Lancom Systems LS61465 network switch
Contents
1. Y Select Unselect All mm oc IN EC ERN IERI RC CN o EUN US L3 Er os oo mias O MACAddress T port Tv gate o m Function Name MAC Table Maintenance W Function Description This function can allow the user to set up the pro cessing mechanism of MAC Table An idle MAC address exceeding MAC Address Age out Time will be removed from the MAC Table The range of Age out Time is 10 1000000 seconds and the setup of this time will have no effect on static MAC addresses In addition the learning limit of MAC maintenance is able to limit the amount of MAC that each port can learn Parameter Description 69 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Aging Time Delete a MAC address idling for a period of time from the MAC Table which will not affect static MAC address Range of MAC Address Aging Time is 10 1000000 seconds The default Aging Time is 300 seconds Learning Limit To set up the maximum amount of MAC that each port can learn Valid value of learning limit for port 1 24 ranges from 0 8191 As to port 25 port 26 only the fixed value 8192 is assigned to these two ports and user cannot configure this value MAC Maintenance Aging time Enable V 300 secs 10 1000000 L1 Flush MAC Table Flush Learning Limit 0 81912. Rx Multicast Packets Show the counting number of the received mul ticast packet Rx Pause Packets Show the counting number of the received pause packet Tx Collisions Number of collisions transmitting frames experienced Tx Single Collision Number of frames transmitted that experienced exactly one collision Tx Multiple Collision Number of frames transmitted that experienced more than one collision Tx Drop Packets Number of frames dropped due to excessive colli sion late collision or frame aging Tx Deferred Transmit Number of frames delayed to transmission due to the medium is busy Tx Late Collision Number of times that a collision is detected later than 512 bit times into the transmission of a frame Tx Excessive Collision Number of frames that are not transmitted because the frame experienced 16 transmission attempts Packets 64 Octets Number of 64 byte frames in good and bad packets received Packets 65 127 Octets Number of 65 127 byte frames in good and bad packets received Packets 128 255 Octets Number of 128 255 byte frames in good and bad packets received Packets 256 511 Octets Number of 256 511 byte frames in good and bad packets received Packets 512 1023 Octets Number of 512 1023 byte frames in good and bad packets received Packets 1024 1522 Octets Number of 1024 1522 byte frames in good and bad packets received Tx Packets The counting number of the p
3. 157 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 158 Argument None Possible value None Example PSES 2126C config file show TFTP Server IP Address 192 168 3 111 Export Path and Filename log 21511 txt Import Path and Filename log 21511 txt dhcp boot m set dhcp boot Syntax Description To set up the delay time for DHCP Boot Argument lt sec gt range syntax 0 1 30 The value 0 is to disable dhcp boot delay Possible value lt sec gt 0 30 Example PSES 2126C dhcp boot set 30 show Syntax Description To display the status of DHCP Boot Argument None Possible value None Example PSES 2126C dhcp boot show DHCP Boot Enable LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Second 30 PSES 2126C dhcp boot diag HW diag EN Description Diag is used to test whether EEPROM UART DRAM and Flash is normal or not Argument None Possible value None Example PSES 2126C diag diag EEPROM Test OK UART Test OK DRAM Test OK Flash Test OK m Loopback Syntax oopback Description For Internal External Loopback Test Argument None Possible value None Example PSES 2126
4. LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management VLAN ID Shows VLAN ID for each multicast group Member Port Shows member ports that join each multicast group Member port may be only or more than one m Function name Allowed Group m Function Description The Allowed Group function allows the IGMP Sno oping to set up the IP multicast table based on user s specific conditions IGMP report packets that meet the items you set up will be joined or for med the multicast group Allowed Group ra t0 Pe RANGE Any Any Custom Custom Any Custom 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 m EDS ET E pNo Range NENNEN T NENNEN m Parameter Description IP Range The switch supports two kinds of options for managed valid IP range including Any and Custom Default is Any In case that Custom had been chosen you can assigned effective IP range The valid range is 224 0 0 0 239 255 255 255 VID The switch supports two kinds of options for managed valid VLAN VID including Any and Custom Default is Any When you choose Custom you can fill in VID number The valid VID range is 1 4094 Port The switch supports two kinds of options for managed valid port range including Any and Custom Default is Any You can select the ports that you would like them to be
5. Example PSES 2126C restore user LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Restoring Restore User Configuration Successfully Press any key to reboot system save start Description To save the current configuration as the start one When you enter this command the CLI would save your current configuration into the non volatile FLASH If you want the configuration still works after rebooting save the configuration using the command save start Argument None Possible value None Example PSES 2126C save start Saving start Save Successfully PSES 2126C save user Syntax save user Description To save the current configuration as the user defined configuration When you enter this command the CLI would save your current configuration into the non volatile FLASH as user defined configuration Argument None Possible value None Example PSES 2126C save user 133 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 134 5 2 2 Saving user Save Successfully PSES 2126C Local Commands of CLI Please note to use one of the local commands you first have to change to the corresponding configuration area e g 802 1x lt Enter gt set mode 1 802 1x W set max request Syntax set max request port
6. Description To display the current VLAN mode Symmetric VLAN SVL and Double tag states Argument None Possible value None Example PSES 2126C VLAN show config Current VLAN mode Tag based VLAN Global setting Symmetric VLAN Disable Asymmetric SVL Disable IVL Double tag Disable show group Syntax show group Description To display VLAN mode and VLAN group Argument None Possible value None Example PSES 2126C VLAN show group Vlan mode is tag based 1 Name default LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management VID sl Member 1 23456789 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 Untag 1 2 3456789 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 2 Name VLAN 2 VID 2 Member 2 3 4 5 6 13 14 15 Untag show pvid Syntax show pvid Description To display pvid priority and drop untag result Argument None Possible value None Example SES 2126C VLAN show pvid U Port PVID Priority Drop Untag COO u CO oO FPF WwW YP Ln om Ul ol o1 E oun o qe ci aaj Oi OO c OO CO 0 EB n o D 237 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 238 oO oco J Ov ul Ae CS NO RP c o H N N N N N N o1 e CO N HE c H H CO CD O O c5 O O
7. Argument None Possible value None Example PSES 2126C log clear m disable auto upload Syntax disable auto upload 174 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Description To disable the auto upload function Argument None Possible value None Example PSES 2126C log disable auto upload enable auto upload Syntax enable auto upload Description To enable the auto upload function Argument None Possible value None Example PSES 2126C log enable auto upload show Syntax show Description To show a list of trap log events When any of log events happens it will be recorded and using show command in log function to query Up to 120 log records are supported Argument None Possible value None Example PSES 2126C log show 175 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Tftp Server 0 0 0 0 Auto Upload Disable 1 Wed Apr 13 12 13 27 2005 Link Up Port 1 2 Wed Apr 13 12 13 26 2005 Link Down Port 1 3 Wed Apr 13 11 58 31 2005 Login admin 4 Wed Apr 13 11 19 45 2005 Login admin 5 Wed Apr 13 11 19 37 2005 Logout admin m upload Syntax Upload Description To upload log data through tftp
8. path cost 0 1 200000000 The value zero means auto status priority priority must be a multiple of 16 available from 0 to 240 edge port Admin Edge Port lt yes no gt admin p2p gt Admin point to point lt auto true false gt Possible value range 1 to 26 path cost 0 1 200000000 priority 0 to 240 edge port yes no LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management admin p2p gt auto true false Example PSES 2126C stp set port 1 16 0 128 yes auto set version Syntax set version lt stp rstp gt Description To set up the version of STP Argument stp rstp gt stp rstp Possible value stp rstp gt stp rstp Example PSES 2126C stp set version rstp show config Syntax show config Description To display the STP configuration data Argument None Possible value None Example PSES 2126C stp show config STP State Configuration Spanning Tree Protocol Enabled Bridge Priority 0 61440 61440 Hello Time 1 10 sec 2 Max Age 6 40 sec 20 Forward Delay 4 30 sec 15 Force Version RSTP 213 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 214 m show port Syntax show port Description To display the port information of STP
9. Gray PoE feed for the port is deactivated in the configuration Yellow PoE feed for the port is activated in the configuration The right hand icon shows the current power feed Gray No PoE powered device is connected to this port Green A PoE powered device is connected to this port and is being fed with power Along with PoE status LANmonitor also shows the PoE class as detected for the powered devices When a Powerded Device PD is connected the Power LANCOM ES 2126 und LANCOM ES 2126P m Chapter 3 Configuring and monitoring the LANCOM switch Source Equipment PSE measures the power requirement of the device Power requirements of the PDs are classified as follows 0 default 0 44 W 12 95 W 1 optional 0 44 W 3 84 W 2 optional 3 84 W 6 49 W EN 3 optional 6 49 W 12 95 W 4 reserved 15 4W 29 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 30 4 Operation of Web based Management This chapter instructs you how to configure and manage the PSES 2126C through the web user interface it supports to access and manage the 24 10 100Mbps TP 2 Gigabit dual media ports with TP SFP Fiber management Ethernet switch With this facility you can easily access and monitor through any one port of the switch all the status of the switch including MIBs status each port activity Spanning tree status port aggregation status multicast traffic VLAN and priority stat
10. Argument None Possible value None Example PSES 2126C stp show port Port Port Status Path Cost Priority Admin Edge Port Admin Point To Point T DISCARDING 2000000 128 Yes Auto 2 DISCARDING 2000000 128 Yes Auto 3 DISCARDING 2000000 128 Yes Auto 4 DISCARDING 2000000 128 Yes Auto 5 DISCARDING 2000000 128 Yes Auto 23 DISCARDING 200000 128 No Auto 24 DISCARDING 200000 128 No Auto LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 25 DISCARDING 20000 128 No Auto 26 DISCARDING 20000 128 No Auto W show status Syntax show status Description To display of the status of STP Argument None Possible value None Example PSES 2126C stp show status STP Status STP State Enabled Bridge ID 00 40 C7 D8 09 1D Bridge Priority 61440 Designated Root 00 40 C7 D8 09 1D Designated Priority 61440 Root Port 0 Root Path Cost 0 Current Max Age sec 20 Current Forward Delay sec 15 Hello Time sec 2 STP Topology Change Count 0 Time Since Last Topology Change sec 848 system W set contact Syntax 215 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 216 set contact contact Description To set the contact description of the switch Argument contact gt string length up to 40 characters Possibl
11. Description To set up the maximum amount of MAC that each port can learn Argument port port range syntax 1 5 7 available form 1 to 24 num MAC address numbers which can be dynamically learned num range between 0 to 8191 0 for learning disabled Possible value 179 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 180 port 1 to 24 num 0 to 8191 Example PSES 2126C mac table maintain set learning 5 100 show Syntax show Description To display the settings of MAC table ageout time and the learning limit of each port Argument None Possible value None Example PSES 2126C mac table maintain show Mac table ageout time 300 seconds Port Dynamically learn limit 1 8191 2 8191 3 8191 4 8191 5 8191 21 8191 22 8191 23 8191 24 8191 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 25 8192 26 8192 static mac add Syntax add mac vid queue rule port Description To add the static mac entry Argument mac mac address format 01 02 03 04 05 06 vid VLAN id from 1 to 4094 queue which queue you want to set from 0 to 3 rule forwarding rule from 0 to 2 O static 1 drop destination address matches 2 drop source address matches port f
12. Example PSES 2126C port set speed duplex 8 100 full show conf Syntax show conf Description To display the each port s configuration about state speed duplex and flow control Argument None Possible value None 191 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Example PSES 2126C port show conf m show detail counter Syntax show detail counter lt gt Description To display the detailed counting number of each port s traffic Argument it port available from 1 to 26 A Possible value lt gt 1 26 Example PSES 2126C port show detail counter 6 m show media Syntax show media lt port gt Description To display the module 25 or 26 information Argument port gt available 25 26 A Possible value lt port gt 25 26 Example PSES 2126C port show media 25 Port 25 Fiber Media Information Connector Type SFP LC Fiber Type Multi mode MM Tx Central Wavelength 850 Baud Rate 1G Vendor OUI 00 40 c7 192 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Vendor Name APAC Opto Vendor PN KM28 C3S TC N Vendor Rev 0000 Vendor SN 5425011140 Date Code 050530 Temperature none Vcc none Moni Bias mA none Mon2 TX PWR none Mon3
13. DHCP Boot IGMP Snooping VLAN MAC Table GVRP STP Trunk 802 1x Alarm Configuration Security Diagnostics Bandwidth Q O O e QoS Q f Diagnostics TFTP Server Log Firmware Upgrade Reboot Logout 4 2 System 4 2 1 System Information m Function name System Information m Function Description Shows the basic system information Parameter Description Model name The model name of this device 33 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 34 4 2 2 System Description As it is this tells what this device is Here it is 24 Port 10 100BaseT TX Managed PoE Switch Location Basically it is the location where this switch is put User defined Contact For easily managing and maintaining device you may write down the contact person and phone here for getting help soon You can configure this parameter through the device s user interface or SNMP Device name The name of the switch User defined Default is PSES 2126C System up time The time accumulated since this switch is powered up Its format is day hour minute second Current time Show the system time of the switch Its format day of week month day hours minutes seconds year For instance Tue Apr 20 23 25 58 2005 BIOS version The version of the BIOS in this switch Firmware version The firmware version in this switch Hardwar
14. ip ip address or domain name port trap port community community name Possible value trap number 1 to 6 port 1 65535 Example PSES 2126C snmp set get community public PSES 2126C snmp set set community private 209 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 210 stp El show Syntax show Description Argument None Possible value None Example PSES 2126C snmp show SNMP Enable Get Community public Set Community private Enable public Trap Host 2 IP Address 0 0 0 0 Port public Trap Host 3 IP Address 0 0 0 0 Port public Trap Host 4 IP Address 0 0 0 0 Port public Trap Host 5 IP Address 0 0 0 0 Port public Trap Host 6 IP Address 0 0 0 0 Port public MCheck Syntax MCheck lt range gt Description The Show here is to display the configuration of SNMP Trah Host 1 IP Address 192 168 1 1 Port 162 162 162 162 162 162 Comm Comn Com Com Com Com PSES 2126C snmp set trap 1 192 168 1 1 162 public uni uni uni uni uni uni ty ty LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management To force the port to transmit RST BPDUs Argument range syntax 1 5 7 available from 1 to 26 Possible value
15. Edit and lt Delete gt function buttons User can add a new VLAN group by inputting a new VLAN name m Parameter Description VLAN Name The name defined by administrator is associated with a VLAN group Valid letters are A Z a z 0 9 and characters The maximal length is 15 characters Member This is used to enable or disable if a port is a member of the new added VLAN Enable means it is a member of the VLAN Just tick the check box beside the port x to enable it Port based Group No VLAN NAME 1 default Add ca Add Group Create a new Port based VLAN Input the VLAN name and choose the member by ticking the check box beside the port No then press the lt Apply gt button to have the setting taken effect 67 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management Port based VLAN DTE 1 3 E 4 5 6 7 8 1 1 0 12 13 14 15 O 16 O 19 O 20 21 22 23 Fl 24 O Delete Group Just press the Delete button to remove the selected group entry from the Port based group table Port based Group No VLAN NAME 1 default 2 VLAN 2 EJ ck oo Edit a group Just select a group entry and press the lt Edit gt button then you can modify a group s description and member set 4 10 MAC Table MAC Table Configuration gathers many
16. Role Master Group ID groupl 240 6 Appendix 6 1 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 6 Appendix Performance data and specifications Performance Switching technology Store and forward with latency less than 5 ps MAC addresses Support of max 8K MAC addresses Throughput max 8 8 Gbps on the backplane Virtual Stacking Manage ment VSM Supports stacking of up to 16 devices several switches can be managed via one ip address VLAN Port based and IEEE 802 1q tag based VLAN with up to 4096 VLAN and up to 256 active VLANs Supports ingress and egress packet filter in port based VLAN LAN protocols Link Aggregation Control Protocol LACP 2 Fast and 1 Gigabit Ethernet groups max 4 member per group supports DA SA and DA SA MAC based trunking with automatic failover Multicasting Supports IGMP snooping inkluding active and passive mode GVRP GARP 802 1q with GVRP GARP Spanning Tree Protokoll 802 1d 1w STP Rapid STP 802 3af Features Ports 24x 802 3af PoE ports Power 185 Watt total power with dynamic load balancing on all ports i e up to 15 4 watt for 12 ports or 7 7 watt f r 24 ports Priorisation Supports port based priority and PoE status setting Status information Monitoring via LED displaying the actual power consumption per port in web interface Interfaces Ethernet ports 24 ports 10 100 Mbps fast ethernet 2 Comb
17. System Information CEI LANCOM ES 2126 System Description 24 Fast Ethernet 2 Gigabit L2 Managed Switch i http 192 168 2 25 iconportdetail html Microsoft Internet Ex e Port 2 Detail Information Link Up Enabled Auto Negotiation Enabled Speed Duplex 100M Full Pause 1 ON Tx Pause Tx Packet Rx Packet Tx Collision The figure shows the basic information of the clicked port With this you ll see the information about the port status traffic status and bandwidth rating for egress and ingress respectively On the left top corner there is a pull down list for Auto Logout For the sake of security we provide auto logout function to protect you from illegal user as you are leaving If you do not choose any selection in Auto Logout list it means you turn on the Auto Logout function and the system will be logged out automatically when no action on the device 3 minutes later If OFF is cho sen the screen will keep as it is Default is ON On the left side the main menu tree for web is listed in the page They are hierarchical menu Open the function folder a sub menu will be shown The functions of each folder are described in its corresponded section respectively When clicking it the function is performed The following list is the full func tion tree for web user interface LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management System Port PoE SNMP
18. Joinin Message Packets Number of GARP BPDU with Join In mes sage is received by the GARP application LeaveEmpty Message Packets Number of GARP BPDU with Leave Empty message is received by the GARP application Empty Message Packets Number of GARP BPDU with Empty message is received by the GARP application 75 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 76 Transmitted Total GVRP Packets Total GARP BPDU is transmitted by the GVRP application Invalid GVRP Packets Number of invalid GARP BPDU is transmit ted by the GVRP application LeaveAll Message Packets Number of GARP BPDU with Leave All message is transmitted by the GARP application JoinEmpty Message Packets Number of GARP BPDU with Join Empty message is transmitted by the GARP application JoinIn Message Packets Number of GARP BPDU with Join In mes sage is transmitted by the GARP application LeaveEmpty Message Packets Number of GARP BPDU with Leave Empty message is transmitted by the GARP application Empty Message Packets Number of GARP BPDU with Empty mes sage is transmitted by the GARP application Function name GVRP Group Information Function Description To show the dynamic group member and their infor mation Parameter Description Current Dynamic Group Number The number of GVRP group that are created currently VID VLAN identifier When GVRP group creates each dynamic VLAN group ow
19. LANCOM ES 2126 LANCOM ES 2126P LANCOM Systems LANCOM ES 2126 LANCOM ES 2126P 2009 LANCOM Systems GmbH Wuerselen Germany All rights reserved While the information in this manual has been compiled with great care it may not be deemed an assurance of product characteristics LANCOM Systems shall be liable only to the degree specified in the terms of sale and delivery The reproduction and distribution of the documentation and software supplied with this product and the use of its contents is subject to written authorization from LANCOM Systems We reserve the right to make any alterations that arise as the result of technical development Windows Windows Vista Windows NT and Microsoft are registered trademarks of Microsoft Corp The LANCOM Systems logo LCOS and the name LANCOM are registered trademarks of LANCOM Systems GmbH All other names or descriptions used may be trademarks or registered trademarks of their owners Subject to change without notice No liability for technical errors or omissions Products from LANCOM Systems include software developed by the OpenSSL Project for use in the OpenSSL Toolkit http Iwww openssl org Products from LANCOM Systems include cryptographic software written by Eric Young eay cryptsoft com Products from LANCOM Systems include software developed by the NetBSD Foundation Inc and its contributors Products from LANCOM Systems contain the LZMA SDK developed by Igor
20. m Parameter Description Mode Used for the activation or de activation of Port Mirror function Default is disable Monitoring Port Set up the port for monitoring Valid port is Port 1 26 and default is Port 1 Monitored Ingress Port Set up the port for being monitored It only monitor the packets received by the port you set up Just tick the check box 2 beside the port x and valid port is Port 1 26 Monitored Egress Port Set up the port for being monitored It only monitor the packets transmitted by the port you set up Just tick the check box 2 beside the port x and valid port is Port 1 26 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management Mirror o oen s Monitoring Port Port 1 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Monitored Ingress Port 17 18 19 20 21 22 23 24 25 26 1 2 3 4 5 6 7 8 d 9 10 11 12 13 14 15 16 Monitored Egress Port 17 18 19 20 21 22 23 24 25 26 W Function name Isolated Group m Function Description Isolated Group function can let the port be indepen dent of other ports in the Isolated group and the communication is also forbidden between these ports But the ports of the Isolated group are still able to communicate with the ports of the non Isolated group With this design it will be helpful to the administrator to immediately find and solve the port that results in the
21. set vip lt port_range gt lt mode gt Description To set vip port for strict priority 199 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 200 Argument port range syntax 1 5 7 available from 1 to 26 lt mode gt enable disable vip port for each port 1 enable 0 disable Possible value port range 1 to 26 mode 1 or 0 Example PSES 2126C qos set vip 1 6 1 show dscp Syntax show dscp Description To show IP DSCP Qos configuration Argument None Possible value None Example PSES 2126C qos show dscp ip diffserv classification Global QoS mode Enable QoS Disable 802 1p Priority Disable ip tos classification Enable ip diffserv classification Scheduling weighted round robin method weight wrr 0 1 wrr 1 1 wrr 2 8 wrr 3 16 weighted range 1 55 P0 63 Priority 0 63 Default mode Queue0 P0 15 Queuel P16 31 Queue2 P32 47 Queue3 P48 63 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management DiffServ Queue DiffServ Queue DiffServ Queue DiffServ Queue 0 0 1 0 2 0 3 0 4 0 5 0 6 0 7 0 8 0 9 0 10 0 11 0 12 0 13 0 14 0 15 0 16 1 17 18 19 HE 20 1 21 1 22 23 1 24 1 25 1 26 27 1 28 1 29 1 30 31 1 32 2 33 2 34 2 35 2 36 37 2 38 2 39 2 40 41 2 42 2 43 2 44 2 45 2
22. 5 2 2 Local Commands of CLI 134 6 Appendix 241 6 1 Performance data and specifications 241 6 2 Connector wiring 243 6 2 1 Ethernet interface 10 100Base TX 243 6 3 CE declarations of conformity 243 LANCOM ES 2126 und LANCOM ES 2126P B Contents LANCOM ES 2126 und LANCOM ES 2126P E Chapter 1 Introduction Introduction The LANCOM switch models LANCOM ES 2126 and LANCOM ES 2126P are managed layer 2 switches with 24 Fast Ethernet ports for twisted pair cable TP and two Gigabit dual media ports with TP SFP which meets the IEEE 802 3 u x z Gigabit Fast Ethernet and Ethernet specifications The switch can be managed through RS 232 serial port via directly connec tion or through Ethernet port using Telnet or WEBconfig Additionally the LANCOM ES 2126 models can be managed via SSH Secure Shell or WEBconfig with SSL encryption With the SNMP agent the network adminis trator can logon the switch to monitor configure and control each port s acti vity in a friendly way The overall network management is enhanced and the network efficiency is also improved to accommodate high bandwidth applications In addition the switch features comprehensive and useful function such as QoS Quality of Service Spanning Tree VLAN Port Trunking Bandwidth Control Port Secu rity SNMP RMON and IGMP Snooping capability via the intelligent software It is suitable for both metro LAN and office application Additionally the LANCOM ES 212
23. Argument lt port gt set up the range of the ports to search for syntax 1 5 7 available form 1 to 26 mac mac address format 01 02 03 04 05 06 can be used vid VLAN id from 1 to 4094 as don t care 0 as untagged Possible value lt port gt 1 to 26 lt vid gt 0 1 4094 Example PSES 2126C mac table information search 1 26 22 22 22 2 MAC Table List Alias MAC Address Port VID State 00 40 c7 88 00 06 1 0 Dynamic PSES 2126C mac table information show Syntax show Description To display all mac table information Argument None Possible value LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management None Example PSES 2126C mac table information show MAC Table List Alias MAC Address Port VID State ABC 00 40 c7 d6 00 01 1 2 Static Forwarding ABC123 00 40 c7 d6 00 02 1 3 Static Filtering lt lt maintain gt gt set aging Syntax set aging lt time gt Description To set up the age out time of dynamic learning mac Argument lt time gt Mac table ageout time between 10 and 1000000 seconds The value 0 means to disable age out time Possible value time 10 1000000 seconds or 0 Example PSES 2126C mac table maintain set aging 300 set learning Syntax set learning port num
24. Priority 5 is mapping to Queue 2 Priority 6 is mapping to Queue 3 and Priority 0 is mapping to Queue 3 TOS Reliability Priority Mapping Priority Queue RI m Function name M Type TOS m Function Description IP TOS Priority affect TOS fields of IP header you can find it has 8 bit SERVICE TYPE field that specifies how the datagram should be handled The field could be divided into six subfields as follows PRECEDENCE 3 bits D Type Delay Priority 1 bit T Type Throughput Priority 1bit R Type Reliability Priority 1bit M Type Monetary Cost Priority 1bit and UNUSED PRECEDENCE 3 bits can arrange 8 kinds of priorities corresponding to the 0 7 priority in the following priority dia gram TOS Monetary Cost Priority Mapping works while M TYPE in TOS field of IP header of the packets received by the switch is configured 116 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 7 INC Precedence p MBZ Precedence Vorrangssteuerung MBZ Must Be Zero W Parameter Description TOS Monetary Cost Priority Mapping Each Priority can select any of Queue 0 Queue 3 In Default Priority 0 is mapping to Queue 0 Pri ority 1 is mapping to Queue 0 Priority 2 is mapping to Queue 1 Pri ority 3 is mapping to Queue 1 Priority 4 is mapping to Queue 2 Priority 5 is mapping to Queue 2 Priority 6 is mapping to Queue 3 and Priority 0 is mapping to Queue 3 DSCP Priori
25. Restricted Mode This function is used to restrict dynamic VLAN be created when this port received GVRP PDU There are two modes disable and enable provided for the user s choice Disabled In this mode the switch dynamic VLAN will be created when this port received GVRP PDU The default setting is Normal Enabled In this mode the switch does not create dynamic VLAN when this port received GVRP PDU Except received dynamic VLAN message of the GVRP PDU is an existed static VLAN in the Switch this port will be added into the static VLAN members dynamically m Function name GVRP Counter LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management m Function Description All GVRP counters are mainly divided into Received and Transmitted two categories to let you monitor the GVRP actions Actually they are GARP packets GVRP Counter Por Total GVRP Packets 0 Invalid GVRP Packets LeaveAll message JoinEmpty message Joinin message LeaveEmpty message Empty message oooococc ooocc Parameter Description Received Total GVRP Packets Total GVRP BPDU is received by the GVRP application Invalid GVRP Packets Number of invalid GARP BPDU is received by the GARP application LeaveAll Message Packets Number of GARP BPDU with Leave All message is received by the GARP application JoinEmpty Message Packets Number of GARP BPDU with Join Empty message is received by the GARP application
26. and Port 25 26 ranges from 66 1024000 with the minimum unit of 1 Default value of Port 1 24 is 102400 and Port 25 26 is 1024000 B Function name Egress Bandwidth Setting 107 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 108 m Function Description Egress Bandwidth Setting function is used to set up the limit of Egress bandwidth for each port Egress Bandwidth Control Port 1 24 66 102400 Kb Port 25 26 66 1024000 Kb 102400 102400 102400 102400 102400 102400 102400 102400 102400 102400 102400 102400 1024000 102400 102400 102400 102400 102400 102400 102400 102400 102400 102400 1024000 m Parameter Description Port No Choose the port that you would like this function to work on it Valid range of the port is 1 26 Rate Set up the limit of Egress bandwidth for the port you choose Packet transmission will be delayed if the rate exceeds the value you set up in Data Rate field Traffic may be lost if egress buffers run full The format of the packet limits to unicast broadcast and multicast Valid value of Port 1 24 ranges from 66 102400 and Port 25 26 ranges from 66 1024000 with the minimum unit of 1 Default value of Port 1 24 is 102400 and Port 25 26 is 1024000 m Function name Storm Setting m Function Description Wit
27. information Do you want to restore the default IP address y n If you choose Y or y the IP address will restore to default 192 168 1 1 If you 131 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 132 choose N or n the IP address will keep the same one that you had saved before If restoring default successfully the CLI would prompt if reboot immediately or not If you press Y or y the system would reboot immediately otherwise it would be back to the CLI system After restoring default configuration all the changes in the startup configuration would be lost After rebooting the entire startup configuration would reset to factory default Argument None Possible value None Example PSES 2126C restore default Restoring Restore Default Configuration Successfully Press any key to reboot system restore user Syntax restore user Description To restore the startup configuration as user defined configuration If restoring default successfully the CLI would prompt if reboot immediately or not If you press Y or y the system would reboot immediately others would back to the CLI system After restoring user defined configuration all the changes in the startup configuration would be lost After rebooting the entire startup configuration would replace as user defined one Argument None Possible value None
28. und LANCOM ES 2126P B Chapter 5 Operation of CLI Management PSES 2126C management add set This command will show exhaustive operating explanation for setting the management policy records Argument lt name gt lt value gt ACL entry name lt vid gt lt value gt VLAN ID lt ip gt lt value gt IP range lt port gt lt value gt Incoming port lt type gt lt value gt Access type lt action gt lt value gt a ccept or d eny Possible value lt name gt lt value gt No default and it must be set lt vid gt lt value gt The range is 1 4095 and can be set to any lt ip gt lt value gt For example 192 168 1 90 192 168 1 90 or any port lt value gt For example 1 or 1 8 or 1 3 5 or any type lt value gt For example h ttp s nmp t elnet or any action value No default and it must be set Example PSES 2126C management add set name Mary vid 20 ip 192 168 1 1 192 168 1 90 port 2 5 8 type h s action a PSES 2126C management add show 1 Name Mary VlanID 20 IP 192 168 1 1 192 168 1 90 Type Http SNMP Action Accept Port 2 3 4 5 8 delete Syntax delete Description To delete a specific record or range Argument 183 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 184 a specific or range management security entry s Possible value No
29. 0 is mapping to Queue 0 Pri ority 1 is mapping to Queue 0 Priority 2 is mapping to Queue 1 Pri ority 3 is mapping to Queue 1 Priority 4 is mapping to Queue 2 Priority 5 is mapping to Queue 2 Priority 6 is mapping to Queue 3 and Priority 0 is mapping to Queue 3 TOS Throughput Priority Mapping Priority m Function name R Type TOS m Function Description IP TOS Priority affect TOS fields of IP header you can find it has 8 bit SERVICE TYPE field that specifies how the datagram should be handled The field could be divided into six subfields as follows PRECEDENCE 3 bits D Type Delay Priority 1 bit T Type Throughput Priority 1bit R Type Reliability Priority 1bit M Type Monetary Cost Priority 1bit and UNUSED PRECEDENCE 3 bits can arrange 8 kinds of priorities corresponding to the 0 7 priority in the following priority dia gram TOS Reliability Priority Mapping works while R TYPE in TOS field of IP header of the packets received by the switch is configured 115 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Precedence Vorrangssteuerung MBZ Must Be Zero Parameter Description TOS Reliability Priority Mapping Each Priority can select any of Queue 0 Queue 3 In Default Priority 0 is mapping to Queue 0 Priority 1 is mapping to Queue 0 Priority 2 is mapping to Queue 1 Priority 3 is mapping to Queue 1 Priority 4 is mapping to Queue 2
30. 2126 System Description 24 Fast Ethernet 2 Gigabit L2 Managed Switch CNN Eau i NENNEN 2 Days 13 Hours 47 Mins 53 Secs Current Time Mon Jul 13 17 53 25 2009 B10 Version QW CE NEM v5 08 HardwareMechancsVerson 1 01 v1 01 Serial Number 142302000153 Host IP Address 10 1 140 208 Host MAC Address 00 A0 57 15 02 86 Decet ART 1 TP 24Fiber 2 Ramse O Flash Size 4M The Information of Page Layout On the top side it shows the front panel of the switch In the front panel the linked ports will display green as to the ports which are link off they will be dark For the optional modules the slot will show only a cover plate if no module exists and will show a module if a module is present The image of module depends on the one you inserted The same if disconnected the port will show just dark if linked green In this device there are clicking functions on the panel provided for the infor mation of the ports These are very convenient functions for browsing the 31 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Port Loop Detection SNMP DHCP Boot IGMP Snooping VLAN MAC Table GVRP STP Trunk 802 1X TACACS Alarm Configuration Security Bandwidth Qos Diagnostics TFTP Server Log Firmware Upgrade Reboot Logout 32 information of a single port When clicking the port on the front panel an information window for the port will be pop out
31. 3 1 LEDs and buttons on the LANCOM ES 2126 E Located on the front of the device are light emitting diodes LEDs that pro vide information on device status and also two buttons CPURUNG FDx ih MEE NEXU y RESET LED SET Q Reset Button to re start the system CPU RUN Blinks green if the CPU is running without problem LANCOM ES 2126 und LANCOM ES 2126P B Chapter 2 Installation pwr ac Q rx Q spp LEDsET unk Port 1 to 24 ACIUFDXISPD Port 1 to 24 f Link Port 25 and 26 rs Port 25 and 26 D Ac Port 25 and 26 2 3 2 Power LED Constant green when power is supplied to the device Constant green when the LED mode is set to Active Constant green when the LED mode is set to Full Duplex Constant green when the LED mode is set to Speed non Button to switch the LEDmode between Active Full Duplex and Speed Constant green when the network connection is established to the connected device Off if no network connection can be established to the connected device This LED displays the following information depending on the selected LED status LED mode Active Blinks yellow during data transfer m LED mode Full Duplex Constant green when full duplex mode is active for this port blinks yellow in case of collisions m LED mode Speed Const
32. 4 13 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management ration is to make the port quickly get back to act as an RSTP port Click M Check button to send a RSTP BPDU from the port you specified STP Port Configuration PortNo Port Status Path Cost Status ConfiguredPathCost Priority Admin Port Type Admin Point To Point 0 1 DISCARDING 200000 128 Normal Auto 2 DISCARDING 200000 0 128 Normal Auto 3 DISCARDING 200000 0 128 Normal Auto 4 DISCARDING 200000 0 128 Normal Auto 5 DISCARDING 200000 0 128 Normal Auto 6 DISCARDING 200000 0 128 Normal Auto 7 DISCARDING 200000 0 128 Normal Auto 8 DISCARDING 200000 0 128 Normal Auto 9 DISCARDING 200000 0 128 Normal Auto 10 DISCARDING 200000 0 128 Normal Auto 11 DISCARDING 200000 0 128 Normal Auto 12 DISCARDING 200000 0 128 Normal Auto 13 DISCARDING 200000 0 128 Normal Auto 14 DISCARDING 200000 0 128 Normal Auto 15 DISCARDING 200000 0 128 Normal Auto 16 DISCARDING 200000 0 128 Normal Auto 17 DISCARDING 200000 0 128 Normal Auto 18 DISCARDING 200000 0 128 Normal Auto 19 DISCARDING 200000 0 128 Normal Auto 20 DISCARDING 200000 0 128 Normal Auto 21 DISCARDING 200000 0 128 Normal Auto 22 DISCARDING 200000 0 128 Normal Auto 23 DISCARDING 200000 0 128 Normal Auto 24 DISCARDING 200000 0 128 Normal Auto 25 DISCARDING 20000 0 128 Normal Auto 26 DISCARDING 20000 0 128 Normal Auto E3 Trunking Configuration The Port Trunking Configuration is used to configur
33. 46 2 47 2 48 3 49 3 50 3 51 3 52 3 53 3 54 3 55 3 201 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 57 3 58 61 3 62 56 3 59 3 60 3 63 3 W show port Syntax show port Description To show VIP port configuration Argument None Possible value None Example PSES 2126C qos Global QoS mode Port No Mode 1 Enable 3 Enable 5 Enable 23 Disable 25 Disable 202 show port Port Based Priority Enable QoS Enable 802 1p Priority Disable ip tos classification Disable ip diffserv classification Port No Mode 2 Enable 4 Enable 6 Enable 24 Disable 26 Disable LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management show priority tag Syntax how priority tag ta Description To show 802 1p Qos configuration Argument None Possible value None Example PSES 2126C qos show priority tag 802 1p priority Global QoS mode Enable QoS Enable 802 1p Priority Disable ip tos classification Disable ip diffserv classification Scheduling weighted round robin method weight wrr 0 1 wrr 1 1 wrr 2 8 wrr 3 16 weighted range 1 55 P0 7 Priority 0 7 Default mode Queue0 P0 P1 Queuel P2 P3 Queue2 P4 P5 Queue3 P6 P7 203 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 204 HW show
34. 5 v 6 v 7 W 8 v 9 v 10 v 11 v 12 v 13 v 14 v 15 v 16 v 17 v 18 v 19 V 20 v 21 v 22 v 23 v 24 v 25 v 26 v Apply Delete Group Just press the lt Delete gt button to remove the selected group entry from the Tag based group table Tag based Group No VLANNAME FCW 1 default 1 2 VLAN 1 100 E Ean Edit a group ust select a group entry and press the lt Edit gt button then you can modify a group s description member and untag set tings 65 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 66 4 9 3 PVID m Function name PVID m Function Description In PVID Setting user can input VID number to each port The range of VID number is from 1 to 4094 User also can choose ingress filtering rule Rule 2 to each port The Ingress Filtering Rule 2 is drop untagged frame While Rule 2 is enabled the port will discard all Untagged frames PVID PortNo PVID Default Priority Drop Untag T Disable v Disable v ollollollolleollollollollollo x x v Disable v Disable v A Disable v Disable v Disable Disable v lt Disable v v Disable v elei ae eee ee Se lll l ll l l Disable v Parameter Description Port 1 26 Port number PVI
35. ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management To set default registrar mode for each port Argument range port range syntax 1 5 7 available from 1 to 26 normal set registrar as normal mode fixed set registrar as fixed mode forbidden set registrar as forbidden mode Possible value range 1 to 26 normal fixed forbidden normal or fixed or forbidden Example PSES 2126C gvrp set registrar 1 5 fixed set restricted Syntax set restricted range lt enable disable gt Description To set the restricted mode for each port Argument range port range syntax 1 5 7 available from 1 to 26 enable set restricted as enabled disable set restricted as disabled Possible value range 1 to 26 lt enable disable gt enable or disable Example PSES 2126C gvrp set restricted 1 10 enable PSES 2126C gvrp show config GVRP state Enable Port Join Time Leave Time LeaveAll Time Applicant Registrar Restricted 165 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 166 Enabl Enabl Enabl Enabl Enabl Enabl Enabl Enabl Enabl 10 Enabl 22 23 24 25 26 Disabl Disabl Disabl Disabl Disabl 20 20 20 20 20 20 20 20 20 20 20 20 20
36. Example PSES 2126C VLAN disable double tag m disable drop untag Syntax disable drop untag port range Description To disable drop untag Argument port range which port s you want not to drop untagged frames Syntax 1 5 7 available from 1 to 26 Possible value port range 1 to 26 Example PSES 2126C VLAN disable drop untag 2 4 5 7 m disable svl Syntax 231 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management disable svl Description To enable Independent VLAN Learning Argument None Possible value None Example PSES 2126C VLAN disable svl W disable symmetric Syntax disable symmetric Description To Not drop frames from the non member port Argument None Possible value None Example PSES 2126C VLAN disable symmetric m enable double tag Syntax enable double tag Description To enable double tag Argument None Possible value None Example PSES 2126C VLAN enable double tag 232 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Em enable drop untag Syntax enable drop untag port range Description To enable drop untag Argument port range which port s you want to drop untagged frames S
37. Here you can save the current configuration to the flash memory as a user configuration Restore default configuration includes default IP address Here you can reset the switch to its factory settings The default configu ration replaces the start configuration The device is reset to Auto DHCP and it retrieves its IP address from a DHCP server in the network If no DHCP server is available the device takes the IP address 172 23 56 252 LANCOM ES 2126 or 172 23 56 251 LANCOM ES 2126P Restore default configuration excludes current IP address Here you can reset the switch to its factory settings The default configu ration replaces the start configuration However the switch s current IP address as set up by the user is not changed and will NOT be restored to the default value Restore user configuration Restore User Configuration function retrieves the previous confirmed wor king configuration from the flash memory to update the start configura tion After restoring the configuration the system s start configuration is updated and activated after rebooting Config file Configure Export Import File Path TFTP Server IP 0 0 0 0 Export File Path Export Start Export User Conf Import File Path Import Start Import User Conf m Config file With this function you can backup or reload the start and user configura tion via TFTP E Parameter LANCOM ES 2126 und LANCOM ES 2126P E Chapter 3 Configurin
38. Hours 58 Mins 33 Secs ECINEENNRT KENNEN T CNET NN E 177773 Rx Error Packet 0 0 0 0 14445467 68982023 37148 604940 0 0 0 occoccoccococccc occococccococccc eccococccoccococcccoc occcococccoccoocccc ooccococcococccoccocc ocooocccooococccoococ m Function name Simple Counter m Function Description Display the summary counting of each port s traffic including Tx Byte Rx Byte Tx Packet Rx Packet Tx Collision and Rx Error Packet W Parameters Description Tx Byte Total transmitted bytes Rx Byte Total received bytes Tx Packet The counting number of the packet transmitted Rx Packet The counting number of the packet received Tx Collision Number of collisions transmitting frames experienced Rx Error Packet Number of bad packets received 50 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 4 3 4 Detail Counter The function of Detail Counter collects any information and provides the counting about the traffic of the port no matter the packet is good or bad In the following figure the window can show only one port counter informa tion at the same time To see another port s counter you have to pull down the list of Select then you will see the figures displayed about the port you had chosen Each data field has 20 digit long If the counting is overflow the counter will be reset and restart counting The data is updated every
39. IEC power cable 5 Ready for operation After a brief self test the power LED lights up continuously Green LAN LINK LEDs show which LAN connectors are being used for a connection Software installation The following section describes the installation of the Windows compatible system software LANtools as supplied You may skip this section if you use your LANCOM switch exclusively with computers running operating systems other than Windows Starting the software setup Place the product CD into your drive The setup program will start automati cally If the setup does not start automatically run AUTORUN EXE in the root directory of the LANCOM CD LANCOM ES 2126 und LANCOM ES 2126P B Chapter 2 Installation In Setup select Install software The following selection menus will appear on screen r Setup Wizard xj Software Components Specify which software components you want to be installed during setup Place a checkmark beside each software component you want to install or remove the checkmark to exclude it from installation ff LANconfig LANmonitor 9 Documentation Enables you to configure your LANCOM device in ease from your computer 2 5 2 Which software should install m LANconfig is the Windows configuration program for all LANCOM devices LANconfig searches for all LANCOM devices in your network You can use this to start the Web based configu
40. O O c5 c5 c5 OG c c5 c O bo o vs HW disable Description To disable the virtual stack Argument None Possible value None Example PSES 2126C vs disable Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl Disabl LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management m enable Syntax enable Description To enable the virtual stack Argument None Possible value None Example PSES 2126C vs enable m set gid Description To set the group id Argument gid gt group ID A Possible value gid gt a z A Z 0 9 Example PSES 2126C vs set gid group1 W set role Syntax set role lt master slave gt Description To set role Argument master slave gt master act as master slave act as slave Possible value master slave gt master or slave Example 239 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management PSES 2126C vs set role master E show Syntax show Description To display the configuration of the virtual stack Argument None Possible value None Example PSES 2126C vs show Virtual Stack Config State Enable
41. RX PWR none show simple counter Syntax show simple counter Description To display the summary counting of each port s traffic Argument None Possible value None Example PSES 2126C port show simple counter show status Syntax show status Description To display the port s current status Argument None Possible value None 193 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 194 Example PSES 2126C port show Port Media Link State status Auto Nego Speed Duplex Rx Pause Tx Pause 1 mp 2 mp 3 mp 4 mp 5 TP 6 TP 7 TP 24 TP 25 TP 26 TP qos disable 1p Syntax disable 1p Down Down Down Down Up Enable Down Down Down Down Down Enable Enable Enable Enable Enable Enable Enable Enable Enable 100M Full Enable Enable Enable Enable Enable Enable Enable Enable Enable Enable nee m ON ON Jossa am aoe z LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Description To disable 802 1p qos Argument None Possible value None Example PSES 2126C qos disable 1p
42. a trunking group Ports with same Group ID and using same trunking method will have the opportunity to aggregate to a particular aggregator port This aggregator port is usually the port with the smallest Port No within the trunking group Status This field represents the trunking status of a port which uses a trunking method other than None It also represents the manage ment link status of a port which uses the None trunking method means not ready 85 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Trunk Port Setting Status setting Rule Port Method Group ActiveLacP Aggtr Status Ee None ov Active y 1 Ea None ov Active v 2 Ready Ea None ov Active Y 3 ES None ov Active v 4 EB None ov Active v 5 Ea None ov Active v 6 None ov Active v 7 ga None ov Active v 8 EA None ov Active v 9 EN None ov Active v 10 ES None 0v Active Y 11 H Function name Aggregator View m Function Description To display the current port trunking information from the aggregator point of view Parameter Description Aggregator It shows the aggregator ID from 1 to 26 of every port In fact every port is also an aggregator and its own aggregator ID is the same as its own Port No Method Show the method a port uses to aggregate with other ports Mem
43. can be grouped for VSM however only one Master is allowed to exist in each group For Master redundancy user may 43 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management 44 4 2 7 configure more than two devices as Master device however the Master device with the smaller MAC value will be the Master one All of these 16 devices can become Master device and back up with each other Virtual Stack Configuration Note You should logout every time you have changed the state of Virtual Stack m Parameter Description State It is used for the activation or de activation of VSM Default is Enable Role The role that the switch would like to play in virtual stack Two types of roles including master and slave are offered for option Default is Master Group ID It is the group identifier GID which signs for VSM Valid non letters are A Z a z 0 9 and characters The maximal length is 15 characters System Log The System Log provides information about system logs including information when the device was booted how the ports are operating when users logged in when sessions timed out as well as other system information HW System Log The Trap Log Data is displaying the log items including all SNMP Private Trap events SNMP Public traps and user logs occurred in the system In the report table No Time and Events are three fields contain
44. in authorized state or unauthorized state depends on the result of the authentication exchange bet ween the authentication server and the supplicant Default Auto reAuthMax 1 10 The number of authentication attempt that is per mitted before the port becomes unauthorized Default 2 txPeriod 1 65535 s A time period to transmitted EAPOL PDU bet ween the authenticator and the supplicant Default 30 Quiet Period 0 65535 s A period of time during which we will not attempt to access the supplicant Deafult 60 seconds reAuthEnabled Choose whether regular authentication will take place in this port Default ON reAuthPeriod 1 65535 s A non zero number seconds between the periodic re authentication of the supplicant Default 3600 max Request 1 10 The maximum of number times that the authen ticator will retransmit an EAP Request to the supplicant before it times out the authentication session The valid range 1 10 Default 2 times m Chapter 4 Operation of Web based Management LANCOM ES 2126 und LANCOM ES 2126P suppTimeout 1 65535 s A timeout condition in the exchange bet ween the authenticator and the supplicant The valid range 1 65535 Default 30 seconds serverTimeout 1 65535 s A timeout condition in the exchange bet ween the authenticator and the authentication server The valid range 1 765535 Default 30 seconds Port Parameter Setting Port Control r
45. is 4 and the weight of Queue 3 is 8 QoS Global Config 802 1P TOS pDscp_ oo E F o Scheduling Method WRR v Queue 0 Queue 1 Queue2_ Queue 3 8 a 2 4 m Function name VIP Port Setting m Function Description When the port is set as VIP Port the packets enter this port and will have highest transmitting priority For example as you choose port 2 is VIP Port simultaneously transmit packets from port 2 and port 3 to port 1 at speed of 100MB and let congestion happen The packets for port 3 will be dropped because the packets from port 2 owns highest precedence For the sake of this function taking effect you must choose Scheduling Method of Strict Priority ahead m Parameter Description VIP Port Just tick the check box 2 to select any port port 1 26 as the VIP Port Then click the lt Apply gt button to have the setting taken effect VIP Port 1 l 2 1 3 IF 4 0 5 0 6 7 8 9 10 1 0 12 13 O 14 15 16 O 17 18 19 O 20 O 21 Fj 22 23 24 25 O 26 O 112 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management m Function name 802 1p Setting m Function Description This function will affect the priority of VLAN tag Based on priority of VLAN tag it can arrange 0 8 priorities priorities can map to 4 queues of the switch queue 0 3 and possess different
46. it is enabled traffic can be transmitted and received via this port When it is disabled no traffic can be transferred through this port Port State is configured by user Default Enabled Auto Nego Show the exchange mode of Ethernet MAC There are two modes supported in the switch They are auto negotiation mode Enabled and forced mode Disabled When in Enabled mode this function will automatically negotiate by hardware itself and exchange each other the capability of speed and duplex mode with other site which is linked and comes out the best communication way When in Disabled mode both parties must have the same set ting of speed and duplex otherwise both of them will not be linked In this case the link result is Down Default Enabled Speed Duplex Display the speed and duplex of all port There are three speeds 10Mbps 100Mbps and 1000Mbps supported for TP media and the duplex supported is half duplex and full duplex If the media is 1Gbps fiber it is 1000Mbps supported only The status of speed duplex mode is determined by 1 the negotiation of both local port and link partner in Auto Speed mode or 2 user setting in Force mode The local port has to be preset its capability In port 1 24 they are supported Fast Ethernet with TP media only so the result will show 100M Full or 100M Half 10M Full and 10M Half duplex In port 25 and port 26 if the media is 1000Mbps with TP media it will show th
47. let you add or modify an association between MAC address and a plain English name User can click lt Create Edit gt button to add a new record with name As to MAC Alias Delete function is used to let you remove an alias name to a MAC address You can select an existed MAC address or alias name to remove MAC Alias p ME Address ics OOOO U ha a SE EN m MAC Address C aias m Parameter Description MAC Address It is a six byte long Ethernet hardware address and usu ally expressed by hex and separated by hyphens For example 00 40 C7 D6 00 02 Alias MAC alias name you assign Note If there are too many MAC addresses learned in the table we recommend you inputting the MAC address and alias name directly GVRP Configuration GVRP is an application based on Generic Attribute Registration Protocol GARP mainly used to automatically and dynamically maintain the group membership information of the VLANs The GVRP offers the function provi ding the VLAN registration service through a GARP application It makes use of GARP Information Declaration GID to maintain the ports associated with their attribute database and GARP Information Propagation GIP to commu nicate among switches and end stations With GID information and GIP GVRP state machine maintain the contents of Dynamic VLAN Registration Entries for each VLAN and propagate these information to other GVRP aware devices to setup and upda
48. of Restricted Group function Default is disable Ingress Select the ports that you would like their Restricted Group to set into Ingress mode Just tick the check box beside the port x and valid port is Port 1 26 Egress Select the ports that you would like their Restricted Group to set into Egress mode Just tick the check box beside the port x and valid port is Port 1 26 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management m Function Description Ingress Bandwidth Setting function is used to set up the limit of Ingress bandwidth for each port Ingress Bandwidth Control Port 1 24 66 102400 Kb Port 25 26 66 1024000 kb Rate Kb 102400 102400 102400 102400 102400 102400 102400 102400 102400 102400 102400 102400 102400 102400 1024000 1024000 Parameter Description Port No Choose the port that you would like this function to work on it Valid range of the port is 1 26 Rate Set up the limit of Ingress bandwidth for the port you choose Incoming traffic will be discarded if the rate exceeds the value you set up in Data Rate field Pause frames are also generated if flow control is enabled The format of the packet limits to unicast broadcast and multicast Valid value of Port 1 24 ranges from 66 102400
49. password and the auto DHCP setting With the function restore default configuration without changing current IP address you can reset the switch to the factory default set tings but without changing the IP address You can access the switch at its last IP address With the serial configuration interface you can reset the switch to the factory default setting without knowing the current administrator s password To do this you have to set up a serial connection to the device as described in gt Start Command Line Interface via serial connection In the terminal program before you enter the username press CTRL Z enter RESET as the username and the MAC address without blank characters as the password This action starts the reset process and all settings will be reset to the factory default state including the administrator s password and the auto DHCP setting Save Restore Configuration Save Start Save as Start Configuration Save as User Configuration Restore Default Restore Default Configuration including default ip address Restore Default Restore Default Configuration without changing current ip address Restore User Configuration Save as start configuration Here you can save your current configuration to the flash memory as a start configuration Save as user configuration 25 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 3 Configuring and monitoring the LANCOM switch 3 2 2 26
50. range times Description The maximum number of times that the state machine will retransmit an EAP Request packet to the Supplicant before it times out the authentication session Argument port range syntax 1 5 7 available from 1 to 26 times max times range 1 10 Possible value port range 1 to 26 times 1 10 default is 2 Example PSES 2126C 802 1x set max request 2 2 m set mode Syntax set mode lt port range gt lt mode gt Description To set up the 802 1X authentication mode of each port Argument port range syntax 1 5 7 available from 1 to 26 mode set up 802 1x mode 0 disable the 802 1x function LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 1 set 802 1x to Multi host mode Possible value port range 1 to 26 mode 0 or 1 Example PSES 2126C 802 1x set mode 2 1 set port control Syntax set port control port range authorized Description To set up 802 1X status of each port Argument port range syntax 1 5 7 available from 1 to 26 authorized set up the status of each port 0 ForceUnauthorized 1 ForceAuthorized 2 Auto Possible value port range 1 to 26 authorized 0 1 or 2 Example PSES 2126C 802 1x set port co
51. set pri tag q0 0 q1 2 q3 4 set sche Syntax set sche lt wrr strict gt wrr 0 lt wrr_1 gt wrr 2 wrr 3 Description To set qos schedule and weight for 4 queues Argument lt wrr gt Scheduling weighted round robin method strict scheduling strict method lt wrr_0 to 3 weighted for every queue Weighted range 1 55 Possible value LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management wrr strict wrr or strict wir 0 to 3 gt 1 55 Example PSES 2126C qos set sche wrr 1 2 8 16 set tos Syntax set tos type value q0 prioritys q1 priority EN lt q2 gt lt priority gt lt q3 gt lt priority gt Description To set IP tos qos weighting for 4 queues Argument lt type_value gt Delay Priority 0 Throughput Priority 1 Reliability Priority 2 Monetary Cost Priority 3 lt q gt queue level q0 queue 0 q1 queue 1 q2 queue 2 q3 queue 3 priority priority level One queue has been assigned 2 different priorities You don t need to use all of queues but must assign queues in order from low queue to high queue Syntax 1 2 or 2 5 7 available from 0 to 7 Possible value type value 0 3 priority 0 to 7 Example PSES 2126C qos set tos 0 q0 1 q1 2 q2 4 q3 6 set vip Syntax
52. state gt 0 or 1 Example LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management PSES 2126C poe set state 11 0 m show Syntax show Description To display the PoE status Argument None Possible value None Example PSES 2126C poe show Vmain 48 3 V Imain 0 0A Pconsume 0 0 W Power Limit 185 W Temperature 37 C 98 F Port No 123456789 10 11 12 Port On X XXXXXXXXX X X AC Disconnect Port Off X X X X X X X X X X X X DC Disconnect Port Off X X X X X X X X X X X X Overload Port Off X X X X X X X X X X X X Short Circuit Port Off X X X X X X X X X X X X Over Temp Protection X X X X X X X X X X X X 187 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 188 Power Management Port Off X X X X X X X X X X X X Port No 13 22 23 24 Ee eae EXPENSES Port On XXX AC Disconnect Port Off X X X DC Disconnect Port Off X X X Overload Port Off X X X Short Circuit Port Off X X X Over Temp Protection X X X Power Management Port Off X X X Port Status State Priority Power W 14 15 16 17 18 X X X X X x X X X X gt lt 19 20 21 Normal Enable Normal Normal Enable Normal Normal Enable Normal Normal Enable Normal Normal Enable Normal Normal Enable Normal Normal Enable Normal O AD Ui e W YY e Norma
53. und LANCOM ES 2126P B Chapter 5 Operation of CLI Management PSES 2126C ip enable dhcp manual set dns Syntax set dns lt ip gt Description To set the IP address of DNS server Argument ip dns ip address Possible value ip 168 95 1 1 Example PSES 2126C ip set dns 168 95 1 1 set ip Syntax set ip ip mask gateway Description To set the system IP address subnet mask and gateway Argument ip ip address mask subnet mask gateway default gateway Possible value ip 192 168 1 1 or others masks 255 255 255 0 or others gateway 192 168 1 253 or others Example PSES 2126C ip set ip 192 168 1 2 255 255 255 0 192 168 1 253 show Syntax show Description 173 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management To display the system s DHCP function state IP address subnet mask default gateway DNS mode DNS server IP address and current IP address Argument None Possible value None Example PSES 2126C ip show DHCP Disable IP Address 192 168 1 1 Current IP Address 192 168 1 1 Subnet mask i 255 255 255 0 Gateway 192 168 1 253 DNS Setting Manual DNS Server i 192 95 1 1 log B clear Syntax Clear Description To clear the log data
54. value None Example PSES 2126C account modify aaaaa username password the length is from 5 to 15 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Current username aaaaa bbbbb New password Confirm password Username changed successfully Password changed successfully m show Syntax show Description To show system account including account name and identity Argument None Possible value None Example PSES 2126C account show Account Name Identity admin Administrator guest guest bbbbb guest alarm lt lt email gt gt m del mail address Syntax del mail address lt gt Description To remove the e mail address Argument gt email address number range 1 to 6 A Possible value 143 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 144 it 1t06 Example PSES 2126C alarm email del mail address 2 del server user Syntax del server user Description To remove the server user account and password Argument None Possible value None Example PSES 2126C alarm email del server user set mail address Syntax set mail address lt gt mail address gt Description To set up the email address Argument it email address nu
55. worked and restricted in the allowed group configuration if Custom had been chosen Add A new entry of allowed group configuration can be created after the parameters as mentioned above had been setup and then press lt Add gt button 61 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 62 4 9 4 9 1 VLAN Edit The existed entry also can be modified after pressing Edit but Delete Remove the existed entry of allowed group configuration from the allowed group The switch supports Tag based VLAN 802 1q and Port based VLAN Support 256 active VLANs and VLAN ID 1 4094 VLAN configuration is used to parti tion your LAN into small ones as your demand Properly configuring it you can gain not only improving security and increasing performance but greatly redu cing VLAN management VLAN Mode Function name VLAN Mode Setting Function Description The VLAN Mode Selection function includes two modes Port based and Tag based you can choose one of them by pul ling down list and pressing the Downward arrow key Then click Apply button the settings will take effect immediately Parameter Description VLAN Mode Tag based This is the default setting Tag based VLAN identifies its member by VID This is quite diffe rent from port based VLAN If there are any more rules in ingr
56. 1 13 Example PSES 2126C time set ntp clock via net 8 Synchronizing 1 Synchronization success show Syntax show Description To show the time configuration including Current Time NTP Server Timezone Daylight Saving Daylight Saving Start and Daylight Saving End Argument None Possible value None Example PSES 2126C time show LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Current Time Wed Apr 21 06 16 22 2005 NTP Server 209 81 9 7 Timezone 8 Day light Saving 4 Hours Day light Saving Start Mth 2 Day 20 Hour 10 Day light Saving End Mth 3 Day 20 Hour 10 trunk m del trunk Syntax del trunk lt port range gt Description To remove the trunk port Argument port range syntax 1 5 7 available from 1 to 26 Possible value port range 1 to 26 Example PSES 2126C trunk amp del trunk 1 HW set hash Syntax set hash lt method gt Description To set up trunk hash method Argument method lacp hash method 0 DA and SA 1 SA 2 DA Note This hash method applies to both LACP and static trunk Possible value lt method gt 0 2 225 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 226 Example PSES 212
57. 1203000004 Host IP Address 192 168 1 1 Host MAC Address 00 00 8c 00 d8 00 Device Port UART 1 TP 24 Fiber 2 RAM Size 16 M Flash Size 2M tac plus m show access Syntax 217 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 218 show access Description Shows the access configuration Example ES 2126 tac plus show access Access retry 3 Access Login Login Primary Secondary Console Local None Telnet TACACS Local Web TACACS Local show tac plus Syntax Show tac access Description Shows the TACACS configuration Example ES 2126 tac plus show tac plus Authorization Enable Fallback to Local Authorization Enable Accounting Enable Secret Key secret Server IP 1 10 1 1 1 2 0 0 0 0 enable Syntax enable argument Description LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Enables the TACACS functions for accounting authorization and fallback to local authorization Arguments Accounting enables the TACACS accounting Authorization enables the TACACS authorization Fallback author enables the fallback to local authorization disable EN Syntax disable argument Description Disables the TACACS functions for accounting authorization and fallback to local authorizatio
58. 126C Login admin Password PSES 2126C Fig 4 2 5 2 Commands of CLI Managed Switch PSES 2126C Login admin Password PSES 2126C BU2 1X Enter into 802 1X mode account Enter into account mode alarm Enter into alarm mode autologout Change autologout time bandwidth Enter into bandwidth mode config file Enter into config file mode dhep hoot Enter into dhcp boot mode diag Enter into diag mode firmware Enter into firmware mode gvrp Enter into gvrp mode hostname Change hostname igmp snooping Enter into igmp mode ip Enter into ip mode log Enter into log mode mac table Enter into mac table mode management Enter into management mode poe Enter into PoE function port Enter into port mode Fig 4 3 127 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 128 Global Commands of CLI E end Syntax end Description Back to the top mode When you enter this command your current position would move to the top mode If you use this command in the top mode you are still in the position of the top mode Argument None Possible value None Example PSES 2126C alarm PSES 2126C alarm events PSES 2126C alarm events end PSES 2126C exit Syntax exit Description Back to the previous mode When you enter this command your current position would move back to the previous mode If you use this c
59. 126P B Chapter 5 Operation of CLI Management PSES 2126C 802 1x show security Port Mode Status Multi host Unauthorized Disable 1 2 3 Disable 4 5 Disable 6 Disable m show state Syntax show state Description To display the Radius server configuration Argument None Possible value None Example PSES 2126C 802 1x show state Radius Server 192 168 1 115 Port Number 1812 Secret Key WinRadius account E add Syntax add lt name gt Description To create a new guest user When you create a new guest user you must type in password and confirm password Argument 141 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 142 name new account name Possible value name A string must be at least 5 character Example PSES 2126C account add aaaaa Password Confirm Password PSES 2126C account del Syntax del lt name gt Description To delete an existing account Argument name gt existing user account Possible value None Example PSES 2126C account del aaaaa Account aaaaa deleted modify Syntax modify lt name gt Description To change the username and password of an existing account Argument name gt existing user account Possible
60. 20 20 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 1000 Normal Normal Normal Normal Normal Normal Normal Normal Normal Normal Normal Normal Normal Normal Normal al al al al al al al al al al al al al al al LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management HW set timer Syntax set timer lt range gt lt join gt lt leave gt lt leaveall gt Description To set gvrp join time leave time and leaveall time for each port Argument lt range gt port range syntax 1 5 7 available from 1 to 26 EN join join timer available from 20 to 100 leave leave timer available from 60 to 300 lt leaveall gt leaveall timer available from 1000 to 5000 Leave Time must equal double Join Time at least Possible value range 1 to 26 join 20 to 100 leave 60 to 300 lt leaveall gt 1000 to 5000 Example PSES 2126C gvrp set timer 2 8 25 80 2000 BW show config Syntax show config Description To display the gvrp configuration Argument None Possible value None Example PSES 2126C gvrp show conf
61. 6 supports TACACS a protocol for authentication authorization and accounting AAA It thus provides access to the network for certain authorized users only it regulates the rights of those users and it is a logging mechanism to keep track of user actions This LANCOM ES 2126P switch also complies with IEEE 802 3af its advanced auto sensing algorithm enables providing power devices PD discovery clas sification current limit and other necessary functions It also supports high safety with short circuit protection and power out auto detection to PD 10 100 1000Mbps TP is a standard Ethernet port that meets all IEEE 802 3 u X z Gigabit Fast Ethernet specifications 1000Mbps SFP Fiber transceiver is a Gigabit Ethernet port that fully complies with all IEEE 802 3z and 1000Base SX LX standards 1000Mbps Single Fiber WDM BiDi transceiver is designed with an optic Wavelength Division Multiplexing WDM technology that transports bi direc tional full duplex signal over a single fiber simultaneously LANCOM ES 2126 und LANCOM ES 2126P B Chapter 1 Introduction 1 1 Onyl for LANCOM ES 2126 Key Features in the Device QoS Support Quality of Service by the IEEE 802 1P standard There are two priority queue and packet transmission schedule using Weighted Round Robin WRR User defined weight classification of packet priority can be based on either VLAN tag on packets or user defined port priority Spanning Tree Suppo
62. 6C trunk set hash 2 HW set priority Syntax set priority range Description To set up the LACP system priority Argument range gt available from 1 to 65535 Possible value lt range gt 1 to 65535 Example PSES 2126C trunk set priority 33333 set trunk Syntax set trunk port range method group active LACP gt Description To set up the status of trunk including the group number and mode of the trunk as well as LACP mode Argument lt port range gt syntax 1 5 7 available from 1 to 26 method lt static lacp gt static adopt the static link aggregation lacp adopt the dynamic link aggregation link aggregation control protocol group 1 3 active LACP gt lt passive active gt active set the LACP to active mode passive set the LACP to passive mode Possible value port range 1 to 26 method static or lacp LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management group 1 3 active LACP gt active or passive Example PSES 2126C trunk set trunk 2 5 lacp 1 active show aggtr view Syntax show aggtr view Description To display the aggregator list Argument None Possible value None Example PSES 2126C trunk show aggtr view Aggregator 1 Method None Memb
63. 8 bit SERVICE TYPE field to accommodate a set of differentiated services DS Under the differentiated services interpre tation the first six bits comprise a codepoint which is sometimes abbreviated DSCP and the last two bits are left unused High Priority Packet streams will experience less delay into the switch For handing different priority packets each egress port has designed up to 4 queues Each QoS is influenced by two scheduling WRR Weighted Round Robin and Strict Priority as well When you finish to set the priority mapping to the queue WRR scheduling will distribute the bandwidth according to the weight you set for 4 queues queue 0 to queue 3 Another scheduling is Strict Priority dedicated for the function named VIP Port of QoS While we select some ports as the VIP Port these ports will own the highest transmitting pri ority in egress queue of the switch The QoS functions as we mentioned above are able to enabled at the same time But the following precedence will decide whether these functions work or not enable both VIP and TOS Choose priorities of VIP and TOS LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management enable both VIP and DSCP Choose priorities of VIP and DSCP enable both TOS and DSCP Choose DSCP enable both VIP and DSCP Choose priorities of VIP and DSCP enable both 802 1p and TOS Choose TOS Q enable both 802 1p and DSCP Choose DSCP enab
64. ANCOM ES 2126P B Chapter 5 Operation of CLI Management 208 PSES 2126C security mirror set 1 4 2 3 show Syntax show Description To display the current setting status of mirror Argument None Possible value None Example PSES 2126C security mirror show Mirror Monitoring Port 1 Monitored Ingress 4 Monitored Egress 2 3 snmp m disable Syntax disable set community disable snmp Description The Disable here is used for the de activation of snmp or set community Argument None Possible value None Example PSES 2126C snmp disable set community PSES 2126C snmp disable snmp LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Em enable Syntax enable set community enable snmp Description The Enable here is used for the activation snmp or set community Argument EN None Possible value None Example PSES 2126C snmp enable set community PSES 2126C snmp enable snmp E set Syntax set get community lt community gt set set community lt community gt set trap it ip port community Description The Set here is used for the setup of get community set community trap host ip host port and trap community Argument it trap number range 1 to 6
65. Argument None Possible value None Example PSES 2126C log upload mac table lt lt alias gt gt m del Syntax del mac Description To delete the mac alias entry Argument mac mac address format 00 02 03 04 05 06 176 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Possible value mac mac address Example PSES 2126C mac table alias st del 00 44 33 44 55 44 set Syntax set mac alias Description To set up the mac alias entry Argument mac mac address format 00 02 03 04 05 06 alias mac alias name max 15 characters Possible value mac mac address alias max 15 characters Example PSES 2126C mac table alias set 00 44 33 44 55 44 www show Syntax show Description To display the mac alias entry Argument None Possible value None Example PSES 2126C mac table alias show MAC Alias List MAC Address Alias 1 00 02 03 04 05 06 aaa 177 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 178 2 00 33 03 04 05 06 ccc lt lt information gt gt search Syntax search lt port gt lt mac gt lt vid gt Description To look for the relative mac information in mac table
66. C diag loopback Internal Loopback Test OK 159 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 160 External Loopback Test Port 12345 6789 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 Fail ping Syntax ping ip Description To confirm that whether the remote end station or switch itself is alive or not Argument ip IP address or domain name Possible value IP address e g 192 168 2 65 or domain name e g tw yahoo com Example PSES 2126C diag ping 192 168 1 115 Gateway 192 168 1 253 192 168 1 115 is alive firmware BW setupgrade path Syntax Description To set up the image file that will be upgraded Argument filepath gt upgrade file path and name Possible value filepath gt upgrade file path and name Example PSES 2126C firmware set upgrade path FEL2SW26_ES2126_v2 05 img show Syntax Description To display the information of tftp server and upgrade path and file name LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Argument None Possible value None Example PSES 2126C firmware t show TFTP Server IP Address 192 168 3 111 Path and Filename FEL2SW26 ES2126 v2 05 img HW upgrade Syntax Description To run the software upgrade func
67. COM ES 2126P m Chapter 4 Operation of Web based Management 36 4 2 3 networks hence subnet mask is introduced to solve this problem Subnet mask uses some bits from host address and makes an IP address looked Network address Subnet mask number and host address This reduces the total IP number of a network able to sup port by the amount of 2 power of Subnet mask is used to set the sub net mask value which should be the same value as that of the other devices resided in the same network it attaches For more information please also see the Section 2 1 5 IP Address Assignment in this manual Default 255 255 255 0 Default gateway Set an IP address for a gateway to handle those packets that do not meet the routing rules predefined in the device If a packet does not meet the criteria for other pre defined path it must be forwarded to a default router on a default path This means any packet with undefined IP address in the routing table will be sent to this device unconditionally Default 192 168 1 254 DNS It is Domain Name Server used to serve the translation between IP address and name address The switch supports DNS client function to re route the mnemonic name address to DNS server to get its associated IP address for acces sing Internet User can specify a DNS IP address for the switch With this the switch can translate a mnemonic name address into an IP address There are two ways to spec
68. CP System Configuration m Function Description It is used to set the priority part of the LACP system ID LACP will only aggregate together the ports whose peer link partners are all on a single system Each system supports LACP will be assigned a globally unique System Identifier for this purpose A system ID is a 64 bit field comprising a 48 bit MAC Address and 16 bit priority value E Parameter Description System Priority The System Priority can be set by the user Its range is from 1 to 65535 Default 32768 Hash Method DA SA DA and SA are three Hash methods offered for the Link Aggregation of the switch Packets will decide the path to transmit according to the mode of Hash you choose 87 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 88 4 14 Default DA and SA LACP System Configuration Hash Method DA and SA v Note This hash method applies to both LACP and static trunk 802 1x Configuration 802 1x port based network access control provides a method to restrict users to access network resources via authenticating user s information This rest ricts users from gaining access to the network resources through a 802 1x enabled port without authentication If a user wishes to touch the network through a port under 802 1x control he she must firstly input his her account name for authentication and waits for gaining authorization before sending or recei
69. D This PVID range will be 1 4094 Before you set a number x as PVID you have to create a Tag based VLAN with VID x For example if port x receives an untagged packet the switch will apply the PVID assume as VID y of port x to tag this packet the packet then will be forwarded as the tagged packet with VID y Default Priority It bases on 802 1p QoS and affects untagged packets When the packets enter the switch it would get the priority precedence according to your Default Priority setting and map to 802 1p priority setting in QoS function For example while you set Default Priority of port 2 with 2 and transmit untagged packets to port 2 these packets will own priority 2 precedence due to your default 802 1p Priority Mapping setting in QoS function and be put into Queue 1 Drop Untag Drop untagged frame You can configure a given port to accept all frames Tagged and Untagged or just receive tagged frame LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management If the former is the case then the packets with tagged or untagged will be processed If the later is the case only the packets carrying VLAN tag will be processed the rest packets will be discarded 4 9 4 Port based Group m Function name Port based Group Configuration W Function Description It shows the information of the existed Port based VLAN Groups You can easily create edit and delete a Port based VLAN group by pressing Add
70. DU originated from the root bridge and if the message age conveyed in the BPDU exceeds the Max Age of the root bridge the bridge will treat the root bridge malfunctioned and issue a Topology Change Notification TCN BPDU to all other bridges All bridges in the LAN will re calculate and determine who the root bridge is The valid value of Max Age is 6 40 seconds Default is 20 seconds Forward Delay You can set the root bridge forward delay time This figure is set by root bridge only The forward delay time is defined as the time spent from Listening state moved to Learning state and also 79 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 80 4 12 3 from Learning state moved to Forwarding state of a port in bridge The forward delay time contains two states Listening state to Learning state and Learning state to Forwarding state It assumes that forward delay time is 15 seconds then total forward delay time will be 30 seconds This has much to do with the STP convergent time which will be more than 30 seconds because some other factors The valid value is 4 30 seconds default is 15 seconds Force Version Two options are offered for the user s choosing STP algorithm One is RSTP and the other is STP If STP is chosen RSTP will run as a legacy STP The switch supports RSTP 802 1w which is back ward compatible with S
71. ES 2126P B Chapter 4 Operation of Web based Management m Function Description It is used to set each port s operation mode The switch supports 3 parameters for each port They are State Speed Duplex and Flow Control m Parameter Description State Set the communication capability of the port is Enabled or Disabled When enabled traffic can be transmitted and received via this port When disabled the port is blocked and no traffic can be transferred through this port Port State is configurable by the user There are only two states Enable and Disable able to choose If you set a port s state Disable then that port is prohibited to pass any traffic even it looks Link up Default Enable Speed Duplex Set the speed and duplex of the port In speed 10 100Mbps baud rate is available for Fast Ethernet Gigabit module in port 25 26 If the media is 1Gbps fiber it is always 1000Mbps and the duplex is full only If the media is TP the Speed Duplex is compri sed of the combination of speed mode 10 100 1000Mbps and dup lex mode full duplex and half duplex The following table summarized the function the media supports Media type NWay Speed Duplex 100M TP ON OFF 10 100M Full Half 1000M TP ON OFF 10 100 1000M Full for all Half for 10 100 1000M Fiber ON OFF 1000M Full 46 In Auto negotiation mode no default value In Forced mode default value depends on your
72. Hello Time Show the current hello time of the root bridge Hello time is a time interval specified by root bridge used to request all other bridges periodically sending hello message every hello time seconds to the bridge attached to its designated port STP Topology Change Count STP Topology Change Count expresses the time spent in unit of seconds since the beginning of the Spanning Tree Topology Change to the end of the STP convergence Once the STP change is converged the Topology Change count will be reset to 0 The figures showing in the screen may not be the exact time it spent but very close to because the time is eclipsing Time Since Last Topology Change Time Since Last Topology Change is the accumulated time in unit of seconds the STP has been since the last STP Topology Change was made When Topology Change is initi ated again this counter will be reset to 0 And it will also count again once STP topology Change is completed STP Status Disabled 00 A0 57 13 FA 7E Bridge Priority Designated Root Designated Priority Root Port Root Path Cost Current Max Age sec Current Forward Delay sec Hello Time sec STP Topology Change Count Time Since Last Topology Change sec 32768 00 A0 57 13 FA 7E 32768 0 0 20 15 2 0 0 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 4 12 2 STP Configuration The STP Spanning Tree Protocol actually includes RSTP In the Spanning Tr
73. Incoming Port The switch supports two kinds of options for managed valid Port Range including Any and Custom Default is Any You can select the ports that you would like them to be worked and rest ricted in the management security configuration if Custom had been chosen Access Type The switch supports two kinds of options for managed valid Access Type including Any and Custom Default is Any Http Telnet and SNMP are three ways for the access and mana ging the switch in case that Custom had been chosen Action The switch supports two kinds of options for managed valid Action Type including Deny and Accept Default is Deny When you choose Deny action you will be restricted and refused to manage the switch due to the Access Type you choose However LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management while you select Accept action you will have the authority to manage the switch Edit Create A new entry of Management Security Configuration can be created after the parameters as mentioned above had been setup and then press lt Edit Create gt button Of course the existed entry also can be modified by pressing this button Delete Remove the existed entry of Management Security Configura tion from the management security table 4 2 6 Virtual Stack W Function name Virtual Stack W Function Description Virtual Stack Management
74. Jun 16 15 25 02 2008 Login admin 3 Mon Jun 16 11 41 58 2008 Login admin 4 Sun Jun 15 22 49 42 2008 Logout admin 5 SunJun 15 22 40 36 2008 Logout admin 6 SunJun 15 22 34 33 2008 Login admin 7 Sun Jun 15 22 24 37 2008 Login admin 8 Sun Jun 15 22 23 25 2008 Cold Start Auto Upload Enable Upload Log Clear Log m Parameter Description No Display the order number that the trap happened Time Display the time that the trap happened 122 4 23 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Events Display the trap event name Auto Upload Enable Switch the enabled or disabled status of the auto upload function Upload Log Upload log data through tftp Clear Log Clear log data Firmware Upgrade Software upgrade tool is used to help upgrade the software function in order to fix or improve the function The switch provides a TFTP client for software upgrade This can be done through Ethernet W Function name Firmware Upgrade m Function Description The switch supports TFTP upgrade tool for upgra ding software If you assure to upgrade software to a newer version one you must follow two procedures 1 Specifying the IP address where TFTP server locates In this field the IP address of your TFTP server should be filled in 2 Specifying what the filename and where the file is You must specify full path and filename Then press
75. Pavlov Products from LANCOM Systems contain open source software components which are available as source text and which are subject to special licenses and the copyright of their authors In particular the firmware components are subject to the terms of the GNU General Public License version 2 GPL The license agreement with the text of the GPL is available on the LANCOM CD in the relevant product s directory On request you can obtain the source texts and licensing details elec tronically from the LANCOM Systems GmbH FTP server LANCOM Systems GmbH Adenauerstr 20 B2 52146 Wuerselen Deutschland www lancom systems com Wuerselen Oktober 2009 110533 1009 Model restrictions LANCOM ES 2126 und LANCOM ES 2126P B Preface Preface Thank you for your confidence in us The LANCOM switch models LANCOM ES 2126 and LANCOM ES 2126P are ideally suited to small medium sized and performance networks in business environments The LANCOM ES 2126 switch features 24 Fast Ethernet and two combo ports TP SFP it integrates perfectly into LANCOM s Advanced Routing und Forwarding and it supports up to 256 active VLANs It uses bandwidth control to prioritize the data traffic according to predefined criteria e g voice data or certain ports Furthermore the LANCOM ES 2126P switch supports Power over Ethernet for connected network devices The overall power output of 185 Watts from the PoE supply can be flexibly divided between t
76. Syntax Description To set up the hostname of the switch 169 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 170 Argument name hostname max 40 characters Possible value name hostname max 40 characters Example PSES 2126C hostname Company Company igmp snooping m add allowed group Syntax add allowed group ip multicast vid lt port range gt Description To add the entry of allowed IP multicast group Argument lt ip multicast gt the range of IP multicast lt vid gt VLAN ID 1 4094 or any lt port range gt syntax 1 5 7 available from 1 to 26 Possible value lt ip multicast gt ex 224 1 1 1 225 2 3 3 or any lt vid gt 1 4094 or any lt port range gt 1 to 26 Example PSES 2126C igmp snooping add allowed group 224 1 1 1 225 2 3 3 100 1 10 del allowed group Syntax del allowed group lt index gt Description To remove the entry of allowed IP multicast group Argument index gt the index of the allowed group A LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Possible value index the index of the allowed group Example PSES 2126C igmp snooping del allowed group 1 HW set mode Syntax Description To set up the mode of IGMP Snoo
77. TP 802 1d STP Configuration gt CTI NN 20 Fomarddety 30se0 BE Note 2 Forward Delay 1 gt Max Age Max Age gt 2 Hello Time 1 E Apply STP Port Configuration Function name STP Port Setting m Function Description In the STP Port Setting one item selection and five parameters settings are offered for user s setup User can disable and enable each port by selecting each Port Status item User also can set Path Cost and Priority of each port by filling in the desired value and set Admin Edge Port and Admin Point To Point by selecting the desired item B Parameter Description LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Port Status It displays the current state of a port We cannot manually set it because it displays the status only There are three possible sta tes according to 802 1w specification DISCARDING state indicates that this port can neither forward packets nor contribute learning knowledge Notice Three other states Disable state BLOCKING state and LIS TENING state defined in the 802 1d specification are now all rep resented as DISCARDING state LEARNING state indicates this port can now contribute its lear ning knowledge but cannot forward packets still FORWARDING state indicates this port can both contribute its learning knowledge and forward packets norm
78. TP DownEnabled Enabled m p opo 14 TP DownEnabled Enabled mL o 15 TP DownEnabled Enabled aj Function name Port Status m Function Description Report the latest updated status of all ports in this switch When any one of the ports in the switch changes its parameter displayed in the page it will be automatically refreshed the port current status about every 5 seconds W Parameter Description Port No Display the port number The number is 1 26 Both port 25 and 26 are optional modules Media Show the media type adopted in all ports The Port 25 and Port 26 are optional modules which support either fiber or UTP media with either Gigabit Ethernet 1000Mbps or 10 100Mbps Fast Ethernet port They may have different media types and speed Especially fiber port has comprehensive types of connector distance fiber mode and so on The switch describes the module ports with the following page Hj Link Show that if the link on the port is active or not If the link is con nected to a working well device the Link will show the link Up otherwise it will show Down This is determined by the hardware on both devices of the connection No default value 47 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 48 State Show that the communication function of the port is Enabled or Disabled When
79. The Information of Page Layout 4 2 System 4 2 1 System Information 4 2 2 IP Configuration 4 2 3 Time Configuration 4 2 4 Account Configuration 4 2 5 Management Security 4 2 6 Virtual Stack 4 2 7 System Log 4 3 Port 4 3 1 Port Configuration 4 3 2 Port Status 4 3 3 Simple Counter 4 3 4 Detail Counter 4 4 PoE 4 5 Loop Detection 4 6 SNMP Configuration 4 7 DHCP Boot 4 8 IGMP Snooping 4 9 VLAN 4 9 1 VLAN Mode 4 9 2 Tag based Group 4 9 3 PVID 4 9 4 Port based Group 4 10 MAC Table 4 11 GVRP Configuration 4 12 STP Configuration 4 12 1 STP Status 4 12 2 STP Configuration 4 12 3 STP Port Configuration 4 13 Trunking Configuration 4 14 802 1x Configuration 4 15 TACACS 4 15 1 Introduction 30 31 31 33 34 36 39 40 43 44 45 45 47 50 51 53 56 56 58 59 62 62 64 66 67 68 72 77 77 79 80 83 88 97 97 LANCOM ES 2126 und LANCOM ES 2126P B Contents 4 15 2 Configuring the TACACS parameters 98 4 16 Alarm Configuration 102 4 16 1 Events 102 4 16 2 E Mail 103 4 17 Security 104 4 18 Bandwidth Management 106 4 19 QoS Quality of Service Configuration 109 4 20 Diagnostics 118 4 20 1 Diagnostics 118 4 20 2 Loopback 119 4 20 3 Ping 120 4 20 4 Watchdog 120 4 21 TFTP Server 121 4 22 Log 122 4 23 Firmware Upgrade 123 4 24 Reboot 124 4 25 Logout 125 5 Operation of CLI Management 126 5 1 CLI Management 126 5 1 1 Login 126 5 2 Commands of CLI 127 5 2 1 Global Commands of CLI 128
80. Upgrade button if your download is not successful the switch will also be back to Software Upgrade and it will not upgrade the software as well When download is completed the switch starts upgrading software A reboot message will be prompted after completing upgrading software At this time you must reboot the switch to have new software worked Note Software upgrade is hazardous if power is off You must do it care fully m Parameter Description TFTP Server A TFTP server stored the image file you want to upgrade 123 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Path and Filename File path and filename stored the image file you want to upgrade Firmware Upgrade TFTP Server 0 0 0 0 Path and Filename 4 24 Reboot We offer you many ways to reboot the switch including power up hardware reset and software reset You can press the RESET button in the front panel to reset the switch After upgrading software changing IP configuration or changing VLAN mode configuration then you must reboot to have the new configuration taken effect Here we are discussing is software reset for the reboot in the main menu m Function name Reboot m Function Description Reboot the switch Reboot takes the same effect as the RESET button on the front panel of the switch It will take around thirty 30 seconds to complete the system boot Parameter Descr
81. VSM is the group management function Through the proper configuration of this function switches in the same LAN will be grouped automatically And among these switch one switch will be a master machine and the others in this group will become the slave devices VSM offers a simple centralized management function It is not necessary to remember the address of all devices manager is capable of managing the network with knowing the address of the Master machine Instead of SNMP or Telnet UI VSM is only available in Web UI While one switch become the Master two rows of buttons for group device will appear on the top of its Web UI By pressing these buttons user will be allowed to connect the Web UI of the devices of the group in the same window wit hout the login of these device The most top left button is only for Master device The background color of the button you press will be changed to represent that the device is under your management Note It will remove the grouping temporarily in case that you login the switch via the console The device of the group will be shown as station address the last number of IP Address device name on the button e g 196 PSES 2126C otherwise it will show if no corresponding device exists Once the devices join the group successfully then they are merely able to be managed via Master device and user will fail to manage them via tel net console web individually Up to 16 devices
82. abled LACP Disabled ACP Enabled LACP Member Added LACP Port Failure GVRP Disabled GVRP Enabled Port based Vlan Enabled Tag based Vlan Enabled oO aua O aOR t FO Module Inserted 149 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 20 Module Removed 21 Moudle Media Swapped 22 PoE Failure m show alarm Syntax show Description The Show for alarm here is used to display the configuration of Trap SMS or E mail Argument None Possible value None Example PSES 2126C alarm show email PSES 2126C alarm show events PSES 2126C alarm show sms lt lt sms gt gt BW del phone number Syntax del phone number lt gt Description To delete sms phone number Argument it mobile phone number range 1 to 6 A Possible value gt 1 to 6 Example PSES 2126C alarm sms del phone number 3 A W del server user Syntax del server user 150 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Description To delete sms server user account and password Argument None Possible value None Example PSES 2126C alarm sms del server user BW set phone number Syntax set phone number lt gt phone number Description To add sms phone num
83. acket transmitted TX Octets Total transmitted bytes Tx Unicast Packets Show the counting number of the transmitted uni cast packet Tx Broadcast Packets Show the counting number of the transmitted broadcast packet Tx Multicast Packets Show the counting number of the transmitted multicast packet LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Tx Pause Packets Show the counting number of the transmitted pause packet Rx FCS Errors Number of bad FSC packets received Rx Alignment Errors Number of Alignment errors packets received Rx Fragments Number of short frames 64 bytes with invalid CRC Rx Jabbers Number of long frames according tomax length register with invalid CRC Rx Drop Packets Frames dropped due to the lack of receiving buffer EN Rx Undersize Packets Number of short frames 64 Bytes with valid CRC Rx Oversize Packets Number of long frames according to max length register with valid CRC 4 4 PoE LANCOM ES 2126P Function name PoE Status any m Function Description Display the information about the PoE status PoE Status C 5v CHE CETT EMO W ARLE 185 We ee 35 C 95 F C 123455678 9 10 t1 12 15 14 15 16 17 18 19 20 21 22 Porton m Parameter Description Vmain The volt is supplied by the PoE Imain The sum of the current that every port supplies Pconsume The sum of the pow
84. ally Path Cost Status It is the contribution value of the path through this port to Root Bridge STP algorithm determines a best path to Root Bridge by calculating the sum of path cost contributed by all ports on this path A port with a smaller path cost value would become the Root Port more possibly Configured Path Cost The range is 0 200 000 000 In the switch if path cost is set to be zero the STP will get the recommended value resulted from auto negotiation of the link accordingly and display this value in the field of Path Cost Status Otherwise it may show the value that the administrator set up in Configured Path Cost and Path Cost Status 802 1w RSTP recommended value Valid range 1 200 000 000 10 Mbps 2 000 000 100 Mbps 200 000 1Gbps 20 000 Default 0 Priority Priority here means Port Priority Port Priority and Port Num ber are mixed to form the Port ID Port IDs are often compared in order to determine which port of a bridge would become the Root Port The range is 0 240 Default is 128 Admin Edge Port If user selects Yes this port will be an edge port An Edge Port is a port connected to a device that knows nothing about STP or RSTP Usually the connected device is an end station 81 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management 82 Edge Ports will immediately transit to forwarding state and skip the listening and learning s
85. an be placed on the mode that the user connect to the Switch for example we can decide that which VLAN VID is able to be accepted or denied by the switch the IP range of the user could be accep ted or denied by the switch the port that the user is allowed or not allo wed to connect with the switch or the way of controlling and connecting to the switch via Http Telnet or SNMP 41 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Management Security Configuration es GNRN IP Range Any Any E O Custom cutn D IncomingPort Access Type Action Any O Custom Any 1 2 3 4 5 6 7 8 O Custom O Deny 9 10 11 12 13 14 15 16 Hitp Accept Telnet 17 18 19 20 21 22 23 24 SNMP 25 26 EditiCreate Parameter Description 42 Name A name is composed of any letter A Z a z and digit 0 9 with maximal 8 characters VID The switch supports two kinds of options for managed valid VLAN VID including Any and Custom Default is Any When you choose Custom you can fill in VID number The valid VID range is 1 4094 IP Range The switch supports two kinds of options for managed valid IP Range including Any and Custom Default is Any In case that Custom had been chosen you can assigned effective IP range The valid range is 0 0 0 0 255 255 255 255
86. announcement that all registered device is going to be de registered If someone still issues a new join then a registration will be kept in the switch Valid range 1000 5000 unit time Default 1000 unit time 3 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 74 Default Applicant Mode The mode here means the type of partici pant There are two modes normal participant and non participant provided for the user s choice Normal It is Normal Participant In this mode the switch participates normally in GARP protocol exchanges The default setting is Normal Non Participant It is Non Participant In this mode the switch does not send or reply any GARP messages It just listens messages and reacts for the received GVRP BPDU Default Registrar Mode The mode here means the type of Registrar There are three types of parameters for registrar administrative control value normal registrar fixed registrar and forbidden registrar provi ded for the user s choice Normal It is Normal Registration The Registrar responds normally to incoming GARP messages The default setting is Normal Fixed It is Registration Fixed The Registrar ignores all GARP mes sages and all members remain in the registered IN state Forbidden It is Registration Forbidden The Registrar ignores all GARP messages and all members remain in the unregistered EMPTY state
87. ant yellow when the 100 Mbps mode is active Off when the 10 Mbps mode is active Constant green when the network connection is established to the connected device Off if no network connection can be established to the connected device Constant green when the optical port is active Off when the TP port is active This LED displays the following information depending on the selected LED status m LED mode Active Blinks yellow during data transfer m LED mode Full Duplex Constant green when full duplex mode is active for this port blinks yellow in case of collisions m LED mode Speed Constant green when the Gbps mode is active Off when the 10 Mbps or 100 Mbps mode is active LEDs and buttons on the LANCOM ES 2126P Located on the front of the device are light emitting diodes LEDs that pro vide information on device status and also two buttons LANCOM ES 2126 und LANCOM ES 2126P POWER CPU RUN pwr Q Pok Act unk Port 1 to 24 ACUFDXISPD Port 1 to 24 O ac E Chapter 2 Installation LANCOM ES 2126P 25 LINK ACT FDX SPD ACT LINK FDX LE RI NE LI NU PT d e 26 LEDSET RESET Blinks green if the CPU is running without problem Power LED Constant green when power is supplied to the device Constant green when the device connected to this p
88. arded to the central AAA server which responds by checking the data and answering with an accept or a reject 9 User ID o9 User ID E m Accept Accept PC NAS AAA SERVER Configuring the TACACS parameters TACACS is configured with the following parameters E State Configures the TACACS server and sets the password for the encryption of data communications with the TACACS protocol Server 1 Address of the TACACS server to which requests for authentication authorization and accounting are to be forwarded The value 0 0 0 0 deactivates this entry Server 2 You can optionally configure a second TACACS server address here If the first TACACS server is not available and the maximum number of failed login attempts is reached the device forwards its login requests to the alternative TACACS server The maximum number of failed login attempts is set as the Access retry value under the Access menu item The value 0 0 0 0 deactivates this entry Secret key The password for encrypting the communications between NAS and TACACS servers TACACS server We recommend that you do not operate TACACS D The password must be entered identically into the LANCOM and the without encryption LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management TACACS Setting CA 10 1 1 1 0 0 0 0 is Disable lt Authentication The device for configuration can
89. ardware and software First check the package contents and system requirements The device can be installed and configured quickly and easily if all prerequisites are fulfilled Package content Before beginning with the installation please check that nothing is missing from your package Along with the LANCOM switch the box should contain the following accessories Power cord 19 adapter 2 pieces and mounting materials Serial configuration cable LANCOM CD S ISI amp ISIS S ININISIS Printed documentation Should anything be missing please take up immediate contact to your dealer or to the address on the delivery note supplied with your device System requirements Computers that connect to a LANCOM must meet the following minimum requirements Operating system with TCP IP support such as Windows Linux BSD Unix Apple Mac OS 05 2 Hi Access to the LAN via the TCP IP protocol m Browser for Web based configuration The LANtools also require a Windows operating system A web brow ser under any operating system provides access to WEBconfig LANCOM ES 2126 und LANCOM ES 2126P E Chapter 2 Installation 2 3 Status displays and interfaces Meanings of the LEDs The following section describes the meaning of the LEDs Please be aware that LANmonitor shows far more information about the status of the LANCOM switch than the LEDs Monitoring the LANCOM switch with LANmonitor ee 2
90. band width distribution according to your weight setting H Parameter Description 802 1p Priority Mapping Each Priority can select any of Queue 0 Queue 3 In Default Priority 0 is mapping to Queue 0 Priority 1 is mapping to Queue 0 Priority 2 is mapping to Queue 1 Priority 3 is mapping to Queue 1 Priority 4 is mapping to Queue 2 Priority 5 is mapping to Queue 2 Priority 6 is mapping to Queue 3 and Priority 0 is mapping to Queue 3 802 1p Priority Mapping eS i w lt m Function name D Type TOS m Function Description IP TOS Priority affect TOS fields of IP header you can find it has 8 bit SERVICE TYPE field that specifies how the datagram should be handled The field could be divided into six subfields as follows PRECEDENCE 3 bits D Type Delay Priority 1 bit T Type Throughput Priority 1bit R Type Reliability Priority 1bit M Type Monetary Cost Priority 1bit and UNUSED PRECEDENCE 3 bits can arrange 8 kinds of priorities corresponding to the 0 7 priority in the following priority dia gram TOS Delay Priority Mapping works while D TYPE in TOS field of IP header of the packets received by the switch is configured 113 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 114 0 1 2 3 4 5 6 7 Rbi Mbit Precedence Dbit MBZ Precedence Vorrangssteuerung MBZ Must Be Zero oO Parameter Description TOS De
91. be accessed via the serial interface console via the LAN with Telnet or SSH or with a browser Access authentication for each of these three access methods can be individually set up either to refer to the user accounts in the device itself or to the the user accounts on the TACACS server A second login option can be defined in case access authentication fails several times for the selected user account Login primary TACACS for login via the TACACS server Local for login using the local user accounts Login secondary TACACS and Local as above The only value available here is the one not selected under Login primary With the additional option None the secondary login can be deactivated The fallback to local user accounts presents a security risk if no root password is set For this reason TACACS authentication with fall back to local user accounts can only be activated if a root password has been set Access retry Defines the number of login failures before switching to the secondary login option If TACACS is set as the Login primary then the defined number of login failures are followed by an attempt to use the secondary TACACS server Only in the event that the maximum number of login failures occurs for this server too does the option set under Login secondary come into effect 99 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Manag
92. benefit of using Static Trunk method is that a port can immediately become a member of a trunk group without any handshaking with its peer port This is also a disadvantage because the peer ports of your static trunk group may not know that they should be aggregate together to form a logic trunked port Using Static Trunk on both end of a link is strongly recommended Please also note that low speed links will stay in not ready state when using static trunk to aggregate with high speed links As to system restrictions about the port aggregation function on the switch in the management point of view the switch supports maximum 3 trunk groups for LACP and additional 3 trunk groups for Static Trunk But in the system capability view only 3 real trunked groups are supported An LACP trunk group with more than one ready member ports is a real trunked group An LACP trunk group with only one or less than one ready member ports is not a real trunked group Any Static trunk group is a real trunked group Per Trunking Group supports a maximum of 4 ready member ports Please note that some decisions will automatically be made by the system while you are configuring your trunking ports Trunk Setting Rules are listed below Rule1 Maximum 3 groups are allowed Rule 2 The members of each group cannot exceed more than 4 ports Rule 3 Group 1 and 2 cannot exist member 25 and 26 port Rule 4 Group 3 cannot exist member from 1 to 24 port Fun
93. ber Argument it mobile phone number range 1 to 6 phone number phone number Possible value gt 1 to 6 Example PSES 2126C alarm sms set phone number 1 0968777777 E set server Syntax set server lt ip gt A Description To set up the IP address of sms server Argument A ip gt SMS server ip address or domain name Possible value None Example PSES 2126C alarm sms set server 192 168 1 7 151 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 152 set user Syntax set user username Description To set up user account and password of sms server Argument username SMS server account Possible value None Example PSES 2126C alarm sms set user ABC show Syntax show Description To display the configuration of SMS trap event Argument None Possible value None Example PSES 2126C alarm sms show SMS Server 192 168 1 7 Username ABC Password okckckckck ck kk kk kk kk Mobile Phone 1 0968777777 Mobile Phone Mobile Phone Mobile Phone Mobile Phone O o m UU N Hn Mobile Phone LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management autologout m autologout Syntax autologout lt time gt Description To set
94. ber Ports Show all member ports of an aggregator port Ready Ports Show only the ready member ports within an aggregator port Aggregator View Aggregator Method Member Ports Ready Ports _ EE None 1 EE None 2 2 EE None 3 EE None 4 EE None 5 EE None 6 None 7 EE oe 8 None 9 EO None 10 EE None 11 None 12 None 13 None 14 ER oe 15 86 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management W Function name LACP Detail LACP Aggregator Detailed Information m Function Description Show the detailed information of the LACP trunking group H Parameter Description Actor The switch you are watching on Partner The peer system from this aggregator s view System Priority Show the System Priority part of a system ID MAC Address Show the MAC Address part of a system ID Ee Port Show the port number part of an LACP port ID Key Show the key value of the aggregator The key value is determi ned by the LACP protocol entity and can t be set through manage ment Trunk Status Show the trunk status of a single member port means not ready town den Tni Sut is nen Pt Db bd uP i bn he idt LAN Bn Ag Aggregator 4 Information ae ee Bae eee System Priority MAC Address System Priority MAC Address 32768 00 a0 57 13 fa 7e 32768 00 00 00 00 00 00 Trunk Status 258 m Function name LA
95. ction name Port Setting Status Function Description Port setting status is used to configure the trunk property of each and every port in the switch system LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management m Parameter Description Method This determines the method a port uses to aggregate with other ports None A port does not want to aggregate with any other port should choose this default setting LACP A port use LACP as its trunk method to get aggregated with other ports also using LACP Static A port use Static Trunk as its trunk method to get aggrega ted with other ports also using Static Trunk Group Ports choosing the same trunking method other than None must be assigned a unique Group number i e Group ID valid value is from 1 to 8 in order to declare that they wish to aggregate with each other Active LACP This field is only referenced when a port s trunking method is LACP Active An Active LACP port begins to send LACPDU to its link partner right after the LACP protocol entity started to take control of this port Passive A Passive LACP port will not actively send LACPDU out before it receives an LACPDU from its link partner Aggtr Aggtr is an abbreviation of aggregator Every port is also an aggregator and its own aggregator ID is the same as its own Port No We can regard an aggregator as a representative of
96. ctive Active Active Active Active Active Active oO coco ow a ol Ae w N I I I Active n c I IH I Active c lt lt C SS CX CX Je ER RES ps nd I I I Active LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management iO o0 aua O OU KR C to N NY MY N N N N o Ul F W N FP c T2 None 0 Active 13 None 0 Active 14 None 0 Active 15 None 0 Active 16 None 0 Active 17 None 0 Active 18 None 0 Active 19 None 0 Active 20 None 0 Active 21 None 0 Active 22 None 0 Active 23 None 0 Active 24 None 0 Active 25 None 0 Active 26 None 0 Active VLAN W del port group Syntax del port group lt name gt Description To delete the port based VLAN group Argument name gt port VLAN name A Possible value name gt port VLAN name A Example PSES 2126C VLAN del port group VLAN 2 m deltag group Syntax del tag group vid Description 230 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management To delete the tag based VLAN group Argument vid VLAN ID available from 1 to 4094 Possible value vid 1 to 4094 Example PSES 2126C VLAN del tag group 2 m disable double tag Syntax disable double tag Description To disable double tag Argument None Possible value None
97. d for mounting in an available 19 unit in a server cabinet If necessary fix the rubber pads to the underside of the device to prevent any scratching to other equipment Ensure that the device has sufficient ventilation to prevent damage from excessive heat build up 2 LAN connection Connect the network devices to the ports of the LAN COM switch by means of a suitable twisted pair cable TP cable The con nectors automatically detect the avalable data transfer speeds and the pin assignment autosensing mum length of 100 m to ensure the best possible transfer of data Use only standard TP cables of category CAT 5e or better with a maxi Cross over cables can be used thanks to the auto sensing function 2 5 LANCOM ES 2126 und LANCOM ES 2126P E Chapter 2 Installation If optical connections are to be used additional modules can be purchased as accessories 3 Configuration via serial ports In order to configure the LANCOM switch directly connect the serial configuration cable supplied to the COM port of the device Connect the other end of this cable to an avai lable COM port RS 232 on a PC Instructions on carrying out a configu ration via the serial interface and on enterning relevant parameters via a terminal program are available under Starting the Command Line Interface via serial connection in the following chapter Supply power and switch on Supply power to the device by means of the
98. d the other is Exter nal Loopback Test The former test function will not send the test signal outside the switch box The test signal only wraps around in the switch box As to the latter test function it will send the test signal to its link partner If you do not have them connected to active network devices i e the ports are link down the switch will report the port numbers failed If they all are ok it just shows OK Note Whatever you choose Internal Loopback Test or External Loopback Test these two functions will interfere with the normal system working and all packets in sending and receiving also will stop temporarily Loopback Test ENTIER CIEL External Loopback 1 OK Fail 2 OK OK 3 OK Fail 4 OK Fail 5 OK Fail 6 OK Fail 7 OK Fail 8 OK Fail 9 OK Fail 10 OK Fail 11 OK Fail 12 OK Fail 13 OK Fail 4 OK Fail 15 OK Fail 16 OK Fail 17 oK Fail 18 oK Fail 19 oK Fail 20 OK Fail 21 OK Fail 22 OK Fail 23 OK Fail 24 OK Fail 25 OK Fail 26 OK Fail 119 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 4 20 3 Ping m Function name Ping Test m Function Description Ping Test function is a tool for detecting if the target device is alive or not through ICMP protocol which abounds with report messages The switch provides Ping Test function to let you know that if the target device is available or not You can simply fill in a known IP address and then click Ping button After a
99. dopted in some countries If set it will adjust the time lag or in advance in unit of hours according to the starting date and the ending date For example if you set the day light saving to be 1 hour When the time passes over the starting time the system time will be increased one hour after one minute at the 37 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management 38 time since it passed over And when the time passes over the ending time the system time will be decreased one hour after one minute at the time since it passed over The switch supports valid configurable day light saving time is 5 5 step one hour The zero for this parameter means it need not have to adjust current time equivalent to in act daylight saving You don t have to set the starting ending date as well If you set daylight saving to be non zero you have to set the starting ending date as well otherwise the daylight saving function will not be activated Default for Daylight Saving 0 The following parameters are configurable for the function Daylight Saving and described in detail Day Light Saving Start This is used to set when to start performing the day light saving time Mth Range is 1 12 Default 1 Day Range is 1 31 Default 1 Hour Range is 0 23 Default 0 Day Light Saving End This is used to set when to stop performing the daylight saving time Mth Range is 1 12 D
100. e Mechanical version The version of Hardware and Mecha nical The figure before the hyphen is the version of electronic hard ware the one after the hyphen is the version of mechanical Serial number The number is assigned by the manufacturer Host IP address The IP address of the switch Host MAC address It is the Ethernet MAC address of the management agent in this switch Device Port Show all types and numbers of the port in the switch RAM size The size of the DRAM in this switch Flash size The size of the flash memory in this switch IP Configuration IP configuration is one of the most important configurations in the switch Without the proper setting network manager will not be able to manage or view the device The switch supports both manual IP address setting and automatic IP address setting via DHCP server When IP address is changed you must reboot the switch to have the setting taken effect and use the new IP to browse for web management and CLI management LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management IP Configuration ETT SEE 252552550 v LT HE 192 168 2 100 Function name IP Configuration Function Description Set IP address subnet mask default gateway and DNS for the switch Parameter Description DHCP Setting DHCP is the abbreviation of Dynamic Host Configu
101. e Drop Policy Static A MAC address is assigned to a specific port all of the Switch s traffics sent to this MAC address will be forwarded to this port Static with Destination Drop While the DA of the incoming packets meets the value you set up these packets will be drop ped Static with Source Drop While the SA of the incoming packets meets the value you set up these packets will be dropped Port Select the port No you would like to do setup in the switch It is 1 26 m Function name MAC Alias m Function Description MAC Alias function is used to let you assign MAC address a plain English name This will help you tell which MAC address belongs to which user in the illegal access report At the initial time it shows all pairs of the existed alias name and MAC address There are three MAC alias functions in this function folder including MAC Alias Add MAC Alias Edit and MAC Alias Delete You can click Create Edit button to add modify a new or an existed alias name for a specified MAC address or mark an existed entry to delete it Alias name must be composed of A Z a z and 0 9 only and has a maximal length of 15 cha racters 71 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 72 4 11 W Function name MAC Alias Create Edit or Delete m Function Description In the MAC Alias function MAC Alias Add Edit func tion is used to
102. e combinations of 10 100M and Full Half duplex 1000Mbps and Full duplex only If the media is 1000Mbps with fiber media it will show only 1000M Full duplex Default None depends on the result of the negotiation Rx Pause The way that the port adopts to process the PAUSE frame If it shows on the port will care the PAUSE frame otherwise the port will ignore the PAUSE frame Default None Tx Pause It decides that whether the port transmits the PAUSE frame or not If it shows on the port will send PAUSE frame otherwise the port will not send the PAUSE frame LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Default None Port 25 Detail Information Connector Type SFP LC UTI REN Single Mode SM Tx Central Wavelength 1310 16 Vendor OUI 00 40 c7 ITI HEN Tech Vendor PN SFP LC S10 Vendor SN 7717010064 Date Code 070717 Temperaue none Ic 0 85 o LII ore LTWVLT NEN one LTHVL HEN one m Parameter description of Port 25 and Port 26 Connector Type Display the connector type for instance UTP SC ST LC and so on Fiber Type Display the fiber mode for instance Multi Mode Single Mode Tx Central Wavelength Display the fiber optical transmitting central wavelength for instance 850nm 1310nm 1550nm and so on Baud Rate Display the maximum baud rate of the fiber module sup ported for instance 10M 100M 1G and so on Vendor OUI Display the Manufact
103. e manager allows the power supplied to the PD is legal while the port linked to the PD Disable means the port does not own PoE function Priority Three options are offered for the user to choose including Normal Low and High Default is Normal The switch will stop supp lying the power to the port based on the order of the priority LowtNormaltHigh in case total power required by all PDs linked to the switch excesses the power limit As the ports have the same prio rity then the switch will cease the power supplement from the port with the highest port id 1211 Power W The power is consumed by the port Current mA The current is supplied to the PD by the port 55 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 56 4 5 4 6 Class The Class of the PD linked to the port of the switch Loop Detection The loop detection is used to detect the presence of traffic When switch recei ves packet s looping detection frame MAC address the same as oneself from port show Loop detection happens The port will be locked when it received the looping detection frames If you want to resume the locked port please find out the looping path and take off the looping path then select the resume the locked port and click on Resume to turn on the locked ports m Loop Detection Display whether switch open Loop detection m Parameter P
104. e ranges from 1 100 with the minimum unit of 1 And only integer is acceptable Default is 100 QoS Quality of Service Configuration The switch supports 5 kinds of QoS are as follows MAC Priority 802 1p Pri ority IP TOS Priority and DiffServ DSCP Priority Port Based Priority has a spe cial name called VIP Port in the switch Any packets enter VIP Port will have highest transmitting priority MAC Priority act on the destination address of MAC in packets VLAN tagged Priority field is effected by 802 1p Priority set ting IP TOS Priority affects TOS fields of IP header and you can find it has 8 109 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 110 bit SERVICE TYPE field that specifies how the datagram should be handled The field could be divided into six subfields as follows PRECEDENCE 3 bits D Type Delay Priority 1 bit T Type Throughput Priority 1bit R Type Reli ability Priority 1bit M Type Monetary Cost Priority 1bit and UNUSED 1bit User can randomly control these fields to achieve some special QoS goals When bits D T R or M set the D bit requests low delay the T bit requests high throughput the R bit requests high reliability and the M bit requests low cost Precedence t t Precedence Vorrangssteuerung MBZ Must Be Zero DiffServ DSCP Priority act on DSCP field of IP Header In the late 1990s the IETF redefined the meaning of the
105. e the settings of Link Aggregation You can bundle more than one port with the same speed full duplex and the same MAC to be a single logical port thus the logical port aggregates the bandwidth of these ports This means you can apply your cur rent Ethernet equipments to build the bandwidth aggregation For example if there are three Fast Ethernet ports aggregated in a logical port then this logical port has bandwidth three times as high as a single Fast Ethernet port has The switch supports two kinds of port trunking methods Lac Ports using Link Aggregation Control Protocol according to IEEE 802 3ad specification as their trunking method can choose their unique LACP GroupID 1 3 to form a logic trunked port The benefit of using LACP is that a port makes an agreement with its peer port before it becomes a ready member of a trunk group also called aggregator LACP is safer than the other trunking method static trunk 83 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 84 The switch LACP does not support the followings Link Aggregation across switches Aggregation with non IEEE 802 3 MAC link Operating in half duplex mode Aggregate the ports with different data rates Static Trunk Ports using Static Trunk as their trunk method can choose their unique Static GroupID also 1 3 this Static grouplD can be the same with another LACP groupID to form a logic trunked port The
106. e value contact A b c d z and 1 2 3 etc Example PSES 2126C system set contact Taipei set device name Syntax set device name device name Description To set the device name description of the switch Argument device name string length up to 40 characters Possible value device name A b c d z and 1 2 3 etc Example PSES 2126C system set device name CR 2600 set location Syntax set location location Description To set the location description of the switch Argument location string length up to 40 characters Possible value ocation gt A b c d z and 1 2 3 etc Example PSES 2126C system set location Taipei LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management E show Syntax show Description To display the basic information of the switch Argument None Possible value None Example PSES 2126C system show Model Name PSES 2126C System Description 24 Port 10 100BaseT TX Managed PoE Switch Location Contact Device Name PSES 2126C System Up Time 0 Days 0 Hours 4 Mins 50 Secs Current Time Wed Feb 08 16 55 29 2006 BIOS Version v1 05 Firmware Version v2 07 Hardware Mechanical Version vi1 01 v1 01 Serial Number 03
107. eAuthMax 1 10 txPeriod 1 65535 s Auto v Quiet Period 0 65535 s reAuthEnabled reAuthPeriod 1 65535 s max Request 1 10 suppTimeout 1 65535 s Server Timeout 1 65535 s 130 4 15 TACACS 4 15 1 For LANCOM ES 2126 only Introduction TACACS Terminal Access Controller Access Control System is a protocol for authentication authorization and accounting AAA It thus provides access to the network for authorized users only it regulates the rights of those users and it is a logging mechanism to keep track of user actions TACACS is an alternative to other AAA protocols such as RADIUS TACACS is required in order to meet with PCI compliance Payment O Card Industry Modern networks with their numerous services and network components pre sent a massive challenge in terms of controlling user access rights In large installations in particular the overhead would be enormous to keep user data 97 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 98 4 15 2 consistent on all devices or for all services For this reason user data should be managed on a central server As a simple example a user wishes to register at a router and sends the cor responding login details user ID to it In this case the router functions as a Network Access Server NAS It does not check the user data itself rather the data is forw
108. ecurity Through the management security configuration the manager can do the strict setup to control the switch and limit the user to access this switch The following rules are offered for the manager to manage the switch When no lists exists then it will accept all connections Accept When only accept lists exist then it will deny all connections excluding the connection inside of the accepting range When only deny lists exist then it will accept all connections excluding the connection inside of the denying range 40 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management When both accept and deny lists exist then it will deny all connections excluding the connection inside of the accepting range Deny Deny LJ When both accept and deny lists exist then it will deny all connections excluding the connection inside of the accepting range and NOT inside of the denying range at the same time Deny Acc Deny Ace Deny Function name Management Security Configuration m Function Description The switch offers Management Security Configura tion function With this function the manager can easily control the mode that the user connects to the switch According to the mode users can be classified into two types Those who are able to connect to the switch Accept and those who are unable to connect to the switch Deny Some restrictions also c
109. ed Duplex 100M Full A VLAN ID 1 m The left icon shows the config state 27 28 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 3 Configuring and monitoring the LANCOM switch 3 3 2 Gray The port is deactivated in the configuration Yellow The port is activated in the configuration The right hand icon shows the link state Gray No active network device is connected to the port Green A network device is connected to the port and active Apart from the status LANmonitor displays the VLAN ID for each port and the detected data rate at active ports connected to active network devices Port PoE status LANmonitor displays the current PoE status of all of the device s ports This includes the state configured by the admin PoE enabled or disabled and the current power feed to connected devices Each port is displayed with two colored symbols in LANmonitor lolx File Device View Tools Help amp Qiiid ae BQ QD S sy w x fp ES 2126P_QS_MP B Y Ethernet ports PoE Active Summary Total power 185 W Actual power 27 W Ports Elf Port 1 Status Disabled ef Port 2 Status Supply inactive fe Port 3 ofp Port 4 s s Port 5 s Port 6 f Port 7 Status Supply active Power dassification Class 2 m The left icon shows the PoE configuration
110. ed in each trap record E Parameter LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management No Display the order number that the trap happened Time Display the time that the trap happened Desc Displays a description event recorded in the System Log Clear EN Clear log data 4 3 Port Four functions including Port Status Port Configuration Simple Counter and Detail Counter are contained in this function folder for port monitor and management Each of them will be described in detail orderly in the following section 4 3 1 Port Configuration Port Configuration is applied to change the setting of each port In this confi guration function you can set reset the following functions All of them are described in detail below Port Configuration Port No State SpeediDuplex_ Flow Control _ E Enable v Auto yi Symmetric ES Enable Auto yi Symmetric Ea Enable Auto Symmetric Y Em Enable Auto v Symmetric v EG Enable v Auto v Symmetric v EH Enable Y Auto Symmetric Enable v Auto v Symmetric v uM Enable Auto Symmetric Y BN Enable Auto v Symmetric v 10 Enable Auto v Symmetric v ESI Enable Auto vl Symmetric Y EX Enable v Auto y Symmetric v m Function name Port Configuration 45 LANCOM ES 2126 und LANCOM
111. ee Configuration there are six parameters open for the user to configure as user s idea Each parameter description is listed below W Function name STP Configuration W Function Description User can set the following Spanning Tree parame ters to control STP function enable disable select mode RSTP STP and affect STP state machine behavior to send BPDU in this switch The default setting of Spanning Tree Protocol is Disable m Parameter Description Spanning Tree Protocol Set 802 1W Rapid STP function Enable Disable Default is Disable Bridge Priority The lower the bridge priority is the higher priority it has Usually the bridge with the highest bridge priority is the root If you want to have the PSES 2126Cas root bridge you can set this value lower than that of bridge in the LAN The valid value is 0 61440 The default is 32768 Hello Time Hello Time is used to determine the periodic time to send normal BPDU from designated ports among bridges It decides how long a bridge should send this message to other bridge to tell am alive When the PSES 2126Cis the root bridge of the LAN for example all other bridges will use the hello time assigned by this Switch to communicate with each other The valid value is 1 10 in unit of second Default is 2 seconds Max Age When the PSES 2126Cis the root bridge the whole LAN will apply this figure set by this switch as their maximum age time When a bridge received a BP
112. efault 1 Day Range is 1 31 Default 1 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management Hour Range is 0 23 Default 0 System Time Setting Current Time Wed Jun 18 19 32 12 2008 Year 2008 2000 2036 Month 6 1 12 Day 18 1 31 Hour 19 0 23 Minute 32 0 59 Second 12 0 59 209 81 9 7 USA 137 189 8 174 HK 133 100 9 2 JP Time Zone GMT 8 00 131 188 3 222 Germany 4 2 4 Account Configuration In this function only administrator can create modify or delete the username and password Administrator can modify other guest identities password wit hout confirming the password but it is necessary to modify the administrator equivalent identity Guest equivalent identity can modify his password only Please note that you must confirm administrator guest identity in the field of Authorization in advance before configuring the username and password Only one administrator is allowed to exist and unable to be deleted In addi tion up to 4 guest accounts can be created The default setting for user account is m Username admin m Password admin The default setting for quest user account is BW Username guest 39 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management E Password guest Account Configuration Authorization admin Administrator guest Guest create New E E 4 25 Management S
113. emale DB 9 connector Null modem cable comes with the management switch Refer to the Appendix B for null modem cable configuration Attach the DB 9 female connector to the male DB 9 serial port connector on the Management board Attach the other end of the DB 9 cable to an ASCII terminal emulator or PC Com 1 2 port For example PC runs Microsoft Windows HyperTerminal utility At Com Port Properties Menu configure the parameters as below see the next section Baud rate 57600 Stop bits 1 Data bits 8 Parity N Flow control none 5 1 1 Login The command line interface CLI is a text based interface User can access the CLI through either a direct serial connection to the device or a Telnet session The default values of the managed switch are listed below Username admin Password admin After you login successfully the prompt will be shown as if you are the first login person and your authorization is administrator otherwise it may show See the following two figures The former means you behave as an administrator and have the access right of the system As to the latter it means you behave as a guest and are only allowed to view the system without the permission to do any setting for this switch LANCOM ES 2126 und LANCOM ES 2126P m Chapter 5 Operation of CLI Management Managed Switch PSES 2126C Login admin Password PSES 2126C Fig 4 1 Managed Switch PSES 2
114. ement 100 Access Configuration Access Login Primary Login Secondary HW Authorization State Activates authorization via TACACS server If TACACS authorization is activated all authorization data is transmitted via TACACS protocol to the configured TACACS server On the TACACS server authorization can be defined separately for each of the configuration groups The authorization for the following commands can be defined separately in the TACACS server 802 1X Account Alarm Autologout Bandwidth Config file DHCP boot Diagnostics Firmware GVRP Hostname IGMP Snooping IP Log Loop detection MAC table Management Port LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management QoS Reboot Security SNMP STP System TACACS4 TFTP Time Trunk VLAN Virtual Stack The arguments show and set can be permitted or restricted separately for each command For the admin account all undefined commands must be permitted e g using the Permit Unmatched Commands and Permit Unmat ched Args options in the TACACS server configuration TACACS authorization will only activate if the defined TACACS ser D ver is available If TACACS authorization is acti
115. ents Argument range gt del the range of email sms and trap of events syntax 1 5 7 A Possible value range gt 1 22 A Example PSES 2126C alarm events del all 1 3 del email Syntax del email lt range gt Description To disable the email of the events Argument range gt del the range of email syntax 1 5 7 A Possible value range gt 1 22 A Example PSES 2126C alarm events del email 1 3 del sms Syntax del sms lt range gt Description LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management To disable the sms of the events Argument range gt del the range of sms syntax 1 5 7 A Possible value range 1 22 A Example PSES 2126C alarm events del sms 1 3 del trap Syntax del trap lt range gt Description To disable the trap of the events Argument range gt del the range of trap syntax 1 5 7 Possible value range gt 1 22 A A Example PSES 2126C alarm events del trap 1 3 set all Syntax set all range Description To enable email sms and trap of events Argument range gt set the range of email sms and trap of events syntax 1 5 7 Possible value range 1 22 Example PSES 2126C alarm events set all 1 3 set email Syntax s
116. er Ports 1 Ready Ports 1 Aggregator 2 Method LACP Member Ports 2 Ready Ports show lacp config Syntax how lacp config n Description To display the value of LACP Priority 227 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 228 Argument None Possible value None Example PSES 2126C trunk show lacp config LACP System Priority 33333 Hash Method DA show lacp detail Syntax how lacp detail lt aggtr gt n Description To display the detailed information of the LACP trunk group Argument aggtr gt aggregator available from 1 to 26 A Possible value aggtr gt 1 to 26 A Example PSES 2126C trunk show lacp detail 2 Aggregator 2 Information Actor Partner System Priority MAC Address System Priority MAC Address 32768 00 40 c7 e8 00 02 32768 00 00 00 00 00 00 Port Key Trunk Status Port Key LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 2 257 2 0 B show status Syntax show status Description Description To display the aggregator status and the settings of each port Argument None Possible value None Example PSES 2126C trunk show status Trunk Port Setting Trunk Port Status port Method Group Active LACP Aggtregator Status Lm Active 1 Ready A
117. er that every port supplies Power Limit The maximal power that the switch can supply Read Only Temperature The temperature of the chip on PoE 53 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 54 Port No Port number Port On Shows whether the port is supplying the power to the PD or not AC Disconnect Port Off Port is turned off due to the AC Disconnect function DC Disconnect Port Off Port is turned off due to the DC Disconnect function Overload Port Off The switch will stop supplying the power to the port due to the power required by the PD that is linked to the port on the Switch excesses the Class setting of the PD Short Circuit Port Off The switch will stop supplying the power to the port if it detects that the PD linked to the port is short circuit Over Temp Protection The port of the switch will be disabled due to fast transient rise in temperature to 240 C or slow rise in temperature to 200 C Power Management Port Off Due to total power required by all PDs linked to the switch excesses the power limit so the switch stops sup plying the power to this port after referring to the information of the priority Function name PoE Configuration m Function Description In PoE Port Management function user can confi gure the settings about PoE The switch complies with IEEE 802 3af protocol and be capable of detec ting a
118. ess filtering list or egress filtering list the packet will be screened with more filtering criteria to determine if it can be forwarded The switch supports supplement of 802 1q Each tag based VLAN you built up must be assigned VLAN name and VLAN ID Valid VLAN ID is 1 4094 User can create total up to 256 Tag VLAN groups Port based Port based VLAN is defined by port Any packet coming in or out going from any one port of a port based VLAN will be accepted No filtering criterion applies in port based VLAN The only cri terion is the physical port you connect to For example for a port based VLAN named PVLAN 1 contains port members Port LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 1828384 If you are on the port 1 you can communicate with port 26384 If you are on the port 5 then you cannot talk to them Each port based VLAN you built up must be assigned a group name This switch can support up to maximal 26 port based VLAN groups Symmetric Vlan This is a Ingress Rule Rule 1 The Ingress Filtering Rule 1 is forward only packets with VID matching this port s configu red VID For example if port 1 receives a tagged packet with VID 100 VLAN name VLAN100 and if Symmetric Vlan function is enabled the switch will check if port 1 is a member of VLAN100 If yes the received packet is forwarded otherwise the received packet is dropped No
119. et email range 147 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Description To enable the email of the events Argument range gt set the range of email syntax 1 5 7 Possible value range 1 22 Example PSES 2126C alarm events set email 1 3 E set sms Syntax set sms lt range gt Description To enable the sms of the events Argument range gt set the range of sms syntax 1 5 7 A Possible value range gt 1 22 A Example PSES 2126C alarm events set sms 1 3 E set trap Syntax set trap lt range gt Description To enable the trap of the events Argument range gt set the range of trap syntax 1 5 7 A Possible value range gt 1 22 A Example PSES 2126C alarm events set trap 1 3 m show Syntax 148 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management show Description The Show here is used to display the configuration of alarm event Argument None Possible value None Example PSES 2126C alarm events show Events Email SMS Trap Cold Start Warm Start V V Link Down V Link Up V V Authentication Failure User Login User Logout STP Topology Changed Oo oco NA WD Oo e W YP Lr STP Disabled STP En
120. f the system Manual This is the function to adjust the time manually Filling the valid figures in the fields of Year Month Day Hour Minute and Second respectively and press Apply button time is adjusted The valid figures for the parameter Year Month Day Hour Minute and Second are gt 2000 1 12 1 31 0 23 0 59 and 0 59 respectively Input the wrong figure and press Apply button the device will reject the time adjustment request There is no time zone setting in Manual mode Default Year 2000 Month 1 Day 1 Hour 0 Minute 0 Second 0 NTP NTP is Network Time Protocol and is used to sync the network time based Greenwich Mean Time GMT If use the NTP mode and select a built in NTP time server or manually specify an user defined NTP server as well as Time Zone the switch will sync the time in a short after pressing Apply button Though it synchronizes the time automatically NTP does not update the time periodically without user s processing Time Zone is an offset time off GMT You have to select the time zone first and then perform time sync via NTP because the switch will com bine this time zone offset and updated NTP time to come out the local time otherwise you will not able to get the correct time The switch supports configurable time zone from 12 to 13 step 1 hour Default Time zone 8 Hrs Daylight Saving Daylight saving is a
121. few seconds later the Switch will report you the pinged device is alive or dead in the field of Ping Result m Parameter Description IP Address An IP address with the version of v4 e g 192 168 1 1 Default Gateway IP address of the default gateway For more details please see the section of IP address in Chapter 2 Ping Test Paw oo Default Gateway 0 0 0 0 Ping Input an address to ping ex 192 168 1 1 4 20 4 Watchdog m Watchdog Watchdog function is a tool for detecting if the target device is alive or not through supports to ping one host IP address It can be configured via web UI CLI and SNMP It supports continuing ping failed times counter setting If only one time Ping successful then all Ping Failed Counter will reset to zero and re account W Parameter State To enable or disable the watchdog function Default is disable 120 4 21 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management Time Gap To support the time gap for ping test Host To support to ping one host IP address You need to configure one host IP address which you want to ping it Reset the management CPU Interface When ping failure time reach configured value then switch will reset the managed switch s CPU interface Default state is disable Fail Count Default Ping Failed Count 10 Range for Setting 1 20 Reboot the sy
122. functions including MAC Table Infor mation MAC Table Maintenance Static and MAC Alias which cannot be categorized to some function type They are described below M Function name MAC Table Information m Function Description Display the static or dynamic learning MAC entry and the state for the selected port 68 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management m Parameter Description Port Select the port you would like to inquire Search Set up the MAC entry you would like to inquire The default is 22 2 MAC Display the MAC address of one entry you selected from the searched MAC entries table Alias Set up the Alias for the selected MAC entry Set Alias Save the Alias of MAC entry you set up EN Search Find the entry that meets your setup Previous Page Move to the previous page Next Page Move to the next page Alias The Alias of the searched entry MAC Address The MAC address of the searched entry Port The port that exists in the searched MAC Entry VID VLAN Group that MAC Entry exists State Display the method that this MAC Entry is built It may show Dynamic MAC or Static MAC MAC Table Information vjo1 v o2 v os Mos v o5 iv1o6 v 07 los v oo v 10 v 11 lv 12 lv 13 v 14 iv 15 X 16 v 17 IV 18 v 19 v 20 v 21 1v 22 v123 v 24 v125 iv 26
123. g and monitoring the LANCOM switch Export file path Export start You can export the start configuration from the flash memory Export user conf You can export the user configuration from the flash memory Import file path Import start You can import the start configuration to the flash memory here Import user conf You can import the user configuration to the flash memory here 3 3 Monitoring the LANCOM switch with LANmonitor The current state of the device and all ports can be monitored using the LEDs on the front panel With LANmonitor the devices can be observed from any workstation without being able to see the LEDs Besides the status informa tion provided by the LEDs the LANmonitor provides further important infor mation on the ports 3 3 1 Ethernet port status LANmonitor displays the current status of all of the device s Ethernet ports This includes monitoring of the state as configured by the admin config state and the actual state link state of the port Each port is displayed with two colored symbols in LANmonitor iBixi Ele Device View Tools Help S S S 9 E e Lia 63 XK f Ethernet Ports 3 Fast Ethernet Port 1 f Config state Down Link state Down f VLAN ID 192 YS Fast Ethernet Port 2 f Config state Up f Link state Down f VLAN ID 1 Ye Fast Ethernet Port 3 Y Config state Up AF Link state Up f Spe
124. h the storm control one can set a common limit for the permitted percentage of the broadcast multicast and unicast packets in comparison to the whole data traffic If this limit is reached the data packets of the corresponding type are discarded The storm control can be activated separately for the different packet types 4 19 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Bandwidth Storm Control Disable w 100 1 100 Parameter Description Storm Type Disable Disable the function of the bandwidth storm control Broadcast Storm Control Enable the function of bandwidth storm control for broadcast packets Multicast Storm Control Enable the function of bandwidth storm control for multicast packets Unknown Unicast Storm Control Enable the function of band width storm control for unknown unicast packets These packets are the MAC address that had not completed the learning process yet Broadcast Multicast Unknown Unicast Storm Control Enable the function of bandwidth storm control for all packets in transmis sion Storm Rate Set up the limit of bandwidth for the storm control With a storm rate of 15 all data packets activated for storm control are discarded if the percentage of broadcast multicast or unicast packets exceeds 15 of the ports maximum bandwidth e g 15 mbps on a 100 mbps port Valid value of the storm rat
125. he ports The LANCOM switch can be managed with the clearly structured Webconfig and is supported by the LANCOM Management Tools LANconfig and LANmonitor Model variants This documentation is intended for LANCOM switch users The following models are available m The LANCOM ES 2126 without PoE support m The LANCOM ES 2126P with PoE support Passages applying only to certain models are identified either in the text itself or by a comment in the margin Otherwise the documentation refers to all models collectively as the LANCOM switch series This documentation was created by several members of our staff from a variety of departments in order to ensure you the best possible support when using your LANCOM product Should you find any errors or if you would like to suggest improvements ple ase do not hesitate to send an e mail directly to info lancom de Our online services www lancom systems com are available to you around the clock if you have any questions on the content in this 3 LANCOM ES 2126 und LANCOM ES 2126P B Preface manual or if you require any further support The area Support will help you with many answers to frequently asked questions FAQs Furthermore the knowledgebase offers you a large reserve of infor mation The latest drivers firmware utilities and documentation are constantly available for download In addition LANCOM Support is available For telephone numbers and con
126. he specified authentication algorithm MD5 or OTP to Authentication server via the authenticator PAE As per the value of the type field in message PDU the authentication server knows which algorithm should be applied to authenticate the credential information EAP MD5 Message Digest 5 or EAP OTP One Time Password or other else algorithm If user ID and password is correct the authentication server will send a Radius Access Accept to the authenticator If not correct the authentica tion server will send a Radius Access Reject When the authenticator PAE receives a Radius Access Accept it will send an EAP Success to the supplicant At this time the supplicant is authori zed and the port connected to the supplicant and under 802 1x control is in the authorized state The supplicant and other devices connected to this port can access the network If the authenticator receives a Radius Access Reject it will send an EAP Failure to the supplicant This means the supplicant is failed to authenticate The port it connected is in the unauthorized state the supplicant and the devices connected to this port won t be allowed to access the network When the supplicant issue an EAP Logoff message to Authentication ser ver the port you are using is set to be unauthorized 91 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management Radius Server Port connect Access blocked Rad
127. hould receive the alarm message via email It depends on your settings An email address has to be set in the web page of alarm confi guration Then user can read the trap information from the email This function provides 6 email addresses at most The 22 different trap events Will be sent out to SNMP Manager when trap event occurs After ticking trap events you can fill in your desired email addresses numbers Then please click Apply button to complete the alarm configuration It will take effect in a few seconds W Parameter Description 103 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 104 4 17 Email Mail Server the IP address of the server transferring your email Username your username on the mail server Password your password on the mail server Email Address 1 6 email address that would like to receive the alarm message Alarm Configuration Mail Server Username Password Email Address 1 Email Address 2 Email Address 3 Email Address 4 Email Address 5 Email Address 6 Security W Function name Mirror Configuration BFunction Description Mirror Configuration is to monitor the traffic of the network For example we assume that Port A and Port B are Monitoring Port and Monitored Port respectively thus the traffic received by Port B will be copied to Port A for monitoring
128. hr gt dayligh MM dayligh DD dayligh HH dayligh mm dayligh dd dayligh hh dayligh Possible value hr iosbs Lo 5 MM 01 12 DD 01 31 HH 00 23 mm 01 12 dd 01 31 hh 00 23 Example savi savi savi savi savi savi ing hour range 5 to 5 ng start Month 01 12 ng start Day 01 31 ng start Hour 00 23 ng end Month 01 12 ng end Day 01 31 ng end Hour 00 23 PSES 2126C time set daylightsaving 3 10 12 01 11 12 01 set manual Syntax set manual lt YYYY MM DD gt lt hh mm ss gt Description To set up the current time manually Argument YYYY Year 2000 2036 MM Month 01 12 DD Day 01 31 hh Hour 00 23 mm Minute 00 59 lt ss gt Second 00 59 Possible value 223 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 224 YYYY 2000 2036 MM 01 12 DD 01 31 hh 00 23 mm 00 59 ss 00 59 Example PSES 2126C time set manual 2005 04 21 16 18 50 set ntp Syntax set ntp ip lt timezone gt Description To set up the current time via NTP server Argument ip ntp server ip address or domain name lt timezone gt time zone GMT range 12 to 13 Possible value lt timezone gt 12 11 0
129. id lt port_range gt lt pvid gt lt default_priority gt Description To set VLAN PVID and port pripority LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Argument port range which port s you want to set PVID s Syntax 1 5 7 available from 1 to 26 pvid which PVID you want to set available from 1 to 4094 default priority which priority you want to set available from 0 to 7 Possible value port range 1 to 26 EN pvid 1 to 4094 default priority 0 to 7 Example PSES 2126C VLAN set pvid 3 5 6 8 5 6 W set tag group Syntax set tag group vid lt name gt member range lt untag_range gt Description To add or edit the tag based VLAN group Argument vid VLAN id from 1 to 4094 lt name gt tag VLAN group name member range member port syntax 1 5 7 available from 1 to 26 untag range untagged out port syntax 1 5 7 available from 0 to 26 set untag range to 0 as none of the ports are force untagged Possible value vid 1 to 4094 member range 1 to 26 untag range 0 to 26 Example PSES 2126C VLAN set tag group 2 VLAN 2 2 5 6 15 13 0 HW show config Syntax 235 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 236 show config
130. ify the IP address of DNS One is fixed mode which manually specifies its IP address the other is dynamic mode which is assigned by DHCP server while DHCP is enabled DNS can help you easily remember the mnemonic address name with the meaningful words in it Default is no assignment of DNS address Default 0 0 0 0 Time Configuration The switch provides manual and automatic ways to set the system time via NTP Manual setting is simple and you just input Year Month Day Hour Minute and Second within the valid value range indicated in each item If you input an invalid value for example 61 in minute the switch will clamp the figure to 59 NTP is a well known protocol used to synchronize the clock of the switch sys tem time over a network NTP an internet draft standard formalized in RFC LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 1305 has been adopted on the system is version 3 protocol The switch pro vides four built in NTP server IP addresses resided in the Internet and an user defined NTP server IP address The time zone is Greenwich centered which uses the expression form of GMT xx hours m Function name Time W Function Description Set the system time by manual input or set it by syn cing from Time servers The function also supports daylight saving for dif ferent area s time adjustment m Parameter Description Current Time Shows the current time o
131. ig GVRP state Disable Port Join Time Leave Time LeaveAll Time Applicant Registrar Restricted 167 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 168 23 24 25 26 Disabl Disabl Disabl Disabl 20 e 20 e 20 e 20 e show counter Syntax show counter port Description To show counter of the port Argument port port number available from 1 to 26 Possible value port 1 to 26 Example PSES 2126C gvrp show counter 2 GVRP Counter port 2 60 60 60 60 60 60 1000 1000 1000 1000 1000 1000 1000 1000 Normal Normal Normal Normal Normal Normal Normal Normal al al al al al al al al LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Counter Name Received Transmitted Total GVRP Packets Invalid GVRP Packets LeaveAll message JoinIn message 0 0 0 JoinEmpty message 0 0 LeaveEmpty message 0 0 ES 2 OG 2 Empty message m show group Syntax show group Description To show the gvrp group Argument None Possible value None Example PSES 2126C gvrp show group GVRP group information Current Dynamic Group Number 0 VID Member Port hostname m hostname
132. ill allow the only one who logins first to configure the system The rest of users even with adminis trator s identity can only monitor the system For those who have no adminis 4 1 Port Loop Detection SNMP DHCP Boot IGMP Snooping VLAN I MAC Table I TACACS Alarm Configuration Security Bandwidth I QoS Diagnostics TFTP Server Log Firmware Upgrade Reboot Logout LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management trator s identity can only monitor the system There are only a maximum of three users able to login simultaneously in the switch To optimize the display effect we recommend you use Microsoft IE 6 0 above or current FireFox and have the resolution 1024x768 The switch supported neutral web browser interface Web Management Home Overview After you login the switch shows you the system information This page is default and tells you the basic information of the system including Model Name System Description Location Contact Device Name System Up Time Current Time BIOS Version Firmware Version Hardware Mechanical Version Serial Number Host IP Address Host MAC Address Device Port RAM Size and Flash Size With this information you will know the software version used MAC address serial number how many ports good and so on This is helpful while malfunctioning System Information Model Name LANCOM ES
133. iority Show this switch s current bridge priority setting Default is 32768 Designated Root Show root bridge ID of this network segment If this switch is a root bridge the Designated Root will show this switch s bridge ID Designated Priority Show the current root bridge priority Root Port Show port number connected to root bridge with the lowest path cost Root Path Cost Show the path cost between the root port and the designated port of the root bridge 77 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 78 Current Max Age Show the current root bridge maximum age time Maximum age time is used to monitor if STP topology needs to change When a bridge does not receive a hello message from root bridge until the maximum age time is counted down to 0 the bridge will treat the root bridge malfunctioned and issue a Topology Change Notification TCN BPDU to all other bridges All bridges in the LAN will re learn and determine which the root bridge is Maximum Age time is assigned by root bridge in unit of seconds Default is 20 seconds Current Forward Delay Show the current root bridge forward delay time The value of Forward Delay time is set by root The Forward Delay time is defined as the time spent from Listening state moved to Learning state or from Learning state moved to Forwarding state of a port in bridge
134. ipant Normal 2 Non Participant Normal 3 Non Participant Normal 4 Non Participant Normal 5 Non Participant Normal 6 Non Participant Normal 7 Normal Normal 8 Normal Normal 12 Normal Normal 13 Normal Normal 23 Normal Normal 24 Normal Normal 25 Normal Normal 26 Normal Normal PSES 2126C gvrp group 2 set registrar 1 10 fixed PSES 2126C gvrp group 2 show GVRP group VID 2 Port Applicant Registrar 1 Non Participant Fixed 2 Non Participant Fixed 3 Non Participant Fixed 4 Non Participant Fixed 163 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 164 5 Non Participant Fixed 6 Non Participant Fixed 7 Normal Fixed 8 Normal Fixed 9 Normal Fixed 10 Normal Fixed 17 Normal Normal 23 Normal Normal 24 Normal Normal 25 Normal Normal 26 Normal Normal set applicant Syntax set applicant range normal non participant Description To set default applicant mode for each port Argument range port range syntax 1 5 7 available from 1 to 26 normal set applicant as normal mode non participant set applicant as non participant mode Possible value range 1 to 26 normal non participant normal or non participant Example PSES 2126C gvrp f set applicant 1 10 non participant set registrar Syntax set registrar range lt normallfixed forbidden gt Description LANCOM
135. iption Save and Reboot Save the current settings as start configuration before rebooting the switch Reboot Reboot the system directly Reboot the System Save and Reboot Saving Configuration and Reboot Reboot the System 124 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 4 25 Logout You can manually logout by performing Logout function In the switch it pro vides another way to logout You can configure it to logout automatically m Function name Logout m Function Description The switch allows you to logout the system to pre vent other users from the system without the permission If you do not logout and exit the browser the switch will automatically have you Ea logout Besides this manually logout and implicit logout you can pull down the lt Auto Logout gt list at the left top corner to explicitly ON OFF this logout function B Parameter Description Auto Logout Default is ON If it is ON and no action and no key is stroke as well in any function screen more than 3 minutes the switch will have you logout automatically mmm Logout 125 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 126 5 Operation of CLI Management 5 1 CLI Management Refer to Chapter 2 for basic installation The following description is the brief of the network connection Locate the correct DB 9 null modem cable with f
136. ius Access Request EAP Response dentity Radius Access Challenge EAP Request EAP Response cred Radius Access Request Ns A a Ro EAP Success Radius Access Accept Access allowed Only MultiHost 802 1X is the type of authentication supported in the switch In this mode for the devices connected to this port once a supplicant is authorized the devices connected to this port can access the network resource through this port 802 1x Port based Network Access Control function supported by the switch is little bit complex for it just support basic Multihost mode which can dis tinguish the device s MAC address and its VID The following table is the sum mary of the combination of the authentication status and the port status versus the status of port mode set in 802 1x Port mode port control state set in 802 1x port setting Here Entry Authorized means MAC entry is authorized Port Mode Port Control Authentication Port Status Disable Don t Care Don t Care Port Uncontrolled Multihost Auto Successful Port Authorized Multihost Auto Failure Port Unauthorized Multihost ForceUnauthorized Don t Care Port Unauthorized Multihost ForceAuthorized Don t Care Port Authorized Table 3 3 92 m Function name 802 1x State Setting LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management m Function Description This function is used to configure the global para meters for RADIUS a
137. key which is configured in the TACACS server Arguments Secret key maximum 31 characters Example ES 2126 tac plus set key secret Sets the encryption key to secret set retry Syntax set retry lt retry gt Description Sets the access retry value When the login failed for the number of retries the secondary login method will be used If TACACS is defined as primary access mode the secondary TACACS server is used after the number of login failures has reached the access retry value After the number of login failures has reached the access retry LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management value even on the secondary TACACS server the secondary login method will be used Arguments retry 1 to 3 Example ES 2126 tac plus set retry 2 Sets the access retry value to 2 set telnet access Syntax set telnet access method1 method2 Description Sets the primary and secondary access mode for the login via telnet Arguments Method from 0 to 2 0 Authentication via local user accounts of the device 1 Authentication via TACACS Server 2 No authentication required for method 2 only Example ES 2126 tac plus set telnet access 1 0 Sets the primary access mode for the login via telnet to TACACS and the Secondary access mode to local user accou
138. l Enable Normal oS oS cS Sa X X eS X o UV a a d C X UC eS ao Oo cC uU LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 9 Normal Enable Normal 0 0 0 0 10 Normal Enable Normal 0 0 0 0 11 Normal Enable Normal 0 0 0 0 12 Normal Enable Normal 0 0 0 0 13 Normal Enable Normal 0 0 0 0 14 Normal Enable Normal 0 0 0 0 15 Normal Enable Normal 0 0 0 0 16 Normal Enable Normal 0 0 0 0 17 Normal Enable Normal 0 0 0 0 18 Normal Enable Normal 0 0 0 0 19 Normal Enable Normal 0 0 0 0 20 Normal Enable Normal 0 0 0 0 21 Normal Enable Normal 0 0 0 0 22 Normal Enable Normal 0 0 0 0 23 Normal Enable Normal 0 0 0 0 24 Normal Enable Normal 0 0 0 0 port W clear counter Syntax clear counter Description To clear all ports counter include simple and detail port counter information Argument None Possible value None Example PSES 2126C port clear counter W disable state Syntax 189 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 190 disable state range Description To disable the communication capability of the port Argument range port range syntax 1 5 7 available from 1 to 26 Possible value range 1 26 Example PSES 2126C port disable state 12 enable state Syn
139. lay Priority Mapping Each Priority can select any of Queue 0 Queue 3 In Default Priority 0 is mapping to Queue 0 Priority 1 is mapping to Queue 0 Priority 2 is mapping to Queue 1 Priority 3 is mapping to Queue 1 Priority 4 is mapping to Queue 2 Priority 5 is mapping to Queue 2 Priority 6 is mapping to Queue 3 and Priority 0 is mapping to Queue 3 TOS Delay Priority Mapping Priority o lt o lt NON ee xx w w j L3 m Function name T Type TOS m Function Description IP TOS Priority affect TOS fields of IP header you can find it has 8 bit SERVICE TYPE field that specifies how the datagram should be handled The field could be divided into six subfields as follows PRECEDENCE 3 bits D Type Delay Priority 1 bit T Type Throughput Priority 1bit R Type Reliability Priority 1bit M Type Monetary Cost Priority 1bit and UNUSED PRECEDENCE 3 bits can arrange 8 kinds of priorities corresponding to the 0 7 priority in the following priority dia gram TOS Throughput Priority Mapping works while T TYPE in TOS field of IP header of the packets received by the switch is configured LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Precedence Vorrangssteuerung MBZ Must Be Zero m Parameter Description TOS Throughput Priority Mapping Each Priority can select any of Queue 0 Queue 3 In Default Priority
140. le SNMP agent will be started up All supported MIB OIDs including RMON MIB can be accessed via SNMP manager If the field SNMP is set Disable SNMP agent will be de activated the related Community Name Trap Host IP Address Trap and all MIB counters will be ignored W Function name SNMP Configuration W Function Description This function is used to configure SNMP settings community name trap host and public traps as well as the throttle of SNMP A SNMP manager must pass the authentication by identifying both community names then it can access the MIB information of the target device So both parties must have the same community name Once com pleting the setting click Apply button the setting takes effect m Parameters Description SNMP The term SNMP here is used for the activation or de activation of SNMP Default is Enable Get Set Trap Community Community name is used as password for authenticating if the requesting network management unit belongs to the same community group If they both don t have the same commu nity name they don t belong to the same group Hence the reques ting network management unit can not access the device with different community name via SNMP protocol If they both have the same community name they can talk each other Community name is user definable with a maximum length of 15 cha racters and is case sensitive There is not allowed to put any blank in the c
141. le h ttp s nmp t elnet or any lt action gt lt value gt No default and it must be set Example PSES 2126C management edit 1 PSES 2126C management edit 1 set name Tom vid 2 ip 192 168 1 30 192 168 1 80 port 1 2 type s action d PSES 2126C management edit 1 show 1 Name Tom VlanID 2 TPs 192 168 1 30 192 168 1 80 Type SNMP Action Deny Port 1 2 show Syntax show Description To show the specific management policy record Argument None Possible value None Example 185 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 186 PSES 2126C management show 1 Name Tom VlanID 2 IP 3 192 168 1 30 192 168 1 80 Type SNMP Action Deny Port 1 2 poe HW set priority Syntax set priority port range priority Description To set the PoE priority on ports Argument lt port range gt jG priority set priority as 0 Low 1 Normal 2 High Possible value lt port range gt 1 to 24 lt priority gt 0 1 or 2 Example PSES 2126C poe set priority 1 12 2 set state Syntax set state lt port range gt lt state gt Description To set the PoE state on ports Argument lt port range gt jG lt state gt enable or disable PoE function 0 Disable 1 Enable Possible value lt port range gt jG lt
142. le both 802 1p and DSCP and TOS Choose DSCP enable both 802 1p and DSCP and TOS and VIP Choose priorities of VIP and DSCP VIP DSCP gt TOS gt 802 1p Final result m Function name QoS Global Setting W Function Description When you want to use QoS function please enable QoS Mode in advance Then you can use MAC Priority 802 1p Priority IP TOS Priority DiffServ DSCP Priority or VIP Port functions and take effect In this function you can Enable QoS Mode Choose any of Priority Control such as 802 1p TOS DSCP Moreover you can select Scheduling Method of WRR Weighted Round Robin or Strict Priority Next you can arrange Weight values for queue 0 to queue 3 m Parameter Description QoS Mode You can Enable QoS Mode and let QoS function become effective Default is Disable Priority Control Just tick the check box 7 of 802 1P TOS or DSCP Qos and click Apply button to be in operation Scheduling Method There are two Scheduling Method WRR and Strict Priority Default is WRR After you choose any of Scheduling Method please click Apply button to be in operation 111 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Weight 1 55 Over here you can make an arrangement to Weight values of Queue 0 to Queue 3 The range of Weight you can set is 1 55 In default the weight of Queue 0 is 1 the weight of Queue 1 is 2 the weight of Queue 2
143. m Function Name Static Setting m Function Description The function of Static is used to configure MAC s real manners inside of the switch Three kinds of manners including static static with destination drop and static with source drop are contained in this function As static is chosen assign a MAC address to a specific port all of the switch s traffics sent to this MAC address will be forwarded to this port As static with destination drop is chosen the packet will be dropped if its DA is equal to the value you set up Due to this setting belongs to the global one so it may affect all ports transmission of the packets As static with source drop is chosen the packet will be dropped if its SA is equal to the value you set up Due to this setting belongs to the global one so it may affect all ports transmission of the packets 70 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management HE 8 Static MAC A weve Forwarding Rule Pt LI om Static vj Eu E Lo uu MAC Queue ForwardingRule Port W Parameter Description EN MAC It is a six byte long Ethernet hardware address and usually expressed by hex and separated by hyphens For example 00 40 C7 D6 00 01 VID VLAN identifier This will be filled only when tagged VLAN is applied Valid range is 1 4094 Queue Priority Set up the priority 0 3 for the MAC Forwarding Rul
144. m disable dscp Syntax disable dscp Description To disable IP DSCP qos Argument None Possible value None Example PSES 2126C qos disable dscp Em disable qos Description To disable qos function Argument None Possible value None Example PSES 2126C qos disable qos m disable tos Syntax 195 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 196 disable tos Description To disable IP TOS qos Argument None Possible value None Example PSES 2126C qos disable tos enable 1p Syntax enable 1p Description To enable 802 1p qos Argument None Possible value None Example PSES 2126C qos enable 1p enable dscp Syntax enable dscp Description To enable IP DSCP qos Argument None Possible value None Example PSES 2126C qos enable dscp LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management B enable qos Syntax enable qos Description To enable qos function Argument None Possible value None Example PSES 2126C qos enable qos EB enable tos Syntax enable tos Description To enable IP TOS qos Argument No
145. mapping to Queue 0 Priority 48 63 are mapping to Queue DSCP Priority Mapping Priority Priority Priority Queue Priority ov ov ov a ov o is EB 1 iB EB 1v 1 iv EN 1 w E 1 26 iv EE 1 1 8 E N lt a N lt n 3 so 3 5 a a 3 5 N lt EN EH 28 4 2 42 2 2 2 2 46 EB 3M 4 38 35 w lt WwW Ww Win zc i a ww w sKK w w Ae as m ww N o S OIE m lt Diagnostics Three functions including Diagnostics Loopback Test and Ping Test are con tained in this function folder for device self diagnostics Each of them will be described in detail orderly in the following sections Diagnostics W Function Description Diagnostics function provides a set of basic system diagnosis It let users know that whether the system is health or needs to be fixed The basic system check includes EEPROM test UART test DRAM test and Flash test Diagnostics OK OK OK Flash Test OK 4 20 2 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Loopback m Function name Loopback Test m Function Description In the Loopback Test function there are two diffe rent loopback tests One is Internal Loopback Test an
146. mber range 1 to 6 mail address gt email address Possible value gt 1 to 6 Example PSES 2126C alarm email set mail address abc mail abc com A set server Syntax set server lt ip gt Description To set up the IP address of the email server LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Argument ip gt email server ip address or domain name Possible value None Example PSES 2126C alarm email set server 192 168 1 6 set user Syntax set user username Description To set up the account of the email server Argument username email server account Possible value None Example PSES 2126C alarm email set user admin show Syntax show Description To display the configuration of e mail trap event Argument None Possible value None Example PSES 2126C alarm email show Mail Server 192 168 1 6 Username admin Password k kkkkkkkkkkkkk Email Address 1 abc mail abc com 145 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 146 Email Address Email Address Email Address Email Address HRD Ul A W N Email Address lt lt events gt gt del all Syntax del all lt range gt Description To disable email sms and trap of ev
147. me All changes to the configuration are saved here Each time you make changes and press lt Apply gt the changes are stored to the wor king configuration The changes to the working configuration are not automatically adopted for the start configuration They have to be saved specifically as the start or user configuration If you do not save the changes to your working configuration they will be lost and the previous start configuration will be active when you start the system the next time User configuration This configuration exists for specific requirements or for making backups You can save any state of the working configuration as a user configura tion and restore this state later or with the function Restore user confi guration If the start configuration is defective and the the device is not avai lable via network you use the serial configuration interface and the Command Line Interface to reload a functional start configuration Default configuration 3 2 1 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 3 Configuring and monitoring the LANCOM switch This is the default configuration and it cannot be altered The web user interface has the following options to restore the switch to its default setting With the function restore default configuration included default IP address you can reset the switch to the factory default settings including the administrators
148. min Password Starting the Command Line Interface over the serial connection If you do not know the IP address of the device you can use the command line interface via a serial connection Use the serial configuration cable to connect the LANCOM switch to the configuration computer Mounting and connecting up the LANCOM Switch Start a terminal program on the configuration computer such as Hyper terminal under Windows Use the following parameters for the connec tion Baud rate 115200 Stop bits 1 Data bits 8 Parity N Flow control None 23 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 3 Configuring and monitoring the LANCOM switch 24 3 2 Log on with user name and password default admin admin Which configuration does the device use The switch supports four different configurations The start configuration the current working configuration the user configuration and the default confi guration Start configuration At the system start the device takes the parameters from the start confi guration and copies these to the working configuration On shipping the start configuration is the same as the default configuration To change the start configuration the altered parameters have to be G saved as the start configuration Working configuration This is the currently active configuration in the device It can be changed at any ti
149. n Arguments Accounting disables the TACACS accounting Authorization disables the TACACS authorization Fallback author disables the fallback to local authorization set console access Syntax set console access lt method1 gt lt method2 gt Description Sets the primary and secondary access mode for the login via console outband Arguments Method from 0 to 2 0 Authentication via local user accounts of the device 1 Authentication via TACACS Server 2 No authentication required for method 2 only Example ES 2126 tac plus set console access 1 0 Sets the primary access mode for the login via console to TACACS and the secondary access mode to local user accounts 219 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 220 HW set host Syntax set host lt gt ip Description Sets the IP addresses for the first and secondary TACACS server Arguments Number from 1 first TACACS server to 2 secondary TACACS server ip IP address of the TACACS server Example ES 2126 tac plus set host 1 10 1 1 1 Sets the IP address of the primary TACACS server to 10 1 1 1 set key Syntax set key secret key Description Sets the encryption key for the communication with the TACACS server This key must correspond with the encryption
150. n of CLI Management 138 B set state Syntax set state ip port number secret key Description To configure the settings related with 802 1X Radius Server Argument ip the IP address of Radius Server and the IP format is XXX XXX XXX XXX port number the service port of Radius Server Authorization port range 1 65535 secret key set up the value of secret key and the length of secret key is from 1 to 31 Possible value port number 1 65535 default 1812 Example PSES 2126C 802 1x set state 192 168 1 115 1812 WinRadius set suppTimeout Syntax set suppTimeout port range lt sec gt Description A timer used by the Backend Authentication state machine in order to determine timeout conditions in the exchanges between the Authenticator and the Supplicant or Authentication Server The initial value of this timer is either suppTimeout or serverTimeout as determined by the operation of the Backend Authentication state machine Argument port range syntax 1 5 7 available from 1 to 26 sec timer range 1 65535 Possible value port range 1 to 26 sec 1 65535 default is 30 Example PSES 2126C 802 1x set suppTimeout 2 30 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management HW set txPeriod Syntax set txPeriod port ra
151. nabled the delay time is set ran domly ranging from 0 to 30 seconds because the exactly delay time is com puted by the switch itself The default is Disable C DHCP Boot DHCP Broadcast Suppression Disable Delay Time 1 30 seconds IGMP Snooping The function IGMP Snooping is used to establish the multicast groups to for ward the multicast packet to the member ports and in nature avoids wasting the bandwidth while IP multicast packets are running over the network This is because a switch that does not support IGMP or IGMP Snooping can not tell the multicast packet from the broadcast packet so it can only treat them all as the broadcast packet Without IGMP Snooping the multicast packet for warding function is plain and nothing is different from broadcast packet A switch supported IGMP Snooping with the functions of query report and leave a type of packet exchanged between IP Multicast Router Switch and IP Multicast Host can update the information of the Multicast table when a member port joins or leaves an IP Multicast Destination Address With this function once a switch receives an IP multicast packet it will forward the packet to the members who joined in a specified IP multicast group before 59 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 60 The packets will be discarded by the IGMP Snooping if the user transmits mul ticast packets to the multicast gr
152. name and VLAN ID after pressing Add button m Parameter Description VLAN Name The name defined by administrator is associated with a VLAN group Valid letters are A Z a z 0 9 and characters The maximal length is 15 characters VID VLAN identifier Each tag based VLAN group has a unique VID It appears only in tag based and Double tag mode Member This is used to enable or disable if a port is a member of the new added VLAN Enable means it is a member of the VLAN Just tick the check box beside the port x to enable it Tag based Group No VLANNAME O vwo 1 default 1 EJ E3 oo Add Group Input the VLAN name VID and then choose the member by ticking the check box beside the port No to create a new Tag based VLAN As to the parameter of Untag it stands for an egress rule of the port If you tick the check box beside the port No packets with this VID outgoing from this port LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management will be untagged Finally press the Apply button to have the setting taken effect Tag based VLAN VLAN name default 1 1 2 v 3 v 4 v 5 v 6 v 7 lv 8 v 9 10 v 11 v 12 v 13 v 44 v 15 v 16 v 17 v 18 v 19 v 20 v 21 M 22 v 23 v 24 M 25 v 26 v 1 v 2 v 3 v 4 v
153. ncontrolled port A controlled port can only pass the packets when the authenticator PAE is authorized and otherwise an uncontrolled port will unconditionally pass the packets with PAE group MAC address which has the value of 01 80 c2 00 00 03 and will not be forwarded by MAC bridge at any time Authentication server A device provides authentication service through EAP to an authentica tor by using authentication credentials supplied by the supplicant to determine if the supplicant is authorized to access the network resource The overview of operation flow for the following figure is quite simple When Supplicant PAE issues a request to Authenticator PAE Authenticator and Sup plicant exchanges authentication message Then Authenticator passes the request to RADIUS server to verify Finally RADIUS server replies if the request is granted or denied While in the authentication process the message packets encapsulated by Extensible Authentication Protocol over LAN EAPOL are exchanged between an authenticator PAE and a supplicant PAE The Authenticator exchanges the message to authentication server using EAP encapsulation Before success fully authenticating the supplicant can only touch the authenticator to per form authentication message exchange or access the network from the uncontrolled port Supplicant s A Authentication System Authenticator s System Server s System Ser
154. nction name Events Configuration Function Description The Trap Events Configuration function is used to enable the switch to send out the trap information while pre defined trap events occurred The switch offers 22 different trap events to users for Switch management The trap information can be sent out in three ways including email mobile phone SMS short message system and trap The message will be sent while users tick Z the trap event individually on the web page shown as below Parameter Description Trap Cold Start Warm Start Link Down Link Up Authentication Failure User login User logout STP STP Topology Changed STP Disabled STP Enabled 4 16 2 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management LACP LACP Disabled LACP Enabled LACP Member Added LACP Port Failure GVRP GVRP Disabled GVRP Enabled VLAN Port based VLAN Enabled Tag based VLAN Enabled Module Swap Module Inserted Module Removed Dual Media Swap ped O PoE PoE Failure Email Select Unselect All SMS Select Unselect All C Trap Select Unselect All Event Email sms Trap z z 4 E z E n E n l z z z z g z z n n n n z z z n n n n n o j Apply E Mail m Function name Email SMS Configuration m Function Description Alarm configuration is used to configure the per sons who s
155. ne Possible value None Example PSES 2126C qos enable tos HW set dscp Syntax set dscp lt q0 gt lt priority gt lt q1 gt lt priority gt lt q2 gt lt priority gt lt q3 gt lt priority gt Description To set IP DSCP qos weighting for 4 queues Argument lt q gt queue level q0 queue 0 q1 queue 1 q2 queue 2 q3 queue 3 lt priority gt priority level One queue has been assigned 2 different priorities 197 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 198 You don t need to use all of queue but must assign queue in order Syntax 1 2 or 2 5 7 available from 0 to 63 Possible value priority 0 to 63 Example PSES 2126C qos set dscp q0 2 q1 2 q2 2 q3 3 set pri tag Syntax set pri tag lt q0 gt lt priority gt lt q1 gt lt priority gt lt q2 gt lt priority gt lt q3 gt lt priority gt Description To set 802 1p qos weighting for 4 queues Argument lt q gt queue level q0 queue 0 q1 queue 1 q2 queue 2 q3 queue 3 lt priority gt priority level One queue has been assigned 2 different priorities You don t need to use all of queues but must assign queues in order Syntax 1 2 or 2 5 7 available from 0 to 7 Possible value priority gt 0 to 7 A Example PSES 2126C qos
156. ne Example PSES 2126C management show 1 Name Tom VlanID 2 IP 3 192 168 1 30 192 168 1 80 Type SNMP Action Deny Port 1 2 PSES 2126C management delete 1 PSES 2126C management show Security rule list is empty now edit the specific management policy entry Available range to 65536 Syntax Usage set lt name gt lt value gt lt vid gt lt value gt lt ip gt lt value gt lt port gt lt value gt lt type gt lt value gt lt action gt lt value gt Synopsis set name Mary vid 20 ip 192 168 1 1 192 168 1 90 port 2 5 8 type h s action a Synopsis set name Mary vid 20 ip 192 168 1 1 192 168 1 90 Description To edit management policy record Argument lt name gt lt value gt ACL entry name LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management lt vid gt lt value gt VLAN ID lt ip gt lt value gt IP Range lt port gt lt value gt Incoming port lt type gt lt value gt Access type lt action gt lt value gt a ccept or d eny Possible value lt name gt lt value gt No default and it must be set LEN lt vid gt lt value gt The range is 1 4095 and can be set to any lt ip gt value For example 192 168 1 90 192 168 1 90 or any lt port gt lt value gt For example 1 or 1 8 or 1 3 5 or any lt type gt lt value gt For examp
157. nge sec Description A timer used by the Authenticator PAE state machine to determine when an EAPOL PDU is to be transmitted Argument EN port range syntax 1 5 7 available from 1 to 26 sec timer range 1 65535 Possible value port range 1 to 26 sec 1 65535 default is 30 Example PSES 2126C 802 1x set txPeriod 2 30 m show mode Syntax show mode Description To display the mode of each port Argument None Possible value None Example SES 2126C 802 1x show mode Port Mode U Disable Multi host 1 2 3 Disable 4 Disable 5 Disable 139 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 140 6 Disable m show parameter Syntax how parameter n Description To display the parameter settings of each port Argument None Possible value None Example PSES 2126C 802 1x show parameter port 1 port control Auto reAuthMax tad txPeriod 30 Quiet Period 60 reAuthEnabled ON reAuthPeriod 3600 max Request 2 suppTimeout 30 serverTimeout 30 m show security Syntax how security ta Description To display the authentication status of each port Argument None Possible value None Example LANCOM ES 2126 und LANCOM ES 2
158. ns its VID Valid range is 1 4094 Member Port Those are the members belonging to the same dynamic VLAN group Edit Administrative Control When you create GVRP group you can use Administrative Control function to change Applicant Mode and Registrar Mode of GVRP group member Refresh Refresh function can help you to see current GVRP group sta tus 4 12 4 12 1 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management GVRP VLAN Group Information 0 vip MemberPort STP Configuration The Spanning Tree Protocol STP is a standardized method IEEE 802 1D for avoiding loops in switched networks When STP is enabled ensure that only one path is active between any two nodes on the network at a time User can enable Spanning Tree Protocol on switch s web management and then set up other advanced items We recommend that you enable STP on all switches to ensure a Single active path on the network STP Status Function name STP Status Function Description In the Spanning Tree Status user can read 12 para meters to know STP current status The 12 parameters description is listed in the following table Parameter Description STP State Show the current STP Enabled Disabled status Default is Disabled Bridge ID Show switch s bridge ID which stands for the MAC address of this switch Bridge Pr
159. ntrol 2 2 set quiet period Syntax set quiet period port range lt sec gt Description A timer used by the Authenticator state machine to define periods of time during when it will not attempt to acquire a Supplicant Argument port range syntax 1 5 7 available from 1 to 26 sec timer range 0 65535 Possible value 135 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 136 port range 1 to 26 sec 0 65535 default is 60 Example PSES 2126C 802 1x f set quiet period 2 30 set reAuthEnabled Syntax set reAuthEnabled port range lt ebl gt Description A constant that define whether regular reauthentication will take place on this port Argument port range syntax 1 5 7 available from 1 to 26 ebl 0 OFF to disable reauthentication 1 ON to enable reauthentication Possible value port range 1 to 26 ebl 0 or 1 default is 1 Example PSES 2126C 802 1x set reAuthEnabled 2 1 set reAuthMax Syntax set reAuthMax port range max Description The number of reauthentication attempts that are permitted before the port becomes Unauthorized Argument port range syntax 1 5 7 available from 1 to 26 max max value range 1 10 Possible value p
160. nts set web access Syntax set web access lt method1 gt lt method2 gt Description Sets the primary and secondary access mode for the login via web browser Arguments Method from 0 to 2 0 Authentication via local user accounts of the device 1 Authentication via TACACS Server 2 No authentication required for method 2 only 221 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Example ES 2126 tac plus set web access 1 0 Sets the primary access mode for the login via web browser to TACACS and the secondary access mode to local user accounts tftp W set server Syntax set server lt ip gt Description To set up the IP address of tftp server Argument lt ip gt the IP address of tftp server Possible value lt ip gt tftp server IP Example PSES 2126C tftp set server 192 168 3 111 m show Syntax show Description To display the information of tftp server Argument None Possible value None Example PSES 2126C tftp show Tftp Server 192 168 3 111 time W set daylightsaving Syntax 222 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management set daylightsaving hr MM DD HH lt mm dd hh gt Description To set up the daylight saving Argument lt
161. o ports TP SFP 10 100 1000 Mbps Serial interface Serial configuration interface Power supply Internal power supply unit 110 230 V 50 60 Hz Housing Robust metal housing 19 1U 440 x 44 x 209 mm with remo vable mounting brackets network connectors on the front 241 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 6 Appendix CE CE conformity according to EN 55022 EN 55024 EN 60950 Environment Temperature range 0 40 C humidity 5 90 non condensing Accessories a ce SFP module LANCOM SFP SX LC1 item no m 1000Base LX SFP module LANCOM SFP LX LC1 item no 61557 Service 5 years Support via Hotline and Internet 242 LANCOM ES 2126 und LANCOM ES 2126P E Chapter 6 Appendix 6 2 Connector wiring 6 2 1 Ethernet interface 10 100Base TX 8 pin RJ45 sockets ISO 8877 EN 60603 7 1 T ITI T e 3 R 4 PoE G 5 PoE G 6 R 7 PoE 48 V PoE 48 V 6 3 CE declarations of conformity C LANCOM Systems herewith declares that the devices of the type described in this documentation are in agreement with the basic requirements and other relevant regulations of the 1995 5 EC directive The CE declarations of conformity for your device can be found on the relevant product page on the LANCOM Web site www lancom systems com 243
162. o this port once a supplicant is authorized the devices connected to this port can access the network resource through this port 802 1X Mode Setting Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Function name Port Security Management m Function Description Shows each port status In Multihost mode it shows the port number and its status authorized or unauthorized B Parameter Description H1 Disable Mode When selecting Disable mode for a port in the function 802 1X Port Mode Configuration the port is in the uncontrolled port state and does not apply 802 1X authenticator on it Any node attached on this port can access the network without the admittance lis x i i Ri I n i 94 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management of 802 1X authenticator The Port Status will show the following Screen Port Number The port number to be chosen to show its 802 1X Port Status The valid number is Port 1 26 Port Status The current 802 1X status of the port In Disable mode this field is Disabled 802 1x with Multihost mode When selecting 802 1x with Multihost mode for a port in the function 802 1X Port Mode Configuration Devices can access the network through this port once the authenti cator is authorized The Port Stat
163. occurrence of looping problems in the network m Parameter Description Mode Used for the activation or de activation of Isolated Group func tion Default is disable Isolated Group User can choose any port to be the member of this group Just tick the check box Z beside the port x and valid port is Port 1 26 In this group all of these member ports cannot forward packets with each other Thus the switch will not be capable of for warding any packets in case its all ports become the members of the Isolated group mE Isolated Group 1 2 3 4 5 6 T 8 9 10 11 12 13 14 15 16 Isolated Group 17 18 19 20 21 22 23 24 25 26 m Function name Restricted Group 105 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management m Function Description The function of the Restricted Group can decide the direction of transmitting packets for the specific port The packets recei ved by the port with the Ingress mode of Restricted Group will be sent to the ports with the Egress mode of Restricted Group H Parameter Description Restricted Group Disable v 4 18 Bandwidth Management m Function name Ingress Bandwidth Setting 106 9 10 11 Mae f 1 2 3 9 10 11 17 18 19 25 26 pom 12 20 12 20 14 22 14 22 15 23 15 23 Mode Used for the activation or de activation
164. ol used in the right side is EAPOL and the left side is EAP At the initial stage the supplicant A is unauthenticated and a port on switch acting as an authenticator is in unauthorized state So the access is blocked in this stage Initiating a session Either authenticator or supplicant can initiate the message exchange If supplicant initiates the process it sends EAPOL start packet to the authenticator PAE and authenticator will immediately respond EAP Request Identity packet The authenticator always periodically sends EAP Request Identity to the supplicant for requesting the identity it wants to be authenticated Ifthe authenticator doesn t send EAP Request Identity the supplicant will initiate EAPOL Start the process by sending to the authenticator LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management And next the Supplicant replies an EAP Response Identity to the authen ticator The authenticator will embed the user ID into Radius Access Request command and send it to the authentication server for confirming its identity Q After receiving the Radius Access Request the authentication server sends Radius Access Challenge to the supplicant for asking for inputting user password via the authenticator PAE The supplicant will convert user password into the credential information perhaps in MD5 format and replies an EAP Response with this credential information as well as t
165. ommand in the top mode you are still in the position of the top mode Argument None Possible value None Example PSES 2126C trunk LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management PSES 2126C trunk amp exit PSES 2126C help Syntax help Description To show available commands Some commands are the combination of more than two words When you enter this command the CLI would show the complete commands Besides the command would help you classify the commands between the local commands and the global ones Argument None Possible value None Example PSES 2126C ip PSES 2126C ip help Commands available SHER lt lt Local commands gt gt set ip Set ip and gateway set dns Set dns enable dhcp Enable DHCP and set dns auto or manual disable dhcp Disable DHCP show Show IP Configuration exit Back to the previous mode end Back to the top mode help Show available commands history Show a list of previously run commands 129 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 130 logout Logout the system save start Save as start config Save user Save as user config restore default Restore default config restore user Restore user config PSES 2126C ip history Syntax history Description To show a list of pre
166. ommunity name string Any printable character is allowable The community name for each function works independently Each function has its own community name Say the community name for GET only works for GET function and can t be applied to other func tion such as SET and Trap Default SNMP function Enable Default community name for GET public Default community name for SET private Default community name for Trap public Default Set function Enable 57 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 58 4 Default trap host IP address 0 0 0 0 Default port number 162 Trap In the switch there are 6 trap hosts supported Each of them has its own community name and IP address is user definable To set up a trap host means to create a trap manager by assigning an IP address to host the trap message In other words the trap host is a network management unit with SNMP manager receiving the trap message from the managed switch with SNMP agent issuing the trap message 6 trap hosts can prevent the important trap message from losing For each public trap the switch supports the trap event Cold Start Warm Start Link Down Link Up and Authentication Failure Trap They can be enabled or disabled individually When enabled the corres ponded trap will actively send a trap message to the trap host when atrap happens If all publictraps are disabled no public trap mes
167. onf function Argument None Possible value None Example PSES 2126C config file export user conf Export successful m import start Syntax Description To run the import start function Argument None Possible value None Example PSES 2126C config file amp import start Import successful HW import user conf Syntax Description 156 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management To run the import user conf function Argument None Possible value None Example PSES 2126C config file import user conf Import successful set export path Syntax Description To set up the file path and filename that user would like to export Argument lt filepath gt filepath and filename Possible value lt filepath gt filepath and filename Example PSES 2126C config file set export path log 21511 txt set import path Syntax Description To set up the filepath and filename that user would like to import Argument lt filepath gt filepath and filename Possible value filepath gt filepath and filename Example PSES 2126C config file set import path log 21511 txt show Syntax Description To display the information of the config file
168. ort No Display the port number The number is 1 24 Detection Port Enable When Port No is chosen and enable port s Loop detection the port can detect loop happens When Port No is chosen enable port s Loop detection and the port detects loop happen port will be Locked If Loop did not happen port maintains Unlocked The default is Disable Locked Port Resume When Port No is chosen enable port s Loop detection and the port detects loop happen the port will be Locked When choosing Resume port locked will be opened and turned into unlocked If not choosing Resume Port maintains locked SNMP Configuration Any Network Management System NMS running the Simple Network Management Protocol SNMP can manage the Managed devices equipped with SNMP agent provided that the Management Information Base MIB is installed correctly on the managed devices The SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent and traverses the Object Identity OID of the management Information Base MIB described in the form of SMI syntax SNMP agent is running on the switch to response the request issued by SNMP manager LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Basically it is passive except issuing the trap information The switch supports a switch to turn on or off the SNMP agent If you set the field SNMP Enab
169. ort is powered via PoE Constant green when the network connection is established to the connected device Off if no network connection can be established to the connected device This LED displays the following information depending on the selected LED status m LED mode Active Blinks yellow during data transfer m LED mode Full Duplex Constant green when full duplex mode is active for this port blinks yellow in case of collisions m LED mode Speed Constant yellow when the 100 Mbps mode is active Off when the 10 Mbps mode is active Constant green when the LED mode is set to Active LANCOM ES 2126 und LANCOM ES 2126P E Chapter 2 Installation FDX spp 9 Q9 LEDSET Reset FX Port 25 and 26 2 3 3 2 4 Constant green when the LED mode is set to Full Duplex Constant green when the LED mode is set to Speed Button to switch the LEDmode between Active Full Duplex and Speed Button to re start the system Constant green when the optical port is active Off when the TP port is active Connectors on the LANCOM ES 2126 and LANCOM ES 2126P The following connectors are located on the rear of the device Connector for serial configuration cable for direct configuration Connector for IEC power cable for power supply Mounting and connecting up the LANCOM switch Installating the LANCOM switch involves the following steps Mounting The device is designe
170. ort range 1 to 26 max 1 10 default is 2 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Example PSES 2126C 802 1x set reAuthMax 2 2 set reAuthPeriod Syntax set reAuthPeriod port range lt sec gt Description A constant that defines a nonzero number of seconds between periodic EN reauthentication of the supplicant Argument port range syntax 1 5 7 available from 1 to 26 sec timer range 1 65535 Possible value port range 1 to 26 sec 1 65535 default is 3600 Example PSES 2126C 802 1x set reAuthPeriod 2 3600 set serverTimeout Syntax set serverTimeout port range sec Description A timer used by the Backend Authentication state machine in order to determine timeout conditions in the exchanges between the Authenticator and the Supplicant or Authentication Server The initial value of this timer is either suppTimeout or serverTimeout as determined by the operation of the Backend Authentication state machine Argument port range syntax 1 5 7 available from 1 to 26 sec timer range 1 65535 Possible value port range 1 to 26 sec 1 65535 default is 30 Example PSES 2126C 802 1x set serverTimeout 2 30 137 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operatio
171. orwarded destination port form 1 to 26 Possible value vid 1 to 4094 queue 0 to 3 rule 0 to 2 port 1 to 26 Example PSES 2126C mac table static mac add 00 22 44 55 66 77 1006 del Syntax del mac Description To remove the static mac entry Argument mac mac address format 00 02 03 04 05 06 181 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Possible value mac mac address Example PSES 2126C mac table static mac del 00 02 03 04 05 06 m show Syntax show Description To display static mac entry Argument None Possible value None Example PSES 2126C mac table static mac it show MAC VID Queue Forwarding Rule Port 1 00 40 C7 D6 00 01 200 2 Static with Destination Drop 2 management E add Syntax Usage set lt name gt lt value gt lt vid gt lt value gt lt ip gt lt value gt lt port gt lt value gt lt type gt value action value Synopsis set name Mary vid 20 ip 192 168 1 1 192 168 1 90 port 2 5 8 type h s action a Synopsis set name Mary vid 20 ip 192 168 1 1 192 168 1 90 Description To save the adding management policy records When you don t know how to set the management policy records you can use this command as follows 182 LANCOM ES 2126
172. oup that had not been built up in advance OOOO _ Status SUNT CTC Disable Active O Passive IP Multicast Table IP Address _ VLANID Member Port Apply Refresh Function name IGMP Snooping Status W Function Description IGMP is used to snoop the status of IP multicast groups and display its associated information in both tagged VLAN and non tagged VLAN networks Enabling IGMP with either passive or active mode you can monitor the IGMP snooping information which contains the multicast member list with the multicast groups VID and member port m Parameter Description IGMP snooping mode selection The switch supports three kinds of IGMP Snooping status including Passive Active and Disable Disable Set Disable mode to disable IGMP Snooping function Default Disable Active In Active mode IGMP snooping switch will periodically issue the Membership Query message to all hosts attached to it and gather the Membership report message to update the database of the Mul ticast table By the way this also reduces the unnecessary multicast traffic Passive In Passive Snooping mode the IGMP snooping will not peri odically poll the hosts in the groups The switch will send a Member ship Query message to all hosts only when it has received a Membership Query message from a router IP Address how all multicast groups IP addresses that are registered on this device
173. ping Argument status O disable 1 active 2 passive Possible value status 0 1or 2 Example PSES 2126C igmp snooping set mode 2 W show igmp snooping Syntax Description To display IGMP snooping mode and allowed IP multicast entry Argument None Possible value None Example PSES 2126C igmp snooping show igmp snooping Snoop Mode Active IP Multicast 1 IP Address 224 1 1 1 VLAN ID 0 Member Port 22 m show multicast Syntax Description 171 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 172 To display IP multicast table Argument None Possible value None Example PSES 2126C igmp snooping show multicast IP Multicast None disable dhcp Syntax disable dhcp Description To disable the DHCP function of the system Argument None Possible value None Example PSES 2126C ip disable dhcp DHCP is already stopped enable dhcp Syntax enable dhcp lt manuallauto gt Description To enable the system DHCP function and set DNS server via manual or auto mode Argument manuallauto gt set DNS by using manual or auto mode A Possible value manuallauto gt manual or auto Example LANCOM ES 2126
174. ra tion Protocol Here DHCP means a switch to turn ON or OFF the func tion The switch supports DHCP client used to get an IP address automati cally if you set this function Enable When enabled the switch will issue the request to the DHCP server resided in the network to get an IP address If DHCP server is down or does not exist the switch will issue the request and show IP address is under requesting until the DHCP server is up Before getting an IP address from DHCP server the device will not continue booting procedures If set this field Disable you ll have to input IP address manually For more details about IP address and DHCP please see the Section 2 1 5 IP Address Assign ment in this manual Default Disable IP address Users can configure the IP settings and fill in new values if users set the DHCP function Disable Then click Apply button to update When DHCP is disabled Default 192 168 1 1 If DHCP is enabled this field is filled by DHCP server and will not allow user manually set it any more Subnet mask Subnet mask is made for the purpose to get more net work address because any IP device in a network must own its IP address composed of Network address and Host address otherwise can t communicate with other devices each other But unfortunately the network classes A B and C are all too large to fit for almost all 35 LANCOM ES 2126 und LAN
175. range 1 to 26 Example PSES 2126C stp Mcheck 1 8 disable Description To disable the function of STP Argument None Possible value None Example PSES 2126C stp disable enable Syntax enable Description To enable the function of STP Argument None Possible value None Example PSES 2126C stp enable set config Syntax set config Bridge Priority Hello Time Max Age Forward Delay 211 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 212 Description To set up the parameters of STP Argument Bridge Priority priority must be a multiple of 4096 available from 0 to 61440 Hello Time available from 1 to 10 Max Age available from 6 to 40 Forward Delay available from 4 to 30 Note 2 Forward Delay 1 gt Max Age Max Age gt 2 Hello Time 1 Possible value lt Bridge Priority gt 0 to 61440 lt Hello Time gt 1 to 10 lt Max Age gt 6 to 40 lt Forward Delay gt 4 to 30 Example PSES 2126C stp set config 61440 2 20 15 set port Syntax set port range path cost priority edge port admin p2p gt Description To set up the port information of STP Argument range syntax 1 5 7 available from 1 to 26
176. ration of a LANCOM switch m With LANmonitor you can use a Windows computer to monitor all of your LANCOM devices This program displays all important status infor mation for a LANCOM switch such as link status or port PoE state m With Documentation you copy the documentation files onto your PC Select the appropriate software options and confirm your choice with Next The software is installed automatically 20 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 3 Configuring and monitoring the LANCOM switch Configuring and monitoring the LANCOM switch Configuration options There are two different methods of configuring the device m By means of a graphical user interface or via a browser WEBconfig This option is only available if you have network access to the device s IP address from your computer With a LANCOM ES 2126 you can access WEBconfig via a encrypted connection over SSL as well Instructions for configuring the device with WEBconfig are available in the chapter Web based configuration Text orientated configuration via a console Command Line Interface CLI This method of configuration which requires a program such as Tel net SSH LANCOM ES 2126 only Hyperterminal or similar can be con ducted over a network connection or with a direct connection via serial interface RS 232 Instructions for configuring the device with CLI are available in the chap ter Command line interface Sta
177. rt IEEE 802 1D IEEE 802 1w RSTP Rapid Spanning Tree Protocol standards VLAN Support Port based VLAN and IEEE802 1Q Tag VLAN Support 256 active VLANs and VLAN ID 1 4094 Port Trunking Support static port trunking and port trunking with IEEE 802 3ad LACP Bandwidth Control Support ingress and egress per port bandwidth control Port Security Support allowed denied forwarding and port security with MAC address SNMP RMON SNMP agent and RMON MIB In the device SNMP agent is a client soft ware which is operating over SNMP protocol used to receive the command from SNMP manager server site and echo the corresponded data i e MIB object Besides SNMP agent will actively issue TRAP information when happened RMON is the abbreviation of Remote Network Monitoring and is a branch of the SNMP MIB The device supports MIB 2 RFC 1213 Bridge MIB RFC 1493 RMON MIB RFC 1757 statistics Group 1 2 3 9 Ethernet like MIB RFC 1643 Ethernet MIB RFC 1643 and so on TACACS Tacacs Terminal Access Controller Access Control System is a protocol for authentication authorization and accounting AAA It thus provides access to the network for certain authorized users only it regulates the rights of those users and it is a logging mechanism to keep track of user LANCOM ES 2126 und LANCOM ES 2126P B Chapter 1 Introduction actions TACACS is an alternative to other AAA protocols such as RADIUS IGMP Snooping S
178. rting WEBconfig There are two ways of starting the configuration by browser m f you know the device s IP address simply enter this into the address line in the browser The factory settings for accessing the device are User name admin password admin Datei Bearbeiten Ansicht Chronik Lesezeichen Extras Hilfe E E GQ G http 192 168 2 25 ndex htmi Please Input Username amp Password Username admin Password PFFF gua cua Mg Uu caa 21 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 3 Configuring and monitoring the LANCOM switch m f you do not have the device s IP number LANconfig can be used to search for it To start LANconfig click on Start gt Programs gt LANCOM gt LANconfig File Edit Device View Tools Help amp muuE cetsIEbgqIS aw mI zy LANconfig amp ypES 2126P Qs MP 10 99 8 50 Ok LANconfig automatically searches for all available devices in your net work Any available LANCOM devices will be displayed in the list inclu ding the LANCOM switch Double click on this entry to start the browser automatically with the correct IP address What is the IP address of my LANCOM switch The current IP address of the LANCOM switch after being switched on depends on the network constellation Networks with DHCP server In its factory settings the LANCOM switch is set for auto DHCP mode meaning that it searches for a DHCP server to assign it an IP address
179. sage Will be sent As to the Enterprise no 6 trap is classified as private trap which are listed in the Trap Alarm Configuration function folder Default for all public traps Enable SNMP Configuration SNMP 9 Enable Disable private Enable v 0 0 0 0 162 Community public 0 0 0 0 i 162 Community public 0 0 0 0 162 Community public 0 0 0 0 162 Community public 0 0 0 0 162 Community public 0 0 0 0 162 Community public N DHCP Boot The DHCP Boot function is used to spread the request broadcast packet into a bigger time frame to prevent the traffic congestion due to broadcast packets from many network devices which may seek its NMS boot server DHCP server and many connections predefined when the whole building or block lose the 4 8 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management power and then reboot and recover At this moment a bunch of switch or other network device on the LAN will try its best to find the server to get the services or try to set up the predefined links they will issue many broadcast packets in the network The switch supports a random delay time for DHCP and boot delay for each device This suppresses the broadcast storm while all devices are at booting stage in the same time The maximum user defined delay time is 30 sec If DHCP Broadcasting Suppression function is e
180. setting Flow Control There are two modes to choose in flow control inclu ding Symmetric and Asymmetric If flow control is set Symmetric both parties can send PAUSE frame to the transmitting device s if the receiving port is too busy to handle When it is set Asymmetric this will let the receiving port care the PAUSE frame from transmitting device s but it doesn t send PAUSE frame This is one way flow con trol Default Symmetric 4 3 2 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Port Status The function Port Status gathers the information of all ports current status and reports it by the order of port number media link status port state Auto Negotiation status speed duplex Rx Pause and Tx Pause An extra media type information for the module ports 25 and 26 is also offered Port Current Status cumEEEEE CULTAX UN mOLTNUTIESTS EB 1 TP DownEnabled Enabled 2 TP Up Enabled Enabled 100M Full on Off 3 TP DownEnabled Enabled 4 TP DownEnabled Enabled 5 TP DownEnabled Enabled 6 TP DownEnabled Enabled 7 TP DownEnabled Enabled 8 TP DownEnabled Enabled 9 TP DownEnabled Enabled 10 TP DownEnabled Enabled ER E MP mo 11 TP DownEnabled Enabled EN en is es quam 12 TP DownEnabled Enabled a Dx gu 13
181. stem When ping failure time reach configured value then switch will reboot automatically Default state is disable Fail Count Default Ping Failed Count 100 Range for Setting 1 1000 Watchdog Configuration M State Fai Count Reset management cpu interface Disable 7 10 Reboot the system Disable 7 fio TFTP Server W Function name TFTP Server W Function Description Set up IP address of TFTP server 121 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management m Parameter Description Specify the IP address where the TFTP server loca tes Fill in the IP address of your TFTP server then press Apply button to have the setting taken effect TFTP Server 4 22 Log This function shows the log data The switch provides system log data for users There are 17 private trap logs 5 public trap logs The switch supports total 120 log entries For more details on log items please refer to the section of Trap Alarm Configuration and SNMP Configuration m Function name Log Data m Function Description The Trap Log Data is displaying the log items inclu ding all SNMP Private Trap events SNMP Public traps and user logs occur red in the system In the report table No Time and Events are three fields contained in each trap record Log Data TFTP Server 0 0 0 0 Auto Upload Disabled DSSS eseuoumenni rsen rca ESSE Varig Sew 1 Mon Jun 16 18 21 53 2008 Login admin 2 Mon
182. subnet mask and gateway address The assigned IP address can only be determined by using the appropriate tools or via the DHCP server If the DHCP server is a LANCOM device the IP address of the LAN COM switch can be read out from the DHCP table If this is the case the LANCOM switch can be accessed from any network computer that receives its IP address from the same DHCP server Network without a DHCP server If no DHCP server is present in the network the LANCOM switch automatically adopts the address 172 23 56 250 LANCOM ES 2126 or 172 23 56 251 LANCOM ES 2126P If this is the case the LANCOM switch can be accessed from any network computer with its IP address set to the address range 172 23 56 x 22 3 1 2 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 3 Configuring and monitoring the LANCOM switch Starting the Command Line Interface over the network If you know the device s IP address see section above and the LANCOM Switch is accessible from your computer via the network the you can use the command line interface via the network To do this start a console such as Telnet and enter the device s IP address as the target Log on with user name and password default admin admin EN E CAWINDOWS system32 telnet exe Melcome to Microsoft Telnet Client Escape Character is CTRL Microsoft Telnet open 172 23 56 251_ o Telnet 192 168 2 25 Managed Switch LANCOM GS 2124 Login ad
183. tact addresses for LANCOM Support please refer to the enc losed leaflet or the LANCOM Systems Web site Very important instructions Failure to observe these may result in damage Important instruction that should be observed Additional information that may be helpful but is not essential C OC LANCOM ES 2126 und LANCOM ES 2126P B Contents Contents 1 Introduction 9 1 1 Key Features in the Device 10 1 2 Just what can your LANCOM switch do 12 2 Installation 14 2 1 Package content 14 2 2 System requirements 14 2 3 Status displays and interfaces 15 2 3 1 LEDs and buttons on the LANCOM ES 2126 15 2 3 2 LEDs and buttons on the LANCOM ES 2126P 16 2 3 3 Connectors on the LANCOM ES 2126 and LANCOM ES 2126P 18 2 4 Mounting and connecting up the LANCOM switch 18 2 5 Software installation 19 2 5 1 Starting the software setup 19 2 5 2 Which software should install 20 3 Configuring and monitoring the LANCOM switch 21 3 1 Configuration options 21 3 1 1 Starting WEBconfig 21 3 1 2 Starting the Command Line Interface over the network 23 3 1 3 Starting the Command Line Interface over the serial con nection 23 3 2 Which configuration does the device use 24 3 2 1 Save Restore 25 3 2 2 Config file 26 3 3 Monitoring the LANCOM switch with LANmonitor 27 3 3 1 Ethernet port status 27 3 3 2 Port PoE status 28 LANCOM ES 2126 und LANCOM ES 2126P 4 Operation of Web based Management 4 1 Web Management Home Overview 4 1 1
184. tate because the edge ports cannot create bridging loops in the network This will expedite the convergence When the link on the edge port toggles the STP topology keeps unchanged Unlike the designate port or root port though an edge port will transit to a normal spanning tree port immediately if it recei ves a BPDU Default No Admin Point To Point say a port is a point to point link from RSTP s view if it is in full duplex mode but is shared link if it is in half duplex mode RSTP fast convergence can only happen on point to point links and on edge ports This can expedite the convergence because this will have the port fast transited to forwarding state There are three parameters Auto True and False used to configure the type of the point to point link If configure this parameter to be Auto it means RSTP will use the duplex mode resulted from the auto negotiation In today s switched networks most links are running in full duplex mode For sure the result may be half duplex in this case the port will not fast transit to Forwarding state If it is set as True the port is treated as point to point link by RSTP and unconditionally transited to Forwarding state If it is set as False fast transition to For warding state will not happen on this port Default Auto M Check Migration Check It forces the port sending out an RSTP BPDU instead of a legacy STP BPDU at the next transmission The only benefit of this ope
185. tax enable state Description To enable the communication capability of the port Argument lt range gt port range syntax 1 5 7 available from 1 to 26 Possible value range 1 26 A Example PSES 2126C port enable state 3 10 set flow control Syntax set flow control range symmetric asymmetric Description To set up the flow control function of all ports Argument lt range gt port range syntax 1 5 7 available from 1 to 26 lt symmetric gt set its flow control as symmetric lt asymmetric gt set its flow control as asymmetric Possible value range gt 1 to 26 Example LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management PSES 2126C port set flow control 3 6 symmetric set speed duplex Syntax set speed duplex range lt auto gt lt 10 100 1000 gt lt half full gt Description To set up the speed and duplex of all ports Argument EN lt range gt port range syntax 1 5 7 available from 1 to 26 lt port speed gt auto set auto negotiation mode 10 set speed to 10M 100 set speed to 100M 1000 set speed to 1000M lt port duplex gt half set to half duplex full set to full duplex Possible value lt range gt 1 to 26 lt port speed gt auto 10 100 1000 port duplex full half
186. te If Symmetric is enabled and port 1 for example receives an untagged packet the switch will apply the PVID of port 1 to tag this packet the packet then will be forwarded But if the PVID of port 1 is not 100 the packet will be dropped SVL While SVL is enable all VLANs use the same filtering database storing the membership information of the VLAN to learn or look up the membership information of the VLAN While SVL is disable it means learning mode is IVL In this mode different VLAN uses diffe rent filtering database storing the membership information of the VLAN to learn or look up the information of a VLAN member Double Tag Double tag mode belongs to the tag based mode howe ver it would treat all frames as the untagged ones which means that tag with PVID will be added into all packets Then these packets will be forwarded as Tag based VLAN So the incoming packets with tag will become the double tag ones VLAN Mode VLAN Mode Tag based m OA wem ETE 63 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management 64 4 9 2 Tag based Group m Function name Tag based Group Configuration W Function Description It shows the information of existed Tag based VLAN Groups You can also easily create edit and delete a Tag based VLAN group by pressing Add Edit and lt Delete gt function buttons User can add a new VLAN group by inputting a new VLAN
187. te of the ports Argument lt range gt syntax 1 3 5 available from 1 to 5 1 Disable 2 Broadcast Storm Control 3 Multicast Storm Control 4 Unknown Unicast Storm Control 5 Broadcast Multicast Unknown Unicast Storm Control lt data_rate gt 1 100 The value must be the integer The value 100 disables broadcast storm control Possible value range 1 to 5 lt data_rate gt 1 100 Example PSES 2126C bandwidth set storm rate 2 99 B show Syntax LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Description To display all current settings of the bandwidth Argument None Possible value None Example SES 2126C bandwidth show U Port Ingress Rate Kb Egress Rate Kb d 102400 102400 2 102400 102400 3 102400 102400 23 102400 102400 24 102400 102400 25 1024000 1024000 26 1024000 1024000 Broadcast Storm Control Type Disable Rate 100 config file HW export start Syntax export start Description To run the export start function 155 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Argument None Possible value None Example PSES 2126C config file export start Export successful HW export user conf Syntax Description To run the export user c
188. te the current v v configuration which is working on via web browser and CLI 12 LANCOM ES 2126 und LANCOM ES 2126P m Chapter 1 Introduction v 5 kinds of QoS are as follows MAC Priority 802 1p Priority IP TOS Pri v ority and DiffServ DSCP Priority WEBconfig and CLI management over telnet v WEBconfig with optional SSL encryption and CLI management over SSH v Rapid Spanning Tree 802 1w RSTP v v 802 1x port security on a VLAN v v SNMP access can be disabled and prevent from illegal SNMP access v v Ingress Non unicast and Egress Bandwidth rating management v v The trap event and alarm message can be transferred via e mail and v v mobile phone short message Diagnostics to let administrator knowing the hardware status v v External loopback test to check if the link is ok v v TFTP for firmware upgrade system log upload and config file import v v export Remote boot the device through user interface and SNMP v v Network time synchronization and daylight saving v v TACACS for authorization authentication and accounting AAA v 10 event log records in the main memory and display on the local con A v sole Options LANCOM SFP Transceiver v v Item no 61556 LANCOM SFP SX LC1 Item no 61557 LANCOM SFP LX LC1 13 LANCOM ES 2126 und LANCOM ES 2126P E Chapter 2 Installation 2 2 1 2 2 Installation This chapter will assist you to quickly install h
189. te their knowledge database the set of VLANs associated with currently active members and through which ports these members can be reached LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management In GVRP Configuration function folder there are three functions supported including GVRP Config GVRP Counter and GVRP Group explained below 1 2 3 4 5 RR 0e 8 ve Port Join Time Leave Time LeaveAll Time Default Applicant Mode Default Registrar Mode Restricted Mode sol 1i L J Function name GVRP Config Function Description In the function of GVRP Config it is used to confi gure each port s GVRP operation mode in which there are seven parame ters needed to be configured described below Parameter Description GVRP State Setting This function is simply to let you enable or disable GVRP function You can pull down the list and click the lt Downward gt arrow key to choose Enable or Disable Then click the lt Apply gt button the system will take effect immediately Join Time Used to declare the Join Time in unit of centisecond Valid time range 20 100 centisecond Default 20 centisecond Leave Time Used to declare the Leave Time in unit of centisecond Valid time range 60 300 centisecond Default 60 centisecond Leave All Time A time period for
190. time interval defined by the user The valid range is 3 to 10 seconds The Refresh Interval is used to set the update frequency Default update time is 3 seconds Detail Counter Select Port2 v Refresh Interval 3sec v Reset Time elapsed since last reset 2 Days 16 Hours 2 Mins 25 Secs Receive Total Transmit Error Counters Rx Packets 605748 BE LED Rx Octets 69092670 Bess Eee EST i THEM rx mutipie Colision 36959 EETTTTTZT S 563902 RESTI CIC REEL 4887 EEE Tx Excessive Collision 29213 EELA 37988 562074 ELECO 14853278 3051 EEEL 37988 10626 ELAES 0 784 Tx Multicast Packets 0 Tx Pause Packets 0 Receive Error Counters Rx 0 Rx Alignment Errors 0 m Function name detail Counter m Function Description Display the detailed counting number of each port s traffic The window can show all counter information of each port at one time W Parameter Description Rx Packets The counting number of the packet received Rx Octets Total received bytes Rx Errors Number of bad packets received Rx Unicast Packets Show the counting number of the received unicast packet Rx Broadcast Packets Show the counting number of the received broadcast packet ococcococ 51 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 52
191. tion Argument None Possible value None Example PSES 2126C firmware upgrade Upgrading firmware gvrp W disable Syntax disable Description To disable the gvrp function Argument None Possible value None Example PSES 2126C gvrp disable 161 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 162 EH enable Syntax enable Description To enable the gvrp function Argument None Possible value None Example PSES 2126C gvrp enable group Syntax group group number Description To enter any of gvrp group for changing gvrp group setting You can change the applicant or registrar mode of existing gvrp group per port Argument group number enter which gvrp group you had created using value is vid Available range 1 to 4094 Possible value group number 1 4094 Example PSES 2126C gvrp show group GVRP group information Current Dynamic Group Number 1 VID Member Port 2 5 PSES 2126C gvrp group 2 PSES 2126C gvrp group 2 set applicant 1 6 non participant LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management PSES 2126C gvrp group 2 show GVRP group VID 2 Port Applicant Registrar 1 Non Partic
192. tos Syntax show tos Description To show IP tos Qos configuration Argument None Possible value None Example PSES 2126C qos show tos ip tos classification Global QoS mode Enable QoS Disable 802 1p Priority Enable ip tos classification Disable ip diffserv classification Scheduling weighted round robin method weight yrr 0 1 wrr 1 1 wrr 2 8 wrr 3 16 weighted range 1 55 P0 7 Priority 0 7 Default mode Queue0 P0 P1 Queuel P2 P3 Queue2 P4 P5 Queue3 P6 P7 Queue 0 0 1 1 2 2 3 3 TOS type Delay Priority LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management Queue 0 0 1 1 2 2 3 3 TOS type Throughput Priority Queue 0 0 1 1 2 2 3 3 TOS type Reliability Priority Queue 0 0 1 1 2 2 3 3 TOS type Monetary Cost Priority reboot m reboot Syntax reboot Description To reboot the system Argument None Possible value None Example PSES 2126C reboot security isolated group 205 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 206 E set Description To set up the function of the isolated group Argument port isolated port range syntax 1 5 7 available from 0 to 26 set 0 as disabled Possible value port gt 0 to 26 Example PSES 2126C security isolated group set 2 3 4 show S
193. ty Mapping Priority Queue Priority Queue Priority Queue Priority Queue BENE o MERE BENE EN ion eee oo BERE o BNENNN BENI r ERE NER EBEN E3 BENE c BEEN EN m W A DEN EEN EE EN EEN EEN o A o E oe e gt e o x e Me ae e ey me oc o ce EE EE s s E EE o e e E ELE NNNM e M E Function name DSCP Setting m Function Description In the late 1990s the IETF redefined the meaning of the 8 bit SERVICE TYPE field to accommodate a set of differentiated ser vices DS Under the differentiated services interpretation the first six bits comprise a codepoint which is sometimes abbreviated DSCP and the last two bits are left unused DSCP can form total 64 0 63 kinds of Traffic Class based on the arran gement of 6 bit field in DSCP of the IP packet In the switch user is allo wed to set up these 64 kinds of Class that belong to any of queue 0 3 117 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 118 4 20 4 20 1 W Parameter Description DSCP Priority Mapping 64 kinds of priority traffic as mentioned above user can set up any of Queue 0 3 In default Priority 0 15 are mapping to Queue 0 Priority 16 31 are mapping to Queue 1 Priority 32 41 are
194. up the timer of autologout Argument time range 1 to 3600 seconds 0 for autologout off current setting is 180 seconds Possible value time gt 0 1 3600 Example PSES 2126C autologout 3600 Set autologout time to 3600 seconds bandwidth W set egress rate Syntax set egress rate range data rate Description To set up the egress rate of the ports Argument lt range gt syntax 1 5 7 available from 1 to 26 lt data_rate gt 66 1024000 Kb port 1 24 66 102400 Kb port 25 26 66 1024000 Kb Possible value lt range gt 1 to 26 lt data_rate gt 66 102400 Kb for port 1 24 66 1024000 Kb for port 25 26 Example PSES 2126C bandwidth set egress rate 1 16 299 m set ingress rate Syntax 153 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 154 Set ingress rate range data rate Description To set up the ingress rate of the ports Argument lt range gt syntax 1 5 7 available from 1 to 26 data rate 66 1024000 Kb port 1 24 66 102400 Kb port 25 26 66 1024000 Kb Possible value range 1 to 26 data rate 66 102400 Kb for port 1 24 66 1024000 Kb for port 25 26 Example PSES 2126C bandwidth set ingress rate 1 16 100 set storm rate Syntax Description To set up the storm ra
195. upport IGMP version 2 RFC 2236 The function IGMP snooping is used to establish the multicast groups to forward the multicast packet to the member ports and in nature avoid wasting the bandwidth while IP mul ticast packets are running over the network LANCOM ES 2126 und LANCOM ES 2126P m Chapter 1 Introduction 1 2 Just what can your LANCOM switch do Hardware Supports 24 port 10 100M TP ports with Nway and auto MDIX function v v x 2 Gigabit dual media ports TP SFP v v On line pluggable fiber transceiver modules v v 256KB packet buffer and 128KB control memory v v Maximal packet length can be up to 1536 bytes v v Full duplex flow control IEEE802 3x and half duplex backpressure v v Ssatus LEDs System Power CPURUN ACT FDX SPD LEDSET v v TP Port 1 24 LINK ACT FDX SPD v v SFP Ports 25 26 LINK ACT FDX SPD v v PoE support PoE with 48VDC power through RJ 45 pin 1 2 3 6 v Powered Device PD auto detection and classification v PoE PSE status and activity LED indicator v Management Concisely the status of port and easily port configuration v v Per port traffic monitoring counters v v Port mirror function v v Static trunk function v v 802 1Q VLAN with 256 entries v v DHCP Broadcasting Suppression to avoid network suspended or v v crashed Trap event while monitored events happened v v Default configuration which can be restored to overwri
196. urer s OUI code which is assigned by IEEE Vendor Name Display the company name of the module manufactu rer Vendor P N Display the product name of the naming by module manufacturer Vendor Rev Revision Display the module revision Vendor SN Serial Number Show the serial number assigned by the manufacturer Date Code Show the date this module was made Temperature Show the current temperature of module Vcc Show the working DC voltage of module 49 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management Mon1 Bias mA Show the Bias current of module Mon2 TX PWR Show the transmit power of module Mon3 RX PWR Show the receiver power of module 4 3 3 Simple Counter The function of Simple Counter collects any information and provides the counting about the traffic of the port no matter the packet is good or bad In the following figure the window can show all ports counter information at the same time Each data field has 20 digit long If the counting is overflow the counter will be reset and restart counting The data is updated every time interval defined by the user The valid range is 3 to 10 seconds The Refresh Interval is used to set the update frequency Default update time is 3 seconds Simple Counter Refresh Interval 3sec Lc Time elapsed since last reset 2 Days 15
197. us even illegal access record and so on The default values of the managed switch are listed in the table below IP Adress 172 23 56 250 172 23 56 251 Subnet Mask 255 255 255 0 255 255 255 0 Default Gateway 172 23 56 254 172 23 56 254 Default DNS Server 172 23 56 254 172 23 56 254 Username admin admin Password admin admin After the managed switch has been finished configuration in the CLI via the Switch s serial interface you can browse it For instance type http 192 168 1 1 in the address row in a browser it will show the following screen and ask you inputting username and password in order to login and access authentication The default username and password are both admin For the first time to use please enter the default username and password then click the Login button The login process now is completed Alternatively you can login to the decive using an secure and encrypted con nection via HTTPS and the Secure Sockets Layer SSL LANCOM ES 2126 only The switch already contains the required certificate In this login menu you have to input the complete username and password respectively the switch will not give you a shortcut to username automatically This looks inconvenient but safer In the switch it supports a simple user management function allowing only one administrator to configure the system at the same time If there are two or more users using administrator s identity the switch w
198. us will show the following screen If the port is granted to access the network the port status is authori zed otherwise unauthorized Port Security Management disable disable disable disable disable disable disable disable disable disable disable disable disable disable disable disable disable disable disable disable disable disable disable Function name Param Setting Function Description This function is used to configure the parameters for each port in 802 1x port security application Refer to the following para meters description for details Parameter Description Port It is the port number to be selected for configuring its associated 802 1x parameters which are Port control reAuthMax txPeriod Quiet E Ev 95 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 96 Period reAuthEnabled reAuthPeriod max Request suppTimeout serverTimeout and Controlled direction Port Control This is used to set the operation mode of authorization There are three type of operation mode supported ForceUnauthori zed ForceAuthorized Auto ForceUnauthorized The controlled port is forced to hold in the unauthorized state ForceAuthorized The controlled port is forced to hold in the authorized state Auto The controlled port is set to be
199. uthentication in 802 1x port security application HW Parameter Description Radius Server RADIUS server IP address for authentication Default 192 168 1 1 Port Number The port number to communicate with RADIUS server for the authentication service The valid value ranges 1 65535 Default port number is 1812 Secret Key The secret key between authentication server and authen ticator It is a string with the length 1 31 characters The character string may contain upper case lower case and 0 9 It is character sense It is not allowed for putting a blank between any two charac ters Default Radius 802 1X State Setting 192 168 1 1 ibis 192 168 1 1 m Function name 802 1x Mode Setting m Function Description Set the operation mode of 802 1X for each port In this device it supports only Multi host operation mode Parameter Description Port Number Indicate which port is selected to configure the 802 1x operation mode 93 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 802 1x Mode 802 1x operation mode There are two options inclu ding Disable and Multi host mode Default is Disable Disable It will have the chosen port acting as a plain port that is no 802 1x port access control works on the port 802 1x with Multi host In Multi host mode for the devices connected t
200. utomatically that whether the device linked to the port on the switch is PD Powered Device or not The switch also manage the power supple ment based on the Class of the PD and it will stop supplying the power LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management once the power required by the PD excesses the Class Short Circuit or over temperature occurs PoE Configuration EET CNN TU SITE TIER o norma Enable v Normal v 0 0 Eva Enable Normal 0 0 0 BEB norma Enable Normal v 0 0 0 BEB norma Enable Normal 0 0 0 s EE Enable v Normal 0 0 0 Boma Enable v Normal v 0 0 0 Boma Enable v Normal v 0 0 0 BEB roma Enable v Normal v 0 0 0 9 S Enable x Normal x 0 0 0 Bora Enable Normal v 0 0 0 v DES Enable Normal 0 0 0 ES Enable v Normal v 0 0 0 BE oma Enable y Normal v 0 0 0 1 DET Enable v Normal v 0 0 0 s O Enable Normal 0 0 0 Bona Enable v Normal v 0 0 0 st Normal Enable gt Normal 0 0 0 Boma Enable Normal 0 0 0 m Parameter Description Status Include Normal or Active two kinds of status The former means the port is ready to link and supply the power to the PD at any time The latter means the port is in the condition of supplying the power State Enable means th
201. vated the TACACS server will be queried for authorization each time a user enters a command Data traffic during configuration will increase correspondingly Also the user rights must be defined in the TACACS server Here rights are granted at the top menu level this means for example that the complete configuration area Account can be allo wed or blocked for a user Fallback to local authorization Activates the fallback to local authorization if the TACACS login should fail Authorization Fallback to Local Authorization Enable 101 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 102 4 16 4 16 1 B Accounting State Activates accounting via TACACS server If TACACS accounting is activated all accounting data is transmitted via TACACS protocol to the configured TACACS server O TACACS accounting will only activate if the defined TACACS server is available Accounting ET D Please note that when using Telnet or the Web interface for the con figuration different entries may be found in the accounting for the same configuration If for example the values for Location Con tact and Device name are reset with Telnet the accounting server lists three actions With the Web interface the three values are loca ted on a single page and changing these results in just one entry to the accounting Alarm Configuration Events Fu
202. vices Offered H Supplicant by Authenticator Authenticator Authentication PAE e g Bridge Relay PAE Server Controlled port Uncontroliedport Port Authonze In this figure is the typical configuration a single supplicant an authenticator and an authentication server B and C is in the internal network D is Authen tication server running RADIUS switch at the central location acts Authenti cator connecting to PC A and A is a PC outside the controlled port running 89 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 4 Operation of Web based Management 90 Supplicant PAE In this case PC A wants to access the services on device B and C first it must exchange the authentication message with the authenticator on the port it connected via EAPOL packet The authenticator transfers the supplicant s credentials to Authentication server for verification If success the authentication server will notice the authenticator the grant PC A then is allowed to access B and C via the switch If there are two switches directly connected together instead of single one for the link connecting two swit ches it may have to act two port roles at the end of the link authenticator and supplicant because the traffic is bi directional Authentication server Supplicant A The figure shows the procedure of 802 1x authentication There are steps for the login based on 802 1x port access control management The protoc
203. ving any packets from a 802 1x enabled port Before the devices or end stations can access the network resources through the ports under 802 1x control the devices or end stations connected to a controlled port send the authentication request to the authenticator the authenticator pass the request to the authentication server to authenticate and verify and the server tell the authenticator if the request get the grant of authorization for the ports According to IEEE802 1x there are three components implemented They are Authenticator Supplicant and Authentication server Supplicant It is an entity being authenticated by an authenticator It is used to com municate with the Authenticator PAE Port Access Entity by exchanging the authentication message when the Authenticator PAE request to it Authenticator An entity facilitates the authentication of the supplicant entity It controls the state of the port authorized or unauthorized according to the result of authentication message exchanged between it and a supplicant PAE The authenticator may request the supplicant to re authenticate itself at a configured time period Once start re authenticating the supplicant the controlled port keeps in the authorized state until re authentication fails LANCOM ES 2126 und LANCOM ES 2126P m Chapter 4 Operation of Web based Management A port acting as an authenticator is thought to be two logical ports a con trolled port and an u
204. vious commands that you had ever run When you enter this command the CLI would show a list of commands which you had typed before The CLI supports up to 256 records If no argument is typed the CLI would list total records up to 256 If optional argument is given the CLI would only show the last numbers of records given by the argument Argument show last number of history records optional Possible value 4 1 2 3 256 Example PSES 2126C ip history Command history 0 trunk exit PSES 2126C trunk PSES 2126C trunk exit PSES 2126C trunk exit cO u HD oO FPF WwW N Ln alarm LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 9 events 10 end 11 ip 12 help 13 history PSES 2126C ip history 3 Command history 12 help 13 history 14 history 3 PSES 2126C ip logout Syntax logout Description When you enter this command via Telnet connection you would logout the system and disconnect If you connect the system through direct serial port with RS 232 cable you would logout the system and be back to the initial login prompt when you run this command Argument None Possible value None Example PSES 2126C logout restore default Syntax restore default Description When you use this function in CLI the system will show you the
205. yntax show A Description To display the current setting status of isolated group Argument None Possible value None Example PSES 2126C security isolated group show Isolated group 234 lt lt mirror gt gt disable Syntax disable Description To disable the function of mirror Argument LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management None Possible value None Example PSES 2126C security mirror disable enable Syntax enable Description To enable the function of mirror Argument None Possible value None Example PSES 2126C security mirror enable set Syntax set spy lt ingress gt lt egress gt Description To set up the monitoring port and monitored ports of the mirror function User can monitor the ports that receive or transmit the packets Argument spy monitoring port lt ingress gt monitored ingress port range syntax 1 5 7 available from 0 to 26 lt egress gt monitored egress port range syntax 1 5 7 available from 0 to 26 set ingress egress to 0 as ingress egress disabled Possible value lt ingress gt 0 to 26 lt egress gt 0 to 26 Example 207 LANCOM ES 2126 und L
206. yntax 1 5 7 available from 1 to 26 Possible value port range 1 to 26 Example PSES 2126C VLAN enable drop untag 2 4 5 7 E enable svl Syntax enable svl Description To enable Shared VLAN Learning Argument None Possible value None Example PSES 2126C VLAN enable svl HW enable symmetric Syntax enable symmetric Description To drop frames from the non member port Argument None Possible value None 233 LANCOM ES 2126 und LANCOM ES 2126P B Chapter 5 Operation of CLI Management 234 Example PSES 2126C VLAN enable symmetric B set mode Syntax set mode lt port tag gt Description To switch VLAN mode between port based and tag based modes Argument lt port tag gt port or tag tag set tag based VLAN port set port based VLAN Possible value port tag gt port or tag A Example PSES 2126C VLAN set mode tag set port group Syntax set port group name range Description To add or edit a port based VLAN group Argument lt name gt port VLAN name lt range gt VLAN group members syntax 1 5 7 available from 1 to 26 Possible value range gt 1 to 26 A Example PSES 2126C VLAN set port group VLAN 1 2 5 6 10 set pvid Syntax set pv
Download Pdf Manuals
Related Search