User Manual User Manual
Contents
1. 102 PV6 ACL 104 POE 105 NIHU E 107 Go 108 SEN 108 SMN 110 Parmer 111 oe ic tm 112 P 113 Storm Control 114 sT leui m 115 2 102 116 AO Dal Se CUNO EE NE 116 P 117 AuthenticatedHost n esvnssvsernsiesnnessne 119 RU SEN av 120 dicc 122 Sr SE devo ndRrtal Ennii eU Dru IUAENR 122 TERESE mem 123 ESN E E A 124 EE Eee EE 125 PSN 126 DO m 12 Global Settings 127 PSN 129 eat eana 130 FS 130 MI m 131 EE N 131 acie 132 AA 133 EJA BE E E 134 History Log Table 135 Erro Um 136 GEN 138 MOC AOS ea EE EE 139 Remote GN 141 AGO ie D E NE 142 BET NOS EE EE 143 PENE ri 143 Ping Test Ping Test Settings 144 Pv6 Ping Test 145 MER 146 Chapter 3 Maintenance err 147 Maintenant NR TOUT 148 Upgrading Resetting nnns 149 Rebooting Logging Ne 150 FOT 151 Quick Reference Guide 152 FCC Interference Statement nenne 153 IC Interference 5tatemelfYLusnsosasotuisitoiibxivia ba tid 154 CE Interference Statement enne 155 Chapter 1 Product Overview LLLE 100 1000 Mbps EGS5212FP PoE Switch L1 Mode Link Act m Power2. 1 Disabled e Port Trunking 2 Disabled e LACP Settings LACP Timeout 3 S d Mirror Settings 4 Disabled e I w Disabled Click the Apply button to accept the changes or the gt LLDP Rowe d Cancel button amp to discard them gt IGMP Snooping 7 Disabled e MLD Snooping 8 Disabled e Jumbo Frame 88 VLAN da Management ACL d QoS P Security amp Monitoring Diagnostic s 36 LACP Settings LACP Settings lt L2 Feature Setting i _ System Priority 32768 1 65535 Assign a system priority to run with Link Aggregation LACP Setings Control Protocol LACP and is become for a backup link re St ui if a link goes down The lowest system priority is al MAC Aadress Tae lowed to make decisions about which ports it is actively IQ Smeg participating in in case a link goes down If two or more E ports have the same LACP port priority the port with the lowest physical port number will be selected as the backup port If a LAG already exists with the maximum number of allowed port members and LACP is subse quently enabled on another port using a higher priority Apply Click APPLY to update the the system settings than an existing member the newly configured port will replace the existing port member that has a lower priori ty A smaller number indicates a higher priority level The range is from 0 65535 and default is 32768 System Priority Enter the LACP priority value to the
3. Mirror Settings 4 STP Global Settings Root Bridge Port Settings CIST Instance Settings CIST Port Settings MST Instance Settings MST Port Settings MAC Address Table P LLDP b IGMP Snooping Displays the port role Shows each MST Bridge Port that is assigned a port role for each spanning tree Displays the state of the selected port b MLD Snooping 56 Port State Indicates the current STP state of a port If en abled the Port State determines what forwarding action is taken regarding traffic The possible port States are e Disabled STP is disabled on the port The port forwards traffic while learning MAC addresses e Blocking The port is blocked and cannot be used to forward traffic or learn MAC addresses e Listening The port is in listening mode The port cannot forward traffic or learn MAC addresses in this state e Learning The port is in learning mode The port cannot forward traffic However it can learn new MAC addresses e Forwarding The port is in forwarding mode The port can forward traffic and learn new MAC addresses in this state MST Port Settings MST Internal Path Internal Path Cost Oper Regional Internal Designated Internal Port Port Port ID Port Priority Cost Conf Root Bridge Root Cost Bridge Cost Role State 1 x 128 x 0 128 20000 128 20000 128 20000 128 200000 128 200000 128 128 200000 128 200000 e co sy on A N 128 20000 1
4. Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 Off 10000 have a maximum speed of 1000000 kilobits per second If the rate of broadcast traffic ingress on the interface increases beyond the configured threshold the traffic is dropped Click Apply to save the changes to the system Security 802 1X The IEEE 802 1X standard authentication uses the Radius Remote Authentication Dial In User Service protocol to validate users and provide a security Standard for network access control The user that wishes to be authenticated is called a supplicant The actual server doing the authentication typically a Radius server IS called the authentication server The mediating device such as a Switch is called the authenticator Clients connected to a port on the Switch must be authenticated by the Authentication Server Radius before accessing any services offered by the Switch on the LAN Use a
5. choose to Enable or Disable Fast Leave for the VLAN ID VLAN Settings System L2 Feature b gt Link Aggregation VLAN ID IGMP Snooping Status Fast Leave 1 Disabled Disabled v Q Mirror Settings STP bD MAC Address Table LLDP 4 IGMP Snooping Global Settings VLAN Settings Querier Settings 2 Disabled Disabled Group List Router Settings b MLD Snooping Jumbo Frame sis VLAN Management Click the Apply button to accept the changes or the Cancel button amp to discard them VLAN ID Displays the VLAN ID IGMP Snooping Status Enables or Disables the IGMP snooping feature for the specified VLAN ID Fast Leave Enables or Disables the IGMP snooping Fast Leave for the specified VLAN ID Enabling this feature allows the Switch to immediately remove the Layer 2 LAN port from its forwarding table entry upon receiving an IGMP leave message without first Sending out IGMP group specific GS queries to the port If Fast Leave is not used a multicast querier will send a GS query message when an IGMPv2 v3 group leave message is received The querier stops forwarding traffic for that group only if no host replies to the query within the specified timeout period If Fast Leave is enabled the Switch assumes that only one host is connected to the port Therefore Fast Leave should only be enabled on a port if it is connected to only one IGMP enabled device Fast Leave is su
6. Enter the name of SNMP community String Community Mode Selected Basic or Advance from the list Select the Advance attached to the SNMP group Select the SNMP group from a list Select the view name from a list Access Rights Specify the level of permission for the MIB objects accessible to the SNMP Your Click the Apply button to accept the changes or the choices are Read write or Read only Cancel button amp to discard them User List Privilege Mode Select No Auth Auth or Priv se curity level from the list Use the User List page to create SNMP users for authen No auth Neither authen anm tication nor the privacy securit tication with managers using SNMP v3 to associate them levels are ipn die eid to SNMP groups Click Add to add a new user e Auth and ensures that the origin of the SNMP message is authenticated e Priv Encrypts SNMP User List messages User ame Name Mode Protool Password Protocol Encryption Ke Authentication Protocol Select the method used to au iuil md ae thenticate users e MD5 Using the HMAC MD5 algorithm e SHA Using the HMAC SHA 96 authentication level Enter the SHA password and the HMAC SHA 96 password to be used for authentication Authentication Password Enter MD5 password and the HMAC MD5 96 password to be used for authentication Encryption Protocol Select the method used to au thenticate users e None No user authenti cat
7. Oper Interval 125 125 10 Max Response Interval Oper Max Response Interval Oper Last Oper Last Last Member Member Query Last Member Member Query Query Counter Counter Query Interval Interval lt Last Member Query Counter Enter the number of the opera tional last member querier Xu Oper Last Member Enter the number of IGMP MS Query Counter group specific queries sent before the Switch assumes there are no local members Last Member Displays the Operational Last Query Interval Member Query Interval sent by Click the Apply button to accept the changes or the the elected querier Cancel button to discard them Oper Last Member Enter the time between two Query Interval consecutive group specific que ries that are sent by the querier including those sent in response to leave group messages You might lower this interval to re duce the amount of time it takes a querier to detect the loss of the last member of a group 68 Group List The Group List displays VLAN ID Group IP Address and Members Port in the IGMP Snooping List Group List a System lt Feature VLAN ID Group IP Address Member Ports Link Aggregation Mirror Settings p SIP gt MAC Address Table P LLDP 4 GMP Snooping Global Settings VLAN Settings Querier Settings Group List Router Settings gt MLD Snooping Jumbo Frame ese VLAN Management ACL 69 Router Settings VLA
8. Searching Lee oe Class Output Voltage V gt Output Current mA EEE Energy Efficient Ethernet EEE an Institute of Electrical and Electronics Engineers IEEE 802 3a2 standard reduces the power consumption of physical layer devices during periods of low link utilization EEE saves energy by allowing PHY non essential circuits shut down when there is no traffic Network administrators have long focused on the energy efficiency of their infrastructure and the EnGenius Layer 2 Switch complies with the IEEE s Energy Efficient Ethernet EEE standard to give you even more control The EEE compliant Switch offers users the ability to utilize power that Ethernet links use only during data transmission Lower Power Idle LPI is the method for achieving the power saving during Ethernet idel time 33 Use the EEE Configuration page to configure Energy Efficient Ethernet Port Display the port for which the EEEE setting is displayed EEE Status Enable or Disable EEE for the specified port Click APPLY to update the system settings Energy Efficient Ethernet a System Summary Port EEE Status IP Settings m Disabled sym me E 1 Disabled Port Settings E 2 Disabled EH 3 Disabled 2 L Feature F 4 Disabled s r VLAN A 5 Disabled aa Management ACL E 6 Disabled E 7 Disabled Security Ll Monitoring L 2 Disabled Diagnostics 7 9 Disabled E 10 Disabled E 11
9. The Internal Path Cost setting allows Nc ea you to specify the relative cost of MEN 0 20000 sending spanning tree traffic through the interface to adjacent bridges within a spanning tree region Internal Path Cost Oper Displays the operation cost of the path from this bridge to the Root Bridge Regional Root Bridge This is the bridge identifier of the CST Regional Root It is made up us ing the bridge priority and the base MAC address of the bridge 55 Internal Root Cost Displays the path cost to the designated root for the selected MST instance Designated Bridge Internal Port Cost Port Role Port Role Port State Displays the Bridge Identifier of the bridge for the Designated Port It is made up using the bridge priority and the base MAC address of the bridge This parameter is set to represent the rel ative cost of forwarding packets to spec ified ports when an interface is selected within an STP instance Selecting this parameter with a value in the range of 1 to 200000000 will set the quickest route when a loop occurs A lower internal cost represents a quicker transmission Select ing O zero for this parameter will set the quickest optimal route automatically for an interface Each MST bridge port that is enabled is assigned a Port Role for each spanning tree The Port Role is one of the following values Root Designated Alternate Back up Master or Disabled
10. 32 Apply User Management Use the User Management page to control management access to the Switch based on manually configured user names and passwords User account can only view settings without the right to configure the Switch and an Admin account can configure all the functions of the Switch Click the Add button to add an account or the Edit button to edit an existing account User Management User Name Password Type Password Retype Privilege Type admin Encrypted Admin v 86 Enter a username You can use up to 18 alphanumeric characters Password Type Select Clear Text or Encrypted from the list Password Enter a new password for accessing the Switch Password Retype Repeat the new password used to access the Switch Privilege Type Select Admin or User from the list to regulate access rights User Management User Name Password Type Password Password Retype Privilege Type admin i Important Note that Admin users have full access rights to the Switch when determining the authority of the user account Encrypted Admin M v Q Click the Apply button to accept the changes or the Cancel button to discard them File Management Configuration Manager The File Management feature is used for saving your current configuration to a file on your computer or a TFTP server or to restore previously saved configuration
11. History Count Password Retry Count Select whether the Telnet Service is Enabled or Disabled t is enabled by default Enter the amount of time that elapses before the Telnet Service is timed out The default is 5 minutes The range is from 0 65535 minutes Enter the entry number for History of Telnet Service The default is 128 The range is from 0 256 Enter the number of password request send to Telnet Service The default is 3 The range is from 0 120 Silent Time Enter the silent time for Telnet Service The range is from 0 65535 seconds Click Apply to save the changes to the system 123 SSH Settings SSH Service Select whether SSH is Enabled or Disabled This is disabled by default Secure Shell SSH is a cryptographic network protocol Session Timeout Enter the amount of time that elapses ae l before the SSH Service is timed out The for secure data communication network services SSH is default is 5 minutes The range is from a way of accessing the command line interface on the 0 65535 minutes network Switch The traffic is encrypted so it is difficult History Count Enter the entry number for History of SSH to eavesdrop on as it creates a secure connection within Service The default is 128 The range is from 0 256 an insucure network such as the internet Even if an Password Retry Enter the number of password request sent attacker was able to view the traffic the data would be Count to t
12. Mirror Settings STP 4 MAC Address Table Static MAC Address Dynamic MAC Address P LLDP gt IGMP Snooping MLD Snooping Jumbo Frame VLAN Management Diagnostics To access the page click Static MAC Address under the L2 Feature tab Displays the index for the Static MAC Address table Select the port where the MAC address entered in the previous field will be automatically forwarded Enter the VLAN ID on which the IGMP snooping querier Is administratively enabled and for which the VLAN exists in the VLAN database MAC Address Enter a unicast MAC address for which the switch has forwarding or filtering information Click the Apply button to accept the changes or the Cancel button amp to discard them Dynamic MAC Address Displays the index for the Dynamic MAC Address table Select the port to which the entry refers The Switch will automatically learn the devices MAC _ VID address and store it to the Dynamic MAC address table If there is no packet received from the device within the aging time the Switch adopts an aging mechanism for updating the tables from which MAC address entries will be removed from related network devices The Dynamic MAC Address Table shows the MAC addresses and their associated VLANs learned on the selected port Displays the VLAN ID for the specified MAC address MAC Address Displays the MAC addresses that the Switch learned from a specific port Click the A
13. Select whether to Enable or Disable ingress traffic forwarding Session State Select whether to Enable or Disable port mir roring Mirror Settings System lt L2 Feature Session ID Destination Port gt Link Aggregation 1 1 gt IGMP Snooping Mirror Settings gt STP 2 N A b MAC Address Table 3 N A b LLDP 4 N A MLD Snooping Jumbo Frame VLAN Management ACL da QoS Security Source TX Port Source RX Port Ingress State Disable v Disabled Disabled Disabled NOTE You cannot mirror a faster port onto a slower port For example if you try to mirror the traffic from a 100 Mbps port onto a 10 Mbps port this can cause through put problems The port you are copying frames from Should always support an equal or lower speed than the port to which you are sending the copies Please note a target port and a source port cannot be the same port Click the Apply button to accept the changes or the Cancel button amp to discard them 40 Session State Disable Disabled Disabled Disabled STP The Spanning Tree Algorithm STA can be used to detect and disable network loops and to provide backup links between Switches This allows the Switch to interact with other bridging devices in your network to ensure that only one route exists between any two Stations on the network and provide backup links which automatically take over when a primary link goes down S
14. 4 e Low Sets the PoE priority level as low e Medium Sets the PoE priority level as medium e High Sets the PoE priority level as high e Critical Sets the PoE priority level as critical Class Auto Class User defined User Power Limit Shows the classification of the powered device The class defines the maximum power that can be provided to the powered device The possible field values are e Class 0 The maximum power level at the Power Sourcing Equipment is 15 4 Watts e Class 1 The maximum power level at the Power Sourcing Equipment is 4 0 Watts e Class 2 The maximum power level at the Power Sourcing Equipment is 7 0 Watts e Class 3 The maximum power level at the Power Sourcing Equipment is 15 4 Watts e Class 4 The maximum power level at the Power Sourcing Equipment is 30 Watts Select this option to base the power limit on the value configured in the User Power Limit field Sets the maximum amount of power that can be delivered by a port Note The User Power Limit can only be implemented when the Class value is set to User Defined Status 31 Shows the port s PoE status The possible field values are e Delivering Power The device is enabled to deliver power via the port e Disabled The device is disabled for delivering power via the port e Test Fail The powered device test has failed For example a port could not be enabled and cannot
15. RADIUS server to authenticate users trying to access a network by relaying Extensible Authentication Protocol over LAN EAPOL packets between the Client and Server This establishes the requirements needed for a protocol between the authenticator the system that passes an authentication request to the authentication server and the supplicant the system that requests authentication as well as between the authenticator and the authentication server 115 Global Settings When a supplicant is connected to a Switch port the port issues an 802 1X authentication request to the attached the 802 1X supplicant The supplicant replies with the given username and password and an authentication request is then passed to a configured Radius server The authentication server s user database supports Extended Authentication Protocol EAP which allows particular guest VLAN memberships to be defined based on each individual user After authorization the port connected to the authenticated supplicant then becomes a member of the specified guest VLAN When the supplicant is successfully authenticated traffic is automatically assigned to the guest VLAN Select whether authentication is Enabled or Disabled on the Switch Guest VLAN Select whether Guest VLAN is Enabled or Disabled on the Switch The default is Disabled Guest VLAN ID Select the guest VLAN ID from the list of currently defined VLANs Global Settings tm System lt
16. Radius Is a server protocol that runs in the application layer using UDP as transport The Network Switch with port based authentication and all have a Radius client component that communicates with the Radius server Clients connected to a port on the Switch must be authenticated by the Authentication Server before accessing services offered by the Switch on the LAN Use a Radius server to authenticate users trying to access a network by relaying Extensible Authentication Protocol over LAN EAPOL packets between the Client and Server The Radius server maintains a user database which contains authentication information The Switch passes information to the configured Radius server which can authenticate a user name and password before authorizing use of the network 120 Radius Server Index Server IP Port 1812 Authorized Accounting Port 1813 Key String 3 Timeout Reply Displays the index for which RADIUS Server is displayed default port is 1812 this Switch Key String Enter the Key String used for encrypting all Radius communication between the device and the Radius server Timeout Reply Enter the amount of time the device waits for an answer from the Radius Server before Switching to the next server The default value Is 3 Retry Enter the number of transmitted requests sent to the Radius server before a failure occurs The default is 3 Server Priority Enter the priority for t
17. mi po adavky a dal mi p slu n mi ustanoven mi sm rnice 1999 5 ES mi Dansk Danish Undertegnede fabrikantens navn erkl rer herved at f lgende udstyr udstyrets typebetegnelse overholder de v sentlige krav og vrige relevante krav i direktiv 1999 5 EF Deutsch German Hiermit erkl rt Name des Herstellers dass sich das Ger t Ger tetyp in Ubereinstimmung mit den grundlegenden Anforderungen und den brigen einschl gigen Bestimmungen der Richtlinie 1999 5 EG befindet Eesti Estonian K esolevaga kinnitab tootja nimi name of manufacturer seadme seadme t p type of equipment vastavust direktiivi 1999 5 EU p hin uetele ja nimetatud direktiivist tulenevatele teistele asjakohastele s tetele English Hereby name of manufacturer declares that this type of equipment is in compliance with the essential requirements and other relevant provisions of Directive 1999 5 EC Espanol Spanish Por medio de la presente nombre del fabricante declara que el clase de equipo cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999 5 C E EMAnvikn Greek ME THN lIAPOY A name of manufacturer AHAONEI OTI type of equipment ZYMMOPQOONETAI MPO2 TI OY2IOAEI ANAITH2EIX KAI TIZ AOIFTEX 2XETIKED AIATA EIX TH OAHTIA gt 1999 5 EK 156 Par la pr sente nom du fabricant d clare que l appareil type d appareil est conforme aux exigences essentielles et a
18. output up to 30 Watts per port EGS7252FP Port 1 48 output up to 30 Watts per port Total PoE Budget EGS5212FP 130 Watts EGS7228P 185 Watts EGS7228FP 370 Watts EGS7252FP 740 Watts Performance Switching Capacity EGS5212FP 24Gbps EGS7228P EGS7228FP 56Gbps EGS7252FP 104Gbps Forwarding Mode Store and Forward Flash Memory 32MB SDRAM 256MB DDR3 MAC Address Table 8K Jumbo Frame 9K LED Indicators Device Power LED x1 Fault LED x1 PoE Max LED x1 RPS LED x1 EGS7228FP only LAN Mode LED x1 PoE Mode LED x1 Copper Ports LAN PoE Mode LED x 1 Link Act LED x 1 SFP Ports Link Act LED x 1 Environment amp Mechanical Temperature Range Operating 32 to 122 F 0 to 50 C Storage 40 to 158 F 40 to 70 C Humidity non condensing 5 95 L2 Features 802 3ad compatible Link Aggregation 802 1D Spanning Tree STP 802 1w Rapid Spanning Tree RSTP 802 1s Multiple Spanning Tree MSTP IGMP Snooping v1 v2 v3 MLD Snooping IGMP Fast Leave Port Trunking Port Mirroring One to one and many to one VLAN Group Voice VLAN Queue CoS based on 802 1 priority CoS based on physical port CoS based on TOS CoS based on DSCP BootP DHCP Client Firmware Burn Proot 802 1X Port based Access Control 802 1X Guest VLAN Port Security Port Isolation Storm Control Attack Prevention Access Control List ACL Telnet Server TFTP Client BootP DHCP Client Web based support SNMP v1 suppor
19. variable and comparing the value against Index Sample Port Sample Variable mn Sample Type ud S dar Rising Event Falling Event Owr the thresholds EE Lon M 1 E e Absolute Compares the values with the thresholds at the end of the sam pling interval e Delta Subtracts the last sampled value from the current value Event List Event Log Tabie Rising Threshold Enter the rising number that triggers the rising threshold alarm dm Falling Thresh Enter the falling number that triggers the old falling threshold alarm Rising Event Enter the event number by the falling alarm are reported Falling Event Enter the event number by the falling alarms are reported Owner Enter the Switch that defined the alarm 133 History List The RMON History List screen contains information about samples of data taken from the ports History List Index Sample Port Bucket Requested Interval Owner 1 Event List Event Log Table Alarm List History List History Log Table Statistics Enter the entry number for the History Log Table Sample Port Select the port from which the history sam ples were taken Bucket Requested Enter the number of samples to be saved The range Is from 1 50 Interval Enter the time that samples are taken from the ports The field range is from 1 3600 Enter the RMON user that requested the RMON i
20. 2 LAN port from its forwarding table entry upon receiving an MLD leave message without first sending out MAC based general queries to the port Select from the drop down list whether to Enable or Disable MLD Snooping Next select to Enable or Disable Fast Leave for the specified VLAN ID Click the Apply button to accept the changes or the Cancel button amp to discard them Group List The Group List displays VLAN ID IPv6 Address and Mem bers Port in the MLD Snooping List System lt L2 Feature Link Aggregation Mirror Settings b STP bP MAC Address Table P LLDP P IGMP Snooping 4 MLD Snooping Global Settings VLAN Settings Group List Router Settings Jumbo Frame sss VLAN M Management gt ACL QoS Group List VLAN ID IPv6 Address Member Ports 73 Router Settings VLAN ID Displays the VLAN ID Router Ports Au The Switch will automatically detect The Router Settings feature shows the learned multicast to learned the presence of a multicast router and router attached port if the port is active and a member of forward MLD packets accordingly Dynamic Port List Displays router ports that have been dynamically configured Forbidden Port List Designates a range of ports as being dis the VLAN Select the VLAN ID you would like to configure and enter the Static and Forbidden ports for the specified VLAN IDs that are utilizing MLD Snooping All MLD packets connected t
21. Add and enter the name of the new ACL IPv4 ACL System 2 12 Feature Index Name 32 VLAN char 1 32 aa Management z ACL MAC ACL MAC ACE IPv4 ACL IPv4 ACE IPve ACL IPve ACE AGL Binding dl QoS Security Ed Monitoring Diagnostics Index Displays the current number of ACLs Enter the IP based ACL name You can use up to 32 alphanumeric characters Click the Apply button to accept the changes or the Cancel button amp to discard them 101 IPv4 Based ACE Use this page to view and add rules to IPv4 based ACLs IPv4 Based ACE Prida ALE ALL Hama Sequence Ashen Protocol Grue P ddre Source IP Adda Valus Spares IP Virteard Vask Destination P Adii Destration IP Address Value Dastratien IP Hidang Mani Type ad Service Apply ACL Name Select the ACL from the list for which a rule is being created Enter the priority of the ACE ACEs with a Sequence higher priority are processed first 1 is the highest priority HP An CUP Cade AA Pirsa Sad from ME Use kinei e User Dinei lE TGP io maich Range 1a Airiga 1 m fr processed Protocol mg WERE anne for matching 18 fer no matching ren Da fer matching 1a for ac maschiag Rage G2 102 Select what action to take if a packet matches the criteria e Permit Forwards packets that meet the ACL criteria e Deny Drops packets that meet the ACL crite
22. Disable the IGMP querier state for the spec ified VLAN ID A querier can periodically ask their hosts if they wish to receive mul ticast traffic The Querier feature will check whether hosts wish to receive multicast traffic when enabled An Elected querier will assume the role of querying the LAN for group members and then propagates the service requests on to any upstream multicast Switch to ensure that it will continue to receive the multicast service This feature is only supported for IG MPv1 and v2 snooping Enter the version of IGMP packet that will be sent by this port If an IGMP packet received by the port has a version higher than the specified version this packet will be dropped Provides fine tuning to allow for expected packet loss on a subnet It is used in calculating the following IGMP message intervals The de fault is 2 Oper Interval Displays the IGMP Interval of the operational querier Max Response Interval Oper Max Response Interval Enter the maximum response time used in the queries that are sent by the snooping querier The default is 10 seconds Display the maximum response time which used in the queries that are sent by the snooping querier Q lt b gt STP bD MAC Address Table P LLDP 4 IGMP Snooping System L2 Feature Link Aggregation Mirror Settings Global Settings VLAN Settings Querier Settings Group List Router Settings p
23. Disabled E 12 Disabled L2 Features The L2 Feature tab exhibits complete standard based Layer 2 switching capabilities including Link Aggregation 802 1D single Spanning Tree Protocol 802 1w Rapid Spanning Tree Protocol 802 1s Multiple Spanning Tree Protocol MAC Address Table Internet Group Management Protocol IGMP Snooping Port Mirroring 802 1ab Link Layer Discovery Protocol LLDP and Multicast Listener Discovery MLD snooping Utilize these features to configure the Switch to your preferences 34 Link Aggregation A Link Aggregation Group LAG optimizes port usage by linking a group of ports together to form a single logical higher bandwidth link Aggregating ports multiplies the bandwidth and increases port flexibility for the Switch Link Aggregation is most commonly used to link a bandwidth intensive network device or devices such as a server to the backbone of a network The participating ports are called Members of a port trunk group Since all ports of the trunk group must be configured to operate in the same manner the configuration of the one port of the trunk group is applied to all ports of the trunk group Thus you will only need to configure one of any of the ports in a trunk group A specific data communication packet will always be transmitted over the same port in a trunk group This ensures the delivery of individual frames of a data communication packet will be received in the correct orde
24. Fault LAN Mode LED Mode PoEmax PoE Mode an 12 7 F Mode Link Act EnGenius EGS7228P PoE Switch Power Fault LAN Mode PoEmax PoE Mode 100 1000 Mbps EnGenius EGS7228FP PoE Switch Console Power RPS Fault LAN Mode PoE max PoE Mode LED Mode Um Al A Unk Act KG Ei EnGenius Mode Link Act EGS7252FP Console sea V 5 0 FY LED Mode Reset Introduction The EnGenius EGS series Layer 2 Switch is a device specially designed to support Access Points and IP Surveillance cameras VOIP phones and other PoE Capable devices as well as other Ethernet based networking equipment or computers The EGS Switch provides simple yet powerful PoE manageability with features such as IEEE 802 3af or IEEE 802 3at af ports PoE port management loopback detection and IGMP snooping Package Contents Your EGS Layer 2 Switch package will contain the following items e EnGenius Switch e Power Cord RJ45 Console Cable Rack Mount Kit Quick Installation Guide all items must be in package to issue a refund Maximum data rates are based on IEEE 802 3ab standards Actual throughput and range may vary depending on distance between devices or traffic and bandwidth load in the network Features and specifications subject to change without notice Trademarks and registered trademarks are the property of their respective owners For United States of America Copyright 02014 EnGenius
25. ID to which the PVID tag is assigned Configure the PVID to assign untagged or tagged frames received on the selected port PVID Enter the PVID value The range Is from 1 4094 Accept Type Select Tagged Only and Untagged Only from the list e Tagged Only The port discards any untagged frames it s receives The port only accepts tagged frames e Untagged Only Only untagged frames received on the port are accepted e All The port accepts both tagged and untagged frames Ingress Filtering Specify how you wish the port to handle tagged frames Select Enabled or Disabled from the list e Enabled tagged frames are discarded if VID does not match the PVID of the port e Disabled All frames are forwarded in accordance with the IEEE 802 10 VLAN Click APPLY to update the the system settings 80 transfer the authority of the Switch The Management VLAN allows users to transfer the authority of the Switch from the default VLAN to other VLAN IDs By default the active management VLAN ID is 1 which allows an IP connection to be established through any port When the management VLAN is set to a different VLAN connectivity through the existing management VLAN is lost and an IP connection can be made only through a port that is part of the management VLAN It is also mandatory that the port VLAN ID PVID of the port to be connected in that management VLAN be the same as the management VLAN ID Apply Click Apply to up
26. L2Feature 802 1x Global 2 VL AN amp Management State Enabled Disabled m Guest VLAN Enabled 5 Qos Guest VLAN ID 2 Security 802 1x Global Settings Port Settings Authenticated Host Radius Server Access Port Security DoS Ll Monitoring Diagnostics Click Apply to save the changes to the system 116 Port Settings Port Displays the ports for which the 802 1X information is displayed The IEEE 802 1X port based authentication provides a Select the Auto or Force UnAuthorized security standard for network access control with Radius or Force Authorized mode from the list servers and holds a network port disconnected until Re authentication Select whether port reauthenticati on is Enabled or Disabled authentication is completed With 802 1X port based p l Re authentication Enter the time span in which the selected authentication the supplicant provides the required period port is reauthenticated The default is credentials such as user name password or digital 3600 seconds certificate to the authenticator and the authenticator Quiet Period Enter the number of the device that forwards the credentials to the authentication server remains In the quiet state following a MP n failed authentication exchange The for verification to the guest VLAN If the authentication detenitis cO seconds server determines the credentials are valid the Supplicant Period Enter the amount
27. Port Statistics section displays a summary of all port on the port traffic statistics regarding the monitoring features on on the port Por Rye RXUesst RXNUcast RXDisard TXBye TiUesst TXNUcast TXDiscard RXMcast RXBcast c the port 0 TCR ted on port ted on the port nca eiu as ai I carded on the port o o x3 m on the port EM ceived on the port mitted on the port mitted on the port 0 0 0 0 0 0 293607120 7291361 4435 2316208986 3834166 185525 20691036 120320 31 49476661 120830 183638 24734298 112303 4 54290926 112872 188385 0 0 0 27267088 177326 1159 143035443 578577 1456 o co s e cn A wo N 3757050220 8399854 58453 1247136382 6120385 129946 T 10 27227869 81460 498 57554662 76631 187898 130 RMON Index Enterthe entry number for Event Event Type Select the event type Remote Network Monitoring or RMON is used for sup e Log The event is a log entry t monitoring and protocol analysis of LANS by en ENE sc nee por B p y y Log amp Trap The event is both a log abling various network monitors and console systems to entry and a trap exchange network monitoring data through the Switch Enter the community to which the event bel ogs Description Displays the number of good broadcast pack Event List ets received on the interface Last Time Sent Displays the time that event occurred Owner Enter the switch that defined the The Event List defines R
28. QoS enables traffic to be prioritized while avoiding excessive broadcast and multicast traffic Traffic such as Voice and Video streaming which require minimal delays can be assigned to a high priority queue while other traffic can be assigned to a lower priority queue resulting in uninterrupted actions Without QoS all traffic data is as likely to be dropped when the network is congested This can result in reductions in network performance and hinder the network in time critical situations In a Switch multiple queues per port are often provided to give preference to certain packets over others based on user defined criteria When a packet is queued for transmission within a port the rate at which it is processed depends on how the queue is configured and the amount of traffic present within other queues on the port If a delay is necessary packets are held in the queue until they are authorized for transmission Global Settings There are two options for applying QoS information onto packets the 802 1p Class of Service CoS priority field within the VLAN tag of tagged Ethernet frames and Dif ferentiated Services DiffServ Code Point DSCP Each port on the Switch can be configured to trust one of the packet fields 802 1p DSCP or DSCP 802 1p Packets that enter the Switch s port may carry no QoS informa tion as well If so the Switch places such information into the packets before transmitting them to the next node Thus
29. QoS information is preserved between nodes within the network and the nodes know which label to give each packet A trusted field must exist in the packet for the mapping table to be of any use When a port is configured as untrusted it does not trust any incoming packet priority designations and uses the port default priority value instead to process the packet 108 System 12 Feature Qos Global ts VLAN State Select whether QoS is enabled or disabled Global Settings on the switch Scheduling Method amp Management State Enabled Disabled Selects the Strict Priority or WRR to specify the traffic scheduling method AETI Global Settings Trust Mode e Strict Priority Specifies traffic Seas scheduling based strictly on the queue Port Stings Apply priority 5 Security e WRR Use the Weighted qu Round Robin WRR algorithm to handle packets in priority classes of service It assigns WRR weights to queues Trust Mode Select which packet fields to use for clas sifying packets entering the Switch Click Apply to save the changes to the system e DSCP Classify traffic based on the DSCP Differentiated Services Code Point tag value e 1p Classify traffic based on the 802 1p The eight priority tags that are specified in IEEE802 qp are from 1 to 8 109 CoS Mapping CoS Class of Service Displays the CoS priority tag values where O is the lowest and 7 is the
30. also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain VLANs also improve security by limiting traffic to specific broadcast domains 76 802 1Q Each VLAN in a network has an associated VLAN ID which appears in the IEEE 802 10 tag in the Layer 2 header of packets transmitted on a VLAN The IEEE802 1Q Specification establishes a standard method for tagging Ethernet frames with VLAN membership information The key for IEEE802 10 to perform its functions is in its tags 802 1Q compliant Switch ports can be configured to transmit tagged or untagged frames A tag field containing VLAN information can be inserted into an Ethernet frame When using 802 10 VLAN configuration you configure ports to be a part of a VLAN group When a port receives data tagged for a VLAN group the data is discarded unless the port is a member of the VLAN group 802 1Q Enabled Enables 802 1Q VLANs This feature is enabled by default VID Displays the VLAN ID for which the network policy is defined The range of the VLAN ID is from 1 494 Enter the VLAN name You can use up to 32 alphanumeric characters Tagged Port Frames transmitted from this port are tagged with the VLAN ID Untagged Port Frames transmitted from this port are untagged i Important Port based VLAN and 802 1Q VLAN are mutually exclusive If you enable port based VLAN then 802 10 VLAN is disabled Note
31. and a manager An agent translates the local management information from the managed Switch into a form that Is compatible with SNMP SNMP allows a manager and agents to communicate with each other for the purpose of accessing Management Information Bases MIBs SNMP uses an extensible design where the available information is defined by MIBs MIBs describe the structure of the management data of a device subsystem they use a hierarchical namespace containing Object Identifiers OID Each OID identifies a variable that can be read or set via SNMP 89 The manager is the console through which network ad ministrators perform network management functions Several versions of SNMP are supported They are v1 vec and v3 SNMPv1 which is defined in RFC 1157 A Simple Network Management Protocol SNMP is a stan dard that defines how communication occurs between SNMP capable devices and specifies the SNMP message types Version 1 is the simplest and most basic of ver sions There may be times where it s required to support older hardware SNMPv2c which is defined in RFC 1901 Introduction to Community Based SNMPv2 RFC 1905 Protocol Operations for Version 2 of the Simple Network Management Protocol SNMPv2 and RFC 1906 Trans port Mappings for Version 2 of the Simple Network Man agement Protocol SNMPv2 SNMPv2c updates protocol operations by introducing a GetBulk request and authen tication based on community names Ve
32. for the slower legacy STP RSTP is also incorporated into MSTP With STP convergence can take up to a minute to complete in a larger network This can result in the loss of communication between various parts of the network during the convergence process so STP can subsequent ly can lose data packets during transmission RSTP on the other hand is much faster than STP It can complete a convergence in seconds So It greatly dimin ishes the possible impact the process can have on your network compared to STP RSTP reduces the number of State changes before active ports start learning pre defining an alternate route that can be used when a node or port fails and retain the forwarding database for ports insensitive to changes in the tree structure when reconfiguration occurs Select whether to Enable or Disable the Spanning Tree function for the Switch Next select whether you wish to enable STP RSTP or MSTP Again please note that only one Spanning tree function can be active at a time Apply Click APPLY to update the the system settings 44 Root Bridge The Root Bridge serves as an administrative point for all Spanning Tree calculations to determine which redundant links to block in order to prevent network loops From here you can view all the information regarding the Root Bridge within the STP All other decisions in a spanning tree network such as ports being blocked and ports being put in a forwarding mode are mad
33. from the port A Switch supporting IGMP Snooping can passively snoop on IGMP Query Report and Leave packets transferred between IP Multicast Switches and IP Multicast hosts to determine the IP Multicast group membership IGMP Snooping checks IGMP packets passing through the network and configures Multicasting accordingly Based on the IGMP query and report messages the Switch forwards traffic only to the ports that request the multicast traffic It enables the Switch to forward packets of multicast groups to those ports that have validated host nodes The Switch 64 can also limit flooding of traffic to IGMP designated ports This improves network performance by restricting the multicast packets only to Switch ports where host nodes are located IGMP Snooping significantly reduces overall Multicast traffic passing through your Switch Without IGMP Snooping Multicast traffic is treated in the Same manner as a Broadcast transmission which forwards packets to all ports on the network Defined in RFC 1112 An explicit join message is sent to the Switch but a timeout is used to determine when hosts leave a group Defined in RFC 2236 Adds an explicit leave message to the join message so that Switch can more easily determine when a group has no interested listeners on a LAN IGMPv3 Defined in RFC 3376 Support for a single source of content for a multicast group Global Settings Status Select to Enable or Disable IGMP Snoopin
34. identifies the MSTI Multi Name ple Spanning Tree Instance Enter a descrip tive name up to 32 characters for an MST region The default is the MAC address name of the device running MSTP 1 32768 0 54 MST Port Settings MST ID Displays the ID of the MST group that is created A maximum of 15 This page displays the current MSTI configuration groups can be set for the Switch information for the Switch From here you can update Displays port or trunked port ID the port configuration for an MSTI ID If a loop occurs Select the bridge priority value for the MSTP function will use the port priority to select me cde wt Gah dd n an interface to put into the forwarding state Seta priority After exchanging BPDUS higher priority value for ports you wish to be selected the Switch with the lowest priority for forwarding first In instances where the priority cia dd rat ae value is identical the MSTP function will implement the If you specify a priority that is not lowest MAC address into the forwarding state and other a multiple of 4096 the priority is interfaces will be blocked Note that a lower priority eee art set s ee l EE l riori at Is a multiple o values mean higher priorities for forwarding packets LS lad if you ka the priority to any value from O through 4095 the priority is set to 0 The default priority is 32768 The valid range is MST Port Settings from 0 614490 FEE MM mE Led ce oL Internal Path Cost Conf
35. network devices have a different IP address every time the device connects to the network i Important If the device fails to retrieve an IP address through DHCP the default IP address is 192 168 0 239 and the factory default subnet mask Is 255 255 255 0 To access the page click IPv4 under IP Settings in the System menu Dynamic IP Address DHCP Static IP Address IP Address Subnet Mask Enables the IP address to be configured automatically by the DHCP server Select this option if you have a DHCP server that can assign the Switch an IP address subnet mask default gateway IP address and a domain name server IP address automatically Selecting this field disables the IP Address Subnet mask and Gateway fields Allows the entry of an IP address subnet mask and a default gateway for the Switch Select this option if you don t have a DHCP server or if you wish to assign a static IP address to the Switch This field allows the entry of an IPv4 address to be assigned to this IP interface Enter the IP address of your Switch in dotted decimal notation The factory default value is 192 168 0 239 A Bitmask that determines the extent of the subnet that the Switch is on This should be labeled in the form XXX XXX XXX XXxX where each XXX is a number represented in decimals between O and 255 The value should be 255 0 0 0 for a Class A network 255 255 0 0 for a Class B network and 255 255 255 0 fo
36. non condensing 330 x 230 x 440 x 260 x 440 x 310 x 440 x 410 x 44mm 44mm 44mm 44mm 13x9x 1 73 VER 10 2 x VER 12 2 X EPER 16 1 x inches 3 inches 3 inches 3 inches A WARNING B This switch should be connected only to PoE networks without routing to the outside plant 152 Appendix A Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures e Reorient or relocate the receiving antenna e Increase the separation between the equipment and receiver e Connect the equipment into an outlet on a circuit different from that to which the receiver is connected e Consult the dealer or an experienced radio TV technician for help WARNING 4t Any changes or mod
37. opreme v skladu z bistvenimi zahtevami in ostalimi relevantnimi dolocili direktive 1999 5 E9 Meno v robcu t mto vyhlasuje Ze typ zariadenia spl a z kladn po iadavky a v etky pr slu n ustanovenia Smernice 1999 5 ES Valmistaja manufacturer vakuuttaa t ten ett type of equipment laitteen tyyppimerkint tyyppinen laite on direktiivin 1999 5 EY oleellisten vaatimusten ja sit koskevien direktiivin muiden ehtojen mukainen H rmed intygar f retag att denna utrustningstyp st r verensst mmelse med de v sentliga egenskapskrav och vriga relevanta best mmelser som framg r av direktiv 1999 5 EG 157
38. priority or path cost for ports of the same media type to switch are the same the port with or the highest priority i e lowest indicate a preferred path or Edge Port to indicate if the value will be configured as an active attached device can support fast forwarding or link type link in the Spanning Tree This makes to indicate a point to point connection or shared media a port with higher priority less likely to be blocked if the Spanning Tree connection Algorithm is detecting network loops When more than one port is assigned the highest priority the port with lowest numeric identifier CIST Port Settings z will be enabled The range is from Ec em 0 240 in steps of 16 and the Ns soe piel ee ee eee eee oe EDS default is 128 mE Internal Path Cost Conf The Internal Path Cost setting Root Brage cL a o OR allows you to specify the relative crown COMMENTI EE Me 0 EE cost of sending spanning tree traffic E ME MEGA dt MILL LL A through the interface to adjacent eres itane EEE OSUNIUOHONBSGNURSURUSUUUR EAD bridges within a spanning tree IS one region NG mm eg eg sett Internal Path Cost Oper The External Path Cost setting is Jumbo Frame PTR a TNT used to calculate the cost of sending gt I we o zm o soo 00 o 000 o em spanning tree traffic through the interface to reach an adjacent spanning tree region The spanning tree algorithm tries to minimize the t
39. system The default is 32768 and the range is from 1 65535 3 LACP Timeout Link Aggregation Control Protocol LACP allows the exchange of information with regard to the link aggregation between two members of aggregation The LACP Time Out value is measured in a periodic interval Check first whether the port in the trunk group is up When the interval expires it will be removed from the trunk Set a Short Timeout one second for busy trunked links to ensure that disabled ports are removed from the trunk group as soon as possible The default value for LACP time out is Long Timeout LACP Timeout e System 2 L2 Feature Port Timeout 4 Link Aggregation Long Timeout Port Trunking LACP Settings LACP Timeout Long Timeout Long Timeout Mirror Settings Long Timeout STP P MAC Address Table P LLDP b gt IGMP Snooping Long Timeout Long Timeout Long Timeout gt MLD Snooping Long Timeout Jumbo Frame VLAN Long Timeout co co N e en 4 w N Management Long Timeout ACL 4 QoS Long Timeout Long Timeout 38 Timeout Select the administrative LACP timeout e Long Long timeout value e Short Short timeout value Long The LACP PDU will be sent for every 30 seconds and the LACP timeout value is 90 seconds Short The LACP PDU will be sent every second The timeout value is 3 seconds Apply Cli
40. the same topology requirements into one Multiple Spanning Tree Instance Click the Edit button to configure the MST settings Next MSTI MSTP then builds an Internal Spanning Tree enter information for the VLAN List and choose the IST for the region containing commonly configured priority you wish to use from the drop down list MSTP bridges Instances are not supported in STP or RSTP Instead they have the same spanning tree in common within the VLAN MSTP provides the capability to logically divide a Layer 2 network into regions Every NVE region can contain multiple instances of spanning trees wesss a LAE In MSTP all of the interconnected bridges that havethe s 7 z H same MSTP configuration comprise an MST region e mE in A Common Spanning Tree CST interconnects all T EE adjacent MST Regions and acts as a virtual bridge node wen p um z 12 32768 zf 0 ME for communications between STP or RSTP nodes in the global network MSTP connects all bridges and LAN segments with a single Common and Internal Spanning Tree CIST The CIST is formed as a result of the running spanning tree algorithm between Switches that support STP RSTP and MSTP protocols Once you specify the VLANs you wish to include in a Multiple Spanning Tree Instance MSTI the protocol will automatically build an MSTI tree to maintain connectivity among each of the 23 Configuration This value along with the Con
41. time Enable SNTP Select whether to Enable or Use the System Time screen to view and adjust date and Disable the SNTP server The system time is set via an SNTP time settings ayer Time Zone Select the difference between The Switch supports Simple Network Time Protocol Greenwich Mean Time GMT SNTP SNTP assures accurate network device clock and local time l ranis h d Ti Daylight Savings Time Select between Recurring or time PE PN up to the millisecond Time Non recurring synchronization is performed by a network SNTP server Daylight Savings Time Offset Enter the time of Daylight This software operates only as an SNTP client and savings Time Offset cannot provide time services to other systems Recurring To Select the Day Week Month and Hour from the list System Time SNTP NTP Server Address Enter the SNTP or NTP sever IP TN address or hostname Recurring From Select the Day Week Month and Hour from the list IP Settings pes ares eS EN Server Port Displays the time sever port Port Settings Enable SNTP Enabled J Disabled b PoE Time Zone Setbytime GMT 8 x O0 x Daylight Savings Time Recurring Daylight Savings Time 60 Offset 1 1440 Minutes Recurring From Day Sun Week 2 Month 5 vj Hours 2 v Minutes 0 x Recurring To Day
42. 0 128 1 1 1 1 1 1 1 1 1 1 200000 1 eo eo eo e e e eo e e e e 20000 11 128 200000 Apply Click APPLY to update the the system settings MAC Address Table The MAC address table contains address information that the Switch uses to forward traffic between the inbound and outbound ports All MAC addresses in the address table are associated with one or more ports When the Switch receives traffic on a port it searches the Ethernet switching table for the MAC address of the destination If the MAC address is not found the traffic is flooded out all of the other ports associated with the VLAN All of the MAC address that the Switch learns by monitoring traffic are stored in the Dynamic address A Static address allows you to manually enter a MAC address to configure a specific port and VLAN Static MAC Address The address table lists the destination MAC address the associated VLAN ID and port number associated with the address When you specify a Static MAC address you are set the MAC address to a VLAN and a port thus it makes an entry into its forwarding table These entries are then used to forward packets through the Switch Static MAC addresses along with the Switch s port security allow only devices in the MAC address table on a port to access the Switch 5 Static MAC Address System lt L2 Feature b Link Aggregation Index Port VID MAC Address
43. 3 and 6 EGS5212FP Ports 1 8 supports both IEEE802 3 af and at The maximum power budget is 130 Watts EGS7228P Ports 1 24 supports both IEEE802 3 af and at The maximum power budget is 185 Watts EGS7228FP Ports 1 24 supports both IEEE802 3 af and at The maximum power budget is 370 Watts and 720 Watts when you are using the EnGenius RPS370 external redundant power supply EGS7252FP Ports 1 48 supports both IEEE802 3 af and at The maximum power budget is 740 Watts To access the page click PoE Port Settings under PoE in the System Menu To scroll click the arrow button at the top right of the screen 30 Displays the specific port for which PoE parameters are defined PoE parameters are assigned to the powered device that is connected to the selected port e Enable Enables the Device Discovery protocol and provides power to the device using the PoE module The Device Discovery Protocol lets the device discover powered devices attached to device interfaces and learns their classification e Disable Disables the Device Discovery protocol and halts the power supply delivering power to the device using the PoE module Select the port priority if the power supply is low The field default is Low For example if the power supply is running at 9996 usage and port 1 is prioritized as high but port 6 is prioritized as low port 1 is prioritized to receive power and port 6 may be denied power The possible field values are
44. 30 2 AUTH INITIALIZE Enabled 802 1x Global Settings A 4 Disabled Enabled 3600 60 30 2 AUTH INITIALIZE Enabled Port Settings T 5 Disabled Enabled 3600 60 30 2 AUTH INITIALIZE Enabled Mcd F6 Disabled Enabled 3600 60 30 2 AUTHLINITIALIZE Enabled Radius Server T 7 Disabled Enabled 3600 60 30 2 AUTH INITIALIZE Enabled gt Access Port Security E 8 Disabled Enabled 3600 60 30 2 AUTH INITIALIZE Enabled diese B9 Disabled Enabled 3600 60 30 2 AUTH INTALIZE Enabled L Monitoring T 10 Disabled Enabled 3600 60 30 2 AUTH INITIALIZE Enabled Diagnostics T 11 Disabled Enabled 3600 60 30 2 AUTH INITIALIZE Enabled Apply Click Apply to update the system settings 118 Authenticated Host The Authenticated Host section displays the authenticated User Name Port Session Time Authenticated Method and Mac Address EE Authenticated Host System Feature UserName Port Session Time ss VLAN HE Management ACL QoS Security 4 802 1x Global Settings Port Settings Authenticated Host Radius Server gt Access Port Security gt DoS Ll Monitoring Diagnostics 119 Authenticate Method Mac Address Radius Server Radius proxy servers are used for centralized administration Remote Authentication Dial In User Service RADIUS is a networking protocol that provides centralized Authentication Authorization and Accounting AAA management for users that connect and use a network service for greater convenience
45. 4 System Time 25 Pl Seven 27 POE POE PE humrer es 29 SO Ol MEU IIIT re 30 EG 33 FA SEE 34 SLIDE Ae Sle Medea 34 FELT 36 AP SNE 37 7 LACP TIMOut nmvererverververververversrrsvesvesventenverserverserverversersvensenvennn 38 MOr 0 S ani 39 SP 41 GODAI SEN 42 Spanning Tree LOODS uuecdonsiri mis riesci prb rri 43 ROOL BI 45 PSN 47 CIST Instance SN 49 EST PP 51 MST Instance Setting nnne 53 MST POT EN 55 MAIS TN 57 SAINTS 57 Dynamic MAC Address 58 SOLD ean ape EE 59 GODAI SEG 60 z Local NG 61 RENE Pre 62 IGMP Snooping enne 64 GN SEP 65 VEN MN 66 EE SU 67 AOU U a E E 69 KAT SEG 70 PD AS 60 5 RE 71 Global Settings 71 VEAN SN Te aiio EN 73 ROE SUG 74 Jumbo ac 75 VEAN OE 76 E028 0 EE EE m 6 PU 79 Management Ne 8 Voice VLAN seeeennnnnennnnnnnnnennnnnnnnnnnnnnnn nnne nnns 82 OD Al SEEUTIBS n aan HUN N BUND ATUE SUAE 82 USE 83 FSA 84 ME LG S SIRE BRETT 85 SSN nana 85 User Malla Ce Men Cnutnarinaservenannwenintaisnabiuninenioneins 86 File MN CIN NT 87 Configuration Manager eene 87 Dual 7 REREREE UMORE Praeter a a 88 SNP 89 d EE EEE 92 GN 93 Fo LIS Eiai 94 c IIS Ee P M ien 95 IrapSet rigs SNMP TFapS sosiietiimeniirdknidartii ri tierriot 96 1 98 S MAC BL oomen RUMPIT MAD UNUM 99 zu mig HE 100 i22 101 dU
46. 518 octets 1646639275 8242085 960 3528 Port Statistics 7 22783607 127978 11 20 4 RMON m Event List Event Log Table 24158530 112680 0 13136796 138371 219 236 Alarm List L 0 0 0 0 History List History Log Table Statistics 27287442 178704 1149 27 145889896 583202 767 726 oloi aj oao a ey mn 3008 on the port received on the port Octets packets received on the port 255 Octets packets received on the port Statistics are displayed that have occurred on the port 3830178858 8547484 7184 51840 e e e e e e e e e e e e e e e ce ce ce e e ce ce ce ce e ce ce e ce e ce ce ce ce e e e e e ce e e ce e e e ce e e e ce ce e e e ce P Log E b e 27252174 82332 175 323 Pkts of 256 to Displays the number of 256 to 511 byte 511 Octets packets received on the port Pkts of 512 to Displays the number of 512 to 1023 byte 1023 Octets packets received on the port Pkts of 1024 to Displays the number of 1024 to 1522 byte 1522 Octets packets received on port Octets Displays the sample number from which the statistic taken Pkts Displays the number of octets received on the port 136 Log The Syslog Protocol allows devices to send event notification messages in response to events faults or errors occurring on the platform as well as changes in configuration or other occurrences across an IP network to syslog servers It then collects the event messages providin
47. 7 Global Settings From here vou can Enable or Disable the Log settings for the Switch Global Settings Settings Logging Service amp Enabled 2 Disabled Apply Logging Use the radio buttons to enable or disable the Service system log Global Logs Select whether to Enable or Disable the Switch s global logs for Cache File and Server Log Apply Click APPLY to update the system settings 138 Local Logging From here you can discover the paths that a packet takes to a destination The Switch supports log output to two directions Flash and RAM The information stored in the systems Flash log will be lost after the Switch is rebooted or powered off whereas the information stored in the system s RAM will be kept effective even if the Switch is rebooted or powered off Target The method for saving the switch log to Flash RAM or both Log erased after reboot or power off Log stored in RAM Will only be erased after system reset Severity Level Refer to severity level table Logs with the selected severity level and all logs of greater severity are sent to the host For example if you select Error the logged messages include Error Critical Alert and Emergency un ALERT CRIT ERROR NOTICE INFO 139 Select Yes or No from the list If the device is not functioning properly an emergency log mes sage is saved to the specified logging location Select Yes or No from th
48. 93 Broadband Radio Access Networks BRAN 5 GHz high performance RLAN Harmonized EN covering essential requirements of article 3 2 of the R amp TTE Directive e EN 301 489 1 Electromagnetic compatibility and Radio Spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment and services Part 1 Common technical requirements e EN 301 489 17 Electromagnetic compatibility and Radio spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment and services Part 17 Specific conditions for 2 4 GHz wideband transmission systems and 5 GHz high performance RLAN equipment 155 This device is a SGHz wideband transmission system transceiver intended for use in all EU member states and EFTA countries except in France and Italy where restrictive use applies In Italy the end user should apply for a license at the national spectrum authorities in order to obtain authorization to use the device for setting up outdoor radio links and or for supplying public access to telecommunications and or network services This device may not be used for setting up outdoor radio links in France and in some areas the RF output power may be limited to 10 mW EIRP in the frequency range of 2454 2483 5 MHz For detailed information the end user should contact the national spectrum authority in France C 05600 Cesky Czech Jm no v robce t mto prohla uje Ze tento typ za zen je ve shod se z kladn
49. A packet received on a given port would be assigned that ports PVID and then be forwarded to the port that corresponded to the packet s destination address If the PVID of the port that received the packet Is different from the PVID of the port that is to transmit the packet the Switch will drop the packet Within the Switch different PVIDs mean different VLANs so VLAN identification based upon the PVIDs cannot create VLANs that extend outside a given Switch If no VLANs are defined on the Switch all ports are then assigned to a default VLAN with a PVID equal to 1 Note To enable PVID functionality the following requirements must be met e All ports must have a defined PVID e f noother value is specified the default VLAN PVID is used e f you wish to change the port s default PVID you must first create a VLAN that includes the port as a member System lt L2 Feature VLAN 802 1Q PVID Management VLAN Voice VLAN Management ACL da QoS Security LE Monitoring Diagnostics 79 PVID cn Accept Type ALL Tagged Only ALL ALL ALL ALL ALL ALL ALL ALL ALL ALL ALL ALL z Ingress Filtering Enabled f Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Displays the VLAN
50. Business Solutions EnGenius EGS5212FP 100 1000 Mbps PoE Switch Speed Console uink aet Power e Speed Fault LAN Mode M m PoE max m PoE Mode ee Reset D 17r EN 100 1000 Mb kg s EGS7228P me ua PoE Switch Speed e Console Link Aet Link Act Power LJ LJ speed speed Faut mm LAN Mode Unac Unya m PoEmax mm PoE Mode ML ven r 26r 22r 25r 127 FI EGS7228FP r 100 1000 Mbps PoE Switch Speed e M LJ Power RPS Speed Faut LAN Mode ry LED Mode Reset Linky Act PoEmax PoE Mode e 26r 23r fn BE AB EnGenius TE EGS7252FP 3 5 220008 lou i E 4 6 8 10 LED Mode Reset 2 IYA VAUYA VAI AMI sec ggg one pg EGS5212FP EGS7228P EGS7228FP EGS7252FP version 1 0 Layer 2 Managed PoE Switch IMPORTANT To install vour Switch please refer to the Quick Installation Guide included in the product packaging Table of Contents Chapter 1 Product Overview eene 6 Introduction Package CONTENTS cece 7 Technical HEIM re 8 Tes ae EE 11 Connecting a Redundant Power Supply 14 Management Interface 15 Connecting the Switch to a Network 16 Ve aS eU TORNA E FR TUN 18 Chapter 2 Management svvrrarnrnnrnasssnsnnnvvnvvnvnnrsnsssssnnnnnneren 19 System Search BE EE 20 SIPPING ER c1 xu re CC dL cc Pl 2
51. Diagnostics Interval in sec 1 1 5 Default 1 Size in bytes 56 8 5120 Default 56 Cable Diagnostics Ping Test IPv6 Ping Test Trace Route Result You can vary the test parameters by entering the data in the appropraite boxes To verify accuracy of the test it is reccomended that you run multiple tests in case of a test fault or user error IP address Enter the IPv6 address or the host name of the station you want the Switch to ping to Count Enter the number of pings to send The range is from 1 5 and the default is 1 Interval Enter the number of seconds between pings sent The range is from 1 5 and the default is 4 Enter the size of ping packet you wish to send The range is from 8 51 20 and the default is 56 Result Displays the ping test results Click Test to perform the ping tests 145 tion you wish the Switch to ping to The traceroute feature is used to discover the routes that E ME C packets take when traveling to their destination It will list Homes gno e Oen all the routers it passes through until it reaches its desti Result Displays the trace route results nation or fails to reach the destination and is discarded In testing it will tell you how long each hop from router to router takes via the trip time of the packets it sends and receives from each successive host in the route O System Click Test to initiate the trace route L2 Feature Trace Ro
52. Local Device Chassis ID Subtype Displays the chassis ID type l l Chassis ID Displays the chassis ID of the device LLDP devices must support chassis and port ID transmitting the LLDP frame advertisement as well as the system name system Displays the administratively assigned ID system description and system capability device name advertisements Here you can view detailed LLDP System Description Describes the device intamianontorthesnoenmis switch Capabilities Supported Describes the device functions Capabilities Enabled Describes the device functions Port ID Subtype Displays the port ID type Local Device gm System L2 Feature Information gt Link Aggregation Chassis ID Subtype MAC Address Mirror Settings gt SIP P MAC Address Table 4 LLDP Global Settings Chassis ID 88 DC 96 0E 0E 85 System Name EGS7228P System Description EnGenius EGS7228P Local Device Capabilities Supported Bridge Remote Device Capabilities Enabled Bridge gt IGMP Snooping Port ID Subtype Local gt MLD Snooping Jumbo Frame ss VLAN Management ACL dh QoS Security Ll Monitoring 61 Remote Device Displays the port l l Chassis ID Subtype Displays the chassis ID type LLDP devices must support chassis and port ID advertisement as well as the system name system Chassis ID armeen ID ID system description and system capability transmitting the LLDP advertisement
53. MON events on the Switch Svent Event List System Last Time lt 12 Feature Index Event Type Community Description Sent Owner sf VLAN T 1 SNMP Tra ublic 2 d Management j p 0 00 00 00 ACL DI Log M publi 12 e 4 QoS Security E Monitoring Port Statistics 4 RMON Event List Event Log Table Alarm List History List History Log Table Statistics b Log Diagnostics 131 Event Log Table Event Log Table ag the index of the Event Log from the From here vou can view specific Event logs for the Switch Choose an Event log you wish to view fromt he drop down list Click the Apply button to accept the changes or the Cancel button amp to discard them Event Log Table O System L Feature Select Event Index Management x ACL eta 205 Security El Monitoring Port Statistics 4 RMON Event List Event Log Table Alarm List History List History Log Table Statistics P Log B Diagnostics 132 Alarm List Enter the entry number for the History Log Table You can configure Network alarms to occur when a net Sample Port Select the port trom which the alarm samples were taken work problem is detected Choose your preferences for EE EE ER Sample Variable Select the variable of samples for the speci p fied alarm sample Sample Interval Enter the alarm interval time Sample Type Select the sampling method for the selected EG gt
54. N ID Displays the VLAN ID Router Ports Auto Learned The Switch will auto detect the prescence of a multicast router and l forward IGMP pacets accordingly The Router Settings shows the learned multicast router By l Dynamic Port List Displays router ports that have attached port if the port is active and a member of the been dynamically configured VLAN Select the VLAN ID you would like to configure Forbidden Port List Designates a range of ports as being and enter the Static and Forbidden ports for the specified disconnected to multicast enabled VLAN IDs All IGMP packets snooped by the Switch will be routers Ensures that the forbidden router port will not propagate forwarded to the multicast router reachable from the port routing packets out Static Port list Designates a range of ports as being connected to multicast enabled routers Ensures that the all packets will reach the multicast Router Settings enabled router e System 2 L2 Feature VLAN ID Router Ports Auto Learned Dynamic Port List Static Port List Forbidden Port List b Link Aggregation 1 Enabled Z vo Mirror Settings STP b MAC Address Table x Click the Apply button to accept the changes or the 4 GMP Snooping cuu E Cancel button amp to discard them VLAN Settings 2 Enabled Querier Settings Group List Router Settings MLD Snooping Jumbo Frame s s VLAN amp Management 70 MLD Snooping Gl
55. Static The Link Aggregation is configured manually for the specified trunk group e LACP The Link Aggregation is configured dynamically for the specified trunk group 4 Auto 802 3 Time Auto Auto Negotiation Maximum 802 3 Link 802 3 Link 802 3 Link System To Negotiation Negotiation Advertised Operational Frame Aggregation Aggregation Aggregation Remote ID Name Live Supported Enabled Capabilities MAU Type Size Capability Status Port ID T BASE T half duplex T BASE T full duplex 100BASE Not capable Not currently OA E4 77 5B 2F 151 Enabled Enabled praten gees 1522 of being in 0 ke ina aggregated aggregation duplex mode gpeg ggreg 100BASE TX full duplex 63 IGMP Snooping Internet Group Management Protocol IGMP Snooping allows a Switch to forward multicast traffic intelligently Multicasting is used to support real time applications such as videoconferencing or streaming audio multicast server does not have to establish a separate connection with each client It merely broadcasts its service to the network and any host that wishes to receive the multicast register with their local multicast Switch A multicast group IS a group of end nodes that want to receive multicast packets from a multicast application After joining a multicast group a host node must continue to periodically issue reports to remain a member Any multicast packets belonging to that multicast group are then forwarded by the Switch
56. Sun v Week 1 vj Month 11 Hours 2 v Minutes 0 SNTP NTP Server Address pool ntp org x x x x or Hostname Server Port 123 1 65535 Default 123 Apply 25 To configure date time through SNMP 1 Next to the Enable SNTP select Enable 2 In the Time Zone Offset list select by country or by the Coordinated Universal Time UTC GMT time zone in which the Switch is located 3 Next select Disabled Recurring or Non Recurring for Daylight Savings Time Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening 4 In the SNTP NTP Server Address field enter the IP address or the host name of the SNTP NTP server 5 Finally enter the port number on the SNTP server to which SNTP requests are sent The valid range is from 1 65535 The default is 123 6 Click APPLY to update the system settings 26 To configure date time manually 1 Next to the Enable SNTP select Disable 2 In the Manual Time field use the drop down boxes to manually select the date and time you wish to set 3 In the Time Zone Offset list select by country or by the Coordinated Universal Time UTC GMT time zone in which the Switch is located 4 Next select Disabled Recurring or Non recurring for Daylight Savings Time Daylight saving is a period from late spring to early fall wh
57. TP provides a tree topology for the Switch There are different types of Spanning tree verisons supported including Spanning Tree Protocol STP IEEE802 1D Multiple Spanning Tree Protocol MSTP IEEEBO 2 1w and Rapid Spanning Tree Protocol RSTP IEEEBO 2 1s Please note that only one spanning tree can be active on the Switch ata time 41 Global Settings Spanning Tree Protocol STP is a Layer 2 protocol that runs on Switches Spanning Tree Protocol STP allows you to ensure that you do not create loops when you have redundant paths in the network STP provides a Single active path between two devices on a network in order to prevents loops from being formed when the Switch is interconnected via multiple paths STP uses a distributed algorithm to select a bridging device that serves as the root for the spanning tree network It does this by selecting a root port on each bridging device to incur the lowest path cost when forwarding a packet from that device to the root device It then selects a designated bridging device from each LAN which incurs the lowest path cost when forwarding a packet from that LAN to the root device Next all ports connected to designated bridging devices are assigned as designated ports After determining the lowest cost Spanning tree it enables all root ports and designated ports disabling all other ports Network packets are therefore only forwarded between root ports and designated ports eliminating an
58. Technologies Inc All rights reserved Compliant with FCC This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his her own expense Technical Specifications Standard M EGS5212FP Eus a aoe Ports on the front 10 panel Power budget Ports 1 8 output up to 30 Ports 1 24 output up to Ports 1 24 output up Ports 1 48 output up Watts per Port 30 Watts per Port to 30 Watts per Port to30 Watts per Port Total PoE Budget 130 Watts 185 Watts 370 Watts 740 Watts SFP Slots SDRAM zeMGDDRi 256MBDDR3 256MBDDRS z58MBDDRG Ports 10 24 or 48 10 100 1000 Mbps Ports in the front panel Depending on model 2 or 4 100 1000Mbps SFP Ports Depending on model 1 RJ 45 Port PoE Capability Supports IEEE 802 3at af PoE Capable Ports EGS5212FP Port 1 8 output up to 30 Watts per port EGS7228P Port 1724 output up to 30 Watts per port EGS7228FP Port 1 24
59. The Switch s default setting Is to assign all ports to a single 802 1Q VLAN VID 1 Please keep this in mind when configuring the VLAN settings for the Switch 7 Adding Editing and Deleting Items in the List To add an item to the 802 10 list follow these steps 1 Click the Add button Add 2 Enter the VID and name in the the VID and Name text boxes 802 1Q VID Name Tagged Port Untagged Port 1 default 1 28 t1 t8 yv Q 3 Click the Tagged Ports text box to show the tagged ports dialog box 4 Click a radio button in the tagged ports row to select a port Port 1 2 3 E 5 6 7 8 9 10 11 12 tagged untagged e 9 9 9 9 9 9 e 9 o none tagged untagged 9 o o o o o e o o none 8 5 Click the Untagged Ports text box to show the untagged ports dialog box 6 Click a radio button in the Untagged Ports row to select a port 7 Click Confirm to accept the changes or Cancel to discard them 802 1Q VID Name Tagged Port Untagged Port sf Add 1 default 1 28 t1 t8 L 2 Test 1 2 5S cl To delete an item in the 802 10 list follow these steps 1 Click the Delete button g in the row you want to remove an item from A confirmation dialog will display 2 Click OK to continue or Cancel to abort the changes PVID When an Untagged packet enters a Switch port the PVID Port VLAN ID will be attached to the untagged packet and forward frames to a VLAN specified VID part of the PVID
60. al STP port state from a b gt Link Aggregation 0 Yes Yes i A Miror Settings blocking state to a forwarding state immediately without 4 STP T m going through listening and learning states right after i the port is configured as an edge port or when its link Port Settings 7 m status changes Edge Ports are not connected to LANs R gt a es i that have span ning tree devices so Edge Ports do not ms TE PUE i receive Bridge Protocol Data Units BPDUs If an Edge MST Port Settings m E Port starts to receive BPDUS it IS no longer considered Bid ado z x F an edge port to the Switch P LLDP b IGMP Snooping 9 0 Yes Yes a b MLD Snooping 10 0 Yes Yes Jumbo Frame OX 1 0 Yes Yes E Apply Click APPLY to update the the system settings a 12 0 Yes Yes Management 48 CIST Instance Settings Eme CIST Instance Settings The Common Instance Spanning Tree CIST protocol is c mme en formed by the spanning tree algorithm running among T at me bridges that support the IEEE 802 1w IEEE 802 1s and TE IEEE 802 1D standard A Common and Internal Spanning om i Tree CIST represents the connectivity of the entire E network and it is equivalent to a spanning tree in an STP RSTP erm The CIST inside a Multiple Spanning Tree Instance MST region is the same as the CST outside a region All regions are bound together using a CIST which is responsible for creating lo
61. an SNMP manager Note that the first character must be a period Wild cards can be used to mask a specific portion of the OID string using a period Subtree Mask Select O or 1 for Subtree mask The mask of the Subtree OID 1 means this object number is concerned amd O means do not concern View Type Select whether the defined OID branch within MIB tree will be included or excluded from the selected SNMP view Generally if the view type of an entry is Excluded another entry of view type Included should exist and its OID subtree Should overlap the Excluded view entry Click the Apply button to accept the changes or the Cancel button amp to discard them Group List Group Name Enter the group name that access control rules are applied to The group name can con tain up to 30 alphanumeric characters Security Mode Selects the SNMP version v1 v2c v3 asso Configure SNMP Groups to control network access on ciated with the group the Switch by providing users in various groups with Security Level Select the security level for the group Secu rity levels apply to SNMPv3 only ireren Vb emeni HENS via the Read View Write re ag ee oani View and Notify View options the privacy security levels are assigned to the group e Auth Authenticates SNMP messages e Priv Encrypts SNMP messages Read View Management access is restricted to read on only Write View Select a SNMP to allow SNMP write pri
62. anning tree versions supported include STP Multiple Spanning Tree Protocol MSTP and Rapid Spanning Tree Protocol RSTP Please note that only one spanning tree can be active on the Switch at a time The default setting is RSTP Select whether to Enable or Disable the spanning tree operation on the Switch Select the Force Protocol Version parameter for the Switch STP Force Version e STP Spanning Tree Protocol IEEE 802 1D e RSTP Rapid Spanning Tree Protocol IEEE 802 1w e MSTP Multiple Spanning Tree Protocol IEEE 802 1s 43 Multiple Spanning Tree Protocol MSTP defined in IEEE 802 1s enables multiple VLANs to be mapped to redu cethe number of spanning tree instances needed to sup port a large number of VLANS If there is only one VLAN in the network a single STP works appropriately If the network contains more than one VLAN however the logical network configured by a single STP would work but it becomes more efficent to use the alternate paths available by using an alternate spanning tree for different VLANs or groups of VLANs MSTP which is based on RSTP for fast convergence is designed to sup port independent spanning trees based on VLAN groups MSTP provides multiple forwarding paths for data traffic and enables load balancing STP and RSTP prevent loops from forming by ensuring that only one path exists between the end nodes in your network RSTP is designed as a general replacement
63. ateway To configure IPv6 for the Switch select whether to you wish to enable Auto Configura tion Static or DHCP for the IPv6 State Next enter the information for the IP address range and gateway IPv6 IPv6 Address Settings IPv6 State Auto Configuration IPv6 Address fe80 8adc 96fffe0e e85 I 164 1 127 Gateway Apply IPV6 State Select whether you wish to enable Auto Configuration DHCPv6 Client or Static for the IPv6 address Auto Configuration Use this option to set the IPv6 address for the IPv6 network interface in Auto Con figuration The Switch will automatically generate and use a globally unique IPv6 address based on the network prefix and its Ethernet MAC address This enables the IP address to be config ured automatically by the DHCP server Select this option if you have an IPv6 DHCP server that can assign the Switch an IPv6 address Prefix and a default gate way IP address Allows the entry of an IPv6 address Pre fix and a default gateway for the Switch Select this option if you wish to assign static IPv6 address information to the Switch IPv6 Address This field allows the entry of an IPv6 address Prefix to be assigned to this IP interface Gateway Set the default gateway IPv6 address for the interface Enter the default gateway IPv6 address Apply Click APPLY to update the system settings DHCPv6 Client Static System Time Displays the current
64. be used to deliver power to the powered device e Testing The powered device is being tested For example a powered device is tested to confirm it is receiving power from the power supply e Searching The device is currently searching for a powered device Searching is the default Pot operational status e Fault The device has detected a fault on the powered device when the port is forced on For example the power supply voltage is out of range a short short occurs a communication or there is a communication errorwith PoE devices or an unknown error occurs O System Summary P IP Settings System Time Port Settings 4 PoE Power Budget PoE Port Settings EEE L2 Feature SE Management ACL Qos Security Monitoring Diagnostics PoE Port Settings Ey pu pu pu pu pu pm pm ea Ge 3 1 Port State Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled FT oe bm Van al Priority Low Low Low Low Low Low Low Low Low Low Low Power Limit Type Auto Class Auto Class Auto Class Auto Class Auto Class Auto Class Auto Class Auto Class Auto Class Auto Class Auto Class Ark FEN Apply Click APPLY to update the the system settings 32 User Power Limit W Status Searching Searching Searching Searching Searching Searching Searching Searching Searching
65. ck APPLY to update the the system settings Mirror Settings Mirrors network traffic by forwarding copies of incoming and outgoing packets from specific ports to a monitoring port The packet that is copied to the monitoring port will be the same format as the original packet Port mirroring is useful for network monitoring and can be used as a diagnostic tool Use port mirroring to send traffic to applications that analyze traffic for purposes Such as monitoring compliance detecting intrusions monitoring and predicting traffic patterns and other correlating events Port Mirroring is needed for traffic analysis on a Switch because a Switch normally sends packets only to the port to which the destination device is connected The analyzer captures and evaluates the data without affecting the client on the original port Port mirroring can consume significant CPU resources while active so be concious of such usage when config uring the Switch 39 m eee a Switch only supports up to 4 mirror sessions Port ports mirrored to this port Source TX RX Sets the source port from which traffic will be mirrored TX Port Only frames transmitted from this port are mirrored to the destination port RX Port Only frames received on this port are mir rored to the destination port Both Frames received and transmitted on this port are mirrored to the specified destination port None Disables mirroring for this port Ingress State
66. d to NEC Philips IP Phones e 00 0F E2 Assigned to H3C IP Phones e 00 09 6E Assigned to Avaya IP Phones Index Displays the VoIP sequence ID OUI Address This is the globally unique ID assigned to a ven dor by the IEEE to identify VoIP equipment Displays the ID of the VoIP equipment vendor To configure the OUI settings click the Edit button to re configure the specific entry Click the Delete button to remove the specific entry and click the Add button to create a new OUI entry Click the Apply button to accept the changes or the Cancel button amp to discard them Port Settings Enhance VolP service by configuring ports to carry IP voice traffic from IP phones on a specific VLAN Voice VLAN provides QoS to VoIP ensuring that the quality of voice does not deteriorate if the IP traffic is received unevenly Port Settings System 2 Feature Port State CoS Mode Operate Status s r VLAN E Enabled Src gt 802 1G n E 1 Disabled Sre FVID engen VAN E 2 Disabled Sre Voice VLAN E 3 Disabled Src Global Settings A 4 Disabled Sre _ OUl Settings E a Disabled 5 Port Settings v Management E 6 Disabled Src iin rj 7 Disabled Src QoS E 8 Disabled Src I Monitoring EH 9 Disabled Src si i E 10 Disabled Sre E 11 Disabled Sre E 12 Disabled SC 84 Displays the port to which the Voice VLAN Settings are applied Select Enabled to enhance VolP quality on th
67. d to provide even more security 90 In SNMPv1 and SNMPv2c user authentication is ac complished using types of passwords called Communi ty Strings which are transmitted in clear text and not supported by authentication Users can assign views to Community Strings that specify which MIB objects can be accessed by a remote SNMP manager The default Community Strings for the Switch used for SNMPv1 and SNMPv2c management access for the Switch are public which allows authorized management stations to retrieve MIB objects and private which allow authorized management stations to retrieve and modify MIB objects Global Settings SNMP State Enables or Disables the SMNP function The default SNMP global Simple Network Management Protocol SNMP is an OSI state is Enabled Layer 7 Application Layer protocol designed specifically Local Engine ID 10 64 Enter the Switch s Engine ID for the for managing and monitoring network devices The Characters remote clients A SNMPv3 engine Is SNMP agents maintain a list of variables that are used ien ipi did e to manage the device The variables are defined in the protects against message replay Management Information Base MIB which provides a delay and redirection issues The standard presentation of the information controlled by bier the on board SNMP agent security keys for authenticating and encrypting SNMPv3 packets Normally a local engine ID is automatically generat
68. date the system settings Management VLAN Settings Management VLANID 1 M Apply 81 Voice VLAN Voice VLAN State Select Enabled or Disabled for Voice Enhance your Voice over IP VoIP service by configuring VLAN on the Switch Voice VLAN ID Sets the Voice VLAN ID for the network Only one Voice VLAN is supported on the Switch ports to carry IP voice traffic from IP phones on a specific VLAN Voice VLAN provides QoS to VoIP ensuring that the quality of the call does not deteriorate if the IP traffic is 802 1p Remark Enable this function to have outgoing voice received erratically or unevenly traffic to be marked with the selected CoS value Remark CoS 802 1p Defines a service priority for traffic on the Global Settings Voice VLAN The priority of any received VoIP packet is overwritten with the new priority when the Voice VLAN feature is active on a port Range 0 7 Default 6 Aging Time The aging time is used to remove a Global Settings port from voice VLAN if the port is an c automatic VLAN member When the last voice device stops sending traffic and Voice viu 2 i the MAC address of this voice device is 8021p remark Enabled aged out the voice VLAN aging timer nic MN will be started The port will be removed foie ee rosae from the voice VLAN after expiration of the voice VLAN aging timer If the voice traffic r
69. device to Switch 2 Click OK The page at 192 168 0 239 says Do you want to save config to device 148 Upgrading 4t WARNING Backup your configuration information before upgrading to prevent loss of settings information Follow this procedure to upgrade the Firmware 1 Click Upgrade to start upgrading 1 Click Choose File When a window opens browse to the location of your new Firmware Firmware Upgrade Settings Upgrade Method HTTP Partition Partition O Active File Choose File No file chosen 4 Aprompt will displays to confirm the Firmware Upgrade Click OK and follow the on screen instructions to complete the Firmware Upgrade Note The Upgrade process may require a few minutes to complete It is advised to clear your browser cache after upgrading your Switch s firmware 149 Resetting R WARNING The Reset function will delete all configuration information from the current device Backup your information before starting this procedure Follow this procedure to reset the Switch back to factory default settings 1 Click I to start the reset process 2 When a prompt displays click OK to confirm the reset or Cancel to quit the procedure The page at 192 168 1 245 says Do you want to apply default setting and reboot device Cancel Rebooting Logging Out Follow this procedure to reboot the Switch Follow this procedure to log out the current profile from th
70. discard them 4 MLD Snooping Global Settings VLAN Settings MLD Snooping Report Suppression gt Enabled Disabled Apply Group List Router Settings Jumbo Frame 71 VLAN Settings If the Fast Leave feature is not used a multicast querier will send a GS query message when an MLD group leave message is received The querier stops forwarding traffic for that group only if no host replies to the query within the specified timeout period If Fast Leave is enabled the Switch assumes that only one host is connected to the port Therefore Fast Leave should only be enabled on a port if it is connected to only one MLD enabled device VLAN Settings O System 2 L Feature VLANID MLD Snooping Status BI Fast Leave b Link Aggregation 1 Disabled Disabled e Mirror Settings SIF MAC Address Table LLDP IGMP Snooping 2 Disabled Disabled is 4 MLD Snooping Global Settings VLAN Settings Group List Router Settings Jumbo Frame ses VLAN aa Management 2 ACL dh QoS 72 Fast Leave can improve bandwidth usage for a network which frequently experiences many MLD host add and leave requests VLAN ID Displays the VLAN ID MLD Snooping Status Select to Enable or Disable the MLD Snooping feature for the specified VLAN ID Enables or Disables the MLD snooping Fast Leave for the specified VLAN ID Enabling this feature allows the Switch to immediately remove the Layer
71. e Sequence selected interface The valid range Is from 1 2147483646 1 being processed first Select what action taken if a packet matches the criteria e Permit Forward packets that meet the ACL criteria e Deny Drops packets that meet the ACL criteria Action Destination MAC Enter the destination MAC address Value Destination MAC Enter a MAC address mask for the Wildcard Mask destination MAC address A mask of 00 00 00 00 00 00 means the bits must be matched exactly ff ff ff ff ff ff means the bits are irrelevant Any combination of Os and ffs can be used Source MAC Wild Enter a MAC address mask for the card Mask source MAC address A mask of 00 00 00 00 00 00 means the bits must be matched exactly ff ff ff ff ff ff means the bits are irrelevant Any combination of Os and ffs can be used VLAN ID Enter the VLAN ID to which the MAC ad dress is attached in MAC ACE The range is from 1 4094 802 1p Value Enter the 802 1p value The range Is from 0 7 Ethertype Value Selecting this option instructs the Switch to examine the Ethernet type value in each frame s header This option can only be used to filter Ethernet II formatted packets A detailed listing of Ethernet protocol types can be found in RFC 1060 A few of the more common types include 0800 IP 0806 ARP and 8137 IPX 100 IPv4 ACL This page displays the currently defined IPv4 based ACLs profiles To add a new ACL click
72. e EGS Layer 2 Switch in a network without a DHCP server If your network has no DHCP service you must assign a static IP address to your Switch in order to log in to the web based Switch management 1 Connect the supplied Power cord to the Switch and plug the other end into an electrical outlet Verify the Power LED indicator is lit on the Switch Wait for the Switch to complete booting up It might take a minute or so for the Switch to completely boot up Connect one end of a Category 5 6 Ethernet cable into the Gigabit 10 100 1000 Ethernet port on the Switch front panel and the other end to Ethernet port on the computer Verify that the LED on Ethernet ports of the Switch are green Once your computer is on ensure that your TCP IP is set to On or Enabled Open Network Connections and then click Local Area Connecton Select Internet Protocol Version 4 TCP IPv4 If your computer is already on a network ensure that you have set it to a Static IP Address on the Interface 17 Example 192 168 0 10 and the Subnet mask address as 255 255 255 0 Open a web browser on your computer In the address bar of the web browser enter 192 168 0 239 and click Enter A login screen will appear By default the username isadminandthepasswordispassword Enter the current password of the Switch and then click Login To make access to the web based management interface more secure It s highly reccomended that you change
73. e interface Storm Control limits the amount of Broadcast Unknown read cake Enter the broadcast rate in kilobits per Multicast and Unknown Unicast frames accepted and second The Gigabit Ethernet ports have forwarded by the Switch Storm Control can be enabled a maximum speed of 1000000 kilobits per port by defining the packet type and the rate that per second If the rate of broadcast traffic ingress on the interface increases beyond the packets are transmitted at The Switch measures the the configured threshold the traffic is incoming Broadcast Unknown Multicast and Unknown dropped Unicast frames rates separately on each port and discards Unknown Multicast Enter the Unknown Multicast rate in the frames when the rate exceeds a user defined rate kilobits per second The Gigabit Ethernet ports have a maximum speed of 1000000 kilobits per second If the rate of broadcast traffic ingress on the interface increases beyond the configured threshold the Storm Control traffic is dropped lt L2 Feature Port Status Broadcast kbps Unknown Multicast kbps Unknown Unicast kbps Unknown Unicast Enter the Unknown Unicast rate in kilobits VLAN A Enabled vi V V System per second The Gigabit Ethernet ports Management X ACL 4l QoS Global Settings CoS Mapping DSCP Mapping Port Settings Bandwidth Control Storm Control Security amp Monitoring Diagnostics e co sy C on A N
74. e list If the Switch is not functioning properly an emergency log mes sage is saved to the specified logging location Select Yes or No from the list If there is a serious Switch malfunction then all Switch features are down Select Yes or No from the list A critical log is saved if a critical Switch malfunction occurs Select Yes or No from the list If triggered a device error has occurred Select Yes or No from the list The device is functioning but an operational problem has occurred Select Yes or No from the list This will provide information about the Switch Select Yes or No from the list This will provide information about the Switch Select whether the Yes or No from the list This will provide a debugging message Local Logging O System 2 L Feature Target EMERG ALERT CRIT ERROR WARNING NOTICE INFO DEBUG AL a ve as Management E Flash No No No No No No No No a QoS Security Ed Monitoring Port Statistics e RMON 4 Log Global Settings Local Logging Remote Logging Log Table a M Diagnostics Click the Apply button v to accept the changes or the Cancel button to discard them 140 Remote Logging From here you can discover the paths that a packet takes to a destination Remote logging enables the Switch to send system logs to the Log Server The Log Server helps to centralize system logs from various devices such as Access Points so that the user can monitor and manage th
75. e regarding a root bridge The root bridge is the root of the constructed tree within a spanning tree network Thus the root bridge is the bridge with the lowest bridge ID in the spanning tree network The bridge ID includes two parts the bridge priority 2 bytes and the bridge MAC address 6 bytes The 802 1d default bridge priority is 32768 STP devices exchange Bridge Protocol Data Units BPDUs periodically All bridges listen for Hello BPDUs Bridge Protocol Data Units transmitted from the root bridge If a bridge does not get a Hello BPDU after a predefined interval called the Maximum Age the bridge assumes that the link to the root bridge is down The bridge then initiates negotiations with other bridges to reconfigure the network to re establish a valid network topology Root Bridge System lt 12 Feature Root Address P Link Aggregation Priority Mirror Settings 4 STP Global Settings Maximum Age Root Bridge Port Settings Hello Time CIST Instance Settings CIST Port Settings MST Instance Settings MST Port Settings b MAC Address Table P LLDP P IGMP Snooping P MLD Snooping Jumbo Frame Management 45 Forward Delay 88 DC 96 0E 0E 85 32768 15 sec 20 sec 2 sec Root Address Priority Forward Delay Hello Time Displays the Root Bridge MAC address Root in Root Bridge refers to the base of the span ning tree which the Switch could be config ur
76. e selected port The default is Disabled CoS Mode Select Src or All from the list Src QoS attributes are applied to packets with OUls in the source MAC address All QoS attributes are applied to packets that are Classified to the Voice VLAN Operate Status Displays the operating status for the Voice VLAN on the selected port Apply Click Apply to update the system settings Management System Information The System Information screen contains general device information including the system name system location and system contact for the Switch System Information O System lt 12 Feature Information a VLAN m System Name EGS7228P a Management System Location Default Location System Information User Management System Contact Default Contact P File Management P SNMP 7 ACL dl Qos Security amp Monitoring Diagnostics 85 System Name System Location System Contact Enter the name you wish to use to identify the Switch You can use up to 32 alphanumeric characters The factory default name is the name of the Swicth Enter the location of the Switch You can use up to 32 alphanumeric characters The factory default is Default Location Enter the contact person for the Switch You can use up to 160 alphanumeric characters The factory default is Default Location Click Apply to save the changes to the system char 1 32 char 1 32 char 1
77. e user interface 1 Cick 5 to start the reboot process i P 2 When a prompt displays click OK to confirm the reboot T ACE T0 TOR OUT OE ENE ENN process or Cancel to quit the procedure 2 When a prompt shows click OK to confirm logging out or Cancel to quit the procedure The page at 192 168 1 245 says x The page at 192 168 1 245 says Do you want to reboot device Do you want to logout 150 Appendix EnGenius EGS5212FP fiiit PoE Switch LT Console Mode Link Act m Power Fault LAN Mode LED Mode PoE max PoE Mode ode VEG 127 FI am 9 9 EGS7228P Mode _ Link Act T 100 1000 Mbps PoE Switch Power Fault LAN Mode LED Mode m PoE max PoE Mode gt u 9 3 5 Vili EnGenius EGS7228FP 190 1000 bye PoE Switch Co Power mm RPS Fault LAN Mode PoE max PoE Mode EnGenius EGS7252FP 4 9 Fl 5 TE A Unk Act Spa A Unk Console LED Mode Reset 151 Quick Reference Guide Hardware Specifications Connecios GigE EGS5212FP EGS7228P EGS7228FP EGS7252FP Gigabit SFP Pots gt 1 4 4 Console Port 1 fT M PoE Features IEEE802 3af at max 30w per port perns 8 TI a a ry Power Supply 100 240 VAC 50 60 Hz Environent Operating Temperature 32 F 122 F 0 F C 50 C torage Temperature 40 F 158 F 40 C 70 C Operating Humidity 10 90 non bred Storage Humidity 5 90
78. e whole network Click the Add button and select the severity level of events you wish to log Remote Logging IP Hostname Server Port EMERG ALERT CRIT ERROR WARNING NOTICE INFO DEBUG Facility 514 Nix Y z My No x Niv A My liv Q Global Settings Local Logging Remote Logging Log Table host configured for the Syslog messages are sent The default port is 514 Severity Level IP H stnam Server Port 514 Refer to severity level table on page 25 or 27 Logs with the selected severity level and all logs of greater severity are sent to the host For example if you select Error the logged messages include Error Critical Alert and Emergency The log facility is used to separate out log messages by application or by function allowing you to send logs to different files in the syslog server Use the drop down menu to select localO local1 local2 local3 local4 local5 local6 or local7 EMERG ALERT CRIT ERROR WARNING NOTICE INFO DEBUG Facility hl E hl Ha HT MT Click the Apply button to accept the changes or the Cancel button amp to discard them Log Table From here users can view and delete the history log Select the Log Target vou wish to view from the drop down box Log Table System lt 12 Feature Select Log Target RAM x VLAN Management No Timestamp Category S
79. ed SFP Summary S Device Name EGS7228P ummary gt IP Settings FW Version v1 00 07 iil Serial Number 13A208165 Port Settings gt PoE Base MAC Address 88 DC 96 0E 0E 85 EEE IP Address 192 168 1 245 L2 Feature Gateway 192 168 1 254 VLAN System Uptime 1 day 0 hours 53 mins Management Z ACL dl QoS Security Ll Monitoring Diagnostics l IP Settings The IP Setting screen contains fields for assigning IP addresses IP addresses are either defined as static or are retrieved using the Dynamic Host Configuration Protocol DHCP DHCP assigns dynamic IP addresses to devices on a network DHCP ensures that network devices can have a different IP address every time the device connects to the network Note the following when configuring IP Addresses If the device fails to retrieve an IP address through DHCP the default IP address is 192 168 0 239 To access the page click IP Settings under the System menu ec IPv4 Select whether to you wish to enable Static or DHCP for Auto Configuration Next enter the information for the IP address gateway and DNS servers To be managed over the network the Switch needs an IP Address to be assigned The IP Settings screen contains fields for assigning IP addresses IP addresses are either defined as Static or are retrieved using the Dynamic Host Configuration Protocol DHCP DHCP assigns dynamic IP addresses to devices on a network DHCP ensures that
80. ed for Displays the priority for the bridge When Switches are running STP each is assigned a priority After exchanging BPDUs the Switch with the lowest priority value becomes the root bridge Displays the Switch Forward Delay Time This is the time in seconds the Root Switch will wait before changing states called listening to learning Displays the bridge Switch Maximum Age Time This is the amount of time a bridge waits before sending a configuration mes sage The default is 20 seconds Displays the Switch Hello Time This is the amount of time a bridge remains in a listening and learning state before forwarding packets The default is 15 seconds 46 Port Settings Edge Port Indicate whether the port is Enabled or Disabled STP and RSTP help guard against the formation of loops in an Ethernet network topology loop occurs when nodes transmit packets to each other over more than e No There is no edge port status one data path Packets can become caught in repetitious P2P MAC A P2P port must operate in full duplex cycles that needlessly consume network bandwidth Like edge ports P2P ports transition to a nifi forwarding state rapidly thus benefiting from which then significantly reduce network performance RSTP Enable P2P for the device to establish With STP you can set it up on a port per port basis a point to point link or specify for the device to to further help configure your ne
81. ed that is unique to the Switch This is referred e to as the default engine ID If the Global Settings SNMP State 9 Enabled Disabled local engine ID is deleted or changed all local SNMP users will be cleared euism and you will need to reconfigure all existing users System Information Engine ID 88DC960E0E85 10 64 hex letters the length of hould be even the Engine ID shou Global Settings View List Click Apply to save the changes to the system 91 View List SNMP uses an extensible design where the available information Is defined by Management Information bases MIBs MIBs describe the structure of the management data of a device subsystem they use a hierarchical namespace containing Object Identifiers OID to organize themselves Each OID identifies a variable that can be read or set via SNMP The SNMP View List is created for the SNMP management station to manage MIB objects Click the New button to create a new entry View List View Name Subtree OID Subtree Mask View Type all 1 all Included System Information User Management gt File Management 4 SNMP Global Settings View List Group List oe View Name Enter the view name The view name can con tain up to 30 alphanumeric characters Subtree OID Enter the Object Identifier OID Subtree The OID identifies an object tree MIB tree that will be included or excluded from access by
82. elative to other ACLs assigned to the selected interface The valid range is from 1 2147483646 1 being processed first Action Select what action taken if a packet matches the criteria e Permit Forward packets that meet the ACL criteria e Deny Drops packets that meet the ACL criteria Protocol Select the Any Protocol ID or Select from List from drop down menu e Protocol ID Enter the proto col in the ACE to which the packet is matched e Select from List Select the protocol from the list in the provided field Destination IP Address Enter the destination IP address Value Destination IP Wildcard Enter the mask of the new source IP Mask address Source IP Address Enter the source IP address Value Source IP Wildcard Enter the mask of the new source IP Mask address 105 VLAN ID Enter the VLAN ID to which the IP address LIG Apply to Save The changes to the system is attached in IPv4 Based ACE The range is from 1 4094 802 1p Value Enter the 802 1p value The range Is from from 0 7 Ethertype Value Enter the Ethertype value The range is from 05DD FFFF Select Any Protocol ID or Select from List from drop down menu e Protocol ID Enter the protocol in the ACE to which the packet Is matched The range Is from 0 255 e Select from List Select the ICMP from the list in the provided field ICMP Code Enter the ICMP code The range Is from 0 255 Source Port Select Single or Range fr
83. en many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening 5 Click APPLY to update the system settings Port Settings Displays the port number Use this screen to view and configure Switch port settings Indicates whether the link Is up or down Select the speed and the duplex mode of the Ethernet connection on this port Selecting Auto Auto Negotiation allows one port to negotiate with a peer port automatically to obtain the connection speed and duplex mode that both ends support When auto negotiation is turned on a port on the Switch negotiates with the peer automatically to determine the connection speed and duplex mode If the peer port does not Support autoegotiation or turns off this feature the Switch determines the connection speed by detecting the signal on the cable and using halt duplex mode When the Switch s auto negotiation is turned off a port uses the pre configured speed The Port Settings feature lets you change the configuration of the ports on the Switch in order to find the best balance of speed and flow control according to your preferences Configuring Gigabit ports require additional factors to be considered when arranging your preferences for the Switch compared to 10 100 ports To access the page click Port Settings under the System menu Port Settings and duplex mode when maki
84. esumes during the aging time the aging timer will be reset and stop The range for aging time is from 1 65535 minutes The default is 1440 minutes Apply Apply Click Apply to update the system settings 82 OUI Settings The Switches determines whether a received packet is a voice packet by checking its source MAC address VoIP traffic has a preconfigured Organizationally Unique Iden tifiers OUI prefix in the source MAC address You can manually add specific manufacturers MAC addresses and description to the OUI table All traffic received on the Voice VLAN ports from the specific IP phone with a listed OUI is forwarded on the voice VLAN OUI Settings System lt L Feature Index OUI Address Description sje add sit VLAN 1 00 E0 BB 3COM 802 1Q 2 00 03 6B Cisco s PVID Management VLAN 3 00 E0 75 Veritel s 4 Voice VLAN 4 00 D0 1E Pingtel s Global Settings 5 00 01 E3 Siemens s QUI Settings Port Settings 6 00 60 B9 NEC Philips s aa Management 7 00 0F E2 H3C s ACL 8 00 09 6E Avaya s da Qos Security Ll Monitoring Diagnostics Enter the QUI to the Voice VLAN The following OUI are enabled by default The following OUI are enabled by default e Q0 E0 BB Assigned to 3COM IP Phones e 00 03 6B Assigned to Cisco IP Phones e Q0 E0 75 Assigned to Veritel IP Phones e 00 DO 1E Assigned to Pingtel IP Phones e 00 01 E3 Assigned to Siemens IP Phones e 00 60 B9 Assigne
85. ether the Switch can communicate with a particular network host before testing ing Tes oe System lt L2 Feature Ping Test Settings V VIAN IP Address 192 168 1 100 x x x x or hostname Management Count l4 1 5 Default 4 4l QoS Interval in sec 1 1 5 Default 1 P iiia Heel se 8 5120 Default 56 El Monitoring Diagnostics Cable Diagnostics Ping Test IPv6 Ping Test Trace Route Result 144 Ping Test Settings You can vary the test parameters by entering the data in the appropraite boxes To verify accuracy of the test it is reccomended that you run multiple tests in case of a test fault or user error IP address Enter the IP address or the host name of the station you want the Switch to ping to Count Enter the number of ping to send The range is from 1 5 and the default is 1 Interval Enter the number of seconds between pings sent The range Is from 1 5 and the default is 4 Enter the size of ping packet to send The range is from 8 5120 and the default is 56 Displays the Ping Test results Click Test to perform the ping tests IPv6 Ping Test Send a ping request to a specified IPv6 address Check whether the Switch can communicate with a particular network host before testing IPv6 Ping Test System lt L2 Feature Ping Test Settings s VLAN IP Address OCXXXX XX Management el Count l4 1 5 Default 4 da QoS Security Monitoring
86. everity Message ACL 1 Dec 19 13 45 32 Port notice Port gi14 link up 4 QoS 2 Dec 19 13 45 27 Port notice Port gi14 link down Security amp Monitoring 3 Dec 19 11 54 45 Port notice Port gi3 link up Port Statistics 4 Dec 19 11 54 39 Port notice Port gi3 link down P RMON Dec 19 11 54 37 Port notice Port gi3 link up 4 Log Global Settings 6 Dec 19 11 30 11 Port notice Port gi3 link down Local Logging 7 Dec1911 15 47 Port notice Port gi7 link up Remote Logging 8 Dec 19 11 15 45 Port notice Port gi7 link down Log Table p Diagnostics 9 Dec 19 11 15 31 Port notice Port gi7 link up A counter incremented whenever an entry to the Switch s history log is made It displays the last entry highest sequence number first Displays the time of the log entry Category Displays the category of the history log entry for example If the name of a VLAN group is changed the category will display VLAN If a device is con nected to the Switch the category will display Port Severity Displays the level of severity of the log entry Messages are assigned a severity code triggered the history log entry Click CLEAR to clear the buffered log in the memory 142 Diagnostics Cable Diagnostics Cable Diagnostics helps you to detect whether your cable has connectivity problems provides information about where errors have occurred in the cable The tests use Time Domain Reflectometry TDR technology to test the qua
87. f routing updates and determine which types of traffic are forwarded or blocked This criterion can be specified on a basis of the MAC address or IP address MAC ACL MAC ACL This page displays the currently defined MAC based Q System ACLs profiles To add a new ACL click Add and enter the 12 Feature Index Name name of the new ACL it VLAN z v l 4 Management ACL MAC ACL MAC ACE IPv4 ACL IPv4 ACE IPv6 ACL IPv6 ACE ACL Binding da QoS Security L Monitoring e Diagnostics Index Profile identifier Enter the MAC based ACL name You can use up to 32 alphanumeric characters Click the Apply button to accept the changes or the Cancel button to discard them 99 Mac Based ACE Use this page to view and add rules to MAC based ACLs Mac Based ACE Mac Based ACE ACL Name Range 1 2147483647 1 is first processed MAC ACL MAC ACE IPv4 ACL IPv4 ACE IPv6 ACL IPv6 ACE ACL Binding Action Permit Destination MAC Address User Defined Destination MAC Value Destination MAC Mask Source MAC Address User Defined iy Source MAC Value Source MAC Mask VLAN ID Range 1 4094 802 1p Value Range 0 7 Ethertype Value Hex Range 05DD FFFF ACL Name Select the ACL from the list Enter the sequence number which sig nifies the order of the specified ACL relative to other ACLs assigned to th
88. figuration Reversion Name identifies the MSTP region configured MST ID Displays the ID of the MST group that is created maximum of 15 groups can be set for the Switch on the Switch Devices must have the same VLAN List Enter the VLAN ID range from for the revision number to belong to the same region configured VLANS to associate with the MST ID The VLAN ID number range is from 1 to 4094 MST Regional Root Internal Root Designated Root ID VLAN List Priority Bridge Cost Bridge Port Priority Select the bridge priority value for the MST When Switches or bridges are running STP each Is assigned a priority After exchanging BPDUS the Switch with the lowest priority value becomes the root bridge The default value is 32768 The range is from 0 61440 l The bridge priority is a multiple of 4096 Click the Apply button to accept the changes or the Regional Root This is the bridge identifier of the CST Region Cancel button amp to discard them Bridge al Root It is made up using the bridge priority and the base MAC address of the bridge Internal Root Displays the path cost to the designated root Cost for the MST instance Designated Displays the bridge identifier of the bridge Bridge with the Designated Port It is made up using the bridge priority and the base MAC address of the bridge Root Port Displays the port that accesses the designat ed root for MST instance Configuration This name uniquely
89. from the list DoS Denial of Service is used for classifying and UDP Blat Select Enabled or Disabled from the list blocking specific types of DoS attacks From here you TCP Blat Select the Enabled or Disabled from the can configure the Switch to monitor and block different list types of attacks st Select the Enabled or Disable from the list Fragment Minimal Enter the minimal size Global Settings Size IPv6 Min Fragment Select Enabled or Disabled from the list d Bytes Enter the size of IPv6 packets The range Global Settings is from 0 65535 System ICMP Fragment Select Enabled or Disabled from the list lt L Feature DoS Global s VLAN DMAC SMAC Enabled a Management Land Enabled x Click Apply to save the changes to the system Blat gt Security 802 1x POD Enabled Radius Server Fragment Minimal Size Access iiis Ping Max Size b Port Security DoS Smurf Attack Enabled Global Settings Netmask Length 0 Bytes 0 32 Port Settings El Monitoring TCP Attack Defense b a Diagnostics 127 TCP SYM SPORT lt 1024 Mull Scan Azack A Mas Scan A amp ack TCP SYN FIN A ack TCP SYN RST Agack TCP Fragment Offset 1 Enabled Enabled Enabled Enabled m EJ ed Be E a DMAC SMAC Select Enabled or Disabled from the list Select Enabled or Disabled from the list UDP Blat Select Enabled or Disabled from the list TCP B
90. g on the Switch The switch snoops all IGMP packets it receives to determine which l segments should receive packets directed Click to Enable or Disable the IGMP Snooping feature for to the group address when enabled the Switch Next select whether you wish to use V2 or Version Select the IGMP version you wish to use If V3 Finally select whether you wish to Enable or Disable an IGMP packet received by the interface the Report Suppression feature for the Switch has a version higher than the specified version this packet will be dropped Report Suppression Select whether Report Suppression is Enabled or Disabled for IGMP Snooping The Report Suppression feature limits the amount of membership reports the member sosser m sends to multicast capable routers b Link Aggregation Status Enabled JDisabled Mirror Settings gt STP Version V2 OV3 b gt MAC Address Table P LLDP 4 IGMP Snooping Report Suppression Enabled Disabled Global Settings pe Apply Click Apply to update the system Settings Querier Settings Group List Router Settings b MLD Snooping 65 VLAN Settings Use the IGMP Snooping VLAN Settings to configure IGMP Snooping settings for VLANs on the system The Switch performs IGMP Snooping on VLANS that send IGMP packets You can specify the VLANs that IGMP Snooping Should be performed on Choose from the drop down box whether to Enable or Disable IGMP Snooping Next
91. g powerful support for users to monitor network operation and diagnose malfunctions Syslog enabled device can generate a syslog message and send it to a Syslog server Syslog is defined in RFC 3164 The RFC defines the packet format content and system log related information of Syslog messages Each Syslog message has a facility and severity level The Syslog facility identifies a file in the Syslog server Refer to the documentation of your Syslog program for details The following table describes the Syslog severity levels NN Emergency System is unusable A emergency condition usu ally affecting multiple apps servers sites Direct Attention is required Alert Actions must be Should be corrected immedi taken immediately ately Notify staff who can fix Critical conditions the problem promptly Should be corrected immedi ately but indicates failure in a secondary system Non urgent failures these should be relayed to devel opers or admins each item should be resolved promptly Warning message that indi cates an error will occur if action is not taken Events that are unusual but not error inducing No immedi ate action required Normal operational status may be gained for reporting procedures Information useful to devel opers for debugging applica tions Warning conditions Notice Normal but signifi cant conditions Informational Informational message Debug level mes Sages 13
92. h Wait for the Switch to complete booting up It might take a minute for the Switch to completly boot up Connect one end of a Category 5 6 Ethernet cable into the Gigabit 10 100 1000 Ethernet port on the Switch front panel and the other end to the Ethernet port on the computer Verify thatthe LED onthe Ethernet ports of the Switch are green Once your computer is on ensure that your TCP IP is set to On or Enabled Open Network Connections and then click Local Area Connecton Select Internet Protocol Version 4 TCP IPv4 If your computer is already ona network ensure that you have setittoaStaticIP Address on the Interface Example 192 168 0 10 and the Subnet mask address aS 255 255 255 0 16 5 Open a web browser on your computer In the address bar of the web browser enter 192 168 0 239 and click Enter 6 A login screen will appear By default the username is admin and the password is password Enter the current password of the Switch and then click Login 7 Once logged in click IP Settings under the System tab and select IPv4 or IPv6 Next 8 Click DHCP under Auto Configuration 9 Click Apply to save the settings 10 Connect the Switch to your network DHCP enabled 11 On the DHCP server find and write down the IP address allocated to the device Use this IP address to access the management interface IP Address Discovery on a Network without a DHCP Server This section describes how to set up th
93. he Radius server Dead Timeout Enter the amount of time that the Radius Server is bypassed for service requests The default value Is 0 Click the Apply button to accept the changes or the Cancel button to discard them 121 Access tt Hips Setting System lt L2 Feature Settings Http s Settings HTTP Service 9 Enabled Disabled AA HTTP Session Timeout 5 0 86400 minutes 0 no limit The EnGenius Layer 2 PoE Switch provides a built in 4 Qos HTTPS Service Enabled Disabled browser interface that enables you to configure and HTTPS Session Timeout 5 0 86400 minutes 0 no limit manage the Switch via Hypertext Transfer Protocol Radius Server Http and Hypertext Transfer Protocol Secure Https 4 Access requests selectivly to help prevent security breaches M on the network You can manage your HTTP and HHTPs cepe settings for the Switch further by choosing the length of Console Settings session timeouts for HTTP and HTTPs requests Select whether to Enable or Disable the HTTP service and enter the HTTP Timeout session Next select whether Diagnostics to Enable or Disable the HTTPS sevice and enter the HTTPS timeout session for the Switch HTTP Service Select whether HTTP Service for the Switch Click Apply to save the changes to the system is Enabled or Disabled This is enabled by default HTTP Session Enter the amount of time that elapses before Timeout HTTP is timed out The defa
94. he SSH Service The default is 3 The incomprehensible without the correct encryption key to range is from 0 120 decode it Silent Time Enter the silent time for Telnet Service The range Is from 0 65535 seconds system i Click Apply to save the changes to the system L2 Feature Settings 388 VLAN SSH Service 9 Enabled Disabled Management ACL Session Timeout 5 0 65535 minutes sali History Count 128 0 256 Security Password Retry Count 3 0 120 p 802 1x Radius Server Silent Time 0 0 65535 seconds 4 Access Http s Settings Telnet Settings SSH Settings Console Settings Port Security P DoS E Monitoring Diagnostics 124 Console Settings From here you can configure the Console Service settings for the Switch Ss Console Settings O System lt L Feature Settings VLAN NE Session Timeout 5 aa Management t ACL History Count 128 da QoS Password Retry Count 3 Security p 802 1x Silent Time Radius Server 4 Access Http s Settings Telnet Settings SSH Settings Console Settings Port Security e DoS Ll Monitoring Diagnostics 0 65535 minutes 0 256 0 120 0 65535 seconds Session Timeout Enter the amount of time that elapses before Console Service is timed out The default is 5 minutes The range Is from 0 65535 minutes History Count Enter the entry number for History of Console Service The default is 128 The
95. he bandwidth settings for a specified port s Ingress Ingress Rate Enter the ingress rate in kilobits per second Rate Limit and Egress Rate The Gigabit Ethernet ports have a maximum speed of 1000000 kilobits per second Select from the drop down box to Enable or MEN Disable egress on the interface Bandwidth Control Egress Rate Enter the egress rate in kilobits per second The Gigabit Ethernet ports have a maximum speed System 2 L2 Feature Port Ingress Ingress Rate kbps Egress Egress Rate kbps si VLAN Enabled x 1000000 Enabled x 1000000 f i 4 Management gm of 1000000 kilobits per second sS ACL amp QoS 2 Disabled Off Disabled Off Global Settings 3 Disabled Off Disabled Off CoS Mapping A E 4 Disabled Off Disabled Off DSCP Mapping Port Settings A 5 Disabled Off Disabled Off Bandwidth Control m 6 Disabied of Disabled or Click Apply to save the changes to the system MTS 7 Disabled Off Disabled Off P Security m i Monitoring 8 Disabled Off Disabled Off Diagnostics F 9 Disabled Off Disabled Off A 10 Disabled Off Disabled Off 11 Disabled Off Disabled Off A 12 Disabled Off Disabled Off 13 Disabled Off Disabled Off 14 Disabled Off Disabled Off 113 Storm Control Port Displays the ports for which the Storm Control information is displayed Status Select whether Storm Control is Enabled or Disabled ingress on th
96. hether packets are forward ed or blocked at the Switch ports Access Control Lists ACLs are filters that allow you to classify data packets according to a particular content in the packet header such as the source address destination address source port number destination port number and more Packet classifiers identify flows for more efficient processing Each filter defines the conditions that must match for inclusion in the filter ACLs Access Control Lists provide packet filtering for IP frames based on the protocol TCP UDP port number or frame type or layer 2 frames based on any destination MAC address for unicast broadcast or multicast or based on VLAN ID or VLAN tag priority ACLs can be used to improve performance by blocking unnecessary network traffic or to implement se curity controls by restricting access to specific network resources or protocols Policies can be used to differen tiate service for client ports server ports network ports or guest ports They can also be used to Strictly control network traffic by only allowing incoming frames that 98 match the source MAC and source IP address on a spe cific port ACLs are composed of Access Control Entries ACEs which are rules that determine traffic classifica tions Each ACE is a considered as a single rule and up to 256 rules may be defined on each ACL with up to 3000 rules globally ACLs are used to provide traffic flow con trol restrict contents o
97. highest Check the CoS priority tag box and select the Queue values for each CoS value in Use the Class of Service CoS Mapping feature to specify which internal traffic class to map to the corresponding the provided fields Eight traffic priority CoS value CoS allows you to specify which data packets queues are supported and the field values have greater precedence when traffic is buffered due to are from 1 8 where one Is the lowest priority and eight is the highest priority congestion CoS Mapping Click Apply to save the changes to the system e System 8 L Feature CoS Queue 2 VLAN Md 9 Management 0 2 QE UE Qo5 i Global Settings 2 3 3 4 DSCP Mapping 4 5 Port Settings Bandwidth Control 5 6 Storm Control B T JP Security 7 g W Monitoring r Diagnostics Apply 110 DSCP Mapping DSCP Differentiated Displays the packet s DSCPvalues Services Code Point where O is the lowest and 10 is the Use Differentiated Services Code Point DSCP Mapping highest feature to specify which internal traffic class to map to Check the CoS priority tag box and the corresponding DSCP values DSCP Mapping increases er nyde or rid the number of definable priority levels by reallocating priority queues are supported and the bits of an IP packet for prioritization purposes field values are from 1 8 where one is the lowest priority and eight is the highest priority om System L2 Feature DSCP Queue ve
98. ifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment This device complies with Part 15 of the FCC Rules Operation is subject to the fol lowing two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation Radiation Exposure Statement WARNING This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance of 23cm between the radiator amp your body 153 Appendix B IC Interference Statement Industry Canada Statement This device complies with RSS 210 of the Industry Canada Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation Ce dispositif est conforme la norme CNR 210 d Industrie Canada applicable aux appareils radio exempts de licence Son fonctionnement est sujet aux deux conditions suivantes 1 le dispositif ne doit pas produire de brouillage pr judiciable et 2 ce dispositif doit accepter tout brouillage recu y compris un brouillage susceptible de provoquer un fonctionnement ind sirable FOR MOBILE DEVICE USAGE Radiation Exposure Stateme
99. ion is used e DES Using the Data En cryption Standard algorithm Encryption Key Enter the Data Encryption Stan dard key Click the Apply button to accept the changes or the Cancel button amp to discard them 95 System Information User Management gt File Management 4 SNMP Global Settings View List Group List Community List User List Trap Settings Trap Settings Trap Settings SNMP Traps Server SHMP Holy Community IP ostnama Version Type Hame A trap is a type of SNMP message The Switch can send traps to an SNMP manager when an event occurs You can restrict user privileges by specifying which por tions of the MIBs that a user can view In this way you restrict which MIBs a user can display and modify for better security In addition you can restrict the types of traps users can send as well You can do this by de termining where messages are sent and what types of messages can be sent per user Traps indicating status changes can be issued by the Switch to the specified trap manager by sending authentication failure messag es and other trap messages 96 Server IP Hostname Community Name Enter the Server IP or Hostname The Hostname can contain up to 128 alpha numeric characters SNMP Version Select the SNMP version from the list Notify Type Select the type of notificatio
100. k the Apply button to accept the changes or the Cancel button amp to discard them IPv6 ACL e System 2 L Feature Index Mame ae VLAN Fa 32 char 1 as Management 3S ACL MAC ACL MAC ACE IPv4 ACL IPv4 ACE IPvG ACL IPv6 ACE AGL Binding d Qos Security Ed Monitoring Diagnostics 104 IPV6 Based ACE Allows IPv6 Based Access Control Entry ACE to be de fined within a configured ACL lt 12 Feature 88 VLAN amp Management ACL MAC ACL MAC ACE IPv4 ACL IPv4 ACE IPv6 ACL IPv6 ACE ACL Binding J QoS P Security amp Monitoring Diagnostics IPv6 Based ACE ACL Name Sequence Action Protocol Source IP Address Source IP Address Value Source IP Prefix Length Destination IP Address Destination IP Address Value Destination IP Prefix Length Source Port Destination Port TCP Flags Type of Service Permit Select from list v User Defined User Defined Single Single Urg Dont Care v Rst Dont Care v DSCP to match v Range 1 2147483647 1 is first processed tcp Ack GOCXXXX XX Range 0 128 OCXXXXEXX Range 0 128 Range 0 65535 Range 0 65535 Don t Care x Psh Don t Care v DontCare v Fin Don t Care v Range 0 63 ACL Name Select the ACL from the list Sequence Enter the sequence number which signifies the order of the specified ACL r
101. lat Select the Enabled or Disabled from the list Select the Enabled or Disable from the list Size IPv6 Min Fragment Select Enabled or Disabled from the list is from 0 65535 Ping Max Size Set Enter the max ping size for the ping The ting range is from 0 65535 Smurf Attack Select Enabled or Disabled from the list Netmask Length Enter the length of the netmask The range Is from 0 32 TCP SYN Select Enabled or Disabled from the list Null Scan Attack Select Enabled or Disabled from the list X Mas Scan Attack Select Enabled or Disabled from the list TCP SYN FIN Attack Select Enabled or Disabled from the list 128 Port Settings Displays the port for which the DoS protection is defined From here you can configure the Port Settings for DoS Select Enabled or Disabled for the DoS for the Switch Select from the drop down list whether Protection feature for the selected port you wish to Enable or Disable DoS Protection for the SWitch Click Apply to save the changes to the system Oo System Feature Port DoS Protection s VLAN Enabled aa Management 1 Disabled 2 ACL QoS 2 Disabled Secunty 3 Disabled 302 1x l 4 Disabled Radius Server rmm 5 Disabled Port Security 6 Disabled DoS 7 Disabled Global Settings l Port Settings 8 Disabled Ld Monitoring 8 Disabled e Diagnostics 10 Disabled 11 Disabled 12 Disabled 13 Disabled 14 Disabled 129 Monitoring played The
102. led LLDP Data Units LLDPDUs A single LLDP Protocol Data Unit LLDP PDU is transmitted within a single 802 3 Ethernet frame A Dasic LLDPDU consists of a set of Type Length Value elements TLV each of which contains information about the device A single LLDPDU contains multiple TLVs TLVs are short information elements that communicate complex data Each TLV advertises a single type of information 59 activate LUDP for the Switch Select whether to Enable or Disable the LLDP feature Transmission Interval Enter the interval at which LLDP on the Switch Next enter the Transmission interval advertisement updates are sent The Holdtime Multiplier Reinitialization Delay parameter EE Ja 5 32768 and the Transmit Delay parameter When finished click Holdtime Multiplier Enter the amount of time that LLDP APPLY to update the the system Settings packets are held before packets are discarded and measured in multiples of the Advertised Interval The default is 4 The range is from 2 10 Ge Reinitialization Delay Enter the amount of time of delay before reinitializing LLDP The default em is 2 The range is from 1 10 T EG ae Transmit Delay Enter the amount of time that MAC Address Table Holdtime Mulipier 4 210 passes between successive LLDP rium Reritaizaton Diy 2 o frame transmissions The default E tee E di is 2 seconds The range is 1 8192 nom seconds MLD Snooping Apply 60
103. lity of a copper cable attached to a port TDR detects a cable fault by sending a signal through the cable and reading the signal that is reflected back All or part of the signal is reflected back either by cable defects or by the end of the cable when an issue IS present Cables are tested when the ports are in the down state with the exception of the cable length test To verify accuracy of the test it is reccomended that you run multiple tests in case of a test fault or user error Select the port to which the cable is connected Pair A B C and D Displays the cable test results e Open A cable is not connected to the port e OK A cable is connected to the port Cable Length A B Displays the approximate cable length C and D Cable Diagnostics 2 System Cable Length A Cable Length B Cable Length C Port Pair A meter Pair B meter Pair C meter Pai Diagnostics Cable Diagnostics Ping Test IPv6 Ping Test Trace Route Click Test to perform the cable tests for the selected port 143 Ping Test The Packet INternet Groper Ping Test allows you to verify connectivity to remote hosts The Ping test operates by sending Internet Control Message Protocol ICMP request packets to the tested host and waits for an ICMP response In the process it measures the time from transmission to reception and records any packet loss Send a ping request to a specified IPv4 address Check wh
104. manent storage One image Is the active image active on the Switch and the second image is the backup image The Dual Image screen enables the user to select which partition image will be set as active after the next reset The Switch boots and runs from the active image If the active image is corrupt the system automatically boots from the non active image Click Apply to save the changes to the system Dual Image O System Image 12 Feature Active Flash Partition Status Image Name Size Byte Created Time Partition 0 Active IMG 1 00 06 5513595 2013 11 11 18 16 47 as Management system Information a User Management 4 File Management Apply Configuration Manager Dual Image P SNMP ACL dh QoS Security Ll Monitoring Diagnostics 88 SNMP Simple Network Management Protocol SNMP is an Application Layer protocol designed specifically for managing and monitoring network devices Simple Network Management Protocol SNMP is a popular protocol for network management It is used for collecting information from and configuring network devices Such as servers printers hubs Switches and routers on an Internet Protocol IP network SNMP is used to exchange management information between a network management system NMS and a network device manager station can manage and monitor the Switch through their network via SNMPv1 v2c and v3 An SNMP managed network consists of two components agents
105. n to be Sent e Traps Traps are sent Informs Informs are sent ONLY when v2c Is enabled Note The recipient of a trap message does not send a response to the Switch Traps are therefore not as reliable as in form messages which include a request for acknowledgement of receipt Inform messages can be used to ensure that critical information is received by the host However please note that in forms consume more system resources because they must be kept in memory until a response Is received Informs also add to network traffic You should consider these effects when deciding whether to Issue notifications as traps or informs Select the Community Name from the list Enter the UDP port used to send notifi cations 97 Configurable only if the notify type is Informs Enter the amount of time the device waits before re sending The de fault is 15 seconds Timeout Configurable only if the notify type is Informs Enter the amount of time the device waits before re sending an inform request The default is 3 seconds Click the Apply button to accept the changes or the Cancel button to discard them ACL An Access Control List ACL allows you to define clas sifi7cation rules or establish criteria to provide security to your network by blocking unauthorized users and allowing authorized us ers to access specific areas or resources ACLs can provide basic security for access to the network by controling w
106. nformation The range is from 0 32 characters Click the Apply button to accept the changes or the Cancel button amp to discard them 134 History Log Table History Log Table Select the index for the History Log from the list From here you can view the History Index for History Logs on the Switch Select a History Index to view from the drop down box History Log Table System 12 Feature select History Index VLAN Management ACL QoS Secunty Monitoring Port Statistics 4 RMON Event List Event Log Table Alarm List History List History Log Table Statistics gt Log Diagnostics 135 Statistics Broadcast Pkts Displays the number of good broadcast packets received on the port This number The Statistics page displays general information about does not include Multicast packets sions packets received on the port CRC amp Align Errors Displays the number of CRC and Align er rors that have occurred on the port Statistics gt Undersize Pkts Displays the number of undersized packets cre ua o less than 64 octets received on the port Port Evens Odes pis Pis Phs Emors Ps Ps Fragments Jabbers Colisions os Oversize Pkts ate the number of oversized packets N over 1518 octets received on the port E Fragments Displays the number of fragments received O 55s on the port 7 Jabbers Displays the total number of received pack ets that were longer than 1
107. ng a connection thus Summary Port Link Status Mode Flow Control requiring you to make sure that the settings of the b IP Settings m Auto iz Disabled x peer port are the same in order to connect S E 1 Link Down Auto Disabled Port Settings 2 Link Up Auto 1000M Full Disabled PoE EEE 3 Link Up Auto 1000M Full Disabled lt L2 Feature 4 Link Up Auto 100M F ull Disabled VLAN T ry 5 Link Up Auto 100M F ull Disabled ea Management Je ACL 6 Link Down Auto Disabled 7 Link Up Auto 100M F ull Disabled Security Ej Monitoring A 8 Link Up Auto 100M Full Disabled Diagnostics 9 Link Up Auto 1000M Full Disabled m 10 Link Up Auto 100M F ull Disabled 11 Link Up Auto 100M F ull Disabled FI 12 Link Up Auto 100M F ull Disabled lI Flow Control A concentration of traffic on a port decreases port bandwidth and overflows buffer memory causing packet discards and frame losses Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port The Switch uses IEEE802 3x flow control in full duplex mode and backpressure flow control in half duplex mode IEEEBO2 3x flow control is used in full duplex mode to send a pause signal to the sending port causing it to temporarily stop sending signals when the receiving port memory buffers fill Back Pressure flow control is typically used in half duplex mode to send a collision signal to the sending port mimicking a state of packet collision causi
108. ng the sending port to temporarily stop sending Signals and resend later Click APPLY to update the system Settings 28 PoE Total Power Budget Enter the amount of power the Switch can provide to all ports Power Budget Consumed Power Shows the total amount of power currently being delivered to all ports The PoE Management screen contains system PoE information for monitoring the current power usage and Power Budget assigns the total amount of power the Switch can provide Summe Sens pq TotalPower Budget 185 Watts 6 185 Watts to all of its PoE ports Ports 1 8 24 or 48 on the Switch E TE are IEEEBO2 3at af compliant ports Each port is capable of l a delivering up to 30 Watts and a total PoE budget of either 130 185 370 or 740 Watts depending on your model for uninterrupted PoE use To access the page click PoE under the System menu 1 Ports PowerBudgt Apply Click APPLY to update the the system settings ecss2izFP 8 130watts EGS7228P 185 Watts EGS7228FP 370 Watts EGS7252FP 740 Watts 29 PoE Port Settings The EnGenius Layer 2 PoE Switches supports Power over Ethernet PoE as defined by the IEEE 802 3af and 802 3at All ports can support PoE up to 30W Ports 1 24 can supply about 48 VDC power to Powered Devices PDs over Standard UTP Ethernet cables The Switch follows the Standard PSE Power Sourcing Equipment pinout whereby power is sent out over pins 1 2
109. nt This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance 20cm between the radiator amp your body Pour l utilisation de dispositifs mobiles D claration d exposition aux radiations Cet quipement est conforme aux limites d exposition aux rayonnements IC tablies pour un environnement non contr l Cet quipement doit tre install et utilis avec un minimum de 20cm de distance entre la source de rayonnement et votre corps 154 Appendix C CE Interference Statement Europe EU Declaration of Conformity This device complies with the essential requirements of the R amp TTE Directive 1999 5 EC The following test methods have been applied in order to prove presumption of conformity with the essential requirements of the R amp TTE Directive 1999 5 EC e EN60950 1 Safety of Information Technology Equipment e EN50385 Generic standard to demonstrate the compliance of electronic and electrical apparatus with the basic restrictions related to human exposure to electromagnetic fields 0 Hz 300 GHz e EN 300 328 Electromagnetic compatibility and Radio spectrum Matters ERM Wideband Transmission systems Data transmission equipment operating in the 2 4 GHZ ISM band and using spread spectrum modulation techniques Harmonized EN covering essential requirements under article 3 2 of the R amp TTE Directive e EN 301 8
110. o multicast enabled routers snooped by the Switch will be forwarded to the multicast Ensure that the forbidden router port router reachable from the port will not propagate routing packets out Static Port List Designates a range of ports as being Router Settings connected to multicast enabled routers VLANID Router Ports Auto Leamed Dynamic PortList Statie Port List Forbidden Port List Ensure that the all packets will reach the gt Link Aggregation 1 Enabled vo multicast enabled router Mirror Settings STP MAC Address Table P LLDP 2 Enabled b IGMP Snooping MLD Seo Click the Apply button to accept the changes or the Global Settings VLAN Setings Cancel button amp to discard them Group List 4 Jumbo Frame Ethernet has used the 1500 byte frame size since Its inception Jumbo frames are network layer PDUs that have a size much larger than the typical 1500 byte Ethernet Maximum Transmission Unit MTU size Jumbo frames extend Ethernet to 9000 bytes making them large enough to carry an 8 KB application datagram plus packet header overhead If you intend to leave the local area network at high speeds the dynamics of TCP will require you to use large frame sizes The EnGenius Layer 2 Switch supports a Jumbo Frame size of up to 9216 bytes Jumbo frames need to be configured to work on the ingress and egress port of each device along the end to end transmission path Furthermore all de
111. obal Settings Multicast Listener Discovery MLD Snooping operates on the IPv6 traffic level for discovering multicast listeners MLD Snooping Status Select to Enable or Disable MLD on a directly attached port and performs a similar Snooping on the Switch The Switch function to IGMP Snooping for IPv4 MLD snooping snoops all MLD packets it receives to allows the Switch to examine MLD packets and make NE mney Em Saou m receive packets directed to the group forwarding decisions based on content MLD Snooping address when enabled limits IPv6 multicast traffic by dynamically configuring MLD Snooping Version Select the MLD version you wish to the Switch port so that multicast traffic is forwarded use If an MLD packet received by the only to those ports that wish to receive it This reduces Interface has a version higher than the m specified version this packet will be the flooding of IPv6 multicast packets in the specified dropped VLANs Both IGMP and MLD Snooping can be active at MLD Snooping Report The report suppression feature limits the amount of membership reports the member sends to multicast capable routers the same time Global Settings System amp 12 Feature Settings P Link Aggregation Suppression MLD Snooping Status Enabled Disabled Mirror Settings gt STP MLD Snooping Version 9 v1 v2 MAC Address Table Click the Apply button to accept the changes or the X uem Cancel button to
112. of time that lapses supplicant is allowed to access resources located on the before an EAP request is resent to the protected side of the network supplicant The default is 30 seconds Max Retry Enter the maximum number of times that the Switch retransmits an EAP request to the client before it times out the relate to 802 1X First select the mode from the you authentication session The default is 2 wish to utilize from the drop down box Next choose times whether to Enable or Disable reauthentification for the Guest VLAN ID guest VLAN ID is Enabled port Enter the time span that you wish to elapse for the eee Authorized Status Displays the authorized mode status From here you can configure the port settings as they Re authentification period Quiet Period and Supplicant Period After this enter the max number of times you wish for the Switch to retransmit the EAP request Finally choose whether you wish to Enable or Disable the VLAN ID 117 Port Settings System Reauthentication Quiet Supplicant Max Authorized Guest 12 Feature Port Mode Reauthentication period Period Period Retry Status VLAN 3 VLAN x o Force Authorized Enabled v 36 bo jp HB Enabled Management ACL T 1 Force_UnAuthorized Enabled 3600 60 30 2 AUTH INITIALIZE Enabled QoS T 2 Disabled Enabled 3600 60 30 2 AUTH INITIALIZE Enabled Security E 3 Disabled Enabled 3600 60
113. om the list Enter the source port that is matched to packets The range Is from 0 65535 Destination Port Select Single or Range from the list Enter the destination port that is matched to packets The range Is from 0 65535 Type of Service Enter the DSCP The range is from 0 63 106 ACL Binding Port Select the port for which the ACLs are bound to MAC ACL The ACL is MAC address based When an ACL is bound to an interface all the rules that have been defined for the ACL are applied to that in terface Whenever an ACL Is assigned on a port or LAG flows from that ingress or egress interface that do not Click Apply to save the changes to the system match the ACL are matched to the default rule of drop ping unmatched packets To bind an ACL to an interface Simply select an interface and select the ACL s you wish to bind ACL Binding System lt L2 Feature Port MAC ACL IPv4 ACL IPv6 ACL si VLAN m none v none amp Management ACL B MAC ACL E MAC ACE F 3 IPv4 ACL IPv4 ACE IPv6 ACL IPv6 ACE i 6 ACL Binding da QoS Security Ed Monitoring Diagnostics 107 QoS Quality of Service QoS provides the ability to implement priority queuing within a network QoS is a means of providing consistent and predictable data delivery to the Switch by distinguishing between packets that have stricter timing requirements from those that are more tolerant of delays
114. op free topology across regions whereas the MSTI controls topology inside regions CST instances allow different regions to communicate between themselves CST is also used for traffic within the region for any VLANS not covered by a MSTI In an MSTP enabled network there is only one CIST that runs between MST regions and single spanning tree devices A network may contain multiple MST regions and other network segments running RSTP Multiple regions and other STP bridges are interconnected using a single CST 49 Apply Enter the information to set up CIST for the Switch Maximum Age The Max Age may be set to ensure that old information does not endlessly circulate through redundant paths in the network preventing the effective propagation of new information Set by the Root Bridge this value will aid in determining that the Switch has spanning tree configuration values consistent with other devices on the bridged LAN The user may choose a time between priority will be chosen as the root bridge A 6 and 40 seconds The default value is 20 lower value has a higher priority The default seconds value is 32768 and should be an exact Enter the maximum number of Hello packets divisor of 4096 transmitted per interval The count can be Maximum Hop Used to set the number of hops between pe nom Pe Tne Sau 2 3 devices in a spanning tree region before the Hello Time Enter the Switch s Hello Time This IS the BPDU packet sent by
115. otal path cost between each point of the tree and the root bridge 51 Designated Root Bridge Displays the Root Bridge for the Apply Click APPLY to update the the system settings CST It is comprised using the bridge priority and the base MAC address of the bridge Internal Root Cost This is the cost to the CIST regional root in a region External Root Cost External Root Cost Is the cost to the CIST root Regional Root Bridge This is the bridge identifier of the CST Regional Root It is made up using the bridge priority and the base MAC address of the bridge Internal Port Cost Enter the cost of the port Edge Port Conf Displays the Edge Port state Designated Bridge This is the Bridge Identifier of the bridge of the Designated Port It is made up using the bridge priority and the base MAC address of the bridge Port Role Each MST Bridge Port that is enabled is assigned a Port Role within each Spanning tree The port role will be one of the following values Root Port Designated Port Alternate Port Backup Port Master Port or Disabled Port State The Forwarding State of this port The state parameters are Discarding Learning Forwarding or Disabled 52 MST Instance Settings VLANS MSTP maintains contact with the global network because each instance Is treated as an RSTP node in the Multiple Spanning Tree Protocol or MSTP enables the Common Spanning Tree CST srouping of multiple VLANs with
116. owing main menu options e System e 12 Features VLAN Management ACL QoS Security Monitoring Diagnostics The description that follows in this chapter describes configuring and managing the system settings within the Switch 20 Search Bar At the top right corner of the Graphical User Interface GUI is the search Dar which you can use to find and jump to any of the L2 management features When you type in a word all possible results for that word in the navigation pane will appear Click on the results from the drop down list to open that management tab Reset e Reboot Logout Upgrade Summary Displays the model name of the Switch The Summary screen contains general device information ed the installed firmware version of the about the Switch including the device name Firmware Serial Number Displays the serial number of the Switch version MAC address IP address Gateway and System Base MAC address Displays the MAC address of the device Uptime IP Address Displays the IP address assigned by DHCP server Displays the Gateway of IP interface System Uptime Displays the amount of time since the most recent device reset The System Time is displayed in the following format days hours and minutes For example the display will read 3 days 6 hours 10 minutes EGS7228P 24 Port Gigabit PoE L2 Managed Switch with 4 Dual Spe
117. pply button to accept the changes or the Cancel button amp to discard them Dynamic MAC Address s System 2 L Feature Index Port VID MAC Address Link Aggregation 1 5 1 00 00 74 F8 89 DB sje 2 13 1 00 04 F2 E9 25 60 b STP MA Address Table 3 11 1 00 0A E 4 04 D9 61 Static MAC Address 4 18 1 00 0A E4 04 DA 8B Dynamic MAC Address 5 23 1 00 0A E4 09 C0 D6 P LLDP l 6 20 1 00 0A E 4 77 5B 2F P IGMP Snooping P MLD Snooping f p 1 00 11 11 A2 0D 45 Jumbo Frame 8 3 1 00 1B BA F3 AD 5C ses VLAN 9 17 1 00 27 10 83 00 D0 4 Management t ACL 10 8 1 00 60 38 DD AS EB QoS 11 10 1 00 60 38 DD A6 14 Security 12 22 1 00 60 38 DD A6 2C EL Monitoring 58 LLDP Link Layer Discovery Protocol LLDP is the IEEE 802 1AB Standard for Switches to advertise their identity major Capabilities and neighbors on the 802 LAN LLDP allows users to views the discovered information to identity system topology and detect faulty configurations on the LAN LLDP is essentially a neighbor discovery protocol that uses Ethernet connectivity to advertise information to devices on the same LAN and store information about the network The information transmitted in LLDP advertisements flow in one direction only from one device to its neighbors This information allows the device to quickly identify a variety of other devices resulting in a LAN that interoperates smoothly and efficiently LLDP transmits information as packets cal
118. pported only with IGMPv2 or IGMPv3 Snooping when IGMP Snooping is enabled Fast Leave does not apply to a port if the Switch has learned that a multicast querier is attached to it Fast Leave can improve bandwidth usage for a network which frequently experiences many IGMP host add and leave requests Querier Settings IGMP snooping requires that one central Switch to pe riodically query all end devices on the network to an nounce their Multicast memberships and this central device is the IGMP querier The snooping Switch sends out periodic queries with a time interval equal to the configured querier query interval The IGMP query keeps the Switch updated with the current multicast group membership information If the Switch does not received the updated membership information then it will stop forwarding multicasts to specified VLANs Querier Settings gt e System lt L2 Feature VLAN x a a Max Response Response Last Q V n b Link Aggregation ID Querier State Querier Version Robustness Interval Oper Interval Interval Interval Query u e ri e r e rs O n Mirror Settings 1 Disabled v2 2 125 125 10 10 STP MAC Address Table LLDP 4 IGMP Snooping Global Settings VLAN Settings 2 Disabled v2 2 125 125 10 10 Querier Settings Group List Router Settings Robustness MLD Snooping Jumbo Frame VLAN Management 67 VLAN ID Displays the VLAN ID Querier State Select whether to Enable or
119. r The traffic load of the LAG will be balanced among the ports according to Aggregate Arithmetic If the connections of one or several ports are broken the traffic of these ports will be transmitted on the normal ports so as to guarantee the connection reliability When you aggregate ports the ports and LAG must fulfill the following conditions e All ports within a LAG must be the same media format type e A VLAN is not configured on the port e The port is not assigned to another LAG e The Auto negotiation mode is not configured on the port e The port is in full duplex mode e All ports in the LAG have the same ingress filter ing and tagged modes e All ports in the LAG have the same back pressure and flow control modes e All ports in the LAG have the same priority e All ports in the LAG have the same transceiver type 35 ePorts can be configured as LACP ports only if the ports are not part of a previously configured LAG LACP is a dynamic protocol which helps to automate the configuration and maintenance of LAG s The main purpose of LACP is to automatically configure individual links to an aggregate bundle while adding new links and helping to recover from link failures if the need arises LACP can monitor to verify if all the links are connected to the authorized group LACP is a standard in comput er networking hence LACP should be enabled on the Switch s trunk ports initially in order for both the pa
120. r a Class C network but custom subnet masks are allowed Enter the IP subnet mask of your Switch in dotted decimal notation The factory default value is 255 255 255 0 23 Enter an IP address that determines where packets with a destination address outside the current subnet Should be sent This is usually the address of a router or a host acting as an IP gateway If your network is not part of an Intranet or you do not want the Switch to be accessible outside your local network you can leave this field blank DNS Server Domain Name Used for mapping a domain name System to its corresponding IP address and vice versa Enter a DNS IP address in order to be able to use a domain name to access the Switch instead of using an IP address Gateway EGS7228P 24 Port Gigabit PoE L2 Managed Switch with 4 Dual Speed SFP IPv4 Summary IPv4 Address Settings 4 P Settings IPv4 IPv6 Auto Configuration Static DHCP IPv4 Address 192 168 1 245 System Time Subnet Mask 255 255 255 0 Port Settings Gateway 192 168 1 254 DNS Server 1 4 2 22 DNS Server2 4 2 26 Apply Diagnostics Apply Click APPLY to update the the system settings IPV6 IPV6 is a an upgraded version to IPv4 providing more available IP addresses as well as other benefits To ac cess the switch over an IPv6 network you must first con figure it with IPv6 information IPv6 prefix prefix length and default g
121. range is from 0 256 Password Retry Enter the number of password requests to Count send to the Console Service The default is 3 The range is from 0 120 Silent Time Enter the silent time for Console Service The range is from 0 65535 seconds Click Apply to save the changes to the system 125 Port Security Max MAC Address Enter the maximum number of MAC Addresses that can be learned on the port The range is from 1 256 Network security can be increased by limiting access on Displays the port for which the port a specific port to users with specific MAC addresses Port gt Mu WEITE UT erect cnaDied or DiSaDied tor the por Security prevents unauthorized device to the Switch security feature for the selected port prior to stopping auto learning processing Port Security Click Apply to save the changes to the system O System 2 Feature Port State Max MAG Address sir VLAN E Enabled y 256 s Management adit E 1 Disabled 256 ACL ane m 2 Disabled 256 Security 7 3 Disabled 256 802 1x A 4 Disabled 256 Radius Server PE A 5 Disabled 256 Port Security E 6 Disabled 256 Dos E 7 Disabled 256 W Monitoring ETET A 8 Disabled 256 A 9 Disabled 256 Al 10 Disabled 256 E 11 Disabled 256 A 12 Disabled 256 A 13 Disabled 256 E 14 Disabled 256 A 15 Disabled 256 126 DoS DMAC SMAC Select Enabled or Disabled from the list Select Enabled or Disabled
122. ria Select Any Protocol ID or Select from a List in the drop down menu e Any Check Any to use any protocol e Protocol ID Enter the protocol in the ACE to which the packet is matched e Select from List Selects the protocol from the list in the provided field e ICMP Internet Control Message Protocol ICMP The ICMP enables the gateway or destination host to communicate with the source host e PinIP IP in IP Encapsulates IP packets to create tunnels between two routers This ensures that IPIP tunnel appears as a single interface rather than several separate interfaces IPIP enables tunnel intranets occur the internet and provides an alternative to source routing e TCP Transmission Control Protocol TCP Enables two hosts to communicate and exchange data streams TCP guarantees packet delivery and guarantees that packets are transmitted and received in the order they are sent e EGP Exterior Gateway Protocol EGP Permits exchanging routing information between two neighboring gateway hosts in an autonomous systems network e IGP Interior Gateway Protocol IGP Enables a routing information exchange between gateways within an autonomous network e UDP User Datagram Protocol UDP UDP is a communication protocol that transmits packets but does not guarantee their delivery e HMP The Host Mapping Protocol HMP collects network information from various networks hosts HMP monitors hosts
123. rsion 2c adds several enhancements to the protocol such as support for Informs Because of this v2c has become the most widely used version Unfortunately a major weakness of v1 and v2c is security To combat this SNMP v3 adds a security features that overcome the weaknesses in v1 and vec If possible it is recommended that you use v3 especially if you plan to transmit sensitive informa tion across unsecured links However the extra security feature makes configuration a little more complex In SNMPv3 User based Security Model USM authenti cation is implemented along with encryption allowing you to configure a secure SNMP environment The SN MPv3 protocol uses different terminology than SNMPv1 and SNMPv2c as well In the SNMPv1 and SNMPv2c protocols the terms agent and manager are used In the SNMPv3 protocol agents and managers are renamed to entities With the SNMPv3 protocol vou create users and determine the protocol used for message authentication as well as if data transmitted between two SNMP enti ties is encrypted The SNMPv3 protocol supports two authentication pro tocols HMAC MD5 96 MD5 and HMAC SHA 96 SHA Both MD5 and SHA use an algorithm to generate a mes sage digest Each authentication protocol authenticates a user by checking the message digest In addition both protocols use keys to perform authentication The keys for both protocols are generated locally using the Engine ID and the user passwor
124. rtic ipating Switches devices that support the standard to use it Port Trunking Port Trunking allows you to assign physical links to one Displays the number of the given trunk group You can utilize up to 8 link aggregation groups and each group consisting up to 8 ports on the Switch logical link that functions as a single higher speed link Active Ports Displays the active participating members of the providing dramatically increased bandwidth Use Port trunk group Trunking to bundle multiple connections and use the Member Port Select the ports you wish to add into the trunk sroup Up to eight ports per group can be assigned combined bandwidth as if it were a single larger pipe e Static The Link Aggregation is configured manually for specified trunk group wy e LACP The Link Aggregation is configured Important You must enable Trunk Mode before dynamically for specified trunk group you can add a port to a trunk group LACP allows for the automatic detection of links in a Port Trunking Group when connected to a To access the page click Port Trunking under L2 Features LACP compliant Switch You will need to ensure both the Switch and device connected to are the same mode in order for them to function Port Trunking otherwise they will not work Static configuration se is used when connecting to a Switch that does not support LACP 4 Link Aggregation Group Active Ports Member Ports Mode
125. s From here you can viewing detailed frame LLDP Information for the remote Switch To scroll click Port ID Subtype Displays the port ID type on the arrow at the top right of the screen Displays the Remote ID System Name Displays the administratively assigned a Remote Device gt device name lt 12 Feature Auto 8l Chassis Time Auto Auto Negotiation Ma i i D Link Aggregation ID Port ID System To Negotiation Negotiation Advertised Operational Fr Ti m e to Live E D S p d y S t h e ti m e i Port Subtype ChassisID Subtype Remote ID Name Live Supported Enabled Capabilities MAU Type S E x EE Auto Negotiation Supported Displays state for the Auto grensene 0BASE T Negotiation Supported l 4 LLDP full duplex 100BASE Network MAC Sot 100BASE TX full Global Settings 20 ee 192 168 1 149 nis 00 0A E4 77 5B 2F 168 Enabled Enabled TX half SR duplex mode 100BASE Local Device Auto Negotiation Enabled Displays state for the Auto Negotiation Enabled IGMP Snooping ales Auto Negotiation Advertised Displays the type of Auto es Capabilities Negotiation Advertised Capabilities Maximum Frame Capabilities Aggregation Capabilities Link Aggregation Link Aggregation 62 Aggregated links can be set up manually or automatically Select Static or LACP for the Link Click the Apply button v to accept the changes or the Aggregation type Cancel button to discard them e
126. settings to the Switch using a configuration file from your local drive or TFTP server Backup Download the configuration file from the Switch to TFTP server on the network Next download the configuration file from the Switch to your local drive by using an HTTP session Configuration Manager Settings Upgrade Backup Upgrade Method HTTP File Choose File No file chosen Apply Settings Upgrade Backup Upgrade Method TFTP Server IP Enter Server IP File Name Enter File Name Upgrade First upload the configuration file from a TFTP server to the Switch Next upload the configuration file from your local drive to the Switch by using an HTTP session Upgrade Backup Select Upgrade or Backup from the list Two methods can be selected HTTP or TFTP Field only shown when Upgrading via HTTP Click Browse to select file to Upgrade or Backup Method File Server IP Enter the Server IP address to upload the configuration file from the TFTP server to the Switch Field only shown when Upgrading via TFTP Enter the destination file name of the configuration file to upload from the TFTP server to the Switch File Name Click Apply to save the changes to the system Dual Image Selects the partition you wish to be active Flash Partition Displays the number of the partition The Switch maintains two versions of the Switch image ee in its per
127. spread over the internet as well as hosts in a single network e RDP Reliable Data Protocol RDP provides a reliable data transport service for packet based applications e Pv6 Matches the packet to the IPV6 protocol e IPV6 Rout Routing Header for IPv6 e IPV6 Frag Fragment Header for IPv6 e RVSP Matches the packet to the ReSerVation Protocol RSVP e Pv6 ICMP The Internet Control Message Protocol ICMP allows the gateway or destination host to communicate with the source host 103 e OSPF The Open Shortest Path First OSPF protocol is a link state hierarchical interior sateway protocol IGP for network routing Layer Two 2 Tunneling Protocols It is an an extension to the PPP protocol that enables ISPs to operate Virtual Private Networks VPNs e PIM Matches the packet to Protocol Independent Multicast PIM e L2TP Matches the packet to Internet Protocol L2 IP Destination IP Enter the destination IP address Address Value Destination IP Enter the mask of the new source IP address Wildcard Mask Source IP Enter the source IP address Address Value Click Apply to save the changes to the system IPv6 ACL Index Displays the current number of ACLs el Enter the IPv6 based ACL name You can use up to 32 This page displays the currently defined IPv6 based alphanumeric characters ACLs profiles To add a new ACL click Add and enter the name of the new ACL Clic
128. t Click Apply to save the changes to the system amp amp Management 0 1 ACL QoS 1 Global Settings 2 1 CoS Mapping 4 4 Port Settings i Bandwidth Control 5 1 Storm Control B 1 Security Monitoring Diagnostics 8 Z 9 2 111 parameters are defined From here you can configure the QoS port settings for CoS Class of Service Select the CoS priority tag values the Switch Select a port you wish to set and choose where 0 is the lowest and 7 is the high a CoS value from the drop down box Next Select to Select Enable to trust any CoS packet Enable or Disable the Trust setting to let any CoS marking at ingress and select Disable packet be marked at ingress to not trust any CoS packet marking at ingress est Click Apply to save the changes to the system Port Settings O System L Feature Port CoS Value Trust s VLAN A Enabled M gement am E 1 Enabled ACL ds QoS E 2 Enabled Global Settings E 3 Enabled CoS Mappin ig E 4 Enabled DSCP Mapping Port Settings E 5 0 Enabled Bandwidth Control E 6 0 Enabled storm Control F 7 0 Enabled Security Ed Monitoring n eid r Diagnostics E 9 0 Enabled E 10 0 Enabled E 11 0 Enabled E 12 0 Enabled E 13 0 Enabled E 14 0 Enabled 112 Bandwidth Control Port Displays the ports for which the bandwidth Settings are displayed l l Select to Enable or Disable ingress on the The Bandwidth Control feature allows users to define interface t
129. t SNMP v2c support SNMP v3 support TFTP upgrade Command Line Interface CLI SNTP RMONv1 SYSLOG Cable Diagnostics MIB Support RFC1213 RFC1493 RFC1757 RFC2674 PoE Management Power on off per port Power Class Configuration Power feeding with priority User defined power limit Physical Interface Dimensions Dimensions EGS5212FP EGS7228P Width 13 Length 9 Height 1 73 E Width 10 2 Length 17 32 Height 1 73 3 68 E P E 8 10 TIrTFIrTF Far 2 s 9 15 EGS5212FP Front 118814 EGS7228P Front EGS5212FP Back EGS7228P Back 11 Physical Interface Dimensions EGS7228FP Width 12 2 Length 17 32 Height 1 73 8 10 EEEEBE FTTTTT z LIIIIII L HH 15 14 EGS7228FP Front EGS7228FP Back 12 Dimensions EGS7252FP Width 17 32 Length 16 14 Height 1 73 10 P niu Nu TTTTTIFTTTTTIFTTTTTITTTTTIG C ZZ titi 3z ar ar am yer capo an 15 EGS7252FP Front 8 14 1 RJ45 Console Port 2 Power LED Light off Power off Solid Light Power On 3 Fault LED Light off Normal Behavior Solid Light Error 4 PoE Max LED Light off Additional PoE devices may still be added Solid Light The PoE device s output power has exceeded total PoE limit No additional devices can be powered on via PoE RPS LED for EGS7228FP only Green The Redundant Powers Supply Is in use Amber The Redundant Power Suppl
130. the Switch is discarded interval between two transmissions of BPDU Each Switch on the hop count will reduce packets sent by the Root Bridge to verify the hop count by one until the value reaches that it Is the Root Bridge The Hello Time zero The Switch will then discard the BDPU range is from 1 to 10 seconds The default packet and the information held for the port Hello Time is 2 seconds will age out The user may set a hop count from 6 to 40 The default value is 20 Forward Delay Enter the bridge forward delay time which indicates the amount of time in seconds that Apply Click APPLY to update the the system settings a bridge remains in a listening and learning state before forwarding packets The value must be greater or equal to Bridge Max Age 2 1 The time range is from 4 seconds to 30 seconds The default value is 15 seconds Priority Select from the list to specify the priority of the Switch for comparison in the CIST CIST priority is an important criterion on determining the root bridge In the same condition the Switch with the highest 50 CIST Port Settings MST ID Select the MST ID from the list Port or trunked port identifier Use the CIST Ports Settings page to configure and view l l Priority Defines the priority used for this STA attributes for interfaces when the spanning tree port in the Spanning Tree Algorithm mode is set to STP or RSTP You may use a different If the path cost for all ports on a
131. the password to something more unique Once logged in click IP Settings under the System menu and select Static IP to configure the IP settings of the management interface 9 Enter the IP address Subnet mask and Gateway 10 Click Apply to update the system Web Access Use this procedure to access the management interface through a Web browser for device configuration 1 Open a Web browser on your computer and enter the following address default http 192 168 0 239 2 On the login screen use the following information Username admin Password password To make access to the web based management interface more secure it s highly reccomended that you change the password to something more unique 18 Chapter 2 Management EnGenius EGS5212FP 2 un aE Mode Link Act Power Fault LAN Mode LED Mode PoEmax PoE Mode ode 100 1000 Mbps PoE Switch Console an 9 9 VEN 127 FI EGS7228P Mode _ Link Act T 100 1000 Mbps PoE Switch Power Fault LAN Mode LED Mode m PoE max PoE Mode EnGenius EGS7228FP a IRAE PoE Switch Co Power RPS Fault LAN Mode PoE max PoE Mode T EE KE 9 9 9 9 A 4 A 4 OF SLE EnGenius PN EGS7252FP m Console LED Mode Reset 19 System The navigation pane at the left of the Web browser interface contains a System tab that enables you to manage your EGS Layer 2 Switch with features under the foll
132. twork topology to automatically establish a point to point The Switch allows each port to have its own spanning link Select Yes or No from the list for point l to point P2P tree and so will require some of its own configuration settings Yes Restricted in that a P2P port must operate in full duplex Port The port or trunked ports vou wish to m iur Gaii duin e No There is no P2P port status External Path Cost This defines a metric that indicates the Migration Start When operating in RSTP mode enable this relative cost of forwarding packets to function to force the port to use the bod the specified port list The port cost can MST RST BPDUS and restart the migration be set automatically or as a metric value delay timer The default value is O auto Setting O for the external cost will automatically set the speed for forwarding packets to the specified port s in the list for optimal efficiency The default port cost for a 100Mbps port is 200 000 and the default port cost for a Gigabit port is 20000 Enter a value between 1 and 200000000 to determine the External Cost The lower the number the greater the probability the port will be chosen to forward packets eYes Designates the port as an edge port 47 Edge Ports Port Settings System a i Men p s An edge port changes its initi
133. ult is 5 minutes The range is from 0 86400 minutes HTTPs Service Select whether the HTTP Service is Enabled or Disabled This is disabled by default HTTPS Session Enter the amount of time that elapses before Timeout HTTPS is timed out The default is 5 minutes The range Is from from 0 86400 minutes Iez Telnet Settings From here vou can configure and manage the Switch s Telnet protocol settings The Telnet protocol is a Standard internet protocol which enables terminals and applications to interface over the Internet with remote hosts by providing Command Line Interface CUI communication using a virtual terminal connection This protocol provides the basic rules for making it possible to link a client to a command interpreter The Telnet service for the Switch is enabled by default Please note that for secure communication It is better to use SSH over Telnet To enable and configure SSH Settings please refer to SSH Settings on the next page Telnet Settings System lt L2 Feature Settings VLAN l Telnet Service 9 Enabled Disabled da Management ACL Session Timeout 5 0 65535 minutes History Count 128 0 256 Security Password Retry Count 3 0 120 D 802 1x Radius Server Silent Time 0 0 65535 seconds 4 Access Http s Settings Telnet Settings SSH Settings Console Settings Port Security b DoS Ll Monitoring Diagnostics Telnet Service Session Timeout
134. ute Settings 8 VLAN IP Address X X X X or hostname aa Management ACL Max Hop 30 ds Qos Security E2 Monitoring 2 255 Default 30 Diagnostics Cable Diagnostics Ping lest IPv6 Ping Test Een Trace Route 146 Chapter 3 Maintenance EnGenius EGS5212FP 2 un aE Mode Link Act Power Fault LAN Mode LED Mode PoEmax PoE Mode ode 100 1000 Mbps PoE Switch Console an 9 9 VEN 127 FI EGS7228P Mode _ Link Act T 100 1000 Mbps PoE Switch Power Fault LAN Mode LED Mode m PoE max PoE Mode EnGenius EGS7228FP a IRAE PoE Switch Co Power RPS Fault LAN Mode PoE max PoE Mode T EE KE 9 9 9 9 A 4 A 4 OF SLE EnGenius PN EGS7252FP m Console LED Mode Reset 147 Maintenance Maintenance functions are available from the maintenance bar Maintenance functions include saving configuration settings upgrading firmware resetting the configuration to factory default standards rebooting the device and logging out of the interface The following represents the Maintenance Menu bar Ey Logout O Reboot c Upgrade Reset Saving Configurations i Important You must save any setting changes before rebooting Failure to save results in loss of new configuration changes Follow this procedure to save the configuration 1 Click B to save the entire configuration changes you have made to the
135. ux autres dispositions pertinentes de la directive 1999 5 CE Con la presente nome del costruttore dichiara che questo tipo di apparecchio conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999 5 CE Ar o name of manufacturer izgatavotaja nosaukums deklare ka type of equipment iekartas tips atbilst Direktivas 1999 5 EK b tiskaj m pras b m un citiem ar to saist tajiem noteikumiem Siuo manufacturer name deklaruoja kad Sis equipment type atitinka esminius reikalavimus ir kitas 1999 5 EB Direktyvos nuostatas Hierbij verklaart naam van de fabrikant dat het toestel type van toestel in overeenstemming is met de essenti le eisen en de andere relevante bepalingen van richtlijn 1999 5 EG Hawnhekk isem tal manifattur jiddikjara li dan il mudeltal prodott jikkonforma mal htigijiet essenzjali uma provvedimenti ohrajn relevanti li hemm fid Dirrettiva 1999 5 EC Alul rott gy rt neve nyilatkozom hogy a tious megfelel a vonatkoz alapvet k vetelm nyeknek s az 1999 5 EC ir nyelv egy b el r sainak Niniejszym nazwa producenta o wiadcza ze Nazwa wyrobu jest zgodny z zasadniczymi wymogami oraz pozostalymi stosownymi postanowieniami Dyrektywy 1999 5 EC Nome do fabricante declara que este tipo de equipamento est conforme com os requisitos essenciais e outras disposi es da Directiva 1999 5 CE Ime proizvajalca izjavlja da je ta tip
136. vices in the network must also be consistent on the maximum Jumbo Frame size So it IS important to do a thorough investigation of all your devices in the communication paths to validate their Settings 75 Jumbo Frame Enter the size of jumbo frame The range Is from 1522 9216 bytes Enter the size of jumbo frame The range is from 1522 9216 bytes Click APPLY to update the the system settings Jumbo Frame Le System lt 12 Feature Settings b Li i Link Aggregation Jumbo Frame 1522 Bytes 1522 9216 Mirror Settings p STP b MAC Address Table Apply VLAN A Virtual LAN VLAN is a group of ports that form a logical Ethernet segmentonaLayer 2 Switch which provides better administration security and management of multicast traffic A VLAN is a network topology configured according to a logical scheme rather than a physical layout When you use a VLAN users can be grouped by logical function instead of physical location All ports that frequently communicate with each other are assigned to the same VLAN regardless of where they are physically on the network VLANs let you logically segment your network into different broadcast domains so that you can group ports with related functions into their own separate logical LAN segments on the same Switch This allows broadcast packets to be forwarded only between ports within the VLAN which can avoid broadcast packets being sent to all the ports on a single Switch A VLAN
137. vileges to the Switch s SNMP agent Notify View Select a SNMP group to receive SNMP trap messages generated by the Switch s SNMP agent Click the Apply button to accept the changes or the Cancel button amp to discard them Group List Group Name Security Mode Security Level Read View Write View Notify View v3 v Auth v al v all v v Q System Information User Management gt File Management 4 SNMP Global Settings View List Group List Community List User List Trap Settings 53 Community List In SNMPv1 and SNMPv2c user authentication is accomplished using types of passwords called Commu nity Strings which are transmitted in clear text and not supported by authentication It is important to note that the community name can limit access to the SNMP agent from the SNMP network management station function ing as a password Click Add to add a community list to the Switch Next name the community and choose the level of access that will be granted to the specified list from the drop down boxes Community List Community Name Community Mode Group Name View Name Access Rights public Basic all Read Only private Basic all Read Write System Information Basic X all m Read Only User Management gt File Management 4 SNMP Global Settings View List 94 Community Name
138. wer in case the primary power supply fails Connecting a RPS370 also allows you to extend your Pot budget by 370 Watts on the EGS7228FP so the total Pot budget will be 740 Watts Warning Both the Switch and redundant power supply should be disconnected from its power source before installing Directly connecting a powered RPS to the Switch may cause damage to both devices 1 Using a screwdriver remove the cover plate at the rear of both devices 2 Attach one end of the RPS power cable into the receptacle on the Switch and the other end into the RPS370 3 Connect the RPS370 to the AC power source using the cable enclosed in the package 4 Connect the Switch to the AC power source using the cable enclosed in the package The RPS LED will light up to show that a redundant power supply is now in operation 14 Warning Use only an approved RPS cable Third party or custom RPS cables will damage your device If you have not been provided with a RPS cable please contact your dealer Management Interface The EGS Layer 2 PoE Switch features an embedded Web interface for the monitoring and management of your device 15 Connecting the Switch to a Network Discovery in a Network with a DHCP Server Use this procedure to setup the Switch within a network that uses DHCP 1 Connect the supplied Power cord to the Switch and plug the other end into an electrical outlet Verify the power LED indicator is lit on the Switc
139. y has failed Off The Redundant Power Supply is not in use 5 LAN Mode LED Light off LAN mode Is not activated Solid Light LAN mode is activated 6 PoE Mode LED Light off PoE mode is not activated Solid Light PoE mode Is activated 7 LED Mode Selector Press to change between LAN and PoE mode 13 EGS7252FP Back 8 Reset Button Press to reset the device to factory default settings 9 RJ 45 LAN Ports 10 100 1000 Mbps RJ 45 LAN ports 10 LAN Mode LED Per Copper Port Light off No link is established on the port Solid Amber Light A valid 10 100 Mpbs link is established on the port Solid Green Light A valid 1000 Mbps link is established on the port 11 Link Act LED Per Copper Port Light off No link is established on the port Solid Light A valid link is established on the port Blinking Light Packet transmission on the port 12 Uplink Ports Gigabit Ports 13 SFP Ports Small form factor pluggable ports 14 Speed LED Per SFP Port Small form factor pluggable LED ports 15 Link Act LED Per SFP Port Light off No link is established on the port Solid Amber Light A valid 100 Mpbs link is established on the port Solid Green Light A valid 1000 Mbps link is established on the port Connecting a Redundant Power Supply for EG57228FP only The EGS7228FP has a redundant power supply RPS connector at the rear of the Switch You could connect a RPS370 to the Switch to provide redundant po
140. y possible network loops STP provides a single active path between two devices on a network in order to prevent loops from being formed when the Switch is interconnected via multiple paths 42 Global Settings e System 12 Feature Settings om nd STP State OEnabled Disabled Mirror Settings 4 STP Force Version RSTP Global Settings Root Bridge Port Settings Apply CIST Instance Settings CIST Port Settings MST Instance Settings MST Port Settings gt MAC Address Table P LLDP P IGMP Snooping Once a stable network topology has been established all bridges listen for Hello Bridge Protocol Data Units BPDUs transmitted from the Root Bridge of the Spanning Tree If a bridge does not receive a Hello BPDU after a predefined interval known as the Maximum Age the bridge will assume that the link to the Root Bridge is down and unavailable This bridge then initiates negotiations with other bridges to reconfigure the network to reestablish a valid network topology Spanning Tree Loops Loops occur when alternate routes exist between hosts Loops in an extended network can cause the Switch to forward traffic indefinitely resulting in increased traffic and reducing network efficiency Once the STP is enabled and configured primary links are established and duplicated links are blocked automatically The reactivation of the blocked links is also accomplished automatically STP provides a tree topology and other Sp
Download Pdf Manuals
Related Search