Go to page of
Similar user manuals
-
Switch
ZyXEL Communications MM-7201
6 pages 0.88 mb -
Switch
ZyXEL Communications GS2200-8/24
332 pages 7.54 mb -
Switch
ZyXEL Communications XGS4700-48F
485 pages 12.12 mb -
Switch
ZyXEL Communications MGS-3712
2 pages 0.13 mb -
Switch
ZyXEL Communications ES-2108-F
43 pages 0.71 mb -
Switch
ZyXEL Communications gs2200-48
352 pages 6.95 mb -
Switch
ZyXEL Communications ES-2108PWR
4 pages 1.16 mb -
Switch
ZyXEL Communications PoE-10
10 pages 0.28 mb
A good user manual
The rules should oblige the seller to give the purchaser an operating instrucion of ZyXEL Communications GS2200-24, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.
What is an instruction?
The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of ZyXEL Communications GS2200-24 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.
Unfortunately, only a few customers devote their time to read an instruction of ZyXEL Communications GS2200-24. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.
What should a perfect user manual contain?
First and foremost, an user manual of ZyXEL Communications GS2200-24 should contain:
- informations concerning technical data of ZyXEL Communications GS2200-24
- name of the manufacturer and a year of construction of the ZyXEL Communications GS2200-24 item
- rules of operation, control and maintenance of the ZyXEL Communications GS2200-24 item
- safety signs and mark certificates which confirm compatibility with appropriate standards
Why don't we read the manuals?
Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of ZyXEL Communications GS2200-24 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of ZyXEL Communications GS2200-24, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the ZyXEL Communications service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of ZyXEL Communications GS2200-24.
Why one should read the manuals?
It is mostly in the manuals where we will find the details concerning construction and possibility of the ZyXEL Communications GS2200-24 item, and its use of respective accessory, as well as information concerning all the functions and facilities.
After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.
Table of contents for the manual
-
Page 1
www.zyxel.com GS2200-24 Intelligent Layer 2 GbE Switch Copyright © 2009 ZyXEL Communications Corporation Firmware Version 3.90 Edition 1, 6/2009 Default Login Details IP Address http://192.168.1.1 User Name admin Password 1234[...]
-
Page 2
[...]
-
Page 3
About This User's Guide GS2200-24 User’s Guide 3 About This User's Guide Intended Audience This manual is intended for people who want to configure the Swi tch using the web configurator. Related Documentation • Command Line Interfa ce (CLI) Reference Guide The Command Reference Guide explai ns how to use the Command-Line Interface (C[...]
-
Page 4
About This User's Guide GS2200-24 User’s Guide 4 • Download Library Search for the latest produc t updates an d documentation from this link. Read the Tech Doc Overview to find out how to ef ficiently us e the User Guide, Quick Start Guide and Command Line Int erface Reference Guide i n order to better understand how to use your product. ?[...]
-
Page 5
Document Conventions GS2200-24 User’s Guide 5 Document Conventions Warnings and Notes These are how warnings and notes ar e shown in this User’s Guide. Warnings tell you a bout things that coul d harm you or your device. Note: Notes tell you o ther important informat ion ( for example, other things you may need to configure or helpful tips) or [...]
-
Page 6
Document Conventions GS2200-24 User’s Guide 6 Icons Used in Figures Figures in this User’s Guide may use the fo llowing generic ic ons. The Sw itch i con is not an exact representation of your d evice. The Switch Computer Notebook computer Server DSLAM Firewall Telephone Router[...]
-
Page 7
Safety Warnings GS2200-24 User’s Guide 7 Safety Warnings • Do NOT use this product near water, for exam ple, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, du st or corrosive liquids. • Do NOT store things on the device. • Do NOT install, use, or service this device during a thunderstorm. There is a re[...]
-
Page 8
Safety Warnings GS2200-24 User’s Guide 8[...]
-
Page 9
Contents Overview GS2200-24 User’s Guide 9 Contents Overview Introduction and Hardware ................................................ ........................................... ........ 23 Getting to Know Your Switch ........................... ............. ................ ................ ................ ........... .. 25 Hardware Installa[...]
-
Page 10
Contents Overview GS2200-24 User’s Guide 10 DHCP ................... ............. ................ ................ ............. ................ ................ ............ ............ 261 Management ................................................... ..................................................... ............ ..... 269 Maintenance .[...]
-
Page 11
Table of Contents GS2200-24 User’s Guide 11 Table of Contents About This User's Guide ...................... ..................................................... ............................. .. 3 Document Conventions.................................................................. ......................................... .5 Safety Warnin[...]
-
Page 12
Table of Contents GS2200-24 User’s Guide 12 3.2.4 Power Connector ................ ................ ............. ................ ................ ................ .......... 39 3.3 LEDs .... ............. ................ ................ ............. ................ ............. ................ ......... .............. 40 Part II: Basic Co[...]
-
Page 13
Table of Contents GS2200-24 User’s Guide 13 Chapter 8 Basic Setting ............................................................. .................................................... . ........ 71 8.1 Overview ... ................ ................. ............ ................. ................ ............. ................ .... ............ 71[...]
-
Page 14
Table of Contents GS2200-24 User’s Guide 14 10.1 Overview ................. ................. ................ ............. ................ ................ ................ .. ......... 107 10.2 What You Can Do ....................... ................ ................ ................ ................ ................ ... .. 107 10.3 Configuri[...]
-
Page 15
Table of Contents GS2200-24 User’s Guide 15 14.1 Bandwidth Control Overview .................. ................ ................ ................ ................ ........ 139 14.2 What You Can Do ....................... ................ ................ ................ ................ ................ ... .. 139 14.3 Bandwidth Control Setup ..[...]
-
Page 16
Table of Contents GS2200-24 User’s Guide 16 Chapter 20 Classifier ..................................... ..................................................... ........................... ........... 169 20.1 Overview ................. ................. ................ ............. ................ ................ ................ .. ......... 1[...]
-
Page 17
Table of Contents GS2200-24 User’s Guide 17 24.2 What You Can Do ....................... ................ ................ ................ ................ ................ ... .. 193 24.3 What You Need to Know .................. ................ ................. ................ ................ .............. 193 24.3.1 IP Multicast Addresses[...]
-
Page 18
Table of Contents GS2200-24 User’s Guide 18 26.12.1 DHCP Snooping Overview . ................ ................ ................ ................. ................ . 235 26.12.2 ARP Inspection Overvi ew ............... ................ ................ ................ ................ ..... 238 Chapter 27 Loop Guard...............................[...]
-
Page 19
Table of Contents GS2200-24 User’s Guide 19 31.3 What You Need to Know .................. ................ ................. ................ ................ .............. 261 31.3.1 DHCP Modes ...... ...... ....... ................ ............. ................ ............. ................ ........... 261 31.3.2 DHCP Configuration Options .[...]
-
Page 20
Table of Contents GS2200-24 User’s Guide 20 33.9 Technical Reference ...................... ................ ................ ................ ................. ............ ... .. 287 33.9.1 About SNMP ............................. ................. ................ ................ ................ ........... 288 33.9.2 SSH Overview ..........[...]
-
Page 21
Table of Contents GS2200-24 User’s Guide 21 39.2 Configure Clone .................. ................ ............. ................. ............ ................. ............ ..... 321 Part VI: Troubleshooting & Prod uct Specification s ......................... 323 Chapter 40 Troubleshooting.................................................[...]
-
Page 22
Table of Contents GS2200-24 User’s Guide 22[...]
-
Page 23
23 P ART I Introduction and Hardware Getting to Know Your Switch (25) Hardware Installation and Connection (31) Hardware Panels (35)[...]
-
Page 24
24[...]
-
Page 25
GS2200-24 User’s Guide 25 C HAPTER 1 Getting to Know Your Switch 1.1 Introduction This chapter introduces the main features and applications of the Switch. The Switch is a layer-2 standalone Ethernet switch with additional layer-2, l ayer- 3, and layer-4 features suitab le for Ethernets. The Switch has twent y-four 10/ 100/1000 Mbps Ethernet port[...]
-
Page 26
Chapter 1 Getting to Know Your Switch GS2200-24 User’s Guide 26 In this example, all computer s can share hig h-speed applicatio ns on the serv er. To expand the network, simply add more networking devi ces such as switches, routers, computers, print servers etc. Figure 1 Backbone Application 1.1.2 Bridging Example In this example, the Switch con[...]
-
Page 27
Chapter 1 Getting to Kn ow Your Switch GS2200-24 User’s Guide 27 1.1.3 High Performance Switching Example The Switch is ideal for connect ing two ne tworks that need high bandwidth. In the following example, use trunking to connect these two networks. Switchin g to high er-speed LANs suc h as ATM (Asynchronous Transmission Mode) is not feasible f[...]
-
Page 28
Chapter 1 Getting to Know Your Switch GS2200-24 User’s Guide 28 Shared resources such as a server can be used by all ports in the same VLAN as the server. In the following figure only ports that need access t o the server need to be part of VLAN 1. Ports can belong to ot her VLAN groups too. Figure 4 Shared Serve r Using VLAN Example 1.2 Ways to [...]
-
Page 29
Chapter 1 Getting to Kn ow Your Switch GS2200-24 User’s Guide 29 • Write down the password an d put it in a safe pl ace. • Back up the configuration (and mak e sure you know how to restore it). Restorin g an ea rlier worki ng config uratio n may be useful if the device becomes unstable or even crashes. If you forget your password, yo u will h[...]
-
Page 30
Chapter 1 Getting to Know Your Switch GS2200-24 User’s Guide 30[...]
-
Page 31
GS2200-24 User’s Guide 31 C HAPTER 2 Hardware Installation and Connection 2.1 Installation Scenarios This chapter shows you how to install and connect the Switch. The Switch can be pl aced on a desktop or rack-mounted on a standard EIA rack. Use the rubber feet in a desktop installation and the brackets in a rack-mounted installation. Note: For p[...]
-
Page 32
Chapter 2 Hardware Installation and Connection GS2200-24 User’s Guide 32 2.3.1 Rack-mounted Installation Requirements • Two mounting brackets. • Eight M3 flat head screws and a #2 Philips screwdriver. • Four M5 flat head screws and a #2 Philips screwdriver. Failure to use the proper sc rews may da mage the unit. 2.3.1.1 Precautions • Make[...]
-
Page 33
Chapter 2 Hard ware Installation an d Connection GS2200-24 User’s Guide 33 2.3.3 Mounting the Switch on a Rack 1 Position a mounting bracket (that is alread y attached t o the Switch) on one side of the rack, lining up the two screw holes on the bracket with the sc rew holes on the side of the rack. Figure 6 Mounting the Switch on a Rack 2 Using [...]
-
Page 34
Chapter 2 Hardware Installation and Connection GS2200-24 User’s Guide 34[...]
-
Page 35
GS2200-24 User’s Guide 35 C HAPTER 3 Hardware Panels 3.1 Overview This chapter describes the front panel and rear panel of the Sw itch and shows you how to make the hardware connections. 3.2 Front Panel The following figure shows th e front panel of the Switch. Figure 7 Front Panel The following table describes the port labels on the front panel.[...]
-
Page 36
Chapter 3 Hardw are Panels GS2200-24 User’s Guide 36 3.2.1 Console Port For local management, you can use a computer with terminal emulation software configured to the following parameters: • VT100 • Terminal emulati on • 9600 bps • No parity, 8 data bits, 1 stop bit • No flow control Connect the male 9-pin end of the console cable to t[...]
-
Page 37
Chapter 3 Hardware Pa nels GS2200-24 User’s Guide 37 ports. This means that if a mini-GBIC slot and the corresponding GbE port are connected at the same time, the GbE port will be disabled. When auto-negotiation is turned on, an Ethernet port negotiates with the peer automatically to determine the connection speed and d uplex mode. If the peer Et[...]
-
Page 38
Chapter 3 Hardw are Panels GS2200-24 User’s Guide 38 • Connection speed: 1 Gi gabit per second (Gbps) 3.2.3.1 Transceiver Installation Use the following steps to install a mini-GBIC transceiver (SFP module). 1 Insert the transceiver into the slot with the exposed section of PCB board f acing down. 2 Press the transceiver firmly unt il it clicks[...]
-
Page 39
Chapter 3 Hardware Pa nels GS2200-24 User’s Guide 39 3 Pull the tran sceiver out of the slot. Figure 10 Removing the Fibe r Optic Cables Figure 11 Opening the Transceiver’s L atch Example Figure 12 Transceiver Removal Example 3.2.4 Power Connector Note: Make sure you are usin g the correct power source as shown on the panel. To connect power to[...]
-
Page 40
Chapter 3 Hardw are Panels GS2200-24 User’s Guide 40 3.3 LEDs After you connect the power to the Swit ch, view the LEDs to ensure proper functioning of the Switch and as an aid in t roubleshooting. Table 2 LED Descriptions LED COLOR STATU S DESCRIPTION PWR Green On The system is turned on. Off The system is off or has failed. SYS Green On The sys[...]
-
Page 41
41 P ART II Basic Configuration The Web Configurator (43) Initial Setup Example (51) System Status and Port Stat istics (65) Basic Setting (71)[...]
-
Page 42
42[...]
-
Page 43
GS2200-24 User’s Guide 43 C HAPTER 4 The Web Configurator 4.1 Overview This section introduces the config uratio n and functi ons of the web configurator. The web configurator is an HTML-based management interface that allows easy Switch setup and management via Internet brows er. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and [...]
-
Page 44
Chapter 4 The Web Configurator GS2200-24 User’s Guide 44 3 The login screen appears. The defa ult username is admin and associated default password is 1234 . The date and time display as shown if you have not configured a time server nor manually en tered a time and date in the General Setup screen. Figure 13 Web Configurator: Login 4 Click OK to[...]
-
Page 45
Chapter 4 The Web Configurator GS2200-24 User’s Guide 45 A - Click the menu items to open submenu li nks, and then cl ick on a submenu link to open the screen in the main window. B , C , D , E - These are quick links which allow you to perform certain tasks no matter which screen you are currently working in. B - Click this link to save your conf[...]
-
Page 46
Chapter 4 The Web Configurator GS2200-24 User’s Guide 46 The following table descri bes the links in the navigation panel. Table 4 Navigation Panel Links LINK DESCRIPTION Basic Settings System I nfo This link takes you to a screen that displays general system information. General Setup This link takes you to a screen where you can configure gener[...]
-
Page 47
Chapter 4 The Web Configurator GS2200-24 User’s Guide 47 VLAN Stacking This link takes you to screens where you can configure VLAN stacking. Multicast This link takes you to screens where you can configure various multicast features, IGMP snooping and create multicast VLANs. AAA This link takes you to a screen where you can configure authenticati[...]
-
Page 48
Chapter 4 The Web Configurator GS2200-24 User’s Guide 48 4.3.1 Change Your Password After you log in for the first time, it is recommended you ch ange the default administrator password. Click Management > Access Control > Logins to display the next screen. Figure 15 Change Administrator Login Password 4.4 Saving Your Configuration When you[...]
-
Page 49
Chapter 4 The Web Configurator GS2200-24 User’s Guide 49 4.5 Switch Lockout You could block yourself (and all ot hers) from managing the Switch if you do one of the following: 1 Delete the management VLAN (def ault is VLAN 1). 2 Delete all port-based VLANs with the CPU port as a member. The “CPU port” is the management port of the Switch. 3 F[...]
-
Page 50
Chapter 4 The Web Configurator GS2200-24 User’s Guide 50 2 Disconnect and reconnect the Swi tch’s power to begin a session. When you reconnect the Switch’s power, you will see the initial screen. 3 When you see the mes sage “ Press any key to enter Debug Mode within 3 seconds ... ” press any key to ent er debug mode. 4 Type atlc after the[...]
-
Page 51
GS2200-24 User’s Guide 51 C HAPTER 5 Initial Setup Example 5.1 Overview This chapter shows how to set up th e Switch for an example network. The following lists the configurati on steps for the initial setup: • Create a VLAN • Set port VLAN ID • Configure the Switch IP manag ement address 5.1.1 Creating a VLAN VLANs confine broadcast frames[...]
-
Page 52
Chapter 5 Initial Set up Example GS2200-24 User’s Guide 52 1 Click Advanced A pplication > VLA N in the navigation panel and click the Static VLAN link. 2 In the Static VLAN screen, select ACTIVE , enter a descriptive name in the Name field and enter 2 in the VLAN Group ID field fo r the VLAN2 network. Note: The VLAN Group ID field in this scr[...]
-
Page 53
Chapter 5 Initial Set up Example GS2200-24 User’s Guide 53 5.1.2 Setting Port VID Use PVID to add a tag to incoming untagged frames received on that port so that the frames are forwarded to the VL AN group that the tag defines. In the example network, configure 2 as the port VID on port 1 so that any untagged frames received on th at port get sen[...]
-
Page 54
Chapter 5 Initial Set up Example GS2200-24 User’s Guide 54 5.2 Configuring Switch Management IP Address The default management IP address of the Switch is 192.168.1.1. You can configure another IP address in a differ ent subnet for management purposes. The following figure shows an exa mple. Figure 19 Initia l Setup Example: Management IP Address[...]
-
Page 55
GS2200-24 User’s Guide 55 C HAPTER 6 Tutorials 6.1 Overview This chapter provides some examples of using the web conf igurator to set up and use the Switch. The tutorials include: • How to Use DHCP Snooping on the Switch • How to Use DHCP Relay on the Switch 6.2 How to Use DHCP Snooping on the Switch You only want DHCP server A connected to p[...]
-
Page 56
Chapter 6 Tutorials GS2200-24 User’s Guide 56 1 Access th e Switch thro ugh http://192.168.1 .1 by default. Log into the Switch by entering the username (default: admin ) and p assword (default: 1234 ). 2 Go to Advanced Application > VLAN > Static VLAN , and create a VLAN with ID of 100. Add ports 5, 6 and 7 in the VL AN by selecting Fixed [...]
-
Page 57
Chapter 6 Tutorials GS2200-24 User’s Guide 57 3 Go to Advanced Application > VLAN > VLAN Port Setting , and set the PVID of the ports 5, 6 and 7 to 100. This tags untagg ed incoming frames on ports 5, 6 and 7 with the tag 100. Figure 22 Tutorial: Tag Untagged Frames 4 Go to Advanced Application > IP Source Guard > DHCP snooping > C[...]
-
Page 58
Chapter 6 Tutorials GS2200-24 User’s Guide 58 5 Click the Port link at the top righ t corner. 6 The DHCP Snooping Port Configure screen appears. Select Trusted in the Server Trusted state field for port 5 because the DHCP server is connected to port 5. Keep ports 6 and 7 Untrusted because they are connected to DHCP clients. Click Apply . Figure 2[...]
-
Page 59
Chapter 6 Tutorials GS2200-24 User’s Guide 59 8 Click Save at the top right corner of the web configurator to save the configuration permanently. 9 Connect your DHCP server to port 5 and a computer (a s DHCP client) to either port 6 or 7. The computer should be ab le to get an IP address from the DHCP server. If you put the DHCP server on port 6 [...]
-
Page 60
Chapter 6 Tutorials GS2200-24 User’s Guide 60 on the system name, VLAN ID and port number in the DHCP request. Client A connects to the Switch’s port 2 in VLAN 102. Figure 27 Tutorial: DHCP Relay Scenario 6.3.2 Creating a VLAN Follow the steps below to config ure port 2 as a member of VLA N 102. 1 Access the web configurator through the Switch?[...]
-
Page 61
Chapter 6 Tutorials GS2200-24 User’s Guide 61 3 Click Advanced Application > VLAN > Static VLAN . 4 In the Static VLAN screen, select ACTIVE , enter a descripti ve name (VALN 102 for example) in the Name field and enter 102 in the VL AN Group ID field. 5 Select Fixed to configure port 2 to be a permanent member of this VLAN. 6 Clear the TX [...]
-
Page 62
Chapter 6 Tutorials GS2200-24 User’s Guide 62 8 Click the VLAN St atus link in the Static VLAN screen and then the VLAN Port Setting link in the VLAN Status sc reen. Figure 30 Tutorial: Click t he VLAN Port Setting Link 9 Enter 102 in the PVID f ield for port 2 to add a tag to incoming untagged frames received on that port so that the frames are [...]
-
Page 63
Chapter 6 Tutorials GS2200-24 User’s Guide 63 11 Click the Save link in the upper right c orner of the web conf igurator to save your configu ration per manent ly. 6.3.3 Configuring DHCP Relay Follow the steps below to enable DHCP rela y on the Switch and allow the Switch to add relay agent information (such as the VLAN ID) to DHCP requests. 1 Cl[...]
-
Page 64
Chapter 6 Tutorials GS2200-24 User’s Guide 64 1 Client A is connected to the Switch’s port 2 in VLAN 102. 2 You configu red the corr ect VLAN ID, por t number and syst em name for DHCP relay on both the DHCP server and the Switch. 3 You clicked the Save link on the Switch to have your sett ings take effect.[...]
-
Page 65
GS2200-24 User’s Guide 65 C HAPTER 7 System Status and Port Statistics 7.1 Overview This chapter describes the system s tatus (web conf igurator home page) and port details screens. The home screen of the web configurator displays a port statistical summary wit h links to each port showing s tatistical details. 7.2 What You Can Do •U s e t h e [...]
-
Page 66
Chapter 7 S ystem Status and Port Statist ics GS2200-24 User’s Guide 66 7.3 Port Status Summary To view the port statist ics, click Status in all web config urator screens to display the Status screen as sho wn next. Figure 33 Status The following table describes t he labels in this screen. Table 6 Status LABEL DESCRIPTION Port This identifies th[...]
-
Page 67
Chapter 7 System Status and Port Statistics GS2200-24 User’s Guide 67 7.3.1 Status: Port Details Click a number in the Port column in the Status screen to display indivi dual port statistics. Use t his screen to check status and detailed performance data about an individual port on the Switch. Figure 34 Status > Po rt Details Rx KB/s This fiel[...]
-
Page 68
Chapter 7 S ystem Status and Port Statist ics GS2200-24 User’s Guide 68 The following table describes t he labels in this screen. Table 7 Status: Port Details LABEL DESCRIPTION Port Info Port NO. This field displays the port number you are viewing. Name This field displays the name of the port. Link This field displays the speed (either 10M for 1[...]
-
Page 69
Chapter 7 System Status and Port Statistics GS2200-24 User’s Guide 69 Excessiv e This is a count of packets for which transmission failed due to excessive collisions. Excessive collision is defined as the number of maximum collisions before the retransmission count is reset. Late This is the number of times a late collision is detected, that is, [...]
-
Page 70
Chapter 7 S ystem Status and Port Statist ics GS2200-24 User’s Guide 70[...]
-
Page 71
GS2200-24 User’s Guide 71 C HAPTER 8 Basic Setting 8.1 Overview This chapter describes how to configure the System Info, General Setup , Switch Setup , IP Setup and Port Setup screens. The System Info screen displays ge neral Switch information (such as firmware version number). The General Setup screen allows you to configure general Switch iden[...]
-
Page 72
Chapter 8 Basic Setting GS2200-24 User’s Guide 72 8.3 System Information In the navigation panel, click Bas ic Setting > Sy stem Info to display the screen as shown. You can check the firmware version number. Figure 35 Basic Setting > System Info The following table describes t he labels in this screen. Table 8 Basic Setting > System Inf[...]
-
Page 73
Chapter 8 Basic Setting GS2200-24 User’s Guide 73 Fan Speed (RPM) A properly functioning fan is an essential component (along with a sufficiently ventilated, cool operating environment) in order for the device to stay within the temperature threshold. Each fan has a sensor that is capable of detecting and reporting if the fan speed falls below th[...]
-
Page 74
Chapter 8 Basic Setting GS2200-24 User’s Guide 74 8.4 General Setup Use this screen to configure general sett ings such as the system name and time. Click Basic Setting > Gener al Setup in the navigation panel to display the screen as shown. Figure 36 Basic Setting > General Setup The following table describes t he labels in this screen. Ta[...]
-
Page 75
Chapter 8 Basic Setting GS2200-24 User’s Guide 75 Use Time Server when Bootup Enter the time service pro t ocol that your timeserver uses. Not all time servers support all protocols, so you may have to use trial and error to find a protocol that works. The ma in differences between them are the time format. When you select the Daytime (R FC 867) [...]
-
Page 76
Chapter 8 Basic Setting GS2200-24 User’s Guide 76 8.5 Introduction to VLANs A VLAN (Virtual Local Area Network) allo ws a physical network to be partitioned into mult iple logic al networks . Devices on a logical network belong to one group. A device can belong to more than one grou p. With VLAN, a device cannot directly talk to or hear from devi[...]
-
Page 77
Chapter 8 Basic Setting GS2200-24 User’s Guide 77 8.6 Switch Setup Screen Click Basic Setting > Switch Setup in the navigation p anel to dis play the scre en as shown. The VLAN setup screens chan ge depending on whether you choose 802.1Q or Port Based in the VLA N Type field in this screen . Refer to Chapter 9 on page 87 for more information o[...]
-
Page 78
Chapter 8 Basic Setting GS2200-24 User’s Guide 78 8.7 IP Setup Use the IP Setup screen to configure the Switch IP address, defaul t gateway device, the default d omain name serv er and the management VLAN ID. The default gateway specifies the IP address of the default g ateway (next hop ) for outgoing traffic. Leave All Timer Leave All Timer sets[...]
-
Page 79
Chapter 8 Basic Setting GS2200-24 User’s Guide 79 8.7.1 Management IP Addresses The Switch needs an IP ad dress for it to be managed over the network. The factory default IP address is 192.168. 1.1. The subnet mask specifies the network number portion of an IP address. The factory default subnet mask is 255.255.255.0. You can configure up to 64 I[...]
-
Page 80
Chapter 8 Basic Setting GS2200-24 User’s Guide 80 The following table describes t he labels in this screen. Table 11 Basic Setting > IP Setup LABEL DESCRIPTION Domain Name Server DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. Enter a domain name server IP address in order to be able to u s[...]
-
Page 81
Chapter 8 Basic Setting GS2200-24 User’s Guide 81 8.8 Port Setup Use this screen to configure Switch port settings. Click Basic Setting > Port Setup in the navigation p anel to display the configuration screen. Figure 39 Basic Setting > Port Setup Default Gateway This field displays the IP address of the default gateway. Delete Check the ma[...]
-
Page 82
Chapter 8 Basic Setting GS2200-24 User’s Guide 82 The following table describes t he labels in this screen. Table 12 Basic Setting > Port Se tup LABEL DESCRIPTION Port This is the port index number. * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set t[...]
-
Page 83
Chapter 8 Basic Setting GS2200-24 User’s Guide 83 802.1p Priority This priority value is added to incomi ng frames without a (802.1p) priority queue tag. See Pr iority Queue Assignment in Tabl e 10 on page 77 for more information. Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is tur[...]
-
Page 84
Chapter 8 Basic Setting GS2200-24 User’s Guide 84[...]
-
Page 85
85 P ART III Advanced VLAN (87) Static MAC Forward Setup (107) Filtering (115) Spanning Tree Protocol (117) Bandwidth Control (139) Broadcast Storm Control (143) Mirroring (147) Link Aggregation (151) Port Authentication (161) Port Security (165) Classifier (169) Policy Rule (175) Queuing Method (181) VLAN Stacking (18 5) Multicast (193) AAA (201) [...]
-
Page 86
86[...]
-
Page 87
GS2200-24 User’s Guide 87 C HAPTER 9 VLAN 9.1 Overview This chapter shows you how to configur e 802.1Q tagged and p ort-based VLANs. The type of screen you see here depend s on the VLAN Type you selected in the Switch Setup screen. 9.2 What You Can Do •U s e t h e VLAN Status screen ( Section 9.4 on page 91 ) to view all VLAN groups. •U s e t[...]
-
Page 88
Chapter 9 VLAN GS2200-24 User’s Guide 88 dynamically through GVRP. The VLAN ID a ssociates a frame wi th a specific VLAN and provides the information that s witch es need to process the frame across the network. A tagged frame is four bytes longer than an untagged frame and contains two bytes of TPID (Tag Protocol Identifier, residing wi thin the[...]
-
Page 89
Chapter 9 VLAN GS2200-24 User’s Guide 89 LAN. GARP is a protocol that pr ovides a generic mechanism for protocols that serve a more specific application, for example, GVRP . 9.3.4.1 GARP Timers Switches join VLANs by making a declarat ion. A declaration is made by issui ng a Join message using GARP. Declarations are withdrawn by issuing a Leave m[...]
-
Page 90
Chapter 9 VLAN GS2200-24 User’s Guide 90 9.3.6 Port VLAN Trunking Enable VLAN Trunking on a port to allow frames belonging to unknown VLAN groups to pass through that port . This is us eful if you want to set up VLAN groups on end devices without having to config ure the same VLAN groups on intermediary devices. Refer to the following figure. Sup[...]
-
Page 91
Chapter 9 VLAN GS2200-24 User’s Guide 91 9.4 VLAN Status Click Advanced Application > VLAN from t he navigation panel to display the VLAN Status screen as shown next. Figure 42 Advanced Application > VLAN: VLAN Status The following table describes t he labels in this screen. Table 14 Advanced Application > VLAN: VLAN Status LABEL DESCRIP[...]
-
Page 92
Chapter 9 VLAN GS2200-24 User’s Guide 92 9.4.1 VLAN Details Use this screen to view detai led port sett ings and status of the VLAN group. Click on an index number in the VLAN Status screen to display VLAN details. Figure 43 Advanced Application > VLAN > VLAN Detail The following table describes t he labels in this screen. Table 15 Advanced[...]
-
Page 93
Chapter 9 VLAN GS2200-24 User’s Guide 93 9.5 Configure a Static VLAN Use this screen to configure and view 802. 1Q VLAN parameters for the Switch. To configure a static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next. Figure 44 Advanced Application > VLAN > Static VLAN The following table describes t he[...]
-
Page 94
Chapter 9 VLAN GS2200-24 User’s Guide 94 * Settings in this row apply to all ports. Use this row only if you wan t to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all t he ports as soon as you make them. Control S[...]
-
Page 95
Chapter 9 VLAN GS2200-24 User’s Guide 95 9.6 Configure VLAN Port Settings Use the VLAN Port Setting screen to co nfigure the static VLAN (IEEE 802.1Q) settings on a port. Click the VLAN Port Setting link in th e VLAN S tatus screen. Figure 45 Advanced Application > VLAN > VLAN Port Setting The following table describes t he labels in this s[...]
-
Page 96
Chapter 9 VLAN GS2200-24 User’s Guide 96 9.7 Subnet Based VLANs Subnet based VLANs allow you to g roup tr affic i nto logical VLANs based on the source IP subnet you specify. When a fr ame is received on a port, the Switch checks if a tag is added already and the IP subnet it came from. The untag ged packets from the same IP su bnet are then plac[...]
-
Page 97
Chapter 9 VLAN GS2200-24 User’s Guide 97 For example, an ISP (Internet Services Provider) may divide d ifferent types of services it provides to customers into different IP subnets. Traffic for voice services is designated for IP subnet 172.16.1.0/24, video for 192.168.1.0/24 and data for 10.1.1.0/24. The Switch can then be configured to group in[...]
-
Page 98
Chapter 9 VLAN GS2200-24 User’s Guide 98 Note: Subnet based VLAN applies to un-tagged packets and is app licable only when you use IEEE 802.1Q tagged VLAN. Figure 47 Advanced Application > VLAN > VLAN Port Setting > Subnet Based VLAN The following table describes t he labels in this screen. Table 18 Advanced Application > VLAN > VL[...]
-
Page 99
Chapter 9 VLAN GS2200-24 User’s Guide 99 9.8 Protocol Based VLANs Protocol based VLANs allow you to group traffic into logical VLANs based on the protocol you specify. When a n upstream frame is rece ived on a port (configured for a protocol based VLAN), t he Switch checks if a tag is added al ready and its protocol. The unt agged packets of the [...]
-
Page 100
Chapter 9 VLAN GS2200-24 User’s Guide 100 traffic from port 6 and 7 will be in anot her group and have highe r priority than ARP traffic, when they go th rough the upli nk port to a bac kbone swit ch C. Figure 48 Protocol Based VLAN Application Example 9.8.1 Configuring Protocol Based VLAN Click Protocol B ased VLAN in the VLAN Port Setting scree[...]
-
Page 101
Chapter 9 VLAN GS2200-24 User’s Guide 101 The following table describes t he labels in this screen. Table 19 Advanced Application > VLAN > VLAN Port Setting > Protocol Based VLAN Setup LABEL DESCRIPTION Active Check this box to activate this protocol based VLAN. Port Type a port to be included in this protocol based VLAN. This port must [...]
-
Page 102
Chapter 9 VLAN GS2200-24 User’s Guide 102 9.9 Port-based VLAN Setup Port-based VLANs are VLA Ns where th e packet for warding decis ion is based on the destination MAC address and its associated port. Port-based VLANs require allowed outgoin g ports to be defined for each port. Therefore, if you wish to allow two subscr iber ports to talk to each[...]
-
Page 103
Chapter 9 VLAN GS2200-24 User’s Guide 103 9.9.1 Configure a Port-based VLAN Select Port Based as the VLAN Type in the Basic Setting > Switch Setup screen and then click Advanced Application > VLAN from the navigation panel to display the next screen. Figure 50 Port Ba sed VLAN Setup (All Connected)[...]
-
Page 104
Chapter 9 VLAN GS2200-24 User’s Guide 104 Figure 51 Port Ba sed VLAN Setup (Port Isolation)[...]
-
Page 105
Chapter 9 VLAN GS2200-24 User’s Guide 105 The following table describes t he labels in this screen. 9.10 Technical Reference This section provides technical background information on the topics discussed in this chapter. 9.10.1 Create an IP-based VLAN Example This example shows you how to create an IP VLAN which includes ports 1, 4 an d 8. Follow[...]
-
Page 106
Chapter 9 VLAN GS2200-24 User’s Guide 106 1 Activate this protocol based VLAN. 2 Type the port number you want to include in thi s protocol based VLAN. Type 1 . 3 Give this protocol-based VLAN a descriptive name. Type IP-VLAN . 4 Select the protocol. Le ave the default value IP . 5 Type the VLAN ID of an existing VLAN. In our example w e already [...]
-
Page 107
GS2200-24 User’s Guide 107 C HAPTER 10 Static MAC Forward Setup 10.1 Overview This chapter discusses how to configure f orwarding rules based on MAC addresses of devices on your network. Use these screens to configure static MAC address forwarding. 10.2 What You Can Do Use the Static MAC Forwarding screen ( Section 10.3 on page 107 ) to assig n s[...]
-
Page 108
Chapter 10 Stat ic MAC Forward Setup GS2200-24 User’s Guide 108 Click Advanced Application > Static MAC Forwarding in the navigation panel to display the configuration screen as shown. Figure 53 Advanced Application > Static MAC Forwarding The following table describes t he labels in this screen. Table 21 Advanced App lication > Static M[...]
-
Page 109
Chapter 10 St atic MAC Fo rward Setup GS2200-24 User’s Guide 109 Port This field displays the port where the MAC address shown in the next field will be forwarded. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. Table 21 Advanced App lication > Static MAC Forwarding [...]
-
Page 110
Chapter 10 Stat ic MAC Forward Setup GS2200-24 User’s Guide 110[...]
-
Page 111
GS2200-24 User’s Guide 111 C HAPTER 11 Static Multicast Forward Setup 11.1 Overview This chapter discusses how to configure fo rwarding rules based on multicast MAC addresses of devices on your network. Use these screens to configure stat ic multicast add ress forwarding. 11.2 What You Can Do Use the Static Multicast Forward Setup screen ( Sectio[...]
-
Page 112
Chapter 11 Stat ic Multicast Forw ard Setup GS2200-24 User’s Guide 112 connected to port 3. Fi gure 56 shows frames being forw arded to ports 2 and 3 within VLAN group 4. Figure 54 No Static Multicas t Forwardin g Figure 55 Static Mult icast Forwarding to A Single Port Figure 56 Static Mult icast Forwarding to Mu ltiple Ports 11.4 Configuring Sta[...]
-
Page 113
Chapter 11 St atic Mu lticast Forward Setup GS2200-24 User’s Guide 113 Click Advanced Application > Static Multicast Forwarding to display the configuration screen as shown. Figure 57 Advanced Application > Stat ic Mu lticast Forwarding The following table describes t he labels in this screen. Table 22 Advanced App lication > Static Mult[...]
-
Page 114
Chapter 11 Stat ic Multicast Forw ard Setup GS2200-24 User’s Guide 114 Active This field dis plays whether a static multicast MAC address forwarding rule is active ( Yes ) or not ( No ). You may temporarily deactivate a rule without deleting it. Name This field displays the descriptive name for identification purposes for a static multicast MAC a[...]
-
Page 115
GS2200-24 User’s Guide 115 C HAPTER 12 Filtering 12.1 Overview This chapter discusses MAC address port fil tering. Filtering means sifting traffic goi ng through the Switch based on the source and/or destination MAC addresse s and VLAN group (ID) . 12.2 What You Can Do Use the Filtering screen ( Section 12.3 on page 115 ) to create rules for traf[...]
-
Page 116
Chapter 12 Filtering GS2200-24 User’s Guide 116 The following table describes t he related labels in this screen. Table 23 Advanced App lication > Filtering LABEL DESCRIPTION Active Make sure to select this chec k box to activate your rule. You may temporarily deactivate a rule without de leting it by deselecting this check box. Name Type a de[...]
-
Page 117
GS2200-24 User’s Guide 117 C HAPTER 13 Spanning Tree Protocol 13.1 Overview The Switch supports Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protoc ol (MSTP) as defined in the following standards. • IEEE 802.1D Spanning Tree Protocol • IEEE 802.1w Rapid Spanning Tree Protocol • IEEE 802.1s Mul[...]
-
Page 118
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 118 13.3 What You Need to Know (R)STP detects and breaks network l oops and provides backup links between switches, bridges or routers. It allows a switch t o interact with other (R)STP - compliant switches in your network to en sure that only one path exists between any two stations on t[...]
-
Page 119
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 119 For each LAN segment, a designated bridge is selected. This bridge has the lowest cost to the root among the br idges connected to the LAN. 13.3.2 How STP Works After a bridge determines the lowest cost - spanning tree with STP, it enables the root port and the ports that are the desi[...]
-
Page 120
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 120 In the following example, th ere are two RSTP instances ( MRSTP 1 and MRSTP2 ) on switch A . To set up MRSTP, activate MRSTP on the Switch and specify which port(s) bel ong to which spanning tree. Note: Each port can belong to one STP tree only. Figure 59 MRST P Network Example 13.3.5[...]
-
Page 121
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 121 13.4 Spanning Tree Protocol Status Screen The Spanning Tree Protocol status screen changes depending on what standard you choose to implement on your ne twork. Click Advanced Application > Spanning Tree Protocol to see the screen as shown. Figure 60 Advanced Application > Spanni[...]
-
Page 122
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 122 The following table describes t he labels in this screen. 13.6 Configure Rapid Span ning Tree Protocol Use this screen to configure RSTP settings, see Section 13.1 on page 117 for more informat ion on RS TP. Clic k RSTP in the Advanced Application > Spanning Tree Proto col screen. [...]
-
Page 123
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 123 The following table describes t he labels in this screen. Table 27 Advanced App lication > Spanning Tree Protocol > RSTP LABEL DESCRIPTION Status Click Status to display the RSTP Status screen (see Figure 63 on page 124 ). Active Select this check box to activate RSTP. Clear thi[...]
-
Page 124
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 124 13.7 Rapid Spanning Tree Protocol Status Click Advanced Applicatio n > Spanning Tree Pr otocol in the navigation panel to display the status screen as shown next. See Section 13.1 on page 117 for more information on RSTP. Note: This screen is only available after you activate RSTP [...]
-
Page 125
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 125 The following table describes t he labels in this screen. Table 28 Advanced App lication > Spanning Tree Protocol > Status: RST P LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you want to activate. Click RSTP to edit RSTP settings on the Switch. B[...]
-
Page 126
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 126 13.8 Configure Multiple Rapid Spanning Tree Protocol To configure MRSTP, click MRSTP in the Adva nced Application > Spanning Tree Proto col screen. See Section 13.1 on page 117 for more information on MRSTP. Figure 64 Advanced Application > Spanning Tre e Protocol > MRSTP The[...]
-
Page 127
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 127 Bridge Priority Bridge priority is used in determining the root switch, root port and designated port. The switc h with th e highest priority (lowest numeric value) becomes the STP root switch . If all switches have the same priority, the switch with the lowest MAC address will then b[...]
-
Page 128
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 128 13.9 Multiple Rapid Spanning Tree Protocol Status Click A dvanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 13.1 on page 117 for more information on MRSTP. Note: This screen is only available after you activ[...]
-
Page 129
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 129 Hello Time (second) This is the time interval (in seconds) at which the root switch transmits a configuration message. The root bridge determines Hello Time, Max Age and Forwar ding Delay. Max Age (second) This is the maximum time (in seconds) the Switch can wait without receiving a c[...]
-
Page 130
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 130 13.10 Configure Multiple Sp anning Tree Protocol To configure MSTP, cl ick MSTP in the Advanced Application > Spanning Tree Protocol screen. See Section 13.3.5 on page 120 for more information on MSTP. Figure 66 Advanced Application > Spanni ng Tre e Protocol > MSTP[...]
-
Page 131
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 131 The following table describes t he labels in this screen. Table 31 Advanced App lication > Spanning Tree Protocol > MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen (see Figure 67 on page 133 ). Active Select this to activate MSTP on the Switch. Clear[...]
-
Page 132
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 132 Bridge Priority Set the priority of the Switch for the specific spanning tree instance. The lower the number, the more likely the Switch will be chosen as the root bridge within the spanning tree instance. Enter priority values between 0 and 61440 in increments of 409 6 (thus valid va[...]
-
Page 133
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 133 13.11 Multiple Spanning Tree Protocol Status Click A dvanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 13.3.5 on page 120 for more information on MSTP. Note: This screen is only available afte r you activate[...]
-
Page 134
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 134 The following table describes t he labels in this screen. Table 32 Advanced App lication > Spanning Tree Protocol > Status: MSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you want to activate. Click MSTP to edit MSTP settings on the Switch. CS[...]
-
Page 135
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 135 13.12 Technical Reference This section provides technical background information on the topics discussed in this chapter. 13.12.1 MSTP Network Example The following figure shows a network exam ple where two VLANs are configured on the two switches. If the switches are usi ng STP or RS[...]
-
Page 136
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 136 With MSTP, VLANs 1 and 2 are mapp ed to di fferent spanning trees in the network. Thus traffic from the tw o VLANs travel on different paths. The following figure shows the network example using MSTP. Figure 69 MSTP Network Example 13.12.2 MST Region An MST region is a logic al groupi[...]
-
Page 137
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 137 The following figure shows an example wh ere there are two MST regions. Regions 1 and 2 have 2 spanning tree inst ances. Figure 70 MSTIs in Different Regions 13.12.4 Common and Internal Spanning Tree (CIST) A CIST represents the connecti vity of the entire network and i t is equivalen[...]
-
Page 138
Chapter 13 Spanning T ree Protoc ol GS2200-24 User’s Guide 138[...]
-
Page 139
GS2200-24 User’s Guide 139 C HAPTER 14 Bandwidth Control 14.1 Bandwidth Control Overview This chapter shows you how you can cap the maximum bandwidth using the Bandwidth Control screen. Bandwidth control means defining a maxi mum allowable bandwidth for incoming and/or out-going traffic flows on a port. 14.2 What You Can Do Use the Bandwidth Co n[...]
-
Page 140
Chapter 14 Bandwidth Control GS2200-24 User’s Guide 140 14.3 Bandwidth Control Setup Click Advanced Application > Bandwidth Control in the navigation panel to bring up the screen as shown next. Figure 72 Advanced Application > Bandwidth Control The following table describes t he related labels in this screen. Table 33 Advanced App lication [...]
-
Page 141
Chapter 14 Bandwid th Control GS2200-24 User’s Guide 141 Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses po wer, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel [...]
-
Page 142
Chapter 14 Bandwidth Control GS2200-24 User’s Guide 142[...]
-
Page 143
GS2200-24 User’s Guide 143 C HAPTER 15 Broadcast Storm Control 15.1 Overview This chapter introduces and shows you how to configure the broadcast st orm control feature. Broadcast storm control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the Switch re ceives per second on the ports. When the maximum numb[...]
-
Page 144
Chapter 15 Broadcast Storm Control GS2200-24 User’s Guide 144 15.3 Broadcast Storm Control Setup Click Advanced Application > Broadcast Storm Control in the navigation panel to display the screen as shown next. Figure 73 Advanced Application > Broadcast Sto rm Control The following table describes t he labels in this screen. Table 34 Advanc[...]
-
Page 145
Chapter 15 Broadcast Storm Control GS2200-24 User’s Guide 145 Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is tu rned off or loses power, so use the Save link on the top navigation panel to save your changes to the no n- volatile memory when you are done configuring. Cancel Click C[...]
-
Page 146
Chapter 15 Broadcast Storm Control GS2200-24 User’s Guide 146[...]
-
Page 147
GS2200-24 User’s Guide 147 C HAPTER 16 Mirroring 16.1 Overview This chapter discusses port mirroring s etup screens. Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffic to) in order that you can examine the traffic from the monitor port without inte rference . 16.2 What You Can Do Use the Mirroring sc[...]
-
Page 148
Chapter 16 Mirr oring GS2200-24 User’s Guide 148 16.3 Port Mirroring Setup Click Advanced Application > Mirroring in the navigation panel to d isplay the Mirroring screen. Use this screen to select a monitor p ort and specify the traffic flow to be copied to the monitor port. Figure 74 Advanced Application > Mirroring The following table de[...]
-
Page 149
Chapter 16 Mirr oring GS2200-24 User’s Guide 149 Mirrored S elect this option to mirror the traffic on a port. Direction Specify the direction of the traffi c to mirror by selecting from the drop-down list box. Choices are Egress (outgoing), Ingress (incoming) and Both . Apply Click Apply to save your changes to the Switch’s run-time memory. Th[...]
-
Page 150
Chapter 16 Mirr oring GS2200-24 User’s Guide 150[...]
-
Page 151
GS2200-24 User’s Guide 151 C HAPTER 17 Link Aggregation 17.1 Overview This chapter shows you how to logically aggregate physical li nks to form one logical, higher-bandwidth l ink. Link aggregation (trunking) is the groupi ng of physical ports into one logical higher-capacity link. You may want to trunk ports if for example, it is cheaper to use [...]
-
Page 152
Chapter 17 Link Aggregation GS2200-24 User’s Guide 152 17.3.1 Dynamic Link Aggregation The Switch adheres to the IEEE 802.3ad standard for static and dynamic (LACP) port trunking. The IEEE 802.3ad standard describes t h e Link Aggregation Control Prot ocol (LACP) for dynamically creating and managing trun k groups. When you enable LACP link aggre[...]
-
Page 153
Chapter 17 Link Aggregation GS2200-24 User’s Guide 153 17.4 Link Aggregation Status Click Advanced Application > Link Aggregation in the navigati on panel. The Link Aggregation Status screen displays by defa ult. See Section 17.1 on page 151 for more information. Figure 75 Advanced Application > Li nk Aggregation Status The following table [...]
-
Page 154
Chapter 17 Link Aggregation GS2200-24 User’s Guide 154 Criteria This shows the outgoing traffic distribution algorithm used in this trunk group. Packets from the same source and/or to the same destination are sent over the same link within the trunk. src-mac means the Switch distributes traffic based on the packet’s source MAC address. dst-mac [...]
-
Page 155
Chapter 17 Link Aggregation GS2200-24 User’s Guide 155 17.5 Link Aggregation Setting Click Advanced Application > Link Aggregati on > Link Aggregation Setting to displ ay the sc reen shown next. See Section 17.1 on page 151 for more informat ion on link ag gregation. Figure 76 Advanced Application > Link Aggreg ation > Link Aggregatio[...]
-
Page 156
Chapter 17 Link Aggregation GS2200-24 User’s Guide 156 Criteria Select the outgoing traffic distribution type. Packets from the same source and/or to the same destination are sent over the same link within the trunk. By default, the Switch uses the src-dst-mac distribution type. If the Switch is behind a router, the packet’s destination or sour[...]
-
Page 157
Chapter 17 Link Aggregation GS2200-24 User’s Guide 157 17.6 Link Aggregation Control Protocol Click Advanced Applicatio n > Link A ggregation > Link Aggrega tion Setting > LACP to display the screen shown next. See Section 17.3.1 on page 152 for more information on dynamic link aggregation. Figure 77 Advanced Application > Link Aggreg[...]
-
Page 158
Chapter 17 Link Aggregation GS2200-24 User’s Guide 158 17.7 Technical Reference This section provides technical background information on the topics discussed in this chapter. 17.7.1 Static Trunking Example This example shows you how to create a static port trunk group for ports 2- 5. System Priority LACP system priority is a number be tween 1 an[...]
-
Page 159
Chapter 17 Link Aggregation GS2200-24 User’s Guide 159 1 Make your physical connections - make sure that the ports that you want to belong to the trunk group are connected to the same destina tion. The followin g figure shows ports 2-5 on swit ch A connected to switch B . Figure 78 Trunking Example - Physical Con nections 2 Configure static trunk[...]
-
Page 160
Chapter 17 Link Aggregation GS2200-24 User’s Guide 160[...]
-
Page 161
GS2200-24 User’s Guide 161 C HAPTER 18 Port Authentication 18.1 Overview This chapter describes the IEEE 802.1x aut hentication method. Port authentication is a way to valid ate access to ports on the Switch to clients based on an external serv er (authentication server). The Switch supports the following method for port authenticati on: • IEEE[...]
-
Page 162
Chapter 18 Port Authentication GS2200-24 User’s Guide 162 When the client provides th e login credentials, the Switch sends an authentic ation request to a RADIUS server. The RADIU S se rver validates whether this client is allowed access to the port. Figure 80 IEEE 802.1x Authentication Process 18.4 Port Authentication Configuration To enable po[...]
-
Page 163
Chapter 18 Port Au thentication GS2200-24 User’s Guide 163 18.5 Activate IEEE 802.1x Security Use this screen to activate IEEE 802.1x security. In the Port Authentication screen click 802.1x to display the configuration screen as shown. Figure 82 Advanced Application > Port Authentication > 802.1x The following table describes t he labels i[...]
-
Page 164
Chapter 18 Port Authentication GS2200-24 User’s Guide 164 Active Select this to permit 802.1x auth entication on this port. You must first allow 802.1x authentication on the Sw itch before configuring it on each port. Reauthenticati on Specify if a subscriber has to periodically re-enter his or her username and password to stay connected to the p[...]
-
Page 165
GS2200-24 User’s Guide 165 C HAPTER 19 Port Security 19.1 Overview This chapter shows you how to set up port security. Port security allows only packets with d ynamically learned MAC addresses and/or configured static MAC addresses to pass th rough a port on the Switch. The Switch can learn up to 16K MAC addresses in total with no limit on indivi[...]
-
Page 166
Chapter 19 Port Secu rity GS2200-24 User’s Guide 166 19.3 Port Security Setup Click Advanced Application > Port Security in the navigation panel to display the screen as shown. Figure 83 Advanced Application > Port Security The following table describes t he labels in this screen. Table 42 Advanced App lication > Port Security LABEL DESC[...]
-
Page 167
Chapter 19 Port Security GS2200-24 User’s Guide 167 * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. [...]
-
Page 168
Chapter 19 Port Secu rity GS2200-24 User’s Guide 168[...]
-
Page 169
GS2200-24 User’s Guide 169 C HAPTER 20 Classifier 20.1 Overview This chapter introduces and shows you how to configure the packet classif ier on the Switch. It also discusses Quality of Service (QoS) and classifier concepts as employed by the Switch. 20.2 What You Can Do Use the Classifier screen ( Section 20.4 on page 170 ) to define the classif[...]
-
Page 170
Chapter 20 Classifier GS2200-24 User’s Guide 170 2 Configure policy rules to define actions to be performed on a classified traffic flow (refer to Chapter 21 on page 175 to configure policy rules). 20.4 Configuring the Classifier Use the Classifier screen to define the c lassifiers. After you define the cl assifier, you can speci fy actions (o r [...]
-
Page 171
Chapter 20 Classifier GS2200-24 User’s Guide 171 The following table describes t he labels in this screen. Table 43 Advanced App lication > Classifier LABEL DESCRIPTION Active Select this option to enable this rule. Name Enter a descriptive name for this rule for identifying purposes. Layer 2 Specify the fields below to configure a layer 2 cla[...]
-
Page 172
Chapter 20 Classifier GS2200-24 User’s Guide 172 20.4.1 Viewing and Editing Classifier Configuration To view a summary of t he classifier co nfigurati on, scroll down to the summary table at the bottom of the Classifier screen. To change the settings of a rule, click a number in the Index field. Note: When two rules conflict with each other, a hi[...]
-
Page 173
Chapter 20 Classifier GS2200-24 User’s Guide 173 The following table shows some othe r common Ethernet types and the corresponding protocol number. In the Internet Protocol there is a field, ca lled “Protocol”, to identify the next level protocol. The foll owing table shows so me common protocol types and the corresponding protocol number. Re[...]
-
Page 174
Chapter 20 Classifier GS2200-24 User’s Guide 174 20.5 Classifier Example The following screen shows an example where you configur e a classifier that identifies all traffic from MAC a d dress 00:50:ba:ad:4f:81 on port 2. After you have configured a classifier, you can configure a policy (in the Policy screen) to def ine action(s) on the classifie[...]
-
Page 175
GS2200-24 User’s Guide 175 C HAPTER 21 Policy Rule 21.1 Policy Rules Overview This chapter shows you how to configure polic y rules. A classifier distinguishes traffic int o flows based on the configured criteria (refer to Chapter 20 on page 169 for more information). A poli cy rule ensures that a traffic flow gets the requested treatment in the [...]
-
Page 176
Chapter 21 Policy Rule GS2200-24 User’s Guide 176 Click Advanced Applications > Policy Rule in the navigation panel to display the screen as shown. Figure 87 Advanced Application > Policy Rule The following table describes t he labels in this screen. Table 48 Advanced App lication > Policy Rule LABEL DESCRIPTION Active Select this option[...]
-
Page 177
Chapter 21 Policy Rule GS2200-24 User’s Guide 177 Rate Limit You can configure the desired bandwidth available to a traffic flow. Traffic that exceeds the maximum bandwidth allocated (in cases where the network is congested) is dropped. Bandwidth Specify the bandwi dth in kilobit per second (Kbps). Enter a num ber between 64 and 1000000. Action S[...]
-
Page 178
Chapter 21 Policy Rule GS2200-24 User’s Guide 178 21.3.1 Viewing and Editing Policy Configuration To view a summary of t he classifier co nfigurati on, scroll down to the summary table at the bottom of the Policy screen. To change the settings of a rule, c lick a number in the Index field. Figure 88 Advanced Application > Policy Rule: Summary [...]
-
Page 179
Chapter 21 Policy Rule GS2200-24 User’s Guide 179 21.4 Policy Example The figure be low shows an example Policy screen where you configure a policy to limit bandwidth on a traffi c flow classified using the Ex ample classifier (refer to Section 20.5 on page 174 ). Figure 89 Policy Example[...]
-
Page 180
Chapter 21 Policy Rule GS2200-24 User’s Guide 180[...]
-
Page 181
GS2200-24 User’s Guide 181 C HAPTER 22 Queuing Method 22.1 Overview This chapter introduces the queuing methods supported. Queuing is us ed to help solv e performa nce degradation when there is ne twork congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic. See also Priority Queue Assignment in Switch Setu[...]
-
Page 182
Chapter 22 Que uing Method GS2200-24 User’s Guide 182 22.3.2 Weighted Fair Queuing Weighted Fair Queuing is used to gu arantee each queue's minimum bandwidth based on its bandwidth weight (portion) (t he numb er you configure in the Weight field) when th ere is traffi c congestion. WFQ is activ ated only w hen a port has more traffic than it[...]
-
Page 183
Chapter 22 Queuing Method GS2200-24 User’s Guide 183 22.4 Configuring Queuing Click Advanced Application > Queuing Method in the navigati on panel. Figure 90 Advanced Application > Que uing Method The following table describes t he labels in this screen. Table 50 Advanced App lication > Queuing Method LABEL DESCRIPTION Port This label sh[...]
-
Page 184
Chapter 22 Que uing Method GS2200-24 User’s Guide 184 Method Select SPQ (Strictly Priority Queuing), WFQ (Weighted Fair Queuing) or WRR (Weighted Round Robin). Strictly Priority Queuing services queu es based on priority only. When the highest priority queue empties, traffi c on the next highest-priority queue begins. Q7 has the highest priority [...]
-
Page 185
GS2200-24 User’s Guide 185 C HAPTER 23 VLAN Stacking 23.1 Overview This chapter shows you how to configure VLAN stacking on your Switch. See the chapter on VLANs for more background information on Virtual LAN. A service provider can use VLAN stacking (also known as Q-in-Q) to allow it to distinguish multipl e customers VLANs, even t hose with the[...]
-
Page 186
Chapter 23 VLAN Stacking GS2200-24 User’s Guide 186 23.4 Configuring VLAN Stacking Click Advanced Application > VLAN Stacking to display the screen as shown. Figure 91 Advanced Application > VLAN Stacking The following table describes t he labels in this screen. Table 51 Advanced App lication > VLAN Stacking LABEL DESCRIPTION Active Sele[...]
-
Page 187
Chapter 23 VLAN Stacking GS2200-24 User’s Guide 187 23.5 Configuring SVLAN Use this screen to configure up to 64 se rvice provider's VLANs. If an incoming frame received on a Tunnel Port is untagged or its service provider's VLAN ID is not configured in this screen, the Switch drops the frame. * Settings in this row apply to all ports. [...]
-
Page 188
Chapter 23 VLAN Stacking GS2200-24 User’s Guide 188 Click the SVLAN link in the VLAN Stacking screen. Figure 92 Advanced Application > VLAN Stacking > SVLAN The following table describes t he labels in this screen. 23.6 Technical Reference This section provides technical background information on the topics discussed in this chapter. 23.6.1[...]
-
Page 189
Chapter 23 VLAN Stacking GS2200-24 User’s Guide 189 distinguish customer A and tag 48 to disti n guish customer B at ed ge device 1 and then stripping those tags at edge device 2 as the data frames leave the network. Figure 93 VLAN Stacking Example 23.6.2 VLAN Stacking Port Roles Each port can have three VLAN stacking “roles”, Access Port and[...]
-
Page 190
Chapter 23 VLAN Stacking GS2200-24 User’s Guide 190 Note: When you enable VLAN stackin g on the Switch, the Access Port and Tunnel Port should be in the same customer VLAN (static VLAN) to communicate with each other. 23.6.3 VLAN Tag Format A VLAN tag (service provider VLAN stacking or customer IEEE 802.1Q) consists of the following three fields [...]
-
Page 191
Chapter 23 VLAN Stacking GS2200-24 User’s Guide 191 Table 54 Single and Do uble Tagged 802.11Q Frame F ormat Untagged Ethernet frame DA SA Len/ Etype Data FCS IEEE 802.1Q custo mer tagged frame DA SA TPID Priority VID Len/ Etype Data FCS Double- tagged frame DA SA SP TPID Priority VID TPID Priorit y VID Len/ Etype Data FCS Table 55 802.1Q Frame D[...]
-
Page 192
Chapter 23 VLAN Stacking GS2200-24 User’s Guide 192[...]
-
Page 193
GS2200-24 User’s Guide 193 C HAPTER 24 Multicast 24.1 Overview This chapter shows you how to configure various multi cast features. Traditionally, IP packets ar e transmitte d in one of either tw o ways - Unicast ( 1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts [...]
-
Page 194
Chapter 24 Multicast GS2200-24 User’s Guide 194 24.3.1 IP Multicast Addresses In IPv4, a multicast address allows a device to send packets to a spec ific group of hosts (multicast group) in a different subnetwork. A multicast IP address represents a traffic receiving group, not indi vidual receiving devices. IP addresses in the Class D range (224[...]
-
Page 195
Chapter 24 Multicast GS2200-24 User’s Guide 195 24.4 Multicast Status Click Advanced Applications > Multicast to display the screen as shown. This screen shows the multicas t group information. See Section 24.1 on pag e 193 for more information on multicasting. Figure 94 Advanced Application > Multicast The following table describes t he la[...]
-
Page 196
Chapter 24 Multicast GS2200-24 User’s Guide 196 24.5 Multicast Setting Click Advanced Applications > Multicast > Multicast Setting link to display the screen as shown. See Section 24.1 on page 193 for more i n formation on multicasting. Figure 95 Advanced Application > Mult icast > Multicast Sett ing The following table describes t he[...]
-
Page 197
Chapter 24 Multicast GS2200-24 User’s Guide 197 802.1p Priority Select a priority level (0-7) to which the Switch changes the priority in outgoing IGMP control packets. Otherwise, select No-Change to not replace the priority. Unknown Multicast Frame Specify the action to perform when the Switch receives an unknown multicast frame. Select Drop to [...]
-
Page 198
Chapter 24 Multicast GS2200-24 User’s Guide 198 24.6 IGMP Snooping VLAN Click Advanced Applications > Multicast in the navigation panel. Click the Multicast Setting link and then the IGMP Snooping VLAN link to display the Max Group Num. Enter the number of multicast groups this port is allowed to join. Throttling IGMP throttling controls how t[...]
-
Page 199
Chapter 24 Multicast GS2200-24 User’s Guide 199 screen as shown. See Section 24.3.3 on page 194 for more in formation on IGMP Snooping VLAN. Figure 96 Advanced Application > Multicast > Multicast Setting > IGMP Snooping VLAN The following table describes t he labels in this screen. Table 58 Advanced App lication > Multicast > Multi[...]
-
Page 200
Chapter 24 Multicast GS2200-24 User’s Guide 200 Add Click Add to insert the entry in the summary table below and save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done [...]
-
Page 201
GS2200-24 User’s Guide 201 C HAPTER 25 AAA 25.1 Overview This chapter describes how to configure au thentication and auth orization settings on the Switch. The external servers that perform authen tication and authorization functions are known as AAA servers. The Switch supports RADIUS (Remote Authenti cation Dial- In User Service, see Section 25[...]
-
Page 202
Chapter 25 AAA GS2200-24 User’s Guide 202 25.3 What You Need to Know Authentication is the process of determinin g who a user is and validating access to the Switc h. The S witch can authentic ate user s who try to log i n based o n user accounts configured on the Switch itself . The Switch can also use an external authentication server to authen[...]
-
Page 203
Chapter 25 AAA GS2200-24 User’s Guide 203 25.4 AAA Screens The AAA scr eens allow yo u to enab le authenti cation and au thorization or both of them on the Sw itch. First, config ure your authentication server settings (RADIUS, TACACS+ or both) and then set up th e authentication priority, ac tivate authorization. Click A dvanced Application >[...]
-
Page 204
Chapter 25 AAA GS2200-24 User’s Guide 204 Click on the RADIUS Server Setup link in the AAA screen to view the screen as shown. Figure 99 Advanced Application > AAA > RADIUS Server Setup The following table describes t he labels in this screen. Table 60 Advanced Application > AAA > RADIUS Server Setup LABEL DESCRIPTION Authentication S[...]
-
Page 205
Chapter 25 AAA GS2200-24 User’s Guide 205 IP Address Enter the IP address of an ex ternal RADIUS server in dotted decimal notation. UDP Port The default port of a RADIUS server for authentication is 1812 . You need not change this value unless your network administrator instructs you to do so. Shared Secret Specify a password (up to 32 al phanume[...]
-
Page 206
Chapter 25 AAA GS2200-24 User’s Guide 206 25.6 TACACS+ Server Setup Use this screen to configur e yo ur TACACS+ server settings. See Section 25.3.2 on page 202 for more information on TACACS+ servers. Click on t he TACACS+ Server Setup link in the AAA screen to view the screen as shown. Figure 100 Advanced Application > AAA > TACACS+ Server[...]
-
Page 207
Chapter 25 AAA GS2200-24 User’s Guide 207 Timeout Specify the amount of time in seconds that the Switch waits for an authentication request respon se from the TACA CS+ server. If you are using in dex-prior ity for your authentication and yo u are using two TACACS+ servers then the timeout value is divided between the two TACACS+ servers. Fo r exa[...]
-
Page 208
Chapter 25 AAA GS2200-24 User’s Guide 208 25.7 AAA Setup Use this screen to config ure authenticati on and auth orization setting s on the Switch. Click on t he AAA Setup link in the AAA scre en to view the screen as shown. Figure 101 Advanced Application > AAA > AAA Setup[...]
-
Page 209
Chapter 25 AAA GS2200-24 User’s Guide 209 The following table describes t he labels in this screen. Table 62 Advanced Application > AAA > AAA Setup LABEL DESCRIPTION Authentication Use this section to specify the methods used to authenticate users accessing the Switch. Privilege Enable These fields specify which database th e Switch should [...]
-
Page 210
Chapter 25 AAA GS2200-24 User’s Guide 210 25.8 Technical Reference This section provides technical background information on the topics discussed in this chapter. 25.8.1 Vendor Specific Attribute RFC 2865 standard specifies a method for sending vendor-specific information between a RADIUS server and a network acce ss device (for example, the Swit[...]
-
Page 211
Chapter 25 AAA GS2200-24 User’s Guide 211 The following table describes t he VSAs supported on the Switch. 25.8.1.1 Tunnel Protocol Attribut e You can configu re tunnel protoc ol attributes on t he RADIUS server (refer to your RADIUS server documentation) to assign a port on the Switch to a VLAN based on IEEE 802.1x authentication. The port VLAN [...]
-
Page 212
Chapter 25 AAA GS2200-24 User’s Guide 212 25.8.2 Supported RADIUS Attributes Remote Authentication Dial-In User Servic e (RADI US) attributes are data used to define specific authenticati on elements in a user profile, which is stored on the RADIUS server. This appendix lists th e RADIUS attribut es supported by the Switch. Refer to RFC 2865 for [...]
-
Page 213
Chapter 25 AAA GS2200-24 User’s Guide 213 - This value is set to Ethernet(15) on t he Switch. Calling-Station-Id Frame-MTU EAP-Message State Message-Authenticator[...]
-
Page 214
Chapter 25 AAA GS2200-24 User’s Guide 214[...]
-
Page 215
GS2200-24 User’s Guide 215 C HAPTER 26 IP Source Guard 26.1 Overview Use IP source guard to filter unauthoriz ed DHCP and ARP packets in your network. IP source guard uses a binding table to distinguish between authorized and unauthorized DHCP and ARP packets in yo ur network. A bi nding contains these key attributes: • MAC address •V L A N I[...]
-
Page 216
Chapter 26 IP Source G uard GS2200-24 User’s Guide 216 •U s e t h e DHCP VLAN Configur e screen ( Section 26.7.2 on page 2 25 ) to enable DHCP snooping on each VLAN and to specify whether or not the Switch adds DHCP relay agent option 82 inf ormation to DHCP requests that the Switch relays to a DHCP server for each VLAN. •U s e t h e ARP Insp[...]
-
Page 217
Chapter 26 IP Source Guard GS2200-24 User’s Guide 217 between authorized and unau thorized packets in the ne tw ork. The Switch learns the bindings by snooping DHCP packets (dynamic bindings) and from information provided manually by administrat ors (static binding s). To open this screen, cl ick Advanced Application > IP Source Guard . Figure[...]
-
Page 218
Chapter 26 IP Source G uard GS2200-24 User’s Guide 218 new static binding replaces the origin al one. To open t his screen, click Advanced Application > IP Source Guard > Static Binding . Figure 103 IP Source Guar d Static Binding The following table describes t he labels in this screen. Table 66 IP Source Guard Static Bind ing LABEL DESCRI[...]
-
Page 219
Chapter 26 IP Source Guard GS2200-24 User’s Guide 219 26.6 DHCP Snooping Use this screen to look at various statis tics about the DHCP snooping database. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping . Figure 104 DHCP Snooping Port This field displays the port number in the binding. If this field is blank[...]
-
Page 220
Chapter 26 IP Source G uard GS2200-24 User’s Guide 220 The following table describes t he labels in this screen. Table 67 DHCP Snooping LABEL DESCRIPTION Database Status This section displays the current settings for the DHCP snooping database. You can configure them in the DHCP Snooping Configure screen. See Section 26.7 on page 222 . Agent URL [...]
-
Page 221
Chapter 26 IP Source Guard GS2200-24 User’s Guide 221 Successful transfers This field displays the number of times the Switch read bindings from or updated the bindings in the D HCP snooping database successfully. Failed transfers This field displays the number of times the Switch was unable to read bindings from or update th e bindings in the DH[...]
-
Page 222
Chapter 26 IP Source G uard GS2200-24 User’s Guide 222 26.7 DHCP Snooping Configure Use this screen to enable DHCP snooping on the Switch (not on specific VLAN), specify the VLAN where the default DHCP server is located, and configure the DHCP snooping database. Th e DHCP snooping databa se stores the current bindings on a secure, external TFTP s[...]
-
Page 223
Chapter 26 IP Source Guard GS2200-24 User’s Guide 223 The following table describes t he labels in this screen. Table 68 DHCP Snooping Configure LABEL DESCRIPTION Active Select this to enable DHCP snooping on the Switch. You still have to enable DHCP snooping on spec ific VLAN and specify trusted ports. Note: If DHCP is enabled and there are no t[...]
-
Page 224
Chapter 26 IP Source G uard GS2200-24 User’s Guide 224 26.7.1 DHCP Snooping Port Configure Use this screen to specify whether ports are trusted or untrusted ports for DHCP snooping. Note: If DHCP snooping is enabled but th ere are no trusted ports, DHCP requests cannot reach the DHCP server. You can also spec ify the maximum number for DHCP packe[...]
-
Page 225
Chapter 26 IP Source Guard GS2200-24 User’s Guide 225 The following table describes t he labels in this screen. 26.7.2 DHCP Snooping VLAN Configure Use this screen to enable DHCP snooping on each VLAN and to specify whether or not the Switch adds DHCP relay agent option 8 2 information ( Chapter 31 on page 261 ) to DHCP reques ts that the Swi tch[...]
-
Page 226
Chapter 26 IP Source G uard GS2200-24 User’s Guide 226 open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > VLAN . Figure 107 DHCP Snooping VLAN Configure The following table describes t he labels in this screen. Table 70 DHCP Snooping VLAN Configure LABEL DESCRIPTION Show VLAN Use this section [...]
-
Page 227
Chapter 26 IP Source Guard GS2200-24 User’s Guide 227 26.8 ARP Inspection Status Use this screen to look at the current list of MAC address filters that were created because the Switch identified an unau thorized ARP packet. When the Switch identifies an unauthorized ARP packet, it automatically creat es a MAC address filter to block traffic from[...]
-
Page 228
Chapter 26 IP Source G uard GS2200-24 User’s Guide 228 26.9 ARP Inspection VLAN Status Use this screen to look at various stat isti cs about ARP packets in each VLAN. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > VLAN Status . Figure 109 ARP Inspection VL AN Status The following table describes t he[...]
-
Page 229
Chapter 26 IP Source Guard GS2200-24 User’s Guide 229 26.10 ARP Inspection Log Status Use this screen to look at log messages that were generated by ARP packets and that have not been s ent to the syslog server yet. To open this s creen, click Advanced Application > IP Source Guard > ARP Inspection > Log Status . Figure 110 ARP Inspectio[...]
-
Page 230
Chapter 26 IP Source G uard GS2200-24 User’s Guide 230 26.11 ARP Inspection Configure Use this screen to enable AR P inspe ction on the Switch . You can al so configu re the length of time the Switch stores reco rds of discarded ARP packets and global Num Pkts This field displays the number of AR P packets that were consolidated into this log mes[...]
-
Page 231
Chapter 26 IP Source Guard GS2200-24 User’s Guide 231 settings for the ARP inspection log. To open this screen, c lick Advanced Application > IP Source Guard > ARP Inspection > Configure . Figure 111 ARP Inspection Co nfigure The following table describes t he labels in this screen. Table 74 ARP Inspection Config ure LABEL DESCRIPTION Ac[...]
-
Page 232
Chapter 26 IP Source G uard GS2200-24 User’s Guide 232 26.11.1 ARP Inspection Port Configure Use this screen to specify whether port s are trusted or untrusted ports for ARP inspection. You can also specify the maximum rate at which the Swit ch receives Syslog rate Enter the maximum number of syslog messages the Switch can send to the syslog serv[...]
-
Page 233
Chapter 26 IP Source Guard GS2200-24 User’s Guide 233 ARP packet s on each untru sted port. T o open this sc reen, click Advanced Application > IP Source Guard > ARP Inspection > Configure > Port . Figure 112 ARP Inspection Po rt Configure The following table describes t he labels in this screen. Table 75 ARP Inspection Port Configure[...]
-
Page 234
Chapter 26 IP Source G uard GS2200-24 User’s Guide 234 26.11.2 ARP Inspection VLAN Configure Use this screen to enable ARP inspection on each VLAN and to specify when the Switch generates log messages for receiv ing ARP packets from each VLAN. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure [...]
-
Page 235
Chapter 26 IP Source Guard GS2200-24 User’s Guide 235 26.12 Technical Reference This section provides technical background information on the topics discussed in this chapter. 26.12.1 DHCP Snooping Overview Use DHCP s nooping t o filter unauthorized DHCP packets on the network and to build the binding table dynamically. This can prevent clients f[...]
-
Page 236
Chapter 26 IP Source G uard GS2200-24 User’s Guide 236 Trusted ports are connected to DHCP se rvers or other switches . The Switch discards DHCP packets from trusted ports on ly if the rate at which DHCP packets arrive is too high. The Switch learns dynamic bindings from trust ed ports. Note: If DHCP is enabled and there are no trusted ports, DHC[...]
-
Page 237
Chapter 26 IP Source Guard GS2200-24 User’s Guide 237 read. If the calculated checksum is not e qual to the checksum in the f ile, th at binding and all ot hers after it are igno red. 26.12.1.3 DHCP Relay Option 82 Information The Switch can add information to DHCP re quests that it does not discard. This provides the DHCP server more informatio [...]
-
Page 238
Chapter 26 IP Source G uard GS2200-24 User’s Guide 238 26.12.2 ARP Inspection Overview Use ARP inspection to filter unauthorized ARP packets on the network. This can prevent many kinds of man-in-the-middle at tacks, such as the one in the following example. Figure 115 Example: Man-in-the-middle Attack In this example, computer B tries to establis[...]
-
Page 239
Chapter 26 IP Source Guard GS2200-24 User’s Guide 239 26.12.2.2 Trusted vs. Untrusted Ports Every port is either a trust ed port or an untrusted port f or ARP inspection. This setting is independent of t he trusted/untrusted setting for DHCP snooping. You can also specify the maximum rate at wh ich the Switch receives ARP packets on untruste d po[...]
-
Page 240
Chapter 26 IP Source G uard GS2200-24 User’s Guide 240[...]
-
Page 241
GS2200-24 User’s Guide 241 C HAPTER 27 Loop Guard 27.1 Overview This chapter shows you how to configure th e Switch to guard against loops on the edge of your network. Loop guard allows you to configure t he Switch to shut down a port if it detects that packets sent out on that port loop back to the Switch. While you can use Spanning Tree Protoco[...]
-
Page 242
Chapter 27 Lo op Guard GS2200-24 User’s Guide 242 27.3 What You Need to Know Loop guard is designed to handle loop prob lems on the edge of your network. This can occur when a port is connected to a Swit ch that is in a l oop state. Loop stat e occurs as a result of human error. It happens when two ports on a switch are connected wi th the sam e [...]
-
Page 243
Chapter 27 Loop Guar d GS2200-24 User’s Guide 243 returns to port N on A . The Switch then shuts down port N to ensure that the rest of the network is not affected by the switch in loop state. Figure 118 Loop Guard - Probe Packet The Switch also shuts down port N if the probe packet returns to switch A on any other port. In other words loop guard[...]
-
Page 244
Chapter 27 Lo op Guard GS2200-24 User’s Guide 244 Note: The loop guard feature can not be ena bled on the ports that have Sp anning Tree Protocol (RSTP, MRSTP or MSTP) enabled. Figure 120 Advanced App lication > Loop Guard The following table describes t he labels in this screen. Table 77 Advanced App lication > Loop Guard LABEL DESCRIPTION[...]
-
Page 245
GS2200-24 User’s Guide 245 C HAPTER 28 Layer 2 Protocol Tunneling 28.1 Overview This chapter shows you how to configure la yer 2 protocol tunneling on the Switch. Layer 2 protocol tunneling (L 2PT) is used on th e servic e provid er's edge devices. 28.2 What You Can Do Use the Layer 2 Protocol Tunnel screen ( Section 28.4 on page 247 ) to en[...]
-
Page 246
Chapter 28 Layer 2 Prot ocol Tunne ling GS2200-24 User’s Guide 246 layer 2 protocol pac kets with a specifi c MAC address before sending them across the service provider’s networ k to other e dge switches. Figure 121 Layer 2 Protocol Tunneling Network Sce nario In the follow ing exampl e, if you ena ble L2PT for S TP, you can h ave switc hes A [...]
-
Page 247
Chapter 28 Layer 2 Protoco l Tunneling GS2200-24 User’s Guide 247 •T h e Tunne l port is an egress port at the edge of the service provider's network and connected to another service provid er’s switch. Incoming encap sulated layer 2 protocol packe ts received on a tu nnel port are decapsulated and sent to an access port. 28.4 Configurin[...]
-
Page 248
Chapter 28 Layer 2 Prot ocol Tunne ling GS2200-24 User’s Guide 248 The following table describes t he labels in this screen. Table 78 Advanced App lication > Layer 2 Protocol Tunneling LABEL DESCRIPTION Active Select this to enable layer 2 protocol tunneling on the Switch. Destination MAC Address Specify a MAC address with which the Switch use[...]
-
Page 249
Chapter 28 Layer 2 Protoco l Tunneling GS2200-24 User’s Guide 249 Mode Select A ccess to have the Switch encapsul ate the incoming layer 2 protocol packets and forward them to the tunnel port(s). Select Access for ingress ports at the edge of the service provider's network. Note: You can enable L2PT services for STP, LACP, VTP, CDP, UDLD, an[...]
-
Page 250
Chapter 28 Layer 2 Prot ocol Tunne ling GS2200-24 User’s Guide 250[...]
-
Page 251
251 P ART IV IP Application Static Route ( 253) Differentiated Services ( 257) DHCP (261)[...]
-
Page 252
252[...]
-
Page 253
GS2200-24 User’s Guide 253 C HAPTER 29 Static Route 29.1 Overview This chapter shows you how to configure stati c routes. The Switch uses IP for communication wi th management computers, for example using HTTP, Telnet, SSH, or SNMP. Use IP static routes to have the Switch respond to remote management stations that are not reachable through the de[...]
-
Page 254
Chapter 29 Static Rou te GS2200-24 User’s Guide 254 29.2 What You Can Do Use the Static Routing screen ( Section 29.3 on page 254 ) to activate/deactivate this static route. 29.3 Configuring Static Routing Click IP Application > Static Routing in the navigation panel to display the screen as shown. Figure 125 IP Ap plication > Static Routin[...]
-
Page 255
Chapter 29 Static Route GS2200-24 User’s Guide 255 Metric The metric represents the “cost” of transmission for routing purposes. IP routing uses hop count as the measurement of cost, with a minimum of 1 for directly connected networks. Enter a number that approximates the cost for this link. The number need not be precise, but it must be betw[...]
-
Page 256
Chapter 29 Static Rou te GS2200-24 User’s Guide 256[...]
-
Page 257
GS2200-24 User’s Guide 257 C HAPTER 30 Differentiated Services 30.1 Overview This chapter shows you how to configure Di ffer entiated Service s (DiffServ) on the Switch. Quality of Service (QoS) is used to prioriti ze source-to-desti nation traffic flows. All packets in the flow are given the same pr iority. You can us e CoS (class of service) to[...]
-
Page 258
Chapter 30 Differe ntiated Services GS2200-24 User’s Guide 258 30.3.1 DSCP and Per-Hop Behavior DiffServ defines a new DS ( Differentiated Services) field to replace the Type of Service (ToS) field i n the IP header. The DS field contains a 6-bit DSCP field which can define up to 64 service levels and the remaining 2 bits are defi ned as currentl[...]
-
Page 259
Chapter 30 Differentiated Se rvices GS2200-24 User’s Guide 259 traffic flow are more likel y to be dropped when congestion occurs than the packets in the Platinum traffic flow as they move across the DiffServ network. Figure 127 DiffServ Net work 30.4 Activating DiffServ Activate DiffServ to ap ply marking rules or IEEE 802.1p priority mapping on[...]
-
Page 260
Chapter 30 Differe ntiated Services GS2200-24 User’s Guide 260 30.5 DSCP-to-IEEE 802.1p Priority Settings You can configure the DSCP to I EEE 802. 1p mapping to allo w the Switch to prioritize all traffic based on the incoming DSCP value according to the DiffServ to IEEE 802.1p mapping table. The following table shows the de fault DSCP-to- IEEE80[...]
-
Page 261
GS2200-24 User’s Guide 261 C HAPTER 31 DHCP 31.1 DHCP Overview This chapter shows you how to configure the DHCP feature. DHCP (Dynamic Host Configuratio n Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP conf iguration at start-up from a server. You can configure the Switch as a DHCP se rver or a DHCP relay agent. When[...]
-
Page 262
Chapter 31 DHCP GS2200-24 User’s Guide 262 computer on your network, it contacts the DHCP server for the necessary IP information, and then relays t he assigned information back to the computer. 31.3.2 DHCP Configuration Options The DHCP conf iguration on the Switch is divided in to Global and VLAN sc reens. The screen you should use for configur[...]
-
Page 263
Chapter 31 DHCP GS2200-24 User’s Guide 263 The following describes the DHCP relay information that the Switch sends to the DHCP server: 31.4 DHCP Status Click IP Application > DHCP in the navigat ion panel. The DHCP Status screen displays. Figure 130 IP Application > DHCP Status The following table describes t he labels in this screen. Tabl[...]
-
Page 264
Chapter 31 DHCP GS2200-24 User’s Guide 264 31.5 Configuring DHCP Global Relay Configure global DHCP relay in the DHCP R elay screen. Clic k IP Application > DHCP in the navigation panel and click the Global li nk to display the screen as shown. Figure 131 IP Application > DHCP > Global The following table describes t he labels in this sc[...]
-
Page 265
Chapter 31 DHCP GS2200-24 User’s Guide 265 31.5.1 Global DHCP Relay Configuration Example The following figure shows a network exam ple where the Switch is used to relay DHCP requests for the VLAN1 and VLAN2 domains. There is only one DHCP server that services the DHCP clients in both domains. Figure 132 Global DHCP Relay Network Example Configur[...]
-
Page 266
Chapter 31 DHCP GS2200-24 User’s Guide 266 Note: You must set up a man agement IP address for each VLAN th at you want to configure DHCP settings for on the Switch. See Section 8.7 on page 78 for information on how to set up management IP addresses for VLANs. Figure 134 IP Application > DHCP > VLAN The following table describes t he labels [...]
-
Page 267
Chapter 31 DHCP GS2200-24 User’s Guide 267 31.6.1 Example: DHCP Relay for Two VLANs The following example dis plays two VLANs (VIDs 1 and 2) for a campus network. Two DHCP servers are installed to serve each VLAN. The system is set up to forward DHCP requests from the dormitory rooms (VLAN 1) to the DHCP server with an IP address of 192.168.1.100[...]
-
Page 268
Chapter 31 DHCP GS2200-24 User’s Guide 268 For the example netw ork, co nfigure the VLAN Setting screen as shown. Figure 136 DHCP Relay for Two VL ANs Configuration Example[...]
-
Page 269
269 P ART V Management Maintenance (271) Access Control (279) Diagnostic (301) Syslog (303) Cluster Management (307) MAC Table (315) ARP Table (319) Configure Clone (321)[...]
-
Page 270
270[...]
-
Page 271
GS2200-24 User’s Guide 271 C HAPTER 32 Maintenance 32.1 Overview This chapter explains how to configure the screens that let you maintain the firmware and configuration files. 32.2 What You Can Do •U s e t h e Maintenance scre en ( Section 32.3 on page 271 ) to upl oad the latest firmware. •U s e t h e Firmware Upgrade screen ( Section 32.4 o[...]
-
Page 272
Chapter 32 Maintenance GS2200-24 User’s Guide 272 The following table describes t he labels in this screen. 32.3.1 Load Factory Default Follow the step s below to reset th e Sw itch back to the factory defaults. 1 In the Maintenance screen, click the Click Here button next to Load Factory Default to clear al l Switch configurat ion informat ion y[...]
-
Page 273
Chapter 32 Maintenance GS2200-24 User’s Guide 273 3 In the web configurator, click the Save button in the top of the screen to make the changes take effect. If you want to access the Swit ch web configurator again, you may need to change the IP address of you r computer t o be in t he same subnet as that of the default Switch IP address (192.168.[...]
-
Page 274
Chapter 32 Maintenance GS2200-24 User’s Guide 274 32.4 Firmware Upgrade Use the following screen to upgrade yo ur Switch to the latest fi rmware. Make sure you have downloaded (and unzipped) th e correct model firmware and version to your computer before uploading to the device. Be sure to upload the correct m odel firmware as uploading the wrong[...]
-
Page 275
Chapter 32 Maintenance GS2200-24 User’s Guide 275 Type the path and file name of the configuration file you wish to restore in the File Path text box or click Browse to locat e it. After you have specified the file, click Restore . "config" is the name of the c onfiguration file on the Switch, so your backup configuration file is automa[...]
-
Page 276
Chapter 32 Maintenance GS2200-24 User’s Guide 276 32.7 Technical Reference This section provides technical background information on the topics discussed in this chapter. 32.7.1 FTP Command Line This section shows some examples of uplo ading to or downloading files from t he Switch using FTP commands. First, un derstand th e filename conventions.[...]
-
Page 277
Chapter 32 Maintenance GS2200-24 User’s Guide 277 Be sure to upload the correct m odel firmware as uploading the wrong model firmware m ay damage your device. 32.7.3 FTP Command Line Procedure 1 Launch the FTP client on your computer. 2 Enter open , followed by a space and the IP address of your Switch. 3 Press [ENTER] when prompted for a usernam[...]
-
Page 278
Chapter 32 Maintenance GS2200-24 User’s Guide 278 32.7.5 FTP Restrictions FTP will not work when: • FTP service is disabled in the Service Access Control screen. • The IP address(es) i n the Remo te Management screen does not match the client IP address. If it does not match, the Switch will disconnect the FTP session immediat ely. Initial Re[...]
-
Page 279
GS2200-24 User’s Guide 279 C HAPTER 33 Access Control 33.1 Overview This chapter describes how to control access to t he Switch. A console port and FTP are allowed one se ssion each, Telnet and SSH share nine sessions, up to five Web sessions (five di fferent user names and password s) and/ or limitless SNMP access control sessions are allowed. A[...]
-
Page 280
Chapter 33 Access Control GS2200-24 User’s Guide 280 33.3 The Access Control Main Screen Use this screen to display the main screen. Click Management > Access Control in the navigation panel to display the main screen as shown. Figure 143 Management > Access Contro l 33.4 Configuring SNMP Use this screen to configure your SNMP settings. Cli[...]
-
Page 281
Chapter 33 Access Control GS2200-24 User’s Guide 281 The following table describes t he labels in this screen. Table 90 Management > Access Control > SNMP LABEL DESCRIPTION General Sett ing Use this section to specify the SNMP version and community (password) values. Version Select the SNMP version for the Switch. The SNMP version on the Sw[...]
-
Page 282
Chapter 33 Access Control GS2200-24 User’s Guide 282 Security Level Select whether you want to implement authentication and/or encryption for SNMP communication from this us er. Choose: • noauth -to use the username as the password string to send to the SNMP manager. This is equivale nt to the Get, Set and Trap Community in SNMP v2c. This is th[...]
-
Page 283
Chapter 33 Access Control GS2200-24 User’s Guide 283 33.5 Configuring SNMP Trap Group Use the Trap Group screen to specify the t ypes of SN MP traps that shoul d be sent to each SNMP manager. Click Management > Access Control > SNMP > Trap Group to view the screen as shown. Figure 145 Management > Access Contro l > SNMP > Trap G[...]
-
Page 284
Chapter 33 Access Control GS2200-24 User’s Guide 284 33.6 Setting Up Login Accounts Use this screen to assig n which users can access the Switch via web configurator at any one time. U p t o f i v e p e o p l e ( o n e a d m i n i s t r a t o r a n d four non-administrators) may access the Switch via web configurator at any one time. • An admin[...]
-
Page 285
Chapter 33 Access Control GS2200-24 User’s Guide 285 The following table describes t he labels in this screen. 33.7 Service Port Acce ss Control Use this screen to decide what s ervices you may use to access the Switch. Service Access Control allows you to decide what services you may use to access the Switch. You may also change the def ault ser[...]
-
Page 286
Chapter 33 Access Control GS2200-24 User’s Guide 286 later). Cl ick Management > Access Control > Service Access Control to view the screen as shown. Figure 147 Manageme nt > Access Control > Service Access Control The following table describes t he fields in this screen. 33.8 Remote Management Use this screen to specify a group of on[...]
-
Page 287
Chapter 33 Access Control GS2200-24 User’s Guide 287 You can specify a group of one or more “trusted computers” from which an administrator may use a service to manage the Switch. Clic k Access Control to return to the Access Control screen. Figure 148 Management > Access Contro l > Remote Management The following table describes t he l[...]
-
Page 288
Chapter 33 Access Control GS2200-24 User’s Guide 288 33.9.1 About SNMP Simple Network Manageme nt Protocol (SNM P) is an application layer protocol used to manage and monitor TCP/IP-based devices. SNMP is used to exchange management information between the network manage ment system (NMS) and a network element (NE). A manager st ation can manage [...]
-
Page 289
Chapter 33 Access Control GS2200-24 User’s Guide 289 SNMP itself is a simple request /respon se protocol based on the manager/agent model. The manager issues a request an d the agent returns responses using the following protocol operations: SNMP v3 and Security SNMP v3 enhances security for SNMP management. SNMP managers can be required to authe[...]
-
Page 290
Chapter 33 Access Control GS2200-24 User’s Guide 290 An OID (Object ID) that begins with “ 1.3.6.1.4.1.890.1.5.8 ” is defined in private MIBs. Otherwis e, it is a standard MIB OID. Table 96 SNMP Syst em Traps OPTION OBJECT LABEL OBJE CT ID DESCRIPTION coldstart coldS tart 1. 3.6.1.6.3.1.1.5.1 This trap is sent when the Switch is turned on. wa[...]
-
Page 291
Chapter 33 Access Control GS2200-24 User’s Guide 291 Table 97 SNMP InterfaceTraps OPTION OBJEC T LABEL OBJECT ID DESCRIPTION linkup linkUp 1 .3.6.1.6.3.1.1. 5.4 This trap is sent when the Ethernet link is up. LinkDownEventClear : 1.3.6.1.4.1 .890.1.5.8.55.25 .2.2 This trap is sent when the Ethernet link is up. linkdown linkD own 1.3.6.1.6.3.1.1.5[...]
-
Page 292
Chapter 33 Access Control GS2200-24 User’s Guide 292 Table 98 AAA Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION authenticatio n authenticationFailure 1.3.6.1.6.3.1.1.5.5 This trap is sent when authentication fails due to incorrect user name and/or password. AuthenticationFailureEven tOn : 1.3.6.1.4.1. 890.1.5.8.55. 2 5.2.1 This trap is sent whe[...]
-
Page 293
Chapter 33 Access Control GS2200-24 User’s Guide 293 33.9.2 SSH Overview Unlike Telnet or FTP, which transmit data in clear t ext, SSH (Secure Shell) is a secure communication protocol that combin es authentication and data encryption Table 100 SNMP Switch Traps OPTION OBJEC T LABEL OBJECT ID DESCRIPTION stp STPNewRoot 1.3.6.1.2. 1.17.0.1 This tr[...]
-
Page 294
Chapter 33 Access Control GS2200-24 User’s Guide 294 to provide secure encrypted communicatio n between two hosts over an unsecured network. Figure 150 SSH Communication Example 33.9.2.1 How SSH works The following table summarizes how a secure connect ion is established between two remot e hosts. Figure 151 How SSH Works 1 Host Identificat ion T[...]
-
Page 295
Chapter 33 Access Control GS2200-24 User’s Guide 295 2 Encryption Method Once the identification is verified, both the client and server must agree on the type of encryption method to us e. 3 Authentication and Data Transmission After the identification is verified and data encrypt ion activated, a secure tunnel is established between the client [...]
-
Page 296
Chapter 33 Access Control GS2200-24 User’s Guide 296 1 HTTPS connection requests from an SSL - aware web browser go to port 443 (by default) on the Switch’s WS (web server). 2 HTTP connection requests from a web brow ser go to port 80 ( by default) on the Switch’s WS (web server). Figure 152 HTTPS Implementation Note: If you disable HTTP in t[...]
-
Page 297
Chapter 33 Access Control GS2200-24 User’s Guide 297 You see the following Security Alert screen in Internet Explorer. Select Yes to proceed to the web configurator login screen ; if you sele ct No , then web configurator access is b locked. Figure 153 Security Aler t Dialog Box (Internet Explorer) Netscape Navigator Warning Messages When you att[...]
-
Page 298
Chapter 33 Access Control GS2200-24 User’s Guide 298 Select Accept this certificate permanently to import the S witch’s cert ificate into the SSL client. Figure 154 Security Certificate 1 (Netscape) Figure 155 Security Certificate 2 (Netscape) example example[...]
-
Page 299
Chapter 33 Access Control GS2200-24 User’s Guide 299 33.9.3.2 The Main Screen After you accept the certificate and enter the login username and pass word, the Switch main screen appears. The l ock di splayed in the bottom right of the browser status bar denotes a secure connection. Figure 156 Example: Lock Denoting a Secure Conn ection example[...]
-
Page 300
Chapter 33 Access Control GS2200-24 User’s Guide 300[...]
-
Page 301
GS2200-24 User’s Guide 301 C HAPTER 34 Diagnostic 34.1 Overview This chapter explains the Diagnostic screen. Use the Diagnostic screen ( Section 34.2 on page 301 ) to check system logs, ping IP addresses or perform port tests. 34.2 Diagnostic Click Management > Diagnostic in the navi gation panel to open this screen. Use this screen to check s[...]
-
Page 302
Chapter 34 Diagnostic GS2200-24 User’s Guide 302 The following table describes t he labels in this screen. Table 101 Management > Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi-line text box. Click Cl ear to empty the text box and reset the syslog entry. IP Ping Type the IP address of a device tha[...]
-
Page 303
GS2200-24 User’s Guide 303 C HAPTER 35 Syslog 35.1 Overview This chapter explains the syslog screens. The syslog protocol allows devices to se nd event notific ation messages ac ross an IP network to syslog servers t hat coll ec t the even t messages . A syslog-e nabled device can generate a syslog messag e and send it to a syslog server. Syslog [...]
-
Page 304
Chapter 35 Syslog GS2200-24 User’s Guide 304 35.3 Syslog Setup Use this screen to configure the device’ s system logging settings. Click Management > Syslog in the navigation panel to display this screen. The syslog feature sends logs to an external sysl og server. Figure 158 Manageme nt > Syslog The following table describes t he labels [...]
-
Page 305
Chapter 35 Sy slog GS2200-24 User’s Guide 305 35.4 Syslog Server Setup Click Management > Syslog > Syslog Server Setup to vie w the screen as shown next. Use this screen to configur e a list of external syslog servers. Figure 159 Management > Syslog > Syslog Server Setup The following table describes t he labels in this screen. Table [...]
-
Page 306
Chapter 35 Syslog GS2200-24 User’s Guide 306[...]
-
Page 307
GS2200-24 User’s Guide 307 C HAPTER 36 Cluster Management 36.1 Overview This chapter introduces cluster management. Cluster Management allows you to manage switches through one Switch, called the cluster manager. The swit ches must be directly connected and be in the same VLAN group so as to be able to co mmunicate with one another. Table 105 ZyX[...]
-
Page 308
Chapter 36 Cluster Management GS2200-24 User’s Guide 308 In the following example, switch A in the basement is the cluster manager and the other switches on the upper floors of the building are clust er members. Figure 160 Clustering App lication Example 36.2 What You Can Do •U s e t h e Cluster Management screen ( Section 36.3 on page 308 ) to[...]
-
Page 309
Chapter 36 Cluster Management GS2200-24 User’s Guide 309 Note: A cluster can only have one manager. Figure 161 Management > Cluster Manag ement: Status The following table describes t he labels in this screen. Table 106 Management > Cluster Mana gement: Status LABEL DESCRIPTION Status This field displays the role of this Switch within the c[...]
-
Page 310
Chapter 36 Cluster Management GS2200-24 User’s Guide 310 36.4 Clustering Management Configuration Use this screen to configure clustering management. Click Management > Cluster Management > Configuration to display the next screen. Figure 162 Management > Cluster Manag ement > Configuration The following table describes t he labels in[...]
-
Page 311
Chapter 36 Cluster Management GS2200-24 User’s Guide 311 VID This is the VLAN ID and is only applicable if the Switch is set to 802.1Q VLAN. All switches must be directly connected and in the same VLAN group to belong to the same cluster. Switches that are not in the same VLAN group are not visible in the Clustering Cand idates list. This field i[...]
-
Page 312
Chapter 36 Cluster Management GS2200-24 User’s Guide 312 36.5 Technical Reference This section provides technical background information on the topics discussed in this chapter. 36.5.1 Cluster Member Switch Management Go to the Clustering Management St atus screen of the cluster manager switch and then sele ct an Index hyperlink fro m the list of[...]
-
Page 313
Chapter 36 Cluster Management GS2200-24 User’s Guide 313 36.5.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager swi tch as sh own in the following exampl e. Figure 164 Example: Uploading Firmware to a Cluster Memb er Switch The following table explains some [...]
-
Page 314
Chapter 36 Cluster Management GS2200-24 User’s Guide 314[...]
-
Page 315
GS2200-24 User’s Guide 315 C HAPTER 37 MAC Table 37.1 Overview This chapter introduces the MAC Table sc reen. The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered acro ss the Switch’s ports. It shows what device MAC address, bel onging to what VLAN group (if any) is forwarded to whi[...]
-
Page 316
Chapter 37 MAC Ta ble GS2200-24 User’s Guide 316 • If the Switch has already learned the port for this MAC address, but the destination port is the same as the port it came in on, then it filters the frame. Figure 165 MAC Table Flowchart 37.4 Viewing the MAC Table Use this screen to check whether the MAC add ress is dynamic or static . Click Ma[...]
-
Page 317
Chapter 37 MAC Table GS2200-24 User’s Guide 317 The following table describes t he labels in this screen. Table 109 Management > MAC Table LABEL DESCRIPTION Condition S elect one of the buttons and click Search to on ly display the data which matches the criteria you specified. Select All to display any entry in the MAC table of the Switch. Se[...]
-
Page 318
Chapter 37 MAC Ta ble GS2200-24 User’s Guide 318[...]
-
Page 319
GS2200-24 User’s Guide 319 C HAPTER 38 ARP Table 38.1 Overview This chapter introduces ARP Tabl e. Address Resolution Protocol (ARP) is a pr otocol for mapping an Internet Protocol address (IP address) to a physical machin e address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bi[...]
-
Page 320
Chapter 38 ARP Table GS2200-24 User’s Guide 320 38.3 Viewing the ARP Table Use the ARP table to view IP-to-MAC address mapping(s). Click Management > ARP Table in the navig ation pane l to open the following screen. Figure 167 Management > ARP Table The following table describes t he labels in this screen. Table 110 Management > ARP Tabl[...]
-
Page 321
GS2200-24 User’s Guide 321 C HAPTER 39 Configure Clone 39.1 Overview This chapter shows you how you can copy the settings of one port onto other ports. Use the Configure Clone screen ( Section 39.2 on page 321 ) to copy the basic and advanced settings from a source po rt to a destination port or ports. 39.2 Configure Clone Cloning allows you to c[...]
-
Page 322
Chapter 39 Config ure Clone GS2200-24 User’s Guide 322 The following table describes t he labels in this screen. Table 111 Management > Configure Clone LABEL DESCRIPTION Source/ Destination Port Enter the source port under the Sourc e label. This port’s attributes are copied. Enter the destination port or ports under the Destination labe l. [...]
-
Page 323
323 P ART VI Troubleshooting & Product Specifications Troubleshooting (325) Product Specifications (329)[...]
-
Page 324
324[...]
-
Page 325
GS2200-24 User’s Guide 325 C HAPTER 40 Troubleshooting This chapter offers some suggestions t o solve problems you might encount er. The potential problems are divided into the following categories . • Power, Hardware Connections, and LED s • Switch Access and Login • Switch Configuration 40.1 Power, Hardware Connections, and LEDs The Switc[...]
-
Page 326
Chapter 40 Trou bleshooting GS2200-24 User’s Guide 326 1 Make sure you understand the normal behavior of the LED. See Section 3.3 on page 40 . 2 Check the hardware connections. See Section 40.1 on page 325 . 3 Inspect your cables for damage. Contact the vendor to replace any damaged cables. 4 Disconnect and re-connect the powe r adaptor or cord t[...]
-
Page 327
Chapter 40 Trou bleshooting GS2200-24 User’s Guide 327 • If you changed the IP ad dress and have forgotten it, see the troubleshooting suggestions for I forgot the IP address for the Switch. 2 Check the hardware connections, and ma ke sure the LEDs are behaving as expected. See Section 3.3 on page 40 . 3 Make sure your Internet browser do es no[...]
-
Page 328
Chapter 40 Trou bleshooting GS2200-24 User’s Guide 328 In order to use the web configurator you need to allow: • Web browser pop-up windows from your devi ce. • JavaScripts (enabled by default). • Java permissions (enabled by default). I cannot see some of Advanced Application submenus at the bottom of the navigation panel. The recommended [...]
-
Page 329
GS2200-24 User’s Guide 329 C HAPTER 41 Product Specifications The following tables summarize the Swit ch’s hardware and firmware feature s. Table 112 Hardware Specifications SPECIFICATION DESCRIPTION Dimensions Standard 19” rack mountable 440 mm (W) x 173 mm (D) x 43 mm (H) Weight 2.5 kg Power Specification 10 0-240 VAC, 50/60HZ 0.6 A Max. Po[...]
-
Page 330
Chapter 41 Product Specifications GS2200-24 User’s Guide 330 Fan Design Fanless Fuse Specification 250 VAC, T2A Table 113 Firmware Specifications FEATUR E DESCRIPTION Default IP Address 192. 168.1.1 Default Subnet Mask 255.255.25 5.0 (24 bits) Administrator User Name admin Default Password 1234 Number of Login Accounts Configurable on the Switc h[...]
-
Page 331
Chapter 41 Product Specifications GS2200-24 User’s Guide 331 Queuing Queuing is used to help solve performance degradation when there is network congestion. The following scheduling services are supported: Strict Priority Queuing (SPQ) Weighted Round Robin (WRR), and Weighted Fair Queuing (WFQ). This allows the Switch to maintain separate queues [...]
-
Page 332
Chapter 41 Product Specifications GS2200-24 User’s Guide 332 Firmware Upgrade Download new firmware (when available) from the ZyXEL w eb site and use the web configurator, CLI or an FTP/TFTP tool to put it on the Switch. Note: Only upload firmware for your spe cific model! Configuration Backup & Restoration Make a copy of the Switch’s confi[...]
-
Page 333
Chapter 41 Product Specifications GS2200-24 User’s Guide 333 VLAN Port-based VLAN 802.1Q tag-based VLAN number of VLAN: 4K, 1000 static maximum GVRP for dynamic registration Double tagging for VLAN stacking, 64-entry maximum Private VLAN for port isolation Protocol-Based VLAN. IP subnet based VLAN Link Aggregation IEEE 802.3ad static and dynamic [...]
-
Page 334
Chapter 41 Product Specifications GS2200-24 User’s Guide 334 The following list, which is not exhaust ive , illustrates the standards s upported in the Switch. AAA Support RADIUS and TACACS+ Security Static MAC address filtering Static MAC address forwarding MAC Freeze IEEE 802.1x port-based authentication Limiting number of dynamic MAC addresses[...]
-
Page 335
Chapter 41 Product Specifications GS2200-24 User’s Guide 335 RFC 3046 DHCP Relay RFC 3164 Syslog RFC 3376 Internet Group Management Protocol, Version 3 RFC 3414 User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMP v3) RFC 3580 RADIUS - Tunnel Protocol Attribute IEEE 802.1ab Link Layer Discovery Protocol (L[...]
-
Page 336
Chapter 41 Product Specifications GS2200-24 User’s Guide 336[...]
-
Page 337
337 P ART VII Appendices and Index Changing a Fuse (339) Common Services (341) Legal Information (345) Index (349)[...]
-
Page 338
338[...]
-
Page 339
GS2200-24 User’s Guide 339 A PPENDIX A Changing a Fuse This appendix shows you how to remo ve and ins tall fuses f or the Swit ch. If you use a fuse other than an included fuse, make sure it matches the fuse specifications in the chapter on produ ct specifications. Removing a Fuse Disconnect all power from the Sw itch before you begin this proced[...]
-
Page 340
Appendix A Changing a Fuse GS2200-24 User’s Guide 340[...]
-
Page 341
GS2200-24 User’s Guide 341 A PPENDIX B Common Services The following table lists some commonl y- used services and their associated protocols and port numbers. For a comprehe nsive list of port numbers, ICMP type/ code numbers and services , visit the IANA (Internet Assigned Number Authority) web site. • Name : This is a short, descript ive nam[...]
-
Page 342
Appendix B Common Services GS2200-24 User’s Guide 342 ESP (IPSEC_TUNNEL) User-Defined 50 The IPSEC ESP (Encapsulation Security Protocol) tunneling protocol uses this service. FINGER TCP 79 Finger is a UNIX or Internet related command that can be used to find out if a user is logged on. FTP TCP TCP 20 21 File Transfer Program, a program to enable [...]
-
Page 343
Appendix B Common Services GS2200-24 User’s Guide 343 POP3 TCP 110 Post Office Protocol version 3 lets a client computer get e-mail from a POP3 server through a temporary connection (TCP/IP or other). PPTP TCP 1723 Point-to-Point Tunneling Protocol enables secure transfer of data over public networks. This is the control channel. PPTP_TUNNEL (GRE[...]
-
Page 344
Appendix B Common Services GS2200-24 User’s Guide 344 TELNET TCP 23 Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into remote host systems. TFTP UDP 69 Trivial File Transfer Protocol is an Internet file transfer p[...]
-
Page 345
GS2200-24 User’s Guide 345 A PPENDIX C Legal Information Copyright Copyright © 2009 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval syst em, translated into any language, or transmitted in any form or by any me ans, el ectronic, mechanical, [...]
-
Page 346
Appendix C Legal Info rmation GS2200-24 User’s Guide 346 • This device mus t accept any interf erence received, including interference that may cause undesired operations. FCC Warning This device has been tested and found to comply with the limits for a Class A digital switch, pursuant to Part 15 of th e FCC Rules. These limits are designed to [...]
-
Page 347
Appendix C Legal Infor mation GS2200-24 User’s Guide 347 Viewing Certifications 1 Go to http://www.zyxel .com . 2 Select your product on the ZyXEL home page to go to that product's page. 3 Select the certification you wish to vi ew from this page. ZyXEL Limited Warranty ZyXEL warrants to the original end user (pur chaser) that this product i[...]
-
Page 348
Appendix C Legal Info rmation GS2200-24 User’s Guide 348[...]
-
Page 349
Index GS2200-24 User’s Guide 349 Index Numerics 802.1P priority 83 A AAA 201 AAA (Authentication and Authorization) 202 access control limitations 279 login account 284 remote management 286 service port 285 SNMP 288 address learning, MAC 97 , 100 Address Resolution Protocol (ARP) 319 , 321 , 32 2 administrator password 285 age 131 aggregator ID [...]
-
Page 350
Index GS2200-24 User’s Guide 350 cloning a port See port cloning cluster management 307 and switch passwords 311 cluster manager 307 , 310 cluster member 307 , 311 cluster member firmware upgrade 313 network example 308 setup 310 specification 307 status 308 switch models 307 VID 311 web config urator 312 cluster manager 307 cluster member 307 Co[...]
-
Page 351
Index GS2200-24 User’s Guide 351 command example 276 filename convention, configuration configuration file names 276 filtering 115 rules 115 filtering database, MAC table 315 firmware 72 upgrade 274 , 313 flow control 82 back pressure 82 IEEE802.3x 82 forwarding delay 131 frames tagged 96 untagged 96 front panel 35 FTP 276 file transfer procedure[...]
-
Page 352
Index GS2200-24 User’s Guide 352 IP setup 78 IP source guard 215 , 216 ARP inspection 216 , 238 DHCP snooping 216 , 23 5 static bindings 216 IP subnet mask 80 L L2PT 245 access port 246 CDP 245 configuration 247 encapsulation 245 LACP 246 MAC address 245 mode 246 overview 245 PAgP 246 point to point 246 STP 245 tunnel port 246 UDLD 246 VTP 245 LA[...]
-
Page 353
Index GS2200-24 User’s Guide 353 max age 131 hops 131 MDIX (Media Dependent Interface Crossover) 37 MIB and SNMP 288 supported MIBs 289 MIB (Management Information Base) 288 mirroring ports 147 monitor port 148 mounting brackets 32 MRSTP status 128 MST ID 136 MST Instance, See MSTI 136 MST region 136 MSTI 136 MSTP 117 , 120 bridge ID 134 configur[...]
-
Page 354
Index GS2200-24 User’s Guide 354 port VLAN trunking 90 port-based VLAN 102 all connected 105 port isolation 105 settings wizard 105 ports diagnostics 302 mirroring 147 speed/duplex 82 standby 152 power voltage 73 power connector 39 power consumption 329 power specification 329 power status 73 priority level 78 priority, queue assignment 78 produc[...]
-
Page 355
Index GS2200-24 User’s Guide 355 communities 281 management model 288 manager 288 MIB 289 network components 288 object variables 288 protocol operations 289 security 282 setup 280 , 283 version 3 289 versions supported 288 SNMP traps 289 , 290 , 291 , 293 setup 283 supported 291 Spanning Tree Protocol, See STP. 117 SPQ (Strict Priority Queuing) [...]
-
Page 356
Index GS2200-24 User’s Guide 356 current 75 time zone 75 Time (RFC-868) 75 time server 75 time service protocol 75 format 75 TPID 190 trademarks 345 transceiver MultiSource Agreement (MSA) 37 transceivers 37 installation 38 removal 38 traps destination 281 trunk group 151 trunking 151 , 332 example 158 trusted ports ARP inspection 239 DHCP snoopi[...]
-
Page 357
Index GS2200-24 User’s Guide 357 W warranty 347 note 347 web config urator 43 getting help 50 home 44 login 43 logout 50 navigation panel 45 weight, queuing 182 Weighted Round Robin Scheduling (WRR) 182 WRR (Weighted Round Robin Scheduling) 182 Z ZyNOS (ZyXEL Network Operating System) 276[...]
-
Page 358
Index GS2200-24 User’s Guide 358[...]