Use`s Manual - PLANET Technology Corporation.
Contents
1. oup Policy Application Port Indicates the port assigned to send and receive all traffic for particular multicast groups m Index Field in the index number that mapping to the multicast group A port can be assigned up to 24 static Multicast groups O means to delete all policy IGMP Group Policy a TE g ER Elements means to delete all policy porti w a Port Index Configure Sample 1 OY QA oS oN Select the Index field in the Set IGMP Group Policy Table in this case filed in index 1 with Multicast Group 239 1 1 1 Click on the OK button to save The Multicast Group entry will be add to the IGMP Group Policy Table Select the specific port that will be assigned to force accept static Multicast Group stream Field in the Index number that assigned with 239 1 1 1 For this case Select Port 1 with index 1 Click on the Add button to take effect 82 User s Manual of WSD 800 WGSD 910 IGMP Group Policy Index 1 24 Multicast Group 83 User s Manual of WSD 800 WGSD 910 4 9 5 Static Routing Port This function is to configure ports to be the member of IGMP Groups in VLANs To do this fill the Port List field and the VID field for the static routing and click on the Add button to save Static Routing Port Static Routing Port Configuration Port Listie g 1 3 7 V2. 9 Modify the System priority and Stack name if necessary At this sample we change the Stack name of the Client to Switch 2 10 Click OK if the configuration is down 11 Please use a UTP cable to uplink together through its Ethernet interface 12 Back to login the WEB main screen of Master switch then you can see two WGSW 2840 stacks together from its web interface The following screen appears I Al Ta A St Seiki PEE Vi Be 2 AA DPLANET 44444 44 20005000 HL a ee Bone ma IP Stacking Syalali z Fon Managsmam q po ds Turret mace haste pe REadamianey AAA mee m se pe fais e be oe densa tact status Enada iE Security ha peel A ee ee Msi ei A l tr mal Raga y as ELLA rere IP Skedirg group plone svalch Miuldrast o oe T I Eyabem Eriarky Entidad bla a IF zatk ng Ba Hr ES LLT f Kitima eii Spack namas Seit k i UP Stacking ne 13 After setup complete please go to system and choose Saving parameters to save current configuration The following screen appears 92 User s Manual of WSD 800 WGSD 910 PLANET A at Se e Moms E A E Paramsters Saving ja Sl r a al Da TFA doren i a he usereiiar el 23 e all sour para etar on Use seta After SLIP arre ha swith sll tha parameters sre shil vale Facer wi DOF GOLE es E
3. 802 16 Priority 0 7 Cos 0 4 a a Bu 802 10 Priority D 1 1 2 3 3 3 A es ne 5 5 6 6 7 7 4 Port COS Mapping QoS settings allow customization of VLAN ID to Traffic classifiers 1 Fill the Port List e g 1 3 7 field in the port based QoS Configuration Table 2 Fill the mapping number in the CoS 0 7 field 3 Click on the OK button to save Port based Qos en ee ety ga Sore 1 att fa A 1 g a ELSI g E Cos 0 7 5 COS Queue Mapping 1 Fill the CoS 0 7 field in the CoS Queue Mapping Configuration Table 2 Fill the mapping number in the Queue 0 3 field 3 Click on the OK button to save 75 User s Manual of WSD 800 WGSD 910 Cos Queue Mapping 0S Queue Mapping Configuration Cos 0 4 Queue 0 3 6 Queue Management There are two rules for the Priority Queue Weighted Round Robin WRR and Always Hight To configure Queue Rule select the Queue Policy drop down menu in the Queue Rule Configuration table And Click on the OK button to save Queue Policy WRR If the WRR was chosen as the Queue Policy the page would show in the main page Queue Management Queue Policy WRR QUEUE 3 QUEUE 2 QUEUE 1 El Queue 76 User s Manual of WSD 800 WGSD 910 4 9 Multica
4. Query Received Start Timer ccc i Delaying Member Idle Member Report Received Stop Timer E Timer Expried o Send report gt 5 IGMP State Transitions 4 9 2 IGMP Snooping Configuration The default status of the IGMP Snooping function is disabled To turn on the IGMP Snooping select Enable of the IGMP Snooping Status field and click on the OK button to save The following fields can be set for IGMP Port Policy configuration m Immediate Leave Indicates the port which will be limited for the accepted IGMP groups Forwarding all leave pkt Use to limit the number of IGMP groups that an interface can accept The possible value as following 78 User s Manual of WSD 800 WGSD 910 IGMP Snooping Configuration IGMP Snooping Status Enable e leave E F A E E ca Forwarding all leave pkt Enable v Multicast 4 9 3 IGMP Port Policy For the security and management issue the Switch is allowed to limiti the number of multicast groups by a specific port With system default setting all the learned Multicast groups are accepted and forwarded Atter the IGMP Port Policy be configured on a specific port the Switch will restrict the number of IGMP groups according to the parameter As the below drawing shows Switch Port 2 setup with IGMP Port Policy Port 2 IGMP Join 1 IGMP Port Policy Enable IGMP Join 2 Allow Group Number 4 IGM
5. Auto 1 port a Auto 1 O a E port Y Auto L T 62 User s Manual of WSD 800 WGSD 910 Auto enables 802 1X authentication and causes the port to begin in the unauthorized state allowing only EAPOL frames to be sent and received through the port It s a default status Force authorized disables 802 1X authentication and causes the port to transition to the authorized state without any authentication exchange required The port transmits and receives normal traffic without 802 1X based authentication of the client This is the default setting Force unauthorized causes the port to remain in the unauthorized state ignoring all attempts by the client to authenticate The switch cannot provide authentication services to the client through the interface Maximum account number the biggest user s quantity of passing authentication under this port set 1 gt Only one user can pass this authentication gt The second user is unable to carry on authentication on this port The max value is 32 Current account number show the current user who passed authentication under one port 2 Enter 802 1X Local Authenticate to set legitimate user information In the local server model the need for each port through the establishment of the legitimate user authentication information available As Figure2 45 802 1 Local Authenticate Local Authenticate Configuration Username i sts portiezpr
6. E Ss War aseract Hael rn paa AnS oming P aramalara Back ik Fe ee Day Trai listu Tibok Po Marsan 14 Rediandanoy pa Miira Pi Fur Aialyaite ad a m I Le ar mn a i i i i i i i a a i i i i i a i a i a a ee a a ee a a a a a a a a a ee ee ee Oul X l y Dor Please do not assign role for whole stack member Switch as client it cannot detect the Master device with minimum MAC address o oo ooo oo o o o oo oo oo ooo o ooo oo o oo oo oo oo o oo oo o o ooo oo oo ooo oo oo oo o oo o oo oo ooo o o oo oo o oo oon oo o o o o oo oos o oo o o o o o 93 User s Manual of WSD 800 WGSD 910 5 TROUBLE SHOOTING This section is intended to help you solve the most common problems on the WSD 800 WGSD 910 Managed Ethernet Switch 5 1 Incorrect connections The switch port can auto detect straight or crossover cable when you link switch with other Ethernet device For the RJ 45 connector should use correct UTP or STP cable 10 100Mbps port use 2 pairs twisted cable If the RJ 45 connector is not correct pin on right position then the link will fail For fiber connection please notice that fiber cable mode and fiber module should be match 5 1 1 Faulty or loose cables Look for loose or obviously faulty connections If they appear to be OK make sure the connections are snug IF that does not correct the problem try a different cable 5 1 2 Non standard cables Non sta
7. J Portcast 19 Portcast 19 LAN 2 ALAN gt Before Applying the STA Rules In this example only the default STP values are used 44 User s Manual of WSD 800 WGSD 910 LAN 11 A f Port 3 q Root Bridge AA Port 1 Port 2 e y Designated Port Designated Port Root Port Root Port D B Porta C Pona po Designated Bridge lt 4 LAN 2 gt lt lt LAN 3 After Applying the STA Rules The switch with the lowest Bridge ID switch C was elected the root bridge and the ports were selected to give a high port cost between switches B and C The two optional Gigabit ports default port cost 4 on switch A are connected to one optional Gigabit port on both switch B and C The redundant link between switch B and C is deliberately chosen as a 100 Mbps Fast Ethernet link default port cost 19 Gigabit ports could be used but the port cost should be increased from the default to ensure that the link between switch B and switch C is the blocked link 4 6 2 Spanning Tree Configuration The Spanning Tree Protocol STP operates on two levels On the switch level the settings are globally implemented On the port level the settings are implemented on a per user defined Group of ports 1 Spanning Tree Configuration The Rapid Spanning Tree Bridge Configure table allows configuring the spanni
8. Revision PLANET Managed Ethernet Switch User s Manual FOR MODELS WSD 800 WGSD 910 REVISION 1 7 November 2007 Part No 2081 A92310 001 User s Manual of WSD 800 WGSD 910 Table of Contents INTRODUCTION iaa cateenele a a R 6 VA IPACKET CONTENTS ssatiendiiet beet a cuit diate ti iat ie o E 6 12 TOW GO USE THIS MANUAL daa 6 3 PRODUCT FEATURE cane a euaadntaaeaahal 7 Ne PRODUC TS PE Cl CARI ON A A 7 2 INSTALLATION o A ci 10 ZNPRODUCT DESCRIPTION AAA AA AR 10 2d e 010 VD A A asa oS O A a 10 PE WIC FIONEI ANE td di id alas 10 21 LEDINCI S dali laicidad cdi 11 2 14 SUS A A e Sa Nae oa a aia to 12 22 INSTALL THE OWITOH AA eal eetaiueiaaness 13 ZZ O SIAN A A A suite uinciat bake 13 2 2 2 TACK MOUNUNG ci A iii 14 22 3 Installing Me SFF WGNSCCIVEN ii A A Iii 15 3 CONSOLE MANAGEMENT cccccccccssssssssssssnccsscccssccccceeeessessesennnnnnnnneecococcooeesessesssessssessnnanaas 17 OAC ONNEC TING TO Tha Eso WNC Hrs iia 17 3 2 LOGIN IN TEE CONSOLE INTERFACES ndo 17 3 3 CONSOLE MANAGEMENT cola 18 3A TENE Te HO GIN aaa aia ot 19 O ULA SR mn O ee 19 35 STEVE Commando cis 19 O02 Peg COMMA A O A N 20 4 WEB BASED MANAGEMENT aooocccccncnccccccnnnnnnnnnnnnnnnnnnnnnnc cnn cnn nn nnrrnnnnnnn anna nnnrn nn nn nn rr nrnnnnnnnnnnnnna 26 4 1 ABOUT WEB BASED MANAGEMENT ccccccccccccecceececssssseessnsaceeeeceeeeeeceeeceeecesssusenssesaaaeeeeeeeeeeeeeeees 26 4 2 PREPARING FOR WEB MANAGEMENT ccccccccccccccc
9. Trunk Tag 1 2 3 4 Core 2840 m VLAN Group Membership VLAN ID VLAN Define Major Member VLAN 1 Public VLAN WGSW 2840_220 WGSW 2840_ 10 WGSW 2840_ 20 WGSW 2840_30 Server Network Printer_1 Network _Printer_2 VLAN 2 Client connect to Ports those be assigned to VLAN 2 at 192 168 0 10 switch Client connect to Ports those be assigned to VLAN 2 at 192 168 0 20 switch Client connect to Ports those be assigned to VLAN 2 at 192 168 0 30 switch VLAN 3 Client connect to Ports those be assigned to VLAN 3 at 192 168 0 10 switch Client connect to Ports those be assigned to VLAN 3 at 104 User s Manual of WSD 800 WGSD 910 192 168 0 20 switch Client connect to Ports those be assigned to VLAN 3 at 192 168 0 30 switch Client connect to Ports those be assigned to VLAN 4 at 192 168 0 10 switch Client connect to Ports those be assigned to VLAN 4 at 192 168 0 20 switch Client connect to Ports those be assigned to VLAN 4 at 192 168 0 30 switch WGSW 2840_192 168 0 222 Core Switch VLAN Configuration 192 168 0 222 VLAN Configuration WGSW 2840_192 168 0 10 Edge Switch VLAN Configuration 192 168 0 10 VLAN Configuration Ponte amago Ung 1 omega iones WGSW 2840_192 168 0 20 Edge Switch VLAN Configuration 192 168 0 20 VLAN Configuration Link Type PVID Link Partner Always Untag Untag 1 2 Ports Always Untag Untag 1 2 3 4 NtworkPrinter Tag 1 2 3 4 Core 2840 105 Us
10. User s Manual of WSD 800 WGSD 910 Connected 03 35 37 100 0 Mbps Received 110 212 126 Select Enable network access control using IEEE 802 1X to enable 802 1x authentication 3COM 30940 Properties General Authentication Advanced Select this option to provide authenticated network access for Ethernet networks Enable IEEE 602 1 authentication for this network MD5 Challenge unavailable EAP type Protected EAP FEAF e Protected EAP FEAF Smart Card or other Certificate Authenticate az computer when computer information le available Authenticate as quest when user or computer information is Select MD 5 Challenge from the drop down list box for EAP type Click OK When wireless client has associated with WSD 800 WGSD 910 a user authentication notice appears in system tray Click on the notice to continue 69 User s Manual of WSD 800 WGSD 910 EAN OK LL Wireless Network Connection x Chick hereto enter your user name and password For the retwork PLANET AP staid 9 Enter the user name password and the logon domain that your account belongs 10 Click OK to complete the validation process Wireless Network Connection User name test O Password Logon doman FAE LOCAL 70 User s Manual of WSD 800 WGSD 910 4 8 QoS 4 8 1 Understand QOS Quality of Service QoS is an advanced traffic prioritization featur
11. clear vlan 3 5 2 2 Copy command User s Manual of WSD 800 WGSD 910 Restore spanning tree port priority to default value Clear strom limit of all ports Reset cos queue map to default Reset dot1p cos map to default Clear qos map mac cos map Clear gos map vian cos map Clear radius share key Clear MAC filter entry Clear static MAC entry Clear snmp community entry Clear snmp trap management host Restore spanning tree parameters Clear trunk port from vlans Clear member from vlan Copy system configuration parameters to default value Clear strom limit of all ports Reset cos queue map to default Reset dot1p_cos map to default Clear qos map mac cos map Clear gos map vlan cos map Clear MAC filter entry Clear static MAC entry Clear snmp community entry Clear snmp trap management host Restore spanning tree parameters Clear trunk port from vlans Clear member from vlan Once the configuration is changed it remains the original after a reboot unless the configuration is saved Copy command is to save the current configuration to the flash this saves the configuration to next reboot Command copy config flash 3 5 2 3 Disable command Description Copy system configuration parameters to flash Disable command is to exit the privileged mode and back to the first level of command line interface Command Disable Description Disable privileged mode 21 3 5 2 4 Reboot command User s Manual of WSD 800
12. ports belong to the member VLANs are able to receive multicast traffic cross VLAN But they are not able to access each other 84 User s Manual of WSD 800 WGSD 910 E Static Routing Port and Multicast group VLAN member configue 1 Enable IGMP Snooping as the following screenshot IGMP Snooping IGMP Snooping Status Enable Immediate leave Disable Forwarding all leave pkt Enable Ok Multicast VIB Port 2 Assign the member VLANs which will receive Multicast group traffic cross different but source VLAN In this case we add VLAN 2 and VLAN 3 as the Multicast group memebers static Routing Port Port Listie g 1 3 7 VIDCVLAN O means All VLAN Add Multicast LAN Tunnel Enable Disable Multicast group member L4N ID 2 3 up to 28 memebers ok Port TIO WYLAN Name Type Delete 3 Assign the Static Routing Port here we assign Port 2 as the Static Routing Port of VLAN 6 As following screen appears 85 User s Manual of WSD 800 WGSD 910 MIT Multicast YLAN Tunnel E O Multicast VLAN Tunnel Tunnel gt CO Disable Multicast group member L N I0 a 3 up to 28 memebers Show Static Routing Port Table Port VID VLAN Name Type Delete porte 6 Ylang Static Delete Oor The Multicast group VLAN member must be configured first and then setup the Static Routing Port Or the functio
13. 0x11 Specific Group Membership Query if Group Address is Present 0x16 Membership Report version 2 0x17 Leave a Group version 2 0x12 Membership Report version 1 IGMP packets enable multicast routers to keep track of the membership of multicast groups on their respective sub networks The following outlines what is communicated between a multicast router and a multicast group member using IGMP A host sends an IGMP report to join a group 77 User s Manual of WSD 800 WGSD 910 A host will never send a report when it wants to leave a group for version 1 A host will send a leave report when it wants to leave a group for version 2 Multicast routers send IGMP queries to the all hosts group address 224 0 0 1 periodically to see whether any group members exist on their sub networks If there is no response from a particular group the router assumes that there are no group members on the network The Time to Live TTL field of query messages is set to 1 so that the queries will not be forwarded to other sub networks IGMP version 2 introduces some enhancements such as a method to elect a multicast queried for each LAN an explicit leave message and query messages that are specific to a given group The states a computer will go through to join or to leave a multicast group are shown below Non Member Leave Group Stop Timer Join Group Send Report Start Timer Leave Group
14. 2 seconds the hello message by the Switch Maximum Age Timer Measures the age of a received BPDU fora 20 seconds port and ensures that the BPDU is discarded when its age exceeds the value of the maximum age timer Forward Delay Timer The amount time spent by a port in the 15 seconds learning and listening states waiting for a BPDU that may return the port to the blocking state 39 User s Manual of WSD 800 WGSD 910 The following are the user configurable STP parameters for the port or port group level Variable Description Default Value Port Priority A relative priority for each 32768 port lower numbers give a higher priority and a greater chance of a given port being elected as the root port Port Cost A value used by STP to evaluate paths 19 100Mbps Fast Ethernet ports STP calculates path costs and selects the 4 1000Mbps Gigabit Ethernet ports path with the minimum cost as the active path Default Spanning Tree Configuration Feature Default Value Enable state STP enabled for all ports Port priority 128 Port cost 19 Bridge Priority 32 68 User Changeable STA Parameters The Switch s factory default setting should cover the majority of installations However it is advisable to keep the default settings as set at the factory unless it is absolutely necessary The user changeable parameters in the Switch are as follows Priority A Priority for the Switch can be set from 0 to 65535 0 is equal to the highe
15. Auto False Auto O Designated STP Forwarding O port 10 False False Suto False Auto Designated STP Forwarding 44 User s Manual of WSD 800 WGSD 910 4 6 3 Link Aggregation Link aggregation can be used to increase the bandwidth of a network connection or to ensure fault recovery Link aggregation lets you group up consecutive ports into a single dedicated connection between any two of the Switches or other Layer 2 switches However before making any physical connections between devices use the Link Aggregation menu to specify the link aggregation on the devices at both ends When using a port link aggregation note that The ports used in a link aggregation must all be of the same media type RJ 45 100 Mbps fiber The ports that can be assigned to the same link aggregation have certain other restrictions see below Ports can only be assigned to one link aggregation The ports at both ends of a connection must be configured as link aggregation ports None of the ports in a link aggregation can be configured as a mirror source port or a mirror target port All of the ports in a link aggregation have to be treated as a whole when moved from to added or deleted from a VLAN The Spanning Tree Protocol will treat all the ports in a link aggregation as a whole Enable the link aggregation prior to connecting any cable between the switches to avoid creating a data loop Disconnect all link aggregation port cab
16. Because of the existence of the PVID for untagged packets and the VID for tagged packets tag aware and tag unaware network devices can coexist on the same network A switch port can have only one PVID but can have as many VID as the switch has memory in its VLAN table to store them 49 User s Manual of WSD 800 WGSD 910 Because some devices on a network may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the transmitting port is connected to a tag aware device the packet should be tagged Default VLANs The Switch initially configures one VLAN VID 1 called default The factory default setting assigns all ports on the Switch to the default As new VLAN are configured in Port based mode their respective member ports are removed from the default VLAN and Trunk Groups In order to use VLAN segmentation in conjunction with port trunk groups you can first set the port trunk group s and then you may configure VLAN settings If you wish to change the port trunk grouping with VLAN already in place you will not need to reconfigure the VLAN settings after changing the port trunk group settings VLAN settings will automatically change in conjunction with the change of the port trunk group settings 4 7 1 2 VLAN Con
17. Because the packet is now a bit longer than it was originally the Cyclic Redundancy Check CRC must be recalculated Adding an IEEE802 1Q Tag Dest Addr Src Addr Length E type Old CRC Original Ethernet Dest Addr Src Addr E type Length E type New CRC New Tagged Packet Wg NI CFI VLAN ID Port VLAN ID Packets that are tagged are carrying the 802 1Q VID information can be transmitted from one 802 1Q compliant network device to another with the VLAN information intact This allows 802 1Q VLAN to span network devices and indeed the entire network if all network devices are 802 1Q compliant Every physical port on a switch has a PVID 802 1Q ports are also assigned a PVID for use within the switch If no VLAN are defined on the switch all ports are then assigned to a default VLAN with a PVID equal to 1 Untagged packets are assigned the PVID of the port on which they were received Forwarding decisions are based upon this PVID in so far as VLAN are concerned Tagged packets are forwarded according to the VID contained within the tag Tagged packets are also assigned a PVID but the PVID is not used to make packet forwarding decisions the VID is Tag aware switches must keep a table to relate PVID within the switch to VID on the network The switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet If the two VID are different the switch will drop the packet
18. Community Current Communities Communities private 8 Read Only Read Write Read 8 Read Only Read Write Read Write B A Det f The added string then shows in the Current Communities field e Current Communities show the list in input field 30 User s Manual of WSD 800 WGSD 910 Community Configuration 4dd Community Current Communities private Read Only Read only Read Write Delete fo 4 Management Station Configuration A trap manager is a management station SNMP application that receives traps the system alerts generated by the Switch If no trap manager is defined no traps are issued Create a trap manager by entering the IP address of the station and a community string Enter Network management stations IP address 192 168 0 53 for example Trap Community must be the same string as Add community Then click on Add button Management Station Configuration Sdd Management Station Current Management Stations IF Address 192 168 0 53 Trap Community private Delete The Current Management Stations field shows the trap list Management Station Configuration Add Management Station Current Management Stations 192 160 0 53 private IP Address rap Community Add Delete 4 4 3 Password The Password management menu is to set or change the password of the Web Management Interface Click on System Password menu button and the Modif
19. System Options This table is to define the system name system location and the contact person of the Switch These informations show in the SNMP software of the management workstation which helps to identify the Switch that is looking into There are three fields in the system options configuration block System Name The system name of the Switch which would show in the SNMP software System Location The system location of the Switch which would show in the SNMP software Contact The contact person of the Switch which would show in the SNMP software Fill the fileds and click on the OK button to save System Options System NamefWweD e0 System Location TAPE O Contact SYSTEM ADMINISTRATOR 3 Community Configuration Use this table to configure the SNMP community strings and define the policy of the relative string The community string acts like a password to permit access to the agent on the Switch One or more of the following characteristics can be associated with the community string Add Community enter private or public Chooses community strings for the Switch management access read only or read write E Read only Enables requests accompanied by this string to display MIB object information E Read Write Enables requests accompanied by this string to display MIB object information and to set MIB objects Complete the above steps and click on the Add button Community Configuration Add Add
20. The Switch also supports telnet for remote management The Switch asks for user name and password for remote login when using telnet please use admin for username and admin for password 3 5 Commands There are two levels for console commands The first level provides commands to show system informations and current configurations The second level privileged mode provides commands to set clear and show the configuration 3 5 1 First level commands The follow table lists the first commands and the equivalent usages Command enable show channel show console info show dow1x local userlnfo show dot1x state show igmp snooping group number show igmp snooping group policy show igmp snooping info show igmp snooping policy deny show ip http server show ip telnet server show ipstack info show mirror show multicast router show port counter show port dot1x show port mac learning show port rate shaping show port rstp extension show port spantree show port state show port storm limit show qos map cos queue map Description Enable privileged mode Show channel information Show console info Show dot1x local user information Show dot1x information show igmp snooping group limit Show igmp snooping group policy Show igmp snooping information Show igmp snooping policy deny Show http server information Show telnet server information Show ip stack information Show mirror information Show mul
21. WGSD 910 Reboot command is to reboot the Switch please beware to check if the configuration is saved Command Reboot 3 5 2 5 Set command Description Reboot system Set command is to change the parameter of the Switch functions The follow table lists the set commands and the equivalent usages Command set channel set default set dot1x auth mode set dot1x auth ctrl disable set dot1x auth ctrl enable set dot1x local userlnfo set dot1x max req set dot1x quiet period set dot1x reauth max set dot1x reauth mode set dot1x reauth period set dot1x servertimeout set dot1x supptimeout set dot1x tx period set enable password set igmp snooping disable set igmp snooping enable set igmp snooping forward all leave set igmp snooping group number set igmp snooping group policy set igmp snooping immediate leave set igmp snooping policy deny set ip http server disable set ip http server enable set ip telnet server disable set ip telnet server enable set ipstack enable Description Set ports to be channel Set system load default parameters Set dot1x auth mode Disable dot1x Enable dot1x Set dot1x local user information Max times of re transmit EAP request to Supplicant Quiet period in secondst Max times of re transmit Request ID before port become Unauthorized Enable or Disable reauthentication Period for automatic re authentication Authentication server timeout Timeout for supplicant Set
22. assign a priority label or tag to packets Compliant devices can also strip priority tags from packets This priority tag determines the packet s degree of expeditiousness and determines the queue to which it will be assigned Priority tags are given values from 0 to 7 with O being assigned to the lowest priority data and 7 assigned to the highest The highest priority tag 7 is generally only used for data associated with video or audio applications which are sensitive to even slight delays or for data from specified end users whose data transmissions warrant special consideration The Switch allows you to further tailor how priority tagged data packets are handled on your network Using queues to manage priority tagged data allows you to specify its relative priority to suit the needs of your network There may be circumstances where it would be advantageous to group two or more differently tagged packets into the same queue Generally however it is recommended that the highest priority queue Queue 1 be reserved for data packets with a priority value of 7 Packets that have not been given any priority value are placed in Queue 0 and thus given the lowest priority for delivery A weighted round robin system is employed on the Switch to determine the rate at which the queues are emptied of packets The ratio used for clearing the queues is 4 1 This means that the highest priority queue Queue 1 will clear 4 packets for every 1 packet clear
23. dot1x server timeout Set the password for the privileged level of the CLI Disable igmp snooping Enable igmp snooping Disable Enable forward all leave when fastleave is disabled Set number of goups that a port can join in Set igmp snooping group policy Disable amp Enable igmp snooping immediate leave Set igmp snooping policy deny Disable http server Enable http server Disable telnet server Enable telnet server Set ipstack enable me set ipstack disable set ipstack group set ipstack mac addr set ipstack mode set ipstack system priority set mirror set mirror capture port set mirror monitored port egress set mirror monitored port ingress set multicast router set password set port disable set port duplex set port enable set port flow control set port mcheck rstp set port point to point set port rate shaping egress set port rate shaping ingress set port rate shaping egress set port rate shaping ingress set port spantree lt port_num gt portco set port spantree lt port_num gt portfa set port spantree lt port_num gt portpr set port speed set port storm limit mode set port storm limit rate set port vlan type set gos map cos queue map set qos map dot1p cos map set qos map mac cos map set qos map port cos map set qos map vlan cos map set qos queue egress policy set radius key set radius server set rstp force version set security MAC aging set security filter MAC User s Ma
24. igmp snooping group policy Show igmp snooping information Show igmp snooping policy deny 24 show igmp snooping show ip http server show ip telnet server show ipstack info show mirror show multicast router show port counter show port dot1x show port mac learning show port rate shaping show port spantree show port state show port storm limit show qos map cos queue map show qos map dot1p cos map show qos map mac cos map show qos map port cos map show qos map vlan cos map show qos queue egress policy show radius show security MAC aging show security filter MAC show security mac learning show security static MAC show snmp show snmp rmon show spantree show syntax show system show trunk show version show vlan User s Manual of WSD 800 WGSD 910 Show igmp snooping information Show http server information Show telnet server information Show ipstack info Show mirror information Show multicast router port information Show port counter information Show dot1x information Show MACs on certain port Show port ingress and egress rate shaping Show spantree information on ports Show port infomation Show port storm limit mode and rate Show qos map cos queue map Show qos map cos queue map Show qos map mac cos map Show each port s cos Show qos map vlan cos map Show qos queue egress policy Show radius information Show MAC aging time Show MAC filter entry Show port security status Show static ma
25. in MAC address of the switch Stack name Identify the name at a IP Stack group The entry will be displayed at the Master switch management Ul for Master and Client switches identify Following we ll show you how to configure the Master switch and Client switch e Master Switch configuration 1 Please enter into switch web main screen and choose Enable in Management status field It will enable the stack function of the switch and the following screen appears IP Stacking Current mode Master z Management status Enable Management mode Pisable_ ft 7 IP Stacking group plane _ Swi ch System priority 100 IPStacking MAC 00 30 4F 08 00 B1 Stack name Switch OK 2 Then assign a role to the WGSW 2840 as Master in Management mode field the following screen appears 90 User s Manual of WSD 800 WGSD 910 a 5 0 0 E E J e Current mode Master Management status Enable Master IP Stacking group planet_switch 3 im Ta iD D 5 cr 3 o aL iD System priority 100 IPStacking MAC 00 30 4F 08 00 61 l M Stack name Switch 3 Enter a
26. main page as show in the following Parameters Saving This operation will save all your parameters on the switch After reboot the switch all the parameters are still valid Save 4 4 7 Parameters Backup amp Recovery This function is to backup the running configuration to the workstation and to restore the configuration you had saved in the workstation Click on the System Backup amp Recovering menu button and the following table shows in the web main page Parameters Backup amp Recovery Backup the system s parameters Parameters Recovery The backup file s name Browse Recovering Status To backup the running configuration click on the Backup the system s parameters link and a pop up window shows to save the configuration of the Switch to your workstation To recover a saved configuration click on the Browse button in the Parameters Recovery table A pop up window would direct you to upload the configuration file 33 User s Manual of WSD 800 WGSD 910 4 4 8 Load Default This function is to reset the configuration of Switch to the factory default Click on the System Load Default menu button and the following table shows in the web main page Load Default Returns the switch configuration to the factory default settings AN After this operation you should reboot the Switch when the Switch has rebooted it will have the same configuration as when It was d
27. port a Auto 1 O port Y Auto 1 O Dor Set the Ports Authenticate Status to Force Authorized if the port is connected to the RADIUS server or the port is a uplink port that is connected to another switch Or once the 802 1X stat to work the switch might not be able to access the RADIUS server 5 Create user data That step is different of Local Authenticate the establishment of the user data needs to be created on the Radius Server PC For example the Radius Server founded on Win2000 Server and then 66 y Documents Windows Update CGN Ya 3408 Programs J Accessories Administrative Tools Documents L Snagit Startup Wink AR Search Les Zcom Internet Explorer Settings Help Outlook Express Run Shut Down User s Manual of WSD 800 WGSD 910 Active Directory Domains and Trusts Actiwe Directory Sites and Services e Snaglk Capture Preview Active Directory Users and Computers Component Services Computer Management Configure Your Server Data Sources ODBC Distributed File System Domain Controller Security Policy Domain Security Policy Event Viewer Licensing Local Security Policy Performance Routing and Remote Access Services Telnet Server Administration Enter Active Directory Users and Computers create legal user data the next right click a user what you created to enter properties and what to be noticed 67 User
28. rack please follows the instructions described below Step1 Place the Switch on a hard flat surface with the front panel positioned towards the front side Step2 Attach the rack mount bracket to each side of the Switch with supplied screws attached to the package Figure 2 5 shows how to attach brackets to one side of the Switch Figure 2 6 Attach brackets to the Switch You must use the screws supplied with the mounting brackets Damage caused to the parts by Caution using incorrect screws would invalidate the warranty Step3 Secure the brackets tightly Step4 Follow the same steps to attach the second bracket to the opposite side Step5 After the brackets are attached to the Switch use suitable screws to securely attach the brackets to the rack as shown in Figure 2 6 080000 EX 0088000 Figure 2 7 Mounting the Switch in a Rack Step6 Proceeds with the steps 4 and steps 5 of session 2 2 1 Desktop Installation to connect the network cabling and supply power to the Switch 14 User s Manual of WSD 800 WGSD 910 2 2 3 Installing the SFP transceiver The sections describe how to insert an SFP transceiver into an SFP slot The SFP transceivers are hot pluggable and hot swappable You can plug in and out the transceiver to from any SFP port without having to power down the Switch As the Figure 2 8 appears MGB SX LX yy 1000Base SX LX eg LC Fiber SS ES Figure 2 8 Plug in the SFP tran
29. s Manual of WSD 800 WGSD 910 i 5 Srta Dire TsInt rnetUser Properties E 21x i E Console MemberDr Diiin Envronment Sessions ii action wer Remote control Temmal Sennces Profile lh SENER Account Profe Telephones Organization f tee Active Direct Ep wireless Ganet com tw gt cal 3 Butki User Japit pame preside 200 com dala a a Demi Mv T rtemet ser Fo i T it aai Logon Haute Log On To at dolore an Account options 6 The last run your 802 1X Client 4 7 6 3 802 1X Client Configuration Windows XP is originally 802 1X support As to other operating systems windows 98SE ME 2000 an 802 1X client utility is needed The following procedures show how to configure 802 1X Authentication in Windows XP Please note that if you want to change the 802 1x authentication type of a wireless client i e switch to EAP TLS from EAP MD5 you must remove the current existing wireless network from your preferred connection first and add it in again e Configure Sample EAP MD5 Authentication 1 Goto Start gt Control Panel double click on Network Connections 2 Right click on the Local Network Connection 3 Click Properties to open up the Properties setting window 68 4 5 3COM 3C940 Status General Support Connection Statys Duration Speed Activity 143 Ch 146 938 60 Select Authentication tab
30. service level DiffServ Code Point DSCP is the traffic prioritization bits within an IP header that are encoded by certain applications and or devices to indicate the level of service required by the packet across a network Service Level defines the priority that will be given to a set of classified traffic You can create and modify service levels Policy comprises a set of rules that are applied to a network so that a network meets the needs of the business That is traffic can be prioritized across a network according to its importance to that particular business type QoS Profile consists of multiple sets of rules classifier plus service level combinations The QoS profile is assigned to a port s Rules comprises a service level and a classifier to define how theSwitch will treat certain types of traffic Rules are associated with a QoS Profile see above To implement QoS on your network you need to carry out the following actions 1 Define a service level to determine the priority that will be applied to traffic 71 User s Manual of WSD 800 WGSD 910 2 Apply a classifier to determine how the incoming traffic will be classified and thus treated by the Switch 3 Create a QoS profile which associates a service level and a classifier 4 Apply a QoS profile to a port s 4 8 2 QOS Configuration QoS settings allow customization of packet priority in order to facilitate delivery of data traffic t
31. string in the IP Stacking Group field the default string of the WGSW 2840 5240 is planet_switch This string must be the same with the Client switches that to be assigned to the same IP Stack group 4 Modify the System priority and Stack name if necessary At this sample we change the Stack name of the Master to Switch 1 5 Click OK if the configuration is down e Client Switch configuration 6 Please enter into Client switch web main screen and choose Enable in Management status field It will enable the stack function of the switch 7 Then assign a role to the WGSW 2840 as Client in Management mode field the following screen appears IP Stacking Management status Enable Management mode Client IP Stacking group System priarity 100 IPStacking MAC 08 58 F1 Ad AC 06 p 8 Enter a string in the IP Stacking Group field the default string of the WGSW 2840 5240 is planet_switch 91 User s Manual of WSD 800 WGSD 910 This string must be the same with the Master switch that to be assigned to the same IP Stack group IP Stacking Management status Enable Management mode Client IF Stacking group planet_switch IPStacking MAC 08 58 F 1 44 AC 06 OK
32. the header of a packet Untagging The act of stripping 802 1Q VLAN information out of the packet header 802 1Q VLAN Tags The figure below shows the 802 1Q VLAN tag There are four additional octets inserted after the source MAC address Their presence is indicated by a value of 0x8100 in the Ether Type field When a packet s Ether Type field is equal to 0x8100 the packet carries the IEEE 802 1Q 802 1p tag The tag is contained in the following two octets and consists of 3 bits of user priority 1 bit of Canonical Format Identifier CFI used for encapsulating Token Ring packets so they can be carried across Ethernet backbones and 12 bits of VLAN ID VID The 3 bits of user priority are used by 802 1p The VID is the VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLAN can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the packet is retained 48 User s Manual of WSD 800 WGSD 910 802 10 Tag User Priority CFI VLAN ID VID 3 bits 1 bits 12 bits TPID Tag Protocol Identifier TCI Tag Control Information Preamble Destination Source VLAN TAG Ethernet Data FCS Address Address Type 6 bytes 6 bytes 4 bytes 2 bytes 46 1517 bytes 4 bytes The Ether Type and VLAN ID are inserted after the MAC source address but before the original Ether Type Length or Logical Link Control
33. 02 1Q VLAN require tagging which enables them to span the entire network assuming all switches on the network are IEEE 802 1Q compliant VLAN allow a network to be segmented in order to reduce the size of broadcast domains All packets entering a VLAN will only be forwarded to the stations over IEEE 802 1Q enabled switches that are members of that VLAN and this includes broadcast multicast and unicast packets from unknown sources VLAN can also provide a level of security to your network IEEE 802 1Q VLAN will only deliver packets between stations that are members of the VLAN Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLAN allows VLAN to work with legacy switches that don t recognize VLAN tags in packet 47 User s Manual of WSD 800 WGSD 910 headers The tagging feature allows VLAN to span multiple 802 1Q compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLAN allow VLAN to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLAN to span multiple 802 1Q compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally Some relevant terms Tagging The act of putting 802 1Q VLAN information into
34. 22 VLAN Configuration WGSW 2840_192 168 0 10 Edge Switch VLAN Configuration 192 168 0 10 VLAN Configuration Ponie Amaya umaocrzoa nene WGSW 2840_192 168 0 20 Edge Switch VLAN Configuration 192 168 0 20 VLAN Configuration Link Type PVID Link Partner 102 User s Manual of WSD 800 WGSD 910 Ports Always Untag MIE Untag 1 2 3 4 NtworkPrinter WGSW 2840_192 168 0 30 Edge Switch VLAN Configuration 192 168 0 30 VLAN Configuration Port Link Type PVID Link Partner Port28 Trunk 1 Tag 1 2 3 4 Core 2840 103 User s Manual of WSD 800 WGSD 910 802 1Q VLAN Multi Untagged VLAN setting sample 3 lt 192 168 0 222 VLAN Configuration gt Link Type PVID Egress Link Partner 192 168 0 222 Always Untag 1 Untag 1 2 3 4 NetworkPrinter Trunk 1 Tag 1 2 3 4 2840 Trunk 1 Tag 1 2 3 4 Trunk 1 Tag 1 2 3 4 Server 192 168 0 101 Trunk 2 3 4 192 168 0 30 192 168 0 102 192 168 0 103 lt 192 168 0 20 VLAN Configuration gt lt 192 168 0 30 VLAN Configuration gt Port Link Type PVID Egress Link Partner Link Type PVID Egress Port Always Untag 2 Untag 1 2 PC Port Always Untag 2 Untag 1 2 PC Port2 Always Untag 3 Untag 1 3 PC Port2 Always Untag 3 Untag 1 3 PC Port3 Always Untag 1 Untag 1 2 3 4 NetworkPrinter Porta Always Untag 4 Untag 1 4 PC Port28 Trunk 1 Tag 1 2 3 4 Core 2840 Port28 Trunk 1 Tag 1 2 3 4 Core 2840 Portt Always Untag Port2 Always Untag Port3 Always Untag Port18 Always Untag
35. 85 Ta Ras packets of 128 255 bytes 2110 150 4 150 Te Ro packets of 256 511 bytes 11056 E E 139 4 Ra packets of 512 1023 bytes 2444 Rs packets of 1024 1518 bytes 2188 Rs correct packets of less than 64 bytes Rs correct packets of exceed 1518 bytes Re error packets of less than 64 bytes Re error packets of exceed 1518 bytes Retresh 4 10 2 Port Mirror Port Mirroring is a method of monitoring network traffic that forwards a copy of each incoming and or outgoing packet from one port of a network switch to another port where the packet can be studied It enables the manager to keep close track of switch performance and alter it if necessary Configuring the port mirroring by assigning a source port from which to copy all packets and a sniffer port where those packets will be sent Capture Port Use this option to select the destination port for monitored traffic This is the port that your network analyzer would be connected to Ingress Port Duplicate the date transmitted from the source port and forward it to the Capture port Egress Port Duplicate the data sent to the source and forward it to the Capture port 87 User s Manual of WSD 800 WGSD 910 Port Mirror Flow Capture Configuration Capture Port Port Capture Status Enable OK Mirror Port Configuration Ingress Port Liste gq 1 3 7 Egress Port Listie q 1 3 7 ua 4 11 Storm Control This function is to control
36. A E l i l Untagged Untareecd Tuppedi i VLAN gt Untarped Untagued Tuuged VLAN 2 R VLAN 3 l hu i WLANS3 j Figure 7 1 Overlap VLAN graphic The next will be a configure sample how to setup the WGSW 2840 802 1Q VLAN with a multiple untagged port 1 Atthe menu bar click Security gt VLAN 2 After the VLAN configuration page appear select 802 1Q VALN and clink OK to apply Then the following screen in Figure 7 2 appears 98 User s Manual of WSD 800 WGSD 910 802 10 VLAN Port LinkType PYID Egress Poli Figure 7 2 802 1Q VLAN page screen 3 Move the mouse course to the port which had be assigned to be connect to the server AP printer then click on the port For this case we set the Port 1 to be the multiple untagged port The screen in Figure 7 3 appears 4 Atthe Link Type select Always Untag at the draw bar Click OK to apply 802 140 VLAN Port Configuration Port 1 Link Type Access mai ACCBSS Trunk Always Untag Set Trunk Port for YLAN VLAN Table LAWN with The Trunk Port VLAN MAME VLAN MAME default vlan Set YLAN s YID amp Name pf o VLAN Name IS ETA Ee Figure 7 3 802 1Q VLAN Port Configuration Port1 screen 5 Click the Add Modify button to create new VLAN groups with VID 2 and VID 3 6 Atthe Port 1 VLAN Port configuration page select VLAN 2 and VLAN 3 to add t
37. Delete OO E0 4F 46 34 E Delete 4 7 4 MAC Address Learning The Switch is able to disable MAC Address learning function on ports 1 Fill the Port List field in the MAC Address Learning table and select Enable Disable in the MAC Address Learning field 2 Click on the OK button to save MAC Address Learning MAC Address Learning Port Listie a 1 3 7 MAC Address Learning ox i Show Port Table a PL MAC Address Learning Poti ld Enable Porte Enable DO rt aa Of Enable Porte Enable Boe Se ee ey 4 7 5 MAC Address Aging Time The Aging Time affects the learning process of the Switch Dynamic forwarding table entries which are made up of the source and destination MAC addresses and their associated port numbers are deleted from the table if they are not accessed within the aging time The aging time can be from 30 to 1 000 000 seconds with a default value of 300 seconds A very long aging time can result in dynamic forwarding table entries that are out of date or no longer exist This may cause incorrect packet forward indecisions by the Switch If the Aging Time is too short however many entries may be aged out too soon This will result in a high 57 User s Manual of WSD 800 WGSD 910 percentage of received packets whose source addresses cannot be found in the forwarding table in which case the Switch will broadcast the packet to all ports negating many of t
38. IDCVLAN O means All WYLAN EO O Add Multicast LAN Tunnel Configuration Multicast VLAN Tunnel Enable Disable Multicast group member WLAN ID 2 E up to 28 memebers Ok Show Static Routing Port Table Port VIO VLAN Name Type Delete Static Routing Port Configuration Port List Manual specifies the ports which send and receive multicast traffic e g 1 3 7 m VID The VLAN ID of the Static Routing Port The range is between 1 4094 VLAN O means All VLAN Multicast VLAN Tunnel Configuration m Multicast VLAN Tunnel Enable or Disable Multicast groups stream be transmitted cross VLANs m Multicast group member VLAN ID Specifies the VLAN to be member of the Multicast groups and crossed from the VLAN at Static Routing Port Configuration There re up to 28 VLAN members Once the VLAN members and the VLAN of Static Routing Port are assigned all the Multicast group stream at the VLAN of Static Routing Port will be forwarded to member VLANs fee ee cee ee ee me cee ee ee ee ee ee eee ee ae a a i a ee i a ee i a ei a ee i a a a ee i ee i a i a ee i ae a ee ee a a ae a a ae a a a ee i i ae ee i ee ee 5 Configure Sample To realize the Multicast traffic cross over different VLANs the IGMP Snooping protocol and VLAN protocol have to cooperate with each other First we have to assign the Static Routing Port to the specify port with VLAD ID and then add VLANs to be the multicast group members After that
39. Leave port is tagged Frame remains tagged Tag is inserted Leave port is untagged Tag is removed Frame remain untagged 33 3 Here pay attention to the explainion of Access Always Untag and Trunk Access Ports will strip the 802 1Q tag from all packets that out of those ports If the packet doesn t have an 802 1Q VLAN tag the port will not alter the packet Thus all packets received by and forwarded by an untagging port will have no 802 1Q VLAN information Untagging is used to send packets from an 802 1Q compliant network device to a non compliant network device Ports with Access mode belong to a single untagged VLAN Trunk Ports with tagging enabled will put the VID number priority and other VLAN information into the header of all packets that out of those ports If a packet has previously been tagged the port will not alter the packet thus keeping the VLAN information intact The VLAN information in the tag can then be used by other 802 1Q compliant devices on the network to make packet forwarding decisions Always Untag The port belongs to VLANs and each VLAN is user defined as tagged or untagged full 802 1Q mode Ports will strip the 802 1Q tag from all packets that out of those ports Untagged Belongs to a single untagged VLAN Tag PVID be removed Allowed to belongs to multiple untagged Untagged Always Untag VLANs at the same time Tag PVID be removed Allowed to belongs to multiple Tagged Tagged Tr
40. N without a network device performing a routing function between the VLAN 2 The Switch supports Port based VLAN and IEEE 802 1Q VLAN The port untagging function can be used to remove the 802 1 tag from packet headers to maintain compatibility with devices that are tag unaware 3 The Switch s default is to assign all ports to a single 802 10 VLAN named DEFAULT_VLAN As 3 new VLAN is created the member ports assigned to the new VLAN will be removed from the DEFAULT_ VLAN port member list The DEFAULT VLAN has a VID 1 we ee ee ee ee ee ae ee ae a ae eae ae ae eae ee ae a ae ae a ae ae a ee a ee a ee i ee ee ee a ee i ee a ee ee i a a es a ee a ee i ee ee Port based VLAN Port based VLAN limit traffic that flows into and out of switch ports Thus all devices connected to a port are members of the VLAN s the port belongs to whether there is a single computer directly connected to a switch or an entire department On port based VLAN NIC do not need to be able to identify 802 1Q tags in packet headers NIC send and receive normal Ethernet packets If the packet s destination lies on the same segment communications take place using normal Ethernet protocols Even though this is always the case when the destination for a packet lies on another switch port VLAN considerations come into play to decide if the packet is dropped by the Switch or delivered IEEE 802 1Q VLANs IEEE 802 1Q tagged VLAN are implemented on the Switch 8
41. Networking A Comiimnicalioa E iiaa i on md e y e gt 4 7 T a z p E i E E 4 5 q y r i L Led s j t i M r J d 7 _ d i ji a 44 i a 5 4 f i 2 4 gt 5 a te i E WSD 800 8 Port 10 100Mbps WGSD 916 8 Port 10 1 OOMODS 1 Gigabi j ra l User s Manual of WSD 800 WGSD 910 Trademarks Copyright PLANET Technology Corp 2007 Contents subject to which revision without prior notice PLANET is a registered trademark of PLANET Technology Corp All other trademarks belong to their respective owners Disclaimer PLANET Technology does not warrant that the hardware will work properly in all environments and applications and makes no warranty and representation either implied or expressed with respect to the quality performance merchantability or fitness for a particular purpose PLANET has made every effort to ensure that this User s Manual is accurate PLANET disclaims liability for any inaccuracies or omissions that may have occurred Information in this User s Manual is subject to change without notice and does not represent a commitment on the part of PLANET PLANET assumes no responsibility for any inaccuracies that may be contained in this User s Manual PLANET makes no commitment to update or keep current the information in this User s Manual and reserves the right to make improvements to this User s Manual and or t
42. P Join 3 IGMP Join 4 IGMP Join 5 IGMP Join 6 Multicast Stream Server The following fields can be set for IGMP Port Policy configuration Port Indicates the port which will be limited for the accepted IGMP groups Group Number Use to limit the number of IGMP groups that an interface can accept The possible value as following e Disable No limit on the number of IGMP groups Defatul Value e 0 100 0 No IGMP grpups allowed 1 100 The number of accepted IGMP groups on the specific port 79 User s Manual of WSD 800 WGSD 910 IGMP port policy arae a m 0 100 ont i 1 Disable Port Group Number Horti Disable porta Disable porta Disable pork Disable ports Disable port Disable port Disable porte Disable porta Disable porti0 Disable Configure Sample 1 Select the Port field in the Set IGMP Port Policy Table in this case Port 2 be selected 2 Fill the accepted number in the Group Number field For this case 4 multicast groups are allowed 3 Click on the OK button to save ISMP port policy Group MNumber Disable 0 100 Disable F i Group Number a ose oo porta a porta zE porta Disable 4 The worksatation that connect to Port 2 start to send IGMP Join Report packets 5 Select IGMP Snooping Configuration page to show the Multicast Group Table 80 Use
43. Port based VLAN Current Configuration WLAN VLAN MAME VID vlani 1 Add Modit Show WLAN Member 802 1Q VLAN Configuration There are up to 256 configurable VLAN groups By default when 802 1Q is enabled all ports on the switch belong to default VLAN VID 1 The default VLAN cannot be deleted Understand nomenclature of the Switch Tagging and Untagging Every port on an 802 1Q compliant switch can be configured as tagging or untagging Tagging Ports with tagging enabled will put the VID number priority and other VLAN information into the header of all packets that flow into those ports If a packet has previously been tagged the port will not alter the packet thus keeping the VLAN information intact The VLAN information in the tag can then be used by other 802 1Q compliant devices on the network to make packet forwarding decisions Untagging Ports with untagging enabled will strip the 802 1Q tag from all packets that flow into those ports If the packet doesn t have an 802 1Q VLAN tag the port will not alter the packet Thus all packets received by and forwarded by an untagging port will have no 802 1Q VLAN information Remember that the PVID is 51 User s Manual of WSD 800 WGSD 910 only used internally within the Switch Untagging is used to send packets from an 802 1Q compliant network device to a non compliant network device Frame Income Income Frame is tagged Income Frame is untagged Frame Leave
44. S S switch Workstations 5 jan clients EEE z a A mm 7 Client the device workstation that requests access to the LAN and switch services and responds to requests from the Switch The workstation must be running 802 1X compliant client software such as that offered in the Microsoft Windows XP operating system The client is the supplicant in the IEEE 802 1X specification Authentication server performs the actual authentication of the client The authentication server validates the identity of the client and notifies the Switch whether or not the client is authorized to access the LAN and switch services Because the Switch acts as the proxy the authentication service is transparent to the client In this release the Remote Authentication Dial In User Service RADIUS security system with Extensible Authentication Protocol EAP extensions is the only supported authentication server it is available in Cisco Secure Access Control Server version 3 0 RADIUS operates in a client server model in which secure authentication information is exchanged between the RADIUS server and one or more RADIUS clients Switch 802 1X device controls the physical access to the network based on the authentication status of the client The Switch acts as an intermediary proxy between the client and the authentication server requesting identity information from the client verifying that information with the authentication ser
45. The shortest distance to the root Switch is calculated for each Switch A designated Switch is selected This is the Switch closest to the root Switch through which packets will be forwarded to the root A port for each Switch is selected This is the port providing the best path from the Switch to the root Switch Ports included in the STP are selected Creating a Stable STP Topology It is to make the root port a fastest link If all switches have STP enabled with default settings the Switch with the lowest MAC address in the network will become the root Switch By increasing the priority lowering the priority number of the best switch STP can be forced to select the best switch as the root Switch When STP is enabled using the default parameters the path between source and destination stations in a switched network might not be ideal For instance connecting higher speed links to a port that has a higher number than the current root port can cause a root port change 37 User s Manual of WSD 800 WGSD 910 STP Port States The BPDUs take some time to pass through a network This propagation delay can result in topology changes where a port that transitioned directly from a Blocking state to a Forwarding state could create temporary data loops Ports must wait for new network topology information to propagate throughout the network before starting to forward packets They must also wait for the packet lifetime to expire for BPDU packets th
46. VLAN 802 1p Port to CoS mapping o IGMP snooping and IGMP Query mode for Multi media application o Statistic Routing Port o 1 to many Ingress Egress Port mirror and Port analysis o Broadcast Multicast Flooded storm control o 802 1X Port Based Authentication o IP Stack Technology supports up to 8 units switch stack for centralize management 1 4 Product Specification WSD 800 8 Port 10 100Mbps Managed Ethernet Switch Hardware Specification M 8 10 100Base TX RJ 45 Copper Ports Auto MDI MDI X ports Switch Throughput 1 19Mpps Switch Architecture Store and Forward Share data Buffer 1Mbit WGSD 910 8 Port 10 100Mbps 1 Port Gigabit TP SFP Managed Ethernet Switch Mi 8 10 100Base TX RJ 45 Auto MDI MDI X ports M 1 10 100 1000Base T RJ 45 port 1 SFP interface shared with Port 9 3 6Gbps non blocking 2 6 Mpps User s Manual of WSD 800 WGSD 910 Maximum Frame Size 1522 Bytes packet Flow Control Back pressure for half duplex IEEE 802 3x Pause Frame for full duplex LED Power Link Act and speed per port Console Interface One RS 232 DB 9 male connector for Switch management Power requirement 90 240V AC 50 60Hz Operating environment 0 50 degree C 5 90 RH Storage environment 20 70 degree C 5 90 RH Dimension W x D x H 280 x 173 x 44 mm Layer 2 function Management Interface Console Telnet Web Browser SNMP v1 and v2c Port disable enable Port configurat
47. VLAN CoS Mapping Table Fill the mapping number in the CoS 0 7 field Click on the OK button to save To remove the VLAN CoS mapping item simply click on the Delete button in the Show VLAN CoS Mapping table YLAN Cos MApping LAN COS Mapping O O OoOo VID 1 4094 Cos 0 7 fd VIB VLAN Name Cas Delete 73 User s Manual of WSD 800 WGSD 910 VLAN CosS MApping Po LAN CoS Mapping O O OoOo O oOo oOo VID 1 4094 Cos 0 7 ox VID VLAN Name cas Delete 255 vlan3 5 Delete 3 802 1p CoS Mapping QoS settings allow customization of packet priority in order to facilitate delivery of data traffic that might be affected by latency problems The IEEE 802 1p Priority specification uses 8 priority levels to classify data packets In 802 1p compliant devices a tag inserted into the packet header is used to identify the priority level of data packets 1 Fill the 802 1p Priority 0 7 field in the 802 1p priority CoS Mapping Configuration Table 2 Fill the mapping number in the CoS 0 7 field 3 Click on the OK button to save 302 1p priority Cos Configuration 802 1p priority CoS Mapping Configuration 802 1p Priority 0 7 Cos 0 7 202 1p Priority 0 o 1 1 E E 3 5 4 4 5 5 6 6 7 7 74 User s Manual of WSD 800 WGSD 910 3802 1p priority Cos Configuration
48. able Enable Disable y NA A gt Enable Down ato ms NA Disable Enable L Auto a ino ae to Full Disable 4 5 2 Port Statistics The Port Statistics page provides a view of the current status of every port on the Switch Pressing the Reset button will reset all port counters to zero Port Statistics Management Link E Enable gt Down o TE Enable Down Down 0 0 Enable Down Enable Enable Enable 35 User s Manual of WSD 800 WGSD 910 4 5 3 Port Band Restrict The function provides the In Band and Out Band connection speed restriction on the ports The Band of the connection speed rangs from 64Kbps to 80000Kbps Ingress Port List Egress Port List field can be filled in distinct number or a port range For example you can fill with 1 3 for port 1 and port 3 and 3 5 for port 3 to port 5 Band 64 80000Kbps field can be filled with any number between 64 and 80000 Port Band Restrict In Band Restrict Ingress Port List Band S00 S0000Kbps Kbps Out Band Restrict Egress Port List Band 64 80000kK bps Kbps Port Status Port In Band RestrictiKbps Out Band Restrich Kbps Delete 1 500 64 2 560 b4 Delete 3 500 64 3 wa wa s wa N A I m e m m l a ww ww oll ll PP a we we we we we we a we a l we e a a a e ee e o o T Due to the Chipset limition set the b
49. anagement vlan set system name set trunk set vian lt vid gt name set vlan lt vlan id gt lt portlist gt set vlan port mode set vlan type port based set vlan type dot1q based 3 5 2 6 Show command User s Manual of WSD 800 WGSD 910 Set port leanrning MAC enable disable Create static MAC entry Enable Disable snmp agent Set snmp community string Enable Disable rmon state Set snmp trap receive host Disable spanning tree Enable spaning tree Set the forward delay for the spanning tree Set the hello interval for the spanning tree Set the max age interval for the spanning Set the bridge priority for the spanning tree Set system contact Set default gateway Set system ip mask Set system location Set system mac address Specify a vlan for system management Set system name Set vlan trunk port Set vlan name Set vlan members Set vlan port mode Set system be port based vlan Set system be dot1q based vlan Show command is to display the current parameter of the Switch functions The follow table lists the show commands and the equivalent usages Command show channel show console info show dot1x local userlnfo show dot1x state show igmp snooping group number show igmp snooping group policy show igmp snooping info show igmp snooping policy deny Description Show channel information Show console info Show dot1x local user information Show dot1x information Show igmp snooping group limit Show
50. and rate large then 500Kbps at In Band Restrict field l NOTICE If this value is less than 500Kbps and the packet will drop on that time And please also be remined enable flow control at specific port is required a 4 6 Redundancy 4 6 1 Spanning Tree 1 Spanning Tree Protocol The IEEE 802 1D Spanning Tree Protocol and IEEE 802 1W Rapid Spanning Tree Protocol allow for the blocking of links between switches that form loops within the network When multiple links between switches are detected a primary link is established Duplicated links are blocked from use and become standby links The protocol allows for the duplicate links to be used in the event of a failure of the primary link Once the Spanning Tree Protocol is configured and enabled primary links are established and duplicated links are blocked automatically The reactivation of the blocked links at the time of a primary link failure is also accomplished automatically without operator intervention This automatic network reconfiguration provides maximum uptime to network users However the concepts of the 36 User s Manual of WSD 800 WGSD 910 Spanning Tree Algorithm and protocol are a complicated and complex subject and must be fully researched and understood It is possible to cause serious degradation of the performance of the network if the Spanning Tree is incorrectly configured Please read the following before making any changes from the default values The S
51. ange is 0 65535 Port 1 65535 The default UDP Port No is 1812 The UDP port used by accounting server The valid range is O 65535 e Account Port 1 65535 The default UDP Port No is 1813 e Share Key Indicates if the shared secret for this server has been configured Setup the RADIUS server and assign the client IP address to the Web Smart switch In this case field in the default IP Address of the Web Smart switch with 192 168 0 100 And also make sure the shared secret key is as same as the one you had set at the switch RADIUS server 12345678 at this case Add RADTUS Client 3 xl Chert lromalon Specivimnicematicn wagering he chent Client addiess PP or DNS E 192168 0100 Yank eters RADIUS Staidaid w M Chenkt must abvapa sard the signaturo afnbulain ho toques Shared secret Conhrn chaed secret Back Fresh Lancel 65 User s Manual of WSD 800 WGSD 910 4 Configure ports attribute of 802 1X the same as 802 1X Port Status Configuration 802 1X Port status Port status Configuration Port List e q 1 3 7 Authenticate Status Maximum account number 1 321 e Auto 1 NE RON Force Authorized Force Unauthorized Port status Authenticate Status maximum number current account number 1 Auto E port 2 Auto E port 3 Auto 1 O port Auto 1 O port 3 Auto 1 O port 6 Auto 1 O port 7 Auto 1 O
52. aster switch to further configure the Member switch as necessary for all of the IP Stack features available in the switch Menagerment Moda Maat IF Address 1902 182 0 100 HIP Slacking Group planel_swilca Stack name Ewiboh 1 Management Mode Client IP Address 182 168 0 101 IP Stackeng Group gt planet switch Slack name Swill Manegement Mode Client IF Acidress 187 168 0102 IP Stecking Group planet switch Siack name Swaich3 Management Mode Chiont IP Address 192 1690 703 IP Stacking Group planel_swnch Stack name Switch 4 12 2 IP Stacking Configuration Before the IP Stacking Configuration the network manager have to identify the roles of the stackable switches the Master mode and Client mode At a IP stacking group domain there is only one Master switch and many Client switches If there re more than one switch be configured to the Master mode the it will depends on the System Priority to elect a active Master The others with Master mode would be Backup Master To join a IP Stack group both the Master and Client have to be assigned with the same string at IP Stacking Group filed Once the switch be assigned as a Client switch it s not allowed to management the Client switch with its original system IP address That is the administrator has to configure the Client switch via the Master switch mamagement UI The following fie
53. at were forwarded based on the old topology The forward delay timer is used to allow the network topology to stabilize after a topology change In addition STP specifies a series of states a port must transition through to further ensure that a stable network topology is created after a topology change Each port on a switch using STP exists is in one of the following five states Blocking the port is blocked from forwarding or receiving packets Listening the port is waiting to receive BPDU packets that may tell the port to go back to the blocking state _ Learning the port is adding addresses to its forwarding database but not yet forwarding packets Forwarding the port is forwarding packets Disabled the port only responds to network management messages and must return to the blocking state first A port transitions from one state to another as follows From initialization switch boot to blocking From blocking to listening or to disabled From listening to learning or to disabled From learning to forwarding or to disabled From forwarding to disabled From disabled to blocking 4 Switch Blocking Listening Learning Forwarding x Disable L STP Port State Transitions 38 User s Manual of WSD 800 WGSD 910 You can modify each port state by using management software When you enable STP every port on every switch in the network goes through the b
54. ble for 10Mbps connections or 1000 Category 5 cable for 100Mbps connections Also be sure that the length of any twisted pair connection does not exceed 100 meters 328 feet 95 User s Manual of WSD 800 WGSD 910 6 APPENDIX 6 1 Console Port Pin Assignments The DB 9 serial port on the front panel is used to connect to the switch for out of band console configuration The console menu driven configuration program can be accessed from a terminal or a PC running a terminal emulation program The pin assignments used to connect to the serial port are provided in the following tables HRY DB 9 Console Port Pin Numbers DB 9 Port Pin Assignments CCITT Switch s DB9 DTE PC DB9 EIA Circuit Description Signal Pin DTE Pin BB 104 RxD Received Data 2 2 BA 103 TxD Transmitted Data 3 3 AB 102 SGND Signal Ground 5 5 Console Port to 9 Pin DTE Port on PC Switch s 9 Pin Serial Port CCITT Signal PC s 9 Pin DTE Port 2 RXD lt RXD 3 TxD 3TXD TXD gt 2 RxD S5SGND mm SGND 5 SGND Cable Types and Specifications Cable Type Max Length Connector 10BASE T Cat 3 4 5100 ohm UTP 100 m 328 ft RJ 45 96 User s Manual of WSD 800 WGSD 910 100BASE TX Cat 5 100 ohm UTP 100 m 328 ft RJ 45 50 125 or 62 5 125 micron 100BASE FX core multimode fiber MMF 2 km 1 24 miles SC or ST 6 2 100BASE TX 10BASE T Pin Assignments With 100BASE TX 10BASE T cable pi
55. c table information Show snmp information Show snmp rmon state Show spanning tree information Show basic help infomation Show system information Show trunk information Get last software version Show vlan information 25 User s Manual of WSD 800 WGSD 910 4 WEB BASED MANAGEMENT This section introduces the configuration and functions of the Web Based management 4 1 About Web based Management The Switch offers management features that allow users to manage the Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer The Web Based Management supports Internet Explorer 6 0 It is based on Java Applets with an aim to reduce network bandwidth consumption enhance access speed and present an easy viewing screen XA Notice By default IE6 0 or later version does not allow Java Applets to open sockets The user has to explicitly modify the browser setting to enable Java Applets to use network ports 4 2 Preparing for Web Management Before use web management you can use console to login the Switch and checking the default IP address of the Switch Please refer to Console Management Chapter for console login If you need change IP address in first time you can use console mode to modify it The default value is as below IP Address 192 168 0 100 Subnet Mask 255 255 255 0 Default Gateway 192 168 0 254 User Name admin Password admin 4 3 System Login 1 Launch t
56. ccsesssssseesnaeeececeeeeeesceeececeesesssessesenaaaeeeeeeseeeeees 26 ESOS TEM LOC Nai ene et teenie eee me eee eee 26 ASS TEM AAA ds 27 PAR TP GOT ANOM se sa beehive iia 27 A NVE E e RO PEO OI A Maeda telat 28 A ET AO 28 TASAS WO a ii c a 31 AA CONSOLE A AA a 32 AS OY SOM LI DOI ACC A AAA A A AAA EAS DS 32 TAO SAVING EII S di it dt abia 33 4 4 7 Parameters Backup Recovery cccccsssseccnssvscccnsesesenscueeccsauseecacuesenscuesensausesensuussensauesensans 33 3 User s Manual of WSD 800 WGSD 910 AAO 1040 DA ad 34 AO TACO CON ios 34 A S PORT MANAGEMEN E asta io 35 TL ek 0 O10 0 QUITO sd IA AAA A AA AAA OEE 35 OE PORO IS UCS A A A A E oe 35 AO FON Banoies Mistica anida 36 AO RE DONDANC a e e e ll de oe o 36 NS AA o ee eae ee ce eee eer eee eee 36 46 2 Spaning TICS GORNQUIATON io 42 LO SENAO CO ION IN a 45 ADECUA cinco 46 ASS MEAN AAA A A AA AAA A AA A ad 46 ARE MAC AQOKESS DIM A A A a ES 55 ARS MAS AGNESS MM a a E 56 AA MAG ADIOS Learning it A A A A A ad is 57 ELO MAG ADE SS Agng TIMO A A di di 57 4 7 6 802 1X Port Based Network Access CONO aooccccccccicocononcconnnccnnononononnnnnononannnonnnnononaanoninnnns 58 A A an edu 71 4e UNC NO QOS A E A as 71 4 322 DOS CONJUNTA A A A A A AS Ae 72 AO MULTCAS Vis A Sas 77 EA MGM SOO DING lid af 4 9 2 IGMP SHOODING CORIO TAO tape tte neat tienen ttn aldo Aleesediise tea taditenede 78 A BAGMP POM PONG Y 22a poset tte a os a boast NA 79 4 94 IGMP NOUD FOC V enine asia 81 A
57. ce find and solve network problems and plan for network growth An SNMP managed network consists of three key components Network management stations NMSs SNMP agents Management information base MIB and network management protocol Network management stations NMSs Sometimes called consoles these devices execute management applications that monitor and control network elements Physically NMSs are usually engineering workstation caliber computers with fast CPUs megapixel color displays substantial memory and abundant disk space At least one NMS must be present in each managed environment Agents Agents are software modules that reside in network elements They collect and store management information such as the number of error packets received by a network element Management Information Base MIB A MIB is a collection of managed objects residing in a virtual information store Collections of related managed objects are defined in specific MIB modules Network management protocol A management protocol is used to convey management information between agents and NMSs SNMP is the Internet community s de facto standard management protocol 28 User s Manual of WSD 800 WGSD 910 SNMP Operations SNMP itself is a simple request response protocol NMSs can send multiple requests without receiving a response Get Allows the NMS to retrieve an object instance from the agent Set Allows the NMS to set values for object
58. ddress menu button The IP address configuration screen then shows in the main page on the web Enter the new IP address Submask and Gateway then click on the OK button to change 7 User s Manual of WSD 800 WGSD 910 IP Address IP Address Configuration IP Address 192 168 0 100 submask 255 255 255 0 Gateway 192 168 0 254 IP Address Configuration 1 The Switch s factory default IP address is 192 168 0 100 with Submask 255 255 255 0 and a default gateway of 192 168 0 254 2 The changed IP address take effect immediately after click on the OK button you need to use the new 7 IP address to access the Web interface 3 The changed IP address remains the original after reboot the Switch unless the configuration is saved To save the changed IP address please move to System Saving Parameters menu o wm oe ww ww me om wm wm ww we we ow wm ow nw wm om ow wm om ow wm ow ow om ow om oo nw oe wm wm nw oe oe nw oe nw oe ow mw on ow wm nw oe ow nw oe oe ow oe wm ow on oe ow nw oe wm nw we wm ow on om ow nw em wm nw we we ow wn wm wm wn wm om gt o oo n _o 4 4 2 SNMP 4 4 2 1 Theory The Simple Network Management Protocol SNMP is an application layer protocol that facilitates the exchange of management information between network devices It is part of the Transmission Control Protocol Internet Protocol TCP IP protocol suite SNMP enables network administrators to manage network performan
59. e Switch is actively sending or receiving data over that port Lights to indicate the port is running in 100Mbps speed SPEED Orange Off indicate that the port is operating at 10Mbps MW Gigabit TP SFP interface Port 9 Color Function Lights to indicate the link through that port is successfully established LNK ACT Blink indicate that the Switch is actively sending or receiving data over that port Lights to indicate the port is running in 1000Mbps speed SPEED Orange Off indicate that the port is operating at 10Mbps or 100Mbps 11 User s Manual of WSD 800 WGSD 910 2 1 4 Switch Rear Panel Figure 2 3 shows the rear panel of WSD 800 100 240V AC CONSOLE ae 9600 N 8 1 Figure 2 3 WSD 800 rear panel Figure 2 4 shows the rear panel of WGSD 910 CONSOLE os 9600 N 8 1 100 240V AC 50 60 Hz Figure 2 4 WGSD 910 rear panel Power Notice 1 The device is a power required device it means it will not work till it is powered If your networks should active all the time please consider using UPS Uninterrupted Power Supply for your device It will prevent you from network data loss or network downtime 2 In some area installing a surge suppression device may also help to protect your Switch from being damaged by unregulated surge or current to the Switch or the power adapter a User s Manual of WSD 800 WGSD 910 2 2 Install the Switch This section describes how to i
60. e link failed Co works with some fiber NICs or Media Converters set the Link mode to 1000 Force is needed Remove the transceiver module 1 Make sure there is no network activity by consult or check with the network administrator Or through the management interface of the switch converter if available to disable the port in advance 2 Remove the Fiber Optic Cable gently 3 Turn the handle of the MGB module to horizontal 4 Pull out the module gently through the handle E MGB SX LX 1 2 i 2 Ps Figure 2 9 Pull out the SFP transceiver Never pull out the module without pull the handle or the push bolts on the module Direct pull XA Notice out the module with violent could damage the module and SFP module slot of the device 16 User s Manual of WSD 800 WGSD 910 3 CONSOLE MANAGEMENT 3 1 Connecting to the Switch The console port is a female DB 9 connector that enables a connection to a PC or terminal for monitoring and configuring the Switch Use the supplied RS 232 cable with a male DB 9 connector to connect a terminal or PC to the Console port The Console configuration out of band allows you to set Switch for remote terminal as if the console terminal were directly connected to it WSW WGSD Managed Switch Serial Port PC Workstation with Terminal emulation software Serial Port 9600 8 n 1 3 2 Login in the Console Interface When the connection between Switch and PC is ready turn
61. e that allows you to establish control over network traffic QoS enables you to assign various grades of network service to different types of traffic such as multi media video protocol specific time critical and file backup traffic QoS reduces bandwidth limitations delay loss and jitter It also provides increased reliability for delivery of your data and allows you to prioritize certain applications across your network You can define exactly how you want the switch to treat selected applications and types of traffic You can use QoS on your system to Control a wide variety of network traffic by Classifying traffic based on packet attributes Assigning priorities to traffic for example to set higher priorities to time critical or business critical applications Applying security policy through traffic filtering Provide predictable throughput for multimedia applications such as video conferencing or voice over IP by minimizing delay and jitter Improve performance for specific types of traffic and preserve performance as the amount of traffic grows Reduce the need to constantly add bandwidth to the network Manage network congestion QoS Terminology Classifier classifies the traffic on the network Traffic classifications are determined by protocol application source destination and so on You can create and modify classifications The Switch then groups classified traffic in order to schedule them with the appropriate
62. eceive an EAP request identity frame from the switch the client can initiate authentication by sending an EAPOL start frame which prompts the switch to request the client s identity orce If 802 1X is not enabled or supported on the network access device any EAPOL frames from the client are dropped If the client does not receive an EAP request identity frame after three attempts to start authentication the client transmits frames as if the port is in the authorized state A port in the authorized state effectively means that the client has been successfully authenticated When the client supplies its identity the Switch begins its role as the intermediary passing EAP frames between the client and the authentication server until authentication succeeds or fails If the authentication succeeds the Switch port becomes authorized For more information see the Ports in Authorized and Unauthorized States section The specific exchange of EAP frames depends on the authentication method being used Figure 2 43 shows a message exchange initiated by the client using the One Time Password OTP authentication method with a RADIUS server 60 User s Manual of WSD 800 WGSD 910 Authentication Server 802 1X Switch RADIUS may Client EAPOL Start PAP Reguestldentity EAP Response ldentity RADIUS Access Request EAP Request OTP RADIUS Access Challenge EAP Response OTP RADIUS Access Request EAP Succe
63. ed from Queue 0 Remember the priority queue settings on the Switch are for all ports and all devices connected to the Switch will be affected This priority queuing system will be especially beneficial if your network employs switches with the capability of assigning priority tags VLAN Description A Virtual Local Area Network VLAN is a network topology configured according to a logical scheme rather than the physical layout VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN VLAN also logically segment the network into different broadcast domains so 46 User s Manual of WSD 800 WGSD 910 that packets are forwarded only between ports within the VLAN Typically a VLAN corresponds to a particular subnet although not necessarily VLAN can enhance performance by conserving bandwidth and improve security by limiting traffic to specific domains A VLAN is a collection of end nodes grouped by logic instead of physical location End nodes that frequently communicate with each other are assigned to the same VLAN regardless of where they are physically on the network Logically a VLAN can be equated to a broadcast domain because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated i e ile No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLA
64. elivered from the factory ok 4 4 9 Reboot This function is to reboot the system Reboot If you do not save the system parameters all changes made in this A session will be lost When you click the reboot button the switch will reboot automatically Reboot 34 User s Manual of WSD 800 WGSD 910 4 5 Port Management 4 5 1 Port Configuration This function is to configure and to view the configured port management status port negotiation mode and the port flow control function Management Status Display port status Enable or Disable Disable is to turn off the port Link Status Up to indicate the port is linked while Down to indicate the port is not connectd Speed Shows the negotiation mode and the running speed on the port Duplex Displays full duplex or half duplex mode Flow Control Display Flow status of port Enable or Disable Disable indicates Flow control is off Auto Display which mode the port is auto negotiated Config configured Displays the state defined by the user Atual Displays the negotiation result Port Configuration Port Configuration Port lst te g 1 3 7 Management Status Speed Duplex Flows rn Enable Auto a a i Disable x Port status l Speed Depe Flow Control H ient Stat Link Stat SS ee nt pi il Config config aa Ees Actual config Actual Enable E ma Disable i Disable Dis
65. er s Manual of WSD 800 WGSD 910 WGSW 2840_192 168 0 30 Edge Switch VLAN Configuration 192 168 0 30 VLAN Configuration Link Type PVID Link Partner Always Untag Untag 1 3 Part No 2081 A92310 001 C 106
66. erial and use them against to repack the product in case there is a need to return it to us for repair 1 2 How to Use This Manual This User Manual is structured as follows Chapter 2 INSTALLATION The chapter explains the functions of the Switch and how to physically install the Switch Chapter 3 CONSOLE MANAGEMENT The chapter explains how to manage the Switch by Console interface Chapter 4 WEB BASED MANAGEMENT The chapter explains how to manage the Switch by Web interface Chapter 5 TROUBLE SHOOTING The chapter explains how to trouble shooting of the Switch Chapter 6 APPENDIX The chapter contains cable information of the Switch In the following section terms Switch means the two Switch devices ie WSD 800 and WGSD 910 Terms with lower case switch means any Ethernet switches 1 3 Product Feature o 8 Port 10 100Mbps TP interfaces User s Manual of WSD 800 WGSD 910 a Complies with IEEE 802 3 10Base T IEEE 802 3u 100Base TX o High back plane bandwidth 1 6Gbps o Console Web SNMP management o Configuration backup and recovery a Per port Ingress Egress bandwidth restriction a IEEE 802 1d Spanning tree 802 1w Rapid Spanning Tree o Configurable spanning tree aging time STP port configuration o 4 trunk groups up to 4 ports per trunk o Port based 802 1Q VLAN with 4K VLAN ID o MAC Binding Filtering Learning configurable MAC Aging time o 8 mappings ID to 4 priority queues Support MAC
67. es to Switch enable gt Entering a question mark at the prompt displays the list of commands available for command mode 3 5 2 1 Clear command Clear command is to clear the parameter The follow table lists the clear commands and the equivalent usages Command clear channel clear dot1x local userlnfo clear igmp snooping policy deny clear mirror monitored port egress clear mirror monitored port ingress clear multicast router clear port counters clear port rate shaping clear port spantree portcost Description Clear member from channel Clear igmp snooping group policy Clear igmp snooping policy deny Clear egress monitored port for mirror Clear ingress monitored port for mirror Clear router port Clear port statistics counter Clear rate shaping of all ports Restore spanning tree port cost to default value 20 clear port spantree portpri clear port storm limit clear qos map cos queue map clear qos map dot1p cos map clear qos map mac cos map clear qos map vlan cos map clear radius key clear security filter MAC clear security static MAC clear snmp community clear snmp trap clear spantree root clear trunk clear vlan copy config flash clear port storm limit clear qos map cos queue map clear qos map dot1p cos map clear qos map mac cos map clear qos map vlan cos map clear security filter MAC clear security static MAC clear snmp community clear snmp trap clear spantree root clear trunk
68. ess all port as 0 IE password IE confirm password IE Add Mlodify delete user username delete port Username Local Authenticate Information 3 Other configuration only choose Local Authenticate mode is available If you not have good experiences please keep the default value 63 User s Manual of WSD 800 WGSD 910 other Configuration Pe 4uthenticatior Enable Dotis MaxReq 1 10 Bo Dotis reAuthMax 1 10 po Supplicant Timeautl 1 255 fo Re 4uthentication Period 10 655351 300 Quiet Period 0 65535 eo o Server Timeout 1 255 fo Tx Period 0 65535 0 Radius Server In this situation need a Radius server in the network the normal topologies as below o Authentication 202 1K server switch II Workstations clients ME A Y lt lt 1 Select the Radius Server mode 2 The RADIUS Server configuration table includes the following fields 802 1 802 1 Configuration Enable Radius Server O Local Authenticate Radius Server Configuration Radius Server IP Address 192 168 0 51 Authentication Port 1 65535 Account Porti 1 65535 ama o Share Key 12345678 64 User s Manual of WSD 800 WGSD 910 e RADIUS Server IP The IP address of the RADIUS server being added Address Authentication The UDP port used by this server The valid r
69. etwork Control User s Manual of WSD 800 WGSD 910 2 INSTALLATION This section describes the functionalities of the Switch s components and guides how to install it on the desktop or shelf Basic knowledge of networking is assumed Please read this chapter completely before continuing 2 1 Product Description 2 1 1 Product Overview With 8 Port 10 100Mbps the PLANET WSD 800 WGSD 910 boast a high performance switch architecture that is capable of providing non blocking switch fabric and wire speed throughput as high as 1 6Gbps 3 6Gbps The IEEE 802 standard based firmware provides a rich set of features and ensures interoperability with equipment from other vendors Additionally the firmware includes advanced features such as IGMP snooping broadcast storm control and MAC address filtering to enhance security and bandwidth utilization With its built in Web based management the PLANET WSD 800 WGSD 910 offer an easy to use platform independent management and configuration facility The PLANET WSD 800 WGSD 910 support standard Simple Network Management Protocol SNMP and can be managed via any standard based management software For text based management the WSD 800 WGSD 910 can also be accessed via Telnet and the console port 2 1 2 Switch Front Panel Figure 2 1 shows the front panel of WSD 800 2 4 6 8 2468 2 PLANET inwiacr C 1 T TT 8 Port 10 100Mbps Networki ing amp Comm
70. figuration Port based VLAN Configuration Packets can only be broadcast among other members of the same VLAN group Note all unselected ports are treated as belonging to the default system VLAN If port based VLAN are enabled then VLAN tagging is ignored 1 On VLAN Configuration table choose Port based VLAN Click on the OK button YLAN Configuration L VLAN Typed Por based WLAN oK 2 The main page then change to Port base VLAN table click on the Add Modify button to create a new VLAN group Port based YLAN Current Configuration VLAN p VLAN NAME VID vlani 1 Acd Modit Show WYLAN Member 3 The Port base VLAN Confirutation table then pops up enter the VLAN group ID VLAN name and select the member ports for the VLAN 4 Click the OK button to add the VLAN 5 Select the ports in the Port List field and click on the Add button to add the member ports to the VLAN The selected VLAN member then shows in the VLAN Member field 50 User s Manual of WSD 800 WGSD 910 Port based YLAN Configuration VID 1 49 2 VLAN Name VLAN2 OO gt Set Port based VLAN Member Port Port Lis VLAN Member a feed Delete 6 Click on the Close button and back to the Port based VLAN main page The Show VLAN Member button is to list the valid VLANs You can also remove the added VALN by click on this button
71. hat might be affected by latency problems The IEEE 802 1p Priority specification uses 8 priority levels to classify data packets In 802 1p compliant devices a tag inserted into the packet header is used to identify the priority level of data packets The Switch supports four kinds of Traffic classifiers 802 1P Port MAC VLANs and four queues Dor COS Priority classifiers of the Switch forward packet COS range is from 0 to 7 Seven is the high class Zero is the less class The user may configure the mapping between COS and Traffic classifiers 0 1 MAC COS Mapping QoS settings allow customization of MAC address to Traffic classifiers 1 Fill the MAC Address field in the MAC CoS Mapping Configuration Table in the In the format XX XX XX XX XX XX 2 Fill the mapping number in the CoS 0 7 field 3 Click on the OK button to save 4 Toremove the MAC CoS mapping item simply click on the Delete button in the Show MAC CoS Mapping table hAC Cos Mapping MAC CoS Mapping Configuration MAC Address Cos 0 7 o0 U 4FP 40 34 E 7 UR Show MAC Co5 Mapping MAC Address Cos Delete af pa User s Manual of WSD 800 WGSD 910 M AC Cos Mapping MAC Address Cos 0 7 MAZ Address Cos Delete 00 EQ 4F 48 34 7E E Delete 2 VLAN COS Mapping QoS settings allow customization of VLAN ID to Traffic classifiers 1 2 3 4 Fill the VID 1 2094 field in the
72. he Internet Explorer 2 Enter the IP address of the Switch 3 When the login screen appears use admin as the default username password respectively to login 4 The main web page of the Web based management appears As shows in the following screen XA Notice The following section will base on the console screens of WSD 800 for WGSD 910 the display will be the same to WSD 800 26 User s Manual of WSD 800 WGSD 910 PLANET Managed Switch PC Workstation with IE Browser nn IP Address 192 168 0 100 IP Address 192 168 0 x RJ 45 UTP Cable Q PLANET Wotworking 4 Communication Home System Welcome to PLANET WSD 800 Port Management Redundancy 8 Port 10 100Mbps Managed Ethernet Switch PLANET Technology Corporation Multicast A AN 11F No 96 Min Chuan Road Hsin Tien li O Taipei Taiwan R O C 4 Storm Control Tel 886 2 2219 9518 a Fax 886 2 2219 9528 ge Siacnng Email Support planet com tw Copyright c 2005 Planet Technology Corp all rights reserved WSD 800 Web Management Interface 4 4 System 4 4 1 IP Configuration The Switch can be managed by the Web Telnet SNMP interfaces Administrators can access the management interface via the IP address of the Switch The default IP address of the Switch is 192 168 0 100 You can change the IP address to be in the same IP segment as your LAN network for convinence To change the IP address click on the System IP A
73. he benefits of having a Switch Static forwarding entries are not affected by the aging time To set the Aging Time enter the number in the MAC Address Aging Time field and click on the OK button to save The valid range is 30 1000 seconds Default is 300 seconds MAC Address Aging Time Configuration MAC Address Aging Time 30 1000s 300 oK 4 7 6 802 1X Port Based Network Access Control 4 7 6 1 Theory Understanding IEEE 802 1X Port Based Authentication The IEEE 802 1X standard defines a client server based access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly accessible ports The authentication server authenticates each client connected to a switch port before making available any services offered by the Switch or the LAN Until the client is authenticated 802 1X access control allows only Extensible Authentication Protocol over LAN EAPOL traffic through the port to which the client is connected After authentication is successful normal traffic can pass through the port This section includes this conceptual information e Device Roles e Authentication Initiation and Message Exchange e Ports in Authorized and Unauthorized States 58 User s Manual of WSD 800 WGSD 910 Device Roles With 802 1X port based authentication the devices in the network have specific roles as shown below f Authentication SS O E BEN RADIU
74. instances within an agent Trap Used by the agent to asynchronously inform the NMS of some event The SNMPv2 trap message is designed to replace the SNMPv1 trap message SNMP community An SNMP community is the group that devices and management stations running SNMP belong to It helps define where information is sent The community name is used to identify the group ASNMP device or agent may belong to more than one SNMP community It will not respond to requests from management stations that do not belong to one of its communities SNMP default communities are Write private Read public 4 2 2 2 SNMP Configuration To configure SNMP management click on System SNMP menu button and the web main page changes to the SNMP Management function as shows in the following SNMP Management SNMP Agent Status Configuration SNMP Agent Status Enable Ok System Options System Name Switch System Location Contact Community Configuration Add Community Current Communities Management Station Configuration Add Management Station Current Management Stations IF Address The followings are the description of the sub table 1 SNMP Agent Status Configuration This block enables to turn on SNMP Agent Enabled Disabled To turn on or turn off the SNMP function on the Switch 29 User s Manual of WSD 800 WGSD 910 SNMP Agent Status Configuration SAMP Agent Status Enable 2
75. ion Auto negotiation 10 100Mbps full and half duplex mode selection Flow Control disable enable Bandwidth control on each port Display each port s speed duplex mode link status Flow control status Auto negotiation status trunk status Port Based VLAN up to 9 VLAN groups VLAN IEEE 802 10 Tagged Based VLAN 4K VLAN ID up to 255 VLAN groups Spanning Tree IEEE 802 1d IEEE 802 1w Link Aggregation Supports 12 groups of 8 Port trunk support Traffic classification based on Port Number 802 1p priority DS TOS field in IP Packet v1 and v2 IGMP Snooping Allow to disable or enable Per port bandwidth control Bandwidth Control Ingress 500Kb 80Mbps Egress 64Kb 80Mbps RX TX Both Security MAC filtering and Binding up to 400 rules RFC 1213 MIB II RFC 2863 Interface MIB RFC 2665 EtherLike MIB SNMP MIBs RFC 1493 Bridge MIB RFC 2674 Extended Bridge MIB RFC 2819 RMON MIB Group 1 2 3 9 User s Manual of WSD 800 WGSD 910 RFC 2737 Entity MIB RFC 2618 RADIUS Client MIB Standards Conformance Regulation Compliance FCC Part 15 Class A CE IEEE 802 3 10BASE T IEEE 802 3u 100BASE TX 100BASE FX IEEE 802 3z Gigabit SX LX IEEE 802 3ab Gigabit 1000T IEEE 802 3x Flow Control and Back pressure Standards Compliance IEEE 802 1d Spanning tree protocol IEEE 802 1w Rapid spanning tree protocol IEEE 802 1p Class of service IEEE 802 1Q VLAN Tagging IEEE 802 1x Port Authentication N
76. ion of three switches connected in a loop is depicted in Figure 5 7 In this example you can anticipate some major network problems if the STP assistance is not applied If switch A broadcasts a packet to switch B switch B will broadcast it to switch C and switch C will broadcast it to back to switch A and so on The broadcast packet will be passed indefinitely in a loop potentially causing a network failure In this example STP breaks the loop by blocking the connection between switch B and C The decision to block a particular connection is based on the STP calculation of the most current Bridge and Port settings Now if switch A broadcasts a packet to switch C then switch C will drop the packet at port 2 and the broadcast will end there Setting up STP using values other than the defaults can be complex Therefore you are advised to keep the default factory settings and STP will automatically assign root bridges ports and block loop connections Influencing STP to choose a particular switch as the root bridge using the Priority setting or influencing STP to choose a particular port to block using the Port Priority and Port Cost settings is however relatively straight forward LAN L2 Portcast 19 A Port 3 Bridge ID 15 4 5 D Port 1 Port 2 k 4 A Portcast 4 Portcast 4 j PO 4 Portcast 4 j B C n Bridge ID 30 Bridge ID 20 Port 2 Port 3 Portcast Port 2 Port 3
77. lds can be set for IP Stacking configuration Current mode Display the current mode of IP Stacking there re three possible statuses e Disable The IP Stacking function is disabled 89 User s Manual of WSD 800 WGSD 910 e Master The IP Stacking Management status is enabled and the current switch is a Master switch at this IP Stack Group e Client The IP Stacking Management status is enabled and the current switch is a Client switch at this IP Stack Group Manamement status This filed is to Enable or Disable the IP Stack function Management mode Identify the management mode of the current switch There re two possible selections e Master The switch plays as a Master of the IP Stack Group e Client The switch plays as a Client of the IP Stack Group IP Stacking group This filed effects if the switches be joined to the same IP Stack group With the same string entry both the Master and Client will be assigned to the same IP Stack group If not the switches will not be the IP Stack group members System priority If there re more than one switch be configured to the Master mode the it will depends on the System Priority to elect a active Master The others with Master mode would be Backup Master If there is no other Master switch it s no need to modify this value IPStacking MAC The Master will base on the MAC address to find out the Cleint switches Generally the entry would be the burn
78. les or disable the link aggregation ports before removing a port link aggregation to avoid creating a data loop It allows a maximum of four ports to be aggregated at the same time and up to 4 groups If the group is defined as a LACP static link aggregationing group then any extra ports selected are placed in a standby mode for redundancy if one of the other ports fails If the group is defined as a local static link aggregationing group then the number of ports must be the same as the group member ports Link Aggregation Configuration One aggregation group can accommodate up to 8 members Aogregation Group Ports Port List Member Ports Add Delete 45 User s Manual of WSD 800 WGSD 910 4 7 Security 4 7 1 VLAN 4 7 1 1 Theory Understanding IEEE 802 1 p Priority Priority tagging is a function defined by the IEEE 802 1p standard designed to provide a means of managing traffic on a network where many different types of data may be transmitted simultaneously It is intended to alleviate problems associated with the delivery of time critical data over congested networks The quality of applications that are dependent on such time critical data such as video conferencing can be severely and adversely affected by even very small delays in transmission Network devices that are in compliance with the IEEE 802 1p standard have the ability to recognize the priority level of data packets These devices can also
79. lick on the Add button to add This will add the VLAN in to the VLAN with The Trunk Port field E Trunk Port for YLAN LAN Table LAN with The Trunk Port LAN MAME LAN NAME iefault vlan _ Delete 5 4 Click on the close button to close the VLAN port configuration table of port 2 and back to the 802 1Q main page 5 5 Click on the Show VLAN Members button to show the VLAN members ShowVLAN Members A 5 6 As shows in the following screen 54 User s Manual of WSD 800 WGSD 910 Show VLAN Member il VID VLAN Name VLAN Member Delete 1 wani port3 PortS Port Ports _Delete 2 vlan2 Porti Port2 Port4 Ports Delete Close 4 7 2 MAC Address Bind This function is based upon for the Switch security When you add one MAC Address is bind with one port It remains in the Switch s address table regardless of whether the device is physically connected to the Switch This saves the Switch from having to re learn a device s MAC address after it has been disconnected or powered off from the network and then reconnected at some time later If the Network station is connected with one port want to control the Switch the station s MAC Address must be the same as one MAC Address To bind the MAC Address click on the Security MAC Address Binding menu button the main web page then shows the MAC Address Bind function table 1 Fill the MAC Address field
80. locking state and then transitions through the states of listening and learning at power up If properly configured each port stabilizes to the forwarding or blocking state No packets except BPDUs are forwarded from or received by STP enabled ports until the forwarding state is enabled for that port 2 STP Parameters STP Operation Levels The Switch allows for two levels of operation the Switch level and the port level The level forms a spanning tree consisting of links between one or more switches The port level constructs a spanning tree consisting of groups of one or more ports The STP operates in much the same way for both levels CS On the switch level STP calculates the Bridge Identifier for each switch and then sets the Root Bridge and the Designated Bridges On the port level STP sets the Root Port and the Designated Ports The following are the user configurable STP parameters for the switch level Parameter Description Default Value Bridge Identifier Not user A combination of the User set priority and 32768 MAC configurable the Switch s MAC address except by setting priority The Bridge Identifier consists of two parts below a 16 bit priority and a 48 bit Ethernet MAC address 32768 MAC Priority A relative priority for each switch lower 32768 numbers give a higher priority and a greater chance of a given switch being elected as the root bridge Hello Time The length of time between broadcasts of
81. n will not work properly VLAN configure 4 Set the VLAN mode to be 802 1Q VLAN LAN Configuration VLAN Typed 802 10 VLAN ox 5 6 At Step 3 we had set Port 2 as VLAN 6 Static Routing Port so we have to configure Port 2 as VLAN 6 member port 802 161 VLAN Port Link Type PID Egress Policy bortl ACCESS 1 Untagged 1 pot Access z Untagged 6 port3f4ccess Untagged 1 bort4 Access Untagged 1 ports access f JUntagged 1 borte Access 2 JUntagged 2 port Access P JUntagged 3 m e porte Sccess Untagged 1 show WLAN Members Cooperate with IGMP Snooping and 802 1Q VLAN Port 6 of VLAN 2 and Port 7 of VLAN 3 are able to receive the Multicast group traffic from Port 2 with different VLAN groups setting 86 User s Manual of WSD 800 WGSD 910 4 10 Port Analysis 4 10 1 Port Analysis This function shows the statistical information of each port it helps to diagnose the network malfunction The following example shows the statistic table of port 6 Port Analysis Port Selecting Port Ports ok Show Statistic Table Statistic Item Total Average Max Tx bytes 6577715 469936 469936 Tx packets 2 66 1 11618 1 1618 x bytes i L33720 la 96969 lo 96969 Rx packets 11629 830 la 830 Rx Unicast packets 11493 820 la 820 Re Multicast packets fr lo lo Rx Broadcast packets 136 E E Te Ro packets of 64 bytes 22053 11639 i 1639 Ra packets of 65 127 bytes 2504 l185 1
82. ndard and miss wired cables may cause numerous network collisions and other network problem and can seriously impair network performance A category 5 cable tester is a recommended tool for every 100Base T network installation 5 1 3 Improper Network Topologies It is important to make sure that you have a valid network topology Common topology faults include excessive cable length and too many repeaters hubs between end nodes In addition you should make sure that your network topology contains no data path loops Between any two ends nodes there should be only one active cabling path at any time Data path loops will cause broadcast storms that will severely impact your network performance 5 2 Diagnosing LED Indicators The Switch can be easily monitored through panel indicators to assist in identifying problems which describes common problems you may encounter and where you can find possible solutions IF the power indicator does turn on when the power cord is plugged in you may have a problem with power outlet or power cord However if the Switch powers off after running for a while check for loose power connections power losses or surges at power outlet IF you still cannot resolve the problem contact your local dealer for assistance 94 User s Manual of WSD 800 WGSD 910 5 2 1 Cabling RJ 45 ports use unshielded twisted pair UTP or shield twisted pair STP cable for RJ 45 connections 1000 Category 3 4 or 5 ca
83. ng tree parameters Rapid Spanning Tree Status The spanning tree function of the switch is default disabled This field enables to turn on the spanning tree on the switch Force Protocol Version 0 for IEEE 802 1D Spanning Tree 2 for IEEE 802 1W Rapid Spanning Tree Max Age 6 40 sec the default setting is 20 Hello Time 1 10sec the default setting is 2 Forward Delay 4 30 sec the default setting is 15 Bridge Priority 0 61440 the default setting is 32768 42 User s Manual of WSD 800 WGSD 910 Rapid Spanning Tree Bridge Configuration Rapid Spanning Tree Status Enable Force Protocol Version 2 Max Agel6 40si Po Hello Timet 1 105 PO Forward Delay 3051 TES Bridge Priority 0 61440 ET ox 2 Bridge Information The informations of the STP Root show in the Bridge Information table Bridge Information Boot Bridge Priority 32768 WRoot Bridge Mac o0 00 01 01 02 02 Root Path Cost o Boot Port MA Boot Bridge MAX age 0 Foot Bridge Hello Time a Root Bridge Forward Delay 15 hd 3 STP Port Configuration On the STP port configuration the settings are implemented on a per user defined Group of ports RSTP Port Configuration Path Cost 0 Port List e g 1 3 7 Edge Port P2P Status 200000000 0 means eh E Auto es es e The following fields can be set for STP port configuration Edge Port Defines if this port connected directly to a single wo
84. ns 1 and 2 are used for transmitting data and pins 3 and 6 for receiving data RJ 45 Pin Assignments Pin Number Assignment 1 Tx 2 Tx 3 Rx 6 Rx Note and signs represent the polarity of the wires that make up each wire pair All ports on this switch support automatic MDI MDI X operation you can use straight through cables for all network connections to PCs or servers or to other switches or hubs In straight through cable pins 1 2 3 and 6 at one end of the cable are connected straight through to pins 1 2 3 and 6 at the other end of the cable The table below shows the 10BASE T 100BASE TX MDI and MDI X port pin outs Pin MDI X Signal Name MDI Signal Name 1 Receive Data plus RD Transmit Data plus TD 2 Receive Data minus RD Transmit Data minus TD 3 Transmit Data plus TD Receive Data plus RD 6 Transmit Data minus TD Receive Data minus RD 97 User s Manual of WSD 800 WGSD 910 7 APPENDIX B 802 1Q VLAN Multi Untagged VLAN setting sample 1 The version V 1 4 27 of PLANET IP Stackable series had added the multiple untagged VLAN function on a port The function could be applied at if the members of two or more different VLAN groups all have to access the same server AP Printer But the two VLAN groups are separated and can t access to each other The graphic in Figure 7 1 appears i i l rr tr I l l l I l l l gg l zn lO i l l PC ay PE
85. nstall the Ethernet Switch and make connections to it Please read the following topics and perform the procedures in the order being presented 2 2 1 Desktop Installation To install the Switch on desktop or shelf please follows these steps Step1 Attach the rubber feet to the recessed areas on the bottom of the Switch Step2 Place the Switch on the desktop or the shelf near an AC power source Step3 Keep enough ventilation space between the Switch and the surrounding objects 9 Figure 2 5 Attaching the rubber feet to the Switch When choosing a location please keep in mind the environmental restrictions discussed in Note Chapter 1 Section 4 in Specification Step4 Connect the Switch to network devices A Connect one end of a standard network cable to the 10 100 1000 RJ 45 ports on the front of the Switch B Connect the other end of the cable to the network devices such as printer servers workstations or routers etc Connection to the Switch requires UTP Category 5 network cabling with RJ 45 tips For more BS Note information please see the Cabling Specification in Appendix A Step5 Supply power to the Switch A Connect one end of the power cable to the Switch B Connect the power plug of the power cable to a standard wall outlet When the Switch receives power the Power LED should remain solid Green 13 User s Manual of WSD 800 WGSD 910 2 2 2 Rack Mounting To install the Switch in a 19 inch standard
86. nual of WSD 800 WGSD 910 Set ipstack disable Set ipstack group STR Set ipstack mac addr Set ipstack mode master client Set ipstack system priority Enable Disable mirror function Set a port to capture traffic Capture egress traffic Capture ingress traffic Set multicst router port Set the password for telnet Disable a port Set port transmission type Enable a port Set port traffic flowcontrol Set port mcheck Set port point to point admin value Set port egress rate shaping rate Set port ingress rate shaping rate Set port egress rate shaping rate Set port ingress rate shaping rate Set spanning tree port cost Set spanning tree PortFast feature Set spanning tree port priority Set port transmission speed Set port storm limit mode Set port storm limit rate Set port vlan type Set the queue number of each cos Set the cos value of each dot1p priority Set MAC based gos Set port s cos Set vlan based qos Set the egress policy Set share key for radius server Set radius server parameters Set RSTP force version Set MAC aging time Create MAC filter entry 23 set security mac learning set security static MAC set snmp set snmp community set snmp rmon set snmp trap set spantree disable set spantree enable set spantree fwddelay set spantree hello set spantree maxage set spantree priority set system contact set system default gateway set system ip set system location set system mac set system m
87. number has the highest priority Path Cost Specifies the path cost of the port The switch uses this parameter to help determine which port will become a forwarding port Lower numbers will be used as forwarding ports first The range is from O to 65535 The default values based on IEEE802 1D are 10Mb s 50 600 100Mb s 10 60 1000Mb s 3 10 Port Mcheck set If the port property is a rapid because of received STP BPDU then it change into STP compatible mode According to Mcheck setting change property into RSTP mode RSTP Port Configuration Path Costi0 oa Port List e g 1 3 7 Edge Port Pas Status 200000000 0 means Port aoe Auto mel ee a Port Mcheck Set OO RSTP Port Status Edge Port P2P Status Port Protocol Port E ETE aaa EE Path Cast Priority Port Role Mode ESTE Port Status port 1 False False Auto False Auto O Designated STF Forwarding port 2 False False Auto False Auto O Designated STF Forwarding port 3 False False Auto False Auto O Designated STF Forwarding port 4 False False Auto False Auto O Designated STF Forwarding port 5 False False Auto False Auto O Designated STF Forwarding port 6 False False Auto False Auto O Designated STF Forwarding port 7 False False Auto False Auto O Designated STF Forwarding port 8 False False Auto False Auto O Designated STF Forwarding port 9 False False
88. o E RO 84 40 PORTANALY O Sri aida 87 ISIDRO CADIVI SAA IA AAA ahead 87 A AN A T Ouulaed wads tates Aeatat A E 87 SA O II A A An 88 A O A nn A 89 9 TROUBLE SHOOTING ranana a id ios 94 5 MINCORREGT CONNECTIONS casinos estirar lodo a dl 94 D In F auly OF IOOSC CADICS id ist amimliaictaie 94 OLLE INON STANO AIO CADICS iso sceliccds aaa 94 do MPrOper NetWork J ODOIOOIC Sari A A AA A R 94 9 2 DIAGNOSING LED INDICATORS iio 94 AA A eR TE en eee ene ee eee 95 5 APPENDIX tasas otro 96 4 User s Manual of WSD 800 WGSD 910 6 1 CONSOLE PORT PIN ASSIGNMENT Saab ia 96 6 2 100BASE TX 10BASE T PIN ASSIGNMENTS cccceccccccccccccccccecececececececececeneaeaeneneneuenenenenenenenenens 97 APRENDI diia ioos 98 802 1Q VLAN MULTI UNTAGGED VLAN SETTING SAMPLE 1 2cececececececececececececauacuauacaees 98 802 1Q VLAN MULTI UNTAGGED VLAN SETTING SAMPLE 2 ccccecececececececececececececececces 101 802 1Q VLAN MULTI UNTAGGED VLAN SETTING SAMPLE 33 cccececececececececececececececececes 104 5 User s Manual of WSD 800 WGSD 910 1 INTRODUCTION 1 1 Packet Contents Check the contents of your package for following parts o Ethernet Switch x1 o CD ROM user s manual x1 Quick installation guide x1 o 19 rack mounting kit x1 o Power cord x1 o Rubber feet x 4 If any of these are missing or damaged please contact your dealer immediately if possible retain the carton including the original packing mat
89. o the Port 1 The right information window at this table shows the status The screen in Figure 7 4 appears 99 User s Manual of WSD 800 WGSD 910 802 10 VLAN Port Configuration Port 1 Link Type Always Untag PID Set Trunk Port for YLAN WLAN Table LAN with The Trunk Port VLAN NAME default vlan Set VLAN s VID amp Name vo VLAN Name AddiModify Figure 7 4 Assign Port 1 to be VLAN 2 and VLAN 3 member 7 After the down the Port 1 VLAN configuration press close to back to the 802 1Q VLAN main screen And check if the setting be applied to Port 1 at the Egress Policy column The screen in Figure 7 5 appears 802 10 VLAN Port Link oT aa TE o Lo SS Policy O ES Figure 7 5 Port 1 VLA N status 8 Assign the VLAN 2 and VLAN 3 group member At this case Port 2 had been assigned to as VLAN 2 group member and Port 3 be assigned to as VLAN 3 group member 9 Repeat step 2 to step 7 expect that e Configure the Port 2 with PVID 2 Port 3 with PVID 3 e The link type of both Port 2 and Port 3 are Always Untag e And both Port 2 and Port 3 are VLAN 1 members 10 After properly configure the 802 1Q VLAN per port setting it should be as the screen in Figure 7 6 appears 100 User s Manual of WSD 800 WGSD 910 802 104 VLAN port cs NS Tos Figure 7 6 Port 1 Port 2 and Port 3 VLAN configuration Port Link Type PYID Egress Policy Although Port 2 and Port 3 a
90. o the products described in this User s Manual at any time without notice If you find information in this manual that is incorrect misleading or incomplete we would appreciate your comments and suggestions FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the Instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at whose own expense CE Mark Warning This is a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures WEEE Warning To avoid the potential effects on the environment and human health as a result of the presence of hazardous substances in electrical and electronic equipment end users of electrical and electronic equipment should understand the meaning of the crossed out wheeled bin symbol Do not dispose of WEEE as unsorted municipal waste and have to collect such WEEE separately
91. on the PC and run a terminal emulation program or Hyper Terminal and configure its communication parameters to match the following default characteristics of the console port Port Settings Baud Rate 9600 bps Data Bits 8 Bits per second a00 ti sts Parity none Data bits je H Stop Bit 1 Parity Nowe Flow control None Stop bits E H Flow control EERE Restore Defaults coca vo The settings of communication parameters 17 User s Manual of WSD 800 WGSD 910 After finished the parameter settings click OK When the prompt shows Switch gt type for help or type enable for further configuration The system needs password for further configuration After the enable command the system asks for password please enter admin for the default password As shows in the following screen Protocol Hodule Protocol Protocol Hardware Protocol Hardware Protocol Hardware Protocol Hardware Protocol Hardware Protocol Hardware Protocol Hardware Protocol Hardware Protocol Hardware Protocol Switch gt enable Module Snmp Module Snmp Rmon Module STP Module Module Module Module Module Module Module Module Module Module Module Module Module Module Module Module Module Module Please input password Switch enable gt STP OY lan HwQ lan PYlan HwP lan Hirror Hirror mac table new mac table driver Counter H
92. or Trunk Note that if the Access type is chosen it will strip the 802 1Q tag from all packets that out of this port On the other hand if the Trunk type is chosen it will put the VID number priority and other VLAN information into the header of all packets that out of this port And if the Always Untag type is chosen it will strip the 802 1Q tag from all packets that out of the port But the port can be assigned to more than one VLAN group 4 Define the PVID for the port Set the port VLAN ID that will be assigned to untagged traffic on a given port This feature is useful for accommodating devices that you want to participate in the VLAN but that don t support tagging 53 User s Manual of WSD 800 WGSD 910 Link Type Access 5 Trunk configuration If the Trunk type is chosen please follow the steps to set the Trunk of the port 5 1 Add and define the names and VIDs for new VLANs The VID number ranges from 2 to 4094 Fill the VID field and the VLAN Name field in the Set VLAN s VID amp Name table and click on the Add Modify button to save Set VLAN s YID Name VLAN Name VLAN Add Modit Delete 5 2 The added new VLAN then shows the the VLAN Table field in the Set Trunk Port for VLAN table TA Trunk Port for LAN VLAN Table VLAN with The Trunk Port LAN MAME LAN MAME iefault vlan r LAN _ Delete 5 3 Select on the VLAN chich you want to tag with in the VLAN Table field and c
93. r s Manual of WSD 800 WGSD 910 IGMP Snoopin Configuration IGMP Snooping Status Immediate leave Enable Y Forwarding all leave pkt Enable vw J AAA AA e 234 1 1 2 1 port2 portil 7 Show Multicast Group Table Multicast MID J ee eee a O EA 234 1 1 1 1 port2 port11 The maximum number of IGMP multicast groups are restricting to 4 entries the more IGMP Join packets will be filtered 4 9 4 IGMP Group Policy The IGMP Group Policy allowed the networl administrator to assigning a specificy Multicast Group to a port The port is configured to send and receive all traffic for a particular mulcast group Usually the function is use to test the multicast protocols in the network or for the PC Laptop manufactory to pre install operation system via multicast There is maximum 24 static Multicast Groups are able to assign Switch Port 2 setup with IGMP Group Policy Port 2 IGMP Group Policy Enable Force accept Multicast Stream 1 Without IGMP Join Report packet Multicast Stream Server i IGMP Join packet a_ Multicast Streme The following fields can be set for IGMP Group Policy configuration Set IGMP Group Policy m Index Assign a No 1 24 for the Multicast Group as a index for easy managment Multicast Group Identifies the Multicast group IP address The valued range is from 224 0 0 1 239 255 255 254 81 User s Manual of WSD 800 WGSD 910
94. re VLAN 1 members with different PVID setting the two ports are not able to access each other But they all can access with the server AP Printer which connect to the Port 1 now 802 1Q VLAN Multi Untagged VLAN setting sample 2 lt 192 168 0 222 VLAN Configuration gt Link Partner 192 168 0 222 Untag 1 2 3 4 NetworkPrinter T Tag 1 2 3 4 2840_30 Tag 1 2 3 4 2840_20 2840_10 Server 192 168 0 101 2 3 m Trunk 2 3 4 192 168 0 102 192 168 0 103 VLAN 1 lt 192 168 0 10 VLAN Configuration gt lt 192 168 0 20 VLAN Configuration gt lt 192 168 0 30 VLAN Configuration gt Port Link Type PVID sateen Poti Always Untag 2 Port2 Always Untag 2 x Port3 Always Untag 2 Untag 12 PC Port2 Always Untag 3 Untag 1 Untag 1 4 1 1 Unag 12 as Portt Always Untag 4 Untag 1 4 ntag 3 Untag 1 2 3 4 NtworkPrinter Port3 Always Untag 1 Untag 1 2 3 4 NetworkPrinter i Untag 1 4 Port18 Always Untag bat ys Un Port28 Trunk Tag 1 2 3 4 Core 2840 Port28 Trunk 1 Tag 1 2 3 4 Core 2840 Port28 _ Trunk ah Tag 1 2 3 4 101 User s Manual of WSD 800 WGSD 910 m VLAN Group Membership VLAN ID VLAN Define Major Member VLAN 1 Public VLAN WGSW 2840_220 WGSW 2840_ 10 WGSW 2840_ 20 WGSW 2840_30 Server Network Printer_1 Network_Printer_2 Clinets connect to 192 168 0 10 VLAN 3 A Clinets connect to 192 168 0 20 VLAN 4 Clinets connect to 192 168 0 30 WGSW 2840_192 168 0 222 Core Switch VLAN Configuration 192 168 0 2
95. rkstation or this port that is directly connected to a LAN segment where a loop cannot be created For example this port is connected to a PC Print Server IP camera or any other network end node device Since end nodes cannot cause forwarding loops they can pass directly through to the spanning tree forwarding state There are two selections for this function True This port connected directly to a end node device or LAN segment where a loop cannot be created False This port connected to one or more LAN segments maybe a ethernet switch or HUB that a loop might be occured P2P Status Enables or disables the device to establish a point to point link or specifies for the device to automatically establish a point to point link A P2P port is also capable of rapid transition P2P ports may be used to connect to other bridges Under RSTP all ports operating in full duplex mode are considered to be P2P ports 43 User s Manual of WSD 800 WGSD 910 unless manually overridden through configuration The link type attached to this port could be selected as following Auto The switch automatically determines if the interface is attached to a point to point link or to shared media True A connection to exactly one other bridge False A connection to two or more bridges Port Priority Defines if this port is more or less likely to become the root port The range is from O to 255 the default setting is 128 The lower
96. sceiver Approved PLANET SFP Transceivers PLANET WGSD 910 support both single mode and multi mode SFP transceiver The following list of approved PLANET SFP transceivers is correct at the time of publication MEMGB SX SFP 1000BASE SX SFP transceiver ME MGB LX SFP 1000BASE LX SFP transceiver It recommends using PLANET SFPs on the Switch If you insert a SFP transceiver that is not XA Notice supported the Switch will not recognize it Before connect the other switches workstation or Media Converter 1 Make sure both side of the SFP transfer are with the same media type for example 1000Base SX to 1000Base SX 1000Bas LX to 1000Base LX 2 Check the fiber optic cable type match the SFP transfer model gt To connect to 1000Base SX SFP transceiver use the multi mode fiber cable with one side must be male duplex LC connector type gt To connect to 1000Base LX SFP transceiver use the single mode fiber cable with one side must be male duplex LC connector type 15 User s Manual of WSD 800 WGSD 910 Connect the fiber cable 1 Attach the duplex LC connector on the network cable into the SFP transceiver 2 Connect the other end of the cable to a device switches with SFP installed fiber NIC on a workstation or a Media Converter 3 Check the LNK ACT LED of the SFP slot on the front of the Switch Ensure that the SFP transceiver is Operating correctly 4 Check the Link mode of the SFP port if th
97. ss RADIUS Access Accept Port Authorized EAPOL Logoff Port Unauthonzed E Ports in Authorized and Unauthorized States The Switch port state determines whether or not the client is granted access to the network The port starts in the unauthorized state While in this state the port disallows all ingress and egress traffic except for 802 1X protocol packets When a client is successfully authenticated the port transitions to the authorized state allowing all traffic for the client to flow normally If a client that does not support 802 1X is connected to an unauthorized 802 1X port the Switch requests the client s identity In this situation the client does not respond to the request the port remains in the unauthorized state and the client is not granted access to the network In contrast when an 802 1X enabled client connects to a port that is not running the 802 1X protocol the client initiates the authentication process by sending the EAPOL start frame When no response is received the client sends the request for a fixed number of times Because no response is received the client begins sending frames as if the port is in the authorized state If the client is successfully authenticated receives an Accept frame from the authentication server the port state changes to authorized and all frames from the authenticated client are allowed through the port If the authentication fails the port remains in the unauthorized sta
98. st 4 9 1 IGMP Snooping Theory Computers and network devices that want to receive multicast transmissions need to inform nearby routers that they will become members of a multicast group The Internet Group Management Protocol IGMP is used to communicate this information IGMP is also used to periodically check the multicast group for members that are no longer active In the case where there is more than one multicast router on a sub network one router is elected as the queried This router then keeps track of the membership of the multicast groups that have active members The information received from IGMP is then used to determine if multicast packets should be forwarded to a given sub network or not The router can check using IGMP to see if there is at least one member of a multicast group on a given subnet work If there are no members on a sub network packets will not be forwarded to that sub network IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group IGMP version 1 is defined in RFC 1112 It has a fixed packet size and no optional data The format of an IGMP packet is shown below IGMP Message Format Octets 0 8 1 6 31 Group Address all zeros if this is a query The IGMP Type codes are shown below Type Meaning 0x11 Membership Query if Group Address is 0 0 0 0
99. st Priority Hello Time The Hello Time can be from 1 to 10 seconds This is the interval between two transmissions of BPDU packets sent by the Root Bridge to tell all other Switches that it is indeed the Root Bridge If you set a Hello Time for your Switch and it is not the Root Bridge the set Hello Time will be used if and when your Switch becomes the Root Bridge Max Age The Max Age can be from 6 to 40 seconds At the end of the Max Age if a BPDU has still not been received from the Root Bridge your Switch will start sending its own BPDU to all other Switches for permission to become the Root Bridge If it turns out that your Switch has the lowest Bridge Identifier it will become the Root Bridge Forward Delay Timer The Forward Delay can be from 4 to 30 seconds This is the time any port on the Switch spends in the listening state while moving from the blocking state to the forwarding state i A Observe the following formulas when setting the above parameters Max Age _ 2 x Forward Delay 1 second me ee ee ee a a a a a a a ee ee oe g A0 User s Manual of WSD 800 WGSD 910 Port Priority A Port Priority can be from 0 to 255 The lower the number the greater the probability the port will be chosen as the Root Port Port Cost A Port Cost can be set from 0 to 65535 The lower the number the greater the probability the port will be chosen to forward packets 3 Illustration of STP A simple illustrat
100. te but authentication can be retried If the authentication server cannot be reached the switch can retransmit the request If no response is received from the server after the specified number of attempts authentication fails and network access is not granted When a client logs off it sends an EAPOL logoff message causing the switch port to transition to the unauthorized state 61 User s Manual of WSD 800 WGSD 910 If the link state of a port transitions from up to down or if an EAPOL logoff frame is received the port returns to the unauthorized state 4 7 6 2 802 1X Configuration This Switch has two 802 1X Mode Radius Server amp Local Authenticate choose one you need Local Authenticate In this situation do not need Radius server in the network all authentication completed by 802 1x Switch the normal topologies as below 902 1X through 902 1X Switch Switch Clients 1 Enter 802 1X Port Status Configuration there are 3 Authenticate authorization states 802 1X Port status Port status Configuration Port List g 1 3 7 Authenticate Status maximum account number 1 32 Auto ooo Force Authorized Force Unauthorized Port status port Authenticate Status maximum account number current account number port 1 Auto 1 0 port 2 Auto 1 T AEE E Auto il O port 4 AUTO 1 0 port 5 Auto 1 port 6 Auto 1 O port 7
101. the Braodcast Storm Multicast Storm and Flooded Storm packet on each port To configure the Storm Control click on the Storm Control menu button The web main page then shows the Strom Restricting function table 1 Fill the Port List field in the Broadcast Storm Restricting table select the type in the Restricting Type drop down menu and enter the packet size in the Flow field 2 Click on the OK button to save 3 To remove the Storm Restricting function on the port simpy click on the Delete button in the Show Port Restricting Table table Storm Restricting Broadcast Storm Restricting Port Listie q 1 3 Restricting Type Flow 64 B0000kKbps Fo fede A Add Show Port Restricting Table Restricting Type Flo wy Delete Broadcast only _ Delete Delete Broadcast only _ Delete Delete Broadcast Multicast 4nd Flooded _ Delete Delete 88 User s Manual of WSD 800 WGSD 910 4 12 IP Stacking 4 12 1 About IP Stacking IP Stacking function enables you to use a single IP address and standard network cabling to manage a group of up to 8 PLANET WSD 800 WGSD 910 WSW 2401A WGSW 2840 5240 switches in the same IP subnet broadcast domain Once one switch had been operated as the Master of a stack additional switches can join the IP stack by manual methods to setting with the same group name After a switch becomes a Client and stack group member you can work through the M
102. ticast router port information Show port counter information Show port dot1x information Show MACs on certain port Show port ingress and egress rate shaping Show port RSTP port role and protocol mode Show spantree information on ports Show port infomation Show port storm limit mode and rate Show qos map cos queue map 19 show gos map dot1p cos map show qos map mac cos map show qos map port cos map show gos map vlan cos map show qos queue egress policy show radius show security MAC aging show security filter MAC show security mac learning show security static MAC show snmp show snmp rmon show spantree show syntax show system show trunk show version show vlan show vlan type User s Manual of WSD 800 WGSD 910 Show qos map cos queue map Show qos map mac cos map Show each port s cos Show qos map vian cos map Show qos queue egress policy Show radius information Show MAC aging time Show MAC filter entry Show port security status Show static mac table information Show snmp information Show snmp rmon state Show spanning tree information Show basic help infomation Show system information Show trunk information Get last software version Show vlan information Show current vian type 3 5 2 Privileged Command To access to the second level enter the enable command in the first level The sysem then prompt for a password Please enter admin for the password The promt then chang
103. unication O00O0O FDX COL pi a Managed Ethernet Switch 1357 O SYS OOO O LNK ACT O O O O FDX COL WSD 800 O PWR 0000 100 P A 7 Figure 2 1 WSD 800 front panel Figure 2 2 shows the front panel of WGSD 910 8 Port 10 100Mbps 1 Gigabit Combo 2 4 6 Q PLANET Wr NACT Managed Ethernet Switch SPEED 9 SE JE PRO LJ INI WGSD 910 MiniGBIC Figure 2 2 WGSD 910 front panel 10 User s Manual of WSD 800 WGSD 910 2 1 3 LED Indications 5 E System Color Function CS Lights to indicate that the Switch is powered on Green Lights to indicate the system is working HE Per 10 100Base TX RJ 45 Port Port 1 to Port 8 Color Function LNK ACT Orange Blink to indicate that the Switch is actively sending or receiving data over FDX COL Lights to indicate respective port is in full duplex FDX mode Otherwise it is OFF for half duplex HDX operations It blinking amber when collisions are occurring on the respective port 100 Lights to indicate the port is acting in 100Mbps speed off to indicate the port is acting in 10Mbps J WGSD 910 M System Color Function EEr Lights to indicate that the Switch has power sys Green Lights to indicate the system is working M Per 10 1 m Port Port 1 to Port 8 Color Function to indicate the link through that port is successfully established LNK ACT Blink indicate that th
104. unk VLANs at the same time Tag PVID or Original VID be remained Port VID PVID Set the port VLAN ID that will be assigned to untagged traffic on a given port This feature is useful for accommodating devices that you want to participate in the VLAN but that don t support tagging The Switch allows each port to set one PVID the range is 1 255 default PVID is 1 The PVID must be the same as the VLAN ID that the port was defined as belonging to in the VLAN group or the untagged traffic will be dropped 1 Select 802 1Q VLAN in the VLAN Type field and click on the OK button LAN Configuration VLAN Type 802 10 VLAN K E 52 User s Manual of WSD 800 WGSD 910 The main page then changes to the 802 1Q VLAN table which displays the VLAN configuration of each port 802 14 VLAN Port Link Type PYID Egress Policy pores foes Ja 2 If you want to configure port 2 to be in a VLAN other than default VLAN Double click on port2 to enter into VLAN port configuration window 302 10 YLAN Port Configuration Port 2 Link Type Access y E PYID iC OK a E Trunk Port pO et Trunk Port for VLAN gt ee VLAN E ee VLAN VLAN with The Trunk Port The Trunk Port LAN MAME LAM MAME detault vlan _ Delete Set VLAN s YID amp Name VID WYLAN Name Ado Modity Delete 3 Choose the Link Type in the drop drop down menu Access Always Untag
105. ver and relaying a response to the client The Switch includes the RADIUS client which is responsible for encapsulating and decapsulating the Extensible Authentication Protocol EAP frames and interacting with the authentication server When the Switch receives EAPOL frames and relays them to the authentication server the Ethernet header is stripped and the remaining EAP frame is re encapsulated in the RADIUS format The EAP frames are not modified or examined during encapsulation and the authentication server must support EAP within the native frame format When the Switch receives frames from the authentication server the server s frame header is removed leaving the EAP frame which is then encapsulated for Ethernet and sent to the client 5 9 User s Manual of WSD 800 WGSD 910 a Authentication Initiation and Message Exchange The Switch or the client can initiate authentication If you enable authentication on a port by using the dot1x port control auto interface configuration command the Switch must initiate authentication when it determines that the port link state transitions from down to up It then sends an EAP request identity frame to the client to request its identity typically the Switch sends an initial identity request frame followed by one or more requests for authentication information Upon receipt of the frame the client responds with an EAP response identity frame However if during bootup the client does not r
106. wCounter Ruby QoS Ruby QoS IGHP Snooping IGHP Snooping Driver Rate Shaping Rate Shaping Driver Command Line Console login screen 3 3 Console Management Entering a question mark at the prompt displays the list of commands available for command mode As shows in the following screen manage 1p mirror monitored port egress mirror monitored port ingress multicast router port counters port rate shaping port spantree portcost port spantree portpri port strom 1lim1t qos map cos queue map qos map dot1lp cos map qos map mac cos map qos map Vlan cos map security f1lter MAC security static MAC snmp community snmp trap spantree root trunk Clear Clear Clear Clear Clear Clear Manage ip address egress monitored port for mirror ingress monitored port for mirror router port port statistics counter rate shaping of all ports Restore spanning tree port cost to default value Restore spanning tree port priority to default value Clear Reset Reset Clear Clear Clear Clear Clear Clear strom limit of all ports cos queue map to default dotip_cos map to default qos map mac cos map qos map vlan cos map HAC filter entry static HAC entry snmp community entry snmp trap management host Restore spanning tree parameters Clear Clear trunk port from vlans member from vlan The question mark command 18 3 4 Telnet login User s Manual of WSD 800 WGSD 910
107. witch STP performs the following functions Creates a single spanning tree from any combination of switching or bridging elements Creates multiple spanning trees from any combination of ports contained within a single Switch in user specified groups Automatically reconfigures the spanning tree to compensate for the failure addition or removal of any element in the tree Reconfigures the spanning tree without operator intervention Bridge Protocol Data Units For STP to arrive at a stable network topology the following information is used The unique Switch identifier The path cost to the root associated with each switch port The por tidentifier STP communicates between switches on the network using Bridge Protocol Data Units BPDUs Each BPDU contains the following information The unique identifier of the Switch that the transmitting Switch currently believes is the root Switch The path cost to the root from the transmitting port The port identifier of the transmitting port The Switch sends BPDUs to communicate and construct the spanning tree topology All switches connected to the LAN on which the packet is transmitted will receive the BPDU BPDUs are not directly forwarded by the Switch but the receiving Switch uses the information in the frame to calculate a BPDU and if the topology changes initiates a BPDU transmission The communication between switches via BPDUs results in the following One Switch is elected as the root Switch
108. with MAC address in the format xx xx xx xx xx xx and choose the port to bind the MAC Address in the Port field 2 Click on the Add button 3 To remove the MAC Address binded by the port Simply click on the Delete button of the MAC Address in the Show MAC Address Table MAC Address Bind Bind New MAC Address MAC Address Port 00 U 4F 40 34 E Forti Add Show Mac Address Table MAC Address Port Delete 55 User s Manual of WSD 800 WGSD 910 MAC Address Bind MAC Address MAC Address Delete OE 049 E Forti Delete 4 7 3 MAC Address Filtering MAC address filtering allows the Switch to drop unwanted traffic Traffic is filtered based on the destination addresses To filter the MAC Address click on the Security MAC Address Filtering menu button the main web page then shows the MAC Address Filtering function table 1 Fill the MAC Address field with MAC address in the format XX XX XX XX XX XX 2 Click on the Add button to add 3 To remove the MAC Address filtered by the port Simply click on the Delete button of the MAC Address in the Current Filtering MAC Table MAC Address Filtering MAC Address 00 E0 4F 48 34 7E Add Mac Address Delete 56 User s Manual of WSD 800 WGSD 910 MAC Address Filtering Add New Mac Address MAC Address m Add Current Filtering Mac MAC Address
109. y Password table shows in the main web page Enter old password new password confirm password Click OK to change the password 34 User s Manual of WSD 800 WGSD 910 Modify Password Old Password New Password Confirm Password 4 4 4 CONSOLE This function shows the connection parameters for the Console Management Interface Click on the System CONSOLE menu button and the following table shows in the main page of the web Console Information Data bits ef Stop bits ft Parity check none Flow control none Baud rate bps be 4 4 5 System Upgrade This function allows performing firmware update from the web interface Click on the System System Upgrade menu button and the following table shows in the main page of the web Click on the Browse button of the main page the system would pop up the file selection menu to choose firmware Select on the firmware and the Update Status would show the file upload status System Upgrade The File s Name Browse Update Status 32 User s Manual of WSD 800 WGSD 910 4 4 6 Saving Parameters It takes effect immediately when you change the parameters of the management function when the Switch is running But the parameters would not be saved after reboot the Switch To keep the changed parameters Click on the System Saving Parameters menu button and click on the Save button on the web
Download Pdf Manuals
Related Search