User's Manual
Contents
1. 124 5 1 15 2 PoE Configuration Power management Mode 125 5 1 15 3 PoE Configuration Primary Power Supply sseseeese 127 5 1 15 4 PoE Configuration Port Contguraion 127 5 1 15 5 Power over Ethernet Status oooonnnncccccccconnnccnnnncncononanccnnnnnononanenonnnonnss 128 5 1 15 6 LLDP Power Over Ethernet Negri 129 KEE POE NEIU RENS 130 SW MET MET PINO CNECK 4 ini 131 5 1 16 gea Cl AUINS e 132 5 1 17 System HeDDO OPM PU PP 132 Command Line Interface Management 133 6 1 About CLI Management 133 ORing Industrial Networking Corp 4 e IGPS 7084GP Series User s Manual Getting to Know Your Switch 1 1 About the IGPS 7084GP Series Industrial Switch The IGPS 7084GP series are powerful managed industrial switches which have many features These switches can work under wide temperature dusty environment and humid condition They can be managed by WEB TELNET Consol or other third party SNMP software as well 1 2 Software Features BM World s fastest Redundant Ethernet Ring Recovery time lt 10ms over 250 units connection Supports Ring Coupling Dual Homing RSTP over Ring Supports SNMPv1 v2 v3 amp RMON 4 Port base 802 1Q VLAN Network Management Event notification by Email SNMP trap and Relay Output Web based Telnet Console CLI configuration Enable disable ports MAC based port security Port based networ2. Disabled sl Disabled o 8 Permit Disabled wel Disabled 0 ORing Industrial Networking Corp 82 IGPS 7084GP Series User s Manual Port The logical port for the settings contained in the same row Select the policy to apply to this port The allowed values are 1 Policy ID through 8 The default value is 1 Select whether forwarding is permitted Permit or denied Deny The default value is Permit Select which rate limiter to apply to this port The allowed values are Rate Limiter ID mM Disabled or the values 1 through 15 The default value is Disabled Select which port frames are copied to The allowed values are Port Copy EN Disabled or a specific port number The default value is Disabled opecify the logging operation of this port The allowed values are Enabled Frames received on the port are stored in the System Log Logging Disabled Frames received on the port are not logged The default value is Disabled Please note that the System Log memory size and logging rate is limited Specify the port shut down operation of this port The allowed values are Enabled If a frame is received on the port the port will be disabled Disabled Port shut down is disabled The default value is Disabled Counts the number of frames that match this ACE 5 1 10 3 2 Rate Limiters Configure the rate limiter for the ACL of the switch ACL Rate Limiter Configuration Rate Limi
3. Clears the local counters All counters including global counters are cleared upon reboot ORing Industrial Networking Corp 24 IGPS 7084GP Series User s Manual Check this box to enable an automatic refresh of the page at Auto refresh regular intervals 5 1 2 7 Modbus TCP Support Modbus TCP About Modbus please reference http www modbus org MODBUS Configuration A Enabled v The following table describes the labels in this screen Label Description Enable or Disalble Modbus TCP function 5 1 2 8 Backup Restore Configuration You can save view or load the switch configuration The configuration file is in XML format with a hierarchy of tags Configuration Save Save configuration Configuration Upload ORing Industrial Networking Corp 25 IGPS 7084GP Series User s Manual 5 1 2 9 Firmware Update This page facilitates an update of the firmware controlling the stack switch Firmware Update 5 1 3 DHCP Server 5 1 3 1 Setting The system provides with DHCP server function Enable the DHCP server function the switch system will be a DHCP server DHCP Server Configuration Enabled Start IP Address 192 165 10 100 End IP Address 192 168 10 200 Subnet Mask Router 192 168 10 254 DNS 192 168 10 254 Lease Time sec TFTP Server Boot File Name ORing Industrial Networking Corp 26 IGPS 7084GP Series User s Manual 5 1 3 2 DHCP Dynamic Client List W
4. For example Trap Destination 1e80 215 cb5ff fe03 4dc7 The symbol is a special syntax that can IPv6 Address be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can only appear once lt also used a following legally IPv4 address For example 192 1 2 34 Indicates the SNMP entity is permitted to generate authentication Trap failure traps Possible modes are Authentication mE l ES Enabled Enable SNMP trap authentication failure ailure Disabled Disable SNMP trap authentication failure Trap Link up and Indicates the SNMP trap link up and link down mode operation ORing Industrial Networking Corp 62 Link down Trap Inform Mode IGPS 7084GP Series User s Manual Possible modes are Enabled Enable SNMP trap link up and link down mode operation Disabled Disable SNMP trap link up and link down mode operation Indicates the SNMP trap inform mode operation Possible modes are Enabled Enable SNMP trap inform mode operation Disabled Disable SNMP trap inform mode operation Trap Inform Indicates the SNMP trap inform timeout The allowed range is O to Trap Inform Retry Indicates the SNMP trap inform retry times The allowed range is O to Trap Probe Indicates the SNMP trap probe security engine ID mode of operation Possible values are Enabled Enable SNMP trap probe security engine ID mode of Security Engine ID operation Trap Sec
5. Port QoS Configuration ORing Industrial Networking Corp 69 IGPS 7084GP Series User s Manual Port QoS Configuration Ingress Configuration Egress Confiquration Queue Weighted Port Default Class CL Tag Priori ueuing Mode z z Q 3 wu 3 Low Normal Medium High 4 Strict Priority Strict Priority Strict Prior Strict Prior Strict Priority ze Strict Priority ze 4 4 4 4 lt 4 IT pa pa KA a E o z iO amp Ln As LW M E HE Iri DE iit Y Do je e o je ja a e 2 2 US S S e e e RARA RRA A AAA A AA A A AA Sapa lalalala lalalala a AAA UA NANA A A AAA Pr Priority e an a KA KN ce A check box is provided for each port of a private VLAN When checked port isolation is enabled for that port When unchecked port isolation is disabled for that port By default port isolation is disabled for all ports Configure the default QoS class for the port that is the QoS class Default Class l l for frames not matching any of the QCEs in the QCL QCL Select which QCL to use for the port Select the default tag priority for this port when adding a Tag to Tag Priority the untagged frames Queuing Mode Select which Queuing mode for this port Setting Queue weighted Low Normal Medium High if the Queue Weighted Queuing Mode is Weighted 5 1 8 3 QoS Control List This page lists the QCEs for a given QCL Fra
6. e s e amp amp amp amp amp e amp The following table describes the labels in this screen ORing Industrial Networking Corp 130 IGPS 7084GP Series User s Manual Configure port setting action port Schedule mode Schedule mode enable or disable Selctall Select all Data amp Time Set up enable Time Sunday Saturday Set up enable Data 5 1 15 8 Auto Ping Check You can control the POE function by using the ping command in order to turn on or off other POE device which connect with port assign Auto Ping Check Ping Check aa TU seconds seconds 1 error 0 total 0 In 2 10 error 0 total 0 3 error 0 total 0 4 10 error 0 total 0 5 error 0 total 0 6 10 error 0 total 0 H error 0 total 0 ing 8 10 error 0 total 0 Nothing v Auto refresh L Refresh The following table describes the labels in this screen Ping Check Enable or disable Ping Check function You can appoint to want to control P O E port number Ping IP Address Set up ip Address Interval Time Spacing interval to set up Ping 10 Sec 120 Sec Retry Time Set up the number of times of ping Failure Log Note down Ping Check a result of movement after starting Failure Action Set up movements wanted to carry out Reboot Time Switch ping check failure P O E restarts the buffer time of switch ORing Industrial Networking Corp 131 e e e IGPS 7084GP Series User s Man
7. IGPS 7084GP Industrial Managed Ethernet Switch User s Manual Version 3 0 Feb 2013 www oring networking com ORing Industrial Networking Corp J e IGPS 7084GP Series User s Manual COPYRIGHT NOTICE Copyright O 2010 ORing Industrial Networking Corp All rights reserved No part of this publication may be reproduced in any form without the prior written consent of ORing Industrial Networking Corp TRADEMARKS omo e is a registered trademark of ORing Industrial Networking Corp All other trademarks belong to their respective owners REGULATORY COMPLIANCE STATEMENT Product s associated with this publication complies comply with all applicable regulations Please refer to the Technical Specifications section for more details WARRANTY ORing warrants that all ORing products are free from defects in material and workmanship for a specified warranty period from the invoice date 5 years for most products ORing will repair or replace products found by ORing to be defective within this warranty period with shipment expenses apportioned by ORing and the distributor This warranty does not cover product modifications or repairs done by persons other than ORing approved personnel and this warranty does not apply to ORing products that are misused abused improperly installed or damaged by accidents Please refer to the Technical Specifications section for the actual warranty period s of the product s asso
8. lt ip_flags gt udp lt sip gt dip lt sport gt lt dport gt lt ip_flags gt tcp lt sip gt lt dip gt lt sport gt lt dport gt lt ip_flags gt lt tcp_flags gt permitldeny lt rate_limiter gt lt port_copy gt lt logging gt lt shutdown gt Delete lt ace_1d gt Lookup lt ace_id gt ORing Industrial Networking Corp 142 es IGPS 7084GP Series User s Manual Mirror Configuration lt port_list gt lirror Port port ldisable Mode lt port_list gt enableldisablelrxltx Save ip server file name Load ip server file name check Engine ID lt engineid gt Community Add community lt ip_addr gt ip mask Community Delete index Community Lookup index User Add lt engineid gt user name MDSISHA lt auth_password gt DES priv password User Delete index User Changekey lt engineid gt user name auth password priv password View Add view name includedlexcluded oid subtree View Delete index View Lookup lt index gt Access Add group name security model security level read view name write view name Access Delete index d Access Lookup lt index gt ORing Industrial Networking Corp 143 es IGPS 7084GP Series User s Manual Firmware Firmware gt Load ip addr string file name fault
9. 1000BASE TX TN UTP 100 m 328ft RJ 45 4 1 1 100BASE TX 10BASE T Pin Assignments With 100BASE TX 10BASE T cable pins 1 and 2 are used for transmitting data and pins 3 and 6 are used for receiving data 10 100 Base T RJ 45 Pin Assignments o 08 E Dr tae 0008 Mae Nt ORing Industrial Networking Corp 12 IGPS 7084GP Series User s Manual 1000 Base T RJ 45 Pin Assignments The IGPS 7084GP Series switches support auto MDI MDI X operation You can use a straight through cable to connect PC to switch The following table below shows the 10BASE T 100BASE TX MDI and MDI X port pin outs 10 100 Base T MDI MDI X pins assignment eases bam ete Med 1000 Base T MDI MDI X pins assignment Note and signs represent the polarity of the wires that make up each wire pair ORing Industrial Networking Corp 13 e IGPS 7084GP Series User s Manual 4 2 SFP The Switch has fiber optical ports with SFP connectors The fiber optical ports are in multi mode 0 to 550M 850 nm with 50 125 um 62 5 125 um fiber and single mode with LC connector Please remember that the TX port of Switch A should be connected to the RX port of Switch B Switch A Switch B Fiber cord 4 3 Console Cable IGPS 7084GP Series switches can be management by console port The DB 9 to RJ 45 cable can be found in the package You can connect them to PC via a RS 232 cable with DB 9 female connector and the oth
10. IGPS 7084GP Series User s Manual 5 1 4 3 5 LACP Statistics This page provides an overview for LACP statistics for all ports LACP Statistics Auto refresh L Port LACP LACP Discarded Transmitted Received Unknown Illegal ecOooooo iD 0 s OS Un e DJ NJ ta 0 o 0 o 0 o 0 o 0 o 0 o cOoOOOOOOooozcdc eoOooooc rei remm OOOO O Discarded Shows how many unknown or illegal LACP frames have been discarded at each port Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh regular intervals Clear Clears the counters for all ports ORing Industrial Networking Corp 35 IGPS 7084GP Series User s Manual 5 1 4 4 Loop Gourd This feature prevents the loop attack When the port receives loop packet This port will auto disable prevent the loop attack affect other network devices Loop Guard Port State I W MJ PH LOO OO Loop Guard Enable or Disable 5 1 5 Redundancy 5 1 5 1 MRP MRP Media Redundancy Protocol Ring IEC 62439 of up to 50 devices typically transforms back to a line structure within 80 ms adjustable to max 200 ms 500 ms MRP Enable M Manager W React on Link Change ist Ring Port LinkDown 2nd Ring Port Forwarding Enable Enabling the MRP function Manager MRP Master every one MRP topology need setting one device to Manager one MRP topology only can setting one de
11. Ping Size ORing Industrial Networking Corp 122 e IGPS 7084GP Series Users Manual PING6 server 192 168 10 1 sendto sendto sendto sendto sendto Sent 5 packets received 0 OK 0 bad 5 1 13 Factory Defaults You can reset the configuration of the stack switch on this page Only the IP configuration is retained Factory Defaults Are you sure you want to reset the configuration to Factory Defaults Yes Yes Click to reset the configuration to Factory Defaults No Click to return to the Port State page without resetting the No configuration ORing Industrial Networking Corp 123 e Orna 5 1 14 System Reboot You can reset the stack switch on this page After reset the system will boot normally as if you had powered on the devices Warm Reset Are you sure you want to perform a Warm Restart Click to reboot device Click to return to the Port State page without rebooting 5 1 15 Power Over Ethernet 5 1 15 1 PoE Configuration Reserved Power determined There are three modes for configuring how the ports PDs may reserve power Power Over Ethernet Configuration Reserved Power LLDP determined by 9 Allocation MED Power Management Mode Actual Reserved Consumption Power Primary Power Supply W 240 Port PoE Enabled Priority Maximum Power W ow 3 E ORing Industrial Networking Corp 124 IGPS 7084GP Series User s Manual Allocat
12. Therefore an age period of T will require the client to send frames more frequent than T 2 for him to stay authenticated This setting applies to ports running MAC based authentication only If the RADIUS server denies a client access or a RADIUS server request times out according to the timeout specified on the eid Time Authentication configuration page the client is put on hold in the Unauthorized state In this state frames from the client will not cause the switch to attempt to reauthenticate the client The Hold Time which can be set to a number between 10 and 1000000 seconds determines the time after an EAP Failure indication or RADIUS timeout that a client is not allowed access Pot The port number for which the configuration below applies Sets the authentication mode to one of the following options only used when 802 1X or MAC based authentication is globally Admin State enabled Auto Requires an 802 1X aware client supplicant to be authorized by the authentication server Clients that are not ORing Industrial Networking Corp 98 Port State Max Clients ORing Industrial Networking Corp IGPS 7084GP Series User s Manual 802 1X aware will be denied access Authorized Forces the port to grant access to all clients 802 1X aware or not The switch transmits an EAPOL Success frame when the port links up Unauthorized Forces the port to deny access to all clients 802 1X aware or not The switch
13. p Alarm PortLinkDown lt port_list gt enableldisable didi Alarm PowerFailure pwrllpwr2lpwr3 enableldisable SFLOW mode enableldisable version v2lv5 rate lt integer gt SFLOW interval lt integer gt coladdr lt ip_addr gt colport lt integer gt ORing Industrial Networking Corp 144 Technical Specifications ORing Switch Model IGPS 7084GP Physical Ports 10 100 1000Base T X with P S E ports in RJ 45 Auto MDI MDIX Technology IEEE 802 3 for 10Base T IEEE 802 3u for 100Base TX IEEE 802 3z for 1000Base X IEEE 802 3ab for 1000Base T IEEE 802 3x for Flow control IEEE 802 3ad for LACP Link Aggregation Control Protocol IEEE 802 1D for STP Spanning Tree Protocol IEEE 802 1p for COS Class of Service IEEE 802 1Q for VLAN Tagging IEEE 802 1w for RSTP Rapid Spanning Tree Protocol IEEE 802 1s for MSTP Multiple Spanning Tree Protocol IEEE 802 1x for Authentication IEEE 802 1AB for LLDP Link Layer Discovery Protocol IEEE 802 3at PoE specification up to 30 Watts per port for P S E MAC Table 8192 MAC addresses Priority Queues 4 Ethernet Standards Processing Store and Forward Switching latency 7 us Switching bandwidth 24Gbps Switch Properties Max Number of Available VLANs 256 IGMP multicast groups 128 for each VLAN Port rate limiting User Define Device Binding security feature Enable disable ports MAC based port security Port based network access control 8
14. 0 0 0 0 68732985 608732987 4957477883 4957477932 25204638 0 IW 0 0 kk E Hi E Ei d mom eGoococoodoodoooco A O 0 0 0 O 0 0 0 a 0 0 0 0 O 0 0 O The logical port for the settings contained in the same row The number of received and transmitted packets per port The number of received and transmitted bytes per port The number of frames received in error and the number of incomplete transmissions per port The number of frames discarded due to ingress or egress congestion The number of received frames filtered by the forwarding process Check this box to enable an automatic refresh of the page at regular Auto refresh intervals Updates the counters entries starting from the current entry ID Flushes all counters entries 5 1 12 2 2 Detailed Statistics This page provides detailed traffic statistics for a specific switch port Use the port select box to select which switch port details to display The displayed counters are the totals for receive and transmit the size counters for receive and transmit and the error counters for receive and transmit Detailed Statistics Receive amp Transmit Total ORing Industrial Networking Corp 116 Detailed Port Statistics Port 1 Auto refresh Ll Recelve Total Rx Packets Rx Octets Rx Unicast Rx Multicast Rx Broadcast Rx Pause Receive 5ize Counters Rx 64 Bytes Rx 65 127 Bytes Rx 128 255 Bytes Rx 256 511 Bytes Rx 512 1023 Bytes Rx 1024 1526 By
15. Configuration Frame Type mode IGPS 7084GP Series User s Manual F E S QU oM Fc 3 VLAN Port 1 Configuration gt Mode specific ID 50 VLAN Port Configuration AL Specific v A For egress port 1 VLAN Membership Configuration setting port 2 amp VID 50 VLAN Membership Configuration Port Members OO Port Members OI Delete VLAN ID 1 2 3 4 5 e 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 O Mo ME aaa ORing Industrial Networking Corp 50 e IGPS 7084GP Series User s Manual 2 VLAN Port 2 Configuration don t care VLAN Aware VLAN Port Configuration Port VLAN Mode ID E E AK Ww Spec i m gt _ 3 VLAN Port 2 Configuration gt Mode specific D 50 any packet can enter egress port VLAN Port Configuration 802 1Q Access port Setting For ingress port 1 VLAN Membership Configuration setting port amp VID 50 VLAN Membership Configuration Port Members pe PortMembers Delete VLAN ID 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 O ORing Industrial Networking Corp 51 e Cer IGPS 7084GP Series User s Manual 2 VLAN Port Configuration gt Enable VLAN Aware VLAN Port Configuration VLAN Aware 2 Specific 3 LI 4 C All v Specific 3 VLAN Port Configuration gt Mode specific D 50 VLAN Port Configuration All All Al Al 000k
16. Console port RJ 45 LED for P O E Status 10 LED for Ethernet ports link status c m I Ss 11 LED for Ethernet ports speed status 12 10 100 1000Base T X ports 13 LED for SFP ports link status 14 1000 Base X SFP 3 2 Front Panel LEDs DC Power module 2activated Ring has only One link lack Slowly blinking of one link to build the ring Fast blinking Ring work normally Fault relay Power failure or Amber Port down fail 10 100Base T X Fast Ethernet ports uw Geen o TT Fun Duplex Amber on Pot works under tul duplex Gigabit Ethernet ports SFP ORing Industrial Networking Corp 10 IGPS 7084GP Series User s Manual 3 3 Top view Panel The bottom panel components of IGPS 7084GP Series are showed as below 1 Terminal block includes PWR1 PWR2 12 48V DC 2 Ground wire PWR 2 Fault PWR 1 Firfe 1A 24V V2 V24 V1 V1 X DC12 48V ORing Industrial Networking Corp 11 e IGPS 7084GP Series User s Manual Cables 4 1 Ethernet Cables The IGPS 7084GP series switches have standard Ethernet ports According to the link type the switches use CAT 3 4 5 5e UTP cables to connect to any other network device PCs servers switches routers or hubs Please refer to the following table for cable specifications Cable Types and Specifications 10BASE T Cat 3 4 5 100 ohm UTP 100 m 328 ft RJ 45 100BASE TX Cat 5 100 ohm UTP UTP 100 m 328 ft HJ 45 Cat 5 Cat 5e 100 ohm
17. Controls whether the operEdge flag should start as beeing set or AdminEdge cleared The initial operEdge state when a port is initialized Controls whether the bridge should enable automatic edge AutoEdge detection on the bridge port This allows operEdge to be derived from whether BPDU s are received on the port or not If enabled causes the port not to be selected as Root Port for the CIST or any MSTI even if it has the best spanning tree priority vector Such a port will be selected as an Alternate Port after the Root Port has been selected If set it can cause lack of spanning Restricted Role tree connectivity It can be set by a network administrator to prevent bridges external to a core region of the network influencing the spanning tree active topology possibly because those bridges are not under the full control of the administrator This feature is also know as Root Guard If enabled causes the port not to propagate received topology change notifications and topology changes to other ports If set it can cause temporary loss of connectivity after changes in a spanning trees active topology as a result of persistent incorrectly Hesnieted EON learned station location information lt is set by a network administrator to prevent bridges external to a core region of the network causing address flushing in that region possibly because those bridges are not under the full control of the administrator or is the physical link stat
18. Low High and Critical The priority is used in the case where the remote devices requires uses more power than power supply can deliver In this case the port with the lowest priority will be turn off starting from the port with the lowest port number Maximum Power The Maximum Power value contains a numerical value that indicates the maximum power in watts that can be delived to a remote device The maximum allowed value is 102 3 W Click to save changes Click to undo any changes made locally and revert to previously saved values 5 1 15 5 Power over Ethernet Status This page allows the user to inspect the current status for all PoE ports Power Over Ethernet Status Auto refresh L Local Port PD class Power Reserved Power Used Current Used Priority Port Status O mA No PD detected O mA No PD detected O mA No PD detected O mA No PD detected O mA Mo PD detected O mA No PD detected O mA No PD detected O mA No PD detected Total O mA Local Port This is the logical port number for this row Power Reserved The Power Reserved shows how much the power the PD has reserved Power Used The Power Used shows how much power the PD currently is using Current Used The Power Used shows how much current the PD currently is ORing Industrial Networking Corp 128 IGPS 7084GP Series User s Manual The Priority shows the port s priority configured by the user Port Status The Port Status show
19. The field shows the VLAN ID TCP UDP Port The field shows the TCP UDP port range DSCP The field shows the IPv4 IPv6 DSCP value Traffic Class The QoS class associated with the QCE You can modify each QCE in the table using the following buttons Modification Buttons e Inserts a new QCE before the current row ORing Industrial Networking Corp 71 IGPS 7084GP Series User s Manual Edits the QCE Moves the QCE up the list Moves the QCE down the list Deletes the QCE The lowest plus sign adds a new entry at the bottom of the list of QCL 5 1 8 4 Queuing Counters This page provides statistics for the different queues for all switch ports Queuing Counters Auto refresh Port Low Queue Normal Queue Medium Queue High Queue Receive Transmit Receive Transmit Receive Transmit Receive Transmit 313 0 O O 1 232 0 o A A 0 4452 200516 0 0 O 0 g 3446 O o O A 200534 29 g O O 0 05 195 4 a a A A n n n Pot The logical port for the settings contained in the same row There are 4 QoS queues per port with strict or weighted queuing Low Queue o m scheduling This is the lowest priority queue This is the normal priority queue of the 4 QoS queues It has higher Normal Queue o priority than the Low Queue This is the medium priority queue of the 4 QoS queues It has higher Medium Queue m priority than the Normal Queue High Queue This is the highest priority queue
20. carried in the most recently received dotixAuthLastEapolFrameVersion EAPOL frame MAC based Not applicable Port based The source MAC address carried in the most recently received EAPOL dotixAuthLastEapolFrameSource frame MAC based Not applicable Port based The user name supplicant identity carried in the most recently Identity received Resp ID EAPOL frame or Last MAC based Client The MAC address of the last client that attempted to authenticate left most table or the MAC address of the currently selected client right most table This table is only available for MAC based ports Each row in the table represents a MAC based client on the port and there are three parameters for each client MAC Address Shows the MAC address of the client which is also used as the 103 IGPS 7084GP Series User s Manual password in the authentication process against the backend server Clicking the link causes the clients backend server counters to be shown in the right most backend server counters table above If no clients are attached it shows No clients attached otate Shows whether the client is authorized or unauthorized As long as the backend server hasn t successfully authenticated a client it is unauthorized Last Authentication Show the date and time of the last authentication of the client This gets updated for every re authentication of the client Authentication Configuration Client Configurat
21. device s port that is sourcing the power There are three levels of power priority The ORing Industrial Networking Corp 129 IGPS 7084GP Series User s Manual three levels are Critical High and Low If the power priority is unknown it is indicated as Unknown Maximum Power The Power Value contains a numerical value that indicates the maximum power in watts required by a PD device from a PSE device or the minimum power a PSE device is capable of sourcing over a maximum length cable based on its current configuration The maximum allowed value is 102 3 W If the device indicates value higher than 102 3 W it is represented as reserved Click to refresh the page immediately Auto refresh L Check this box to enable an automatic refresh of the page at regular intervals 5 1 15 7 PoE Schedule User can appointed date and time Enable or Close Power Over Ethernet Function switch can with according to the time when is set up carry on the designated movements SNTP Function must Enable Power Over Ethernet Schedule Configuration Configure port EC E Sun Mon Tue Wed Thu Fri Sat UU 01 e Ix amp amp amp amp amp amp EE amp amp lt amp S lt s e s e amp amp amp e amp le Es E s amp amp amp e amp E amp amp amp amp amp amp amp amp E amp amp amp s amp amp
22. do some actions when DDOS attack happened on this port Configure these setting helps the prevention become more suitable DDOS Prevention Socket Number Mode Sensibili Packet Type Filter Action Status YP Low High 1 Enabled Normal e TCP v 80 80 Destination e Running 2 Normal se TCP v 80 80 Destination Blocking 1 minute 3 Normal TCP v 80 80 Destination Blocking 10 minute i al F Y a tinn wel Blocking 4 Normal vi TCP v ai i 80 Destination v geg Da thait 5 Normal e TCP k 80 80 Destination Y l 6 Normal e TCP v 80 80 Destination e 7 Normal ze TCP v 80 80 Destination NH 8 Normal e TCP Md 80 80 Destination v 9 Normal TCP v 80 80 Destination v NH 10 Normal se TCP v 80 80 Destination ei v 11 Normal e TCP v 80 80 Destination I ORing Industrial Networking Corp 79 e IGPS 7084GP Series Users Manual Mode Enable Disable DDOS Prevention of the port Indicates the level of DDOS detection Possible levels are Low Low sensibility Sensibility Normal Normal sensibility Medium Medium sensibility High High sensibility Indicates the packet type of DDOS monitor Possible types are RX Total Total ingress packets RX Unicast Un
23. filter for this ACE Any No VLAN ID filter is specified VLAN ID filter status is VLAN ID Filter don t care opecific If you want to filter a specific VLAN ID with this ACE choose this value A field for entering a VLAN ID number appears ORing Industrial Networking Corp 86 IGPS 7084GP Series User s Manual When Specific is selected for the VLAN ID filter you can enter a VLAN ID specific VLAN ID number The allowed range is 1 to 4095 A frame that hits this ACE matches this VLAN ID value Specify the tag priority for this ACE A frame that hits this ACE matches this tag priority The allowed number range is O to 7 The Tag Priority m ME value Any means that no tag priority is specified tag priority is don t care IP Parameters IP Protocol Filter IP Protocol Value 6 IP TTL Mon zero IP Fragment IP Option SIP Filter SIP Address SIP Mask DIP Filter DIP Address DIP Mask opecify the IP protocol filter for this ACE Any No IP protocol filter is specified don t care opecific If you want to filter a specific IP protocol filter with this ACE choose this value A field for entering an IP protocol filter appears ICMP Select ICMP to filter IPv4 ICMP protocol frames Extra fields for defining ICMP parameters will appear These fields are explained IP Protocol Filter later in this help file UDP Select UDP to filter IPv4 UDP protocol frames Extra fields for defining UDP parameter
24. information generated at the boundary of an MSTI region lt defines how many bridges a root bridge can distribute its BPDU information Valid values are in the range 4 to 30 seconds and MaxAge must be lt FwdDelay 1 2 The number of BPDU s a bridge port can send per second When Transmit Hold Count exceeded transmission of the next BPDU will be delayed Valid values are in the range 1 to 10 BPDU s per second Click to save changes Click to undo any changes made locally and revert to previously saved values MSTI Mapping This page allows the user to inspect the current STP MSTI bridge instance priority configurations and possibly change them as well MSTI Configuration Add VLANs separated by spaces or comma Unmapped VLANs are mapped to the CIST The default bridge instance Configuration Identification Configuration Name O00 1e 234 ff ff ff Configuration Revision MSTI Mapping VLANs Mapped MST1 MST2 MST3 MST4 MST5 MST MST ORing Industrial Networking Corp 40 IGPS 7084GP Series User s Manual The name identifiying the VLAN to MSTI mapping Bridges must share the name and revision see below as well as the Configuration Name VLAN to MSTI mapping configuration in order to share spanning trees for MSTI s Intra region The name is at most 32 characters Configuration The revision of the MSTI configuration named above This must MET The bridge instance The CIST is n
25. number of clients allowed on a given port can be configured through the list box and edit control for this setting Choosing the value All from the list box allows the port to 99 IGPS 7084GP Series User s Manual consume up to 48 client state machines Choosing the value Specific from the list box opens up for entering a specific number of maximum clients on the port 1 to 48 The switch is born with a pool of state machines from which all ports draw whenever a new client is seen on the port When a given ports maximum is reached both authorized and unauthorized clients count further new clients are disallowed access Since all ports draw from the same pool it may happen that a configured maximum cannot be granted if the remaining ports have already used all available state machines Two buttons are available for each row The buttons are only enabled when authentication is globally enabled and the port s Admin State is Auto or MAC Based Clicking these buttons will not cause settings changed on the page to take effect Reauthenticate Schedules a reauthentication to whenever the quiet period of the port runs out port based authentication For MAC based authentication reauthentication will be attempted immediately The button only has effect for successfully authenticated ports clients and will not cause the port client to get temporarily unauthorized Reinitialize Forces a reinitialization of the por
26. of the 4 QoS queues Receive Transmit The number of received and transmitted packets per port ORing Industrial Networking Corp 12 Orang IGPS 7084GP Series User s Manual 5 1 8 5 Wizard This handy wizard helps you set up a QCL quickly Welcome to the QCL Configuration Wizard Please select an action Set up IP Cam High Performance Increase IP Cam performance Set up Port Policies Group ports into several types according to different QCL policies Set up Typical Network Application Rules Set up the specific OCL for different typical network application quality control Set up ToS Precedence Mapping Set up the traffic class mapping to the precedence part of ToS 3 bits when receiving IPv4 IPv6 packets Set up VLAN Tag Priority Mapping Set up the traffic class mapping to the user priority value 3 bits when receiving VLAN tagged packets To continue click Next Set up Group ports into several types according to different QCL policies Port Policies Set up Typical Set up the specific QCL for different typical network application Network quality control Application Rules Set up ToS Set up the traffic class mapping to the precedence part of ToS 3 bits when receiving IPv4 IPv6 packets Precedence Mapping Set up VLAN Tag Set up the traffic class mapping to the User Priority value 3 bits Priority Mapping when receiving VLAN tagged packets ORing Industrial Networ
27. sends an EAP Request packet following the first to the supplicant Indicates that the backend server chose an EAP method MAC based Not applicable Port and MAC based Counts the number of times that the switch receives a success indication Indicates that the supplicant client has successfully authenticated to the backend server Port and MAC based Counts the number of times that the switch receives a failure message This indicates that the supplicant client has not authenticated to the backend server Port based Counts the number of times that the switch attempts to send a supplicant s first response packet to the backend server Indicates the switch attempted communication with the backend server Possible retransmissions are dotixAuthBackendResponses not counted MAC based Counts all the backend server packets sent from the switch towards the backend server for a given port left most table or client right most table Possible retransmissions are not counted Access Challenges dotixAuthBackendAccessChallenges Other Requests dotixAuthBackendOtherRequestsToSupplicant Auth successes dotixAuthBackendAuthSuccesses Auth Failures dotixAuthBackendAuthFails For MAC based ports this section is embedded in the backend server counter s section Information about the last supplicant client that attempted to authenticate Last Supplicant Client Info IEEE Name Description Port based The protocol version number
28. the dynamic MAC Table and configure the static MAC table here MAC Address Table Configuration Aging Configuration Disable Automatic Aging IM Age Time ORing Industrial Networking Corp 112 IGPS 7084GP Series User s Manual Static MAC Table Configuration Port Members Delete VLAN ID MAC Address 1 A 00 1E 94 98 89 89 L Add new static entry Aging Configuration By default dynamic entries are removed from the MAC after 300 seconds This removal is also called aging Configure aging time by entering a value here in seconds for example Age ma seconds The allowed range is 10 to 1000000 seconds Disable the automatic aging of dynamic entries by checking E Disable automatic aging MAC Table Learning If the learning mode for a given port is grayed out another module is in control of the mode so that it cannot be changed by the user An example of such a module is the MAC Based Authentication under 802 1 X Each port can do learning based upon the following settings MAC Table Learning Port Members Learning is done automatically as soon as a frame with unknown SMAC is received Only static MAC entries are learned all other frames are dropped Note Make sure that the link used for managing the switch is added to the Static Mac Table before changing to secure learning ORing Industrial Networking Corp 113 IGPS 7084GP Series User s Manual mode otherwise the management link is lost and c
29. transmits an EAPOL Failure frame when the port links up MAC Based Enables MAC based authentication on the port The switch doesn t transmit or accept EAPOL frames on the port Flooded frames and broadcast traffic will be transmitted on the port whether or not clients are authenticated on the port whereas unicast traffic against an unsuccessfully authenticated client will be dropped Clients that are not yet successfully authenticated will not be allowed to transmit frames of any kind The current state of the port It can undertake one of the following values Disabled 802 1X and MAC based authentication is globally disabled Link Down 802 1X or MAC based authentication is enabled but there is no link on the port Authorized The port is authorized This is the case when 802 1X authentication is enabled the port has link and the Admin State is Auto and the supplicant is authenticated or the Admin State is Authorized Unauthorized The port is unauthorized This is the case when 802 1X authentication is enabled the port has link and the Admin State is Auto but the supplicant is not yet authenticated or the Admin State is Unauthorized X Auth Y Unauth X clients are currently authorized and Y are unauthorized This state is shown when 802 1X and MAC based authentication is globally enabled and the Admin State is set to MAC Based This setting applies to ports running MAC based authentication only The maximum
30. 0 to 85 C 40 to 185 F Operating Temperature 40 to 70 C 40 to 158 F Operating Humidity 596 to 9596 Non condensing Regulatory approvals FCC Part 15 CISPR EN55022 class A EN61000 4 2 ESD EN61000 4 3 RS EN61000 4 4 EFT EN61000 4 5 Surge EN61000 4 6 CS EN61000 4 8 EN61000 4 11 Warranty 5 years ORing Industrial Networking Corp 1
31. 02 1x Security Features VLAN 802 1Q to segregate and secure network traffic Radius centralized password management SNMPv3 encrypted authentication and access security Https SSH enhance network security STP RSTP MSTP IEEE 802 1D w s Redundant Ring O Ring with recovery time less than 30ms over 250 units TOS Diffserv supported Quality of Service 802 1p for real time traffic VLAN 802 1Q with VLAN tagging and GVRP supported IGMP Snooping Software Features IP based bandwidth management Application based QoS management DOS DDOS auto prevention Port configuration status statistics monitoring security DHCP Client Server SMTP Client O Ring Fast Recovery Mode STP RSTP MSTP RS 232 Serial Console Port RS 232 in RJ45 connector with console cable 115200bps 8 N 1 LED Indicators R M indicator Green indicate system operated in O Ring Master mode Network Redundancy IGPS 7084GP Series User s Manual Ring indicator Green indicate system operated in O Ring mode Fault indicator Amber Indicate excepted event occurred 10 100 1000Base T X RJ 45 port i Green for port Link Act indicator PoE indicator Green for PoE enable indicator 1000Base X Fiber port indicator Green for port Link Act Fault contact Power Reverse polarity protection Not Present Physical Characteristic Enclosure x 108 5 D x 154 3 8 x 4 2 7 x 6 06 inch Dimension W x D x H 96 4 Environmental Storage Temperature 4
32. 1970 01 01 02 14 14 0000 Od 02 14 14 Software Kernel Version v7 14 Software Version v1 00 Software Date 2013 02 05 15 51 53 0800 Auto refresh U Enable Location Alert Main interface ORing Industrial Networking Corp 16 Oring IGPS 7084GP Series User s Manual 5 1 2 Basic Setting 5 1 2 1 System Information The switch system information is provided here system Information Configuration System Name IGS 084GCP System Description Industrial 12 ports managed Gig System Location System Contact System Timezone Offset minutes System Information interface The textual identification of the contact person for this managed node together with information on how to contact this person System Contact The allowed string length is O to 255 and the allowed content is the ASCII characters from 32 to 126 An administratively assigned name for this managed node By convention this is the node s fully qualified domain name A domain name is a text string drawn from the alphabet A Za z System Name digits 0 9 minus sign No space characters are permitted as part of a name The first character must be an alpha character And the first or last character must not be a minus sign The allowed string length is O to 255 The physical location of this node e g telephone closet 3rd System Location floor The allowed string length is O to 255 and the allowed content is the ASCII characters
33. 44 IGPS 7084GP Series User s Manual establishing the active topology of the network Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports Valid values are in the range 1 to 200000000 Gs Controls the port priority This can be used to control priority of riority ports having identical port cost See above Click to save changes Click to undo any changes made locally and revert to previously ese saved values STP Bridges This page provides a status overview for all STP bridge instances The displayed table contains a row for each STP bridge instance where the column displays the following information STP Bridges Auto refresh Bridge ID Topology Topology Port Cost Flag Change Last 280 00 00 1E 94 FF FF FF 80 00 00 1E 94 FF FF FF MSN The Bridge Instance This is also a link to the STP Detailed Bridge Status Bridge ID The Bridge ID of this Bridge instance Root ID The Bridge ID of the currently elected root bridge Root Port The switch port currently assigned the root port role Root Path Cost For the Root Bridge this is zero For all other Root Cost Bridges it is the sum of the Port Path Costs on the least cost path to the Root Bridge The current state of the Topology Change Flag for this Bridge Topology Flag l instance Topology Change l l The time since last Topology Change occurred Last Refresh Click to refresh the page immediately ORing Industrial N
34. ACE The IEEE 802 3 descripts the value of Length Type Field specifications ORing Industrial Networking Corp 84 IGPS 7084GP Series User s Manual should be greater than or equal to 1536 decimal equal to 0600 hexadecimal ARP Only ARP frames can match this ACE Notice the ARP frames won t match the ACE with etnernet type IPv4 Only IPv4 frames can match this ACE Notice the IPv4 frames won t match the ACE with etnernet type Specify the action to take with a frame that hits this ACE Permit The frame that hits this ACE is granted permission for the ACE operation Deny The frame that hits this ACE is dropped Specify the rate limiter in number of base units The allowed range is Rate Limiter ME EM 1 to 15 Disabled indicates that the rate limiter operation is disabled Frames that hit the ACE are copied to the port number specified Port Copy here The allowed range is the same as the switch port number range Disabled indicates that the port copy operation is disabled opecify the logging operation of the ACE The allowed values are Enabled Frames matching the ACE are stored in the System Log Logging Disabled Frames matching the ACE are not logged Please note that the System Log memory size and logging rate is limited opecify the port shut down operation of the ACE The allowed values are Enabled If a frame matches the ACE the ingress port will be disabled Disabled Port shut down is disabled for
35. APOL Counters Total Response ID Responses Start Logoff Invalid Type Invalid Length Transmit Backend Server Counters Access Challenges Other Requests Auth Successes Auth Failures Last Supplicant Info Version These counters are not available for MAC based ports Supplicant frame counter statistics There are seven receive frame counters and three transmit frame counters EAPOL Counters Direction IEEE Name Description The number of valid EAPOL frames of an Total dotixAuthEapolFramesRx type that have been received by the ud The number of valid EAP Resp ID frames that have been received by the switch The number of valid EAPOL response frames EAPOL C Responses dotixAuthEapolRespFramesRx other uh a eme that have been ounters received by the switch Start dotixAuthEapolStartFramesRx all Bla cis that have The number of valid EAPOL logoff frames that have been received by the switch The number of EAPOL frames that have Invalid Type dotixAuthInvalidEapolFramesRx been received by the switch in which the frame type is not recognized The number of EAPOL frames that have Invalid Length dotixAuthEapLengthErrorFramesRx been received by the switch in which the Packet Body Length field is invalid The number of EAPOL frames of an E Total dotixAuthEapolFramesTx that have been transmitted by ll ral The number of EAP initial request frames that have been transmitted by the switch The number of valid EAP Request frames Requests dotixAut
36. Add new VLAN 2 VLAN Port Configuration gt Disable Port 1 VLAN Aware VLAN Port Configuration por pan mer zA pS Mode S CNN SE gt CH 3 d L ORing Industrial Networking Corp 57 e Orima IGPS 7084GP Series User s Manual 3 VLAN Port Configuration gt Port 1 Mode specific ID 50 VLAN Port Configuration Port VLAN Port VLAN Aware Frame Type Medea TD For egress port Port 2 1 VLAN Membership Configuration setting port amp VID 50 VLAN Membership Configuration Open in new window Port Members ete LI 1 M iv v v Iv MAMM M el jv Wl v vl Iv Ivi d ap MMEMMODODODODOOODODOOO Add new VLAN 2 VLAN Port Configuration gt Enable Port 2 3 VLAN Aware VLAN Port Configuration ORing Industrial Networking Corp 58 IGPS 7084GP Series User s Manual 3 VLAN Port Configuration gt Mode none only tag 50 packet can enter egress port VLAN Port Configuration All All 5 1 6 2 Private VLAN The Private VLAN membership configurations for the switch can be monitored and modified here Private VLANs can be added or deleted here Port members of each Private VLAN can be added or removed here Private VLANs are based on the source port mask and there are no connections to VLANs This means that VLAN IDs and Private VLAN IDs can be identical A port must be a member of both a VLAN and a Private VLAN to be able to forward packets By default a
37. All levels The time of the system log entry The MAC Address of this switch Check this box to enable an automatic refresh of the page at regular Auto refresh intervals Updates the system log entries starting from the current entry ID Flushes all system log entries Updates the system log entries starting from the first available entry Updates the system log entries ending at the last entry currently Updates the system log entries starting from the last entry currently 5 1 12 5 Cable Diagnostics This page is used for running the VeriPHY Cable Diagnostics VeriPHY Cable Diagnostics Open in new window Cable Status Port Pair A Length A PairB Length B Pair C Length C Pair D Length D Press to run the diagnostics This will take approximately 5 seconds If all ORing Industrial Networking Corp 120 IGPS 7084GP Series User s Manual ports are selected this can take approximately 15 seconds When completed the page refreshes automatically and you can view the cable diagnostics results in the cable status table Note that VeriPHY is only accurate for cables of length 7 140 meters 10 and 100 Mbps ports will be linked down while running VeriPHY Therefore running VeriPHY on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete Pot The port where you are requesting VeriPHY Cable Diagnostics Cable Status Port Port number Pair The status of the cab
38. Configure the rate for the port shaper The default value is 500 Shaper Rate This value is restricted to 500 1000000 when the Policer Unit is kbps and it is restricted to 1 1000 when the Policer Unit is Mbps Configure the unit of measure for the port shaper rate as kbps or NT Mbps The default value is kbps saved values 5 1 4 3 Port Trunk 5 1 4 3 1 Trunk Configuration This page is used to configure the Aggregation hash mode and the aggregation group Aggregation Mode Configuration Hash Code Contributors Source MAC Address Destination MAC Address IP Address TCP UDP Port Number Source MAC Address The Source MAC address can be used to calculate the destination port for the frame Check to enable the use of the ORing Industrial Networking Corp 30 IGPS 7084GP Series User s Manual Source MAC address or uncheck to disable By default Source MAC Address is enabled Destination MAC The Destination MAC Address can be used to calculate the Address destination port for the frame Check to enable the use of the Destination MAC Address or uncheck to disable By default Destination MAC Address is disabled IP Address The IP address can be used to calculate the destination port for the frame Check to enable the use of the IP Address or uncheck to disable By default IP Address is enabled TCP UDP Port The TCP UDP port number can be used to calculate the Number destination port for the frame Che
39. Determines the time the switch shall wait for the supplicant EAP Timeout response before retransmitting a packet Valid values are in the range 1 to 255 seconds This has no effect for MAC based ports Age Period This setting applies to ports running MAC based authentication ORing Industrial Networking Corp 97 IGPS 7084GP Series User s Manual only Suppose a client is connected to a 3rd party switch or hub which in turn is connected to a port on this switch that runs MAC based authentication and suppose the client gets successfully authenticated Now assume that the client powers down his PC What should make the switch forget about the authenticated client Reauthentication will not solve this problem since this doesn t require the client to be present as discussed under Reauthentication Enabled above The solution is aging of authenticated clients The Age Period which can be set to a number between 10 and 1000000 seconds works like this A timer is started when the client gets authenticated After half the age period the switch starts looking for frames sent by the client If another half age period elapses and no frames are seen the client is considered removed from the system and it will have to authenticate again the next time a frame is seen from it If on the other hand the client transmits a frame before the second half of the age period expires the switch will consider the client alive and leave it authenticated
40. Disabled Disabled Disabled ORing Industrial Networking Corp 118 IGPS 7084GP Series User s Manual The logical port for the settings contained in the same row Rx only Frames received at this port are mirrored to the mirror port Tx only Frames transmitted from this port are mirrored to the mirror Enabled Frames received and frames transmitted are mirrored to Note For a given port a frame is only transmitted once lt is therefore not possible to mirror Tx frames for the mirror port Because of this mode for the selected mirror port is limited to Select mirror mode Frames transmitted are not mirrored port Frames received are not mirrored Disabled Neither frames transmitted nor frames received are mirrored the mirror port Disabled or Rx only 5 1 12 4 System Log Information The switch system log information is provided here System Log Information Level All e The total number of entries is 1 for the given level Start from ID with entries per page ID Level Message Info 1970 01 01 00 01 09 0000 Port 1 Device 192 168 10 66 Alive Check mp The ID gt 1 of the system log entry The level of the system log entry The following level types are supported Info Information level of the system log Warning Warning level of the system log ORing Industrial Networking Corp IGPS 7084GP Series User s Manual Error Error level of the system log All
41. For egress port 1 VLAN Membership Configuration setting port amp VID 50 VLAN Membership Configuration Open in new window Se Port Members Delete Vip 112 3 4 5 6 7 0 9 10 12 12 13 10 15 re ra ro 1 e b b i i Li ili Li bel i i d Su ad dA dA dA dA d d d d ad d d d d d d dA dd Add new VLAN ORing Industrial Networking Corp 52 e IGPS 7084GP Series Users Manual 2 VLAN Port Configuration gt Disable VLAN Aware VLAN Port Configuration VLAN Aware Frame Type ge ID C e a y 1 3 LI A 3 VLAN Port Configuration gt Mode specific ID 50 untagged amp tag 50 packet can enter egress port VLAN Port Configuration VLAN Aware Frame Type BJ b le M ORing Industrial Networking Corp 53 IGPS 7084GP Series User s Manual 802 1Q Trunk port setting multi tag gt A RGS 7244GP For ingress port 1 VLAN Membership Configuration setting port 4 VID 11 22 33 VLAN Membership Configuration Open in new window Port Members petete ip 2 aa G e o dree O 1 Mi el Iv ME ei Wl kl MA E UL ud id ee Er RE RE WE WE RE RE WE RE WE RE WE iM id L 22 IV IL ET ET ET ET ET ET ET ET ET ET ET ET ET ET 33 eV IM dd ET ET ET ET ET EJ F1 ET FT ET ET ET EJ 2 VLAN Port Configuration Enable VLAN Aware VLAN Port Configuration VLAN Aware Frame Type Port VLAN Specific Specific All All wi Specific ORing Industr
42. Orang IGPS 7084GP Series User s Manual 2 2 Wall Mounting Installation Each switch has another installation method for users to fix the switch A wall mount panel can be found in the package The following steps show how to mount the switch on the wall Wall Mounting size ORing Industrial Networking Corp 8 Oring IGPS 7084GP Series User s Manual Hardware Overview 3 1 Front Panel The following table describes the labels that stick on the IGPS 7084GP series 4 1000BaseX on SFP port Copper Port 8 1000 Base T Use RS 232 with RJ 45 connecter to manage switch IGPS 7084GP e Reset 1 Ve HE PWR e IF 2 PWR1 3 14 611 PWR2 A IE R M 5 Ring i Gio Fault 13 H E 8 MOL abi 12 9 as NE TO 100 10007 11 10 E le Reset button Push the button 3 seconds for reset 5 seconds for factory default LED for PWR When the PWR UP the green led will be light on LED for PWR1 LED for PWR2 LED for R M Ring master When the LED light on it means that the switch is the ring IGPS 7084GP of ou E 9 ORing Industrial Networking Corp 9 e IGPS 7084GP Series User s Manual master of Ring LED for Ring When the led light on it means the Ring is activated LED for Ring When the led light on it means the O Ring is activated LED for Fault When the light on it means Power failure or Port down fail
43. Parity None Stop bits ho ex Flow control None y Restore Defaults UK Cancel Apply Disconnected Auto detect Auto detect SCROLL caps yum Capture Print echo E Step 5 The Console login screen will appear Use the keyboard to enter the Username and Password The same with the password for Web Browser then press Enter I6PS 0846P Command Line Interface Username _ Password ORing Industrial Networking Corp 135 gt IGPS 7084GP Series User s Manual CLI Management by Telnet Users can use TELNET to configure the switches The default value is as below IP Address 192 168 10 1 Subnet Mask 255 255 255 0 Default Gateway 192 168 10 254 User Name admin Password admin Follow the steps below to access the console via Telnet Step 1 Telnet to the IP address of the switch from the Windows Run command or from the MS DOS prompt as below HE Type the name of a program folder document or Internet resource and Windows will open it For vau telnet 192 168 10 1 Open OK Cancel Browse Step 2 The Login screen will appear Use the keyboard to enter the Username and Password The same with the password for Web Browser and then press Enter Go Telnet 192 1 68 z 1 0 E IGP5 7H8 4GP Command Line Interface Username m Password ORing Industrial Networking Corp 136 IGPS 7084GP Se
44. Pv3 communities table Indicates the SNMPv3 engine ID The string must contain an even number between 10 and 64 hexadecimal digits but all zeros and all F s are not allowed Change of the Engine ID will clear all original local users 61 SNMP Trap Configuration Trap Mode x Trap Version SNMP v1 v Trap Community Trap Destination Address NENNEN Trap Destination IPv6 Address BU Trap Authentication Failure Enabled Trap Link up and Link down Enabled Trap Inform Mode Enabled Trap Inform Timeout seconds A Trap Inform Retry Times IGPS 7084GP Series User s Manual Indicates the SNMP trap mode operation Possible modes are Trap Mode Enabled Enable SNMP trap mode operation Disabled Disable SNMP trap mode operation Indicates the SNMP trap supported version Possible versions are SNMP v1 Set SNMP trap supported version 1 SNMP v2c Set SNMP trap supported version 2c SNMP v3 Set SNMP trap supported version 3 Trap Version Indicates the community access string when send SNMP trap packet Trap Community The allowed string length is O to 255 and the allowed content is the ASCII characters from 33 to 126 Trap Destination Indicates the SNMP trap destination address Address Trap Destination IPv6 Address Provide the trap destination IPv6 address of this switch IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separates each field
45. Reports V2 Leave ID Status Transmit Receive Receive Receive Receive Receive Port Members VLAN ID Groups 1234567891011 12 The VLAN ID of the entry The present IGMP groups Max are 128 groups for each VLAN The ports that are members of the entry Show the Querier status is ACTIVE or IDLE The number of Transmitted Querier The number of Received V1 Reports V1 Reports Receive V2 Reports The number of Received V2 Reports Receive V3 Reports l The number of Received V3 Reports Receive V2 Leave Receive The number of Received V2 Leave Refresh Click to refresh the page immediately Clears all Statistics counters Check this box to enable an automatic refresh of the page at regular Auto refresh l intervals ORing Industrial Networking Corp 75 IGPS 7084GP Series User s Manual 5 1 10 Security 5 1 10 1 Remote Control Security Configuration Remote Control Security allows you limit the remote access of management interface When enabled the request of client which is not in the allow list will be rejected Remote Control Security Configuration Web Telnet SNMP d Port Port number of remote client IP address of remote client Keeps this field 0 0 0 0 means Any IP same Check nis tem to erable SNMP management trace 5 1 10 2 Device Binding This page provides Device Binding related configuration Device Binding is an powerful IP Address monitor for devices an
46. Statistics This page provides an overview of all LLDP traffic Two types of counters are shown Global counters are counters that refer to the whole stack switch while local counters refer to counters for the currently selected switch Auto refresh Global Counters Neighbor entries were last changed at 1970 01 01 04 03 03 0000 26 sec ago Total Neighbors Entries Added 1 Total Neighbors Entries Deleted 0 Total Neighbors Entries Dropped 0 Total Neighbors Entries Aged Out 0 LLDP Statistics Local Counters Local Port Tx Frames RxFrames RxErrors Frames Discarded TLVs Discarded TLVs Unrecognized Org Discarded Age Outs I e o eI o o o e Ei e E e Mo Mo Mo omo D e Mo Mo 5 e Bien Ei e Mo Mo Mo e Bil e IO e Mo Mo Mo Ca fa o Mio Mio Mo eI om cum oim omo OO0DOO0rOONOdA Oo CO Ea OO ECO ba O CO CO Global Counters Shows the time for when the last entry was last deleted or added Neighbor entries It is also shows the time elaP S E d since last change was were last changed at detected Total Neighbors Shows the number of new entries added since switch reboot ORing Industrial Networking Corp 23 IGPS 7084GP Series User s Manual Entries Added Total Neighbors Shows the number of new entries deleted since switch reboot Entries Deleted Total Neighbors Shows the number of LLDP frames dropped due to that the entry Entries Dropped table was full Total Neighbors Shows the number of entries de
47. System Tools Le HyperTerminal H Acrobat Reader 5 0 ia Address Book E3 Calculator EN command Prompt CH NetTime F Notepad Windows Update Y Paint a ES Windows Explorer En Accessories Network Associates F 1 Documents L Startup L 8 Internet Explorer al Outlook Express Search 3 Programs 3 Settings d ster e d d I ORing Industrial Networking Corp 133 Step 2 Input a name for new connection Connection Description i 7 x S New Connection Enter a name and choose an icon for the connection M ame cor Disconnected Auto detect Auto detect SCROLL caps NUM Capture Print echo Step 3 Select to use COM port number e termnial HyperTerminal File Edi View Call Transfer Help Comectro A i aa terminal Enter details for the phone number that you want to dial Enuntry region Taiwan 885 Area code Eed Phone number EAN Connect using m Cancel Disconnected Auto detect Auto detect SCROLL caps NLM Capture Print echo IGPS 7084GP Series User s Manual x Ol x ORing Industrial Networking Corp 134 Orang IGPS 7084GP Series User s Manual Step 4 The COM port properties setting 115200 for Bits per second 8 for Data bits None for Parity 1 for Stop bits and none for Flow control res ini x A1 xl PROS H ite D PELs COM Properties 5 Fort Settings Bits per second BE Data bits E
48. USE operation The number of frames dropped due to lack of receive buffers or Rx Drops egress congestion Rx CRC Alignment The number of frames received with CRC or alignment errors ORing Industrial Networking Corp 117 IGPS 7084GP Series User s Manual Rx Filtered The number of received frames filtered by the forwarding process The number of frames dropped due to output buffer congestion Tx Late Exc Coll The number of frames dropped due to excessive or late collisions Short frames are frames that are smaller than 64 bytes Long frames are frames that are longer than the configured maximum frame length for this port 5 1 12 3 Port Mirroring Configure port Mirroring on this page To debug network problems selected traffic can be copied or mirrored to a mirror port where a frame analyzer can be attached to analyze the frame flow The traffic to be copied to the mirror port is selected as follows All frames received on a given port also known as ingress or source mirroring All frames transmitted on a given port also known as egress or destination mirroring Port to mirror also knwon as the mirror port Frames from ports that have either source rx or destination tx mirroring enabled are mirrored to this port Disabled disables mirroring Mirror Configuration A Disabled Port Mode Disabled ze Disabled ze Disabled ze Disabled Disabled Disabled ze Disabled ze Disabled ze
49. ack to local authentication by checking this box If none of the configured authentication servers are alive the local user database is used for authentication This is only possible if the Authentication Method is set to something else than none or local ORing Industrial Networking Corp 105 IGPS 7084GP Series User s Manual RADIUS Authentication Server Status Overview Auto refresh Ll Refresh IP Address Sta tus Disab Disabl Disab b Disab Disable The RADIUS server number Click to navigate to detailed statistics for this server The IP address and UDP port number in IP Address UDP IP Address Port notation of this server The current state of the server This field takes one of the following values Disabled The server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and running and the RADIUS module is ready to accept access attempts Dead X seconds left Access attempts were made to this server but it did not reply within the configured timeout The server has temporarily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server is enabled RADIUS Accounting Server Status Overview IP Address Status Disabled Disabled Disabled Disable
50. an only be restored by using another non secure port or by connecting to the switch via the serial interface Static MAC Table Configuration The static entries in the MAC table are shown in this table The static MAC table can contain 64 entries The maximum of 64 entries is for the whole stack and not per switch The MAC table is sorted first by VLAN ID and then by MAC address Static MAC Table Configuration Port Members Delete VLAN ID MAC Address 12 3 4 5 6 7 8 9 1011 12 1 00 1E 34 98 89 89 MO L E11 L1 E1 E1 L1 E31 0 O 00 00 00 00 00 00 O O L1 E1 E1 E1 C1 C1 C1 C1 0 CJ 00 00 00 00 00 00 0 L1 C1 C1 E1 DJ DJ F1 F1 CJ 0 0 Add new static entry Checkmarks indicate which ports are members of the entry Port Members Check or uncheck as needed to modify the entry Click Add new static entry Adding a New Static to add a new entry to the Entry static MAC table Specify the VLAN ID MAC address and port members for the new entry Click Save 5 1 12 1 2 MAC Table Each page shows up to 999 entries from the MAC table default being 20 selected through the entries per page input field When first visited the web page will show the first 20 entries from the beginning of the MAC Table The first displayed will be the one with the lowest VLAN ID and the lowest MAC address found in the MAC Table The Start from MAC address and VLAN input fields allow the user to select the starting point in the MAC Table Clic
51. and the allowed content is the ASCII characters from 33 to 126 Indicates the security model that this entry should belong to Possible security models are NoAuth NoPriv None authentication and none privacy Auth NoPriv Authentication and none privacy Auth Priv Authentication and privacy The value of security level cannot be modified if entry already exists That means must first ensure that the value is set correctly Indicates the authentication protocol that this entry should belong to Possible authentication protocols are None None authentication protocol MD5 An optional flag to indicate that this user using MD5 authentication protocol SHA An optional flag to indicate that this user using SHA authentication protocol The value of security level cannot be modified if entry already exists That means must first ensure that the value is set correctly A string identifying the authentication pass phrase For MD5 authentication protocol the allowed string length is 8 to 32 For SHA authentication protocol the allowed string length is 8 to 40 The allowed content is the ASCII characters from 33 to 126 Indicates the privacy protocol that this entry should belong to Possible privacy protocols are None None privacy protocol DES An optional flag to indicate that this user using DES authentication protocol A string identifying the privacy pass phrase The allowed string length is 8 to 32 and the allowed conten
52. ater It is based on Java Applets with an aim to reduce network bandwidth consumption enhance access speed and present an easy viewing screen Note By default IE5 0 or later version does not allow Java Applets to open sockets You need to explicitly modify the browser setting in order to enable Java Applets to use network ports Preparing for Web Management The default value is as below IP Address 192 168 10 1 Subnet Mask 255 255 255 0 Default Gateway 192 168 10 254 User Name admin Password admin System Login 1 Launch the Internet Explorer 2 Type http and the IP address of the switch Press Enter ORing Industrial Networking Corp 15 IGPS 7084GP Series User s Manual File Edit View Favorites Tools Help ae pack a L P Search 5 Favorites E M a A 23 Address httpi 192 158 10 1 MBa Links gt 3 The login screen appears 4 Key in the username and password The default username and password is admin 5 Click Enter or OK button then the main interface of the Web based management appears index htm User name admin Password TIT Remember my password ce Login screen Main Interface Information Message system Name IGS 084GCP D Industrial 12 ports managed Gigabit Ethernet switch with amp xGigabit combo ports and 4x1000Base X SFP socket Location Contact 1 3 6 1 4 1 25972 100 0 0 67 00 18 94 11 22 33
53. ation CIST Aggregated Ports Configuration SMS Path Cost Priority Admin Edge Auto Edge ECT BPDU Guard pomt SI Role TCN a Port CIST Normal Ports Configuration SIP Enabled Restricted Point to BPDU Guard Role TCN point Port Path Cost Priority Admin Edge Auto Edge JE s s s El s m D ey ee eS lla lim lm AIA iio o lio follo ia A SIE Port The switch port number of the logical STP port STP Enabled Controls whether STP is enabled on this switch port Controls the path cost incurred by the port The Auto setting will set the path cost as appropriate by the physical link speed using the 802 1D recommended values Using the Specific setting a Path Cost user defined value can be entered The path cost is used when establishing the active topology of the network Lower path cost ports are chosen as forwarding ports in favor of higher path cost NE DCUM a Industrial Networking Corp 42 e IGPS 7084GP Series Users Manual A ports Valid values are in the range 1 to 200000000 EN Controls the port priority This can be used to control priority of riority ports having identical port cost See above Operational flag describing whether the port is connecting directly OpenEdge setate to edge devices No Bridges attached Transitioning to the flag forwarding state is faster for edge ports having operEdge true than for other ports
54. ation password B Confirm Password re enter password Recipient E mail The recipient s E mail address t supports 6 recipients for a Address mail Apply Click Apply to activate the configurations 5 1 11 2 3 Event Selection SYSLOG and SMTP are the two warning methods that supported by the system Check the corresponding box to enable system event warning method you wish to choose Please note that the checkbox cannot be checked when SYSLOG or SMTP is disabled System Warning Event Selection System Events SYSLOG SMTP System Start Power Status F SNMP Authentication Failure F Redundant Ring Topology Change SYSLOG w Link Up and Link Down zw s i Link Down led Disabled Disabled Disabled A Disabled Ww Disabled Disabled Disabled 1 2 3 4 D 6 Fi g 9 led Disabled System Warning Event Selection interface ORing Industrial Networking Corp 111 IGPS 7084GP Series User s Manual The following table describes the labels in this screen SNMP Authentication Alert when SNMP authentication failure Failure O Ring Topology Alert when O Ring topology changes Change Port Event Disable SYSLOG SMTP Link Up event Link Down Link Up amp Link Down Apply Click Apply to activate the configurations 5 1 12 Monitor and Diag 5 1 12 1 MAC Table 5 1 12 1 1 Configuration The MAC Address Table is configured on this page Set timeouts for entries in
55. can be used to divide a big ring into two smaller rings to avoid effecting all switches when network topology change It is a good application for connecting two Rings ORing Industrial Networking Corp 37 IGPS 7084GP Series User s Manual Coupling Port Link to Coupling Port of the switch in another ring Coupling Ring need four switch to build an active and a backup link Set a port as coupling port The coupled four ports of four switches will be run at active backup mode Dual Homing Mark to enable Dual Homing By selecting Dual Homing mode Ring will be connected to normal switches through two RSTP links ex backbone Switch The two links work as active backup mode and connect each Ring to the normal switches in RSTP mode Apply Click Apply to set the configurations Note We don t suggest you to set one switch as a Ring Master and a Coupling Ring at the same time due to heavy load 5 1 5 3 O Chain O Chain is the revolutionary network redundancy technology that provides the add on network redundancy topology for any backbone network providing ease of use while maximizing fault recovery swiftness flexibility compatibility and cost effectiveness in one set of network redundancy topologies O Chain allows multiple redundant network rings of different redundancy protocols to join and function together as a larger and more robust compound network topology i e the creation of multiple redundant networks beyond the limi
56. ciated with this publication DISCLAIMER Information in this publication is intended to be accurate ORing shall not be responsible for its use or infringements on third parties as a result of its use There may occasionally be unintentional errors on this publication ORing reserves the right to revise the contents of this publication without notice CONTACT INFORMATION ORing Industrial Networking Corp 4F NO 3 Lane235 Baociao Rd Sindian City Taipei County 23145 Taiwan R O C Tel 886 2 2918 3036 Fax 886 2 2918 3084 Website www oring networking com Technical Support E mail support oring networking com Sales Contact E mail sales oring networking com Headquarters salesOoring networking com cn China ORing Industrial Networking Corp 1 IGPS 7084GP Series User s Manual Table of Content Getting to Know Your SWitCh ooccconnnccconcccconcconcncnonnnnnonanonenannnenannnenananenannnnns 5 1 1 About the IGPS 7084GP Series Industrial Switch esses 5 1 2 SOIWare E 5 1 3 Hardware FO msi iaa 6 cia cil o AA 7 2 1 Ia ele Be Witch on DIN Ra anna 7 2 1 1 Mount IGPS 7084GP on DIN Ra 7 2 2 Wall Mounting Insiallaton canon 8 ale Ve TEE 9 3 1 EK MG i m UK tr pidele dci 9 3 2 elos la ME ee 10 3 3 TOD VIEW PAM aaa 11 MCAD 12 4 1 Ethernet O aDIOS 12 4 1 1 100BASE TX 10BASE T Pin Assignments occcccncncnnnnnnnnnnononnnnnnnnnnnnnnnnnnnnnnnnnnn
57. cimal notation When Network is selected for the sender IP filter you can enter a Sender IP Mask D specific sender IP mask in dotted decimal notation Specify the target IP filter for this specific ACE Any No target IP filter is specified Target IP filter is don t care Host Target IP filter is set to Host Specify the target IP address in Target IP Filter the Target IP Address field that appears Network Target IP filter is set to Network Specify the target IP address and target IP mask in the Target IP Address and Target IP Mask fields that appear When Host or Network is selected for the target IP filter you can Target IP Adress enter a specific target IP address in dotted decimal notation agar Mask When Network is selected for the target IP filter you can enter a Target IP Mask specific target IP mask in dotted decimal notation Specify whether frames can hit the action according to their sender hardware address field SHA settings ARP SMAC Match 0 ARP frames where SHA is not equal to the SMAC address 1 ARP frames where SHA is equal to the SMAC address Any Any value is allowed don t care Specify whether frames can hit the action according to their target hardware address field THA settings 0 RARP frames where THA is not equal to the SMAC address 1 RARP frames where THA is equal to the SMAC address Any Any value is allowed don t care RARP SMAC Match Specify whether fra
58. ck to enable the use of the TCP UDP Port Number or uncheck to disable By default TCP UDP Port Number is enabled Aggregation Group Configuration Open in new window Port Members 6 7 9 1 n OOOOOOQqgQ 0000o e o OOOOOOQg OOOOOOqg Indicates the group ID for the settings contained in the same row Group ID Normal indicates there is no aggregation Only one group ID is valid per port Port Members Each switch port is listed for each group ID Select a radio button to include a port in an aggregation or clear the radio button to remove the port from the aggregation By default no ports belong ORing Industrial Networking Corp 31 IGPS 7084GP Series User s Manual to any aggregation group Only full duplex ports can join an aggregation and ports must be in the same speed in each group 5 1 4 3 2 LACP Port Configuration This page allows the user to inspect the current LACP port configurations and possibly change them as well LACP Port Configuration Open I Port HH 4 4 BI a a IS 4 I lk e rt O 4 4 ko E Go c i EIS Sub 4 4 _ Active 2 v active iw LI d LI LI LI LI LI LI d LI L LI H nr Indicates the group ID for the settings contained in the same row Group ID Normal indicates there is no aggregation Only one group ID is valid per port LACP Enabled Each s
59. coming frames that match the source MAC and source IP on specific ports Set up DoS Attack Defense Rules Set up the specific ACL to defend DoS attack To continue click Mext oet up the default policy rules for Client ports Server ports Set up Policy Rules Network ports and Guest ports Set up Port Policies Group ports into several types according to different ACL policies Set up Typical E Set up the specific ACL for different typical network application Network Application access control Rules Set up Source MAC Strictly control the network traffic by only allowing incoming and Source IP P Bindi frames that match the source IP and source MAC on specific port inding Set up Dos Attack Set up the specific ACL to defend DoS attack Defense Rules ORing Industrial Networking Corp 94 e IGPS 7084GP Series User s Manual 5 1 10 4 802 1x This page allows you to configure the IEEE 802 1X and MAC based authentication system and port settings The IEEE 802 1X standard defines a port based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication One or more central servers the backend servers determine whether the user is allowed access to the network These backend RADIUS servers are configured on the Authentication configuration page MAC based authentication allows for authentication of more than one user on th
60. d Disabled The RADIUS server number Click to navigate to detailed ORing Industrial Networking Corp 106 IGPS 7084GP Series User s Manual BEEN statistics for this server The IP address and UDP port number in IP Address UDP Port notation of this server IP Address The current state of the server This field takes one of the following values Disabled The server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up and running and the RADIUS module is ready to accept accounting attempts Dead X seconds left Accounting attempts were made to this server but it did not reply within the configured timeout The server has temporarily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server is enabled The statistics map closely to those specified in RFC4668 RADIUS Authentication Client MIB Use the server select box to switch between the backend servers to show details for RADIUS Authentication Statistics for Server 1 0 0 0 0 1812 Auto refresh L Receive Packets Transmit Packets Access Accepts Access Rejects O Access Retransmissions Access Challenges O Pending Requests Malformed Access Responses 0 Timeouts Bad Authenticators Unknown Types Packets Droppec Othe
61. d decimal notation ARP Parameters ARP RARP ARP SMAC Match Request Reply RARP SMAC Match sender 1P Filter IP Ethernet Length Av Any Sender ID 1192 168 1 1 IP Sender IP Mask 255 255 255 0 Ethernet Target IP Filter Network IE ID Addrese 192 155 1 254 Target IP Mask 233 232 232 0 Specify the available ARP RARP opcode OP flag for this ACE Any No ARP RARP OP flag is specified OP is don t care ARP RARP ARP Frame must have ARP RARP opcode set to ARP RARP Frame must have ARP RARP opcode set to RARP Other Frame has unknown ARP RARP Opcode flag opecify the available ARP RARP opcode OP flag for this ACE Any No ARP RARP OP flag is specified OP is don t care Request Reply Request Frame must have ARP Request or RARP Request OP flag set Reply Frame must have ARP Reply or RARP Reply OP flag Specify the sender IP filter for this ACE Any No sender IP filter is specified Sender IP filter is don t care Host Sender IP filter is set to Host Specify the sender IP address in Sender IP Filter the SIP Address field that appears Network Sender IP filter is set to Network Specify the sender IP address and sender IP mask in the SIP Address and SIP Mask fields that appear Sender IP Address When Host or Network is selected for the sender IP filter you can ORing Industrial Networking Corp 89 e IGPS 7084GP Series Users Manual MO enter a specific sender IP address in dotted de
62. d for each port of a private VLAN When checked port isolation is enabled for that port When unchecked port isolation is disabled for that port By default port isolation is disabled for all ports 60 5 1 7 SNMP IGPS 7084GP Series User s Manual 5 1 7 1 SNMP System SNMP System Configuration Mode Version Enabled SNMP v2c HAIR Ta public Write Community Engine ID Version Read Community Write Community ORing Industrial Networking Corp Indicates the SNMP mode operation Possible modes are Enabled Enable SNMP mode operation Disabled Disable SNMP mode operation Indicates the SNMP supported version Possible versions are SNMP v1 Set SNMP supported version 1 SNMP v2c Set SNMP supported version 2c SNMP v3 Set SNMP supported version 3 Indicates the community read access string to permit access to SNMP agent The allowed string length is O to 255 and the allowed content is the ASCII characters from 33 to 126 The field only suits to SNMPv1 and SNMPv2c SNMPv3 is using USM for authentication and privacy and the community string will associated with SNMPv3 communities table Indicates the community write access string to permit access to SNMP agent The allowed string length is O to 255 and the allowed content is the ASCII characters from 33 to 126 The field only suits to SNMPv1 and SNMPv2c SNMPv3 is using USM for authentication and privacy and the community string will associated with SNM
63. d modified here Up to 64 VLANs are supported This page allows for adding and deleting VLANs as well as adding and deleting port members of each VLAN VLAN Membership Configuration Open in new window Port Members Delete VLAN ID 1 2 3 4 5 6 7 8 9 1011132 1 v be v be v kl ei kl v v iv E ORing Industrial Networking Corp 48 IGPS 7084GP Series User s Manual Checkmarks indicate which ports are members of the entry Port Members Check or uncheck as needed to modify the entry Add New VLAN Click a to add a new VLAN ID An empty row is added to the table and the VLAN can be configured as needed Legal values for a VLAN ID are 1 through 4095 The VLAN is enabled on the selected stack switch unit when you Adding a New Static D click on Save The VLAN is thereafter present on the other stack ntry switch units but with no port members A VLAN without any port members on any stack unit will be deleted when you click Save Delet The button can be used to undo the addition of new VLANs Example Portbased VLAN Setting For ingress port 1 VLAN Membership Configuration setting port 1 amp VID 50 VLAN Membership Configuration Port Members PE Delete VLAN 1p 121210 51617 Il a eet er ert get el ere ME ivl I UE CI C1 CI EI CJ EI CI CI EI EI EI EI EI EI CI CI DI ORing Industrial Networking Corp 49 e e 2 VLAN Port 1 Configuration gt Disable VLAN Aware VLAN Port
64. d network security Device Binding ST Ao Enable Alive Check Stream Check DDOS Device Prevention Active Status Active Status Active Status IP Address MAC Address Da 2 ST ce Ho 3 Shutdown a a Set DEEN ORing Industrial Networking Corp 76 IGPS 7084GP Series User s Manual Indicates the per port Device Binding operation Possible modes are Disable Scan Scan IP MAC automatically but no binding function Binding Enable binding function Under this mode any IP MAC doesn t match the entry will not be allowed to access the network Shutdown Shutdown the port No Link Alive Check Enable Disable Alive Check When enabled switch will ping the Active device continually Indicates the Alive Check status Possible statuses are Disable Got Reply Got ping reply from device that means the device is still Alive Check Satus l alive Lost Reply Lost ping reply from device that means the device might have been hanged Stream Check Enable Disable Stream Check When enabled switch will detect the stream change getting low from device Indicates the Stream Check status Possible statuses are Stream Check Disable Status Normal The stream is normal Low The stream is getting low DDoS Prevention Enable Disable DDOS Prevention When enabled switch will monitor the device to against DDOS attack from device Indicates the DDOS Prevention status Possibl
65. e for the attached LANs transitions frequently Controls whether the port connects to a point to point LAN rather than a shared medium This can be automatically determined or Point2Point 8 forced either true or false Transition to the forwarding state is faster for point to point LANs than for shared media Click to save changes ORing Industrial Networking Corp 43 IGPS 7084GP Series User s Manual Click to undo any changes made locally and revert to previously saved values MSTI Ports This page allows the user to inspect the current STP MSTI port configurations and possibly change them as well A MSTI port is a virtual port which is instantiated seperately for each active CIST physical port for each MSTI instance configured and applicable for the port The MSTI instance must be selected before displaying actual MSTI port configuration options This page contains MSTI port settings for physical and aggregated ports The aggregation settings are stack global MSTI Port Configuration MSTI Normal Ports Configuration Path Cost Description The switch port number of the corresponding STP CIST and MSTI port Controls the path cost incurred by the port The Auto setting will set the path cost as appropriate by the physical link speed using a os the 802 1D recommended values Using the Specific setting a user defined value can be entered The path cost is used when ORing Industrial Networking Corp
66. e is allowed don t care Specify the TCP Push Function PSH value for this ACE 0 TCP frames where the PSH field is set must not be able to match this entry 1 TCP frames where the PSH field is set must be able to match this entry Any Any value is allowed don t care opecify the TCP Acknowledgment field significant ACK value for this ACE 0 TCP frames where the ACK field is set must not be able to match this entry 1 TCP frames where the ACK field is set must be able to match this entry Any Any value is allowed don t care opecify the TCP Urgent Pointer field significant URG value for this ACE 0 TCP frames where the URG field is set must not be able to match this entry 1 TCP frames where the URG field is set must be able to match this entry Any Any value is allowed don t care 93 IGPS 7084GP Series User s Manual 5 1 10 3 4 Wizard This handy wizard helps you set up an ACL quickly Welcome to the ACL Configuration Wizard Please select an action O Set up Policy Rules Set up the default policy rules for Client ports Server ports Network ports and Guest ports Set up Port Policies Group ports into several types according to different ACL policies Set up Typical Network Application Rules Set up the specific ACL for different typical network application access control O Set up Source MAC and Source IP Binding Strictly control the network traffic by only allowing in
67. e same port and doesn t require the user to have special 802 1X software installed on his system The switch uses the user s MAC address to authenticate against the backend server Intruders can create counterfeit MAC addresses which makes MAC based authentication less secure than 802 1X authentication Overview of 802 1X Port Based Authentication In the 802 1X world the user is called the supplicant the switch is the authenticator and the RADIUS server is the authentication server The switch acts as the man in the middle forwarding requests and responses between the supplicant and the authentication server Frames sent between the supplicant and the switch are special 802 1X frames known as EAPOL EAP Over LANs frames EAPOL frames encapsulate EAP PDUs RFC3748 Frames sent between the switch and the RADIUS server are RADIUS packets RADIUS packets also encapsulate EAP PDUs together with other attributes like the switch s IP address name and the supplicant s port number on the switch EAP is very flexible in that it allows for different authentication methods like MD5 Challenge PEAP and TLS The important thing is that the authenticator the switch doesn t need to know which authentication method the supplicant and the authentication server are using or how many information exchange frames are needed for a particular method The switch simply encapsulates the EAP part of the frame into the relevant type EAPOL or RADIUS and forwards
68. e statuses are Disable DDoS Prevention Analysing Analyse the packet throughput for initialization Status Running Function ready Attacked DDOS attack happened Device IP Address Specify the IP Address of device Device MAC Specify the MAC Address of device Address ORing Industrial Networking Corp 77 IGPS 7084GP Series User s Manual 4 1 10 2 1 Advanced Configuration Alias IP Address This page provides Alias IP Address related configuration Some device might have more IP addresses than one you could specify the other IP address here Alias IP Address Alias IP Address 1 3 3 4 2 o Fi a o Hr O Specify Alias IP address Keeps 0 0 0 0 if the device doesn t have Alias IP Address alias IP address ORing Industrial Networking Corp 78 IGPS 7084GP Series User s Manual Alive Check using the ping command check port link status if port link fail user can setting action field select the switch action Alive Check Action Status E Link Change Onlv Log it Shunt Down the Port Reboot Device kA O O DD d ON Dn P DO N 4 lt 4 4 KA ha Link Change Disable and enable port Only log it Only sent log to log server Shunt Down the Port Reboot Device Disable and Enable P O E Power DDoS Prevention This page provides DDOS Prevention related configuration Switch could monitor the ingress Disable this port packets and
69. ed mode Class mode LLDP MED mode In this mode the user allocates the amount of power that each port may reserve The allocated reserved power for each port PD is specified in the Maximum Power fields In this mode each port automatic determines how much power to reserve according to the class the connected PD belongs to and reserves the power accordingly Three different port classes exist and one for 4 7 and 15 4 Watts In this mode the Maximum Power fields have no effect This mode is similar to the Class mode expect that each port determine the amount power it reserves by exchanging PoE information using the LLDP protocol and reserves power accordingly If no LLDP information is available for a port the port will reserve power using the class mode In this mode the Maximum Power fields have no effect For all mode If a port uses more power than the reserved power for the port the port is shut down 5 1 15 2 PoE Configuration Power management Mode There are 2 modes for configuring when to the ports are shut down ORing Industrial Networking Corp 125 IGPS 7084GP Series User s Manual Power Over Ethernet Configuration Reserved Power a LLDP determined by Q Class 9 Allocation iE O Actual Reserved Power Management Mode Consumption Power Primary Power Supply W 240 Port PoE Enabled Priority Maximum Power W lt s s S E s El E Actual Consumption In this mode
70. eeeeessoeseees 67 o Fanie ell o AAA IU CO eni 68 5 1 8 1 SOM e te 68 XR A 69 5183 E RE eu rel assesseer E E 70 5 1 8 4 Queuing Counters cccccocconnccnnnncccnoonncnnnnnnnnnnnnnnnnnnnonnononnnnnnnnnnnnnnnnennnnnnnnnnnnos 72 E Wa ME 73 Dil AA a o c 74 5 1 9 1 IGMP SNOODING serna 74 5 1 92 IGMP Snooping SIGS sismos accident 75 5 1 10 OY Po Es 76 ORing Industrial Networking Corp 3 e IGPS 7084GP Series User s Manual 5 1 10 1 Remote Control Security Configuration 000nnnneeo00nnnnneoonnnnnnnnennnennnnenene 76 5 1 10 2 Device Binding ccccocccnccnccnccconcnnccnanoncnnnncnnononnnnonnncnnnnnnrnnnnnnnnnnnnancnnnnancnnnnas 76 OS A ets 82 A nk EN 95 5 1 11 A 18 NR e O ROSE ESE UE 109 5 1 11 1 Fault Alarm sess nennen nnne nnn nnns 109 5 1 11 2 System Warning EE 110 5 1 12 Monitor and Diag T rcc 112 sum XE MAC T gt e E E ee ee i as 112 S122 e So senene ne o e 115 Mila PORO le e E 118 5 1 12 4 System Log Information oonncnncccnonncnncccnonnnnononancnnnonnnnnonnnnonannnnncnnnnanoss 119 5 1 12 5 Cable Diagnostics ocooccccnncccccocoonnconnnncnononnnncnnnnnnononnnncnnnnnnnononanennnnnonnss 120 NA 121 A o a ee eee ee ee ae 122 Se KS PVOP e EE 122 5 1 13 Faclory REI 123 5 1 14 icai e 124 5 1 15 Power Over Ethernet esses eene 124 5 1 15 1 PoE Configuration Reserved Power determined
71. em and a port wide ORing Industrial Networking Corp 96 IGPS 7084GP Series User s Manual Port Security Configuration System Configuration Mode Disabled Reauthentication Enabled Reauthentication Period 3600 seconds EAP Timeout seconds Age Period D seconds Hold Time 10 seconds Admin State Port State Max Clients Restart 1 Authorized Disab I ct e zd Ps ID cL b Disab AJ Disabled Al b Al b bul 2 bul 3 bal 4 Disa 3 Authorized wl Disab Authorized wl Disabled All Indicates if 802 1X and MAC based authentication is globally en enabled or disabled on the switch If globally disabled all ports are allowed forwarding of frames If checked clients are reauthenticated after the interval specified by the Reauthentication Period Reauthentication for 802 1X enabled ports can be used to detect if a new device is mM plugged into a switch port Reauthentication For MAC based ports reauthentication is only useful if the Enabled RADIUS server configuration has changed It does not involve communication between the switch and the client and therefore doesn t imply that a client is still present on a port see Age Period below Determines the period in seconds after which a connected client Reauthentication must be reauthenticated This is only active if the Period Reauthentication Enabled checkbox is checked Valid values are in the range 1 to 3600 seconds
72. er end RJ 45 connector connects to console port of switch PC pin out male assignment RS 232 with DB9 female connector DB9 to RJ 45 Pin 42 RD Pin 2 TD Pin 3 TD Pin 3 RD Pin 45 GD Pin 5 GD DB Male Shield DB Female Signal Ground Recaved Line Signal Detect A Ts Lue Ring Indicator ll Qu DCE Ready DTE Ready Wr 4 P Trams mitted Data agg B Clear to Send 7 Clear to Send Transmitted Data gt Received Data B lo D M Request to send Received Data 7 Request to Send DTE Ready 4 qu E 5 1 Received Line Signal Detect 77 a DCE Ready Signal Ground Ring Indicator Received by D TE Device I Received by DCE Device i eee Transmitted from DTE Device diie Transmitted from DCE Device ORing Industrial Networking Corp 14 IGPS 7084GP Series User s Manual WEB Management While making any establishment and upgrading firmware please remove physical loop connection first DO NOT power off equipment during firmware is upgrading 5 1 Configuration by Web Browser This section introduces the configuration by Web browser 5 1 1 About Web based Management An embedded HTML web site resides in flash memory on the CPU board It contains advanced management features and allows you to manage the switch from anywhere on the network through a standard web browser such as Microsoft Internet Explorer The Web Based Management function supports Internet Explorer 5 0 or l
73. etworking Corp 45 IGPS 7084GP Series User s Manual STP Port Status This page displays the STP CIST port status for port physical ports in the currently selected switch STP Port Status Auto refresh L CIST Role CIST State Uptime Mon STP Forwarding Non STP Forwarding Mon STP Forwarding Non STP Forwarding Mon STP Forwarding Non STP Forwarding Non STP Forwarding Mon STP Forwarding Mon STP Forwarding Non STP Forwarding Non STP Forwarding Non STP Forwarding Port The switch port number of the logical STP port The current STP port role of the CIST port The port role can be CIST Role one of the following values AlternatePort BackupPort RootPort DesignatedPort The current STP port state of the CIST port The port state can be e me nas oa ret o Uptime The tme since the bridge port was last nitaized Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh C regular intervals SIP Statistics This page displays the RSTP port statistics counters for bridge ports in the currently selected switch ORing Industrial Networking Corp 46 IGPS 7084GP Series User s Manual STP Statistics Auto refresh L Transmitted Received Discarded MSTP RESTE STP TCN MSTP RSIP STP TCN Unknown Illegal Port The switch port number of the ae RSTP port on the port number legacy STP Configuration BPDU s moe received transmi
74. ext save A string identifying the view name that this entry should belong to View Name The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Indicates the view type that this entry should belong to Possible view types are included An optional flag to indicate that this view subtree should be included View Type excluded An optional flag to indicate that this view subtree should be excluded General if a view entry s view type is excluded it should be exist another view entry which view type is included and it s OID subtree overstep the excluded view entry The OID defining the root of the subtree to add to the named view OID Subtree The allowed OID length is 1 to 128 The allowed string content is digital number or asterisk 5 1 7 6 SNMP Accesses Configure SNMPv3 accesses table on this page The entry index keys are Group Name Security Model and Security Level SNMPv3 Accesses Configuration Delete Group Name Security Model Security Level Read View Name Write View Name E default_ro_group any NoAuth NoPriv default view C default_rw_ group any MoAuth NoPriv default view default view Add new access Delete Check to delete the entry It will be deleted during the next save ORing Industrial Networking Corp 67 IGPS 7084GP Series User s Manual A string identifying the group name that this entry should belong to Group Name The allowed
75. from 32 to 126 Enter the name of contact person or organization Provide the timezone offset relative to UTC GMT Timezone Offset MEUS The offset is given in minutes east of GMT The valid range is from 20 to 720 minutes Click to save changes ORing Industrial Networking Corp 17 IGPS 7084GP Series User s Manual 5 1 2 2 Admin Password This page allows you to configure the system password required to access the web pages or log in from CLI System Password Username Old Password New Password Confirm New Password Label Old Password Enter the current system password If this is incorrect the new ir password will not be set New Password The system password The allowed string length is O to 31 and indi the allowed content is the ASCII characters from 32 to 126 Confirm password Confirm password Re type the new password Save Click to save changes ORing Industrial Networking Corp 18 IGPS 7084GP Series User s Manual 5 1 2 3 IP Setting Configure the switch managed IP information on this page IP Configuration Configured Current DHCP Client aW IP Address 192 168 10 4 192 168 10 4 IP Mask 299 299 292 0 299 299 292 0 IP Router 0 0 0 0 0 0 0 VLAN ID SNTP Server DHCP Client Enable the E client by checking this box If DHCP fails and the configured IP address is zero DHCP will retry If DHCP fails and the configured IP address is non zero DHCP will stop and the configured IP set
76. hEapolRegqFramesTx other than initial request frames that have been transmitted by the switch Response ID dotixAuthEapolRespIdFramesRx Logoff dotixAuthEapolLogoffFramesRx Request ID dotixAuthEapolRegIdFramesTx Backend server frame counter statistics Backend Server For MAC based ports there are two tables containing backend server Counters counters The left most shows a summary of all backend server counters on this port The right most shows backend server counters ORing Industrial Networking Corp 102 Last Supplicant Client Info Clients attached to this port ORing Industrial Networking Corp IGPS 7084GP Series User s Manual for the currently selected client or dashes if no client is selected or available A client can be selected from the list of authorized unauthorized clients below the two counter tables There are slight differences in the interpretation of the counters between port and MAC based authentication as shown below Backend Server Counters Direction IEEE Name Description Port based Counts the number of times that the switch receives the first request from the backend server following the first response from the supplicant Indicates that the backend server has communication with the switch MAC based Counts all Access Challenges received from the backend server for this port left most table or client right most table Port based Counts the number of times that the switch
77. hen the DHCP server function is activated the system will collect the DHCP client information and display in here DHCP Dynamic Client List No Select Type MAC Address IP Address Surplus Lease Select Clear All Add to static Table 5 1 3 3 DHCP Client List You can assign the specific IP address which is in the assigned dynamic IP range to the specific port When the device is connecting to the port and asks for dynamic IP assigning the system will assign the IP address that has been assigned before in the connected device DHCP Client List MAC Address m IP Address No Select Type MAC Address IP Address Surplus Lease ORing Industrial Networking Corp 27 Oring IGPS 7084GP Series User s Manual 5 1 4 Port Setting 5 1 4 1 Port Control This page displays current port configurations Ports can also be configured here Port Configuration MN Enabled Speed Flow Control Current Current Maximum Power ee ee Configured Frame Control Current Configured Rx Tx 1 Down x x LI Disabled 2 Down x x LI Disabled 3 Down x x d Disabled A Down x x L Disabled 5 Down x x Disabled 6 Down x x Disabled 7 e Down X X d Disabled 8 i1Gcfdx x x O Disabled 9 Down x x d 10 Down x x O 11 Down Ka x LI 12 Down X X Label Description Port This is the logical port number for this row Lene The current link state is displayed graphically Green indicates the in
78. ial Networking Corp 54 IGPS 7084GP Series User s Manual 3 VLAN Port Configuration gt Mode specific ID 11 when enterring packet is untagged frame added tag 11 When entering the tagged frame only VID 11 22 33 three kinds of packets can pass VLAN Port Configuration Ha O s s s For egress port 1 VLAN Membership Configuration setting port VID 11 22 33 VLAN Membership Configuration Open in new window A Port Members peiete Yip 1 2 4 o poppe a Ma O u D p pn a MQO0Oo0oo0o0o000n O 22 OOO E BA I0ODODODO O 33 O0 0 OO M MgoOoooooon Add new VLAN ORing Industrial Networking Corp 55 e Orna 2 VLAN Port Configuration gt Enable VLAN Aware VLAN Port Configuration VLAN Aware Frame me ture Mode UNE HE D DJ Om P WU N e 3 VLAN Port Configuration gt Mode none egress port can receive tag 11 22 33 packet In addition ony tag 11packet can enter egress port VLAN Port Configuration e 3 LI 4 d 2 5 7 8 ORing Industrial Networking Corp 56 IGPS 7084GP Series User s Manual ingress Port 1 gt egress Port 2 For ingress port Port 1 1 VLAN Membership Configuration setting port 1 2 3 amp VID 50 VLAN Membership Configuration Open in new window se PE EEE ep lv ve be kl Iw v v d d d 4 d dd 1 M v v v Tel e kl e Pe Iw e 50 MMMODODOODO DO
79. icast ingress packets Packet Type RX Multicast Multicast ingress packets RX Broadcast Broadcast ingress packets TCP TCP ingress packets UDP UDP ingress packets If packet type is UDP or TCP please specify the socket number here The socket number could be a range from low to high If the Socket Number socket number is only one please fill the same number in low field and high field If packet type is UDP or TCP please choose the socket direction Destination Source Indicates the action when DDOS attack happened Possible actions are Do nothing Blocking 1 minute To block the forwarding for 1 mintue and log the event Blocking 10 minute To block the forwarding for 10 mintues and log the event Blocking Just blocking and log the event Shunt Down the Port Shut down the port No Link and log the event Only Log it Just log the event Reboot Device If POE supported the device could be rebooted And log the event Indicates the DDOS Prevention status Possible statuses are Disable Analysing Analyse the packet throughput for initialization Running Function ready Attacked DDOS attack happened ri a LN Industrial Networking Corp 80 Oring IGPS 7084GP Series User s Manual Device Description This page provides Device Description related configuration Device Description Device Location Address Description IP Camera IP Phone Access Point D 0 w Oh
80. ication is up and running and the RADIUS module is ready to accept access attempts Dead X seconds left Access attempts were made to this server but it did not reply within the configured timeout The server has temporarily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server is enabled The time interval measured in milliseconds between the most recent Access Reply Access Challenge and the Access Request that matched it from the RADIUS radiusAuthClientExtRoundTripTime authentication server The granularity of this measurement is 100 ms A value of 0 ms indicates that there hasn t been round trip communication with the server yet RADIUS Accounting Statistics for Server 1 0 0 0 0 1813 Receive Packets Transmit Packets Responses Requests Malformed Responses Retransmissions Bad Authenticators Pending Requests Unknown Types Timeouts Packets Dropped Other Info State Disabled Round Trip O ms a mem SSS RADIUS accounting server packet counter There are five receive and Packet Counters four transmit counters ORing Industrial Networking Corp 108 IGPS 7084GP Series User s Manual Direction RFC4670 Name Description The number of RADIUS packets valid or invalid received from the server The number of malformed RADIUS packets received from the server Malformed
81. ilopackets per second The configuration indicates the permitted packet rate for unicast multicast or broadcast traffic across the switch Note Frames which are sent to the CPU of the switch are always limited to aproximately 4 kpps For example broadcasts in the management VLAN are limited to this rate The management VLAN is configured on the IP setup page ORing Industrial Networking Corp 68 IGPS 7084GP Series User s Manual Storm Control Configuration Frame Type Status Rate pps Unicast Multicast Broadcast The settings in a particular row apply to the frame type listed here Frame Type unicast multicast or broadcast Enable or disable the storm control status for the given frame type The 1 kpps is actually 1002 1 pps The rate unit is packet per second pps configure the rate as 1K 2K 4K 8K 16K 32K 64K 128K 256K 512K or 1024K 5 1 8 2 Port QoS This page allows you to configure QoS settings for each port Frames can be classified by 4 different QoS classes Low Normal Medium and High The classification is controlled by a QCL that is assigned to each port A QCL consists of an ordered list of up to 12 QCEs Each QCE can be used to classify certain frames to a specific QoS class This classification can be based on parameters such as VLAN ID UDP TCP port IPv4 IPv6 DSCP or Tag Priority Frames not matching any of the QCEs are classified to the default QoS class for the port
82. ion Client Authentication Method Fallback telnet ssh web console local local local local Enabled Enabled ORing Industrial Networking Corp IP Address IP Address 104 e IGPS 7084GP Series Users Manual Client Configuration The table has one row for each Client and a number of columns which are The Client for which the configuration below applies Authentication Authentication Method can be set to one of the following values Metohd none authentication is disabled and login is not possible local use the local user database on the switch stack for authentication radius use a remote RADIUS server for authentication tacacs use a remote TACACS server for authentication Fallback Enable fallback to local authentication by checking this box If none of the configured authentication servers are alive the local user database is used for authentication This is only possible if the Authentication Method is set to something else than none or local Click to save changes Click to undo any changes made locally and revert to previously ese saved values RADIUS Authentication Server Configuration The table has one row for each RADIUS Authentication Server and a number of columns which are The RADIUS Authentication Server number for which the configuration below applies Enable Enable the RADIUS Authentication Server by checking this box IP Address Enable fallb
83. ist gt Msti Port Configuration msti lt port_list gt Msti Port Cost msti lt port_list gt lt path_cost gt Msti Port Priority lt msti gt lt port_list gt lt priority gt NO ORing Industrial Networking Corp 13 ane IGPS 7084GP Series User s Manual Dot1x Period lt reauth_period gt IGMP Configuration lt port_list gt Mode enableldisable Status lt vid gt LLDP Configuration lt port_list gt Mode lt port_list gt enableldisablelrxltx Optional TLV lt port_list gt port_descrlsys_namelsys_descrlsys_capalmgmt_addr enableldisable Interval lt interval gt Statistics lt port_list gt clear ORing Industrial Networking Corp 140 ane IGPS 7084GP Series User s Manual MAC 7 Configuration lt port_list gt Add lt mac_addr gt lt port_list gt lt vid gt Delete lt mac_addr gt lt vid gt Lookup lt mac_addr gt lt vid gt Agetime lt age_time gt Learning lt port_list gt autoldisablelsecure Dump lt mac_max gt lt mac_addr gt lt vid gt Statistics lt port_list gt VLAN Configuration lt port_list gt Aware lt port_list gt enableldisable PVID lt port_list gt lt vid gt Inone FrameType lt port_list gt allltagged Add lt vid gt lt port_list gt Lookup lt vid gt PVLAN QOS Configuration lt port_list gt Classes lt clas
84. it When authentication is complete the RADIUS server sends a special packet containing a success or failure indication Besides forwarding this decision to the supplicant the switch uses it to open up or block traffic on the switch port connected to the supplicant Note Suppose two backend servers are enabled and that the server timeout is configured to X seconds using the Authentication configuration page and suppose that the first server in the list is currently down but not considered dead Now if the supplicant retransmits EAPOL Start ORing Industrial Networking Corp 95 e IGPS 7084GP Series User s Manual frames at a rate faster than X seconds then it will never get authenticated because the switch will cancel on going backend authentication server requests whenever it receives a new EAPOL Start frame from the supplicant And since the server hasn t yet failed because the X seconds haven t expired the same server will be contacted upon the next backend authentication server request from the switch This scenario will loop forever Therefore the server timeout should be smaller than the supplicant s EAPOL Start frame retransmission rate Overview of MAC Based Authentication Unlike 802 1X MAC based authentication is not a standard but merely a best practices method adopted by the industry In MAC based authentication users are called clients and the switch acts as the supplicant on behalf of clients The initial f
85. k access control 802 1x VLAN 802 1q to segregate and secure network traffic Radius centralized password management SNMPv3 encrypted authentication and access security RSTP 802 1w Quality of Service 802 1p for real time traffic VLAN 802 1q with double tagging and GVRP supported IGMP Snooping for multicast filtering Port configuration status statistics mirroring security Remote Monitoring RMON 802 3at Power over Ethernet P S E ORing Industrial Networking Corp e IGPS 7084GP Series Users Manual 1 3 Hardware Features Redundant DC power inputs Operating Temperature 40 to 700C Storage Temperature 40 to 85 C Operating Humidity 5 to 95 non condensing Casing IP 30 8x 1000Base T 4 x 1000 Base X SFP Console Port Dimensions 96 4 W x 108 5 D x 154 H mm 3 8 x 4 2 7 x 6 06 inch ORing Industrial Networking Corp es IGPS 7084GP Series User s Manual Hardware Installation 2 1 Installing Switch on DIN Rail Each switch has a DIN Rail kit on rear panel The DIN Rail kit helps switch to fix on the DIN Hal It is easy to install the switch on the DIN Rail 2 1 1 Mount IGPS 7084GP on DIN Rail SC 7 I I n I I H 1 I n ji V 105 5 DIN Rail Size ORing Industrial Networking Corp
86. k down power savings enabled PerfectReach Link up power savings enabled Enabled Both link up and link down power savings enabled Total Power Usage Total power usage in board measured in percent Click to save changes Click to undo any changes made locally and revert to previously saved values Click to refresh the page Any changes made locally will be undone 5 1 4 2 Rate Limit Configure the switch port rate limit for Policers and Shapers on this page Rate Limit Configuration Policer Policer Policer Shaper Shaper Shaper Port Enabled Rate Unit Enabled Rate 1 D C MI a 3 M C 4 0 C 5 D 500 a 500 6 0 500 a 500 7 D a 8 C 500 o JD C 500 10 O 500 a 500 ORing Industrial Networking Corp 29 IGPS 7084GP Series User s Manual Poet The logical port for the settings contained in the same row Policer Enabled Enable or disable the port policer The default value is Disabled Configure the rate for the port policer The default value is 500 This value is restricted to 500 1000000 when the Policer Unit is Policer Rate uu l l o kbps and it is restricted to 1 1000 when the Policer Unit is Mbps Configure the unit of measure for the port policer rate as kbps or Policer Unit Mbps The default value is kbps Shaper Enabled Enable or disable the port shaper The default value is Disabled
87. king Corp 73 IGPS 7084GP Series User s Manual 5 1 9 Multicast 5 1 9 1 IGMP Snooping This page provides IGMP Snooping related configuration IGMP Snooping Configuration Global Configuration Snooping Enabled L Unregistered IPMC Flooding enabled VLAN ID Snooping Enabled IGMP Querier 1 d Port Related Configuration Port Router Port Fast Leave 1 d d 2 CI d 3 CI d 4 d d Snooping Enabled Enable the Global IGMP Snooping Unregistered IPMC Flooding Enable unregistered IPMC traffic flooding enabled VLAN ID The VLAN ID of the entry IGMP Snooping Enable the per VLAN IGMP Snooping Enabled Enable the IGMP Querier in the VLAN The Querier will send out if no Querier received in 255 seconds after IGMP Querier Enabled Each IGMP Querier SE Querier s interval is 125 second and it will stop act as an IGMP Querier if received any Querier from other devices Specify which ports act as router ports A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or Router Port IGMP querier If an aggregation member port is selected as a router port the whole aggregation will act as a router port Enable the fast leave on the port ORing Industrial Networking Corp 74 IGPS 7084GP Series User s Manual 5 1 9 2 IGMP Snooping Status Auto refresh U Open in new window IGMP Snooping Status Statistics VLAN Querier Querier Querier Vi Reports V2Reports V3
88. king the Koch button will update the displayed table starting from that or the closest next MAC Table match In addition the two input fields will ORing Industrial Networking Corp 114 IGPS 7084GP Series User s Manual Refresh l E upon a button click assume the value of the first displayed entry allowing for continuous refresh with the same start address lm The will use the last entry of the currently displayed VLAN MAC address pairs as a basis for the next lookup When the end is reached the text no more entries is shown in the displayed table Use the button to start over MAC Address Table Auto refresh CI Start from VLAN and MAC address 00 00 00 00 00 0 with entries per page Port Members VLAN MAC Address CPU 1 2 3 4 5 6 7 8 9 10 11 12 Q0 1E 94 98 89 89 y 00 1E 84 FF FF FF wi 01 80 C2 4A 44 06 W wu uo wi wi wi wi wi wi wi wi wi 33 33 FF AB 0A 01 wi 33 33 FF FF FF FF wi a v WV WV VV VV VV v v 5 1 12 2 Port Statistic 5 1 12 2 1 Traffic Overview This page provides an overview of general traffic statistics for all switch ports ORing Industrial Networking Corp 115 IGPS 7084GP Series User s Manual Port Statistics Overview Auto refresh LI afresl Port Packets Bytes Errors Drops Filtered Receive Transmit Receive Transmit Receive Transmit Receive Transmit Receive 11 7980 86946125 9117790 6259918088 0 0 0 0 o 68 32984 68732987 4957477714 495 47 932 24710409 0 O 0
89. le pair Length The length in meters of the cable pair 5 1 12 6 SFP Monitor DDM function can pass SFP module which supports DDM function measure the temperature of the apparatus And manage and set up event alarm module through DDM WEB SFP Monitor Auto refresh L Port No N A N A N A N A N A N A N A N A N A N A N A Warning Temperature 85 ec 0 100 Event Alarm Syslog ORing Industrial Networking Corp 121 IGPS 7084GP Series User s Manual 5 1 12 7 Ping This page allows you to issue ICMP PING packets to troubleshoot IP connectivity Issues ICMP Ping IP Address Ping Size After you press Start J 5 ICMP packets are transmitted and the sequence number and roundtrip time are displayed upon reception of a reply The page refreshes automatically until responses to all packets are received or until a timeout occurs PINGO server 10 10 132 20 64 bytes from 10 10 132 20 icmp_seq 0 time 0ms 64 bytes from 10 10 132 20 icmp_seq 1 time 0ms 64 bytes from 10 10 132 20 icmp_seq 2 time 0ms 64 bytes from 10 10 132 20 icmp_seq 3 time 0ms 64 bytes from 10 10 132 20 icmp_seq 4 time 0ms Sent 5 packets received 5 OK 0 bad You can configure the following properties of the issued ICMP packets IP Address The destination IP Address The payload size of the ICMP packet Values range from 8 bytes to 1400 bytes 5 1 12 8 IPv6 Ping IPv6 Ping Ivo Address RSR
90. leted due to Time To Live Entries Aged Out expiring Local Counters Label Description Local Port The port on which LLDP frames are received or transmitted The number of LLDP frames transmitted on the port RxFrmes The number of LLDP frames received on the port The number of received LLDP frames containing some kind of Rx Errors error If an LLDP frame is received on a port and the switch s internal table has run full the LLDP frame is counted and discarded This situation is known as Too Many Neighbors in the LLDP standard LLDP frames require a new entry in the table when the Frames Discarded Chassis ID or Remote Port ID is not already contained within the table Entries are removed from the table when a given port links down an LLDP shutdown frame is received or when the entry ages out Each LLDP frame can contain multiple pieces of information TLVs Discarded known as TLVs TLV is short for Type Length Value If a TLV is malformed it is counted and discarded The number of well formed TLVs but with an unknown type TLVs Unrecognized value Org Discarded The number of organizationally TLVs received Each LLDP frame contains information about how long time the LLDP information is valid age out time If no new LLDP frame is Age Outs M received within the age out time the LLDP information is removed and the Age Out counter is incremented Click to refresh the page immediately
91. link is up and red that it is down Select any available link speed for the given switch port Configured Link Auto Speed selects the highest speed that is compatible with a Speed link partner Disabled disables the switch port operation When Auto Speed is selected for a port this section indicates the flow control capability that is advertised to the link partner When a fixed speed setting is selected that is what is used The Current Rx column indicates whether pause frames on the port Flow Control are obeyed and the Current Tx column indicates whether pause frames on the port are transmitted The Rx and Tx settings are determined by the result of the last Auto Negotiation Check the configured column to use flow control This setting is ORing Industrial Networking Corp 28 IGPS 7084GP Series User s Manual BEEN related to the setting for Configured Link Speed Enter the maximum frame size allowed for the switch port Maximum Frame l l l including FCS The allowed range is 1518 bytes to 9600 bytes Configure port transmit collision behavior Excessive Collsion Mode Discard Discard frame after 16 collisions default Restart Restart backoff algorithm after 16 collisions The Usage column shows the current percentage of the power consumption per port The Configured column allows for changing the power savings mode parameters per port Power Control Disabled All power savings mechanisms disabled ActiPHY Lin
92. ll ports are VLAN unaware and members of VLAN 1 and Private VLAN 1 A VLAN unaware port can only be a member of one VLAN but it can be a member of multiple Private VLANs Private VLAN Membership Configuration Open in new window Port Members Delete PVLANID 1 2 3 4 5 6 7 8 9 10 11 12 1 e iv be 1 b Jel be bn D Dn v v Add new Private VLAN A row of check boxes for each port is displayed for each private VLAN ID To include a port in a Private VLAN check the box To Port Members remove or exclude the port from the Private VLAN make sure the box is unchecked By default no ports are members and all ORing Industrial Networking Corp 59 IGPS 7084GP Series User s Manual Adding a New Static Entry Add New Private VLAN Click to add a new private VLAN ID An empty row is added to the table and the private VLAN can be configured as needed The allowed range for a private VLAN ID is the same as the switch port number range Any values outside this range are not accepted and a warning message appears Click OK to discard the incorrect entry or click Cancel to return to the editing and make a correction The Private VLAN is enabled when you click Save The button can be used to undo the addition of new Private VLANs Port Isolation Configuration Open in new window Port Number 9 1011 12 2 3 5 6 7 8 9 ITU Port Members ORing Industrial Networking Corp A check box is provide
93. ln amp Qu N Rh e HR HJ e ab Desarr S Indicates the type of device Possible types are No specification IP Camera IP Camera IP Phone IP Phone Access Point Access Point PC PC PLC PLC Device Type Network Video Recorder Network Video Recorder Location information of device this information could be used for Google Mapping Device description ORing Industrial Networking Corp 81 IGPS 7084GP Series User s Manual Stream Check This page provides Stream Check related configuration Stream Check Action Status Normal wo DD om in amp LJ N Enable Disable stream monitor of the port Indicates the action when stream getting low Possible actions are Do nothing Log it Just log the event 5 1 10 3 ACL 5 1 10 3 1 Ports Configure the ACL parameters ACE of each switch port These parameters will affect frames received on a port unless the frame matches a specific ACE ACL Ports Configuration Action dmm ds o Logging Shutdown Counter 1 Permit wl Disabled Disabled 108498 2 Permit Disabled 1 Disabled Disabled 0 3 Permit Disab Disabled Disabled Disabled 68732984 4 Disab Disabled Disabled Disabled 0 5 Permit led ze Disabled Disabled 0 6 Permit Disabled Disabled Disabled 68732984 7 Permit Disabled Disabled
94. mes can be classified by 4 different QoS classes Low Normal Medium and High The classification is controlled by a QoS assigned to each port A QCL consists of an ordered list of up to 12 QCEs Each QCE can be used to classify certain frames to a specific QoS class ORing Industrial Networking Corp 70 o Orina IGPS 7084GP Series Users Manual This classification can be based on parameters such as VLAN ID UDP TCP port IPv4 IPv6 DSCP or Tag Priority Frames not matching any of the QCEs are classified to the default QoS Class for the port QoS Control List Configuration oct ER AIS Type Type Value Traffic Class Ethernet Type Oxffff QCL Select a QCL to display a table that lists all the QCEs for that particular QCL opecifies which frame field the QCE processes to determine the QoS class of the frame The following QCE types are supported Ethernet Type The Ethernet Type field If frame is tagged this is the Ethernet Type that follows the tag header VLAN ID VLAN ID Only applicable if the frame is VLAN tagged QCE Tyep TCP UDP Port IPv4 TCP UDP source destination port DSCP IPv4 and IPv6 DSCP ToS The 3 precedence bit in the ToS byte of the IPv4 IPv6 header also known as DS field Tag Priority User Priority Only applicable if the frame is VLAN tagged or priority tagged Indicates the value according to its QCE type Ethernet Type The field shows the Ethernet Type value Type Value VLAN ID
95. mes can hit the action according to their ARP RARP hardware address length HLN and protocol address length PLN settings IP Ethernet 0 ARP RARP frames where the HLN is equal to Ethernet 0x06 and Length the PLN is equal to IPv4 0x04 must not match this entry 1 ARP RARP frames where the HLN is equal to Ethernet 0x06 and the PLN is equal to IPv4 0x04 must match this entry Any Any value is allowed don t care Specify whether frames can hit the action according to their ARP RARP hardware address space HRD settings 0 ARP RARP frames where the HLD is equal to Ethernet 1 must not match this entry 1 ARP RARP frames where the HLD is equal to Ethernet 1 must match this entry ORing Industrial Networking Corp 90 IGPS 7084GP Series User s Manual MO Any Any value is allowed don t care opecify whether frames can hit the action according to their ARP RARP protocol address space PRO settings 0 ARP RARP frames where the PRO is equal to IP 0x800 must not match this entry 1 ARP RARP frames where the PRO is equal to IP 0x800 must match this entry Any Any value is allowed don t care ICMP Parameters ICMP Type Filter ICMP Type Value ICMP Code Filter ICMP Code Value ICI D we pev CAT ome Code Vale TCP Parameters Source Port Filter Source Port No Dest Port Filter Specific Dest Port No UDP Parameters TCP FIN TCP SYN Source Port Filter TCP RST So
96. nable HTTPS redirect mode operation Disabled Disable HTTPS redirect mode operation ORing Industrial Networking Corp 20 IGPS 7084GP Series User s Manual 5 1 2 5 SSH SSH Configuration Indicates the SSH mode operation Possible modes are Enabled Enable SSH mode operation Disabled Disable SSH mode operation Click to save changes Click to undo any changes made locally and revert to previously saved values 5 1 2 6 LLDP LLDP Configuration This page allows the user to inspect and configure the current LLDP port settings LLDP Configuration LLDP Parameters Tx Interval seconds Disabled Disabled Disabled Disabled Port The switch port number of the logical LLDP port Mode Select LLDP mode ORing Industrial Networking Corp 21 IGPS 7084GP Series User s Manual Rx only The switch will not send out LLDP information but LLDP information from neighbor units is analyzed Tx only The switch will drop LLDP information received from neighbors but will send out LLDP information Disabled The switch will not send out LLDP information and will drop LLDP information received from neighbors Enabled The switch will send out LLDP information and will analyze LLDP information received from neighbors LLDP Neighbor Information This page provides a status overview for all LLDP neighbors The displayed table contains a row for each port on which an LLDP neighbor is detected The columns hold the f
97. nnnnnnnnnnnnos 12 4 2 e EE A 14 4 3 CONOR C ADIO aaraa an E T UA E EE ENA ere 14 WV EE EI Te nnmnnn 15 5 1 Configuration by Web Browser ccoooccccnncccccccnonnccnnnncnnnnononcnnnnnnnnnnnnnnnnnnnnnnnnnanennnns 15 5 1 1 About Web based Management 15 SM MEL e 17 5 1 2 1 System JIntormmaton 17 Dil ee 2 AOMING ASSW ONC cra edo cidcid 18 A E oo I A A E E E 19 S RR a e o oi E E ae 20 SA e yA A 21 lens 21 A A arai Eia a EE aoii 25 ORing Industrial Networking Corp 2 e IGPS 7084GP Series User s Manual 5 1 2 8 Backup Restore Configuration sese 25 5 1 2 9 Firmware Update 26 DLS DHOPF GENEI ne 26 5 1 3 1 one n 26 5 1 3 2 DHCP Dynamic Client Det 27 5 1 3 3 DACP Client List sms 27 A POLS e 28 5 1 4 1 Singer te r 28 SS S ERE mU 29 SNP c POM TUK m 30 5144A LOOP A A 36 A o ee E 36 5 1 5 1 ll A noe 36 AO 37 A e c rRR M 38 E ID Ern 39 5 155 FastRecovery HEIEREN Um Um 47 o VAN E 48 5 1 6 1 VLAN Membership Configurati0N cccccccccccconccnnnccnonononncnnnnccnononanncnnnnnos 48 AA AICA A A o A 59 MEME uu o 61 5 1 7 1 NM Gvstem 61 5 1 1 2 Renn ul ie sins 63 S73 Uc ono A 64 e MEME LI da E ree IA OOO UO m m TU 66 5 1 7 5 SNMP Views EE 66 5 1 7 6 SINMP ACCESSES 0 cccccccsseceeesccsseeeecccceseeeeescesseeesecsseeeeesscgs
98. ollowing information LLDP Neighbor Information Auto refresh L Local Port Chassis ID Remote Port ID System Name Port Description System Capabilities Management Address Port 5 00 1E 94 17 00 61 Port 01 IPS 2042P 100TX Bridge Local Port The port on which the LLDP frame was received The Chassis ID is the identification of the neighbor s LLDP Chassis ID frames Remote Port ID The Remote Port ID is the identification of the neighbor port System Name System Name is the name advertised by the neighbor unit m Port Description is the port description advertised by the neighbor Port Description unit System Capabilities describes the neighbor unit s capabilities The possible capabilities are 1 Other System Capabilites 2 Repeater 3 Bridge 4 WLAN Access Point 5 Router 6 Telephone ORing Industrial Networking Corp 22 IGPS 7084GP Series User s Manual 7 DOCSIS cable device 8 Station only 9 Reserved When a capability is enabled the capability is followed by If the capability is disabled the capability is followed by Management Address is the neighbor unit s address that is used Management for higher layer entities to assist the discovery by the network Address management This could for instance hold the neighbor s IP address Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh regular intervals LLDP
99. ot available for explicit mapping as it will receive the VLANs not explicitly mapped The list of VLAN s mapped to the MSTI The VLANs must be separated with comma and or space A VLAN can only be VLANS Mapped mapped to one MSTI An unused MSTI should just be left empty l e not having any VLANs mapped to it Click to save changes Click to undo any changes made locally and revert to previously saved values MSTI Priorities This page allows the user to inspect the current STP MSTI bridge instance priority configurations and possibly change them as well MSTI Configuration MSTI Te Configuration MSTI Priority CIST 128 M wen 128 v MST2 128 MST3 128 Y MsT4 128 ORing Industrial Networking Corp 41 IGPS 7084GP Series User s Manual Msn The bridge instance The CIST is the default instance which is always active Controls the bridge priority Lower numerical values have better priority The bridge priority plus the MSTI instance number riority concatenated with the 6 byte MAC address of the switch forms a Bridge Identifier Click to save changes Click to undo any changes made locally and revert to previously saved values CIST Ports This page allows the user to inspect the current STP CIST port configurations and possibly change them as well This page contains settings for physical and aggregated ports The aggregation settings are stack global STP CIST Ports Configur
100. packets include packets radiusAccClientExtMalformedResponses with an invalid length Bad authenticators or or unknown types are not included as malformed access responses The number of RADIUS packets containing invalid authenticators received from the server The number of RADIUS packets of unknown types that were received from the server on the accounting port The number of RADIUS packets that were received from Packets Dropped radiusAccClientExtPacketsDropped the server on the accounting port and dropped for some other reason The number of RADIUS packets sent to the server This does not include retransmissions The number of RADIUS packets retransmitted to the RADIUS accounting server The number of RADIUS packets destined for the server that have not yet timed out or received a response radiusAccClientExtPendingRequests This variable is incremented when a Request is sent and decremented due to receipt of a Response timeout or retransmission The number of accounting timeouts to the server After a timeout the client may retry to the same server send to a different server or give up A retry to the same server is counted as a retransmit as well as a timeout A send to a different server is counted as a Request as well as a timeout Responses radiusAccClientExtResponses Malformed Responses Bad Authenticators radiusAcctClientExtBadAuthenticators Unknown Types radiusAccClientExtUnknownTypes Requests radiusAccClientEx
101. r Info State Disabled Round Trip Time ms RADIUS authentication server packet counter There are seven receive Packet Counters and four transmit counters ORing Industrial Networking Corp 107 IGPS 7084GP Series User s Manual Direction RFC4668 Name Description The number of RADIUS Access Accept packets valid or invalid received from the server The number of RADIUS Access Reject packets valid or invalid received from the server The number of RADIUS Access Challenge radiusAuthClientExtAccessChallenges packets valid or invalid received from the server The number of malformed RADIUS Access REECH ve sais ere rta ie W e cria alformed packets include packets with an Se radiusAuthClientExtMalformedAccessResponses invalid length Bad authenticators or Message Authenticator attributes or unknown types are not included as malformed access responses The number of RADIUS Access Response Bad i packets containing invalid authenticators or Authenticators radiusAuthClientExtBadAuthenticators Message Authenticator attributes received from the server The number of RADIUS packets that were Unknown Types radiusAuthClientExtUnknownTypes received from the server on the authentication port and dropped for some other reason The number of RADIUS packets that were Packets Dropped radiusAuthClientExtPacketsDropped received from the server on the authentication port and dropped for some other reason The number of RADIUS Acces
102. rame any kind of frame sent by a client is snooped by the switch which in turn uses the client s MAC address as both username and password in the subsequent EAP exchange with the RADIUS server The 6 byte MAC address is converted to a string on the following form xx xx xx xx xx xx that is a dash is used as separator between the lower cased hexadecimal digits The switch only supports the MD5 Challenge authentication method so the RADIUS server must be configured accordingly When authentication is complete the RADIUS server sends a success or failure indication which in turn causes the switch to open up or block traffic for that particular client using static entries into the MAC Table Only then will frames from the client be forwarded on the switch There are no EAPOL frames involved in this authentication and therefore MAC based Authentication has nothing to do with the 802 1X standard The advantage of MAC based authentication over 802 1X is that several clients can be connected to the same port e g through a 3rd party switch or a hub and still require individual authentication and that the clients don t need special supplicant software to authenticate The disadvantage is that MAC addresses can be spoofed by malicious users equipment whose MAC address is a valid RADIUS user can be used by anyone and only the MD5 Challenge method is supported The 802 1X and MAC Based Authentication configuration consists of two sections a syst
103. regation partner Partner Key The Key that the partner has assigned to this aggregation ID Last Changed The time since this aggregation changed Last Channged Shows which ports are a part of this aggregation for this switch stack The format is Switch ID Port Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh L regular intervals ORing Industrial Networking Corp 33 IGPS 7084GP Series User s Manual 5 1 4 3 4 LACP Status This page provides a status overview for LACP status for all ports LACP Status Auto refresh Ll Refresh Open in new window Partner Partner Port LACP Key System ID Port pen Tresch port number Yes means that LACP is enabled and the port link is up No means that LACP is not enabled or that the port link is down Backup means that the port could not join the aggregation group but will join if other port leaves Meanwhile it s LACP status is disabled The key assigned to this port Only ports with the same key can aggregate together The Aggregation ID assigned to this aggregation group Partner System ID The partners System ID MAC address Partner Port The partners port number connected to this port Refresh Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh C regular intervals ORing Industrial Networking Corp 34 es
104. ries User s Manual Commander Groups 1 m System settings and reset options Syslog Server Configuration IP configuration and Ping Authentication Port management Link Aggregation Link Aggregation Control Protocol Spanning Tree Protocol IEEE 8682 12 port authentication Internet Group Management Protocol snooping Link Layer Discovery Protocol MAG address table Virtual LAN Private ULAH Quality of Service Access Control List Port mirroring Load Save of configuration via TFTP Simple Metuork Management Protocol Download of firmware via TFTP Fault Alarm Configuration 5 FLOW Timezone lt offset gt Log lt log_id gt alllinfolwarninglerror clear Syslog Syslog gt ServerConfiguration lt ip_addr gt Configuration DHCP enableldisable Setup lt ip_addr gt lt ip_mask gt ip router lt vid gt Ping lt ip_addr_string gt lt ping_length gt ORing Industrial Networking Corp 137 ane IGPS 7084GP Series User s Manual d SNTP lt ip_addr_string gt Auth Configuration Timeout lt timeout gt Deadtime lt dead_time gt RADIUS lt server_index gt enableldisable lt ip_addr_string gt lt secret gt lt server_port gt ACCT_RADIUS lt server_index gt enableldisable lt 1p_addr_string gt lt secret gt lt server_port gt Client consoleltelnetlsshlweb nonellocallradius enableldisable Statistics server index Por
105. rt Active EA in WW N Ch y 8 de Fault Alarm e Power Failure kfkfk life ep 998 ek II Ra M oH PWR 1 PWR 2 ORing Industrial Networking Corp 109 IGPS 7084GP Series User s Manual 5 1 11 2 System Warning 5 1 11 2 1 SYSLOG Setting The SYSLOG is a protocol to transmit event notification messages across networks Please refer to RFC 3164 The BSD SYSLOG Protocol Syslog Server System Warning SYSLOG Setting interface The following table describes the labels in this screen SYSLOG Server IP Address The remote SYSLOG Server IP address 5 1 11 2 2 SMTP Setting The SMTP is Short for Simple Mail Transfer Protocol Itis a protocol for e mail transmission across the Internet Please refer to RFC 821 Simple Mail Transfer Protocol SMTP Setting E mail Alert SMTP Server Address sender E mail Address Mail Subject Bl Authentication Recipient E mail Address 2 A Recipient E mail Address 3 A Recipient E mail Address 4 PO Recipient E mail Address 5 Po Recipient E mail Address 6 PO System Warning SMTP Setting interface ORing Industrial Networking Corp 110 IGPS 7084GP Series User s Manual The following table describes the labels in this screen E mail Alarm Enable Disable transmission system warning events by e mail Sender E mail The SMTP server IP address Address Authentication B Username the authentication username B Password the authentic
106. s Request Access Requests radiusAuthClientExtAccessRequests packets sent to the server This does not include retransmissions The number of RADIUS Access Request radiusAuthClientExtAccessRetransmissions packets retransmitted to the RADIUS authentication server The number of RADIUS Access Request packets destined for the server that have not yet timed out or received a response This Pending Requests radiusAuthClientExtPendingRequests variable is incremented when an Access Request is sent and decremented due to receipt of an Access Accept Access Reject Access Challenge timeout or retransmission The number of authentication timeouts to the server After a timeout the client may retry to the same server send to a different server or radiusAuthClientExtTimeouts give up A retry to the same server is counted as a retransmit as well as a timeout A send to a different server is counted as a Request as well as a timeout Access Accepts radiusAuthClientExtAccessAccepts Access Rejects radiusAuthClientExtAccessRejects Access Challenges Access Retransmissions This section contains information about the state of the server and the latest round trip time RFC4668 Name Description Shows the state of the server It takes one of the following values Disabled The selected server is disabled Not Ready The server is enabled but IP communication is not yet up and Other Info running mM Ready The server is enabled IP commun
107. s gt Default lt port_list gt lt class gt Tagprio lt port_list gt tag prio QCL Port lt port_list gt lt qcl_id gt ORing Industrial Networking Corp 141 IGPS 7084GP Series User s Manual OCT Add lt qcl_id gt lt qce_id gt qce id next etype etype vid vid port udp tcp port dscp lt dscp gt tos lt tos_list gt tag prio lt tag_prio_list gt class OCT Delete qcl id lt qce_id gt OCT Lookup lt qcl_id gt qce dl Mode lt port_list gt strictl weighted Weight lt port_list gt lt class gt lt weight gt Rate Limiter lt port_list gt enableldisable lt bit_rate gt Shaper lt port_list gt enableldisable lt bit_rate gt Storm Broadcast enableldisable lt packet_rate gt ACL Configuration lt port_list gt Action lt port_list gt permitldeny lt rate_limiter gt lt port_copy gt logging lt shutdown gt Policy lt port_list gt lt policy gt Add ace 1d lt ace_id_next gt switch port lt port gt policy lt policy gt lt vid gt tag prio dmac type etype lt etype gt lt smac gt lt dmac gt arp lt sip gt lt dip gt lt smac gt lt arp_opcode gt lt arp_flags gt Gp lt sip gt lt dip gt lt protocol gt lt ip_flags gt icmp lt sip gt lt dip gt icmp type lt icmp_code gt
108. s the port s status 5 1 15 6 LLDP Power Over Ethernet Neighbor This page provides a status overview for all LLDP PoE neighbors The displayed table contains a row for each port on which an LLDP PoE neighbor is detected The columns hold the following information LLDP Neighbor Power Over Ethernet Information Auto refresh L Refresh Local Port Power Type Power Source Power Priority Maximum Power Local Port The port for this switch on which the LLDP frame was received Power Type The Type represents whether the device is a Power Sourcing Entity PSE or Power Device PD If the Type is unknown it is represented as Resevered Power Source The Source represents the power source being utilized by a PSE or PD device If the device is a PSE device it can either run on its Primary Power Source or its Backup Power Source If it is unknown whether the PSE device is using its Primary Power Source or its Backup Power Source it is indicated as Unknown If the device is a PD device it can either run on its local power supply or it can use the PSE as power source It can also use both its local power supply and the PSE If itis unknown what power supply the PD device is using it is indicated as Unknown Power Priority The Power Used shows how much current the PD currently is using P O E ports Power Priority Power Priority represents the priority of the PD device or the power priority associated with the PSE type
109. s will appear These fields are explained later in this help file TCP Select TCP to filter IPv4 TCP protocol frames Extra fields for defining TCP parameters will appear These fields are explained later in this help file When Specific is selected for the IP protocol value you can enter a IP Protocol Value specific value The allowed range is O to 255 A frame that hits this ACE matches this IP protocol value ORing Industrial Networking Corp 87 e e IGPS 7084GP Series User s Manual Specify the Time to Live settings for this ACE zero IPv4 frames with a Time to Live field greater than zero must not BTI be able to match this entry non zero IPv4 frames with a Time to Live field greater than zero must be able to match this entry Any Any value is allowed don t care opecify the fragment offset settings for this ACE This involves the settings for the More Fragments MF bit and the Fragment Offset FRAG OFFSET field for an IPv4 frame iP raament No IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must not be able to match this entry Yes IPv4 frames where the MF bit is set or the FRAG OFFSET field is greater than zero must be able to match this entry Any Any value is allowed don t care Specify the options flag setting for this ACE No IPv4 frames where the options flag is set must not be able to IP Option match this entry Yes IPv4 frames where the options flag is se
110. sers Configure SNMPv3 users table on this page The entry index keys are Engine ID and User Name SNMPv3 Users Configuration Security Authentication Authentication Privacy Privacy Level Protocol Password Protocol Password 800007e5017f000001 default user MoAuth NoPriv None Mone None Delete Engine ID Check to delete the entry It will be deleted during the next save An octet string identifying the engine ID that this entry should belong to The string must contain an even number between 10 and 64 hexadecimal digits but all zeros and all F s are not allowed The SNMPv3 architecture uses the User based Security Model USM for message security and the View based Access Control Model VACM for access control For the USM entry the usmUserEnginelD and usmUserName are the entry s keys In a simple agent usmUserEnginelD is always that agent s own snmpEnginelD value ORing Industrial Networking Corp 64 Security Level Authentication Protocol Authentication Password Privacy Protocol Privacy Password ORing Industrial Networking Corp IGPS 7084GP Series User s Manual The value can also take the value of the snmpEnginelD of a remote SNMP engine with which this user can communicate In othe words if user engine ID equal system engine ID then it is local user otherwize it s remote user A string identifying the user name that this entry should belong to The allowed string length is 1 to 32
111. string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Indicates the security model that this entry should belong to Possible security models are any Accepted any security model v1 v2c usm v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM Security Model Indicates the security model that this entry should belong to Possible security models are Security Level NoAuth NoPriv None authentication and none privacy Auth NoPriv Authentication and none privacy Auth Priv Authentication and privacy The name of the MIB view defining the MIB objects for which this request may request the current values The allowed string length is Read View Name 1 to 32 and the allowed content is the ASCII characters from 33 to 126 The name of the MIB view defining the MIB objects for which this request may potentially SET new values The allowed string length is Write View Name 1 to 32 and the allowed content is the ASCII characters from 33 to 126 5 1 8 Traffic Prioritization 5 1 8 1 Stom Control There is a unicast storm rate control multicast storm rate control and a broadcast storm rate control These only affect flooded frames i e frames with a VLAN ID DMAC pair not present on the MAC Address table The rate is 2 n where n is equal to or less than 15 or No Limit The unit of the rate can be either pps packets per second or kpps k
112. t Configuration lt port_list gt State lt port_list gt enableldisable Aggr Add port list lt aggr_1d gt Delete aggr id Lookup lt aggr_1d gt Mode smacldmacliplport enableldisable LACP ORing Industrial Networking Corp 138 IGPS 7084GP Series User s Manual Configuration lt port_list gt Mode lt port_list gt enableldisable Key lt port_list gt lt key gt Role lt port_list gt activelpassive Status lt port_list gt Statistics lt port_list gt clear STP Configuration Version lt stp_version gt Non certified release v Txhold lt holdcount gt It 15 15 15 Dec 6 2007 MaxAge lt max_age gt FwdDelay delay bpduFilter enableldisable bpduGuard enableldisable recovery lt timeout gt CName config name lt integer gt Status msti lt port_list gt Msti Priority msti lt priority gt Msti Map lt msti gt clear Msti Add msti vid Port Configuration lt port_list gt Port Mode lt port_list gt enableldisable Port Edge lt port_list gt enableldisable Port AutoEdge lt port_list gt enableldisable Port P2P lt port_list gt enableldisablelauto Port RestrictedRole lt port_list gt enableldisable Port RestrictedTcn lt port_list gt enableldisable Port bpduGuard lt port_list gt enableldisable Port Statistics lt port_list gt Port Mcheck lt port_l
113. t clients and thereby a reauthentication immediately The port clients will transfer to the unauthorized state while the reauthentication is ongoing ORing Industrial Networking Corp 100 IGPS 7084GP Series User s Manual Port Security Status Auto refresh Port State Last Source Last ID Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled The switch port number Click to navigate to detailed 802 1X nm Je The current state of the port Refer to IEEE 802 1X Port State for CEN RM The source MAC address carried in the most recently received T ER EAPOL frame for port based authentication and the most recently received frame from a new client for MAC based authentication The user name supplicant identity carried in the most recently TT received Resp ID EAPOL frame for port based authentication and the source MAC address from the most recently received frame from a new client for MAC based authentication ORing Industrial Networking Corp 101 IGPS 7084GP Series User s Manual This page provides detailed IEEE 802 1X statistics for a specific switch port running port based authentication For MAC based ports it shows selected backend server RADIUS Authentication Server statistics only Use the port select box to select which port details to be displayed 802 1X Statistics Port 1 Auto refresh L Refresh Receive EAPOL Counters Transmit E
114. t is the ASCII characters from 33 to 126 65 IGPS 7084GP Series User s Manual 5 1 7 4 SNMP Groups Configure SNMPv3 groups table on this page The entry index keys are Security Model and Security Name SNMPv3 Groups Configuration Delete Security Model Security Name Group Name public default_ro_group private default rw group public default ro aroup private default rw group default user default rw group Check to delete the entry It will be deleted during the next save Indicates the security model that this entry should belong to Possible security models are Security Model v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM A string identifying the security name that this entry should belong to Security Name The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 A string identifying the group name that this entry should belong to Group Name The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 5 1 7 5 SNMP Views Configure SNMPv3 views table on this page The entry index keys are View Name and OID Subtree ORing Industrial Networking Corp 66 IGPS 7084GP Series User s Manual SNMPv3 Views Configuration Delete View Name View Type OID Subtree F default view included Add new view Check to delete the entry It will be deleted during the n
115. t must be able to match this entry Any Any value is allowed don t care Specify the source IP filter for this ACE Any No source IP filter is specified Source IP filter is don t care Host Source IP filter is set to Host Specify the source IP address in the SIP Address field that appears Network Source IP filter is set to Network Specify the source IP address and source IP mask in the SIP Address and SIP Mask fields that appear When Host or Network is selected for the source IP filter you can SIP Address 8 enter a specific SIP address in dotted decimal notation When Network is selected for the source IP filter you can enter a specific SIP mask in dotted decimal notation Specify the destination IP filter for this ACE Any No destination IP filter is specified Destination IP filter is don t care Host Destination IP filter is set to Host Specify the destination IP address in the DIP Address field that appears Network Destination IP filter is set to Network Specify the ri GOD ER Industrial Networking Corp 88 IGPS 7084GP Series User s Manual destination IP address and destination IP mask in the DIP Address and DIP Mask fields that appear When Host or Network is selected for the destination IP filter you DIP Address 8 can enter a specific DIP address in dotted decimal notation When Network is selected for the destination IP filter you can enter a specific DIP mask in dotte
116. tRequests Retransmissions radiusAccClientExtRetransmissions Pending Requests radiusAccClientExtTimeouts This section contains information about the state of the server and the latest RFC4670 Name Description Shows the state of the server It takes one of the following values Disabled The selected server is disabled Not Ready The server is enabled but IP communication is not yet up and Other Info running P Ready The server is enabled IP communication is up and running and the RADIUS module is ready to accept accounting attempts Dead X seconds left Accounting attempts were made to this server but it did not reply within the configured timeout The server has temporarily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server is enabled The time interval measured in milliseconds between the most recent Response and the Request that matched it from the RADIUS accounting server The granularity of this measurement is 100 ms A value of 0 ms indicates that there hasn t been round trip communication with the server yet Round Trip radiusAccClientExtRoundTripTime Time 5 1 11 Warning 5 1 11 1 Fault Alarm When any selected fault event is happened the Fault LED in switch panel will light up and the electric relay will signal at the same time Port Link Down Broken Po
117. tations of current redundant ring technology O Chain Uplink Port Edge Port State LE 5v 0 queo zu 09 v O Forwarding Apply Enebe Enabing the OO falo OO O Edge Port In the O Chain application the head and tail of two Switch Port must start the Edge MAC smaller Switch Edge port will be the backup and RM LED Light ORing Industrial Networking Corp 38 IGPS 7084GP Series User s Manual Edae Port Edqe Port O Chain Edae Port Edge Port O Chain 5 1 5 4 MSTP Bridge Settings This page allows you to configure RSTP system settings The settings are used by all RSTP Bridge instances in the Switch Stack STP Bridge Configuration Basic Settings Protocol Version Forward Delay su Max Age 20 Maximum Hop Count a Transmit Hold Count Label Protocol Version Forward Delay Max Age The STP protocol version setting Valid values are STP RSTP and MSTP The delay used by STP Bridges to transition Root and Designated Ports to Forwarding used in STP compatible mode Valid values are in the range 4 to 30 seconds The maximum age of the information transmitted by the Bridge when it is the Root Bridge Valid values are in the range 6 to 40 seconds and MaxAge must be lt FwdDelay 1 2 Maximum Hop Count This defines the initial value of remainingHops for MSTI ORing Industrial Networking Corp 39 IGPS 7084GP Series User s Manual
118. ter ID Rate pps 1 2 3 4 5 6 7 8 9 10 11 12 1 v ORing Industrial Networking Corp 83 IGPS 7084GP Series User s Manual Rate Limiter ID The rate limiter ID for the settings contained in the same row The rate unit is packet per second pps configure the rate as 1 2 4 8 16 32 64 128 256 512 1K 2K 4K 8K 16K 32K 64K 128K 256K 512K or 1024K The 1 kpps is actually 1002 1 pps 5 1 10 3 3 ACL Configuration Configure an ACE Access Control Entry on this page An ACE consists of several parameters These parameters vary according to the frame type that you select First select the ingress port for the ACE and then select the frame type Different parameter options are displayed depending on the frame type that you selected A frame that hits this ACE matches the configuration that is defined here ACE Configuration Ingress Port Action Permit Frame A Rate Limiter MM Port Copy Logging Shutdown Counter Leg eem Select the ingress port for which this ACE applies Any The ACE applies to any port Port n The ACE applies to this port number where n is the number Ingress Port of the switch port Policy n The ACE applies to this policy number where n can range from 1 through 8 Select the frame type for this ACE These frame types are mutually exclusive Frame Type Any Any frame can match this ACE Ethernet Type Only Ethernet Type frames can match this
119. tes Rx 1527 Bytes Receive Queue Counters Rx Low Rx Normal Rx Medium Rx High Receive Error Counters Rx CRC Alignment Rx Undersize Rx Oversize Rx Fragments Rx Jabber 118043 20134074 117745 225 ZU 0 113373 1315 243 4 3107 0 0 117815 D 0 225 IGPS 7084GP Series Transmit Total Tx Packets Tx Octets Tx Unicast Tx Multicast Tx Broadcast Tx Pause User s Manual 86946171 62590024740 7348 26 12 56 60226067 0 Transmit Size Counters Tx 64 Bytes Tx 65 127 Bytes Tx 128 255 Bytes Tx 256 511 Bytes Tx 512 1023 Bytes Tx 1024 1526 Bytes Tx 1527 Bytes 60226305 20716197 3419 af 18 1 5 0 Transmit Queue Counters Tx Low Tx Normal Tx Medium Tx High 86938819 0 0 302 Transmit Error Counters Tx Drops Tx Late Exc Coll Rx Filtered Label Rx and Tx Packets The number of received and transmitted good and bad packets The number of received and transmitted good and bad bytes Rx and Tx Octets Includes FCS but excludes framing bits The number of received and transmitted good and bad unicast Rx and Tx Unicast packets Rx and Tx Multicast Rx and Tx Broadcast packets packets The number of received and transmitted good and bad multicast The number of received and transmitted good and bad broadcast A count of the MAC Control frames received or transmitted on this Rx and Tx Pause port that have an opcode indicating a PA
120. the ACE The counter indicates the number of times the ACE was hit by a Counter l rame MAC Parameters SMAC Filter IATA 00 00 00 00 00 0 DMAC Filter AAA OO 00 00 00 00 0 ORing Industrial Networking Corp 85 IGPS 7084GP Series User s Manual Only displayed when the frame type is Ethernet Type or ARP Specify the source MAC filter for this ACE SMAC Filter Any No SMAC filter is specified SMAC filter status is don t care Specific If you want to filter a specific source MAC address with this ACE choose this value A field for entering an SMAC value appears When Specific is selected for the SMAC filter you can enter a specific source MAC address The legal format is SMAC Value XX XX XX XX XX XX A frame that hits this ACE matches this SMAC E value Specify the destination MAC filter for this ACE Any No DMAC filter is specified DMAC filter status is don t care MC Frame must be multicast BC Frame must be broadcast DMAC Filter UC Frame must be unicast Specific If you want to filter a specific destination MAC address with this ACE choose this value A field for entering a DMAC value appears When Specific is selected for the DMAC filter you can enter a specific destination MAC address The legal format is DMAC Value XX XX XX XX Xx XX A frame that hits this ACE matches this DMAC value VLAN Parameters VLAN ID Filter VLAN ID Tag Priority neen Specify the VLAN ID
121. the ports are shut down when the actual power consumption for all ports exceeds the amount of power that the power supply can deliver or if the actual power consumption for a given port exceeds the reserved power for that port The ports are shut down according to the ports priority If two ports have the same priority the port with the highest port number is shut down Reserved Power In this mode the ports are shut down when total reserved powered exceeds the amount of power that the power supply can deliver In this mode the port power is not turned on if the PD requests more power the available ORing Industrial Networking Corp 126 ane IGPS 7084GP Series User s Manual 5 1 15 3 PoE Configuration Primary Power Supply primary power source user can setting maximum input power range Power Over Ethernet Configuration Reserved Power 8 E C LLDP E Class Allocation MED Power Management Mode O Actual Reserved Consumption Power Primary Power Supply W Port PoE Enabled Priority Maximum Power W 5 1 15 4 PoE Configuration Port Configuration User can configuration every port PoE Setting Port PoE Enabled Priority Maximum Power W ORing Industrial Networking Corp 127 IGPS 7084GP Series User s Manual POE Enable The PoE Enabled represents whether the PoE is enable for the port Priority The Priority represents the ports priority There are three levels of power priority named
122. tings will be used The DHCP client will announce the configured System Name as hostname to provide DNS lookup IP Address Assign the IP address that the network is using If DHCP client function is enabling you do not need to assign the IP address The network DHCP server will assign the IP address for the switch and it will be display in this column The default IP is 192 168 10 1 Assign the subnet mask of the IP address If DHCP client function NNNM ree IP Router Assign the network gateway for the switch The default gateway T emm s emm VLAN ID Provide the managed VLAN ID The allowed range is 1 through Mem mmt tm SNTP Server SNTP is an acronym for Simple Network Time Protocol a network protocol for synchronizing the clocks of computer systems SNTP uses UDP datagrams as transport layer Click to save changes ORing Industrial Networking Corp 19 IGPS 7084GP Series User s Manual Click to undo any changes made locally and revert to previously ese saved values Click to renew DHCP This button is only available if DHCP is enabled 5 1 2 4 HTTPS HTTPS Configuration AO Disabled Label Description Indicates the HTTPS mode operation Possible modes are Enabled Enable HTTPS mode operation Disabled Disable HTTPS mode operation Indicates the HTTPS redirect mode operation Automatic redirect web browser to HTTPS during HTTPS mode enabled Possible Automatic Redirect modes are Enabled E
123. tted on the port The number of legacy Topology Change Notification BPDU s received transmitted on the port The number of unknown Spanning Tree BPDU s received and Discarded Unknown discarded on the port The number of ilegal Spanning Tree BPDU s received and Discarded Illegal discarded on the port Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh L regular intervals 5 1 5 5 Fast Recovery mode The Fast Recovery Mode can be set to connect multiple ports to one or more switches The TES 250 M12 with its fast recovery mode will provide redundant links Fast Recovery mode supports 5 priorities only the first priority will be the act port the other ports configured with other priority will be the backup ports ORing Industrial Networking Corp 47 IGPS 7084GP Series User s Manual Fast Recovery Mode A Hor incl A Plot included Ae Hot included w E Hot included w gma Hot included w Fast Recovery Mode interface The following table describes the labels in this screen Active Activate the fast recovery mode Port can be configured as 5 priorities Only the port with highest priority will be the active port 1st Priority is the highest Click Apply to activate the configurations 5 1 6 VLAN 5 1 6 1 VLAN Membership Configuration The VLAN membership configuration for the selected stack switch unit switch can be monitored an
124. ual 5 1 16 Factory Defaults You can reset the configuration of the stack switch on this page Only the IP configuration is retained Factory Defaults Are you sure you want to reset the configuration to Factory Defaults Click to reset the configuration to Factory Defaults Click to return to the Port State page without resetting the configuration 5 1 17 System Reboot You can reset the stack switch on this page After reset the system will boot normally as if you had powered on the devices Warm Reset Are you sure you want to perform a Warm Restart Click to reboot device Click to return to the Port State page without rebooting ORing Industrial Networking Corp 132 IGPS 7084GP Series User s Manual Command Line Interface Management 6 1 About CLI Management Besides WEB base management IES 3073GC also support CLI management You can use console or telnet to management switch by CLI CLI Management by RS 232 Serial Console 115200 8 none 1 none Before Configuring by RS 232 serial console use an RJ45 to DB9 F cable to connect the Switches RS 232 Console port to your PC s COM port Follow the steps below to access the console via RS 232 serial cable Step 1 From the Windows desktop click on Start gt Programs gt Accessories gt Communications gt Hyper Terminal Accessibility En Communications al HyperTerminal a Network Time Protocol E Network and Dial up Connections
125. urce Port O TCP PSH Dest Port Filter TCP ACK Any coos Any Y AAN SO 65535 TCP URG TCP UDP Source Specify the TCP UDP source filter for this ACE ORing Industrial Networking Corp 9 TCP UDP Source No TCP UDP Source Range TCP UDP Destination Filter TCP UDP Destination Number TCP UDP Destination Range TCP FIN ORing Industrial Networking Corp IGPS 7084GP Series User s Manual Any No TCP UDP source filter is specified TCP UDP source filter status is don t care Specific If you want to filter a specific TCP UDP source filter with this ACE you can enter a specific TCP UDP source value A field for entering a TCP UDP source value appears Range If you want to filter a specific TCP UDP source range filter with this ACE you can enter a specific TCP UDP source range value A field for entering a TCP UDP source value appears When Specific is selected for the TCP UDP source filter you can enter a specific TCP UDP source value The allowed range is O to 65535 A frame that hits this ACE matches this TCP UDP source value When Range is selected for the TCP UDP source filter you can enter a specific TCP UDP source range value The allowed range is 0 to 65535 A frame that hits this ACE matches this TCP UDP source value opecify the TCP UDP destination filter for this ACE Any No TCP UDP destination filter is specified TCP UDP destination filter status is don t care Specific If
126. urity Engine ID Trap Security Name Disabled Disable SNMP trap probe security engine ID mode of operation Indicates the SNMP trap security engine ID SNMPv3 sends traps and informs using USM for authentication and privacy A unique engine ID for these traps and informs is needed When Trap Probe Security Engine ID is enabled the ID will be probed automatically Otherwise the ID specified in this field is used The string must contain an even number between 10 and 64 hexadecimal digits but all zeros and all F s are not allowed Indicates the SNMP trap security name SNMPv3 traps and informs using USM for authentication and privacy A unique security name is needed when traps and informs are enabled 5 1 7 2 SNMP Communities Configure SNMPv3 communities table on this page The entry index key is Community ORing Industrial Networking Corp 63 IGPS 7084GP Series User s Manual SNMPv3 Communities Configuration Delete Community SourceIP Source Mask public 0 0 0 0 0 0 0 0 private 0 0 0 0 0 0 0 0 Add new community Check to delete the entry It will be deleted during the next save Indicates the community access string to permit access to SNMPv3 Community agent The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 SoucelP Indicates the SNMP access source address Source Mask Indicates the SNMP access source address mask 5 1 7 3 SNMP U
127. vice to Manager if user setting two or more switch to Manager this MRP topology will fail ORing Industrial Networking Corp 36 IGPS 7084GP Series User s Manual React on Link Change Faster mode if user enable this function MRP Topology will Advanced mode more faster convergence this function only can setting in MRP Manager Switch 17 Ring Port Choosing the port which connect to the MRP ring 2 Ring Port Choosing the port which connect to the MRP ring 5 1 5 2 O Ring Ring is the most powerful Ring in the world The recovery time of Ring is less than 10 ms It can reduce unexpected damage caused by network topology change Ring Supports 3 Ring topology Ring Coupling Ring and Dual Homing O Ring Configuration o ring Ring Master Disable This switch is Not a Ring Master 1st Ring Port LinkDown 2nd Ring Port LinkDown P Coupling Ring A Pots LinkDown lal Dual Homing Homing Port Port A LinkDown Ring interface The following table describes the labels in this screen There should be one and only one Ring Master in a ring However if there are two or more switches which set Ring EQ Ads Master to enable the switch with the lowest MAC address wil be the actual Ring Master and others will be Backup Masters 1 Ring Port The primary port when this switch is Ring Master 2 4 Ring Port The backup port when this switch is Ring Master Coupling Ring Mark to enable Coupling Ring Coupling Ring
128. witch port is listed for each group ID Select a radio button to include a port in an aggregation or clear the radio button to remove the port from the aggregation By default no ports belong to any aggregation group Only full duplex ports can join an aggregation and ports must be in the same speed in each group The Key value incurred by the port range 1 65535 The Auto setting will set the key as appropriate by the physical link speed 10Mb 1 100Mb 2 1Gb 3 Using the Specific setting a user defined value can be entered Ports with the same Key value ORing Industrial Networking Corp 32 IGPS 7084GP Series User s Manual can participate in the same aggregation group while ports with E The Role shows the LACP activity status The Active will transmit LACP packets each second while Passive will wait for a LACP packet from a partner speak if spoken to Click to save changes Click to undo any changes made locally and revert to previously ese d d saved values 5 1 4 3 3 LACP System Status This page provides a status overview for all LACP instances LACP System Status Auto refresh L Refresh Open in new window Acar ID Partner Partner Last Local 99 System ID Key Changed Ports sorts enabled or no existing part Aggr ID The Aggregation ID associated with this aggregation instance For LLAG the id is shown as isid aggr id and for GLAGs as aggr id Partner System ID The system ID MAC address of the agg
129. you want to filter a specific TCP UDP destination filter with this ACE you can enter a specific TCP UDP destination value A field for entering a TCP UDP destination value appears Range If you want to filter a specific range TCP UDP destination filter with this ACE you can enter a specific TCP UDP destination range value A field for entering a TCP UDP destination value appears When Specific is selected for the TCP UDP destination filter you can enter a specific TCP UDP destination value The allowed range is O to 65535 A frame that hits this ACE matches this TCP UDP destination value When Range is selected for the TCP UDP destination filter you can enter a specific TCP UDP destination range value The allowed range is O to 65535 A frame that hits this ACE matches this TCP UDP destination value Specify the TCP No more data from sender FIN value for this ACE 0 TCP frames where the FIN field is set must not be able to match 92 e TCP SYN TCP PSH TCP ACK TCP URG ORing Industrial Networking Corp IGPS 7084GP Series User s Manual this entry 1 TCP frames where the FIN field is set must be able to match this entry Any Any value is allowed don t care opecify the TCP Synchronize sequence numbers SYN value for this ACE 0 TCP frames where the SYN field is set must not be able to match this entry 1 TCP frames where the SYN field is set must be able to match this entry Any Any valu
Download Pdf Manuals
Related Search