GUI Graphical User Interface: Rail Switch Power Smart (RSPS)
Contents
1. Table 15 Operation frame in the Basic Settings Network IP Address Conflict Detection dialog RM GUI RSPS Release 2 0 02 2013 33 Basic Settings 1 2 Network Configuration Parameters Meaning Detection Mode Specifies the procedure with which the device detects address conflicts Possible values Active and Passive default setting The device uses active and passive address conflict detection Active Active address conflict detection The device actively avoids communicating with an IP address that already exists in the network The address conflict detection begins as soon as you connect the device to the network or change its IP parameters The device sends 4 ARP probe data packets at the interval defined in the Detection Delay ms field If the device receives a response to these data packets there is an address conflict If the device does not detect an address conflict it sends 2 gratuitous ARP data packets as an announcement The device also sends these data packets when the address conflict detection is switched off Ifthe IP address already exists in the network the device changes back to the previously used IP parameters if possible If the device receives its IP parameters from a DHCP server it sends a DHCPDECLINE message back to the DHCP server After the period specified in the Release Delay s field the device checks whether the address conflict still exists If the device2. Possible values Ignore default setting The device ignores this parameter Monitor The device changes the device status to Error in the following situations The device configuration only exists in the device The device configuration in the device differs from the device configuration on the external memory Table 271 Monitoring frame in the Diagnostics Status Configuration Device Status dialog cont Propagate Connection Error table Parameters Meaning Port Shows the number of the device port to which the table entry relates Table 272 Propagate Connection Error table in the Diagnostics Status Configuration Device Status dialog RM GUI RSPS Release 2 0 02 2013 283 Diagnostics 8 4 Status Configuration Parameters Meaning Propagate Defines whether the device monitors the link status of the port Connection Error Possible values Selected The device changes the device status to Error if the link at this port is interrupted Not selected default setting The device status remains unchanged if the link at this port is interrupted This setting is only effective if you have selected the value Monitor inthe Connection error field of the Monitoring frame Table 272 Propagate Connection Error table in the Diagnostics Status Configuration Device Status dialog cont Propagate State table Parameters Meaning Power Supply Number of the power supply that applies to this
3. Activates deactivates the conditions configured in the Link Flap tab to trigger an action Possible values Selected The device monitors the port for the conditions configured in the Link Flap table When the configured condition occurs the device performs the action selected in the Action column Not selected default setting Activates deactivates the conditions configured in the CRC Fragments tab to trigger an action Possible values Selected The device monitors the port for the conditions configured in the CRC Fragments table When the configured condition occurs the device performs the action selected in the Action column Not selected default setting Activates deactivates the duplex mismatch condition to trigger an action Possible values Selected The device monitors the port for a duplex mismatch When a duplex mismatch occurs the device performs the action selected in the Action column Not selected default setting Shows which configured condition caused an action to occur Possible values Link Flap CRC Fragments Duplex Missmatch Defines an action to perform when the user defined port monitor conditions occur Possible values Disable port default setting When the port monitor conditions occur the device disables the port To enable the port again click Reset Send trap The device sends a trap to the management station The prerequisite for sending SNMP messages traps is that you t
4. Security Parameters Access Challenges Malformed Access Responses Bad Authenticators Pending Requests Timeouts Unknown Types Packets Dropped 2 5 RADIUS Meaning Shows the number of access challenge data packets that the device received from the server Shows the number of malformed access response data packets that the device received from the server including data packets with an invalid length Shows the number of access response data packets with an invalid authenticator that the device received from the server Shows the number of access request data packets that the device sent to the server to which it has not yet received a response from the server Shows how often no response to the server was received before the specified waiting time elapsed Shows the number data packets with an unknown data type that the device received from the server on the authentication port Shows the number of data packets that the device received from the server on the authentication port and then discarded them Table 86 RADIUS Authentication Statistics dialog table cont Buttons Button Reload Help Table 87 Buttons RM GUI RSPS Release 2 0 02 2013 Meaning Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help 107 Security 2 6 Pre login Banner 2 6 Pre login Banner This dialog allows you to display a greeting or information text to user
5. Button Set Reload Help Table 109 Buttons 128 Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help RM GUI RSPS Release 2 0 02 2013 Time 3 3 PTP 3 3 2 Boundary Clock With this menu you can configure the Boundary Clock mode for the local clock The menu contains the following dialogs Boundary clock Global Boundary clock Port 3 3 3 Boundary clock Global With this dialog you can enter general cross port settings for the Boundary Clock mode for the local clock The Boundary Clock BC operates according to PTP version 2 IEEE 1588 2008 The settings are effective when the local clock operates as the Boundary Clock BC For this you select the value v2 boundary clock in the PTP Mode field in the Time PTP Global dialog Operation IEEE 1588 PTPv2 BC Parameters Meaning Priority 1 Defines priority 1 for the port Possible values 0 255 default setting 128 The Best Master Clock algorithm first evaluates priority 1 of the participating devices in order to determine the reference time source Grandmaster The lower you set this value the more probable it is that the device becomes the reference time source Grandmaster See Grandmaster o
6. Config Priority parameter Security Management Access Server dialog SNMP tab page Port Number parameter Diagnostics System Selftest dialog RAM Test parameter Diagnostics System Selftest dialog Activate SysMon1 parameter Diagnostics System Selftest dialog Load default config on error parameter Table 2 Buttons in the status line cont Instructions for saving the device configuration LI To copy changed settings to the volatile memory RAM click the Set button LI To refresh the display in the dialogs click the Reload button L To keep the changed settings even after restarting the device click the 18 Save button in the Basic Settings Load Save dialog RM GUI RSPS Release 2 0 02 2013 Graphical User Interface Note Unintentional changes to the device configuration may cause the connection between your PC and the device to be terminated Before you change the settings in the device switch on the function Undo Modifications of Configuration in the Basic Settings Load Save dialog With this function the device restores the active device configuration saved in the NVM if the connection is interrupted after the settings have been changed The device remains reachable RM GUI RSPS Release 2 0 02 2013 19 Graphical User Interface RM GUI RSPS 20 Release 2 0 02 2013 Basic Settings 1 Basic Settings With this menu you can configure the basic settings of the device
7. Minimum Lower Cases Minimum Numbers Minimum Special Characters You configure the password rules in the Security User Management dialog in the Password Policy frame Password strength Defines whether the device monitors the status of the function Policy check inactive Check Possible values Ignore default setting The device ignores this parameter Monitor The device changes the security status to the value Error if the function Policy Check is deactivated for at least 1 user account You configure the Policy Check function in the table in the Security User Management dialog Telnet Enabled Defines whether the device monitors the status of the Telnet server Possible values Ignore The device ignores this parameter Monitor default setting The device changes the security status to the value Error if the Telnet server is enabled You enable disable the Telnet server in the security Management Access Server dialog on the Telnet tab page HTTP Enabled Defines whether the device monitors the status of the HTTP server Possible values Ignore The device ignores this parameter Monitor default setting The device changes the security status to the value Error if the HTTP server is enabled You enable disable the HTTP server in the Security Management Access Server dialog on the HTTP tab page Table 277 Monitoring frame in the Diagnostics Status Configuration Secur
8. without synchronizing itself The menu contains the following dialogs Global Boundary Clock Transparent Clock RM GUI RSPS 126 Release 2 0 02 2013 Time 3 3 PTP 3 3 1 Global With this dialog you can configure basic settings for PTP Operation IEEE 1588 PTP Parameters Meaning Operation When the function is switched on the device synchronizes its clock with IEEE 1588 PTP PTP If SNTP is activated in the device at the same time PTP has priority When the function is switched off the device transmits the PTP synchronization messages without any correction at all device ports Possible values On off default setting Table 106 Operation IEEE 1588 PTP frame in the Time PTP Global dialog Configuration IEEE 1588 PTP Parameters Meaning PTP Mode Defines the PTP version and mode of the local clock Possible values v2 transparent clock default setting v2 boundary clock Sync Lower Bound Defines the lower threshold value in nanoseconds for the path difference ns between the local clock and the reference time source Grandmaster If the path difference falls below this value one time then the local clock is classed as synchronized Possible values 0 999999999 default setting 30 Sync Upper Bound Defines the upper boundary in nanoseconds for the path difference ns between the local clock and the reference time source Grandmaster If the path difference exceeds this value one time then the local cl
9. 3 indicates that the device has endpoint class 1 3 capabilities A value of networkConnectivity indicates that the device has network connectivity device capabilities Shows the extension of the VLAN Identifier for the remote system connected to this port as defined in IEEE 802 1P 1998 The device uses a value of 1 through 4094 to define a valid Port VLAN ID The device shows a value of 0 for priority tagged frames This means that only the 802 1 p priority level is significant and the device uses the default VLAN ID of the ingress port The device reserves a value of 4095 for implementation Shows the value of the 802 1 p priority which is associated with the remote system connected to the port Shows the value of the Differentiated Service Code Point DSCP which is associated with the remote system connected to the port Shows the unknown bit status of incoming traffic A value of true indicates that the network policy for the specified application type is currently unknown In this case the VLAN ID ignores the Layer 2 priority and the DSCP value fields A value of false indicates a defined network policy Shows the tagged bit status A value of true indicates that the application uses a tagged VLAN A value of false indicates that for the specific application the device uses untagged VLAN operation In this case the device ignores both the VLAN ID and the Layer 2 priority fields whereas the DSCP value is relevant Shows the
10. Assigns the device to a PTP domain Possible values 0 255 default setting 0 The device only transmits time information from and to devices in the same domain Defines which protocol the device port uses to transmit the PTP synchronization messages Possible values EEE 802 3 default setting Defines the PTP domains in which the device corrects PTP synchronization messages Possible values Selected The device corrects PTP synchronization messages in all PTP domains Not selected default setting The device only corrects PTP synchronization messages in the primary PTP domain See the Primary Domain field Defines the VLAN ID with which the device marks the PTP synchronization messages at this port Possible values none default setting The device transmits PTP synchronization messages without a VLAN marking 0 4042 You select VLANs that you have already set up in the device from the list Defines the priority with which the device transmits the PTP synchronization messages marked with a VLAN ID Layer 2 IEEE 802 1p Possible values 7 default setting 4 If you have defined the value none in the VLAN field the device ignores the VLAN priority Table 118 Operation IEEE1588 PTPv2 TC frame in the Time PTP Transparent Clock Globa1 dialog cont 140 RM GUI RSPS Release 2 0 02 2013 Time 3 3 PTP Local Synchronization Parameters Meaning Syntonize Defines whether t
11. Buttons Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 218 Buttons RM GUI RSPS 242 Release 2 0 02 2013 Diagnostics 8 1 System 8 1 3 Selftest This dialog allows you to do the following Activate deactivate the RAM test when the device is being started Enable disable the switch to the system monitor when the device is being started Defines how the device behaves in the case of an error Configuration Parameters Meaning RAM Test Defines whether the device tests the RAM memory during the restart Possible values Selected default setting The device tests the RAM memory during the restart Not selected The device skips the memory test during the restart This shortens the start time for the device Activate SysMon1 Activates deactivates the access to the system monitor during the restart Possible values Selected default setting The device allows you to switch to the system monitor during the restart Not selected The device starts without the option to switch to the system monitor Among other things the system monitor allows you to update the device software or delete saved device configurations Load default config Activates deactivates the loading of the standard device configuration on error default configuration if no readable device configuration is available for the device when it is restarting
12. HTTPS tab page Note When you switch off the server the connection between the graphical user interface GUI and the device is interrupted To continue working with the graphical user interface switch the server on again via the Command Line Interface CLI RM GUI RSPS 80 Release 2 0 02 2013 Security 2 3 Management Access Configuration Parameters Meaning Listen TCP Port Defines the number of the TCP port on which the server receives requests from clients Possible values 1 65535 default setting 443 Exception Port 2222 is reserved for internal functions The server restarts automatically after the port is changed In the process the device terminates open connections to the server Table 54 Configuration frame in the Security Management Access Server dialog HTTPS tab page Certificate Parameters Present Create Delete Meaning Shows whether the digital certificate is present in the device Possible values Selected The certificate is present Not selected The certificate has been removed Creates a digital certificate on the device To get the server to use this certificate you click Set and restart the server You can only restart the server via the Command Line Interface CLI Alternatively you can copy your own certificate to the device see the Certificate Import dialog Deletes the digital certificate To permanently remove the certificate from the device save the chang
13. IGMP MIB The BSD Syslog Protocol IGMPv3 Introduction and Applicability Statements for Internet Standard Management Framework An Architecture for Describing Simple Network Management Protocol SNMP Management Frameworks Message Processing and Dispatching for the Simple Network Management Protocol SNMP Simple Network Management Protocol SNMP Applications User based Security Model USM for version 3 of the Simple Network Management Protocol SNMPv3 View based Access Control Model VACM for the Simple Network Management Protocol SNMP Management Information Base MIB for the Simple Network Management Protocol SNMP 802 1X RADIUS Usage Guidelines Coexistence between Version 1 Version 2 and Version 3 of the Internet standard Network Management Framework Management Information Base for the Transmission Control Protocol TCP Management Information Base for the User Datagram Protocol UDP Definitions of Managed Objects for Bridges SSH protocol architecture SSH authentication protocol SSH transport layer protocol SSH connection protocol Management Information Base for the Internet Protocol IP Definitions of Managed Objects for Bridges with Rapid Spanning Tree Protocol Simple Network Time Protocol SNTP Version 4 for IPv4 IPv6 and OSI Definitions of Managed Objects for Bridges with Traffic Classes Multicast Filtering and Virtual LAN Extensions Considerations for Internet Group Management Protocol IGMP a
14. Loop Guard function while the Root Guard function is switched on the device switches off the Root Guard function Shows whether the loop state of the device port is inconsistent Possible values true The loop state of the device port is inconsistent The device port is not receiving any STP BPDUs and the Root Guard function is switched on The device sets the state of the device port to the value discarding The device thus prevents any potential loops false The loop state of the device port is consistent The device port receives STP BPDUs Shows how often the device has set the value in the Loop State field from false to true Shows how often the device has set the value in the Loop State field from true to false Table 213 Guards tab page in the Redundancy Spanning Tree Port dialog section x3c tblsheetnum gt of 3 236 RM GUI RSPS Release 2 0 02 2013 Redundancy Parameters 7 4 Spanning Tree Meaning BPDU Guard Effect Prerequisite The device port is a manually defined edge port terminal device port In the Port dialog the checkbox in the Admin Edge Port column is Selected for this port In the Redundancy Spanning Tree Global dialog the BPDU Guard function is switched on Shows whether the device port has received an STP BPDU as an edge port terminal device port Possible values disable The device port is an edge port terminal device port and has not
15. O KNNNN wnb ONDA Statistics Table Utilization SFP s Configuration Device Status Security Status Signal Contact MAC Notification Alarms Traps w w w t ie mi c ORWN OO O0 00 00 00 00 U O0 00 00 U O0 00 00 O0 UO U onL AAR AAA Configuration Topology Discovery Na Advanced Telnet Client Appendix Technical Data List of RFCs Underlying IEEE Standards Underlying IEC Norms Underlying ANSI Norms Maintenance Literature references 260 263 264 265 266 266 267 268 280 281 286 291 297 299 301 301 305 309 310 311 312 313 315 316 317 318 319 RM GUI RSPS Release 2 0 02 2013 Contents A 8 Copyright of Integrated Software 320 A 8 1 lighttpd 320 A 8 2 Expat 321 A 8 3 libcurl 322 A 8 4 libssh2 323 A 8 5 OpenSSH 324 A 8 6 OpenSSL 334 A 8 7 Parts of the FreeBSD IP stack 337 B Index 339 c Readers Comments 342 D Further Support 345 RM GUI RSPS Release 2 0 02 2013 7 Contents RM GUI RSPS 8 Release 2 0 02 2013 About this Manual About this Manual The GUI reference manual contains detailed information on using the graphical interface to operate the individual functions of the device The Command Line Interface reference manual contains detailed information on using the Command Line Interface to operate the individual functions of the device The Installation user manual contains a device description safety instructions a
16. Parameters Meaning Default Passwords Defines whether the device monitors the password for the locally set up not changed user accounts user and admin Possible values Ignore The device ignores this parameter Monitor default setting The device changes the security status to the value Error if the password for the user or admin user account is unchanged from the default setting You set the password in the Security User Management dialog Configured min Defines whether the device monitors the password rule Minimum password length lt 8 Password Length Possible values Ignore The device ignores this parameter Monitor default setting The device changes the security status to the value Error if the value for the password rule is less than 8 You configure the password rules in the Security User Management dialog in the Password Policy frame Table 277 Monitoring frame in the Diagnostics Status Configuration Security Status dialog section x3c tblsheetnum gt of 4 RM GUI RSPS Release 2 0 02 2013 287 Diagnostics 8 4 Status Configuration Parameters Meaning Password strength Defines whether the device monitors the password rules not configured g Possible values Ignore The device ignores this parameter Monitor default setting The device changes the security status to the value Error if the value for at least one of the following password rules is 0 Minimum Upper Cases
17. Password field displays the password in clear text Access Role Defines the access role profile that regulates the user s access to the individual functions of the device Possible values guest The user is authorized to monitor the device operator The user is authorized to monitor and configure the device with the exception of security settings for the access to the device administrator The user is authorized to monitor and configure the device unauthorized The user is blocked and the device rejects the user s login You assign this value to temporarily lock the user account If an error occurs when another access role is being assigned the device assigns this access role to the user account User locked Locks unlocks the user s access to the management functions of the device Possible values Selected The user s access is locked Not selected The user s access is unlocked Table 39 New Entry frame in the Security User Management dialog section x3c tblsheetnum gt of 3 RM GUI RSPS Release 2 0 02 2013 67 Security Parameters Policy Check SNMP Auth Type SNMP Encryption Type 2 1 User Management Meaning Defines whether the device checks the password according to the defined policy when it is being set up or changed Possible values Selected The device checks the password according to the policy defined in the Password Policy frame Not selected The device accepts the password without
18. Possible values Osa none Deactivates the Voice VLAN Priority of the port Table 164 Table in the switching VLAN Voice dialog cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 165 Buttons RM GUI RSPS Release 2 0 02 2013 187 Switching 5 5 VLAN RM GUI RSPS 188 Release 2 0 02 2013 QoS Priority 6 QoS Priority Communication networks transmit a number of applications at the same time that have different requirements as regards availability bandwidth and latency periods QoS Quality of Service is a procedure defined in IEEE 802 1D It is used to distribute resources in the network You therefore have the possibility of providing minimum bandwidth for important applications Prerequisite for this is that the end devices and the devices in the network support prioritized data transmission Data packets with high priority are given preference when transmitted by devices in the network You transfer data packets with lower priority when there are no data packets with a higher priority to be transmitted The device provides the following setting options You specify how the device evaluates QoS prioritization information for in
19. Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution THIS SOFTWARE IS PROVIDED BY THE AUTHOR AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE 8 Portable OpenSSH contains the following additional licenses a md5crypt c md5dcrypt h THE BEER WARE LICENSE Revision 42 lt phk login dknet dk gt wrote this file As long as you retain this notice you can do whatever you want with this stuff If we meet some day and you think this stuff is worth it you can buy me a beer in return Poul Henning Kamp b snpr
20. SSH Activates deactivates the SSH access Possible values Selected default setting Access is activated for the adjacent IP address range Not selected Access is deactivated Active Activates deactivates the table entry Possible values Selected default setting Table entry is activated The device restricts access to its management functions to the adjacent IP address range and the selected IP based applications Not selected Table entry is deactivated Table 67 Table inthe security Management Access IP Access Restriction dialog cont In the state on delivery there is a default entry in the table for the IP address range 0 0 0 0 0 in which the access for all applications is activated This table entry allows you access to the device regardless of your location e g to initially configure the function You have the option to change or delete this table entry When you create a new table entry it has the same properties Note To start the graphical user interface in a Web browser you require the HTTP or HTTPS service For the graphical user interface to have access to the device the SNMP service is also required If you are using the graphical user interface outside the Web browser you only require the SNMP service RM GUI RSPS Release 2 0 02 2013 Security Buttons Button Set Reload Create Remove Help Table 68 Buttons 2 3 9 Web 2 3 Management Access Meaning Transfers the change
21. The device automatically detects whether other devices in the network expect the PTP synchronization messages to be the same length as PTPv1 messages If this is the case the device extends the length of the PTP synchronization messages before transmitting them on The device extends the length of the PTP synchronization messages before transmitting them O The device transmits PTP synchronization messages without changing the length Asymmetry Corrects the measured delay value corrupted by asymmetrical transmission paths Possible values 2000000000 2000000000 default setting 0 The value represents the delay symmetry in nanoseconds A measured delay value of x ns corresponds to an asymmetry of x 2 ns The value is positive if the delay from the PTP master to the PTP slave is longer than in the opposite direction VLAN Defines the VLAN ID with which the device marks the PTP synchronization messages at this port Possible values none default setting The device transmits PTP synchronization messages without a VLAN marking 0 4042 You select VLANs that you have already set up in the device from the list Make sure that the device port is a member of the VLAN See the switching VLAN Static dialog VLAN Priority Defines the priority with which the device transmits the PTP synchronization messages marked with a VLAN ID Layer 2 IEEE 802 1p Possible values 0 7 default setting 4 If you have defined the val
22. The signal contact ignores this parameter Monitor default setting The signal contact opens if the temperature exceeds falls below the threshold values You define the temperature thresholds in the Basic Settings System dialog in the Temperature C field Connection error Defines whether the signal contact monitors the link status of the device ports Possible values Ignore default setting The signal contact ignores this parameter Monitor The signal contact opens if the link on a device port is interrupted You have the option of selecting the device ports to be monitored individually ENVM removal Defines whether the signal contact monitors the external memory Possible values Ignore default setting The signal contact ignores this parameter Monitor The signal contact opens if you remove the external memory from the device Table 282 Monitoring Correct Operation frame in the Diagnostics Status Configuration Signal Contact dialog RM GUI RSPS Release 2 0 02 2013 293 Diagnostics 8 4 Status Configuration Parameters Meaning ENVM notin Sync Defines whether the signal contact monitors the synchronization of the device configuration in the device and on the external memory Possible values Ignore default setting The signal contact ignores this parameter Monitor The signal contact opens in the following situations The device configuration only exists in the device The devic
23. default setting The device ignores this parameter Monitor The device changes the safety status to the value Error if the device also saves the device configuration on the external memory You enable disable the saving of the device configuration on the external memory in the Basic Settings External Memory dialog Table 277 Monitoring frame in the Diagnostics Status Configuration Security Status dialog section x3c tblsheetnum gt of 4 RM GUI RSPS Release 2 0 02 2013 289 Diagnostics Parameters Active Port without link HiDiscovery Enabled 8 4 Status Configuration Meaning Defines whether the device monitors the link status of the enabled device ports Possible values Ignore default setting The device ignores this parameter Monitor The device changes the security status to the value Error if the link on an enabled device port is interrupted You have the option of selecting the device ports to be monitored individually Defines whether the device monitors the status of HiDiscovery Possible values Ignore The device ignores this parameter Monitor default setting The device changes the Security Status to the value Error if Operation for the HiDiscovery Protocol is On and Access is readWrite You enable disable the HiDiscovery Protocol in the Basic Settings Network dialog in the HiDiscovery Protocol frame Table 277 Monitoring frame in the Diagnostics Status
24. default setting Selected If the threshold value is exceeded the device discards the excess Multicast data packets on this port Activates deactivates the rate limiter function for received Unicast data packets with an unknown destination address Possible values Not selected default setting Selected If the threshold value is exceeded the device discards the excess Unicast data packets on this port Table 130 Table in the Ingress tab of the Switching Rate Limiter dialog cont 156 RM GUI RSPS Release 2 0 02 2013 Switching 5 2 Rate Limiter Egress On this tab you activate the rate limiter function for data packets to be sent By entering a threshold value you define the maximum amount of traffic the port transmits on the egress side If the traffic on this port exceeds the threshold value the device discards the excess traffic on this port Parameters Meaning Port Shows the number of the device port to which the table entry relates Bandwidth Defines the threshold value for data packets to be sent on this port Possible values 0 100 default setting 0 The threshold value is entered as a percentage of the data rate of the port Enter the percentage of the data rate of the port between 0 and 100 The value 0 deactivates the rate limiter function on this port Table 131 Table in the Egress tab of the switching Rate Limiter dialog Buttons Button Meaning Set Transfers the changes to the volatile
25. function Possible values Selected The device port remains physically switched on A connected device receives an active link Not selected default setting The device port is physically switched off Defines how the device port behaves when no cable is connected Possible values no power save default setting The device port remains activated auto power down The device port switches to the energy saving mode unsupported The device port does not support this function and remains activated Activates deactivates the automatic configuration of the device port Possible values Selected default setting This setting has priority over the manual configuration of the device port The device port negotiates the operating mode independently using autonegotiation and detects the devices connected to the TP port automatically Auto Cable Crossing After the function is switched on it takes a few seconds for the device port to set the operating mode Not selected The device port works with the values you defined in the Manual Configuration column and the Manual Cable Crossing Auto Conf off column Defines the operating mode of the device port when the automatic configuration of the device port is deactivated Possible values 10 Mbit s HDX Half duplex connection 10 Mbit s FDX Full duplex connection 100 Mbit s HDX Half duplex connection 100 Mbit s FDX default setting Full duplex connection Th
26. information to neighboring devices Receive and Transmit default setting The device port transmits LLDP data packets and stores information about neighboring devices Disable The device port transmits no LLDP data packets and stores no information about neighboring devices Notification Enabled Specifies whether LLDP notifications are enabled on this device port Possible values Selected LLDP notifications are enabled on this device port Not selected default setting LLDP notifications are disabled on this device port Transmit Port Specifies whether the device transmits a TLV Type Length Value with Description the port description Possible values Selected default setting The device transmits a TLV with the port description Not selected The device does not transmit a TLV with the port description Transmit System Specifies whether the device transmits a TLV Type Length Value with Name the device name Possible values Selected default setting The device transmits a TLV with the device name Not selected The device does not transmit a TLV with the device name Transmit System Specifies whether the device transmits a TLV Type Length Value with Description the system description Possible values Selected default setting The device transmits a TLV with the system description Not selected The device does not transmit a TLV with the system description Table 297 Table in the Diagnostics LLDP Configuration dia
27. min System Time System Time UTC Possible values 780 840 default value 60 The device determines the time zone on your PC and uses it to calculate the difference between the local time and the System Time UTC Table 91 Configuration frame in the Global tab of the Time Basic Settings Table 92 Buttons RM GUI RSPS Release 2 0 02 2013 dialog cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help 113 Time 3 1 Basic Settings 3 1 2 Daylight Saving Time On this tab you activate the automatic daylight saving time switching You select the beginning and the end of summertime using a predefined profile or you define these settings individually During summertime the device puts the local time forward by 1 hour Operation Parameters Meaning Operation When the function is switched on the device automatically switches between summertime and wintertime Possible values On off default setting The device switches at the times specified in the Summertime Begin and Summertime End frames Profile Opens the Profile dialog There you select a predefined configuration for the beginning and the end of
28. user manual contains detailed information about setting the temperature thresholds Table 5 System Data frame in the Basic Settings System dialog cont 24 RM GUI RSPS Release 2 0 02 2013 Basic Settings Device View 1 1 System The display in this frame shows a simplified version of the structure of the device and its equipment The display also shows the states of the device status LEDs and the device ports at the time of the last update The following symbols represent the status of the individual device ports In some situations some of these symbols interfere with one another You get a detailed description of the port status when you position the mouse pointer over the port symbol Criterion Symbol Bandwidth of the 10 Mbit s device port Port activated connection okay full duplex mode 2 100 Mbit s Port activated connection okay full duplex mode 1000 Mbit s Operating state AdminLink u u Port activated connection okay full duplex mode Half duplex mode activated See the Basic Settings Port Configuration dialog Automatic Configuration checkbox Autonegotiation activated See the Basic Settings Port Configuration dialog Automatic Configuration checkbox Port is blocked by a redundancy function Port is deactivated connection okay Port is deactivated no connection set up See Basic Settings Port Configuration dialog Port on checkbox and Link Current Settings field Table
29. 2 network Possible values 0 200000000 0 The device takes over the role of the root bridge Topology Change Shows how often the device has put a device port into the forwarding Count status via Spanning Tree since it was started Time Since Shows the time since the last topology change Topology Change Possible values lt days hours minutes seconds gt Table 210 Topology column in Protocol Configuration Information frame in the Redundancy Spanning Tree Global dialog cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 211 Buttons 7 4 2 Port With this dialog you can switch the Spanning Tree function on off on the device ports specify edge ports and define the settings for various protection functions RM GUI RSPS 230 Release 2 0 02 2013 Redundancy 7 4 Spanning Tree CIST On this tab page you can switch the Spanning Tree function on off on the device ports individually define the settings for edge ports and view the current values The abbreviation CIST stands for Common and Internal Spanning Tree Note If you are using other layer 2 redundancy protocols parallel to Spanning Tree on the device Switch o
30. 2013 111 Time 3 1 Basic Settings 3 1 Basic Settings With this dialog you can define time related settings independently of the time synchronization protocol selected The dialog contains the following tabs Global Daylight Saving Time 3 1 1 Global On this tab you define the time zone to which the system time in the device refers Configuration Parameters Meaning System Time UTC Displays the current date and time with reference to Universal Time Coordinated UTC System Time Displays the current date and time with reference to the local time System Time System Time UTC Local Offset min Daylight Saving Time Set Time from PC The device uses the time on the PC as the system time Table 91 Configuration frame in the Global tab of the Time Basic Settings dialog RM GUI RSPS 112 Release 2 0 02 2013 Time 3 1 Basic Settings Parameters Time Source Meaning Shows the time source from which the device gets the time information The device automatically selects the available time source with the greatest accuracy Possible values local System clock of the device sntp The SNTP client is activated and the device is synchronized by an SNTP server ptp PTP is activated and the clock of the device is synchronized with a PTP master clock Defines the difference between the local time and the System Time Local Offset min Set Offset from PC UTC in minutes Local Offset
31. 3 3 PTP Status IEEE1588 PTPv2 TC Parameters Meaning Clock Identity Shows the device s own identification number UUID The device shows the identities as byte sequences in hexadecimal notation The device identification number consists of the MAC address of the device with the values f and fe added between byte 3 and byte 4 Table 120 Status IEEE1588 PTPv2 TC frame in the Time PTP Transparent Clock Globa1l dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 121 Buttons RM GUI RSPS 142 Release 2 0 02 2013 Time 3 3 PTP 3 3 Transparent clock Port With this dialog you can define special settings for the Transparent Clock TC on each individual device port The settings are effective when the local clock operates as the Transparent Clock TC For this you select the value v2 transparent clock in the PTP Version Mode field in the Time PTP Global dialog Table Parameters Meaning Port Shows the number of the device port to which the table entry relates PTP Enable Specifies whether the device port transmits PTP synchronization messages Possible values Selected default setting The device po
32. 5 default setting 0 If the user makes one more unsuccessful login attempt the device locks access for the user The device only allows users with the Administrator access role to remove the lock The value 0 deactivates the lock The user can make unlimited attempts to login Table 36 Configuration frame in the Security User Management dialog RM GUI RSPS 62 Release 2 0 02 2013 Security 2 1 User Management Password policy This frame allows you to define the policy for valid passwords The device checks every new password and password change according to this policy The settings affect the Password field The prerequisite is that the Policy Check must be checkmarked Parameters Minimum Password Length Minimum Upper Cases Minimum Lower Cases Minimum Numbers Minimum Special Characters Meaning The device accepts the password if it contains at least the number of characters specified here The device checks the password according to this setting regardless of the setting for the Policy Check checkbox Possible values 6 64 default setting 6 The device accepts the password if it contains at least as many upper case letters as specified here Possible values 0 16 default setting 1 The value 0 deactivates this setting The device accepts the password if it contains at least as many lower case letters as specified here Possible values 0 16 default setting 1 The
33. 6 Symbols identifying the status of the device ports RM GUI RSPS Release 2 0 02 2013 25 Basic Settings 1 1 System Reloading The graphical user interface automatically updates the display of the dialog every 100 seconds In the process it updates the fields and symbols with the values that are saved in the volatile memory RAM of the device At the bottom left of the dialog you will find the time of the next update Reloading data in 70s Figure 5 Time to next Reload Note The graphical user interface uses this function to update only the display in the Basic Settings System dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 7 Buttons RM GUI RSPS 26 Release 2 0 02 2013 Basic Settings 1 2 Network 1 2 Network This dialog allows you to define settings for the access to the device management via the network In addition you see the addresses of the neighboring devices attached to the device and can detect and resolve address conflicts The menu contains the following dialogs Global ARP Table IP Address Conflict Detection RM GUI RSPS Release 2 0 02 2013 27 Basic Settings 1 2 Network 1 2 1 Global This dialo
34. BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE RM GUI RSPS Release 2 0 02 2013 337 Appendix A 8 Copyright of Integrated Software RM GUI RSPS 338 Release 2 0 02 2013 Index B index 1 802 1D p Mapping A Aging time Aging time address table Alarms ARP table Audit trail log Authentication list B Basic settings Bridge RSTP Cc Certificate HTTPS CLI Command Line Interface Community name SNMPv1 v2 Configuration check Configuration encryption D Denial of Service Device Status Device status DoS Download Java applet GUI DSCP IP DSCP mapping E Egress rate limiter ENVM ENVM external memory Encryption device configuration Events External memory F FAQ FDB Filter for MAC addresses Fingerprint SSH Flash memory status Flow control Forwarding database RM GUI RSPS Release 2 0 02 2013 195 32 153 152 299 265 69 152 153 158 G Graphical User Interface GUI 13 Guards 235 H Hardware clock 111 Hardware state 263 HiDiscovery 29 High availabilit
35. Clock Globa1 dialog cont Identities Parameters Meaning Clock Identity Shows the device s own identification number UUID Parent Port Identity Shows the port identification number UUID of the directly superior master device Grandmaster Shows the identification number UUID of the reference clock device Identity Table 112 Identities frame in the Time PTP Boundary Clock Global dialog The device shows the identities as byte sequences in hexadecimal notation The identification numbers UUID are made up as follows The device identification number consists of the MAC address of the device with the values and fe added between byte 3 and byte 4 The port UUID consists of the device identification number followed by a 16 bit port ID Grandmaster This frame shows the criteria that the Best Master Clock algorithm evaluates when determining the reference clock Grandmaster RM GUI RSPS Release 2 0 02 2013 131 Time 3 3 PTP The Best Master Clock algorithm first evaluates priority 1 of the participating devices The device with the smallest value for priority 1 becomes the reference clock Grandmaster If the value is the same for multiple devices the algorithm takes the next criterion and if this is also the same it takes the next criterion after this one If all the values are the same for multiple devices the smallest value in the Clock Identity field decides which device becomes the reference
36. Defines the IP address or hostname of the email server Possible values Valid IP address default setting 0 0 0 0 Hostname in the format host name or subdomain host name Defines the SMTP port number Possible values 1 65535 default setting 25 Exception Port 2222 is reserved for internal functions A value of 0 returns the feature to the default setting Defines the authentication mechanism Possible values none default setting tisvl Use this value when authenticating with a User ID and Password Defines the user id to use to authenticate the switch Prerequisite for this function is that you configure the Security function as tlsvl Possible values 0 255 alphanumeric characters Defines the password to use to authenticate the device Prerequisite for this function is that you configure the Security function as tlsvl Possible values 0 255 alphanumeric characters Activates deactivates the email message handling for this row Possible values Selected The device sends an email message according to the user defined configuration Not selected default setting Table 234 Table in the Diagnostics Report Email Logging Global dialog RM GUI RSPS Release 2 0 02 2013 255 Diagnostics Buttons Button Set Reload Create Remove Send Test Help Table 235 Buttons 8 2 Report Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the ch
37. EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE The licence and distribution terms for any publically available version or derivative of this code cannot be changed i e this code cannot simply be copied and put under another distribution licence including the GNU Public Licence RM GUI RSPS 336 Release 2 0 02 2013 Appendix A 8 Copyright of Integrated Software A 8 7 Parts of the FreeBSD IP stack Copyright c 1990 1993 The Regents of the University of California All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FORA PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS
38. Election Participate Mode Meaning Shows the ID of the VLAN to which the table entry applies Activates deactivates the IGMP Snooping Querier function for this VLAN Possible values off default setting The IGMP Snooping Querier function is deactivated for this VLAN Active The IGMP Snooping Querier function is activated for this VLAN Shows whether the Snooping Querier is actually active for this VLAN Possible values inactive default setting Active The Snooping Querier is active for this VLAN Off The Snooping Querier function is inactive for this VLAN Activates deactivates the Snooping Querier in the selection process if the device detects other queriers in the VLAN Possible values off default setting Active If the Snooping Querier detects a querier source address that is better i e smaller than the existing one the device stops sending out queries The Snooping Querier that wins the selection process continues sending out the queries Table 150 Table in the switching IGMP Querier dialog RM GUI RSPS Release 2 0 02 2013 173 Switching 5 4 IGMP Parameters Meaning Address Defines the IP address that the device adds as the sender address in generated general query data packets You use the address of the Multicast router Possible values Valid IP Multicast address default setting 0 0 0 0 Protocol Version Shows the IGMP protocol version of the general query data packet
39. Encryption frame in the Basic Settings Load Save dialog section x3c tblsheetnum gt of 2 RM GUI RSPS Release 2 0 02 2013 41 Basic Settings Parameters Set Password Delete 1 4 Load Save Meaning Encrypts configuration profiles and uses a password to make unauthorized access more difficult O Enter the new password in the Set Password dialog O When you are changing an existing password you also enter the existing password O Select the Save Configuration afterwards checkbox to use encryption for the Selected configuration profile in the non volatile memory NVM and in the external memory ENVM Note Only use this function if a maximum of 1 configuration profile is stored in the non volatile memory NvM of the device Before creating additional configuration profiles decide for or against permanently activated configuration encryption in the device Save additional configuration profiles either unencrypted or encrypted with the same password If you are replacing a device with an encrypted configuration profile e g due to a defect you proceed as follows Restart the new device and assign the IP parameters Open the Basic Settings Load Save dialog on the new device Encrypt the configuration profile in the new device see above Enter the same password you used in the existing device Install the external memory from the existing device in the new device Restart the new device When it is resta
40. Existing connections remain in place Connection Count Shows how many clients are currently logged on to the server Possible values Oe D Table 48 Configuration frame in the Security Management Access Server dialog Telnet tab page section x3c tblsheetnum gt of 2 RM GUI RSPS 76 Release 2 0 02 2013 Security Parameters Max Number of Connections Session Timeout min 2 3 Management Access Meaning Defines how many clients can be logged on to the server at the same time Possible values O29 Defines the timeout in minutes After the device has been inactive for this time it ends the session for the user logged on Possible values 0 160 default setting 5 The value 0 deactivates the function The user remains logged on when inactive Table 48 Configuration frame in the Security Management Access Server dialog Telnet tab page section x3c tblsheetnum gt of 2 Buttons Button Set Reload Help Table 49 Buttons RM GUI RSPS Release 2 0 02 2013 Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help TT Security 2 3 Management Access 2 3 4 Server HTTP This tab allows you to define settings for the HTTP server of the device and t
41. H HIRSCHMANN A BELDEN BRAND Reference Manual GUI Graphical User Interface Rail Switch Power Smart RSPS RM GUI RSPS Technical Support Release 2 0 02 2013 https hirschmann support belden eu com The naming of copyrighted trademarks in this manual even when not specially indicated should not be taken to mean that these names may be considered as free in the sense of the trademark and tradename protection law and hence that they may be freely used by anyone 2013 Hirschmann Automation and Control GmbH Manuals and software are protected by copyright All rights reserved The copying reproduction translation conversion into any electronic medium or machine scannable form is not permitted either in whole or in part An exception is the preparation of a backup copy of the software for your own use For devices with embedded software the end user license agreement on the enclosed CD DVD applies The performance features described here are binding only if they have been expressly agreed when the contract was made This document was produced by Hirschmann Automation and Control GmbH according to the best of the company s knowledge Hirschmann reserves the right to change the contents of this document without prior notice Hirschmann can give no guarantee in respect of the correctness or accuracy of the information in this document Hirschmann can accept no responsibility for damages resulting from the use of the network components
42. Meaning Index Shows a sequential number to which the table entry relates The device automatically defines this number Possible values 1 16 When you delete a table entry this leaves a gap in the numbering When you create a new table entry the device fills the first gap IP Address Range Specifies the IP address range for which you define the access to the management functions with this table entry Possible values Valid IPv4 address and netmask in CIDR notation 0 0 0 0 0 default setting for all newly created entries HTTP Activates deactivates the HTTP access Possible values selected default setting Access is activated for the adjacent IP address range not selected Access is deactivated HTTPS Activates deactivates the HTTPS access Possible values Selected default setting Access is activated for the adjacent IP address range Not selected Access is deactivated Table 67 Table in the securi ty Management Access IP Access Restriction dialog RM GUI RSPS Release 2 0 02 2013 89 Security Parameters SNMP 2 3 Management Access Meaning Activates deactivates the SNMP access Possible values Selected default setting Access is activated for the adjacent IP address range Not selected Access is deactivated Telnet Activates deactivates the Telnet access Possible values selected default setting Access is activated for the adjacent IP address range not selected Access is deactivated
43. Removes the selected table entry Opens the online help RM GUI RSPS Release 2 0 02 2013 Diagnostics 8 5 LLDP 8 5 LLDP The device allows you to gather information about neighboring devices For this the device uses the Link Layer Discovery Protocol LLDP This information enables a network management station to map the structure of your network This menu allows you to configure the topology discovery and to display the information received in table form The menu contains the following dialogs Configuration Topology Discovery 8 5 1 Configuration This dialog allows you to configure the topology discovery for every device port Operation Parameters Meaning Operation If the function is switched on the topology discovery with LLDP is activated on the device Possible values On default setting Off Table 295 Operation frame in the Diagnostics LLDP Configuration dialog RM GUI RSPS Release 2 0 02 2013 301 Diagnostics 8 5 LLDP Configuration Parameters Meaning Transmit Interval s Defines the interval in seconds at which the device transmits LLDP data packets Possible values 5 32768 default setting 30 Transmit Interval Defines the factor for determining the time to live value for the LLDP data Multiplier packets Possible values 2 10 default setting 4 The time to live value coded in the LLDP header results from multiplying this value with the value in the Transmit Interval s fie
44. STP role designated Possible values Not selected default setting The monitoring of STP BPDUs is switched off Selected The monitoring of STP BPDUs is switched on Ifthe device port receives an STP BPDU with better path information to the root bridge the device discards the STP BPDU and sets the state of the device port to the value discarding instead of to root Ifthere are no STP BPDUs with better path information to the root bridge after 2 x Hello Time the device resets the state of the device port to a value according to the port role If you switch on the Root Guard function while the Loop Guard function is switched on the device switches off the Loop Guard function TCN Guard Switches the monitoring of Topology Change Notifications on off on the device port With this setting the device helps you protect your network from attacks with STP BPDUs that try to change the topology Possible values Not selected default setting The monitoring of Topology Change Notifications is switched off If the device receives STP BPDUs with a Topology Change flag it deletes the address table FDB of the device port and forwards the Topology Change Notifications Selected The monitoring of Topology Change Notifications is switched on The device port ignores the Topology Change flag in received STP BPDUs If the received BPDU contains other information that causes a topology change the device process
45. Snooping Querier settings globally and for the VLANs that are set up Operation Parameters Meaning Operation Activates deactivates the IGMP Querier function globally in the device Possible values On off default setting Table 148 Operation frame in the Switching IGMP Querier dialog Configuration In this frame you define the IGMP Snooping Querier settings for the general query data packets Parameters Meaning Protocol Version Defines the IGMP version of the general query data packets Possible values 1 IGMP v1 2 IGMP v2 default setting 3 IGMP v3 Query Interval Defines the time in seconds after which the device generates general query data packets itself when it has received query data packets from the Multicast router Possible values 1 1800 default setting 60 Table 149 Configuration frame in the switching IGMP Querier dialog RM GUI RSPS 172 Release 2 0 02 2013 Switching Parameters Expiry Interval 5 4 IGMP Meaning Defines the time in seconds after which an active querier switches from the passive state back to the active state if it has not received any query packets for longer than the expiry interval Possible values 60 300 default setting 125 Table 149 Configuration frame in the switching IGMP Querier dialog cont Table In the table you define the Snooping Querier settings for the VLANs that are set up Parameters VLAN ID Active Current State
46. VLAN Unaware Mode is switched off see the Switching Global dialog Table Parameters Meaning VLAN ID ID of the VLAN The device supports up to 16 VLANs set up simultaneously Possible values 1 4042 Name Name of the VLAN The device automatically specifies the name You can change the name at any time Possible values 1 32 alphanumeric characters state on delivery default for VLAN 1 otherwise VLANxxxx Table 159 Table in the switching VLAN Static dialog RM GUI RSPS Release 2 0 02 2013 181 Switching Parameters Port 5 5 VLAN Meaning Defines on which ports the device transmits the data packets for the corresponding VLANs and how it handles the VLAN tagging Possible values state on delivery The port does not transmit any data packets for the VLAN The port is not a member of the VLAN T The port transmits data packets with a VLAN tag tagged You use this setting for an uplink connection for example U state on delivery for VLAN 1 The port transmits data packets without a VLAN tag untagged Use this setting if the connected terminal device does not evaluate any VLAN tags F The port does not transmit any data packets neither from static nor dynamic VLANs forbidden Use this setting if the connected terminal device does not evaluate any VLAN tags Table 159 Table in the switching VLAN Static dialog cont Note When configuring the VLAN ensure that the management sta
47. a request to an authentication server before it retransmits the request Possible values 1 30 default setting 5 NAS IP Address Defines the IP address that the device transfers to the authentication Attribute 4 server as attribute 4 Enter the IP address of the device or another freely selectable address Possible values Valid IPv4 address default setting 0 0 0 0 In many cases there is a firewall between the device and the authentication server In the Network Address Translation NAT in the firewall the original IP address changes and the authentication server receives the translated IP address of the device The IP address in this field is transferred unchanged by the device across the Network Address Translation NAT Table 82 RADIUS Configuration frame in the Security RADIUS Globa1 dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Table 83 Buttons RM GUI RSPS Release 2 0 02 2013 103 Security 2 5 RADIUS Button Meaning Clear Radius Deletes the statistics in the Security RADIUS Authentication Statistics Statistics dialog and in the Security RADIUS Accounting Statistics dialog Help Opens the online help Table 83 Buttons cont 2 5 2 A
48. a restart To permanently save the changes choose the selected configuration profile in the Basic Settings Load Save dialog and click Save The device automatically compares the configuration profiles once a minute To refresh the display manually click the button If the device configurations match the button is hidden By right clicking this symbol you can open the Basic Settings Load Save dialog directly When you position the mouse pointer over the button the user interface opens a bubble help with the following information The Last Update section shows the time at which the device last refreshed the values The Device Status section shows a compressed view of the Device Status frame in the Basic Settings System dialog The section shows the alarm that is currently active and whose occurrence was recorded first The Security Status section shows a compressed view of the Security Status frame in the Basic Settings System dialog The section shows the alarm that is currently active and whose occurrence was recorded first The Boot Parameter section shows a note if you permanently save changes to the device configuration and at least one boot parameter differs from the device configuration used during the last restart The following settings cause the boot parameters to change Basic Settings External Memory dialog Enable Automatic Software Update parameter Basic Settings External Memory dialog
49. a trap to the management station Last MAC Status Shows the status of the last MAC address on this interface Possible values other added removed Table 290 Table in the Diagnostics Status Configuration MAC Notification dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 291 Buttons RM GUI RSPS 298 Release 2 0 02 2013 Diagnostics 8 4 Status Configuration 8 4 5 Alarms Traps The device enables you to send an SNMP message trap yourself for specific events to one or more SNMP managers You define the events for example in the Diagnostics Status Configuration Device Status dialog or the Diagnostics Status Configuration Security Status dialog With this dialog you can define the SNMP managers to which the device sends the traps Operation Parameters Meaning Operation When the function is switched on the device sends SNMP messages traps to the SNMP managers defined in the table When the function is switched off the device does not send any traps Possible values On default setting Of Table 292 Operation frame in the Diagnostics Status Configuration Alarms Traps dialog Table Par
50. action if a port state occurs LI Enable the port monitor globally LI Enable the port monitor on a port LI Configure the conditions on a port LI Configure an action to perform on that port when the condition occurs RM GUI RSPS Release 2 0 02 2013 269 Diagnostics 8 3 Ports The dialog contains the following tabs Port Monitor Global Port Monitor Link Flap Port Monitor CRC Fragments 8 3 5 Port Monitor Global In this dialog you activate the configurations defined in the Link Flap and CRC Fragments tabs The device also offers a Duplex Mismatch Detection function Duplex mismatch is a condition where 2 connected devices operate at different duplex modes either half or full duplex The device detects these conditions when you activate the functions and produces the user defined action Operation Parameters Meaning Operation Activates deactivates the Port Monitor function globally on the device Possible values On off default setting Table 255 Operation frame in the Global tab of the Diagnostics Ports Port Monitor dialog Table Parameters Meaning Port Shows the number of the device port to which the table entry relates Table 256 Table in the Global tab of the Diagnostics Ports Port Monitor dialog RM GUI RSPS 270 Release 2 0 02 2013 Diagnostics Parameters Link Flap on CRC Fragments on Duplex Mismatch Detection active Active Condition Action Port Status 8 3 Ports Meaning
51. and ef These values are compatible with the IP precedence model In the QoS Priority IP DSCP Mapping dialog you assign the IP DSCP value to the traffic classes and thus the data packets to a priority queue of the port Shows the number of priority queues per device port Every priority queue is assigned to traffic classes traffic class based on IEEE 802 1D The device supports 4 priority queues Table 166 Configuration frame in the QoS Priority Global dialog 190 RM GUI RSPS Release 2 0 02 2013 QoS Priority 6 1 Global Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 167 Buttons RM GUI RSPS Release 2 0 02 2013 191 QoS Priority 6 2 Port Configuration 6 2 Port Configuration In this dialog you define the QoS priority settings for each device port for received data packets Table Parameters Meaning Port Shows the number of the device port to which the table entry relates Port Priority Defines the port priority The device exchanges the data packets received on the port according to the assigned traffic class Possible values 0 7 default setting 0 Prerequisite In the Trust Mode column you have selected
52. continues Note that any information and cryptographic algorithms used in this software are publicly available on the Internet and at any major bookstore scientific library and patent office worldwide More information can be found e g at http www cs hut fi crypto The legal status of this program is some combination of all these permissions and restrictions Use only at your own responsibility You will be responsible for any legal consequences yourself am not making any claims whether possessing or using this is legal or not in your country and am not taking any responsibility on your behalf NO WARRANTY BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE THERE IS NO WARRANTY FOR THE PROGRAM TO THE EXTENT PERMITTED BY APPLICABLE LAW EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND OR OTHER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FORA PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION INNO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER OR ANY OTHER PARTY WHO MAY MODIFY AND OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE BE LIABLE TO YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL
53. description of the display and the other information that you need to install the device The Basic Configuration user manual contains the information you need to start operating the device It takes you step by step from the first startup operation through to the basic settings for operation in your environment The Redundancy Configuration user manual document contains the information you require to select the suitable redundancy procedure and configure it The HiView user manual contains information for using the HiView GUI application This application allows you to use the graphical user interface of Hirschmann devices with management independently of other applications such as a browser RM GUI RSPS Release 2 0 02 2013 9 About this Manual The Industrial HiVision Network Management Software provides you with additional options for smooth configuration and monitoring 10 Simultaneous configuration of multiple devices Graphical user interface with network layout Auto topology discovery Event log Event handling Client server structure Browser interface ActiveX control for SCADA integration SNMP OPC gateway RM GUI RSPS Release 2 0 02 2013 Key Key The designations used in this manual have the following meanings List O Work step Subheading Link Cross reference with link Note A note emphasizes an important fact or draws your attention to a dependency Courier ASCII representation in us
54. detects 10 address conflicts one after the other it extends the waiting time until the next check to 60 s When the address conflict has been resolved the device management returns to the network again Passive Passive address conflict detection The device analyzes the data traffic in the network If another device in the network is using the device s own IP address the device initially defends its IP address The device stops sending if the other device then keeps sending with the same IP address Asa defence the device sends gratuituous ARP data packets The device repeats this procedure for the number of times specified in the Number of Address Protections field If the other device continues sending with the same IP address after the period specified in the Release Delay s field the device periodically checks whether the address conflict still exists When the address conflict has been resolved the device management returns to the network again Table 16 Configuration frame in the Basic Settings Network IP Address Conflict Detection dialog RM GUI RSPS 34 Release 2 0 02 2013 Basic Settings 1 2 Network Parameters Meaning Send Periodic ARP Switches the periodic address conflict detection on off Probes Possible values On default setting The periodic address conflict detection is switched on The device periodically sends an ARP probe data packet every 90 to 150
55. device deletes the configuration profiles saved on the external memory ENVM After a brief period the device restarts and loads the factory settings Help Opens the online help Table 29 Buttons section x3c tblsheetnum gt of 5 RM GUI RSPS Release 2 0 02 2013 51 Basic Settings 1 5 External Memory 1 5 External Memory This dialog allows you to activate functions that the device automatically executes in combination with the external memory ENVM The dialog also shows the operating state and identifying characteristics of the external memory Table Parameters Meaning Type Shows the type of the external memory Possible values SD External SD memory ACA31 Status Shows the operating status of the external memory Possible values notPresent No external memory connected removed Someone has removed the external memory from the device during operation ok The external memory is connected and ready for operation outofMemory The memory space is occupied on the external memory genericErr The device has detected an error Writable Shows whether the device has write access to the external memory Possible values Selected The device has write access to the external memory Not selected The device only has read access to the external memory It is possible that write protection is activated on the external memory Manufacturer ID Shows the name of the memory manufacturer Product Name Shows the produ
56. device sends these as events with the preset severity notice to the list of syslog servers The preset minimum severity for a syslog server entry is critical RM GUI RSPS Release 2 0 02 2013 249 Diagnostics 8 2 Report To send SNMP requests to a syslog server you have a number of options to change the default settings Select the ones that meet your requirements best LI Set the severity for which the device creates SNMP requests as events to warning or error and change the minimum severity for a syslog entry for one or more syslog servers to the same value You also have the option of creating a separate syslog server entry for this L Only set the severity for SNMP requests to critical or higher The device then sends SNMP requests as events with the severity critical or higher to the syslog servers LI Only set the minimum severity for one or more syslog server entries to notice or lower Then it may happen that the device sends a large number of events to the syslog servers CLI Logging Parameters Meaning Operation When the function is switched on the device logs all commands received through Command Line Interface CLI Possible values On off default setting Table 225 CLI Logging frame in the Diagnostics Report Global dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load S
57. enables a port after an ARP Rate condition produces a disable port action Possible values Selected Enables the ports after the user defined time elapses Not selected default setting The ports remain disabled Table 262 Configuration frame in the Diagnostics Ports Auto Disable dialog Table Parameters Port Reset Timers Remaining Time s Component Reason Meaning Shows the number of the device port to which the table entry relates Timer value in seconds after which the device reactivates a deactivated port Possible values 30 4294967295 0 default setting A value of 0 disables the timer Remaining time in seconds until the reactivation of the port Shows the name of the component that caused the port to disable itself Shows the reason the port disabled itself Table 263 Table in the Diagnostics Ports Auto Disable dialog 276 RM GUI RSPS Release 2 0 02 2013 Diagnostics 8 3 Ports Parameters Meaning Active Shows the operational status of the function for the port Possible values Selected The Auto Disable function shuts down the port Not selected default setting The port is active Table 263 Table in the Diagnostics Ports Auto Disable dialog cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the
58. entry Propagate State Defines whether the device monitors the power supply Possible values Selected default setting The device changes the device status to Error if one of the following conditions applies The voltage source is providing an incorrect voltage The voltage source fails The power supply within the device is defective Not selected The device status remains unchanged under the conditions named above Table 273 Propagate State table in the Diagnostics Status Configuration Device Status dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Table 274 Buttons RM GUI RSPS 284 Release 2 0 02 2013 Diagnostics 8 4 Status Configuration Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 274 Buttons cont RM GUI RSPS Release 2 0 02 2013 285 Diagnostics 8 4 Status Configuration 8 4 2 Security Status This dialog gives you an overview of the status of the safety relevant settings in the device The device displays its current status as Error or OK in the Security Status frame The device determines this status from the individual monitoring results The device displays the detected faults in the Security Status f
59. groups The protocol describes the distribution of Multicast data packets between routers and terminal devices on Layer 3 The device allows you to use the IGMP Snooping function to also use the IGMP mechanisms on Layer 2 Without IGMP Snooping the device transmits the Multicast data packets to all the ports With the activated IGMP Snooping function the device transmits the Multicast data packets exclusively on ports to which Multicast receivers are connected This reduces the network load The device evaluates the IGMP data packets transmitted on Layer 3 and uses the information on Layer 2 L Activate the IGMP Snooping function not until the following conditions are fulfilled There is a Multicast router in the network that creates IGMP queries periodic queries The devices participating in IGMP Snooping forward the IGMP queries The device links the IGMP reports with the entries in its address table forwarding database If a Multicast receiver joins a Multicast group report the device creates a table entry in the Switching Filters for MAC Addresses dialog for this port If the Multicast receiver leaves the Multicast group the device removes the table entry again The menu contains the following dialogs Snooping IGMP Snooping Enhancements IGMP Querier Multicasts RM GUI RSPS 162 Release 2 0 02 2013 Switching 5 4 IGMP 5 4 1 Snooping This dialog allows you to activate the IGMP Snooping protocol in the devic
60. h O H Possible values 2 147 483 648 2 147 483 647 default setting 35 Defines whether the value entered in the UTC Offset s field is correct Possible values selected not selected default setting Shows whether the device gets the time from a primary UTC reference e g from an NTP server Possible values selected not selected Shows whether the device gets the frequency from a primary UTC reference e g from an NTP server Possible values selected not selected Shows whether the device uses the PTP time scale Possible values selected not selected According to IEEE 1588 the PTP time scale is the TAI atomic time started on 01 01 1970 In contrast to UTC TAI does not use leap seconds On 01 01 2011 the difference between TAI and UTC was 34 seconds Table 114 Local Time Properties frame in the Time PTP Boundary Clock Global dialog RM GUI RSPS Release 2 0 02 2013 133 Time 3 3 PTP Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 115 Buttons 3 3 4 Boundary clock Port With this dialog you can define special settings for the Boundary Clock BC at every individual device port
61. in the Snooping counters Information frame to 0 see the Switching IGMP Snooping dialog Delete Log File Removes the logged events from the log file see the Diagnostics Report System Log dialog Table 35 Buttons RM GUI RSPS Release 2 0 02 2013 59 Basic Settings 1 7 Restart Button Meaning Delete Persistent Removes the log files from the external memory see the Log File Diagnostics Report Persistent Logging dialog Help Opens the online help Table 35 Buttons cont RM GUI RSPS 60 Release 2 0 02 2013 Security 2 Security This menu allows you to define the settings for the access to the device The menu contains the following dialogs User Management Authentication List Management Access Port Security RADIUS Pre login Banner RM GUI RSPS Release 2 0 02 2013 61 Security 2 1 User Management 2 1 User Management The device allows users to access its management functions when they log in with valid login data The device authenticates the users either using the local user management or with a RADIUS server in the network In this dialog you manage the users of the local user management You also define the following settings here Settings for the login Settings for saving the passwords Define policy for valid passwords Configuration This frame allows you to define settings for the login Parameters Meaning Number of Login Number of login attempts possible Attempts Possible values 0
62. interfaces 1 1 and 1 2 with interface hsr 1 as seen in the Switching Rate Limiter and Switching Filter for MAC Addresses dialogs Configure interface hsr 1 for VLAN membership and Rate Limitation RM GUI RSPS 216 Release 2 0 02 2013 Redundancy 7 3 HSR Operation Parameters Meaning Operation Activates deactivates global HSR operation Possible values On When activated the device processes the traffic according to the configured functions Off default setting Table 194 Operation frame in the Redundancy HSR Configuration dialog Port A Port B Parameters Meaning Port A The text box in this frame shows the port number that is operating as HSR Port A on this device The radio buttons activate deactivate the HSR function on port A Possible values On default setting OFT Port B The text box in this frame shows the port number that is operating as HSR Port B on this device The radio buttons activate deactivate the HSR function on port B Possible values On default setting Of Table 195 Port A Port B frames in the Redundancy HSR Configuration dialog RM GUI RSPS Release 2 0 02 2013 217 Redundancy 7 3 HSR Supervision Packet Receiver Parameters Meaning Evaluate Activates deactivates Supervision Packets analysis Supervision Packets Possible values Selected default setting Supervision Packets analysis is switched on The device receives Supervision Frames and ana
63. into several smaller sequential RM GUI RSPS Release 2 0 02 2013 273 Diagnostics 8 3 Ports packets before transmitting The receiving device reassembles the packet in the correct order The device counts the packets which are less than 64 bytes as fragments When configured and activated the device monitors both conditions If either the CRC or the Fragment count exceeds the configured condition the device performs the user defined action Table Parameters Meaning Port Shows the number of the device port to which the table entry relates Sampling Interval s Defines the interval in seconds for CRC Fragment detection for this entry Possible values 5 180 default setting 10 CRC Fragments Defines the CRC Fragment detection counter for this entry When the count ppm frequency of CRC Fragments reaches this number the device produces the action configured in the Global tab Prerequisite for this function is that the CRC Fragments on function in the Global tab is active Possible values 1 1000000 default setting 1000 Last active Interval Shows the number of CRC Fragments that occurred during the last ppm interval Total ppm Shows the total number of CRC Fragments that occurred since the last reset Table 260 Table in the CRC Fragments tab of the Diagnostics Ports Port Monitor dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save
64. memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 132 Buttons RM GUI RSPS Release 2 0 02 2013 157 Switching 5 3 Filter for MAC addresses 5 3 Filter for MAC addresses This dialog allows you to display and edit address filters for the address table forwarding database Address filters define the way the data packets are forwarded in the device based on the destination MAC address Each row in the table represents one filter The device automatically sets up the filters The device allows you to set up additional filters manually The device transmits the data packets as follows If the table contains an entry for the destination address of a data packet the device transmits the data packet from the receiving port to the port specified in the table entry If there is no table entry for the destination address the device transmits the data packet from the receiving port to all the other ports Table Parameters Address Status Meaning Shows the destination MAC address to which the table entry applies Shows how the device has set up the address filter Possible values learned Address filter set up automatically by the device based on received data packets permanent Address filter set up manua
65. off default setting The device transmits every received data packet without checking the sender Table 76 Operation frame in the Security Port Security dialog Table Parameters Meaning Port Shows the number of the device port to which the table entry relates Active Activates deactivates the checking of the sender on the device port Possible values Selected The device checks every data packet received on the device port and transmits it if its sender is desired You also switch on the function in the Operation frame Not selected default setting The device transmits every data packet received on the port without checking the sender Note If you are operating the device as an active subscriber within an MRP ring we recommend setting the value of the field to Not selected Table 77 Table in the Security Port Security dialog RM GUI RSPS Release 2 0 02 2013 97 Security Parameters Violation Traps Violation Trap Frequency s Dynamic Limit Static Limit Current Dynamic Current Static Last Violating VLAN ID MAC Trapped Violations 2 4 Port Security Meaning Activates deactivates the sending of an SNMP message trap when the device discards data packets from an undesired sender on the port Possible values Selected The device sends an SNMP message when it discards data packets from an undesired sender on the port Not selected default setting The device does not send any SNMP messa
66. packets whose Size size exceeds the maximum allowed packet size Possible values Selected The device detects and discards ingress ICMP data packets whose size exceeds the allowed packet size see the input field Allowed Packet Size Not selected default setting The device forwards ingress ICMP data packets whose size is less than the allowed packet size Table 126 ICMP frame in the Network Security DoS Global dialog RM GUI RSPS Release 2 0 02 2013 149 Network Security 4 1 DoS Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 127 Buttons RM GUI RSPS 150 Release 2 0 02 2013 Switching 5 Switching With this menu you can configure the settings for the switching The menu contains the following dialogs Global Rate Limiter Filter for MAC addresses IGMP VLAN RM GUI RSPS Release 2 0 02 2013 151 Switching 5 1 Global 5 1 Global This dialog allows you to define the following settings Change the aging time of the address table forwarding database Switch on the flow control in the device Switch on the VLAN Unaware Mode If many large data packets are received in the sending queue of a port this can cause the port memo
67. phase configure all the devices individually Before you connect the redundant line be sure to complete the configuration of all the devices Failure to follow these instructions can result in death serious injury or equipment damage The menu contains the following dialogs Configuration DAN VDAN Table Proxy Node Table Statistics 7 2 1 Configuration With this dialog you switch the Parallel Redundancy Protocol function on off and manage PRP supervision packet transmission and reception MRP and STP cannot operate on the same ports as PRP Deactivate or choose different ports for MRP and deactivate STP on the PRP ports Note PRP uses interfaces 1 1 and 1 2 when active The PRP function replaces interfaces 1 1 and 1 2 with interface prp 1 as seen in the VLAN Rate Limiter and Filter for MAC Addresses dialogs Configure interface prp 1 for VLAN membership Rate Limitation and MAC filtering RM GUI RSPS 208 Release 2 0 02 2013 Redundancy Operation Parameters Operation 7 2 PRP Meaning Activates deactivates global PRP operation Possible values On When activated the device processes the traffic according to the configured functions off default setting Note To help avoid network loops proceed as follows Before you deactivate the PRP operation globally deactivate either Port A or Port B Table 183 Operation frame in the Redundancy PRP Configuration dialog Port A Port B Parame
68. port is configured as Learn by LLDP L Learned The device has detected the port as a query port because the port has received IGMP queries in this VLAN The port is not a statically configured query port ALA Learn by LLDP can be set A user has configured the port as Learn by LLDP With LLDP Link Layer Discovery Protocol the device detects Hirschmann devices connected directly to the port The device denotes the detected query ports with A You configure a port as Learn by LLDP by selecting the Learn by LLDP checkbox on the Configuration page in the Wizard FA Forward All can be set A user has configured the port so that the device transmits all the received Multicast streams in the VLAN to this port This setting is suited to diagnostic purposes for example You configure the port as Forward A11 by selecting the Forward All checkbox on the Configuration page in the Wizard S Static can be set A user has configured the port as a static query port The device only transmits IGMP reports to ports at which it previously received IGMP queries and to statically configured query ports You configure the port as a static query port by selecting the Static checkbox in the Configuration step in the Wizard Table 142 Table in the Switching IGMP Snooping Enhancements dialog 168 RM GUI RSPS Release 2 0 02 2013 Switching 5 4 IGMP Parameters Meaning Display Categories Simplifies the display The
69. registered ports Table 153 Table in the switching IGMP Multicasts dialog cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 154 Buttons RM GUI RSPS 176 Release 2 0 02 2013 Switching 5 5 VLAN 5 95 VLAN With VLAN Virtual Local Area Network you distribute the data traffic in the physical network to logical subnetworks This provides you with the following advantages High flexibility With VLAN you distribute the data traffic to logical networks in the existing infrastructure Without VLAN it would be necessary to have additional devices and complicated cabling With VLAN you define network segments independently of the location of the individual terminal devices Improved throughput In VLANs data packets can be transferred by priority If the priority is high the device transfers the data traffic of a VLAN preferentially e g for time critical applications such as VoIP phone Calls The network load is considerably reduced if data packets and Broadcasts are distributed in small network segments instead of in the entire network Increased security The distribution of the data traffic among individual logic
70. sake of clarity If you use 1 port to connect several devices for example via a hub the table contains 1 line for each connected device Parameters Meaning Port Shows the number of the device port to which the table entry relates Neighbor Identifier Shows the chassis ID of the neighboring device This can be the basis MAC address of the neighboring device for example Neighbor IP Shows the IP address with which the management functions of the Address neighboring device can be reached Neighbor Port Shows a description for the device port of the neighboring device Description Neighbor System Shows the device name of the neighboring device Name Table 299 Table in the LLDP tab of the Diagnostics LLDP Topology Discovery dialog RM GUI RSPS Release 2 0 02 2013 305 Diagnostics Parameters Port ID Autonegotiation Supported Autonegotiation Enabled PoE Supported PoE Enabled 8 5 LLDP Meaning Shows the ID of the device port through which the neighboring device is connected to the device Shows whether the device port of the neighboring device supports autonegotiation Shows whether autonegotiation is enabled on the device port of the neighboring device Shows whether the device port of the neighboring device supports Power over Ethernet PoE Shows whether Power over Ethernet PoE is enabled on the device port of the neighboring device Table 299 Table in the LLDP tab of the Diagnostics LLDP Top
71. server in the network In this dialog you manage the authentication lists In a list you define which method the device uses for the authentication Here you have the option to differentiate the application with which the device is accessed e g viaa console or with the graphical user interface Table Parameters Meaning Name Shows the name of the list To create a new list you click Create Policy 1 Shows the authentication method that the device uses for access via the Policy 2 application specified in the Dedicated Applications field To change the Policy 3 value click the relevant field Policy 4 A 5 A Policy 5 The device gives you the option ofa fall back solution For this you specify one other method in each of the Policy 2 to Policy 5 fields If the authentication with the specified method is not successful the device uses the next policy Possible values local The device authenticates the users by using the local user management see the Security User Management dialog radius The device authenticates the users with a RADIUS server in the network You specify the RADIUS server in the Security RADIUS Authentication Server dialog reject The device rejects the authentication request from the user Dedicated Shows the dedicated applications When users access the device with the Applications relevant application the device uses the defined policies for the authentication To allocate another application to
72. set up after Max Age the device sets the device port to the forwarding state default setting 20 s Shows whether a terminal device or an STP bridge is connected to the device port Possible values enable A terminal device is connected to the device port The device port does not receive any STP BPDUs disable An STP bridge is connected to the device port The device port receives STP BPDUs Shows whether the port is connected to an STP device via a direct full duplex link Possible values true The device port is connected directly to an STP device via a full duplex link The direct decentralized communication between 2 bridges enables short reconfiguration times false The device port is connected in another way e g via a half duplex link or via a hub Table 212 CIST tab page in the Redundancy Spanning Tree Port dialog section x3c tblsheetnum gt of 4 234 RM GUI RSPS Release 2 0 02 2013 Redundancy 7 4 Spanning Tree Guards On this tab page you can define the settings for various protection functions on the device ports Parameters Meaning Port Shows the number of the device port to which the table entry relates Root Guard Switches the monitoring of STP BPDUs on off on the device port With this setting the device helps you protect your network from incorrect configurations or attacks with STP BPDUs that try to change the topology This setting is only relevant for device ports with the
73. that the higher a function appears at the top of the list the higher the priority When you repair the displayed detected fault the device displays the next higher detected fault Device Status Parameters Meaning Device Status Displays the current status of the device The device determines the status from the individual monitored parameters Possible values Error OK Table 269 Device Status frame in the Diagnostics Status Configuration Device Status dialog RM GUI RSPS Release 2 0 02 2013 281 Diagnostics 8 4 Status Configuration Trap Configuration Parameters Meaning Generate Trap Activates deactivates the sending of an SNMP message trap when the value in the Device Status field changes Possible values Selected The device sends a trap Not selected default setting The device does not send a trap The prerequisite for sending SNMP messages traps is that the function is switched on in the Diagnostics Alarms Traps dialog and atleast 1 SNMP manager is defined Table 270 Trap Configuration frame in the Diagnostics Status Configuration Device Status dialog Monitoring Parameters Meaning Temperature Defines whether the device monitors the temperature in the device Possible values Ignore The device ignores this parameter Monitor default setting The device changes the device status to Error if the temperature exceeds or falls below the temperature thresholds You define the temp
74. the SNMP data packet header Depending on the community name the application gets read authorization or read and write authorization for the device You activate the access to the device via SNMPv1 v2 in the Security Management Access Server dialog Table Parameters Meaning Community Shows the authorization for SNMPv1 v2 applications to the device Write For requests with the community name entered beside this the application gets read and write authorization for the device Read For requests with the community name entered here the application gets read authorization for the device Name Defines the community name for the authorization entered beside it Possible values 0 32 alphanumeric characters including spaces and the following special characters 1 amp 4 lt gt 2 M private default setting for read and write authorization public default setting for read authorization Table 64 Table in the Security Management Access SNMPv1 v2 Community dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Table 65 Buttons RM GUI RSPS Release 2 0 02 2013 87 Security 2 3 Management Access Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 65
75. the difference from the time information received In Two Step mode the time information consists of 2 PTP synchronization messages each which the PTP master sends cyclically The first synchronization message sync message contains an estimated value for the exact sending time of the message The second synchronization message follow up message contains the exact sending time of the first message The PTP slave uses the two PTP synchronization messages to calculate the difference offset from the master and corrects its clock by this difference Here the PTP slave also considers the Delay to Master ns Table 111 Status IEEE1588 PTPv2 BC frame in the Time PTP Boundary Clock Globa1 dialog 130 RM GUI RSPS Release 2 0 02 2013 Time 3 3 PTP Parameters Meaning Delay to Master ns Shows the delay when transmitting the PTP synchronization messages from the PTP master to the PTP slave in nanoseconds The PTP slave sends a Delay Request packet to the PTP master and thus determines the exact sending time of the packet When it receives the packet the PTP master generates a time stamp and sends this in a Delay Response packet back to the PTP slave The PTP slave uses the two packets to calculate the delay and considers this starting from the next offset measurement Prerequisite The delay mechanism of the slave ports is set to the value e2e Table 111 Status IEEE1588 PTPv2 BC frame in the Time PTP Boundary
76. the URL for the file in one of the following forms scp orsftp lt IP address gt lt path gt lt file name gt When you click Update the device displays the Authentication dialog There you enter the User and Password to login to the server scp orsftp lt user gt lt password gt lt IP address gt lt path gt lt file name gt Shows the Open dialog If the image file is located on your PC or ona network drive you select the image file here Updates the device software In the process the device copies the selected file into the flash memory and replaces the device software stored there The device copies the existing Stored Version of the device software into the backup area The device loads the updated device software during the next restart Table 21 Software Update frame in the Basic Settings Software dialog 38 RM GUI RSPS Release 2 0 02 2013 Basic Settings Table Parameters File Location Index File name Firmware Applet Logic 1 3 Software Meaning Shows the storage location of the device software Possible values RAM Volatile memory of the device FLASH Non volatile memory NVM of the device SD CARD External SD memory ACA31 Shows the index of the device software Shows the device internal file name of the device software Shows the version number and creation date of the device software Shows the version number of the graphical
77. the list or remove the allocation you click Allocate Applications Every application can always be allocated to exactly one list Table 41 Table in the Security Authentication List dialog RM GUI RSPS Release 2 0 02 2013 69 Security 2 2 Authentication List Parameters Meaning Active Activates deactivates the list Possible values Selected The list is activated The device uses the policies in this list when users access the device with the relevant application Not selected The list is deactivated Table 41 Table in the Security Authentication List dialog cont Note If the table does not contain a list it is only possible to access the device using CLI via the V 24 interface In this case the device authenticates the user by using the local user management see the Security User Management dialog New Entry In this frame you set up a new authentication list To display the frame you click the Create button Parameters Meaning Name Specifies the name of the list Possible values 1 32 alphanumeric characters Policy 1 Specifies the authentication method that the device uses Policy 2 The device gives you the option of a fall back solution For this you Policy 3 Dal Wan Dal f Policy 4 specify one other method in each of the Policy 2 to Policy 5 fields Policy 5 Possible values local The device authenticates the users by using the local user management see the Security User Mana
78. the value as follows untrusted or trustDotlp The data packets do not contain a VLAN tag or priority tag or trustIpDscp The data packets are not IP packets The QoS Priority 802 1D p Mapping dialog shows which traffic class has been assigned to the respective VLAN priority The device assigns the data packets to a traffic class depending on their VLAN priority and thereby sorts them in the priority queue Table 168 Table in the QoS Priority Port Configuration dialog RM GUI RSPS 192 Release 2 0 02 2013 QoS Priority Parameters Trust Mode Untrusted Traffic Class 6 2 Port Configuration Meaning Defines how the device handles received data packets that contain QoS priority information Possible values untrusted The device ignores the QoS priority information contained in the data packets and prioritizes them according to the value entered in the Port Priority column trustDot1p default setting Data packets with a VLAN tag are prioritized by the device according to the QoS priority information contained in the data packet The QoS Priority 802 1D p Mapping dialog shows the traffic class to which the respective VLAN priority is assigned The device assigns the data packets to a traffic class depending on their VLAN priority and thereby sorts them in the priority queue Data packets without a VLAN tag are prioritized by the device according to the value defined in the Port Priority column tr
79. them to all ports or transmits them only to the ports that previously received query packets The device also allows you to transmit the data packets with known Multicast addresses to the query ports Configuration Parameters Meaning Unknown Multicasts Defines how the device transmits the data packets with unknown Multicast addresses Possible values Send to Query Ports The device sends data packets with an unknown MAC IP Multicast address to the query ports Send To All Ports default setting The device sends data packets with an unknown MAC IP Multicast address to the ports Discard The device discards data packets with an unknown MAC IP Multicast address Table 152 Configuration frame in the switching IGMP Multicasts dialog Table In the table you define the settings for known Multicasts for the VLANs that are set up Parameters Meaning VLAN ID Shows the ID of the VLAN to which the table entry applies Table 153 Table in the switching IGMP Multicasts dialog RM GUI RSPS Release 2 0 02 2013 175 Switching 5 4 IGMP Parameters Meaning Known Multicasts Defines how the device transmits the data packets with known Multicast addresses Possible values Send to query and registered ports The device sends data packets with an unknown MAC IP Multicast address to query ports and to registered ports Send to registered Ports default setting The device sends data packets with an unknown MAC IP Multicast address to
80. tjh cryptsoft com Original SSLeay License Copyright C 1995 1998 Eric Young eay cryptsoft com All rights reserved This package is an SSL implementation written by Eric Young eay cryptsoft com The implementation was written so as to conform with Netscapes SSL This library is free for commercial and non commercial use as long as the following conditions are aheared to The following conditions apply to all code found in this distribution be it the RC4 RSA lhash DES etc code not just the SSL code The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson t h cryptsoft com Copyright remains Eric Young s and as such any Copyright notices in the code are not to be removed If this package is used in a product Eric Young should be given attribution as the author of the parts of the library used This can be in the form of a textual message at program startup or in documentation online or textual provided with the package RM GUI RSPS Release 2 0 02 2013 335 Appendix A 8 Copyright of Integrated Software Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the copyright notice this list of conditions and the following disclaimer 2 Redistribut
81. to process HSR traffic for PRP Network 7 LAN B Table 198 HSR Parameter frame in the Redundancy HSR Configuration dialog RM GUI RSPS Release 2 0 02 2013 219 Redundancy 7 3 HSR Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 199 Buttons 7 3 2 DAN VDAN Table This dialog helps to analyze the LANs For example when the Last Seen counter of 1 port continually increases while the other remains the same This condition indicates a loss of LAN connection Table Parameters Meaning Index Shows a sequential number for the node to which the table entry refers The device automatically defines this number MAC Address Shows the MAC address of the node Last Seen A Shows the time between received first packets for this node on LAN A When the counter threshold reaches 497 days it restarts from 0 Last Seen B Shows the time between received first packets for this node on LAN B When the counter threshold reaches 497 days it restarts from 0 Remote Node Type Shows the type of node Possible values RedBoxh Management vdanh Client Table 200 Table in the Redundancy HSR DAN VDAN Table dialog RM GUI RSPS 220 Release 2 0 02 20
82. vendor specific hardware revision string as advertised by the remote endpoint Table 301 Table in the LLDP MED tab of the Diagnostics LLDP Topology Discovery dialog RM GUI RSPS Release 2 0 02 2013 307 Diagnostics Parameters Firmware Revision Software Revision Serial Number Manufacturer Name Model Name Asset ID 8 5 LLDP Meaning Shows the vendor specific firmware revision string as advertised by the remote endpoint Shows the vendor specific software revision string as advertised by the remote endpoint Shows the vendor specific serial number as advertised by the remote endpoint Shows the vendor specific manufacturer name as advertised by the remote endpoint Shows the vendor specific model name as advertised by the remote endpoint Shows the vendor specific asset tracking identifier as advertised by the remote endpoint Table 301 Table in the LLDP MED tab of the Diagnostics LLDP Topology Discovery dialog cont Buttons Button Reload Help Table 302 Buttons 308 Meaning Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help RM GUI RSPS Release 2 0 02 2013 Advanced 9 Advanced With this menu you can configure additional settings for the device The menu contains the following dialogs Telnet Client RM GUI RSPS Release 2 0 02 2013 309 Advanced 9 1 Telnet Client 9 1 Telnet Client This dialog o
83. you to perform remote diagnosis The device uses the relay contact to signal the occurrence of events by opening the relay contact and interrupting the closed circuit In this dialog you define the trigger conditions for the signal contact The signal contact gives you the following options Monitoring the correct operation of the device Signaling the device status of the device Signaling the security status of the device Controlling external devices by manually setting the signal contacts RM GUI RSPS Release 2 0 02 2013 291 Diagnostics 8 4 Status Configuration Signal Contact Mode Parameters Meaning Signal Contact Specifies which events the device signals via the signal contact Mode Possible values Monitoring Correct Operation default setting In this mode the signal contact signals events that occur when monitoring individual device functions The signal contact thus makes remote diagnosis possible In the Monitoring Correct Operation frame you define additional settings Manual Setting With this mode you can control the signal contact remotely In the Manual Setting frame you define additional settings Device Status In this mode the signal contact signals the overall status from the Device Status dialog The Status frame shows the status Security Status In this mode the signal contact signals the overall status from the Security Status dialog The Status frame shows the status Device Status Secu
84. 02 1Q 2005 the Spanning Tree function is effective in all the configured VLANs Table 207 Protocol Version frame in the Redundancy Spanning Tree Global dialog RM GUI RSPS Release 2 0 02 2013 225 Redundancy 7 4 Spanning Tree Protocol Configuration Information Parameters Meaning Bridge ID Shows the bridge ID of the device The device with the numerically lowest bridge ID takes over the role of the root bridge in the network Possible values lt Bridge priority gt lt MAC address gt Priority Defines the bridge priority of the device Possible values 0 61440 in steps of 4096 default setting 32 768 Assign the numerically lowest priority in the network to the device to make it the root bridge Hello Time s Defines the time in seconds between the sending of two configuration messages Hello data packets Possible values 1 2 default setting 2 If the device takes over the role of the root bridge the other devices in the network use the value defined here Otherwise the device uses the value specified by the root bridge see the Root column Due to the interaction with the Tx Hold Count parameter we recommend not changing the default setting Forward Delay s Defines the delay time for the status change in seconds Possible values 4 30 default setting 15 If the device takes over the role of the root bridge the other devices in the network use the value defined here Otherwise th
85. 13 Redundancy 7 3 HSR Buttons Button Meaning Delete Deletes the entire table Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 201 Buttons 7 3 3 Proxy Node Table This dialog informs you of the connected devices for which this device provides HSR redundancy Table Parameters Meaning Index Shows a sequential number to which the table entry relates The device automatically defines this number Possible values 0 128 MAC Address Shows the MAC addresses of the connected devices for which this device implements HSR redundancy Table 202 Table in the Redundancy HSR Proxy Node Table dialog Buttons Button Meaning Delete Deletes the entire table Table 203 Buttons RM GUI RSPS Release 2 0 02 2013 221 Redundancy 7 3 HSR Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 203 Buttons cont 7 3 4 Statistics This dialog lists receive events for various MIB Managed Objects Each entry represents link degradation for the MIB Managed Objects listed in the description column The table lists how often the event occurred for each path through the device The Port A entries for example specify the path between the transceiver through the Link Redundancy Entity LRE to the UDP and TCP layers Table Parameters Meaning Descripti
86. 13 Switching 5 1 Global Configuration Parameters Meaning MAC Address Displays the MAC address of the device Aging Time s Activate Flow Control Defines the aging time in seconds Possible values 10 500000 default setting 30 The device monitors the age of the learned Unicast MAC addresses Address entries that exceed a particular age aging time are deleted by the device from its address table FBD Forwarding Database You will find the address table in the Switching Filter for MAC addresses dialog In connection with the router redundancy select a time 2 30 s Activates deactivates the flow control globally in the device Possible values Not selected default setting Selected For this you also activate the Flow Control function for the device ports in the Basic Settings Port Configuration dialog When you are using a redundancy function you deactivate the flow control on the participating ports If the flow control and the redundancy function are active at the same time there is a risk that the redundancy function will not operate as intended Table 128 Configuration frame in the switching Global dialog RM GUI RSPS Release 2 0 02 2013 153 Switching 5 1 Global Parameters Meaning VLAN Unaware Defines the bridging mode of the device Mode Possible values Not selected default setting The device works in the VLAN Aware bridging mode 802 1Q The device evaluates the VLAN tags in
87. 191 Buttons cont 7 2 4 Statistics This dialog lists receive events for various MIB Managed Objects Each entry represents link degradation for the MIB Managed Objects listed in the description column The table lists how often the event occurred for each path through the device The Port A entries for example specify the path between the transceiver through the Link Redundancy Entity LRE to the UDP and TCP layers Table Parameters Meaning Description Shows the MIB Managed Objects description to which the Port and Interlink entries refer Port A Shows the number of MIB Managed Objects events on port A The device examines the traffic as it passes from receive transceiver A to the LRE Port B Shows the number of MIB Managed Objects events on port B The device examines the traffic as it passes from receive transceiver B to the LRE Interlink Shows the number of MIB Managed Objects events on the interlink The counters are active for the MIB Managed Objects that pertain to the interlink The other counters remain empty A sample is made of the traffic as it passes from the LRE to the switch CPU Port Shows the number of MIB Managed Objects events on the CPU Port There is one MIB Managed Object that pertains to the CPU Port The other counters remain empty A sample is made of the traffic as it passes from receive transceiver to the CPU Table 192 Table in the Redundancy PRP Statistics dialog RM GUI RSPS Release 2 0 02 2013
88. 2 0 02 2013 Security 2 3 Management Access 2 3 Management Access This dialog allows you to set up the server services with which users or applications can access the management functions of the device You also have the option of restricting the access for IP address ranges and individual management services The menu contains the following dialogs Server SNMPv1 v2 Community IP Access Restriction Web CLI 2 3 1 Server This dialog allows you to set up the server services with which users or applications can access the management functions of the device The dialog contains the following tabs Server SNMP Server Telnet Server HTTP Server HTTPS Server SSH RM GUI RSPS Release 2 0 02 2013 73 Security 2 3 Management Access 2 3 2 Server SNMP This tab allows you to define settings for the SNMP server of the device and to switch on off the access to the device with different SNMP versions The SNMP server enables access to the management functions of the device with SNMP based applications e g with the graphical user interface Configuration Parameters SNMPv1 enabled SNMPv2 enabled SNMPv3 enabled Meaning Activates deactivates the access to the device with SNMP version 1 Possible values Selected default setting Access activated Not selected Access deactivated You define the community name in the Security Management Access SNMPv1 v2 Community dialog Activates deactivates the access to t
89. 213 Redundancy 7 2 PRP Buttons Button Meaning Delete Deletes the entire table Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 193 Buttons RM GUI RSPS 214 Release 2 0 02 2013 Redundancy 7 3 HSR 7 3 HSR As with PRP a High availability Seamless Redundancy HSR ring also offers zero recovery time HSR is suited for applications that demand high availability and short reaction times For example protection applications for electrical station automation and controllers for synchronized drives which require constant connection HSR Redundancy Boxes RedBox use 2 Ethernet ports operating in parallel to connect to a ring An HSR RedBox operating in this configuration is a Doubly Attached Node implementing the HSR protocol DANH A standard ethernet device connected to the HSR ring through an HSR RedBox is a Virtual DANH VDANH As with PRP the transmitting HSR node or HSR RedBox sends twin frames 1 in each direction on the ring For identification the HSR node injects the twin frames with an HSR tag The HSR tag consists of a port identifier the length of the payload and a sequence number In anormal operating ring the destination HSR node or RedBox receives both frames within a certain time skew An HSR node forwards the first frame to arrive to the upper layers and discards the second frame when it arrives A RedBox on the other hand fo
90. 64 alphanumeric characters including the following special characters 1 amp lt gt MP p The minimum length of the password is defined in the Password Policy frame The device differentiates between upper and lower case When the checkbox in the Policy Check field is selected the device checks the password according to the policy defined in the Password Policy frame The device always checks the minimum length of the password even if the checkbox in the Policy Check field is not selected Table 38 Table in the security User Management dialog section 64 x3c tblsheetnum gt of 3 RM GUI RSPS Release 2 0 02 2013 Security Parameters Access Role User locked Policy Check SNMP Auth Type 2 1 User Management Meaning Defines the access role that regulates the user s access to the individual functions of the device Possible values guest The user is authorized to monitor the device operator The user is authorized to monitor and configure the device with the exception of security settings for the access to the device administrator The user is authorized to monitor and configure the device unauthorized The user is locked and the device rejects the user s login You assign this value to temporarily lock the user account If an error occurs when another access role is being assigned the device assigns this access role to the user account Locks unlocks the user s access to
91. AC address of the device The device management can be accessed via the network using the MAC address Table 8 Management Interface frame in the Basic Settings Network Global dialog RM GUI RSPS 28 Release 2 0 02 2013 Basic Settings 1 2 Network HiDiscovery Protocol This frame allows you to define settings for the access to the device using the HiDiscovery protocol On aPC the HiDiscovery software shows you the Hirschmann devices in the network that can be accessed on which the HiDiscovery function is switched on You can access these devices even if they have invalid IP parameters or none at all The HiDiscovery software allows you to change the IP parameters in the device Parameters Meaning Operation Activates deactivates the HiDiscovery function in the device Possible values On default setting HiDiscovery is activated You can use the HiDiscovery software to access the device from your PC Off HiDiscovery is deactivated Access Activates deactivates the write access to the device using HiDiscovery Possible values readWrite default setting The HiDiscovery software is given write access to the device With this setting you can change the IP parameters in the device readOnly The HiDiscovery software is given only read access to the device With this setting you can view the IP parameters in the device Recommendation Only change the setting to readOn1y after putting the device into operation
92. AN Unaware mode is switched off if one of the following situations occurs The port receives data packets without a VLAN tagging The port receives data packets with VLAN priority information VLAN ID 0 priority tagged The VLAN tagging of the data packet differs from the VLAN ID of the port Note The VLAN settings are only effective if the VLAN Unaware Mode is switched off see the Switching Global dialog Table Parameters Meaning Port Shows the number of the device port to which the table entry relates Table 161 Switching VLAN Port dialog RM GUI RSPS Release 2 0 02 2013 183 Switching Parameters Port VLAN ID Acceptable Frame Types Ingress Filtering 5 5 VLAN Meaning The port assigns to this VLAN data packets that have no VLAN tag This setting is effective if you have selected the value admitAll in the Acceptable Frame Types column Possible values All VLAN IDs that are set up default setting 1 Defines whether the port transmits or discards received data packets without a VLAN tag Possible values admitAl11 default setting The port accepts data packets both with and without a VLAN tag admitOnlyVlanTagged The port only accepts data packets tagged with a VLAN ID 2 1 Defines whether the port transmits or discards received data packets with a VLAN tagging Possible values selected The device compares the VLAN tagging in the data packet with the VLANs to which the device sends
93. Buttons cont 2 3 8 IP Access Restriction This dialog enables you to restrict the access to the management functions of the device to specific IP address ranges and selected IP based applications If the function is switched off you can access the management functions of the device from any IP address and via all applications If the function is switched on the access is restricted You can only access the management functions under the following conditions Atleast one table entry is activated and You are accessing the device with a permitted application from a permitted IP address range Operation Parameters Meaning Operation If the function is switched on the access to the management functions of the device is restricted Possible values off default setting On Access to the management functions of the device is restricted Table 66 Operation frame in the Securi ty Management Access IP Access Restriction dialog RM GUI RSPS 88 Release 2 0 02 2013 Security 2 3 Management Access Note Before switching on the function make sure that at least one active entry in the table allows you access Otherwise the connection to the device terminates when you change the device configuration It is then only possible to access the management functions using CLI via the V 24 interface of the device Table You have the option of defining up to 16 table entries and activating them separately Parameters
94. CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FORA PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE RM GUI RSPS Release 2 0 02 2013 331 Appendix A 8 Copyright of Integrated Software Some code is licensed under an ISC style license to the following copyright holders Internet Software Consortium Todd C Miller Reyk Floeter Chad Mynhier Permission to use copy modify and distribute this software for any purpose with or without fee is hereby granted provided that the above copyright notice and this permission notice appear in all copies THE SOFTWARE IS PROVIDED AS IS AND TODD C MILLER DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS INNO EVENT SHALL TODD C MILLER BE LIABLE FOR ANY SPECIAL DIRECT INDIRECT OR CONSEQUENT
95. Command Line Interface reference manual The dialog contains the following tabs CLI Global CLI Login Banner 92 RM GUI RSPS Release 2 0 02 2013 Security 2 3 Management Access 2 3 11 CLI Global This tab allows you to change the CLI prompt and to define the automatic closing of sessions via the V 24 interface when they have been inactive Configuration Parameters Meaning Login Prompt Defines the character string that the device displays in the Command Line Interface CLI at the start of every command line Possible values 0 32 alphanumeric characters Default setting RSPS including spaces and the following special characters 1 amp 4 lt gt M Changes to this setting are immediately effective in the active CLI session V 24 Timeout min Defines the time in minutes after which the device automatically closes the session of a logged on user in the Command Line Interface via the V 24 interface when it has been inactive Possible values 0 160 default setting 5 The value 0 deactivates the function and the user remains logged on when inactive For Telnet and SSH you define the timeout in the Security Management Access Server dialog Table 71 Configuration frame in the Security Management Access CLI dialog Global tab page Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open th
96. Configuration Security Status dialog section x3c tblsheetnum gt of 4 Monitor active Port without link table Parameters Port Monitor active Port without link Meaning Shows the number of the device port to which the table entry relates Defines whether the device monitors the link status of an enabled port Possible values Selected The device changes the security status to Error if the port is switched on dialog Basic Settings Port Configuration checkbox Port on is selected and the link is down on the port Not selected default setting The security status remains unchanged if someone sets up a connection via the port This setting only takes effect if you have selected the value Monitor in the Monitoring frame in the Active Port without link field Table 278 Monitor active Port without link table in the Diagnostics Status Configuration Security Status dialog 290 RM GUI RSPS Release 2 0 02 2013 Diagnostics Buttons Button Set Reload Help Table 279 Buttons 8 4 Status Configuration Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help 8 4 3 Signal Contact The signal contact is a potential free relay contact The device thus allows
97. DAN Activates deactivates the transmission of VDAN Supervision Packets Packets Prerequisite is that you first activate the Supervision Packet Transmitter Possible values Selected default setting Transmission of VDAN Supervision Packets is activated In addition to transmitting its own Supervision Packets the RedBox transmits Supervision Packets for the VDANs listed in the Proxy Node Table Not selected Transmission of VDAN Supervision Packets is deactivated Table 186 Supervision Packet Transmitter frame in the Redundancy PRP Configuration dialog RM GUI RSPS 210 Release 2 0 02 2013 Redundancy Buttons Button Set Reload Help Table 187 Buttons 7 2 PRP Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help 7 2 2 DAN VDAN Table This dialog helps to analyze the LANs For example when the Last Seen counter of 1 port continually increases while the other remains the same This condition indicates a loss of LAN connection Table Parameters Index MAC Address Last Seen A Last Seen B Remote Node Type Meaning Shows a sequential number for the node to which the table entry refers The device automatically defines this number Shows the MAC addr
98. External SD memory ACA31 State Shows the operating state of the external memory Possible values notPresent No external memory connected removed Someone has removed the external memory from the device during operation ok The external memory is connected and ready for operation outofMemory The memory space is occupied on the external memory genericErr The device has detected an error Table 24 External Memory frame in the Basic Settings Load Save dialog RM GUI RSPS 40 Release 2 0 02 2013 Basic Settings 1 4 Load Save Configuration encryption Parameters Meaning Active Shows whether the configuration encryption is switched on in the device Possible values Not selected The configuration encryption is switched off The device loads a configuration from the non volatile memory NVM only if it is unencrypted Selected The configuration encryption is switched on The device loads a configuration from the non volatile memory NVM only if it is encrypted and the password matches the password stored in the device If the Config Priority field has the value first second or third and the configuration profile is unencrypted the Security Status frame in the Basic Settings System dialog shows an alarm In the Monitoring frame in the Diagnostics Status Configuration Security Status dialog you specify whether the device monitors the parameter Config load from external NVM unsecure Table 25 Configuration
99. Help Opens the online help Table 33 Buttons RM GUI RSPS 58 Release 2 0 02 2013 Basic Settings 1 7 Restart 1 Restart This dialog allows you to restart the device reset port counters and address tables and delete log files Restart Button Meaning Cold start Triggers a restart of the device After the start the device goes through the following phases The device performs a RAM test if this function is switched on in the Diagnostics System Selftest dialog The device starts the Stored Version of the device software see the Basic Settings Software dialog The device loads the settings of the configuration profile designated as Selected see the Basic Settings Load Save dialog Note During the restart the device does not transfer any data During this time the device cannot be accessed by the graphical user interface or other management systems Table 34 Restart frame in the Basic Settings Restart dialog Buttons Button Meaning Reset MAC Removes the MAC addresses designated with the learned setup status Address Table from the forwarding table see the Switching Filter for MAC Addresses table Reset ARP Table Removes the dynamically set up addresses from the ARP table see the Basic Settings Network ARP Table dialog Reset port counters Resets the counter for the port statistics to 0 see the Diagnostics Ports Statistics Table dialog Reset IGMP Removes the IGMP Snooping entries and resets the counter
100. IAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE DATA OR PROFITS WHETHER IN AN ACTION OF CONTRACT NEGLIGENCE OR OTHER TORTIOUS ACTION ARISING OUT OF ORIN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE Some code is licensed under a MIT style license to the following copyright holders Free Software Foundation Inc Permission is hereby granted free of charge to any person obtaining a copy of this software and associated documentation files the Software to deal in the Software without restriction including without limitation the rights to use copy modify merge publish distribute distribute with modifications sublicense and or sell copies of the Software and to permit persons to whom the Software is furnished to do so subject to the following conditions The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software THE SOFTWARE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT RM GUI RSPS 332 Release 2 0 02 2013 Appendix A 8 Copyright of Integrated Software IN NO EVENT SHALL THE ABOVE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM DAMAGES OR OTHER LIABILITY WHETHER IN AN ACTION OF CONTRACT TORT OR OTHERWISE ARISING FROM OUT OF OR IN CONNEC
101. IMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE RM GUI RSPS 328 Release 2 0 02 2013 Appendix A 8 Copyright of Integrated Software 6 Remaining components of the software are provided under a standard 2 term BSD licence with the following names as copyright holders Markus Friedl Theo de Raadt Niels Provos Dug Song Aaron Campbell Damien Miller Kevin Steves Daniel Kouril Wesley Griffin Per Allansson Nils Nordman Simon Wilkinson Portable OpenSSH additionally includes code from the following copyright holders also under the 2 term BSD license Ben Lindstrom Tim Rice Andre Lucas Chris Adams Corinna Vinschen Cray Inc Denis Parker Gert Doering Jakob Schlyter Jason Downs Juha Yrjola Michael Stone Networks Associates Technology Inc Solar Designer Todd C Miller Wayne Schroeder William Jones Darren Tucker Sun Microsystems The SCO Group Daniel Walsh Red Hat Inc RM GUI RSPS Release 2 0 02 2013 329 Appendix A 8 Copyright of Integrated Software Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1
102. INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES RM GUI RSPS Release 2 0 02 2013 325 Appendix A 8 Copyright of Integrated Software 2 The 32 bit CRC compensation attack detector in deattack c was contributed by CORE SDI S A under a BSD style license Cryptographic attack detector for ssh source code Copyright c 1998 CORE SDI S A Buenos Aires Argentina All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that this copyright notice is retained THIS SOFTWARE IS PROVIDED AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES ARE DISCLAIMED IN NO EVENT SHALL CORE SDI S A BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES RESULTING FROM THE USE OR MISUSE OF THIS SOFTWARE Ariel Futoransky lt futo core sdi com gt lt http www core sdi com gt 3 ssh keyscan was contributed by David Mazieres under a BSD style license Copyright 1995 1996 by David Mazieres lt dm lcs mit edu gt Modification and redistribution in source and binary forms is permitted provided that du
103. ITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM DAMAGES OR OTHER LIABILITY WHETHER IN AN ACTION OF CONTRACT TORT OR OTHERWISE ARISING FROM OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE Except as contained in this notice the name of a copyright holder shall not be used in advertising or otherwise to promote the sale use or other dealings in this Software without prior written authorization of the copyright holder RM GUI RSPS 322 Release 2 0 02 2013 Appendix A 8 Copyright of Integrated Software A 8 4 libssh2 Copyright c 2004 2007 Sara Golemon lt sarag libssh2 org gt Copyright c 2005 2006 Mikhail Gusarov lt dottedmag dottedmag net gt Copyright c 2006 2007 The Written Word Inc Copyright c 2007 Eli Fant lt elifantu mail ru gt Copyright c 2009 Daniel Stenberg Copyright C 2008 2009 Simon Josefsson All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the d
104. M GUI RSPS UDP TFTP IP ICMP TCP ARP Telnet Telnet Option BOOTP IGMPv1 SNMPv1 SMlv1 Concise MIB Definitions MIB2 Dotid BOOTP Extensions Ethernet like MIB RMON Form Based File Upload in HTML Community based SNMP v2 Protocol Operations for SNMP v2 Transport Mappings for SNMP v2 HTTP 1 0 HTTP 1 1 protocol as updated by draft ietf http v11 spec rev 03 DHCP DHCP Options The Interfaces Group MIB using SMI v2 IGMPv2 The TLS Protocol Version 1 0 AES Ciphersuites for Transport Layer Security Administratively Scoped IP Multicast Definition of the Differentiated Services Field DS Field in the IPv4 and IPv6 Headers An Architecture for Differentiated Service SMlv2 Textual Conventions for SMI v2 Conformance statements for SMI v2 SMON RADIUS Authentication Client MIB Release 2 0 02 2013 313 Appendix RFC 2620 RFC 2674 RFC 2818 RFC 2851 RFC 2863 RFC 2865 RFC 2866 RFC 2868 RFC 2869 RFC 2869bis RFC 2933 RFC 3164 RFC 3376 RFC 3410 RFC 3411 RFC 3412 RFC 3413 RFC 3414 RFC 3415 RFC 3418 RFC 3580 RFC 3584 RFC 4022 RFC 4113 RFC 4188 RFC 4251 RFC 4252 RFC 4253 RFC 4254 RFC 4293 RFC 4318 RFC 4330 RFC 4363 RFC 4541 RFC 4836 314 A 2 List of RFCs RADIUS Accounting MIB Dot1p Q HTTP over TLS Internet Addresses MIB The Interfaces Group MIB RADIUS Client RADIUS Accounting RADIUS Attributes for Tunnel Protocol Support RADIUS Extensions RADIUS support for EAP
105. M GUI RSPS Release 2 0 02 2013 177 177 179 179 179 183 178 152 40 40 44 251 341 Readers Comments C Readers Comments What is your opinion of this manual We are constantly striving to provide as comprehensive a description of our product as possible as well as important information to assist you in the operation of this product Your comments and suggestions help us to further improve the quality of our documentation Your assessment of this manual Very Good Satisfactory Mediocre Poor Good Precise description O O O O O Readability O O O O O Understandability O O O O O Examples O O O O O Structure O O O O O Comprehensive O O O O O Graphics O O O O O Drawings O O O O O Tables O O O O O Did you discover any errors in this manual If so on what page RM GUI RSPS 342 Release 2 0 02 2013 Readers Comments Suggestions for improvement and additional information General comments Sender Company Department Name Telephone number Street Zip code City E mail Date Signature Dear User Please fill out and return this page as a fax to the number 49 0 7127 14 1600 or per mail to Hirschmann Automation and Control GmbH Department 01RD NT Stuttgarter Str 45 51 72654 Neckartenzlingen RM GUI RSPS Release 2 0 02 2013 343 Readers Comments RM GUI RSPS 344 Release 2 0 02 2013 Further Support D Further Support Technical Questions For technical ques
106. Module Type Type of the SFP transceiver e g M SFP SX LC Serial Number Serial number of the SFP module Supported Shows whether the media module supports the SFP transceiver Temperature Operating temperature of the SFP transceiver in Celsius in Celsius Tx Power in mW Transmission power of the SFP transceiver in mW Rx Power in mW Receiving power of the SFP transceiver in mW Tx Power in dBm Transmission power of the SFP transceiver in dBm Rx PowerindBm Receiving power of the SFP transceiver in dBm Table 253 Table in the Diagnostics Ports SFP dialog RM GUI RSPS 268 Release 2 0 02 2013 Diagnostics 8 3 Ports Parameters Meaning Rx Power State Power level of the signal received The threshold values are specified by the SFP transceiver v4 Signal strength is OK amp Signal strength is lower than the SFP manufacturer recommendation The signal can still be used X No signal or signal strength too low Table 253 Table in the Diagnostics Ports sFP dialog cont Buttons Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 254 Buttons 8 3 4 Port Monitor This feature monitors port states The device offers you the ability to disable the port or send a trap when user defined conditions occur Definable port conditions are link flap CRC Fragments and Duplex Mismatch Detection Proceed as follows to enable the
107. N Global dialog Buttons Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Table 156 Buttons RM GUI RSPS 178 Release 2 0 02 2013 Switching 5 5 VLAN Button Meaning Clear Resets the VLAN settings of the device to the state on delivery Caution You block your access to the device if you have changed the VLAN ID for the management functions of the device in the Basic Settings Network dialog Help Opens the online help Table 156 Buttons cont 5 5 2 Current This dialog allows you to view the static and dynamic VLANs that are set up The table shows the ports to which the device distributes the data packets for the corresponding VLAN and how the port handles the tagging of the data packets You can make changes to the entries in the Switching VLAN Static dialog The device transmits the data packets in the corresponding VLAN if the vLAN Unaware Mode function is deactivated in the Switching Global dialog Table Parameters Meaning VLAN ID ID of the VLAN Status Shows how the VLAN is set up Possible values other Only for VLAN 1 permanent Manually set up VLAN If the device is reset the configuration of this VLAN remains in the device Table 157 Table in the Switching VLAN Current dialog RM GUI RSPS Release 2 0 02 2013 179 Switching 5 5 VLAN Parameters Meaning Creation Time Shows the time stamp for the operating tim
108. Possible values Selected default setting The device loads the standard device configuration Not selected The device interrupts the restart and stops To get access to the device again use a V 24 link to switch to the system monitor and load the standard device configuration there Table 219 Configuration frame in the Diagnostics System Selftest dialog RM GUI RSPS Release 2 0 02 2013 243 Diagnostics 8 1 System Note The following settings block your access to the device permanently if no readable device configuration is available for the device when it is restarting This is the case for example if the password for the device configuration to be loaded differs from the password set in the device Activate SysMon1 checkbox is not selected Load default config on error checkbox is not selected To have the device unlocked again contact your sales partner Table In this table you define how the device behaves in the case of an error Parameters Meaning Cause Error causes to which the device reacts Possible values task The device detects errors in the applications executed e g if a task terminates or is not available resource The device detects errors in the resources available e g if the memory is becoming scarce software The device detects software errors e g error in the consistency check hardware The device detects hardware errors e g in the chip set Action Defines how the device behaves if the adjac
109. SA key host key is present in the device Create Possible values selected A key is present not selected No key is present Creates a key host key on the device The device only creates the key Delete when the server is deactivated Length of the key created 2048 bit RSA 1024 bit DSA To get the server to use the key created you click Set Then you switch the server on Alternatively you can copy your own key to the device in PEM format see the Import frame Removes the key host key from the device To permanently remove the key from the device click Set Until you restart the server the existing connections remain in place However the device prevents new connections from being set up Table 61 Signature frame in the Security Management Access Server dialog SSH tab page RM GUI RSPS Release 2 0 02 2013 85 Security 2 3 Management Access Key Import Parameters URL Import Meaning Defines the path and file name of your own DSA RSA key host key The device accepts the DSA RSA key if it has the following key length 2048 bit RSA 1024 bit DSA The device gives you the following options for copying the key to the device File upload If the key is on your PC or on a network drive click and select the file that contains the key host key TFTP upload If the key ison a TFTP server enter the URL for the file in the following form tftp lt IP address g
110. Save dialog section x3c tblsheetnum gt of 3 RM GUI RSPS Release 2 0 02 2013 45 Basic Settings 1 4 Load Save Parameters Meaning Selected Shows whether the configuration profile is designated as Selected Possible values Selected The configuration profile is designated as Selected The device loads the configuration profile into the volatile memory RAM during the restart or when applying the function Undo Modification of Configuration When you click Save the device saves the temporarily saved settings in this configuration profile Not selected Another configuration profile is designated as Selected To designate another configuration profile as Selected you select the desired configuration profile in the table and click Select Encrypted Shows whether the configuration profile is encrypted Possible values Selected The configuration profile is encrypted Not selected The configuration profile is unencrypted You activate deactivate the encryption of the configuration profile in the Configuration Encryption frame Encryption Verified Shows whether the password of the encrypted configuration profile matches the password stored in the device Possible values Selected The passwords match The device is able to unencrypt the configuration profile Not selected The passwords are different The device is unable to unencrypt the configuration profile Software Version Shows the version
111. Severity Shows the urgent severity level at or above which the device immediately sends an email alert Possible values emergency alert default setting critical error warning notice informational debug Subject Defines the email subject for a given message type Possible values 0 255 alphanumeric characters Table 232 Urgent frame in the Diagnostics Report Email Logging Global dialog Non Urgent Parameters Meaning Severity Shows the non urgent severity level at or above which the device stores the log in a buffer Configure the non urgent severity level below the urgent severity level The device sends the log as an email alert after a duration timeout or when the log buffer overflows Possible values emergency alert critical error warning default setting notice informational debug Subject Defines the email subject for a given message type Possible values 0 255 alphanumeric characters Table 233 Non Urgent frame in the Diagnostics Report Email Logging Global dialog RM GUI RSPS 254 Release 2 0 02 2013 Diagnostics Table Parameters Index Description IP Address TCP Port Security User ID Password Active 8 2 Report Meaning Shows a sequential number to which the table entry relates The device automatically defines this number Possible values eg Defines the name of the configured email server Possible values 0 255 alphanumeric characters
112. State table Parameters Meaning Power Supply Shows the number of the power supply to which the table entry relates Propagate State Defines whether the signal contact monitors the power supply Possible values Selected default setting The signal contact opens if one of the following conditions applies The voltage source is providing an incorrect voltage The voltage source fails The power supply within the device is defective Not selected The signal contact remains closed under the conditions named above Table 286 Propagate State table in the Diagnostics Status Configuration Signal Contact dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 287 Buttons RM GUI RSPS 296 Release 2 0 02 2013 Diagnostics 8 4 Status Configuration 8 4 4 MAC Notification MAC notification also known as MAC address change notification tracks users on a network by storing the MAC address change activity When the switch learns or removes a MAC address the device sends an SNMP trap to a configured trap destination The device generates MAC address change notifications for dynamic unicast MAC addresses The intended use of this functio
113. TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE Except as contained in this notice the name s of the above copyright holders shall not be used in advertising or otherwise to promote the sale use or other dealings in this Software without prior written authorization RARE EERE EAE CASE ER RELE SERA SE AERA S REELS SN RRA S ERRATA RSA SAS ES ANS eee RM GUI RSPS Release 2 0 02 2013 333 Appendix A 8 Copyright of Integrated Software A 8 6 OpenSSL Copyright c 1998 2008 The OpenSSL Project All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 All advertising materials mentioning features or use of this software must display the following acknowledgment This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit http www openssl org 4 The names OpenSSL Toolkit and OpenSSL Project must not be used to endorse or promote products derived from this software without prior written permission For writt
114. Table 77 Table in the Security Port Security dialog cont 98 RM GUI RSPS Release 2 0 02 2013 Security Buttons Button Set Reload Wizard Help Table 78 Buttons 2 4 Port Security Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the Wizard With the Wizard you assign the permitted MAC addresses to a port Opens the online help Wizard Select Port The Wizard helps you to connect the device ports with one or more desired senders Parameters Select Port Meaning Defines the device port that you assign to the sender in the next step Table 79 Wizard in the Security Port Security dialog Select Port page Wizard Addresses The Wizard helps you to connect the device ports with one or more desired senders When you have defined the settings click Finish To save the changes afterwards click Set in the Security Port Security dialog Parameters VLAN Meaning Specifies the VLAN ID of the desired sender Possible values 1 4042 Click Add to transfer the VLAN ID and the MAC address to the Static Addresses field Table 80 Wizard in the Security Port Security dialog Addresses page RM GUI RSPS Release 2 0 02 2013 99 Security Param
115. Table 9 HiDiscovery Protocol frame in the Basic Settings Network Global dialog Note With the HiDiscovery software you can only access the device via device ports that are members of the same VLAN as the device management You can see which VLAN a device port is assigned to in the Switching VLAN Current dialog RM GUI RSPS Release 2 0 02 2013 29 Basic Settings 1 2 Network BOOTP DHCP Parameters Client ID Meaning Shows the DHCP client ID that the device sends to the BOOTP or DHCP server If the server is configured accordingly it reserves an IP address for this DHCP client ID Therefore the device receives the same IP from the server every time it requests it The DHCP client ID that the device sends is the device name defined in the Name field in the Basic Settings System dialog Table 10 BOOTP DHCP frame in the Basic Settings Network Global dialog IP Parameter This frame allows you to assign the IP parameters manually These fields can be edited if you have selected the Local option in the IP Address Assignment field in the Management Interface frame Parameters IP Address Netmask Gateway Address Meaning Defines the IP address under which the device management can be accessed via the network Possible values Valid IPv4 address Default setting Defines the netmask The netmask identifies the network prefix and the host address of the device in the IP address Possible values Valid IP
116. The device uses this specified value see the Bridge column In the RSTP protocol the bridges negotiate a status change without a specified delay The STP protocol uses the parameter to delay the status change between the statuses disabled discarding learning forwarding Max Age Shows the maximum permissible branch length specified by the root bridge i e the number of devices to the root bridge Possible values 6 40 default setting 20 The STP protocol uses the parameter to specify the validity of STP BPDwUs in seconds Table 209 Root column in Protocol Configuration Information frame in the Redundancy Spanning Tree Global dialog cont Parameters Meaning Bridge is Root Shows whether the device currently has the role of the root bridge Possible values Not selected Another device currently has the role of the root bridge Selected The device currently has the role of the root bridge Root Port Shows the number of the device port from which the current path leads to the root bridge If the device takes over the role of the root bridge the field shows the value 0 Table 210 Topology column in Protocol Configuration Information frame in the Redundancy Spanning Tree Global dialog RM GUI RSPS Release 2 0 02 2013 229 Redundancy 7 4 Spanning Tree Parameters Meaning Root Path Cost Shows the path cost for the path that leads from the root port of the device to the root bridge of the layer
117. The menu contains the following dialogs System Network Software Load Save External Memory Port Configuration Restart RM GUI RSPS Release 2 0 02 2013 21 Basic Settings 1 1 System 1 1 System With this dialog you can display device properties and monitor individual operating statuses Device Status The fields in this frame show the device status and inform you about alarms that have occurred You define the parameters that the device monitors in the Diagnostics Status Configuration Device Status dialog Parameters Meaning Symbol Shows the device status Possible values The device status is OK The monitored parameters have the desired status An alarm has occurred At least one monitored parameter differs x from the desired status Alarm Start Time Shows the time at which the device triggered the alarm with the current highest priority Possible values Date and time in the format Month Day Year hh mm ss AM PM The device triggers an alarm if a monitored parameter differs from the desired status In the Diagnostics Status Configuration Device Status dialog the parameters are sorted by priority High priority at the top low priority at the bottom Alarm Reason Shows the cause of the alarm and the current highest priority Table 3 Device Status frame in the Basic Settings System dialog Note The device reports an alarm if you only connect one power supply unit for the supply voltage to a device wi
118. The settings are effective when the local clock operates as the Boundary Clock BC For this you select the value v2 boundary clock in the PTP Version Mode field in the Time PTP Global dialog Table Parameters Meaning Port Shows the number of the device port to which the table entry relates PTP Enable Specifies whether the device port transmits PTP synchronization messages Possible values selected default setting The device port sends and receives PTP synchronization messages not selected The device port blocks PTP synchronization messages Table 116 Table in the Time PTP Boundary Clock Port dialog section x3c tblsheetnum gt of 4 RM GUI RSPS 134 Release 2 0 02 2013 Time Parameters PTP Status Sync Interval s Delay Mechanism P2P Delay 3 3 PTP Meaning Displays the current status of the device port Possible values initializing Initialization phase faulty Faulty mode error in the PTP protocol disabled PTP is disabled on the device port listening Device port is waiting for PTP synchronization messages pre master PTP pre master mode master PTP master mode passive PTP passive mode uncalibrated PTP uncalibrated mode slave PTP slave mode Defines the interval in seconds at which the device port transmits PTP synchronization messages Possible values 0 25 0 5 1 default setting 2 Defines the mechanism with which the device measures the delay for tran
119. W WWWWT w w w w WW w Noo Rwh a V Network Security DoS 4 1 1 Global Switching Global Rate Limiter Filter for MAC addresses Snooping 1 2 3 IGMP Querier 4 Multicasts IGMP Snooping Enhancements 102 103 104 106 108 111 112 112 114 118 118 123 126 127 129 129 134 138 139 143 145 146 146 151 152 155 158 162 163 168 172 175 RM GUI RSPS Release 2 0 02 2013 Contents 5 5 VLAN 5 5 1 Global 5 5 2 Current 5 5 3 Static 5 5 4 Port 5 5 5 Voice 6 QoS Priority 6 1 Global 6 2 Port Configuration 6 3 802 1D p Mapping 6 4 IP DSCP Mapping 6 5 Queue Management 7 Redundancy 7 1 MRP 7 2 PRP 7 2 1 Configuration 7 2 2 DAN VDAN Table 7 2 3 Proxy Node Table 7 2 4 Statistics 7 3 HSR 7 3 1 Configuration 7 3 2 DAN VDAN Table 7 3 3 Proxy Node Table 7 3 4 Statistics 7 4 Spanning Tree 7 4 1 Global 7 4 2 Port 8 Diagnostics 8 1 System 8 1 1 System Information 8 1 2 Configuration Check 8 1 3 Selftest 8 2 Report 8 2 1 Global 8 2 2 Email Logging Global 8 2 3 Email Logging Addresses 8 2 4 Syslog RM GUI RSPS Release 2 0 02 2013 177 178 179 181 183 185 189 190 192 195 197 199 201 202 207 208 211 212 213 215 216 220 221 222 224 225 230 239 240 240 241 243 246 247 252 257 258 Contents 8 3 8 4 8 5 9 1 A 1 A 2 A 3 A 4 A 5 A 6 A 7 Persistent Logging Hardware State System Log Audit Trail
120. able to load and encrypt the settings in the configuration profile the next time it restarts For this case you specify in the Diagnostics System Selftest dialog whether the device starts with the factory settings or terminates the restart and stops Note Only configuration profiles in the non volatile memory NVM can be designated as Selected If the checkbox in the Auto save config on ENVM field is selected in the Basic Settings External Memory dialog the device also designates the configuration profile with the same name on the external memory as Selected Opens a menu with the following buttons Exports the configuration profile selected in the table and saves it as an XML file on the PC or on a server The device gives you the following options for exporting a configuration profile Download to PC To save the file on your PC or on a network drive click and select the directory there Download to a TFTP server To save the file on a TFTP server enter the URL for the file in the following form tftp lt IP address gt lt path gt lt file name gt Download to an SCP or SFTP server To save the file on an SCP or SFTP server enter the URL for the file in one of the following forms scp orsftp lt IP address gt lt path gt lt file name gt When you click OK the device displays the Authentication window There you enter the User and Password to login to the server scp orsf
121. activated Activate TCP SYN Activates or deactivates the TCP SYN scan Protection Possible values Selected The device detects ingress data packets with the TCP SYN flag set and L4 source port lt 1024 and discards these Not selected default setting The TCP SYN scan is deactivated Table 124 TCP UDP frame in the Network Security DoS Global dialog RM GUI RSPS Release 2 0 02 2013 147 Network Security 4 1 DoS Parameter Activate L4 Port Protection Activate Minimal Header Filter Meaning Activates or deactivates the L4 port scan Possible values Selected The device detects and discards ingress TCP or UDP data packets for which source port number is identical to the destination port number Not selected default setting The L4 port scan is deactivated Activates or deactivates the minimal header scan Possible values Selected The device detects and discards ingress data packets for which the data offset value multiplied by 4 is smaller than the minimum TCP header size Not selected default setting The minimal header scan is deactivated Table 124 TCP UDP frame in the Network Security DoS Globa1 dialog cont IP This frame allows you to activate or deactivate the land attack filter With the land attack method the attacking station sends data packets whose source and destination addresses are identical to those of the receiver When you activate this filter the device detects data packets with
122. adecimal number sequence that is easy to check When you make this number sequence available to the users via a reliable channel they have the option to compare both fingerprints If the number sequences match the client is connected to the correct server The device allows you to create the private and public keys host keys required for RSA and DSA directly on the device Otherwise you have the option to copy your own keys to the device in PEM format Operation Parameters Meaning Operation If the function is switched on encrypted access to the management functions of the device is possible via the Command Line Interface CLI Possible values OFF Server is deactivated On default setting Server is activated You can access the management functions of the device via SSH The server can only be started if there is an RSA or DSA signature on the device When the function is switched off existing connections remain in place However the device prevents new connections from being set up Table 58 Operation frame in the Securi ty Management Access Server dialog SSH tab page RM GUI RSPS Release 2 0 02 2013 83 Security 2 3 Management Access Configuration Parameters Meaning Listen TCP Port Defines the number of the TCP port on which the server receives requests from clients Possible values 1 65535 default setting 22 Exception Port 2222 is reserved for internal functions The server restarts aut
123. ages gee values E default setting As the PTP slave the device port measures the delay for the PTP synchronization messages to the PTP master The device displays the measured value in the Time PTP Transparent Clock Global dialog P2P The device measures the delay for the PTP synchronization messages for all the connected PTP devices provided that these devices support P2P This mechanism saves the device from having to determine the delay again if there is a reconfiguration E2E optimized Like E2E with the following special characteristics The device only transmits the delay requests of the PTP slaves to the PTP master even though these requests are multicast messages The device thus spares the other devices from unnecessary multicast requests If the master slave topology changes the device relearns the device port for the PTP master as soon as it receives a synchronization message from another PTP master If the device does not know a PTP master it transmits delay requests to all device ports disabled The delay measuring is disabled on the device port The device discards messages for the delay measuring Table 118 Operation IEEE1588 PTPv2 TC frame in the Time PTP Transparent Clock Globa1l dialog RM GUI RSPS Release 2 0 02 2013 139 Time Parameters Primary Domain Network Protocol Multi Domain Mode VLAN VLAN Priority 3 3 PTP Meaning
124. ails on the path the device calculates the new topology and reactivates these paths The device supports the Rapid Spanning Tree Protocol RSTP defined in standard IEEE 802 1D 2004 This protocol is a further development of the Spanning Tree Protocol STP and is compatible with it The Rapid Spanning Tree Protocol enables fast switching to a newly calculated topology without interrupting existing connections RSTP achieves average reconfiguration times of less than a second When you use RSTP in a ring with 10 to 20 devices you can achieve reconfiguration times in the order of milliseconds In this menu you configure and monitor the Spanning Tree functions The menu contains the following dialogs Global Port RM GUI RSPS 224 Release 2 0 02 2013 Redundancy 7 4 Spanning Tree 7 4 1 Global With this dialog you can switch the Spanning Tree function on off view current values relating to the root bridge and define the bridge settings Operation Parameters Meaning Operation Switches the Spanning Tree function in the device on off Possible values On default setting Of The device behaves transparently The device floods received Spanning Tree data packets like Multicast data packets to the device ports Table 206 Operation frame in the Redundancy Spanning Tree Global dialog Protocol Version Parameters Meaning Protocol Version Shows the protocol used for the Spanning Tree function With RSTP IEEE 8
125. al networks makes unwanted accessing more difficult and strengthens the system against attacks such as MAC Flooding or MAC Spoofing The device supports packet based tagged VLANs according to the IEEE 802 1Q standard The VLAN tagging in the data packet indicates the VLAN to which the data packet belongs The device transmits the tagged data packets of a VLAN exclusively via ports that are assigned to the same VLAN This reduces the network load Depending on the settings we differentiate between the following VLANs Static VLANs VLANs set up manually by the user Dynamic VLANs VLANs set up automatically by the following mechanisms Redundancy mechanisms The device learns the MAC addresses for every VLAN separately independent VLAN learning RM GUI RSPS Release 2 0 02 2013 177 Switching 5 5 VLAN The menu contains the following dialogs Global Current Static Port Voice 5 5 1 Global This dialog allows you to view general VLAN parameters for the device Configuration Parameters Meaning Max VLAN ID Biggest ID that you can assign to a VLAN See the Switching VLAN Static dialog Max Number of Maximum number of VLANs that you can set up in the device VLANs See the Switching VLAN Static dialog Number of VLANs Number of VLANs currently set up in the device See the Switching VLAN Static dialog The VLAN with ID 1 is always set up in the device Table 155 Configuration frame in the Switching VLA
126. alog RM GUI RSPS Release 2 0 02 2013 241 Diagnostics 8 1 System Parameters Meaning Level Level of deviation between this device s configuration and the recognized neighboring devices The rule level can have 3 statuses O Information The performance of the communication between the two devices is not impaired PN Warning The performance of the communication between the two devices may be impaired Error Communication between the two devices is impaired Message The dialog specifies more precisely the information warnings and errors having occurred Table 217 Table in the Diagnostics System Configuration Check dialog cont Note A neighboring device without LLDP support which forwards LLDP packets may be the cause of equivocal messages in the dialog This occurs if the neighboring device is a hub or a switch without management which ignores the IEEE 802 1D 2004 standard In this case the dialog displays the devices recognized and connected to the neighboring device as connected to the switch port even though they are connected to the neighboring device Note If you have more than 39 VLANs configured on the device the dialog always shows a warning The reason is the limited number of possible VLAN data sets in LLDP frames with a maximum length The device compares the first 39 VLANs automatically If you have 40 or more VLANs configured on a device check the congruence of the further VLANs manually if necessary
127. ameters Meaning Name Defines a name for the SNMP manager Possible values 1 32 alphanumeric characters including the following special characters I H 8 lt gt ON Address Defines the IP address and the port number of the SNMP manager Possible values lt Valid IPv4 address gt lt port number gt Table 293 Table in the Diagnostics Status Configuration Alarms Traps dialog RM GUI RSPS Release 2 0 02 2013 299 Diagnostics Parameters Active 8 4 Status Configuration Meaning Defines whether the device sends SNMP messages traps to this SNMP manager Possible values Selected default setting The device sends traps to this SNMP manager Not selected The device does not send traps to this SNMP manager Table 293 Table in the Diagnostics Status Configuration Alarms Traps dialog Buttons Button Set Reload Create Remove Help Table 294 Buttons 300 Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the Create dialog to add a new entry to the table In the Create dialog you define the name and the IP address and port number of the SNMP manager If you choose not to enter a port number the device automatically adds the port number 162
128. anges afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Adds a new table entry Removes the selected table entry Sends an email to the configured address containing the log messages Sends a test email to the configured address Opens the online help Meaning of the severities for events Severity emergency alert critical error warning notice informational debug Meaning Device not ready for operation Immediate user intervention required Critical status Error status Warning Significant normal status Informal message Debug message Table 236 Meaning of the severities for events 256 RM GUI RSPS Release 2 0 02 2013 Diagnostics 8 2 Report 8 2 3 Email Logging Addresses Use this table to define the destination email addresses for the respective message type Table Parameters Index Message Type Address Active Meaning Shows a sequential number to which the table entry relates The device automatically defines this number Possible values 1 10 Defines the log message type to send to the destination email address Possible values urgent non urgent Defines the destination email address for the email alert Possible values Valid e mail address 0 255 alphanumeric characters Activates deactivates the transmission of email alerts for the en
129. anges afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Resets all the settings in the dialog to the default settings and transfers this change to the volatile memory of the device RAM Opens the online help 279 Diagnostics 8 4 Status Configuration 8 4 Status Configuration Use the dialogs in this menu to define the functions that the device monitors and the notification process The menu contains the following dialogs Device Status Security Status Signal Contact MAC Notification Alarms Traps RM GUI RSPS 280 Release 2 0 02 2013 Diagnostics 8 4 Status Configuration 8 4 1 Device Status The device status provides an overview of the overall condition of the device Many process visualization systems record the device status for a device in order to present its condition in graphic form The device displays its current status as Error or OK in the Device Status frame The device determines this status from the individual monitoring results The device displays the detected faults in the Device Status frame of the Basic Configuration System dialog for the monitored functions The device displays the detected fault with the higher priority when 2 or more detected faults occur at the same time The order of the functions listed in the Monitoring frame represents the monitor priority Meaning
130. ann devices to be detected via LLDP and learned as query ports n Possible values off default setting Active n Table 146 Configuration dialog in the Switching IGMP Snooping Enhancements wizard 170 RM GUI RSPS Release 2 0 02 2013 Switching 5 4 IGMP Parameters Meaning Forward All Defines the port as Forward A11 With the Forward A11 setting the device transmits at this port all data packets with a Multicast address in the destination address field Possible values off default setting Active Table 146 Configuration dialog in the Switching IGMP Snooping Enhancements wizard cont Button Meaning Back Displays the previous page again Changes are lost Next Saves the changes and opens the next page Finish Saves the changes and completes the configuration Cancel Closes the Wizard Changes are lost Table 147 Buttons After closing the Wizard click Set to save your settings RM GUI RSPS Release 2 0 02 2013 171 Switching 5 4 IGMP 5 4 3 IGMP Querier The device allows you to send a Multicast stream only to those ports to which a Multicast receiver is connected To determine which ports Multicast receivers are connected to the device sends query data packets to the ports at a definable interval If a Multicast receiver is connected it joins the Multicast stream by responding to the device with a report data packet This dialog allows you to configure the
131. anning Tree Port dialog section x3c tblsheetnum gt of 4 RM GUI RSPS 232 Release 2 0 02 2013 Redundancy 7 4 Spanning Tree Parameters Meaning Received Port ID Shows the port ID of the device from which this device port last received an STP BPDU Possible values For device ports with the designated role the device displays the information for the STP BPDU last received by the port This helps to diagnose the possible STP problems in the network For the alternate backup master and root port roles in the stationary condition static topology this information is identical to the information of the designated port role If a device port has no connection or if it has not received any STP BDPUs yet the device displays the values that the device port would send with the designated role Received Path Cost Shows the path cost that the higher level bridge has from its root port to the root bridge Possible values For device ports with the designated role the device displays the information for the STP BPDU last received by the port This helps to diagnose the possible STP problems in the network For the alternate backup master and root port roles in the stationary condition static topology this information is identical to the information of the designated port role If a device port has no connection or if it has not received any STP BDPUs yet the device displays the values that the device port would send with the
132. as follows L If the device port is still receiving BPDUs Onthe CIST tab page remove the selection from the checkbox in the Admin Edge Port column or Inthe Redundancy Spanning Tree Global dialog remove the selection in the BPDU Guard checkbox O To activate the device port in the Basic Configuration Port Configuration dialog select the checkbox in the Port on column for this device port Table 208 Protocol Configuration Information frame Bridge column in the Redundancy Spanning Tree Global dialog section x3c tblsheetnum gt of 3 Parameters Meaning Bridge ID Shows the bridge ID of the current root bridge Possible values lt Bridge priority gt lt MAC address gt The bridge ID is made up of the bridge priority and the MAC address Priority Shows the bridge priority of the current root bridge Possible values 0 61440 in steps of 4096 Table 209 Root column in Protocol Configuration Information frame in the Redundancy Spanning Tree Global dialog RM GUI RSPS 228 Release 2 0 02 2013 Redundancy 7 4 Spanning Tree Parameters Meaning Hello Time s Shows the time in seconds defined by the root bridge between the sending of two configuration messages Hello data packets Possible values Lb The device uses this specified value see the Bridge column Forward Delay s Shows the delay time in seconds defined by the root bridge for status changes Possible values 4 30
133. as zip archive 251 Saving event log permanently Secure shell Security status Selftest Setting the system time Severity for events SFP module SFP module temperature 340 260 83 286 243 112 127 252 256 268 268 SFP state display 268 Signal contact 291 Signature SSH 85 SNMPv1 v2 Community name 87 SNMP manager 299 SNMP messages traps 299 SNMP server 74 SNTP 118 SNTP client 118 SNTP server 123 Software update 37 Spanning Tree Protocol 224 SSH server 83 Starting the graphical user interface GUI 14 Static VLANs 181 Statistics table ports 266 Status line via menu 15 Switch dump zip archive 251 Syslog 258 System information HTML 240 System log 264 System monitor 243 System requirements GUI 13 Technical Questions 345 Telnet client 310 Telnet server 76 Temperature SFP module 268 Time 111 Time setting 112 114 127 Topology discovery 241 301 305 Training Courses 345 Transparent Clock PTP 139 Traps SNMP messages 299 Trap configuration Device status 282 Trust mode 192 U Unaware mode VLAN 152 Updating device software 37 User management 62 User defined VLANs 181 Utilization thresholds 155 Utilization ports 267 RM GUI RSPS Release 2 0 02 2013 Index Virtual Local Area Network VLAN VLANs dynamic VLANs set up VLANs static VLAN ports VLAN settings VLAN unaware mode VLAN management Volatile memory RAM WwW Watchdog Z Zip archive system information R
134. asic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Wizard Opens a Wizard that supports you in selecting and configuring a VLAN port Help Opens the online help Table 144 Buttons RM GUI RSPS Release 2 0 02 2013 169 Switching 5 4 IGMP Wizard Select VLAN Port This page of the Wizard allows you to assign a VLAN ID to a port Parameters VLAN ID Port Meaning Select the ID of the VLAN Possible values 1 4042 Select the device port Possible values Toly 1 2 Ty 3 ete Table 145 Select VLAN Port dialog in the Switching IGMP Snooping Enhancements Wizard Wizard Configuration This page of the Wizard allows you to configure the selected port Parameters VLAN ID Port Static Learn by LLDP Meaning Shows the ID of the VLAN to which the table entry applies Possible values 1 4042 VLAN IDs that are set up Shows the number of the device port to which the table entry relates Possible values de dy 2A keget Defines the port as a static query port The device only transmits IGMP report messages to the ports at which it receives IGMP queries Allows you to also transmit IGMP report messages to other selected ports enable or connected Hirschmann devices Automatic Possible values off default setting Active Defines the portas Learned by LLDP Allows directly connected Hirschm
135. ation profile only if it is unencrypted If the configuration encryption is active the device imports the device configuration only if it is encrypted and the password matches the password stored in the device Shows the settings of the configuration profile selected in the table in clear text as an XML If the configuration profile is encrypted enter the password in order to see the settings in clear text Copies the configuration profile selected in the table and saves it with a user defined name in the non volatile memory NVM The device designates the new configuration profile as Selected Note Before creating additional configuration profiles decide for or against permanently activated configuration encryption in the device Save additional configuration profiles either unencrypted or encrypted with the same password If the checkbox in the Auto save config on ENVM field is selected in the Basic Settings External Memory dialog the device also designates the configuration profile with the same name on the external memory as Selected Table 29 Buttons section x3c tblsheetnum gt of 5 50 RM GUI RSPS Release 2 0 02 2013 Basic Settings 1 4 Load Save Button Meaning Back to factory Resets the settings in the device to the factory settings defaults The device deletes the saved configuration profiles from the volatile memory RAM and from the non volatile memory NVM If an external memory is connected the
136. ave dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Table 226 Buttons RM GUI RSPS 250 Release 2 0 02 2013 Diagnostics Button Download Support Information Download JAR File Help Meaning 8 2 Report Opens the Save dialog This dialog allows you to save a ZIP archive on your PC that contains system information about the device The device generates the file name of the ZIP archive automatically based on the format lt IP address gt lt device name gt zip You will find an explanation of the files contained in the ZIP archive in the following section Opens the Save dialog The dialog allows you to save the Java Applet of the graphical user interface GUI on your PC as a JAR file When you start the JAVA Applet you have the option of administering the device even if its HTTP server is switched off for security reasons The device generates the file name of the Java Applet automatically based Flware version gt on the format lt product gt lt soi lt build no gt Jar Opens the online help Table 226 Buttons cont Support Information Files contained in ZIP archive System information Audit trail Output of CLI commands show port all show system info show mac addr table show mac filter table igmp snooping Default device configuration Device configuration Support Information System informat
137. bound data packets For outbound packets you specify which QoS prioritization information the device writes in the data packet e g priority for management packets port priority Note Switch off flow control if you use the functions in this menu The flow control is switched off if Activate Flow Control is unselected in the Switching Global dialog Configuration frame The menu contains the following dialogs Global Port Configuration 802 1D p Mapping IP DSCP Mapping Queue Management RM GUI RSPS Release 2 0 02 2013 189 QoS Priority 6 1 Global 6 1 Global The device allows you to maintain access to the management functions even in situations with heavy utilization In this dialog you define the required QoS priority settings Configuration Parameters Meaning VLAN Priority for Defines the VLAN priority for management data packets to be sent The Management device sends the management data packets with the priority specified packets here IP DSCP Value for Management packets Number of Queues per Port Possible values 0 7 default setting 0 In the QoS Priority 802 1D p Mapping dialog you assign the VLAN priority to the traffic classes and thus the data packets to a priority queue of the port Defines the DSCP value for data packets that the management of the device sends Possible values 0 63 default setting 0 be cs0 Some values in the list also have a DSCP keyword e g be cs0 af11
138. cessing of the priority queue with Weighted Fair Queuing You have the option of assigning minimum bandwidths for Weighted Fair Queuing to traffic classes Table Parameters Meaning Traffic Class Shows the traffic class assigned to a priority queue of the ports Strict Priority Defines whether the device processes the priority queues of the ports with Strict Priority or with Weighted Fair Queuing Possible values Selected default setting Strict Priority You use this setting for time and latency critical applications such as VoIP or video The device port only sends data packets that are in the priority queue with the highest priority If this priority queue is empty the device port sends data packets that are in the priority queue with the next lower priority The device port only sends data packets with a lower traffic class when the priority queues with a higher priority are empty In unfavorable situations the device port never sends these data packets Inthis setting the device switches the function on automatically even for all traffic classes with a higher priority Not selected Weighted Fair Queuing Weighted Round Robin WRR The user assigns a minimum bandwidth to each traffic class The device port transmits data packets with a low traffic class even if there is high utilization Inthis setting the device switches the function off automatically even for all traffic classes
139. checking it Defines the authentication protocol that the device applies for user access via SNMPv3 Possible values hmacmd5 For this user account the device uses protocol HMAC MD5 hmacsha For this user account the device uses protocol HMUAC SHA Defines the encryption protocol that the device applies for user access via SNMPVv3 Possible values none No encryption des DES encryption aesCfb128 AES 128 encryption Table 39 New Entry frame in the Security User Management dialog section x3c tblsheetnum gt of 3 Buttons Button Set Set and back Back Reload Remove Create Help Table 40 Buttons 68 Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Transfers the changes to the volatile memory RAM of the device and goes back to the previous dialog Displays the previous dialog again Changes are lost Updates the fields with the values that are saved in the volatile memory RAM of the device Removes the selected table entry Adds a new table entry Opens the online help RM GUI RSPS Release 2 0 02 2013 Security 2 2 Authentication List 2 2 Authentication List The device only allows users to access its management functions when they log in with valid login data The device authenticates the users either using the local user management or with a RADIUS
140. chosen value appears in the table instead of filling the cells with the values assigned by the device This makes it easier to analyze and sort the table according to your wishes All Displays every assigned value in the table Learned L Displays in the table the cells which contain among other possible values the value L When this value is selected cells containing values other than L are displayed as Static S Displays in the table the cells which contain among other possible values the value S When this value is selected cells containing values other than s are displayed as Automatic A Displays in the table the cells which contain among other possible values the value A When this value is selected cells containing values other than A are displayed as Learn by LLDP ALA Displays in the table the cells which contain among other possible values the value ALA When this value is selected cells containing values other than ALA are displayed as Forward all FA Displays in the table the cells which contain among other possible values the value FA When this value is selected cells containing values other than FA are displayed as Table 143 Display Categories pulldown menu in the switching IGMP Snooping Enhancements dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the B
141. chronization messages Possible values IEEE 802 3 default setting UDP IPv4 Defines the interval in seconds at which the device port transmits messages for the PTP topology discovery Assign the same value to all devices of a PTP domain Possible values 1 2 default setting 4 8 16 Defines the timeout for the announce interval Possible values 2 10 default setting 3 The value represents the number of the announce intervals Assign the same value to all devices of a PTP domain Example For the standard setting Announce Interval 2 s and Announce Timeout 3 the Timeout is 3x 2s 6s Shows the interval in seconds at which the device port measures the End to End delay If the device port is operating as the PTP master the device assigns the port the value 8 If the device port is operating as the PTP slave the value is defined by the PTP master connected to the port Table 116 Table in the Time PTP Boundary Clock Port dialog section x3c tblsheetnum gt of 4 136 RM GUI RSPS Release 2 0 02 2013 Time 3 3 PTP Parameters Meaning V1 Hardware Defines whether the device port adjusts the length of the PTP Compatibility synchronization messages when you have set the value UDP IPv4 in the Network Protocol field It is possible that other devices in the network expect the PTP synchronization messages to be the same length as PTPv1 messages Possible values auto default setting
142. ciated documentation files the Software to deal in the Software without restriction including without limitation the rights to use copy modify merge publish distribute sublicense and or sell copies of the Software and to permit persons to whom the Software is furnished to do so subject to the following conditions The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software THE SOFTWARE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM DAMAGES OR OTHER LIABILITY WHETHER IN AN ACTION OF CONTRACT TORT OR OTHERWISE ARISING FROM OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE RM GUI RSPS Release 2 0 02 2013 321 Appendix A 8 Copyright of Integrated Software A 8 3 libcurl Copyright c 1996 2012 Daniel Stenberg lt daniel haxx se gt All rights reserved Permission to use copy modify and distribute this software for any purpose with or without fee is hereby granted provided that the above copyright notice and this permission notice appear in all copies THE SOFTWARE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY F
143. clock Grandmaster The device allows you to influence which device in the network becomes the reference clock Grandmaster To do this you go to the Operation IEEE1588 PTPv2 BC frame and modify the value in the Priority 1 field or the Priority 2 field Parameters Meaning Priority 1 Shows priority 1 for the device that is currently the reference time source Grandmaster Clock Class Class of the reference clock Grandmaster Parameter for the Best Master Clock algorithm Clock Accuracy Estimated accuracy of the reference clock Grandmaster Parameter for the Best Master Clock algorithm Clock Variance Variance of the reference clock also known as the offset scaled log variance Parameter for the Best Master Clock algorithm Priority 2 Shows priority 2 for the device that is currently the reference clock Grandmaster Table 113 Grandmaster frame in the Time PTP Boundary Clock Globa1 dialog RM GUI RSPS 132 Release 2 0 02 2013 Time 3 3 PTP Local Time Properties Parameters Time Source UTC Offset s UTC Offset valid Time Traceable Frequency Traceable PTP Timescale Meaning Defines the time source from which the local clock gets its time information Possible values tomicClock ps errestrialRadio tp tp andset ther nternalOscillator default setting Defines the difference between the PTP time scale and the UTC See the PTP Timescale field g t P n
144. ct name specified by the memory manufacturer Version Shows the version number specified by the memory manufacturer Serial Number Shows the serial number specified by the memory manufacturer Table 30 Table in the Basic Settings External Memory dialog section x3c tblsheetnum gt of 2 RM GUI RSPS 52 Release 2 0 02 2013 Basic Settings Parameters Enable Automatic Software Update Config Priority Auto save config on envm 1 5 External Memory Meaning Defines whether the device updates the device software when it restarts Possible values selected default setting During a restart the device updates the device software when the following files are located in the external memory the image file of the device software atextfile startup txt with the content autoUpdate FILE NAME OF THE IMAGE FILE Not selected The device performs the restart without updating the device software Specifies which memory the device loads the configuration profile from when it restarts Possible values disable The device loads the configuration profile from the non volatile memory NVM first second third The device loads the configuration profile from the external memory ENVM If the device does not find a configuration profile on the external memory it loads the configuration profile from the non volatile memory NVM Note When loading the configuration profile from the external memor
145. d Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Save Transfers the settings from the volatile memory RAM into the configuration profile designated as Selected in the non volatile memory NVM If the checkbox in the Auto save config on ENVM field is selected in the Basic Settings External Memory dialog the device generates a copy of the configuration profile on the external memory Table 29 Buttons section x3c tblsheetnum gt of 5 RM GUI RSPS Release 2 0 02 2013 47 Basic Settings Button Activate Delete 1 4 Load Save Meaning Loads the settings of the configuration profile selected in the table to the volatile memory RAM The device terminates the connection to the graphical user interface O Reload the graphical user interface O Login again The device immediately uses the settings of the configuration profile in the current operation Switch on the function Undo Modifications of Configuration before you activate another configuration profile If the connection is lost afterwards the device loads the last configuration profile designated as Selected from the non volatile memory NVM The device can then be accessed again If the configuration encryption is inactive the device loads the configuration profile only if it is unencrypted If the configuration encryption is active the device loads the configuration
146. dates the fields with the values that are saved in the volatile memory RAM of the device Reset port counters Resets the counter for the port statistics to 0 Help Opens the online help Table 250 Buttons RM GUI RSPS 266 Release 2 0 02 2013 Diagnostics 8 3 Ports 8 3 2 Utilization This dialog displays the utilization network load for the individual device ports Table Parameters Port Utilization Lower Threshold Upper Threshold Control Interval s Alarm Meaning Shows the number of the device port to which the table entry relates Shows the current utilization in percent in relation to the time interval specified in the Control Interval s column The utilization is the relationship of the received data quantity to the maximum possible data quantity at the currently configured data rate Defines a lower threshold for the utilization If the utilization of the device port falls below this value the Alarm field shows an alarm Possible values 0 00 100 00 default setting 0 00 The value 0 deactivates the lower threshold Defines an upper threshold for the utilization If the utilization of the device port exceeds this value the Alarm field shows an alarm Possible values 0 00 100 00 default setting 0 00 The value 0 deactivates the upper threshold Defines the interval in seconds Possible values 1 3600 default setting 30 The value 0 deactivates the savin
147. designated role Admin Edge Port Specifies whether a terminal device is connected to the device port Possible values Not selected default setting An STP bridge is connected to the device port After the connection is set up the device port switches to the learning state before switching to the forwarding State if applicable Selected A terminal device is connected to the device port After the connection is set up the device port switches to the forwarding state without switching to the learning state beforehand If the device port receives an STP BPDU the device deactivates the port if the BPDU Guard function is switched on in the Redundancy Spanning Tree Global dialog Table 212 CIST tab page in the Redundancy Spanning Tree Port dialog section x3c tblsheetnum gt of 4 RM GUI RSPS Release 2 0 02 2013 233 Redundancy Parameters Auto Edge Port Oper Edge Port Oper PointToPoint 7 4 Spanning Tree Meaning Activates deactivates the automatic detection of whether a terminal device is connected to the device port This setting is only effective if the device checkbox in the Admin Edge Port column is not selected Possible values Selected default setting After the connection is set up after 1 5 x Hello Time the device sets the device port to the forwarding state default setting 1 5 x 2 s if the port has not received any STP BPDUs during this time Not selected After the connection is
148. dge priority than the devices in the connected RSTP network You thus help avoid a connection interruption for devices outside the Ring RM GUI RSPS 202 Release 2 0 02 2013 Redundancy 7 1 MRP A WARNING RING LOOP HAZARD To avoid loops during the configuration phase configure all the devices individually Before you connect the redundant line be sure to complete the configuration of all the devices Failure to follow these instructions can result in death serious injury or equipment damage Operation Parameters Meaning Operation When you have configured all the parameters for the MRP Ring you switch the function on here Possible values Off default setting On When you have configured all the devices in the MRP Ring the redundancy is activated Table 178 Operation frame in the Redundancy MRP dialog Ring Port 1 Ring Port 2 Parameters Meaning Port Number of the device port that is operating as a ring port Operation Shows the operating status of the ring port Possible values forwarding Port is switched on connection exists blocked Port is blocked connection exists disabled Port is disabled not connected No connection exists Table 179 Ring Port 1 frame Ring Port 2 frame in the Redundancy MRP dialog RM GUI RSPS Release 2 0 02 2013 203 Redundancy 7 1 MRP Configuration Parameters Ring Manager Advanced Mode Ring Recovery Meaning Defines whether the device is operatin
149. dy defines as a source port in the table The value no Port means No destination port Table 266 Destination Port frame in the Diagnostics Ports Port Mirroring dialog RM GUI RSPS 278 Release 2 0 02 2013 Diagnostics Table Parameters Source Port Enabled Type 8 3 Ports Meaning Number of the device port to which the table entry relates Possible values lt Port number gt Enables disables the copying of the data packets from this device port to the destination port Possible values Not selected default setting The copying of the data packets is disabled Selected The copying of the data packets is enabled The port is specified as a source port Disabled It is not possible to copy the data packets for this port Possible causes The port is specified as a destination port The port is a logical port not a physical port Specifies which data packets the device copies to the destination port Possible values none default setting No data packets tx Data packets that the source port transmits rx Data packets that the source port receives txrx Data packets that the source port transmits and receives Table 267 Table in the Diagnostics Ports Port Mirroring dialog Buttons Button Set Reload Reset Config Help Table 268 Buttons RM GUI RSPS Release 2 0 02 2013 Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the ch
150. e and also configure it for each port and each VLAN Operation Parameters Meaning Operation When the function is switched on the IGMP Snooping function according to RFC 4541 Considerations for Internet Group Management Protocol IGMP and Multicast Listener Discovery MLD Snooping Switches is activated in the device Possible values On When the function is switched on the IGMP Snooping protocol is activated globally in the device off default setting When the function is switched off the device transmits received query report and leave data packets without evaluating them Received data packets with a Multicast destination address are transmitted to all ports by the device Table 137 Operation frame in the Switching IGMP IGMP Snooping dialog RM GUI RSPS Release 2 0 02 2013 163 Switching 5 4 IGMP Information Parameters Meaning Multicast Control Frames Processed Shows the number of Multicast control data packets processed This statistic encompasses the following packet types IGMP Reports IGMP Queries version V1 IGMP Queries version V2 IGMP Queries version V3 IGMP Queries with an incorrect version PIM or DVMRP packets The device uses the Multicast control data packets to create the address table for transmitting the Multicast data packets Possible values 0 231 1 You use the Reset IGMP Snooping Counter button in the Basic Settings Restart dialog or the clear ig
151. e system uptime The VLAN has been set up in the device since this time Possible values day s hh mm ss Port Shows on which ports the device transmits the data packets for the corresponding VLANs and how it handles the VLAN tagging Possible values The port does not transmit any data packets for the VLAN The port is not a member of the VLAN T The port transmits data packets with a VLAN tag tagged U The port transmits data packets without a VLAN tag untagged Table 157 Table in the Switching VLAN Current dialog cont Buttons Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 158 Buttons RM GUI RSPS 180 Release 2 0 02 2013 Switching 5 5 VLAN 5 5 3 Static This dialog allows you to set up and manage VLANs For each VLAN you specify to which ports the sending of a data packet is allowed and whether the port sends the data packet with or without a VLAN tag This dialog allows you to create and manage VLANs In the table you assign the VLANs that are set up to the device ports In the process you define whether a port transmits data packets in the corresponding VLAN and how the port handles the VLAN tagging The device transmits the data packets in the corresponding VLAN if the vLAN Unaware Mode function is deactivated in the Switching Global dialog Note The VLAN settings are only effective if the
152. e Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 72 Buttons RM GUI RSPS Release 2 0 02 2013 93 Security 2 3 Management Access 2 3 12 CLI Login Banner This tab page allows you to replace the CLI start screen with your own text In the state on delivery the CLI start screen shows information about the device such as the software version and the device settings With the function on this tab page you deactivate this information and replace it with an individually defined text To display your own text in the CLI and in the graphical user interface before the login you use the Security Pre login Banner dialog Operation Parameters Meaning Operation When this function is switched on the device shows the text information defined in the Banner Text field to all the users that login to the device via the Command Line Interface CLI When the function is switched off the CLI start screen shows information about the device The text information in the Banner Text field is kept Possible values off default setting On Table 73 Operation frame in the Security Management Access CLI dialog Login Banner tab page Banner Text Parameters Meaning Banner Text Defines the character string that the device displays in the Command Line Interface at the start of every com
153. e configuration in the device differs from the device configuration on the external memory Ring redundancy Defines whether the signal contact monitors the ring redundancy Possible values Ignore default setting The signal contact ignores this parameter Monitor The signal contact opens in the following situations The redundancy function becomes active loss of redundancy The device is a normal ring participant and detects an error in the local configuration Table 282 Monitoring Correct Operation frame in the Diagnostics Status Configuration Signal Contact dialog cont Manual Setting This frame allows you to control the signal contact remotely This is useful in the following situations for example Simulating an error during SPS error monitoring Remote control of a device via SNMP such as switching on a camera Parameters Meaning Contact Defines the status of the signal contact Possible values Opened default setting The signal contact is opened Closed The signal contact is closed Table 283 Manual Setting frame in the Diagnostics Status Configuration Signal Contact dialog RM GUI RSPS 294 Release 2 0 02 2013 Diagnostics 8 4 Status Configuration Device Status This frame shows the status of the signal contact The signal contact indicates the device status if you have selected the Device Status option field in the Signal Contact Mode frame The signal contact indica
154. e credit is given to the author and the OpenBSD project by leaving this copyright notice intact RM GUI RSPS 326 Release 2 0 02 2013 Appendix A 8 Copyright of Integrated Software 4 The Rijndael implementation by Vincent Rijmen Antoon Bosselaers and Paulo Barreto is in the public domain and distributed with the following license version 3 0 December 2000 Optimised ANSI C code for the Rijndael cipher now AES author Vincent Rijmen lt vincent rijimen esat kuleuven ac be gt author Antoon Bosselaers lt antoon bosselaers esat kuleuven ac be gt author Paulo Barreto lt paulo barreto terra com br gt This code is hereby placed in the public domain THIS SOFTWARE IS PROVIDED BY THE AUTHORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED INNO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE RM GUI RSPS Re
155. e device uses the value specified by the root bridge see the Root column In the RSTP protocol the bridges negotiate a status change without a specified delay The STP protocol uses the parameter to delay the status change between the statuses disabled discarding learning forwarding The parameters Forward Delay and Max Age have the following relationship Forward Delay 2 Max Age 2 1 If you enter a value in the field that contradict this relationship the device replaces these values with the last valid values or with the default value Table 208 Protocol Configuration Information frame Bridge column in the Redundancy Spanning Tree Global dialog section x3c tblsheetnum gt of 3 RM GUI RSPS 226 Release 2 0 02 2013 Redundancy 7 4 Spanning Tree Parameters Meaning Specifies the maximum permissible branch length i e the number of Max Age Tx Hold Count devices to the root bridge Possible values 6 40 default setting 20 If the device takes over the role of the root bridge the other devices in the network use the value defined here Otherwise the device uses the value specified by the root bridge see the Root column The STP protocol uses the parameter to specify the validity of STP BPDUs in seconds Limits the maximum transmission rate for sending BPDUs Possible values 1 10 default setting 10 When the device sends a BPDU it increments a counter at this d
156. e dialogs in this menu show information on statuses and events that the device has logged In service cases this information helps our support to diagnose the situation The menu contains the following dialogs System Report Ports Status Configuration LLDP RM GUI RSPS Release 2 0 02 2013 239 Diagnostics 8 1 System 8 1 System The dialogs in this menu allow you to display the current operating conditions to verify that the device configuration conforms to the network environment and control the behavior of the device upon start up The menu contains the following dialogs System Information Configuration Check Selftest 8 1 1 System Information This dialog displays the current operating condition of individual components in the device The displayed values are a snapshot they represent the operating condition at the time the dialog was loaded to the page The dialog allows you to search the page for search terms and save them in HTML format on your PC Buttons Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Search Opens the Search dialog The dialog allows you to search the log file for search terms or regular expressions Save Opens the Save dialog The dialog allows you to save the log file in HTML format on your PC Help Opens the online help Table 215 Buttons RM GUI RSPS 240 Release 2 0 02 2013 Diagnostics 8 1 System 8 1 2 Confi
157. e information and downloads on the product pages of the Hirschmann website RM GUI RSPS 318 Release 2 0 02 2013 Appendix A 7 Literature references A 7 Literature references Optische Ubertragungstechnik in industrieller Praxis Christoph Wrobel Hrsg Huthig Buch Verlag Heidelberg ISBN 3 7785 2262 0 Hirschmann Manual Basics of Industrial ETHERNET and TCP IP 280 710 834 TCP IP Illustrated Vol 1 W R Stevens Addison Wesley 1994 ISBN 0 201 63346 9 Hirschmann Installation user manual Hirschmann Basic Configuration user manual Hirschmann Redundancy Configuration user manual Hirschmann Routing Configuration user manual Hirschmann GUI Graphical User Interface reference manual Hirschmann Command Line Interface reference manual Hirschmann User Guide Industry Protocol Hirschmann Manual Network Management System Industrial HiVision RM GUI RSPS Release 2 0 02 2013 319 Appendix A 8 Copyright of Integrated Software A 8 Copyright of Integrated Software A 8 1 lighttpd Copyright c 2004 Jan Kneschke incremental All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce
158. e operating modes actually available depend on the corresponding media module Table 32 Table in the Basic Settings Port Configuration dialog section x3c tblsheetnum gt of 4 56 RM GUI RSPS Release 2 0 02 2013 Basic Settings Parameters Link Current Settings Manual Cable Crossing Auto Conf off 1 6 Port Configuration Meaning Displays the currently set operating mode of the device port Possible values No cable connected no link 10 Mbit s HDX Half duplex connection 10 Mbit s FDX Full duplex connection 100 Mbit s HDX Half duplex connection 100 Mbit s FDX Full duplex connection 1000 Mbit s FDX Full duplex connection Defines the devices connected to a TP port Prerequisite The automatic configuration of the device port is deactivated Possible values mdi The device switches the send and receive line pairs at the device port mdix default setting on TP ports The device does not switch any line pairs at the device port auto mdix The device detects the send and receive line pairs of the connected device and automatically adapts to them Example When you connect a terminal device with a crossed cable the device automatically resets the port from MDIX to MDI unsupported default setting on optical ports or TP SFP ports The device port does not support this function Table 32 Table in the Basic Settings Port Configuration dialog section x3c tblsheetnum gt of 4 RM GUI RSPS Re
159. e port to which the table entry relates Table 130 Table in the Ingress tab of the switching Rate Limiter dialog RM GUI RSPS Release 2 0 02 2013 155 Switching Parameters Threshold Threshold Unit Broadcast Mode Multicast Mode Unknown Unicast Mode 5 2 Rate Limiter Meaning Defines the threshold value for Broadcast Multicast and Unicast traffic on this port Possible values 0 24414 at 100 MBit s 0 244140 at 1000 MBit s default setting 0 The value 0 deactivates the rate limiter function on this port O Enter a percentage between 0 and 100 if the value percent is selected in the Threshold Unit column O Enter an absolute value for the data rate if the value pps is selected in the Threshold Unit column The rate limiter function calculates the threshold based on data packets sized 512 bytes Defines the unit for the threshold value Possible values percent default setting The threshold value is entered as a percentage of the data rate of the port pps The threshold value is entered in data packets per second Activates deactivates the rate limiter function for received Broadcast data packets Possible values Not selected default setting Selected If the threshold value is exceeded the device discards the excess Broadcast data packets on this port Activates deactivates the rate limiter function for received Multicast data packets Possible values Not selected
160. e root bridge alternate Device port with the alternative path to the root bridge currently interrupted designated Device port for the side of the tree averted from the root bridge backup Device port receives STP BPDUs from its own device disabled The device port is switched off See the Basic Settings Port Configuration dialog Port Path Cost Defines the path cost of the device port Possible values 0 200000000 default setting 0 If the value is 0 the device automatically calculates the path costs depending on the data rate of the device port Port Priority Defines the priority of the device port Possible values 16 240 in steps of 16 default setting 128 This value represents the first 4 bits of the port ID Received Bridge ID Shows the bridge ID of the device from which this device port last received an STP BPDU Possible values For device ports with the designated role the device displays the information for the STP BPDU last received by the port This helps to diagnose the possible STP problems in the network For the alternate backup master and root port roles in the stationary condition static topology this information is identical to the information of the designated port role If a device port has no connection or if it has not received any STP BDPUs yet the device displays the values that the device port would send with the designated role Table 212 CIST tab page in the Redundancy Sp
161. e still available in the Banner Text field Possible values 512 0 Table 89 Banner Text frame in the Security Pre login Banner dialog Buttons Button Set Reload Help Table 90 Buttons RM GUI RSPS Release 2 0 02 2013 Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help 109 Security 2 6 Pre login Banner RM GUI RSPS 110 Release 2 0 02 2013 Time 3 Time The device allows you to synchronize the system time in the device and in the network with SNTP Simple Network Time Protocol and PTP Precision Time Protocol PTP is significantly more accurate than SNTP If both protocols are activated in the device PTP has priority The device is equipped with a buffered hardware clock This clock maintains the correct time if the power supply fails or you disconnect the device from the power supply After the device is started the current time is available to you e g for log entries The hardware clock bridges a power supply downtime of 3 hours The prerequisite is that the power supply of the device has been connected continually for at least 5 minutes beforehand The menu contains the following dialogs Basic Settings SNTP PIP RM GUI RSPS Release 2 0 02
162. e values emergency alert Critical error warning default setting notice informational debug Table 223 Buffered Logging frame in the Diagnostics Report Global dialog SNMP logging Parameters Log SNMP Get Request Log SNMP Set Request Meaning When the function is switched on the device logs an event for the syslog for SNMP Get Requests You define the severity for this event in the Severity Get Request field Possible values On Off default setting When the function is switched on the device logs an event for the syslog for SNMP Set Requests You define the severity for this event in the Severity Set Request field Possible values On off default setting Table 224 SNMP Logging frame in the Diagnostics Report Global dialog 248 RM GUI RSPS Release 2 0 02 2013 Diagnostics Parameters Severity Get Request Severity Set Request 8 2 Report Meaning Defines the severity of the event that the device logs for SNMP Get Requests Possible values emergency alert critical error warning notice default setting informational debug Defines the severity of the event that the device logs for SNMP Set Requests Possible values emergency alert critical error warning notice default setting informational debug Table 224 SNMP Logging frame in the Diagnostics Report Globa1l dialog cont When you activate the logging of SNMP requests the
163. eceive a query data packet the device removes the port from the list of ports with connected Multicast routers You can only configure this parameter if the port belongs to an existing VLAN Possible values 3600 default setting 260 The value 0 means an unlimited timeout no expiration time Table 140 VLAN tab in the switching IGMP IGMP Snooping dialog cont Buttons Button Set Reload Help Table 141 Buttons RM GUI RSPS Release 2 0 02 2013 Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help 167 Switching 5 4 2 5 4 IGMP IGMP Snooping Enhancements With this dialog you can select a port for a VLAN ID and configure this port Table Parameters VLAN ID Port Meaning Shows the ID of the VLAN to which the table entry applies Possible values 1 4042 VLAN IDs that are set up Shows for every VLAN set up in the device whether the relevant device port is a query port Additionally the field shows whether the device transmits all the Multicast streams in the VLAN to this port Possible values The port is not a query port in this VLAN A Automatic The device has detected the port as a query port A prerequisite is that the
164. ed Shows in ascending order the VLAN ID and MAC address of the senders automatically recorded on this port The device transmits data packets from these senders when it receives the data packets on this port You specify the upper limit for the number of entries in the table Dynamic Limit field The lt and lt lt buttons allow you to transfer entries from this field into the Static Addresses field In this way you connect relevant sender with the port Table 80 Wizard in the Ssecurity Port Security dialog Addresses page cont Button Back Next Finish Table 81 Buttons 100 Meaning Displays the previous page again Changes are lost Saves the changes and opens the next page Saves the changes and completes the configuration RM GUI RSPS Release 2 0 02 2013 Security 2 4 Port Security Button Meaning Cancel Closes the Wizard Changes are lost Table 81 Buttons cont After closing the Wizard click Set to save your settings Note The device stores the senders connected with the port until you deactivate the checking of the sender on the relevant port or in the Operation frame RM GUI RSPS Release 2 0 02 2013 101 Security 2 5 RADIUS 2 5 RADIUS With its factory settings the device authenticates users based on the local user management However as the size of a network increases it becomes more difficult to keep the login data of the users consistent across the devices RADIUS Re
165. ed voice traffic vlan dotlp priority The port filters Voice VLAN data packets based on vian and dot1p priority tagging untagged The port filters data packets without a Voice VLAN tag vlan The port filters Voice VLAN data packets based on vlan tagging dotlp The port filters Voice VLAN data packets based on dotip tagging Configure the Priority value when using this option Defines the trust mode for data traffic on the port The device uses this mode for data traffic on the Voice VLAN when co locating a VoIP phone and PC and both use the same cable to transmit data Possible values trust default setting This setting allows the data traffic to run at a normal priority with voice traffic present on the interface untrust With voice traffic present and the Voice VLAN Mode set to dotip priority data traffic uses priority 0 When the interface forwards data traffic exclusively the data traffic uses the normal priority Shows the status of the Voice VLAN on the port Possible values enabled disabled Defines the ID of the VLAN to which the table entry applies To forward traffic to this VLAN ID using this filter set the Voice VLAN Mode to vlan Possible values 1 4042 VLAN IDs that are set up Table 164 Table in the switching VLAN Voice dialog 186 RM GUI RSPS Release 2 0 02 2013 Switching 5 5 VLAN Parameters Meaning Priority Defines the port Voice VLAN Priority if the Voice Vlan Mode is dot 1p
166. elease 2 0 02 2013 Time 3 2 SNTP 3 2 2 Server With this dialog you can define the settings with which the device operates as an SNTP server The SNTP server provides the Universal Time Coordinated UTC without considering local time differences If the configuration is such the SNTP server operates in Broadcast mode In Broadcast mode the SNTP server automatically sends Broadcast messages or Multicast messages according to the Broadcast send interval Operation Parameters Meaning Operation When the function is switched on the device operates as an SNTP Server Possible values On Off default setting Note the setting in the Disable Server at local Time Source checkbox in the Configuration frame Table 102 Operation frame in the Time SNTP Server dialog Configuration Parameters Meaning Listen UDP Port Defines the number of the UDP port on which the SNTP server of the device receives requests from other clients Possible values 1 65535 default setting 123 Exception Port 2222 is reserved for internal functions Table 103 Configuration frame in the Time SNTP Server dialog RM GUI RSPS Release 2 0 02 2013 123 Time Parameters Broadcast Admin Mode Broadcast Destination Address Broadcast Port Broadcast VLAN ID Broadcast Send Interval s Disable Server at local Time Source 3 2 SNTP Meaning Activates deactivates the Broadcast mode Selected The SNTP server repli
167. elp Table 19 Buttons RM GUI RSPS 36 Release 2 0 02 2013 Basic Settings 1 3 Software 1 3 Software This dialog allows you to update the device software and display information about the device software Version Parameters Meaning Stored Version Shows the version number and creation date of the device software stored in the flash memory The device loads the device software during the next restart Export Exports the Stored Version of the device software and saves it as an image file on your PC Running Version Shows the version number and creation date of the device software that the device loaded during the last restart and is currently running Bootcode Shows the version number and creation date of the boot code Table 20 Version frame in the Basic Settings Software dialog RM GUI RSPS Release 2 0 02 2013 37 Basic Settings 1 3 Software Software Update Parameters File Update Meaning Defines the path and the file name of the image file with which you update the device software The device gives you the following options for updating the device software File upload If the file is located on your PC or on a network drive click and select the file there TFTP upload If the file is located on a TFTP server enter the URL for the file in the following form tftp lt IP address gt lt path gt lt file name gt SCP or SFTP upload If the file is located on an SCP or SFTP server enter
168. elp 2 5 RADIUS Meaning Updates the fields with the values that are saved in the volatile memory RAM of the device Adds a new table entry Removes the selected table entry Opens the online help Table 85 Buttons cont 2 5 3 Authentication Statistics This dialog shows information about the communication between the device and the authentication server The table shows the information for each server in a separate row To delete the statistics click Clear RADIUS Statistics inthe Security RADIUS Global dialog Table Parameters Name Address Round Trip Time Access Requests Retransmitted Access Request Packets Access Accepts Access Rejects Meaning Shows the name of the server Shows the IP address of the server Shows the time interval in hundredths of a second between the last response received from the server Access Reply Access Challenge and the corresponding data packet sent Access Request Shows the number of access data packets that the device sent to the server This value does not take repetitions into account Shows the number of access data packets that the device retransmitted to the server Shows the number of access accept data packets that the device received from the server Shows the number of access reject data packets that the device received from the server Table 86 RADIUS Authentication Statistics dialog table 106 RM GUI RSPS Release 2 0 02 2013
169. emory the device stores the settings for the current operation NVM non volatile memory of the device From the non volatile memory the device loads the Selected configuration profile during a restart or when applying the function Undo Modification of Configuration The non volatile memory provides space for multiple configuration profiles depending on the number of settings saved in the configuration profile The device manages a maximum of 20 configuration profiles in the non volatile memory If you select a configuration profile in the table and click Activate the device loads this configuration profile to the volatile memory RAM ENVM external memory On the external memory the device saves a backup copy of the Selected configuration profile The prerequisite for this is that checkmark is selected in the Auto save config on ENVM field in the Basic Settings External Memory dialog Name Shows the name of the configuration profile Possible values running config Name of the e profile in the volatile memory RAM config Name of the factory setting configuration profile in the non volatile memory NVM User defined name The device allows you to save a configuration profile with a user defined name by selected an existing configuration profile in the table and clicking Save As Modification Date Shows the time at which a user last saved the configuration profile Table 28 Table in the Basic Settings Load
170. en permission please contact openssl core openssl org 5 Products derived from this software may not be called OpenSSL nor may OpenSSL appear in their names without prior written permission of the OpenSSL Project 6 Redistributions of any form whatsoever must retain the following acknowledgment This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit http www openssl org THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT AS IS AND ANY EXPRESSED OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL RM GUI RSPS 334 Release 2 0 02 2013 Appendix A 8 Copyright of Integrated Software DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN This product includes cryptographic software written by Eric Young eay cryptsoft com This product includes software written by Tim Hudson
171. ent error occurs Possible values reboot default setting The device triggers a cold reset logOnly The device logs the error in the log file system log sendTrap The device sends an SNMP message trap The prerequisite for sending SNMP messages traps is that the function is switched on in the Diagnostics Status Configuration Alarms Traps dialog and atleast 1 SNMP manager is defined Table 220 Table in the Diagnostics System Selftest dialog RM GUI RSPS 244 Release 2 0 02 2013 Diagnostics 8 1 System Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 221 Buttons RM GUI RSPS Release 2 0 02 2013 245 Diagnostics 8 2 Report 8 2 Report The device allows you to log user actions and device specific events In this menu you configure the logging settings for the device You also have the option to view the reports The menu contains the following dialogs Global Syslog Persistent Logging Hardware State System Log Audit Trail RM GUI RSPS 246 Release 2 0 02 2013 Diagnostics 8 2 Report 8 2 1 Global The device allows you to log specific events using the following outputs on the console on one or more syslog servers o
172. er interface RM GUI RSPS Release 2 0 02 2013 11 Key RM GUI RSPS 12 Release 2 0 02 2013 Graphical User Interface Graphical User Interface System requirements To open the graphical user interface you need a Web browser for example Mozilla Firefox version 3 5 or later or Microsoft Internet Explorer version 6 or later Installation Note The graphical user interface uses Java 6 or Java 7 Install the software from the enclosed CD ROM To do this you go to Additional Software select Java Runtime Environment and click on Installation RM GUI RSPS Release 2 0 02 2013 13 Graphical User Interface E Starting the graphical user interface The prerequisite for starting the graphical user interface first configure the IP parameters of the device correctly The Basic Configuration user manual contains detailed information that you need to define the IP parameters C Start your Web browser O Activate Java in the security settings of your Web browser CI Write the IP address of the device in the address field of the Web browser Use the following form https xxx xxx xXxxX XXX The Web browser sets up the connection to the device and shows the login window Rh HIRSCHMANN Rail Switch Power Smart Software Version HiOS 2S 02 0 00 Login user Dee Password Language English Pe Figure 1 Login window C Select the user name and enter the password C Select the language in which
173. erature thresholds in the Basic Settings System dialog in the Temperature C field Ring Redundancy Defines whether the device monitors the ring redundancy Possible values Ignore default setting The device ignores this parameter Monitor The device changes the device status to Error in the following situations The redundancy function becomes active loss of redundancy reserve The device is a normal ring participant and detects an error in the local configuration Table 271 Monitoring frame in the Diagnostics Status Configuration Device Status dialog RM GUI RSPS 282 Release 2 0 02 2013 Diagnostics 8 4 Status Configuration Parameters Meaning Connection error Defines whether the device monitors the link status of the device ports Possible values Ignore default setting The device ignores this parameter Monitor The device changes the device status to Error if the link at a device port is interrupted You have the option of selecting the device ports to be monitored individually ENVM removal Defines whether the device monitors the active external memory Possible values Ignore default setting The device ignores this parameter Monitor The device changes the device status to Error if you remove the active external memory from the device ENVM notin Sync Defines whether the device monitors the synchronization of the device configuration in the device and on the external memory
174. erver does not reply the device sends its requests to the SNTP server configured in the next table entry If none of the configured SNTP servers responds in the meantime the SNTP client loses its synchronization The device cyclically sends requests to each SNTP server until a server delivers a valid time The device synchronizes itself with this SNTP server even if the other servers can be reached again later Specifies the name of the SNTP server Possible values 1 32 alphanumeric characters Specifies the IP address of the SNTP server Possible values Valid IPv4 address default setting 0 0 0 0 Defines the UDP Port on which the SNTP server expects the time information Possible values 1 65535 default setting 123 Exception Port 2222 is reserved for internal functions Table 100 Table in the Time SNTP Client dialog 120 RM GUI RSPS Release 2 0 02 2013 Time Parameters Status Active 3 2 SNTP Meaning Shows the connection status between the SNTP client and the SNTP server Possible values SUCCESS The device has successfully synchronized the time with the SNTP server badDateEncoded The time information received contains protocol errors synchronization failed other The value 0 0 0 0 is entered for the IP address of the SNTP server synchronization failed or The SNTP client is using a different SNTP server requestTimedoOut The device has not received a reply from the SNTP ser
175. es In the process the device switches off the HTTPS server Table 55 Certificate frame in the securi ty Management Access Server dialog HTTPS tab page Note In the Web browser a warning appears when you are loading the graphical user interface if you are using a certificate that has not been verified by a certifying organization To load the graphical user interface add an exception rule for the certificate in the Web browser RM GUI RSPS Release 2 0 02 2013 81 Security 2 3 Management Access Certificate Import Parameters URL Import Meaning Defines the path and file name of the certificate X 509 certificates PEM are permitted The device gives you the following options for copying the certificate to the device File upload If the certificate is on your PC or on a network drive click and select the file that contains the signature key TFTP upload If the certificate is on a TFTP server enter the URL for the file in the following form tftp lt IP address gt lt path gt lt file name gt SCP or SFTP upload If the certificate is on an SCP or SFTP server you enter the URL for the file in the following form scp orsftp lt IP address gt lt path gt lt file name gt When you click Import the device displays the Authentication window There you enter the User and Password to login to the server scp orsftp lt user gt lt password gt lt IP address gt l
176. es the BPDU even if the TCN guard is switched on Example The device receives better path information for the root bridge Table 213 Guards tab page in the Redundancy Spanning Tree Port dialog section x3c tblsheetnum gt of 3 RM GUI RSPS Release 2 0 02 2013 235 Redundancy Parameters Loop Guard Loop State Trans into Loop Trans out of Loop 7 4 Spanning Tree Meaning Switches the monitoring of loops on off on the device port With this setting the device prevents loops if the device port does not receive any more STP BPDUs Only use this setting for device ports with the STP role alternate backup or root Possible values Not selected default setting The monitoring of loops is switched off If the device port does not receive any STP BPDUs for a while the device sets the state of the port to the value forwarding Selected The monitoring of loops is switched on This prevents loops e g if you switch off the Spanning Tree function on the remote device or if the connection is only interrupted in the receiving direction Ifthe device port does not receive any STP BPDUs for a while the device sets the state of the port to the value discarding and the value in the Loop State field to true Ifthe device port then receives STP BPDUs again the device sets the state of the port to a value according to the port role and the value in the Loop State field to false If you switch on the
177. es to requests from SNTP clients in Unicast mode and also sends SNTP packets in Broadcast mode as Broadcasts or Multicasts Not selected default setting The SNTP server replies to requests from SNTP clients in the Unicast mode Defines the IP address to which the SNTP server of the device sends the SNTP packets in Broadcast mode Possible values Valid IPv4 address default setting 0 0 0 0 Broadcast and Multicast addresses are permitted Defines the number of the UDP port at which the SNTP server sends the SNTP packets in Broadcast mode Possible values 1 65535 default setting 123 Exception Port 2222 is reserved for internal functions Defines the ID of the VLAN in which the SNTP server of the device sends the SNTP packets in Broadcast mode Possible values 0 4042 default setting 1 If you set the value to 0 the SNTP server of the device sends the SNTP packets in the same VLAN in which the management functions of the device can be accessed See the Basic Settings Network dialog Defines the time interval at which the SNTP server of the device sends SNTP broadcast packets Possible values 64 1024 default setting 128 Defines whether the device disables the SNTP Broadcast server when it is synchronized to the local clock Possible values Selected The device disables the SNTP Broadcast server when it is synchronized to the local clock The SNTP server continues to reply to requests from SNTP clients In
178. esired senders In the device these addresses are known as Static Addresses To keep the setup process as simple as possible the device allows you to record the desired senders automatically The device learns the senders by evaluating the received data packets In the device these addresses are known as Dynamic Addresses When a user defined upper limit has been reached Dynamic Limit the device stops the learning on the relevant port and only transmits the data packets of the senders already recorded When you adjust the upper limit to the number of expected senders you thus make MAC Flooding attacks more difficult Note With the automatic recording of the Dynamic Addresses the device always discards the 1st data packet from unknown senders Using this 1st data packet the device checks whether the upper limit has been reached The device records the sender until the upper limit is reached Afterwards the device transmits data packets that it receives on the relevant port from this sender RM GUI RSPS 96 Release 2 0 02 2013 Security 2 4 Port Security Operation Parameters Meaning Operation When this function is switched on the device checks the VLAN ID and MAC address of the sender before it transmits a data packet Possible values On The device only transmits a received data packet if its sender is desired on the relevant device port Also activate the checking of the sender on the relevant device ports
179. ess of the node Shows the time between received first packets for this node on LAN A When the counter threshold reaches 497 days it restarts from 0 Shows the time between received first packets for this node on LAN B When the counter threshold reaches 497 days it restarts from 0 Shows the type of node Possible values RedBoxp Management vdanp Client Table 188 Table in the Redundancy PRP DAN VDAN Table dialog RM GUI RSPS Release 2 0 02 2013 211 Redundancy 7 2 PRP Buttons Button Meaning Delete Deletes the entire table Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 189 Buttons 7 2 3 Proxy Node Table This dialog informs you of the connected devices for which this device provides PRP redundancy Table Parameters Meaning Index Shows a sequential number to which the table entry relates The device automatically defines this number Possible values 0 128 MAC Address Shows the MAC address of the connected devices for which this device implements PRP redundancy Table 190 Table in the Redundancy PRP Proxy Node Table dialog Buttons Button Meaning Delete Deletes the entire table Table 191 Buttons RM GUI RSPS 212 Release 2 0 02 2013 Redundancy 7 2 PRP Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table
180. etects the following scan types Null scan Xmas scan SYN FIN scan RM GUI RSPS 146 Release 2 0 02 2013 Network Security 4 1 DoS TCP offset protection TCP SYN protection L4 port protection Minimal header scan Parameter Meaning Activate Null Scan Activates or deactivates the null scan Filter Possible values Selected The device detects ingress data packets with no TCP flags set and TCP sequence number reset to 0 and discards these Not selected default setting The null scan is deactivated Activate Xmas Filter Activates or deactivates the Xman scan Possible values Selected The device detects ingress data packets with the TCP flags FIN URG and PUSH set simultaneously and TCP sequence number reset to 0 and discards these Not selected default setting The Xmas scan is deactivated Activate SYN FIN Activates or deactivates the SYN FIN scan Filter Possible values Selected The device detects ingress data packets with the TCP flags SYN and FIN set simultaneously and discards these Not selected default setting The SYN FIN scan is deactivated Activate TCP Offset Activates or deactivates the TCP offset scan Protection f Possible values Selected The device detects ingress TCP packets having Fragment Offset field of IP header equal 1 and discards these The device accepts UDP and ICMP packets having Fragment Offset field of IP header equal 1 Not selected default setting The TCP offset scan is de
181. eters MAC Address Add Static Addresses Remove lt lt lt Dynamic Addresses 2 4 Port Security Meaning Specifies the MAC address of the desired sender Possible values Valid Unicast MAC address Enter the value in one of the following formats without a separator e g 001122334455 separated by spaces e g 00 11 22 33 44 55 separated by colons e g 00 11 22 33 44 55 separated by hyphens e g 00 11 22 33 44 55 separated by points e g 00 11 22 33 44 55 separated by points after every 4th character e g 0011 2233 4455 Click Add to transfer the VLAN ID and the MAC address to the Static Addresses field Transfers the values specified in the VLAN ID and MAC Address fields to the Static Addresses field Shows the VLAN ID and MAC address of desired senders connected to the port The device uses this field to show the number of senders connected to the port and the upper limit You specify the upper limit for the number of entries in the table Static Limit field Removes the entries selected in the Static Addresses field Moves the entries selected in the Dynamic Addresses field to the Static Addresses field Moves every entry from the Dynamic Addresses field to the Static Addresses field If the Dynamic Addresses field contains more entries than are allowed in the Static Addresses field the device moves the foremost entries until the upper limit is reach
182. evant field Possible values 1 16 alphanumeric characters You get the password from the administrator of the authentication server Specifies the authentication server as primary or secondary Possible values Selected The server is specified as the primary authentication server The device sends the login data for authenticating the users to this authentication server If you select multiple servers the device specifies the last server selected as the primary authentication server Not selected default setting The server is specified as the secondary authentication server The device sends the login data to the secondary authentication server if it does not receive a response from the primary authentication server Activates deactivates the connection to the server Possible values Selected The connection is active The device sends the login data for authenticating the users to this server if the preconditions named above are fulfilled Not selected The connection is inactive The device does not send any login data to this server Table 84 Table in the Security RADIUS Authentication Server dialog cont Buttons Button Set Table 85 Buttons RM GUI RSPS Release 2 0 02 2013 Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save 105 Security Button Reload Create Remove H
183. evice port When the counter reaches the value specified here the device port stops sending any more BPDUs On the one hand this reduces the load generated by RSTP and on the other a loop may be caused when BPDUs are not received The device decrements the counter by 1 every second In the following second the device sends a maximum of 1 new BPDU Table 208 Protocol Configuration Information frame Bridge column in the Redundancy Spanning Tree Global dialog section x3c tblsheetnum gt of 3 RM GUI RSPS Release 2 0 02 2013 227 Redundancy 7 4 Spanning Tree Parameters Meaning BPDU Guard Switches the BPDU Guard function in the device on off With this function the device helps protect your network from incorrect configurations attacks with STP BPDUs and undesired topology changes Possible values Not selected default setting The BPDU Guard function is switched off selected The BPDU Guard function is switched on The device activates the function for manually defined edge ports terminal device ports On the CIST tab page the checkbox in the Admin Edge Port column is Selected for these device ports If an edge port receives an STP BPDU the device deactivates the device port In the Basic Configuration Port Configuration dialog the checkbox in the Port on column is Not selected for this device port To reset the status of the device port to the value forwarding you proceed
184. ff the Spanning Tree function on the device ports that are participating in other redundancy protocols Otherwise the redundancy may operate differently to the way intended This can cause loops Parameters Meaning Port Shows the number of the device port to which the table entry relates Stp active Switches the Spanning Tree function on off on the device port Possible values Selected default setting Not selected If the Spanning Tree is activated in the device and switched off on the device port the port does not send STP BPDUs and drops any STP BPDUs received Port State Shows the transmission state of the device port Possible values discarding The device port is blocked and only forwards STP BPDUs learning The device port is blocked but it learns the MAC addresses of received data packets forwarding The device port forwards data packets disabled The device port is switched off See the Basic Settings Port Configuration dialog manualFwd The Spanning Tree function is switched off on the device port The device port forwards STP BPDUs notParticipate The device port is not participating in STP Table 212 CIST tab page in the Redundancy Spanning Tree Port dialog section x3c tblsheetnum gt of 4 RM GUI RSPS Release 2 0 02 2013 231 Redundancy 7 4 Spanning Tree Parameters Meaning Port Role Shows the current role of the device port in CIST Possible values root Device port with the cheapest path to th
185. g allows you to define basic settings with which you access the device management via the network Management interface This frame allows you to define the following settings The source from which the device management receives its IP parameters VLAN in which the management can be accessed Parameters Meaning IP Address Defines the source from which the device receives its IP parameters after Assignment starting Possible values BOOTP The device receives its IP parameters from a BOOTP or DHCP server The server evaluates the MAC address of the device then assigns the IP parameters DHCP default setting The device receives its IP parameters from a DHCP server The server evaluates the MAC address the DHCP name or other parameters of the device then assigns the IP parameters Local The device uses the IP parameters from the internal memory You define the settings for this in the IP Parameter frame Note If there is no response from the BOOTP or DHCP server the device sets the IP address to 0 0 0 0 and makes another attempt to obtain a valid IP address VLAN ID Defines the ID of the VLAN in which the device management can be accessed via the network Possible values 1 4042 default setting 1 You can only access the management via the network via device ports that are members of this VLAN You can see which VLAN a device port is assigned to in the Switching VLAN Current dialog MAC Address Displays the M
186. g as a ring manager Possible values off default setting Device is operating as a ring client On Device is operating as a ring manager If there is exactly one device at the ends of the line you activate this function Activate deactivate the advanced mode for fast switching times Possible values Selected default setting Advanced mode switched on MRP capable Hirschmann devices support this mode Not selected Advanced mode switched off Select this setting if another device in the ring does not support this mode Defines the max delay time in milliseconds for the reconfiguration of the ring This setting is only effective if the device is working as a ring manager Possible values 500ms 200ms default setting 30ms 10ms The delay times 30ms and 10ms are only available to you for devices with hardware for enhanced redundancy functions In order to use these delay times load the Fast MRP device software HiOS 2S xxx RSPS 02000 bin where xxx MRP The device software you load with the Basic Settings Software dialog Configure the delay time to 10ms when you use up to 50 devices in the ring that support this delay time When you use more than 50 of these devices in the ring configure a delay time to at least 30ms Shorter delay times make greater demands on the response time of every individual device in the ring Only use values lower than 500ms if the other devices in the ring also support thi
187. g of the log entries in the log file Indicates the alarm status for the utilization Possible values Selected The utilization of the device port is below the value defined in the Lower Threshold field or above the value defined in the Upper Threshold field The device sends an SNMP message trap Not selected The utilization of the device port is above the value defined in the Lower Threshold field or below the value defined in the Upper Threshold field The prerequisite for sending SNMP messages traps is that the function is switched on in the Diagnostics Alarms Traps dialog and at least 1 SNMP manager is defined Table 251 Table in the Diagnostics Ports Utilization dialog RM GUI RSPS Release 2 0 02 2013 267 Diagnostics 8 3 Ports Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 252 Buttons 8 3 3 SFP This dialog allows you to look at the SFP transceivers currently connected to the device and their properties Table The table only displays valid values if the device is equipped with SFP transceivers Parameters Meaning Port Shows the number of the device port to which the table entry relates
188. gement dialog radius The device authenticates the users with a RADIUS server in the network You specify the RADIUS server in the Security RADIUS Authentication Server dialog reject The device rejects the authentication request from the user Table 42 New Entry frame in the Security Authentication List dialog RM GUI RSPS 70 Release 2 0 02 2013 Security Parameters Active 2 2 Authentication List Meaning Activates deactivates the list Possible values Selected The list is activated The device uses the policies in this list when users access the device with the relevant application Not selected The list is deactivated Table 42 New Entry frame in the Security Authentication List dialog cont Allocate Applications In this frame you specify the accesses for which the device uses the selected list For example to only use the list for accesses via the V 24 interface you assign the Console V 24 application To display the frame you click the Allocate Applications button Parameters Description Possible Applications This column contains the applications that can be allocated to the Dedicated Applications Table 43 RM GUI RSPS Release 2 0 02 2013 selected list Possible values Console V 24 for accessing the management via the V 24 interface SSH for accessing the management via SSH Telnet for accessing the management via Telnet Web Interface for accessing the manage
189. ges The prerequisite for sending SNMP messages traps is that the function is switched on in the Diagnostics Status Configuration Alarms Traps dialog and at least 1 SNMP manager is defined Defines the waiting time in seconds that the device waits after sending an SNMP message trap before sending the next SNMP message Possible values 0 3600 default setting 0 The value 0 deactivates the waiting time Specifies the upper limit for the number of automatically recorded senders Dynamic Addresses When the upper limit has been reached the device stops the learning on this port Adjust the value to the number of expected senders Possible values 0 600 default setting 600 The value 0 deactivates the automatic recording of the senders on this port Specifies the upper limit for the number of senders connected to the port Static Addresses The Wizard helps you to connect the port with one or more desired senders Possible values 0 64 default setting 64 The value 0 prevents you from connecting a sender with the port Shows the number of automatically recorded senders Dynamic Addresses Shows the number of senders connected to the port Static Addresses Shows the VLAN ID and MAC address of an undesired sender whose data packets the device last discarded on this port Shows the number of discarded data packets on this device port that caused the device to send an SNMP message trap
190. gs 1 6 Port Configuration 1 6 Port Configuration With this dialog you can define settings for the individual device ports The dialog also shows the operating mode connection state bit rate and duplex mode for every device port Table Parameters Meaning Port Shows the number of the device port to which the table entry relates Name Name of the device port Enter the name of your choice Possible values 0 64 alphanumeric characters Port on Activates deactivates the device port Possible values Selected default setting The device port is activated Not selected The device port is deactivated The device port does not send or receive any data State Shows whether the device port is currently physically switched on or off Possible values Selected The device port is switched on Not selected The device port is switched off If the Port on function is switched on the Auto Disable function has switched off the device port You define the settings for the Auto Disable function in the Diagnostics Ports Auto Disable dialog Table 32 Table in the Basic Settings Port Configuration dialog section x3c tblsheetnum gt of 4 RM GUI RSPS Release 2 0 02 2013 55 Basic Settings Parameters Power State Port off Auto Power Down Automatic Configuration Manual Configuration 1 6 Port Configuration Meaning Physically switches off the device port or leaves it on when you deactivate the Port on
191. guration Check The device enables you to compare the device configuration with those of its neighboring devices For this purpose the device uses the information that it received from its neighboring devices via topology recognition LLDP The dialog lists the deviations detected which affect the performance of the communication between the device and the recognized neighboring devices You update the content of the table via the Load button If the table remains empty the configuration check was successful and the device configuration is compatible with the device configuration in the detected neighboring devices Summary Parameters Meaning Number of Errors Shows the number of errors that the device detected during the configuration check Number of Warnings Shows the number of warnings that the device detected during the configuration check Amount of Information Shows the amount of information that the device detected during the configuration check Table 216 Summary frame in the Diagnostics System Configuration Check dialog You will also find this information in the status bar above the menu Table When you select a row in the table the device displays additional information in the area beneath it Parameters Meaning Rule ID Rule ID of the deviations having occurred The dialog combines several deviations with the same rule ID under one rule ID Table 217 Table in the Diagnostics System Configuration Check di
192. he device synchronizes the frequency of the Transparent Clock with the PTP master Possible values Selected default setting The device synchronizes the frequency Not selected The frequency remains constant Synchronize Defines whether the device synchronizes the local system time local clock Possible values Selected The device synchronizes the local system time with the time received via PTP Prerequisite The Syntonize function is activated Not selected default setting The local system time remains constant Current Master Displays the port identification number UUID of the master device on which the device synchronizes its frequency If the value contains only zeros this is because The Syntonize function is deactivated or The device cannot find a PTP master Offset to Master ns Shows the measured difference offset between the local clock and the PTP master in nanoseconds The device calculates the difference from the time information received Prerequisite The Synchronize local clock function is activated Delay to Master ns Shows the delay when transmitting the PTP synchronization messages from the PTP master to the PTP slave in nanoseconds Prerequisite The Synchronize local clock function is activated In the Delay Mechanism field the value e2e is selected Table 119 Local Synchronization frame in the Time PTP Transparent Clock Globa1 dialog RM GUI RSPS Release 2 0 02 2013 141 Time
193. he device with SNMP version 2 Possible values Selected default setting Access activated Not selected Access deactivated You define the community name in the Security Management Access SNMPv1 v2 Community dialog Activates deactivates the access to the device with SNMP version 3 Possible values Selected default setting Access activated Not selected Access deactivated This function is used for example by the Industrial HiVision network management software to make changes to the settings Table 45 Configuration frame in the Security Management Access Server dialog SNMP tab page 74 RM GUI RSPS Release 2 0 02 2013 Security 2 3 Management Access Parameters Meaning Port number Defines the number of the UDP port from which the SNMP server receives requests from clients Possible values 1 65535 default setting 161 Exception Port 2222 is reserved for internal functions To get the server to use the new port after a change you proceed as follows O Click on Set O Select the active device configuration in the Basic Settings Load Save dialog and click Save O Restart the device SNMPover802 Activates deactivates the access with SNMP via IEEE 802 networks enabled Possible values not selected default setting Access deactivated selected Access activated This function uses for example the HiDiscovery software to configure devices without an IP address Table 45 Config
194. ick Reset MAC Address Table in the Basic Settings Restart dialog Create To set up a filter manually click the Create button Parameters Meaning VLAN ID Defines the ID of the VLAN to which the table entry applies Possible values All VLAN IDs that are set up Table 134 Create window RM GUI RSPS Release 2 0 02 2013 159 Switching 5 3 Filter for MAC addresses Parameters Meaning Address Defines the destination MAC address to which the table entry applies Possible values Valid MAC address Enter the value in one of the following formats without a separator e g 001122334455 separated by spaces e g 00 11 22 33 44 55 separated by colons e g 00 11 22 33 44 55 separated by hyphens e g 00 11 22 33 44 55 separated by points e g 00 11 22 33 44 55 separated by points after every 4th character e g 0011 2233 4455 Possible Ports Defines the device ports to which the device transmits data packets with the destination MAC address 0O 0O O Select one port if the destination MAC address is a Unicast address Select one or more ports if the destination MAC address is a Multicast address Select no port to set up a discard filter The device discards data packets with the destination MAC address specified in the table entry Table 134 Create window cont Edit Entry To manually adapt the settings for a table entry click the Edit Entry button Parameters Meaning Possib
195. identical source and destination addresses and discards these Parameter Activate Land Attack Filter Meaning Activates or deactivates the land attack scan Possible values Selected The device detects and discards ingress IP data packets having source IP address identical to destination IP address Not selected default setting The land attack scan is deactivated Table 125 IP frame in the Network Security DoS Global dialog 148 RM GUI RSPS Release 2 0 02 2013 Network Security 4 1 DoS ICMP This dialog provides you with filter options for the following ICMP parameters Fragmented data packets ICMP packets from a specific size upwards Broadcast pings Parameter Meaning Filter Fragmented Activates or deactivates the filter for fragmented ICMP packets Packets Possible values Selected The device detects fragmented ICMP packets and discards these Not selected default setting The filter for fragmented ICMP packets is deactivated Allowed Packet Defines the maximum allowed size of ICMP packets in bytes Size Possible values 0 1472 The maximum allowed size of ICMP packets in bytes 512 default setting The default allowed size of ICMP packets is 512 bytes Note Select the Filter by Packet Size checkbox if you want the device to discard incoming data packets whose size exceeds the maximum allowed size for ICMP packets Filter by Packet Activates or deactivates the filter for incoming ICMP data
196. ing SNMP messages traps is that the function is switched on in the Diagnostics Status Configuration Alarms Traps dialog and at least 1 SNMP manager is defined Table 16 Configuration frame in the Basic Settings Network IP Address Conflict Detection dialog cont RM GUI RSPS Release 2 0 02 2013 35 Basic Settings 1 2 Network Information Parameters Meaning Conflict detected Shows whether an address conflict currently exists Possible values Selected The device detects an address conflict Not selected default setting The device does not detect an address conflict Table 17 Information frame in the Basic Settings Network IP Address Conflict Detection dialog Table Parameters Meaning Time Stamp Shows the time at which the device detected an address conflict Port Shows the number of the device port on which the device detected the address conflict IP Address Shows the IP address that is causing the address conflict MAC Address Shows the MAC address of the device with which the address conflict exists Table 18 Table in the Basic Settings Network IP Address Conflict Detection dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online h
197. intf replacement Copyright Patrick Powell 1995 This code is based on code written by Patrick Powell papowell astart com It may be used for any purpose as long as this notice remains intact on all source code distributions RM GUI RSPS 330 Release 2 0 02 2013 Appendix A 8 Copyright of Integrated Software c Compatibility code openbsd compat Apart from the previously mentioned licenses various pieces of code in the openbsd compat subdirectory are licensed as follows Some code is licensed under a 3 term BSD license to the following copyright holders Todd C Miller Theo de Raadt Damien Miller Eric P Allman The Regents of the University of California Constantin S Svintsoff Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE REGENTS AND
198. ion Log file File name audittrail html CLICommands txt defaultconfig xml runningconfig xml supportinfo html systeminfo html systemlog html Format HTML Text XML XML Text HTML HTML Comments Chronological recording of system events and writing user actions Prerequisite The Telnet server of the device is switched on Device configuration with the plant settings Device configuration that the device uses in the current operation Device internal service information Table 227 Support Information Files contained in the ZIP archive RM GUI RSPS Release 2 0 02 2013 251 Diagnostics 8 2 Report Meaning of the severities for events Severity Meaning emergency Device not ready for operation alert Immediate user intervention required critical Critical status error Error status warning Warning notice Significant normal status informational Informal message debug Debug message Table 228 Meaning of the severities for events 8 2 2 Email Logging Global The device allows you to configure the following Email Alert features You configure log messages for an urgent severity level at and above which the device sends the logs as urgent messages The device sends urgent messages immediately to the mail server You configure log messages for a non urgent severity level at and above which the device sends the logs as non urgent messages Furthermore configure the non severity leve
199. ions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 All advertising materials mentioning features or use of this software must display the following acknowledgement This product includes cryptographic software written by Eric Young eay cryptsoft com The word cryptographic can be left out if the rouines from the library being used are not cryptographic related 4 If you include any Windows specific code or a derivative thereof from the apps directory application code you must include an acknowledgement This product includes software written by Tim Hudson tjh cryptsoft com THIS SOFTWARE IS PROVIDED BY ERIC YOUNG AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE
200. istribution Neither the name of the copyright holder nor the names of any other contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FORA PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE RM GUI RSPS Release 2 0 02 2013 323 Appendix A 8 Copyright of Integrated Software A 8 5 OpenSSH The licences which components of this software fall under are as follows First we will summarize and say that all components are under a BSD licence or a licence more free than that OpenSSH contains no GPL code 1 Copyright c 1995 Tatu Ylonen lt ylo cs hut fi gt Espoo Finland All rights reserved As far as am concerned the code have written for this software can be used f
201. ity Status dialog section x3c tblsheetnum gt of 4 RM GUI RSPS 288 Release 2 0 02 2013 Diagnostics Parameters Unsecure SNMP Configuration SysMon active External NVM Update possible 8 4 Status Configuration Meaning Defines whether the device monitors the status of the SNMP server Possible values Ignore The device ignores this parameter Monitor default setting The device changes the security status to the value Error if at least one of the following conditions applies The SNMPv1 on function is enabled The SNMPv2 on function is enabled The encryption for SNMPv3 is disabled You configure the encryption in the Security User Management dialog in the table in the SNMP encryption field You define the settings for the SNMP server in the Security Management Access Server dialog on the SNMP tab page Defines whether the device monitors the option to switch to the system monitor Possible values Ignore default setting The device ignores this parameter Monitor The device changes the security status to the value Error if the access to the system monitor is possible When the device is being started every user can switch to the system monitor via a V 24 connection You enable disable the system monitor in the Diagnostics Selftest dialog Defines whether the device monitors the saving of the device configuration on the external memory Possible values Ignore
202. l Expand Node E F Back E ta p Forward Restart E 8 Security a Time H I Network Security 19 Switching H E aosiPriority Redundancy H 8 Diagnostics Flr Advanced A Help gt gt Figure 3 Menu section with context menu You right click the menu section to open the context menu Designation Expand All Collaps All Expand Node Back Forward Meaning Expands the nodes in the menu tree The menu section shows the menu items for all levels Collapses the nodes in the menu tree The menu section shows the menu items for the top level Expands the selected node and collapses the other nodes in the menu tree This function allows you to expand a main node without scrolling and without collapsing other nodes manually Allows you to quickly jump back to a previously selected menu item Allows you to quickly jump forward to a previously selected menu item when you have previously used the Back function Table 1 Menu section Functions in the context menu 16 RM GUI RSPS Release 2 0 02 2013 Graphical User Interface The status line is located in the top part of the menu section 3 FHE ly 9 Figure 4 Status line The status line contains the following buttons Button Function Refreshes the status line The buttons show the values loaded from the volatile memory RAM of the device o Terminates the refreshing of the status line When you position the mouse
203. l to a level below the severity level The device stores the non urgent messages in a log buffer then sends the logs to the server at the configured time interval or when the buffer is full You classify log messages as urgent and non urgent to decide whether the device sends email immediately or periodically RM GUI RSPS 252 Release 2 0 02 2013 Diagnostics 8 2 Report Operation Parameters Meaning Operation Activates deactivates the Email Logging function globally on the device Possible values On Off default setting Table 229 Operation frame in the Diagnostics Report Email Logging Global dialog Information Parameters Meaning Number of Failed Shows the number of dropped email alerts Emails Number of Email Shows the number of successfully sent email alerts Alerts Last Mail Sent Shows the time in seconds since last sent email alert Table 230 Information frame in the Diagnostics Report Email Logging Global dialog Configuration Parameters Meaning Sender Shows the email address from which the device sends the email Possible values switch hirschmann com default setting Sending Interval Shows the count down timer in minutes until the next email alert Possible values 30 1440 default setting 30 Table 231 Configuration frame in the Diagnostics Report Email Logging Global dialog RM GUI RSPS Release 2 0 02 2013 253 Diagnostics 8 2 Report Urgent Parameters Meaning
204. ld Reinit Delay s Defines the delay in seconds for the reinitialization of a device port Possible values 1 10 default setting 2 If the value for a device port in the Operation field is Off the device tries to initialize the port again after the time defined here has elapsed Transmit Delay s Defines the delay in seconds for transmitting successive LLDP data packets Possible values 1 8192 default setting 2 The recommended value is between a minimum of 1 and a maximum of a quarter of the value in the Transmit Interval s field Notification Interval Defines the interval in seconds for transmitting LLDP notifications s Possible values 5 3600 default setting 5 After transmitting a notification trap the device waits for the time interval to expire before transmitting the next notification trap Table 296 Configuration frame in the Diagnostics LLDP Configuration dialog Table Parameters Meaning Port Shows the number of the device port to which the table entry relates Table 297 Table in the Diagnostics LLDP Configuration dialog RM GUI RSPS 302 Release 2 0 02 2013 Diagnostics 8 5 LLDP Parameters Meaning Admin Status Defines whether the device port transmits and receives LLDP data packets Possible values Transmit The device port transmits LLDP data packets but stores no information about neighboring devices Receive The device port receives LLDP data packets but transmits no
205. le Ports This column contains the ports available in the device Dedicated Ports This column contains the device ports that are assigned to the table entry 0O 0O O Select one port if the destination MAC address is a Unicast address Select one or more ports if the destination MAC address is a Multicast address Select no port to set up a discard filter The device discards data packets with the destination MAC address specified in the table entry Table 135 Edit Entry window in the Switching Filters for MAC Addresses dialog 160 RM GUI RSPS Release 2 0 02 2013 Switching Buttons Button Set Reload Create Edit Entry Help gt gt gt lt lt lt Table 136 Buttons RM GUI RSPS Release 2 0 02 2013 5 3 Filter for MAC addresses Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Adds a new table entry Opens the Edit Entry window Opens the online help Moves the selected entry to the right column Moves all entries to the right column Moves the selected entry to the left column Moves all entries to the left column 161 Switching 5 4 IGMP 5 4 IGMP The IGMP protocol Internet Group Management protocol is a protocol for dynamically managing Multicast
206. lease 2 0 02 2013 57 Basic Settings 1 6 Port Configuration Parameters Meaning Flow Control Activates deactivates the flow control on the device port Possible values Not selected Flow control on the device port is deactivated Selected default setting The sending and evaluating of pause data packets full duplex operation or collisions half duplex operation is activated on the port L To switch on the flow control in the device also switch on the Activate Flow Control function in the switching Global dialog O Additionally activate the flow control on the port of the device connected with this port On an uplink port activating the flow control can possibly cause undesired sending breaks in the higher level network segment wandering backpressure When you are using a redundancy function you deactivate the flow control on the participating device ports If the flow control and the redundancy function are active at the same time there is a risk that the redundancy function will not operate as intended Table 32 Table in the Basic Settings Port Configuration dialog section x3c tblsheetnum gt of 4 Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device
207. lease 2 0 02 2013 Network Security 4 Network Security The device has comprehensive configuration options to help protect individual devices and complex networks against undesired or even dangerous network traffic The device can perform the following with data packets Accept The device forwards the data packet to its destination Reject The device discards the data packet and informs the sender Drop The device discards the data packet without informing the sender The network security area also provides protection against invalid or fake data traffic that aims to bring down specific services or devices Denial of Service DoS The menu contains the following dialogs DoS RM GUI RSPS Release 2 0 02 2013 145 Network Security 4 1 DoS 4 1 DoS The device supports you in protecting against invalid or fake data traffic that aims to bring down specific services or devices Denial of Service DoS With this menu you can use various filters to restrict the data traffic for Denial of Service attacks The menu contains the following dialog Global 4 1 1 Global With this dialog you can configure the DoS settings for the TCP UDP IP and ICMP protocols TCP UDP The attaching stations uses port scans to prepare network attacks Here the station attempts to use the network to detect the devices present and the services they provide This frame allows you to activate or deactivate the detection of port scans The device d
208. lease 2 0 02 2013 327 Appendix A 8 Copyright of Integrated Software 5 One component of the ssh source code is under a 3 clause BSD license held by the University of California since we pulled these parts from original Berkeley code Copyright c 1983 1990 1992 1993 1995 The Regents of the University of California All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT L
209. lick Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 52 Buttons RM GUI RSPS Release 2 0 02 2013 79 Security 2 3 Management Access 2 3 5 Server HTTPS This tab allows you to define settings for the HTTPS server of the device and to switch the server on off The HTTP server provides the graphical user interface GUI via an encrypted HTTP connection The graphical user interface communicates with the device based on SNMP via the encrypted HTTP connection and enables access to the management functions The device supports up to 10 simultaneous connections via HTTP or HTTPS A digital certificate is required for the encryption of the HTTP connection The device allows you to create this certificate yourself or to load an existing certificate onto the device Operation Parameters Meaning Operation When the function is switched on the device supplies the graphical user interface GUI via an encrypted HTTP connection Possible values Off Server is deactivated The management functions of the device can only be accessed via the Command Line Interface CLI On default setting Server is activated You can access the management functions of the device via HTTPS The device can then only be started if there is a certificate on the device Table 53 Operation frame in the Securi ty Management Access Server dialog
210. lly The address filter stays set up permanently igmp Address filter automatically set up by IGMP Snooping mgmt MAC address of the device The address filter is protected against changes invalid Deletes a manually set up address filter Table 133 Table in the Switching Filters for MAC Addresses dialog 158 RM GUI RSPS Release 2 0 02 2013 Switching 5 3 Filter for MAC addresses Parameters Meaning VLAN ID Shows the ID of the VLAN to which the table entry applies Possible values 1 4042 The device learns the MAC addresses for every VLAN separately independent VLAN learning Ports Shows how the corresponding device port transmits data packets for the adjacent destination address Possible values The port does not transmit any data packets to the destination address learned The port transmits data packets to the destination address The device sets up the filter automatically based on received data packets IGMP learned The port transmits data packets to the destination address The device sets up the filter automatically based on IGMP unicast static The port transmits data packets to the destination address A user created the filter multicast static The port transmits data packets to the destination address A user created the filter Table 133 Table in the Switching Filters for MAC Addresses dialog cont To remove the learned MAC addresses from the address table forwarding database cl
211. log cont RM GUI RSPS Release 2 0 02 2013 303 Diagnostics Parameters Transmit System Capabilities Max Neighbors FDB Mode 8 5 LLDP Meaning Specifies whether the device transmits a TLV Type Length Value with the system capabilities performance data Possible values Selected default setting The device transmits a TLV with the system capabilities Not selected The device does not transmit a TLV with the system capabilities Limits the number of neighboring devices to be recorded for this port Possible values 1 50 default setting 10 Defines which function the device uses to record neighboring devices on this port Possible values lidponly The device uses only LLDP data packets to record neighboring devices on this port macOnly The device uses learned MAC addresses to record neighboring devices on this port The device only uses the MAC address if there is no other entry in the address table FDB Forwarding Database for this port both The device uses LLDP data packets and learned MAC addresses to record neighboring devices on this port autoDetect default setting If the device receives LLDP data packets at this port the device works the same as with the 11dpOn1y setting Otherwise the device works the same as with the macOn1y setting Table 297 Table in the Diagnostics LLDP Configuration dialog cont Buttons Button Set Reload Help Meaning Transfers the changes to the
212. log dialog RM GUI RSPS 258 Release 2 0 02 2013 Diagnostics 8 2 Report Parameters Meaning Minimum Severity Defines the minimum severity of the events The device sends a log entry for events with this severity and with more urgent severities to the syslog server Possible values emergency alert critical error warning default setting notice informational debug Type Defines the type of the log entry transmitted by the device Possible values systemlog default setting audittrail Active Activates deactivates the transmission of events to the syslog server Selected The device sends events to the syslog server Not selected default setting The transmission of events to the syslog server is deactivated Table 239 Table in the Diagnostics Report Syslog dialog cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Create Adds a new table entry Remove Removes the selected table entry Help Opens the online help Table 240 Buttons RM GUI RSPS Release 2 0 02 2013 259 Diagnostics 8 2 Report 8 2 5 Persistent Logging The device allows you to save all log entries permanently in a file on the external memory Therefore even after the device is res
213. lyzes them Not selected Supervision Packets analysis is switched off The device still receives Supervision Frames without analyzing them Table 196 Supervision Packet Receiver frame in the Redundancy HSR Configuration dialog Supervision Packet Transmitter Parameters Meaning Active Activates deactivates the transmission of Supervision Packets Possible values On default setting Transmission of Supervision Packets is activated The RedBox transmits its own Supervision Packets Off Transmission of Supervision Packets is deactivated Send VDAN Activates deactivates the transmission of VDAN Supervision Packets Packets Prerequisite is that you first activate the Supervision Packet Transmitter Possible values Selected Transmission of VDAN Supervision Packets is activated In addition to transmitting its own Supervision Packets the RedBox transmits Supervision Packets for the VDANs listed in the Proxy Node Table Not selected default setting Transmission of VDAN Supervision Packets is deactivated Table 197 Supervision Packet Transmitter frame in the Redundancy HSR Configuration dialog RM GUI RSPS 218 Release 2 0 02 2013 Redundancy 7 3 HSR HSR Parameter Parameters Meaning HSR Mode Defines unicast traffic forwarding capabilities of the device Possible values modeh default setting When acting as a proxy for a destination device the host removes unicast traffic from the ring and forwa
214. mand line Possible values 0 1024 alphanumeric characters including spaces tabs line breaks and the following special characters 1 amp lt gt MP_ G Table 74 Banner Text frame in the Security Management Access CLI dialog Login Banner tab page RM GUI RSPS 94 Release 2 0 02 2013 Security 2 3 Management Access Parameters Meaning Remaining Shows how many characters are still remaining in the Banner Text field Characters for the text information Table 74 Banner Text frame in the Security Management Access CLI dialog Login Banner tab page cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 75 Buttons RM GUI RSPS Release 2 0 02 2013 95 Security 2 4 Port Security 2 4 Port Security The device allows you to only transmit data packets from desired senders When this function is switched on the device checks the VLAN ID and MAC address of the sender before it transmits a data packet The device discards data packets from other senders and logs this event This restriction makes MAC Spoofing attacks more difficult In this dialog a Wizard helps you to connect the device ports with one or more d
215. mbership Interval field select a value larger than the value in the Max Response Time field Possible values 3600 default setting 260 Max Response Defines the time in seconds in which the members of a Multicast group Time should respond to a query data packet For their response the members select a random time within the response time You thus help prevent the Multicast group members from responding to the query at the same time In the Max Response Time field select a value smaller than the value in the Group Membership Interval field Possible values 25 default setting 10 Table 140 VLAN tab in the Switching IGMP IGMP Snooping dialog RM GUI RSPS 166 Release 2 0 02 2013 Switching Parameters Fast Leave Admin Mode MRP Expiration Time 5 4 IGMP Meaning Activates deactivates the Fast Leave function for this VLAN ee values ff default setting When the Fast Leave function is switched off the device first sends MAC based queries to the members of the Multicast group and only removes an entry when a VLAN does not send any more report messages Active If the device receives an IGMP Leave message from a Multicast group when the Fast Leave function is switched on it removes the entry immediately from its address table Multicast Router Present Expiration Time Defines the time in seconds for which the device waits for a query on this port which belongs to a VLAN If the port does not r
216. ment via the graphical user interface Note Every application can always be allocated to exactly one list It is possible that the applications in this column are already allocated to another list If you allocate an application to the list that is already allocated to another list the device removes the original allocation This column contains the applications that are allocated to the selected list Allocate Applications frame in the Security Authentication List dialog 71 Security Buttons Button Set Set and back Back Reload Remove Create Allocate Applications Help gt gt gt lt lt lt Table 44 Buttons 72 2 2 Authentication List Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Transfers the changes to the volatile memory RAM of the device and goes back to the previous dialog Displays the previous dialog again Changes are lost Updates the fields with the values that are saved in the volatile memory RAM of the device Removes the selected table entry Adds a new table entry Displays the Allocate Applications dialog Opens the online help Moves the selected entry to the right column Moves all entries to the right column Moves the selected entry to the left column Moves all entries to the left column RM GUI RSPS Release
217. mote Authentication Dial In User Service allows you to manage the users at a central location in the network A RADIUS server performs the following tasks here Authentication The authentication server authenticates the users when the RADIUS client at the access point forwards the users login data to the server Authorization The authentication server authorizes logged in users for selected services by assigning various parameters for the relevant terminal device to the RADIUS client at the access point The device works in the role of the RADIUS client if you have assigned the radius policy to an application in the Security Authentication List dialog The device forwards the users login data to the primary authentication server The authentication server decides whether the login data is valid and transfers the user s authorizations to the device The menu contains the following dialogs Global Authentication Server Authentication Statistics RM GUI RSPS 102 Release 2 0 02 2013 Security 2 5 RADIUS 2 5 1 Global This dialog allows you to define basic settings for RADIUS RADIUS Configuration Parameters Meaning Max Number of Defines how often the device retransmits an unanswered request to the Retransmits authentication server before the device sends the request to an alternative authentication server Possible values 1 15 default setting 4 Timeout s Defines how many seconds the device waits for a response after
218. mp snooping CLI command to reset the IGMP Snooping entries including the counter for the processed Multicast control data packets Table 138 Information frame in the Switching IGMP IGMP Snooping dialog Interface This tab page allows you to configure the IGMP Snooping protocol for every port Parameters Port Active Meaning Shows the number of the device port to which the table entry relates Activates deactivates the IGMP Snooping protocol for this port Prerequisite The IGMP Snooping protocol is activated globally in the device Possible values off default setting IGMP Snooping is deactivated for this port The port has left the Multicast data stream Active IGMP Snooping is activated for this port The port is included in the Multicast data stream Table 139 Interface tab in the Switching IGMP IGMP Snooping dialog section x3c tblsheetnum gt of 3 164 RM GUI RSPS Release 2 0 02 2013 Switching Parameters Group Membership Interval Max Response Time MRP Expiration Time Fast Leave Admin Mode Static Query Port 5 4 IGMP Meaning Defines the time in seconds for which a port from a dynamic Multicast group remains entered in the address table when the device does not receive any more report data packets from the port In the Group Membership Interval field select a value larger than the value in the Max Response Time field Possible values 2 3600 default setti
219. n a CLI connection set up using SSH on a CLI connection set up using Telnet You define the required settings in this dialog By assigning the severity you define which events the device logs The buttons in the dialog allow you to save a ZIP archive with system information and the Java Applet of the graphical user interface GUI on your PC Console Logging Parameters Meaning Operation When the function is switched on the device logs the events on the console Possible values On Off default setting Severity Defines the minimum severity for the events The device logs all events with this severity and with more urgent severities The device outputs the messages on the V 24 interface Possible values emergency alert critical error warning default setting notice informational debug Table 222 Console Logging frame in the Diagnostics Report Global dialog RM GUI RSPS Release 2 0 02 2013 247 Diagnostics 8 2 Report Buffered Logging The device buffers logged events in 2 separate storage areas so that the log entries for urgent events are kept This dialog allows you to define the minimum severity for events that the device buffers in the storage area with a higher priority Parameters Severity Meaning Defines the minimum severity for the events The device buffers log entries for events with this severity and with more urgent severities in the storage area with a higher priority Possibl
220. n as the specified maximum number of files has been attained the device deletes the oldest file and renames the remaining files Possible values 0 25 default setting 4 The value 0 deactivates saving of log entries in the log file Severity Defines the minimum severity of the events The device saves the log entry for events with this severity and with more urgent severities in the log file on the external memory Possible values emergency alert critical error warning default setting notice informational debug Target Defines the external memory device for logging Possible values sd Table 242 Configuration frame in the Diagnostics Report Persistent Logging dialog RM GUI RSPS Release 2 0 02 2013 261 Diagnostics 8 2 Report Table Parameters Meaning Index Shows a sequential number to which the table entry relates Possible values Le 2D The device automatically defines this number File Name Shows the file name of the log file on the external memory Possible values messages messages X File Size Shows the size of the log file on the external memory in bytes Table 243 Table in the Diagnostics Report Persistent Logging dialog To delete the log files click Delete Persistent Log File in the Basic Settings Restart dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Sa
221. n is for end device ports where few MAC address changes occur Operation Parameters Meaning Operation Activates deactivates the MAC Notification function globally on the device Possible values On The device sends traps for the active rows to the active management stations in Diagnostics Status Configuration Alarms Traps off default setting Table 288 Operation frame in the Diagnostics Status Configuration MAC Notification dialog Configuration Parameters Meaning Intervals s Defines the interval in seconds between notifications The device buffer contains up to 20 addresses If the buffer is full before the interval expires then the device sends a trap to the management station Possible values 0 2147483647 Table 289 Configuration frame in the Diagnostics Status Configuration MAC Notification dialog RM GUI RSPS Release 2 0 02 2013 297 Diagnostics 8 4 Status Configuration Table Parameters Meaning Port Shows the number of the device port to which the table entry relates Active Activates deactivates the MAC Notification function on this port Possible values Selected When globally activated the device sends traps for this row to the active management stations in Diagnostics Status Configuration Alarms Traps Not selected default setting MAC Address Shows the last MAC addresses added or removed from the address table for this interface When the field contains 20 addresses the device sends
222. n page 131 Table 110 Operation IEEE1588 PTPv2 BC frame in the Time PTP Boundary Clock Globa1 dialog RM GUI RSPS Release 2 0 02 2013 129 Time Parameters Priority 2 Domain Number 3 3 PTP Meaning Defines priority 2 for the port Possible values 0 255 default setting 128 The Best Master Clock algorithm evaluates priority 2 of the participating devices if the previously evaluated criteria are the same for multiple devices The lower you set this value the more probable it is that the device becomes the reference time source Grandmaster See Grandmaster on page 131 Assigns the device to a PTP domain Possible values 0 255 default setting 0 The device only transmits time information from and to devices in the same domain Table 110 Operation IEEE1588 PTPv2 BC frame in the Time PTP Boundary Clock Globa1 dialog cont Status IEEE1588 PTPv2 BC Parameters Two Step Steps Removed Meaning Shows that the clock is operating in Two Step mode Shows the number of communication paths passed through between the local clock of the device and the reference clock Grandmaster For a PTP slave the value 1 means that the clock is connected with the reference time source Grandmaster directly via 1 communication path Offset to Master ns Shows the measured difference offset between the local clock and the reference clock Grandmaster in minutes The PTP slave calculates
223. nd Multicast Listener Discovery MLD Snooping Switches Definitions of Managed Objects for IEEE 802 3 Medium Attachment Units MAUs RM GUI RSPS Release 2 0 02 2013 Appendix A 3 Underlying IEEE Standards A 3 Underlying IEEE Standards IEEE 802 1AB IEEE 802 1D 2004 IEEE 802 1Q 2005 IEEE 802 1Q 2005 IEEE 802 1X IEEE 802 3 2002 IEEE 802 3ac IEEE 802 3x RM GUI RSPS Release 2 0 02 2013 Topology Discovery LLDP Media access control MAC bridges includes IEEE 802 1p Priority and Dynamic Multicast Filtering Virtual Bridged Local Area Networks VLAN Tagging Port Based VLANs Spanning Tree STP Rapid Spanning Tree RSTP Port Authentication Ethernet VLAN Tagging Flow Control 315 Appendix A 4 Underlying IEC Norms A 4 Underlying IEC Norms IEC 62439 High availability automation networks HSR High availability Seamless Redundancy MRP Media Redundancy Protocol based on a ring topology PRP Parallel Redundancy Protocol RM GUI RSPS 316 Release 2 0 02 2013 Appendix A 5 Underlying ANSI Norms A 5 Underlying ANSI Norms ANSI TIA 1057 Link Layer Discovery Protocol for Media Endpoint Devices April 2006 RM GUI RSPS Release 2 0 02 2013 317 Appendix A 6 Maintenance A 6 Maintenance Hirschmann is continually working to improve and develop our software You should regularly check whether there is a new version of the software that provides you with additional benefits You will find softwar
224. ndancy Protocol PRP The main advantage of PRP is that the destination node receives packets from the source as long as 1 LAN is available The absence of the second LAN due to repairs or maintenance has no impact on the packet transmission The network device which connects the end devices to the network implements the PRP protocol The Ethernet switches in both LANs are standard switches that are oblivious to PRP A Double Attached Node implementing PRP DANP is a network device with PRP functionality and has 1 connection into each independent LAN A Single Attached Node SAN is a standard Ethernet device with a single LAN interface directly connected to one of the redundant LANs For this reason a SAN is unable to use the redundant LAN A Redundancy Box RedBox is a network device which implements the PRP functionality for standard ethernet devices A standard ethernet device when connected to a PRP network via a RedBox is a virtual DANP VDAN Many applications and devices used for signal and control functions or VoIP for example need an integrated dual PRP interface which delivers packets without interruption Note PRP is available for devices with hardware for enhanced redundancy functions In order to use the PRP functions load the PRP device software HiOS 2S xxx RSPS 02000 bin where xxx PRP RM GUI RSPS Release 2 0 02 2013 207 Redundancy 7 2 PRP A WARNING RING LOOP HAZARD To avoid loops during the configuration
225. ng 260 Defines the time in seconds in which the members of a Multicast group should respond to a query data packet For their response the members select a random time within the response time You thus help prevent the Multicast group members from responding to the query at the same time In the Max Response Time field select a value smaller than the value in the Group Membership Interval field Possible values 1 25 default setting 10 Specifies the MRP Multicast Router Present expiration time The MRP expiration time is the time in seconds for which the device waits for a query on this port If the port does not receive a query data packet the device removes the port from the list of ports with connected Multicast routers Possible values 2 3600 default setting 260 The value 0 means an unlimited timeout no expiration time Activates deactivates the Fast Leave function for this port Possible values off default setting When the Fast Leave function is switched off the device first sends MAC based queries to the members of the Multicast group and only removes an entry when a port does not send any more report messages Active If the device receives an IGMP Leave message from a Multicast group when the Fast Leave function is switched on it removes the entry immediately from its address table Configures the port as a static query port in all VLANs Possible values off default setting The p
226. nt RM GUI RSPS 194 Release 2 0 02 2013 QoS Priority 6 3 802 1D p Mapping 6 3 802 1D p Mapping The device allows you send data packets with a VLAN tagging according to the QoS priority information contained in the data packet with a higher or lower priority In this dialog you assign the VLAN priority to the traffic classes The traffic classes are assigned to the priority queues of the device ports Table To change the settings click the desired row of the Traffic Class column and modify the value Parameters Meaning VLAN Priority VLAN priority of received data packets Traffic Class Defines the traffic class Possible values O23 The traffic classes are assigned to the priority queues of the device ports Traffic class 3 queue with medium priority Traffic class 0 queue with the lowest priority Table 170 Table in the Q0S Priority 802 1D p Mapping dialog VLAN Priority Traffic class Content description according to IEEE 802 1D 0 1 Best Effort Normal data without prioritizing 1 0 Background Non time critical data and background services 2 0 Standard Normal data 3 1 Excellent Effort Important data 4 2 Controlled load Time critical data with a high priority 5 2 Video Video transmission with delays and jitter lt 100 ms Table 171 Default assignment of the VLAN priority to the traffic classes RM GUI RSPS Release 2 0 02 2013 195 QoS Priority 6 3 802 1D p Mapping VLAN Priority Traffic class Co
227. ntent description according to IEEE 802 1D 6 3 Voice Voice transmission with delays and jitter lt 10 ms 7 3 Network Control Data for network management and redundancy mechanisms Table 171 Default assignment of the VLAN priority to the traffic classes cont Note Network management protocols and redundancy mechanisms use the highest traffic class Therefore select another traffic class for application data Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 172 Buttons RM GUI RSPS 196 Release 2 0 02 2013 QoS Priority 6 4 IP DSCP Mapping 6 4 IP DSCP Mapping The device allows you send IP data packets according to the DSCP value contained in the data packet with a higher or lower priority In this dialog you assign the DSCP values to the traffic classes The traffic classes are assigned to the priority queues of the device ports Table To change the settings click the desired row of the Traffic class column and modify the value Parameters Meaning DSCP Value Shows the DSCP value of received IP data packets Traffic Class Defines the traffic class Possible values O43 The traffic classes are assigned to the priority queue
228. number of the device software that the device ran when it saved the configuration profile Fingerprint Shows the checksum saved in the configuration profile The device calculates the checksum when saving the settings and inserts it into the configuration profile Table 28 Table in the Basic Settings Load Save dialog section x3c tblsheetnum gt of 3 RM GUI RSPS 46 Release 2 0 02 2013 Basic Settings 1 4 Load Save Parameters Meaning Fingerprint Verified Shows whether the checksum in the configuration profile is valid The device calculates the checksum again and compares it with the checksum in the configuration profile Possible values Selected The saved settings are consistent The checksums match Not selected The configuration profile contains modified settings The checksums are different Possible causes The file is damaged The file system on the external memory is inconsistent A user has exported the configuration profile and changed the XML file outside the device Note This function identifies changes to the settings in the configuration profile The function does not provide protection against operating the device with modified settings Table 28 Table in the Basic Settings Load Save dialog section x3c tblsheetnum gt of 3 Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Loa
229. o switch the server on off The HTTP server provides the graphical user interface GUI via an HTTP connection The graphical user interface communicates with the device based on SNMP and enables access to the management functions The device supports up to 10 simultaneous connections via HTTP or HTTPS Operation Parameters Meaning Operation When the function is switched on the device supplies the graphical user interface GUI via an HTTP connection Possible values Of Server is deactivated On default setting Server is activated You can access the management functions of the device via HTTP Table 50 Operation frame in the Securi ty Management Access Server dialog HTTP tab page Configuration Parameters Meaning Listen TCP Port Defines the number of the TCP port on which the server receives requests from clients Possible values 1 65535 default setting 80 Exception Port 2222 is reserved for internal functions The server restarts automatically after the port is changed In the process the device terminates open connections to the server Table 51 Configuration frame in the Security Management Access Server dialog HTTP tab page RM GUI RSPS 78 Release 2 0 02 2013 Security 2 3 Management Access Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and c
230. ock is classed as unsynchronized Possible values 31 1000000000 default setting 5000 Table 107 Configuration IEEE 1588 PTP frame in the Time PTP Global dialog RM GUI RSPS Release 2 0 02 2013 127 Time Parameters Enable PTP Management 3 3 PTP Meaning Activates deactivates the PTP management defined in the PTP standard Possible values selected PTP management is activated not selected default setting PTP management is deactivated Table 107 Configuration IEEE 1588 PTP frame in the Time PTP Global dialog Status Parameters Is Synchronized Max Offset Absolute ns PTP Time Meaning Shows whether the local clock is synchronized with the reference clock Grandmaster The local clock is synchronized when the path difference between the local clock and the reference clock Grandmaster falls below the synchronization lower boundary one time This status is kept until the path difference exceeds the synchronization upper boundary one time You define the synchronization boundaries in the Configuration IEEE 1588 PTP frame Shows the maximum path difference in nanoseconds that has occurred since the local clock was synchronized with the reference clock Grandmaster Shows the date and time for the PTP time scale when the local clock is synchronized with the reference clock Grandmaster Format Month Day Year hh mm ss AM PM Table 108 Status frame in the Time PTP Global dialog Buttons
231. of a user account due to too many failed logon attempts Locking of the management access due to failed logon attempts Commands executed in CLI apart from show commands Changes to configuration variables Changes to the system time File transfer operations including firmware updates Configuration changes via HiDiscovery Firmware updates and automatic configuration of the device via the external memory Opening and closing of SNMP via an HTTPS tunnel Buttons Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Search Opens the Search dialog The dialog allows you to search the log file for search terms or regular expressions Save Opens the Save dialog The dialog allows you to save the log file in HTML format on your PC Help Opens the online help Table 249 Buttons RM GUI RSPS Release 2 0 02 2013 265 Diagnostics 8 3 Ports 8 3 Ports This menu shows information on the port statistics on the utilization on the individual ports and on the connected SFP transceivers The menu contains the following dialogs Statistics Table Utilization SFP Port Monitor Auto Disable Port Mirroring 8 3 1 Statistics Table This dialog shows you in table form for each device port how many data packets the device has sent and received To reset the values in the table to 0 click Reset port counters in the Basic Settings Restart dialog Buttons Button Meaning Reload Up
232. ofile in the field Period to undo while Connection is lost s Ifthe non volatile memory NVM contains multiple configuration profiles the device loads the configuration profile designated as Selected off default setting Function is switched off Switch the function off again before you close the graphical user interface You thus prevent the device from restoring the configuration profile designated as Selected Note Before you switch on the function save the settings in the configuration profile Therefore current changes that are only saved temporarily in the device are kept Specifies the time in seconds after which the device loads the selected configuration profile from the non volatile memory NVM if the connection is lost Possible values 30 600 default setting 600 Specify a sufficiently large value Take into account the time when you are only viewing the dialogs of the graphical user interface without changing or updating them Shows the IP address of the PC on which you have activated the function Possible values IPv4 address default setting 0 0 0 0 Table 27 Undo Modification of Configuration frame in the Basic Settings Load Save dialog 44 RM GUI RSPS Release 2 0 02 2013 Basic Settings 1 4 Load Save Table Parameters Meaning Storage Type Shows the storage location of the configuration profile Possible values RAM volatile memory of the device In the volatile m
233. ofiles are the same Not selected The configuration profiles are different Changes in the device are only saved temporarily if for example you click on Set in a dialog while the device is operating ENVM synchron to Shows whether the selected configuration profile in the external memory NVM ENVM and the selected configuration profile in the non volatile memory NVM are the same Possible values Selected The configuration profiles are the same Not selected The configuration profiles are different Possible causes No external memory is connected to the device Inthe Basic Settings External Memory dialog the Auto save config on ENVM function is activated Table 26 Information frame in the Basic Settings Load Save dialog RM GUI RSPS Release 2 0 02 2013 43 Basic Settings 1 4 Load Save Undo Modifications of Configuration Parameters Operation Period to undo while Connection is lost s Watchdog IP Address Meaning When a user switches on the function the device continuously checks whether it can still be reached from the IP address of the user If the connection is lost after a defined time period the device loads the Selected configuration profile from the non volatile memory NvM Afterwards the device can be accessed again Possible values On Function is switched on You define the time period between the loss of the connection and the loading of the configuration pr
234. ology Discovery dialog cont Display FDB Entries Parameters Meaning Display FDB Entries Adds entries to the table for devices without active LLDP support Possible values Not selected default setting The table only shows entries for devices with LLDP support Selected The table shows entries for devices with and without LLDP support The device uses information from its address table FDB Forwarding Database Table 300 Display FDB Entries checkbox in the LLDP tab of the Diagnostics LLDP Topology Discovery dialog 306 RM GUI RSPS Release 2 0 02 2013 Diagnostics LLDP MED 8 5 LLDP LLDP for Media Endpoint Devices LLDP MED is an extension to LLDP that operates between endpoint devices and network devices It specifically provides support for VoIP applications In this support rule it provides an additional set of common advertisement Type Length Value TLV messages The device uses the TLVs for capabilities discovery such as network policy Power over Ethernet inventory management and location information Parameters Port Device Class VLAN ID Priority DSCP Unknown Bit Status Tagged Bit Status Hardware Revision Meaning Shows the number of the device port to which the table entry relates Shows the device class of the remotely connected device A value of notDefined indicates that the device has capabilities not covered by any of the LLDP MED classes A value of endpointClass1
235. omatically after the port is changed Existing connections remain in place Session Count Shows how many connections to the server are currently set up Max Number of Defines the maximum number of connections to the server that can be set Sessions up simultaneously Possible values 1 5 default setting 5 Session Timeout Defines the timeout in minutes After the device has been inactive for this min time it ends the session for the user logged on Possible values 1 160 default setting 5 The value 0 deactivates the function The user remains logged on when inactive Table 59 Configuration frame in the Security Management Access Server dialog SSH tab page Fingerprint The fingerprint is an easily verified hexadecimal number sequence that uniquely identifies the RSA or DSA key host key of the SSH server Parameters Meaning DSA Number sequence of the public DSA key of the server RSA Number sequence of the public RSA key of the server Table 60 Server dialog SSH tab Fingerprint frame After importing a new RSA or DSA key the device continues to display the existing fingerprint until you restart the server RM GUI RSPS 84 Release 2 0 02 2013 Security Signature 2 3 Management Access Parameters DSA Present Meaning Shows whether a DSA key host key is present in the device RSA Present Possible values selected A key is present not selected No key is present Shows whether an R
236. on Shows the MIB Managed Objects description to which the Port and Interlink entries refer Port A Shows the number of MIB Managed Objects events on port A The device examines the traffic as it passes from receive transceiver A to the LRE Port B Shows the number of MIB Managed Objects events on port B The device examines the traffic as it passes from receive transceiver B to the LRE Interlink Shows the number of MIB Managed Objects events on the interlink The counters are active for the MIB Managed Objects that pertain to the interlink The other counters remain empty A sample is made of the traffic as it passes from the LRE to the switch CPU Port Shows the number of MIB Managed Objects events on the CPU Port There is one MIB Managed Object that pertains to the CPU Port The other counters remain empty A sample is made of the traffic as it passes from receive transceiver to the CPU Table 204 Table in the Redundancy HSR Statistics dialog RM GUI RSPS 222 Release 2 0 02 2013 Redundancy 7 3 HSR Buttons Button Meaning Delete Deletes the entire table Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 205 Buttons RM GUI RSPS Release 2 0 02 2013 223 Redundancy 7 4 Spanning Tree 7 4 Spanning Tree The Spanning Tree Protocol STP is a protocol that deactivates redundant paths of a network in order to avoid loops If a network component f
237. on this port according to the Switching VLAN Static dialog If the VLAN tagging in the data packet matches one of these VLANs the port forwards the data packet to ports in this VLAN Otherwise the port discards the data packet not selected default setting The port forwards data packets received with a VLAN tagging to other ports without comparing the VLAN IDs Thus the port also transmits data packets with a VLAN tagging even though it is not a member of this VLAN Table 161 switching VLAN Port dialog cont Note If the MRP Ring configuration is assigned to a VLAN the device automatically performs the VLAN configuration for this port If the MRP Ring configuration is not assigned to a VLAN select the port VLAN ID 1 Buttons Button Set Reload Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Table 162 Buttons 184 RM GUI RSPS Release 2 0 02 2013 Switching 5 5 VLAN Button Meaning Help Opens the online help Table 162 Buttons cont 5 5 5 Voice Use the Voice VLAN feature to separate voice and data traffic on a port by VLAN and or priority A primary benefit of Voice VLAN is safeguarding the quality of voice traffic when data traffic on the port is high The device detec
238. or the associated operating software In addition we refer to the conditions of use specified in the license contract You can get the latest version of this manual on the Internet at the Hirschmann product site www hirschmann com Printed in Germany Hirschmann Automation and Control GmbH Stuttgarter Str 45 51 72654 Neckartenzlingen Germany Tel 49 1805 141538 Rel 2 0 02 2013 11 02 2013 Contents Contents About this Manual Key Graphical User Interface 1 Basic Settings 1 1 System 1 2 Network 1 2 1 Global 1 2 2 ARP Table 1 2 3 IP Address Conflict Detection 1 3 Software 1 4 Load Save 1 5 External Memory 1 6 Port Configuration 1 7 Restart 2 Security 2 1 User Management 2 2 Authentication List 2 3 Management Access 2 3 1 Server 2 3 2 Server SNMP 2 3 3 Server Telnet 2 3 4 Server HTTP 2 3 5 Server HTTPS 2 3 6 Server SSH 2 3 7 SNMPv1 v2 Community 2 3 8 IP Access Restriction 2 3 9 Web 2 3 10 CLI 2 3 11 CLI Global 2 3 12 CLI Login Banner 2 4 Port Security RM GUI RSPS Release 2 0 02 2013 Contents 2 5 2 6 3 1 3 2 3 3 5 1 5 2 5 3 5 4 RADIUS 2 5 1 Global 2 5 2 Authentication Server 2 5 3 Authentication Statistics Pre login Banner Time Basic Settings 3 1 1 Global 3 1 2 Daylight Saving Time 3 2 1 Client 3 2 2 Server Global Boundary Clock Boundary clock Global Boundary clock Port Transparent Clock Transparent clock Global Transparent clock Port WW
239. ort is is not configured as a static query port The device only transmits IGMP report messages to the port when it receives IGMP queries Active The port is configured as a static query port Table 139 Interface tab in the Switching IGMP IGMP Snooping dialog section x3c tblsheetnum gt of 3 RM GUI RSPS Release 2 0 02 2013 165 Switching 5 4 IGMP Parameters Meaning VLAN IDs Shows the ID of the VLAN to which the table entry applies Possible values 4042 VLAN IDs that are set up Table 139 Interface tab in the Switching IGMP IGMP Snooping dialog section x3c tblsheetnum gt of 3 VLAN This tab page allows you to configure the IGMP Snooping protocol for every VLAN Parameters Meaning VLAN ID Shows the ID of the VLAN to which the table entry applies Possible values 4042 VLAN IDs that are set up Active Activates deactivates the IGMP Snooping protocol for this VLAN Prerequisite The IGMP Snooping protocol is activated globally in the device Bers values ff default setting IGMP Snooping is deactivated for this VLAN The VLAN has left the Multicast data stream Active IGMP Snooping is activated for this VLAN The VLAN has joined the Multicast data stream Group Membership Defines the time in seconds for which a VLAN from a dynamic Multicast Interval group remains entered in the address table when the device does not receive any more report data packets from the VLAN In the Group Me
240. oses It assists the administrator in port analysis It eliminates the possibility that this port causes other ports on the module or the entire module to shut down Configuration Parameters Meaning Link Flap Defines whether the device enables a port after a Link Flap condition produces a disable port action Possible values Selected Enables the ports after the user defined time elapses Not selected default setting The ports remain disabled CRC Error Defines whether the device enables a port after a CRC Fragments condition produces a disable port action Possible values Selected Enables the ports after the user defined time elapses Not selected default setting The ports remain disabled Table 262 Configuration frame in the Diagnostics Ports Auto Disable dialog RM GUI RSPS Release 2 0 02 2013 275 Diagnostics Parameters Duplex Mismatch DHCP Snooping ARP Rate 8 3 Ports Meaning Defines whether the device enables a port after a Duplex Mismatch condition produces a disable port action Possible values Selected Enables the ports after the user defined time elapses Not selected default setting The ports remain disabled Defines whether the device enables a port after a DCHP Snooping condition produces a disable port action Possible values Selected Enables the ports after the user defined time elapses Not selected default setting The ports remain disabled Defines whether the device
241. pe of the address entry Possible values static Static ARP entry This entry is kept when the ARP table is deleted dynamic Dynamic entry The device deletes this entry when the Aging Time has been exceeded if the device does not receive any data from this device during this time Table 13 Table in the Basic Settings Network ARP Table dialog cont To reset the counters click Reset ARP table in the Basic Settings Restart dialog Buttons Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 14 Buttons RM GUI RSPS 32 Release 2 0 02 2013 Basic Settings 1 2 Network 1 2 3 IP Address Conflict Detection The device allows you to detect whether another device in the network is using its own IP address Whenever the device detects an address conflict the status LED of the device flashes red 4 times In this dialog you specify the procedure with which the device detects address conflicts and define the required settings for this In the table the device logs instances of another device in the network using its own IP address Operation Parameters Meaning Operation When this function is switched on the device detects whether another device in the network is using its own IP address Possible values On default setting The address conflict detection is switched on OEF The address conflict detection is switched off
242. pens a telnet session directly on the device Using this dialog you configure the device using CLI commands For detailed information on CLI commands review the Command Line Interface reference manual Buttons Button Meaning Help Opens the online help Table 303 Buttons RM GUI RSPS 310 Release 2 0 02 2013 Appendix A Appendix RM GUI RSPS Release 2 0 02 2013 311 Appendix A 1 Technical Data A 1 Technical Data Switching Size of MAC address table incl static filters Max number of statically configured MAC address filters Max number of MAC address filters learnable via IGMP Snooping MTU Max length of over long packets Latency with 64 Byte data packets 100 Mbit s 10 Mbit s Number of Switch queues Port priorities that can be set VLAN VLAN ID Number of VLANs 312 2048 2k 100 256 2000 Bytes Layer 2 typ 3 4 us Layer 2 typ 7 8 us 4 queues 0 3 1 4042 max 16 simultaneously per device max 16 simultaneously per port RM GUI RSPS Release 2 0 02 2013 Appendix A 2 List of RFCs A 2 List of RFCs RFC 768 RFC 783 RFC 791 RFC 792 RFC 793 RFC 826 RFC 854 RFC 855 RFC 951 RFC 1112 RFC 1157 RFC 1155 RFC 1212 RFC 1213 RFC 1493 RFC 1542 RFC 1643 RFC 1757 RFC 1867 RFC 1901 RFC 1905 RFC 1906 RFC 1945 RFC 2068 RFC 2131 RFC 2132 RFC 2233 RFC 2236 RFC 2246 RFC 2346 RFC 2365 RFC 2474 RFC 2475 RFC 2578 RFC 2579 RFC 2580 RFC 2613 RFC 2618 R
243. pointer over the button the user interface opens 3 a bubble help with the following information The time at which the device last refreshed the values Name of the user logged in Device name Network protocol by means of which you are logged in to the device The device automatically refreshes the values once a minute To refresh the display manually click the button By right clicking this symbol you can open the Basic Settings System dialog and the Basic Settings Network Global dialog directly When you position the mouse pointer over the button the user interface opens a bubble help with the summary of the Diagnostics System Configuration Check dialog To refresh the display click the button By right clicking this symbol you can open the Diagnostics System Configuration Check dialog directly Ends the session and terminates the connection to the device Shows the time in seconds after which the device automatically ends the session when the user is inactive You specify the timeout period in the Security Management Access Web dialog Table 2 Buttons in the status line RM GUI RSPS Release 2 0 02 2013 17 Graphical User Interface Button k Function Shows that the configuration profile in the volatile memory RAM differs from the selected configuration profile in the permanent memory NVM Save the current device configuration permanently so that the current settings will still be available to you after
244. pplies the devices in the network with a precise time The procedure enables the clocks in the network to be synchronized to a degree of precision of just a few 100 ns The protocol uses Multicast communication so the load on the network due to the PTP synchronization messages is negligible Using the Best Master Clock algorithm the devices determine the devices in the network with the most accurate time which are to be used as a reference time source Grandmaster Subsequently the participating devices synchronize themselves with this reference time source If you want to transport PTP time accurately through your network only use devices with PTP hardware support on the transport paths The protocol differentiates between the following clocks Ordinary Clock OC This clock has 1 PTP port and operates either as PTP master or PTP slave Boundary Clock BC This clock has any number of PTP ports and operates as both PTP master and PTP slave In its respective network segment the clock operates as an Ordinary Clock As PTP slave the clock synchronizes itself with a PTP master that is higher than the device in the cascade As PTP master the clock forwards the time information via the network to PTP slaves that are higher than the device in the cascade Transparent Clock TC This clock has any number of PTP ports In contrast to the Boundary Clock this clock only corrects the time information before forwarding it
245. profile only if it is encrypted and the password matches the password stored in the device When you activate an older configuration profile the device takes over the settings of the functions contained in this software version The device sets the settings of newer functions to the state on delivery Removes the configuration profile selected in the table from the non volatile memory NVM or from the external memory ENVM If the configuration profile is designated as Selected the device prevents you from removing the configuration profile Table 29 Buttons section x3c tblsheetnum gt of 5 48 RM GUI RSPS Release 2 0 02 2013 Basic Settings Button Select Export 1 4 Load Save Meaning Designates the configuration profile selected in the table as Selected In the Selected column the checkbox is now selected The device loads the settings of this configuration profile to the volatile memory RAM during the restart or when applying the function Undo Modification of Configuration Only designate an unencrypted device configuration as Selected when the configuration encryption in the device is switched off Only designate an encrypted device configuration as Selected when the following prerequisites are fulfilled The configuration encryption in the device is switched on The password of the configuration profile matches the password stored in the device Otherwise the device is un
246. r received Another device exists in the ring that is operating as the ring manager Activate the Ring Manager function if there is exactly one device in the ring Configuration error Connection in ring is connected to incorrect port Aline in the ring is connected with a different port instead of with a ring port The device only receives test data packets on 1 ring port Table 181 Information frame in the Redundancy MRP dialog RM GUI RSPS Release 2 0 02 2013 205 Redundancy 7 1 MRP Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Delete ring Switches off the redundancy function and resets all the settings in the configuration dialog to the state on delivery Help Opens the online help Table 182 Buttons RM GUI RSPS 206 Release 2 0 02 2013 Redundancy 7 2 PRP 7 2 PRP PRP uses 2 independent LANs with arbitrary ring mesh star and bus topologies resulting in a high availability of network connection The device connects to the PRP network with 100 Mbit s optical SFPs or 100 Mbit s FDX twisted pair interfaces installed in specially marked dedicated ports A and B for the LAN links The International Standard IEC 62439 3 describes the Parallel Redu
247. rame of the Basic Configuration System dialog for the monitored functions The device displays the detected fault with the higher priority when 2 or more detected faults occur at the same time The order of the functions listed in the Monitoring frame represents the monitor priority Meaning that the higher a function appears at the top of the list the higher the priority When you repair the displayed detected fault the device displays the next higher detected fault Security Status Parameters Meaning Security Status Shows the current status of the security relevant settings in the device The device determines the status from the individual monitored parameters Possible values Error OK Table 275 Security Status frame in the Diagnostics Status Configuration Security Status dialog RM GUI RSPS 286 Release 2 0 02 2013 Diagnostics 8 4 Status Configuration Trap Configuration Parameters Meaning Generate Trap Activates deactivates the sending of an SNMP message trap when the value in the Security Status field changes Possible values Selected The device sends a trap Not selected default setting The device does not send a trap The prerequisite for sending SNMP messages traps is that the function is switched on in the Diagnostics Alarms Traps dialog and at least 1 SNMP manager is defined Table 276 Trap Configuration frame in the Diagnostics Status Configuration Security Status dialog Monitoring
248. rds it to the destination address modeu When acting as a proxy for a destination device the host forwards unicast traffic around the ring and to the destination address The source node discards unicast traffic when the frames return Switching Node Defines the specific role that the device performs in the HSR ring Type yP Possible values hsrredboxsan default setting Use this setting when connecting SANs to the device in an HSR ring hsrredboxprpa Use this setting to connect this device to PRP LAN A Additionally set the RedBox Identity for the appropriate network connection hsrredboxprpb Use this setting to connect this device to PRP LAN B Additionally set the RedBox Identity for the appropriate network connection Redbox Identity Defines the PRP LAN traffic tags The parameter identifies and tags traffic for the PRP LAN connected to this device The device identifies traffic for up to 7 PRP LANs coupled to the HSR ring Prerequisite is that you configure the Switching Node Type to hsrredboxprpa or hsrredboxprpb Possible values idla default setting Use this value to process HSR traffic for PRP Network 1 LAN A idlb Use this value to process HSR traffic for PRP Network 1 LAN B id2a Use this value to process HSR traffic for PRP Network 2 LAN A id2b Use this value to process HSR traffic for PRP Network 2 LAN B id7a Use this value to process HSR traffic for PRP Network 7 LAN A id7b Use this value
249. received any STP BPDUs or the device port is not an edge port enable The device port is an edge port terminal device port and has received an STP BPDU The device deactivates the device port In the Basic Configuration Port Configuration dialog the checkbox in the Port on column is Not selected for this port To reset the status of the device port to the value forwarding you proceed as follows O El If the device port is still receiving BPDUs On the CIST tab page remove the selection from the checkbox in the Admin Edge Port column or Inthe Redundancy Spanning Tree Global dialog remove the selection in the BPDU Guard checkbox To activate the device port in the Basic Configuration Port Configuration dialog select the checkbox in the Port on column for this device port Table 213 Guards tab page in the Redundancy Spanning Tree Port dialog section x3c tblsheetnum gt of 3 Buttons Button Set Reload Help Table 214 Buttons RM GUI RSPS Release 2 0 02 2013 Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help 237 Redundancy 7 4 Spanning Tree RM GUI RSPS 238 Release 2 0 02 2013 Diagnostics 8 Diagnostics Th
250. reely for any purpose Any derived versions of this software must be clearly marked as such and if the derived work is incompatible with the protocol description in the RFC file it must be called by a name other than ssh or Secure Shell Tatu continues However am not implying to give any licenses to any patents or copyrights held by third parties and the software includes parts that are not under my direct control As far as know all included source code is used in accordance with the relevant license agreements and can be used freely for any purpose the GNU license being the most restrictive see below for details However none of that term is relevant at this point in time All of these restrictively licenced software components which he talks about have been removed from OpenSSH i e RSA is no longer included found in the OpenSSL library IDEA is no longer included its use is deprecated DES is now external in the OpenSSL library GMP is no longer used and instead we call BN code from OpenSSL Zlib is now external in a library The make ssh known hosts script is no longer included TSS has been removed MD5 is now external in the OpenSSL library RC4 support has been replaced with ARC4 support from OpenSSL Blowfish is now external in the OpenSSL library RM GUI RSPS 324 Release 2 0 02 2013 Appendix A 8 Copyright of Integrated Software The licence
251. rity Status In this mode the signal contact signals the overall status from the Device Status dialog and from the Security Status dialog The Status frame shows the status Table 280 Signal Contact Mode frame in the Diagnostics Status Configuration Signal Contact dialog Trap Configuration Parameters Meaning Generate Trap Activates deactivates the sending of an SNMP message trap when an event occurs that triggers the signal contact Possible values Selected The device sends a trap Not selected default setting The device does not send a trap The prerequisite for sending SNMP messages traps is that the function is switched on in the Diagnostics Alarms Traps dialog and atleast 1 SNMP manager is defined Table 281 Trap Configuration frame in the Diagnostics Status Configuration Signal Contact dialog RM GUI RSPS 292 Release 2 0 02 2013 Diagnostics 8 4 Status Configuration Monitoring correct Operation In this frame you define the parameters that the device monitors The device signals the occurrence of an event by opening the signal contact Parameters Meaning Contact Shows the status of the signal contact Possible values Opened Error An event has occurred that triggers the signal contact The signal contact is opened Closed OK Normal status The signal contact is closed Temperature Defines whether the signal contact monitors the temperature in the device Possible values Ignore
252. rms and save them in HTM The log file is kept until a cold start is performed on start the device creates the file again To delete the logged events from the log file click Basic Settings Restart dialog L format on your PC the device After the cold Delete Log File in the Buttons Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Search Opens the Search dialog The dialog allows you to search the log file for search terms or regular expressions Save Opens the Save dialog The dialog allows you to save the log file in HTML format on your PC Delete Log File Removes the logged events from the log file Help Opens the online help Table 248 Buttons 264 RM GUI RSPS Release 2 0 02 2013 Diagnostics 8 2 Report 8 2 8 Audit Trail The device logs system events and writing user actions on the device This gives you the option of following WHO changes WHAT on the device WHEN The logged entries are write protected and remain saved in the device after a cold reset This dialog displays the log file audit trail The dialog allows you to search the log file for search terms and save them in HTML format on your PC The device logs the following user actions among others A user logging on via CLI local or remote A user logging off manually Automatic logging off of a user in CLI after a specified period of inactivity Device restart Locking
253. rt sends and receives PTP synchronization messages Not selected The device port blocks PTP synchronization messages P2P Delay Interval Defines the interval in seconds at which the device port measures the s Peer to Peer delay Prerequisite You have set P2P on this device port and on the port of the remote terminal See the Delay Mechanism field Possible values 1 default setting 2 4 8 16 32 P2P Delay Shows the measured Peer to Peer delay for the PTP synchronization messages Prerequisite In the Delay Mechanism field you selected the value p2p Asymmetry Corrects the measured delay value corrupted by asymmetrical transmission paths Possible values 2000000000 2000000000 default setting 0 The value represents the delay symmetry in nanoseconds A measured delay value of x ns corresponds to an asymmetry of x 2 ns The value is positive if the delay from the PTP master to the PTP slave is longer than in the opposite direction Table 122 Table in the Time PTP Transparent Clock Port dialog RM GUI RSPS Release 2 0 02 2013 143 Time 3 3 PTP Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 123 Buttons RM GUI RSPS 144 Re
254. rted the device loads the configuration profile with the settings of the existing device from the external memory ENVM The device copies the settings into the volatile memory RAM and into the non volatile memory NVM 00 ogg Note The prerequisite for loading a configuration profile from the external memory ENVM is that the Config Priority field in the Basic Settings External Memory dialog has the value first In the state on delivery this value is preset Cancels the configuration encryption in the device O Enter the existing password in the Remove dialog O Select the Save Configuration afterwards checkbox to also remove the encryption for the Selected configuration profile in the non volatile memory NVM and in the external memory ENVM Note If you are keeping other configuration profiles in encrypted form in the memory the device prevents you afterwards from activating these configuration profiles or designating them as Selected Table 25 Configuration Encryption frame in the Basic Settings Load Save dialog section x3c tblsheetnum gt of 2 42 RM GUI RSPS Release 2 0 02 2013 Basic Settings 1 4 Load Save Information Parameters Meaning NVM synchron to Shows whether the configuration profile in the volatile memory RAM and running config the selected configuration profile in the non volatile memory NVM are the same Possible values Selected The configuration pr
255. rwards the first frame to the VDANHs and discards the second frame when it arrives The device performs a specific role in the network Configure a device as an HSR RedBox connecting standard ethernet devices to an HSR ring or as an HSR node connecting a PRP LAN to an HSR ring A single HSR ring accommodates up to 7 PRP LANs Configure the device to identify and tag the traffic addressed for the connected PRP LAN Note HSR is available for devices with enhanced redundancy hardware In order to use the HSR functions load the HSR device software HiOS 2S xxXxX RSPS 02000 bin where xxx HSR RM GUI RSPS Release 2 0 02 2013 215 Redundancy 7 3 HSR A WARNING RING LOOP HAZARD To avoid loops during the configuration phase configure all the devices individually Before you connect the redundant line be sure to complete the configuration of all the devices Failure to follow these instructions can result in death serious injury or equipment damage The menu contains the following dialogs Configuration DAN VDAN Table Proxy Node Table Statistics 7 3 1 Configuration With this dialog you activate or deactivate the HSR Protocol manage HSR supervision packets and configure the device for a specific network role MRP and STP cannot operate on the same ports as HSR Deactivate or choose different ports for MRP and deactivate STP on the HSR ports Note HSR uses interfaces 1 1 and 1 2 when active The HSR function replaces
256. ry to overflow This happens for example when the device receives data at a Gigabit port and forwards it to a port with a lower bandwidth The device discards surplus data packets The flow control mechanism described in standard IEEE 802 3 ensures that no data packets are lost due to a port memory overflowing Shortly before a port memory is completely full the device signals to the connected devices that it is not accepting any more data packets from them In full duplex mode the device sends a pause data packet In half duplex mode the device simulates a collision Then the connected devices do not send any more data packets for as long as the signaling takes On uplink ports this can possibly cause undesired sending breaks in the higher level network segment wandering backpressure According to standard IEEE 802 1Q the device forwards data packets with a VLAN tag in a VLAN 21 However a small number of applications on connected terminal devices send or receive data packets with a VLAN ID 0 When the device receives one of these data packets before forwarding it the device overwrites the original value in the data packet with the VLAN ID of the receiving port When you switch on the VLAN Unaware Mode this deactivates the VLAN settings in the device The device then transparently forwards the data packets on all ports and only evaluates the priority information contained in the data packet RM GUI RSPS 152 Release 2 0 02 20
257. s Possible values 1 IGMP v1 2 IGMP v2 default setting 3 IGMP v3 Max Response Shows the time in seconds in which the members of a Multicast group Time should respond to a query data packet For their response the members select a random time within the response time This helps to prevent all the Multicast group members from responding to the query at the same time In the Max Response Time field select a value smaller than the value in the Group Membership Interval field Possible values 1 25 default setting 10 Last Querier Shows the IP address of the Multicast router from which the last received Address IGMP query was sent out Last Querier Shows the IGMP protocol version that the Multicast router used when Version sending out the last IGMP query received in this VLAN Table 150 Table in the switching IGMP Querier dialog cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 151 Buttons RM GUI RSPS 174 Release 2 0 02 2013 Switching 5 4 IGMP 5 4 4 Multicasts The device allows you to specify how it transmits data packets with unknown Multicast addresses Either the device discards these data packets floods
258. s before they login to the device The users see this text in the login dialog of the graphical user interface GUI and of the Command Line Interface CLI Users logging in with SSH see the text regardless of the client used before or during the login To display the text only in the Command Line Interface CLI you use the settings in the Security Management Access CLI dialog Operation Parameters Meaning Operation When this function is switched on the device shows a greeting or information text in the login dialog of the graphical user interface GUI and of the Command Line Interface CLI Possible values off default setting The device does not show a text in the login dialog If you entered a text in the Banner Text field this text is kept On The device shows the text specified in the Banner Text field in the login dialog Table 88 Operation frame in the Security Pre login Banner dialog RM GUI RSPS 108 Release 2 0 02 2013 Security 2 6 Pre login Banner Banner Text Parameters Banner Text Remaining Characters Meaning Specifies the greeting or information text that the device displays in the login dialog of the graphical user interface GUI and of the Command Line Interface CLI Possible values Maximum 512 alphanumeric characters including spaces tabs line breaks and the following special characters 1 amp lt gt M Shows how many characters ar
259. s detailed information that you require to select the suitable redundancy procedure and configure it The menu contains the following dialogs MRP PRP HSR Spanning Tree RM GUI RSPS Release 2 0 02 2013 201 Redundancy 7 1 MRP 7 1 MRP The MRP Media Redundancy Protocol is a protocol that enables you to set up high availability ring shaped network structures An MRP Ring is made up of up to 50 devices that support the MRP protocol according to IEC 62439 The ring structure of an MRP Ring changes back into a line structure if a section fails The maximum switching time can be configured The Ring Manager function of the device enables the ends of a backbone in a line structure to be closed to a redundant ring Note The devices with hardware for enhanced redundancy functions offer the delay times 30ms and 10ms In order to use these delay times load the Fast MRP device software HiOS 2S xxx RSPS 02000 bin where xXX MRP Note For all devices in an MRP Ring activate the MRP compatibility in the Redundancy Spanning Tree Global dialog if you want to use RSTP in the MRP Ring If this is not possible perhaps because individual devices do not support the MRP compatibility you deactivate the Spanning Tree protocol on the ports connected to the MRP Ring Spanning Tree and Ring Redundancy affect each other Note If you combine RSTP with an MRP Ring you must give the devices in the MRP Ring a better i e numerically lower RSTP bri
260. s of the device ports Traffic class 3 queue with medium priority Traffic class 0 queue with the lowest priority Table 173 Table in the QoS Priority 802 1D p Mapping dialog DSCP Value DSCP Name Traffic class 0 Best Effort CSO 1 1 7 1 8 CS1 0 9 11 13 15 0 10 12 14 AF11 AF12 AF13 0 16 CS2 0 17 19 21 23 0 18 20 22 AF21 AF22 AF23 0 24 CS3 1 25 27 29 31 1 26 28 30 AF31 AF32 AF33 1 32 CS4 2 33 35 37 39 2 Table 174 Default assignment of the DSCP values to the traffic classes RM GUI RSPS Release 2 0 02 2013 197 QoS Priority DSCP Value 34 36 38 40 41 42 43 44 45 47 46 48 49 55 56 57 63 DSCP Name AF41 AF42 AF43 CS5 EF CS6 CS7 6 4 IP DSCP Mapping Traffic class WW WW WIM NM NM PM Table 174 Default assignment of the DSCP values to the traffic classes cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 175 Buttons 198 RM GUI RSPS Release 2 0 02 2013 QoS Priority 6 5 Queue Management 6 5 Queue Management With this dialog you can activate deactivate the Strict Priority function for the traffic classes When the Strict Priority function is switched off the device controls the pro
261. s shorter delay time Table 180 Configuration frame in the Redundancy MRP dialog 204 RM GUI RSPS Release 2 0 02 2013 Redundancy Parameters VLAN ID 7 1 MRP Meaning Defines the ID of the VLAN to which the MRP Ring configuration is assigned Possible values 0 default setting The MRP Ring configuration is not assigned to any VLAN Define the following settings for the ring ports VLAN ID 1 For this VLAN ID you assign the port the value U in the Switching VLAN Static dialog 1 4042 The MRP Ring configuration is assigned to a VLAN Define the same VLAN ID for all the devices in the ring Define the following settings for the ring ports VLAN ID as defined here For this VLAN ID you assign the port the value T in the Switching VLAN Static dialog Table 180 Configuration frame in the Redundancy MRP dialog cont Information Parameters Meaning Information Shows messages for the redundancy configuration and the possible causes of errors The following messages are possible if the device is operating as a ring client or a ring manager Redundancy Available The redundancy is set up When a component of the ring is down the redundant line takes over its function Configuration error Ring port link error Error in the cabling of the ring ports The following messages are possible if the device is operating as a ring manager Configuration error Packet of other ring manage
262. s to normal time when the time in the System Time field reaches the value entered here Parameters Meaning Week Defines the week in the current month Possible values none state on delivery first second third forth last Day Defines the day of the week Possible values none state on delivery sun mon THS wed thu Fr sat Table 95 Summertime End frame in the Time Basic Settings dialog Daylight Saving Time tab page RM GUI RSPS 116 Release 2 0 02 2013 Time 3 1 Basic Settings Parameters Meaning Month Defines the month Possible values none state on delivery jan feb mar apr mai jun jul aug sep oct nov dec Systemtime Defines the time Possible values 00 00 state on delivery lt HH MM gt Table 95 Summertime End frame in the Time Basic Settings dialog Daylight Saving Time tab page cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 96 Buttons RM GUI RSPS Release 2 0 02 2013 117 Time 3 2 SNTP 3 2 SNTP SNTP Simple Network Time Protocol is a procedure described in the RFC 4330 for time synchronization in the network The device allows
263. s to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Adds a new table entry Removes the selected table entry Opens the online help With this dialog you can define settings for the graphical user interface Web based interface Configuration Parameters Web Interface Session Timeout min Meaning Defines the timeout in minutes After the device has been inactive for this time it ends the session for the user logged on Possible values 0 160 default setting 5 The value 0 deactivates the function and the user remains logged on when inactive Table 69 Configuration frame in the Security Management Access Web dialog RM GUI RSPS Release 2 0 02 2013 91 Security Buttons Button Set Reload Help Table 70 Buttons 2 3 10 CLI 2 3 Management Access Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help With this dialog you can define settings for the Command Line Interface CLI You will find detailed information on the Command Line Interface in the
264. seconds and waits for the time specified in the Detection Delay ms field for a response Ifthe device detects an address conflict it applies the passive detection mode function If the Send Trap function is switched on it sends an SNMP message trap Off The continuous address conflict detection is switched off Detection Delay Defines the period in milliseconds for which the device waits for a ms response after sending an ARP data packet Possible values 20 500 default setting 200 Release Delay s Defines the period in seconds after which the device checks again whether the address conflict still exists Possible values 3 3600 default setting 15 Number of Address Defines how often the device sends gratuitous ARP data packets in the Protections passive detection mode to defend its IP address Possible values 0 100 default setting 3 Protection Defines the period in milliseconds after which the device sends gratuitous Interval ms ARP data packets again in the passive detection mode to defend its IP address Possible values 20 5000 default setting 200 Send Trap Activates deactivates the sending of an SNMP message trap when the device detects an address conflict during the periodic address conflict detection Possible values Selected The device sends an SNMP message Not selected default setting The device does not send an SNMP message The prerequisite for send
265. servers Defines the interval in seconds at which the device requests time information from the SNTP server Possible values 5 3600 default setting 30 Defines whether the device disables the SNTP client when it has successfully synchronized the time Possible values Selected The device deactivates the SNTP client after successful synchronization Not selected default setting The SNTP client remains activated after successful synchronization Table 98 Configuration frame in the Time SNTP Client dialog State Parameters Status Meaning Shows the status of the SNTP client Possible values disabled The SNTP client is disabled notSynchronized The SNTP client is not synchronized with any SNTP or NTP server syncToRemoteserver The SNTP client is synchronized with an SNTP or NTP server Table 99 State frame in the Time SNTP Client dialog RM GUI RSPS Release 2 0 02 2013 119 Time Table 3 2 SNTP In the table you define the settings for up to 4 SNTP servers Parameters Index Description Address Target UDP Port Meaning Shows a sequential number to which the table entry relates Possible values Te eA The device automatically defines this number When you delete a table entry this leaves a gap in the numbering When you create a new table entry the device fills the first gap After starting the device sends requests to the SNTP server configured in the first table entry If the s
266. smitting the PTP synchronization messages disabled The measurement of the delay for the PTP synchronization messages for the connected PTP devices is deactivated e2e default setting End to end As the PTP slave the device port measures the delay for the PTP synchronization messages to the PTP master The device displays the measured value in the Time PTP Boundary Clock Global dialog p2p Peer to peer The device measures the delay for the PTP synchronization messages for all the connected PTP devices provided that these devices support P2P This mechanism saves the device from having to determine the delay again if there is a reconfiguration Shows the measured Peer to Peer delay for the PTP synchronization messages Prerequisite In the Delay Mechanism field you selected the value p2p Table 116 Table in the Time PTP Boundary Clock Port dialog section x3c tblsheetnum gt of 4 RM GUI RSPS Release 2 0 02 2013 135 Time Parameters P2P Delay Interval s Network Protocol Announce Interval s Announce Timeout E2E Delay Interval s 3 3 PTP Meaning Defines the interval in seconds at which the device port measures the Peer to Peer delay Prerequisite You have set P2P at this device port and at the port of the remote terminal See the Delay Mechanism field Possible values 1 default setting 2 4 8 16 32 Defines which protocol the device port uses to transmit the PTP syn
267. summertime The profile selected overwrites the settings in the Summertime Begin and Summertime End frames Table 93 Operation frame in the Time Basic Settings dialog Daylight Saving Time tab page RM GUI RSPS 114 Release 2 0 02 2013 Time 3 1 Basic Settings Summertime Begin In the first 3 fields you define the day for the beginning of summertime and in the last field the time The devices switches to summertime when the time in the System Time field reaches the value entered here Parameters Meaning Week Defines the week in the current month Possible values none state on delivery first second third forth last Day Defines the day of the week Possible values none state on delivery sun mon Tue wed thu FETI sat Month Defines the month Possible values none state on delivery jan feb mar apr mai jun jul aug sep oct nov dec Table 94 Summertime Begin frame in the Time Basic Settings dialog Daylight Saving Time tab page RM GUI RSPS Release 2 0 02 2013 115 Time 3 1 Basic Settings Parameters Meaning Systemtime Defines the time Possible values 00 00 state on delivery lt HH MM gt Table 94 Summertime Begin frame in the Time Basic Settings dialog Daylight Saving Time tab page cont Summertime End In the first 3 fields you define the day for the end of summertime and in the last field the time The devices switche
268. t lt path gt lt file name gt SCP or SFTP upload If the key is on an SCP or SFTP server you enter the URL for the file in the following form scp orsftp lt IP address gt lt path gt lt file name gt When you click Import the device displays the Authentication window There you enter the User and Password to login to the server scp orsftp lt user gt lt password gt lt IP address gt lt path gt lt file name gt Shows the Open dialog Here you select the key to be copied if the file is located on your PC or on a network drive Copies the key host key defined in the File field to the device To get the server to use this key you click Set and restart the server Table 62 Key Import frame in the Security Management Access Server dialog SSH tab page Buttons Button Set Reload Help Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help Table 63 Buttons 86 RM GUI RSPS Release 2 0 02 2013 Security 2 3 Management Access 2 3 7 SNMPv1 v2 Community With this dialog you can define the community name for SNMPv1 v2 applications Applications send requests via SNMPv1 v2 with a community name in
269. t path gt lt file name gt Shows the Open dialog Here you select the certificate file to be copied if the file is located on your PC or on a network drive Copies the certificate defined in the File field to the device To get the server to use this certificate you click Set and restart the server You can only restart the server via the Command Line Interface CLI Table 56 Certificate Import frame in the Security Management Access Server dialog HTTPS tab page Buttons Button Set Reload Help Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help Table 57 Buttons 82 RM GUI RSPS Release 2 0 02 2013 Security 2 3 Management Access 2 3 6 Server SSH This tab allows you to switch the SSH server on off in the device and define its settings The server works with SSH version 2 The SSH server enables access to the management functions of the device with the Command Line Interface via an encrypted connection secure shell The SSH server identifies itself to the clients using its public RSA or DSA key When first setting up the connection the client program shows the user the fingerprint of this key The fingerprint contains a hex
270. tarted you have access to the log entries With this dialog you can limit the size of the log file and define the minimum severity for the events to be saved If the log file attains the specified size the device archives this file and saves the following log entries in a newly created file In the table the device shows you the log files held on the external memory As soon as the specified maximum number of files has been attained the device deletes the oldest file and renames the remaining files This ensures that there is always enough memory space on the external memory Operation Parameters Meaning Operation When the function is switched on the device saves the log entries in a file on the external memory Possible values On default setting Off Only activate this function when the external memory is available on the device Table 241 Operation frame in the Diagnostics Report Persistent Logging dialog RM GUI RSPS 260 Release 2 0 02 2013 Diagnostics 8 2 Report Configuration Parameters Meaning Max File Size Defines the maximum size of the log file in KBytes If the log file attains the specified size the device archives this file and saves the following log entries in a newly created file Possible values 0 4096 default setting 1024 The value 0 deactivates saving of log entries in the log file Max Files Defines the number of log files that the device keeps on the external memory As soo
271. ters Meaning Port A The text box in this frame shows the port number that is operating as PRP Port B Port A on this device The radio buttons activate deactivate the PRP function on port A Possible values On default setting OF The text box in this frame shows the port number that is operating as PRP Port B on this device The radio buttons activate deactivate the PRP function on port B Possible values On default setting OFT Table 184 Port A Port B frame in the Redundancy PRP Configuration dialog RM GUI RSPS Release 2 0 02 2013 209 Redundancy 7 2 PRP Supervision Packet Receiver Parameters Meaning Evaluate Activates deactivates Supervision Packets analysis Supervision Packets Possible values Selected default setting Supervision Packets analysis is switched on The device receives Supervision Frames and analyzes them Not selected Supervision Packets analysis is switched off The device still receives Supervision Frames without analyzing them Table 185 Supervision Packet Receiver frame in the Redundancy PRP Configuration dialog Supervision Packet Transmitter Parameters Meaning Active Activates deactivates the transmission of Supervision Packets Possible values On default setting Transmission of Supervision Packets is activated The RedBox transmits its own Supervision Packets Off Transmission of Supervision Packets is deactivated Send V
272. tes the security status if you have selected the Security Status option field in the Signal Contact Mode frame Parameters Contact Meaning Shows the status of the signal contact The signal contact indicates the device status or the security status Possible values Opened Error The signal contact is opened The current status of the device has the value Error or The current status of the security relevant settings in the device has the value Error Closed OK Normal status The signal contact is closed Table 284 Status frame in the Diagnostics Status Configuration Signal Contact dialog Propagate Connection Error table Parameters Port Propagate Connection Error Meaning Shows the number of the device port to which the table entry relates Defines whether the signal contact monitors the link status of the device port Possible values Selected The signal contact opens if the link on this device port is interrupted Not selected default setting The signal contact remains closed if the link on this device port is interrupted This setting is only effective if you have selected the value Monitor in the Connection error field of the Monitoring correct Operation frame Table 285 Propagate Connection Error table in the Diagnostics Status Configuration Signal Contact dialog RM GUI RSPS Release 2 0 02 2013 295 Diagnostics 8 4 Status Configuration Propagate
273. th multiple ports To avoid this alarm you deactivate the monitoring of the missing power supply units in the Diagnostics Status Configuration Device Status dialog RM GUI RSPS 22 Release 2 0 02 2013 Basic Settings 1 1 System Security Status The fields in this frame show the security status and inform you about alarms that have occurred You define the parameters that the device monitors in the Diagnostics Status Configuration Security Status dialog Parameters Meaning Symbol Shows the security status Possible values The device status is OK The monitored parameters have the desired status An alarm has occurred At least one monitored parameter differs x from the desired status Alarm Start Time Shows the time at which the device triggered the alarm with the current highest priority Possible values Date and time in the format Month Day Year hh mm ss AM PM The device triggers an alarm if a monitored parameter differs from the desired status In the Diagnostics Status Configuration Security Status dialog the parameters are sorted by priority High priority at the top low priority at the bottom Alarm Reason Shows the cause of the alarm and the current highest priority Table 4 Security Status frame in the Basic Settings System dialog System Data The fields in this frame show operating data and information on the location of the device Parameters Meaning Name Defines the device name Possible
274. the SNTP packet the SNTP server informs the clients that it is synchronized locally Not selected default setting The SNTP Broadcast server remains active when the device is synchronized to the local clock Table 103 Configuration frame in the Time SNTP Server dialog cont 124 RM GUI RSPS Release 2 0 02 2013 Time 3 2 SNTP State Parameters Meaning State Shows the state of the SNTP server Possible values disabled The SNTP server is deactivated notSynchronized The SNTP server is not synchronized with either a local or an external reference clock syncToLocal The SNTP server is synchronized with the hardware clock of the device syncToRefclock The SNTP server is synchronized with an external reference clock e g PTP yncToRemoteserver The SNTP server is synchronized with an SNTP server that is higher than the device in a cascade Table 104 State frame in the Time SNTP Client dialog Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 105 Buttons RM GUI RSPS Release 2 0 02 2013 125 Time 3 3 PTP 3 3 PTP PTP Precision Time Protocol is a procedure described in the IEEE 1588 2008 standard that su
275. the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of the incremental nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FORA PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER RM GUI RSPS 320 Release 2 0 02 2013 Appendix A 8 Copyright of Integrated Software CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE A 8 2 Expat Copyright c 1998 1999 2000 Thai Open Source Software Center Ltd and Clark Cooper Copyright c 2001 2002 2003 2004 2005 2006 Expat maintainers Permission is hereby granted free of charge to any person obtaining a copy of this software and asso
276. the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Reset Resets the port monitor function for the selected interface and enables the port when disabled by the Port Monitor function Help Opens the online help Table 261 Buttons RM GUI RSPS 274 Release 2 0 02 2013 Diagnostics 8 3 Ports 8 3 8 Auto Disable If the configuration shows a port as enabled but the device detects an error the software shuts down that port In other words the device software disables the port because of a detected error condition When a port is auto disabled the device effectively shuts down the port and the port blocks traffic The port LED blinks green 1 time per period and identifies the reason for the shutdown In addition the device generates a log entry listing the reason for the auto disable Furthermore the device sends a trap with the interface number the port status and the reason to the administrator When you enable the port after a timeout by auto disable the device sends a trap with the interface number and an empty Reason entry This feature provides a recovery function which automatically enables an auto disabled port after a user defined time When this function enables a port the device sends a trap with the interface number and an empty Reason entry The auto disable function serves 2 purp
277. the data packets The device transmits the data packets based on their destination MAC address or destination IP address in the corresponding VLAN The device evaluates the priority information contained in the data packet Selected The device works in the VLAN Unaware bridging mode 802 1D The device ignores the VLAN settings in the device and the VLAN tags in the data packets The device transmits the data packets based on their destination MAC address or destination IP address in VLAN 1 The device ignores the VLAN settings defined in the Switching VLAN Static and Switching VLAN Port dialogs All the device ports are assigned to VLAN 1 The device evaluates the priority information contained in the data packet Note You specify the VLAN ID 1 for all the functions in the device that use VLAN settings Among other things this applies to static filters MRP and IGMP Snooping Table 128 Configuration frame in the switching Global dialog cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 129 Buttons RM GUI RSPS 154 Release 2 0 02 2013 Switching 5 2 Rate Limiter 5 2 Rate Limiter The device allows you
278. the management functions of the device Possible values Selected The user s access is locked The device automatically locks a user if the user makes too many unsuccessful login attempts Not selected The user s access is unlocked Defines whether the device checks the password according to the defined policy when it is being set up or changed Possible values Selected The device checks the password according to the policy defined in the Password Policy frame Not selected The device accepts the password without checking it Defines the authentication protocol that the device applies for user access via SNMPvs3 Possible values hmacmd5 For this user account the device uses protocol HMAC MDB5 hmacsha For this user account the device uses protocol HMAC SHA Table 38 Table in the Security User Management dialog section x3c tblsheetnum gt of 3 RM GUI RSPS Release 2 0 02 2013 65 Security Parameters SNMP Encryption Type 2 1 User Management Meaning Defines the encryption protocol that the device applies for user access via SNMPVv3 Possible values none No encryption des DES encryption aesCfb128 AES 128 encryption Table 38 Table in the security User Management dialog section x3c tblsheetnum gt of 3 New Entry In this frame you set up a new user account To display the frame you click the Create button Parameters User Name Active Meaning Specifies the name of
279. the user account Possible values 1 32 alphanumeric characters Activates deactivates the user account Possible values Selected The user account is active The user accepts the login of a user with this user name Not selected The user account is inactive The user rejects the login of a user with this user name Table 39 New Entry frame in the Security User Management dialog section x3c tblsheetnum gt of 3 66 RM GUI RSPS Release 2 0 02 2013 Security 2 1 User Management Parameters Meaning Password Specifies the password with which the user logs in When the checkbox in the Display Password field is selected the password is visible in clear text Possible values 6 64 alphanumeric characters including the following special characters 1 amp 4 lt gt M The minimum length of the password is defined in the Password Policy frame The device differentiates between upper and lower case When the checkbox in the Policy Check field is selected the device checks the password according to the policy defined in the Password Policy frame The device always checks the minimum length of the password even if the checkbox in the Policy Check field is not selected Display Password Specifies how the adjacent Password field displays the password Possible values Not selected default setting The Password field displays asterisks instead of the password Selected The
280. tion still has access to the device after the VLAN configuration is saved Connect the management station to a port that is a member of the VLAN that is selected as the management VLAN In the state on delivery the device transmits the management data in VLAN 1 The device automatically creates VLANs for MRP rings The MRP ring function prevents the deletion of these VLANs Note the tagging settings for ports that are part of a redundant ring Note In a redundant ring with VLANs you should only operate devices whose software version supports VLANs Buttons Button Set Table 160 Buttons 182 Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save RM GUI RSPS Release 2 0 02 2013 Switching 5 5 VLAN Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Create Adds a new table entry Remove Removes the selected table entry Help Opens the online help Table 160 Buttons cont 5 5 4 Port In this dialog you specify how the device handles received data packets that have no VLAN tag or whose VLAN tag differs from the VLAN ID of the port This dialog allows you to assign a VLAN to the device ports and thus define the port VLAN ID Additionally you also define for each device port how the device transmits data packets when the VL
281. tions please contact any Hirschmann dealer in your area or Hirschmann directly You will find the addresses of our partners on the Internet at http Awww hirschmann com Contact our support at https hirschmann support belden eu com You can contact us in the EMEA region at Tel 49 0 1805 14 1538 E mail hac support belden com in the America region at Tel 1 717 217 2270 E mail inet support us belden com in the Asia Pacific region at Tel 65 6854 9860 E mail inet ap belden com Hirschmann Competence Center The Hirschmann Competence Center is ahead of its competitors Consulting incorporates comprehensive technical advice from system evaluation through network planning to project planning Training offers you an introduction to the basics product briefing and user training with certification The current technology and product training courses can be found at http www hicomcenter com Support ranges from the first installation through the standby service to maintenance concepts RM GUI RSPS Release 2 0 02 2013 345 Further Support With the Hirschmann Competence Center you have decided against making any compromises Our client customized package leaves you free to choose the service components you want to use Internet http www hicomcenter com RM GUI RSPS 346 Release 2 0 02 2013 Further Support RM GUI RSPS Release 2 0 02 2013 347 fh HIRSCHMANN A BELDEN BRAND
282. to limit the traffic on the ports in order to ensure reliable operation even with a large traffic volume If the traffic on a port exceeds the traffic value entered the device discards the excess traffic on this port The rate limiter function operates exclusively on layer 2 and is used to limit the effects of storms of data packets that flood the device typically Broadcasts The rate limiter function ignores protocol information on higher levels such as IP or TCP With the following measures you reduce the effects on for example the TCP traffic Restricting the rate limiter function to specific data packets e g to Broadcasts Multicasts and Unicasts with an unknown destination address Excluding Unicasts with a known destination address from this restriction Using the egress limiter function instead of the ingress limiter function The egress limiter function works somewhat better with the TCP flow control due to the device internal buffering of the data packets Increasing the aging time for learned Unicast addresses The dialog contains the following tabs Ingress Egress Ingress On this tab you activate the rate limiter function for received data packets By entering a threshold value you define the maximum amount of traffic the port transmits on the ingress side If the traffic on this port exceeds the threshold value the device discards the excess traffic on this port Parameters Meaning Port Shows the number of the devic
283. tp lt user gt lt password gt lt IP address gt lt path gt lt file name gt Table 29 Buttons section x3c tblsheetnum gt of 5 RM GUI RSPS Release 2 0 02 2013 49 Basic Settings Button Import View Save As 1 4 Load Save Meaning Imports a configuration profile saved in XML format from a PC or from a server in the network You specify the storage location for the configuration profile to be imported in the Storage Type field You specify the name of the configuration profile to be imported in the Name field The device gives you the following options for importing a configuration profile File upload If the file is located on your PC or on a network drive click select the file there TFTP upload If the file is located on a TFTP server enter the URL for the file in the following form tftp lt IP address gt lt path gt lt file name gt SCP or SFTP upload If the file is located on an SCP or SFTP server enter the URL for the file in one of the following forms scp orsftp lt IP address gt lt path gt lt file name gt When you click Update the device displays the Authentication dialog There you enter the User and Password to login to the server scp orsftp lt user gt lt password gt lt IP address gt lt path gt lt file name gt and If the configuration encryption is inactive the device imports the configur
284. try Possible values Selected The device sends an email alert to the user defined email address Not selected default setting Table 237 Table in the Diagnostics Report Email Logging Addresses dialog RM GUI RSPS Release 2 0 02 2013 257 Diagnostics 8 2 Report 8 2 4 Syslog The device enables you to send specific logged events to one or more syslog servers In this dialog you define the settings for this The dialog manages a list of up to 8 syslog server entries Depending on the severity of the event the device sends the log entry to different syslog servers Operation Parameters Meaning Operation When the function is switched on the device sends the events specified in the table to the specified syslog servers Possible values On off default setting Table 238 Operation frame in the Diagnostics Report Syslog dialog Table Parameters Meaning Index Shows a sequential number to which the table entry relates The device automatically defines this number When you delete a table entry this leaves a gap in the numbering When you create a new table entry the device fills the first gap Possible values 13 38 IP Address Defines the IP address of the syslog server Possible values Valid IP address default setting 0 0 0 0 Port Defines the UDP Port on which the syslog server expects the log entries Possible values 1 65535 default setting 514 Table 239 Table in the Diagnostics Report Sys
285. ts Parameters Meaning Link Flap Count Defines the link flap detection counter for this entry When the frequency of link flaps reaches this number the device produces the action configured in the Global tab Prerequisite for this function is that the Link Flap on checkbox in the Global tab is selected Possible values 1 100 default setting 5 Last Sampling Shows the link flap count that occurred during the last interval Interval Total Shows the total link flap count since the last reset Table 258 Table in the Link Flap tab of the Diagnostics Ports Port Monitor dialog cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Reset Resets the port monitor function for the selected interface and enables the port when disabled by the Port Monitor function Help Opens the online help Table 259 Buttons 8 3 7 Port Monitor CRC Fragments In this dialog you configure the device to monitor the Cyclical Redundancy Check CRC and Fragmentation The CRC is a code added to the data to detect accidental changes in the raw data Fragmentation occurs when the Maximum Transmission Unit MTU of a port is smaller than the packet size The sending device divides the packet
286. ts VoIP devices via Link Layer Discovery Protocol Media Endpoint Discovery LLDP MED The device then adds the appropriate switch port to the member set of the configured Voice VLAN The member set is either a tagged or an untagged member Tagging depends on the Voice VLAN interface mode VLAN ID Dot1p None Untagged Another benefit of the Voice VLAN feature is that the VOIP device obtains VLAN ID or priority information via LLDP MED from the switch As a result the phone sends voice data tagged as priority or untagged depending on the configured Voice VLAN Interface mode You configure the switch to support Voice VLAN on a port that is connecting to the VOIP phone Operation Parameters Meaning Operation Activates deactivates the Voice VLAN function globally on the device Possible values On Off default setting Table 163 Operation frame in the Switching VLAN Voice dialog RM GUI RSPS Release 2 0 02 2013 185 Switching Table Parameters Port Voice VLAN Mode Data Priority Mode Status VLAN ID 5 5 VLAN Meaning Shows the number of the device port to which the table entry relates Defines whether the port transmits or discards received data packets without Voice VLAN tagging or data packets with Voice VLAN priority information Possible values disable default setting Disables the Voice VLAN function for this table entry none Allows the IP phone to use its own configuration to send untagg
287. ue none in the VLAN field the device ignores the VLAN priority Table 116 Table in the Time PTP Boundary Clock Port dialog section x3c tblsheetnum gt of 4 RM GUI RSPS Release 2 0 02 2013 137 Time Buttons Button Set Reload Help Table 117 Buttons 3 3 PTP Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help 3 3 5 Transparent Clock With this menu you can configure the Transparent Clock mode for the local clock The menu contains the following dialogs Transparent clock Global Transparent clock Port 138 RM GUI RSPS Release 2 0 02 2013 Time 3 3 PTP 3 3 6 Transparent clock Global With this dialog you can enter general cross port settings for the Transparent Clock mode for the local clock The Transparent Clock BC operates according to PTP version 2 IEEE 1588 2008 The settings are effective when the local clock operates as the Transparent Clock TC For this you select the value v2 transparent clock in the PTP Version Mode field in the Time PTP Global dialog Operation IEEE 1588 PTPv2 TC Parameters Meaning Delay Defines the mechanism with which the device measures the delay for Mechanism transmitting the PTP synchronization mess
288. uration frame in the Security Management Access Server dialog SNMP tab page cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 46 Buttons RM GUI RSPS Release 2 0 02 2013 75 Security 2 3 Management Access 2 3 3 Server Telnet This tab allows you to define settings for the Telnet server of the device and to switch the server on off The Telnet server enables access to the management functions of the device with the Command Line Interface via a Telnet connection Operation Parameters Meaning Operation If the function is switched on the Telnet server is activated Possible values Off Server is deactivated On default setting Server is activated You can access the management functions of the device via Telnet Table 47 Operation frame in the Security Management Access Server dialog Telnet tab page Configuration Parameters Meaning Listen TCP Port Defines the number of the TCP port from which the server receives requests from clients Possible values 1 65535 default setting 23 Exception Port 2222 is reserved for internal functions The server restarts automatically after the port is changed
289. urn on the function in the Diagnostics Status Configuration Alarms Traps dialog and you define at least 1 SNMP manager Shows the status of the port Possible values up down notPresent Table 256 Table in the Global tab of the Diagnostics Ports Port Monitor dialog RM GUI RSPS Release 2 0 02 2013 271 Diagnostics 8 3 Ports Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Reset Resets the port monitor function for the selected interface and enables the port when disabled by the Port Monitor function Help Opens the online help Table 257 Buttons 8 3 6 Port Monitor Link Flap Link Flapping occurs when a link alternately advertises its link state as up and down You configure the device to detect this condition and then define whether to send a trap or shut the port off Table Parameters Meaning Port Shows the number of the device port to which the table entry relates Sampling Defines the interval in seconds for link flap detection for this entry Interval s Possible values 1 180 default setting 10 Table 258 Table in the Link Flap tab of the Diagnostics Ports Port Monitor dialog RM GUI RSPS 272 Release 2 0 02 2013 Diagnostics 8 3 Por
290. user interface GUI Shows the version number of the logic module for devices with programmable hardware FPGA Table 22 Table in the Basic Settings Software dialog Buttons Button Reload Help Table 23 Buttons RM GUI RSPS Release 2 0 02 2013 Meaning Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help 39 Basic Settings 1 4 Load Save 1 4 Load Save This dialog allows you to save the settings permanently in a configuration profile When you click Set in a dialog while the device is operating the device only saves the changes temporarily The device allows you to keep multiple configuration profiles in the memory so that you can quickly switch to other settings if required Configuration profiles can be saved in encrypted or unencrypted form You also have the option to export configuration profiles toa PC or an SCP or FTP server or to copy them back to the device from there Unintentional changes to the settings may cause the connection between your PC and the device to be terminated To make sure the device remains accessible switch on the Undo Modifications of Configuration function before changing settings If the connection is then terminated the device loads the device configuration saved in the non volatile memory NVM External Memory Parameters Meaning Selected ENVM Shows the type of the external memory Possible values SD
291. ustIpDscp The device prioritizes IP data packets according to their DSCP value The QoS Priority IP DSCP Mapping dialog displays the traffic class to which the respective IP DSCP value is assigned The device assigns the data packets to a traffic class depending on their IP DSCP value and thereby sorts them in the priority queue The device assigns the changed VLAN priority to the data packet in accordance with its DSCP value Data packets that are not IP data packets are prioritized by the device according to the value defined in the Port Priority column Shows the traffic class If you have defined the value untrusted in the Trust Mode column the device assigns the data packets to this traffic class Possible values 05 4 3 In the QoS Priority 802 1D p Mapping dialog you assign the VLAN priority to the traffic classes and thus the data packets to a priority queue of the port Table 168 Table in the 0oS Priority Port Configuration dialog cont Buttons Button Set Meaning Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Table 169 Buttons RM GUI RSPS Release 2 0 02 2013 193 QoS Priority 6 2 Port Configuration Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 169 Buttons co
292. uthentication Server This dialog allows you to define up to 8 authentication servers An authentication server authenticates and authorizes the users when the device forwards the login data to the server The device sends the login data to the specified primary authentication server If the server does not respond the device contacts the specified secondary authentication server that is highest in the table If no response comes from this server either the device contacts the next server in the table Table Parameters Meaning Index Shows a sequential number to which the table entry relates The device automatically defines this number Possible values Eees Name Shows the name of the server To change the value click the relevant field Possible values 1 32 alphanumeric characters Default setting Default RADIUS Server Address Specifies the IP address of the server Possible values Valid IPv4 address Table 84 Table in the Security RADIUS Authentication Server dialog RM GUI RSPS 104 Release 2 0 02 2013 Security Parameters UDP Port Secret Primary Server Active 2 5 RADIUS Meaning Specifies the number of the UDP port on which the server receives requests Possible values 0 65535 default setting 1812 Exception Port 2222 is reserved for internal functions Shows asteriks when a password is specified with which the device logs in to the server To change the password click the rel
293. v4 netmask Default setting Defines the IP address of a router via which the device accesses other devices outside its own network Possible values Valid IPv4 address Default setting Table 11 IP Parameter frame in the Basic Settings Network Global dialog 30 RM GUI RSPS Release 2 0 02 2013 Basic Settings 1 2 Network Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 12 Buttons 1 2 2 ARP Table This dialog allows you to display the MAC and IP addresses of the neighboring devices connected to the device The device determines these addresses using the Address Resolution Protocol ARP before the connection to the corresponding neighboring device is set up for the first time Table Parameters Meaning Port Number of the device port to which the table entry relates MAC Address Shows the MAC address of a device that responded to an ARP query to this device port IP Address Shows the IP address of a device that responded to an ARP query to this device port Table 13 Table in the Basic Settings Network ARP Table dialog RM GUI RSPS Release 2 0 02 2013 31 Basic Settings 1 2 Network Parameters Meaning Type Displays the ty
294. value 0 deactivates this setting The device accepts the password if it contains at least as many numbers as specified here Possible values 0 16 default setting 1 The value 0 deactivates this setting The device accepts the password if it contains at least as many special characters as specified here Possible values 0 16 default setting 1 The value 0 deactivates this setting Table 37 Password Policy frame in the Security User Management dialog RM GUI RSPS Release 2 0 02 2013 63 Security Table 2 1 User Management Every user requires an active user account to gain access to the management functions of the device The table allows you to set up and manage user accounts To change settings click the desired parameter in the table and modify the value Parameters User Name Active Password Meaning Shows the name of the user account To create a new user account you click Create Activates deactivates the user account Possible values Selected The user account is active The user accepts the login of a user with this user name Not selected The user account is inactive The user rejects the login of a user with this user name If only one user account exists with the administrator access role this user account is always active Shows asterisks instead of the password with which the user logs in To change the password click the relevant field Possible values 6
295. values 0 255 alphanumeric characters Location Defines the location of the device Possible values 0 255 alphanumeric characters Table 5 System Data frame in the Basic Settings System dialog RM GUI RSPS Release 2 0 02 2013 23 Basic Settings Parameters Contact Device Type Power Supply P1 Power Supply P2 Uptime Temperature C 1 1 System Meaning Defines the contact person for this device Possible values 0 255 alphanumeric characters Shows the product name of the device Shows the status of the power supply unit on voltage supply connection P1 Possible values Present Not present Defective Shows the status of the power supply unit on voltage supply connection P2 Possible values Present Not present Defective Shows the time that has elapsed since this device was last restarted Possible values Time in the format day s hh mm ss The middle field shows the current temperature in the device in C L This field specifies the lower temperature threshold in C If the temperature in the device falls below this value the device generates an alarm T This field specifies the upper temperature threshold in C If the temperature in the device exceeds this value the device generates an alarm Possible values 99 99 integer You activate the monitoring of the temperature thresholds in the Diagnostics Status Configuration Device Status dialog The Installation
296. values that are saved in the volatile memory RAM of the device Reset Enables the port when disabled by the Port Monitor function Help Opens the online help Table 264 Buttons RM GUI RSPS Release 2 0 02 2013 277 Diagnostics 8 3 Ports 8 3 9 Port Mirroring The device ports to be reviewed are known as source ports The device port to which the device copies the data packets to be reviewed is called the destination port Only physical device ports are suitable to be source or destination ports In port mirroring the device copies valid data packets transmitted and received by the source ports to the destination port This does not affect the data traffic on the source ports during port mirroring You can use a management tool connected at the destination port e g an RMON probe to monitor the data traffic of the source ports Operation Parameters Meaning Operation When the function is switched on the device copies the data packets for the select source ports to the destination port Possible values On off default setting Table 265 Operation frame in the Diagnostics Ports Port Mirroring dialog Destination port Parameters Meaning Destination Port Specifies the destination port The device copies the data packets from the source ports to this device port Possible values lt Port number gt default setting no Port You cannot specify as the destination port any device port that you alrea
297. ve dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 244 Buttons RM GUI RSPS 262 Release 2 0 02 2013 Diagnostics 8 2 Report 8 2 6 Hardware State This dialog provides information about the distribution and state of the flash memory of the device Information Parameters Meaning Operating Time Shows the total operating time of the device since it was delivered Possible values day s hh mm ss Table 245 Information frame in the Diagnostics Report Hardware State dialog Table Parameters Meaning Flash Region Shows the name of the respective memory area Description Shows a description of what the memory uses the memory area for Flash Sectors Shows how many sectors are assigned to the memory area Number of Sector Shows how often the device has overwritten the sectors of the memory Erase Operations area Table 246 Table in the Diagnostics Report Hardware State dialog Buttons Button Meaning Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 247 Buttons RM GUI RSPS Release 2 0 02 2013 263 Diagnostics 8 2 7 System Log 8 2 Report The device logs important device internal events in a log file system log This dialog displays the log file system log The dialog allows you to search the log file for search te
298. ver synchronization failed serverKissOfDeath The SNTP server is overloaded The device is requested to synchronize itself with another SNTP server If no other SNTP server is available the device asks at intervals longer than the setting in the Request Interval s field whether the server is still overloaded serverUnsynchronized The SNTP server is not synchronized with either a local or an external reference clock synchronization failed versionNotSupported The SNTP versions on the client and the server are incompatible with each other synchronization failed Activates deactivates the connection to the SNTP server Possible values Selected default value The connection to the SNTP server is activated The SNTP client has access to the SNTP server Not selected The connection to the SNTP server is deactivated The SNTP client has no access to the SNTP server Table 100 Table in the Time SNTP Client dialog cont RM GUI RSPS Release 2 0 02 2013 121 Time 3 2 SNTP Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Create Adds a new table entry Remove Removes the selected table entry Help Opens the online help Table 101 Buttons RM GUI RSPS 122 R
299. volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Updates the fields with the values that are saved in the volatile memory RAM of the device Opens the online help Table 298 Buttons 304 RM GUI RSPS Release 2 0 02 2013 Diagnostics 8 5 LLDP 8 5 2 Topology Discovery Devices in a network send advertisements in packets called LLDP Data Units LLDPDUs The data sent and received via LLDPDUs is useful for many reasons For example the device discovers which devices on a network are neighbors and through which ports they connect to each other This dialog with its tabs allows you to map the network as well as discover the devices connected with their capabilities LLDP This tab shows you the collected LLDP information for the neighboring devices This information enables the network management station to map the structure of your network When devices both with and without an active topology discovery function are connected to a device port the topology table hides the devices without active topology discovery When only devices without active topology discovery are connected to a device port the table will contain one line for this port to represent all devices This line contains the number of connected devices The Forwarding Database FDB address table contains MAC addresses of devices that the topology table hides for the
300. with a lower priority Table 176 Table in the QoS Priority Queue Management dialog RM GUI RSPS Release 2 0 02 2013 199 QoS Priority Parameters Min Bandwidth 6 5 Queue Management Meaning Defines the minimum bandwidth for this traffic class when the device is processing the priority queues of the ports with Weighted Fair Queuing Possible values 0 100 default setting 0 The value entered in percent refers to the available bandwidth on the port When you switch off the Strict Priority function for all traffic classes the maximum bandwidth is available on the ports for the Weighted Fair Queuing The total of the bandwidths assigned to the individual traffic classes is a maximum of 100 The value 0 means that the device does not reserve any bandwidth for this traffic class Table 176 Table in the QoS Priority Queue Management dialog cont Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 177 Buttons 200 RM GUI RSPS Release 2 0 02 2013 Redundancy 7 Redundancy This menu allows you to configure and monitor the settings for redundancy mechanisms The Redundancy Configuration User Manual document contain
301. y ENVM the device overwrites the settings of the Selected configuration profile in the non volatile memory NVM If the Config Priority field has the value first second or third and the configuration profile is unencrypted the Security Status frame in the Basic Settings System dialog shows an alarm In the Monitoring frame in the Diagnostics Status Configuration Security Status dialog you specify whether the device monitors the parameter Config load from external NVM unsecure Defines whether the device generates a copy on the external memory when saving the configuration profile Possible values selected default setting The device generates a copy of the configuration profile on the external memory when you click Save in the Basic Settings Load Save dialog Not selected The device does not generate a copy of the configuration profile Table 30 Table in the Basic Settings External Memory dialog section x3c tblsheetnum gt of 2 RM GUI RSPS Release 2 0 02 2013 53 Basic Settings 1 5 External Memory Buttons Button Meaning Set Transfers the changes to the volatile memory RAM of the device To permanently save the changes afterwards you open the Basic Settings Load Save dialog and click Save Reload Updates the fields with the values that are saved in the volatile memory RAM of the device Help Opens the online help Table 31 Buttons RM GUI RSPS 54 Release 2 0 02 2013 Basic Settin
302. y Seamless Redundancy HSR 215 HiView 9 HSR 215 HTTPS certificate 81 HTTPS server 80 HTTP server 78 l Importing signature key SSH 86 Industrial HiVision 10 74 Ingress filtering 184 Ingress rate limiter 155 Installation GUI 13 IP access restriction 88 IP DSCP mapping 197 J JAR file GUI 251 Java Runtime Environment 13 L LLDP 241 301 Load save device configuration 40 Login banner 108 Login banner CLI 94 Login prompt CLI 93 Login window 14 Log file HTML 240 264 Log audit trail 265 Loops 224 M MAC address table 158 MAC flooding 96 MAC spoofing 96 Management access 28 73 Management VLAN 28 Media Redundancy Protocol 202 Memory external 52 MRP 202 Index N Network load ports Non volatile memory NVM NVM O Operating instructions GUI P Persistent event logging Port configuration Port configuration QoS Priority Port mirroring Port priority Port security Port VLAN Port VLAN ID Pre login banner Priority queue PTP Boundary Clock PTP Transparent Clock Q Queue management QoS R RADIUS RAM RAM test Rate limiter Redundancy Request interval SNTP Resetting log files Resetting counters Restart Restarting device Restricting management access RFC Ring structure RMON probe Root bridge RSTP RSTP S Save configuration GUI 267 45 15 260 55 192 278 192 96 183 184 108 190 129 134 139 143 199 18 Save system information
303. you to synchronize the system time in the device as an SNTP client As the SNTP server the device makes the time information available to other devices The menu contains the following dialogs Client Server 3 2 1 Client With this dialog you can define the settings with which the device operates as an SNTP client An an SNTP client the device obtains the time information from both SNTP servers and NTP servers and synchronizes the local clock with the time of the time server Operation Parameters Meaning Operation When the function is switched on the device operates as an SNTP client Possible values On off default setting Table 97 Operation frame in the Time SNTP Client dialog RM GUI RSPS 118 Release 2 0 02 2013 Time 3 2 SNTP Configuration Parameters Meaning Mode Defines whether the device actively requests the time information from an Request Interval s Disable Client after successful Synchronization SNTP server known and configured in the network Unicast mode or passively waits for the time information from a random SNTP server Broadcast mode Possible values unicast default setting The device only takes the time information from the configured SNTP server The device sends Unicast requests to the SNTP server and evaluates its responses broadcast The device obtains the time information from one or more SNTP or NTP servers The device only evaluates the Broadcasts or Multicasts from these
304. you want to use the graphical user interface L Click on OK The window with the graphical user interface will appear on the screen RM GUI RSPS 14 Release 2 0 02 2013 Graphical User Interface E Operating Instructions The graphical user interface of the device is divided into the menu part left and the dialog part right 2QFR 0 E _ Te e Network Device Status Security Status IB Software ooo B Load Save Vv Alarm Start Time v Alarm Start Time F gt External Memory AlrmReason foo Coo E Port Contiguration z Restart System Data Device View 8 Security Name IRSP ECE55501 5560 Time Location Hirschmann RSP oseo Ej Network Security H amp Switching Contact Hirschmann Automation and Control GmbH A EJ a0sPriority Redundancy Device Type IRSP30 0803 Hv 0001 E Diagnostics Power Supply 1 present 8 Advanced Power Supply 2 present O Hep Uptime 0 day s 2 36 55 Temperature C L fo far T fro a J L g E E _sa Reload oading data ok Figure 2 Graphical user interface of the device RM GUI RSPS Release 2 0 02 2013 Graphical User Interface The menu shows the menu items When you click a menu item the user interface displays the corresponding dialog in the dialog area SQ E 00 bles Ely Basic Settings 6 System is Expand All ie U Collapse Al
Download Pdf Manuals
Related Search