Port Setting > Subnet Based VLAN The following table describes the labels in this screen.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 94 9.6 Protocol Based VLANs Protocol based VLANs allow you to grou p traffic into logical VLANs based on the protocol y ou specify . When an upstream frame is received on a port (configured for a protocol based VLAN), the Switch checks if a tag is added already and its protocol.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 95 Note: Protocol-based VLAN applies to un-tagged packets and is applic able only when you use IEEE 802.1Q tagged VLAN. Note: Y ou can not enable protocol-based VL ANs on the Switch when the Guest VLAN feature is activa t ed on a port.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 96 9.7 Port-based VLAN Setup Port -based VLANs are VLANs where the packet forwar ding decision is based on the destination MAC address and its associated port. Port -based VLANs require allowed outgoing p orts to be defined for each port.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 97 9.7.1 Configure a Port-based VLAN Select Port Based as the VLAN Ty pe in the Basic Setting > Switch Setup screen and then click Advanced Application > VLAN from the navigation panel to display the next screen.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 98 Figure 60 Port Based VLAN Setup (P ort Isolation).
Chapter 9 VLAN GS2200-8/24 User’s Gui de 99 The following table describes the labels in this screen. 9.8 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 9.8.1 Create an IP-based VLAN Example This example shows you how to create an IP VLAN which includes ports 1, 4 and 8.
Chapter 9 VLAN GS2200-8/24 User’s Gui de 100 6 Leave the priority set to 0 an d click Add . Figure 61 Protocol Based VLAN Configuration Example T o add more ports to this protocol based VL AN. 1 Click the index number of the protocol based VLAN entry .
GS2200-8/24 User’s Gui de 101 C HAPTER 10 Static MAC Forward Setup 10.1 Overview This chapter discusses how to configure forwarding rules based on MAC addresses of devices on your net wor k. Use these screens to configure static MAC address forwarding.
Chapter 10 Static MAC Forward Setup GS2200-8/24 User’s Gui de 102 The following table describes the labels in this screen. T a ble 24 Advanced Application > Static MAC Forwarding LABEL DESCRIPTION Active Select this check bo x to activ ate your rule.
GS2200-8/24 User’s Gui de 103 C HAPTER 11 Static Multicast Forward Setup 1 1.1 Overview This chapter discusses how to configure forwarding rules based on multicast MAC addresses of devices on your network. Use these screens to configure static multicast address forwarding.
Chapter 11 Static Multicast Forward Setup GS2200-8/24 User’s Gui de 104 within a VLAN group. Figure 64 shows frames being fo rwarded to devices connected to po rt 3.
Chapter 11 Static Multicast Forward Setup GS2200-8/24 User’s Gui de 105 Click Advanced Application > Static Multicast Forwarding to display the configuration screen as shown. Figure 66 Advanced Application > Static Multicast F orwarding The following table describes the labels in this screen.
Chapter 11 Static Multicast Forward Setup GS2200-8/24 User’s Gui de 106 Port This field displays the port(s ) within a identified VLAN group to whi ch fr ames c ontaining the specified mult icast MAC a ddress will be forwarded. Delete Click Delete to r emove the selected entry from the summary table.
GS2200-8/24 User’s Gui de 107 C HAPTER 12 Filtering 12.1 Overview This chapter discusses MAC address port filtering. Filtering means sifting traffic going through the Switch based on the source and/or destination MAC addresses and VLAN group (ID). 12.
Chapter 12 Filtering GS2200-8/24 User’s Gui de 108 The following table describes the related labels in this screen. T a ble 26 Advanced Application > Filtering LABEL DESCRIPTION Active Make sure to select this check box to activate y our rule. Y ou m ay temporaril y deactivate a rul e without deleti ng i t by dese lecting this c heck box.
GS2200-8/24 User’s Gui de 109 C HAPTER 13 Spanning Tree Protocol 13.1 Overview The Switch supports Spanning T ree Protocol (S TP), Rapid Spanning T ree Protocol (RSTP) and Multiple Spanning T ree Protocol (MSTP) as defined in the following standards.
Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 11 0 (Rapid) Sp anning T r ee Protocol (R)STP detects and breaks netw ork loops and pro v ides backup links between switches, bridges or routers.
Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 111 predefined interval (Max Age), the bridge assumes that the link to the root bridge is down. This bridge then initiates negotiations with other br idges to reconfigure the network to re-establish a valid network topology .
Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 11 2 Multiple STP Multiple Spanning T ree Protocol (IEEE 802.1s ) is backward compatible with STP/RSTP and addresses the limitations of e.
Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 11 3 13.3 S p anning T ree Configuration Use the Spanning Tree Configuration screen to activate one of the STP modes on th e Switch. Click Configuration in the Advanced Application > Spanning Tree Protocol .
Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 11 4 13.4 Configure Rapid S p anning T ree Protocol Use this screen to configure RSTP settings, see (R apid) Spanning T ree Protocol on page 110 for more information on RSTP . Click RSTP in the Advanced Application > Spanning Tree Protocol screen.
Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 11 5 13.5 Rapid S p anning T ree Protocol S t atus Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 13.
Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 11 6 Note: This screen is only av ailable after you activ ate RSTP on the Switch. Figure 72 Advanced Application > Spanning T ree Protocol > Status: RSTP The following table describes the labels in this screen.
Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 11 7 13.6 Configure Multiple Ra pid S p anning T ree Protocol T o configure MRSTP , click MRSTP in the Advanced Application > Spanning Tree Protocol screen. See Multiple RSTP on page 111 for more information on MRSTP .
Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 11 8 13.7 Multiple Rapid S p anning T r ee Protocol St atus Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 13.
Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 11 9 Note: This screen is only av ailable after you activ ate MRSTP on the Swit ch. Figure 74 Advanced Application > Spanning T ree Protocol > Status: MRSTP The following table describes the labels in this screen.
Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 120 13.8 Configure Multiple S p anning T ree Protocol T o configure MSTP , click MSTP in the Advanced Applicat ion > Spanning Tree Proto col screen. See Multiple STP on page 112 for more information on MSTP .
Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 121 The following table describes the labels in this screen. T a ble 34 Advanced Application > Spanning T ree Protocol > MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen (see Figure 77 on page 124 ).
Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 122 VLAN Range Enter the st art of the VLAN ID r ange that you want to add or remove from the VLAN range edit area i n the Start field. Enter the end of the VL AN ID ran ge that yo u want to add or remove from the VLAN r ange edit area in the End field.
Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 123 13.8.1 Multiple S p anning T ree Protocol Port Configuration T o configure MSTP ports, click Port in the Adva nced Application > Spanning Tree Protocol > MSTP screen.
Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 124 Note: This screen is only av ailable after you activ ate MSTP on the Switch. Figure 77 Advanced Application > Spanning T ree Protocol > Status: MSTP The following table describes the labels in this screen.
Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 125 13.10 T echnical Reference This section provides technical background information on the topics discussed in this chapter . Port ID This is the priority and number of the po rt on the Switch through which this Sw itch must communicate with the root of th e Span ning T r ee.
Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 126 13.10.1 MSTP Network Example The following figure shows a network example where two VLANs are configured on the two switches.
Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 127 Devices that belong to the same MST region are configu red to have the same MSTP configur ation identification settings. These include the following parameters: • Name of the MST region • Revision level as the unique number for the MST region • VLAN-to-MST Instance mapping 13.
Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 128 that runs between MST regions and single spanning tree devices. A network ma y contain multiple MST regions and other network segments running RSTP .
GS2200-8/24 User’s Gui de 129 C HAPTER 14 Bandwidth Control 14.1 Overview This chapter shows you how y ou can cap the maximu m bandwidth using the Bandwidth Control screen. Bandwidth control means de fining a maximum allowab le bandwidth for o ut-going tr affic flows on a port.
Chapter 14 Bandwidth Control GS2200-8/24 User’s Gui de 130 14.2 Bandwid th Control Setup Click Advanced Application > Bandwidth Control in the navigation panel to bring up the screen as shown next. Figure 82 Advanced Application > Bandwidth Control The following table describes the related labels in this screen.
Chapter 14 Bandwidth Control GS2200-8/24 User’s Gui de 131 Apply Click Apply to save your changes to the Switch’ s run-time memory . The Switch lose s these changes if it is tu rned off or loses po wer , so use the Save link on the top na vigation panel t o sav e your changes to the no n -volatile me mory when you are done configuring.
GS2200-8/24 User’s Gui de 132 C HAPTER 15 Broadcast Storm Control 15.1 Overview This chapter introduces and shows you how to configure the broadcast storm control feature. Broadcast storm control limits the number of broadc ast, multicast and destination lookup failure (DLF) packets the Switch receives per second on the ports.
Chapter 15 Broadcast Storm Control GS2200-8/24 User’s Gui de 133 15.2 Broadcast S torm Control Setup Click Advanced Application > Broadcast Storm Control i n the navigation panel to display the screen as shown next. Figure 83 Advanced Application > Broadcast Storm Control The following table describes the labels in this screen.
GS2200-8/24 User’s Gui de 134 C HAPTER 16 Mirroring 16.1 Overview This chapter discusses port mirroring setup screens. Po rt mirroring allows you to copy a tr affic flow to a monitor port (the port y ou copy the tr affic to) in order that you can examine the tr affic from the monitor port without interference.
Chapter 16 Mirroring GS2200-8/24 User’s Gui de 135 16.2 Port Mirroring Setup Click Ad vanced Applicatio n > Mirroring in the navigation panel to display the Mirroring screen. Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port.
Chapter 16 Mirroring GS2200-8/24 User’s Gui de 136 Apply C lick Apply to save y our changes to the Switch’ s run-time me mory . The Switch loses th ese changes if it is turned off or loses power , so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done c o nfiguring.
GS2200-8/24 User’s Gui de 137 C HAPTER 17 Link Aggregation 17.1 Overview This chapter shows you how to logically aggregate ph ysical links to form one logical, higher- bandwidth link. Link aggregation (trunking) is the groupin g of ph ysical ports into one logical higher -capacity link.
Chapter 17 Link Aggregation GS2200-8/24 User’s Gui de 138 is, if an operational port fails, then one of th e “standby” ports become oper ational without user intervention. Please note that: • Y ou must connect all ports point -to-point to the same Ethernet switch and configure the ports for LACP trunking.
Chapter 17 Link Aggrega tion GS2200-8/24 User’s Gui de 139 The following table describes the labels in this screen. T a ble 42 Advanced Application > Link Aggregation Status LABEL DESCRIPTION Group ID This field displays the grou p ID to identify a trunk group, th at is, one logical link containing multiple ports.
Chapter 17 Link Aggregation GS2200-8/24 User’s Gui de 140 17.3 Link Aggregation Setting Click Advanced Application > Link Aggregation > Link Aggregation Setting to display the screen shown next. See Section 17.1 on page 137 for more information on link aggregation.
Chapter 17 Link Aggrega tion GS2200-8/24 User’s Gui de 141 Criteria Se lect the outgoi ng t raffic distribution type. P ackets fr om the same source and/or t o the same destination are sent ov er the same lin k within the tru nk. By default, the Swit ch uses the src-dst-mac distribution type.
Chapter 17 Link Aggregation GS2200-8/24 User’s Gui de 142 17.4 Link Aggregation Control Protocol Click Advanced Application > Link Aggregation > Link Aggregation Setting > LACP to display the screen shown next. See Dynamic Link Aggregation on page 137 for more information on dynamic link aggregation.
Chapter 17 Link Aggrega tion GS2200-8/24 User’s Gui de 143 17.5 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 17.5.1 S t atic T runking Example This example shows you how to create a static port trunk group for ports 2-5.
Chapter 17 Link Aggregation GS2200-8/24 User’s Gui de 144 1 Make your physical connections - make sure that the ports that y ou want to belong to the trunk group are connected to the same destination. The following figure shows ports 2-5 on switch A connected to switch B .
GS2200-8/24 User’s Gui de 145 C HAPTER 18 Port Authentication 18.1 Overview This chapter describes the IEEE 802.1x authentication method. Port authentication is a way to v alidate access to po rts on the Switch to clients based on an external server (authentication server).
Chapter 18 Port Authen tication GS2200-8/24 User’s Gui de 146 authentication request to a RADI US server . The RADIUS server validates whether this client is allowed access to the port.
Chapter 18 Port Authenticati on GS2200-8/24 User’s Gui de 147 18.3 Activate IEEE 802.1x Security Use this screen to activate IEEE 802.1x securit y . In the Port Au thentic ation screen click 802 .1x to display the configur ation screen as shown. Figure 92 Advanced Application > P ort Authe ntication > 802.
Chapter 18 Port Authen tication GS2200-8/24 User’s Gui de 148 18.3.1 Guest VLAN When 802.1x port authentication is enabled on the Switch and its ports, clients that do not have the correct credentials are blocked from using the port(s). Y ou can configure your S witch to have one VLAN that acts as a guest VLAN.
Chapter 18 Port Authenticati on GS2200-8/24 User’s Gui de 149 Figure 94 Advanced Application > P ort Authe ntication > 802.1x > Guest VLAN The following table describes the labels in this screen. T a ble 46 Advanced Application > Port Authentication > 802.
Chapter 18 Port Authen tication GS2200-8/24 User’s Gui de 150 Multi-Secure Num If you set Host-mode to Multi-Secure , s pecify the maximu m number of users (be tween 1 and 9) that the S witch will authenticate on this port . Apply Click Apply to sa ve yo ur changes to the Switch’ s run- time memory .
GS2200-8/24 User’s Gui de 151 C HAPTER 19 Port Security 19.1 Overview This chapter shows you how to set up port security . Po rt security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the S witch.
Chapter 19 Port Security GS2200-8/24 User’s Gui de 152 19.2 Port Security Setup Click Advanced Application > Port Security in the navigation panel to display the screen as shown. Figure 95 Advanced Application > P o rt Security The following table describes the labels in this screen.
Chapter 19 Port Security GS2200-8/24 User’s Gui de 153 Active Select this che ck bo x to en abl e the p ort se curit y feature on this po rt. The S witch forw ards packets whose MAC addres s(es) is in the MAC address table on this port. P ackets with no matching MAC address(es) are dropped.
GS2200-8/24 User’s Gui de 154 C HAPTER 20 Classifier 20.1 Overview This chapter introduces and shows you how to config ure the packet classifie r on the Switch. It also discusses Quality of Service (QoS) and classifier concepts as employ ed by the Switch.
Chapter 20 Classifier GS2200-8/24 User’s Gui de 155 Click Advanced Application > Classifier in the navigation panel to displa y the configuration screen as shown. Figure 96 Advanced Application > Classifier The following table describes the labels in this screen.
Chapter 20 Classifier GS2200-8/24 User’s Gui de 156 20.2.1 V iewing and Editin g Classifier Configuration T o vie w a summary of the classifier configuration, scroll down to the summary table at the bottom of the Classifier screen. T o change the settings of a rule, click a number in the Index field.
Chapter 20 Classifier GS2200-8/24 User’s Gui de 157 Note: When two rules confl ict wi th each other , a higher layer rule has priorit y over lower layer rule. Figure 97 Advanced Application > Classifier: Summary T able The following table describes the labels in this screen.
Chapter 20 Classifier GS2200-8/24 User’s Gui de 158 Some of the most common T CP and UDP port n umbers are: See Appendix B on page 317 for information on commonly used port numbers.
Chapter 20 Classifier GS2200-8/24 User’s Gui de 159 After you hav e configured a classifier , you can configure a policy (in the Policy screen) to define action(s) on the classified traffic f low .
GS2200-8/24 User’s Gui de 160 C HAPTER 21 Policy Rule 21.1 Policy Rules Overview This chapter shows you how to configure policy rules. A classifier distinguishes traffic into flows based on the con figured criteria (refer to Chapter 20 on page 154 for more information).
Chapter 21 Policy Rule GS2200-8/24 User’s Gui de 161 Click Advanced Applications > Policy Rule in the navigation panel to display the screen as shown. Figure 99 Advanced Application > P olicy Rule The following table describes the labels in this screen.
Chapter 21 Policy Rule GS2200-8/24 User’s Gui de 162 Rate Limit Y ou can configure the desired bandwidth available to a traffic flow. T raffic that exceeds the maximum bandwidth alloc ated (in cases whe re the network is congested) is dropped. Bandwidth Specify the ba ndwidth in kilobit per second (K bps).
Chapter 21 Policy Rule GS2200-8/24 User’s Gui de 163 21.2.1 V iewing and Edit ing Policy Configuration T o vie w a summary of the classifier configuration, scroll down to the summary table at the bottom of the Policy screen. T o change the settings of a rule, click a number in the Ind ex field.
Chapter 21 Policy Rule GS2200-8/24 User’s Gui de 164 21.3 Policy Example The figure below shows an example Policy screen where you configure a policy to limit bandwidth on a traffic flow classified using the Example classifier (refer to Section 20.3 on page 158 ).
GS2200-8/24 User’s Gui de 165 C HAPTER 22 Queuing Method 22.1 Overview This chapter introduces the queuing methods supported. Queuing is used to help solve performance degr ad ation when t here is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic.
Chapter 22 Queuing Method GS2200-8/24 User’s Gui de 166 an equal amount of bandwidth, and then mov es to the end of the list; and so on, depending on the number of queues being used.
Chapter 22 Queuing Meth od GS2200-8/24 User’s Gui de 167 The following table describes the labels in this screen. T a ble 54 Advanced Application > Queuing Method LABEL DESCRIPTION Port T his label show s the port you are con figuring. * Settings in this row apply to all ports.
GS2200-8/24 User’s Gui de 168 C HAPTER 23 Multicast 23.1 Overview This chapter shows you how to configure v arious multicast features. T raditionally , I P packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to ev erybody on the networ k).
Chapter 23 Multicast GS2200-8/24 User’s Gui de 169 through it, picks out the group registration inform ation, and configures multicasting accordingly . IGMP snooping allows the Switch to learn multicast groups without you having to manually configure them .
Chapter 23 Multicast GS2200-8/24 User’s Gui de 170 MVR Modes Y ou can set your S witch to operate in either dynamic or compatible mode. In dynamic mode, the Switch sends IGMP leave an d join reports to the other multicast devices (such as multicast routers or servers) in the multicast VLAN.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 171 The following table describes the labels in this screen. 23.3 Multicast Setting Click Advanced Applications > Multicast > Multicast Setting link to display the screen as shown. See Section 23.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 172 The following table describes the labels in this screen. T a ble 56 Advanced Application > Multicast > Multicast Setting LABEL DESCRIPTION IGMP Snooping Use these settings to c onfigure IGM P Snooping.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 173 Max Group Num. Enter the number (0-255) of mult icast grou ps this port i s allowed to join. Once a port is registered in the spe cified number of multicas t groups, any new IGMP j oin report frame(s) is dropped on this port.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 174 23.4 IGMP Snooping VLAN Click Advanced Applications > Multicast in the navigation panel. Click the Multicast Setting link and then the IGMP Snooping VLAN link to display the screen as shown. See IGMP Snooping and VLANs on page 169 for more information on IGMP Snooping VLAN.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 175 23.5 IGMP Filtering Profile An IGMP filtering profile specifie s a range of multicast groups that clients connected to the S witch are able to join. A profile contains a r ange of mu ltica st IP addresses which you want clients to be able to join.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 176 23.6 The MVR Screen Use the MVR screen to create multicast VLANs and select the receiver port(s) and a source port for each multicast VLAN. Click Advanced Applications > Multicast > Multicast Setting > MVR link to display the screen as shown next.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 177 Note: Y our Switch automatically creates a st atic VLAN (with the same VID) when you create a multicast VLAN in this screen. Figure 109 Advanced Application > Multic ast > Multicast Setting > MVR The following table describes the related labels in this screen.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 178 23.6.1 MVR Group Configuration All source ports and receiver ports belonging to a multicast group can receive multicast data sent to this multicast group. Configure MVR IP multicast group address(es) in the Group Configuration screen.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 179 The following table describes the labels in this screen. 23.6.2 MVR Conf iguration Example The following fig ure shows a network example where ports 1, 2 and 3 on the Sw itch belong to VLAN 1.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 180 T o configure the MVR settings on the Switch, create a multicast group in the MVR screen and set the receiver and source ports.
Chapter 23 Multicast GS2200-8/24 User’s Gui de 181 T o set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an exam ple where two multicast groups ( News and Movie ) are configured for the multicast VLAN 200.
GS2200-8/24 User’s Gui de 182 C HAPTER 24 AAA 24.1 Overview This chapter describes how to configure authenti cation and authorization settings on the Switch. The external servers that perform authen tication and authorization functions are known as AAA servers.
Chapter 24 AAA GS2200-8/24 User’s Gui de 183 Local User Account s By storing user profiles locally on the Switch, your Switch is able to authenticate and authoriz e users without interacting with a network AAA serv er . However , there is a limit on the number of users you may authenticate in this way (See C hapter 34 on page 255 ).
Chapter 24 AAA GS2200-8/24 User’s Gui de 184 the authentication features on the S witch. Click on the RADIUS Se rver Setup link in the AAA screen to view the screen as shown. Figure 1 17 Advanced Application > AAA > RADIUS Server Setup The following table describes the labels in this screen.
Chapter 24 AAA GS2200-8/24 User’s Gui de 185 Shared Secret Specify a password (up to 32 alphanumer ic characters) as the k e y to be shared between the external RADIU S server and the S witch. This k ey is not sent o ver the network. This key must be the same on the external RADIUS serve r and the Switc h.
Chapter 24 AAA GS2200-8/24 User’s Gui de 186 24.4 T ACACS+ Server Setup Use this screen to configure your T ACACS+ server settings. See Section on page 183 for more information on T ACACS+ servers. Click on the TACACS+ Server Setup link in the AAA screen to view the screen as shown.
Chapter 24 AAA GS2200-8/24 User’s Gui de 187 TCP P ort Th e default port of a T ACA CS+ server for authentication is 49 . Y ou need not change this value unless your network administ rator instruct s you to do so.
Chapter 24 AAA GS2200-8/24 User’s Gui de 188 24.5 AAA Setup Use this screen to configure authentication and authorization settings on the Sw itch. Click on the AAA Setup link in the AAA scre en to view the screen as shown. Figure 1 19 Advanced Application > AAA > AAA Setup The following table describes the labels in this screen.
Chapter 24 AAA GS2200-8/24 User’s Gui de 189 Login These fields specif y which database the S witch should use (first, secon d and third) to authenticat e administrator accounts (users for Switch management). Configure t he local user acco unts in th e Access Control > Logins screen.
Chapter 24 AAA GS2200-8/24 User’s Gui de 190 24.6 T echnical Reference This section provides technical background information on the topics discussed in this chapter .
Chapter 24 AAA GS2200-8/24 User’s Gui de 191 The following table describes the VS As supported on the Switch. 24.6.1.1 T unnel Pr otocol Attribute Y ou can configure tunnel protocol attributes on th e RADIUS server (refer to your RADIUS server documentation) to assign a port on the Switch to a VLAN based on IEEE 802.
Chapter 24 AAA GS2200-8/24 User’s Gui de 192 24.6.3 Attributes Used for Authentication The following sections list the attributes sent from the Switch to the RADIUS serv er when performing authentication.
GS2200-8/24 User’s Gui de 193 C HAPTER 25 IP Source Guard 25.1 Overview Use IP source guard to filter unauthoriz ed DHCP and ARP packets in your network. IP source guard uses a binding table to distinguish between authorized and unauthorized DHCP and ARP packets in y our network.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 194 •U s e t h e ARP Inspection Port Configure screen ( Section 25.9.1 on page 208 ) to specify whether ports are trusted or untrusted ports for ARP inspecti on. •U s e t h e ARP Inspection VLAN Configure screen ( Section 25.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 195 25.3 IP Source Guard S t atic Binding Use this screen to manage static bindings for DHCP snooping and ARP inspection. Static bindings are uniquely identified by the MAC address and VLAN ID. Each MAC address and VLAN ID can only be in one static binding.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 196 The following table describes the labels in this screen. 25.4 DHCP Snooping Use this screen to look at various statistics abou t the DHCP snooping database. T o open this screen, click Advanced Application > IP So urce Guard > DHCP Snooping .
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 197 Figure 122 DHCP Snooping The following table describes the labels in this screen. T a ble 69 DHCP Snooping LABEL DESCRIPTION Database Status This section displays the c urren t settings for the DHCP snooping database.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 198 Agent runnin g This field di splays the status of th e current update or acce ss of the DHCP snooping database. none : The Switch is not accessin g the DHCP snooping database. read : The Switch is loading dynamic bindings from the DHCP snooping database.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 199 25.5 DHCP Snooping Configure Use this screen to enable DHCP snooping on the Sw itch (not on specific VLAN), s pecify the VLA N where the defau lt DH CP server is lo ca ted , and configure the DHCP snooping database.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 200 still av ailable after a restart. T o open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure . Figure 123 DHCP Snooping Configure The following table describes the labels in this screen.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 201 25.5.1 DHCP Snooping Port Configure Use this screen to specify whether ports are tr usted or untrusted ports for DHCP snooping. Note: If DHCP snooping is enabl ed but there are no t rusted ports, DHCP requests cannot reach the DHCP server .
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 202 Y ou can also specify the maximum number for DHCP pack ets that each port (trus ted or untrusted) can receive each second. T o open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > Port .
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 203 25.5.2 DHCP Snooping VLAN Configure Use this screen to enable DHCP snooping on each VLAN and to specify whether or not the Sw itch adds DHCP .
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 204 25.6 ARP Inspection S t atus Use this screen to look at the current list of MAC address filters that were created because the Switch identified an unautho rized ARP packet.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 205 25.7 ARP Inspection VLAN S t atus Use this screen to look at various statistics about ARP packets in each VLAN. T o open this screen, click Advanced Applicati on > IP Source Gu ard > ARP In s p ect ion > VLAN Status .
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 206 25.8 ARP Inspection Log S t atus Use this screen to look at log messages that were gener ated by ARP packets and that h ave not been sent to the syslog server yet. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Log Status .
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 207 25.9 ARP Inspection Configure Use this screen to enable ARP inspection on the Sw itch. Y ou can also configure the length of time the Switch stores records of discarded ARP pack ets and global settings for the ARP inspection log.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 208 The following table describes the labels in this screen. 25.9.1 ARP Inspection Port Configure Use this screen to specify whether ports are trusted or untrusted ports for ARP inspection. Y ou can also specify the maximum rate at which the Switch receives ARP packets on each untrusted port.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 209 open this screen, click Advanced Application > IP Sour ce Guard > ARP Inspection > Configure > Port . Figure 130 ARP Inspection Port Con figure The following table describes the labels in this screen.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 210 25.9.2 ARP Inspection VLAN Configure Use this screen to enable ARP inspection on each VLAN and to specify when the Switch generates log messages for receiving ARP packets from each VLAN.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 21 1 25.10 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 25.10.1 DHCP Snooping Overv iew Use DHCP snooping to filter un au thorized DHCP packets on the ne twork and to build the binding table dynamically .
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 212 25.10.1.2 DHCP Snooping Dat aba se The Switch stores the binding table in volatile memor y . If the Switch restarts, it loads static bindings from permanent memory but loses the dynamic bindings, in which case the devi ces in the network have to send DHCP reques ts again.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 213 25.10.1.4 Configuring DHCP Snooping Follow th ese steps to configure DHCP snooping on the Switch. 1 Enable DHCP snooping on the Switch. 2 Enable DHCP snooping on each VLAN, and configure DHCP relay option 82.
Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 214 25.10.2.2 T ru sted vs. Untrusted Ports Every port is either a trusted port or an untrusted port for ARP inspection. This setting is independent of the trusted/untrusted setting for DHCP snooping.
GS2200-8/24 User’s Gui de 215 C HAPTER 26 Loop Guard 26.1 Overview This chapter shows you how to configure the Switch to guard against loops on th e edge of your network. Loop guard allows you to configure the Switch to shut down a port if it detects that packets sent out on that port loop back to the Switch.
Chapter 26 Loop Guard GS2200-8/24 User’s Gui de 216 • It will receive broadcast messages sent out from the switch in loop state. • It will receive its own broadcast messages that it sends out as they loop back. It will then re- broadcast those messages again.
Chapter 26 Loop Guard GS2200-8/24 User’s Gui de 217 as loop guard is enabled on port N . The S witch will shut down port N if it detects that the probe packet has returned to the S witch.
Chapter 26 Loop Guard GS2200-8/24 User’s Gui de 218 The following table describes the labels in this screen. T a ble 79 Advanced Application > Loop Guard LABEL DESCRIPTION Active Sel ect this opti on to en able loop guard on the Switch.
GS2200-8/24 User’s Gui de 219 C HAPTER 27 Layer 2 Protocol Tunneling 27.1 Overview This chapter shows you how to configure la yer 2 protocol tunneling on the Switch.
Chapter 27 Layer 2 Protocol Tunnel ing GS2200-8/24 User’s Gui de 220 T o emulate a point-to-point topology between two customer switches at different sites, such as A and B , you can enable protocol tunneling on edge switches 1 and 2 for P AgP (Port Aggregation Protocol), LACP or UDLD (UniDirectional Link Detection).
Chapter 27 Layer 2 Protocol Tunneling GS2200-8/24 User’s Gui de 221 27.2 Configuring Layer 2 Prot ocol T unneling Click Advance d Application > Layer 2 Protocol Tunneling in the navigation panel to display the screen as shown.
Chapter 27 Layer 2 Protocol Tunnel ing GS2200-8/24 User’s Gui de 222 CDP Selec t th is option to have the Switch tunn el CDP (Cisc o Discovery Proto col) packets so th at other Cisco devices can be discovered th rough the service provid er ’s network.
GS2200-8/24 User’s Gui de 223 C HAPTER 28 PPPoE 28.1 PPPoE Intermediate Agent Overview This chapter describes how the Switch give s a PPP oE termination server additional information that the server can use to identify and authenticate a PPP oE client.
Chapter 28 PPPoE GS2200-8/24 User’s Gui de 224 The T ag_T ype is 0x0105 for vendor-specific tags, as defined in RFC 2516. The T ag_Le n indicates the length of V alue, i1 and i2. The V alue is the 32 -bit number 0x00000DE9, which stands for the “ ADSL Forum” IANA entry .
Chapter 28 PPPoE GS2200-8/24 User’s Gui de 225 defined in the DSL F orum W orking T ext (WT)-101. The default access node identifier is the ho st name of the PPP oE intermediate agent and the eth indicates “Ethernet” . 28.1.2.3 Port St ate Every port is either a trusted port or an untrust ed port for the PPPoE intermediate agent.
Chapter 28 PPPoE GS2200-8/24 User’s Gui de 226 28.3 PPPoE Intermediate Agent Use this screen to configure the Switch to giv e a PPPoE termination server additional subscriber information that the server can use to identify and authenticate a PPP oE client.
Chapter 28 PPPoE GS2200-8/24 User’s Gui de 227 28.3.1 PPPoE IA Per-Port Use this screen to specify whether individual ports are trusted or untrusted ports and have the Switch add extr a information to PPP oE discovery packets from PPPoE clients on a per-port basis.
Chapter 28 PPPoE GS2200-8/24 User’s Gui de 228 The following table describes the labels in this screen. 28.3.2 PPPoE IA Per-Port Per-VLAN Use this screen to configure PPP oE IA settings that apply to a specific VLAN on a port.
Chapter 28 PPPoE GS2200-8/24 User’s Gui de 229 Click the VLAN link in the Intermediate Agent > Port screen to display the screen as shown. Figure 145 Advanced Application > PPPoE > Intermediate Agent > P o rt > VL AN The following table describes the labels in this screen.
Chapter 28 PPPoE GS2200-8/24 User’s Gui de 230 28.3.3 PPPoE IA for VLAN Use this screen to set whether the PPPoE Intermedia te Agent is enabled on a VLAN and whether the Switch appends the Circuit ID and/or R emote ID to PPP oE di scovery pack ets from a specific VLAN.
GS2200-8/24 User’s Gui de 231 C HAPTER 29 Error Disable 29.1 Overview This chapter shows you how to configure the r ate limit for control packets on a port, and set the Switch to take an action (such as to shut down a port or stop sending packets) on a port when the Switch detects a pre-configured error .
Chapter 29 Error Disable GS2200-8/24 User’s Gui de 232 29.2 The Error Disable Screen Use this screen to configure error disable related settings. Click Advanced Application > Errdisable in the navigation panel to open the following screen. Figure 147 Advanced Application > Errdisable 29.
Chapter 29 Error Disable GS2200-8/24 User’s Gui de 233 The following table describes the labels in this screen. 29.4 Error-Disable Detect Configuration Use this screen to have the Switch detect whether the control packets exceed the r ate limit configured for a port and configu re the action to take once the limi t is exceeded.
Chapter 29 Error Disable GS2200-8/24 User’s Gui de 234 29.5 Error-Disable R ecovery Configuration Use this screen to configure the Switch to automati cally undo an action after the error is gone. Click the Click Here link next to Errdisable Recovery in the Advanced Application > Errdisable screen to display the screen as shown.
Chapter 29 Error Disable GS2200-8/24 User’s Gui de 235 Timer Status Select this option to allow the Swit ch to wait for th e specified time inte rval to acti vate a port or allow speci fic pack et s on a port, afte r the e rror w as gone. Deselect th is option to turn off this rule.
Chapter 29 Error Disable GS2200-8/24 User’s Gui de 236.
GS2200-8/24 User’s Gui de 237 C HAPTER 30 Static Route 30.1 Overview This chapter shows you how to configure static routes. The Switch uses IP for communication with management computers, for example using HT TP , T elnet , SSH, or SNMP .
Chapter 30 Static Route GS2200-8/24 User’s Gui de 238 30.2 Configuring S t atic Routing Click IP Applicati on > Static Routing in the navigation panel to display the screen as shown. Figure 152 IP Application > Static Routing The following table describes the related labels you use to create a static route.
Chapter 30 Static Route GS2200-8/24 User’s Gui de 239 Destinat ion Address This field displays the IP network address of the fi nal destinatio n. Subnet Mask This field di splays th e subnet mask f or this destination. Gatew ay Address This field displays the IP addr ess of th e gatew a y .
GS2200-8/24 User’s Gui de 240 C HAPTER 31 Differentiated Services 31.1 Overview This chapter shows you how to configure Differ entiated Services (DiffS erv) on the Switch . Quality of Service (QoS) is used to prioritize sour ce-to-destination traffic flows.
Chapter 31 Differenti ated Services GS2200-8/24 User’s Gui de 241 The DSCP value determines the PHB (P er-Hop Behavior), that each pack et gets as it is forwarded across the DiffServ network. Based on the marking ru le different kinds of traffic can be mark ed for different priorities of forwarding.
Chapter 31 Differentiated Services GS2200-8/24 User’s Gui de 242 The following table describes the labels in this screen. 31.3 DSCP-to-IEEE 802.1p Priority Settings Y ou can configure the DSCP to IEEE 802.1p mapping to allow the Switch to prioritize all tr affic based on the incoming DSCP value according to the DiffServ to IEEE 802.
Chapter 31 Differenti ated Services GS2200-8/24 User’s Gui de 243 The following table describes the labels in this screen. T a ble 96 IP Application > DiffServ > DSCP Setting LABEL DESCRIPTION 0 … 63 This is the DSCP classifi cation iden tification nu mber .
GS2200-8/24 User’s Gui de 244 C HAPTER 32 DHCP 32.1 DHCP Overview This chapter shows you how to configure the DHCP feature. DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configur ation at start-up from a server .
Chapter 32 DHCP GS2200-8/24 User’s Gui de 245 DHCP Relay Configure DHCP relay on th e Switch if the DHCP clients and the DHCP server are n ot in the same broadcast domain. During the initial IP addre ss leasing, the Switch helps to relay network information (such as the IP address and subnet mask) between a DHCP client and a DHCP server .
Chapter 32 DHCP GS2200-8/24 User’s Gui de 246 The following table describes the labels in this screen. 32.3 Configuring DHCP Global Relay Configure global DHCP relay in the DHCP Relay screen. Click IP Application > DHCP in the navigation panel and click the Global link to displa y the screen as shown.
Chapter 32 DHCP GS2200-8/24 User’s Gui de 247 32.3.1 Global DHCP Re lay Configuration Example The following figure shows a network ex ample w here the Switc h is used to rela y DHCP re quests f or the VLAN1 and VLAN2 domains. There is only one DHCP serv er that services the DHCP clients in both domains.
Chapter 32 DHCP GS2200-8/24 User’s Gui de 248 See Section 8.6 on page 72 for information on how to set up management IP addresses for VLANs. Figure 161 IP Application > DHCP > VLAN The following table describes the labels in this screen. 32.4.
Chapter 32 DHCP GS2200-8/24 User’s Gui de 249 the academic buildings (VLAN 2) are sent to th e other DHCP server with an IP address of 172.23.10.100. Figure 162 DHCP Relay for T wo VLANs For the example network, configure the VLAN Setting screen as shown.
GS2200-8/24 User’s Gui de 250 C HAPTER 33 ARP Learning 33.1 ARP Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also kn own as a Media Access Control or MAC address, on the local area network.
Chapter 33 ARP Learning GS2200-8/24 User’s Gui de 251 ARP request to the S witch and then sends an IC MP request after getting the ARP reply from the Switch. The Sw itch finds no matched entry for host B in the ARP table and broadcasts the ARP request to all the devices on the LAN.
Chapter 33 ARP Le arning GS2200-8/24 User’s Gui de 252 Therefore in the following example, the Switch can learn host A ’s MAC address from the ARP request sent by host A . The Switch then forwards host B ’ s ICMP reply to host A right after getting host B ’ s MAC address and ICMP reply .
Chapter 33 ARP Learning GS2200-8/24 User’s Gui de 253 The following table describes the labels in this screen. T a ble 101 IP Application > ARP Learning LABEL DESCRIPTION Port This fiel d displays the port number . * Settings in this row apply to all ports.
Chapter 33 ARP Le arning GS2200-8/24 User’s Gui de 254.
GS2200-8/24 User’s Gui de 255 C HAPTER 34 Maintenance 34.1 Overview This chapter explains how to configure the screens that let y ou maintain the firmware and configuration files. 34.1.1 What Y ou Can Do •U s e t h e Maintenance screen ( Section 34.
Chapter 34 Maintenance GS2200-8/24 User’s Gui de 256 34.2.1 Load Factory Default Follow th e steps below to reset the S witch back to the factory defaults. 1 In the Maintenance screen, click the Click Here button next to Load Factory Default to clear all Switch configur ation information you configured and return to the factory defaults.
Chapter 34 Maintenance GS2200-8/24 User’s Gui de 257 34.2.3 Reboot System Reboot System allows you to restart the S witch without physically turning the power off . It also allows you to load configuration one ( Config 1 ) or configuration two ( Config 2 ) when you reboot.
Chapter 34 Maintenance GS2200-8/24 User’s Gui de 258 34.4 Restore a Configuration File Use this screen to restore a previously saved configur ation from your computer to the S witch.
Chapter 34 Maintenance GS2200-8/24 User’s Gui de 259 34.6 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 34.6.1 FTP Command Line This section shows some examples of uploading to or downloading files from the Switch using FTP commands.
Chapter 34 Maintenance GS2200-8/24 User’s Gui de 260 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested (the default is “1234”). 5 Enter bin to set transfer mode to binary . 6 Use put to transfer files from the computer to the Sw itch, for example, put firmware.
GS2200-8/24 User’s Gui de 261 C HAPTER 35 Access Control 35.1 Overview This chapter describes how to control access to the Switch. A console port and FTP are allowed one session each, T elnet and SSH share nine sessions, up to five W eb sessions (five different user names and passwords) and/or limitless SNMP access control sessions are allowed.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 262 Click Management > Access Control in the navigation panel to display the main screen as shown. Figure 171 Management > Access Control 35.3 Configuring SNMP Use this screen to configure your SNMP settings.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 263 Get Community Enter the Get Community string, which is the password for the incoming Get- and GetNext- requests fro m the management station. The Get Community string is only used by SNMP ma nagers using SNMP v ersion 2c or lower .
Chapter 35 Access Control GS2200-8/24 User’s Gui de 264 35.3.1 Configuring SNMP T rap Group Use the Trap Group screen to specify the types of SNMP tr aps that should be sent to each SNMP manager . Click Management > Access Control > SNMP > Trap Group to view the screen as shown.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 265 35.3.2 Configuring SNMP User From the SNMP screen, click User to view the screen as shown. Use the User screen to create SNMP users for authentication with managers using SNMP v3 and associate them to SNMP groups.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 266 35.4 Setting Up Login Account s Use this screen to assign which users can access the Switch via web configur ator at any one time. Up to five people (one administr ator and four non-administrators) may access the S witch via web configurator at any one time.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 267 • A non-administr ator (username is something other than admin ) is someone who can view but not configure Switch settings. Click Management > Access Control > Logins to view the screen as shown next.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 268 35.5 Service Port Ac cess Control Use this screen to decide what services you may use to access the Switch. Service Access Control allows you to decide what services you ma y use to access the Switch.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 269 Y o u can specify a group of one or m ore “trusted computers” from which an administrator ma y use a service to manage the Switch. Click Access Control to return to the Access Control screen.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 270 35.7 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 35.7.1 About SNMP Simple Network Management Protocol (SNMP) is an application layer protocol used to manage and monitor T CP/IP-based devices.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 271 SNMP v3 and Security SNMP v3 enhances security for SNMP manage ment. SNMP managers can be required to authenticate with agents before co ndu cting SNMP management sessions. Security can be further enhanced by encrypti ng the SNMP messages sent from the managers.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 272 temperatu re T emperat ureEventOn 1.3.6.1.4.1. 890.1.5.8.55.2 7.2.1 1.3.6.1.4.1.890 .1.5.8.56.2 7.2.1 1.3.6.1.4.1.890 .1.5.8.59.2 7.2.1 1.3.6.1.4.1.890 .1.5.8.60.2 7.2.1 This trap is sent when the tem p erature goes above or below the normal operating r ang e.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 273 intrusionloc k IntrusionLockEventOn 1.3.6.1.4.1.890.1.5 .8.55.27.2.1 1.3.6.1.4.1.8 90.1.5.8.56.27. 2.1 1.3.6.1.4.1.8 90.1.5.8.59.27. 2.1 1.3.6.1.4.1.8 90.1.5.8.60.27. 2.1 This trap is sent when intrusion lock occurs on a port.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 274 T a ble 113 SNMP InterfaceTraps OPTION OBJECT LABEL OBJECT ID DESCRIPTION linkup linkUp 1.3.6.1.6.3.1.1.5.4 This trap is sent when the Etherne t link is up. LinkDownEven tClear 1.3.6.1.4.1.890.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 275 T a ble 114 AAA Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION authentication authenticati onF ailure 1.3. 6.1.6.3.1.1.5 .5 This t rap is sent when authenticati on fails due to incorrect user name and/or password.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 276 T a ble 116 SNMP Switch Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION stp STPN ewRoot 1.3.6.1.2.1.17.0. 1 This trap is sent when t he STP root switch changes . MRSTPNewR oot 1.3.6.1.4.1.890.1.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 277 35.7.2 SSH Overview Unlike T elnet or F TP , which transmit data in clear text, SSH (Secure Shell) is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts ov er an unsecured network.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 278 2 Encryption Method Once the identification is verified, both the client and server must agree on the type of encryption method to use.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 279 2 HT TP connection requests from a we b browser go to port 80 (by default) on the S witch’ s WS (web server). Figure 181 HT TPS Implementation Note: If you disable HTTP in the Service Access Control screen, then the Switch blocks all HT TP connection attempts.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 280 When you attempt to access the Switch HT TPS server , a screen with the message "There is a problem with this websi te's security certificate.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 281 Click Install Certificate... and follow the on-screen instructions to install the certificate in your browser .
Chapter 35 Access Control GS2200-8/24 User’s Gui de 282 Mozilla Firefox W arning Messages When you attempt to access the Switch HTTPS server , a This Connecti on is Unstr ucted screen may display . If that is the case, click I Understand the Risks and then the Add Exception.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 283 Confirm the HT TPS serv er URL matches. Click Confirm Security Exception to proceed to the web configurator login screen.
Chapter 35 Access Control GS2200-8/24 User’s Gui de 284 Mozilla Firefox) or next to the address bar (in Internet Explorer 7 or 8) denotes a secure connection.
GS2200-8/24 User’s Gui de 285 C HAPTER 36 Diagnostic 36.1 Overview This chapter explains the Diagnostic screen. Use the Diagnostic screen ( Section 36.2 on pa ge 285 ) to check system logs, ping IP addresses or perform port tests. 36.2 Diagnostic Click Management > Diagnostic in the navigation panel to open this screen.
Chapter 36 Diagnostic GS2200-8/24 User’s Gui de 286 IP Ping T ype the IP address of a device that you want to ping in orde r to test a conn ection. Click Ping to have the Switch ping the IP address (in the fi eld to the left). Ethernet Port T est Ente r a port number and click Port Test to perform an internal loopback test.
GS2200-8/24 User’s Gui de 287 C HAPTER 37 Syslog 37.1 Overview This chapter explains the syslog screens. The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server .
Chapter 37 Syslog GS2200-8/24 User’s Gui de 288 Click Management > Syslog in the navigation panel to display this screen. The syslog feature sends logs to an external syslog server . Figure 190 Management > Syslog The following table describes the labels in this screen.
Chapter 37 Syslog GS2200-8/24 User’s Gui de 289 37.3 Syslog Server Setup Click Management > Syslog > Syslog Server Setup to view the screen as shown next. Use this screen to configure a list of external syslog servers. Figure 191 Management > Syslog > S yslog Server Setup The following table describes the labels in this screen.
GS2200-8/24 User’s Gui de 290 C HAPTER 38 Cluster Management 38.1 Overview This chapter introduces cluster management. Cluster Management allows y ou to manage switches through one S witch, called the cluster manager . The switches must be directly connected an d be in the same VL AN group so as to be able to communicate with one another .
Chapter 38 Cluster Management GS2200-8/24 User’s Gui de 291 38.1.1 What Y ou Can Do •U s e t h e Cluster Management screen ( Section 38.2 on page 291 ) to view the role of the Switch within the cluster and to access a cluster member switch’ s web configurator .
Chapter 38 Cluster Ma nagement GS2200-8/24 User’s Gui de 292 38.3 Clustering Management Configuration Use this screen to configure clustering management.
Chapter 38 Cluster Management GS2200-8/24 User’s Gui de 293 The following table describes the labels in this screen. T a ble 123 Management > Cluster Management > Configuration LABEL DESCRIPTION Clustering M anager Active Select Activ e to have this S witch become the c l uster manager swit ch.
Chapter 38 Cluster Ma nagement GS2200-8/24 User’s Gui de 294 38.4 T echnical Reference This section provides technical background information on the topics discussed in this chapter .
Chapter 38 Cluster Management GS2200-8/24 User’s Gui de 295 38.4.1.1 Uploading Firmware to a Cluster Member Switch Y o u can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example.
GS2200-8/24 User’s Gui de 296 C HAPTER 39 MAC Table 39.1 Overview This chapter introduces the MAC Table screen. The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the Switch’ s ports.
Chapter 39 MAC Table GS2200-8/24 User’s Gui de 297 • If the Switch has already learned th e port for th is MAC address, but the destination port is the same as the port it came in on, then it filters the frame. Figure 197 MAC T able Flowchart 39.2 V iewing the MAC T able Use this screen to check whether the MAC address is dynamic or static.
Chapter 39 MAC Table GS2200-8/24 User’s Gui de 298 The following table describes the labels in this screen. T a ble 125 Management > MAC Table LABEL DESCRIPTION Condition Select on e of the button s and click Search to only disp lay the data which mat ches the criteria you spec ified.
GS2200-8/24 User’s Gui de 299 C HAPTER 40 ARP Table 40.1 Overview This chapter introduces ARP T able. Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also kn own as a Media Access Control or MAC address, on the local area network.
Chapter 40 ARP Table GS2200-8/24 User’s Gui de 300 Click Management > ARP Table in the navigation panel to open the following screen. Figure 199 Management > ARP T able The following table describes the labels in this screen.
GS2200-8/24 User’s Gui de 301 C HAPTER 41 Configure Clone 41.1 Overview This chapter shows you how you can copy the settings of one port onto other ports. 41.2 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports.
Chapter 41 Configure C lone GS2200-8/24 User’s Gui de 302 The following table describes the labels in this screen. T a ble 127 Management > Configure Clone LABEL DESCRIPTION Sourc e/ Destinat ion Port Enter the source port under the Source label .
GS2200-8/24 User’s Gui de 303 C HAPTER 42 Troubleshooting This chapter offers some suggestions to solve problems you might encounter . The potential problems are divided into the following categories. • Po wer , Hardware Connections, and LEDs • Switch Access and Login • Switch Configur ation 42.
Chapter 42 Troubleshootin g GS2200-8/24 User’s Gui de 304 4 Disconnect and re-connect the power adaptor or cord to the Switch. 5 If the problem continues, contact the v e ndor . 42.2 Switch Access and Login I forgot the IP address for the Switch. 1 The default IP address is 192.
Chapter 42 Troubleshoo ting GS2200-8/24 User’s Gui de 305 6 If the problem continues, contact the v e ndor , or try one of the advanced suggestions. Advanced Suggestions • T ry to access the Switch using another service, such as T elnet.
Chapter 42 Troubleshootin g GS2200-8/24 User’s Gui de 306 Click the Display button in the System Log field in the Management > Diagnostic screen to check for unauthorized access to y our Switch.
GS2200-8/24 User’s Gui de 307 C HAPTER 43 Product Specifications The following tables summarize the S witch’ s hardware and firmware features. T a ble 128 Hardware Specifications SPECIFICATION DESCRIPTION Dimensions Desktop design • GS2200-8 : 250*148 *44.
Chapter 43 Product Specifications GS2200-8/24 User’s Gui de 308 Interfaces GS2200-8: 8 100/1000BASE- T GS2200-8HP: 8 100/1000BASE- T PoE GS2200-24: 24 100/100 0BASE- T GS2200-24P: 24 100/1000 BASE- .
Chapter 43 Product Specificati ons GS2200-8/24 User’s Gui de 309 Number of Login Accounts Configur able on the Switch 4 m a nage ment accounts con f igured on the Switch.
Chapter 43 Product Specifications GS2200-8/24 User’s Gui de 310 Port Authenticati on and Securi ty For security , the Switch allows aut hen tication us ing IEEE 802.
Chapter 43 Product Specificati ons GS2200-8/24 User’s Gui de 31 1 STP IEEE 802.1w Rapid Spanni ng T ree Protocol (RSTP) Multiple Rapid Spanning T ree capability IEEE 802.
Chapter 43 Product Specifications GS2200-8/24 User’s Gui de 312 The following list, which is not exhaustive, illu strates the standards supported in the Switch. Security Static MAC address filtering Static MAC address forwarding MAC Freeze IEEE 802.
Chapter 43 Product Specificati ons GS2200-8/24 User’s Gui de 313 RFC 1757 RMON RFC 1901 SNMPv2c Simple Network Management Protocol version 2c RFC 2138 RADIUS (Remote Authenticati on D ial In User Service) RFC 2233 ifVHCPacketGroup RFC 2236 Internet Group Mana gement Protocol, V ersion 2.
Chapter 43 Product Specifications GS2200-8/24 User’s Gui de 314.
GS2200-8/24 User’s Gui de 315 A PPENDIX A Changing a Fuse This appendix shows you how to remov e and install fuses for the Switch. If you use a fuse other than an incl uded fuse, make sure it matches the fuse specifications in the chap ter on product specifications.
Appendix A Changing a Fuse GS2200-8/24 User’s Gui de 316.
GS2200-8/24 User’s Gui de 317 A PPENDIX B Common Services The following table lists some commonly-used services and their associated protocols and port numbers. For a comprehensive list of port number s, ICMP type/code numbers and services, visit the IANA (I nterne t Assigned Number Authority) web site.
Appendix B Common Services GS2200-8/24 User’s Gui de 318 HT TPS TCP 443 HTTPS is a secured http session o ften used in e - commerce. ICMP User- Defined 1 Internet Control Message Pr otocol is often used for diagnostic or routing purposes. ICQ UDP 4000 This is a popular In ternet chat progr am.
Appendix B Common Services GS2200-8/24 User’s Gui de 319 SQL -NET TCP 1521 Structured Query L anguage is an in terface to access data on many different ty pes of data base systems, including mainframes, midrange systems, UNIX systems and network servers.
Appendix B Common Services GS2200-8/24 User’s Gui de 320.
GS2200-8/24 User’s Gui de 321 A PPENDIX C Legal Information Copyright Copyright © 2011 by Z yXEL Communications Corpor ation. Th e co n te n ts o f t h is p ub l ic a t io n m a y n o t b e re p r .
Appendix C Legal Informa tion GS2200-8/24 User’s Gui de 322 ZyXEL Limited W arranty Z yXEL warrants to the original e nd user (purchaser) th at this pr oduct is free from any defects in material or workmanship for a speci fic period (the Warranty P eri od) from the date of pur chase.
Index GS2200-8/24 User’s Gui de 323 Index Numbers 802.1P priority 76 A AAA 182 AAA (Authentication and Authorization) 182 access control limitations 261 login account 266 remote management 268 servi.
Index GS2200-8/24 User’s Gui de 324 cloning a port See port cloning cluster management 290 and switch passwords 293 cluster manager 290 , 293 cluster member 290 , 293 cluster member firmware upgr ad.
Index GS2200-8/24 User’s Gui de 325 F fan speed 68 FCC interference statement 321 file transfer using FTP command example 259 filename convention, configur ation configuration file names 259 filtering 107 rules 107 filtering database, MAC table 296 firmware 67 upgrade 257 , 295 flow control 76 back pressure 76 IEEE802.
Index GS2200-8/24 User’s Gui de 326 IP address 74 IP interface 73 IP setup 72 IP source guard 193 , 194 ARP inspection 194 , 213 DHCP snooping 194 , 21 1 static bindings 194 IP subnet mask 74 L L2PT.
Index GS2200-8/24 User’s Gui de 327 max age 121 hops 121 MDIX (Media Dependent Interface Crossover) 34 MIB and SNMP 270 supported MIBs 271 MIB (Management Information Base) 270 mirroring ports 134 m.
Index GS2200-8/24 User’s Gui de 328 MAC address learning 151 overview 151 setup 152 , 217 , 221 port setup 75 port status 61 port VLAN ID, see PVID 91 port VLAN trunking 85 port-based VLAN 96 all co.
Index GS2200-8/24 User’s Gui de 329 SNMP 270 agent 270 and MIB 270 and security 271 authentication 265 , 266 communities 263 management model 270 manager 270 MIB 271 network components 270 object va.
In d ex GS2200-8/24 User’s Gui de 330 temperature indicator 67 terminal emulation 33 time current 69 time zone 70 Time (RFC-868) 69 time server 69 time service protocol 69 format 69 trademarks 321 t.
Index GS2200-8/24 User’s Gui de 331 Z Z y NOS (Z yXEL Network Operating System) 259.
Index GS2200-8/24 User’s Gui de 332.
Un punto importante, dopo l’acquisto del dispositivo (o anche prima di acquisto) è quello di leggere il manuale. Dobbiamo farlo per diversi motivi semplici:
Se non hai ancora comprato il ZyXEL Communications GS2200-8/24 è un buon momento per familiarizzare con i dati di base del prodotto. Prime consultare le pagine iniziali del manuale d’uso, che si trova al di sopra. Dovresti trovare lì i dati tecnici più importanti del ZyXEL Communications GS2200-8/24 - in questo modo è possibile verificare se l’apparecchio soddisfa le tue esigenze. Esplorando le pagine segenti del manuali d’uso ZyXEL Communications GS2200-8/24 imparerai tutte le caratteristiche del prodotto e le informazioni sul suo funzionamento. Le informazioni sul ZyXEL Communications GS2200-8/24 ti aiuteranno sicuramente a prendere una decisione relativa all’acquisto.
In una situazione in cui hai già il ZyXEL Communications GS2200-8/24, ma non hai ancora letto il manuale d’uso, dovresti farlo per le ragioni sopra descritte. Saprai quindi se hai correttamente usato le funzioni disponibili, e se hai commesso errori che possono ridurre la durata di vita del ZyXEL Communications GS2200-8/24.
Tuttavia, uno dei ruoli più importanti per l’utente svolti dal manuale d’uso è quello di aiutare a risolvere i problemi con il ZyXEL Communications GS2200-8/24. Quasi sempre, ci troverai Troubleshooting, cioè i guasti più frequenti e malfunzionamenti del dispositivo ZyXEL Communications GS2200-8/24 insieme con le istruzioni su come risolverli. Anche se non si riesci a risolvere il problema, il manuale d’uso ti mostrerà il percorso di ulteriori procedimenti – il contatto con il centro servizio clienti o il servizio più vicino.