ZyXEL GS1510-16 User's Manual
Contents
1. 14 2 What You Need to Know Loop guard is designed to handle loop problems on the edge of your network This can occur when a port is connected to a Switch that is in a loop state Loop state occurs as a result of human error It happens when two ports on a switch are connected with the same cable When a switch in loop state sends out broadcast messages the messages loop back to the switch and are re broadcast again and again causing a broadcast storm If a switch not in loop state connects to a switch in loop state then it will be affected by the switch in loop state in the following way GS1510 Series User s Guide Chapter 14 Loop Guard e It will receive broadcast messages sent out from the switch in loop state e It will receive its own broadcast messages that it sends out as they loop back It will then re broadcast those messages again The following figure shows port N on switch A connected to switch B Switch B is in loop state When broadcast or multicast packets leave port N and reach switch B they are sent back to port N on A as they are rebroadcast from B Figure 44 Switch in Loop State The loop guard feature checks to see if a loop guard enabled port is connected to a switch in loop state This is accomplished by periodically sending a probe packet and seeing if the packet returns on the same port If this is the case the Switch will2. 71 Chapter 12 IGMP SN GOPING II UU E IIT 73 fg od c ER 73 122 What VOU Can DO eana aeaa NNA O EE NOA ER 73 12 3 Whar vou Need Tto KOW es eror EXER ce ehai E E ad TEENA MEME aaia KUSEN aa 73 12 3 1 IGMP Snooping and VLANS i suucciisdee tere idos anni a innan deb pata ddrp Rer beda 74 pu Ici gg eec 74 jM do 8 ee te OTe nr ir rete me erie aaa 5 Chapter 13 link Agrega OI znne A ENa 77 j WES Is iaae enaa a aa a eee 77 T5 Nt POU EOS IK aaia aa a a a aia a aa a a 77 13 3 What You Need To KOC cssccscccatscaacscensacrisemacionisqerssnancuesd OTAN E ERES CREE SPI ARED 77 Taa Dyin Link is oro sessies AR 77 TSA Die WAN nnna 78 Meee m iei MEET 79 Chapter 14 LOD EB oodd Pere GE URS Eur RETE ERE ercret reer rcrerrerrrrrererr rer cere eet rr rrorr Meet UMEN EURITA 81 GS1510 Series User s Guide 13 Table of Contents WERDE 81 14 2 Wat vend Need TINO Laus eumd uis Ctt uk riani Fo quads eE aA EA Aa RF UR d E iR ao RM AN a i Eu 81 tka LO RC T M 83 Chapter 15 Do PN EE T T YO 85 pO ES Us PN ETT MUT UR 85 13 2 Nhat Yon Can DO niana A 85 15 What You Need to IFIDW acci roe oe e e c oi a o d Ur i d ud 85 13 3 1 Queuing AGOE PR PEEL T T 85 15 2 CDS TERENTIA crier a a abes r caper dI A OE URER Cop c E PRU EAS g dE 86 Taa POL FIONY aoia 86 15 9 IP Dil er DSCP qe
3. 87 15 5 1 Differentiated Services Code Point DSCP eise eene nennen nete 88 19 6 Pronit Queue Mapping 2222 sata e orae cepa e ba Lob aUud ud blow ebd cue d xp uod 89 QE eT Ei Me c trie errr eitecnn rrr er int terra erat renerrrrer crtrrrene rarer rata crrrrtrr etre 90 Chapter 16 Slorm CONTO t 93 160 1 Broadcast Steam Conia SEUD aient eio o ota M ala petto pe anc ioca 93 Chapter 17 SPAMMING TES uico 95 Usi auos errem 95 T2 iat You an EO oic onec b t ict e ove Fes t an eU PORRO ss 95 LEM ESSI dades SEP ET RENE 95 USELESS 96 1 22 2 How S TP WOKS ascesssceioneont enda ESA 96 Ti OGbglol SEINS asks i plebes UU e ee eR 97 Tc ten LECCE I I D IN 98 Part IV Security and Management ssesesee 101 Chapter 18 IP Source Guard mete 103 DOES 103 1 2 Wha VOU Can E P 103 18 3 What Yol Nob TO GCE icccia cnsadeetckcaniourssntraddes obi acr canda io A ELLE DES Saad E 103 18 3 1 DHCP Snooping Ovario W 1er pb pp abus anie debt abbia a aad dnd 104 18 3 2 ABP inspection Overview aucsectp etre REN d dI prRR un E Td o I tn EE RA EUER 105 TA DENSE SNOOP 5ecositeoriviisrierctiev ep n aea PAIS Dota ua E HER nt oda SU AR 107 GS1510 Series User s Guide Table of Contents
4. Chapter 18 IP Source Guard These MAC address filters are different than regular MAC address filters e They are stored only in volatile memory e They do not use the same space in memory that regular MAC address filters use e They appear only in the ARP Inspection screens 18 3 2 2 Trusted vs Untrusted Ports Every port is either a trusted port or an untrusted port for ARP inspection This setting is independent of the trusted untrusted setting for DHCP snooping The Switch does not discard ARP packets on trusted ports for any reason The Switch discards ARP packets on untrusted ports in the following situations e The sender s information in the ARP packet does not match any of the current bindings e The rate at which ARP packets arrive is too high 18 3 2 3 Syslog The Switch can send syslog messages to the specified syslog server Chapter 21 on page 133 when it forwards or discards ARP packets The Switch can consolidate log messages and send log messages in batches to make this mechanism more efficient 18 3 2 4 Configuring ARP Inspection Follow these steps to configure ARP inspection on the Switch 1 Configure DHCP snooping See Section 18 3 1 3 on page 105 Note It is recommended you enable DHCP snooping at least one day before you enable ARP inspection so that the Switch has enough time to build the binding table 2 Enable ARP inspection on each VLAN 3 Configure trusted and untrusted ports GS1
5. Disable v Disable iv Disable v Disable v Disable iv Disable v Disable Disable v Disable M Status Port Allow 2 Allow 4 Allow 6 Allow 8 Allow 10 Allow 12 Allow 14 Allow 16 Allow 18 Allow 20 Allow 22 Allow 24 Allow 26 isi Cii Local iv guest guest State Status Disable v Allow Disable v Allow Disable v Allow Disable v Allow Disab ev Allow Disable x Allow Disable x Allow Disable x Allow Disable v Allow Disable Allow Disable v Allow Disable Allow Disable v Allow GS1510 Series User s Guide Chapter 20 Web Authentication The following table describes the labels in this screen Table 38 Configuration LABEL DESCRIPTION State Select Enable to use the web authentication feature Method Select whether to use Local or RADIUS as the authentication method The Local method of authentication uses the user and guest user groups of the user account database on the Switch to authenticate However only a certain number of accounts can exist at one time RADIUS is a security protocol used to authenticate users by means of an external server instead of an internal device user database that is limited to the memory capacity of the device In essence RADIUS allows you to validate an unlimited number of users from a central location Radius Server When RADIUS is selected as the a
6. Product Specifications This chapter gives details about your Switch s hardware and firmware features 25 1 General Switch Specifications The following tables list the product specifications Table 48 Physical and Environmental Specifications LEDs Per Switch PWR SYS Per Gigabit port LNK ACT FDX Per mini GBIC port LNK ACT Dimensions Standard 19 rack mountable GS1510 16 GS1510 24 440 W x 170 D x 44 mm H Device Weight GS1510 16 2 3 Kg GS1510 24 2 4 Kg Temperature Operating 09 C 509 C 329 F 1229 F Storage 409 C 70 C 409 F 158 F Humidity 10 95 non condensing Power Supply GS1510 16 AC 100 240V 50 60Hz 0 3A max internal universal power supply GS1510 24 AC 100 240V 50 60Hz 0 4A max internal universal power supply Power GS1510 16 18W maximum Consumption GS1510 24 21W maximum Safety UL 60950 1 CSA 60950 1 EN 60950 1 IEC 60950 1 EMC FCC Part 15 Class A CE EMC Class A GS1510 Series User s Guide 151 Chapter 25 Product Specifications Table 49 General Product Specifications Interface GS1510 16 16 1000BASE T RJ 45 Gigabit Ethernet ports GS1510 24 24 1000BASE T RJ 45 Gigabit Ethernet ports For GS1510 24 2 Mini GBIC Small Form Factor Pluggable SFP slot Auto negotiation Auto MDIX Compliant with IEEE 802 3ad u x Back pressure flow control for half duplex Flow control for full duplex IE
7. Ta scl bens snp Terry 108 TOR DREDOOUDEE sedie eise sad al d AAE E OTETA SERENA iE A ESEA 110 TOO A UR THBIS aii occhdnpe ode pU icon N 111 TT ENEMI VANS soaa T2 mre qem m RN 112 jx c 114 Chapter 19 Ip MMC 117 EXT a s RETE NT ET Mitre me 117 19 2 What You Can DO c M Ti 15 3 What You Nead to OW eicit pet IIRE FRI E EEER Ye EH S REEF ers EE EE ZEE Wa d gg add 118 193 1 IEEE 802 TX AUIDONUCBNCN 15 5 oir pEE ISP ERE CHEEPEr EE HR Rien 118 19 3 7 Local User AOGOUITS auci ipic ee devi oti bf nner Lex Id Fr bu nia UE tA PUE ERIT 118 p orit cds Xe s 118 it abeo ec 120 Chapter 20 Web Authentication crassana ER ESAE ARARE EEANN 123 2T OVEN uoaa A E R e ye ry 123 20 2 What You Gan DO ER 123 20 3 What You ovid S 123 20 3 1 User Authentication EXPE eiae atrae eor Ra Ee ata aandie aaa Sia aaa EUR end 124 im aurei MR 125 UU ETTE Ren e sed ee EN T etek ls E ele I A E E I A aay aka pelea 126 Chapter 21 Mantena NEE ae ims echa cbNa ec es REA pa aer uU Macci usps uci ER ME de 129 Uh COON IGM La i ed eH QR IRE STER DD ERI ti PIN TERR RUM IR i Pn RN NEN RR MI 129 alc What rou Can DO E 129 Aka CONRO 1518 aien A ES E INT 130 ELLES mu em 130 PoBSmM silere 131 21 3 3 Restore Factory Default Settings enses enr e i C i d 131 AE E A EE E E O E OA E seuss 132 PAE NE re 1
8. A D uy a a an g 4 192 168 1 0 25 88192 168 1 128 25 8I 43 4 am mumamam umm um um P Gee um um um im um m5 In a 25 bit subnet the host ID has 7 bits so each sub network has a maximum of 27 2 or 126 possible hosts a host ID of all zeroes is the subnet s address itself all ones is the subnet s broadcast address 192 168 1 0 with mask 255 255 255 128 is subnet A itself and 192 168 1 127 with mask 255 255 255 128 is its broadcast address Therefore the lowest IP address that can be assigned to an actual host for subnet A is 192 168 1 1 and the highest is 192 168 1 126 Similarly the host ID range for subnet B is 192 168 1 129 to 192 168 1 254 Example Four Subnets The previous example illustrated using a 25 bit subnet mask to divide a 24 bit address into two subnets Similarly to divide a 24 bit address into four subnets you need to borrow two host ID bits to give four possible combinations 00 01 10 and 11 The subnet mask is 26 bits 11111111 11111111 11111111 11000000 or 255 255 255 192 170 GS1510 Series User s Guide Appendix B IP Addresses and Subnetting Each subnet contains 6 host ID bits giving 29 2 or 62 hosts for each subnet a host ID of all zeroes is the subnet itself all ones is the subnet s broadcast address Table 58 Subnet 1 IP SUBNET MASK NETWORK NUMBER LAST OCTET BI
9. 2 Check the hardware connections See the Quick Start Guide 3 Inspect your cables for damage Contact the vendor to replace any damaged cables 4 Disconnect and re connect the power cord to the Switch GS1510 Series User s Guide 147 Chapter 24 Troubleshooting 5 If the problem continues contact the vendor 24 2 Switch Access and Login forgot the IP address for the Switch 1 The default IP address is 192 168 1 1 2 If this does not work you have to reset the device to its factory defaults See Section 3 3 on page 31 forgot the username and or password 1 The default username is admin and the default password is 1234 2 If this does not work you have to reset the device to its factory defaults See Section 3 3 on page 31 cannot see or access the Login screen in the Web Configurator 1 Make sure you are using the correct IP address e The default IP address is 192 168 1 1 e If you changed the IP address use the new IP address e If you changed the IP address and have forgotten it see the troubleshooting suggestions for I forgot the IP address for the Switch 2 Check the hardware connections and make sure the LEDs are behaving as expected See your Quick Start Guide and Section 3 2 on page 30 3 Make sure your Internet browser does not block pop up windows and has JavaScripts and Java enabled 4 Make sure your computer is in the same subnet as the Switch If you know that th
10. Unknown This field displays whether the Switch is set to discard or flood unknown Mulitcast mulicast packets Packets 12 5 Port Settings Click Advanced Applications gt IGMP Snooping gt Port Settings to open the following screen Use this screen to enable or disable immediate leave on ports When immediate leave is enabled on a port the Switch removes a port from the multicast table immediately when an IGMP leave report is received on that port Figure 40 IGMP Snooping Port Setting IGMP Snooping Port Setting Immediate Leave Ports General Settings O Select All O Deselect All 20406 08 10 112 014 016 18 020 022 024 1 FI3 FS F17 9 11 E113 015 17 019 021 023 25 126 The following table describes the labels in this screen Table 18 IGMP Snooping Port Setting LABEL DESCRIPTION Leave Ports Immediate Select individual ports on which to enable immediate leave Use Select All or Deselect All to enable or disable immediate leave for all ports Apply Click Apply to save your changes to the Switch Refresh Click Refresh to begin configuring this screen afresh GS1510 Series User s Guide Chapter 12 IGMP Snooping GS1510 Series User s Guide Link Aggregation 13 1 Overview This chapter shows you how to logically aggregate physical links to form one logical h
11. Appendix D Open Software Announcements when you distribute the same sections as part of a whole which is a work based on the Program the distribution of the whole must be on the terms of this License whose permissions for other licensees extend to the entire whole and thus to each and every part regardless of who wrote it Thus it is not the intent of this section to claim rights or contest your rights to work written entirely by you rather the intent is to exercise the right to control the distribution of derivative or collective works based on the Program In addition mere aggregation of another work not based on the Program with the Program or with a work based on the Program on a volume of a storage or distribution medium does not bring the other work under the scope of this License 3 You may copy and distribute the Program or a work based on it under Section 2 in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following a Accompany it with the complete corresponding machine readable source code which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange or b Accompany it with a written offer valid for at least three years to give any third party for a charge no more than your cost of physically performing source distribution a complete machine readable copy of the corresponding source code t
12. M 101 I s pez MN UE EU UTR OTT 103 il ER 117 jy s yip ener me ee ce nnn pene Beet aa rer te rope Yer creer errr fe etrer verter err tee 123 MIN ONAN acai con ettet osep ida eittis un en diis tas uda v eite suman tla ces ite 129 cl ae 135 da sco Ae CT 143 Troubleshooting amp Product Specifications eese 145 VECES SHOE dus ost ct cs epo Eus sadam a nd tno Mui oda pntud Cl nds 147 ueofriee epire ge c 151 Appendices and RASH dat 157 GS1510 Series User s Guide 9 Contents Overview GS1510 Series User s Guide Table of Contents Table of Contents About This Usb s CUI uidi vd E TEE SEE ERE Fac DEFERT RE OR RRRE RH X EORNM EE SRM SIN DE RO Gr M AERE 3 Document Convo DURS e cud kTaXEvE Ge ket KR EHE QU KD XR ARR CTRTUA ras OR FA RR RE FER BEAR ARRA NER IN RE VER TEL VETIS 5 Safety rli e E S 7 GOntents QUBIFVIBU iios Ie PE RYE eru TE Tu ED SAPE KTUEFOA MEO V QUXM EIE CIR GRAVE UC NU GU STRING ERO LM OU VM DNE ME 9 Table pF CONG NES acia ador EORR ER GERNE RE RU EHE V RORTE nite OO DE PC TELE TANE GRE FERES 11 Part Introduction and Hardware Overview 17 Chapter 1 Getting to Know Your Swit eu eee ir rta r atout p aoa no Rak uan Ao RXX EN EAKR RNSK KAEA 19 T produco aia AE OAL EE AEE OEE EET 19 111 Backbone APPICCATI sirnani Ea EE E
13. Select All Ports to configure the port isolation settings for all ports on the Switch Egress Port An egress port is an outgoing port that is a port through which a data packet leaves Selecting a port as an outgoing port means it will communicate with the port currently being configured If you wish to allow two subscriber ports to talk to each other you must define the egress port for both ports CPU refers to the Switch management port By default it forms a VLAN with all Ethernet ports If it does not form a VLAN with a particular port then the Switch cannot be managed from that port Select All Click Select All to mark all ports as egress ports and permit traffic Deselect All i Click Deselect All to unmark all ports and isolate them Deselecting all ports means the port being configured cannot communicate with any other port This will also deselect the CPU outgoing port which will disable Switch management for that port This option is the most limiting but also the most secure Apply Click this to save any changes to the Switch Refresh Click this to reload the screen and reset any changes that were just made Port V indicates the port s packets can be sent to that port Isolation dox Status indicates the port s packets cannot be sent to that port GS1510 Series User s Guide Chapter 10 VLAN 10 5 VLAN Settings Use this screen to configure a static VLAN and assign member p
14. You can also configure a more specific search by selecting to search only for devices with a specific model name To do this use the Model Name drop down box If no model name is entered all devices will be scanned Figure 82 ZyXEL Device Discovery Utility ft ZyXEL Device Discovery ZyXEL ZyXEL Device Discovery Model Name Xu Device Information Please click IP Address to connect to HTTP Server piter z sd GS1510 Series User s Guide Appendix A Device Auto Discovery After performing a search on the network some results will display in the table When you have located the device you are looking for double click anywhere within the row to launch the device s web configurator in your browser If there are too many devices on the network you can use the Filter drop down box to narrow down the results With this function you can filter the results by Model Name MAC Address and IP Address Figure 83 ZyXEL Device Discovery Utility Results ft ZyXEL Device Discovery ZyXEL ZyXEL Device Discovery Model Name 7 Ey Device Information Please click IP Address to connect to HTTP Server Filter z sd L Model Name System Name System Location i 172 20 1 102 00 01 05 01 00 22 GS1510 24 GS1510 24 2 17220 19 00 0b 04 29 26 06 GS1510 24 GS1510 24 3 172 20 1 162 00 0b 04 28 26 71 GS1510 24 GS1510 24 GS1510 Series User s Guide IP Addresses and Subn
15. 2 Disable all ports 3 Forget the password and or IP address 4 Enable Dynamic ARP without entering the proper MAC to IP address binding 4 6 Resetting the Switch If you lock yourself and others from the Switch or forget the administrator password you will need to reset the Switch back to the factory defaults Use the RESET button to reset the Switch back to factory defaults Press and hold the RESET button for five seconds The Switch will reload its factory defaults The Switch is now reinitialized with a default configuration file including the default administrator username admin and password 1234 The IP address of the Switch also reverts to the default 192 168 1 1 GS1510 Series User s Guide Chapter 4 The Web Configurator 4 7 Logging Out of the Web Configurator Click Logout on the top right corner of the screen to exit the Web Configurator You have to log in with your password again after you log out This is recommended after you finish a management session for security reasons Figure 24 Web Configurator Logout Link F About Logout ms Advance GS1510 Series User s Guide System This chapter describes the system screens 5 1 System Screen The home screen of the Web Configurator displays general system information Click System Status System Information in the navigation panel to view device specific information such as host name firmware version and so on Figure 25 Syste
16. 20 16 4094 5 255 255 248 0 21 32 2046 6 255 255 252 0 22 64 1022 7 255 255 254 0 23 128 510 8 255 255 255 0 24 256 254 9 255 255 255 128 25 512 126 10 255 255 255 192 26 1024 62 11 255 255 255 224 27 2048 30 12 255 255 255 240 28 4096 14 13 255 255 255 248 29 8192 6 14 255 255 255 252 30 16384 2 15 255 255 255 254 31 32768 1 Configuring IP Addresses Where you obtain your network number depends on your particular situation If the ISP or your network administrator assigns you a block of registered IP addresses follow their instructions in selecting the IP addresses and the subnet mask If the ISP did not explicitly give you an IP network number then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established If this is the case it is recommended that you select a network number from 192 168 0 0 to 192 168 255 0 The Internet Assigned Number Authority IANA reserved this block of addresses specifically for private use please do not use any other number unless you are told otherwise You must also enable Network Address Translation NAT on the Switch Once you have decided on the network number pick an IP address for your Switch that is easy to remember for instance 192 168 1 1 but make sure that no other device on your network is using that IP address The subnet mask specifies the network number
17. 7 1 oy GS1510 Series User s Guide Chapter 15 QoS The following table describes the labels in this screen Table 25 Queuing Method LABEL DESCRIPTION QoS Method Select Weighted Fair Queuing WFQ Strict Priority SP or Weighted Round Robin WRR Note Queue weights can only be changed when Weighted Round Robin is selected Weighted Round Robin scheduling services queues on a rotating basis based on their queue weight the number you configure in the queue Weight field Queues with larger weights get more service than queues with smaller weights Queue ID This field indicates which Queue 0 to 7 you are configuring Queue 0 has the lowest priority and Queue 7 the highest priority Weight Value You can only configure the queue weights when Weighted Round Robin is selected Bandwidth is divided across the different traffic queues according to their weights Note If you want to use Strict Priority but want to change the weights for the queues configure them with Weighted Round Robin selected first and then change the scheduling method to Strict Priority Apply Click Apply to save the changes back to the Switch Refresh Click Refresh to begin configuring this screen afresh GS1510 Series User s Guide Chapter 15 QoS GS1510 Series User s Guide 16 0 1 Storm Control This chapter shows you how you can manage bandwidth on each port
18. Authentication Dial In User Service RFC 2138 2139 protocol to validate users When a user on an enabled port accesses the Internet a customized web login page will display User accounts with User or Guest privileges can login past this screen and access the Internet 20 2 What You Can Do e Use the Configuration screen Section 20 4 on page 125 to configure the authentication method and port settings e Use the Customization screen Section 20 5 on page 126 to configure the appearance of the web login screen that users will see 20 3 What You Need to Know Web authentication allows the network administrator to set a username and password for Internet access on a particular port This feature could be used on a guest terminal for example in a company meeting room where guests are allowed to connect to the Internet but not the local network which is thereby kept secure GS1510 Series User s Guide 12 Chapter 20 Web Authentication 20 3 1 When a device using that port attempts to connect to the Internet the web browser will request a username and password before allowing access If a port is not successfully authenticated all IP packets from that device will be filtered Note The URL entered by the user should be a domain such as http news zyxel com it cannot be in one of the formats listed below e A specific IP address example http 172 20 1 111 e A domain with a full address example htt
19. DSCP 10 ov DSCP 11 o v DSCP 12 0v DSCP 13 o a DSCP 14 0v DSCP 15 o w DSCP 16 0v DSCP 17 ofm DSCP 18 0 v DSCP 19 o x DSCP 20 ojx DSCP 21 oja DSCP 22 0v DSCP 23 0 v DSCP 24 ojx DSCP 25 0 v DSCP 26 0v DSCP 27 0 x DSCP 28 oly DSCP 29 o v DSCP 30 oly DSCP 31 o v DSCP 32 0 v DSCP 33 oly DSCP 34 0 v DSCP 35 o v DSCP 36 ov DSCP 37 0 v DSCP 38 0 v DSCP 39 0v DSCP 40 Ov DSCP 41 ofa DSCP 42 0v DSCP 43 o v DSCP 44 oly DSCP 45 ojm DSCP 46 oly DSCP 47 o v DSCP 48 oly DSCP 49 ofm DSCP 50 olx DSCP 51 low DSCP 52 0v DSCP 53 olmi DSCP 54 o m DSCP 55 0 DSCP 56 oly DSCP 57 ofa DSCP 58 0v DSCP 59 o a DSCP 60 0 v DSCP 61 0 v DSCP 62 9 vl DSCP 63 o x E GS1510 Series User s Guide Chapter 15 QoS The following table describes the labels in this screen Table 23 P DiffServ DSCP LABEL DESCRIPTION Mode Select Tag Over DSCP if you want to use 802 1p Priority in packets to prioritize traffic Select DSCP Over Tag if you want to use DSCP priority to prioritize traffic even if the packet has an IEEE 802 1p priority tag DSCP This field displays the number of each DSCP service level Priority Select the IEEE 802 1p priority you want to assign to the packets with the DSCP service level Note The changes are not applied until you click Apply Apply Click Apply to save the changes back to the Switch Refresh Click Refresh to begin configuring this screen afresh
20. Figure 80 Trap Receiver SNMP Settings Trap Receiver List No IP Address Trap Receiver Settings IP Address T Communi Name Version Community String vi l Version Community String Action The following table describes the labels in this screen Table 46 Trap Receiver LABEL DESCRIPTION IP Address Enter the IP address of the remote trap station in dotted decimal notation Version Select the version of the Simple Network Management Protocol to use vi or v2c Community Specify the community string used with this remote trap station String Apply Click this to save any changes to the Switch Refresh Click this to reset the contents of the text boxes Trap Receiver List GS1510 Series User s Guide Chapter 22 SNMP Table 46 Trap Receiver continued LABEL DESCRIPTION No This field displays the index number of the trap receiver entry Click the number to modify the entry IP Address This field displays the IP address of the remote trap station Version This field displays the version of Simple Network Management Protocol in use v1 or v2c Community This field displays the community string used with this remote trap String station Action Click Delete to remove a configured trap receiver station GS1510 Series User s Guide Chapter 22 SNMP GS1510 Series User s Guide User Account 23 1 Overview Th
21. Show Type Al Apply Refresh MAC Address Type VLAN ID Port 00 13 49 00 00 0a Static 1 2 00 02 e3 57 ea 1c Dynamic 1 11 00 0b 04 29 26 04 Static 1 CPU GS1510 Series User s Guide 53 Chapter 7 MAC Management The following table describes the labels in this screen Table 9 MAC Table LABEL DESCRIPTION Show Type Select Static Dynamic or All and then click Apply to display the corresponding MAC address entries on this screen Apply Refresh Click this to update the information in the MAC table MAC Address This field displays a MAC address Type This field displays whether this entry was entered manually Static or whether it was learned by the Switch Dynamic VLAN ID This field displays the VLAN ID of the MAC address entry Port This field displays the port number the MAC address entry is associated It displays CPU if it is the entry for the Switch itself GS1510 Series User s Guide Port Mirroring This chapter discusses port mirroring 8 1 Port Mirroring Settings Port mirroring allows you to copy traffic flow to a monitor port the port you copy the traffic to in order that you can examine the traffic from the mirrored port without interference Click Basic Settings Port Mirroring to display the following screen Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port Figure 32 Port
22. This field displays the maximum host count for each port on the Switch GS1510 Series User s Guide Chapter 18 IP Source Guard 18 6 ARP Inspection Use this screen to enable disable ARP Inspection You can also use this screen to specify whether ports are trusted or untrusted and which VLANs are enabled for ARP inspection To open this screen click Security IP Source Guard ARP Inspection ARP Inspection Figure 57 ARP Inspection ARP Inspection Settings State Disable VLAN State Add v e g 1 3 5 10 Trusted Ports O Select All Deselect All 2 04 06 08 10 012 014 0116 18 120 122 124 26 173 FS Fg 9 11 FI13 F115 17 019 O21 023 25 Apply ARP Inspection Status ARP Inspection State Disabled Enabled on VLAN None Trusted Ports None The following table describes the labels in this screen Table 32 ARP Inspection LABEL DESCRIPTION State Use this to Enable or Disable ARP inspection on the Switch VLAN State Enter the VLAN IDs you want the Switch to enable ARP Inspection for You can designate multiple VLANs individually by using a comma and by range with a hyphen Trusted Ports Select the ports which are trusted and deselect the ports which are untrusted The Switch does not discard ARP packets on trusted ports for any reason The Switch discards ARP packets on unt
23. To the extent that the Software contains third party software ZyXEL has no express or implied obligation to provide any technical or other support for such software other than compliance with the applicable license terms of such third party and makes no warranty express implied or statutory whatsoever with respect thereto Please contact the appropriate software vendor or manufacturer directly for technical support and customer service related to its software and products GS1510 Series User s Guide Appendix D Open Software Announcements 5 Confidentiality You acknowledge that the Software contains proprietary trade secrets of ZyXEL and you hereby agree to maintain the confidentiality of the Software using at least as great a degree of care as you use to maintain the confidentiality of your own most confidential information You agree to reasonably communicate the terms and conditions of this License Agreement to those persons employed by you who come into contact with the Software and to use reasonable best efforts to ensure their compliance with such terms and conditions including without limitation not knowingly permitting such persons to use any portion of the Software for the purpose of deriving the source code of the Software 6 No Warranty THE SOFTWARE IS PROVIDED AS IS TO THE MAXIMUM EXTENT PERMITTED BY LAW ZyXEL DISCLAIMS ALL WARRANTIES OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING WITHOUT LIMITATION IMPLI
24. impose that choice This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License 8 If the distribution and or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries so that distribution is permitted only in or among countries not thus excluded In such case this License incorporates the limitation as if written in the body of this License GS1510 Series User s Guide 187 Appendix D Open Software Announcements 188 9 The Free Software Foundation may publish revised and or new versions of the General Public License from time to time Such new versions will be similar in spirit to the present version but may differ in detail to address new problems or concerns Each version is given a distinguishing version number If the Program specifies a version number of this License which applies to it and any later version you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation If the Program does not specify a version number of this License you may choose any version ever published by the Free Software Foundation 10 If you wish to incorporate parts of the Program into other free programs whose
25. 1 Backbone Application The Switch is an ideal solution for small networks where rapid growth can be expected in the near future The Switch can be used standalone for a group of heavy traffic users You can connect computers and servers directly to the Switch s port or connect other switches to the Switch GS1510 Series User s Guide Chapter 1 Getting to Know Your Switch In this example all computers can share high speed applications on the server To expand the network simply add more networking devices such as switches routers computers print servers etc Figure 1 Backbone Application 1 1 2 Bridging Example In this example application the Switch connects different company departments RD and Sales to the corporate backbone It can alleviate bandwidth contention and eliminate server and network bottlenecks All users that need high bandwidth can connect to high speed department servers via the Switch You can provide a super fast uplink connection by using a Gigabit Ethernet mini GBIC port on the Switch Moreover the Switch eases supervision and maintenance by allowing network managers to centralize multiple servers at a single location Figure 2 Bridging Application s L i ue eee UE OU Sales m oum um um um um um um XS a ee 8 8 8 8 wA m ow oum om m um m u u m U Sse mom om m o m mmm t m m m m rrr rs GS1510 Series
26. BUPTNIC copyright notice BSD Copyright c 2004 Cisco Inc and Information Network Center of Beijing University of Posts and Telecommunications All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of Cisco Inc Beijing University of Posts and Telecommunications nor the names of their contributors may be used to endorse or promote products derived from this software without specific prior written permission GS1510 Series User s Guide Appendix D Open Software Announcements THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS O
27. CoS 88 configuration Index change running config 132 configuration file backup 130 restore 131 configuration saving 43 copyright 175 current date 49 current time 49 D daylight saving time 50 DHCP snooping 104 configuring 105 trusted ports 104 untrusted ports 104 DHCP snooping database 104 Diffserv DS field 88 DSCP 88 dimensions 153 disclaimer 175 DS Differentiated Services 88 DSCP DiffServ Code Point 88 duplex modes 28 dynamic link aggregation 77 E Ethernet ports 28 default settings 28 F FCC interference statement 175 filtering database MAC table 51 GS1510 Series User s Guide Index firmware 46 upgrade 132 firmware version 45 front panel 27 G general features 152 general setup 48 49 GMT Greenwich Mean Time 50 H hardware installation 23 mounting 24 hardware overview 27 IANA 174 IEEE 802 1x activate 120 IEEE 802 1x port authentication 117 IGMP filtering profiles 74 installation freestanding 23 precautions 24 rack mounting 24 Internet Assigned Numbers Authority See IANA 174 introduction 19 IP address 45 IP address setup 47 IP source guard 103 104 ARP inspection 104 105 DHCP snooping 104 static bindings 104 L L2 management 52 LACP 78 system priority 80 layer 2 features 152 LEDs 30 link aggregation 77 dynamic 77 78 Link Aggregation Control Protocol LACP 78 Link Aggregation Control Protocol see LACP 78 lockout 43 login 35 pas
28. ES ELLE E VV a Vea EVA EVZ EVI EVO EVZL EVO EVO EE SV VOS VOX EVER VERI o3 ond eon es ERI BV Een Df RSNA AA ZV v EVA Eo ELO OO EV V E EAS PTT IET E ET ENT Ee EET ST ENS E E V Wed Y A VOLEVA V2 EVA EVI EV ENS EV ER EVA LEE NN HEN Ea Ee Eua Hen lea Et EVER Ba ENG IV EM vviiVI VAIO EVA EVO EVI EVI LEVE SENE I6 EE Due Ee e He Een eve Ds EDT ran EUN EE VIV ge V2 EL EV EVO ENVOI VEZ RV S leid EE ENERO IERI EST vio LENT ENT IOVI EN V Vi Vi VIVO VUIUMUUMAL EVE EIS ONLUS I2 EMS OWE ee ENS 0T EIS NP ES NC SERT EET EVE EE V V VALVE EVA EVO EVO EV evan EVA DV EV ER Ed ER A 0 EN EV Vo EVO EN EV EV EN v Vii Vivi V2 EV v4 EVA EL EV LES Eo Dd EAT re en en ves oen Ne even een EST EN BENIN 2S SZ IZ SZ BEES 28 S 2 ap e P ze so e n A ndo EN v vivi vivi vi Vo EL eo ES Io eod vA ES T E En Es NER PN oe ez ES ESET al EE EE V VOV i VEA EVA VOTE EOS SS SV SUA PED IER V Lo oia MR LN Ia Ea oia ENS PER EM EVI EE v v Vi VL Vo ELI EZ ED T S Lo Ern oo rd we De even ere PD Ne ve ees Ea Ie UNCTUS BEES EVA EVI VA AR EVO E EZ E EVI OO CS VS ES 0T EX EO oua Ind EVER a Wal aid ENS EE EN v vivi v viv vivi Va Eo ivo Evo Eod va Ev POR Even Een ENS Ee Psp ee e Ve NP US EVvVVvVVvVvVvvvvvv v V3 EVA EVA EVA BV Y Y V GS1510 Series User s Guide Chapter 10 VLAN The following table describes the labels in this screen Table 12 Port Isolation LABEL DESCRIPTION Port Select a port number to configure its port isolation settings
29. IGMP Snooping Status IGMP Snooping State Disabled IGMP Snooping VLAN State None Unknown Multicast Packets Drop The following table describes the labels in this screen Table 17 IGMP Snooping LABEL DESCRIPTION IGMP Snooping Select Enable to activate IGMP Snooping to forward group multicast State traffic only to ports that are members of that group Select Disable to disactivate the feature IGMP Snooping Select Add and enter VLANs upon which the Switch is to perform IGMP VLAN State snooping The valid range of VLAN IDs is between 1 and 4094 Use a comma or hyphen to specify more than one VLANs Select Delete and enter VLANs on which to have the Switch not perform IGMP snooping Unknown Specify the action to perform when the Switch receives an unknown Multicast multicast frame Select Drop to discard the frame s Select Flooding Packets to send the frame s to all ports Apply Click Apply to save your changes to the Switch Refresh Click Refresh to begin configuring this screen afresh GS1510 Series User s Guide Chapter 12 IGMP Snooping Table 17 IGMP Snooping continued LABEL DESCRIPTION IGMP Snooping This field displays whether IGMP snooping is globally enabled or State disabled IGMP Snooping This field displays VLANs on which the Switch is to perform IGMP VLAN State snooping None displays if you have not enabled IGMP snooping on any port yet
30. NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 8 Apple Inc copyright notice BSD Copyright c 2007 Apple Inc All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 Neither the name of Apple Inc Apple nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission GS1510 Series User s Guide Appendix D Open Software Announcements THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT
31. PRODUCT APPAREIL A LASER DE CLASS 1 PRODUCT COMPLIES WITH 21 CFR 1040 10 AND 1040 11 PRODUIT CONFORME SELON 21 CFR 1040 10 ET 1040 11 GS1510 Series User s Guide Appendix C Legal Information Viewing Certifications 1 Goto http www zyxel com 2 Select your product on the ZyXEL home page to go to that product s page 3 Select the certification you wish to view from this page ZyXEL Limited Warranty ZyXEL warrants to the original end user purchaser that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials ZyXEL will at its discretion repair or replace the defective products or components without charge for either parts or labor and to whatever extent it shall deem necessary to restore the product or components to proper operating condition Any replacement will consist of a new or re manufactured functionally equivalent product of equal or higher value and will be solely at the discretion of ZyXEL This warranty shall not apply if the product has been modified misused tampered with damaged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warra
32. Search for the latest product updates and documentation from this link Read the Tech Doc Overview to find out how to efficiently use the User Guide Quick Start Guide and Command Line Interface Reference Guide in order to better understand how to use your product Knowledge Base If you have a specific question about your product the answer may be here This is a collection of answers to previously asked questions about ZyXEL products Forum This contains discussions on ZyXEL products Learn from others who use ZyXEL products and share your experiences as well Customer Support In the event of problems that cannot be solved by using this manual you should contact your vendor If you cannot contact your vendor then contact a ZyXEL office for the region in which you bought the device See http www zyxel com web contact_us php for contact information Please have the following information ready when you contact an office Product model and serial number Warranty Information Date that you received your device Brief description of the problem and the steps you took to solve it GS1510 Series User s Guide Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User s Guide Warnings tell you about things that could harm you or your device Note Notes tell you other important information for example other things you may need to configure or helpful
33. Syslog The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages A syslog enabled device can generate a syslog message and send it to a syslog server Syslog is defined in RFC 3164 The RFC defines the packet format content and system log related information of syslog messages Each syslog message has a facility and severity level The syslog facility identifies a file in the syslog server Refer to the documentation of your syslog program for details The following table describes the syslog severity levels Table 40 Syslog Severity Levels CODE SEVERITY Alert Action must be taken immediately Critical The system condition is critical Error There is an error condition on the system Warning There is a warning condition on the system Notice There is a normal but significant condition on the system Oo Wi BRB UJIN Informational The syslog contains an informational message GS1510 Series User s Guide 133 Chapter 21 Maintenance Click Management Maintenance System Log to display the screen as shown next Click Refresh to update the log and see any available new entires Figure 76 System Log Configuration T Firmware T Reboot Server IP 0 0 0 0 Disable System Log Log Level All v Show 6 2000 Jan 1 00 00 11 System Warm Start El lt 6 gt 2000 Jan 1 00 00 2
34. a manager and agents to communicate for the purpose of accessing these objects SNMP itself is a simple request response protocol based on the manager agent model The manager issues a request and the agent returns responses using the following protocol operations Table 42 SNMP Commands COMMAND DESCRIPTION Get Allows the manager to retrieve an object variable from the agent GetNext Allows the manager to retrieve the next object variable from a table or list within an agent In SNMPvi when a manager wants to retrieve all elements of a table from an agent it initiates a Get operation followed by a series of GetNext operations Set Allows the manager to set values for object variables within an agent Trap Used by the agent to inform the manager of some events GS1510 Series User s Guide Chapter 22 SNMP 22 3 2 Supported MIBs MIBs let administrators collect statistics and monitor status and performance The Switch supports the following MIBs RFC 1157 SNMP RFC 1213 SNMP MIB II e MIB II System e MIB II Interface RFC 1643 Ethernet MIB RFC 1493 Bridge MIB e RFC 1757 RMON e Group 1 Statistics e Group 2 History e Group 3 Alarm e Group 9 Event 22 3 3 SNMP Traps The Switch sends traps to an SNMP manager when an event occurs SNMP traps supported are outlined in the following table Table 43 SNMP Traps OBJECT LABEL OBJECT ID DESCRIPTION SNMPv1 SNMPv2 Trap Inform Re
35. aggregate physical links to form one Aggregation logical higher bandwidth link Loop Guard Use this screen to configure protection against network loops that occur on the edge of your network QoS Use these screens to configure 802 1p priority IP Diffserv DSCP queuing method with associated queue weights and priority queue mapping for the Switch Storm Control Use this screen to cap the rate of broadcast multicast and destination lookup failure DLF packets the Switch will allow on individual ports STP Use these screens to configure the STP RSTP to prevent network loops Security IP Source Guard DHCP Use these screens to configure filtering of unauthorized DHCP packets Snooping in your network ARP Use these screens to configure filtering of unauthorized ARP packets in Inspection your network Binding Table Use this screen to view the information of any hosts which successfully connected to an IP address through the DHCP server GS1510 Series User s Guide Chapter 4 The Web Configurator Table 3 Navigation Panel Links continued LINK DESCRIPTION 802 1x Use this screen to configure 802 1x authentication method This method uses an authentication server RADIUS server to validate access to a port based on a username and password provided by the user Web Use this screen to configure settings that define when notifications are Authenticat
36. and set up broadcast storm control settings using the Storm Control screen Broadcast Storm Control Setup Broadcast storm control limits the number of broadcast multicast and unknown unicast also referred to as Destination Lookup Failure or DLF packets the Switch receives per second on the ports When the maximum number of allowable broadcast multicast and unknown unicast packets is reached per second the subsequent packets are discarded Enable this feature to reduce broadcast multicast and unknown unicast packets in your network Click Advanced Settings Bandwidth Management Storm Control to display the screen as shown next Figure 51 Broadcast Storm Control Port Rate Type 1 5000 pps Broadcast M Range 1 1048575 Disable 0 Port Rate pps Type Port Rate pps Type 1 5000 Broadcast 2 0 3 0 4 2000 Bcast DLF 5 0 6 0 F 0 8 0 9 0 10 0 11 0 12 0 13 0 14 0 15 0 16 0 TF 0 18 0 19 0 20 0 21 0 22 0 23 0 24 0 25 0 26 0 GS1510 Series User s Guide Chapter 16 Storm Control The following table describes the labels in this screen Table 26 Broadcast Storm Control LABEL DESCRIPTION Storm Control Settings Port Select the port number for which you want to configure storm control settings Rate Select the number of packets of the type specified in the Type field per second the Switch can receive per second Type Select Broadcast to only spec
37. connect the Switch 2 1 Freestanding Installation 1 Make sure the Switch is clean and dry 2 Set the Switch on a smooth level surface strong enough to support the weight of the Switch and the connected cables Make sure there is a power outlet nearby 3 Make sure there is enough clearance around the Switch to allow air circulation and the attachment of cables and the power cord 4 Remove the adhesive backing from the rubber feet 5 Attach the rubber feet to each corner on the bottom of the Switch These rubber feet help protect the Switch from shock or vibration and ensure space between devices when stacking Figure 5 Attaching Rubber Feet GS1510 Series User s Guide 23 Chapter 2 Hardware Installation and Connection Note Do NOT block the ventilation holes Leave space between devices when stacking For proper ventilation allow at least 4 inches 10 cm of clearance at the front and 3 4 inches 8 cm at the back of the Switch This is especially important for enclosed rack installations 2 2 Mounting the Switch on a Rack This section lists the rack mounting requirements and precautions and describes the installation steps 2 2 1 Rack mounted Installation Requirements e Two mounting brackets e Eight M3 flat head screws and a 2 Philips screwdriver e Four M5 flat head screws and a 2 Philips screwdriver Note Failure to use the proper screws may damage the unit 2 2 1 1 Precautions e Make sure t
38. distribution conditions are different write to the author to ask for permission For software which is copyrighted by the Free Software Foundation write to the Free Software Foundation we sometimes make exceptions for this Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally NO WARRANTY 11 BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE THERE IS NO WARRANTY FOR THE PROGRAM TO THE EXTENT PERMITTED BY APPLICABLE LAW EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND OR OTHER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION 12 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER OR ANY OTHER PARTY WHO MAY MODIFY AND OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE BE LIABLE TO YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PA
39. end of the supplied power cord to a 100 240V AC 50 60 Hz power outlet capable of supplying at least 0 3A 32 GS1510 Series User s Guide PART Il Basic Settings The Web Configurator 35 System 45 General Settings 47 MAC Management 51 Port Mirroring 55 Port Settings 57 The Web Configurator This section introduces the configuration and functions of the Web Configurator 4 1 Introduction The Web Configurator is an HTML based management interface that allows easy setup and management of the Switch via an Internet browser Use Internet Explorer 6 0 or later to access the web configurator The recommended screen resolution is 1024 by 768 pixels In order to use the Web Configurator you need to allow e Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 e JavaScript enabled by default e Java permissions enabled by default Note This User s Guide shows screens from the GS1510 Series unless otherwise specified 4 2 Device Auto Discovery Utility To access the web configurator you will need to know the IP address of the Switch If the default IP address 192 168 1 1 has been changed use the ZyXEL device discovery utility to easily locate the Switch on your network The utility can be found on the CD that came with the Switch see Appendix A on page 159 for installation and usage details 4 3 System Login 1 Start y
40. field Apply Click Apply to save your changes back to the Switch Refresh Click Refresh to begin configuring this screen afresh GS1510 Series User s Guide Port Settings This chapter describes how to view and configure the port settings on the Switch 9 1 Port Settings Use this screen to configure and view Switch port settings Click Basic Settings Port Settings to display the following screen 9 1 1 Auto Negotiation Auto auto negotiation allows one port to negotiate with a peer port automatically to obtain the connection speed and duplex mode that both ends support When auto negotiation is turned on a port on the Switch negotiates with the peer automatically to determine the connection speed and duplex mode If the peer port does not support auto negotiation or turns off this feature the Switch determines the connection speed by detecting the signal on the cable and using half duplex mode When the Switch s auto negotiation is turned off a port uses the pre configured speed and duplex mode when making a connection thus requiring you to make sure that the settings of the peer port are the same in order to connect 9 1 2 Flow Control A concentration of traffic on a port decreases port bandwidth and overflows buffer memory causing packet discards and frame losses Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port The Switch uses IEEE802 3x flow c
41. for Management of IP Address Space GS1510 Series User s Guide Legal Information Copyright Copyright 2010 by ZyXEL Communications Corporation The contents of this publication may not be reproduced in any part or as a whole transcribed stored in a retrieval system translated into any language or transmitted in any form or by any means electronic mechanical magnetic optical chemical photocopying manual or otherwise without the prior written permission of ZyXEL Communications Corporation Published by ZyXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does it convey any license under its patent rights nor the patent rights of others ZyXEL further reserves the right to make changes in any products described herein without notice This publication is subject to change without notice Trademarks ZyNOS ZyXEL Network Operating System is a registered trademark of ZyXEL Communications Inc Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners Certifications Federal Communications Commission FCC Interference Statement This device complies with Part 15 of FCC rules Operation is subject to the following two conditions e This device may not cause harmful interference GS151
42. mm GS1510 Series User s Guide Chapter 4 The Web Configurator 4 3 2 The Advanced Main Screen Click Advance to display the following screen that shows the main navigating components of the Web Configurator screen System Information 4 About Logout Figure 22 Web Configurator Advanced Screens ZyXEL cs1510 24 Lp Y System Status System Information Basic Settings Y Advanced Settings Y Security Y Management ModelName GS1510 24 s H GS151024 V1 00 BVN 0b1 VI 0 BVN 0b1 Wed Jun 30 11 01 11 CST 2010 Disabled 192 168 1 1 255 255 255 0 0 0 0 0 00 0b 04 29 26 04 1 0 96 mation Total 30360 KB Free 25500 KB Usage 16 01 96 2000 1 1 3 45 26 A The device graphic displays the status of the ports B Use the About link to view more information about the device s vendor Use the Logout link to exit the Web Configurator Use the Smart button to go to the smart screens where you can quickly set up some main functions Use the Advanced button to go to the advanced configuration screens C The navigation panel has links to screens that let you configure the Switch s features D The function frame allows you to view and edit individual feature settings 4 3 3 The Navigation Panel Navigate to individual feature configuration screens from the navigation panel GS1510 Series User s Guide Chapter 4 The Web Configurator The following table describes the links in
43. off SYS Green On The system is on and functioning properly Off The system is off or is malfunctioning GS1510 Series User s Guide Chapter 3 Hardware Overview Table 2 LEDs continued LED STATUS DESCRIPTION Gigabit Ethernet Ports LINK ACT Green On The link to a 10 1000 Mbps Ethernet network is up Amber On The link to a 100 Mbps Ethernet network is up Blinking The port is transmitting receiving data Off The link to an Ethernet network is down FDX Amber On The port is negotiating in full duplex mode Off The port is negotiating in half duplex mode and no collisions are occurring Mini GBIC Slots GS1510 24 ONLY LNK ACT Green On The port has a successful connection Blinking The port is receiving or transmitting data Off No Ethernet device is connected to this port or the link to an Ethernet network is down 3 3 Rear Panel The following figures show the rear panels of the AC power input model Switch The rear panel contains a receptacle for the power cord Figure 14 GS1510 16 Rear Panel Figure 15 GS1510 24 Rear Panel 3 3 1 Power Connector Make sure you are using the correct power source as shown on the panel GS1510 Series User s Guide 31 Chapter 3 Hardware Overview To connect the power to the Switch insert the female end of the power cord into the power receptacle on the rear panel Connect the other
44. redundancy that is if an operational port fails then one of the standby ports become operational without user intervention Please note that e You must connect all ports point to point to the same Ethernet switch and configure the ports for LACP trunking LACP only works on full duplex links All ports in the same trunk group must have the same media type speed duplex mode and flow control settings Configure trunk groups or LACP before you connect the Ethernet switch to avoid causing network topology loops 13 4 Static Trunk Use this screen to aggregate groups of physical ports into one higher capacity link Click Advanced Settings gt Link Aggregation gt Static Trunk to display the following screen Figure 41 Static Trunk LACP Group State Group 1 v Disable iv Member Ports O Select All O Deselect All 02 04 06 08 10 112 014 116 18 120 122 124 pins FS ry 9 11 13 F15 17 019 021 023 25 026 Apply Group ID State Member Ports 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled T Disabled 8 Disabled GS1510 Series User s Guide Chapter 13 Link Aggregation The following table describes the labels in this screen Table 19 Static Trunk LABEL DESCRIPTION Group State Select the group ID to use for this trunk group that is one logical link containing multiple ports Selec
45. services queues based on their priority and queue weight the number you configure in the queue Weight field rather than a fixed amount of bandwidth WRR is activated only when a port has more traffic than it can handle Queues with larger weights get more service than queues with smaller weights This queuing mechanism is highly efficient in that it divides any available bandwidth across the different traffic queues and returns to queues that have not yet emptied QoS Enhancement You can configure the Switch to prioritize traffic even if the incoming packets are not marked with IEEE 802 1p priority tags or change the existing priority tags based on the criteria you select The Switch allows you to choose one of the following methods for assigning priority to incoming packets on the Switch Port Based QoS Assign priority to packets based on the incoming port on the Switch See Section 15 4 on page 86 DSCP Based QoS Assign priority to packets based on their Differentiated Services Code Points DSCPs See Section 15 5 1 on page 88 Note Advanced QoS methods only affect the internal priority queue mapping for the Switch The Switch does not modify the IEEE 802 1p value for the egress frames You can choose one of these ways to alter the way incoming packets are prioritized or you can choose not to use any QoS enhancement setting on the Switch 15 4 Port Priority Use the Port Priority screen to specify IEEE 802 1p priority for each
46. shut down the port connected to the switch in loop state The following figure shows a loop guard enabled port N on switch A sending a probe packet P to switch B Since switch B is in loop state the probe packet P returns to port N on A The Switch then shuts down port N to ensure that the rest of the network is not affected by the switch in loop state Figure 45 Loop Guard Probe Packet The Switch also shuts down port N if the probe packet returns to switch A on any other port In other words loop guard also protects against standard network loops GS1510 Series User s Guide Chapter 14 Loop Guard 14 3 Loop Guard Use this screen to enable the loop guard feature and to configure the port recovery time for when a port goes down Click Advanced Settings Loop Guard to display the screen as shown Figure 46 Loop Guard State Disable x MAC Address 01 a0 c5 aa aa ab Port State Loop Recovery Recovery Time min 1 v Disable v Disable v zm m E Range 1 60 Apply Port State Loop Recovery Recovery Time min 1 Disabled Disabled 0 2 Disabled Disabled 0 z Disabled Disabled 0 4 Disabled Disabled 0 5 Disabled Disabled 0 Disab Disabled 0 The following table describes the labels in this screen Table 21 Loop Guard LABEL DESCRIPTION State Select this option to enable loop guard on the Switch The Switch generates syslog i
47. the VLAN This will display None if no ports have been assigned Action Click Delete to remove the VLAN GS1510 Series User s Guide Chapter 10 VLAN 10 6 Tag Settings Use this screen to tag any outgoing frames from a port with its assigned VLAN ID You must first configure a VLAN Section 10 5 on page 67 before using this screen Click Advanced Settings gt VLAN gt VLAN gt Tag Settings to display the following screen Figure 36 Tag Settings Tag Settings Tag Status VLAN ID 100 VLAN ID None x Tag Port O Select All O Deselect All 20406 08 10 012 014 016 18 120 022 124 26 10305 O07 9 11 0113 015 17 019 021 0123 25 Tag Ports UnTag Ports 1 26 The following table describes the labels in this screen Table 14 Tag Settings LABEL DESCRIPTION VLAN ID Select a VLAN ID to configure its port tagging settings Tag Port Selecting a port which is a member of the selected VLAN ID will make it a tag port This means the port will tag all outgoing frames transmitted with the VLAN ID Select All Click Select All to mark all member ports as tag ports Deselect All Click Deselect All to mark all member ports as untag ports Apply Click this to save any changes to the Switch Refresh Click this to reload the screen and reset any changes
48. the exposed section of PCB board facing down Figure 10 Transceiver Installation Example 2 Press the transceiver firmly until it clicks into place 3 The Switch automatically detects the installed transceiver Check the LEDs to verify that it is functioning properly Figure 11 Installed Transceiver oo 3 1 2 2 Transceiver Removal Use the following steps to remove a mini GBIC transceiver SFP module GS1510 Series User s Guide Chapter 3 Hardware Overview 1 Open the transceiver s latch latch styles vary Figure 12 Opening the Transceiver s Latch Example 2 Pull the transceiver out of the slot Figure 13 Transceiver Removal Example RES 3 1 3 The RESET Button Reset the Switch to its factory default configuration via the RESET button Press the RESET button for at least five seconds and then release The Switch automatically reboots and reloads its factory default configuration file The RESET button is on the front panel of the Switch Note When you use the RESET button all of your configuration settings will be lost Use the default IP address 192 168 1 1 and user name admin and password 1234 to log back into the Switch It may take up to 2 minutes for the Switch to restart when you reload the default configuration file 3 2 LEDs The following table describes the LEDs Table 2 LEDs LED STATUS DESCRIPTION PWR Green On The system is turned on Off The system is
49. tips or recommendations Syntax Conventions The GS1510 16 GS1510 24 may be referred to as the Switch the device or the system in this User s Guide Product labels screen names field labels and field choices are all in bold font A key stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on your keyboard Enter means for you to type one or more characters and then press the ENTER key Select or choose means for you to use one of the predefined choices A right angle bracket within a screen name denotes a mouse click For example Maintenance Log Log Setting means you first click Maintenance in the navigation panel then the Log sub menu and finally the Log Setting tab to get to that screen Units of measurement may denote the metric value or the scientific value For example k for kilo may denote 1000 or 1024 M for mega may denote 1000000 or 1048576 and so on e g is a shorthand for for instance and i e means that is or in other words GS1510 Series User s Guide Document Conventions Icons Used in Figures Figures in this User s Guide may use the following generic icons The Switch icon is not an exact representation of your device Switch Computer Notebook computer Server Firewall Telephone Router Switch Nam GS1510 Series User s Guide Safet
50. 0 Series User s Guide 107 Chapter 18 IP Source Guard Table 30 DHCP Snooping continued LABEL DESCRIPTION Server Ports Select the ports that are connected to DHCP servers or other Switches and deselect the ports which are not Server ports are connected to DHCP servers or other switches and the Switch discards DHCP packets from trusted ports only if the rate at which DHCP packets arrive is too high Untrusted ports are connected to subscribers and the Switch discards DHCP packets from these ports in the following situations e The packet is a DHCP server packet for example OFFER ACK or NACK e The source MAC address and source IP address in the packet do not match any of the current bindings e The packet is a RELEASE or DECLINE packet and the source Ban ane and source port do not match any of the current indings e The rate at which DHCP packets arrive is too high Select All Click this to set all ports as server ports Deselect All Click this to deselect all ports that are set as server ports Apply Click this to save any changes to the Switch Refresh Click this to reload the screen and reset any changes that were just made DHCP Snooping State This field displays the current status of the DHCP snooping feature Enabled or Disabled Enabled on VLAN This field displays the VLAN IDs that have DHCP snooping enabled on them This will display None if no VLANs have been
51. 0 Series User s Guide 175 Appendix C Legal Information 176 e This device must accept any interference received including interference that may cause undesired operations FCC Warning This device has been tested and found to comply with the limits for a Class A digital switch pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a commercial environment This device generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operation of this device in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense CE Mark Warning This is a class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures Taiwanese BSMI Bureau of Standards Metrology and Inspection A Warning SEU BRI jee ARS alee TEARS ARS RASHES Sta T TERIS eae BAS TE Notices Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment This Class A digital apparatus complies with Canadian ICES 003 Cet appareil num rique de la classe A est conforme a la norme NMB 003 du Canada CLASS 1 LASER
52. 00 10101000 00000001 Host ID 00000010 By convention subnet masks always consist of a continuous sequence of ones beginning from the leftmost bit of the mask followed by a continuous sequence of zeros for a total number of 32 bits Subnet masks can be referred to by the size of the network number part the bits with a 1 value For example an 8 bit mask means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes Subnet masks are expressed in dotted decimal notation just like IP addresses The following examples show the binary and decimal notation for 8 bit 16 bit 24 bit and 29 bit subnet masks Table 55 Subnet Masks BINARY 1ST 2ND 3RD 4TH DECIMAL OCTET OCTET OCTET OCTET 8 bit mask 11111111 00000000 00000000 00000000 255 0 0 0 16 bit mask 11111111 11111111 00000000 00000000 255 255 0 0 24 bit mask 11111111 11111111 11111111 00000000 255 255 255 0 29 bit mask 11111111 11111111 11111111 11111000 255 255 255 248 Network Size The size of the network number determines the maximum number of possible hosts you can have on your network The larger the number of network number bits the smaller the number of remaining host ID bits An IP address with host IDs of all zeros is the IP address of the network 192 168 1 0 with a 24 bit subnet mask for example An IP address with host IDs of all ones is the broadcast addre
53. 10 24 DHCP Client Disable v Static IP Address 192 168 1 1 Subnet Mask 255 255 255 0 Default Gateway 0 0 0 0 Management VLAN 1 GS1510 Series User s Guide Chapter 6 General Settings The following table describes the labels in this screen Table 5 System Settings LABEL DESCRIPTION Hostname Enter up to 16 alphanumeric characters for the name of your Switch Hyphens and underscores _ are also allowed DHCP Client Select Enable to allow the Switch to automatically get an IP address from a DHCP server Click Renew to have the Switch reget an IP address from the DHCP server Select Disable if you want to configure the Switch s IP address manually Static IP Address Enter the IP address of your Switch in dotted decimal notation For example 192 168 1 1 Subnet Mask Enter the IP subnet mask of your Switch in dotted decimal notation for example 255 255 255 0 Default Gateway Enter the IP address of the default outgoing gateway in dotted decimal notation for example 192 168 1 5 Management VLAN Enter a VLAN ID used for Switch management purposes Apply Click Apply to save your changes back to the Switch Refresh Click Refresh to begin configuring this screen afresh 6 3 Jumbo Frame Jumbo frames are Ethernet frames with a payload greater than 1500 bytes Jumbo frames can enhance data transmission efficiency in a Gigabit network Use this screen to configure t
54. 15 6 Priority Queue Mapping Use the Priority Queue Mapping Settings screen to configure IEEE 802 1p priority and queue mappings for the Switch Click Advanced Settings QoS Priority Queue Mapping to open the following screen Figure 49 Priority Queue Mapping g Port Priority Priority Queue Mapping Settings T IP DiffServ DSCP Priority Queue Mapping Queuing Method Queue ID 2 w 0v 114 3 w 4 w Sv 6w Tw GS1510 Series User s Guide Chapter 15 QoS The following table describes the labels in this screen Table 24 Priority Queue Mapping LABEL DESCRIPTION Reset to Click this button to reset the priority to queue mappings to the defaults default Priority This field displays each priority level The values range from O0 lowest priority to 7 highest priority Queue ID Select the number of a queue for packets with the priority level Apply Click Apply to save your changes Refresh Click Refresh to begin configuring the screen afresh 15 7 Queuing Method Use the Queuing Method screen to configure the weight value of each queue Click Advanced Settings QoS Queuing Method to open the following screen Figure 50 Queuing Method Port Priority IP DiffServ DSCP T PriorityiQueue Mapping Queuing Method Queuing Method Settings Queuing Method Weighted Fair Queuing WFQ v Queue ID Weight Value Range 1 127 0 1 1 1 2 1 3 1 4 1 5 1 6 1
55. 19 021 023 25 126 The following table describes the labels in this screen Table 16 EEE LABEL DESCRIPTION EEE Port State Click a port to enable IEEE 802 3az Energy Efficient Ethernet on that port Select All Click this to enable IEEE 802 3az Energy Efficient Ethernet across all ports Deselect All Click this to disable IEEE 802 3az Energy Efficient Ethernet across all ports GS1510 Series User s Guide Chapter 11 EEE Table 16 EEE continued LABEL DESCRIPTION Apply Click this to save any changes to the Switch Refresh Click this to reload the screen and reset any changes that were just made GS1510 Series User s Guide IGMP Snooping 12 1 Overview This chapter shows you how to configure IGMP snooping for multicast traffic The Switch can passively snoop on IGMP packets transferred between IP multicast routers switches and IP multicast hosts to learn the IP multicast group membership IGMP snooping allows the Switch to learn multicast groups without you having to manually configure them 12 2 What You Can Do e Use the General Settings screen Section 12 4 on page 74 to enable IGMP snooping e Use the Port Settings screen Section 12 5 on page 75 to enable or disable immediate leave on ports 12 3 What You Need to Know The Switch can passively snoop on IGMP packets transferred between IP multicast routers switches and IP multicast hosts to learn the IP multicast group me
56. 32 VAD oy LOB E A TEN min vb E A EE E E A O E enna he 133 21O T Oys 133 Chapter 22 SNMP oien aae a aieia a iai 135 AENT EN a OT enh nan ecm oe dune 135 22 2 What YU CAN DO eT 135 GS1510 Series User s Guide 15 Table of Contents 223 What You Nead to KRON RETO TE ES 135 Ta a ABOUT SNMP sna aine aAA DAAE AE ATSOA EAAS DRA 135 2292 T BONER MIBE lt suersesesbscicisciscdaeiasstatiie nini e raknia onai aE N EEE EEN AEE 137 d ono SP TEPS aa aac al a ac la E a a 137 22 OMBP SUO Guucitatentiexnn nivis iere t Mi n eater eons 137 22 0 COMMUNIO NAME e 138 PAR Nan PORE eese rdiet Ere Eoaea 140 Chapter 23 Usar ACCOUN e 143 AMNES UU 143 22 Usar Accu SPI onan tA ITE MI REPE p a Po ERR Wb v E RE TRUE IER HA did Paga SEED 143 Part V Troubleshooting amp Product Specifications 145 Chapter 24 Are DIES DOE iiia cedri ices UA DIAM rakes shih cd deena A UG EX EAM AUI MM UIN RUM ARCH GM MEE 147 24 1 Power Hardware Connections and LEDS seeseseeee eene 147 24 2 GWiteh c er Ec omo e iting 148 Chapter 25 Product SHSCITICAU ONG m 151 25 1 General Switeh S
57. 4 Port 9 Link Up lt 6 gt 2000 Jan 1 00 27 44 Port 9 Link Down lt 6 gt 2000 Jan 1 00 42 22 Port 11 Link Up lt 6 gt 2000 Jan 1 00 43 39 admin user login succeeded ig Refresh The following table describes the labels in this screen Table 41 System Log LABEL DESCRIPTION Server IP Enter the IP address of an external syslog server in dotted decimal notation Select Enable to use the external syslog server or Disable to not use it Apply Click this to save any changes Log Level Select the severity level of the logs to be displayed For more information refer to the Syslog Severity Level table above Select All to display all levels Show Click this to update the system log with log events of the selected severity level Refresh Click this to update the log and see any available new entires GS1510 Series User s Guide SNMP 22 1 Overview This chapter describes how to configure the SNMP options of the Switch Simple Network Management Protocol SNMP is an application layer protocol used to manage and monitor TCP IP based devices 22 2 What You Can Do e Use the SNMP Settings screen Section 22 4 on page 137 to configure the basic SNMP settings for the Switch e Use the Community Name screen Section 22 5 on page 138 to create SNMP communities e Use the Trap Receiver screen Section 22 6 on page 140 to configure the sending of SNMP traps to remote SNMP management statio
58. 510 Series User s Guide Table of Contents Part Il Basic Settings fev 33 Chapter 4 The Web Configurator iiciississsaicaisssnssatensassarnoxintersorntianintantasnantoxsctevioiansonietiatentotsesiadeniatensostests 35 mI re T aa E E A 35 A2 Device Edda UI sassis tp aedcadenann alia es edamame ane 35 BE eMC LIN ien 35 LAUNE JE ts aU SER 36 2 3 4 THE Advanced Main Sree 2uuicosensesi etui ore m aokii APA das add rd ii Foe IE EVER 40 Ea TMS cecus le ER 40 43 Change YU FSW capna CH SEE EH RR UV Gian needs 42 AA Mene ge iyi M 43 To oa gi 7 7 aM P 43 Z5 RSCM E SIME saena patate t Nn HORE CPU LN EM UHR EUEUA 43 4 7 Logging Out of the Web Configurator adde etr d pd dado d b aera a o e x eda 44 Chapter 5 ESCUDO LLL 45 Ou Sy IUD ONIN aie eager eni ord eU BEBE A UN E ER bn asin aula Ae EAMM UU ERU RA wins AF bi E EM DR d aqua 45 Chapter 6 cu Ee up d 47 0 1 What You Dali DO 2essous texcviseseekivrasta cese eu t Ab IREERE E COMI S2 QE iaaea AE NE ARS NER METTE EIL SOM 47 EPPS CLAS MOE AA eon Fels EAEAN Tree Dr EE ELM MTN OPEN ae T ir EUR ATA OO eee T rU un EEUU 47 A gt JuUmMBO FAME eR 48 Bd SNTP 21 tione e bte waa E a i a Fo a aes 49 Chapter 7 MAD Manageme Maisie eiie ieai 51 KLOON ia as a a 51 7 2 What YOU Can DO etc m 51 Faa What You Need to RION sass fps dy silts e PREX ts eda hal Lern bk Vul adiit psc Umi oda 51 F
59. 510 Series User s Guide Chapter 18 IP Source Guard 18 4 DHCP Snooping Use this screen to enable and configure the settings for DHCP Snooping which is used to filter unauthorized DHCP packets on the network To open this screen click Security IP Source Guard DHCP Snooping DHCP Snooping Figure 55 DHCP Snooping DHCP Snooping Settings State Disable VLAN State Add m e g 1 3 5 10 Server Ports O Select All O Deselect All 20406 08 10 012 014 016 18 020 122 024 10305 O7 9 11 0113 015 17 019 O21 023 25 126 DHCP Snooping Status DHCP Snooping State Enabled on VLAN Server Ports Disabled None The following table describes the labels in this screen Table 30 DHCP Snooping LABEL DESCRIPTION State Select Enable to use DHCP snooping on the Switch You still have to enable DHCP snooping on specific VLANs and specify trusted ports Note The Switch will drop all DHCP requests if you enable DHCP snooping and there are no trusted ports Select Disable to not use DHCP snooping VLAN State Select Add and enter the VLAN IDs you want the Switch to enable DHCP snooping on You can designate multiple VLANs individually by using a comma and by range with a hyphen Select Delete and enter the VLAN IDs you no longer want the Switch to use DHCP snooping on GS151
60. ANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT GS1510 Series User s Guide Appendix D Open Software Announcements INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 3 Cambridge Broadband Ltd copyright notice BSD Portions of this code are copyright c 2001 2003 Cambridge Broadband Ltd All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution The name of Cambridge Broadband Ltd may not be used to endorse or promote products derived from this software without specific prior written p
61. CP Select Disable to not use LACP System LACP system priority is a number between 1 and 65 535 The switch with Priority the lowest system priority and lowest port number if system priority is the same becomes the LACP server The LACP server controls the operation of LACP setup Enter a number to set the priority of an active port using Link Aggregation Control Protocol LACP The smaller the number the higher the priority level Group LACP Select a trunk group ID and then select whether to Enable or Disable Group Link Aggregation Control Protocol for that trunk group Apply Click Apply to save your changes to the Switch Refresh Click Refresh to begin configuring this screen afresh Group ID The field identifies the link aggregation group that is one logical link containing multiple ports LACP State This field displays if the group has LACP enabled GS1510 Series User s Guide Loop Guard 14 1 Overview Use the Loop Guard screen Section 14 3 on page 83 to configure the Switch to guard against loops on the edge of your network Loop guard allows you to configure the Switch to shut down a port if it detects that packets sent out on that port loop back to the Switch While you can use Spanning Tree Protocol STP to prevent loops in the core of your network STP cannot prevent loops that occur on the edge of your network mnn ne nnn ouns
62. Default This field indicates the IP address of the default gateway Gateway MAC Address This field displays the MAC Media Access Control address of the Switch Management This field displays the VLAN ID that is used for the Switch management VLAN purposes CPU Loading This field displays the percentage of your Switch s system load Memory This field displays the total memory the Switch has and the memory Information which is currently available Free and occupied Usage Current Time This field displays current date yyyy mm dd and time hh mm ss Refresh Click this to update the information in this screen GS1510 Series User s Guide m General Settings This chapter describes the General Settings screens in the Basic Settings menu 6 1 What You Can Do e Use the System screen Section 6 2 on page 47 to configure the basic IP address settings for the Switch e Use the Jumbo Frame screen Section 6 3 on page 48 to configure the jumbo frame size the Switch accepts e Use the SNTP screen Section 6 4 on page 49 to configure the date and time of the Switch 6 2 System Use the System Settings screen under Basic Settings General Settings to set up the IP address for the Switch You can enable DHCP or set up a static IP address The following screen appears when you click Basic Settings General Settings System Figure 26 System Settings Jumbo Frame Sit M Hostname GS15
63. E dE E MEN E E NE E 9 n Ee E 15 19 21 73 Web Authentication Advance Settings 4 3 1 4 DHCP Snooping Use this screen to enable or disable the DHCP Snooping feature which filters unauthorized DHCP packets on the network Click the DHCP Snooping tab to open the screen as shown next Use the ON or OFF button on this screen to enable or disable DHCP Snooping You can set a specific port to act as a server port by clicking on it to make it green A server port is a port that is connected to a DHCP server Note You can only enable one port as a server port on this screen to enable more than one port use the advanced DHCP snooping screen Section 18 4 on page 107 GS1510 Series User s Guide Chapter 4 The Web Configurator Click Apply to save any changes Figure 20 Web Configuration Smart Screen DHCP Snooping IP Setting EEE Web Authentication Ir v 0 STP Server Port ZyXEL Note Enable a port to connect with DHCP server as green light It can be set more than one server port at advance setting mode 4 3 1 5 STP Spanning Tree Protocol Use this screen to activate the Spanning Tree Protocol STP feature which is used to prevent loops in the core of your network Click the STP tab to open the screen as shown next Use the OFF or ON button to globally enable or disable Spanning Tree Protocol for the Switch Figure 21 Web Configurator Smart Screen STP IP Setting EEE Web Authentication DHCP Snooping
64. ED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT ZyXEL DOES NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE SOFTWARE WILL MEET ANY REQUIREMENTS OR NEEDS YOU MAY HAVE OR THAT THE SOFTWARE WILL OPERATE ERROR FREE OR IN AN UNINTERUPTED FASHION OR THAT ANY DEFECTS OR ERRORS IN THE SOFTWARE WILL BE CORRECTED OR THAT THE SOFTWARE IS COMPATIBLE WITH ANY PARTICULAR PLATFORM SOME JURISDICTIONS DO NOT ALLOW THE WAIVER OR EXCLUSION OF IMPLIED WARRANTIES SO THEY MAY NOT APPLY TO YOU IF THIS EXCLUSION IS HELD TO BE UNENFORCEABLE BY A COURT OF COMPETENT JURISDICTION THEN ALL EXPRESS AND IMPLIED WARRANTIES SHALL BE LIMITED IN DURATION TO A PERIOD OF THIRTY 30 DAYS FROM THE DATE OF PURCHASE OF THE SOFTWARE AND NO WARRANTIES SHALL APPLY AFTER THAT PERIOD 7 Limitation of Liability IN NO EVENT WILL ZyXEL BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY INCIDENTAL OR CONSEQUENTIAL DAMAGES INCLUDING WITHOUT LIMITATION INDIRECT SPECIAL PUNITIVE OR EXEMPLARY DAMAGES FOR LOSS OF BUSINESS LOSS OF PROFITS BUSINESS INTERRUPTION OR LOSS OF BUSINESS INFORMATION ARISING OUT OF THE USE OF OR INABILITY TO USE THE SOFTWARE OR PROGRAM OR FOR ANY CLAIM BY ANY OTHER PARTY EVEN IF ZyXEL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES ZyXEL s TOTAL AGGREGATE LIABILITY WITH RESPECT TO ITS OBLIGATIONS UNDER THIS AGREEMENT OR OTHERWISE WITH RESPECT TO THE SOFTWARE AND DOCUMENTATION OR OTHERWISE SHALL BE EQUAL TO THE PURCHA
65. EE 802 3x Layer 2 Features Bridging 16K MAC addresses Static MAC address forwarding by destination Broadcast storm control Static MAC address forwarding Switching Switching fabric GS1510 16 32Gbps non blocking GS1510 24 52Gbps non blocking Max Frame size 1522 bytes QoS IEEE 802 1p 8 priority queues per port Port based egress traffic shaping DSCP to IEEE 802 1p mapping Layer 2 Features VLAN Port based VLAN setting Tag based IEEE 802 1Q VLAN Number of VLAN 4K 256 static maximum Guest VLAN Port Aggregation Supports static port trunking Eight groups up to 8 ports each Port mirroring All ports support port mirroring Security 802 1x port authentication MD5 PEAP IP Source Guard Web authentication MD5 PEAP MAC filtering dynamic ET GS1510 Series User s Guide Chapter 25 Product Specifications Table 50 Management Specifications System Control LED indication for power status Performance monitoring Line speed Four RMON groups history statistics alarms and events Port mirroring and aggregation Firmware upgrade and download through HTTP Reset to default button Network Web based management Management SNMP v1 v2c RMON groups history statistics alarms and events 1 Logging server supported MIB RFC 1157 SNMP RFC 1213 MIB II RFC 1643 Ethernet MIB RFC 1493 Bridge MIB RFC 1757 R
66. EFULLY BEFORE COMPLETING THE INSTALLATION PROCESS AS INSTALLING THE SOFTWARE WILL INDICATE YOUR ASSENT TO THEM IF YOU DO NOT AGREE TO THESE TERMS THEN ZyXEL IS UNWILLING TO LICENSE THE SOFTWARE TO YOU IN WHICH EVENT YOU SHOULD RETURN THE UNINSTALLED SOFTWARE AND PACKAGING TO THE PLACE FROM WHICH IT WAS ACQUIRED OR ZyXEL AND YOUR MONEY WILL BE REFUNDED HOWEVER CERTAIN ZYXEL S PRODUCTS MAY CONTAIN IN PART SOME THIRD PARTY S FREE AND OPEN SOFTWARE PROGRAMS WHICH ALLOW YOU TO FREELY COPY RUN DISTRIBUTE MODIFY AND IMPROVE THE SOFTWARE UNDER THE APPLICABLE TERMS OF SUCH THRID PARTY S LICENSES OPEN SOURCED COMPONENTS THE OPEN SOURCED COMPONENTS ARE LISTED IN THE NOTICE OR APPENDIX BELOW ZYXEL MAY HAVE DISTRIBUTED TO YOU HARDWARE AND OR SOFTWARE OR MADE AVAILABLE FOR ELECTRONIC DOWNLOADS THESE FREE SOFTWARE PROGRAMS OF THRID PARTIES AND YOU ARE LICENSED TO FREELY COPY MODIFY AND REDISTIBUTE THAT SOFTWARE UNDER THE APPLICABLE LICENSE TERMS OF SUCH THIRD PARTY NONE OF THE STATEMENTS OR DOCUMENTATION FROM ZYXEL INCLUDING ANY RESTRICTIONS OR CONDITIONS STATED IN THIS END USER LICENSE AGREEMENT SHALL RESTRICT ANY RIGHTS AND LICENSES YOU MAY HAVE WITH RESPECT TO THE OPEN SOURCED COMPONENTS UNDER THE APPLICABLE LICENSE TERMS OF SUCH THIRD PARTY 1 Grant of License for Personal Use ZyXEL Communications Corp ZyXEL grants you a non exclusive non sublicense non transferable license to use the program with which this license is distributed
67. Ethernet Ports during idle periods Click the EEE tab Energy Efficient Ethernet to display the screen as shown next You can enable IEEE 802 3az Energy Efficient Ethernet on a port by clicking on it in the Switch graphic Click Apply to save any changes Figure 18 Web Configurator Smart Screen EEE IP Setting Web Authentication DHCP Snooping STP Energy Efficient Ethernet Port 4 6 8 10 12 14 16 18 20 22 24 ZyXEL rote gr age ye o9 9 41 73 15 i 49 2 23 25 Note Enable the port for energy efficient as green light GS1510 Series User s Guide Chapter 4 The Web Configurator 4 3 1 3 Web Authentication Click the Web Authentication tab to open the screen as shown next This feature is used to authenticate users before they access a website on the Internet Use the ON or OFF button on this screen to globally enable disable web authentication across all ports You can enable or disable web authentication on a specific port by clicking on it When a port is green it means authentication is enabled on the port The default user name and password for web authentication is guest guest You can change the password on this screen The Management User Account screen Section 23 2 on page 143 allows you to create more user accounts for web authentication Click Apply to save any changes Figure 19 Web Authentication Smart Screen Web Authentication j Web Authentication 10 12 14 16 18 UR d
68. G31510 16 G31510 24 16 port 24 port Managed Gigabit Ethernet Switch Default Login Details IP Address http 192 168 1 1 User Name admin Password 1234 Firmware Version 1 00 Edition 2 12 2010 www zyxel com Copyright 2010 ZyXEL Communications Corporation About This User s Guide About This User s Guide Intended Audience This manual is intended for people who want to configure the Switch using the Web Configurator You should have at least a basic knowledge of TCP IP networking concepts and topology Related Documentation e Supporting Disc Refer to the included CD for support documents e ZyXEL Web Site Please refer to www zyxel com for additional support documentation and product certifications Documentation Feedback Send your comments questions or suggestions to techwriters zyxel com tw Thank you The Technical Writing Team ZyXEL Communications Corp 6 Innovation Road II Science Based Industrial Park Hsinchu 30099 Taiwan Need More Help More help is available at www zyxel com ET ET M Download Library gt Firmware Knowledge Base Software Glossary Driver Support amp Feedback Datasheet Warranty Information Tech Doc Overview ZyXEL Windows Vista Support User s Guide Forum Quick start guide CLI Reference Guide Support note Certification Declaration SNMP MIB File GS1510 Series User s Guide 3 About This User s Guide Download Library
69. M MN GS1510 Series User s Guide Chapter 9 Port Settings The following table describes the labels in this screen Table 11 Port Settings LABEL DESCRIPTION Port Settings Port Select a port number you want to configure on this screen State Select Enable to activate the port or Disable to deactivate the port Speed Duplex Select the speed and duplex mode of the port The choices are e Auto e 10 Mbps Full Duplex e 10 Mbps Half Duplex e 100 Mbps Full Duplex e 100 Mbps Half Duplex e 1000 Mbps Full Duplex e 1000 Mbps Half Duplex Flow Control Select On to enable access to buffering resources for the port thus ensuring lossless operation across network switches Otherwise select Off to disable it Apply Click Apply to save the changes back to the Switch Refresh Click Refresh to begin configuring this screen afresh Port Status Port This field displays the port number State This field displays whether the port is enabled or disabled Speed Duplex This field displays the speed either 10M 100M or 1000M and the duplex mode Full or Half Flow Control This field displays whether the port s flow control is On or Off Link Status This field displays the link status of the port If the port is up it displays the port s speed duplex and flow control setting Otherwise it displays Link Down if the port is disabled or not connected to any device GS1510 Serie
70. MON Group 1 2 3 9 history statistics alarms and events This section describes the general software features of the Switch Table 51 Firmware Features FEATURE DESCRIPTION Default IP Address 192 168 1 1 Default Subnet Mask 255 255 255 0 24 bits Administrator User admin Name Default Password 1234 VLAN A VLAN Virtual Local Area Network allows a physical network to be partitioned into multiple logical networks Devices on a logical network belong to one group A device can belong to more than one group With VLAN a device cannot directly talk to or hear from devices that are not in the same group s the traffic must first go through a router MAC Management Forward traffic based on the destination MAC address and VLAN group ID QoS Queuing is used to help solve performance degradation when there is network congestion Two scheduling services are supported Strict Priority SP and Weighted Round Robin WRR This allows the Switch to maintain separate queues for source from monopolizing the bandwidth GS1510 Series User s Guide packets from each individual source or flow and prevent a Chapter 25 Product Specifications Table 51 Firmware Features FEATURE DESCRIPTION Port Mirroring Port mirroring allows you to copy traffic going from one or all ports to another or all ports in order that you can examine the traffic from the mirror port the port you
71. Mirroring State Disable M Monitor to Port 1 All Ports Disable v Source Port Mirror Mode Source Port Mirror Mode 1 Disable 2 Disable 3 Disable v 4 Disable v 5 Disable v 6 Disable v r Disable v 8 Disable M 9 Disable 10 Disable 11 Disable 12 Disable 13 Disable v 14 Disable M 15 Disable M 16 Disable v 17 Disable v 18 Disable v 19 Disable v 20 Disable v 21 Disable v 22 Disable 23 Disable v 24 Disable v 25 Disable v 26 Disable m GS1510 Series User s Guide Chapter 8 Port Mirroring The following table describes the labels in this screen Table 10 Port Mirroring LABEL DESCRIPTION State Select Enabled to turn on port mirroring or select Disabled to turn it off Monitor Select the ports for which you want to monitor the traffic to Port All Ports Settings in this field apply to all ports Use this field only if you want to make some settings the same for all ports Use this field first to set the common settings and then make adjustments on a port by port basis Source This field displays the number of a port Port Mirror Select Ingress Egress or Both to only copy the ingress incoming egress Mode outgoing or both incoming and outgoing traffic from the source ports to the port specified in the Monitor to Port field Select Disable to not copy any traffic from the source ports to the port specified in the Monitor to Port
72. NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 9 ScienceLogic LLC copyright notice BSD Copyright c 2009 ScienceLogic LLC All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of ScienceLogic LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUT
73. ORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES GS1510 Series User s Guide 197 Appendix D Open Software Announcements INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE GS1510 Series User s Guide Index A alternative subnet mask notation 168 applications backbone 19 bridging 20 IEEE 802 1Q VLAN 21 switched workgroup 21 ARP inspection 104 105 and MAC filter 105 configuring 106 syslog messages 106 trusted ports 106 auto crossover ports 28 auto negotiating ports 28 B back up configuration file 130 bandwidth control 152 binding 103 binding table 103 building 103 BPDUs Bridge Protocol Data Units 96 Bridge Protocol Data Units BPDUs 96 bridging 152 C cable diagnostics 71 types of faults 71 certifications 175 notices 176 viewing 177 CFI Canonical Format Indicator 64 changing the password 42 Class of Service
74. R BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 7 Fabasoft R amp D Software GmbH amp Co KG copyright notice BSD Copyright c Fabasoft R amp D Software GmbH amp Co KG 2003 oss fabasoft com Author Bernhard Penz Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution GS1510 Series User s Guide Appendix D Open Software Announcements The name of Fabasoft R amp D Software GmbH amp Co KG or any of its subsidiaries brand or product names may not be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN
75. RTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES END OF TERMS AND CONDITIONS All other trademarks or trade names mentioned herein if any are the property of their respective owners GS1510 Series User s Guide Appendix D Open Software Announcements This Product includes net snmp software under BSD like license License Various copyrights apply to this package listed in various separate parts below Please make sure that you read all the parts Part 1 CMU UCD copyright notice BSD like Copyright 1989 1991 1992 by Carnegie Mellon University Derivative Work 1996 1998 2000 Copyright 1996 1998 2000 The Regents of the University of California All Rights Reserved Permission to use copy modify and distribute this software and its documentation for any purpose and without fee is hereby granted provided that the above copyright notice appears in all copies and that both that copyright notice and this permission notice appear in supporting documentation and that the name of CMU and The Regents of the University of California not be used in advertising or publicity pertaining to distribution of the software without specific written permission CMU AND THE REGENTS OF THE UNIVERSITY OF CALIFORNIA DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED GS1510 Series
76. SE PRICE BUT SHALL IN NO EVENT EXCEED THE PRODUCT S PRICE BECAUSE SOME STATES COUNTRIES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES THE ABOVE LIMITATION MAY NOT APPLY TO YOU GS1510 Series User s Guide Appendix D Open Software Announcements 8 Export Restrictions THIS LICENSE AGREEMENT IS EXPRESSLY MADE SUBJECT TO ANY APPLICABLE LAWS REGULATIONS ORDERS OR OTHER RESTRICTIONS ON THE EXPORT OF THE SOFTWARE OR INFORMATION ABOUT SUCH SOFTWARE WHICH MAY BE IMPOSED FROM TIME TO TIME YOU SHALL NOT EXPORT THE SOFTWARE DOCUMENTATION OR INFORMATION ABOUT THE SOFTWARE AND DOCUMENTATION WITHOUT COMPLYING WITH SUCH LAWS REGULATIONS ORDERS OR OTHER RESTRICTIONS YOU AGREE TO INDEMNIFY ZyXEL AGAINST ALL CLAIMS LOSSES DAMAGES LIABILITIES COSTS AND EXPENSES INCLUDING REASONABLE ATTORNEYS FEES TO THE EXTENT SUCH CLAIMS ARISE OUT OF ANY BREACH OF THIS SECTION 8 9 Audit Rights ZyXEL SHALL HAVE THE RIGHT AT ITS OWN EXPENSE UPON REASONABLE PRIOR NOTICE TO PERIODICALLY INSPECT AND AUDIT YOUR RECORDS TO ENSURE YOUR COMPLIANCE WITH THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT 10 Termination This License Agreement is effective until it is terminated You may terminate this License Agreement at any time by destroying or returning to ZyXEL all copies of the Software and Documentation in your possession or under your control ZyXEL may terminate this License Agreement for any reas
77. SNMP 137 trunk group 77 trunking 21 77 152 configuration 66 67 68 69 79 80 trusted ports ARP inspection 106 DHCP snooping 104 Type of Service ToS 88 U untrusted ports ARP inspection 106 DHCP snooping 104 user profiles 118 V ventilation holes 24 VID 63 number of possible VIDs 64 priority frame 64 VID VLAN Identifier 64 viewing MAC entries 53 VLAN 63 152 ID 63 port based isolation 66 tagged 63 W warranty 177 note 177 web configurator 35 home 36 45 login 35 GS1510 Series User s Guide Index logout 44 navigation 36 37 39 40 weight of the switch 153 weight queuing 86 Weighted Round Robin scheduling WRR 86 WRR Weighted Round Robin scheduling 86 GS1510 Series User s Guide Index GS1510 Series User s Guide
78. Switch before configuring it on each port Admin Control Direction Select Both to drop incoming and outgoing packets on the port when a user has not passed 802 1x port authentication Select In to drop only incoming packets on the port when a user has not passed 802 1x port authentication Reauthenticati on Specify if a subscriber has to periodically re enter his or her username and password to stay connected to the port Port Control Select Auto to require authentication on the port Mode Select Force Authorized to always force this port to be authorized Select Force Unauthorized to always force this port to be unauthorized No packets can pass through this port Guest VLAN Select None to disable Guest VLAN Select 1 to use VLAN 1 for traffic from hosts that have not passed authentication Use this to limit the permissions of hosts which have not passed authentication Max req Time Specify the amount of times the Switch will try to connect to the authentication server before determining the server is down The acceptable range for this field is 1 to 10 times Reauth period Specify how often a client has to re enter his or her username and password to stay connected to the port The acceptable range for this field is 0 to 65535 seconds Quiet period Specify a period of the time the client has to wait before the next reauthentication attempt This will prevent the Switch from becoming overloa
79. T VALUE IP Address Decimal 192 168 1 0 IP Address Binary 11000000 10101000 00000001 00000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address Lowest Host ID 192 168 1 1 192 168 1 0 Broadcast Address Highest Host ID 192 168 1 62 192 168 1 63 Table 59 Subnet 2 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 64 IP Address Binary 11000000 10101000 00000001 01000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address Lowest Host ID 192 168 1 65 192 168 1 64 Broadcast Address Highest Host ID 192 168 1 126 192 168 1 127 Table 60 Subnet 3 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address Lowest Host ID 192 168 1 129 192 168 1 128 Broadcast Address Highest Host ID 192 168 1 190 192 168 1 191 Table 61 Subnet4 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 192 IP Address Binary 11000000 10101000 00000001 11000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 192 Lowest Host ID 192 168 1 193 Broadcast Address 192 168 1 255 Highest Host ID 192 168 1 254 GS1510 Series User s Guide 171 Appendix B IP Addresses and Subnetting Example Eight Subnets Similarly use a 27 bit mask to creat
80. User s Guide Chapter 1 Getting to Know Your Switch 1 1 3 High Performance Switching Example The Switch is ideal for connecting two networks that need high bandwidth In the following example use trunking to connect these two networks Switching to higher speed LANs such as ATM Asynchronous Transmission Mode is not feasible for most people due to the expense of replacing all existing Ethernet cables and adapter cards restructuring your network and complex maintenance The Switch can provide the same bandwidth as ATM at much lower cost while still being able to use existing adapters and switches Moreover the current LAN structure can be retained as all ports can freely communicate with each other Figure 3 High Performance Switched Workgroup Application Ut eteseeeseees See ee ee ee ee m eee 9 Ee eee ee ee eee m 3 1 1 4 IEEE 802 1Q VLAN Application Examples A VLAN Virtual Local Area Network allows a physical network to be partitioned into multiple logical networks Stations on a logical network belong to one group A station can belong to more than one group With VLAN a station cannot directly talk to or hear from stations that are not in the same group s unless such traffic first goes through a router For more information on VLANs refer to Chapter 10 on page 63 1 1 4 1 Tag based VLAN Example Ports in the same VLAN group share the same frame broadcast domain thus increase network performan
81. User s Guide Appendix D Open Software Announcements WARRANTIES OF MERCHANTABILITY AND FITNESS IN NO EVENT SHALL CMU OR THE REGENTS OF THE UNIVERSITY OF CALIFORNIA BE LIABLE FOR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM THE LOSS OF USE DATA OR PROFITS WHETHER IN AN ACTION OF CONTRACT NEGLIGENCE OR OTHER TORTIOUS ACTION ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE Part 2 Networks Associates Technology Inc copyright notice BSD Copyright c 2001 2003 Networks Associates Technology Inc All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of the Networks Associates Technology Inc nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARR
82. agged frames on this port All tagged frames will be dropped Select VLAN Tagged Only to accept only tagged frames on this port All untagged frames will be dropped Apply Click this to save any changes to the Switch Refresh Click this to reload the screen and reset any changes that were just made Port Status GS1510 Series User s Guide Chapter 10 VLAN Table 15 Port Settings continued LABEL DESCRIPTION Port This field displays the port number PVID This field displays the Port VLAN ID number Acceptable This field displays the type of frames allowed on the port This will either Frame display All or Tag Only GS1510 Series User s Guide 11 1 Overview EEE This chapter explains the EEE Energy Efficient Ethernet screen Use this screen to reduce energy consumption over RJ 45 Ethernet Ports during idle periods The hardware devices connected to the ports must also support EEE for this function to work Note A similar version of this screen appears in Smart Mode See Section 4 3 1 2 on page 37 11 1 1 EEE Screen Click Advanced Settings gt EEE to view the screen as shown Figure 38 EEE EEE Ports State Port 25 amp 26 don t support this feature O Select All O Deselect All 2040608 010012014016 18 120 122 024 10305 9 011013 015 17 1
83. al implementation you have to enable DHCP snooping before you enable ARP inspection 18 3 1 DHCP Snooping Overview Use DHCP snooping to filter unauthorized DHCP packets on the network and to build the binding table dynamically This can prevent clients from getting IP addresses from unauthorized DHCP servers 18 3 1 1 Trusted vs Untrusted Ports Every port is either a trusted port or an untrusted port for DHCP snooping This setting is independent of the trusted untrusted setting for ARP inspection Trusted ports are connected to DHCP servers or other switches The Switch learns dynamic bindings from trusted ports Note The Switch will drop all DHCP requests if you enable DHCP snooping and there are no trusted ports Untrusted ports are connected to subscribers The Switch discards DHCP packets from untrusted ports in the following situations e The packet is a DHCP server packet for example OFFER ACK or NACK e The source MAC address and source IP address in the packet do not match any of the current bindings e The packet is a RELEASE or DECLINE packet and the source MAC address and source port do not match any of the current bindings e The rate at which DHCP packets arrive is too high 18 3 1 2 DHCP Snooping Database The Switch stores the binding table in volatile memory If the Switch restarts it loads static bindings from permanent memory but loses the dynamic bindings in which case the devices in the netwo
84. ask for the IP address of the remote SNMP management station in dotted decimal notation for example 255 255 255 0 Apply Click this to save any changes to the Switch Refresh Click this to reset the contents of the text boxes Community Name List No This field indicates the community number It is used for identification only Click on the individual community number to edit the community settings Community This field displays the SNMP community string An SNMP community String string is a text string that acts as a password GS1510 Series User s Guide Chapter 22 SNMP Table 45 Community Name continued LABEL DESCRIPTION Rights This field displays the community string s rights This will be Read Only or Read Write Network ID of Trusted Host This field displays the IP address of the remote SNMP management station after it has been modified by the subnet mask Subnet Mask This field displays the subnet mask for the IP address of the remote SNMP management station Action Click Delete to remove a specific Community String 22 6 Trap Receiver Use the Trap Receiver screen to enable the sending of SNMP traps to a remote SNMP management station s Click Management gt SNMP gt Trap Receiver to view the screen as shown SNMP traps are used to send out SNMP notifications of urgent or normal events in the system to external management stations
85. ay the Choose file screen from which you can locate it After you have specified the file click Upgrade Make sure you are using the proper configuration when you are restoring your configuration The file name extension should be rom or cfg The following table describes the labels in this screen 21 3 3 Restore Factory Default Settings Follow the steps below to reset the Switch back to the factory defaults 1 Inthe Configuration screen click the Reset button to clear all Switch configuration information you configured and return to the factory defaults Figure 71 Restore Factory Default Settings Restore Default Factory Configuration Restore the default factory settings to your system IP address will be 192 168 1 1 Reset 2 Click OK to reset all Switch configurations to the factory defaults Figure 72 Load Factory Default Windows Internet Explorer 3 Device will reset to the default factory settings Are you sure Cancel 3 In the web configurator click the Save button to make the changes take effect If you want to access the Switch web configurator again you may need to change the IP address of your computer to be in the same subnet as that of the default Switch IP address 192 168 1 1 GS1510 Series User s Guide 131 Chapter 21 Maintenance 21 4 Firmware Make sure you have downloaded and unzipped the correct model firmware and version to your computer before uploadi
86. ce through reduced broadcast traffic VLAN groups can be modified at any time by adding moving or changing ports without any re cabling GS1510 Series User s Guide 21 Chapter 1 Getting to Know Your Switch Shared resources such as a server can be used by all ports in the same VLAN as the server In the following figure only ports that need access to the server need to be part of VLAN 1 Ports on the Switch can belong to other VLAN groups too Figure 4 Shared Server Using VLAN Example mo If m mm 1 2 Good Habits for Managing the Switch Do the following things regularly to make the Switch more secure and to manage the Switch more effectively e Change the password Use a password that s not easy to guess and that consists of different types of characters such as numbers and letters e Write down the password and put it in a safe place Back up the configuration and make sure you know how to restore it Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes If you forget your password you will have to reset the Switch to its factory default settings If you backed up an earlier configuration file you would not have to totally re configure the Switch You could simply restore your last configuration 22 GS1510 Series User s Guide Hardware Installation and Connection This chapter shows you how to install and
87. click Back GS1510 Series User s Guide Appendix A Device Auto Discovery ft ZyXEL Device Discovery Insta HEOR Ready to Install Setup is now ready to begin installing ZyXEL Device Discovery on your computer Click Install to continue with the installation or click Back if you want to review or change any settings Destination location D temp ZyXEL Device Discovery Setup type Custom installation Selected components ZyXEL Device Discovery 1 0 8 A progress bar will display as the software is being installed ft ZyXEL Device Discovery Insta Installing Please wait while Setup installs ZyXEL Device Discovery on your computer Extracting files D temp ZyXEL Device Discoverylzyxel device discovery exe 9 After the installation has finished select whether to launch the utility now or later and click Finish to complete the setup process GS1510 Series User s Guide Appendix A Device Auto Discovery ZyXEL Device Discovery Insta Completing the ZyXEL Device Discovery Setup Wizard Setup has finished installing ZyXEL Device Discovery on your computer The application may be launched by selecting the installed icons Click Finish to exit Setup Laun Cms Using the Software After launching the utility the following screen will display To begin scanning for devices on the network you are currently connected to click the Search button
88. copy the traffic to without interference Link Aggregation Link aggregation trunking is the grouping of physical ports into one logical higher capacity link You may want to trunk ports if for example it is cheaper to use multiple lower speed links than to under utilize a high speed but more costly single port link STP Spanning Tree STP detects and breaks network loops and provides backup Protocol links between switches bridges or routers It allows a Switch to interact with other STP compliant switches in your network to ensure that only one path exists between any two stations on the network Loop Guard Use the loop guard feature to protect against network loops on the edge of your network IP Source Guard Use IP source guard to filter unauthorized DHCP and ARP packets in your network Authentication The Switch supports authentication services via RADIUS servers Device Management Use the Web Configurator to easily configure the rich range of features on the Switch Firmware Upgrade Download new firmware when available from the ZyXEL web site and use the Web Configurator to put it on the Switch Note Only upload firmware for your specific model Configuration Backup amp Restoration Make a copy of the Switch s configuration and put it back on the Switch later if you decide you want to revert back to an earlier configuration Logging The Switch allows you to
89. d GS1510 Series User s Guide Appendix D Open Software Announcements Preamble The licenses for most software are designed to take away your freedom to share and change it By contrast the GNU General Public License is intended to guarantee your freedom to share and change free software to make sure the software is free for all its users This General Public License applies to most of the Free Software Foundation s software and to any other program whose authors commit to using it Some other Free Software Foundation software is covered by the GNU Library General Public License instead You can apply it to your programs too When we speak of free software we are referring to freedom not price Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software and charge for this service if you wish that you receive source code or can get it if you want it that you can change the software or use pieces of it in new free programs and that you know you can do these things To protect your rights we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions translate to certain responsibilities for you if you distribute copies of the software or if you modify it For example if you distribute copies of such a program whether gratis or for a fee you must give the recipients all the rights that you have You
90. ddress in which the first three octets 192 168 1 are the network number and the fourth octet 16 is the host ID Figure 84 Network Number and Host ID 192 168 1 16 i miini d A at i p I af mmmh i L I L I L or n a SB Eee eee m m m m m 9 How much of the IP address is the network number and how much is the host ID varies according to the subnet mask Subnet Masks A subnet mask is used to determine which bits are part of the network number and which bits are part of the host ID using a logical AND operation The term subnet is short for sub network A subnet mask has 32 bits If a bit in the subnet mask is a 1 then the corresponding bit in the IP address is part of the network number If a bit in the subnet mask is 0 then the corresponding bit in the IP address is part of the host ID The following example shows a subnet mask identifying the network number in bold text and host ID of an IP address 192 168 1 2 in decimal Table 54 Subnet Mask Example 1ST 2ND 3RD 4TH OCTET OCTET OCTET OCTET 192 168 1 2 IP Address Binary 11000000 10101000 00000001 00000010 Subnet Mask Binary 11111111 11111111 11111111 00000000 GS1510 Series User s Guide Appendix B IP Addresses and Subnetting Table 54 Subnet Mask Example 1ST 2ND 3RD 4TH OCTET OCTET OCTET OCTET 192 168 1 2 Network Number 110000
91. ded with continous reauthentication attempts from the client The acceptable range for this field is 0 to 65535 seconds Supp timeout Specify how long the Switch will wait before communicating with the client The acceptable range for this field is 0 to 65535 seconds Server timeout Specify how long the Switch will wait before communicating with the server The acceptable range for this field is 0 to 65535 seconds Reset to Select this and click Apply to reset the custom 802 1x port Default authentication settings back to default Apply Click this to save any changes Refresh Click this to reload the screen and reset any changes that were just made Port Status Port This field displays the port number 802 1x State This field displays if 802 1x authentication is Enabled or Disabled on GS1510 Series User s Guide the port Chapter 19 802 1x Table 37 Port Settings continued LABEL DESCRIPTION Admin Control This field displays the Admin Control Direction Direction Both will drop incoming and outgoing packets on the port when a user has not passed 802 1x port authentication In will drop only incoming packets on the port when a user has not passed 802 1x port authentication Reauthenticati This field displays if the subscriber must periodically re enter his or her on username and password to stay connected to the port Port Control This field displa
92. dges listen for Hello BPDUs Bridge Protocol Data Units transmitted from the root bridge If a bridge does not get a Hello BPDU after a predefined interval Max Age the bridge assumes that the link to the root bridge is down This bridge then initiates negotiations with other bridges to reconfigure the network to re establish a valid network topology GS1510 Series User s Guide Chapter 17 Spanning Tree Protocol 17 4 General Settings Use this screen to enable and configure the STP settings Click Advanced Settings STP General Settings to see the screen as shown Figure 52 General Settings Spanning Tree Protocol Settings State Mode Bridge Parameters Pathcost Forward Time 15 Range 4 30 Max Age 20 Range 6 40 Relationships 2 Forward Time 1 Max Age Hello Time 2 Range 1 10 Max Age gt 2 Hello Time 1 Priority 32768 Disable v RSTP x Range 0 61440 Long iv The following table describes the labels in this screen Table 28 General Settings LABEL DESCRIPTION Spanning Tree Protocol Settings State Select Enabled to use Spanning Tree Protocol STP or Rapid Spanning Tree Protocol RSTP Mode Select to use either Spanning Tree Protocol STP or Rapid Spanning Tree Protocol RSTP See Section 17 1 on page 95 for background information on STP Bridge Parameters Forward Time This is the maximum time in seconds the Switch will wait b
93. ding VLAN ID Enter the source VLAN ID in the binding Port Specify the port in the binding Apply Click this to create the specified static binding or to update an existing one Refresh Click this to reload the screen and reset any changes that were just made No This field displays a sequential number for each binding Click it to update an existing entry MAC Address This field displays the source MAC address in the binding IP Address This field displays the IP address assigned to the MAC address in the binding Lease hour This field displays how long the binding is valid VLAN This field displays the source VLAN ID in the binding Port This field displays the port number in the binding Type This field displays how the Switch learned the binding Static This binding was learned from information provided manually by an administrator Dynamic This binding was learned by snooping DHCP packets Action Click Delete to remove the specified entry GS1510 Series User s Guide Chapter 18 IP Source Guard 18 7 2 Binding Table Use this screen to look at the current bindings You can also use this screen to convert dynamic binding entries to static entries by selecting the entries and clicking Apply Bindings are used by DHCP snooping and ARP inspection to distinguish between authorized and unauthorized packets in the network The Switch learns the dynamic bindings by snooping DHCP pac
94. e 35 Binding Table continued LABEL DESCRIPTION Type This field displays how the Switch learned the binding Static This binding was learned from information provided manually by an administrator Dynamic This binding was learned by snooping DHCP packets Apply Click Apply and the Switch will convert any selected dynamic binding entries to static entries Refresh Click this to reload the screen and to display any recently added bindings GS1510 Series User s Guide 115 Chapter 18 IP Source Guard GS1510 Series User s Guide 19 1 802 1x This chapter describes the IEEE 802 1x screens Overview Port authentication is a way to validate access to ports on the Switch to clients based on a local or external server authentication server The Switch supports the following method for port authentication e IEEE 802 1x An authentication server validates access to a port based on a username and password provided by the user The Switch can authenticate users who try to log in based on user accounts configured on the Switch itself The Switch can also use an external authentication server to authenticate a large number of users This external method of authentication uses the RADIUS Remote Authentication Dial In User Service RFC 2138 2139 protocol to validate users See Section 19 3 on page 118 for more information on configuring your RADIUS server settings 19 2 What You Can Do e Us
95. e eight subnets 000 001 010 011 100 101 110 and 111 The following table shows IP address last octet values for each subnet Table 62 Eight Subnets suser SUBNET emsranoness KAST egg BROABOSS 1 0 1 30 31 2 32 33 62 63 3 64 65 94 95 4 96 97 126 127 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24 bit network number Table 63 24 bit Network Number Subnet Planning Nostros OWED SUBNET MASK NO SUBNETS O HOSTS PER 1 255 255 255 128 25 126 2 255 255 255 192 26 62 3 255 255 255 224 27 8 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 6 255 255 255 252 30 64 2 7 255 255 255 254 31 128 1 The following table is a summary for subnet planning on a network with a 16 bit network number Table 64 16 bit Network Number Subnet Planning NO BORROWED NO HOSTS PER HOST BITS SUBNET MASK NO SUBNETS SUBNET 1 255 255 128 0 17 2 32766 2 255 255 192 0 18 4 16382 GS1510 Series User s Guide Appendix B IP Addresses and Subnetting Table 64 16 bit Network Number Subnet Planning continued NOST Ee OWED SUBNET MASK NO SUBNETS Sucre PER 3 255 255 224 0 19 8 8190 4 255 255 240 0
96. e the Global Settings screen Section 19 4 on page 118 to activate IEEE 802 1x security and configure the local or RADIUS server settings e Use the Port Setting screen Section 19 5 on page 120 to configure IEEE 802 1x port authentication settings 1 Atthe time of writing IEEE 802 1x is not supported by all operating systems See your operating system documentation If your operating system does not support 802 1x then you may need to install 802 1x client software GS1510 Series User s Guide 117 Chapter 19 802 1x 19 3 What You Need to Know 19 3 1 IEEE 802 1x Authentication The following figure illustrates how a client connecting to a IEEE 802 1x authentication enabled port goes through a validation process The Switch prompts the client for login information in the form of a user name and password When the client provides the login credentials the Switch sends an authentication request to a RADIUS server The RADIUS server validates whether this client is allowed access to the port Figure 61 IEEE 802 1x Authentication Process I m New Connection Login Info Request Login Credentials 4 Authentication Request Authentication Reply Session Granted Denied 19 3 2 Local User Accounts By storing user profiles locally on the Switch your Switch is able to authenticate users without interacting with a network authentication server However there is a limit on the number of users you may authenticate in
97. e time interval in seconds between BPDU Bridge Protocol Data Units configuration message generations by the root switch Forward Delay This is the maximum time in seconds the Switch will wait before changing states This delay is required because every switch must receive information about topology changes before it starts to forward frames In addition each port needs time to listen for conflicting information that would make it return to a blocking state otherwise temporary data loops might result Path Cost Path cost is the cost of transmitting a frame on to a LAN through that port It is recommended to assign this value according to the speed of the bridge The slower the media the higher the cost Root Port This is the number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree Refresh Click this to update the status screen GS1510 Series User s Guide Chapter 17 Spanning Tree Protocol GS1510 Series User s Guide PART IV Security and Management IP Source Guard 103 802 1x 117 Web Authentication 123 Maintenance 129 SNMP 135 User Account 143 IP Source Guard 18 1 Overview Use the IP source guard screens to filter unauthorized DHCP and ARP packets in your network IP source guard uses a binding table to distinguish between the authorized and unauthorized DHCP and ARP packets in your network 18 2 What Y
98. efore changing states This delay is required because every switch must receive information about topology changes before it starts to forward frames In addition each port needs time to listen for conflicting information that would make it return to a blocking state otherwise temporary data loops might result The allowed range is 4 to 30 seconds Max Age This is the maximum time in seconds the Switch can wait without receiving a BPDU before attempting to reconfigure All Switch ports except for designated ports should receive BPDUs at regular intervals Any port that ages out STP information provided in the last BPDU becomes the designated port for the attached LAN If it is a root port a new root port is selected from among the Switch ports attached to the network The allowed range is 6 to 40 seconds Hello Time This is the time interval in seconds between BPDU Bridge Protocol Data allowed range is 1 to 10 seconds GS1510 Series User s Guide Units configuration message generations by the root switch The Chapter 17 Spanning Tree Protocol Table 28 General Settings continued LABEL DESCRIPTION Priority Priority is used in determining the root switch root port and designated port The switch with the highest priority lowest numeric value becomes the STP root switch If all switches have the same priority the switch with the lowest MAC address will then become the root switc
99. en this screen click Security IP Source Guard ARP Inspection Filter Table Figure 58 Filter Table ARP Inspection Filter Age Time No 1 2 Filter Table MAC Address VLAN Port Expiry min Action 00 04 80 9b 68 00 1 8 1 Delete 00 0f fe 21 a1 0f 1 8 1 Delete 00 0e a6 8c 66 10 1 8 1 Delete 00 0f fe 1e a1 ed 1 8 1 Delete Filter Table 1 min Range 1 10080 Apply Refresh Total 4 record s GS1510 Series User s Guide EJ Chapter 18 IP Source Guard The following table describes the labels in this screen Table 33 Filter Table LABEL DESCRIPTION Filter Age Time This setting has no effect on existing MAC address filters Enter how long 1 10080 minutes the MAC address filter remains in the Switch after the Switch identifies an unauthorized ARP packet The Switch automatically deletes the MAC address filter afterwards Apply Click this to save any changes Refresh Click this to reload the screen and reset any changes that were just made Filter Table No This field displays a sequential number for each MAC address filter MAC Address This field displays the source MAC address in the MAC address filter VLAN This field displays the source VLAN ID in the MAC address filter Port This field displays the source port of the discarded ARP packet Expiry min This field displays
100. er s Guide Chapter 20 Web Authentication Click Security Web Authentication Customization to open the following screen Figure 67 Customization Configuration Customized Logo Customized Page Title Authentication Login Page Settings Upload logo image gif png jpg bmp Max size 220 x 74 pixels GS1510 Customization E Preview GS1510 Title Color Title Size FFFFFF Size 3 v Message Message Message Message Color Message Size Background O Picture 9 Color FFFFFF size 3 v Upgrade background image giffpng ipg bmp Preview is unequal to the real page it only shows a relative make up ca Go to Authentication Login Page The following table describes the labels in this screen Table 39 Customization LABEL DESCRIPTION Upload Logo Enter or browse to the location of a suitable image file GIF PNG JPG File BMP of no greater size than 220 x 74 pixels and click Upload This will appear as the logo Title Enter a text title to display on the login page Title Color Enter the HTML code for the color of the Title or pick one from the swatch palette icon Title Size Select the size of the title from the drop down box Message Enter a message to display on the login page Message Color Enter the HTML code for the color of the Message or pick one from the swa
101. ere are routers between your computer and the Switch skip this step GS1510 Series User s Guide Chapter 24 Troubleshooting 5 Reset the device to its factory defaults and try to access the Switch with the default IP address See Section 3 3 on page 31 6 If the problem continues contact the vendor or try one of the advanced suggestions can see the Login screen but cannot log in to the Switch 1 Make sure you have entered the user name and password correctly The default user name is admin and the default password is 1234 These fields are case sensitive so make sure Caps Lock is not on 2 You may have exceeded the maximum number of concurrent Telnet sessions Close other Telnet session s or try connecting again later Check that you have enabled logins for HTTP or telnet If you have configured a secured client IP address your computer s IP address must match it Refer to the chapter on access control for details 3 Disconnect and re connect the cord to the Switch 4 If this does not work you have to reset the device to its factory defaults See Section 3 3 on page 31 Pop up Windows JavaScripts and Java Permissions In order to use the Web Configurator you need to allow e Web browser pop up windows from your device e JavaScripts enabled by default e Java permissions enabled by default GS1510 Series User s Guide Chapter 24 Troubleshooting GS1510 Series User s Guide
102. ermission THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY GS1510 Series User s Guide Appendix D Open Software Announcements WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 4 Sun Microsystems Inc copyright notice BSD Copyright 2003 Sun Microsystems Inc 4150 Network Circle Santa Clara California 95054 U S A All rights reserved Use is subject to license terms below This distribution may include materials developed by third parties Sun Sun Microsystems the Sun logo and Solaris are trademarks or registered trademarks of Sun Microsystems Inc in the U S and other countries Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyri
103. etting This appendix introduces IP addresses and subnet masks IP addresses identify individual devices on a network Every networking device including computers servers routers printers etc needs an IP address to communicate across the network These networking devices are also known as hosts Subnet masks determine the maximum number of possible hosts on a network You can also use subnet masks to divide one network into multiple sub networks Introduction to IP Addresses One part of the IP address is the network number and the other part is the host ID In the same way that houses on a street share a common street name the hosts on a network share a common network number Similarly as each house has its own house number each host on the network has its own unique identifying number the host ID Routers use the network number to send packets to the correct network while the host ID determines to which host on the network the packets are delivered Structure An IP address is made up of four parts written in dotted decimal notation for example 192 168 1 1 Each of these four parts is known as an octet An octet is an eight digit binary number for example 11000000 which is 192 in decimal notation Therefore each octet has a possible range of 00000000 to 11111111 in binary or 0 to 255 in decimal GS1510 Series User s Guide Appendix B IP Addresses and Subnetting The following figure shows an example IP a
104. ey VANIER SUNOS asetch 5 cerned uaudaen inl vudausliyuaantnosaar acne oxanemanseaaaimnniedsanannacameebeionaeinnets 52 TOMAC TANS o 53 Chapter 8 Par MIEPOTIBB Seprerer rene XV rer ener A Eo KE E ER E E ETN 55 B Pormomi SEDIS es cai E a itane uda cao eed tee e e Md 55 Chapter 9 Port SCH Sis e 57 IPON o noce 57 cwm hodi eoi ip HaT TNR Mo ptadnami il 57 12 GS1510 Series User s Guide Table of Contents Nic CeO P r 57 Part Ill Advanced Settings Leuccsseunuza cexkkT EFI ncn a3R AS auEF c OP Kad ad FEE EIE dd KE 61 Chapter 10 VLAN 63 LUE EIS S NER D E NIE ES 63 102 What You Can DO c 63 10 3 What You Neg Io ROW saci or dtzasssesessssnosacctbesiorsestusssassssssinasaisisaasonasseslaosassasivasennigaiianes 63 10 3 1 Introduction to IEEE 802 10 Tagged VLANS sesenta abt thanh nnn 63 10 3 2 Forwarding Tagged and Untagged Frames eseeesiee isis eren 64 TOA PORE SORON caeca adem Dien Delo iat ae aan tl ae esas occ Db oda Mec in LC dv dr Po secu 64 QUERIES OE DIO MEI A UI rere rc cr 67 10 6 MESES C 68 TO RET Sy MMI MM Lt 69 Chapter 11 cic cae M ee 71 pEEe 7 A 71 ue EEES GERON C
105. field of the Ethernet frame and two bytes of TCI Tag Control Information starts after the source address field of the Ethernet frame GS1510 Series User s Guide Chapter 10 VLAN 10 3 2 The CFI Canonical Format Indicator is a single bit flag always set to zero for Ethernet switches If a frame received at an Ethernet port has a CFI set to 1 then that frame should not be forwarded as it is to an untagged port The remaining twelve bits define the VLAN ID giving a possible maximum number of 4 096 VLANs Note that user priority and VLAN ID are independent of each other A frame with VID VLAN Identifier of null 0 is called a priority frame meaning that only the priority level is significant and the default VID of the ingress port is given as the VID of the frame Of the 4096 possible VIDs a VID of 0 is used to identify priority frames and value 4095 FFF is reserved so the maximum possible VLAN configurations are 4 094 TPID User Priority CFI VLAN ID 2 Bytes 3 Bits 1 Bit 12 bits Forwarding Tagged and Untagged Frames Each port on the Switch is capable of passing tagged or untagged frames To forward a frame from an 802 1Q VLAN aware switch to an 802 1Q VLAN unaware switch the Switch first decides where to forward the frame and then strips off the VLAN tag To forward a frame from an 802 1Q VLAN unaware switch to an 802 1Q VLAN aware switch the Switch first decides where to forward the frame and t
106. forms with or without modification are permitted provided that the following conditions are met Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of Sparta Inc nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission GS1510 Series User s Guide Appendix D Open Software Announcements THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 6 Cisco
107. ght notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution Neither the name of the Sun Microsystems Inc nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission GS1510 Series User s Guide Appendix D Open Software Announcements THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE Part 5 Sparta Inc copyright notice BSD Copyright c 2003 2009 Sparta Inc All rights reserved Redistribution and use in source and binary
108. h Enter a value from 0 61440 The lower the numeric value you assign the higher the priority for this bridge Priority determines the root bridge which in turn determines the Root Hello Time Root Maximum Age and Root Forwarding Delay Pathcost Path cost is the cost of transmitting a frame on to a LAN through that port It is recommended to assign this value according to the speed of the bridge The slower the media the higher the cost Apply Click Apply to save your changes Refresh Click Refresh to begin configuring this screen afresh 17 5 STP Status Screen Use this screen to check the current status of the STP feature Click Advanced Settings gt STP gt STP Status to display the screen as shown Figure 53 STP Status Current Root Status MAC Address Current Bridge Status MAC Address General Settings Priority Max Age Hello Time Forward Delay Priority Max Age Hello Time Forward Delay Path Cost Root Port The following table describes the labels in this screen Table 29 STP Status LABEL DESCRIPTION Current Root Sta tus MAC Address This is the MAC address of the root bridge Priority Root refers to the base of the spanning tree the root bridge This field displays the root bridge s priority This Switch may also be the root bridge Max Age This is the maximum time in seconds the Switch can wait without receiving a config
109. he mounting bracket holes into the rack 3 Repeat steps 1 and 2 to attach the second mounting bracket on the other side of the rack GS1510 Series User s Guide 25 Chapter 2 Hardware Installation and Connection GS1510 Series User s Guide Hardware Overview This chapter describes the front panel and rear panel of the Switch and shows you how to make the hardware connections 3 1 Front Panel The figures below show the front panel of the Switch Figure8 GS1510 16 Front Panel LEDs RJ 45 Gigabit Ethernet Figure 9 GS1510 24 Front Panel LEDs RJ 45 Gigabit Ethernet Mini GBIC ZyXEL GS1510 24 IN 0 GS1510 Series User s Guide Chapter 3 Hardware Overview The following table describes the ports on the panels Table1 Panel Connections GONNECTO DESCRIPTION RJ 45 Gigabit Connect these Gigabit Ethernet ports to high bandwidth backbone network Ethernet Ethernet switches or use them to daisy chain other switches Ports Mini GBIC Use mini GBIC transceivers in these slots for fiber optic connections to Slots backbone Ethernet switches GS1510 24 only 3 1 1 Ethernet Ports The GS1510 16 has 16 auto negotiating auto crossover RJ 45 Gigabit Ethernet ports The GS1510 24 has 24 auto negotiating auto crossover RJ 45 Gigabit Ethernet ports The speed of the Gigabit Ethernet ports can be 10 Mbps 100Mbps or 1000Mbps and the duplex mode can be half duplex a
110. he jumbo frame size the Switch accepts Click Basic Settings gt General Settings gt Jumbo Frame to display the screen as shown Figure 27 Basic Settings General Settings Jumbo Frame System Jumbo Frame Jumbo Frame Setting Frame Size The following table describes the labels in this screen Table 6 Basic Settings gt General Settings gt Jumbo Frame LABEL DESCRIPTION Frame Size Select the maximum number of bytes 1522 1536 1552 or 9216 of a jumbo frame The bigger the frame size the better the performance GS1510 Series User s Guide Chapter 6 General Settings Table 6 Basic Settings gt General Settings gt Jumbo Frame continued LABEL DESCRIPTION Apply Click Apply to save your changes back to the Switch Refresh Click Refresh to begin configuring this screen afresh 6 4 SNTP Use this screen to configure system date and time Click Basic Settings gt General Settings gt SNTP to display the screen as shown Figure 28 Basic Settings gt General Settings gt SNTP System Jumbo Frame Current Time and Date Current Time 01 43 59 UTC Current Date 2000 01 01 Time and Date Settings 9 Manual New Time 2000 1 1 y 1 43 59 yyyy mm dd hh mm ss O Enable Network Time Protocol NTP Server 192 5 41 41 North America o Time Zone GMT x Daylight Saving Settings State Disable x Start Date 5 ul mm dd hh End Date I mm dd
111. he rack will safely support the combined weight of all the equipment it contains e Make sure the position of the Switch does not make the rack unstable or top heavy Take all necessary precautions to anchor the rack securely before installing the unit 2 2 2 Attaching the Mounting Brackets to the Switch 1 Position a mounting bracket on one side of the Switch lining up the four screw holes on the bracket with the screw holes on the side of the Switch Figure 6 Attaching the Mounting Brackets GS1510 Series User s Guide Chapter 2 Hardware Installation and Connection 2 Using a 2 Philips screwdriver install the M3 flat head screws through the mounting bracket holes into the Switch 3 Repeat steps 1 and 2 to install the second mounting bracket on the other side of the Switch 4 You may now mount the Switch on a rack Proceed to the next section 2 2 3 Mounting the Switch on a Rack 1 Position a mounting bracket that is already attached to the Switch on one side of the rack lining up the two screw holes on the bracket with the screw holes on the side of the rack Figure 7 Mounting the Switch on a Rack Pam 0 oO D D 0 QO H ie D Caii o oe JD D e S n c D e f amp D DA V a o n Vim B d y mj g D 0 A fi o Q V o a o D E D D Lm E rni rm 2 Using a 2 Philips screwdriver install the M5 flat head screws through t
112. hen inserts a VLAN tag reflecting the ingress port s default VID The default PVID is VLAN 1 for all ports but this can be changed A broadcast frame or a multicast frame for a multicast group that is known by the system is duplicated only on ports that are members of the VID except the ingress port itself thus confining the broadcast to a specific domain 10 4 Port Isolation Use this screen to restrict specific ports on the Switch from communicating with each other This screen can also be used to specify which ports will forward received packets to other ports on the Switch GS1510 Series User s Guide Chapter 10 VLAN Click Advanced Settings gt VLAN gt Port Isolation to display the following screen Figure 34 Port Isolation Port All Ports v Egress Port O Select All O Deselect All 02040608 010012014016 018 020022024 126 M0 CPU O1030507 O89 011013015 017019021023 025 Apply Refresh Port isolation Stats Egress Port Pot 0123 45 67 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 RIAA ANAL ATA ELS EVO SZ E ENS 8 EV nn EST Eg Ive ve eve es eve Eve EVE EN EE Vi V VA EVOLEVA EVA EV EA E EIE ECT EV TR PT e IE Ion Iove Send ER E EM VV VI VIII VI Ma Ea Evo VS VO Eis V ES POS vend EVE ns E63 Per vend es ERES ELE EE VIVO a a EVO EVA EVA EVA EVA EV3 EV EVO SOR EVA EE Ss EE EVER 56 3 DOT eva ISP EO ET IER SV RITA AN AAAI A EVI IV EVO EVELLO HIS EOS ESL IET EIS 56 ETT EVE ESES VR
113. hh The following table describes the labels in this screen Table 7 Basic Settings General Settings SNTP LABEL DESCRIPTION Current Time and Date Current Time This field displays the time you open this menu or refresh the menu Current Date This field displays the date you open this menu Time and Date Settings Manual Select this option if you want to enter the system date and time manually New Time Enter the new date in year month and day format and time in hour minute and second format The new date and time then appear in the Current Date and Current Time fields after you click Apply GS1510 Series User s Guide Chapter 6 General Settings Table 7 Basic Settings gt General Settings gt SNTP continued LABEL DESCRIPTION Enable Select this option to use Network Time Protocol NTP for the time Network Time service Protocol NTP Server Select a pre designated time server or type the IP address of your time server The Switch searches for the timeserver for up to 60 seconds Time Zone Select the time difference between UTC Universal Time Coordinated formerly known as GMT Greenwich Mean Time and your time zone from the drop down list box Daylight Saving Settings Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the e
114. his License Any attempt otherwise to copy modify sublicense or distribute the Program is void and will automatically terminate your rights under this License However parties who have received copies or rights GS1510 Series User s Guide Appendix D Open Software Announcements from you under this License will not have their licenses terminated so long as such parties remain in full compliance 5 You are not required to accept this License since you have not signed it However nothing else grants you permission to modify or distribute the Program or its derivative works These actions are prohibited by law if you do not accept this License Therefore by modifying or distributing the Program or any work based on the Program you indicate your acceptance of this License to do so and all its terms and conditions for copying distributing or modifying the Program or works based on it 6 Each time you redistribute the Program or any work based on the Program the recipient automatically receives a license from the original licensor to copy distribute or modify the Program subject to these terms and conditions You may not impose any further restrictions on the recipients exercise of the rights granted herein You are not responsible for enforcing compliance by third parties to this License 7 If as a consequence of a court judgment or allegation of patent infringement or for any other reason not limited to patent issues c
115. how long in minutes the MAC address filter remains in the Switch Action Click Delete to remove the record manually Total This field displays the current number of MAC address filters that were created because the Switch identified unauthorized ARP packets 18 7 Binding Table Use these screens to manage both the static and dynamic binding entries 18 7 1 Static Entry Settings Use this screen to manage static bindings for DHCP snooping and ARP inspection Static bindings are uniquely identified by the MAC address and VLAN ID Each MAC address and VLAN ID can only be in one static binding If you try to create a static binding with the same MAC address and VLAN ID as an existing static binding the new static binding replaces the original one GS1510 Series User s Guide Chapter 18 IP Source Guard To open this screen click Security gt IP Source Guard gt Binding Table gt Static Entry Settings Figure 59 Static Entry Settings Static Entry Settings Static Entry Settings MAC Address IP Address VLAN ID Port Static Binding Table No MAC Address Binding Table 1 wl IP Address Lease hour VLAN Port Type Action The following table describes the labels in this screen Table 34 Static Entry Settings LABEL DESCRIPTION MAC Address Enter the source MAC address in the binding IP Address Enter the IP address assigned to the MAC address in the bin
116. i Ded me a pu ca tu d 19 Judi spobecno e 20 1 1 3 High Performance Switching EXample sisse caccia bcd dte Rh RR tt bea kx hd nha E nt dtu Lih 21 1 14 IEEE 802 10 VLAN Application Examples 25 riter tbt ette iniisa 21 12 Good Habits for Managing Wie SWC uus too EP ed DR een EL o oo d tienes 22 Chapter 2 Hardware Installation and Connection 1 eeeeeeeeeeeeeeeee nennen nnn annuae nana nan 23 ux cusam Ee 23 2 2 Mounting the SICH DIS RAEk 02h sv tater im at edad peeves iun d er Ea uo Lt on edi 24 2 2 1 Rack mounted Installation Requirements sss 24 2 2 2 Attaching the Mounting Brackets to the Switch ccccccccsceceeessceeeceeescceeseeedeceeeeenseee 24 22 3 Moun ng the Switch on a RaCkK seerste d EDAD NY LIS RS o L4 RP P IRR P bRUS 25 Chapter 3 Hardware DUDEN codarkia ed Xe aA oa AERA RR EAR CR ERAT UA n UE HA E PXY GEL ONERE REA KKRIRFUVFAYKE Rn UY Vb AE EE 27 C WOU tT 27 SOLA ENN POS au iecit rubea Ito va tb i pata auta Ede Yo eti ds Lat d Ie kae or E uit Ie t beta use ndis 28 2 12 RWRISGERS SIE soraan EEEpL Tex ERx a vex Le deer E EBERT EE HE ELE PESE iai 28 3 13 The RESET BUTON sirieias a a oebeb et teas DI 1a c ed r NaN 30 CANI dM c A 30 D mE Pig oar ae eet oo eee tote ire Sorte Meee cela dt Me se ted 31 ou d PONO DDINEDUIE lt ccnsicttcccisiteleciajelectusidaicssakclajeiescingumaeesuessantebocunimiadeuaniuanbauraraalecutibas 41 GS1
117. ication Dial In User Service RFC 2236 Internet Group Management Protocol Version 2 RFC 2865 RADIUS Vendor Specific Attribute RFC 3164 Syslog RFC 3376 Internet Group Management Protocol Version 3 RFC 3580 RADIUS Tunnel Protocol Attribute GS1510 Series User s Guide 155 Chapter 25 Product Specifications GS1510 Series User s Guide PART VI Index Device Auto Discovery 159 IP Addresses and Subnetting 165 Legal Information 175 Index 199 157 Device Auto Discovery This appendix introduces the ZyXEL device discovery utility This utility helps the network administrator find the IP address of a device on the network by performing a scan This function is useful if the default IP address has been changed and the device can not be located on the network this utility is even more useful if the Switch does not have a console port The program ZyXEL device discovery exe can be found on the CD that accompanies the Switch The software is compatible with Windows XP Vista and 7 Installing the Software 1 Double click the file zyxel device discovery setup exe located on the CD that came with the Switch 2 The following screen will display click Next ft ZyXEL Device Discovery Insta HOR Welcome to the ZyXEL Device Discovery Setup Wizard This will install ZyXEL Device Discovery version 1 0 on your computer It is recommended that you close all other applicatio
118. ify a limit for the amount of broadcast packets received per second Multicast to only specify a limit for the amount of multicast packets received per second DLF to only specify a limit for the amount of DLF packets received per second Bcast Mcast to specify a limit for the amount of broadcast and multicast packets received per second Mcast DLF to specify a limit for the amount of multicast and DLF packets received per second Bcast DLF to specify a limit for the amount of broadcast and DLF packets received per second Bcast Mcast DLF to specify a limit for the amount of broadcast multicast and DLF Destination Lookup Failure packets received per second Apply Click Apply to save your changes Refresh Click Refresh to begin configuring this screen afresh Storm Control Status Port This field displays the number of a port Rate pps This field displays the number of packets of the type displayed in the Type field per second the Switch can receive per second Type This field displays the packet types that the limit of the rate displayed in the Rate field is applied on the Switch GS1510 Series User s Guide 17 1 Spanning Tree Protocol Overview R STP detects and breaks network loops and provides backup links between switches bridges or routers It allows a Switch to interact with other R STP compliant switches in your network to ensure tha
119. igher bandwidth link 13 2 What You Can Do e Use the Static Trunk screen Section 13 4 on page 78 to aggregate groups of physical ports into one higher capacity link e Use the LACP screen Section 13 5 on page 79 to enable Link Aggregation Control Protocol LACP 13 3 What You Need to Know Link Aggregation Trunking is the grouping of physical ports into one logical higher capacity link You may want to trunk ports if for example it is cheaper to use multiple lower speed links than to under utilize a high speed but more costly single port link However the more ports you aggregate then the fewer available ports you have A trunk group is one logical link containing multiple ports The Switch supports both static and dynamic link aggregation Note In a properly planned network it is recommended to implement static link aggregation only This ensures increased network stability and control over the trunk groups on your Switch 13 3 1 Dynamic Link Aggregation The Switch adheres to the IEEE 802 3ad standard for static and dynamic LACP port trunking GS1510 Series User s Guide Chapter 13 Link Aggregation The IEEE 802 3ad standard describes the Link Aggregation Control Protocol LACP for dynamically creating and managing trunk groups When you enable LACP link aggregation on a port the port can automatically negotiate with the ports at the remote end of a link to establish trunk groups LACP also allows port
120. ing You can use subnetting to divide one network into multiple sub networks In the following example a network administrator creates two sub networks to isolate a group of servers from the rest of the company network for security reasons GS1510 Series User s Guide Appendix B IP Addresses and Subnetting In this example the company network address is 192 168 1 0 The first three Octets of the address 192 168 1 are the network number and the remaining octet is the host ID allowing a maximum of 28 2 or 254 possible hosts The following figure shows the company network before subnetting Figure 85 Subnetting Example Before Subnetting m n RN HE I n a e a 2 fl a I ii g i fl i E i E i lu i H i i g a E t n gt A 192 168 1 0 24 i n ee oe te ee eee ee ee ee ee You can borrow one of the host ID bits to divide the network 192 168 1 0 into two separate sub networks The subnet mask is now 25 bits 255 255 255 128 or 25 The borrowed host ID bit can have a value of either 0 or 1 allowing two subnets 192 168 1 0 25 and 192 168 1 128 25 GS1510 Series User s Guide Appendix B IP Addresses and Subnetting The following figure shows the company network after subnetting There are now two sub networks A and B Figure 86 Subnetting Example After Subnetting tA ug a an i B uL 1 H if f UN f Internet fi it fi fl a a
121. ing Tree Protocol See RSTP 95 reboot load configuration 132 reboot system 132 registration product 177 related documentation 3 reset button 27 43 resetting 43 131 to factory default settings 131 restoring configuration 43 131 RFC 3164 133 Round Robin Scheduling 86 RSTP 95 rubber feet 23 S safety certifications 151 safety warnings 7 save configuration 43 Simple Network Management Protocol SNMP 135 Simple Network Management Protocol see SNMP SNMP 135 agent 136 and MIB 136 management model 136 manager 136 GS1510 Series User s Guide Index MIB 137 network components 136 object variables 136 protocol operations 136 setup 137 traps 137 versions supported 135 SNMP Simple Network Management Protocol 135 SNMP traps 137 SP Strict Priority queuing 86 Spanning Tree Protocol See STP 95 standby ports 78 static bindings 104 static MAC address 52 static MAC forwarding 52 53 status 36 37 39 LED 30 STP 95 designated bridge 96 Hello BPDU 96 how it works 96 path cost 96 root port 96 terminology 96 vs loop guard 81 subnet 165 subnet mask 166 subnetting 168 switch lockout 43 switch reset 43 switching 152 syntax conventions 5 syslog 106 protocol 133 severity levels 133 system control 153 system reboot 132 system status 45 T tagged VLAN 63 time current 49 time zone 50 time service protocol 50 trademarks 175 transceiver installation 29 removal 29 traps
122. ion Where should ZyXEL Device Discovery be installed par Setup will install ZyXEL Device Discovery into the Following Folder To continue click Next IF you would like to select a different Folder click Browse E Program FilesVZvXEL Device Discovers Browse At least 2 7 MB of free disk space is required 5 Select the components to install ZyXEL Device Discovery 1 0 is mandatory WinPCap 4 1 1 is optional Click Next to continue the installation GS1510 Series User s Guide Appendix A Device Auto Discovery ft ZyXEL Device Discovery Insta DOR Select Components Which components should be installed Select the components you want to install clear the components you do not want to install Click Next when you are ready to continue Description ZyXEL Device Discovery 1 0 C winPcap 4 1 1 904 KB Current selection requires at least 2 7 MB of disk space 6 Select if you want to create an icon for the program on your desktop and click Next to continue the installation ft ZyXEL Device Discovery Insta DOR Select Additional Tasks Which additional tasks should be performed ZyX E L Select the additional tasks you would like Setup to perform while installing ZyXEL Device Discovery then click Next Additional icons Ok 7 Confirm the installation settings you have just configured and click Install to start the installation To change an installation setting
123. ion sent to an external management station Management Maintenance Use this screen to perform firmware upgrades configuration backup and restore SNMP Use this screen to reboot the Switch or to restore the default configuration of the Switch Use this screen to define security parameters for SNMP vi and SNMP v2c Use this screen to configure settings that define when notifications are sent to an external management station User Account Use this screen to create users and assign them to pre defined SNMP groups 4 3 4 Change Your Password After you log in for the first time it is recommended you change the default administrator password Click Management User Account to display the next screen Click 1 in the No field to change the admin password Figure 23 Change Administrator Login Password User Account Settings User Name User Password User Authority Guest x Apel No User Name User Password User Authority Action ED admin 1234 Admin Pa guest guest Guest 3 TEST 1111 User Delete GS1510 Series User s Guide Chapter 4 The Web Configurator 4 4 Saving Your Configuration When you are done modifying the settings in a screen click Apply to save your changes back to the Switch 4 5 Switch Lockout You could block yourself and all others from using the Web Configurator if you 1 Remove all the ports from the default VLAN default is VLAN 1 when no other VLANs exist
124. is screen to decide whether to use Switch IEEE 802 1p priority or DSCPs for the GS1510 Series User s Guide Chapter 15 QoS 15 5 1 Switch to prioritize all incoming traffic Click Advanced Settings gt QoS gt IP DiffServ DSCP to open the screen Differentiated Services Code Point DSCP Differentiated Services DiffServ is a class of service CoS model that marks packets so that they receive specific per hop treatment at DiffServ compliant network devices along the route based on the application types and traffic flow Packets are marked with DiffServ Code Points DSCPs indicating the level of service desired This allows the intermediary DiffServ compliant network devices to handle the packets differently depending on the code points without the need to negotiate paths or remember state information for every flow In addition applications do not have to request a particular service or give advanced notice of where the traffic is going DiffServ defines a new DS Differentiated Services field to replace the Type of Service ToS field in the IP header The DS field contains a 2 bit unused field and a 6 bit DSCP field which can define up to 64 service levels Figure 48 IP DiffServ DSCP PioyueeWappngT eungwerc NENNEN Mode Tag Over DSCP v DSCP Priority DSCP Priority DSCP Priority DSCP Priority DSCP 0 0v DSCP 4 0v DSCP2 0v DSCP3 ow DSCP 4 0 v DSCP 5 ov DSCP 6 0 DSCP7 o vl DSCP 8 ov DSCP 9 oly
125. is assigned according to the speed of the link to which a port is attached The slower the media the higher the cost Table 27 STP Path Costs LINK RECOMMENDED RECOMMENDED ALLOWED SPEED VALUE RANGE RANGE Path Cost 4Mbps 250 100 to 1000 1 to 65535 Path Cost 10Mbps 100 50 to 600 1 to 65535 Path Cost 16Mbps 62 40 to 400 1 to 65535 Path Cost 100Mbps 19 10 to 60 1 to 65535 Path Cost 1Gbps 4 3 to 10 1 to 65535 Path Cost 10Gbps 2 1to5 1 to 65535 On each bridge the bridge communicates with the root through the root port The root port is the port on this Switch with the lowest path cost to the root the root path cost If there is no root port then this Switch has been accepted as the root bridge of the spanning tree network For each LAN segment a designated bridge is selected This bridge has the lowest cost to the root among the bridges connected to the LAN How STP Works After a bridge determines the lowest cost spanning tree with STP it enables the root port and the ports that are the designated ports for connected LANs and disables all other ports that participate in STP Network packets are therefore only forwarded between enabled ports eliminating any possible network loops STP aware switches exchange Bridge Protocol Data Units BPDUs periodically When the bridged LAN topology changes a new spanning tree is constructed Once a stable network topology has been established all bri
126. is chapter describes the User Account screen There are three types of user accounts on the Switch Admin User and Guest e The Admin account is used for administrating the Switch using the web configurator e The User and Guest accounts are used for IEEE 802 1x Authentication Chapter 19 on page 117 and Web Authentication Chapter 20 on page 123 23 2 User Account Screen Use this screen to configure the admin user and guest accounts on the Switch To access the screen click Management User Account To create a new account type a username password and set a user authority for the account and then click Apply To modify an existing account click the index number for that account and click Apply after modifying any details GS1510 Series User s Guide Chapter 23 User Account Note You cannot delete the default Admin and Guest accounts However you can modify the Guest username and password Figure 81 User Account User Name lw N Ia User Password User Authority User Account List User Account Settings Guest M User Name User Password User Authority Action admin 1234 Admin guest guest Guest TEST 1111 User The following table describes the labels in this screen Table 47 User Account LABEL DESCRIPTION User Name Type a new username or modify an existing one User Type a new password or modify an existing one Enter up to 15 alpha Passw
127. istribute such modifications or work under the terms of Section 1 above provided that you also meet all of these conditions a You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change b You must cause any work that you distribute or publish that in whole or in part contains or is derived from the Program or any part thereof to be licensed as a whole at no charge to all third parties under the terms of this License C If the modified program normally reads commands interactively when run you must cause it when started running for such interactive use in the most ordinary way to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty or else saying that you provide a warranty and that users may redistribute the program under these conditions and telling the user how to view a copy of this License Exception if the Program itself is interactive but does not normally print such an announcement your work based on the Program is not required to print an announcement These requirements apply to the modified work as a whole If identifiable sections of that work are not derived from the Program and can be reasonably considered independent and separate works in themselves then this License and its terms do not apply to those sections when you distribute them as separate works But GS1510 Series User s Guide
128. kets and from information provided manually in the Static Entry Settings screen To open this screen click Security gt IP Source Guard gt Binding Table gt Binding Table Figure 60 Binding Table DHCP Snooping Binding Table Show Type AII v Show You can select the dynamic entry and convert it to static status ANC MAC Address IP Address Lease hour VLAN Port Type Y The following table describes the labels in this screen Table 35 Binding Table LABEL DESCRIPTION Show Type Select All to display both dynamic and static binding entries Select Dynamic to display dynamic binding entries only Select Static to display static binding entries only Show Click this to refresh the screen and display the binding entries for the currently selected type All Click this to highlight all binding entries By clicking the Apply button the Switch will convert the dynamic binding entries to static entries MAC Address This field displays the source MAC address in the binding IP Address This field displays the IP address assigned to the MAC address in the binding Lease hour This field displays how long the binding is valid VLAN This field displays the source VLAN ID in the binding Port This field displays the port number in the binding If this field is blank the binding applies to all ports GS1510 Series User s Guide Chapter 18 IP Source Guard Tabl
129. lig ss Rees MAC Address VLAN ID Port Action 00 16 17 aa 02 b2 1 8 00 0b 04 29 2b 04 1 CPU 52 GS1510 Series User s Guide Chapter 7 MAC Management The following table describes the labels in this screen Table8 Static MAC Settings LABEL DESCRIPTION Static MAC Settings MAC Address Enter the MAC address of a computer or device that you want to add to the MAC address table VLAN ID Enter the VLAN ID to apply to the computer or device Port Enter the port number to which the computer or device is connected Apply Click Apply to add the MAC address entry to the MAC address table Refresh Click Refresh to begin configuring this screen afresh Static MAC Table MAC Address This field displays the MAC address of a manually entered MAC address entry VLAN ID This field displays the VID of a manually entered MAC address entry Port This field displays the port number of a manually entered MAC address entry The MAC address with the port listed as CPU is the Switch s MAC address Action Click Delete to remove this manually entered MAC address entry from the MAC address table You cannot delete the Switch s MAC address from the static MAC address table 7 5 MAC Table Use the MAC Table screen to view entries in the MAC address table Click Basic Settings MAC Management MAC Table in the navigation panel to display the screen as shown Figure 31 MAC Table
130. m System Information System Information Model Name GS1510 24 Host Name GS1510 24 Boot Code Version V1 00 BVN 0b1 Firmware Version V1 00 BVN 0b1 Built Date Wed Jun 30 11 01 11 CST 2010 DHCP Client Disabled IP Address 192 168 1 1 Subnet Mask 255 255 255 0 Default Gateway 0 0 0 0 MAC Address 00 0b 04 29 26 04 Management VLAN 1 CPU Loading 0 Memory Information Total 30360 KB Free 25492 KB Usage 16 03 Current Time 2000 1 1 1 41 12 The following table describes the labels in this screen Table 4 System LABEL DESCRIPTION Model Name __ This field displays the model name of your Switch Host Name This field displays the name of your Switch Boot Code This field displays the boot code version Version GS1510 Series User s Guide Chapter 5 System Table 4 System continued LABEL DESCRIPTION Firmware This field displays the version number of the Switch s current firmware Version Click Upgrade to go to the firmware upgrade screen See Section 21 3 2 on page 131 Built Date This field displays the date of the currently installed firmware DHCP Client This field displays whether the DHCP client feature is enabled or disabled IP Address This field indicates the IP address of the Switch You can click the existing IP address to change it See Section 6 2 on page 47 Subnet Mask This field indicates the subnet mask of the Switch
131. mbership It checks IGMP packets passing through it picks out the group registration information and configures multicasting accordingly IGMP snooping allows the Switch to learn multicast groups without you having to manually configure them The Switch forwards multicast traffic destined for multicast groups that it has learned from IGMP snooping or that you have manually configured to ports that are members of that group IGMP snooping generates no additional network traffic allowing you to significantly reduce multicast traffic passing through your Switch GS1510 Series User s Guide Chapter 12 IGMP Snooping 12 3 1 IGMP Snooping and VLANs The Switch can perform IGMP snooping on up to 4094 VLANs You can configure the Switch to automatically learn multicast group membership of any VLANs The Switch then performs IGMP snooping on the first VLANs that send IGMP packets This is referred to as auto mode Alternatively you can specify the VLANs that IGMP snooping should be performed on This is referred to as fixed mode In fixed mode the Switch does not learn multicast group membership of any VLANs other than those explicitly added as an IGMP snooping VLAN 12 4 General Settings Click Advanced Settings IGMP Snooping to display the screen as shown Figure 39 IGMP Snooping IGMP Snooping Settings IGMP Snooping State Disable x IGMP Snooping VLAN State Add vw e g 1 3 5 10 Unknown Multicast Packets Drop v Agel
132. must make sure that they too receive or can get the source code And you must show them these terms so they know their rights We protect your rights with two steps 1 copyright the software and 2 offer you this license which gives you legal permission to copy distribute and or modify the software Also for each author s protection and ours we want to make certain that everyone understands that there is no warranty for this free software If the software is modified by someone else and passed on we want its recipients to know that what they have is not the original so that any problems introduced by others will not reflect on the original authors reputations Finally any free program is threatened constantly by software patents We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses in effect making the program proprietary To prevent this we have made it clear that any patent must be licensed for everyone s free use or not licensed at all The precise terms and conditions for copying distribution and modification follow TERMS AND CONDITIONS FOR COPYING DISTRIBUTION AND MODIFICATION GS1510 Series User s Guide Appendix D Open Software Announcements 0 This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License The Program below refers to any s
133. ng to the device Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device Click Management Maintenance Firmware to display the screen as shown next Figure 73 Firmware Configuration Upgrade Firmware File path Browse Upgrade Type the path and file name of the firmware file you wish to upload to the Switch in the File path text box or click Browse to locate it Click Upgrade to load the new firmware After the firmware upgrade process is complete see the System Status gt System Information screen to verify your current firmware version number 21 5 Reboot Reboot allows you to restart the Switch without physically turning the power off Follow the steps below to reboot the Switch Click Management gt Maintenance gt Reboot screen as shown next Figure 74 Reboot Configuration 3f Firmware System Log Press Reboot to restart the system 132 GS1510 Series User s Guide Chapter 21 Maintenance 1 Inthe Reboot screen click the Reboot button The following screen displays Figure 75 Reboot System Windows Internet Explorer X 9 It will reboot the device Are you sure 2 Click OK again and then wait for the Switch to restart This takes up to two minutes This does not affect the Switch s configuration 21 6 System Log Use this screen to view the system logs and to configure an external syslog server 21 6 1
134. ns 22 3 What You Need to Know 22 3 1 About SNMP Simple Network Management Protocol SNMP is an application layer protocol used to manage and monitor TCP IP based devices SNMP is used to exchange management information between the network management system NMS and a network element NE A manager station can manage and monitor the Switch through the network via SNMP version one SNMPv1 or SNMP version 2c The GS1510 Series User s Guide 135 Chapter 22 SNMP next figure illustrates an SNMP management operation SNMP is only available if TCP IP is configured Figure 77 SNMP Management Model Manager i Agent Agent Agent Managed Device Managed Device Managed Device An SNMP managed network consists of two main components agents and a manager An agent is a management software module that resides in a managed network device the Switch An agent translates the local management information from the managed device into a form compatible with SNMP The manager is the console through which network administrators perform network management functions It executes applications that control and monitor managed devices The managed devices contain object variables managed objects that define each piece of information to be collected about the device Examples of variables include number of packets received node port status and so on A Management Information Base MIB is a collection of managed objects SNMP allows
135. ns before continuing Click Next to continue or Cancel to exit Setup WARNING This program is protected by copyright law and international treaties GS1510 Series User s Guide Appendix A Device Auto Discovery 3 After reading the license agreement select I accept the agreement and click Next ft ZyXEL Device Discovery Insta DOR License Agreement Please read the Following important information before continuing Please read the following License Agreement You must accept the terms of this agreement before continuing with the installation WARNING ZyXEL Communications Corp IS WILLING TO LICENSE THE ENCLOSED SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENSE AGREEMENT PLEASE READ THE TERMS CAREFULLY BEFORE COMPLETING THE INSTALLATION PROCESS AS INSTALLING THE SOFTWARE WILL INDICATE YOUR ASSENT TO THEM IF YOU DO NOT AGREE TO THESE TERMS THEN ZyXEL INC IS UNWILLING TO LICENSE THE SOFTWARE TO YOU IN WHICH EVENT YOU SHOULD RETURN THE UNINSTALLED SOFTWARE AMD PACKAGING TO THE PLACE FROM WHICH IT WAS ACQUIRED 1 Grant of License for Personal Use Or accept the agreement S I do not accept the agreement 4 Choose the location in which to install the program files to The default location is C Program Files ZyXEL Device Discovery Click Next to continue the installation ZyXEL Device Discovery Insta DOR Select Destination Locat
136. nternal log messages as well as SNMP traps when it shuts down a port via the loop guard feature MAC Address Enter the destination MAC address the probe packets will be sent to If the port receives these same packets the port will be shut down Port Select a port on which to configure loop guard protection State Select Enable to use the loop guard feature on the Switch Loop Select Enable to reactivate the port automatically after the designated Recovery recovery time has passed Recovery Specify the recovery time in minutes that the Switch will wait before Time reactivating the port This can be between 1 to 60 minutes Apply Click Apply to save your changes to the Switch Refresh Click Refresh to begin configuring this screen afresh Port This field displays a port number State This field displays if the loop guard feature is enabled GS1510 Series User s Guide Chapter 14 Loop Guard Table 21 Loop Guard continued LABEL DESCRIPTION Loop This field displays if the loop recovery feature is enabled Recovery Recovery This field displays the recovery time for the loop recovery feature Time min GS1510 Series User s Guide QoS 15 1 Overview This chapter introduces the quality of service QoS parameters you can configure on the Switch QoS is used to help solve performance degradation when there is network congestion The Switch allows you to u
137. nties express or implied including any implied warranty of merchantability or fitness for a particular use or purpose ZyXEL shall in no event be held liable for indirect or consequential damages of any kind to the purchaser To obtain the services of this warranty contact ZyXEL s Service Center for your Return Material Authorization number RMA Products must be returned Postage Prepaid It is recommended that the unit be insured when shipped Any returned products without proof of purchase or those with an out dated warranty will be repaired or replaced at the discretion of ZyXEL and the customer will be billed for parts and labor All repaired or replaced products will be shipped by ZyXEL to the corresponding return address Postage Paid This warranty gives you specific legal rights and you may also have other rights that vary from country to country Registration Register your product online to receive e mail notices of firmware upgrades and information at www zyxel com for global products or at www us zyxel com for North American products GS1510 Series User s Guide 177 Appendix C Legal Information 178 GS1510 Series User s Guide Open Software Announcements End User License Agreement for GS1510 16 GS1510 24 WARNING ZyXEL Communications Corp IS WILLING TO LICENSE THE SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENSE AGREEMENT PLEASE READ THE TERMS CAR
138. o be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange or c Accompany it with the information you received as to the offer to distribute corresponding source code This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer in accord with Subsection b above The source code for a work means the preferred form of the work for making modifications to it For an executable work complete source code means all the source code for all modules it contains plus any associated interface definition files plus the scripts used to control compilation and installation of the executable However as a special exception the source code distributed need not include anything that is normally distributed in either source or binary form with the major components compiler kernel and so on of the operating system on which the executable runs unless that component itself accompanies the executable If distribution of executable or object code is made by offering access to copy from a designated place then offering equivalent access to copy the source code from the same place counts as distribution of the source code even though third parties are not compelled to copy the source along with the object code 4 You may not copy modify sublicense or distribute the Program except as expressly provided under t
139. on including but not limited to if ZyXEL finds that you have violated any of the terms of this License Agreement Upon notification of termination you agree to destroy or return to ZyXEL all copies of the Software and Documentation and to certify in writing that all known copies including backup copies have been destroyed All provisions relating to confidentiality proprietary rights and non disclosure shall survive the termination of this Software License Agreement 11 General This License Agreement shall be construed interpreted and governed by the laws of Republic of China without regard to conflicts of laws provisions thereof The exclusive forum for any disputes arising out of or relating to this License Agreement shall be an appropriate court or Commercial Arbitration Association sitting in ROC Taiwan if the parties agree to a binding arbitration This License Agreement shall constitute the entire Agreement between the parties hereto This License Agreement the rights granted hereunder the Software and Documentation shall not be assigned by you without the prior written consent of ZyXEL Any waiver or modification of this License Agreement shall only be effective if it is in writing and signed by both parties hereto If any part of this License Agreement is found invalid or unenforceable by a court of competent GS1510 Series User s Guide Appendix D Open Software Announcements jurisdiction the remainder of this License Ag
140. onditions are imposed on you whether by court order agreement or otherwise that contradict the conditions of this License they do not excuse you from the conditions of this License If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations then as a consequence you may not distribute the Program at all For example if a patent license would not permit royalty free redistribution of the Program by all those who receive copies directly or indirectly through you then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program If any portion of this section is held invalid or unenforceable under any particular circumstance the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system it is up to the author donor to decide if he or she is willing to distribute software through any other system and a licensee cannot
141. ontrol in full duplex mode and backpressure flow control in half duplex mode IEEE802 3x flow control is used in full duplex mode to send a pause signal to the sending port causing it to temporarily stop sending signals when the receiving GS1510 Series User s Guide port memory buffers fill Chapter 9 Port Settings Back Pressure flow control is typically used in half duplex mode to send a collision signal to the sending port mimicking a state of packet collision causing the sending port to temporarily stop sending signals and resend later Figure 33 Port Settings Port 1 v SSASSS PS Cor Fanon a eo SARSI State Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled State Speed Duplex Flow Control Enable v Auto is ort iw Select All means select port 1 24 Port 25 amp 26 support 1000M Full amp Flow control Off only Speed Duplex N A SPF module isn t present Flow Link Status 100M Full Off Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down Link Down d B b B B B B B M
142. ord numeric characters spaces are allowed User Select with which group the user associates Authority Apply Click Apply to save the changes back to the Switch Refresh Click Refresh to begin configuring this screen afresh No This field displays the index number of an entry User Name This field displays the name of a user account User This field displays the password Password User This field displays the associated group Authority Action Click the Delete button to remove the user account Note You cannot delete the default admin and guest accounts GS1510 Series User s Guide PART V Troubleshootinc Troubleshooting This chapter offers some suggestions to solve problems you might encounter The potential problems are divided into the following categories e Power Hardware Connections and LEDs e Switch Access and Login 24 1 Power Hardware Connections and LEDs The Switch does not turn on None of the LEDs turn on 1 Make sure you are using the power adaptor or cord included with the Switch 2 Make sure the power adaptor or cord is connected to the Switch and plugged in to an appropriate power source Make sure the power source is turned on 3 Disconnect and re connect the power adaptor or cord to the Switch 4 Ifthe problem continues contact the vendor One of the LEDs does not behave as expected 1 Make sure you understand the normal behavior of the LED See Section 3 2 on page 30
143. orts to it Click Advanced Settings gt VLAN gt VLAN gt VLAN Settings to display the following screen Figure 35 VLAN Settings VLAN Settings VLAN ID VLAN ID 1 100 VLAN Settings Tag Settings T Port Settings ME VLAN Name Member Port e g 1 3 5 10 Apply Refresh VLAN Name VLAN Status Member Port Action VLAN1 Static 1 26 Delete VLAN100 Static None Delete The following table describes the labels in this screen Table 13 VLAN Settings LABEL DESCRIPTION VLAN ID Enter the VLAN ID for this entry the valid range is between 1 and 4094 VLAN Name Enter a descriptive name for the VLAN for identification purposes This name consists of up to 64 printable characters spaces are allowed Member Port Enter the port numbers you want the Switch to assign to the VLAN as members You can designate multiple port numbers individually by using a comma and by range with a hyphen Apply Click this to save any changes to the Switch Refresh Click this to reload the screen and reset any changes that were just made VLAN List VLAN ID This field displays the index number of the VLAN entry Click the number to modify the VLAN VLAN Name This field displays the name of the VLAN VLAN Status This field displays the status of the VLAN Static or Dynamic 802 1Q VLAN Member Port This field displays which ports have been assigned as members of
144. ory capacity of the device In essence RADIUS allows you to validate an unlimited number of users from a central location Primary Radius Server When RADIUS is selected as the 802 1x authentication method the Primary Radius Server will be used for all authentication attempts IP Address Enter the IP address of an external RADIUS server in dotted decimal notation UDP Port The default port of a RADIUS server for authentication is 1812 Shared Key Specify a password up to 32 alphanumeric characters as the key to be shared between the external RADIUS server and the Switch This key is not sent over the network This key must be the same on the external RADIUS server and the Switch Second Radius Server This is the backup server used only when the Primary Radius Server is down Apply Click this to save any changes Refresh Click this to reload the screen and reset any changes that were just made GS1510 Series User s Guide Chapter 19 802 1x Table 36 Global Settings continued LABEL DESCRIPTION Global Status State This field displays if 802 1x authentication is Enabled or Disabled Authentication This field displays if the authentication method is Local or RADIUS Method Primary Radius This field displays the IP address UDP port and shared key for the Server Primary Radius Server This will be blank if nothing has been set Second Radius This is
145. ou Can Do e Use the DHCP Snooping screens Section 18 4 on page 107 to filter unauthorized DHCP packets on the network and to build the binding table dynamically e Use the ARP Inspection screens Section 18 6 on page 110 to filter unauthorized ARP packets on the network e Use the Binding Table screens Section 18 7 on page 112 to manually enter static bindings and to convert dynamic bindings to static 18 3 What You Need To Know A binding in the IP source guard binding table contains these key attributes e MAC address e VLAN ID e IP address e Port number When the Switch receives an ARP packet it looks up the appropriate MAC address VLAN ID IP address and port number in the binding table If there is a binding the Switch forwards the packet If there is not a binding the Switch discards the packet The Switch builds the binding table by snooping DHCP packets dynamic bindings and from information provided manually by administrators static bindings GS1510 Series User s Guide Chapter 18 IP Source Guard IP source guard consists of the following features e DHCP snooping Use this to filter unauthorized DHCP packets on the network and to build the binding table dynamically e ARP inspection Use this to filter unauthorized ARP packets on the network e Static bindings Use this to create static bindings in the binding table If you want to use dynamic bindings to filter unauthorized ARP packets typic
146. our web browser GS1510 Series User s Guide EJ Chapter 4 The Web Configurator 2 Type http and the IP address of the Switch for example the default is 192 168 1 1 in the Location or Address field Press ENTER 3 The login screen appears The default username is admin and the associated default password is 1234 Figure 16 Web Configurator Login GS1510 User Name Password 4 Click Login to view the first Web Configurator screen 4 3 1 Smart Mode The Smart mode screens enable you to quickly set up important options such as basic IP settings Energy Efficient Ethernet Web Authentication DHCP Snooping and Spanning Tree Protocol STP To go directly to the Advance mode settings see Section 4 3 2 on page 40 GS1510 Series User s Guide Chapter 4 The Web Configurator 4 3 1 1 IP Setting The Smart IP Setting screen is the first screen that displays when you access the Web Configurator Use this screen to configure the IP address and subnet mask for the Switch Click Apply to save the changes Figure 17 Web Configurator Smart Screen IP Setting P About Logout oe Web Authentication DHCP Snooping IP Adoress ERN UNA Subnet Masi EREEEREEEN AM 4 6 8 10 12 14 16 18 20 22 24 ZyXEL Gr ar Us CGGE C35 G0 CASE ter ir CES G0 O3 tr tr 5 7 C Er 432 LS LE 19 TAI Ya 25 26 4 3 1 2 EEE Energy Efficient Ethernet Use this screen to reduce energy consumption over RJ 45
147. p news zyxel com article 100826 html User Authentication Experience When the user attempts to access the Internet through a port which is secured with Web Authentication the following screen will display and request them to enter a username and password Note The appearance of this login page can be modified in the Customization screen Section 20 5 on page 126 Figure 64 Web Authentication Login Welcome User Name Password After successfully logging in the following message will display At this point users should close the browser and relaunch it to access the Internet Figure 65 Web Authentication Login Success Web Authentication succeeds Please reopen your browser ial GS1510 Series User s Guide Chapter 20 Web Authentication 20 4 Configuration Use the Configuration screen to enable or disable the Web Authentication feature You can also use this screen to configure the authentication method Note Another version of this screen can be accessed in Smart Mode See Section 4 3 1 3 on page 38 for more details Click Security Web Authentication Configuration to open the following screen Figure 66 Configuration Configuration State Radius Server Port 11 13 15 1 19 21 23 25 Web Authentication Settings Disable v Method i A User Name UDP Port User Password All Port State Disable x State Disable v Disable v Disable v
148. pecticatiofil 2 9 ci kaiaa eaaa a aaa a WO aaa aa aa 151 Part VI Appendices and Index esses 157 Appendix A Device Auto Discovery sseeessssssssssssssseeseene nennen nennen nenne sten nnne nnns 159 Appendix B IP Addresses and Subnetting ccccccccccsccceccceccceeccececeeceeceeeeceeeeeeeeseeeeeeeess 165 Appendix C Legal Information cccccccccceccceccceccececeecceeccecececccecceecceeccecceeeeeeeeeeereeseeeeeenss 175 Appendix D Open Software Announcements ssssssss eee 179 iio Mere EP 199 GS1510 Series User s Guide Introduction an Hardware Overview Getting to Know Your Switch 19 Hardware Installation and Connection Q3 Hardware Overview 27 Getting to Know Your Switch This chapter introduces the main features and applications of the Switch 1 1 Introduction Your Switch is an intelligent layer 2 switch with 1000BASE T RJ 45 ports and mini GBIC slots GS1510 24 only for fiber optic transceivers e The GS1510 16 has 16 1000BASE T RJ 45 ports e The GS1510 24 has 24 1000BASE T RJ 45 ports and two SFP open slots With its built in Web Configurator managing and configuring the Switch is easy The Switch can operate in low power idle mode in compliance with IEEE 802 3az Energy Efficient Ethernet EEE See Chapter 25 on page 151 for a full list of software features available on the Switch 1 1
149. pen the following screen Figure 68 Configuration Configuration Firmware Reboot System Log Backup Configuration Press Backup to save configuration file to your PC Upgrade Configuration Upgrade configuration file to your system File path Browse Restore Default Factory Configuration Restore the default factory settings to your system IP address will be 192 168 1 1 Backup Settings Backing up your Switch configurations allows you to create various snap shots of your device from which you may restore at a later date Follow the steps below to back up the current Switch configuration Click Backup Figure 69 Backup Settings Backup Configuration Press Backup to save configuration file to your PC Click Save to display the Save As screen Choose a location to save the file on your computer from the Save in drop down list box and type a descriptive name for it in the File name list box Click Save to save the configuration file to your computer GS1510 Series User s Guide Chapter 21 Maintenance 21 3 2 Upgrade Configuration Restore a previously saved configuration from your computer to the Switch Figure 70 Upgrade Configuration Upgrade Configuration Upgrade configuration file to your system File path Browse Upgrade Type the path and file name of the configuration file you wish to restore in the File path text box or click Browse to displ
150. port Packets without 802 1p priority tags will be applied the priority settings according to the GS1510 Series User s Guide Chapter 15 QoS received port of the Switch Click Advanced Settings QoS Port Priority to open the following screen Figure 47 Port Priority TPDITServ OSCP PriorifGueue Mapping Queuing Metroa WENINNNNEN Port Priority Settings All Ports 802 1p priority 0 Port 802 1p priority Port 802 1p priority 1 0 wl 2 0v 3 0 M 4 olmi 5 olm 6 oix ov 8 0 vi 9 0 v 10 0 vl 11 0 v 12 0v 43 0 v 14 ol 15 oia 16 ola 17 0v 18 0 vl 19 0 v 20 0 vl 21 0 v 22 0 23 Ol 24 OM 25 olm 26 0 v The following table describes the labels in this screen Table 22 Port Priority LABEL DESCRIPTION All Ports Use this field to set a priority for all ports 802 1 Bon The value indicates packet priority and is added to the priority tag field of incoming packets The values range from 0 lowest priority to 7 highest priority Port This field displays the number of a port Priority Select a priority for packets received by the port Only packets without a 802 1p priority tagged will be applied the priority you set here Apply Click Apply to save your changes back to the Switch Refresh Click Refresh to begin configuring this screen afresh 15 5 IP DiffServ DSCP Use this screen to configure DSCP based QoS settings You can also use th
151. portion of an IP address Your Switch will compute the subnet mask automatically based on the IP address that you entered You don t need to change the subnet mask computed by the Switch unless you are instructed to do otherwise GS1510 Series User s Guide 173 Appendix B IP Addresses and Subnetting Private IP Addresses 174 Every machine on the Internet must have a unique address If your networks are isolated from the Internet running only between two branch offices for example you can assign any IP addresses to the hosts without problems However the Internet Assigned Numbers Authority IANA has reserved the following three blocks of IP addresses specifically for private networks e 10 0 0 0 10 255 255 255 e 172 16 0 0 172 31 255 255 e 192 168 0 0 192 168 255 255 You can obtain your IP address from the IANA from an ISP or it can be assigned from a private network If you belong to a small organization and your Internet access is through an ISP the ISP can provide you with the Internet addresses for your local networks On the other hand if you are part of a much larger organization you should consult your network administrator for the appropriate IP addresses Regardless of your particular situation do not create an arbitrary IP address always follow the guidelines above For more information on address assignment please refer to RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelines
152. quests authenticationFailure 1 3 6 1 6 3 1 1 5 5 This trap is sent when an SNMP request comes from non authenticated hosts RFC2819 Traps 1 3 6 1 2 1 16 3 1 1 A RMON event has been triggered alarmEntry 22 4 SNMP Settings Use this screen to configure the basic SNMP settings GS1510 Series User s Guide 137 Chapter 22 SNMP Click Management SNMP SNMP Settings to open the screen as shown Figure 78 SNMP Settings Community Name T Trap Receiver I SNMP Settings SNMP State System Name System Location System Contact Disable The following table describes the labels in this screen Table 44 SNMP Settings LABEL DESCRIPTION SNMP State Select Enable to activate SNMP on the Switch Select Disable to not use SNMP on the Switch System Name Type a System Name for the Switch System Location Type a System Location for the Switch System Contact Type a System Contact for the Switch Apply Click this to save any changes to the Switch Refresh Click this to reset the fields to the last saved setting 22 5 Community Name Use the Community Name screen to create SNMP communities and associate rights to them Click Management gt SNMP gt Community Name to view the screen as shown GS1510 Series User s Guide Chapter 22 SNMP SNMP communities act like passwords and are used to define the secu
153. received frame and learns the port from which this source MAC address came 2 The Switch checks to see if the frame s destination MAC address matches a source MAC address already learned in the MAC Table e If the Switch has already learned the port for this MAC address then it forwards the frame to that port GS1510 Series User s Guide 51 Chapter 7 MAC Management e If the Switch has not already learned the port for this MAC address then the frame is flooded to all ports Too much port flooding leads to network congestion e If the Switch has already learned the port for this MAC address but the destination port is the same as the port it came in on then it filters the frame Figure 29 MAC Table Flowchart lt Is destination MAC address in the MAC Table Yes Forward to all ports Is the outgoing port different from the incoming port Filter this Forward to frame outgoing port 7 4 Static MAC Settings A static Media Access Control MAC address is an address that has been manually entered in the MAC address table Static MAC addresses do not age out When you set up static MAC address rules you are setting static MAC addresses for a port This may reduce the need for broadcasting Click Basic Settings gt MAC Management gt Static MAC Settings in the navigation panel to display the configuration screen as shown Figure 30 Static MAC Settings MAC Address VLAN ID Port 1
154. reement shall be interpreted so as to reasonably effect the intention of the parties NOTE Some components of this product incorporate free software programs covered under the open source code licenses which allows you to freely copy modify and redistribute the software For at least three 3 years from the date of distribution of the applicable product or software we will give to anyone who contacts us at the ZyXEL Technical Support support zyxel com tw for a charge of no more than our cost of physically performing source code distribution a complete machine readable copy of the complete corresponding source code for the version of the Programs that we distributed to you if we are in possession of such Notice Information herein is subject to change without notice Companies names and data used in examples herein are fictitious unless otherwise noted No part may be reproduced or transmitted in any form or by any means electronic or mechanical for any purpose except the express written permission of ZyXEL Communications Corporation This Product includes MIPS Linux kernel BusyBox udhcp U boot thttpd and wpa supplicant software under GPL 2 0 license GNU GENERAL PUBLIC LICENSE Version 2 June 1991 Copyright C 1989 1991 Free Software Foundation Inc 59 Temple Place Suite 330 Boston MA 02111 1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowe
155. rity parameters of SNMP clients in an SNMP vi and SNMP v2c environments The default SNMP community is public for both SNMP vi and SNMP v2c Figure 79 Community Name SNMP Settings Community Name Trap Receiver Community Name Settings Community String Rights Network ID of Trusted Host Mask Read Only v opiy Community Name List No Community String Rignts Networ grees ERES Mask Action 1 test Read Only 10 1 1 0 255 255 255 0 2 test Read Only 1 1 0 0 255 255 0 0 The following table describes the labels in this screen Table 45 Community Name LABEL DESCRIPTION Community Name Settings Community Enter a Community string this will act as a password for requests from String the management station An SNMP community string is a text string that acts as a password It is used to authenticate messages that are sent between the management station the SNMP manager and the device the SNMP agent The community string is included in every packet that is transmitted between the SNMP manager and the SNMP agent Rights Select Read Only to allow the SNMP manager using this string to collect information from the Switch Select Read Write to allow the SNMP manager using this string to create or edit MIBs configure settings on the Switch Network ID of Type the IP address of the remote SNMP management station in dotted Trusted Host decimal notation for example 192 168 1 1 Mask Type the subnet m
156. rk have to send DHCP requests again GS1510 Series User s Guide Chapter 18 IP Source Guard 18 3 1 3 Configuring DHCP Snooping Follow these steps to configure DHCP snooping on the Switch 1 Enable DHCP snooping on the Switch 2 Enable DHCP snooping on each VLAN 3 Configure trusted and untrusted ports 4 Configure static bindings 18 3 2 ARP Inspection Overview Use ARP inspection to filter unauthorized ARP packets on the network This can prevent many kinds of man in the middle attacks such as the one in the following example Figure 54 Example Man in the middle Attack In this example computer B tries to establish a connection with computer A Computer X is in the same broadcast domain as computer A and intercepts the ARP request for computer A Then computer X does the following things e It pretends to be computer A and responds to computer B e It pretends to be computer B and sends a message to computer A As a result all the communication between computer A and computer B passes through computer X Computer X can read and alter the information passed between them 18 3 2 1 ARP Inspection and MAC Address Filters When the Switch identifies an unauthorized ARP packet it automatically creates a MAC address filter to block traffic from the source MAC address and source VLAN ID of the unauthorized ARP packet You can configure how long the MAC address filter remains in the Switch GS1510 Series User s Guide
157. rusted ports in the following situations e The sender s information in the ARP packet does not match any of the current bindings e The rate at which ARP packets arrive is too high You can specify the maximum rate at which ARP packets can arrive on untrusted ports Select All Click this to set all ports to trusted GS1510 Series User s Guide Chapter 18 IP Source Guard Table 32 ARP Inspection continued LABEL DESCRIPTION Deselect All Click this to set all ports to untrusted Apply Click this to save any changes to the Switch Refresh Click this to reload the screen and reset any changes that were just made ARP Inspection Status ARP Inspection State This field displays the current status of the ARP Inspection feature Enabled or Disabled Enabled on VLAN This field displays the VLAN IDs that have ARP Inspection enabled on them This will display None if no VLANs have been set Trusted Ports This field displays the ports which are trusted This will display None if no ports are trusted 18 6 1 Filter Table Use this screen to look at the current list of MAC address filters that were created because the Switch identified an unauthorized ARP packet When the Switch identifies an unauthorized ARP packet it automatically creates a MAC address filter to block traffic from the source MAC address and source VLAN ID of the unauthorized ARP packet To op
158. s User s Guide Chapter 9 Port Settings GS1510 Series User s Guide Advanced VLAN 63 EEE 71 IGMP Snooping 73 Link Aggregation 77 Loop Guard 81 QoS 85 Storm Control 93 Spanning Tree Protocol 95 ART III Settings VLAN 10 1 Overview This chapter shows you how to configure IEEE 802 1Q tagged VLANs and port based VLANs 10 2 What You Can Do e Use the Port Isolation screen Section 10 4 on page 64 to specify which ports can communicate with each other e Use the VLAN Settings screen Section 10 5 on page 67 to configure a VLAN and assign member ports e Use the Tag Settings screen Section 10 6 on page 68 to add a VLAN ID tag to all outgoing frames on a member port e Use the Port Settings screen Section 10 7 on page 69 to configure the VLAN port settings 10 3 What You Need to Know 10 3 1 Introduction to IEEE 802 1Q Tagged VLANs A tagged VLAN uses an explicit tag VLAN ID in the MAC header to identify the VLAN membership of a frame across bridges they are not confined to the switch on which they were created The VLANs can be created statically by hand or dynamically through GVRP The VLAN ID associates a frame with a specific VLAN and provides the information that switches need to process the frame across the network A tagged frame is four bytes longer than an untagged frame and contains two bytes of TPID Tag Protocol Identifier residing within the type length
159. se IEEE 802 1p priority tags or Differentiated Services Code Points DSCPs tags to prioritize traffic 15 2 What You Can Do e Use the Port Priority screen Section 15 4 on page 86 to specify IEEE 802 1p priority for each port e Use the IP DiffServ DSCP screen Section 15 5 on page 87 to configure DSCP based QoS settings e Use the Priority Queue Mapping screen Section 15 6 on page 89 to configure IEEE 802 1p priority and queue mappings for the Switch e Use the Queuing Method screen Section 15 7 on page 90 to configure the weight value of each queue 15 3 What You Need to Know 15 3 1 Queuing algorithms Queuing algorithms allow switches to maintain separate queues for packets from each individual source or flow and prevent a source from monopolizing the bandwidth GS1510 Series User s Guide Chapter 15 QoS 15 3 1 1 Weighted Round Robin WRR 15 3 2 Round Robin scheduling services queues on a rotating basis and is activated only when a port has more traffic than it can handle A queue is given an amount of bandwidth irrespective of the incoming traffic on that port This queue then moves to the back of the list The next queue is given an equal amount of bandwidth and then moves to the end of the list and so on depending on the number of queues being used This works in a looping fashion until a queue is empty Weighted Round Robin WRR scheduling uses the same algorithm as round robin scheduling but
160. set Server Ports This field displays the ports which have been set as server ports This will display None if no ports have been set 18 5 Port Settings Use this screen to define the maximum number of hosts allowed to simultaneously connect to each port Each host that successfully acquires an IP address from a GS1510 Series User s Guide Chapter 18 IP Source Guard DHCP server on the port is recorded in the dynamic binding table To open this screen click Security IP Source Guard DHCP Snooping Port Settings Figure 56 Port Settings DHCP Snooping Port Settings Port 1 x Maximum Host Count 32 Range 1 32 Apply Port Maximum Host Count Port Maximum Host Count 1 32 2 32 3 32 4 32 5 32 6 32 7 32 8 32 9 32 10 32 11 32 12 32 13 32 14 32 15 32 16 32 17 32 18 32 19 32 20 32 21 32 22 32 23 32 24 32 25 32 26 32 The following table describes the labels in this screen Table 31 Port Settings LABEL DESCRIPTION Port Settings Port Select a port number 1 16 for GS1510 16 1 26 for GS1510 24 to modify its maximum host count Maximum Host Count Enter the maximum number of hosts 1 32 that are permitted to simultaneously connect to a port Apply Click this to save any changes to the Switch Refresh Click this to reload the screen and reset any changes that were just made Port Status Port This field displays the port number Maximum Host Count
161. specify what information should be logged and where it should be stored It supports internal logging as well as external logging via a syslog server The following lists which are not exhaustive illustrate the standards supported in the Switch Table 52 Standards Supported IEEE STANDARD DESCRIPTION IEEE 802 3 Packet Format IEEE 802 3u 100Base TX Ethernet IEEE 802 3ab Link Layer Discovery Protocol LLDP IEEE 802 3z 1000Base SX LX LHX IEEE 802 3 Packet Format IEEE 802 3x Flow Control IEEE 802 1D MAC Bridges IEEE 802 1w Rapid Spanning Tree protocol GS1510 Series User s Guide Chapter 25 Product Specifications Table 52 Standards Supported continued IEEE STANDARD DESCRIPTION IEEE 802 1p Class of Service Priority protocols IEEE 802 1Q Tagged VLAN IEEE 802 1X Port Authentication IEEE 802 3ad LACP Aggregation Table 53 Standards Supported RFC STANDARD DESCRIPTION RFC 826 Address Resolution Protocol ARP RFC 1112 IGMP v1 RFC 1157 SNMPv1 Simple Network Management Protocol version 1 RFC 1213 SNMP MIB II RFC 1441 SNMPv2 Simple Network Management Protocol version 2 RFC 1493 Bridge MIBs RFC 1643 Ethernet MIBs RFC 1757 RMON RFC 1901 SNMPv2c Simple Network Management Protocol version 2c RFC 2131 RFC 2132 Dynamic Host Configuration Protocol DHCP RFC 2138 RADIUS Remote Authent
162. ss for that network 192 168 1 255 with a 24 bit subnet mask for example GS1510 Series User s Guide 167 Appendix B IP Addresses and Subnetting As these two IP addresses cannot be used for individual hosts calculate the maximum number of possible hosts in a network as follows Table 56 Maximum Host Numbers SUBNET MASK HOST ID SIZE Aes Dei ced 8 bits 255 0 0 0 24 bits 224 2 16777214 16 bits 255 255 0 0 16 bits 216 2 65534 24 bits 255 255 255 0 8 bits 28 2 254 29 bits 255 255 255 248 3 bits 23 2 6 Notation Since the mask is always a continuous number of ones beginning from the left followed by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet This is usually specified by writing a followed by the number of bits in the mask after the address For example 192 1 1 0 25 is equivalent to saying 192 1 1 0 with subnet mask 255 255 255 128 The following table shows some possible subnet masks using both notations Table 57 Alternative Subnet Mask Notation suener mask ACTA VENANT DEINDE 255 255 255 0 24 0000 0000 0 255 255 255 128 25 1000 0000 128 255 255 255 192 26 1100 0000 192 255 255 255 224 27 1110 0000 224 255 255 255 240 28 1111 0000 240 255 255 255 248 29 1111 1000 248 255 255 255 252 30 1111 1100 252 Subnett
163. sword 42 loop guard 81 how it works 82 probe packet 82 loop guard vs STP 81 MAC address learning 52 MAC address table 53 MAC filter and ARP inspection 105 MAC table 51 how it works 51 maintanence configuration backup 130 firmware 132 restoring configuration 131 maintenance 129 current configuration 131 main screen 131 Management Information Base MIB 136 management port 66 managing the device good habits 22 man in the middle attacks 105 MIB and SNMP 136 supported MIBs 137 MIB Management Information Base 136 MIBs 153 GS1510 Series User s Guide Index mini GBIC slots 28 connection speed 29 connector type 29 transceiver installation 29 transceiver removal 29 mirroring ports 55 monitor port 55 mounting brackets 24 MSA MultiSource Agreement 28 multicast 802 1 priority 74 setup 74 N NAT 173 network management 153 network management system NMS 135 P password 42 port authentication 117 IEEE802 1x 120 port isolation 66 port mirroring 55 152 port redundancy 78 port security setup 83 port settings 57 port based VLAN port isolation 66 ports mirroring 55 standby 78 power connector 31 power supply specifications 151 product registration 177 product specification 152 PVID 64 PVID Priority Frame 64 Q QoS 152 QoS Quality of Service 85 Quality of Service see QoS 85 queue weight 86 queuing 85 SP 86 WRR 86 queuing method 85 R Rapid Spann
164. t 100 Mbps or full duplex An auto negotiating port can detect and adjust to the optimum Ethernet speed 100 1000Mpbs and duplex mode full duplex or half duplex of the connected device 7 An auto crossover auto MDI MDI X port automatically works with a straight through or crossover Ethernet cable 3 1 1 1 Default Ethernet Settings The factory default negotiation settings for the Ethernet ports on the Switch are e Speed Auto e Duplex Auto e Flow control Off 3 1 2 Mini GBIC Slots There are two mini GBIC Gigabit Interface Converter slots for mini GBIC transceivers on GS1510 24 A transceiver is a single unit that houses a transmitter and a receiver The Switch does not come with transceivers You must use transceivers that comply with the SFP Transceiver MultiSource Agreement MSA See the SFF committee s INF 8074i specification Rev 1 0 for details GS1510 Series User s Guide Chapter 3 Hardware Overview You can change transceivers while the Switch is operating You can use different transceivers to connect to Ethernet switches with different types of fiber optic connectors e Type SFP connection interface e Connection speed 1 Gigabit per second Gbps Note To avoid possible eye injury do not look into an operating fiber optic module s connectors 3 1 2 1 Transceiver Installation Use the following steps to install a mini GBIC transceiver SFP module 1 Insert the transceiver into the slot with
165. t Enable to use this static trunk group Member Select the ports to be added to the static trunk group Ports Select All Click this to select all ports as members of the static trunk group Deselect All Click this to deselect all ports as members of the trunk gorup Apply Click Apply to save your changes to the Switch Refresh Click Refresh to begin configuring this screen afresh Group ID This field displays the group ID to identify a trunk group that is one logical link containing multiple ports State This field displays if the trunk group is enabled or disabled Member This field displays the assigned ports that comprise the static trunk group Ports 13 5 LACP Click Advanced Settings Link Aggregation LACP to display the following Screen See Section 13 3 1 on page 77 for more information on dynamic link aggregation Figure 42 LACP State System Priority Group LACP LACP Group Status StaticTrunk Disable v 32768 Range 1 65535 Group 1 iv Disable vl LACP State Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Group ID on Oo OQ BR Q No GS1510 Series User s Guide Chapter 13 Link Aggregation The following table describes the labels in this screen Table 20 LACP LABEL DESCRIPTION State Select Enable from the drop down box to enable Link Aggregation Control Protocol LA
166. t only one path exists between any two stations on the network The Switch supports Spanning Tree Protocol STP and Rapid Spanning Tree Protocol RSTP as defined in the following standards e IEEE 802 1D Spanning Tree Protocol e IEEE 802 1w Rapid Spanning Tree Protocol 17 2 What You Can DO e Use the General Settings screen Section 17 4 on page 97 to enable and configure STP e Use the STP Status screen Section 17 5 on page 98 to check the STP current status 17 3 What You Need to Know The Switch uses IEEE 802 1w RSTP Rapid Spanning Tree Protocol that allows faster convergence of the spanning tree than STP while also being backwards compatible with STP only aware bridges In RSTP topology change information is directly propagated throughout the network from the device that generates the topology change In STP a longer delay is required as the device that causes a topology change first notifies the root bridge and then the root bridge notifies the network Both RSTP and STP flush unwanted learned addresses from the filtering database In RSTP the port states are Discarding Learning and Forwarding Note In this user s guide STP refers to both STP and RSTP GS1510 Series User s Guide Chapter 17 Spanning Tree Protocol 17 3 1 17 3 2 STP Terminology The root bridge is the base of the spanning tree Path cost is the cost of transmitting a frame onto a LAN through that port The recommended cost
167. t your local vendor to order a new one e Do not use the device outside and make sure all the connections are indoors There is a remote risk of electric shock from lightning e Do NOT obstruct the device ventilation slots as insufficient airflow may harm your device This product is recyclable Dispose of it properly GS1510 Series User s Guide Safety Warnings GS1510 Series User s Guide Contents Overview Contents Overview Introduction and Hardware Overview LLeeeeeueeeeeeeeeeeeeeeseeeenee nnne nnne nnn nnn 17 Getma LO dit oe c o MR 19 Hardware Installation end Connection iiic retia tnra repe na LESE ERR aa bad bn RE EK E eLE EEE FA EQ Lata a 23 iachi i is EU 27 rti d 33 THE WER COMMGUPAION ae 35 Rg e ibis EIA aura dota Ged sea VE ATE E IA I eU EOM BE baa ah st TAE E ba ta eal T Canaria cece 45 arbe mete DD RE 47 Ee UENO E aa 51 wn t TT S TU T Mepaaatelhiantenmlueniady Bs PORE SONGS e 57 Advanced Songe e 61 VLAN ree 63 cc a 71 Ee e 2 E E T T3 No PGI GOUON P a ar 3 LOO nV essit cos A AI E vea NA TNE PET CURRERE EU aS DEKA pA TOBIR UNE S 81 cc nan n DE 85 ZCOUBIUC ORO o ao ter i Dd P E A id ede 93 cpsnmamg Ios ETODDDOL 2e a ree Ottery Tenor ert a a a 95 esc p hd TU i o o UT
168. tch palette icon Message Size Select the size of the message from the drop down box Picture Enter or browse to the location of a suitable image file GIF PNG JPG BMP and click Upload This will appear as the background GS1510 Series User s Guide 127 Chapter 20 Web Authentication Table 39 Customization continued LABEL DESCRIPTION Color Enter the HTML code for the color of the Background or pick one from the swatch palette icon Apply Click this to save any changes Reset Click this to reset any changes that were made Preview Click this to update the demonstration of the login page GS1510 Series User s Guide Maintenance 21 1 Overview This chapter explains how to configure the maintenance screens that let you maintain the firmware and configuration files 21 2 What You Can Do e Use the Configuration screen Section 21 3 on page 130 to manage the configuration settings e Use the Firmware screen Section 21 4 on page 132 to upgrade the firmware of the Switch e Use the Reboot screen Section 21 5 on page 132 to reboot the Switch without resetting any settings e Use the System Log screen Section 21 6 on page 133 to look at the log entries generated by the Switch GS1510 Series User s Guide Chapter 21 Maintenance 21 3 Configuration 21 3 1 Use this screen to manage configuration files Click Management gt Maintenance Configuration to o
169. that were just made Tag Status VLAN ID This field displays the VLAN ID Tag Ports This field displays the ports that have been assigned as tag ports UnTag Ports This field displays the ports that have been assigned as untag ports GS1510 Series User s Guide Chapter 10 VLAN 10 7 Port Settings Use this screen to configure the VLAN port settings Click Advanced Settings VLAN gt VLAN gt Port Settings to display the following screen Figure 37 Port Settings VLAN setings Tag Settings Port PVID Acceptable Frame All v 1iv All v Port PVID Acceptable Frame Port PVID Acceptable Frame 1 1 Al 2 1 All 3 1 A 4 1 Al n 1 A 6 1 All T 1 A 8 1 Al 9 1 Al 10 1 All 11 1 A 12 1 Al 13 1 A 14 1 All 15 1 A 16 1 Al 7 1 A 18 1 All 19 1 A 20 1 Al 21 1 A 22 1 All 23 1 Al 24 1 Al 25 1 A 26 1 All The following table describes the labels in this screen Table 15 Port Settings LABEL DESCRIPTION Port Select a port number to configure from the drop down box Select All to configure all ports at the same time PVID Select a PVID Port VLAN ID number from the drop down box Acceptable Specify the type of frames allowed on a port Choices are All VLAN Frame Untagged Only or VLAN Tagged Only Select All from the drop down list box to accept all untagged or tagged frames on this port This is the default setting Select VLAN Untagged Only to accept only unt
170. the Software including any documentation files accompanying the Software Documentation for internal business use only for up to the number of users specified in sales order and invoice You have the right to make one backup copy of the Software and Documentation solely for archival back up or disaster recovery purposes You shall not exceed the scope of the license granted GS1510 Series User s Guide 179 Appendix D Open Software Announcements hereunder Any rights not expressly granted by ZyXEL to you are reserved by ZyXEL and all implied licenses are disclaimed 2 Ownership You have no ownership rights in the Software Rather you have a license to use the Software as long as this License Agreement remains in full force and effect Ownership of the Software Documentation and all intellectual property rights therein shall remain at all times with ZyXEL Any other use of the Software by any other entity is strictly forbidden and is a violation of this License Agreement 3 Copyright The Software and Documentation contain material that is protected by international copyright law trade secret law international treaty provisions and the applicable national laws of each respective country All rights not granted to you herein are expressly reserved by ZyXEL You may not remove any proprietary notice of ZyXEL or any of its licensors from any copy of the Software or Documentation 4 Restrictions You may not publish displa
171. the backup server used only when the Primary Radius Server is Server down 19 5 Port Settings Use this screen to activate IEEE 802 1x security on specific ports according to customized settings Click Security 802 1x Port Settings to display the configuration screen as shown Figure 63 Port Settings Global Settings Port Settings Port 1 iv 802 1x State Disable v Admin Control Direction Reauthentication Port Control Mode Guest VLAN Max req Time Beth v Disable v Auto Y None v Rm d n Range 1 10 Reauth period Quiet period Supp timeout Server timeout Reset to Default 3600 60 30 30 p Range 0 65535 Range 0 65535 Range 0 65535 Range 0 65535 Apply Port Status Admin Port Max A Port prod Control Reauthentication Control Net tems bara Pads Direction Mode Time P ues 1 Disabled Both Disabled Auto 0 2 3600 60 30 30 2 Disabled Both Disabled Auto 0 2 3600 60 30 30 3 Disabled Both Disabled Auto 0 2 3600 60 30 30 4 Disabled Both Disabled Auto 0 2 3600 60 30 30 5 Disabled Both Disabled Auto 0 2 3600 60 30 30 6 Disabled Both Disabled ut 0 2 3 60 30 GS1510 Series User s Guide Chapter 19 802 1x The following table describes the labels in this screen Table 37 Port Settings LABEL DESCRIPTION Port Select a port number to configure 802 1x State Select Enable to permit 802 1x authentication on the port You must first enable 802 1x authentication on the
172. the last Sunday of October All of the time zones in the European Union stop using Daylight Saving Time at the same moment 1 A M GMT or UTC So in the European Union you would select Last Sunday October and the last field depends on your time zone In Germany for instance you would select 2 00 because Germany s time zone is one hour ahead of GMT or UTC GMT 1 Apply Click Apply to save your changes back to the Switch Refresh Click Refresh to begin configuring this screen afresh GS1510 Series User s Guide MAC Management T 1 Overview Use these screens to add delete and view entries in the MAC address table The MAC Table a MAC table is also known as a filtering database shows how frames are forwarded or filtered across the Switch s ports When a device which may belong to a VLAN group sends a packet which is forwarded to a port on the Switch the MAC address of the device is shown on the Switch s MAC Table It also shows whether the MAC address is dynamic learned by the Switch or static manually entered 7 2 What You Can Do e Use the Static MAC Settings screen Section 7 4 on page 52 to manually add a static MAC address to the table e Use the MAC Table screen Section 7 5 on page 53 to view the static and dynamic MAC address entries 7 3 What You Need to Know The Switch uses the MAC Table to determine how to forward frames See the following figure 1 The Switch examines a
173. the navigation panel Table 3 Navigation Panel Links LINK DESCRIPTION System Status System Information Use these screens to view general system information such as firmware version IP address and so on Basic Settings General Settings Use these screens to configure the system name IP address maximum frame size and system time settings MAC Management Use these screens to configure static MAC address settings and view the MAC table Port Mirroring Use this screen to copy traffic from one port or ports to another port in order that you can examine the traffic from the first port without interference Port Settings Use this screen to enable disable a port configure the port speed and duplex and flow control and view the current connection status Advanced Settings VLAN Port Isolation Use this screen to isolate each port from communicating with each other Each port can only communicate with the CPU management port VLAN Use these screens to create new IEEE 802 1Q VLANs as well as configuring Port VLAN ID PVID tag untag and acceptable frame settings EEE Use this screen to enable disable Energy Efficient Ethernet on each port IGMP Snooping Use this screen to configure multicast related settings such as IGMP Snooping IGMP Snooping VLAN unknown multicast packet handling and immediate leave ports Link Uses these screens to logically
174. this way 19 4 Global Settings Use this screen to enable 802 1x authentication and configure the method of authentication GS1510 Series User s Guide Chapter 19 802 1x To open the screen as shown click Security 802 1x Global Settings Figure 62 Global Settings Global Settings Global Settings State Authentication Method Primary Radius Server Secondary Radius Server Global Status State Authentication Method Primary Radius Server Secondary Radius Server IP Disable z Local m E UDP Port Shared Key Er UDP Port Shared Key Apply Refresh Disabled Local IP UDP Port Shared Key UDP Port Shared Key The following table describes the labels in this screen Table 36 Global Settings LABEL DESCRIPTION State Select Enable to permit 802 1x authentication on the Switch Note You must first enable 802 1x authentication on the Switch before configuring it on each port Authentication Method Select whether to use Local or RADIUS as the authentication method The Local method of authentication uses the guest and user user groups of the user account database on the Switch itself to authenticate However only a certain number of accounts can exist at one time RADIUS is a security protocol used to authenticate users by means of an external server instead of an internal device user database that is limited to the mem
175. uch program or work and a work based on the Program means either the Program or any derivative work under copyright law that is to say a work containing the Program or a portion of it either verbatim or with modifications and or translated into another language Hereinafter translation is included without limitation in the term modification Each licensee is addressed as you Activities other than copying distribution and modification are not covered by this License they are outside its scope The act of running the Program is not restricted and the output from the Program is covered only if its contents constitute a work based on the Program independent of having been made by running the Program Whether that is true depends on what the Program does 1 You may copy and distribute verbatim copies of the Program s source code as you receive it in any medium provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty keep intact all the notices that refer to this License and to the absence of any warranty and give any other recipients of the Program a copy of this License along with the Program You may charge a fee for the physical act of transferring a copy and you may at your option offer warranty protection in exchange for a fee 2 You may modify your copy or copies of the Program or any portion of it thus forming a work based on the Program and copy and d
176. uration message before attempting to reconfigure GS1510 Series User s Guide Chapter 17 Spanning Tree Protocol Table 29 STP Status continued LABEL DESCRIPTION Hello Time This is the time interval in seconds at which the root switch transmits a configuration message The root bridge determines Hello Time Max Age and Forwarding Delay Forward Delay This is the time in seconds the root switch will wait before changing states Current Bridge Status MAC Address This is the MAC address of the current bridge Priority Priority is used in determining the root switch root port and designated port The switch with the highest priority lowest numeric value becomes the STP root switch If all switches have the same priority the switch with the lowest MAC address will then become the root switch Priority determines the root bridge which in turn determines the Root Hello Time Root Maximum Age and Root Forwarding Delay Max Age This is the maximum time in seconds the Switch can wait without receiving a BPDU before attempting to reconfigure All Switch ports except for designated ports should receive BPDUs at regular intervals Any port that ages out STP information provided in the last BPDU becomes the designated port for the attached LAN If it is a root port a new root port is selected from among the Switch ports attached to the network Hello Time This is th
177. uthentication method this Radius Server will be used for all web authentication attempts IP Enter the IP address of an external RADIUS server in dotted decimal notation UDP Port Enter the UDP port of the RADIUS server The default port of a RADIUS server for authentication is 1812 Shared Key Specify a password up to 32 alphanumeric characters as the key to be shared between the external RADIUS server and the Switch This key is not sent over the network This key must be the same on the external RADIUS server and the Switch User Name Specify a username for the main guest account This will only be used when the Local method of authentication has been selected User Password Specify a password for the main guest account This will only be used when the Local method of authentication has been selected All Port State Use this to Enable or Disable web authentication globally across all ports Port This field displays the port number State Use this to Enable or Disable web authentication on a specific port Status This field displays the current web authentication status of a specific port Apply Click this to save any changes Refresh Click this to reload the screen and reset any changes that were just made 20 5 Customization Use this screen to customize the appearance of the web login page that users will see before accessing the Internet GS1510 Series Us
178. vening State Select Enable if you want to use Daylight Saving Time Otherwise select Disable to turn it off Start Date Configure the day and time when Daylight Saving Time starts if you enabled Daylight Saving Time The time is displayed in the 24 hour format Here are a couple of examples Daylight Saving Time starts in most parts of the United States on the second Sunday of March Each time zone in the United States starts using Daylight Saving Time at 2 A M local time So in the United States you would select Second Sunday March and 2 00 Daylight Saving Time starts in the European Union on the last Sunday of March All of the time zones in the European Union start using Daylight Saving Time at the same moment 1 A M GMT or UTC So in the European Union you would select Last Sunday March and the last field depends on your time zone In Germany for instance you would select 2 00 because Germany s time zone is one hour ahead of GMT or UTC GMT 1 End Date Configure the day and time when Daylight Saving Time ends if you enabled Daylight Saving Time The time field uses the 24 hour format Here are a couple of examples Daylight Saving Time ends in the United States on the last Sunday of October Each time zone in the United States stops using Daylight Saving Time at 2 A M local time So in the United States you would select First Sunday November and 2 00 Daylight Saving Time ends in the European Union on
179. y disclose sell rent lease modify store loan distribute or create derivative works of the Software or any part thereof You may not assign sublicense convey or otherwise transfer pledge as security or otherwise encumber the rights and licenses granted hereunder with respect to the Software ZyXEL is not obligated to provide any maintenance technical or other support for the resultant modified Software You may not copy reverse engineer decompile reverse compile translate adapt or disassemble the Software or any part thereof nor shall you attempt to create the source code from the object code for the Software Except as and only to the extent expressly permitted in this License you may not market co brand and private label or otherwise permit third parties to link to the Software or any part thereof You may not use the Software or any part thereof in the operation of a service bureau or for the benefit of any other person or entity You may not cause assist or permit any third party to do any of the foregoing Portions of the Software utilize or include third party software and other copyright material Acknowledgements licensing terms and disclaimers for such material are contained in the License Notice as below for the third party software and your use of such material is exclusively governed by their respective terms ZyXEL has provided as part of the Software package access to certain third party software as a convenience
180. y Warnings Safety Warnings e Do NOT use this product near water for example in a wet basement or near a swimming pool e Do NOT expose your device to dampness dust or corrosive liquids e Do NOT store things on the device e Do NOT install use or service this device during a thunderstorm There is a remote risk of electric shock from lightning e Connect ONLY suitable accessories to the device e Do NOT open the device or unit Opening or removing covers can expose you to dangerous high voltage points or other risks ONLY qualified service personnel should service or disassemble this device Please contact your vendor for further information e Make sure to connect the cables to the correct ports e Place connecting cables carefully so that no one will step on them or stumble over them e Always disconnect all cables from this device before servicing or disassembling e Use ONLY an appropriate power adaptor or cord for your device e Connect the power adaptor or cord to the right supply voltage for example 110V AC in North America or 230V AC in Europe e Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord e Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution e If the power adaptor or cord is damaged remove it from the power outlet Do NOT attempt to repair the power adaptor or cord Contac
181. ys the port control mode Mode Auto requires authentication on the port Force Authorized forces the port to be authorized Force Unauthorized forces the port to be unauthorized No packets can pass through the port Guest VLAN This field displays the Guest VLAN setting for hosts that have not passed authentication None or 1 Max req Time This field displays the amount of times the Switch will try to connect to the authentication server before determining the server is down Reauth period This field displays how often a client has to re enter his or her username and password to stay connected to the port Quiet period This field displays the period of the time the client has to wait before the next reauthentication attempt Supp timeout This field displays how long the Switch will wait before communicating with the client Server timeout This field displays how long the Switch will wait before communicating with the server 122 GS1510 Series User s Guide 20 1 Web Authentication Overview This feature is used to authenticate users before they can access a website on the Internet The Switch can authenticate users who try to log in based on user accounts configured on the Switch itself see Section 23 2 on page 143 The Switch can also use an external authentication server to authenticate a larger number of users This external method of authentication uses the RADIUS Remote
Download Pdf Manuals
Related Search