User Manual User Manual - EnGenius Technologies, Inc.
Contents
1. 63 Displays the model number of the Access Point Firmware Version Displays the current firmware version in use File Name Displays the file name of the firmware uploaded Image Size Displays the size of the firmware uploaded in bytes Upload Time Displays the time at which the firmware was uploaded Device List This list displays all the current Access Points connected to the controller Click on the Access Points you wish to upgrade If multiple Access Points are connected you can Search for specific Access Points via the search bar at the boittom right of the page Click Add to Upgrade to select devices you wish to upgrade Bulk Upgrade Current firmware image infomation Model EWS310AP Firmware Version v2 0 0 c0 21 2 File Name EWS310AP v2 0 0 c0 21 2 140128 bin Image Size Byte 7476553 Upload Time 2000 Jan 08 05 53 18 Upload Wireless AP firmware image file to controller Upload New File Unable to upload new file when APs are under upgrading Status Displays the current status of the Access Point Displays the model number of the Access Point Name ss Displays the name of the Access Point MAC Address Displays the MAC address of the Access Point IP Address Displays the IP address of the Access Point Firmware Version Displays the current firmware version of the Access Point To upgrade please follow the steps below 1 Click on Upload New File to mount A2. Managed APs Total Sort descending by traffic The page displays a visual chart of the network traffic of Sa ee 55 all the Access Points managed by the EWS Switch Click pipe fl Ze ng Sort to view your results for the collective usage of all a m e 0 Access Points on the Network WEST ei em ees EWS7928P 24 Port Gigabit PoE L2 Wireless Management Switch with 4 Dual Speed SFP n Access Points Click on the bar in the Managed APs chartto display the traffic of the selected AP EWS310AP Total Rx Tx Client Number Koroan Ee SITE 6 hours 9 hours 12 hours 1 day 4 week 2 weeks 20000121021 16 29 2000 01 11 00 16 29 oana 155 1 amp ou Se 2 amp op me some 2 foe BE B D o sl CH 2 EWS3104P EWS3104P EWS3104P EWS3104P Pa E Sg o T EWS310AP Total Rx Tx Client Number S t 6 hours 9 hours 12 hours 1 day 1 week 2 weeks 2000 01 09 16 01 15 2000 01 09 19 01 15 1 FH O S 3 5 af pW pD 9300 9390 ri DS bs ME 400 DS S Place your mouse cursor over a bar in the chart to show details of the AP Next click on the bar to show the traf fic of the Access Point in a chart 55 100MB Le z o 5 me 2 up Name EWS310AP 2 E MAC 00 02 6F E8 BA 1C E mu 5 O Tx 25 25M8 Total 29 25MB EWs3 10AP EWS310AP Total Rx Tx Client Number Total Rx Tx Client Number Use the button to toggle
3. EAAVK Greek ME THN NAPOY2A name of manufacturer AHAQNEI OTI type of equipment gt YMMOPOONETAI TIPOX TIX OYYIQAEN AITIAITHSEIS KAI TI AOINE XXETIKEZ AIATA EIZ TH OAHTIA 1999 5 EK 206 Fran ais French Par la pr sente nom du fabricant d clare que l appareil type d appareil est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999 5 CE Italiano Italian Latviski Latvian Con la presente nome del costruttore dichiara che questo tipo di apparecchio conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999 5 CE Ar o name of manufacturer izgatavot ja nosaukums deklar ka type of equipment iek rtas tips atbilst Direkt vas 1999 5 EK b tiskaj m pras b m un citiem ar to saist tajiem noteikumiem Lietuviy Lithuanian iuo manufacturer name deklaruoja kad is equipment type atitinka esminius reikalavimus ir kitas 1999 5 EB Direktyvos nuostatas Nederlands Dutch Hierbij verklaart naam van de fabrikant dat het toestel type van toestel in overeenstemming is met de essenti le eisen en de andere relevante bepalingen van richtlijn 1999 5 EG Malti Maltese Magyar Hungarian Hawnhekk isem tal manifattur jiddikjara li dan il mudel tal prodott jikkonforma mal ftigijiet essenzjali uma provvedimenti ohrajn relevanti li hemm fid Dir
4. EnGenius Business Solutions User Manual EWS5912FP EWS7928P EWS7952FP version 1 0 Wireless Management Switch Neutron Series IMPORTANT To install your Switch please refer to the Quick Installation Guide included in the product packaging Table of Contents Chapter 1 Product Overview 7 Introduction Package Contents 8 Ee alte Eet deel KE 9 Physical Mtera nanas 12 Compati Dili E 14 Management JEE eege 15 Connecting the Switch to a Network NEE 16 WED ACCESS mine 18 Chapter 2 Controller Management 19 Wireless Controller amp L2 Switch 20 Device Management s nniaannsunsananamimnsthe 21 Su ET 21 ACCESS ln san hnannenassememamnansnun 22 General Global Settings 25 HEES metteg eseou 25 How to Add Access Points to an Access Point List 27 Individual Access Points Settings 28 Wireless Radio Settings 2 4 GH2 5 GHZ 29 WLAN Settings 2 4 GH2 5 GHZ 32 SSID Config ratioN sssini a 33 BaS IC eau 33 RH ar Tee El 33 el e ne 33 SO CUI WEP ne ennemie 34 WPA2 WPA2 E E 35 E e E nenimunun 35 Advanced EES 36 GUESS a Egal cn enr u 37 SECUN W enpa no non 37 Manual IP Settings amp Auto DHCP Server Settings 37 Active CBS nn 39 Access Point RT 41 e General Global Settings 42 Member Settings Autoconfiguration 43 Radio Settings 2 4 GH2 5 LEE insannsantss 43 Autoconfiguration in 43 Wireless Radio Settings 2 4 GHz 5 GHZ 44 een a
5. Upload Limit The Upload Limit specifies the wireless transmission speed used for uploading The range is from 1 999 Mbps Fast Roaming broadcasting This can help to discourage wireless users from connecting to a When this function is enabled PMKSA will be distributed particular SSID and cached on neighboring Access Points to facilitate roaming This function is only available with WPA2 or WPA Mixed Enterprise security modes Hidden SSID Select Enable to hide the SSID from 33 Enable Fast Select to enable or disable the Fast Roaming Roaming feature for the Access Point Security The Security section allows users to select the security settings for the given wireless connection to protect the network Select None to disable the Security feature for the network WEP Wired Equivalent Privacy WEP is a data encryption pro tocol for 802 11 wireless networks which scrambles all data packets transmitted between the Access Point and the wireless clients associated with it Both the Access Point and the wireless client must use the same WEP key for data encryption and decryption 34 Select Open System or Shared Key Select the WEP Key you wish to use Select the key type Your available options are ASCII and HEX WEP Key Input Type ASCII Key You can choose upper and lower case alphanumeric characters and special symbols such as and HEX Key You can choose to use digits from O 9 and letters fro
6. Global Settings State Select Enabled or Disabled to activate LLDP for the Switch Select whether to Enable or Disable the LLDP feature Transmission Interval Enter the interval at which LLDP i SEENEN advertisement updates are sent The on the Switch Next enter the Transmission interval default value is 30 The range is from Holdtime Multiplier Reinitialization Delay parameter 5 32 768 and the Transmit Delay parameter When finished click Holdtime Multiplier Enter the amount of time that LLDP packets are held before packets are APPLY to update the the system settings discarded and measured in multiples of the Advertised Interval The default is 4 The range is from 2 10 Reinitialization Delay Enter the amount of time of delay before reinitializing LLDP The default is 2 The range is from 1 10 Transmit Delay Enter the amount of time that passes between successive LLDP frame transmissions The default is 2 seconds The range is 1 8192 seconds 107 Local Device Chassis ID Subtype Displays the chassis ID type Chassis ID Displays the chassis ID of the device LLDP devices must support chassis and port ID transmitting the LLDP frame advertisement as well as the system name system ere SE ID system description and system capability advertisements Here you can view detailed LLDP information for the EnGenius Switch Controller Switch Local Device Information Click the Apply button to accept t
7. AC 3 R Ge i 2 Disabled Off Disabled Off amp QoS Global Settings l 3 Disabled ot Disabled of CoS Mapping E 4 Disabled off Disabled of DSCF Mapping Disabled of Disabled oF Port Settings a idth C m 6 Disabled Of Disabled of Storm Control I 7 Disabled Off Disabled OF P Securty 8 Disabled of Disabled of amp Monitoring Sy ars EI 9 Disabled Of Disabled OF ragnostic s 10 Disabled Off Disabled Of E 11 Disabled Off Disabled of 12 Disabled Of Disabled Off 160 Storm Control Port Displays the ports for which the Storm Control information is displayed Select whether Storm Control is Enabled or Storm Control limits the amount of Broadcast Unknown DEAD SAR Multicast and Unknown Unicast frames accepted and Broadcast Enter the broadcast rate in kilobits per second The Gigabit Ethernet ports have forwarded by the Switch Storm Control can be enabled a maximum speed of 1000000 kilobits per port by defining the packet type and the rate that per second If the rate of broadcast traffic the packets are transmitted at The Switch measures the ingress on the interface increases beyond f f the configured threshold the traffic is incoming Broadcast Unknown Multicast and Unknown dropped Unicast frames rates separately on each port and discards Unknown Multicast Enter the Unknown Multicast rate in the frames when the rate exceeds a user defined rate kilobits per second The Gigabit Ethernet ports have a maximum speed of 10000
8. MST Instance Settings Multiple Spanning Tree Protocol or MSTP enables the grouping of multiple VLANs with the same topology requirements into one Multiple Spanning Tree Instance MSTI MSTP then builds an Internal Spanning Tree IST for the region containing commonly configured MSTP bridges Instances are not supported in STP or RSTP Instead they have the same spanning tree in common within the VLAN MSTP provides the capability to logically divide a Layer 2 network into regions Every region can contain multiple instances of spanning trees In MSTP all of the interconnected bridges that have the same MSTP configuration comprise an MST region A Common Spanning Tree CST interconnects all adjacent MST Regions and acts as a virtual bridge node for communications between STP or RSTP nodes in the global network MSTP connects all bridges and LAN segments with a single Common and Internal Spanning Tree CIST The CIST is formed as a result of the running Spanning tree algorithm between Switches that support STP RSTP and MSTP protocols Once you specify the VLANs you wish to include in a Multiple Spanning Tree Instance MSTI the protocol will automatically build an MSTI tree to maintain connectivity among each of the 99 VLANs MSTP maintains contact with the global network because each instance is treated as an RSTP node in the Common Spanning Tree CST Click the Edit button to configure the MST settings Next enter infor
9. Rising Threshold Enter the rising number that triggers the rising threshold alarm Falling Thresh Enter the falling number that triggers the old falling threshold alarm Rising Event Enter the event number by the falling alarm are reported Falling Event Enter the event number by the falling alarms are reported Owner Enter the Switch that defined the alarm History Log Table Statistics 180 History List The RMON History List screen contains information about samples of data taken from the ports n History List Enter the entry number for the History Log Table Sample Port Select the port from which the history sam ples were taken Bucket Requested Enter the number of samples to be saved The range is from 1 50 Interval Enter the time that samples are taken from the ports The field range is from 1 3600 Enter the RMON user that requested the RMON information The range is from 0 32 characters Click the Apply button to accept the changes or the Cancel button oe to discard them 181 History Log Table History Log Table Select the index for the History Log from the list From here you can view the History Index for History Logs on the Switch Select a History Index to view from the drop down box Controller Switch History Log Table Select History Index none e System lt L Feature t VLAN amp Management S ACI QoS Security amp Monitorin
10. Swatch MST Port Settings Internat Fam lateral Pach Regional Root latemal Root Designated Pow Port Cost Con 8 MSTID Pon Priority ot Oper CT Cost Bridge imemal Port Con Role State 1 1 128 0 20000 H 20000 MAC Address Table The MAC address table contains address information that the Switch uses to forward traffic between the inbound and outbound ports All MAC addresses in the address table are associated with one or more ports When the Switch receives traffic on a port it searches the Ethernet switching table for the MAC address of the destination If the MAC address is not found the traffic is flooded out all of the other ports associated with the VLAN All of the MAC address that the Switch learns by monitoring traffic are stored in the Dynamic address A Static address allows you to manually enter a MAC address to configure a specific port and VLAN Static MAC Address The address table lists the destination MAC address the associated VLAN ID and port number associated with the address When you specify a Static MAC address you are set the MAC address to a VLAN and a port thus it makes an entry into its forwarding table These entries are then used to forward packets through the Switch Static MAC addresses along with the Switch s port security allow only devices in the MAC address table on a port to access the Switch Static MAC Address Controller Switch Le System lt L Feature b Link Aggrega
11. The Open Shortest Path First OSPF protocol is a link state hierarchical interior gateway protocol IGP for network routing Layer Two 2 Tunneling Protocols It is an an extension to the PPP protocol that enables ISPs to operate Virtual Private Networks VPNs e PIM Matches the packet to Protocol Independent Multicast PIM e L2TP Matches the packet to Internet Protocol L2IP Destination IP Enter the destination IP address Address Value Destination IP Enter the mask of the new source IP address Wildcard Mask Source IP Enter the source IP address Address Value Click Apply to save the changes to the system 150 IPv6 ACL This page displays the currently defined IPv6 based ACLs profiles To add a new ACL click Add and enter the name of the new ACL IPv6 ACL System lt L2 Feature Index Name 3i VLAN char 1 32 vllo Management ACL MAC ACL MAC ACE IPv4 ACL IPv4 ACE IPv6 ACL IPv6 ACE ACL Binding 4 QoS A Security amp Monitoring A Diagnostics Index Displays the current number of ACLs Enter the IPv6 based ACL name You can use up to 32 alphanumeric characters Click the Apply button to accept the changes or the Cancel button to discard them 151 IPv6 Based ACE ACL Name Select the ACL from the list Sequence Enter the sequence number which Allows IPv6 Based Access Control Entry ACE to be de signifies the order of the specified fin
12. Enabled Enabled b Link Aggregation Le n D Le Mirror Settings 2 WA Dreaded Disatiod o STP 3 WA Disabled Disatied b MAC Address Table 4 NA Disabled Disabled b LLDP b IGMP Snooping gt MLD Snooping NOTE You cannot mirror a faster port onto a slower port For example if you try to mirror the traffic from a 100 Mbps port onto a 10 Mbps port this can cause through put problems The port you are copying frames from Should always support an equal or lower speed than the port to which you are sending the copies Please note a target port and a source port cannot be the same port Click the Apply button _ to accept the changes or the Cancel button oe to discard them 87 STP The Spanning Tree Algorithm STA can be used to detect and disable network loops and to provide backup links between Switches This allows the Switch to interact with other bridging devices in your network to ensure that only one route exists between any two Stations on the network and provide backup links which automatically take over when a primary link goes down STP provides a tree topology for the Switch There are different types of Spanning tree verisons supported including Spanning Tree Protocol STP lIEEE802 1D Multiple Spanning Tree Protocol MSTP IEEE802 1w and Rapid Spanning Tree Protocol RSTP IEEE802 1s Please note that only one spanning tree can be active on the Switch at a time Global Settings Spanning Tree Protocol S
13. Once logged in click IP Settings under the System menu and select Static IP to configure the IP settings of the management interface Enter the IP address Subnet mask and Gateway 10 Click Apply to update the system Use this procedure to access the management interface Web Access through a Web browser for device configuration 1 Open a Web browser on your computer and enter the following address default http 192 168 0 239 2 On the login screen use the following information Username admin Password password To make access to the web based management interface more secure it s highly reccomended that you change the password to something more unique Chapter 2 Controller Management Wireless Controller amp Layer 2 Switch Besides having the Wireless Controller functions the EWS Wireless Management Switch also possesses functions of a full featured Layer 2 PoE switch Use the Controller Switch tab on the upper left corner to toggle between the Wireless Controller or Layer 2 Switch functions Controller Switch Controller Switch 20 Device Management Summary The Summary page shows general system information for the EWS Switch including its software version the maximum number of APs the EWS can manage MAC Address IP Address serial number and system uptime for the Switch Select whether to Enable or Disable the Controller feature on the Switch Next click Apply to save the ch
14. This is enabled by default Http amp Https Settings HTTP Session Enter the amount of time that elapses before Timeout HTTP is timed out The default is 5 minutes The EnGenius Layer 2 PoE Switch provides a built in We er ervice erect wnether the ervice IS cnaDie browser interface that enables you to configure and Bees or Disabled This is disabled by default manage the Switch via Hypertext Transfer Protocol HTTPS Session Enter the amount of time that elapses before Http and Hypertext Transfer Protocol Secure Https Timeout HTTPS is timed out The default is 5 minutes requests selectivly to help prevent security breaches The range is from from 0 86400 minutes on the network You can manage your HTTP and HHTPs settings for the Switch further by choosing the length of Click Apply to save the changes to the system session timeouts for HTTP and HTTPs requests Select whether to Enable or Disable the HTTP service and enter the HTTP Timeout session Next select whether to Enable or Disable the HTTPS sevice and enter the HTTPS timeout session for the Switch Swich Hitp amp Https Settings HTIP Senice Enabled Disabled 0 66400 minutes 0 no limit HTTPS Senice Enabled Disabled 0 88400 minutes 0 og limit Http s Settings Telnet Settings SSH Settings Cansole Settings Port Security Des 169 Telnet Settings From here you can configure and manage the Switch s Telnet pr
15. change lt Visual Monitoring a Topology View Map View Online Offline Changed Unmanaged Show Portinfo b Floor View Oz z Save Topology Statistics lt gt SZ Maintenance PS 12108014 192 168 0 239 PIT 12216801 48 Navigating Tips v Use d to scroll up down left or right Use to Zoom in out Alternatively you can use the mouse to navigate by clicking and dragging the left mouse button Use the mouse wheel to zoom in out Mouse over a device to show information about the de vice Left click on the Switch to redirect to the Switch Ul on the collapsible topology tree Left click on the Access Point to redirect to the Active Clients page You can search for an Access Point using the IP Address or MAC address Click the Show Port Info box to show or hide port infor mation on the Controller Click on ESSE for the Controller to save the current network topology Changes will be displayed upon de tecting a topology change 49 Map View From here you can view a realistic representation of Ac cess Points in the network To find Access Points within the network enter the Access Point name in the search bar Click Hide AP List to hide the Access Point list on the page or AP List to show a list of connected Access Points Displays whether the Access Point in the net work is active or inactive Displays the name of the Access Point Click Save Map to s
16. to fit your needs SSID is basically the name of the ee wireless network to which a wireless client can connect e k E to Multiple SSIDs allow administrators to use a single Semer coms 50H None None one No physical network to support multiple applications with eee ee ee different configuration requirements Up to 8 SSIDs are red Stings available per radio Click on the SSID you wish to make changes to and you ll be directed to the SSID Configura tion page The ID displays the SSID profile identifier Status This displays whether the current SSID profile is enabled or disabled aa Displays the SSID name as it appears to the D comes scummy Weg Sols wireless clients in the network Sse ee Security Displays the Security Mode the SSID uses Active Clients 2 WLAN Setings 2 4GHz Encryption Displays the Data Encryption type the SSID AP Clusters ID Status ssiD Security Encryption Hidden SSID ClientIsolation VLAN Isolation VLAN ID uses Statistics 1 Enable EnGeniusE8BA1D_1 2 4GHz None None No No No 1 P S S Maintenance 2 Disabled EnGeniusE8BA1D_2 24GHz None None No No No 2 Hidden SSID Displays whether the hidden SSID IS enabled 3 Disabled EnGeniusE8B41D_3 2 4GHz None None No No No 3 di bl d 4 Disabled EnGeniusE8BA1D_4 24GHz None None No No No 4 or disabled SE e Sa Client Isolation Displays whether Client Isolation feature is 6 Disabled EnGeniusE8BA1D_6 24GHz None None No No No 6 7 Disabled EnGeniusE8BA1D_7
17. when a loop occurs A lower internal cost represents a quicker transmission Select ing O zero for this parameter will set the quickest optimal route automatically for an interface Port Role Each MST bridge port that is enabled is assigned a Port Role for each spanning tree The Port Role is one of the following values Root Designated Alternate Back up Master or Disabled Displays the state of the selected port Edge Port Oper Displays the operating Edge Port state P2P MAC Conf Displays the P2P MAC state P2P MAC Oper Displays the operating P2P MAC state Port Role Displays the port role Shows each MST Bridge Port that is assigned a port role for each spanning tree Displays the state of the selected port 103 Indicates the current STP state of a port If en abled the Port State determines what forwarding action is taken regarding traffic The possible port states are e Disabled STP is disabled on the port The port forwards traffic while learning MAC addresses e Blocking The port is blocked and cannot be used to forward traffic or learn MAC addresses e Listening The port is in listening mode The port cannot forward traffic or learn MAC addresses in this state e Learning The port is in learning mode The port cannot forward traffic However it can learn new MAC addresses e Forwarding The port is in forwarding mode The port can forward traffic and learn new MAC addresses in this state
18. 2 4GHz None None No No No 7 enabled or disabled 8 Disabled EnGeniusE8BA1D_8 2 4GHz None None No No No 8 VLAN Isolation Displays whether VLAN Isolation feature is enabled or disabled WLAN Settings 5GHz gt Advanced Settings VLAN ID Displays the VLAN ID associated with the SSID 32 SSID Configuration VLAN Isolation Select Enable to prevent wireless clients SSID Config from communicating with any other device Basic Setting Enable SSID Enable Disable on a different VLAN aa VLAN ID Enter the VLAN ID for the SSID profile The Client Isolation Enable Disable range is from 1 4094 VLAN Isolation Enable Disable VLAN ID 1 1 4094 Enable Traffic Enable Disable Traffic Shaping Shaping Download Limit Mbps 1 999 Traffic Shaping Upload Limit Mbps 1 999 Fast Roaming only with WPA2 or WPA Mixed Enterprise security Traffic Shaping regulates the flow of packets leaving an D interface to deliver improved Quality of Service Enable Traffic Select to enable or disable Wireless Traffic Shaping Shaping for the Access Point Basic Settings Download Limit The Download Limit specifies the wireless transmission speed used for downloading The range is from 1 999 Mbps Enable SSID Select to enable or disable the SSID broadcasting feature Select the SSID for the current profile This is the name that is visible to wireless clients on the network Security None No Authentication
19. 802 3 at af ports PoE port management loopback detection and IGMP snooping Package Contents Your EnGenius EWS Switch package will contain the following items EnGenius Switch Power Cord RJ45 Console Cable Rack Mount Kit Quick Installation Guide all items must be in package to issue a refund Maximum data rates are based on IEEE 802 3ab standards Actual throughput and range may vary depending on distance between devices or traffic and bandwidth load in the network Features and specifications subject to change without notice Trademarks and registered trademarks are the property of their respective owners For United States of America Copyright 2014 EnGenius Technologies Inc All rights reserved Compliant with FCC This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his her own expense 8 Technical Specifications Standard D EWS5912FP EWS7928P EWS7952FP Ports ES CCE P
20. BPDUs the Switch with the lowest priority value becomes the root bridge The bridge priority is a multiple of 4096 If you specify a priority that is not a multiple of 4096 the priority is automatically set to the next lowest priority that is a multiple of 4096 For example if you set the priority to any value from O through 4095 the priority is set to 0 The default priority is 32768 The valid range is from 0 61440 The Internal Path Cost setting allows you to specify the relative cost of sending spanning tree traffic through the interface to adjacent bridges within a spanning tree region Displays the operation cost of the path from this bridge to the Root Bridge This is the bridge identifier of the CST Regional Root It is made up us ing the bridge priority and the base MAC address of the bridge Internal Path Cost Conf Internal Path Cost Oper Regional Root Bridge Internal Root Cost Displays the path cost to the designated Port State root for the selected MST instance Designated Bridge Displays the Bridge Identifier of the bridge for the Designated Port It is made up using the bridge priority and the base MAC address of the bridge Internal Port Cost This parameter is set to represent the rel ative cost of forwarding packets to spec ified ports when an interface is selected within an STP instance Selecting this parameter with a value in the range of 1 to 200000000 will set the quickest route
21. Local Device Remote Device IGMP Snooping MLD Snooping 110 Chassis ID L BDC 96060605 ee 00 02 6F ED 58 BC w BS name Time A Auto PortiD Remote System To Negotiation Negotiation Subtype ID ly assigned Ve Interfac 2 EGS728P 113 Enabled Enabled brdan Auto Negotiation Name Live Supported Enabled Capabilities TestAP 59 Disabled Disabled Advertised Operational Frame MAU Type Size 7 TO00BASE T full duplex 1622 1X mode 802 3 Link 802 3 Link 802 3 Link Aggregation Aggregation Aggregation Capability Status Port ID Capable of Not currently being in 0 aggregated aggregation IGMP Snooping Internet Group Management Protocol IGMP Snooping allows a Switch to forward multicast traffic intelligently Multicasting is used to support real time applications such as videoconferencing or streaming audio A multicast server does not have to establish a Separate connection with each client It merely broadcasts its service to the network and any host that wishes to receive the multicast register with their local multicast Switch A multicast group is a group of end nodes that want to receive multicast packets from a multicast application After joining a multicast group a host node must continue to periodically issue reports to remain a member Any multicast packets belonging to that multicast group are then forwarded by the Switch from the port A Switch supporting IGMP Snooping
22. appears as a single interface rather than several separate interfaces IPIP enables tunnel intranets occur the internet and provides an alternative to source routing e TCP Transmission Control Protocol TCP Enables two hosts to communicate and exchange data streams TCP guarantees packet delivery and guarantees that packets are transmitted and received in the order they are sent e EGP Exterior Gateway Protocol EGP Permits exchanging routing information between two neighboring gateway hosts in an autonomous systems network e IGP Interior Gateway Protocol IGP Enables a routing information exchange between gateways within an autonomous network e UDP User Datagram Protocol UDP UDP is a communication protocol that transmits packets but does not guarantee their delivery e HMP The Host Mapping Protocol HMP collects network information from various networks hosts HMP monitors hosts spread over the internet as well as hosts in a single network e RDP Reliable Data Protocol RDP provides a reliable data transport service for packet based applications e IPv6 Matches the packet to the IPV6 protocol e IPv6 Rout Routing Header for IPv6 e IPv6 Frag Fragment Header for IPv6 e RVSP Matches the packet to the ReSerVation Protocol RSVP eIPv6 ICMP The Internet Control Message Protocol ICMP allows the gateway or destination host to communicate with the source host e OSPF
23. can configure the Port Settings for DoS is defined for the Switch Select from the drop down list whether Select Enabled or Disabled for the DoS you wish to Enable or Disable DoS Protection for the rotert Eatu tOr INE SEEEN part Switch Click Apply to save the changes to the system Controller Switch Port Settings Le System Port DoS Protection lt 12 Feature FR a amp Management Oo 1 Disabled E 2 Disabled QoS TUE mn 3 Disabled D 802 1x E 4 Disabled Radius Server m 5 Disabled gt Access Port Security 8 Zosen DoS o 7 Disabled Global Settings F 3 Disabled Port Settings 5 EI 9 Disabled Monitoring Diagnostics fA 10 Disabled E 11 Disabled Ta 12 Disabled 176 Mon Itorin g Displays the port for which statistics are displayed RXByte Displays the number of all packets received on the Port Statistics port RXUcast Displays the number of Unicast packets received on the port The Port Statistics section displays a summary of all port RxNUcast Displays the number of Unicast packets received on traffic statistics regarding the monitoring features on the port the Switch RXDiscard Displays the number of received packets discarded on the port ee 1 TXByte Displays the number of all packets transmitted on B Controler Switch Port Statistics the port deg eer er TTT TT TXUcast Displays the number of Unicast packets transmit e kk EH 1 ted on port SE TXNUcas
24. can passively snoop on IGMP Query Report and Leave packets transferred between IP Multicast Switches and IP Multicast hosts to determine the IP Multicast group membership IGMP Snooping checks IGMP packets passing through the network and configures Multicasting accordingly Based on the IGMP query and report messages the Switch forwards traffic only to the ports that request the multicast traffic It enables the Switch to forward packets of multicast groups to those ports that have validated host nodes The Switch can also limit flooding of traffic to IGMP designated ports This improves network performance by restricting the multicast packets only to Switch ports where host nodes are located IGMP Snooping significantly reduces overall Multicast traffic passing through your Switch Without IGMP Snooping Multicast traffic is treated in the same manner as a Broadcast transmission which forwards packets to all ports on the network IGMPv1_ Defined in RFC 1112 An explicit join message is sent to the Switch but a timeout is used to determine when hosts leave a group IGMPv2_ Defined in RFC 2236 Adds an explicit leave message to the join message so that Switch can more easily determine when a group has no interested listeners ona LAN IGMPv3 Defined in RFC 3376 Support for a single source of content for a multicast group 111 Global Settings Click to enable or disable the IGMP Snooping feature for the Switch Next s
25. extent of the subnet that the Switch is on This should be labeled in the form XXX XXX XXX XXX where each xxx is a number represented in decimals between O and 255 The value should be 255 0 0 0 for a Class A network 255 255 0 0 for a Class B network and 255 255 255 0 fora Class C network but custom subnet masks are allowed Enter the IP subnet mask of your Switch in dotted decimal notation The factory default value is 255 255 255 0 69 Gateway DNS Server Domain Name System Enter an IP address that determines where packets with a destination address outside the current subnet should be sent This is usually the address of a router or a host acting as an IP gateway If your network is not part of an Intranet or you do not want the Switch to be accessible outside your local network you can leave this field blank Used for mapping a domain name to its corresponding IP address and vice versa Enter a DNS IP address in order to be able to use a domain name to access the Switch instead of using an IP address Apply Click APPLY to update the the system settings IPv6 IPv6 is a an upgraded version to IPv4 providing more available IP addresses as well as other benefits To ac cess the Switch over an IPv6 network you must first configure it with IPv6 information IPv6 prefix prefix length and default gateway To configure IPv6 for the Switch select whether to you wish to enable Auto Con figuration Sta
26. if you have wireless clients that are associated with the same Access Point Changing the RTS threshold can help con trol traffic flow through the Access Point If you specify a lower threshold value RTS packets will be sent more frequently This will consume more bandwidth and re duce the throughput of the Access Point Sending out more RTS packets can help the network recover from interference or collisions which might occur on a busy network or on a network experiencing electromagnetic interference Aggregation Select whether to enable or disable Ag gregation for the Access Point This func tion merges data packets into one packet reducing the number of packets This also increases the packet sizes so please keep this in mind Aggregation is useful for increasing bandwidth throughput in environments that are prone to high error rates This mode is only available for 802 11n modes Fill in the frame rate limit you wish to use The range is from 1 32 Next fill in the max byte limit The range is from 2304 65535 Click Apply to save the changes to the system 31 Wireless Settings 3 Controller Switch WLAN Settings 2 4GHz 5GHz EE Summary General Settings Access Points Wireless Radio Settings pee gt WLAN Settings 2 4GHz AP Clusters Under the WLAN Settings you can create and manage eee Statistics 4 WLAN Settings 5GHz SSID configurations and profiles for the Access Points en EE
27. it takes a querier to detect the loss of the last member of a group 115 Group List The Group List displays VLAN ID Group IP Address and Members Port in the IGMP Snooping List Controller Switch Group List Le System lt L Feature p Link Aggregation VLAN ID Group IP Address Member Ports Mirror Settings gt STP p MAC Address Table gt LLDP IGMP Snooping Global Settings VLAN Settings b v el e Querier Settings Group List Router Settings b MLD Snooping 2i VLAN amp Management Z ACL amp QoS Security Router Settings VLAN ID Displays the VLAN ID The Router Settings shows the learned multicast router Router Ports Auto Learned The Switch will auto detect the prescence of a multicast router and attached port if the port is active and a member of the forward IGMP pacets accordingly VLAN Select the VLAN ID you would like to configure Dynamic Port List Displays router ports that have and enter the Static and Forbidden ports for the specified been dynamically configured VLAN IDs All IGMP packets snooped by the Switch will be Forbidden Port List Designates a range of ports as being disconnected to multicast enabled forwarded to the multicast router reachable from the port routers Ensures that the forbidden router port will not propagate e routing packets out ER a Static Port list Designates a range of ports as VLAN ID Router Ports AutoLea
28. network and it is equivalent to a spanning tree in an STP RSTP The CIST inside a Multiple Spanning Tree Instance MST region is the same as the CST outside a region All regions are bound together using a CIST which is responsible for creating loop free topology across regions whereas the MSTI controls topology inside regions CST instances allow different regions to communicate between themselves CST is also used for traffic within the region for any VLANs not covered by a MSTI In an MSTP enabled network there is only one CIST that runs between MST regions and single Spanning tree devices A network may contain multiple MST regions and other network segments running RSTP Multiple regions and other STP bridges are interconnected using a single CST 95 CIST Port Settings h CIST Instance Settings Enter the information to set UP CIST for the Switch Maximum Age The Max Age may be set to ensure that old information does not endlessly circulate through redundant paths in the network preventing the effective propagation of new information Set by the Root Bridge this value will aid in determining that the Switch has spanning tree configuration values consistent with other devices on the bridged LAN The user may choose a time between priority will be chosen as the root bridge A 6 and 40 seconds The default value is 20 lower value has a higher priority The default seconds value is 32768 and should be an exa
29. output power may be limited to 10 mW EIRP in the frequency range of 2454 2483 5 MHz For detailed information the end user should contact the national spectrum authority in France C E05600 Cesky Czech m no v robce t mto prohla uje Ze tento typ za zen je ve shod se z kladn mi po adavky a dal mi p slu n mi ustanoven mi sm rnice 1999 5 ES Dansk Danish Undertegnede fabrikantens navn erkl rer herved at f lgende udstyr udstyrets typebetegnelse overholder de v sentlige krav og vrige relevante krav i direktiv 1999 5 EF Deutsch German Hiermit erkl rt Name des Herstellers dass sich das Ger t Ger tetyp in bereinstimmung mit den grundlegenden Anforderungen und den brigen einschl gigen Bestimmungen der Richtlinie 1999 5 EG befindet Eesti Estonian K esolevaga kinnitab tootja nimi name of manufacturer seadme seadme t p type of equipment vastavust direktiivi 1999 5 EU p hin uetele ja nimetatud direktiivist tulenevatele teistele asjakohastele s tetele English Hereby name of manufacturer declares that this type of equipment is in compliance with the essential requirements and other relevant provisions of Directive 1999 5 EC Espa ol Spanish Por medio de la presente nombre del fabricante declara que el clase de equipo cumple con los requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999 5 CE
30. received in the correct order The traffic load of the LAG will be balanced among the ports according to Aggregate Arithmetic If the connections of one or several ports are broken the traffic of these ports will be transmitted on the normal ports so as to guarantee the connection reliability When you aggregate ports the ports and LAG must fulfill the following conditions e All ports within a LAG must be the same media format type e A VLAN is not configured on the port e The port is not assigned to another LAG e The Auto negotiation mode is not configured on the port e The port is in full duplex mode e All ports in the LAG have the same ingress filter ing and tagged modes e All ports in the LAG have the same back pressure and flow control modes e All ports in the LAG have the same priority e All ports in the LAG have the same transceiver type 81 ePorts can be configured as LACP ports only if the ports are not part of a previously configured LAG LACP is a dynamic protocol which helps to automate the configuration and maintenance of LAC s The main purpose of LACP is to automatically configure individual links to an aggregate bundle while adding new links and helping to recover from link failures if the need arises LACP can monitor to verify if all the links are connected to the authorized group LACP is a standard in comput er networking hence LACP should be enabled on the Switch s trunk ports in
31. received signal strength indica tor in terms of dBm 40 AP Clusters An Access Point Cluster is a dynamic configura tion aware group of Access Points in the same subnet of a network A cluster provides a single Access Point to manage the group of Access Points as a single wireless network instead of a series of separate devices Click ing on the Device Name field of an Access Point that is already assigned to a cluster will direct you to a Wireless Settings page where you can only change the Device Name Password amp IP Settings of the Access Point se lected Wireless Radio settings can be configured for in dividual Access Points by overriding the cluster settings Cluster Name Displays the name of cluster group Displays the number of Access Points assigned to this cluster group Displays the device name and MAC address of all Access Points assigned to this cluster group Show a description of the cluster group To manage a cluster on an Access Point AP Clusters Cluster Name Member List Description Add Add Creates a new Cluster 41 Edit Edits Cluster settings for a cluster AP Clusters ler Switch Cluster Name Jember Lis d EWS3104P 88 DC 96 01 9B 86 Sales Dept D Delete Deletes a Cluster 1 Enter the name and description of the new cluster and choose your country from the drop down menu 2 In the Member Setting section all Access Points that are ma
32. show hide Total Traffic Rx Traffic Tx Traffic Client Number Select a time increment to monitor statistics by 3 hrs 6 hrs 9 hrs 12 hrs 1 day 1 week or 2 weeks 56 Wireless Clients ae i r i vei EWS310AP e Total Sort descending In addition to viewing information based on specific Ac SS cess Points vou can view data via specific clients as well DEE for secuirty purposes Select the Access Point you wish 4 7A88 87 E3 1B C7B215736FE to view and check whether you wish to include Tx Rx A TA 8841 8C07 or total usage for the client Next click Sort to view your 2782794238 8 87 96 FE B8 29 results 5 9B 9C 92 2C 7D Y0CE7B21C D8 20 64 32 14 4F A0 10 B3 3F 1F F6 65 0 40 06 38 D7 17 3 99 C4 A2 7A 2D C 25 78 F7 0F AA 80D2E 07 A4 A0 Wireless Clients Click on the bar in the Managed APs chart to display the traffic of the selected AP Managed APs Total Sort descending by traffic lt En Cliert Number B EWS310AP EWS310AP ew EWS310AP 57 EWS310AP Total Sort descending e Total Sort descending by client number Traffic Byte 0B 10MB 20MB 30MB 40MB 50MB 60MB CR 84 7A 88 87 E3 1B Total Rx Tx Use the buttons to toggle between Total pee Sa er Traffic Rx Traffic and Tx Traffic 10 7821 94E238 fl D 8 87 96 FE B8 29 Sorting Use this button to sort the order to ascending Serie i 00 0C E7 B2 1C D8 desce n d ng 20 64 32 14 4F A0 D0 B3 3
33. so that administrators can know where the problem lies Note that the topology of the network needs to be saved for this function to work properly Choosing an Access Point to Diagnose The list will show the current status of Access Points on the network Select an Access Point to begin a diagnos tic test If multiple Access Points are connected use the search bar to the top right of the page to find the Access Point you wish to troubleshoot EnGenius kd Ei 9 B Backup Upgrade Reset Reboot Logout EWS7928P 24 Port Gigabit PoE L2 Wireless Management Switch with 4 Dual Speed SFP Troubleshooting Controller Switch amp Device Management Select an AP to diagnose MAC Address Q IP Address lt amp Visual Monit oring Status g Device Name 2 Statistics CO Online EWS3104P Maintenance EI Online EWS3104P SSL Certificate e Es EWS310AP Troubleshooting z E Online EWS310AP Bulk Upgrade 10 1to40of4 AP s 61 00 02 6F E8 BA 1C 00 06 2F E8 BA 2E 88 DC 96 0C 95 98 00 02 6F ED 5B 8E 192 168 10 127 192 168 10 123 192 168 10 163 192 168 10 122 Previous Next The controller will run a diagnostic test for the selected Access Point Click Start to run the test The test take a few minutes to complete Afterwards the results will display on the page Troubleshooting Start Status d Online Troubleshooting Show All Status s Online EWS7928P 88 DC 96 0E 92 CC Connect
34. the Switch to complete booting up It might take a minute for the Switch to completly boot up Connect one end of a Category 5 6 Ethernet cable into the Gigabit 10 100 1000 Ethernet port on the Switch front panel and the other end to the Ethernet port on the computer Verify that the LED on the Ethernet ports ofthe Switch are green Once your computer is on ensure that your TCP IP is set to On or Enabled Open Network Connections and then click Local Area Connecton Select Internet Protocol Version 4 TCP IPv4 If your computer is already on a network ensure that you have setittoaStaticIP Address onthe Interface Example 192 168 0 10 andthe Subnet mask address as 255 255 255 0 5 8 9 login Open a web browser on your computer In the address bar of the web browser enter 192 168 0 239 and click Enter screen will appear By default the username is admin and the password is password Enter the current password of the Switch and then click Login Once logged in click IP Settings under the System tab and select IPv4 or IPv6 Click DHCP under Auto Configuration Click Apply to save the settings 10 Connect the Switch to your network DHCP enabled 11 0n the DHCP server find and write down the IP address allocated to the device Use this IP address to access the management interface Discovery on a Network without a DHCP Server This section describes how to setup the Switch in a network withou
35. to Enable or Disable the VLAN ID Port Displays the ports for which the 802 1X information is displayed Select the Auto or Force_UnAuthorized or Force_Authorized mode from the list Re Authentication Select whether port reauthenticati on is Enabled or Disabled Re authentication Enter the time span in which the selected period port is reauthenticated The default is 3600 seconds Quiet Period Enter the number of the device that remains in the quiet state following a failed authentication exchange The default is 60 seconds Supplicant Period Enter the amount of time that lapses before an EAP request is resent to the supplicant The default is 30 seconds Max Retry Enter the maximum number of times that the Switch retransmits an EAP request to the client before it times out the authentication session The default is 2 times Guest VLAN ID Select whether guest VLAN ID is Enabled or Disabled 164 Controller Rewathortication Supplicant Authorized Reauthentication period Quiet Period Period Max Bern Status Guest VLAN w Enabled el 3600 60 Ei 2 amp Management Enabled 2600 a D 2 AUTHNMIALZE Enabled KA Gier 3600 D 30 2 AUTH INALTE Enabled Eier 3600 D D 2 AUTHNMALGE Enabled Sp m 4 Disabled Eeer 3600 e H 2 AUTHINTIALZE Enabled Global Settings p 5 Disabled Eet 3600 e D 2 AUTHINTIALGE Enabled Port Settings reegen 6 Disabled Grieg 3600 D 3 AUTHLNTIALZE Enabled Radius Server p 7 Disable
36. using the Dynamic Host Configuration Protocol DHCP DHCP assigns dynamic IP addresses to devices on a network DHCP ensures that network devices have a different IP address every time the device connects to the network To access the page click IPv4 under IP Settings in the System menu Select whether to you wish to enable Static or DHCP for Auto Configuration Next enter the information for the IP address gateway and DNS servers D Important If the device fails to retrieve an IP address through DHCP then the default IP address is 192 168 0 239 and the factory default Subnet mask is 255 255 255 0 Dynamic IP Address DHCP Static IP Address IP Address Subnet Mask Enables the IP address to be configured automatically by the DHCP server Select this option if you have a DHCP server that can assign the Switch an IP address subnet mask default gateway IP address and a domain name server IP address automatically Selecting this field disables the IP Address Subnet mask and Gateway fields Allows the entry of an IP address subnet mask and a default gateway for the Switch Select this option if you don t have a DHCP server or if you wish to assign a Static IP address to the Switch This field allows the entry of an IPv4 address to be assigned to this IP interface Enter the IP address of your Switch in dotted decimal notation The factory default value is 192 168 0 239 A Bitmask that determines the
37. version higher than the specified version this packet will be dropped The report suppression feature limits the amount of membership reports the member sends to multicast capable routers Global Settings Apply Click Apply to update the system settings IGMP Snooping 4 MLD Snooping Global Settings VLAN Settings 118 VLAN Settings If the Fast Leave feature is not used a multicast querier will send a GS query message when an MLD group leave message is received The querier stops forwarding traffic for that group only if no host replies to the query within the specified timeout period If Fast Leave is enabled the Switch assumes that only one host is connected to the port Therefore Fast Leave should only be enabled on a port if it is connected to only one MLD enabled device Controller Switch VLAN Settings System VLAN ID MLD Snooping Status Fast Leave Enabled x aw 8 lt L2 Feature 1 Enabled b Link Aggregation Mirror Settings p gt STP b MAC Address Table b LLDP IGMP Snooping 4 MLD Snooping Global Settings VLAN Settings Group List Router Settings 3 VLAN Management ACI 4 QoS Security amp Monitoring Fast Leave does not apply to a port if the Switch has learned that a multicast querier is attached to it Fast Leave can improve bandwidth usage for a network which frequently experiences many MLD host add and leave requests VLA
38. 00 kilobits per second If the rate of broadcast traffic ingress on the interface increases ontroler Switch Storm Control beyond the configured threshold the Port Status Broadcast kbps Unknown Multicast kbps Unknown Unicast kbps traffic is dropped Se oppen o 10000 on uen Unknown Unicast Enter the Unknown Unicast rate in kilobits 2 Disstied om 10000 on 10000 om 10000 per second The Gigabit Ethernet ports HN ou on 1000 of 0000 om 1000 have a maximum speed of 1000000 CoS lapping css On 10000 on 10000 Om 10000 kilobits per second If the rate of broadcast Osc Ween Sai ocon ofr 10000 omg traffic ingress on the interface increases Leem ege om 1000 om 11000 of 00 beyond the configured threshold the Storm Contral T Disatied Of 10000 Of 10000 CA 10000 traffic IS dropped P Security a Disabled OF 10000 Of 10000 OFF 10000 amp Monitoring Tn H Disstied ON 10000 On 10000 10000 10 Disatied Of 10000 Off 10000 Off 10000 11 Disatied ON 10000 Of 10000 Of 10000 H 12 Disabled OR 10000 Off 10000 CF 10000 161 Security 802 1X The IEEE 802 1X standard authentication uses the RADIUS Remote Authentication Dial In User Service protocol to validate users and provide a security standard for network access control The user that wishes to be authenticated is called a supplicant The actual server doing the authentication typically a Radius server is called the authentic
39. 2 3at All ports can support PoE up to 30W Ports 1 24 can supply about 48 VDC power to Powered Devices PDs over Standard UTP Ethernet cables The Switch follows the Standard PSE Power Sourcing Equipment pinout whereby power is sent out over pins 1 2 3 and 6 EGS5212FP Ports 1 8 supports both IEEE802 3 af and at The maximum power budget is 130 Watts EGS7228P Ports 1 24 supports both IEEE802 3 af and at The maximum power budget is 185 Watts EGS7228FP Ports 1 24 supports both IEEE802 3 af and at The maximum power budget is 370 Watts and 720 Watts when you are using the EnGenius RPS370 external redundant power supply EGS7252FP Ports 1 48 supports both IEEE802 3 af and at The maximum power budget is 740 Watts To access the page click PoE Port Settings under PoE in the System Menu 76 Priority Displays the specific port for which PoE parameters are defined PoE parameters are assigned to the powered device that is connected to the selected port e Enable Enables the Device Discovery protocol and provides power to the device using the PoE module The Device Discovery Protocol lets the device discover powered devices attached to device interfaces and learns their classification e Disable Disables the Device Discovery protocol and halts the power supply delivering power to the device using the PoE module Select the port priority if the power supply is low The field default is Low For example if the power supp
40. 3 Querier Settings VLAN ID Displays the VLAN ID Querier State Select whether to Enable or Disable IGMP snooping requires that one central Switch to pe the IGMP querier state for the spec riodically query all end devices on the network to an ified VLAN ID f f A querier can periodically ask their nounce their Multicast memberships and this central hosts if they wish to receive mul device is the IGMP querier The snooping Switch sends ticast traffic The Querier feature out periodic queries with a time interval equal to the will check tld to receive multicast traffic when configured querier query interval The IGMP query keeps enabled An Elected queri r will membership information If the Switch does not received LAN for group members and then the updated membership information then it will stop propagates the service requests on f ding multicasts to specified VLANS EN EH orwarding P i to ensure that it will continue to receive the multicast service This feature is only supported for IG SS MPv1 and v2 snooping o Ae zess resone tene QUerier Version Enter the version of IGMP packet SS Et that will be sent by this port If an IGMP packet received by the port has a version higher than the specified version this packet will be dropped Robustness Provides fine tuning to allow for expected packet loss on a subnet It is used in calculating the following IGMP message intervals The de fault is 2 Inter
41. 5 MAC ACL This page displays the currently defined MAC based ACLs profiles To add a new ACL click Add and enter the name of the new ACL D System lt L2 Feature 3 VLAN char 1 32 Q Management Z ACL MAC ACL MAC ACE IPv4 ACL IPv4 ACE IPv6 ACL IPv6 ACE ACL Binding 4 QoS P Security amp Monitoring A Diagnostics Index Profile identifier Enter the MAC based ACL name You can use up to 32 alphanumeric characters Click the Apply button to accept the changes or the Cancel button to discard them 146 Mac Based ACE Use this page to view and add rules to MAC based ACLs Mac Based ACE Mac Based ACE ACL Name MAC ACL MAC ACE IPv4 ACL Action Permit Destination MAC Address User Defined IPv4 ACE Destination MAC Value IPv6 ACL IPv6 ACE Destination MAC Mask Source MAC Address User Defined Source MAC Value Ion Source MAC Mask VLAN ID Range 1 4094 802 1p Value Range 0 7 Ethertype Value Hex Range 05DD FFFF ACL Name Select the ACL from the list Sequence Enter the sequence number which sig nifies the order of the specified ACL relative to other ACLs assigned to the selected interface The valid range is from 1 2147483646 1 being processed first Select what action taken if a packet matches the criteria e Permit Forward packets that meet the ACL criteria e Deny Drops packets tha
42. 5 enables multiple VLANs to be mapped to redu cethe number of spanning tree instances needed to sup port a large number of VLANs If there is only one VLAN in the network a single STP works appropriately H the network contains more than one VLAN however the logical network configured by a single STP would work but it becomes more efficent to use the alternate paths available by using an alternate spanning tree for different VLANs or groups of VLANs MSTP which is based on RSTP for fast convergence is designed to sup port independent spanning trees based on VLAN groups MSTP provides multiple forwarding paths for data traffic and enables load balancing STP and RSTP prevent loops from forming by ensuring that only one path exists between the end nodes in your network RSTP is designed as a general replacement for the slower legacy STP RSTP is also incorporated into MSTP With STP convergence can take up to a minute to complete in a larger network This can result in the loss of communication between various parts of the network during the convergence process so STP can subsequent ly can lose data packets during transmission 90 RSTP on the other hand is much faster than STP It can complete a convergence in seconds so it greatly dimin ishes the possible impact the process can have on your network compared to STP RSTP reduces the number of State changes before active ports start learning pre defining an alternate route th
43. 6 E 11 Disabled 256 12 Disabled 256 Enter the maximum number of MAC Addresses that can be learned on the port The range is from 1 256 Max MAC Address Port Displays the port for which the port security is defined State Select Enabled or Disabled for the port security feature for the selected port Click Apply to save the changes to the system 173 DoS DoS Denial of Service is used for classifying and blocking specific types of DoS attacks From here you can configure the Switch to monitor and block different types of attacks Global Settings Swich Global Settings DMAC SMAC Select Enabled or Disabled from the list Select Enabled or Disabled from the list UDP Blat Select Enabled or Disabled from the list TCP Blat Select the Enabled or Disabled from the list GE Select the Enabled or Disable from the list Fragment Minimal Enter the minimal size Size IPv6 Min Fragment Select Enabled or Disabled from the list Bytes Enter the size of IPv6 packets The range is from 0 65535 ICMP Fragment Select Enabled or Disabled from the list 174 DMAC SMAC Select Enabled or Disabled from the list Select Enabled or Disabled from the list UDP Blat Select Enabled or Disabled from the list UT EL nabled TCP Blat Select the Enabled or Disabled from the list IPv6 Ping Max Size Enabled EX Ping Max Size Select the Enabled or Disable from the Ping Max Size Settin
44. AN Port Security Port Isolation Storm Control Attack Prevention Access Control List ACL Telnet Server TFTP Client Web based support SNMP v1 support L2 Features Continued SNMP vec support SNMP v3 support TFTP upgrade Command Line Interface CLI SNTP RMONv1 SYSLOG Cable Diagnostics MIB Support RFC1213 RFC1493 RFC1757 RFC2674 PoE Management Power on off per port Power Class Configuration Power feeding with priority User defined power limit Wireless Management Features Wireless Network Management Manage up to 20 EWS591 2FP SO EWS7928P EWS7952FP Access Points AP Auto Discovery and Provisioning AP Auto IP Assignment AP Cluster Management Wireless Configuration Remote AP Rebooting AP Device Name Editing AP Radio Settings Band Steering Traffic Shaping AP Client Limiting Fast Handover Fast Roaming Guest Network Wireless Security WEP WPA WPA2 Enterprise WPA PSK WPA2 PSK VLANs for Access Point Multiple SSID Wireless Network Monitoring AP Status Monitoring Wireless Client Monitoring Wireless Traffic and Usage Statistics Visual Topology View Floor Plan View Map View Wireless Network Security Secure Control Messaging SSL Certificate Management Local MAC Address Database Remote MAC Address Database RADIUS Unified Configuration Import Export Intelligent Diagnostic Bulk Firmware Upgrade Physical Interface Dimensions and Dimensions EWS5912FP EWS7928P Wi
45. CoS Mode Operate Status eature P TA Enabled El x El Apply Click Apply to update the system settings 802 1Q al 1 Disabled Src del 2 Disabled Src _ Management VLAN P 3 Disabled Sre 4 Voice VLAN e Global Settings 4 Disabled Src eh A al 5 Disabled Sic Port Settings 6 Disabled Sre Management ACL a 7 Disabled Src QoS 8 Disabled Sre _ Security E 9 Disabled Src Monitoring Diagnostic s 10 Disabled Sre _ EI 11 Disabled Src 12 Disabled Sre 131 Management System Information The System Information screen contains general device information including the system name system location and system contact for the Switch System Name System Location System Contact Enter the name you wish to use to identify the Switch You can use up to 32 alphanumeric characters The factory default name is EWS7228P Enter the location of the Switch You can use up to 32 alphanumeric characters The factory default is Default Location Enter the contact person for the Switch You can use up to 160 alphanumeric characters The factory default is Default Location Click Apply to save the changes to the system W Controller Swich System Information System lt L2Feature WE amp Management System Information User Management b File Management gt SNMP 7 ACL Bet Information System Location P Security amp Monitoring Diagnostics System Name EVVS7928P Def
46. E lt Visual Monitoring Q Topology View es hee image Steg Gi Map View 4 Floor View CG GE Floorplan Image S e 8 f 1st Floor 65 Eat alle Floorplan View la CAE i Statistics 10 1to 1 of 1 Image s Previous Next b Maintenance 52 Status Dashboard Floorplan View Total Displays the total memory storage space allocated Floor View for uploading custom floorplans Available AE memory storage space that is currently From this page the administrator can place Access Displays the memory storage space that is Points onto the custom uploaded image by drag currently in use ging and dropping markers in the Access Point list Shows a preview of a custom uploaded image Name Shows the name of the custom uploaded image Image Size Displays th e file size of the custom uploaded image EnGenius EWS7928P 24 Port Gigabit PoE L2 Wireless Management Switch with 4 Dual Speed SFP Floor View ch Managing Images me en a Device Name Add Uploads a new image The campatible formats are GIF PNG or JPG format up to 819 KB per image EWS3104P EWS3104P EWS3104P D lt D 9 EWS3104P Edit Edits the name of the uploaded image Delete Removes an uploaded image 53 Navigating Tips lt to scroll up down left or right Use d Use to Zoom in out Alternatively you can use the mouse to navigate by clicking and dragging the left mouse butt
47. F 1F F6 65 Total eo Sort descending 00 40 96 38 D7 17 4C 25 78 F7 0F AA 98 0D 2E 07 A4 A0 Total Rx Tx Use the buttons to toggle between Total Traffic Rx Traffic and Tx Traffic Sorting Use this button to sort the order to ascending descending Place mouse cursor over a bar in the chart to show details of the wireless client on 1006 155 a 80MB 3 60MB 105 S 40MB E z F 20MB Tx 83 19MB Total 91 48MB EWS3 10AP EWS310AP Place your mouse cursor over a bar in the chart or on the name of an Access point to show details of a selected Access Point Next click on the bar to show the traffic of the Access Point in a chart 58 Maintenance EH Create a self signed SSL Certificate for secured data encryption between EWS and Wireless Access Point s AP s will reconnect using new certification information upon applying changes SSL Certificate cei Common Name 1 32 characters The Secure Socket Layer protocol is used to ensure Nine _ secure transactions and transmissions between web Local Ci 1 32 characters servers and browsers An SSL certificate serves as an ee Ee electronic passport that establishes an online entity s Vaid Unit 02 10 2000 Gare 12372087 credentials when accessing the Web When a user at tempts to send confidential information to a Web server the user s browser must access the server s digital cer tificate and establishes a secure connection Adminis trators can cr
48. Global Settings VLAN Settings Querier Settings Group List Router Settings b MLD Snooping 2 VLAN amp Management 7 ACL 4 QoS Click the Apply button _ to accept the changes or the Cancel button oe to discard them VLAN ID Displays the VLAN ID IGMP Snooping Status Enables or Disables the IGMP snooping feature for the specified VLAN ID Fast Leave Enables or Disables the IGMP snooping Fast Leave for the specified VLAN ID Enabling this feature allows the Switch to immediately remove the Layer 2 LAN port from its forwarding table entry upon receiving an IGMP leave message without first sending out IGMP group specific GS queries to the port If Fast Leave is not used a multicast querier will send a GS query message when an IGMPv2 v3 group leave message is received The querier stops forwarding traffic for that group only if no host replies to the query within the specified timeout period If Fast Leave is enabled the Switch assumes that only one host is connected to the port Therefore Fast Leave should only be enabled on a port if it is connected to only one IGMP enabled device Fast Leave is supported only with IGMPv2 or IGMPv3 Snooping when IGMP Snooping is enabled Fast Leave does not apply to a port if the Switch has learned that a multicast querier is attached to it Fast Leave can improve bandwidth usage for a network which frequently experiences many IGMP host add and leave requests 11
49. IP Wildcard Enter the mask of the new source IP Mask address 152 VLAN ID Enter the VLAN ID to which the IP address GE is attached in IPv4 Based ACE The range is from 1 4094 802 1p Value Enter the 802 1p value The range is from from 0 7 Ethertype Value Enter the Ethertype value The range is from O5DD FFFF Select Any Protocol ID or Select from List from drop down menu e Protocol ID Enter the protocol in the ACE to which the packet is matched The range is from 0 255 e Select from List Select the ICMP from the list in the provided field ICMP Code Enter the ICMP code The range is from 0 255 Source Port Select Single or Range from the list Enter the source port that is matched to packets The range is from 0 65535 Destination Port Select Single or Range from the list Enter the destination port that is matched to packets The range is from 0 65535 Type of Service Enter the DSCP The range is from 0 63 153 ACL Binding Select the port for which the ACLs are bound to MAL ACL The ACL is MAC address based When an ACL is bound to an interface all the rules that have been defined for the ACL are applied to that in terface Whenever an ACL is assigned on a port or LAG flows from that ingress or egress interface that do not Click Apply to save the changes to the system match the ACL are matched to the default rule of drop ping unmatched packets To bind an ACL to an interface si
50. N ID Displays the VLAN ID MLD Snooping Status Select to Enable or Disable the MLD snooping feature for the specified VLAN ID Fast Leave Enables or Disables the MLD snooping Fast Leavefeature for the specified VLAN ID Enabling this feature allows the Switch to immediately remove the Layer 2 LAN port from its forwarding table entry upon receiving an MLD leave message without first sending out an MLD group specific GS query to the port Select from the drop down list whether to Enable or Disable MLD Snooping Next select to Enable or Disable Fast Leave for the specified VLAN ID Click the Apply button to accept the changes or the Cancel button oe to discard them 119 Group List The Group List displays the VLAN ID IPv6 Address and Members Port in the MLD Snooping List Controller Switch Group List D System lt L2 Feature b Link Aggregation Mirror Settings STP MAC Address Table kr LLDP e IGMP Snooping VLAN ID IPv6 Address Member Ports MLD Snooping Global Settings VLAN Settings Group List Router Settings VLAN Management ACI Security Monitoring 120 Router Settings The Router Settings feature shows the learned multicast router attached port if the port is active and a member of the VLAN Select the VLAN ID you would like to configure and enter the Static and Forbidden ports for the specified VLAN IDs that are utilizing MLD Snooping All MLD packets snooped by the Switch wil
51. P firmware onto EWS Switch flash 2 Once the Access Point firmware is downloaded onto the Controller the list of Access Points that were selected for the firmware upgrade will appear under Device List 3 Select the Access Points you wish to upgrade and click Add to Upgrade to start the firmware upgrading process 64 Chapter 3 Switch Management System The navigation pane at the left of the Web browser interface contains a System tab that enables you to manage your Switch and controller with features under the following main menu options Switch System L2 Features VLAN Management ACL QoS Security Monitoring Diagnostics Controller Device Management Visual Monitoring Statistics Maintenance The description that follows in this chapter describes configuring and managing the system settings within the Switch 66 Search Bar At the top right corner of the Graphical User Interface GUI is the search bar which you can use to find and jump to any of the Switch or Controller management features When you type in a word all possible results for that word in the navigation pane will appear Click on the results from the drop down list to open that management tab D Reset amp E Reboot Logout od Upgrade Summary e The Summary screen contains general device information 7 about the Switch including the device name Firmwa
52. P s Controller Switch 5 5 0 o Alist of devices that have been added to the network This sortable list consists of a filtering function where users can choose to 2 amp Device Management show hide columns that they wish to check By selecting the device name users will be redirected to the device information page Est acne HALLE BEES Summary D a Access Points Active Clients o Status Model Name MAC Address e Device Name IP Address Cluster AP Clusters Online EWS310AP 00 02 6F D7 AC 44 EWS310AP 192 168 10 162 lt Visual Monitoring Online EWS3104P 00 02 6F E8 BA 1C EWS310AP 192 168 10 127 Statistics Online EWS310AP 00 02 6F ED 5B 8E EWS310AP 192 168 10 122 1 Maintenance O Online EWS310AP 00 06 2F E8 BA 2E EWS310AP 192 168 10 123 B Online EWS310AP 88 DC 96 0C 95 98 EWS310AP 192 168 10 163 10 1to 5 of5AP s Previous Next p Click on the Device Name field of the Access Point you wish to configure and you will be directed to a screen where you can configure settings for the Access Point Click APPLY to update the system settings 28 Wireless Radio Settings 2 4 GHz Settings 5 GHz Settings Under 5 GHz Settings you can configure the radio set tings of the selected Access Point Under 2 4 GHz Settings vou can configure the radio set tings of the selected Access Point Wireless Settings Controller Switch amp Device Management P General Settings Summary Access Points 4 Wire
53. S310AP 00 02 6F E8 BA 1C EWS310AP 192 168 10 127 Statistics Online EWS310AP 00 02 6F ED 5B 8E EWS310AP 192 168 10 122 1 Maintenance Online EWS310AP 00 06 2F E8 BA 2E EWS310AP 192 168 10 123 Online EWS310AP 88 DC 96 0C 95 98 EWS310AP 192 168 10 163 10 v 1to50f5 AP s Previous Next amp 22 Refresh Countdown Timer This is the time left before the page auto refreshes The countdown is from 15 seconds This is the number of Access Points in the managed Access Point database that are configured to the Controller Controller Offline This is the number of Access Points that currently do not have an active connection with the Controller Managed APs This is a list of Access Points in the database that configured with the Controller Remove The Remove button romoves selected Access Points s from list Access Points removed will be automatically set to standalone mode with all settings restored to their factory default settings The Reboot button will reboot the selected Access Point s Search box Search for Access Points in the list using the following criteria Status model name MAC Address Device name IP Address Firmware Version Cluster Status This indicates the current status of the managed Access Point Model Name Shows the model name of the managed Access Point MAC Address Shows the MAC address of the managed Access Point 23 Device Name Displays the device name of the managed Access P
54. SNMP State Enables or Disables the SMNP function The default SNMP global State is Enabled Local Engine ID 10 64 Enter the Switch s Engine ID for the Characters remote clients A SNMPv3 engine is an independent SNMP agent that resides on the Switch This engine protects against message replay delay and redirection issues The engine ID is also used in combination with user passwords to generate security keys for authenticating and encrypting SNMPv3 packets Normally a local engine ID is automatically generated that is unique to the Switch This is referred to as the default engine ID If the local engine ID is deleted or changed all local SNMP users will be cleared and you will need to reconfigure all existing users Click Apply to save the changes to the system 138 View List SNMP uses an extensible design where the available information is defined by Management Information bases MIBs MIBs describe the structure of the management data of a device subsystem they use a hierarchical namespace containing Object Identifiers OID to organize themselves Each OID identifies a variable that can be read or set via SNMP The SNMP View List is created for the SNMP management station to manage MIB objects Click the New button to create a new entry View List View Name Subtree OID Subtree Mask View Type all A all Included cluded E v Q View Name Enter the view name The view name can con tain up to 30 alpha
55. TP is a Layer 2 protocol that runs on Switches Spanning Tree Protocol STP allows you to ensure that you do not create loops when you have redundant paths in the network STP provides a single active path between two devices on a network in order to prevents loops from being formed when the Switch is interconnected via multiple paths 88 STP uses a distributed algorithm to select a bridging device that serves as the root for the spanning tree network It does this by selecting a root port on each bridging device to incur the lowest path cost when forwarding a packet from that device to the root device It then selects a designated bridging device from each LAN which incurs the lowest path cost when forwarding a packet from that LAN to the root device Next all ports connected to designated bridging devices are assigned as designated ports After determining the lowest cost Spanning tree it enables all root ports and designated ports disabling all other ports Network packets are therefore only forwarded between root ports and designated ports eliminating any possible network loops STP provides a single active path between two devices on a network in order to prevent loops from being formed when the Switch is interconnected via multiple paths ler Swtch Global Settings Settings STP Stsie Enatled Disabled Apply Once a stable network topology has been established all bridges listen for Hello Bridge Protocol Data U
56. The lower the number the greater the probability the port will be chosen to forward packets 93 Edge Ports Controller Switch Port Settings An edge port changes its initial STP port state from a System i i i e e Pot External Path Cost Edge Port P2PMAC Migration stat blocking State to a forwarding state immediately without Link Aggregation Yes iml Vos lal going through listening and learning states right after Mirror Settings em 1 0 Yes Yes the port is configured as an edge port or when its link W e SS S status changes Edge Ports are not connected to LANS obal Settings Root Bridge E 3 0 Yes es that have span ning tree devices so Edge Ports do not Port Settings 4 0 Yes Yes receive Bridge Protocol Data Units BPDUs If an Edge ae EE 0 Yes Ve Port starts to receive BPDUSs it is no longer considered e i Ee an edge port to the Switch MST Instance Settings MST Port Settings H 7 0 Yes Yos de D ec Apply Click APPLY to update the the system settings gt LLD 7 p IGMP Snooping 8 be Lu MLD Snooping l 10 0 Yes Yes 3 VLAN 11 0 Yes Yes Management S 7 S aa 7 ACL 94 CIST Instance Settings The Common Instance Spanning Tree CIST protocol is formed by the spanning tree algorithm running among bridges that support the IEEE 802 1w IEEE 802 15 and IEEE 802 1D standard A Common and Internal Spanning Tree CIST represents the connectivity of the entire
57. acket marking at ingress est Click Apply to save the changes to the system B Controller Switch Port Settings System Port CoS Value Trust lt L2 Feature F Enabled Le i VLAN amp Management 1 Enabled Z AC i F 2 Enabled 4 QoS Global Settings a a CoS Mapping F 4 Enabled DSCP Mapping 5 0 Enabled Port Settings F 6 0 Enabled Bandwicth Control Storm Control T 0 Enabled P Security 8 0 nt E Monitoring EI 9 0 Enabled Diagnostics 10 0 Enabled F 11 0 Enabled 159 Bandwidth Control Port Displays the ports for which the bandwidth settings are displayed Select to Enable or Disable ingress on the The Bandwidth Control feature allows users to define interface the bandwidth settings for a specified port s Ingress Ingress Rate Enter the ingress rate in kilobits per second Rate Limit and Egress Rate The Gigabit Ethernet ports have a maximum speed of 1000000 kilobits per second Select from the drop down box to Enable or Disable egress on the interface Egress Rate Enter the egress rate in kilobits per second The LE Gigabit Ethernet ports have a maximum speed Bu Swich Bandwidth Control of 1000000 kilobits per second System lt Feat Port Ingress Ingress Rate kbps Egress Egress Rate kbps eature Oo Enabled 1000000 Enabled 1000000 e VLAN Click Apply to save the changes to the system amp Management I 1 Disabled Of Disabled OF
58. agement Max Hoe 2 255 Default 30 Cable Diagnostics Ping Test a Result Pv Ping Test Trace Route 193 Chapter 4 Maintenance Maintenance Maintenance functions are available from the maintenance Saving Configurations bar Maintenance functions include saving configuration settings upgrading firmware resetting the configuration to factory default standards rebooting the device and logging out of the interface wei Important You must save any setting changes before rebooting Failure to save results in loss of new The following represents the Maintenance Menu bar configuration changes Follow this procedure to save the configuration rd Ki 2 Save Upgrade Reset Reboot Logout 1 Click B to save the entire configuration changes you have made to the device to Switch 2 Click OK The page at 192 168 0 239 says Do you want to save config to device Cancel 195 Upgrading A WARNING Backup your configuration information before upgrading to prevent loss of settings information Follow this procedure to upgrade the Firmware 1 Click Upgrade to start upgrading 1 Click Choose File When a window opens browse to the location of your new Firmware Firmware Upgrade No file chosen 3 Select the new Firmware file and click OK 4 Aprompt will displays to confirm the Firmware Upgrade Click OK and follow the on screen instructions to complete the Firmware Upgra
59. algorithm to generate a mes sage digest Each authentication protocol authenticates a user by checking the message digest In addition both protocols use keys to perform authentication The keys for both protocols are generated locally using the Engine ID and the user password to provide even more security In SNMPv1 and SNMPv2c user authentication is ac complished using types of passwords called Communi ty Strings which are transmitted in clear text and not supported by authentication Users can assign views to Community Strings that specify which MIB objects can be accessed by a remote SNMP manager The default Community Strings for the Switch used for SNMPv1 and SNMPv2c management access for the Switch are public which allows authorized management Stations to retrieve MIB objects and private which allow authorized management stations to retrieve and modify MIB objects 137 Global Settings Simple Network Management Protocol SNMP is an OSI Layer 7 Application Layer protocol designed specifically for managing and monitoring network devices The SNMP agents maintain a list of variables that are used to manage the device The variables are defined in the Management Information Base MIB which provides a Standard presentation of the information controlled by the on board SNMP agent Swich Global Settings SNMP State Enabled Disabled 10 64 hex letters the length of the Engine D should be een Apply
60. anges to the system i 0 1 EnGenius Backup Upgrade Reset Reboot Logout EWS7928P 24 Port Gigabit PoE L2 Wireless Management Switch with 4 Dual Speed SFP n Summary Controller State imi Access Points AP Clusters System Information Controller Version 0210 Max Managed APs 50 IP Address 192 168 10 239 Base MAC Address 88 DC 96 0E 92 CC Serial Number 134248232 System Uptime 7 days 17 hours 31 mins The Dashboard on the upper right corner of the GUI shows the current status of EWS AP s that has been managed by the EWS Switch 5 5 0 MANAGED ACTIVE OFFLINE 21 Managed Active Offline Controller State Controller Version Max Managed Access Points IP Address Base MAC Address Serial Number System Uptime This shows the number of APs in the managed AP database that are configured with the EWS Switch This shows the number of managed APs that currently have an active connection with the EWS Switch This shows the number of managed APs that currently do not have an active connection with the EWS Switch AP Controller feature device device is able to manage Universally assigned network address Displays the number of days hours and minutes since the last system restart Access Points This page displays the status of all EWS APs that your Controller is currently managing as well as all the EWS Access Points in the network that the Control
61. at can be used when a node or port fails and retain the forwarding database for ports insensitive to changes in the tree structure when reconfiguration occurs Select whether to Enable or Disable the Spanning Tree function for the Switch Next select whether you wish to enable STP RSTP or MSTP Again please note that only one Spanning tree function can be active at a time Apply Click APPLY to update the the system settings Root Bridge i The Root Bridge serves as an administrative point for all Spanning Tree calculations to determine which redundant links to block in order to prevent network loops From here you can view all the information regarding the Root Bridge within the STP All other decisions in a spanning tree network such as ports being blocked and ports being put in a forwarding mode are made regarding a root bridge The root bridge is the root of the constructed tree within a spanning tree network Thus the root bridge is the bridge with the lowest bridge ID in the spanning tree network The bridge ID includes two parts the bridge priority 2 bytes and the bridge MAC address 6 bytes The 802 1d default bridge priority is 32768 STP devices exchange Bridge Protocol Data Units BPDUs periodically All bridges listen for Hello BPDUs Bridge Protocol Data Units transmitted from the root bridge If a bridge does not get a Hello BPDU after a predefined interval called the Maximum Age the
62. ation server The mediating device such as a Switch is called the authenticator Clients connected to a port on the Switch must be authenticated by the Authentication Server Radius before accessing any services offered by the Switch on the LAN Use a Radius server to authenticate users trying to access a network by relaying Extensible Authentication Protocol over LAN EAPOL packets between the Client and Server This establishes the requirements needed for a protocol between the authenticator the system that passes an authentication request to the authentication server and the supplicant the system that requests authentication as well as between the authenticator and the authentication server 162 Global Settings LE Controller Swich Global Settings When a supplicant is connected to a Switch port the port issues an 802 1X authentication request to the attached the 802 1X supplicant The supplicant replies with the given username and password and an authentication request is then passed to a configured Radius server The authentication server s user database supports Extended Authentication Protocol EAP which allows particular guest VLAN memberships to be defined based on each individual user After authorization the port connected to the authenticated supplicant then Click Apply to save the changes to the system becomes a member of the specified guest VLAN When the supplicant is successfully authenticated traffic i
63. ault Location System Contact Default Contact char 1 32 char 1 32 char 1 32 132 Apply User Management Use the User Management page to control management access to the Switch based on manually configured user names and passwords User account can only view settings without the right to configure the Switch and an Admin account can configure all the functions of the Switch Click the Add button to add an account or the Edit button to edit an existing account ES Controller Switch User Management system User Name Password Type Password Privilege Type admin Encrypted Admin SZ Password Retype r SNMP Enter a username You can use up to 18 alphanumeric characters Password Type Select Clear Text or Encrypted from the list Password Enter a new password for accessing the Switch Password Retype Repeat the new password used to access the Switch Privilege Type Select Admin or User from the list to regulate access rights User Management User Name Password Type Password Password Retype Privilege Type admin Encrypted ei Admir M v Q D Important Note that Admin users have full access rights to the Switch when determining the authority of the user account Click the Apply button to accept the changes or the Cancel button e to discard them 123 File Management Configuration Manager The File Management feature is used for saving y
64. ave your preferences G D L LA 9 B En enius Backup Upgrade Reset Reboot Logout EWS7928P 24 Port Gigabit PoE L2 Wireless Management Switch with 4 Dual Speed SFP e M j al Ti Controller Switch p emm 3 rite mu S amp Device Management PS e Q Search River We lt Visual Monit lt gt x He cat isual Monitoring O Topology View festmnster bid Sam SS North Tustin Ems Map View WestMnster Tooli ou A a OK i Floor View Midway city Bas wey CA Mi PEUR 2 Letz v gt Statistics ur M Se LE s fa Tustin E p f D Ca Maintenance ech s des Ss x ikg ji dp David L Baker a P d y s i e Va P g S 8 new SL SEN 1 g A Kei Sch g d F Pi Ba were G 2i south ington W 9 21 Coast Metro D ate te lis hve og S A vE al Park WIIF ion amp 7 Z g P g Sagta G CO Ee 8 Anahiver Complex res Le H ge Me pS TE Gi li Le E fe Ave er it JC ASE Se Ce SS AN Ae E ee e fet team e f e SI VK Ry ge oF Ge seven Sale Costa Mesa ne CEN Beach 1 4 oes y W E SA fax SS Sey pre 2 Nan NA AUX Navigating Tips gt Use the directional pad to scroll up down se left or right Use the slider to zoom in out Alternatively you can use the mouse to navigate by clicking and dragging the left mouse button Use the mouse wheel to zoom in out Green Online Status Change e T
65. bridge assumes that the link to the root bridge is down The bridge then initiates negotiations with other bridges to reconfigure the network to re establish a valid network topology 91 Hela Time 32764 Root Address Forward Delay Hello Time Displays the Root Bridge MAC address Root in Root Bridge refers to the base of the span ning tree which the Switch could be config ured for Displays the priority for the bridge When Switches are running STP each is assigned a priority After exchanging BPDUs the Switch with the lowest priority value becomes the root bridge Displays the Switch Forward Delay Time This is the time in seconds the Root Switch will wait before changing states called listening to learning Displays the bridge Switch Maximum Age Time This is the amount of time a bridge waits before sending a configuration mes sage The default is 20 seconds Displays the Switch Hello Time This is the amount of time a bridge remains in a listening and learning state before forwarding packets The default is 15 seconds 92 Port Settings Edge Port Indicate whether the port is Enabled or Disabled STP and RSTP help guard against the formation of loops in an Ethernet network topology A loop occurs when Yes Designates the port as an edge port nodes transmit packets to each other over more than e No There is no edge port status one data path Packets can become caugh
66. cal5 local6 or local7 Facility IP Hostname Server Port EMERG ALERT CRIT ERROR WARNING NOTICE INFO DEBUG Facility 514 Nm e hie No Le Ne e he i Click the Apply button to accept the changes or the Cancel button o to discard them 188 Log Table A counter incremented whenever an entry to the Switch s history log is From here users can view and delete the history log made It displays the last entry highest Select the Log Target you wish to view from the drop sequence number first Displays the time of the log entry down box Category Displays the category of the history log entry for example If the name of a VLAN group is changed the category will display VLAN If a device is con y Controller Switch Log Table nected to the Switch the category will display Port Displays the level of severity of the log b IP Settings entry Messages are assigned a severity a E No Timestamp Category Severity Message co de Global Settings 1 Jan05 105219 System notice web user admin authentication failed Local Logging 2 Jens 10 27 56 System notice web user admin authentication failed triggered the history log entry Remote Logging 3 Jan02112849 Pot notice Pon gif link up Log Table ame 4 Jan02 11 28 44 Pot notice Port gi link down Click CLEAR to clear the buffered log in the memory Port Settings 5 Jan02112827 Port notice Pon git link up b PoE 6 Jan 02 11 28 23 Platform noti
67. ce Port 15 PoE status is delivering power System Select Log Target Buffered Summary EEE 7 Jan02 11 28 18 Platform warning Port 15 PoE status is Fault Jumbo Frame L2 Feature B Jan 02 11 28 17 Port notice Por gi15 link down Management 10 Jen 02 11 20 00 Port notice Pon git5 link down lt s VLAN 9 Jan02112005 Port notice Port gif link up a ze ACL A QoS 11 Jan 02 11 19 42 Port notice Port oi link up P Security 12 Jan 02 11 19 39 Platform notice Don 15 PoE status is delivering power 189 Diagnostics Cable Diagnostics Cable Diagnostics helps you to detect whether your cable has connectivity problems provides information about where errors have occurred in the cable The tests use Time Domain Reflectometry TDR technology to test the quality of a copper cable attached to a port TDR detects a cable fault by sending a signal through the cable and reading the signal that is reflected back All or part of the signal is reflected back either by cable defects or by the end of the cable when an issue is present Cables are tested when the ports are in the down state with the exception of the cable length test GG Controler Swich Cable Diagnostics System 2 Cable Length A Cable Length B Cable Length C meter meter meter s Cable Diagnostics Ping Test D Ping Test Trace Route Select the port to which the cable is connected Pair A B C and D Displays the cable
68. counting Enables or disables the accounting feature Radius Accounting Enter the IP address of the Radius Server accounting server Radius Accounting Enter the port number used for Port connections to the Radius accounting server Radius Accounting Enter the secret required to connect to Secret the Radius accounting server Accounting Update Specify how often in seconds the Interval accounting data sends The range is from 60 600 seconds 35 SSID Config WPA WPA2 Enterprise User should set radius server for WPA Wi Fi Protected Access or WPA2 security protocol WPA PSK WPA2 PSK WPA with PSK Pre shared key Personal mode is designed for home and small office networks WPA WPA2 Type WPA2 Encryption AES Y Radius Server Radius port 1812 1 65535 Radius Secret 1 64 characters Update Interval 3600 seconds 30 3600 0 disabled Enable Radius Accounting Accounting Radius Server Accounting Radius Port 1 65535 Accounting Radius Secret 1 64 characters Accounting Update Interval seconds 60 600 Save Cancel WPA PSK WPA2 PSK WPA with PSK Pre shared key Personal mode Type Select the WPA type you wish to use Your available options are Mixed WPA PSK and WPA2 PSK Encryption Select the WPA encryption type you wish to use Your available options are Both or TKIP Temporal Key PSK Key Select the PSK Key you wish to use If using the ASCII format the Key must be between 8 64 c
69. ct TX Hold Count Enter the maximum number of Hello packets divisor of 4096 transmitted per interval The count can be Maximum Hop Used to set the number of hops between specified rom no Thig derault 2 S devices in a spanning tree region before the Hello Time Enter the Switch s Hello Time This is the BPDU packet sent by the Switch is discarded interval between two transmissions of BPDU Each Switch on the hop count will reduce packets sent by the Root Bridge to verify the hop count by one until the value reaches that it is the Root Bridge The Hello Time zero The Switch will then discard the BDPU range is from 1 to 10 seconds The default packet and the information held for the port Hello Time is 2 seconds will age out The user may set a hop count from 6 to 40 The default value is 20 Forward Delay Enter the bridge forward delay time which indicates the amount of time in seconds that Apply Click APPLY to update the the system settings a bridge remains in a listening and learning state before forwarding packets The value must be greater or equal to Bridge Max Age 2 1 The time range is from 4 seconds to 30 seconds The default value is 15 seconds Select from the list to specify the priority of the Switch for comparison in the CIST CIST priority is an important criterion on determining the root bridge In the same condition the Switch with the highest 96 CIST Port Settings MST ID Select the MST ID from the
70. ct an Access Point to configure Next fill in the giv en information for the Access Point Device Name Administrator Username The device name of the Access Point Users can enter a custom name for the Access Point if they wish Displays the current administrator login username for the Access Point Enter a new Administrator username for the Access Point if you wish to change the username The default username is admin New Password Enter a new password of between 1 12 alphanumeric characters Verify Password Enter the password again for confirmation Auto Configuration This section displays information about the selected Access Point Select whether you wish to have Static or DHCP Auto Configuration for the Access Point in relation to the Controller DHCP You can choose to auto assign IP Address if there is a DHCP server in the network Static If you wish to manually assign the IP Address choose Static Enter the IP Address you wish to assign to the AP and fill in the subnet mask and default gateway enter DNS server address if necessary IP Address Enter the IP address for the Access Point Subnet Mask Enter the Subnet Mask for the Access Point Default Gateway Enter the default Gateway for the Access Point Primary DNS Server Enter the Primary DNS server name Secondary DNS Server Enter the secondary DNS server name Auto Configuration Select Static or DHCP for Auto Config urat
71. d Enabled 3600 e D 2 AUTHINTIALZE Enabled re A e Disabled Enabled 2600 D 0 2 AUTH PIMIALGE Enabled Port Security nm 9 Disabled Gier 3600 D 30 2 AUTHINTIALZE Enabled 10 Disabled Cer 3600 D D 2 AUTHINTIALZE Enabled mon Disabled Enatied 3600 e H 2 AUTHINTIALZE Enabled Apply Click Apply to update the system settings 165 Authenticated Host The Authenticated Host section displays the Authenticated User Name Port Session Time Authenticated Method and Mac Address W Controller Switch Authenticated Host System User Name Port Session Time Authenticate Method Mac Address L2 Feature 82 VLAN Management ACL 802 1x Global Settings Port Settings Authenticated Host Radius Server b Access Port Security b DoS Monitonng Diagnostics 166 Radius Server Radius proxy servers are used for centralized administration Remote Authentication Dial In User Service RADIUS is a networking protocol that provides centralized Authentication Authorization and Accounting AAA management for users that connect and use a network service for greater convenience Radius is a server protocol that runs in the application layer using UDP as transport The Network Switch with port based authentication and all have a Radius client component that communicates with the Radius server Clients connected to a port on the Switch must be authenticated by the Authentication Server before accessing services offered by the S
72. de Note The Upgrade process may require a few minutes to complete It is advised to clear your browser cache after upgrading your firmware Resetting A WARNING The Reset function will delete all configuration information from the current device Backup your information before starting this procedure Follow this procedure to reset the Switch back to factory default settings 1 Click Pid to start the reset process 2 When a prompt displays click OK to confirm the reset or Cancel to quit the procedure The page at 192 168 0 239 says Do you want to apply default setting and reboot device 196 Rebooting Logging Out Follow this procedure to reboot the Switch Follow this procedure to log out the current profile from 1 Click to start the reboot process the user interface Reboot 1 B 2 When a prompt displays click OK to confirm the reboot ls GWEN giga 10 108 CULO TINE MENU process or Cancel to quit the procedure 2 When a prompt shows click OK to confirm logging out or Cancel to quit the procedure The page at 192 168 0 239 says The page at 192 168 0 239 says Do you want to reboot device Do you want to logout Cancel 197 Appendix 198 Quick Reference Guide Specifications Model EWS5912FP EWS7928P EWS7952FP Connectors PoE Features IEEE802 3af at max 30w per port Pot Pot 8 LA 48 Total bot Budget 130 W 185 W Power Supply 100 240VAC 50 60Hz Environe
73. de radars de haute puissance sont d sign s utilisateurs principaux c a d qu ils ont la priorit pour les bandes 5250 5350 MHz et 5650 5850 MHz et que ces radars pourraient causer du brouillage et ou des dommages aux dispositifs LAN EL 203 FOR MOBILE DEVICE USAGE Radiation Exposure Statement This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance 20cm between the radiator amp your body Pour l utilisation de dispositifs mobiles D claration d exposition aux radiations Cet quipement est conforme aux limites d exposition aux rayonnements IC tablies pour un environnement non contr l Cet quipement doit tre install et utilis avec un minimum de 20cm de distance entre la source de rayonnement et votre corps 204 Appendix C CE Interference Statement Europe EU Declaration of Conformity This device complies with the essential requirements of the R amp TTE Directive 1999 5 EC The following test methods have been applied in order to prove presumption of conformity with the essential requirements of the R amp TTE Directive 1999 5 EC e EN60950 1 Safety of Information Technology Equipment e EN50385 Generic standard to demonstrate the compliance of electronic and electrical apparatus with the basic restrictions related to human exposure to electromagnetic fields 0 Hz 300 GHz e EN 300 328 Elect
74. deuns 102 MAC Address Table names 104 Static MAC ATOS aan 104 Fret CAG PGI OSS sine 105 n GE 106 Global Se NES unis 107 ef Beie ere 108 Remote Le E 109 el EI Le ss ne de 111 Global e d uen 112 VLAN dl 113 EIERE ugeet Geet 114 OO NES an 116 Router SOUMMES singer dunes 117 MOD SO PIRE a ne ernment aree 118 Global SSLHINES geesde 118 VLAN Kn ln 119 SERIES 120 Router SCM MING at EE 121 Jumbo Frame ana eue lee VA a pm EEEE 123 OST a rae rere emer 123 PVD Sn an a ne 126 Management WPAN se eanen 128 Voice VLAN DEN 129 er n WE 129 SEIT dl nada 130 PO SC ne 131 RIVE E 132 SE NT IRON a a 132 SAISON MgSO Essen demeures 133 File Manasement ss sn 134 Configuration Managers rain 134 Dual Sa 135 SNE 136 Se In dia 138 UN UIS RS a a n e ui paca 139 SEI te IOC Usa pices lau stcomiecep ca aaniceessananamenta onesie eapsnonnionseaass antes 140 COMMUNITY CUS Acces Rd ns 141 US HE a tend 142 Trap Settings SNMP TESS giereg uns 143 AO note 145 a MAG AR eremretesoremernreneery erste errr nrt renee cer eteeeneec near err ree 146 MAC FOG seis neue 147 PNR E EE 148 PVR E ae ent 149 PVO AE an 151 SE 152 AC e le a a ne 154 QOS ero ee eee 155 eieiei 155 SEET 157 lt DSCP Mappi E Sd han 158 APOT SEINES eaea R 159 SCENE 161 A a ence 162 21012A D PEE EA T E E E 162 SNE 163 Port E Ed ame 164 Authenticated e e anne 166 el EE 167 ACCESS a os do oi 169 APS E dl 169 elpet Setting eege 170 ASS ESS er
75. dress Guest Network WINS Server IP Ending IP Specify the ending IP address range for the address Guest Network WINS Server Specify the Windows Internet Name Service IP WINS Server IP address for the Guest Network WINS is Microsoft s implementation of NetBIOS Name Service NBNS a name server and service for NetBIOS computer names 38 Active Clients From here you can view information on the wireless clients that are associated with the Access Points that the EWS Switch manages Click Next or Previous to view more parameters If multiple Access Points are connect ed to the network use the search bar to find an Access Point by its name Active Clients Q AP Device Name AP MAC Address ModelName SSID Client MAC Address TX Traffic KB RX Traffic KB RSSl dBm No data available in table 10 Showing 0 to 0 of 0 entries 4 Previous Next p 39 AP Device Name Displays the name of the Access Point which the client is connected to AP MAC address Displays the MAC address for the given Ac cess Point Model Name Displays the model name for the Access Point Displays the network on which the client is connected to Client MAC Displays the MAC Address of the Wireless Address Client connected to the Access Point TX Traffic KB Displays the total traffic transmitted to the Wireless Client RX Traffics KB Displays the total traffic received from the Wireless Client RRSS dBm Displays the
76. dth 13 Length 9 Height 1 73 Width 9 45 Length 10 20 Height 1 73 LE RE FRE A CR A RE I CELL EWS5912FP Front EWS7928P Front EWS5912FP Back EWS7928P Back Dimensions EWS7952FP Width 16 14 Length 17 32 Height 1 73 BR CS E a Wa oa Wa Wa WPa oa aa aP WPa aa oa o aE aa genge gg EWS7952FP Front 1 RJ45 Console Port 2 Power LED Light off Power off Solid Light Power On 3 Fault LED Light off Normal Behavior Solid Light Error 4 PoE Max LED Light off Additional PoE device may still be added Solid Light The PoE device s output power has exceeded total PoE limit No additional devices can be powered on via PoE 5 LAN Mode LED Light off LAN mode is not activated Solid Light LAN mode is activated 6 PoE Mode LED Light off PoE mode is not activated Solid Light PoE mode is activated 7 LED Mode Selector Press to change between LAN and PoE mode 8 Reset Button Press toreset the device to factory default settings 9 RJ 45 LAN Ports 10 100 1000 Mbps RJ 45 LAN ports 10LAN Mode LED Per Copper Port Light off No link is 13 EWS7952FP Back established on the port Solid Amber Light A valid 10 100 Mpbs link is established on the port Solid Green Light A valid 1000 Mbps link is established on the port 11 Link Act LED Per Copper Port Light off No link is established on the port Solid Light A valid link is established on the port Bl
77. e packets in priority classes of service It assigns WRR weights to queues Select which packet fields to use for clas Click Apply to save the changes to the system sifying packets entering the Switch e DSCP Classify traffic based on the DSCP Differentiated Services Code Point tag value e 1p Classify traffic based on the 802 1p The eight priority tags that are specified in IEEE802 qp are from 1 to 8 156 CoS Mapping CoS Class of Service Displays the CoS priority tag values where O is the lowest and 7 is the highest Check the CoS priority tag box and select the Queue values for each CoS value in Use the Class of Service CoS Mapping feature to specify which internal traffic class to map to the corresponding the provided fields Eight traffic priority CoS value CoS allows you to specify which data packets queues are supported and the field values have greater precedence when traffic is buffered due to are from 1 8 where one is the lowest priority and eight is the highest priority congestion Click Apply to save the changes to the system Controller Switch CoS Mapping System CoS Queue lt L2 Feature VLAN Te oa Management P 0 2 x AC ACL A 1 1 2 QoS 2 3 Global Settings CoS Mapping a 3 4 DSCP Mapping 4 5 Port Settings Bandwicth Control e z Storm Control Fi 6 7 Security 7 8 Monitoring Diagnostic s 157 DSCP Mapping Use Differentiated Services Code Poin
78. e 171 ell Ee GS yas sccczsayiarsinsnrecseiteausacnsaesianed cuesbennedncticns 172 Port ERR E 173 ie 174 Global SERRE tie ee eetiees 174 e ll 176 MOTORS a a dau 177 PONT Stati e 177 RMON aa a E OTT nt ree eer 178 EVED L S bricos anaiai aa aaas 178 EventLog Fables sienne nn 179 Alani LIS bai a teens 180 ee ES OT LIS A eatiunce tei asecin neva luoundanatenen 181 History Log Tables a ccesicrancennnstacent 182 SOUS TRS de ad a dons 183 DO a erent ene renee 184 leie KE un le 185 tocalC ocene ert E 186 Remote e 188 Eog KT 189 PA BOB ICS none 190 Cable DISSOUS ns 190 ARINE TeS nue 191 Ping Test SOINS din 191 NP IPI MST nus 192 Trace ROUES nana commen 193 Chapter 4 Maintenance 194 Ma dn e 195 leen Su EE 196 Rebooting Logging Out hubennitinsun 197 ADD ns 198 Quick Reference Guide ns 199 Professional Installation Instruction English French 200 FCC Interference Statement ss 202 IC Interference Statement 203 CE Interference Statement 205 Chapter 1 Product Overview Introduction The EnGenius Neutron Series of EWS PoE Switches Controllers are devices specially designed to support Access Points and IP Surveillance cameras Voice over IP VOIP phones and other Power over Ethernet Po Capable devices as well as other Ethernet based networking equipment or computers The EWS Layer 2 PoE Switch provides simple yet powerful PoE manageability with features such as IEEE 802 3af or IEEE
79. e Switch image active on the Switch in its permanent storage One image is the active image Displays the name version number of the and the second image is the backup image The Dual Im Image age screen enables the user to select which partition will Displays the size of the image tie be set as active after the next reset The Switch boots Created Time Displays the time the image was created and runs from the active image If the active image is corrupt the system automatically boots from the non ac tive image Click Apply to save the changes to the system ce Controller Switch System lt L2Feature VLAN amp Management Dual Image Selects the partition you wish to be active Dual Image Active Flash Partition Status Image Name Image Size Byte Created Time o Partition 0 Active IMG 1 00 06 c0 18 10 6376392 2013 11 27 10 19 09 Partition 1 Backup IMG 1 00 05 c0 16 3 6302977 2013 10 30 18 10 52 System Information User Management 4 File Management al Configuration Manager Dual Image SNMP 135 SNMP Simple Network Management Protocol SNMP is an Application Layer protocol designed specifically for managing and monitoring network devices Simple Network Management Protocol SNMP is a popular protocol for network management It is used for collecting information from and configuring network devices such as servers printers hubs Switches and routers on an Internet Protocol IP network SNMP is
80. e Syslog severity levels os Emergency System is unusable emergency condition usu ally affecting multiple apps servers sites Direct Attention Alert Actions must be taken immediately Critical conditions is required Should be corrected immedi ately Notify staff who can fix the problem promptly Should be corrected immedi ately but indicates failure ina secondary system Non urgent failures these should be relayed to devel opers or admins each item should be resolved promptly Warning message that indi cates an error will occur if action is not taken Warning conditions Notice Normal but signifi cant conditions Informational Events that are unusual but not error inducing No immedi ate action required Normal operational status may be gained for reporting procedures 7 Debug level mes Information useful to devel sages opers for debugging applica tions Informational message a Error Error conditions 184 Global Settings From here you can Enable or Disable the Log settings for the Switch n Global Settings Settings Enabled Disabled Logging Use the radio buttons to Enable or Disable Service the system log Global Logs Select whether to Enable or Disable the Switch s global logs for Cache File and Server Log Apply Click APPLY to update the system settings 185 Local Logging Target Select Yes or No from the list If the device is not functio
81. e s or more access points are operating in the same area on the same channel it may cause s E mn interference D Client Limits Specify the maximum number of wireless noe iz e ees r eine clients that can associate with the radio Enter Wiere ina ele rA a range between 1 127 or fill in O for an Mu ur Me unlimited client limit SS iesen mie Data Rate Enter the data rate you would like to use e RTS CTS Enter the RTS CTS Threshold The range is from Threshold 1 2346 Aggregation Click to enable or disable the aggregation feature Frames Enter the amount of frames you wish to utilize The range is from 1 32 Bytes Enter the maximum limit of bytes Your range is from 2304 65535 45 Advanced Settings Clicking on the cluster field of an Access Point will direct you to a Wireless Settings page where you can configure settings for the selected cluster Band Steering Click to enable or disable the Band Steering function for the cluster Note that the 2 4 GHz and 5 GHz SSIDs must have the same security settings With Fast Handover enabled the Access Point will send a disassociation request to the wireless client and let it find another Access Point to handover and associate upon detecting the wireless client s RSSI value lower than specified The RSSI value can be adjusted to allow for more clients to stay associated to this Access Point Note that setting the RSSI value too low may cause
82. earching Searching Searching Searching Searching Searching Searching Searching Searching Searching Searching EEE Energy Efficient Ethernet EEE an Institute of Electrical and Electronics Engineers IEEE 802 3az standard reduces the power consumption of physical layer devices during periods of low link utilization EEE saves energy by allowing PHY non essential circuits shut down when there is no traffic Network administrators have long focused on the energy efficiency of their infrastructure and the EnGenius Layer 2 Switch complies with the IEEE s Energy Efficient Ethernet EEE standard to give you even more control The EEE compliant Switch offers users the ability to utilize power that Ethernet links use only during data transmission Lower Power Idle LPI is the method for achieving the power saving during Ethernet idel time Use the EEE Configuration page to configure Energy Efficient Ethernet Port Display the port for which the EEEE setting is displayed EEE Status Enable or Disable EEE for the specified port Click APPLY to update the system settings oe wem Le System Port EEE Status Summary Enabled b IP Settings gt Log 1 Disabled System Time E 2 Disabled Port Settings 3 Disabled b PoE EEE 4 Disabled Jumbo Frame 5 Disabled lt 12 Feature 6 Disabled S VLAN amp Management H SE Z ACL 8 Disabled amp QoS 9 Disabled AR Secunty amp M
83. eate a Self signed SSL Certificate to secure communications between the Switch and Access Points Certificate Information Note that Access Points will disconnect and reconnect en ene gene using new certificate upon applying changes Organization Default_org Organization Unit Default_unit Generate a New Certificate i GE Zeng State Province Default state County Taiwan Enter the information below to generate a request for an SE EE SSL certificate for the controller Advanced Option Enter the EE l request SSES Enter the organizations name Organization Unit Enter a unit name department etc Locality City Enter the locality or city Apply Click APPLY to update the the system settings 59 Certificate Information This area will display information about the given certificate Click Display Certificate Information to show the current certificate information Advanced Options This area will show any advanced options chosen Advanced Option Restore to Default Cenficate 60 Click on Restore under Advance Options to restore the default SSL Certificate settings Click APPLY to update the the system settings Trouble Shooting From here you can troubleshoot any issues you have with Access Points connected to the network This fea ture is designed primarily for administrators to verify and test the link route between the Switch and the Access Point A troubleshooting solution is provided by the sys tem
84. ed port will Apply Click APPLY to update the the system settings replace the existing port member that has a lower priori ty A smaller number indicates a higher priority level The range is from 0 65535 and default is 32768 System Priority Enter the LACP priority value to the system The default is 32768 and the range is from 1 65535 84 e Long Long timeout value Link Aggregation Control Protocol LACP allows the exchange of information with regard to the link SE aggregation between two members of aggregation The Long The LACP PDU will be sent for every 30 seconds and LACP Time Out value is measured in a periodic interval RL Ca ei ee cg ee cline Check first whether the port in the trunk group is up When the interval expires it will be removed from the timeout value is 3 seconds trunk Set a Short Timeout one second for busy trunked links to ensure that disabled ports are removed from the trunk group as soon as possible The default value for LACP time out is Long Timeout LACP Timeout Timeout Select the administrative LACP timeout Apply Click APPLY to update the the system settings LACP Timeout 85 Mirror Settings Mirrors network traffic by forwarding copies of incoming and outgoing packets from specific ports to a monitoring port The packet that is copied to the monitoring port will be the same format as the original packet Port mirroring is useful for network monitoring a
85. ed within a configured ACL ACL relative to other ACLs assigned to the selected interface The valid range is from 1 2147483646 1 being AS gett processed first i VLAN Action Select what action taken if a packet pos bia matches the criteria Z ACL Sequence Range 1 2147483647 1 is first processed e Permit Forward packets an Action Permit E that meet the ACL criteria Protocol Select fromlist x tcp D 7 Deny Drops packets that IPv4 ACE Source IP Address User Defined meet the ACL criteria IPv6 ACL N E CES Protocol Select the Anv Protocol ID or Select IPV6 ACE from List from drop down menu ACL Binding Source IP Prefix Length Range 0 128 4 QoS Destination IP Address User Defined x D Protocol ID Enter the proto a DS E acc col in the ACE to which the packet is Diagnostics Destination IP Prefix Length Range 0 128 matched Source Port Single Range 0 65535 e Select from List Select the rotocol from the list in the provided Destination Port Single D Range 0 65535 gt eld H aro ee E ee ee Destination IP Address Enter the destination IP address Rst DontCarek Syn Don tCare y Fin Don t Care x Value 4 Type of Service DSCP to match x ee Destination IP Wildcard Enter the mask of the new source IP Mask address Source IP Address Enter the source IP address Value Source
86. elect whether vou wish to use V2 or V3 Finally select whether vou wish to enable or disable the Report Suppression feature for the Switch Ge Swich Global Settings Settings Version Report Suppression Select to Enable or Disable IGMP Snooping on the Switch The Switch snoops all IGMP packets it receives to determine which segments should receive packets directed to the group address when enabled Select the IGMP version you wish to use If an IGMP packet received by the interface has a version higher than the specified version this packet will be dropped Select whether Report Suppression is Enabled or Disabled for IGMP Snooping The Report Suppression feature limits the amount of membership reports the member sends to multicast capable routers Apply Click Apply to update the system settings 112 VLAN Settings Use the IGMP Snooping VLAN Settings to configure IGMP Snooping settings for VLANs on the system The Switch performs IGMP Snooping on VLANs that send IGMP packets You can specify the VLANs that IGMP Snooping should be performed on Choose from the drop down box whether to Enable or Disable IGMP Snooping Next choose to Enable or Disable Fast Leave for the VLAN ID Switch VLAN Settings System lt 12 Feature b Link Aggregation VLAN ID IGMP Snooping Status Fast Leave Enabled Enabled v Q0 Mirror Settings t STP MAC Address Table r LLDP 4 IGMP Snooping
87. ent within other queues on the port If a delay is necessary packets are held in the queue until they are authorized for transmission Global Settings There are two options for applying QoS information onto packets the 802 1p Class of Service CoS priority field within the VLAN tag of tagged Ethernet frames and Dif ferentiated Services DiffServ Code Point DSCP Each port on the Switch can be configured to trust one of the packet fields 802 1p DSCP or DSCP 802 1p Packets that enter the Switch s port may carry no QoS informa tion as well If so the Switch places such information into the packets before transmitting them to the next node Thus QoS information is preserved between nodes within the network and the nodes know which label to give each packet A trusted field must exist in the packet for the mapping table to be of any use When a port is configured as untrusted it does not trust any incoming packet priority designations and uses the port default priority value instead to process the packet 155 State Select whether QoS is enabled or disabled on the switch Scheduling Method Trust Mode 1 Swich Global Settings Qos Gloda Selects the Strict Priority or WRR to specify a panes EN 5 RTE the traffic scheduling method Weg me Moda i 1i L e Strict Priority Specifies traffic Lo scheduling based strictly on the queue priority e WRR Use the Weighted Round Robin WRR algorithm to handl
88. ers Tagged Port Frames transmitted from this port are tagged with the VLAN ID Untagged Port Frames transmitted from this port are untagged we Important Port based VLAN and 802 10 VLAN are mutually exclusive If you enable port based VLAN then 802 10 VLAN is disabled Note The Switch s default setting is to assign all ports to asingle 802 1Q VLAN VID 1 Please keep this in mind when configuring the VLAN settings for the Switch 124 Adding Editing and Deleting Items in the List To add an item to the 802 10 list follow these steps 1 Click the Add button Add 2 Enter the VID and name in the the VID and Name text boxes 802 1Q VID Name Tagged Port Untagged Port 1 default 3 Click the Tagged Ports text box to show the tagged ports dialog box Port 1 2 3 4 5 6 7 8 H 10 11 12 tagged a untagged EI EI a none o tagged O untagged a none o 4 Click a radio button in the tagged ports row to select a port 125 5 Click the Untagged Ports text box to show the untagged ports dialog box 6 Click a radio button in the Untagged Ports row to select a port 7 Click Confirm to accept the changes or Cancel to discard them 802 1Q Tagged Port Untagged Port db 2 default 1 28 1118 To delete an item in the 802 10 list follow these steps 1 Click the Delete button in the row you want to remove an item from confirma
89. etecting the wireless client s RSSI value lower than specified The RSSI value can be adjusted to allow for more clients to stay associated to this Access Point Note that setting the RSSI value too low may cause wireless clients to reconnect frequently The range is from 90 dBm 60 dBm The Guest Network feature allows administrators to grant Internet connectivity to visitors or guests while keeping other networked devices and sensitive personal or company information private and secure Displays the SSID name as it appears to other wireless clients Displays the security Mode the SSID uses Encryption Displays the type of data encryption the SSID uses Hidden Displays whether the hidden SSID is enabled or SSID disabled Client Displays whether the Client Isolation feature is Isolation enabled or disabled 36 Guest Network Configuration Enable SSID Hidden SSID Client Isolation SSID Config Basic Setting Enable SSID SSID Hidden SSID Client Isolation Security None No Authentic Select to enable or disable SSID broadcasting on the network Specify the SSID for the current profile This is the name visible on the network to wireless clients Select Enable to hide the SSID from broadcasting in order to discourage unauthorized wireless users from connecting to a particular SSID Select Enable to prevent wireless clients associated with an Access Point from communicating with other wireless d
90. evices Enable Disable EnGenius 2 4GHz_GuestN 1 32 characters Enable Disable Enable Disable ation WPA PSK WPA2 PSK WPA with PSK Pre shared key Personal mode is designed for home and small office networks WPA PSK WPA2 PSK Type Mixed Encryption Both v WPA Passphrase 8 64 characters 37 Security None Select to disable security for the Access Point WPA PSK WPA2 PSK Select to enable WPA with PSK Pre shared key Personal mode for the network Type Select the WPA type you wish to use Your available options are Mixed WPA PSK and WPA2 PSK Encryption Select the WPA encryption type you wish to use Your options are Both or TKIP Tem poral Key PSK Key Specify the PSK Key you wish to use If using ASCII format the Key must be 8 64 char acters If using HEX format the Key must be 64 HEX characters in length Manual IP Settings amp Automatic DHCP Server Settings After enabling the Guest Network feature in the SSID EES Configuration page enter IP address and Subnet mask IP Address for the Guest Network and assign an IP address range Subnet Mask for wireless clients connecting to the Guest Network Automatic DHCP Server Settings IP address Specify an IP address for the Guest Network rem Subnet Specify the Subnet mask IP address for the Guest End Se mask Network ing z Address Starting IP Specify the starting IP address range for the s ad
91. flow control in half duplex mode IEEE802 3x flow control is used in full duplex mode to send a pause signal to the sending port causing it to temporarily stop sending signals when the receiving port memory buffers fill Back Pressure flow control is typically used in half duplex mode to send a collision signal to the sending port mimicking a state of packet collision causing the sending port to temporarily stop sending signals and resend later Click APPLY to update the system settings 74 bot Power Budget The PoE Management screen contains system PoE information for monitoring the current power usage and assigns the total amount of power the Switch can provide to all of its PoE ports Ports 1 8 24 or 48 on the Switch are IEEE802 3at af compliant ports Each port is capable of delivering up to 30 Watts and a total PoE budget of 130 185 370 or 740 Watts depending on you model for uninterrupted PoE use To access the page click PoE under the System menu Po Power Budget EWS5912FP 8 130 Watts EWS7228P 185 Watts EWS7952FP 740 Watts Total Power Budget Enter the amount of power the Switch can provide to all ports 75 Consumed Power Shows the total amount of power currently being delivered to all ports Apply Click APPLY to update the the system settings bot Port Settings The EnGenius Layer 2 PoE Switches supports Power over Ethernet PoE as defined by the IEEE 802 3af and 80
92. g 512 Bien PE list S S Smurf Attack Enabled Fragment Minimal Enter the minimal size Size Neimask Length L Bytes 0 32 IPv6 Min Fragment Select Enabled or Disabled from the list SE Bytes Enter the size of IPv6 packets The range is from 0 65535 TCP Min Hdr Size Enabled ICMP Fragment Select Enabled or Disabled from the list Bytes 20 0 31 Null Scan Attack Enabled IPv4 Ping Max Size Select Enabled or Disabled from the list IPv6 Ping Max Size Select Enabled or Disabled from the list Ping Max Size Set Enter the max ping size for the ping The E eem 7 ting range is from 0 65535 TCP SYN FIN Attack Enabled EN Smurf Attack Select Enabled or Disabled from the list P e TCP SYN RST Attack Enabled Netmask Length Enter the length of the netmask The range is from 0 32 TCP Fragment Offset 1 Enabled TCP SYN Select Enabled or Disabled from the list Null Scan Attack Select Enabled or Disabled from the list X Mas Scan Attack Select Enabled or Disabled from the list Click Apply to save the changes to the system TCP SYN FIN Attack Select Enabled or Disabled from the list TCP SYN RST At Select Enabled or Disabled from the list tack TCP Fragment Select Enabled or Disabled from the list Ping Max Size Enter the max ping size you wish to use TCP SYM SPORT lt 1024 Enabled Gi 175 Port Settings RE Displays the port for which the DoS protection From here you
93. g Port Statistics 4 RMON Event List Event Log Table Alarm List History List History Log Table Statistics A Diagnostics 182 isti ulticast Pkts isplays the number of good Multicast Statistics Mul Pk Displays th ber of good Mul packets received on the port From here you can view all the packet information for CRC amp Align Errors Displays the number of CRC and Align er the controller feature of the Switch rors that have occurred on the port Undersize Pkts Displays the number of undersized packets e less than 64 octets received on the port SE ortroler Satch Statistics gt Oversize Pkts Displays the number of oversized packets nu ee ee over 1518 octets received on the port met can un Mee SS ds Fragments Displays the number of fragments received on the port EE ME Se CT NN UT M NE TRE Jabbers Displays the total number of received pack 3o o asaan MO S o SOD men aen ae ets that were longer than 1518 octets lt E l L A Collisions Displays the number of collisions received Be 6 H 0 H 0 d H 0 0 H 0 H H 0 H H 0 on the port a ER EE Pkts of 64 Octets Displays the number of 64 byte frames EE received on the port a Pkts of 65 to 127 Displays the number of 65 to 127 byte Octets packets received on the port Pkts of 128 to Displays the number of 128 to 255 byte 255 Octets packets received on the port Pkts of 256 to Displays the number of 256 to 511 byte 511 Octet
94. h The traffic is encrypted soit is difficult to eavesdrop on as it creates a secure connection within an insucure network such as the internet Even if an attacker was able to view the traffic the data would be incomprehensible without the correct encryption key to decode it ch SSH Settings an Enabled 0 6535 minutes 0 256 Password Raty Court 3 0 120 0 65535 seconds 171 To configure SSH settings for the Switch first select whether you wish to Enable or Disable the SSH service for the Switch Note that SSH is more secure than the Telnet service when deciding between which service to use Enter the session timout you wish to implement for SSH Next enter the History Count number you wish The default count is 128 Enter the number of passwords requests to be sent across SSH The deafult attempts is 3 Finally enter the silent time you wish to implement for the SSH service SSH Service Select whether SSH is Enabled or Disabled This is disabled by default Session Timeout Enter the amount of time that elapses before the SSH Service is timed out The default is 5 minutes The range is from 0 65535 minutes Enter the entry number for History of SSH Service The default is 128 The range is from 0 256 Enter the number of password request sent to the SSH Service The default is 3 The range is from 0 120 Password Retry Count Silent Time Enter the silent time for SSH Service The range
95. haracters in length If using HEX format the Key must be 64 HEX characters in length Advanced Settings Click on the Advanced Settings tab to further customize your Access gt Wi Guest Point settings reless Radio Settings b WLAN Settings 2 4GHz b WLAN Settings 5GHz 4 Advanced Settings Band Steen g Band Steering Enable Disable NOTE In order for Band Steering function to work properly both 2 4GHz and 5GHz SSID and Security Settings must be the same Status Enable Disable RSSI dBm Range 90dBm 60dBm NOTE Setting the RSSI value too low may cause wireless clients to reconnect frequently Network Band ssiD 2 4GHz Disabled EnGenius 2 4GHz_GuestN Status Security Encryption Hidden SSID Client Isolation etwork None Non 5GHz Disabled EnGenius SGHz_GuestNetwork None Manual IP Settings IP Address Subnet Mask Automatic DHCP Server Settings Starting IP Address Ending IP Address WINS Server IP Band Steering Fast Handover Guest Network Displays the radio band Status Displays whether the current SSID profile is enabled or disabled Click to enable or disable the Band Steering function for the Access Point Note that the 2 4 GHz and 5 GHz SSIDs must have the same security settings With Fast Handover enabled the Access Point will send a disassociation request to the wireless client and let it find another AP to handover and associate upon d
96. he changes or the gt Link Aggregation Chassis ID Subtype MAC Address Cancel button o to discard them Mirror Settings Chassis ID 88 DC 96 0E 93 7 b SIP System Name EWS7928P gt MAC Address Table leie 4 LLDP System Descnption EnGenius EWS7928P Obba Selig Capabilities Supported Bridge Local Device Capabilities Enabled Bridge Remote Device IGMP Snooping Pon ID Subtype Local MLD Snooping VLAN Management 7 ACL amp QoS P Security amp Monitoring Diagnostics 108 Remote Device LLDP devices must support chassis and port ID advertisement as well as the system name system ID system description and system capability advertisements From here you can viewing detailed LLDP Information for the remote Switch Swech Remote Device system Auto 802 3 Chassis Timo Auto Awo MNagotiation Maximum 8023 Link 8023 Link 10 PortiD Remote System To Negotiation Megotiation Advertised Operational Frame Aggragotion Aggregatios Unk Aggregation Port Subtype Chassis ID Subtype 10 Mame Live Supponed Enabled Capabiliti s MAU Type Sue Capability Sows Mirror Settings 10BASET hall duplex SIP 10BASET S Wide S MAC Address Table MAC Locally sue 100BASE TX 1000BASE T Capable of Not zem 1 SSDC DEER ai EI 113 Enabled Enabled full duplex 152 beng in a LLOP adress assigned halt duplex mode on a 100BASE N nr Globa Settings full duplex ADOOBASE T Local Device full d
97. he number in the marker represents the number of wireless clients currently con pe nected to the Access Point Use the Search box to search for locations by typing an address or the name of a land mark Use the Location button to pinpoint the map 4 Locate to your current location 51 Click AP List to reveal a list of Access Points TT that the Controller is currently managing Click on Save Map for the settings to take effect To use the Map View 1 Click on to display the list of managed Access Points 2 Drag and drop the marker of the Access Point to the location on the map you wish to place 3 Click on to complete You can now easily locate you Access Point by mousing over the Device Name field in the Access Point List Floor View Floorplan Image The Floor View feature enables an administrator to up From here an administrator can add or delete a custom load custom floorplans for better network visualization map or floorplan image of a wireless network Multiple images can be uploaded to visualize Access Point placement on multiple floors of an office building or different branch offices within an organization D O Ki 9 KI B EnGenius Backup Upgrade Reset Reboot Logout EWS7928P 24 Port Gigabit PoE L2 Wireless Management Switch with 4 Dual Speed SFP Lee Controller Switch Floor Plan 6291KB 6225kB 65kB amp Device Management TOTAL AVAILABLE IN US
98. his software operates only as an SNTP client and cannot provide time services to other systems Ve Swich System Time 71 Displays the current time Enable SNTP Select whether to Enable or Disable the SNTP server The system time is set via an SNTP Daylight Savings Time sever Select the difference between Greenwich Mean Time GMT and local time Select between Recurring or Non recurring Daylight Savings Time Offset Enter the time of Daylight Savings Time Offset Select the Day Week Month and Hour from the list Select the Day Week Month and Hour from the list Enter the SNTP or NTP sever IP address or hostname Displays the time sever port SNTP NTP Server Address To configure date time through SNMP 1 Next to the Enable SNTP select Enable 2 In the Time Zone Offset list select by country or by the Coordinated Universal Time UTC GMT time zone in which the Switch is located 3 Next select Disabled Recurring or Non Recurring for Daylight Savings Time Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening 4 In the SNTP NTP Server Address field enter the IP address or the host name of the SNTP NTP server 5 Finally enter the port number on the SNTP server to which SNTP requests are sent The valid range is from 1 65535 The default is 123 6 Clic
99. ients 10 1to 1 of 1 Cluster s Previous Next AP Clusters Visual Monitoring Statistics Member Settings Autoconfiguration Click Add or Delete to manage the number of Access DHCP You can choose to auto assign an IP address if Points in the cluster there is a DHCP server in the network Static If you wish to manually assign the IP Address Managed APs Shows the Access Points connected to the Controller Cluster Member Displays the Access Points that are a part of the cluster choose Static Enter the IP Address you wish to assign to the AP and fill in the subnet mask and default gateway enter DNS server address if necessary Show MAC Check the box to display MAC addresses in addition to the Access Point names Click Apply to save the changes to the system 43 Radio Settings Enter the country that the Access Point resides in Override Check this selection box if you wish to configure 2 4 GHz 5 GHz Settings Cluster Wireless Radio Settings individually for the select Settings Access Point From here you can configure details about the cluster D aes ag drop down Por Sek the De mode Mode or the access point For 2 z available options se the GER ane SE GE d are 802 1 1b g n mixed 802 11b 802 11b g mation regarding the types of channels for the cluster mixed 802 11g 802 1 1n only For 5GHz available options are 802 11a n mixed 802 11a 802 11n Cluster Setting H n y S a Chan
100. iew Notify View ai ali a z v o System information User Management File Management 4 SNMP Goda Settings View List Group List Community List User List 140 Group Name Enter the group name that access control rules are applied to The group name can con tain up to 30 alphanumeric characters Security Mode Selects the SNMP version v1 v2c v3 asso ciated with the group Security Level Select the security level for the group Secu rity levels apply to SNMPv3 only e No Auth Neither authentication nor the privacy security levels are assigned to the group e Auth Authenticates SNMP messages e Priv Encrypts SNMP messages Read View Management access is restricted to read on only Write View Select a SNMP to allow SNMP write privileges to the Switch s SNMP agent Notify View Select a SNMP group to receive SNMP trap messages generated by the Switch s SNMP agent Click the Apply button to accept the changes or the Cancel button to discard them Community List Enter the name of SNMP community string In SNMPv1 and SNMPv2c user authentication is ac Community Mode Selected Basic or Advance from the list complished using types of passwords called Community select the Advance attached to the SNMP Strings which are transmitted in clear text and not sup SE ported by authentication It is important to note that the RUES MER U community name can limit access to the SNMP age
101. inking Light Packet transmission on the port 12 Uplink Ports Gigabit Ports 13 SFP Ports Small form factor pluggable ports 14 Speed LED Per SFP Port 15 Link Act LED Per SFP Port Light off No link is established on the port Solid Amber Light A valid 100 Mpbs link is established on the port Solid Green Light A valid 1000 Mbps link is established on the port 16 Power Connector Compatibility Your EWS Wireless Management Switch supports the following Access Point models EnGenius EWS310AP Dual Band Wireless N600 Managed Indoor Access Point EnGenius EWS320AP Dual Band Wireless N900 Managed Indoor Access Point EnGenius EWS360AP Dual Band Wireless AC1 750 Managed Indoor Access Point EnGenius EWS610AP Dual Band Wireless N600 Managed Outdoor Access Point EnGenius EWS620AP Dual Band Wireless N900 Managed Outdoor Access Point EnGenius EWS660AP Dual Band Wireless AC1 750 Managed Outdoor Access Point Future firmware releases will Support additional models Management Interface The Neutron Series EWS Layer 2 PoE Switch features an embedded Web interface for the monitoring and management of your device Connecting the Switch to a Network Discovery in a Network with a DHCP Server Use this procedure to setup the Switch within a network that uses DHCP 1 Connect the supplied Power Cord to the Switch and plug the other end into an electrical outlet Verify the power LED indicator is lit on the Switch Wait for
102. io frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures e Reorient or relocate the receiving antenna e Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected e Consult the dealer or an experienced radio TV technician for help WARNING Any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment This device complies with Part 15 of the FCC Rules Operation is subject to the fol lowing two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation Radiation Exposure Statement WARNING This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance of 23cm between the radiator amp your body 202 Appendi
103. ion 26 How to Add Access Points to the Managed Access Point List 1 Access Points in the network will be automatically dis DHCP e to arty a IP Address if there covered by the EWS and will be listed in the APs under Ee Se Static If you wish to manually assign the IP Address choose Approval list Static Enter the IP Address you wish to assign to the AP s if more than one AP is added you ll be 2 Select the Access Points s you wish to manage and prompted to enter a range of IP Address and fill in click Allow the subnet mask and default gateway enter DNS server address if necessary 3 You will be prompted to assign the IP Address under the IP Assignment screen 4 Click Apply and the Access Points you ve configured will be moved to the Managed list Note that the status will change from Connecting to Provisioning to Online Once you see Online your Access Points s will have been successfully added to the Managed list Note that if the status is in the connecting mode for over 5 minutes please check that the firmware of the Access Point and Switch match each other IP Assignment Auto Configuration s DHCP Static IP Address Subnet Mask Default Gateway Primary DNS Server Secondary DNS Server 27 Individual Access Point Settings T O E 9 Ki B Backup Upgrade Reset Reboot Logout 24 Port Gigabit PoE L2 Wireless Management Switch with 4 Dual Speed SFP Q Search Managed A
104. ion ef Cable status EWS310AP 00 02 6F E8 BA 1C I Success Information No problem found on this AP MAC Address 00 02 6F E8 BA 1C MAC Address 00 02 6F E8 BA 1C 62 IP Address 192 168 10 127 IP Address 192 168 10 127 Bulk Upgrade The Bulk Upgrade feature allows administrators to up grade the firmware of multiple Aaccess Points at the same time After selecting Bulk Upgrade under Mainte nance the page will display devices that are available to currently upgrade Click Upload New File to search for new firmware for the device s A AP EnGenius EWS7928P 24 Port Gigabit PoE L2 Wireless Management Switch with 4 Dual Speed SFP Bulk Upgrade Current firmware image infomation Model Firmware Version File Name Image Size Byte Upload Time EWS3104P 2000212 EWS310AP v2 0 0 c0 21 2 140128 bin 7476553 2000 Jan 08 05 53 18 SSL Cerificate Upload Wireless AP firmware image file to controller Upload New File Troubleshooting Unable to upload new file when APs are under upgrading S F Bulk Upgrade AVAILABLE UPGRADINC Device List Q Status Model Name MAC Address IP Address Firmware Version Online EWS3104P EWS3104P 00 02 6F E8 BA1C 192 168 10 127 V2 0 0 c0 21 2 Online EWS3104P EWS3104P 00 05 2F E8 BA2E 192 168 10 123 2 0 0 00 21 2 Online EWS3104P EWS3104P 88 DC 96 0C 95 98 192 168 10 163 V2 0 0 c0 21 2 Online EWS3104P EWS3104P 00 02 6F ED 5B 8E 192 168 10 122 2 0 0 00 21 2 10 Y 1to40f4AP s a Previous Next p
105. is from 0 65535 seconds Click Apply to save the changes to the system Console Settings From here you can configure the Console Service settings for the Switch 0 65535 minutes 0 120 0 656535 seconds Session Timeout Enter the amount of time that elapses before Console Service is timed out The default is 5 minutes The range is from 0 65535 minutes History Count Enter the entry number for History of Console Service The default is 128 The range is from 0 256 Password Retry Enter the number of password requests to Count send to the Console Service The default is 3 The range is from 0 120 Silent Time Enter the silent time for Console Service The range is from 0 65535 seconds Click Apply to save the changes to the system 172 Port Security Network security can be increased by limiting access on a Specific port to users with specific MAC addresses Port Security prevents unauthorized device to the Switch prior to stopping auto learning processing WW Controller Switch Port Security e System ort ate x ress 12 Feat P St Max MAC Add eature VLAN Enabled Lei 256 Management EI 1 Disabled 256 gem 2 Disabled 256 QoS Security EI 3 Disabled 256 gt 802 1x I 4 Disabled 256 Radius Server z a 5 Disabled 256 D Access De 6 Disabled 256 p DoS EI 7 Disabled 256 Monitoring 8 Disabled 256 Diagnostics EI H Disabled 256 10 Disabled 25
106. ists ACLs are filters that allow you to classify data packets according to a particular content in the packet header such as the source address destination address source port number destination port number and more Packet classifiers identify flows for more efficient processing Each filter defines the conditions that must match for inclusion in the filter ACLs Access Control Lists provide packet filtering for IP frames based on the protocol TCP UDP port number or frame type or layer 2 frames based on any destination MAC address for unicast broadcast or multicast or based on VLAN ID or VLAN tag priority ACLs can be used to improve performance by blocking unnecessary network traffic or to implement se curity controls by restricting access to specific network resources or protocols Policies can be used to differen tiate service for client ports Server ports network ports or guest ports They can also be used to strictly control network traffic by only allowing incoming frames that match the source MAC and source IP address on a spe cific port ACLs are composed of Access Control Entries ACEs which are rules that determine traffic classifica tions Each ACE is a considered as a single rule and up to 256 rules may be defined on each ACL with up to 3000 rules globally ACLs are used to provide traffic flow con trol restrict contents of routing updates and determine which types of traffic are forwarded or blocked Thi
107. itially in order for both the partic ipating Switches devices that support the standard to use it Port Trunking Port Trunking allows you to assign physical links to one logical link that functions as a single higher speed link providing dramatically increased bandwidth Use Port Trunking to bundle multiple connections and use the combined bandwidth as if it were a single larger pipe A Important You must enable Trunk Mode before you can add a port to a trunk group To access the page click Port Trunking under L2 Features Member Pors 82 Displays the number of the given trunk group You can utilize up to 8 link aggregation groups and each group consisting up to 8 ports on the Switch Active Ports Displays the active participating members of the trunk group Member Port Select the ports you wish to add into the trunk group Up to eight ports per group can be assigned e Static The Link Aggregation is configured manually for specified trunk group e LACP The Link Aggregation is configured dynamically for specified trunk group LACP allows for the automatic detection of links in a Port Trunking Group when connected to a LACP compliant Switch You will need to ensure both the Switch and device connected to are the same mode in order for them to function otherwise they will not work Static configuration is used when connecting to a Switch that does not support LACP Click the Apply button v
108. k APPLY to update the system settings 72 To configure date time manually 1 Next to the Enable SNTP select Disable 2 In the Manual Time field use the drop down boxes to manually select the date and time you wish to set 3 In the Time Zone Offset list select by country or by the Coordinated Universal Time UTC GMT time zone in which the Switch is located 4 Next select Disabled Recurring or Non recurring for Daylight Savings Time Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening 5 Click APPLY to update the system settings Port Settings Displays the port number Use this screen to view and configure Switch port settings DUREE e SR Select the speed and the duplex mode of the The Port Settings feature lets you change the configuration Ethernet connection on this port of the ports on the Switch in order to find the best balance Selecting Auto Auto Negotiation allows one of speed and flow control according to your preferences port to negotiate with a peer port automatically Sech tas to obtain the connection speed and duplex mode PER Gigabit ports require additional factors to be that both ends support When suite nesotiation is considered when arranging your preferences for the Switch turned on a port on the Switch negotiates with the peer automatically to determine the connection s
109. l be forwarded to the multicast router reachable from the port Router Settings VLAN ID Router Ports Auto Learned Dynamic Port List Static Port List Forbidden Port List 1 Enabled E vw 8 Pon 1 2 3 4 5 6 z DH 9 10 11 12 P MAC Address Table static gt LLDP b IGMP Snooping me e e e p 4 MLD Snooping Global Settings VLAN Settings Group List static Router Settings forbid me 6 121 VLAN ID Displays the VLAN ID Router Ports Au The Switch will automatically detect to Learned the presence of a multicast router and forward MLD packets accordingly Dynamic Port List Displays router ports that have been dynamically configured Forbidden Port List Designates a range of ports as being dis connected to multicast enabled routers Ensure that the forbidden router port will not propagate routing packets out Designates a range of ports as being connected to multicast enabled routers Ensure that the all packets will reach the multicast enabled router Static Port List Click the Apply button _ to accept the changes or the Cancel button oe to discard them Jumbo Frame Ethernet has used the 1500 byte frame size since its inception Jumbo frames are network layer PDUs that have a size much larger than the typical 1500 byte Ethernet Maximum Transmission Unit MTU size Jumbo frames extend Ethernet to 9000 bytes making them large enough t
110. led The device is disabled for delivering power via the port e Test Fail The powered device test has failed For example a port could not be enabled and cannot be used to deliver power to the powered device e Testing The powered device is being tested For example a powered device is tested to confirm it is receiving power from the power supply e Searching The device is currently searching for a powered device Searching is the default PoE operational Status e Fault The device has detected a fault on the powered device when the port is forced on For example the power supply voltage is out of range a short short occurs a communication or there is a communication errorwith PoE devices or an unknown error occurs ee Controler Switch PoE Port Settings Pon Siate Summary j Enatlad p F Settings E nated Log La 1 Enabled System Time a 2 Enabled Port Settings Lal 3 Enablad a PoE Power Budget Lal H Enabled PoE Port Settings E 5 Enabled EEE al 6 Enabled Jumbo Frame L Feature D 7 Enabled BE Lal 8 Enabled Lal 9 Enabled E 10 Enabled Enabled 12 Enabled Apply Click APPLY to update the the system settings Priory Crtica Low Low Low Low Low Low Low Low Low Low Low 78 Class Auto Class Arto Class Auto Class Auto Class Auto Class Arto Class Arto Class Auto Class Auto Class Auto Class Auto Class Auto Class Auto Class Status Searching S
111. ler has discovered Use this page to add EWS Access Points to your EWS Con troller Access Point list In the case of multiple Access Points a filtering feature is enabled to help you to manage the Access Points connected by showing or hiding columns via the search bar or checking the corresponding box Select a device and click on Next at the bottom right of the page to view details relating to the Access Point The EWS Wireless Management Switch is able to manage supported EnGenius Access Points For the discovery proce dure to succeed the EWS Switch and the EWS Access point must be connected in the same network The EWS Switch can discover supported EWS Access Points with any IP address and Subnet Settings Ki Le Ki B EnGenius Backup Upgrade Reset Reboot Logout EWS7928P 24 Port Gigabit PoE L2 Wireless Management Switch with 4 Dual Speed SFP Managed AP s Controller Switch 5 5 0 0 e A list of devices that have been added to the network This sortable list consists of a filtering function where users can choose to MANAGED ere be er jana amp Device Management show hide columns that they wish to check By selecting the device name users will be redirected to the device information page z Summary Soo Access Points Active Clients d Status Hodel Hame HAC Address F Device Name IP Address Cluster AP Clusters Online EWS310AP 00 02 6F D7 AC 44 EWS310AP 192 168 10 162 lt Visual Monitoring Online EW
112. less Radio Settings Active Clients AP Clusters Visual Monitoring Statistics Country Wireless Mode Please select a country code 2 4GHz 802 11 b g n Mixed e 5GHz 802 11 a n Mixed Maintenance Channel HT Mode 20 40MHz 40MHz e Extension Channel Upper Channel v D Channel Auto M Auto v Transmit Power Auto v Auto v Client Limits 127 1 127 0 means no limit 127 1 127 0 means no limit Data Rate Auto v Auto v RTSICTS Threshold 2346 1 2346 2346 1 2346 Aggregation Enable Disable Enable Disable gt WLAN Settings 2 4GHz gt WLAN Settings 5GHz 32 Frames 1 32 50000 Bytes Max 2304 65535 32 Frames 1 32 50000 Bytes Max 2304 65535 29 Wireless Mode Channel HT Mode Extension Channel Channel Select from the drop down menu to set Transmit Power the wireless mode for the Access Point For 2 4 GHz the available options are 802 11b g n mixed 802 11b 802 11b g mixed 802 11g and 802 11n For 5 GHz the available options are 802 11a n mixed 802 11a and 802 1 1n Use the drop down menu to select the Channel HT as 20 MHz 20 40 MHz or 40 MHz A wider channel improves the performance but some legacy devices operate only on either 2OMHz or 40 MHz This option is only available for 802 11n modes Use the drop down menu to select the Extension Channel as the Upper or Lower channel An extension channel is a sec Clie
113. list Port or trunked port identifier Use the CIST Ports Settings page to configure and view Priority Defines the priority used for this STA attributes for interfaces when the spanning tree port in the Spanning Tree Algorithm mode is set to STP or RSTP You may use a different If the path cost for all ports on a priority or path cost for ports of the same media type to artei e TE same Mie part wiii SR Geen the highest priority i e lowest indicate a preferred path or Edge Port to indicate if the value will be configured as an active attached device can support fast forwarding or link type link in the Spanning Tree This makes adi EE eas a port with higher priority less likely to indicate a point to point connection or shared media ta b blacked if the Spanning Tree connection Algorithm is detecting network loops When more than one port is assigned the highest priority the his port with lowest numeric identifier 5 D D E wen D I wen nd will be enabled The range is from Sieg SES EES Ee 0 240 in steps of 16 and the x Le i 8 e in wi SE En dr d default is 128 ne me mm mm t enen sien Ya Internal Path Cost Conf The Internal Path Cost setting ns nr mm oO me nocan C w n anses 2 Ve M allows you to specify the relative ails f 7 water anna momom 7 cost of sending spanning tree traffic Se TT e through the interface to adjacent wc sa St om mme bridges within a spa
114. ly is running at 99 usage and port 1 is prioritized as high but port 6 is prioritized as low port 1 is prioritized to receive power and port 6 may be denied power The possible field values are 4 e Low Sets the PoE priority level as low e Medium Sets the PoE priority level as medium e High Sets the PoE priority level as high e Critical Sets the PoE priority level as critical Class Auto Shows the classification of the powered device The class defines the maximum power that can be provided to the powered device The possible field values are e Class 0 The maximum power level at the Power Sourcing Equipment is 15 4 Watts e Class 1 The maximum power level at the Power Sourcing Equipment is 4 0 Watts e Class 2 The maximum power level at the Power Sourcing Equipment is 7 0 Watts e Class 3 The maximum power level at the Power Sourcing Equipment is 15 4 Watts e Class 4 The maximum power level at the Power Sourcing Equipment is 30 Watts Class User Select this option to base the power limit on the value Defined configured in the User Power Limit field User Power Set the maximum amount of power that can be delivered by a port Note The User Power Limit can only be implemented when the Class value is set to User Defined 77 Status Shows the port s PoE status The possible field values are e Delivering Power The device is enabled to deliver power via the port e Disab
115. m A F Select the bit length of the encryption key to be used in the WEP connection Your available options are 64 128 and 152 bit password lengths Based on your Key length selection please enter the appropriate Key Value you wish to use Key Length Key 1 4 Security None No Authentication WEP WEP Wired Equivalent Privacy is widely in use and is often the first security choice presented to users WPA WPA2 Enterprise User should set radius server for WPA Wi Fi Protected Access or WPA2 security protocol WPA PSK WPA2 PSK WPA with PSK Pre shared ke Personal mode is designed for home and small office networks Mode Shared Key WEP Key 1 Input Type HEX Key Length 128 152 bit 32 hex digits or 16 ASCII char Key1 Key2 Key3 WPA WPA2 Enterprise WPA and WPA2 are Wi Fi Alliance IEEE 802 11 stadards which include AES and TKIP mechanisms Select the WPA type to use Available options are Mixed WPA and WPA2 Encryption Select the WPA encryption type you would like Your available options are Both TKIP Temporal Key Integrity Protocol and AES Advanced Encryption Standard Radius Server Enter the IP address of the Radius server Radius Port Enter the port number used for connections to the Radius server Radius Secret Enter the secret required to connect to the Radius server Update Interval Specify how often in seconds the group key changes Select O to disable Radius Ac
116. mation for the VLAN List and choose the priority you wish to use from the drop down list 6 Swich MST Instance Settings MST ID VLAN List Priority Regional Roce Bridge Internal Root Cost Designated Bridge Root Port Mirror Settings 2 32763 4 0 Configuration This value along with the Configuration Reversion Name identifies the MSTP region configured MST ID Displays the ID of the MST group that is created maximum of 15 groups can be set for the Switch on the Switch Devices must have the same VLAN List Enter the VLAN ID range from for the revision number to belong to the same region configured VLANS to associate with the MST ID The VLAN ID number range is from 1 to 4094 MST ID VLAN List Priority Regional Root Bridge Internal Root Cost Designated Bridge Root Port 1 32768 0 ot Select the bridge priority value for the MST When Switches or bridges are running STP each is assigned a priority After exchanging BPDUs the Switch with the lowest priority value becomes the root bridge The default value is 32768 The range is from 0 61440 The bridge priority is a multiple of 4096 Click the Apply button e to accept the changes or the Regional Root This is the bridge identifier of the CST Region Cancel button e to discard them Bridge al Root It is made up using the bridge priority and the base MAC address of the bridge Internal Root Displays the path cost to the designated roo
117. med Dynamic Port List Static Port List Forbidden Port List being connected to multicast Ee Kn 5 a cl enabled routers Ensures that the te D OS tae ter ar TS all packets will reach the multicast MAC Address Table sialic enabled router LLDP forbid 4 IGMP Snooping Global Settings a Port 13 4 15 16 17 18 1 20 a 22 3 24 NE Click the Apply button _ to accept the changes or the er dl forbid meer esse es Cancel button o to discard them 117 MLD Snooping Multicast Listener Discovery MLD Snooping operates on the IPv6 traffic level for discovering multicast listeners on a directly attached port and performs a similar function to IGMP Snooping for IPv4 MLD snooping allows the Switch to examine MLD packets and make forwarding decisions based on content MLD Snooping limits IPv6 multicast traffic by dynamically configuring the Switch port so that multicast traffic is forwarded only to those ports that wish to receive it This reduces the flooding of IPv6 multicast packets in the specified VLANs Both IGMP and MLD Snooping can be active at the same time MLD Snooping Status MLD Snooping Version MLD Snooping Report Suppression Select to Enable or Disable MLD Snooping on the Switch The Switch snoops all MLD packets it receives to determine which segments should receive packets directed to the group address when enabled Select the MLD version you wish to use If an MLD packet received by the interface has a
118. mple Network Management Protocol SNMPv2 and RFC 1906 Trans port Mappings for Version 2 of the Simple Network Man agement Protocol SNMPv2 SNMPv2c updates protocol operations by introducing a GetBulk request and authen tication based on community names Version 2c adds several enhancements to the protocol such as support for Informs Because of this v2c has become the most widely used version Unfortunately a major weakness of v1 and v2c is security To combat this SNMP v3 adds a security features that overcome the weaknesses in v1 and v2c If possible it is recommended that you use v3 especially if you plan to transmit sensitive informa tion across unsecured links However the extra security feature makes configuration a little more complex 136 In SNMPv3 User based Security Model USM authenti cation is implemented along with encryption allowing you to configure a secure SNMP environment The SN MPv3 protocol uses different terminology than SNMPv1 and SNMPv2c as well In the SNMPv1 and SNMPv2c protocols the terms agent and manager are used In the SNMPv3 protocol agents and managers are renamed to entities With the SNMPv3 protocol you create users and determine the protocol used for message authentication as well as if data transmitted between two SNMP enti ties is encrypted The SNMPv3 protocol supports two authentication pro tocols HMAC MD5 96 MD5 and HMAC SHA 96 SHA Both MD5 and SHA use an
119. mply select an interface and select the ACL s you wish to bind r ACL Binding System lt L2 Feature Port MAC ACL IPv4 ACL IPv6 ACL 3 VLAN H none none amp Management ACL MAC ACL 2 MAC ACE IPv4 ACL IPv4 ACE IPv6 ACL IPv6 ACE ACL Binding 4 QoS Security amp Monitoring Diagnostics 154 QoS Quality of Service QoS provides the ability to implement priority queuing within a network QoS is a means of providing consistent and predictable data delivery to the Switch by distinguishing between packets that have stricter timing requirements from those that are more tolerant of delays QoS enables traffic to be prioritized while avoiding excessive broadcast and multicast traffic Traffic such as Voice and Video streaming which require minimal delays can be assigned to a high priority queue while other traffic can be assigned to a lower priority queue resulting in uninterrupted actions Without Qos all traffic data is as likely to be dropped when the network is congested This can result in reductions in network performance and hinder the network in time critical situations In a Switch multiple queues per port are often provided to give preference to certain packets over others based on user defined criteria When a packet is queued for transmission within a port the rate at which it is processed depends on how the queue is configured and the amount of traffic pres
120. naged by the EWS Switch that are not currently assigned to a cluster will be listed on the left 3 Select the Access Points you wish to assign to this cluster and press Add The Access Points will be moved to the right column 4 Configure Radio WLAN and Advanced settings then click on Apply for settings to take effect General The General tab displays basic information about the Wireless Settings Access Point cluster you are managing a Device Name EWS310AP Country Select the location of the cluster from the New Pass Let Bank uncenge 1 12 characters such as its purpose or importance Suet ask Default Gateway Member Setting The Managed APs field will list all APs Primary ONS Sener managed by the EWS Switch that are di d currently not currently assigned to another ees Rao unes cluster Click Add to assign it to this cluster wo or click Del to remove from this cluster Administrator The administrator login username for all Username the APs in this Cluster group Enter a new Administrator Username if you want to change the default username Default value is admin New Password Enter a new password of between 1 and 12 alphanumeric characters Verify Password Enter password again for confirmation 42 AP Clusters Controller Switch amp Device Management Q Summary Cluster Name e APs Member List Description Add Access Points i Sales 2 EWS310AP 88 DC 96 01 9B 86 Sales Dept Active Cl
121. nd can be used as a diagnostic tool Use port mirroring to send traffic to applications that analyze traffic for purposes such as monitoring compliance detecting intrusions monitoring and predicting traffic patterns and other correlating events Port Mirroring is needed for traffic analysis on a Switch because a Switch normally sends packets only to the port to which the destination device is connected The analyzer captures and evaluates the data without affecting the client on the original port Port mirroring can consume significant CPU resources while active so be concious of such usage when config uring the Switch Apply Click APPLY to update the the system settings 86 ez Se Switch only supports up to 4 mirror sessions Port ports mirrored to this port Source TX RX Sets the source port from which traffic will be mirrored TX Port Only frames transmitted from this port are mirrored to the destination port RX Port Only frames received on this port are mir rored to the destination port Both Frames received and transmitted on this port are mirrored to the specified destination port None Disables mirroring for this port Ingress State Select whether to Enable or Disable ingress traffic forwarding Session State Select whether to Enable or Disable port mir roring s Controler Switch Mirror Settings Session ID Destination Port Source TX Port Source RX Port Ingress Stata Sassion State 2
122. nel HT Use the drop down menu to set the Channel HT as Mode as 20MHz 20 40MHz or 40MHz A wider channel eer EE improves the performance but some legacy EE devices can operate only on either 20MHZz or 40 MHz This option is only available for 802 11n ou modes only Stim Secret Lar weng Extension Use the drop down menu to set the Extension Data Rate Auto nee is Szeen Channel Channel as Upper or Lower channel An extension Aggregation Enable Disable Enable Disable 3 Fame jen channel is a secondary channel used to bond 50000 Bytes Max 2304 65535 50000 Bytes Max 2304 65535 with the primary channel to increase this range E to 40MHz allowing for greater bandwidth This sonata option is only available when Wireless Mode is 802 11n and Channel HT Mode is 20 40 MHz or 40MHZ Channel Use the drop down menu to set the wireless channel the radio will operate on Optimizing channel assignments reduces channel interference and channel utilization thereby improving overall network performance and increasing the network s client capacity The list of available channels that can be assigned to radios is populated based on which country the APs are deployed in WLAN Settings 2 4GHz 44 Cluster Setting Transmit Use the drop down menu to select the Power transmit power for the radio Increasing the oe l power improves performance but if two AP Clusters Country Pleas
123. ng Diagnostics Index Displays the current number of ACLs Enter the IP based ACL name You can use up to 32 alphanumeric characters Click the Apply button to accept the changes or the Cancel button to discard them 148 IPv4 Based ACE Use this page to view and add rules to IPv4 based ACLs Protocol IPv4 Based ACE Pv d Based act Cestnaton PAssess User Defines Le Destination P Address Value ACL Name Select the ACL from the list for which a rule is being created Sequence Enter the priority of the ACE ACEs witha higher priority are processed first 1 is the highest priority Source IP Wikdcard Mask Dann 08 for matching 18 f Destration IP Wikicard Mask Oxxx 08 for matching 18 149 Select what action to take if a packet matches the criteria e Permit Forwards packets that meet the ACL criteria e Deny Drops packets that meet the ACL criteria Select Any Protocol ID or Select from a List in the drop down menu e Any Check Any to use any protocol e Protocol ID Enter the protocol in the ACE to which the packet is matched e Select from List Selects the protocol from the list in the provided field e ICMP Internet Control Message Protocol ICMP The ICMP enables the gateway or destination host to communicate with the source host e IPinIP IP in IP Encapsulates IP packets to create tunnels between two routers This ensures that IPIP tunnel
124. ning properly an emergency log mes From here you can discover the paths that a packet sage is saved to the specified logging location takes to a destination The Switch supports log output Select Yes or No from the list If the Switch is to two directions Flash and RAM The information stored not e Geeks 5 ee a us in the system s Flash log will be lost after the Switch is oe eee rebooted or powered off whereas the information stored ALERT AUS O EE in the system s RAM will be kept effective even if the serious switch malfunction Pien al switeh features are down ANS rebooted or powered oti CRIT Select Yes or No from the list A critical log is saved if a critical Switch malfunction occurs Target The method for saving the Switch log to Flash RAM or both Log erased after reboot or power off device error has occurred mul Select Yes or No from the list The device is functioning but an operational problem has occurred information about the Switch information about the Switch Logs with the selected severity level and all logs of greater ee ee severity are sent to the host For example if you select will provide a debugging message Error the logged messages include Error Critical Alert and Emergency Log stored in RAM Will only be erased after system reset Severity Level Refer to severity level table 186 e Switen Summary P Settings a Log Global Settings Local Logging Remote L
125. nits BPDUs transmitted from the Root Bridge of the Spanning Tree If a bridge does not receive a Hello BPDU after a predefined interval known as the Maximum Age the bridge will assume that the link to the Root Bridge is down and unavailable This bridge then initiates negotiations with other bridges to reconfigure the network to reestablish a valid network topology Spanning Tree Loops Loops occur when alternate routes exist between hosts Loops in an extended network can cause the Switch to forward traffic indefinitely resulting in increased traffic and reducing network efficiency Once the STP is enabled and configured primary links are established and duplicated links are blocked automatically The reactivation of the blocked links is also accomplished automatically STP provides a tree topology and other Spanning tree versions supported include STP Multiple Spanning Tree Protocol MSTP and Rapid Spanning Tree Protocol RSTP Please note that only one spanning tree can be active on the Switch at a time The default Setting is RSTP Select whether to Enable or Disable the spanning tree operation on the Switch Select the Force Protocol Version parameter for the Switch STP Force Version e STP Spanning Tree Protocol IEEE 802 1D e RSTP Rapid Spanning Tree Protocol IEEE 802 1w e MSTP Multiple Spanning Tree Protocol IEEE 802 1s Multiple Spanning Tree Protocol MSTP defined in IEEE 802 1
126. nning tree EE EE region w o mm mm gym engen eine DMM Ve Internal Path Cost Oper The External Path Cost setting is BEE 7 eneen mamono 9 Ye used to calculate the cost of sending spanning tree traffic through the interface to reach an adjacent spanning tree region The spanning tree algorithm tries to minimize the total path cost between each point of the tree and the root bridge 97 Designated Root Bridge Internal Root Cost This is the cost to the CIST regional root in a region External Root Cost External Root Cost is the cost to the CIST root Regional Root Bridge Internal Port Cost Enter the cost of the port Edge Port Conf Displays the Edge Port state Designated Bridge Port Role Port State Displays the Root Bridge for the CST It is comprised using the bridge priority and the base MAC address of the bridge This is the bridge identifier of the CST Regional Root It is made up using the bridge priority and the base MAC address of the bridge This is the Bridge Identifier of the bridge of the Designated Port It is made up using the bridge priority and the base MAC address of the bridge Each MST Bridge Port that is enabled is assigned a Port Role within each spanning tree The port role will be one of the following values Root Port Designated Port Alternate Port Backup Port Master Port or Disabled The Forwarding State of this port The state parameters are Di
127. nstallation Professionnelle 1 Installation Ce produit est destine a un usage specifique et doit etre installe par un personnel qualifie maitrisant les radiofrequences et les regles s y rapportant L installation et les reglages ne doivent pas etre modifies par l utilisateur final 2 Emplacement D installation En usage normal afin de respecter les exigences reglementaires concernant l exposition aux radiofrequences ce produit doit etre installe de facon a respecter une distance de 23cm entre l antenne emettrice et les personnes 3 Antenn Externe Utiliser uniiquement les antennes approuvees par le fabricant L utilisation d autres an tennes peut conduire a un niveau de rayonnement essentiel ou non essentiel depassant les niveaux limites definis par FCC IC ce qui est interdit 4 Procedure D installation Consulter le manuel d utilisation 5 Avertissement Choisir avec soin la position d installation et S assurer que la puissance de sortie ne de passe pas les limites en vigueur La violation de cette regle peut conduire a de serieuses penalites federales 201 Appendix A Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate rad
128. nt Limit Data Rate ondary channel used to bond with the primary channel to increase the range to 40MHz allowing for greater bandwidth This option is only available when Wire less Mode is 802 11n and Channel HT Mode is 20 40 MHz or 40 MHz Use the drop down menu to select the wireless channel the radio will operate on Optimizing channel assignments reduces channel interference and channel utilization for the network thereby im proving overall network performance and increasing the network s client capacity The list of available channels that can be assigned to radios is determined based on which country the Access Points are deployed in 30 RTS CTS Threshold Use the drop down menu to select the transmit power for the radio Increasing the power improves performance but if two or more Access Points are operating in the same area on the same channel it may cause interference Please specify the maximum number of wireless clients that can associate with the radio Enter a range between 1 127 or fill in O for an unlimited client limit Use the drop down list to set the avail able data rates permitted for the wire less clients The data rate will affect the throughput of the Access Point s The lower the data rate the lower the throughput but the longer the transmis sion distance Enter a Request to Send RTS Threshold value between 1 2346 Use RTS CTS to reduce data collisions on the wireless net work
129. nt O erating Pepe latte 32 F 122 F 0 F C 50 torage Temperature 40 F 158 F 40 C 70 C Operating Humidity 10 90 non condensing torage Humidity 5 90 non condensing 44mm 440 x 260 x 44mm 73 inches 17 3 x 10 2 x 1 73 Inches AW WARNING wa This switch should be connected only to PoE networks without routing to the outside plant 199 Professional Installation Instruction 1 Installation Personnel This product is designed for specific application and needs to be installed by a qualified personnel who has RF and related rule knowledge The general user shall not attempt to install or change the setting 2 Installation Location The product shall be installed at a location where the radiating antenna can be kept at least 23cm from nearby persons in normal operating conditions to meet regulatory RF exposure requirement 3 External Antenna Only use the antennas which have been approved by the applicant Any non approved antenna s may produce unwanted spurious or excessive RF transmitting power which may lead to the violation of FCC IC limit and therefore is prohibited 4 Installation Procedure Please refer to the user s manual for details 5 Warning Please carefully select the installation position and make sure that the final output pow er does not exceed the limit set force in relevant rules The violation of this rule could lead to serious federal penalties 200 Instructions D i
130. nt Select the view name from a list from the SNMP network management station function _ Access Rights ee the level ee objects accessible to the Your ing as a password choices are Read write or Read only Click Add to add a community list to the Switch Next name the community and choose the level of access that Click the Apply button to accept the changes or the will be granted to the specified list from the drop down boxes Cancel button to discard them Community List System Information El Basic H at ead Only Fie Management 4 SNMP Global Settings View List User List 141 User List Privilege Mode Select No Auth Auth or Priv se curity level from the list Use the User List page to create SNMP users for authen e No auth Neither authen tication with managers using SNMP v3 to associate them lication nor the privacy security levels are assigned to the group to SNMP groups Click Add to add a new user e Auth and ensures that the origin of the SNMP message is authenticated e Priv Encrypts SNMP TH ee messages Authentication Protocol Select the method used to au thenticate users e MD5 Using the HMAC MDS algorithm e SHA Using the HMAC SHA 96 authentication level Enter the SHA password and the HMAC SHA 96 password to be used for authentication Authentication Password Enter MD5 password and the HMAC MD5 96 password to be used for authentication Encry
131. nt VLAN ID Select the VLAN ID for allows user to transfer the authority of the Switch Apply Click Apply to update the system settings 128 Voice VLAN Voice VLAN State Select Enabled or Disabled for Voice VLAN on the Switch Enhance your Voice over IP VolP service by configuring Voice VLAN ID Sets the Voice VLAN ID for the network ports to carry IP voice traffic from IP phones on a specific Only one Voice VLAN is supported on the VLAN Voice VLAN provides QoS to VoIP ensuring that the Switch quality of the call does not deteriorate if the IP traffic is 802 1p Remark Enable this function to have outgoing voice traffic to be marked with the selected CoS value Remark CoS 802 1p Defines a service priority for traffic on the Voice VLAN The priority of any received Global Settings VoIP packet is overwritten with the new priority when the Voice VLAN feature is received erratically or unevenly active on a port Range 0 7 Default 6 Aging Time The aging time is used to remove a port from voice VLAN if the port is an automatic VLAN member When the last s voice device stops sending traffic and PAPE AER SEN the MAC address of this voice device is oe ke aged out the voice VLAN aging timer h Global Settings 8021p ramark Enabled will be started The port will be removed from the voice VLAN after expiration of the voice VLAN aging timer If the voice traffic resumes during the aging time the aging
132. nt broadcast domains so that you can group ports with related functions into their own separate logical LAN segments on the same Switch This allows broadcast packets to be forwarded only between ports within the VLAN which can avoid broadcast packets being sent to all the ports on a single Switch A VLAN also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain VLANs also improve security by limiting traffic to specific broadcast domains 802 1Q Each VLAN in a network has an associated VLAN ID which appears in the IEEE 802 1Q tag in the Layer 2 header of packets transmitted on a VLAN The IEEE802 10 specification establishes a standard method for tagging Ethernet frames with VLAN membership information The key for IEEE802 10 to perform its functions is in its tags 802 1Q compliant Switch ports can be configured to transmit tagged or untagged frames A tag field containing VLAN information can be inserted into an Ethernet frame When using 802 1Q VLAN configuration you configure ports to be a part of a VLAN group When a port receives data tagged for a VLAN group the data is discarded unless the port is a member of the VLAN group 123 Enabled Enables 802 10 VLANs This feature is enabled by default VID Displays the VLAN ID for which the network policy is defined The range of the VLAN ID is from 1 494 Enter the VLAN name You can use up to 32 alphanumeric charact
133. numeric characters Subtree OID Enter the Object Identifier OID Subtree The OID identifies an object tree MIB tree that will be included or excluded from access by an SNMP manager Note that the first character must be a period Wild cards can be used to mask a specific portion of the OID string using a period Controller Sw View List View Name Subtree OID Subtree Mask View Type Fr all 1 all Included System Information User Management b File Management a SNMP Global Settings View List Group List Community List User List Trap Settings Z ACL 4 QoS Security amp Monitoring Diagnostics Subtree Mask Select O or 1 for Subtree mask The mask of the Subtree OID 1 means this object number is concerned amd O means do not concern View Type Select whether the defined OID branch within MIB tree will be included or excluded from the selected SNMP view Generally if the view type of an entry is Excluded another entry of view type Included should exist and its OID subtree should overlap the Excluded view entry Click the Apply button to accept the changes or the Cancel button to discard them 139 Group List Configure SNMP Groups to control network access on the Switch by providing users in various groups with different management rights via the Read View Write View and Notify View options Security Moda SecurityLavel Read View Write V
134. o carry an 8 KB application datagram plus packet header overhead If you intend to leave the local area network at high speeds the dynamics of TCP will require you to use large frame sizes The EnGenius Layer 2 Switch supports a Jumbo Frame size of up to 9216 bytes Jumbo frames need to be configured to work on the ingress and egress port of each device along the end to end transmission path Furthermore all devices in the network must also be consistent on the maximum Jumbo Frame size So it is important to do a thorough investigation of all your devices in the communication paths to validate their settings Jumbo Frame Enter the size of jumbo frame The range is from 1522 9216 bytes Enter the size of jumbo frame The range is from 1522 9216 bytes Click APPLY to update the the system settings mer Swich Jumbo Frame vu Bytes 1522 9216 122 VLAN A Virtual LAN VLAN is a group of ports that form a logical Ethernet segment on a Layer 2 Switch which provides better administration security and management of multicast traffic A VLAN is a network topology configured according to a logical scheme rather than a physical layout When you use a VLAN users can be grouped by logical function instead of physical location All ports that frequently communicate with each other are assigned to the same VLAN regardless of where they are physically on the network VLANs let you logically segment your network into differe
135. ogging Log Table System Time Port Settngs b PoE EEE Jumbo Frame Local Logging Target EMERG ALERT CRIT Bufersd Yes el Yes zl Yes x File No No No Click the Apply button _ to accept the changes or the Cancel button oe to discard them ERROR WARNING NOTICE INFO Yes a Yes EI No No No No 187 Yes si He Isi DEBUG No x No v Remote Logging From here you can discover the paths that a packet takes to a destination Remote logging enables the Switch to send system logs to the Log Server The Log Server helps to centralize system logs from various devices such as Access Points so that the user can monitor and manage the whole network Click the Add button and select the severity level of events you wish to log IP Hostname Specify the IP address or host name of the host configured for the Syslog Server Port Specify the port on the host to which Syslog messages are sent The default port is 514 Severity Level Refer to severity level table on page 25 or 27 Logs with the selected severity level and all logs of greater severity are sent to the host For example if you select Error the logged messages include Error Critical Alert and Emergency The log facility is used to separate out log messages by application or by function allowing you to send logs to different files in the syslog server Use the drop down menu to select local local1 local2 local3 local4 lo
136. oint Click on this field and you ll be redirected to the configuration page where you can edit settings such as device name IP Address Wireless Radio settings SSID etc IP Address Shows the IP Address of the managed Access Point Shows the firmware version of the managed Access Point updated you ll be redirected to the cluster configuration page Column Filter Shows or hides fields in the Access Point list Status Model Name s MAC Address 7 Device Name IP Address Firmware Version Last Update Cluster AP Detected Reveals a list of all APs in the network that the EWS Switch automatically discovers Mouse over the discovered Access Point to show general information such as the MAC IP Model FW etc IP Address 00 02 6F D7 AC 44 192 168 10 127 192 168 10 122 192 168 10 123 192 168 10 163 Select the Access Point you wish to have the Controller manage using the check box and click ALLOW to add to the Managed Access Point list 24 General From here vou can view and configure general device in formation for selected Access Points that are connected to the network 4 General Settings Device Name EWS310AP 1 32 characters Administrator Username admin 1 32 characters New Password 1 12 characters Verify Password Auto Configuration DHCP Static IP Address Subnet Mask Default Gateway Primary DNS Server Secondary DNS Server 25 Global Settings Sele
137. on Use the mouse wheel to zoom in out Q The number in the marker represents the number of wireless clients that are currently connected to the Access Point KZ AP List Click to reveal a list of APs that the EWS Switch is currently managing Save Plan Click for settings to take effect Save Plan 54 Color Legend Online There is an active connection with the EWS Switch Grey Offline There is no active connection with the EWS Switch Yellow Status Change Indicates that there has been a status change for the managed Access Point White New Device An Access Point has been recently added to the network How to use the Floorplan View 1 Click on the AP List button to display the list of man aged Access Points 2 Drag and drop the green flag marker representing the Access Point to a location on the map 3 Click on Save Plan to save your changes You can now easily locate you Access Point by having your mouse cursor over the Device Name field in the Access Point List Total Rx Tx Use the buttons to toggle between Total Traffic Statistics Rx Traffic or Tx Traffic Sorting Use this button to sort the order from ascending descending depending on your preference The Statistic page provides a convenient overview of Access Points and client traffic for the network Access Points Click on the bar in the Managed APs chart to display the traffic of the selected AP Access Points
138. onitoring 10 Disabled Diagnostics 11 Disabled L2 Features The L2 Feature tab exhibits complete standard based Layer 2 switching capabilities including Link Aggregation 802 1D single Spanning Tree Protocol 802 1w Rapid Spanning Tree Protocol 802 1s Multiple Spanning Tree Protocol MAC Address Table Internet Group Management Protocol IGMP Snooping Port Mirroring 802 1ab Link Layer Discovery Protocol LLDP and Multicast Listener Discovery MLD snooping Utilize these features to configure the Switch to your preferences 80 Link Aggregation A Link Aggregation Group LAG optimizes port usage by linking a group of ports together to form a single logical higher bandwidth link Aggregating ports multiplies the bandwidth and increases port flexibility for the Switch Link Aggregation is most commonly used to link a bandwidth intensive network device or devices Such as a server to the backbone of a network The participating ports are called Members of a port trunk group Since all ports of the trunk group must be configured to operate in the same manner the configuration of the one port of the trunk group is applied to all ports of the trunk group Thus you will only need to configure one of any of the ports in a trunk group A specific data communication packet will always be transmitted over the same port in a trunk group This ensures the delivery of individual frames of a data communication packet will be
139. otocol settings The Telnet protocol is a Standard internet protocol which enables terminals and applications to interface over the Internet with remote hosts by providing Command Line Interface CLI communication using a virtual terminal connection This protocol provides the basic rules for making it possible to link a client to a command interpreter The Telnet service for the Switch is enabled by default Please note that for Secure communication it is better to use SSH over Telnet To enable and configure SSH Settings please refer to SSH Settings on the next page Swich Telnet Settings Telnet Service Select whether the Telnet Service is Enabled or Disabled It is enabled by default Session Timeout Enter the amount of time that elapses before the Telnet Service is timed out The default is 5 minutes The range is from 0 65535 minutes History Count Enter the entry number for History of Telnet Service The default is 128 The range is from 0 256 Password Retry Enter the number of password request send Count to Telnet Service The default is 3 The range is from 0 120 Silent Time Enter the silent time for Telnet Service The range is from 0 65535 seconds Click Apply to save the changes to the system 170 SSH Settings Secure Shell SSH is a cryptographic network protocol for secure data communication network services SSH is a Way of accessing the command line interface on the network Switc
140. our current configuration to a file on your computer or a Configuration Manager Settings Upgrade Backup Upgrade Method TP Server IP File Name TFTP server or to restore previously saved configuration e settings to the Switch using a configuration file from your local drive or TFTP server Backup Download the configuration file from the Switch to the TFTP server on the network Next download the configuration file from the Switch to your local drive by using an HTTP session Swich Configuration Manager Crowa Fih a Fie Management Dual Image Upgrade First upload the configuration file from a TFTP server to the Switch Next upload the configuration file from your local drive to the Switch by using an HTTP session Upgrade Backup Select Upgrade or Backup from the list Method Two methods can be selected HTTP or TFTP File Field only shown when Upgrading via HTTP Click Browse to select file to Upgrade or Backup Server IP Enter the Server IP address to upload the configuration file from the TFTP server to the Switch File Name Field only shown when Upgrading via TFTP Enter the destination file name of the configuration file to upload from the TFTP server to the Switch Click Apply to save the changes to the system 134 Flash Partition Displays the number of the partition Displays the partition which is currently The Switch maintains two versions of th
141. ower budget Ports 1 8 output up to 30 Watts Ports 1 24 output up to 30 Ports 1 48 output up to 30 ge Port ee per Port Watts per Port Total PoE Budget SFP Slots Switching Capacity 24 Gees Geesen Te 104 dereen Forwarding Mode Store and Forward Flash Memory 32 MB 32 MB 32 MB EE 256 MB 256 MB MAC ess Table Port Functions 8 24 or 48 10 100 1000Mbps Ports in the front panel Depending on model 2 or 4 100 1000Mbps SFP Ports Depending on model 1 RJ 45 Port PoE Capability PoE Standard Port 1 8 24 or 48 Support IEEE 802 3at af PoE Capable Ports Port 1 8 24 or 48 can output up to 30 Watts LED Indicator Device Power LED x1 Fault LED x1 PoE Max LED x1 LAN Mode LED x1 PoE Mode LED x1 Copper Ports LAN PoE Mode LED x 1 Link Act LED x 1 SFP Ports Link Act LED x 1 Environment amp Mechanical Temperature Range Operating 32 to 122 F 0 to 50 C Storage 40 to 158 F 40 to 70 C Humidity non condensing 5 95 L2 Features 802 3ad compatible Link Aggregation 802 1D Spanning Tree STP 802 1w Rapid Spanning Tree RSTP 802 15 Multiple Spanning Tree MSTP IGMP Snooping v1 v2 v3 MLD Snooping IGMP Fast Leave Port Trunking Port Mirroring One to one and many to one VLAN Group Voice VLAN Queue CoS based on 802 1p priority CoS based on physical port CoS based on TOS CoS based on DSCP BootP DHCP Client Firmware Burn Proof 802 1X Port based Access Control 802 1X Guest VL
142. peed and duplex mode If the peer port does not support autoegotiation or turns off this feature the Switch determines the connection speed by menu detecting the signal on the cable and using half duplex mode When the Switch s auto negotiation compared to 10 100 ports To access the page click Port Settings under the System is turned off a port uses the pre configured speed Port Settings and duplex mode when making a connection thus ech DEES ge SSES requiring you to make sure that the settings of the Summary Som Se Gegen BR peer port are the same in order to connect gt IP Settings Le b Log EI 1 Link Down Auto Disabled System Time 2 Link Down Auto Disabled Port Settings F 3 Link Up Auto 1000M Full Disabled gt PoE FEE 4 Link Down Auto Disabled Jumbo Frame EI 5 Link Down Auto Disabled L2 Feature 6 Link Down Auto Disabled VLAN Management 7 Link Down Auto Disabled ACI 8 Link Down Auto Disabled QoS EI 9 Link Down Auto Disabled Security Monitoring 10 Link Down Auto Disabled Diagnostics o 11 Link Down Auto Disabled 12 Link Down Auto Disabled 73 Flow Control A concentration of traffic on a port decreases port bandwidth and overflows buffer memory causing packet discards and frame losses Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port The Switch uses IEEE802 3x flow control in full duplex mode and backpressure
143. ption Protocol Select the method used to au thenticate users e None No user authenti cation is used e DES Using the Data En cryption Standard algorithm Encryption Key Enter the Data Encryption Stan dard key Click the Apply button to accept the changes or the 142 Trap Settings Swich Trap Settings snmp Community Server IP Hostname Version Notify Type Name Username vop Timeout SNMP Traps sao A trap is a type of SNMP message The Switch can send traps to an SNMP manager when an event occurs You can restrict user privileges by specifying which portions of the MIBs that a user can view In this way you restrict which MIBs a user can display and modify for better security In addition you can restrict the types of traps users can send as well You can do this by de termining where messages are sent and what types of messages can be sent per user Traps indicating status changes can be issued by the Switch to the specified trap manager by sending authentication failure messag es and other trap messages 143 ACL An Access Control List ACL allows vou to define clas sifitcation rules or establish criteria to provide security to your network by blocking unauthorized users and allowing authorized us7ers to access specific areas or resources ACLs can provide basic security for access to the network by controling whether packets are forward ed or blocked at the Switch ports Access Control L
144. re ae version MAC address IP address Gateway and System Uptime Displays the model name of the Switch FW version Displays the installed firmware version of the Switch Serial Number Displays the serial number of the Switch Base MAC address Displays the MAC address of the device IP Address Displays the IP address assigned by DHCP server Displays the Gateway of IP interface System Uptime Displays the amount of time since the most recent device reset The System Time is displayed in the following format days hours and minutes For example the display will read 3 days 6 hours 10 minutes 67 IP Settings The IP Setting screen contains fields for assigning IP addresses IP addresses are either defined as static or are retrieved using the Dynamic Host Configuration Protocol DHCP DHCP assigns dynamic IP addresses to devices on a network DHCP ensures that network devices can have a different IP address every time the device connects to the network Note the following when configuring IP Addresses H the device fails to retrieve an IP address through DHCP the default IP address is 192 168 0 239 To access the page click IP Settings under the System menu Port Settings 68 IPv4 To be managed over the network the Switch needs an IP Address to be assigned The IP Settings screen contains fields for assigning IP addresses IP addresses are either defined as Static or are retrieved
145. rettiva 1999 5 EC Alul rott gy rt neve nyilatkozom hogy a t pus megfelel a vonatkoz alapvet k vetelm nyeknek s az 1999 5 EC ir nyelv egy b el ir sainak Polski Polish Niniejszym nazwa producenta o wiadcza e nazwa wyrobu jest zgodny z zasadniczymi wymogami oraz pozosta ymi stosownymi postanowieniami Dyrektywy 1999 5 EC Portugu s Portuguese Nome do fabricante declara que este tipo de equipamento est conforme com os requisitos essenciais e outras disposi es da Directiva 1999 5 CE Slovensko Slovenian Slovensky Slovak Ime proizvajalca izjavlja da je ta tip opreme v skladu z bistvenimi zahtevami in ostalimi relevantnimi dolo ili direktive 1999 5 ES Meno v robcu t mto vyhlasuje Ze typ zariadenia spl a z kladn po iadavky a v etky pr slu n ustanovenia Smernice 1999 5 ES Suomi Finnish Valmistaja manufacturer vakuuttaa t ten ett type of equipment laitteen tyyppimerkint tyyppinen laite on direktiivin 1999 5 EY oleellisten vaatimusten ja sit koskevien direktiivin muiden ehtojen mukainen Svenska Swedish H rmed intygar f retag att denna utrustningstyp st r verensst mmelse med de v sentliga egenskapskrav och vriga relevanta best mmelser som framg r av direktiv 1999 5 EG 207
146. romagnetic compatibility and Radio spectrum Matters ERM Wideband Transmission systems Data transmission equipment operating in the 2 4 GHz ISM band and using spread spectrum modulation techniques Harmonized EN covering essential requirements under article 3 2 of the R amp TTE Directive e EN 301 893 Broadband Radio Access Networks BRAN 5 GHz high performance RLAN Harmonized EN covering essential requirements of article 3 2 of the R amp TTE Directive e EN 301 489 1 Electromagnetic compatibility and Radio Spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment and services Part 1 Common technical requirements e EN 301 489 17 Electromagnetic compatibility and Radio spectrum Matters ERM ElectroMagnetic Compatibility EMC standard for radio equipment and services Part 17 Specific conditions for 2 4 GHz wideband transmission systems and 5 GHz high performance RLAN equipment 205 This device is a 5GHz wideband transmission system transceiver intended for use in all EU member states and EFTA countries except in France and Italy where restrictive use applies In Italy the end user should apply for a license at the national spectrum authorities in order to obtain authorization to use the device for setting up outdoor radio links and or for supplying public access to telecommunications and or network services This device may not be used for setting up outdoor radio links in France and in some areas the RF
147. rver IP Enter the WINS Server IP adress for the cluster Guest Network Band Status SSID Security Encryption Hidden SSID Client Isolation 24GHz Disabled EnGenius 2 4GHz GuestMetwork None None No Ho GHz Disabled EnGenius 5GHz Guestietwork None None Ho Ho Manual IP Settings IP Address Subnet Mask Automatic DHCP Server Settings Starting IP Address Ending IP Address WINS Server IP Apply Click APPLY to update the the system settings 47 Visual Monitoring Topology View From here you can see a visual view of the topology of the cluster in the netwrok Use the directional pad and the plus or minus buttons to navigate your view of the network You can also search Access Points in the network via their IP or MAC address Check the Show Port Info box to show whether you wish the search query to show port information EnGenius The following table explains the color coding of Access Points in the topology view Green one Status Change Click the Save Topology button to update your settings WW EI 9 B Backup Upgrade Reset Reboot Logout EWS7928P 24 Port Gigabit PoE L2 Wireless Management Switch with 4 Dual Speed SFP Topology View We Controller Switch porogy amp Device Management The switch will automatically generate your current network topology Click on Save Topology after confirming your topology Notifications of change will be displayed upon detecting Topology
148. s automatically assigned to the guest VLAN Q lt at D x A P State Select whether authentication is Enabled or Disabled on the Switch Guest VLAN Select whether Guest VLAN is Enabled or Disabled on the Switch The default is Disabled Guest VLAN ID Select the guest VLAN ID from the list of currently defined VLANs 163 Port Settings The IEEE 802 1X port based authentication provides a security standard for network access control with Radius servers and holds a network port disconnected until authentication is completed With 802 1X port based authentication the supplicant provides the required credentials such as user name password or digital certificate to the authenticator and the authenticator forwards the credentials to the authentication server for verification to the guest VLAN If the authentication server determines the credentials are valid the Supplicant is allowed to access resources located on the protected side of the network From here you can configure the port settings as they relate to 802 1X First select the mode from the you wish to utilize from the drop down box Next choose whether to Enable or Disable reauthentification for the port Enter the time span that you wish to elapse for the Re authentification period Quiet Period and Supplicant Period After this enter the max number of times you wish for the Switch to retransmit the EAP request Finally choose whether you wish
149. s criterion can be specified on a basis of the MAC address or IP address 144 Server IP Hostname Enter the Server IP or Hostname The Timeout Configurable only if the notify type is Hostname can contain up to 128 alpha Informs Enter the amount of time the numeric characters device waits before re sending The de SNMP Version Select the SNMP version from the list fault is 15 seconds Notify Type Select the type of notification to be sent e Traps Traps are sent e Informs Informs are sent ONLY when v2c is enabled Note The recipient of a trap message does not send a response to the Switch Traps are therefore not as reliable as in Click the Apply button to accept the changes or the form messages which include a request for acknowledgement of receipt Inform Cancel button to discard them messages can be used to ensure that critical information is received by the host However please note that in forms consume more system resources because they must be kept in memory until a response is received Informs also add to network traffic You should consider these effects when deciding whether to issue notifications as traps or informs Community Name Select the Community Name from the list Configurable only if the notify type is Informs Enter the amount of time the device waits before re sending an inform request The default is 3 seconds Enter the UDP port used to send notifi cations 14
150. s packets received on the port Pkts of 512 to Displays the number of 512 to 1023 byte 1023 Octets packets received on the port Pkts of 1024 to Displays the number of 1024 to 1522 byte 1522 Octets packets received on port Drop Events Displays the number of dropped events that have occurred on the port Port Select the specific port for which RMON statistics are displayed Octets Displays the sample number from which the statistic taken Pkts Displays the number of octets received on the port Broadcast Pkts Displays the number of good broadcast packets received on the port This number does not include Multicast packets 183 Log The Syslog Protocol allows devices to send event notification messages in response to events faults or errors occurring on the platform as well as changes in configuration or other occurrences across an IP network to syslog servers It then collects the event messages providing powerful support for users to monitor network operation and diagnose malfunctions A Syslog enabled device can generate a syslog message and send it toa Syslog server Syslog is defined in RFC 3164 The RFC defines the packet format content and system log related information of Syslog messages Each Syslog message has a facility and severity level The Syslog facility identifies a file in the Syslog server Refer to the documentation of your Syslog program for details The following table describes th
151. scarding Learning Forwarding or Disabled 98 gt Link Aggregation Mirror Settings d SIP Global Settngs Root Bndge Pon Settings CIST Instance Settings CIST Port Settings MST Instance Settings MST Port Settings MAG Address Table f LLDP IGMP Snooping MLD Snooping gt VLAN A Management ACL Internal External Path Cost Opar 2000 20000 20000 20000 20000 20000 20000 20000 20000 20000 External Path Cost Designated Root Oper Bridge 0 0 00 00 00 00 00 00 00 00 00 00 32768 07 a a D wees OU 040 20000 69 t0 00 00 00 00 un 20000 00 0 00 00 00 00 20000 00 00 00 00 00 00 alos 00 00 00 00 00 00 20000 EH 00 00 00 00 00 00 _ 0040 00 00 00 00 D co t0 00 00 00 00 20000 00 00 00 00 00 Regional Roce Badge 09 00 00 00 00 00 00 00 00 00 00 00 aos 00 00 00 00 0000 0107 00 00 00 00 00 00 00 00 00 00 00 00 007 00 00 00 00 00 00 00 00 00 00 00 00 0 07 O9 00 00 00 00 00 00 C0 00 00 00 0000 C0 00 00 00 00 00 Internal Cost Dosignatod Badge 0 0 P 00 00000 00 00 TA 32768 0 BBOCHIEES un S 00 00 00 00 00 00 0 0 z owo 0 0 00 00 00 00 00 00 0 0 G senn 7 hs 2004 00 00 00 00 0000 Internal Edge Edge P2P P2 Port Por Port MAC MAC Cost Conf Oper Conf Opor Port Role Dissbed Disabed Apply Click APPLY to update the the system settings
152. sic iscvccndsasconeeinsdeaterteisbdemnectasshesrsibetennavcenens 46 Visual PIL OTE Scot Ra an 48 opology VIP an ouate 48 Navigation TIPS sus nanas cie 49 Map BUS ae 50 Navigation TDS cinenrtrnunmaadanstiiriunniniesrinuienanesn 51 Floor View Floorplan Image 52 Satis RE e TE 53 Managing Nassau 53 Floorplan View Floor View EEEEEEEEEENEN 53 Navigation Tips Color Legend 54 HOW to use a Floor Plan View 54 AL SMS ae sn do moine 55 NOC SS E 55 Wireless CBS sun ait 57 GEI d Ve 59 SSL End a ao a 59 Generating a New Certificate 59 Certification UPTON VEN Oh sass sas 60 Advanced Ka ele E 60 hroubl e TE 61 Choosing an Access Point to Diagnose 61 Bulk Upgrad E ones 63 SEENEN 63 Chapter 3 Switch Management 65 SE dan du nomma 66 SUMMA V eunn de hum onu 67 a Sedi BaT ennemi 67 e In dE 68 PY a 68 IPVO e reach earnest dee Paesttenee 70 SVStem UMMM esac a oceans 71 Port SOT UNS nn nan dite nee 73 eh Gel EE 75 SUE E 75 Sms FOSSES ais ro do 76 A ee 79 L2 NIN ebe ereechen 80 Link ASE LION den errertn rete trent arte 80 SEKR 82 DUAL AGP me ann 83 e LE dl 84 LAC TIMOR a dom 85 MONS erer 86 ASP a ne ote 88 Qlobal SOU MES ne une 88 Spanning Tree LOOPS sun 89 ROOU Eet ee 91 et ll 93 SORE PONS a ana e 94 Ska Wl E e a 95 CAS Rn E TN 97 MST Instance SSRIABS sen 99 MST Port en UES sx setsccncusoisuzuesculelanutsstiwietecect wandiradeicsctsvbe
153. size of ping packet to send The range is from 8 5120 and the default is 56 Displays the ping test results Click Test to perform the ping tests IPv6 Ping Test You can vary the test parameters by entering the data in the appropraite boxes To verify accuracy of the test it is reccomended that you run multiple tests in case of a Send a ping request to a specified IPv6 address Check test fault or user error whether the Switch can communicate with a particular network host before testing station you want the Switch to ping to Swich IPv6 Ping Tost from 1 5 and the default is 1 a TEA The range is from 1 5 and the default is 4 pi range is from 8 5120 and the default is 56 Result Displays the ping test results Click Test to perform the ping tests 192 tion you wish the Switch to ping to The traceroute feature is used to discover the routes that ee FE RES packets take when traveling to their destination It will list from 2 235 and the default is 30 all the routers it passes through until it reaches its desti nation or fails to reach the destination and is discarded In testing it will tell you how long each hop from router to Click Test to initiate the trace route router takes via the trip time of the packets it sends and receives from each successive host in the route LE Controller Switch Trace Route System lt 2 Feature VLAN IP Address Trace Route Settings x xx x or hostname Man
154. ssigned to Siemens IP Phones e 00 60 B9 Assigned to NEC Philips IP Phones e 00 0F E2 Assigned to H3C IP Phones e 00 09 6E Assigned to Avaya IP Phones Index Displays the VoIP sequence ID OUI Address This is the globally unique ID assigned to a ven dor by the IEEE to identify VolP equipment Displays the ID of the VoIP equipment vendor To configure the OUI settings click the Edit button to re configure the specific entry Click the Delete button to remove the specific entry and click the Add button to create a new OUI entry Click the Apply button to accept the changes or the Cancel button o to discard them 130 Port Settings Port Displays the port to which the Voice VLAN Enhance your VoIP service further by configuring ports to settings are applied carry IP voice traffic from IP phones on a specific VLAN State Select Enabled to enhance VolP quality on the selected port The default is Disabled Voice VLAN provides QoS to VoIP ensuring that the quality toS Mode Select Sre Oe All from ane lise of voice does not deteriorate if the IP traffic is received Src 00S attributes are applied to packets unevenly with OUIs in the source MAC address All QoS attributes are applied to packets that are Classified to the Voice VLAN Operate Status Displays the operating status for the Voice B Controller Swich Port Settings VLAN on the selected port System 12 Feat Port State
155. t Displays the number of Unicast packets transmit G ted on the port s o o o wo o 6 o u TXDiscard Displays the number of transmitted packets dis LE carded on the port RS MR Seat RXMcast Displays the number of Multicast packets received 9 0 o 4 o on the port W RXBcast Displays the number of Broadcast packets received ER RP E ST CET GET MGS GR Ga Se on the port TXMcast Displays the number of Multicast packets transmit ted on the port TXBcast Displays the number of Broadcast packets transmit ted on the port H 9 0 0 H 0 0 H 0 H 177 RMON Remote Network Monitoring or RMON is used for sup port monitoring and protocol analysis of LANS by en abling various network monitors and console systems to exchange network monitoring data through the Switch Event List The Event List defines RMON events on the Switch mich Event List Index o Enter the entry number for Event Event Type Community Select the event type e Log The event is a log entry e SNMP Trap The event is a trap e Log amp Trap The event is both a log entry and a trap Enter the community to which the event bel ogs Description Displays the number of good broadcast pack ets received on the interface 178 Displays the time that event occurred Owner Enter the switch that defined the event Event Log Table Event Log Table Select the index of the Even
156. t Cost for the MST instance Designated Displays the bridge identifier of the bridge Bridge with the Designated Port It is made up using the bridge priority and the base MAC address of the bridge Root Port Displays the port that accesses the designat ed root for MST instance Configuration This name uniquely identifies the MSTI Multi Name ple Spanning Tree Instance Enter a descrip tive name up to 32 characters for an MST region The default is the MAC address name of the device running MSTP 100 MST ID Displays the ID of the MST that is created VLAN List Enter the VLAN ID to associate with the MST ID Select the bridge priority value When Switches or bridges are running STP each is assigned a priority The default value is 32768 The range is from 0 61440 The bridge priority value is provided in increments of 4096 Regional Root Displays the bridge ID for the selected MST Bridge instance Internal Root Displays the path cost to the designated root Cost for the MST instance Designated Displays the bridge ID of the root bridge Bridge Root Port Displays the port that accesses the designated root for MST instance Configuration Name Configuration Reversion This name uniquely identifies the MSTI Multi ple Spanning Tree Instance Enter a E tive name up to 32 characters for an MST region The default is the MAC address name of the device running MSTP This value along
157. t DSCP Mapping feature to specify which internal traffic class to map to the corresponding DSCP values DSCP Mapping increases the number of definable priority levels by reallocating bits of an IP packet for prioritization purposes DSCP Mapping System DSCP Queue lt L2 Feature 15 RUN ee amp Management 0 1 AC ACL A 1 amp QoS 2 1 Global Settings CoS Mapping 3 1 DSCP Mapping _ A 1 Port Settings Bandwidth Control 5 Storm Control ET 6 1 AR Secunty 1 amp Monitorning a 8 2 Diagnostics 9 2 E 10 2 11 2 DSCP Differentiated Displays the packet s DSCPvalues Services Code Point where O is the lowest and 10 is the highest Check the CoS priority tag box and select the Queue values for each DSCP in the provided fields Eight traffic priority queues are supported and the field values are from 1 8 where one is the lowest priority and eight is the highest priority Click Apply to save the changes to the system 158 parameters are defined From here you can configure the QoS port settings for CoS Class of Service Select the CoS priority tag values the Switch Select a port you wish to set and choose where 0 is the lowest and 7 is the high a CoS value from the drop down box Next Select to Select Enable to trust any CoS packet Enable or Disable the Trust setting to let any CoS marking at ingress and select Disable packet be marked at ingress to not trust any CoS p
158. t Log from the list From here you can view specific Event logs for the Switch Choose an Event log you wish to view fromt he Click the Apply button to accept the changes or the drop down list Cancel button e to discard them y Controller Switch Event Log Table System Select Event Index none gt L2 Feature i VLAN Management ACL QoS Security Monitoring Port Statistics RMON Event List Event Log Table Alarm List History List History Log Table Statistics Diagnostics 179 Alarm List Enter the entry number for the History Log Table You can configure Network alarms to occur when a net SE dis Select K port from which the work problem is detected Choose your preferences for OR et Sample Variable Select the variable of samples for the speci fied alarm sample Sample Interval Enter the alarm interval time Sample Type Select the sampling method for the selected variable and comparing the value against the thresholds e Absolute Compares the values with the thresholds at the end of the sam pling interval e Delta Subtracts the last sampled value from the current value the alarm from the drop down boxes Alarm List Sample Rising Falling Index Sampla Port Sample Variable Interval Sample Type Threshold Threshold Rising Evant Falling Event Ovnar OropE Absolute D OI Fort Statistics RMON Event List Event Log Table Alarm List History List E SS
159. t a DHCP server If your network has no DHCP service you must assign a Static IP address to your Switch in order to log in to the web based Switch management 1 Connect the supplied Power Cord to the Switch and plug the other end into an electrical outlet Verify the Power LED indicator is lit on the Switch Wait for the Switch to complete booting up It might take a minute or so for the Switch to completely boot up Connect one end of a Category 5 6 Ethernet cable into the Gigabit 10 100 1000 Ethernet port on the Switch front panel and the other end to Ethernet port on the computer Verify that the LED on Ethernet ports of the Switch are green Once your computer is on ensure that your TCP IP is set to On or Enabled Open Network Connections and then click Local Area Connecton Select Internet Protocol Version 4 TCP IPv4 H your computer is already on a network ensure that you have set it to a Static IP Address on the Interface 17 9 Example 192 168 0 10 and the Subnet mask address as 255 255 255 0 Open a web browser on your computer In the address bar of the web browser enter 192 168 0 239 and click Enter A login screen will appear By default the username isadmin andthe passwordis password Enter the current password of the Switch and then click Login To make access to the web based management interface more secure it s highly reccomended that you change the password to something more unique
160. t in repetitious p2p mac A P2P port must operate in full duplex Like cycles that needlessly consume network bandwidth edge ports P2P ports transition to a forwarding which then significantly reduce network performance state rapidly thus benefiting from RSTP Enable P2P for the device to establish a point to point With STP you can set It up on a port per port basis link or specify for the device to automatically to to further help configure your network topology establish a point to point link Select Yes or No The Switch allows each port to have its own spanning from the list for point to point P2P tree and so will require some of its own configuration Yes Restricted in that a P2P port must settings operate in full duplex configure Migration When operating in RSTP mode enable this External Path This defines a metric that indicates the Start function to force the port to use the new MST Cost relative cost of forwarding packets to RST BPDUs and restart the migration delay the specified port list The port cost can timer be set automatically or as a metric value The default value is O auto Setting O for the external cost will automatically set the speed for forwarding packets to the specified port s in the list for optimal efficiency The default port cost for a 100Mbps port is 200000 and the default port cost for a Gigabit port is 20000 Enter a value between 1 and 200000 000 to determine the External Cost
161. t meet the ACL criteria Destination MAC Enter the destination MAC address Value Destination MAC Enter a MAC address mask for the Wildcard Mask destination MAC address A mask of 00 00 00 00 00 00 means the bits must be matched exactly ff ff ff ff ff ff means the bits are irrelevant Any combination of Os and ffs can be used Source MAC Wild Enter a MAC address mask for the card Mask source MAC address A mask of 00 00 00 00 00 00 means the bits must be matched exactly ff ff ff ff ff ff means the bits are irrelevant Any combination of Os and ffs can be used VLAN ID Enter the VLAN ID to which the MAC ad dress is attached in MAC ACE The range is from 1 4094 802 1p Value Enter the 802 1p value The range is from 0 7 Ethertype Value Selecting this option instructs the Switch to examine the Ethernet type value in each frame s header This option can only be used to filter Ethernet II formatted packets A detailed listing of Ethernet protocol types can be found in RFC 1060 A few of the more common types include 0800 IP 0806 ARP and 8137 IPX 147 IPv4 ACL This page displays the currently defined IPv4 based ACLs profiles To add a new ACL click Add and enter the name of the new ACL IPv4 ACL Le System lt L2 Feature Index Name 3 VLAN char 1 32 v Q0 amp Management Z ACL MAC ACL MAC ACE IPv4 ACL IPv4 ACE IPv6 ACL IPv6 ACE ACL Binding 4 QoS Security amp Monitori
162. test results e Open A cable is not connected to the port e OK A cable is connected to the port Cable Length A BI Displays the approximate cable length C and D To verify accuracy of the test it is reccomended that you run multiple tests in case of a test fault or user error Click Test to perform the cable tests for the selected port 190 Ping Test The Packet INternet Groper Ping Test allows you to verify connectivity to remote hosts The Ping test operates by sending Internet Control Message Protocol ICMP request packets to the tested host and waits for an ICMP response In the process it measures the time from transmission to reception and records any packet loss Send a ping request to a specified IPv4 address Check whether the Switch can communicate with a particular network host before testing 400 x x or hostname 1 5 Default 4 1 51 Default 1 8 51201 Default 58 191 Ping Test Settings You can vary the test parameters by entering the data in the appropraite boxes To verify accuracy of the test it is reccomended that you run multiple tests in case of a test fault or user error IP address Enter the IP address or the host name of the station you want the Switch to ping to Count Enter the number of ping to send The range is from 1 5 and the default is 1 Interval Enter the number of seconds between pings sent The range is from 1 5 and the default is 4 Enter the
163. tic or DHCP for the IPv6 State Next enter the information for the IP address range and gateway 70 IPv6 State Select whether you wish to enable Auto Configuration DHCPv6 Client or Static for the IPv6 address Auto Configuration Use this option to set the IPv6 address for the IPv6 network interface in Auto Con figuration The Switch will automatically generate and use a globally unique IPv6 address based on the network prefix and its Ethernet MAC address DHCPVv6 Client This enables the IP address to be config ured automatically by the DHCP server Select this option if you have an IPv6 DHCP server that can assign the Switch an IPv6 address Prefix and a default gate way IP address Static Allows the entry of an IPv6 address Pre fix and a default gateway for the Switch Select this option if you wish to assign static IPv6 address information to the Switch IPv6 Address This field allows the entry of an IPv6 address Prefix to be assigned to this IP interface Gateway Set the default gateway IPv6 address for the interface Enter the default gateway IPv6 address Apply Click APPLY to update the system settings System Time Use the System Time screen to view and adjust date and time settings The Switch supports Simple Network Time Protocol SNTP SNTP assures accurate network device clock time synchronization up to the millisecond Time synchronization is performed by a network SNTP server T
164. timer will be reset and stop The range for aging time is from 1 65535 minutes The default is 1440 minutes Rematk Cos 2 1p Aging Time 144 Apply Click Apply to update the system settings 129 OUI Settings The Switches determines whether a received packet is a voice packet by checking its source MAC address VoIP traffic has a preconfigured Organizationally Unique Iden tifiers OUI prefix in the source MAC address You can manually add specific manufacturer s MAC addresses and description to the OUI table All traffic received on the Voice VLAN ports from the specific IP phone with a listed OUI is forwarded on the voice VLAN D Controller Swich OUI Settings D System Index OUI Address Description lt L2 Feature 4 0 E0 M e 8 Som EE ICON e amp 802 1Q 2 00 03 68 Cisco 8 6 Ge 3 00 E0 75 Ventel 5 6 Management VLAN ae 4 00 D0 1E Pingte e 6 a Voice VLAN Global Settings 5 00 01 E3 Siemens c OUI Settings 6 00 60 59 NEC Philips e 6 Port Settings 7 00 0F E2 H3C e amp Management ch g Z ACL 8 00 09 6E Avaya D 4 QoS P Security amp Monitoring ZA Diagnostics Port Enter the OUI to the Voice VLAN The following OUI are enabled by default The following OUI are enabled by default e 00 0 BB Assigned to 3COM IP Phones e 00 03 6B Assigned to Cisco IP Phones e 00 0 75 Assigned to Veritel IP Phones e 00 D0 1E Assigned to Pingtel IP Phones e 00 01 3 A
165. tion Index Port vib MAC Address fl f E v Mirror Settings gt STP 4 MAC Address Table Static MAC Address Dynamic MAC Address LLDP gt IGMP Snooping gt MLD Snooping s VLAN amp Management 7 ACL QoS Security amp Monitoring W Diagnostics To access the page click Static MAC Address under L2 Features Displays the index for the Static MAC Address table Port Select the port where the MAC address entered in the previous field will be automatically forwarded VID Enter the VLAN ID on which the IGMP snooping querier is administratively enabled and for which the VLAN exists in the VLAN database MAC Address Enter a unicast MAC address for which the switch has forwarding or filtering information Click the Apply button to accept the changes or the Cancel button to discard them 104 Dynamic MAC Address The Switch will automatically learn the device s MAC address and store it to the Dynamic MAC address table If there is no packet received from the device within the aging time the Switch adopts an aging mechanism for updating the tables from which MAC address entries will be removed from related network devices The Dynamic MAC Address Table shows the MAC addresses and their associated VLANs learned on the selected port h Global Settings Apply Displays the index for the Dynamic MAC Address table Select the port to which the entry refers VID Displa
166. tion dialog will be displayed 2 Click OK to continue or Cancel to abort the changes PVID When an Untagged packet enters a Switch port the PVID D ortroter gun PID Port VLAN ID will be attached to the untagged packet System oon SE cuties ee and forward frames to a VLAN specified VID part of the sims Ta Esser PVID A packet received on a given port would be assigned ET nm 1 ALL Enabled that port s PVID and then be forwarded to the port that a 2 1 ALL Enabled corresponded to the packet s destination address If the Voice VLAN E ge Gong PVID of the port that received the packet is different from ns s e ema the PVID of the port that is to transmit the packet the an me SE Switch will drop the packet Within the Switch different P Security i i SE PVIDs mean different VLANs so VLAN identification based sie E upon the PVIDs cannot create VLANs that extend outside x eng ops a given Switch If no VLANs are defined on the Switch all Se SS ports are then assigned to a default VLAN with a PVID Ao n ALL Enabled 12 1 ALL Enabled equal to 1 Note To enable PVID functionality the following requirements must be met e All ports must have a defined PVID e f no other value is specified the default VLAN PVID is used e f you wish to change the port s default PVID you must first create a VLAN that includes the port as a member 126 Displays the VLAN ID to which the PVID tag is assigned Config
167. to accept the changes or the Cancel button oe to discard them Dynamic Link Aggregation Link Aggregation Control Protocol LACP Link Aggregation Control Protocol LACP allows the exchange of information with regard to the link aggregation between the two members of aggregation This information will be packetized in Link Aggregation Control Protocol Data Units LACDUs The trunk group can be configured as an active or passive LACP Passive The port prefers to not transmit LACPDUs The port will only transmit LACPDUs when its counterpart uses an active LACP A preference not to speak unless spoken to Active The port prefers to transmit LACPDUs regardless of whether its counterpart uses passive LACP or not A preference to speak regardless 83 LACP Link Aggregation Control Protocol Settings Switch LACP Settings Settings Assign a system priority to run with Link Aggregation Control Protocol LACP and is become for a backup link if a link goes down The lowest system priority is al lowed to make decisions about which ports it is actively Participating in in case a link goes down If two or more ports have the same LACP port priority the port with the lowest physical port number will be selected as the backup port If a LAG already exists with the maximum number of allowed port members and LACP is subse quently enabled on another port using a higher priority than an existing member the newly configur
168. uplex Remote Device a MAC opozerensec Wer wn Test AP S9 Disabled Disabled gt IGMP Snooping 109 Displays the port Chassis ID Subtype Displays the chassis ID type Chassis ID Displays the chassis ID of the device that is transmitting the LLDP frame Port ID Subtype Displays the port ID type Displays the Remote ID System Name Displays the administratively assigned device name Displays the time Auto Negotiation Supported Displays state for the Auto Negotiation Supported Auto Negotiation Enabled Displays state for the Auto Negotiation Enabled Auto Negotiation Advertised Displays the type of Auto Capabilities Negotiation Advertised Capabilities Operational MAU Type Displays the type of MAU 802 3 Maximum Frame Size Displays the size of 802 3 Maximum Frame 802 3 Link Aggregation Displays the 802 3 Link Capabilities Aggregation Capabilities 802 3 Link Aggregation Status Displays the status of 802 3 Link Aggregation 802 3 Link Aggregation Port ID Displays the port ID of 802 3 Link Aggregation Aggregated links can be set up manually or automatically Select Static or LACP for the Link Aggregation type e Static The Link Aggregation is configured manually for the specified trunk group e LACP The Link Aggregation is configured dynamically for the specified trunk group Link Aggregation Mirror Settings STP MAC Address Table 4 LLOP Global Settings
169. ure the PVID to assign untagged or tagged frames received on the selected port PVID Enter the PVID value The range is from 1 4094 Accept Type Select Tagged Only and Untagged Only from the list e Tagged Only The port discards any untagged frames it s receives The port only accepts tagged frames e Untagged Only Only untagged frames received on the port are accepted e All The port accepts both tagged and untagged frames Ingress Filtering Specify how you wish the port to handle tagged frames Select Enabled or Disabled from the list e Enabled tagged frames are discarded if VID does not match the PVID of the port e Disabled All frames are forwarded in accordance with the IEEE 802 10 VLAN Click APPLY to update the the system settings 127 Management VLAN The Management VLAN allows users to transfer the authority of the Switch from the default VLAN to other VLAN IDs By default the active management VLAN ID is 1 which allows an IP connection to be established through any port When the management VLAN is set to a different VLAN connectivity through the existing management VLAN is lost and an IP connection can be made only through a port that is part of the management VLAN It is also mandatory that the port VLAN ID PVID of the port to be connected in that management VLAN be the same as the management VLAN ID Swich Management VLAN Settings Management VLANID 1 ei Manageme
170. used to exchange management information between a network management system NMS and a network device A manager station can manage and monitor the Switch through their network via SNMPv1 vec and v3 An SNMP managed network consists of two components agents and a manager An agent translates the local management information from the managed Switch into a form that is compatible with SNMP SNMP allows a manager and agents to communicate with each other for the purpose of accessing Management Information Bases MIBs SNMP uses an extensible design where the available information is defined by MIBs MIBs describe the structure of the management data of a device subsystem they use a hierarchical namespace containing Object Identifiers OID Each OID identifies a variable that can be read or set via SNMP The manager is the console through which network ad ministrators perform network management functions Several versions of SNMP are supported They are v1 vec and v3 SNMPv1 which is defined in RFC 1157 A Simple Network Management Protocol SNMP is a stan dard that defines how communication occurs between SNMP capable devices and specifies the SNMP message types Version 1 is the simplest and most basic of ver sions There may be times where it s required to support older hardware SNMPv2c which is defined in RFC 1901 Introduction to Community Based SNMPv2 RFC 1905 Protocol Operations for Version 2 of the Si
171. val Enter the amount of time in sec onds between general query transmissions The default is 125 seconds 114 10 Max Response Opor Max Response Lost Member Query Oper Last Merter Los Member Query Oper Lost Member Interval Interval Counter 0 Interval Oper interval I Query Interval lt Oper Interval Displays the IGMP Interval of the operational querier Link Aggregation 125 d 10 2 2 1 Mirror Settings f Lx Max Response Enter the maximum response Interval time used in the queries that are ne sent by the snooping querier EP Sege Global Settings The default is 10 seconds Oper Max Response Display the maximum response Interval time which used in the queries that are sent by the snooping querier Last Member Query Counter Enter the number of the opera tional last member querier Oper Last Member Enter the number of IGMP Query Counter group specific queries sent before the switch assumes there i are no local members Click the Apply button v to accept the changes or the Last Member Displays the Operational Last Cancel button oe to discard them Query Interval Member Query Interval sent by the elected querier Oper Last Member Enter the time between two Query Interval consecutive group specific que ries that are sent by the querier VLAN Settings including those sent in response to leave group messages You might lower this interval to re duce the amount of time
172. wireless clients to reconnect frequently The range is from 90 dBm 60 dBm The Guest Network feature allows administrators to grant Internet connectivity to visitors or guests while keeping other networked devices and sensitive personal or company information private and secure Fast Handover Guest Network 46 4 Advanced Settings Band Steering Enable Disable NOTE In order for Band Steering function to work property both 2 4GHz and SCH SSID and Security Settings must be the same Band Steering Fast Handover Enable Disable dBm Range 90dBm 60dBm Status RSSI NOTE Setting the RSSI value too low may cause wireless clients to reconnect frequently Manual IP Settings IP address Specify an IP address for the Guest Network Subnet Specify the Subnet mask IP address for the Guest mask Network Starting IP Specify the starting IP address range for the address Guest Network Ending IP Specify the ending IP address range for the address Guest Network WINS Server Specify the Windows Internet Name Service IP WINS Server IP address for the Guest Network WINS is Microsoft s implementation of NetBIOS Name Service NBNS a name server and service for NetBIOS computer names Automatic DHCP Server Settings Starting IP Enter the staring IP adrress that you would like address to use Ending IP address Enter the final IP address that you would like to u se WINS Se
173. witch on the LAN Use a Radius server to authenticate users trying to access a network by relaying Extensible Authentication Protocol over LAN EAPOL packets between the Client and Server The Radius server maintains a user database which contains authentication information The Switch passes information to the configured Radius server which can authenticate a user name and password before authorizing use of the network 167 ontroler Swich Radius Server Index Server IP Authorized Accounting Port Po Key String Timeout Reply Retry Server Priority Dead Timeout Ka Displays the index for which RADIUS Server is displayed default port is 1812 this Switch Key String Enter the Key String used for encrypting all RADIUS communication between the device and the RADIUS server Server IP Timeout Reply Enter the amount of time the device waits for an answer from the RADIUS Server before switching to the next server The default value is 3 Retry Enter the number of transmitted requests sent to the RADIUS server before a failure occurs The default is 3 Enter the priority for the RADIUS server Dead Timeout Enter the amount of time that the RADIUS Server is bypassed for service requests The default value is 0 Click the Apply button to accept the changes or the Cancel button to discard them 168 Access HTTP Service Select whether HTTP Service for the Switch is Enabled or Disabled
174. with the Configuration Name identifies the MSTP region configured on the Switch Devices must have the same revision number to belong to the same region 101 MST Regional Root Internal Root Designated Root ID VLAN List Priority Bridge Cost Bridge Port 1 32768 x oie 0 Click the Apply button _ to accept the changes or the Cancel button o to discard them MST Port Settings This page displays the current MSTI configuration information for the Switch From here you can update the port configuration for an MSTI ID If a loop occurs the MSTP function will use the port priority to select an interface to put into the forwarding state Seta higher priority value for ports you wish to be selected for forwarding first In instances where the priority value is identical the MSTP function will implement the lowest MAC address into the forwarding state and other interfaces will be blocked Note that a lower priority values mean higher priorities for forwarding packets Internal Path Cost Cont Pon Port Internal Path Regional Root Internal Root Designated 7 Internal Port Cost Role State MSTID Port Priority Cost Oper Bridge Bridge IRL 102 Displays the ID of the MST group that is created A maximum of 15 MST ID groups can be set for the Switch Displays port or trunked port ID Priority Select the bridge priority value for the MST When Switches or bridges are running STP each is assigned a priority After exchanging
175. x B IC Interference Statement Industry Canada Statement This device complies with RSS 210 of the Industry Canada Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation Ce dispositif est conforme la norme CNR 210 d Industrie Canada applicable aux appareils radio exempts de licence Son fonctionnement est sujet aux deux conditions suivantes 1 le dispositif ne doit pas produire de brouillage pr judiciable et 2 ce dispositif doit accepter tout brouillage re u y compris un brouillage susceptible de provoquer un fonctionnement ind sirable Caution a i the device for operation in the band 5150 5250 MHz is only for indoor use to reduce the potential for harmful interference to co e channel mobile satellite systems ii high power radars are allocated as primary users i e priority users of the bands 5250 5350 MHz and 5650 5850 MHz and that these radars could cause interference and or damage to LE LAN devices Avertissement i les dispositifs fonctionnant dans la bande 5150 5250 MHz sont r serv s uniquement pour une utilisation l int rieur afin de r duire A les risques de brouillage pr judiciable aux syst mes de satellites mobiles utilisant les m mes canaux ii De plus les utilisateurs devraient aussi tre avis s que les utilisateurs
176. ys the VLAN ID corresponding to the MAC address MAC Address Displays the MAC addresses that the Switch learned from a specific port Click the Apply button to accept the changes or the Cancel button oe to discard them 105 LLDP Link Layer Discovery Protocol LLDP is the IEEE 802 1AB standard for Switches to advertise their identity major capabilities and neighbors on the 802 LAN LLDP allows e users to views the discovered information to identify Cu system topology and detect faulty configurations on the LAN LLDP is essentially a neighbor discovery protocol that uses Ethernet connectivity to advertise information to devices on the same LAN and store information about the network The information transmitted in LLDP advertisements flow in one direction only from one device to its neighbors This information allows the device to quickly identify a variety of other devices resulting in a LAN that interoperates smoothly and efficiently Switch Global Settings LLDP transmits information as packets called LLDP Data Units LLDPDUs A single LLDP Protocol Data Unit LLDP PDU is transmitted within a single 802 3 Ethernet frame A basic LLDPDU consists of a set of Type Length Value elements TLV each of which contains information about the device A single LLDPDU contains multiple TLVs TLVs are short information elements that communicate complex data Each TLV advertises a single type of information 106
Download Pdf Manuals
Related Search