User`s Manual
Contents
1. Indicates the SNMP trap mode operation Possible modes are Trap Mode Enabled Enable SNMP trap mode operation Disabled Disable SNMP trap mode operation Indicates the SNMP trap supported version Possible versions are SNMP v1 Set SNMP trap supported version 1 SNMP v2c Set SNMP trap supported version 2c SNMP v3 Set SNMP trap supported version 3 Trap Version Indicates the community access string when send SNMP trap packet Trap Community The allowed string length is 0 to 255 and the allowed content is the ASCII characters from 33 to 126 KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Trap Destination Indicates the SNMP trap destination address Address Trap Destination IPv6 Address Provide the trap destination IPv6 address of this switch IPv6 address Trap Destination IPv6 Address is a 128 bit record represented as eight fields of up to four Hexadecimal digits with a colon separating each field For KY 8617GCM_ User s Manual example fe80 215 cbff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can only appear once It also used a following legally IPv4 address For example 192 1 2 34 Indicates the SNMP entity is permitted to generate authentication an failure traps Possible2. Edge Role TCN point Auto M 1128 be Edge v O O Forced True Point to Edge Edge point 1 Auto 128 w Edge 0 O O Auto Y 2 Auto 128 w Edge w Oo O O Auto Y 3 Auto 128 w Edge 2 O Auto w 4 Auto v 128 vi Edge v O O O Auto v 5 Auto 128 Edge v F Fi C Auto v VO The switch port number of the logical STP port STP Enabled Controls whether STP is enabled on this switch port KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Controls the path cost incurred by the port The Auto setting will set the path cost as appropriate by the physical link speed using Path Cost thelEEE802 1Drecommended values Using the Setting a user defined value can be entered The path cost is KY 8617GCM_ User s Manual Used when establishing the active topology of the network Lower path cost ports are chosen as forwarding ports in favor of higher Path cost ports Valid values are in the range 1 to 200000000 Controls the port priority This can be used to control priority of Priority o ports having identical port cost See above Operational flag describing whether the port is connecting directly to edge devices No Bridges attached Transitioning to the Open Edge state flag l l forwarding state is faster for
3. SNMP v2c Set SNMP supported version 2c SNMP v3 Set SNMP supported version 3 Version KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Read Community Indicates the community read access string to permit access to SNMP agent The allowed string length is O to 255 and the allowed content is the ASCII characters from 33 to 126 The field only suits to SNMPv1 and SNMPv2c SNMPv3 is using USM for authentication and privacy and the community string will associated with SNMPv3 communities table KY 8617GCM_ User s Manual Indicates the community write access string to permit access to SNMP agent The allowed string length is O to 255 and the allowed content is the ASCII characters from 33 to 126 The field only suits to SNMPv1 and SNMPv2c SNMPv3 is using USM for authentication and privacy and the community string will Write Community associated with SNMPv3 communities table Indicates the SNMPv3 engine ID The string must contain an even number between 10 and 64 hexadecimal digits but all zeros and all F s are not allowed Change of the Engine ID will clear all original local users SNMP Trap Configuration Trap Mode Trap Version Trap Destination Address Po Trap Authentication Failure Trap Link up and Link down Trap Inform Mode Trap Inform Timeout seconds Qo Trap Inform Retry Times Bo
4. View Name The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Indicates the view type that this entry should belong to Possible view types are included An optional flag to indicate that this view subtree should be included View Type excluded An optional flag to indicate that this view subtree should be excluded General if a view entry s view type is excluded it should be exist another view entry which view type is included and it s OID subtree overstep the excluded view entry The OID defining the root of the subtree to add to the named view OID Subtree The allowed OID length is 1 to 128 The allowed string content is digital number or asterisk 4 1 7 6 SNMP Accesses Configure SNMPv3 accesses table on this page The entry index keys are Group Name Security Model and Security Level SNMPv3 Accesses Configuration Delete Group Name Security Model Security Level Read View Name Write View Name d default_ro_group any NoAuth NoPriv default_view default_rw_ group any NoAuth NoPriv default_view default view Add new access Check to delete the entry It will be deleted during the next save A string identifying the group name that this entry should belong to Group Name The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Indicates the security model that this entry should belong to Poss
5. 287 8605 Description Node The allowed string length is O to 255 and the allowed Contents are the ASCII characters from 32 to 126 The physical location of this node e g telephone closet 3rd System Location floor The allowed string length is O to 255 and the allowed contents are the ASCII characters from 32 to 126 The textual identification of the contact person for this managed node together with information on how to contact this person The allowed string length is O to 255 and the allowed contents are the ASCII characters from 32 to 126 System Contact Enter the name of contact person or organization Provide the time zone offset relative to UTC GMT Time Zone Offset The offset is given in minutes east of GMT The valid range is from 720 to 720 minutes Click to save changes Click to undo any changes made locally and revert to previously saved values 4 1 2 2 Admin amp Password This page allows you to configure the system password required to access the web pages or log in from CLI System Password Username Old Password fs New Password fs Contirm New Password fs Old Password Enter the current system password If this is incorrect the new password will not be set New Password The system password The allowed string length is O to 31 and the allowed contents are the ASCII characters from 32 to 126 Confirm password Re type the new password Click to save changes KUSA Telephon
6. Policer Unit is Policer Rate UN l l a kbps and it is restricted to 1 1000 when the Policer Unit is Mbps Configure the unit of measure for the port policer rate as kbps or Policer Unit Mbps The default value is kbps Shaper Enabled Enable or disable the port shaper The default value is Disabled Configure the rate for the port shaper The default value is 500 This value is restricted to 500 1000000 when the Policer Unit is Shaper Rate o l l o kbps and it is restricted to 1 1000 when the Policer Unit is Mbps Configure the unit of measure for the port shaper rate as kbps or Mbps The default value is kbps e KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Click to undo any changes made locally and revert to previously saved values KY 8617GCM_ User s Manual 4 1 4 3 Port Trunk 4 1 4 3 1 Trunk Configuration Aggregation Mode Configuration Hash Code Contributors Source MAC Address Destination MAC Address IP Address TCP UDP Port Number CN Source MAC Address The Source MAC address can be used to calculate the destination port for the frame Check to enable the use of the Source MAC address or uncheck to disable By default Source Destination MAC The Destination MAC Address can be used to calculate the Address destination port for the frame Check to ena
7. enable disable lt packet_rate gt KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 ACL Configuration lt port_list gt Action lt port_list gt permit deny lt rate_limiter gt lt port_copy gt lt logging gt lt shutdown gt Policy lt port_list gt lt policy gt Rate lt rate_limiter_list gt lt packet_rate gt Add lt ace_id gt lt ace_id_next gt switch port lt port gt policy lt policy gt lt vid gt lt tag_prio gt lt dmac_type gt etype lt etype gt lt smac gt lt dmac gt arp lt sip gt lt dip gt lt smac gt lt arp_opcode gt lt arp flags gt ip lt sip gt lt dip gt lt protocol gt lt ip_flags gt icmp lt sip gt lt dip gt lt icmp_type gt lt icmp_code gt lt ip_flags gt udp lt sip gt lt dip gt lt sport gt lt dport gt lt ip_flags gt tcp lt sip gt lt dip gt lt sport gt lt dport gt lt ip_flags gt lt tcp_flags gt permit deny lt rate_limiter gt lt port_copy gt lt logging gt lt shutdown gt Delete lt ace_id gt Lookup lt ace_id gt Mirror Port lt port gt disable Mode lt port_list gt enable disable rx tx Configuration lt port_list gt Config Save lt ip_server gt
8. Label to Insure a Match Subnet Mask 255 255 255 0 Default Gateway 192 168 1 254 User Name root Password root System Login 1 Launch the Internet Explorer 2 Type http and the IP address of the switch Press Enter File Edit View Favorites Tools Help Pid Q bak E x Z Eh search Fe Favorites E Av i A 13 Address http 192 168 1 77 bee Ed so Links 3 Thelogin screen appears 4 Key in the username and password The default username and password is admin 5 Click Enter or OK button then the main interface of the Web based management appears KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Connect to 192 168 10 1 ae index htm User name f admin X Password Remember my password c Information Message Name Description Location Industrial Managed All Gigabit PoE Switch 8 10 100 1000Base TX PoE with 4 Gigabit SFP Ports 1 3 6 1 4 1 868 2 120 0 5 68 1970 01 01 00 00 12 0000 Od 00 00 12 Kernel Version v7 10 Software Version v1 00 software Date 2011 08 17 10 39 17 0800 Auto refresh L Enable Location Alert Preparing for Web Management The default values are shown as the following IP Address 192 168 10 1 Subnet Mask 255 255 255 0 Default Gateway 192 168 10 254 User Name admin Password admin
9. PC via an RS 232 cable with DB 9 female connector DBD Male Shidd DB Female Signal Ground Received Line Signal Detect E mag ers Ring Indicztar E DTE Ready f 4 Trans mitted Data ap oe Clear to Send Transmitted Data Received Data 3 7 i Received Data Request to Send DTE Ready gnal Ground a i Received Line Signa Detect a DCE Ready 7 Clear to Send Be Request to Send 3 Ring Indicator o i Received by DTE Device aj Received by DCE Device i mico DIE Dace tie Transmitted from DCE Device 4 1 Configuration by Web Browser This section introduces the configuration by Web browser 4 1 1 About Web based Management An embedded HTML web site resides in flash memory on the CPU board It contains advanced management features and allows you to manage the switch from anywhere on the network through a standard web browser such as Microsoft Internet Explorer The Web Based Management function supports Internet Explorer 5 0 or later It is based on Java Applets with an aim to reduce network bandwidth consumption enhance access speed and present an easy viewing screen Note By default IE5 0 or later version does not allow Java Applets to open sockets You need to explicitly modify the browser setting in order to enable Java Applets to use network ports Preparing for Web Management The default values are defined below IP Address 192 168 1 77 Check Your Equipment
10. Port 2 1 VLAN Membership Configuration setting port amp VID 50 2 VLAN Port Configuration gt Enable Port 2 3 VLAN Aware 3 VLAN Port Configuration gt Mode none only tag 50 packet can enter egress port KY 8617GCM_ User s Manual 4 1 6 2 Private VLAN The Private VLAN membership configurations for the switch can be monitored and modified here Private VLANs can be added or deleted here Port members of each Private VLAN can be added or removed here Private VLANs are based on the source port mask and there are no connections to VLANs This means that VLAN IDs and Private VLAN IDs can be identical A port must be a member of both a VLAN and a Private VLAN to be able to forward packets By default all ports are VLAN unaware and members of VLAN 1 and Private VLAN 1 A VLAN unaware port can only be a member of one VLAN but it can be a member of multiple Private VLANs Private VLAN Membership Configuration Open in new window Port Members Delete PVLANID 1 2 3 4 5 6 7 8 9 1011 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 O 1 MH MM MA Ma A ME ME E ME Ea E E E ME MEM ME ME E ME ME MM MEM EM A M Y Add new Private VLAN A row of check boxes for each port is displayed for each private VLAN ID To include a port in a Private VLAN check the box To Port Members remove or exclude the port from the Private VLAN make sure the box is unchecked By default no ports are members and all boxes are unchecked
11. QCE up the list Moves the QCE down the list Deletes the QCE The lowest plus sign adds a new entry at the bottom of the list of QCL Modification Buttons 000000 4 1 8 3 Storm Control Storm control for the switch is configured on this page Storm Control Configuration Frame Type Status Rate pps Unicast Multicast F Broadcast C There is a unicast storm rate control multicast storm rate control and a broadcast storm rate control These only affect flooded frames i e frames with a VLAN ID DMAC pair not present on the MAC Address table The rate is 2 n where n is equal to or less than 15 or No Limit The unit of the rate can be either pps packets per second or kpps kilo packets per second The configuration indicates the permitted packet rate for unicast multicast or broadcast traffic across the switch Note Frames which are sent to the CPU of the switch are always limited to aproximately 4 kpps For example broadcasts in the management VLAN are limited to this rate The management VLAN is configured on the IP setup page p ele one J Y S18 pct e IVF Grisso Kint4e4 multicast or broadcast il S CO VWW RKUsAl TAA AS 4 OU O OVUU Web Site www Table or disable the storm control status for the given frame type The rate unit is packet per second pps configure the rate as 1 2 4 8 16 32 64 128 256 512 1K 2K 4K 8K 16K 32K 64K 128K 256K 512K or 1024K
12. ensure that the value is set correctly Indicates the authentication protocol that this entry should belong to Possible authentication protocols are None None authentication protocol MD5 An optional flag to indicate that this user using MD5 Authentication a authentication protocol SHA An optional flag to indicate that this user using SHA authentication protocol The value of security level cannot be modified if entry already exists That means must first ensure that the value is set correctly A string identifying the authentication pass phrase For MD5 authentication protocol the allowed string length is 8 to 32 For SHA Authentication authentication protocol the allowed string length is 8 to 40 The Password allowed content is the ASCII characters from 33 to 126 Indicates the privacy protocol that this entry should belong to Possible privacy protocols are Privacy Protocol None None privacy protocol DES An optional flag to indicate that this user using DES authentication protocol KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 A string identifying the privacy pass phrase The allowed string length Privacy Password is 8 to 32 and the allowed content is the ASCII characters from 33 to 126 KY 8617GCM_ User s Manual 4 1 7 4 SNMP Groups Configure SNMPv3 groups table on this page The entr
13. for all LACP instances LACP System Status Auto refresh LJ Rees Partner System ID No ports enabled or no existing partners Aggr ID The Aggregation ID associated with this aggregation instance For LLAG the id is shown as isid aggr id and for GLAGs as aggr id Partner System ID The system ID MAC address of the aggregation partner Partner Key The Key that the partner has assigned to this aggregation ID Last Changed The time since this aggregation changed Last Changed Shows which ports are a part of this aggregation for this Switch stack The format is Switch ID Port Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh L regular intervals KY 8617GCM_ User s Manual 4 1 4 3 4 LACP Status This page provides a status overview for LACP status for all ports LACP Status Auto refresh L Port LacP Mo No Mo No Mo No Mo Mo Mo Mo Mo No Description The switch port number Yes means that LACP is enabled and the port link is up No means that LACP is not enabled or that the port link is down Backup means that the port could not join the aggregation group but will join if other port leaves Meanwhile it s LACP status is Disabled Key The key assigned to this port Only ports with the same key can Aggregate together Aggr ID The Aggregation ID assigned to this aggregation group Partner System ID The partners Sys
14. frames that are longer than the configured maximum frame length for this port 4 1 12 7 Ping This page allows you to issue ICMP PING packets to troubleshoot IP connectivity issues ICMP Ping IP Address 0 0 0 0 Ping Size 64 Start After you press 5 ICMP packets are transmitted and the sequence number and roundtrip time are displayed upon reception of a reply The page refreshes automatically until responses to all packets are received or until a timeout occurs PING6 server 10 10 132 20 64 bytes from 10 10 132 20 icmp _seq 0 time 0ms 64 bytes from 10 10 132 20 icmp_seg 1 time 0ms 64 bytes from 10 10 132 20 icmp_seq 2 time 0ms 64 bytes from 10 10 132 20 icmp _seq 3 time 0ms 64 bytes from 10 10 132 20 icmp_seq 4 time 0ms Sent 5 packets received 5 OK 0 bad You can configure the following properties of the issued ICMP packets IP Address The destination IP Address The payload size of the ICMP packet Values range from 8 bytes to 1400 bytes KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 4 1 12 8 VeriPHY This page is used for running the VeriPHY Cable Diagnostics VeriPHY Cable Diagnostics Open in new window pea aw Port Pair A Length A Pair B Length B Pair C Length C Pair D Length D Press to run the diagnostics This will take appro
15. igured Frame Control 1 Down x x d Disabled 2 down Auto v x x O Disabled 3 Down x x d Disabled a Down x x O Disabled 5 Down Auto Y x x O Disabled 6 o Down x x Fi Disabled 7 1cfdx x x O Disabled 8 Down x x O Disabled E x x E 10 e Down Auto we x x d 11 Down x x O 12 e Down Auto v x x El KY 8617GCM_ User s Manual This is the logical port number for this row The current link state is displayed graphically Green indicates the Link link is up and red that it is down Current Link Speed Provides the current link speed of the port Select any available link speed for the given switch port Configured Link Auto Speed selects the highest speed that is compatible with a Speed link partner Disabled disables the switch port operation When Auto Speed is selected for a port this section indicates the flow control capability that is advertised to the link partner When a fixed speed setting is selected that is what is used The Current Rx column indicates whether pause frames on the port Flow Control are obeyed and the Current Tx column indicates whether pause frames on the port are transmitted The Rx and Tx settings are determined by the result of the last Auto Negotiation Check the configured column to use flow control This setting is related to the setting for Configured Link Speed including FCS The allowed range is 1518 bytes to 9600 bytes Configure port transmit collision behavior E
16. in control of the mode so that it cannot be changed by the user An example of such a module is the MAC Based Authentication under IEEE 802 1X Each port can do learning based upon the following settings MAC Table Learning Port Members Auto Secure O O KY 8617GCM_ User s Manual Learning is done automatically as soon as a frame with unknown SMAC is received Only static MAC entries are learned all other frames are dropped Note Make sure that the link used for managing the switch is added to the Static Mac Table before changing to secure learning mode otherwise the management link is lost and can only be restored by using another non secure port or by connecting to the switch via the serial interface Static MAC Table Configuration The static entries in the MAC table are shown in this table The static MAC table can contain 64 entries The maximum of 64 entries is for the whole stack and not per switch The MAC table is sorted first by VLAN ID and then by MAC address Checkmarks indicate which ports are members of the entry Port Members Check or uncheck as needed to modify the entry Click Add new static entry Adding a New Static to add a new entry to the Entry static MAC table Specify the VLAN ID MAC address and port members for the new entry Click Save 4 1 12 2 Mirroring Configure port MirrKUSAon this page To debug network problems selected traffic can be copied or mirrored to a
17. ingress port 1 VLAN Membership Configuration setting port amp VID 11 22 33 KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 KY 8617GCM_ User s Manual 2 VLAN Port Configuration gt Enable VLAN Aware 3 VLAN Port Configuration gt Mode specific D 1 1 when enterring packet is untagged frame added tag 11 When entering the tagged frame only VID 11 22 33 three kinds of packets can pass For egress port 1 VLAN Membership Configuration setting port VID 11 22 33 KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 2 VLAN Port Configuration gt Enable VLAN Aware 3 VLAN Port Configuration gt Mode none egress port can receive tag 11 22 33 packet In addition only tag 11packet can enter egress port KY 8617GCM_ User s Manual QinQ VLAN Setting ingress Port 1 gt egress Port 2 For ingress port Port 1 1 VLAN Membership Configuration setting port 1 2 3 amp VID 50 2 VLAN Port Configuration gt Disable Port 1 VLAN Aware KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email Web Site FAX 480 287 8605 3 VLAN Port Configuration gt Port 1 Mode specific D 50 For egress port
18. log entries starting from the first available entry ID KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 O D The ID gt 1 of the system log entry Updates the system log entries starting from the first available entry Ex Updates the system log entries ending at the last entry currently displayed Updates the system log entries starting from the last entry currently displayed Updates the system log entries ending at the last available entry ID KY 8617GCM_ User s Manual 4 1 12 5 Traffic Overview This page provides an overview of general traffic statistics for all switch ports Port The logical port for the settings contained in the same row Packets The number of received and transmitted packets per port The number of frames received in error and the number of incomplete transmissions per port The number of received frames filtered by the forwarding process The number of frames discarded due to ingress or egress congestion Check this box to enable an automatic refresh of the page at regular Auto refresh L intervals Updates the counters entries starting from the current entry ID Clear Flushes all counters entries 4 1 12 6 Detailed Statistics This page provides detailed traffic statistics for a specific switch port Use the port select box to select which switc
19. lt file_name gt o Load lt ip_server gt lt file_name gt check KY 8617GCM_ User s Manual SNMP Trap Inform Retry Times lt retries gt Trap Probe Security Engine ID enable disable Trap Security Engine ID lt engineid gt Trap Security Name lt security_name gt Engine ID lt engineid gt Community Add lt community gt lt ip_addr gt lt ip_mask gt Community Delete lt index gt Community Lookup lt index gt User Add lt engineid gt lt user_name gt MD5 SHA lt auth_password gt DES lt priv_password gt User Delete lt index gt User Changekey lt engineid gt lt user_name gt lt auth_password gt lt priv_password gt User Lookup lt index gt Group Add lt security_model gt lt security_name gt lt group_name gt Group Delete lt index gt Group Lookup lt index gt View Add lt view_name gt included excluded lt oid_subtree gt View Delete lt index gt View Lookup lt index gt Access Add lt group_name gt lt security_model gt lt security_level gt lt read_view_name gt lt write_view_name gt Access Delete lt index gt Access Lookup lt index gt Firmware Load lt ip_addr_string gt lt file_name gt Alarm PortLinkDown lt port_list gt enable disable Alarm PowerFailure pwr1 pwr2 pwr3 enable disable KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email Sal
20. minus sign The allowed string length is O to 255 The physical location of this node e g telephone closet 3rd System Location floor The allowed string length is O to 255 and the allowed content is the ASCII characters from 32 to 126 Enter the name of contact person or organization Provide the time zone offset relative to UTC GMT The offset is given in minutes east of GMT The valid range is from 720 to 720 minutes A Click to save changes Click to undo any changes made locally and revert to previously saved values Main interface System Contact Time zone Offset 4 1 2 Basic Setting 4 1 2 1 System Information The switch system information is provided here System Information Configuration m Description Industrial Managed All Gigabit PoE System Location System Contact System Information interface An administratively assigned name for this managed node By convention this is the node s fully qualified domain name a text string 0 to 255 characters drawn from the alphabet A Z a z digits 0 9 and the minus sign No space characters are permitted as part of a name The first character must be an alphabet and the first or last character must not be a minus sign The administratively assigned description for this managed System Name KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480
21. mirror port where a frame analyzer can be attached to analyze the frame flow The traffic to be copied to the mirror port is selected as follows All frames received on a given port also known as ingress or source mirroring All frames transmitted on a given port also known as egress or destination mirroring Port to mirror is also known as the mirror port Frames from ports that have either source rx KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 or destination tx mirrKUSAenabled are mirrored to this port Disabled disables mirroring KY 8617GCM_ User s Manual Mirror Configuration Port to mirror to Port Mode Disabled Disabled Disabled Disabled vw The logical port for the settings contained in the same row Port Select mirror mode Rx only Frames received at this port are mirrored to the mirror port Frames transmitted are not mirrored Tx only Frames transmitted from this port are mirrored to the mirror port Frames received are not mirrored Disabled Neither frames transmitted nor frames received are mirrored Enabled Frames received and frames transmitted are mirrored to the mirror port Note For a given port a frame is only transmitted once It is therefore not possible to mirror Tx frames for the mirror port Because of this mode for the selected mirror port is limited to Di
22. the selected stack switch unit switch can be monitored and modified here Up to 64 VLANSs are supported This page allows for adding and deleting VLANs as well as adding and deleting port members of each VLAN VLAN Membership Configuration Open in new window Port Members Delete VLAN ID 1 2 3 4 5 6 7 8 9 1011 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 O 1 MM MM ME E ME E E ME E E A E ME a E a E E a EA E a E E E M4 Add new VLAN Checkmarks indicate which ports are members of the entry Port Members Check or uncheck as needed to modify the entry l Add New VLAN Click to add a new VLAN ID An empty row is added to the table and the VLAN can be configured as needed Legal values for a VLAN ID are 1 through 4095 The VLAN is enabled on the selected stack switch unit when you Adding a New Static click on Save The VLAN is thereafter present on the other stack Entry switch units but with no port members A VLAN without any port members on any stack unit will be deleted when you click Save button can be used to undo the addition of new KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Example Port based VLAN Setting For ingress port 1 VLAN Membership Configuration setting port 1 amp VID 50 Private VLAN Membership Configuration Open in new window Port Members Delete PVLANID
23. ups Tre pesort GP groups Max are TB ge Trea WAN Show the Querier status is ACTIVE or IDLE V1 Reports l The number of Received V1 Reports Receive V2 Reports l l The number of Received V2 Reports Receive V3 Reports l l The number of Received V3 Reports Receive Leave Rece The number of Received V2 Leave Click to refresh the page immediately ee Clears all Statistics counters Check this box to enable an automatic refresh of the page at regular Auto refresh L intervals KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 4 1 10 Security 4 1 10 1 ACL Configure the ACL parameters ACE of each switch port These parameters will affect frames received on a port unless the frame matches a specific ACE ACL Ports Configuration Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled isabl bled isabled gled e Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Port The logical port for the settings contained in the same row Select the policy to apply to this port The allowed values are 1 Policy ID Through 8 The default value is 1 Select whether forwarding is permitted Permit or denied Deny The default value is Permit Select which rate limiter to apply
24. 000Base X Fiber port on SFP Reset button Push the button 3 seconds for reset 5 seconds for factory default LED for Ethernet ports Link 100M status LED for Ethernet ports Link 1000M status LED for SFP ports link status Front Panel LED Status LED for PW1 When the PWR1 links the green led will be light on LED for PW2 When the PWR2 links the green led will be light on LED for PW3 When the PWR3 links the green led will be light on LED for STA When the power module is in PWR UP state the green LED lights on LED for PWR This LED lights on when the DC power module is activated LED for R M Ring master When the LED lights on this switch is designated as the ring master of the Ring topology LED for Ring LED for DEF LED for Ping LED for Run When the led light on the e ring is activated System resets to default configuration System is processing PING request System is operating continuously LED for RMT System is accessed remotely LED for Fault Indicates unexpected event occurred 2 2 Rear Panel The rear panel of KY 8617GCM is shown below 1 Power Switch 2 Power input for AC 100V 240V 50 60Hz 3 Power input for DC 2 3 Rack Mount Kit Assembly You can find the rack mount kit and the screws in the packing box Please assemble the rack mount kit on the switch with screws as shown below KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 786
25. 1 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 2 4 Front Panel LEDs Color Status Description Green When the PWR1 links the green led will be light on Green O Whenthe PWR2 links the green led will be light on Green O When the PWR3 links the green led will be light on When the power module is in Green On PWR UP state the green LED lights on System resets to default Green Slowly blinking System is operating continuously DC power module activated ae When the led light on the Ponang e ring is activated Blinking System is accessed remotely Ring enabled a Ring has only One link lacks OER SON ASUS one link to build the ring Fast blinking Ring work normally Indicates unexpected event 10 100 1000Base T X Giga Ethernet ports ACT Blinking Data transmitted ACT Blinking Data transmitted Cables 3 1 Ethernet Cables The KY 8617GCM series switches have standard Ethernet ports According to the link type the switches use CAT 3 4 5 5e amp 6 UTP cables to connect to any other network device PCs servers switches routers or hubs Please refer to the following table for cable specifications Cable Types and Specifications 10BASE T CAT 3 4 5 100 ohm UTP 100 m 328 ft RJ 45 100BASE TX CAT 100 ohm UTP UTP 100 m 328 ft RJ 45 1000BASE TX CAT 5 5e 6 100 ohm UTP UTP 100 m 328 ft RJ 45 3 1 1 10 100 1000BASE T X Pin Assign
26. 1 2 3 4 5 6 7 8 9 1011 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 HO 1 M M M MH Mm MM ME M E MM E ME MEM ME MM EM MEM EM ME M EM M MH MM MM MM M M Add new Private VLAN Port Isolation Configuration Open in new window Port Number 1 7 3 4 5 6 7 8 9 10111713 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 aaa ala la lala a lala da lala ee eee eis la lalala la lala 2 VLAN Port 1 Configuration gt Disable VLAN Aware 3 VLAN Port 1 Configuration gt Mode specific ID 50 KY 8617GCM_ User s Manual For egress port 1 VLAN Membership Configuration setting port 2 amp VID 50 2 VLAN Port 2 Configuration gt don t care VLAN Aware 3 VLAN Port 2 Configuration gt Mode specific D 50 any packet can enter egress port KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 IEEE 802 10 Access port Settin 1 VLAN Membership Configuration setting port amp VID 50 2 VLAN Port Configuration gt Enable VLAN Aware 1 VLAN Port Configuration gt Mode specific D 50 1 VLAN Membership Configuration setting port amp VID 50 KY 8617GCM_ User s Manual 2 VLAN Port Configuration gt Disable VLAN Aware 3 VLAN Port Configuration gt Mode specific ID 50 untagged amp tag 50 packet can enter egress port IEEE 802 1Q Trunk port setting multi ta KY 8617GCM KY 8617GCM For
27. 228 MSTI Normal Ports Configuration Port Path Cost Priority 2 auto 128 y 3 ato HO sy a auto ov 128 5 ato v 28 6 auto M 28N Description The switch port number of the corresponding STP CIST and MSTI port KY 8617GCM_ User s Manual Controls the path cost incurred by the port The Auto setting will set the path cost as appropriate by the physical link speed using the IEEE 802 1D recommended values Using the Path Cost Specific setting a user defined value can be entered The path cost is used when establishing the active topology of the network Lower path cost ports are chosen as forwarding ports in favor of p Controls the port priority This can be used to control priority of riority Ports having identical port cost See above Click to save changes Reset s Click to undo any changes made locally and revert to previously Reset Saved values STP Bridges This page provides a status overview for all STP bridge instances The displayed table contains a row for each STP bridge instance where the column displays the following information STP Bridges Auto refresh H Root Topology Topology ea TE ID Port Cost Flag Change Last CIST 80 00 00 1E 94 96 00 3C 80 00 00 1E 94 96 00 3C O Steady e The Bridge Instance This is also a link to the STP Detailed Bridge Status Bridge ID The Bridge ID of this Bridge instance Root ID The Bridge ID of the cu
28. 40VAC with power cord dual 36 72VDC power Redundant Input power 100 240VAC with power cord inputs at 6 pin terminal block Power consumption Typ 30 Watts 30 Watts Overload current protection Present Physical Characteristic Enclosure 19 inches rack mountable Dimension W x D x H 431 W x 342 D x 44 H mm 431 W x 342 D x 44 H mm Weight g 4 3 Kg 4 5 Kg Environmental Storage Temperature 40 to 85 C 40 to 185 F Operating Temperature 40 to 80 C 40 to 176 F Operating Humidity 5 to 95 Non condensing Regulatory approvals EN61000 4 2 ESD EN61000 4 3 RS EN61000 4 4 EFT EMS EN61000 4 5 Surge EN61000 4 6 CS EN61000 4 8 EN61000 4 11 Warranty 5 years KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email Sales KUSAI1 co Web Site www KUSA1 co FAX 480 287 8605
29. 480 287 8605 1 2 Software Features e Fastest Redundant Ethernet Ring Recovery time lt 10ms over 300 units connection e Supports Ring Coupling Dual Homing and RSTP over Ring e Supports SNMPv1 v2 v3 amp RMON amp Port base IEEE 802 10 VLAN Network Management e Event notification by Email SNMP trap and Relay Output e Web based Telnet and Console CLI configuration e Enable disable ports MAC based port security e Port based network access control IEEE 802 1x e VLAN IEEE 802 1q to segregate and secure network traffic e RADIUS centralized password management e SNMPv3 encrypted authentication and access security e RSTP IEEE 802 1w e Cyber Secure Video Clean Code Technology e Quality of Service IEEE 802 1p for real time traffic e VLAN IEEE 802 1q with support for double tagging and GVRP e IGMP Snooping for multicast filtering e Port configuration status statistics mirroring and security e Remote Monitor KUSA RMON 1 3 Hardware Features e 3x redundant power inputs e Operating Temperature 40 to 80 C e Storage Temperature 40 to 85 C e Operating Humidity 5 to 95 non condensing e Casing IP 30 e 16x Combo ports with 10 100 1000Base T X and 100 1000 Base X SFP e 8x 100 1000Base X SFP ports e Console Port e Dimensions 431 W x 342 D x 44 H mm Hardware Overview 2 1 Front Panel The following table describes the labels that stick on the KY 8617GCM series 16 x 1000BaseX on
30. In order to cope with lost frames the timeout interval is divided into 3 subintervals of equal length If a reply is not received within the subinterval the request is transmitted again This algorithm causes the RADIUS server to be queried up to 3 times before it is considered to be dead The Dead Time which can be set to a number between O and 3600 seconds is the period during which the switch will not send new requests to a server that has failed to respond to a previous Dead Time request This will stop the switch from continually trying to contact a server that it has already determined as dead Setting the Dead Time to a value greater than 0 zero will enable this feature but only if more than one server has been configured KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 802 1X Statistics Port 1 Port 1 Y Auto refresh C Refresh J Clear clio ola oooococce KY 8617GCM_ User s Manual RADIUS Authentication Accounting Server Configuration The table has one row for each RADIUS Authentication Accounting Server and a number of columns which are The RADIUS Authentication Server number for which the configuration below applies Enabled Enable the RADIUS Authentication Server by checking this box IP Address Enable fallback to local authentication by checking this box If none of the
31. KUSA Cyber Secure Video Switch Network Security For The 21 Century UNIVERSAL MANUAL USERS MANUAL FOR KY 8617GCM KUSA KUSA CYBER SECURE VIDEO amp CLEAN CODE TECHNOLOGY 24 Port Managed Industrial Ethernet Traffic Switch 16 X 10 100 1000 RJ45 SFP Combo Ports amp 8 X 100 1000 Base X SFP Ports User s Manual Version 1 2 April 2012 KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 COPYRIGHT NOTICE Copyright O 2012 Kyland USA LLC All rights reserved No part of this publication may be reproduced in any form without the prior written consent of Kyland USA LLC TRADEMARKS KUSA is a registered trademark of Kyland USA LLC All other trademarks belong to their respective owners REGULATORY COMPLIANCE STATEMENT Product s associated with this publication complies comply with all applicable regulations Please refer to the Technical Specifications section for more details WARRANTY KUSA warrants that all KUSA products are free from defects in material and workmanship for a specified warranty period from the invoice date 5 years for most products KUSA will repair or replace products found by KUSA to be defective within this warranty period with shipment expenses apportioned by KUSA and the distributor This warranty does not cover product modifications or repairs done by persons oth
32. KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Adding a New Static Entry VLAN ID An empty row is added to the table and the private VLAN can be configured as needed The allowed range for a private VLAN ID is the same as the switch port number range Any values outside this range are not accepted and a warning message appears Click OK to discard the incorrect entry or click Cancel to return to the editing and make a correction The Private VLAN is enabled when you click Save button can be used to undo the addition of new Private VLANs KY 8617GCM_ User s Manual Port Isolation Configuration Open in new window Port Number 1 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 27345 67 8 9 ajala A check box is provided for each port of a private VLAN When checked port isolation is enabled for that port Port Members When unchecked port isolation is disabled for that port By default port isolation is disabled for all ports 4 1 7 SNMP 4 1 7 1 SNMP System SNMP System Configuration Mode Version Read Community Write Community ww EN Indicates the SNMP mode operation Possible modes are Enabled Enable SNMP mode operation Disabled Disable SNMP mode operation Indicates the SNMP supported version Possible versions are SNMP v1 Set SNMP supported version 1
33. SFP port combo amp 8 x 1000BaseX on SFP port Giga Ethernet 16 x 1000Base T combo Port Use RS 232 with DB9 connecter to manage switch KY 8617GCP RUN RMT DEF Ping R M STA PWR Ring 8 mb Console port DB9 10 100 1000Base Ethernet port 100 1000 Base X SFP Combo 100 1000Base X Fiber port on SFP Reset button Push the button 3 seconds for reset 5 seconds for factory default LED for Ethernet ports Link 100M status LED for Ethernet ports Link 1000M status LED for SFP ports link status Front Panel LED Status LED for STA When the power module is in PWR UP state the green LED lights on E E E S amp S PS LED for PWR This LED lights on when the power module is activated LED for R M Ring master When the LED lights on this switch is designated as the ring master of the Ring topology KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 LED for Ring LED for DEF LED for Ping LED for Run LED for RMT PW3RUNRMT Faull Pz DEF Ping R_M PWISTA PWR Ring mb eS eee a E 3 When the led light on the e ring is activated System resets to default configuration System is processing PING request System is operating continuously System is accessed remotely KY 8617GCM Console port DB9 10 100 1000Base Ethernet port 100 1000 Base X SFP Combo 100 1
34. System Login 1 Launch the Internet Explorer 2 Type http and the IP address of the switch Press Enter File Edit View Favorites Tools Help w Gpak E x 2 P search Sie Favorites 4 Av 3 A Address http 192 168 1 77 E Go Links gt The login screen appears 4 Key in the username and password The default username and password is admin 5 Click Enter or OK button Then the main interface of the Web based management appears System Information Configuration System Name System Description Industrial Managed All Gigabit PoE System Location System Contact System Timezone Offset minutes Login screen KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Main Interface The textual identification of the contact person for this managed node together with information on how to contact this person The allowed string length is O to 255 and the allowed content is the ASCII characters from 32 to 126 An administratively assigned name for this managed node By convention this is the node s fully qualified domain name A domain name is a text string drawn from the alphabet A Z a z System Name digits 0 9 minus sign No space characters are permitted as part of a name The first character must be an alpha character And the first or last character must not be a
35. The 1 kpps is actually 1002 1 pps 4 1 8 4 Wizard This handy wizard helps you set up a QCL quickly Welcome to the QCL Configuration Wizard Please select an action Set up IP Cam High Performance Increase IP Cam performance Set up Port Policies Group ports into several types according to different QCL policies Set up Typical Network Application Rules Set up the specific QCL for different typical network application quality control Set up ToS Precedence Mapping Set up the traffic class mapping to the precedence part of ToS 3 bits when receiving IPv4 TPv6 packets Set up VLAN Tag Priority Mapping Set up the traffic class mapping to the user priority value 3 bits when receiving VLAN tagged packets To continue click Next Set up Group ports into several types according to different QCL policies Port Policies Set up Typical Set up the specific QCL for different typical network application Network a quality control Application Rules Set up ToS Precedence Mapping Set up the traffic class mapping to the precedence part of ToS 3 bits when receiving IPv4 IPv6 packets Set up VLAN Tag Set up the traffic class mapping to the User Priority value 3 bits Priority Mapping when receiving VLAN tagged packets KY 8617GCM_ User s Manual 4 1 9 IGMP Snooping 4 1 9 1 IGMP Snooping This page provides IGMP Snooping related configuration IGMP Snooping Configuration Global Configuration Snoo
36. The time since the bridge port was last initialized Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh C Regular intervals KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 STP Statistics This page displays the RSTP port statistics counters for bridge ports in the currently selected switch STP Statistics Auto refresh L Refresh Port Transmitted Received Discarded MSTP RSTP SIP TCN MSTP RSTP STP TCN Unknown Illegal 24 1431 0 0 0 0 0 O 0 0 0 Port The switch port number of the logical RSTP port SSP The number of RSTP Configuration BPDU s received transmitted On the port STP The number of legacy STP Configuration BPDU s Received transmitted on the port TCN The number of legacy Topology Change Notification BPDU s Received transmitted on the port The number of unknown Spanning Tree BPDU s received and Discarded Unknown Discarded on the port The number of illegal Spanning Tree BPDU s received and Discarded Illegal Discarded on the port Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh L regular intervals KY 8617GCM_ User s Manual 4 1 6 VLAN 4 1 6 1 VLAN Membership Configuration The VLAN membership configuration for
37. The two links work as active backup mode and they connect each Ring to the normal switches in RSTP mode Apply Click Apply to set the configurations Note We don t suggest you to set one switch as a Ring Master and a Coupling Ring at the same time due to heavy load 4 1 5 2 MSTP Bridge Settings This page allows you to configure RSTP system settings The settings are used by all RSTP Bridge instances in the Switch Stack STP Bridge Configuration Basic Settings Protocol Version MSTP v Forward Delay 115 Max Age 20 Maximum Hop Count 20 Transmit Hold Count 6 The STP protocol version setting Valid values are STP RSTP Protocol Version and MSTP The delay used by STP Bridges to transition Root and Designated Forward Delay l l l l Ports to Forwarding used in STP compatible mode Valid values KY 8617GCM_ User s Manual AN are in the range 4 to 30 seconds The maximum age of the information transmitted by the Bridge when it is the Root Bridge Valid values are in the range 6 to 40 Seconds and MaxAge must be lt FwdDelay 1 2 This defines the initial value of remaining Hops for MSTI information generated at the boundary of an MSTI region It Maximum Hop Count defines how many bridges a root bridge can distribute its BPDU information Valid values are in the range 4 to 30 seconds and MaxAge must be lt FwdDelay 1 2 The number of BPDU s a bridge port can send per second When T
38. _string gt lt ping_length gt SNTP lt ip_addr_string gt Auth Configuration Timeout lt timeout gt Deadtime lt dead_time gt RADIUS lt server_index gt enable disable lt ip_addr_string gt lt secret gt lt server_port gt ACCT_RADIUS lt server_index gt enable disable lt ip_addr_string gt lt secret gt lt server_port gt Client console telnet ssh web none local radius enable disable Statistics lt server_index gt Port VeriPHY lt port_list gt Aggr Add lt port_list gt lt aggr_id gt Delete lt aggr_id gt Lookup lt aggr_id gt KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 l Mode smac dmac ip port enable disable KY 8617GCM_ User s Manual LACP Configuration lt port_list gt Mode lt port_list gt enable disable Key lt port_list gt lt key gt Role lt port_list gt active passive Status lt port_list gt Statistics lt port_list gt clear KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 STP Version lt stp_version gt Non certified release v Txhold lt holdcount gt It 15 15 15 Dec 6 2007 MaxAge lt max_age gt FwdDelay lt delay gt
39. a particular method The switch simply encapsulates the EAP part of the frame into the relevant type EAPOL or RADIUS and forwards it When authentication is complete the RADIUS server sends a special packet containing a success or failure indication Besides forwarding this decision to the supplicant the switch uses it to open up or block traffic on the switch port connected to the supplicant Note Suppose two backend servers are enabled and that the server timeout is configured to X seconds using the Authentication configuration page and suppose that the first server in the list is currently down but not considered dead Now if the supplicant retransmits EAPOL Start frames at a rate faster than X seconds then it will never get authenticated because the switch will cancel on going backend authentication server requests whenever it receives a new EAPOL Start frame from the supplicant And since the server hasn t yet failed because the X seconds haven t expired the same server will be contacted upon the next backend authentication server request from the switch This scenario will loop forever Therefore the server timeout should be smaller than the supplicant s EAPOL Start frame retransmission rate Overview of MAC Based Authentication Unlike 802 1X MAC based authentication is not a standard but merely a best practices method adopted by the industry In MAC based authentication users are called clients and the switch acts as the supp
40. apped to one MSTI A unused MSTI should just be left empty l e not having any VLANs mapped to it Click to save changes Click to undo any changes made locally and revert to previously Saved values MSTI Priorities This page allows the user to inspect the current STP MSTI bridge instance priority configurations and possibly change them as well KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 MSTI Configuration MSTI Priority Configuration CIST MST1 MST2 MST3 MST4 MSTS MST6 MST7 KY 8617GCM_ User s Manual NSTI The bridge instance The CIST is the default instance which is always active Controls the bridge priority Lower numerical values have better Priorit priority The bridge priority plus the MSTI instance number riori J concatenated with the 6 byte MAC address of the switch forms a Bridge Identifier Click to save changes Click to undo any changes made locally and revert to previously saved values CIST Ports This page allows the user to inspect the current STP CIST port configurations and possibly change them as well This page contains settings for physical and aggregated ports The aggregation settings are stack global STP CIST Ports Configuration CIST Aggregated Ports Configuration STP ee Admi Restricted Point to arte Path Cost Priority ee ai
41. ble the use of the Destination MAC Address or uncheck to disable By default Destination MAC Address is disabled IP Address The IP address can be used to calculate the destination port for the frame Check to enable the use of the IP Address or uncheck to disable By default IP Address is enabled TCP UDP Port The TCP UDP port number can be used to calculate the Number destination port for the frame Check to enable the use of the TCP UDP Port Number or uncheck to disable By default KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Aggregation Group Configuration Open in new window Toy Port Members GroupID 1 2 3 4 5 6 7 8 9 10 11 12 Normal 000000 OO0OODOCOODOODOO ODOOOODOD OO oo0o000 Indicates the group ID for the settings contained in the same row Group ID Normal indicates there is no aggregation Only one Group ID is valid per port Port Members Each switch port is listed for each group ID Select a radio button to include a port in an aggregation or clear the radio button to remove the port from the aggregation By default no ports belong to any aggregation group Only full duplex ports can join an Aggregation and ports must be in the same speed in each group KY 8617GCM_ User s Manual 4 1 4 3 2 LACP Port Configuration This page allows the user to inspect the current LACP port configu
42. bpduFilter enable disable bpduGuard enable disable recovery lt timeout gt CName lt config name gt lt integer gt Status lt msti gt lt port_list gt Msti Priority lt msti gt lt priority gt Msti Map lt msti gt clear Msti Add lt msti gt lt vid gt Port Configuration lt port_list gt Port Mode lt port_list gt enable disable Port Edge lt port_list gt enable disable Port AutoEdge lt port_list gt enable disable Port P2P lt port_list gt enable disable auto Port RestrictedRole lt port_list gt enable disable Port Restricted Ten lt port_list gt enable disable Port bpduGuard lt port_list gt enable disable Port Statistics lt port_list gt Port Mcheck lt port_list gt Msti Port Configuration lt msti gt lt port_list gt Msti Port Cost lt msti gt lt port_list gt lt path_cost gt Msti Port Priority lt msti gt lt port_list gt lt priority gt KY 8617GCM_ User s Manual Dot1x Configuration lt port_list gt Statistics lt port_list gt clear eapol radius Clients lt port_list gt all lt client_cnt gt Agetime lt age_time gt Timeout lt eapol_timeout gt Holdtime lt hold_time gt IGMP LLDP Configuration lt port_list gt Mode lt port_list gt enable disable rx tx Optional_ TLV lt port_list gt port_descr sys name sys_descr sys_capa mgmt_addr
43. configured authentication servers are alive the local user database is used for authentication This is only possible if the Authentication Method is set to something else than none or local The UDP port to use on the RADIUS Authentication Server If the port is set to O zero the default port 1812 is used on the RADIUS Authentication Server The secret up to 29 characters long shared between the e AS 4 1 11 Warning for KY 8617GCM 4 1 11 1 Fault Alarm When any selected fault event is happened the Fault LED in switch panel will light up and the electric relay will signal at the same time KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Fault Alarm Power Failure LIPWR 1 LIPWR 2 Port Link Down Broken J 3 4 J b Fi z g e k E S N S fije S N S S fe H PJ The following table describes the labels in this screen Power Failure Mark the blank of PWR 1 or PWR 2 to monitor Port Link Down Broken Mark the blank of port 1 to port 8 to monitor Apply Click Apply to set the configurations Show help file 4 1 11 2 System Warning The SYSLOG is a protocol to transmit event notification messages across networks Please refer to RFC 3164 The BSD SYSLOG Protocol Syslog Server iP addres The following table describes the labels in this screen KY 8617GCM_ User s Ma
44. d revert to previously saved values Click to renew DHCP This button is only available if DHCP is Enabled 4 1 2 4 HTTPS Indicates the HTTPS mode operation Possible modes are Enabled Enable HTTPS mode operation Disabled Disable HTTPS mode operation Indicates the HTTPS redirect mode operation Automatic redirect web browser to HIT TPS during HTTPS mode enabled Possible Automatic Redirect modes are Enabled Enable HTTPS redirect mode operation Disabled Disable HT TPS redirect mode operation Click to undo any changes made locally and revert to previously saved values 4 1 2 5 SSH SSH Configuration mode Disabled 7 Reset Indicates the SSH mode operation Possible modes are Enabled Enable SSH mode operation Disabled Disable SSH mode operation Click to save changes KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Click to undo any changes made locally and revert to previously saved values 4 1 2 6 LLDP LLDP Parameters This page allows the user to inspect and configure the current LLDP port settings The switch is periodically transmitting LLDP frames to its neighbors for having the network discovery information Tx Interval up to date The interval between each LLDP frame is determined by the TX Interval value Valid values are restricted to 5 32768 S
45. during the next save KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 An octet string identifying the engine ID that this entry should belong to The string must contain an even number between 10 and 64 hexadecimal digits but all zeros and all F s are not allowed The SNMPv3 architecture uses the User based Security Model USM for message security and the View based Access Control Model VACM for access control For the USM entry the usmUserEnginelD and usmUserName are the entry s keys In a simple agent usmUserEnginelD is always that agent s own snmpEnginelD value KY 8617GCM_ User s Manual The value can also take the value of the snmpEnginelD of a remote SNMP engine with which this user can communicate In othe words if user engine ID equal system engine ID then it is local user otherwize it s remote user A string identifying the user name that this entry should belong to The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Indicates the security model that this entry should belong to Possible security models are NoAuth NoPriv None authentication and none privacy Security Level Auth NoPriv Authentication and none privacy Auth Priv Authentication and privacy The value of security level cannot be modified if entry already exists That means must first
46. e 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 4 1 2 3 IP Address Setting Configure the switch managed IP information on this page IP Configuration Configured Current 192 168 10 1 192 168 10 1 255 255 255 255 255 255 0 SNTP Se DHCP Client Enable the DHCP client by checking this box If DHCP fails and the configured IP address is zero DHCP will retry If DHCP fails and the configured IP address is non zero DHCP will stop and the configured IP settings will be used The DHCP client will announce the configured System Name as hostname to provide DNS lookup IP Address Assign the IP address that the network is using If DHCP client function is enabling you do not need to assign the IP address The network DHCP server will assign the IP address for the switch and it will be display in this column The default IP is 192 168 10 1 Assign the subnet mask of the IP address If DHCP client function O is enabling you do not need to assign the subnet mask IP Router Assign the network gateway for the switch The default gateway is 192 168 10 254 VLAN ID Provide the managed VLAN ID The allowed range is 1 through SNTP Server SNTP is an acronym for Simple Network Time Protocol a network protocol for synchronizing the clocks of computer systems SNTP uses UDP datagrams as transport layer Click to undo any changes made locally an
47. econds Port The switch port number of the logical LLDP port Mode Enable or disable LLDP LLDP Neighbor Information This page provides a status overview for all LLDP neighbors The displayed table contains a row for each port on which an LLDP neighbor is detected The columns hold the following information KY 8617GCM_ User s Manual Local Port The port on which the LLDP frame was received The Chassis ID is the identification of the neighbor s LLDP Chassis ID Frames Remote Port ID The Remote Port ID is the identification of the neighbor port System Name System Name is the name advertised by the neighbor unit Port Description is the port description advertised by the neighbor Port Description ei nit System Capabilities describes the neighbor unit s capabilities The possible capabilities are 1 Other Repeater Bridge WLAN Access Point System Capabilities Router Telephone DOCSIS cable device Station only OMoON DODO KR WO D Reserved When a capability is enabled the capability is followed by If the capability is disabled the capability is followed by Management Address is the neighbor unit s address that is used Management for higher layer entities to assist the discovery by the network Address management This could for instance hold the neighbor s IP Address Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refres
48. edge ports having Open Edge true than for other ports Controls whether the Open Edge flag should start as being set or Admin Edge o OS cleared The initial Open Edge state when a port is initialized Controls whether the bridge should enable automatic Auto Edge edge detection on the bridge port This allows Open Edge to be derived If enabled causes the port not to be selected as Root Port for the CIST or any MSTI even if it has the best spanning tree priority vector Such a port will be selected as an Alternate Port after the Root Port has been selected If set it can cause lack of spanning Restricted Role tree connectivity It can be set by a network administrator to prevent bridges external to a core region of the network influencing the spanning tree active topology possibly because those bridges are not under the full control of the administrator This feature is also known as Root Guard If enabled causes the port not to propagate received topology change notifications and topology changes to other ports If set it can cause temporary loss of connectivity after changes in a Spanning trees active topology as a result of persistent incorrectly learned station location information It is set by a network Restricted TCN o l administrator to prevent bridges external to a core region of the network causing address flushing in that region possibly because those bridges are not under the full control of the administrator
49. elp e 3 aD D termnial Enter details for the phone number that you want to dial Country region Taiwan 886 Area code 2 Phone number Connect using MA hl Cancel Disconnected Auto detect Auto detect SCROLL CAPS NUM Capture Print echo Z KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SalesWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Step 4 The COM port properties setting 115200 for Bits per second 8 for Data bits None for Parity 1 for Stop bits and none for Flow control 10 x Saa ils COM Properties Port Settings Bits per second 115200 Data bits Je Parity None Stop bits fi Flow control None Restore Defaults OF Cancel Apply Disconnected Auto detect Auto detect SCROLL Caps NUM Capture Print echo E Step 4 The Console login screen will appear Use the keyboard to enter the Username and Password The same with the password for Web Browser then press Enter CLI Management by Telnet Users can use TELNET to configure the switches The default values are shown as the following IP Address 192 168 10 1 KY 8617GCM_ User s Manual Subnet Mask 255 255 255 0 Default Gateway 192 168 10 254 User Name root Password root Console Access via Telnet Step 1 Telnet to the IP address of the switch from the Windows Run command or fro
50. enable disable Interval lt interval gt KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSAI1 co FAX 480 287 8605 MAC Configuration lt port_list gt Add lt mac_addr gt lt port_list gt lt vid gt Statistics lt port_list gt Flush VLAN PVLAN Configuration lt port_list gt Add lt pvlan_id gt lt port_list gt Lookup lt pvlan_id gt Delete lt pvlan_id gt Isolate lt port_list gt enable disable KY 8617GCM_ User s Manual QoS Configuration lt port_list gt Classes lt class gt Default lt port_list gt lt class gt Tagprio lt port_list gt lt tag_prio gt QCL Port lt port_list gt lt qcl_id gt QCL Add lt qcl_id gt lt qce_id gt lt qce_id_next gt etype lt etype gt vid lt vid gt port lt udp_tcp_port gt tos lt tos_list gt dscp lt dscp gt tag_prio lt tag_prio_list gt lt class gt QCL Lookup lt qcl_id gt lt qce_id gt Mode lt port_list gt strict weighted Weight lt port_list gt lt class gt lt weight gt Rate Limiter lt port_list gt enable disable lt bit_rate gt Shaper lt port_list gt enable disable lt bit_rate gt Storm Unicast enable disable lt packet_rate gt Storm Multicast enable disable lt packet_rate gt Storm Broadcast
51. er than KUSA approved personnel and this warranty does not apply to KUSA products that are misused abused improperly installed or damaged by accidents Please refer to the Technical Specifications section for the actual warranty period s of the product s associated with this publication DISCLAIMER Information in this publication is intended to be accurate KUSA shall not be responsible for its use or infringements on third parties as a result of its use There may occasionally be unintentional errors on this publication KUSA reserves the right to revise the contents of this publication without notice CONTACT INFORMATION Kyland USA LLC 1107 SE Willow Pl Blue Springs MO 64014 5248 Telephone 219 595 2631 816 988 7861 Fax 480 287 8605 Website www kusa1 co Technical Support E mail sales kusa1 co Sales Contact E mail sales kusa1 co KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Table of Contents Getting t KNOW Your SWItOI ia eats 5 1 1 About the KY 8617GCM Series Industrial Switch oo ooooonnccccccccnnoccconcnnnnnnnnonnncnnnnnos 5 1 2 SOlWale ES als AI EAS 6 1 3 Hardware re AICS cuidada caldeado idad 6 Hardware OVElVIGW sissies ce sieciessszicc bess a ia E 7 2 1 OO 7 2 2 Rear Padrino ica ld 9 2 3 Rack Mount Kit Assembly a A ia 9 2 4 Front Fanal LEDS rana ada 10 Calend 11 3 1 E
52. ersS sra aiii 57 4 1 7 4 OINIMIPSGQUDS simeiriirin ri 59 4 1 7 5 Ls A E PO sen caicl rete cern A 59 AO NVI ACCOSSO arar acer ro iia 60 4 1 8 Traffic Prioritization sc tii 62 4 1 8 1 Port QOS Configuration cccccococcncccnnccccnononcnonnnnnnnoncnnnonononennnnnnononnnennnnnnonanes 62 4 1 8 2 QOS CONTO Sanar aE AEE in 63 Alda OMIA OMRON dci 64 A A A 65 A19 Es A e e Im i UCR 66 4 1 9 1 IGMP SNOODPINO innata iaistea 66 A4T92 IGMP Snooping Stalis asetasin asa 67 4 1 10 A 68 O O o e 68 ATO JEEE a 69 4 1 11 Warning Tor RGS 7 16SGC P By caci iii 71 ATIL Faut o PP AA 71 4 1 11 2 System WAI irritan 72 4 1 12 Monitor and DIAQMOSIES escarnio ion ita 73 Alias MAC TODE ita 73 Aldaz WINS Ata tion actas 74 4 1 12 3 System Log Information ooocccncccccncnncccoccnncccnnncnnonnnncncnnanennnononnnennnnananonoss 75 4 1 1124 Detailed LOQ serna ee 76 Alte PANC OVVIE Wes diiniita 78 4 1 12 6 Detailed Statistics vasinciiionecionsaisreicicial cis 78 Aer PI e a a E E E E E 80 KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email Sales KUSA1 co Web Site www KUSA1 co FAX 480 287 8605 4 1 128 VeriPHY alte E PE 81 4 1 13 FACO DE UI a PA A 82 4 1 14 System FCO aac etcecncwetteuscpocier cece innin aieiaiei EE AE Ea TAAS 82 Command Line Interface Manageme nt sccceeececssessneeeeeeeesnseeeeseceeesseeeescoenseneneeseons 83 5 1 About CLI ManageMent cccoooccnnncnncccnnccnnocon
53. eswWKUSA1 co Web Site www KUSAI1 co FAX 480 287 8605 Technical Specifications MEL Mode wrom D__ Physical Ports Gigabit Combo port with 10 100 1000Base T X and 100 1000Base X SFP ports Technology IEEE 802 3 for 10Base T IEEE 802 3u for 100Base TX and 100Base FX IEEE 802 3ab for 1000Base T IEEE 802 z for 1000Base X IEEE 802 3x for Flow control IEEE 802 3ad for LACP Link Aggregation Control Protocol IEEE 802 1p for COS Class of Service Ethernet Standards IEEE 802 1Q for VLAN Tagging IEEE 802 1D for STP Spanning Tree Protocol IEEE 802 1w for RSTP Rapid Spanning Tree Protocol IEEE 802 1s for MSTP Multiple Spanning Tree Protocol IEEE 802 1x for Authentication IEEE 802 1AB for LLDP Link Layer Discovery Protocol Switching latency 6 us Switching bandwidth 96 Gbps Switch Properties Max Number of Available VLANs 256 IGMP multicast groups 128 for each VLAN Port rate limiting User Defined IP Police security feature Cyber Secure Video CSV Enable disable ports MAC based port security Port based network access control 802 1x Security Features VLAN 802 1Q to segregate and secure network traffic Radius centralized password management SNMPv3 encrypted authentication and access security Clean Code Technology STP RSTP MSTP IEEE 802 1D w s Redundant Ring E ring with recovery time less than 10ms over 300 units TOS Diffserv suppo
54. f the firmware controlling the stack 4 1 3 DHCP Server 4 1 3 1 Setting The system provides with DHCP server function Enable the DHCP server function the switch system will be a DHCP server DHCP Server Configuration Enabled Start IP Address 192 168 1 100 End IP Address 192 166 1 200 Lease Time sec TFTP Server Boot File Name KY 8617GCM_ User s Manual 4 1 3 2 DHCP Dynamic Client List When the DHCP server function is activated the system will collect the DHCP client information and display in here DHCP Server Configuration Enabled Start IP Address 192 168 171 100 End IP Address 192 168 171 200 Select Clear All Add to static Table 4 1 3 3 DHCP Client List You can assign the specific IP address which is in the assigned dynamic IP range to the specific port When the device is connecting to the port and asks for dynamic IP assigning the system will assign the IP address that has been assigned before in the connected device DHCP Client List 4 1 4 Port Setting KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 4 1 4 1 Port Control This page displays current port configurations Ports can also be configured here Port Configuration Refresh Auto Detect 100 1000 SFP Enabled v Flow Control Maximum Power Port Link pra Configured Current Rx Conti i Configured
55. figured on the Authentication configuration page MAC based authentication allows for authentication of more than one user on the same port and doesn t require the user to have special 802 1X software installed on his system The switch uses the user s MAC address to authenticate against the backend server Intruders can create counterfeit MAC addresses which makes MAC based authentication less secure than 802 1 X authentications Overview of 802 1X Port Based Authentication In the 802 1X world the user is called the supplicant the switch is the authenticator and the RADIUS server is the authentication server The switch acts as the man in the middle forwarding requests and responses between the supplicant and the authentication server Frames sent between the supplicant and the switches are special 802 1X frames Known as EAPOL EAP Over LANs frames EAPOL frames encapsulate EAP PDUs RFC3748 Frames sent between the switch and the RADIUS servers are RADIUS packets RADIUS packets also encapsulate EAP PDUs together with other attributes like the switch s IP address name and the supplicant s port number on the switch EAP is very flexible in that it allows for different authentication methods like MD5 Challenge PEAP and TLS The important thing is that the authenticator the switch doesn t need to know which authentication method the supplicant and the authentication server are using or how many information exchange frames are needed for
56. frames to a specific QoS class This classification can be based on parameters such as VLAN ID UDP TCP port IPv4 IPv6 DSCP or Tag Priority Frames not matching any of the QCEs are classified to the default QoS class for the port Qos Control List Configuration Ethernet Type Oxffff A check box is provided for each port of a private VLAN When checked port isolation is enabled for that port When unchecked port isolation is disabled for that port By default port isolation is disabled for all ports Configure the default QoS class for the port that is the QoS class Default Class l for frames not matching any of the QCEs in the QCL QCL Select which QCL to use for the port Select the default tag priority for this port when adding a Tag to Tag Priority the untagged frames Queuing Mode Select which Queuing mode for this port Setting Queue weighted Low Normal Medium High if the Queue Weighted Queuing Mode is Weighted KY 8617GCM_ User s Manual 4 1 8 2 QoS Control List This page lists the QCEs for a given QCL Frames can be classified by 4 different QoS classes Low Normal Medium and High The classification is controlled by a QoS assigned to each port A QCL consists of an ordered list of up to 12 QCEs Each QCE can be used to classify certain frames to a specific QoS class This classification can be based on parameters such as VLAN ID UDP TCP port IPv4 IPv6 DSCP or Tag Priority Frames n
57. h _ Regular intervals LLDP Statistics This page provides an overview of all LLDP traffic Two types of counters are shown Global counters are counters that refer to the whole stack switch while local counters refer to counters for the currently selected switch KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Global Counters Neighbor entries Shows the time for when the last entry was last deleted or added were last changed at It is also shows the time elapsed since last change was detected Entries Added Total Neighbors Shows the number of new entries deleted since switch reboot Entries Deleted Total Neighbors Shows the number of LLDP frames dropped due to that the entry Total Neighbors Shows the number of new entries added since switch reboot Entries Dropped Table was full Total Neighbors Shows the number of entries deleted due to Time To Live Entries Aged Out Expiring Local Counters axrremes The number ot LLDP trames received on tepon O maemo The number of received LLDP frames containing some kind of Error If an LLDP frame is received on a port and the switch s internal table has run full the LLDP frame is counted and discarded This situation is known as Too Many Neighbors in the LLDP standard LLDP frames require a new entry in the table Frames Discarded when the Chass
58. h port details to display The displayed counters are the totals for receive and transmit the size counters for receive and transmit and the error counters for receive and transmit KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Detailed Statistics Receive amp Transmit Total Rx and Tx Packets The number of received and transmitted good and bad packets The number of received and transmitted good and bad bytes Rx and Tx Octets Includes FCS but excludes framing bits The number of received and transmitted good and bad unicast Rx and Tx Unicast packets Rx and Tx The number of received and transmitted good and bad multicast Multicast packets Rx and Tx The number of received and transmitted good and bad broadcast Broadcast packets A count of the MAC Control frames received or transmitted on this Rx and Tx Pause SEON port that have an opcode indicating a PAUSE operation The number of frames dropped due to lack of receive buffers or Rx Drops egress congestion Rx The number of frames received with CRC or alignment errors CRC Alignment KY 8617GCM_ User s Manual The number of frames dropped due to output buffer congestion Tx Late Exc Coll The number of frames dropped due to excessive or late collisions Short frames are frames that are smaller than 64 bytes Long frames are
59. ible security models are Security Model any Accepted any security model v1 v2c usm v1 Reserved for SNMPv1 KY 8617GCM_ User s Manual v2c Reserved for SNMPv2c usm User based Security Model USM Indicates the security model that this entry should belong to Possible security models are Security Level NoAuth NoPriv None authentication and none privacy Auth NoPriv Authentication and none privacy Auth Priv Authentication and privacy The name of the MIB views defining the MIB objects for which this request may request the current values The allowed string Read View Name length is 1 to 32 and the allowed content is the ASCII characters from 33 to The name of the MIB views defining the MIB objects for which this request may potentially SET new values The allowed string Write View Name length is 1 to 32 and the allowed content is the ASCII characters from 33 to KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 4 1 8 Traffic Prioritization 4 1 8 1 Port QoS Configuration This page allows you to configure QoS settings for each port Frames can be classified by 4 different QoS classes Low Normal Medium and High The classification is controlled by a QCL that is assigned to each port A QCL consists of an ordered list of up to 12 QCEs Each QCE can be used to classify certain
60. is ID or Remote Port ID is not already contained within the table Entries are removed from the table when a given port links down an LLDP shutdown frame is received or when the entry KY 8617GCM_ User s Manual Each LLDP frame can contain multiple pieces of information TLVs Discarded known as TLVs TLV is short for Type Length Value If a TLV is Malformed it is counted and discarded The number of well formed TLVs but with an unknown type TLVs Unrecognized dal alue Org Discarded The number of organizationally TLVs received Each LLDP frame contains information about how long time the LLDP information is valid age out time If no new LLDP frame is Age Outs o o received within the age out time the LLDP information is Removed and the Age Out counter is Click to refresh the page immediately Clears the local counters All counters including global counters Are cleared upon reboot Check this box to enable an automatic refresh of the page at Auto refresh C Regular intervals KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 4 1 2 7 Backup Restore Configuration You can save view or load the switch configuration The configuration file is in XML format with a hierarchy of tags Configuration Save Configuration Upload 4 1 2 8 Firmware Update This page facilitates an update o
61. licant on behalf of clients The initial frame any kind of frame sent by a client is snooped by the switch which in turn uses the client s MAC address as both username and password in the subsequent EAP exchange with the RADIUS server The 6 byte MAC address is converted to a string on the following form xx xx xx xx xx xx that is a dash is used as separator between the lower cased hexadecimal digits The switch only supports the MD5 Challenge authentication method so the RADIUS server must be configured accordingly When authentication is complete the RADIUS server sends a success or failure indication which in turn causes the switch to open up or block traffic for that particular client using static entries into the MAC Table Only then will frames from the client be forwarded on the switch There are no EAPOL frames KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 involved in this authentication and therefore MAC based Authentication has nothing to do with the 802 1X standard The advantage of MAC based authentication over 802 1X is that several clients can be connected to the same port e g through a 3rd party switch or a hub and still require individual authentication and that the clients don t need special supplicant software to authenticate The disadvantage is that MAC addresses can be spoofed by malicious users eq
62. m the MS DOS prompt as below Step 2 The Login screen will appear Use the keyboard to enter the Username and Password The same with the password for Web Browser and then press Enter KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Commander Groups System settings and reset options Syslog Server Configuration IP configuration and Ping Authentication Port management Link Aggregation Link Aggregation Control Protocol Spanning Tree Protocol IEEE 882 1 port authentication Internet Group Management Protocol snooping Link Layer Discovery Protocol MAG address table Virtual LAN Private WLAN Quality of Service Access Control List Port mirroring Loadr Save of configuration via TFIFP Simple Network Management Protocol Download of firmware via TFTP Fault Alarm Configuration System Reboot Restore Default keep_ ip Contact lt contact gt Name lt name gt Location lt location gt System gt Description lt description gt Password lt password gt Username lt username gt Timezone lt offset gt Log lt log_id gt all info warning error clear Syslog Syslog gt ServerConfiguration lt ip_addr gt IP KY 8617GCM_ User s Manual DHCP enable disable Setup lt ip_addr gt lt ip_mask gt lt ip_router gt lt vid gt Ping lt ip_addr
63. ments With 100BASE TX 10BASE T cable pins 1 and 2 are used for transmitting data and pins 3 and 6 are used for receiving data 10 100 Base T RJ 45 Pin Assignments RD KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 1000 Base T RJ 45 Pin Assignments The KY 8617GCM Series switches support auto MDI MDI X operation You can use a straight through cable to connect a PC to the switch The following table below shows the 10BASE T 100BASE TX MDI and MDI X port pin outs 10 100 Base T MDI MDI X pin assignments mopon woon TD TO wanen 1000 Base T MDI MDI X pin assignments Bl_DA BI_DC Note and signs represent the polarity of the wires that make up each wire pair KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 3 2 SFP The Switch has fiber optical ports with SFP connectors The fiber optical ports are in multi mode 0 to 550 m 850 nm with 50 125 um 62 5 125 um fiber and single mode with LC connector Please remember that the TX port of Switch A should be connected to the RX port of Switch B S rah Z Ye gt SS ES a Say Fey P w EN 2 3 3 Console Cable Each KY 8617GCM Series switch can be managed by its console port You can connect them to
64. merald 11 3 1 1 10 100 1000BASE T X Pin Assignments ccccccccccnnnnnnnnnnnnnnononnnnnnnnnannnnnnnnnnnnnnnnnnnnnnninnnnss 11 3 2 E E AE EA EEEE L EE a ded EEEE TE E AEE S A ESTEE EE ices eedes 13 3 3 Console Cable ns dd ld distan dctici 13 WEB Manade ment ais 14 4 1 Configuration by Web Browser ooccoocccnncccncconcccnoconoconononenononncnnnonanennnonnnonnnnnanennnonans 14 4 1 1 About Web based Management cccccooncnnccccccnncccnnccnncnnnnnnnnnonnnonnnonanennnonanennnnnonens 14 Ae ABASIC Se WING ieesece cong A 16 A N22 SYSICM INMMOLMA NOM iia dsc as 16 41 22 AMINA IPSS WOM rs cia a 17 A Sen ONE OUI A e eleva tesa ua aSen titra A A 18 Ae RI seater ea A yu EE wate cs nae aan ene 19 A A A O a onacenuns coe E 19 ra A BU Gear o A 20 4 1 2 7 Backup Restore Configuration isso 24 41 28 Firmware Update susi ota deca 24 AS DACP Po 24 AS SCI dla 24 42 DACP Dynamic Clent Cisti csiis nenns ds 25 AIS DAGF CICNE ES eresien es ee ne Tee eon ee 25 AVAL PROMS o A 25 4 1 4 1 A eiienck ane Sales eee ete 25 AAA RASE a dis 27 AAA e PO A o o RE O OOO E A 28 o srcrtesy caisece senate se a Seance nase Ariea EAEan 34 MoM ls A En o T 34 4 1 5 1 A e e PA E 34 ra M F eaa OU UPA 35 Alo VELAN cotas 44 4 1 6 1 VLAN Membership ConfiguratiON cccccoccncncccconccnncnnnncnnnnnnncnnnnnnanencnnnanonos 44 4 1 6 2 Private VEAN arena 53 A NMP OCIO A on o Un O OA 54 AN SSINMP2S ys Msc das 54 Arz SNMP COMMUNIO Setter EE 57 4 1 7 3 SNMP UsS
65. modes are pails Enabled Enable SNMP trap authentication failure Disabled Disable SNMP trap authentication failure Indicates the SNMP trap link up and link down mode operation Trap Link up and Possible modes are Link down Enabled Enable SNMP trap link up and link down mode operation Disabled Disable SNMP trap link up and link down mode operation Indicates the SNMP trap inform mode operation Possible modes are Trap Inform Mode l Enabled Enable SNMP trap inform mode operation Disabled Disable SNMP trap inform mode operation Trap Inform Indicates the SNMP trap inform timeout The allowed range is O to Timeout seconds 2147 Trap Inform Retry Indicates the SNMP trap inform retry times The allowed range is O to Times 255 Indicates the SNMP trap probe security engine ID mode of operation Possible values are Trap Probe Enabled Enable SNMP trap probe security engine ID mode of Security Engine ID operation Disabled Disable SNMP trap probe security engine ID mode of operation Indicates the SNMP trap security engine ID SNMPv3 sends traps and informs using USM for authentication and privacy A unique engine ID for these traps and informs is needed When Trap Probe Trap Security l l l l l Sanep Security Engine ID is enabled the ID will be probed automatically ngine j Otherwise the ID specified in this field is used The string must contain an even number between 10 and 64 hexadecimal digits but all zero
66. nnnnnncnnnonannnnnonnnnnnnnnnnrnnnnnnnnnrnnnnnannnnonnns 83 Technical Specifications Getting to Know Your Switch 1 1 About the KY 8617GCM Series Industrial Switch KY 8617GCM series are managed redundant ring Ethernet switches with 16xGigabit combo ports and 8x100 1000Base X SFP ports With complete support of Ethernet Redundancy protocols E ring recovery time lt 10ms over 300 units of connection and MSTP RSTP STP IEEE 802 1s w D can protect your mission critical applications from network interruptions or temporary malfunctions with its fast recovery technology KUSA s Industrial Combo switch series provides an advanced and IP based bandwidth management which can limit the maximum bandwidth for each IP device The user can configure IP camera and NVR with more bandwidth and limit other device bandwidth KUSA s Industrial Combo switch series also support application based QoS mechanisms Application based QoS can set the highest priority for data streams according to the TCP UDP port number All functions of the KY 8617GCM series can also be managed by centralized and convenient by management software as well as the Web based interface Telnet and console CLI configuration Therefore the switch is one of the most reliable choices for highly managed Gigabit Fiber Ethernet applications KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX
67. nual IP Address The remote SYSLOG Server IP address Apply Click Apply to set the configurations KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 4 1 12 Monitor and Diag 4 1 12 1 MAC Table The MAC Address Table is configured on this page Set timeouts for entries in the dynamic MAC Table and configure the static MAC table here MAC Address Table Configuration Aging Configuration Disable Automatic Aging Age Time 300 seconds MAC Table Learning Port Members 40623 4 5 6 7 8 9 30 213233 14 35 36 17 36 29 20 21 22 23 24 25 26 27 29 Auto Q QO QAOQOQD QDOQOQDADAAQOQOOQDQDOQOQDQDAOQOAADAQOOQOQO Disable OO QO OOOO OOOO CO0O0C00000000000 0 0 Secure O 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Static MAC Table Configuration Port Members Delete VLAN ID MAC Address 1223456780910 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Aging Configuration By default dynamic entries are removed from the MAC after 300 seconds This removal is also called aging Configure aging time by entering a value here in seconds for example Age time seconds The allowed range is 10 to 1000000 seconds Disable the automatic aging of dynamic entries by checking a Disable automatic aging MAC Table Learning If the learning mode for a given port is grayed out another module is
68. or is the physical link state for the attached LANs transitions frequently KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Controls whether the port connects to a point to point LAN rather than a shared medium This can be automatically determined or Point2Point M forced either true or false Transition to the forwarding state is faster for point to point LANs than for shared media KY 8617GCM_ User s Manual Click to save changes Click to undo any changes made locally and revert to previously nese saved values MSTI Ports This page allows the user to inspect the current STP MSTI port configurations and possibly change them as well A MSTI port is a virtual port which is instantiated separately for each active CIST physical port for each MSTI instance configured and applicable for the port The MSTI instance must be selected before displaying actual MSTI port configuration options This page contains MSTI port settings for physical and aggregated ports The aggregation settings are stack global MSTI Port Configuration MSTI KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 MST2 MSTI Port Configuration MSTI Aggregated Ports Configuration Port Path Cost Priority ato MH
69. ot matching any of the QCEs are classified to the default QoS Class for the port Qos Control List Configuration Ethernet Type Oxtffif Select a QCL to display a table that lists all the QCEs for that particular QCL KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Specifies which frame field the QCE processes to determine the QoS class of the frame The following QCE types are supported Ethernet Type The Ethernet Type field If frame is tagged this is the Ethernet Type that follows the tag header VLAN ID VLAN ID Only applicable if the frame is VLAN tagged TCP UDP Port IPv4 TCP UDP source destination port DSCP IPv4 and IPv6 DSCP ToS The 3 precedence bit in the ToS byte of the IPv4 IPv6 header also Known as DS field QCE Tyep Tag Priority User Priority Only applicable if the frame is VLAN tagged or priority tagged Type Value Indicates the value according to its QCE type KY 8617GCM_ User s Manual Ethernet Type The field shows the Ethernet Type value VLAN ID The field shows the VLAN ID TCP UDP Port The field shows the TCP UDP port range DSCP The field shows the IPv4 IPv6 DSCP value Traffic Class The QoS class associated with the QCE You can modify each QCE in the table using the following buttons Inserts a new QCE before the current row Edits the QCE Moves the
70. ouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Command Line Interface Management 5 1 About CLI Management Besides WEB based management the KY 8617GCM also supports CLI management You can use console or telnet to manage the switch by CLI CLI Management by RS 232 Serial Console 115200 8 none 1 none Before Configuring by RS 232 serial console use DB9 cable to connect the Switches RS 232 Console port to your PC s COM port Follow the steps below to access the console via RS 232 serial cable Step 1 From the Windows desktop click on Start gt Programs gt Accessories gt Communications gt Hyper Terminal 3 Accessibility fers Communications a HyperTerminal a Network Time Protocol GM Network and Dial up Connections a System Tools Sa HyperTerminal Za Acrobat Reader 5 0 Address Book J Calculator EN command Prompt o NetTime 7 Notepad Y Paint wy Windows Explorer fey Accessories gt CY WordPad Windows 2000 Professional i el ot KY 8617GCM_ User s Manual Step 2 Input a name for new connection Ys New Connection HyperTerminal a loj x File Edit View Call Transfer Help Connection Description Y New Connection Enter a name and choose an icon for the connection Name ni Disconnected Auto detect Auto detect SCROLL CAPS NUM Capture Print echo Step 3 Select to use COM port number lolx File Edit View Call Transfer H
71. ping Enabled F Unregistered IPMC Flooding enabled VLAN ID Snooping Enabled IGMP Querier 1 d 50 d Port Related Configuration Port Router Port Fast Leave 1 O d 2 O d 3 O d Snooping Enabled Enable the Global IGMP Snooping Unregistered IPMC Flooding Enable unregistered IPMC traffic flooding enabled VLAN ID The VLAN ID of the entry IGMP Snooping Enable the per VLAN IGMP Snooping Enabled Enable the IGMP Querier in the VLAN The Querier will send out if no Querier received in 255 seconds after IGMP Querier Enabled Each IGMP Querier Querier s interval is 125 second and it will stop act as an IGMP Querier if received any Querier from other devices KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Specify which ports act as router ports A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or Router Port IGMP querier If an aggregation member port is selected as a router port the whole aggregation will act as a router port Enable the fast leave on the port KY 8617GCM_ User s Manual 4 1 9 2 IGMP Snooping Status IGMP Snooping Status Statistics A bc oo Status Transmit Receive Receive Receive Receive Receive 0 O 0 0 0 O 1 IDLE IGMP Groups VLAN ID Groups 1 2 3 4 5 6 7 8 9 10 11 12 No IGMP groups Router Port
72. ransmit Hold Count exceeded transmission of the next BPDU will be delayed Valid values are in the range 1 to 10 BPDU s per second Click to save changes Click to undo any changes made locally and revert to previously Lose saved values MSTI Mapping This page allows the user to inspect the current STP MSTI bridge instance priority configurations and possibly change them as well KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 MSTI Configuration Add VLANs separated by spaces or comma Unmapped VLANs are mapped to the CIST The default bridge instance Configuration Identification Configuration Name 00 1e 94 ff ff ff MST5 KY 8617GCM_ User s Manual CI E The name identifying the VLAN to MSTI mapping Bridges must share the name and revision see below as well as the Configuration Name VLAN to MSTI mapping configuration in order to share spanning trees for MSTI s Intra region The name is at most 32 Characters Configuration The revision of the MSTI configuration named above This must Revision be an integer between 0 and 65535 The bridge instance The CIST is not available for MSTI explicit mapping as it will receive the VLANs not explicitly mapped The list of VLAN s mapped to the MSTI The VLANs must be separated with comma and or space A VLAN can only be VLANS Mapped m
73. rations and possibly change them as well LACP Port Configuration Open in new window LACP Enabled Indicates the group ID for the settings contained in the same row Group ID Normal indicates there is no aggregation Only one Group ID is valid per port LACP Enabled Each switch port is listed for each group ID Select a radio button to include a port in an aggregation or clear the radio button to remove the port from the aggregation By default no ports belong to any aggregation group Only full duplex ports can join an Aggregation and ports must be in the same speed in each group Key The Key value incurred by the port range 1 65535 The Auto setting will set the key as appropriate by the physical link speed 10Mb 1 100Mb 2 1Gb 3 Using the Specific setting a user defined value can be entered Ports with the same Key value can participate in the same aggregation group while ports with different keys cannot The Role shows the LACP activity status The Active will transmit LACP packets each second while Passive will wait for a LACP Packet from a partner speak if spoken to Click to save changes Click to undo any changes made locally and revert to previously Saved values KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 4 1 4 3 3 LACP System Status This page provides a status overview
74. rrently elected root bridge Root Port The switch port currently assigned the root port role Root Path Cost For the Root Bridge this is zero For all other Root Cost Bridges it is the sum of the Port Path Costs on the least cost path to the Root Bridge The current state of the Topology Change Flag for this Bridge Topology Flag instance KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Topology Change i The time since last Topology Change occurred ast KY 8617GCM_ User s Manual Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh C regular intervals STP Port Status This page displays the STP CIST port status for port physical ports in the currently selected switch STP Port Status Auto refresh L Refresh Port CIST Role CIST State Uptime 1 Disabled Discarding 2 Disabled Discarding 3 Disabled Discarding 4 Disabled Discarding 5 Disabled Discarding 6 Disabled Discarding Port The switch port number of the logical STP port The current STP port role of the CIST port The port role can be CIST Role one of the following values Alternate Port Backup Port Root Port The current STP port state of the CIST port The port state can be One of the following values Blocking Learning Forwarding Uptime
75. rted Quality of Service 802 1p for real time traffic VLAN 802 1Q with VLAN tagging and GVRP supported Software Features IGMP Snooping IP based bandwidth management Application based QoS management DOS DDOS auto prevention Port configuration status statistics monitoring security DHCP Client Server Network Redundancy LED indicators KY 8617GCM_ User s Manual System Ready Indicator STA Green Indicates that the system ready The LED is blinking when the system is upgrading firmware Ring Master Indicator R M Green Indicates that the system is operating in E ring Master mode f Green Indicates that the system operating in E ring mode E ring Indicator Ring Green Blinking Indicates that the Ring is broken Fault Indicator Fault Amber Indicate unexpected event occurred System Running Indicator RUN Green System is operating continuously Supervisor Login Indicator RMT Green System is accessed remotely Reset To Default Running Indicator DEF Ping Command To The Switch Green System resets to default configuration Green System is processing PING request Indicator Ping 10 100 1000Base T X RJ45 Port Left Green for 1000Mbps Link Act indicator Amber for 10 100Mbps Link Act indicator Indicator Right Amber for full duplex indicator 100 1000Base X SFP Port Indicator Green for port Link Act Fault contact Relay N A Relay output to carry capacity of 1A at 24VDC Power 100 2
76. s and all F s are not allowed KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Indicates the SNMP trap security name SNMPv3 traps and informs Trap Security using USM for authentication and privacy A unique security name is Name needed when traps and informs are enabled KY 8617GCM_ User s Manual 4 1 7 2 SNMP Communities Configure SNMPv3 communities table on this page The entry index key is Community SNMPv3 Communities Configuration Delete Community Source IP Source Mask F public 0 0 0 0 0 0 0 0 C private 0 0 0 0 0 0 0 0 Add new community Check to delete the entry It will be deleted during the next save Indicates the community access string to permit access to SNMPv3 Community agent The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Source IP Indicates the SNMP access source address Source Mask Indicates the SNMP access source address mask 4 1 7 3 SNMP Users Configure SNMPv3 users table on this page The entry index keys are Engine ID and User Name SNMPv3 Users Configuration Del User Security Authentication Authentication Privacy Privacy Engine ID Name Level Protocol Password Protocol Password F 800007e5017f000001 default_user NoAuth NoPriv None None None None Check to delete the entry It will be deleted
77. sabled or Rx only 4 1 12 3 System Log Information The switch system log information is provided here KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 System Log Information Open in new window Auto refresh Refresh Level All w The total number of entries is 0 for the given level Start from ID with entries per page ID Level Time Message No system log entries KY 8617GCM_ User s Manual OO D The ID gt 1 of the system log entry The level of the system log entry The following level types are supported Info Information level of the system log Warning Warning level of the system log Error Error level of the system log All All levels Time The time of the system log entry Message The MAC Address of this switch Check this box to enable an automatic refresh of the page at regular Auto refresh L intervals Refresh Updates the system log entries starting from the current entry ID zz Updates the system log entries ending at the last entry currently displayed Updates the system log entries starting from the last entry currently gt displayed gt gt Updates the system log entries ending at the last available entry ID 4 1 12 4 Detailed Log The switch system detailed log information is provided here Clear Flushes all system log entries Updates the system
78. ss than 10 ms for Gigabit Ethernet switches It can reduce unexpected damage caused by network topology change E ring Supports 3 Ring topologies E ring Coupling Ring and Dual Homing Redundant Ring Configuration Ring Master gt Coupling Port gt 1st Ring Port 207 2nd Ring Port 7002 gt Homing Port 50 gt E ring interface The following table describes the labels in this screen There should be one and only one Ring Master in a ring Ring Master However if there are two or more switches that are set as Ring KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Masters the switch with the lowest MAC address will be the O aon eu The backup port when this switch is Ring Master Coupling Ring Mark to enable Coupling Ring Coupling Ring can be used to Divide a big ring into two smaller rings to avoid effecting all switches when network topology change It is a good application for connecting two Rings Coupling Port Link to Coupling Port of the switch in another ring Coupling Ring need four switch to build an active and a backup link Set a port as coupling port The coupled four ports of four switches will be run at active backup mode Dual Homing Mark to enable Dual Homing By selecting Dual Homing mode Ring will be connected to normal switches through two RSTP links ex backbone Switch
79. tem ID MAC address Partner Port The partner s port number connected to this port Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh C regular intervals KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 4 1 4 3 5 LACP Statistics This page provides an overview for LACP statistics for all ports LACP Statistics O 0 o o 0 O 0 0 O 0 o 0 O 0 O 0 O 0 O 0 O g 0 O Port The switch port number LACP Transmitted Shows how many LACP frames have been sent from each port LACP Received Shows how many LACP frames have been received at each port Discarded Shows how many unknown or illegal LACP frames have been Discarded at each port Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh L Regular intervals Clears the counters for all ports KY 8617GCM_ User s Manual 4 1 4 4 Loop Guard Loop Guard is a looping detection avoid strategy It helps network administrator to avoid looping issue Active Enable Loop Guard function Port State Guarding This port is protected against looping Locked This port has been locked to avoid looping 4 1 5 Redundancy 4 1 5 1 e ring E ring is the most powerful Ring in its class The recovery time of e ring is le
80. to this port The allowed values are Rate Limiter ID ae Disabled or the values 1 through 15 The default value is Disabled Select which port frames are copied to The allowed values are Disabled or a specific port number The default value is Disabled Specify the logging operation of this port The allowed values are Enabled Frames received on the port are stored in the System Log Logging Disabled Frames received on the port are not logged The default value is Disabled Please note that the System Log memory size and logging rate is limited Specify the port shut down operation of this port The allowed values are Enabled If a frame is received on the port the port will be disabled Disabled Port shut down is disabled The default value is Disabled Counts the number of frames that match this ACE KY 8617GCM_ User s Manual 4 1 10 2 IEEE 802 1x This page allows you to configure how an administrator is authenticated when he logs into the switchstack via TELNET SSH or the web pages This page allows you to configure the IEEE 802 1X and MAC based authentication system and port settings The IEEE 802 1X standard defines a port based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication One or more central servers the backend servers determine whether the user is allowed access to the network These backend RADIUS servers are con
81. uipment whose MAC address is a valid RADIUS user can be used by anyone and only the MD5 Challenge method is supported Client Configuration The table has one row for each Client and a number of columns which are The Client for which the configuration below applies Authentication Authentication Method can be set to one of the following values Metohd none authentication is disabled and login is not possible local use the local user database on the switch stack for authentication radius use a remote RADIUS server for authentication tacacs use a remote TACACS server for authentication Enable fallback to local authentication by checking this box If none of the configured authentication servers are alive the local user database is used for authentication This is only possible if the Authentication Method is set to something else than none or local Click to save changes Click to undo any changes made locally and revert to previously saved values Common Server Configuration KY 8617GCM_ User s Manual These setting are common for all of the Authentication Servers The Timeout which can be set to a number between 3 and 3600 seconds is the maximum time to wait for a reply from a server If the server does not reply within this timeframe we will consider it to be dead and continue with the next enabled server if any Timeout RADIUS servers are using the UDP protocol which is unreliable by design
82. xcessive Collision o Discard Discard frame after 16 collisions default Mode Restart Restart back off algorithm after 16 collisions The Usage column shows the current percentage of the power consumption per port The Configured column allows for changing the power savings mode parameters per port Power Control Disabled All power savings mechanisms disabled ActiPHY Link down power savings enabled PerfectReach Link up power savings enabled Enabled Both link up and link down power savings enabled Total Power Usage Total power usage in board measured in percent _ Save Click to save changes Click to undo any changes made locally and revert to previously eset saved values KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Click to refresh the page Any changes made locally will be undone KY 8617GCM_ User s Manual 4 1 4 2 Rate Limit Rate Limit Configuration Shaper Enabled Rate i 2 3 4 5 6 Fi 8 g a m e a N a S a S a N a S FE a N a S N S a S a fe n Save Pot The logical port for the settings contained in the same row Policer Enabled Enable or disable the port policer The default value is Disabled Configure the rate for the port policer The default value is 500 This value is restricted to 500 1000000 when the
83. ximately 5 seconds If all ports are selected this can take approximately 15 seconds When completed the page refreshes automatically and you can view the cable diagnostics results in the cable status table Note that VeriPHY is only accurate for cables of length 7 140 meters 10 and 100 Mbps ports will be linked down while running VeriPHY Therefore running VeriPHY on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete Pot The port where you are requesting VeriPHY Cable Diagnostics Cable Status Port Port number Pair The status of the cable pair Length The length in meters of the cable pair KY 8617GCM_ User s Manual 4 1 13 Factory Defaults You can reset the configuration of the stack switch on this page Only the IP configuration is retained Factory Defaults Are you sure you want to reset the configuration to Factory Defaults Click to reset the configuration to Factory Defaults Click to return to the Port State page without resetting the configuration 4 1 14 System Reboot You can reset the stack switch on this page After reset the system will boot normally as if you had powered on the devices Warm Reset Are you sure you want to perform a Warm Restart w nestor S Click to reboot device Click to return to the Port State page without rebooting KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Miss
84. y index keys are Security Model and Security Name SNMPv3 Users Configuration E Use Security Authentication Authentication Privacy Priva Deets eee Name Level Protocol Password Protocol Password LI 00007450171000001 default_user Nosuth NoPriv None Mona None orbe Check to delete the entry It will be deleted during the next save Indicates the security model that this entry should belong to Possible Add new user security models are Security Model vi Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM A string identifying the security name that this entry should belong to Security Name The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 A string identifying the group name that this entry should belong to Group Name The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 4 1 7 5 SNMP Views Configure SNMPv3 views table on this page The entry index keys are View Name and OID Subtree SNMPv3 Views Configuration Delete View Name View Type OID Subtree L default_view 1 Add new view KUSA Telephone 219 595 2631 1107 SE Willow Pl 816 988 7861 Blue Springs Missouri 64014 Email SaleswWKUSA1 co Web Site www KUSA1 co FAX 480 287 8605 Check to delete the entry It will be deleted during the next save A string identifying the view name that this entry should belong to
Download Pdf Manuals
Related Search