ZyXEL Communications GS2200-8/24 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332

Ir para a página of

Bom manual de uso

As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto ZyXEL Communications GS2200-8/24. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoZyXEL Communications GS2200-8/24 vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.

O que é a instrução?

A palavra vem do latim "Instructio" ou instruir. Portanto, no manual ZyXEL Communications GS2200-8/24 você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.

Infelizmente, pequenos usuários tomam o tempo para ler o manual ZyXEL Communications GS2200-8/24, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.

Então, o que deve conter o manual perfeito?

Primeiro, o manual ZyXEL Communications GS2200-8/24 deve conte:
- dados técnicos do dispositivo ZyXEL Communications GS2200-8/24
- nome do fabricante e ano de fabricação do dispositivo ZyXEL Communications GS2200-8/24
- instruções de utilização, regulação e manutenção do dispositivo ZyXEL Communications GS2200-8/24
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes

Por que você não ler manuais?

Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque ZyXEL Communications GS2200-8/24 não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos ZyXEL Communications GS2200-8/24 e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço ZyXEL Communications na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas ZyXEL Communications GS2200-8/24, como para a versão papel.

Por que ler manuais?

Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo ZyXEL Communications GS2200-8/24, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.

Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual ZyXEL Communications GS2200-8/24. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação

Índice do manual

  • Página 1

    www .zyxel.com GS2200-8/24 Series Intelligent Layer 2 GbE Switch Copyright © 201 1 ZyXEL Communications Corporation Firmware V ersi on 4.00 Edition 1, 12/2011 Default Login Details IP Address http://192.168.1.1 User Name admin Pa ss wo rd 12 34[...]

  • Página 2

    [...]

  • Página 3

    About This User's Guide GS2200-8/24 User’s Gui de 3 About This User's Guide IMPORT ANT! READ CAREFULL Y BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Intended Audience This manual is intended for people who want to configure the S w itch us ing the web configurator . Related Document ation • Command Line Interface (CLI) R eference[...]

  • Página 4

    About This User's Guide GS2200-8/24 User’s Gui de 4 Need More Help? More help is available at www .zyxel.com. • Download Library Search for the latest product updates and documentation from this link. Read the T ech Doc Overview to find out how to efficiently use the User Guide, Quick Start Guide and Command Line Interface R eference Guide[...]

  • Página 5

    About This User's Guide GS2200-8/24 User’s Gui de 5 • Brief description of the problem and the steps you took to solve it.[...]

  • Página 6

    Document Conventions GS2200-8/24 User’s Gui de 6 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User’ s Guide. W arnings tell you about things that could harm you or your device. Note: Notes tell y ou other important information (for example, other things y ou may need to configure or helpful tips) o[...]

  • Página 7

    Document Conventions GS2200-8/24 User’s Gui de 7 Server DSLAM Firewall Te l e p h o n e Ro u t er[...]

  • Página 8

    Safety Warnings GS2200-8/24 User’s Gui de 8 Safety Warnings • Do NOT use this pro duct near water , for example, in a wet basement or near a swimming pool. • Do NOT expose y our device to da mpness, dust or corros ive liquids. • Do NOT stor e things on the device. • Do NOT i nstall, use, or servic e this device during a thunderst orm. The[...]

  • Página 9

    Contents Overview GS2200-8/24 User’s Gui de 9 Contents Overview User ’ s Guide ......................................................................................... ......................... ..................... 21 Getting to Know Y our Sw itch ..... ................ ................ ............. ................ ................ ........[...]

  • Página 10

    Contents Overview GS2200-8/24 User’s Gui de 10 Diagnostic ................ ............. ................. ................ ............. ................ ................ ......... ................. ........ 285 Syslog ............. ................ ................ ............. ................ ............. ................ ............. ....[...]

  • Página 11

    Table of Contents GS2200-8/24 User’s Gui de 11 Table of Contents About This User's Guide ................................................................................. ....................... .............. 3 Document Conventions .................................................. .......................................... ............... [...]

  • Página 12

    Table of Contents GS2200-8/24 User’s Gui de 12 3.2.4 Power Connector .................... ... ... ... ... ............. .... ... ... ... .... ... ... ... ............. ... .... ... ... ... ... .. ........ .... 35 3.3 LEDs ............. ... .... ............. ... ... ... .... ............ .... ... ... ... ............. .... ... ... ... ...........[...]

  • Página 13

    Table of Contents GS2200-8/24 User’s Gui de 13 Chapter 8 Basic Setting .............................................. .......................................... ......................... ..................... 66 8.1 Overview ................ ... ... ............. ... .... ... ... ... ... ............. .... ... ... ... .... ............ .... ... .[...]

  • Página 14

    Table of Contents GS2200-8/24 User’s Gui de 14 1 1.2 Conf iguring S tatic Multicast Forwarding ........ ................ ................ ................ ................ ......... ...... 104 Chapter 12 Filtering ........................................................ ..................................................... ......... .............[...]

  • Página 15

    Table of Contents GS2200-8/24 User’s Gui de 15 16.1.1 What Y ou Can Do ................. ................ ............. ............. ............ ................. ............ .... ........ 134 16.2 Port Mirroring Setup ...... .................... ... .......... ................ ............. ................ ............. .... ................[...]

  • Página 16

    Table of Contents GS2200-8/24 User’s Gui de 16 21.2.1 Viewing and Editin g Policy Configuration ............... ................ ................ ................ ............ 163 21.3 Policy Example ........ ................ ............. ...... ............. ............. ................ ............. ......... ................. .. 164 Chapter[...]

  • Página 17

    Table of Contents GS2200-8/24 User’s Gui de 17 25.3 IP Source Guard S tatic Bi nding ..... ... ... ... ... .... ............. ... ... ... .... ... ............. ... ... ... .... ... ... ........ .......... 195 25.4 DHCP Snooping ............... ... ............. ... ... ... .... ... ... ... ............. .... ... ... ... ... .... ... ... ........[...]

  • Página 18

    Table of Contents GS2200-8/24 User’s Gui de 18 29.1.1 What Y ou Can Do ................. ................ ............. ............. ............ ................. ............ .... ........ 231 29.1.2 What Y ou Need to Know ....... ............ ............. .......... ............. ............. ............. ............. .... .... 231 29.2 T[...]

  • Página 19

    Table of Contents GS2200-8/24 User’s Gui de 19 34.1.1 What Y ou Can Do ................. ................ ............. ............. ............ ................. ............ .... ........ 255 34.2 The Mainte nance Screen ...... ... .... ... ... ............. ... ... .... ... ... ... ............. ... .... ... ... ... ............. ... . .....[...]

  • Página 20

    Table of Contents GS2200-8/24 User’s Gui de 20 Chapter 38 Cluster Management .................................. ..................................................... ...................... ........... 290 38.1 Overview ....... ................ ................. ............ ................. ............. ................ ............. .. .......[...]

  • Página 21

    21 P ART I User ’ s Guide[...]

  • Página 22

    22[...]

  • Página 23

    GS2200-8/24 User’s Gui de 23 C HAPTER 1 Getting to Know Your Switch 1.1 Introduction This chapter introduces the main features and applications of the Switch. The Switch is a lay er-2 standalone Ethernet switch with additional layer -2, layer-3, and la yer-4 features suitable for Ethernets. The Switch has ei ght or twenty-four 100/1000 Mbps Ether[...]

  • Página 24

    Chapter 1 Getting to Know Your Switch GS2200-8/24 User’s Gui de 24 In this example, all computers can share high-spe ed applic ations on the serv er . T o expand the network, simply add more networking devices such as switches, routers, computers, print servers etc. Figure 1 Backbone Application 1.1.2 Bridging Example In this example, the Switch [...]

  • Página 25

    Chapter 1 Getting to Know Your Switch GS2200-8/24 User’s Gui de 25 Switching to higher-speed LANs such as A TM (Asy nchronous T ransmission Mode) is not feasible for most people due to the expense of replacing all existing Ethernet cables and adapter cards, restructuring your network and complex maintenance. The Switch can provide the same bandwi[...]

  • Página 26

    Chapter 1 Getting to Know Your Switch GS2200-8/24 User’s Gui de 26 Shared resources such as a server can be used by all ports in the same VLAN as the server . In the following figure only ports that need access to th e server need to be part of VLAN 1. Ports can belong to other VLAN groups too. Figure 4 Shared Server Using V LAN Example 1.2 W ays[...]

  • Página 27

    GS2200-8/24 User’s Gui de 27 C HAPTER 2 Hardware Installation and Connection 2.1 Inst allation Scenarios This chapter shows you how to install and connect the Sw itch. The Switch can be placed on a desktop or r ack-mounted on a stan dard EIA rack. Use the rubber feet in a desktop installation and the br ackets in a r ack -mounted installation. No[...]

  • Página 28

    Chapter 2 Hardware Installation and Connection GS2200-8/24 User’s Gui de 28 • Make sure the position of the S witch does not make the rack unstable or top-heavy . T ake all necessary precautions to anchor the rack securely before installing the unit. 2.3.2 Att aching the Mounti ng Bracket s to the Switch 1 Po sition a mounting bracket on one si[...]

  • Página 29

    Chapter 2 Hardware Install ation and Conne ction GS2200-8/24 User’s Gui de 29 2.3.3 Mounting the Switch on a Rack 1 Po sition a mounting bracket (that is already attached to the Switch) on one side of the rack, lining up the two screw holes on the brack e t with the screw holes on the side o f the rack. Figure 6 Mounting the Switch on a Rack 2 Us[...]

  • Página 30

    Chapter 2 Hardware Installation and Connection GS2200-8/24 User’s Gui de 30 2 Align the holes on the back of the Switch with the screws on the wall. Hang the Switch on the screws. Figure 7 W all-mounting Example The Switch should be wall-mounted horizont ally . The Switch's side p a nels with ventilation slots should not be faci ng up or dow[...]

  • Página 31

    GS2200-8/24 User’s Gui de 31 C HAPTER 3 Hardware Panels 3.1 Overview This chapter describes the front panel and rear pa nel of the Switch and shows you how to make the hardware connections. 3.2 Front Panels The following figure shows the front panel of the S witch. Figure 9 Front Panel (GS2200-8) Figure 10 Front Panel (GS2200-8HP) Ethernet Ports [...]

  • Página 32

    Chapter 3 Hardware Pan els GS2200-8/24 User’s Gui de 32 Figure 1 1 Front Panel (GS2200-24) Figure 12 Front Panel (GS2200-24P) The following table describes the port labels on the front panel. T a ble 2 Front Panel Connections LABEL DESCRIPTION 8 or 24 100/ 1000 RJ-45 Ethernet Ports (GS2200-8 or GS2200-24 only) Connect th ese ports to a computer ,[...]

  • Página 33

    Chapter 3 Hardware Panels GS2200-8/24 User’s Gui de 33 3.2.1 Console Port For local management, y ou can use a computer with terminal emulation software configured to the following parameters: • VT100 • T erminal emulation • 9600 bps • No parity , 8 data bits, 1 stop bit • No flow control Connect the male 9-pin end of the console cable [...]

  • Página 34

    Chapter 3 Hardware Pan els GS2200-8/24 User’s Gui de 34 signal on the cable and using half duplex mode. Wh en the Switch ’ s auto-negotiation is turned off , an Ethernet port uses the pre-configured speed and duplex mod e when making a connection , thus requiring you to make sure that the settings of th e peer Ethernet port are the same in orde[...]

  • Página 35

    Chapter 3 Hardware Panels GS2200-8/24 User’s Gui de 35 5 Connect the fiber optic cables to the transceiv er . Figure 13 T ransceiver Installation Example Figure 14 Connecting the Fiber Optic Cables 3.2.3.2 T r ansceiver Removal Use the following steps to remo ve a mini-GBIC tr ansceiver (SFP module). 1 R emove the fiber optic cables from the tran[...]

  • Página 36

    Chapter 3 Hardware Pan els GS2200-8/24 User’s Gui de 36 T o connect power to the Switch, insert the female end of the power cord to the AC power receptacle on the front panel. Connect the other end of the supplied power cord to a power outlet. Mak e sure that no objects obstruct the airflow of the fans (located on the side of th e unit). See Chap[...]

  • Página 37

    37 P ART II T echnical Reference[...]

  • Página 38

    38[...]

  • Página 39

    GS2200-8/24 User’s Gui de 39 C HAPTER 4 The Web Configurator 4.1 Overview This section introduces the configur a tion and functions of the web configur ator . The web configurator is an HTML -based management interface that allows easy Switch setup and management via Intern et browser . Use Internet Ex plorer 6.0 and later , Netscape Navigator 7.[...]

  • Página 40

    Chapter 4 The Web Configurator GS2200-8/24 User’s Gui de 40 4.3 The S t atus Screen The Status screen is the first screen that displays when you access the web configur ator . This guide uses the GS2200-24P screens as an example. The scr eens may vary slightly for different models. The following figure shows the navigating components of a web con[...]

  • Página 41

    Chapter 4 The Web Con figurator GS2200-8/24 User’s Gui de 41 E - Click this link to display web help pages. Th e help pages provide descriptions for all of the configuration screens. In the navigation panel, click a main link to reveal a list of submenu links. The following table describes the links in the navigation panel. T a ble 4 Navigation P[...]

  • Página 42

    Chapter 4 The Web Configurator GS2200-8/24 User’s Gui de 42 VLAN This link takes you to scre ens whe r e yo u can conf igure port -based or 802.1Q VLAN (dependi ng on what you co nfigured i n the Sw itch Set up menu). Y ou can also c onfigure a protocol based VLAN or a subnet based VLAN in th ese screens . Stati c MAC For war d in g This lin k ta[...]

  • Página 43

    Chapter 4 The Web Con figurator GS2200-8/24 User’s Gui de 43 DiffServ This link takes you to screens wher e yo u can enable DiffServ , configure marking rules and set DSCP-to-IEEE802.1p mappings. DHCP This link takes you to screens whe re you can configure the DHCP settings. ARP Learning This link take s you to a screen where you can configure AR[...]

  • Página 44

    Chapter 4 The Web Configurator GS2200-8/24 User’s Gui de 44 4.3.1 Change Y our Password After you log in for the first time, it is recommended y ou change the default administrator password. Click Management > Access Control > Logins to display the next screen. Figure 20 Change Administrator Login P assword 4.4 Saving Y our Configuration Wh[...]

  • Página 45

    Chapter 4 The Web Con figurator GS2200-8/24 User’s Gui de 45 2 Delete all port-based VLANs with the CPU port as a member . The “CPU port” is the management port of the Switch. 3 Filter all traffic to the CPU port. 4 Disable all ports. 5 Misconfigure the text configuration file. 6 F orge t the passw ord and/o r IP address. 7 Prevent all servic[...]

  • Página 46

    Chapter 4 The Web Configurator GS2200-8/24 User’s Gui de 46 4.7 Logging Out of the W eb Configurator Click Logout in a screen to exit the web configur ator . Y ou have to log in with your password again after you log out. This is recommended after you finish a management session for security reasons. Figure 21 W eb Configurator: Logout Screen 4.8[...]

  • Página 47

    GS2200-8/24 User’s Gui de 47 C HAPTER 5 Initial Setup Example 5.1 Overview This chapter shows how to set up th e Switch for an example network. The following lists the configuration steps fo r the initial setup: • Create a VLAN • Set port VLAN ID • Configure the Switch IP management address 5.1.1 Creating a VLAN VLANs confine broadcast fr a[...]

  • Página 48

    Chapter 5 Initial Setup Ex am ple GS2200-8/24 User’s Gui de 48 1 Click Advanced Application > VL AN in the navigation panel and click the Static VLAN link. 2 In the Static VLAN screen, select ACTIVE , enter a descriptive name in the Name field and enter 2 in the VLAN Group ID field for the VLAN2 network. Note: The VLAN Group ID field in this s[...]

  • Página 49

    Chapter 5 Initial Se tup Example GS2200-8/24 User’s Gui de 49 In the example netw ork, conf igure 2 as the port VID on port 1 so that any untagged fr ames received on that port get sent to VLAN 2. Figure 23 Initial Setup Network Example: Port VID 1 Click Advanced Applications > VLAN in the navigation panel. Then click the VLAN Port Setting lin[...]

  • Página 50

    Chapter 5 Initial Setup Ex am ple GS2200-8/24 User’s Gui de 50 1 Connect your computer to any Ethernet port on the Switch. Mak e sure your computer is in the same subnet as the Switch. 2 Open your web browser and enter 192.1 68.1.1 (the de fault IP address) in the addre ss bar to access the web configurator . See Section 4.2 on page 39 for more i[...]

  • Página 51

    GS2200-8/24 User’s Gui de 51 C HAPTER 6 Tutorials 6.1 Overview This chapter provides some examples of using th e web configur ator to set up and use the Switch. The tutorials include: • How to Use DHCP Snooping on the S witch • How to Use DHCP R elay on the Sw itch 6.2 How to Use DHCP Snooping on the Switch Y ou only want DHC P server A conne[...]

  • Página 52

    Chapter 6 Tutorials GS2200-8/24 User’s Gui de 52 2 Go to Advanced Application > VLAN > Static VLAN , and create a VL AN with ID of 100. Add ports 5, 6 and 7 in the VLAN by selecting Fixed in the Control fie ld as show n. Deselect Tx Tagging because you don’t want outgoing traffic to contain this VLAN tag. Click Add . Figure 26 T utorial: [...]

  • Página 53

    Chapter 6 Tutorials GS2200-8/24 User’s Gui de 53 4 Go to Advanced Application > IP Source Guard > DHCP snooping > Configure , activate and specify VLAN 100 as the DHCP VLAN as shown. C lick Apply . Figure 28 T utorial: Specify DHC P VL AN 5 Click the Port link at the top right corner . 6 The DHCP Snooping Port Configure screen appears. S[...]

  • Página 54

    Chapter 6 Tutorials GS2200-8/24 User’s Gui de 54 7 Go to Advanced Application > IP Source Guard > DHCP snooping > Configure > VLAN , show VLAN 100 by entering 100 in the St art VID and End VID fiel ds an d click Ap ply . Then select Yes in the Enabl ed field of the VLAN 100 entry shown at the bottom section of the screen. If you w ant[...]

  • Página 55

    Chapter 6 Tutorials GS2200-8/24 User’s Gui de 55 6.3.1 DHCP Relay T u torial Introduction In this example, you have configured your DHCP server (192.168.2.3) and want to have it assign a specific IP address (say 172.16.1.18) to DHCP client A based on the system name, VLAN ID and port number in the DHCP request. Client A connects to the Switch’ [...]

  • Página 56

    Chapter 6 Tutorials GS2200-8/24 User’s Gui de 56 2 Go to Basic Setting > Switch Setup and set the VLAN t ype to 802.1 Q . Click Apply to save the settings to the run-time memory . Figure 33 T utorial: Set VLAN T ype to 802.1Q 3 Click Advanced Application > VLAN > Static VLAN . 4 In the Static VLAN screen, select ACTIVE , enter a descript[...]

  • Página 57

    Chapter 6 Tutorials GS2200-8/24 User’s Gui de 57 7 Click Add to save the settings to the run-time memory . Settings in the run-time memory are lost when the Switch’ s power is turned off . Figure 34 T utorial: Create a Static VLAN 8 Click the VLAN Status link in the Static V LAN screen and then the VLAN Port Setting link in the VLAN Status scre[...]

  • Página 58

    Chapter 6 Tutorials GS2200-8/24 User’s Gui de 58 10 Click Apply to save your changes back to the run-time memory . Figure 36 T utorial: Add T ag for Frames R eceived on Port 2 11 Click the Save link in the upper right corner of the web configurator to save yo ur configuration permanently . 6.3.3 Configuring DHCP Relay Follow the steps below to en[...]

  • Página 59

    Chapter 6 Tutorials GS2200-8/24 User’s Gui de 59 5 Click Apply to save your changes back to the run-time memory . Figure 37 T utorial: Set DHCP Server and R e lay Information 6 Click the Save link in the upper right corner of the web configurator to save yo ur configuration permanently . 7 The DHCP server can then assign a specif ic IP address ba[...]

  • Página 60

    GS2200-8/24 User’s Gui de 60 C HAPTER 7 System Status and Port Statistics 7.1 Overview This chapter describes the screens for system status (web configurator home page), port details and P oE status. The home screen of the web configurator displays a port statistical summary with links to each port showing statistical details. 7.1.1 What Y ou Can[...]

  • Página 61

    Chapter 7 System Status and Port Statistics GS2200-8/24 User’s Gui de 61 7.2 Port S t atus Summary T o view the port statistics, click Status in all web configurator screens to display the Status screen as shown next. Figure 38 Status (GS2200-24) Figure 39 Status (GS2200-24P) The following table describes the labels in this screen. T a ble 7 Stat[...]

  • Página 62

    Chapter 7 System Status and Port Statistics GS2200-8/24 User’s Gui de 62 Link This field displays the speed (either 100M for 100Mbps or 1000M for 1000Mbps) and t he duplex ( F for full duplex or H for half ). It also shows th e cable type ( Copper or Fiber ) for the combo ports. State If STP (Spanning T ree Protocol) is enabled, th is field displ[...]

  • Página 63

    Chapter 7 System Status and Port Statistics GS2200-8/24 User’s Gui de 63 7.2.1 St atus: Port Det ails Click a number in the Port column in the Status screen to display individual port statistics. Use this screen to check status and detailed performance data about an individual port on the Switch. Figure 40 Status > Port Details The following t[...]

  • Página 64

    Chapter 7 System Status and Port Statistics GS2200-8/24 User’s Gui de 64 Status If STP (Spanning T ree Protocol) is enabled, th is fi eld displays the STP s tate of the port (see Sectio n 13.1 on page 109 for more information). If STP is disabled, this field displays FORWARDING if the link is up, otherwi se, it displays STOP . LACP This field sho[...]

  • Página 65

    Chapter 7 System Status and Port Statistics GS2200-8/24 User’s Gui de 65 128-255 This field shows t he number of packets (inc ludin g bad packets) rece ived that were between 128 and 255 octets in length. 256-511 This field shows t he number of packets (inc ludin g bad packets) rece ived that were between 256 and 511 octets in length. 512-1023 Th[...]

  • Página 66

    GS2200-8/24 User’s Gui de 66 C HAPTER 8 Basic Setting 8.1 Overview This chapter describes how to configure the System Info , General Set up , Switch Setup , IP Setup , Port Setup , and PoE screens. 8.1.1 What Y ou Can Do •U s e t h e System Info screen ( Section 8.2 on page 67 ) to check the firmware version number . •U s e t h e General Setu[...]

  • Página 67

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 67 8.2 System Information In the navigation panel, click Basic Setting > System Info to display the screen as shown. Y ou can check the firmware v ersion number . Figure 41 Basic Setting > System Info The following table describes the labels in this screen. T a ble 9 Basic Setting > Syste[...]

  • Página 68

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 68 Fa n S p e e d (RPM) A properly function ing fan is an es sential co mpon ent (along with a sufficiently ven tilated, cool operating environment) in order for the device to stay within the temperature threshold. Each fan has a sensor that is capable of dete ctin g and reporting if th e fan spee[...]

  • Página 69

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 69 8.3 General Setup Use this screen to configure general settings such as the system name and time. Click Bas ic Setting > General Se tup in the navigation panel to display the screen as shown. Figure 42 Basic Setting > General Setup The following table describes the labels in this screen. [...]

  • Página 70

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 70 8.4 Introduction to VLANs A VLAN (Virtual Local Area Network) allows a ph ysic al network to be partitioned into multiple logical networks. Devices on a logical network belong to on e gr ou p. A d ev i ce ca n be lo ng t o m or e t ha n on e group. With VLAN, a device cannot directly talk to or[...]

  • Página 71

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 71 VLAN also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain. In traditional switched environments, all broadcast pack ets go to each and every individual port. With VLAN, all broadcasts are confined to a specific broadcast domain. Not[...]

  • Página 72

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 72 8.6 IP Setup Use the IP Setup screen to configure the Switch IP addres s, default gateway device, the default domain name server and the management VLAN ID. The default gateway specifies the IP address of the default gateway (next hop) for outgoing traffic. Join Timer Join Ti mer sets the du ra[...]

  • Página 73

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 73 8.6.1 Manage ment IP Addresses The Switch needs an IP address for it to be ma naged over the network. The factory default IP address is 192.168.1.1. The subnet mask specifies the network number portion of an IP address. The factory default subnet mask is 255.255.255.0. Y ou can configure up to [...]

  • Página 74

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 74 DHCP Client Select this option if y ou have a DHCP server that can as sign the Switch an IP address, subnet mask, a default gateway IP addres s and a domain name server IP address automatically . Static IP Address Select this optio n if yo u do n’t h ave a DHCP server or if you wi sh to assig[...]

  • Página 75

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 75 8.7 Port Setup Use this screen to configure Switch port settings. Click Basic Setting > Port Setup in the navigation panel to displa y the configur ation screen. Figure 45 Basic Setting > Port Setup The following table describes the labels in this screen. T a ble 13 Basic Setting > Por[...]

  • Página 76

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 76 8.8 PoE S t atus Note: The following screens are av aila ble for the GS2200-8HP or GS2200-24P model only . Some features are only available for the Ethernet port s (1 to 8 or 1 to 24). Speed/Duplex Select the spee d and the duplex mode of the Et hernet conn ection on this port. Choices are Auto[...]

  • Página 77

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 77 The GS2200-8HP supports the IEEE 802.3at High Power over Ethernet (P oE) standard and the GS2200-24P supports the IEEE 802.3 af PoE standard. A powered device (PD) is a device such as an a ccess point or a switch, that supports P oE (Power over Ethernet) so that it can receive power fr om anoth[...]

  • Página 78

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 78 T o vie w the current amount of power that PDs are receiving from the Switch, click Basic Setting > PoE . Figure 47 Basic Setting > PoE Status The following table describes the labels in this screen. T a ble 14 Basic Setting > PoE Status LABEL DESCRIPTION PoE St a t us PoE Mode This fi[...]

  • Página 79

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 79 8.8.1 PoE Setup Use this screen to set the priority levels for the Switch in distributing power to PDs. Class This shows the IEEE 802. 3af power classification of th e PD. This is a number from 0 to 4, where each v alu e repr esents a range of power (W) and power current (mA) th at the PD requi[...]

  • Página 80

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 80 Click the PoE Setup link in the Basic Setting > PoE Status screen. The following screen opens. Figure 48 Basic Setting > PoE > P oE Setup The following table describes the labels in this screen. T a ble 15 Basic Setting > PoE > PoE Setup LABEL DESCRIPTION PoE Mode Select the powe[...]

  • Página 81

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 81 Apply Click Apply to save your changes to the Switc h’s run-time memory . The Switch loses thes e changes if it is turned off or loses power , so use the Save link on the top navigati on panel to save your changes to the non-volatile memory when you are done co nfigu ring. Cancel C lick Cance[...]

  • Página 82

    Chapter 8 Basic Setting GS2200-8/24 User’s Gui de 82[...]

  • Página 83

    GS2200-8/24 User’s Gui de 83 C HAPTER 9 VLAN 9.1 Overview This chapter shows you how to configure 802.1Q ta gged and port-based VLANs. The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. 9.1.1 What Y ou Can Do •U s e t h e VLAN Status screen ( Section 9.2 on page 86 ) to view all VLAN groups. •U s[...]

  • Página 84

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 84 level is significant and the default VID of the ingre ss port is giv en as the VID of the fr ame. Of the 4096 possible VIDs, a VID of 0 is used to identify priority frames and value 4095 (FFF) is reserved, so the maximum possible VLAN configur ations are 4,094. Forwarding T agged and Unt agged Frames Ea[...]

  • Página 85

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 85 9.1.2.2 Port VLAN T runking Enable VLAN Trunking on a port to allow fr ames belonging to unknown VLAN groups to pass through that port. This is useful if you want to set up VLAN groups on end devices without ha ving to configure the same VLAN grou ps on intermediary devices. Refer to the following figur[...]

  • Página 86

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 86 St atic VLAN Use a static VLAN to decide whether an incoming fr ame on a port should be • sent to a VLAN grou p as normal depending on its VLAN tag. • sent to a group whether it has a VLAN tag or not. • blocked from a VLAN group regardless of its VLAN tag. Y ou can also tag all outgoing frames (th[...]

  • Página 87

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 87 9.2.1 VLAN Det ails Use this screen to view detailed port settings and status of the VLAN group . Click on an index number in the VLAN Status screen to display VLAN details. Figure 52 Advanced Application > VLAN > VLAN Detail The following table describes the labels in this screen. Status This fie[...]

  • Página 88

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 88 9.3 Configure a S t atic VLAN Use this screen to configure and view 802.1Q VLAN parameters for the S witch. T o configure a static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next. Figure 53 Advanced Ap plication > VLAN > Static VLAN The following table describ[...]

  • Página 89

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 89 * Settings in this row apply to all ports. Use this row only if y ou want to make so me settings t he same for all ports. Use this row first to set the common settings and then ma ke adjustments on a port -by-port basis. Note: Changes in this row are copied to a ll th e ports as soon as you make them. C[...]

  • Página 90

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 90 9.4 Configure VLAN Port Settings Use the VLAN Port Setting screen to configure the static VLAN (IEEE 802.1Q) settings on a port. Click the VLAN Port Setting link in the VLAN Status screen. Figure 54 Advanced Application > VLAN > VLAN Port Setting The following table describes the labels in this sc[...]

  • Página 91

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 91 9.5 Subnet Based VLANs Subnet based VLANs allow you to group traffic into logical VLANs based on the source IP subnet you specify . When a frame is received on a port, the S w itch checks if a tag is added already and the IP subnet it c ame from. The untagged pack ets from the same IP subn et are then p[...]

  • Página 92

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 92 untagged incoming frames will be classified based on their source IP subnet and prioritized accordingly . That is video services receiv e the highest priority and data the lowest. Figure 55 Subnet Based VLAN Application Example 9.5.1 Configuring Subnet Based VLAN Click Su bnet Based VLAN in the VLAN Por[...]

  • Página 93

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 93 Figure 56 Advanced Application > VLAN > VLAN Port Setting > Subnet Based VLAN The following table describes the labels in this screen. T a ble 21 Advanced Application > VL AN > VLAN Po rt Setting > Subnet Based VLAN Setup LABEL DESCRIPTION Active Check this box to activ ate this subnet[...]

  • Página 94

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 94 9.6 Protocol Based VLANs Protocol based VLANs allow you to grou p traffic into logical VLANs based on the protocol y ou specify . When an upstream frame is received on a port (configured for a protocol based VLAN), the Switch checks if a tag is added already and its protocol. The untagged packets of the[...]

  • Página 95

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 95 Note: Protocol-based VLAN applies to un-tagged packets and is applic able only when you use IEEE 802.1Q tagged VLAN. Note: Y ou can not enable protocol-based VL ANs on the Switch when the Guest VLAN feature is activa t ed on a port. Figure 58 Advanced Application > VLAN > VLAN Port Setting > Pr[...]

  • Página 96

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 96 9.7 Port-based VLAN Setup Port -based VLANs are VLANs where the packet forwar ding decision is based on the destination MAC address and its associated port. Port -based VLANs require allowed outgoing p orts to be defined for each port. Therefore, if you wish to allow two subscriber ports to talk to each[...]

  • Página 97

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 97 9.7.1 Configure a Port-based VLAN Select Port Based as the VLAN Ty pe in the Basic Setting > Switch Setup screen and then click Advanced Application > VLAN from the navigation panel to display the next screen. Figure 59 Port Based VLAN Setup (All Connected )[...]

  • Página 98

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 98 Figure 60 Port Based VLAN Setup (P ort Isolation)[...]

  • Página 99

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 99 The following table describes the labels in this screen. 9.8 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 9.8.1 Create an IP-based VLAN Example This example shows you how to create an IP VLAN which includes ports 1, 4 and 8. F ollo[...]

  • Página 100

    Chapter 9 VLAN GS2200-8/24 User’s Gui de 100 6 Leave the priority set to 0 an d click Add . Figure 61 Protocol Based VLAN Configuration Example T o add more ports to this protocol based VL AN. 1 Click the index number of the protocol based VLAN entry . Click 1 2 Change the value in the Port field to the next port you want to add. 3 Click Add .[...]

  • Página 101

    GS2200-8/24 User’s Gui de 101 C HAPTER 10 Static MAC Forward Setup 10.1 Overview This chapter discusses how to configure forwarding rules based on MAC addresses of devices on your net wor k. Use these screens to configure static MAC address forwarding. 10.1.1 What Y ou Can Do Use the Static MAC Forwarding screen ( Section 10.2 on pag e 101 ) to a[...]

  • Página 102

    Chapter 10 Static MAC Forward Setup GS2200-8/24 User’s Gui de 102 The following table describes the labels in this screen. T a ble 24 Advanced Application > Static MAC Forwarding LABEL DESCRIPTION Active Select this check bo x to activ ate your rule. Y ou may te mporarily deactivat e a rule with out deleting it by cleari ng this check box. Nam[...]

  • Página 103

    GS2200-8/24 User’s Gui de 103 C HAPTER 11 Static Multicast Forward Setup 1 1.1 Overview This chapter discusses how to configure forwarding rules based on multicast MAC addresses of devices on your network. Use these screens to configure static multicast address forwarding. 1 1.1.1 What Y o u Can Do Use the Static Multic ast Forward Setup screen ([...]

  • Página 104

    Chapter 11 Static Multicast Forward Setup GS2200-8/24 User’s Gui de 104 within a VLAN group. Figure 64 shows frames being fo rwarded to devices connected to po rt 3. Figure 65 shows fr ames being forwarded to ports 2 and 3 within VLAN group 4. Figure 63 No Static Multicast Forw arding Figure 64 Static Multicast Forwarding to A Single P ort Figure[...]

  • Página 105

    Chapter 11 Static Multicast Forward Setup GS2200-8/24 User’s Gui de 105 Click Advanced Application > Static Multicast Forwarding to display the configuration screen as shown. Figure 66 Advanced Application > Static Multicast F orwarding The following table describes the labels in this screen. T a ble 25 Advanced Application > Static Mult[...]

  • Página 106

    Chapter 11 Static Multicast Forward Setup GS2200-8/24 User’s Gui de 106 Port This field displays the port(s ) within a identified VLAN group to whi ch fr ames c ontaining the specified mult icast MAC a ddress will be forwarded. Delete Click Delete to r emove the selected entry from the summary table. Cancel Click Canc el to clear the Delete chec [...]

  • Página 107

    GS2200-8/24 User’s Gui de 107 C HAPTER 12 Filtering 12.1 Overview This chapter discusses MAC address port filtering. Filtering means sifting traffic going through the Switch based on the source and/or destination MAC addresses and VLAN group (ID). 12.1.1 What Y ou Can Do Use the Filtering screen ( Section 12.2 on page 107 ) to create rules for tr[...]

  • Página 108

    Chapter 12 Filtering GS2200-8/24 User’s Gui de 108 The following table describes the related labels in this screen. T a ble 26 Advanced Application > Filtering LABEL DESCRIPTION Active Make sure to select this check box to activate y our rule. Y ou m ay temporaril y deactivate a rul e without deleti ng i t by dese lecting this c heck box. Name[...]

  • Página 109

    GS2200-8/24 User’s Gui de 109 C HAPTER 13 Spanning Tree Protocol 13.1 Overview The Switch supports Spanning T ree Protocol (S TP), Rapid Spanning T ree Protocol (RSTP) and Multiple Spanning T ree Protocol (MSTP) as defined in the following standards. • IEEE 802.1D Spanning T ree Protocol • IEEE 802.1w Rapid Spanning T ree Protocol • IEEE 80[...]

  • Página 110

    Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 11 0 (Rapid) Sp anning T r ee Protocol (R)STP detects and breaks netw ork loops and pro v ides backup links between switches, bridges or routers. It allows a switch to interact with othe r (R)STP -compliant switches in your network to ensure that only one path exists between any two sta[...]

  • Página 111

    Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 111 predefined interval (Max Age), the bridge assumes that the link to the root bridge is down. This bridge then initiates negotiations with other br idges to reconfigure the network to re-establish a valid network topology . STP Port S tates STP assigns five port states to eliminate pa[...]

  • Página 112

    Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 11 2 Multiple STP Multiple Spanning T ree Protocol (IEEE 802.1s ) is backward compatible with STP/RSTP and addresses the limitations of existing spanning tree protocols (STP and RSTP) in networks to include the following features: • One Common and Internal Spanning T ree (CIST) that r[...]

  • Página 113

    Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 11 3 13.3 S p anning T ree Configuration Use the Spanning Tree Configuration screen to activate one of the STP modes on th e Switch. Click Configuration in the Advanced Application > Spanning Tree Protocol . Figure 70 Advanced Application > Spanning T ree Protocol > Configurati[...]

  • Página 114

    Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 11 4 13.4 Configure Rapid S p anning T ree Protocol Use this screen to configure RSTP settings, see (R apid) Spanning T ree Protocol on page 110 for more information on RSTP . Click RSTP in the Advanced Application > Spanning Tree Protocol screen. Figure 71 Advanced Application > [...]

  • Página 115

    Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 11 5 13.5 Rapid S p anning T ree Protocol S t atus Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 13.1 on page 109 for more information on RSTP . Hello Time This is the time interval i n seco nds bet[...]

  • Página 116

    Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 11 6 Note: This screen is only av ailable after you activ ate RSTP on the Switch. Figure 72 Advanced Application > Spanning T ree Protocol > Status: RSTP The following table describes the labels in this screen. T a ble 31 Advanced Application > Spanning T ree Protocol > Stat[...]

  • Página 117

    Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 11 7 13.6 Configure Multiple Ra pid S p anning T ree Protocol T o configure MRSTP , click MRSTP in the Advanced Application > Spanning Tree Protocol screen. See Multiple RSTP on page 111 for more information on MRSTP . Figure 73 Advanced Application > Spanning T ree Protocol > [...]

  • Página 118

    Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 11 8 13.7 Multiple Rapid S p anning T r ee Protocol St atus Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 13.1 on page 109 for more information on MRSTP . Hello Time Th is is the time inte rval in s[...]

  • Página 119

    Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 11 9 Note: This screen is only av ailable after you activ ate MRSTP on the Swit ch. Figure 74 Advanced Application > Spanning T ree Protocol > Status: MRSTP The following table describes the labels in this screen. T a ble 33 Advanced Application > Spanning T ree Protocol > S[...]

  • Página 120

    Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 120 13.8 Configure Multiple S p anning T ree Protocol T o configure MSTP , click MSTP in the Advanced Applicat ion > Spanning Tree Proto col screen. See Multiple STP on page 112 for more information on MSTP . Figure 75 Advanced Application > Spanning T ree Protocol > MSTP[...]

  • Página 121

    Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 121 The following table describes the labels in this screen. T a ble 34 Advanced Application > Spanning T ree Protocol > MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen (see Figure 77 on page 124 ). Port Cli c k Port to displa y the MSTP Port Configura[...]

  • Página 122

    Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 122 VLAN Range Enter the st art of the VLAN ID r ange that you want to add or remove from the VLAN range edit area i n the Start field. Enter the end of the VL AN ID ran ge that yo u want to add or remove from the VLAN r ange edit area in the End field. Next click: • Add - to add this[...]

  • Página 123

    Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 123 13.8.1 Multiple S p anning T ree Protocol Port Configuration T o configure MSTP ports, click Port in the Adva nced Application > Spanning Tree Protocol > MSTP screen. Figure 76 Advanced Application > Spanning T ree Protocol > MSTP > P ort The following table describes[...]

  • Página 124

    Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 124 Note: This screen is only av ailable after you activ ate MSTP on the Switch. Figure 77 Advanced Application > Spanning T ree Protocol > Status: MSTP The following table describes the labels in this screen. T a ble 36 Advanced Application > Spanning T ree Protocol > Statu[...]

  • Página 125

    Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 125 13.10 T echnical Reference This section provides technical background information on the topics discussed in this chapter . Port ID This is the priority and number of the po rt on the Switch through which this Sw itch must communicate with the root of th e Span ning T r ee. Configur[...]

  • Página 126

    Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 126 13.10.1 MSTP Network Example The following figure shows a network example where two VLANs are configured on the two switches. If the switches are using STP or RSTP , th e link for VLAN 2 will be blocked as STP and RSTP allow only one link in the networ k and block the redundant link[...]

  • Página 127

    Chapter 13 Spanning T ree Protocol GS2200-8/24 User’s Gui de 127 Devices that belong to the same MST region are configu red to have the same MSTP configur ation identification settings. These include the following parameters: • Name of the MST region • Revision level as the unique number for the MST region • VLAN-to-MST Instance mapping 13.[...]

  • Página 128

    Chapter 13 Spanning Tr ee Protocol GS2200-8/24 User’s Gui de 128 that runs between MST regions and single spanning tree devices. A network ma y contain multiple MST regions and other network segments running RSTP . Figure 81 MSTP and Legacy RSTP Network Example[...]

  • Página 129

    GS2200-8/24 User’s Gui de 129 C HAPTER 14 Bandwidth Control 14.1 Overview This chapter shows you how y ou can cap the maximu m bandwidth using the Bandwidth Control screen. Bandwidth control means de fining a maximum allowab le bandwidth for o ut-going tr affic flows on a port. 14.1.1 What Y ou Can Do Use the Band w id th Contr ol scre en ( Secti[...]

  • Página 130

    Chapter 14 Bandwidth Control GS2200-8/24 User’s Gui de 130 14.2 Bandwid th Control Setup Click Advanced Application > Bandwidth Control in the navigation panel to bring up the screen as shown next. Figure 82 Advanced Application > Bandwidth Control The following table describes the related labels in this screen. T a ble 37 Advanced Applicat[...]

  • Página 131

    Chapter 14 Bandwidth Control GS2200-8/24 User’s Gui de 131 Apply Click Apply to save your changes to the Switch’ s run-time memory . The Switch lose s these changes if it is tu rned off or loses po wer , so use the Save link on the top na vigation panel t o sav e your changes to the no n -volatile me mory when you are done configuring. Cancel C[...]

  • Página 132

    GS2200-8/24 User’s Gui de 132 C HAPTER 15 Broadcast Storm Control 15.1 Overview This chapter introduces and shows you how to configure the broadcast storm control feature. Broadcast storm control limits the number of broadc ast, multicast and destination lookup failure (DLF) packets the Switch receives per second on the ports. When the maximum nu[...]

  • Página 133

    Chapter 15 Broadcast Storm Control GS2200-8/24 User’s Gui de 133 15.2 Broadcast S torm Control Setup Click Advanced Application > Broadcast Storm Control i n the navigation panel to display the screen as shown next. Figure 83 Advanced Application > Broadcast Storm Control The following table describes the labels in this screen. T a ble 38 A[...]

  • Página 134

    GS2200-8/24 User’s Gui de 134 C HAPTER 16 Mirroring 16.1 Overview This chapter discusses port mirroring setup screens. Po rt mirroring allows you to copy a tr affic flow to a monitor port (the port y ou copy the tr affic to) in order that you can examine the tr affic from the monitor port without interference. 16.1.1 What Y ou Can Do Use the Mirr[...]

  • Página 135

    Chapter 16 Mirroring GS2200-8/24 User’s Gui de 135 16.2 Port Mirroring Setup Click Ad vanced Applicatio n > Mirroring in the navigation panel to display the Mirroring screen. Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port. Figure 84 Advanced Application > Mirroring The following table [...]

  • Página 136

    Chapter 16 Mirroring GS2200-8/24 User’s Gui de 136 Apply C lick Apply to save y our changes to the Switch’ s run-time me mory . The Switch loses th ese changes if it is turned off or loses power , so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done c o nfiguring. Cancel Click Cancel[...]

  • Página 137

    GS2200-8/24 User’s Gui de 137 C HAPTER 17 Link Aggregation 17.1 Overview This chapter shows you how to logically aggregate ph ysical links to form one logical, higher- bandwidth link. Link aggregation (trunking) is the groupin g of ph ysical ports into one logical higher -capacity link. Y ou may want to trunk ports if for example, it is cheaper t[...]

  • Página 138

    Chapter 17 Link Aggregation GS2200-8/24 User’s Gui de 138 is, if an operational port fails, then one of th e “standby” ports become oper ational without user intervention. Please note that: • Y ou must connect all ports point -to-point to the same Ethernet switch and configure the ports for LACP trunking. • LACP only works on full-duplex [...]

  • Página 139

    Chapter 17 Link Aggrega tion GS2200-8/24 User’s Gui de 139 The following table describes the labels in this screen. T a ble 42 Advanced Application > Link Aggregation Status LABEL DESCRIPTION Group ID This field displays the grou p ID to identify a trunk group, th at is, one logical link containing multiple ports. Enabled Ports These are the p[...]

  • Página 140

    Chapter 17 Link Aggregation GS2200-8/24 User’s Gui de 140 17.3 Link Aggregation Setting Click Advanced Application > Link Aggregation > Link Aggregation Setting to display the screen shown next. See Section 17.1 on page 137 for more information on link aggregation. Figure 86 Advanced Application > Link Aggreg ation > Link Aggregation [...]

  • Página 141

    Chapter 17 Link Aggrega tion GS2200-8/24 User’s Gui de 141 Criteria Se lect the outgoi ng t raffic distribution type. P ackets fr om the same source and/or t o the same destination are sent ov er the same lin k within the tru nk. By default, the Swit ch uses the src-dst-mac distribution type. If the Swi tc h is behi nd a rout er , the pack et’s[...]

  • Página 142

    Chapter 17 Link Aggregation GS2200-8/24 User’s Gui de 142 17.4 Link Aggregation Control Protocol Click Advanced Application > Link Aggregation > Link Aggregation Setting > LACP to display the screen shown next. See Dynamic Link Aggregation on page 137 for more information on dynamic link aggregation. Figure 87 Advanced Application > L[...]

  • Página 143

    Chapter 17 Link Aggrega tion GS2200-8/24 User’s Gui de 143 17.5 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 17.5.1 S t atic T runking Example This example shows you how to create a static port trunk group for ports 2-5. System Pri orit y LACP system priorit y is a number be[...]

  • Página 144

    Chapter 17 Link Aggregation GS2200-8/24 User’s Gui de 144 1 Make your physical connections - make sure that the ports that y ou want to belong to the trunk group are connected to the same destination. The following figure shows ports 2-5 on switch A connected to switch B . Figure 88 T runking Example - Physical Connections 2 Configure static trun[...]

  • Página 145

    GS2200-8/24 User’s Gui de 145 C HAPTER 18 Port Authentication 18.1 Overview This chapter describes the IEEE 802.1x authentication method. Port authentication is a way to v alidate access to po rts on the Switch to clients based on an external server (authentication server). The Switch supports the following method for port authentication: • IEE[...]

  • Página 146

    Chapter 18 Port Authen tication GS2200-8/24 User’s Gui de 146 authentication request to a RADI US server . The RADIUS server validates whether this client is allowed access to the port. Figure 90 IEEE 802.1x Authentication Process 18.2 Port Authentication Configuration T o enable port authentication, first activate the po rt authentication method[...]

  • Página 147

    Chapter 18 Port Authenticati on GS2200-8/24 User’s Gui de 147 18.3 Activate IEEE 802.1x Security Use this screen to activate IEEE 802.1x securit y . In the Port Au thentic ation screen click 802 .1x to display the configur ation screen as shown. Figure 92 Advanced Application > P ort Authe ntication > 802.1x The following table describes th[...]

  • Página 148

    Chapter 18 Port Authen tication GS2200-8/24 User’s Gui de 148 18.3.1 Guest VLAN When 802.1x port authentication is enabled on the Switch and its ports, clients that do not have the correct credentials are blocked from using the port(s). Y ou can configure your S witch to have one VLAN that acts as a guest VLAN. If you enable the guest VLAN ( 102 [...]

  • Página 149

    Chapter 18 Port Authenticati on GS2200-8/24 User’s Gui de 149 Figure 94 Advanced Application > P ort Authe ntication > 802.1x > Guest VLAN The following table describes the labels in this screen. T a ble 46 Advanced Application > Port Authentication > 802.1 x > Guest VLAN LABEL DESCRIPTION Port This field displays a port number [...]

  • Página 150

    Chapter 18 Port Authen tication GS2200-8/24 User’s Gui de 150 Multi-Secure Num If you set Host-mode to Multi-Secure , s pecify the maximu m number of users (be tween 1 and 9) that the S witch will authenticate on this port . Apply Click Apply to sa ve yo ur changes to the Switch’ s run- time memory . The Sw itch loses th ese changes if it is tu[...]

  • Página 151

    GS2200-8/24 User’s Gui de 151 C HAPTER 19 Port Security 19.1 Overview This chapter shows you how to set up port security . Po rt security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the S witch. The Switch can learn up to 16K MAC addresses in total with no limit on in[...]

  • Página 152

    Chapter 19 Port Security GS2200-8/24 User’s Gui de 152 19.2 Port Security Setup Click Advanced Application > Port Security in the navigation panel to display the screen as shown. Figure 95 Advanced Application > P o rt Security The following table describes the labels in this screen. T a ble 47 Advanced Application > Port Security LABEL [...]

  • Página 153

    Chapter 19 Port Security GS2200-8/24 User’s Gui de 153 Active Select this che ck bo x to en abl e the p ort se curit y feature on this po rt. The S witch forw ards packets whose MAC addres s(es) is in the MAC address table on this port. P ackets with no matching MAC address(es) are dropped. Clear this check box to disable the port securi ty featu[...]

  • Página 154

    GS2200-8/24 User’s Gui de 154 C HAPTER 20 Classifier 20.1 Overview This chapter introduces and shows you how to config ure the packet classifie r on the Switch. It also discusses Quality of Service (QoS) and classifier concepts as employ ed by the Switch. 20.1.1 What Y ou Can Do Use the Classifier scree n ( Section 20.2 on page 154 ) to define th[...]

  • Página 155

    Chapter 20 Classifier GS2200-8/24 User’s Gui de 155 Click Advanced Application > Classifier in the navigation panel to displa y the configuration screen as shown. Figure 96 Advanced Application > Classifier The following table describes the labels in this screen. T a ble 48 Advanced Application > Classifier LABEL DESCRIPTION Active Selec[...]

  • Página 156

    Chapter 20 Classifier GS2200-8/24 User’s Gui de 156 20.2.1 V iewing and Editin g Classifier Configuration T o vie w a summary of the classifier configuration, scroll down to the summary table at the bottom of the Classifier screen. T o change the settings of a rule, click a number in the Index field. Destinat ion MAC Address Select Any to apply t[...]

  • Página 157

    Chapter 20 Classifier GS2200-8/24 User’s Gui de 157 Note: When two rules confl ict wi th each other , a higher layer rule has priorit y over lower layer rule. Figure 97 Advanced Application > Classifier: Summary T able The following table describes the labels in this screen. The following table shows some other common Ethernet types and the co[...]

  • Página 158

    Chapter 20 Classifier GS2200-8/24 User’s Gui de 158 Some of the most common T CP and UDP port n umbers are: See Appendix B on page 317 for information on commonly used port numbers. 20.3 Classifier Example The following screen shows an example where you conf igure a classifier that identifies all tr affic from MAC address 00:50:ba:ad:4f: 81 on po[...]

  • Página 159

    Chapter 20 Classifier GS2200-8/24 User’s Gui de 159 After you hav e configured a classifier , you can configure a policy (in the Policy screen) to define action(s) on the classified traffic f low . Figure 98 Classifier: E xample[...]

  • Página 160

    GS2200-8/24 User’s Gui de 160 C HAPTER 21 Policy Rule 21.1 Policy Rules Overview This chapter shows you how to configure policy rules. A classifier distinguishes traffic into flows based on the con figured criteria (refer to Chapter 20 on page 154 for more information). A policy rule ensure s that a traffic flow gets the requested treatment in th[...]

  • Página 161

    Chapter 21 Policy Rule GS2200-8/24 User’s Gui de 161 Click Advanced Applications > Policy Rule in the navigation panel to display the screen as shown. Figure 99 Advanced Application > P olicy Rule The following table describes the labels in this screen. T a ble 53 Advanced Application > Policy Rule LABEL DESCRIPTION Active Select this op[...]

  • Página 162

    Chapter 21 Policy Rule GS2200-8/24 User’s Gui de 162 Rate Limit Y ou can configure the desired bandwidth available to a traffic flow. T raffic that exceeds the maximum bandwidth alloc ated (in cases whe re the network is congested) is dropped. Bandwidth Specify the ba ndwidth in kilobit per second (K bps). Enter a number between 64 and 1000000. A[...]

  • Página 163

    Chapter 21 Policy Rule GS2200-8/24 User’s Gui de 163 21.2.1 V iewing and Edit ing Policy Configuration T o vie w a summary of the classifier configuration, scroll down to the summary table at the bottom of the Policy screen. T o change the settings of a rule, click a number in the Ind ex field. Figure 100 Advanced Application > P olicy Rule: S[...]

  • Página 164

    Chapter 21 Policy Rule GS2200-8/24 User’s Gui de 164 21.3 Policy Example The figure below shows an example Policy screen where you configure a policy to limit bandwidth on a traffic flow classified using the Example classifier (refer to Section 20.3 on page 158 ). Figure 101 Policy Example[...]

  • Página 165

    GS2200-8/24 User’s Gui de 165 C HAPTER 22 Queuing Method 22.1 Overview This chapter introduces the queuing methods supported. Queuing is used to help solve performance degr ad ation when t here is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic. See also Priority Queue Assignment in Switch Se[...]

  • Página 166

    Chapter 22 Queuing Method GS2200-8/24 User’s Gui de 166 an equal amount of bandwidth, and then mov es to the end of the list; and so on, depending on the number of queues being used. This works in a looping fashion until a queue is empty . W eighted Round R obin Scheduling (WRR) uses the same algorithm as round robin scheduling, but services queu[...]

  • Página 167

    Chapter 22 Queuing Meth od GS2200-8/24 User’s Gui de 167 The following table describes the labels in this screen. T a ble 54 Advanced Application > Queuing Method LABEL DESCRIPTION Port T his label show s the port you are con figuring. * Settings in this row apply to all ports. Use this row only if you wa nt to make some settin gs th e same fo[...]

  • Página 168

    GS2200-8/24 User’s Gui de 168 C HAPTER 23 Multicast 23.1 Overview This chapter shows you how to configure v arious multicast features. T raditionally , I P packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to ev erybody on the networ k). Multicast delivers IP pack e ts to just a group of [...]

  • Página 169

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 169 through it, picks out the group registration inform ation, and configures multicasting accordingly . IGMP snooping allows the Switch to learn multicast groups without you having to manually configure them . The Switch forw ards multicast tr affic destined for multicast groups (that it has learned[...]

  • Página 170

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 170 MVR Modes Y ou can set your S witch to operate in either dynamic or compatible mode. In dynamic mode, the Switch sends IGMP leave an d join reports to the other multicast devices (such as multicast routers or servers) in the multicast VLAN. This allows the multicast devices to update the multicas[...]

  • Página 171

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 171 The following table describes the labels in this screen. 23.3 Multicast Setting Click Advanced Applications > Multicast > Multicast Setting link to display the screen as shown. See Section 23.1 on pag e 168 for more information on multicasting. Figure 106 Advanced Application > Multicast[...]

  • Página 172

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 172 The following table describes the labels in this screen. T a ble 56 Advanced Application > Multicast > Multicast Setting LABEL DESCRIPTION IGMP Snooping Use these settings to c onfigure IGM P Snooping. Active Select Activ e to enable IGMP Snooping to forw ard gr oup multicast tr affic only [...]

  • Página 173

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 173 Max Group Num. Enter the number (0-255) of mult icast grou ps this port i s allowed to join. Once a port is registered in the spe cified number of multicas t groups, any new IGMP j oin report frame(s) is dropped on this port. Throttling IGMP throttling controls how the Swit ch deals with the IGMP[...]

  • Página 174

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 174 23.4 IGMP Snooping VLAN Click Advanced Applications > Multicast in the navigation panel. Click the Multicast Setting link and then the IGMP Snooping VLAN link to display the screen as shown. See IGMP Snooping and VLANs on page 169 for more information on IGMP Snooping VLAN. Figure 107 Advanced[...]

  • Página 175

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 175 23.5 IGMP Filtering Profile An IGMP filtering profile specifie s a range of multicast groups that clients connected to the S witch are able to join. A profile contains a r ange of mu ltica st IP addresses which you want clients to be able to join. Profiles are assigned to ports (in the Multicast [...]

  • Página 176

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 176 23.6 The MVR Screen Use the MVR screen to create multicast VLANs and select the receiver port(s) and a source port for each multicast VLAN. Click Advanced Applications > Multicast > Multicast Setting > MVR link to display the screen as shown next. Note: Y ou can create up to three multic[...]

  • Página 177

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 177 Note: Y our Switch automatically creates a st atic VLAN (with the same VID) when you create a multicast VLAN in this screen. Figure 109 Advanced Application > Multic ast > Multicast Setting > MVR The following table describes the related labels in this screen. T a ble 59 Advanced Applica[...]

  • Página 178

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 178 23.6.1 MVR Group Configuration All source ports and receiver ports belonging to a multicast group can receive multicast data sent to this multicast group. Configure MVR IP multicast group address(es) in the Group Configuration screen. Click Group Configuration in the MVR screen. Note: A port can [...]

  • Página 179

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 179 The following table describes the labels in this screen. 23.6.2 MVR Conf iguration Example The following fig ure shows a network example where ports 1, 2 and 3 on the Sw itch belong to VLAN 1. In addition, port 7 belongs to the multicast group with VID 200 to receiv e multicast traffic (th e News[...]

  • Página 180

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 180 T o configure the MVR settings on the Switch, create a multicast group in the MVR screen and set the receiver and source ports. Figure 1 12 MVR Configuration Example[...]

  • Página 181

    Chapter 23 Multicast GS2200-8/24 User’s Gui de 181 T o set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an exam ple where two multicast groups ( News and Movie ) are configured for the multicast VLAN 200. Figure 1 13 MVR Group[...]

  • Página 182

    GS2200-8/24 User’s Gui de 182 C HAPTER 24 AAA 24.1 Overview This chapter describes how to configure authenti cation and authorization settings on the Switch. The external servers that perform authen tication and authorization functions are known as AAA servers. The Switch supports RADIUS (R emote Authentication Dial- In User Service, see Section [...]

  • Página 183

    Chapter 24 AAA GS2200-8/24 User’s Gui de 183 Local User Account s By storing user profiles locally on the Switch, your Switch is able to authenticate and authoriz e users without interacting with a network AAA serv er . However , there is a limit on the number of users you may authenticate in this way (See C hapter 34 on page 255 ). RADIUS and T [...]

  • Página 184

    Chapter 24 AAA GS2200-8/24 User’s Gui de 184 the authentication features on the S witch. Click on the RADIUS Se rver Setup link in the AAA screen to view the screen as shown. Figure 1 17 Advanced Application > AAA > RADIUS Server Setup The following table describes the labels in this screen. T a ble 62 Advanced Application > AAA > RAD[...]

  • Página 185

    Chapter 24 AAA GS2200-8/24 User’s Gui de 185 Shared Secret Specify a password (up to 32 alphanumer ic characters) as the k e y to be shared between the external RADIU S server and the S witch. This k ey is not sent o ver the network. This key must be the same on the external RADIUS serve r and the Switc h. Delete Check this box if you want to rem[...]

  • Página 186

    Chapter 24 AAA GS2200-8/24 User’s Gui de 186 24.4 T ACACS+ Server Setup Use this screen to configure your T ACACS+ server settings. See Section on page 183 for more information on T ACACS+ servers. Click on the TACACS+ Server Setup link in the AAA screen to view the screen as shown. Figure 1 18 Advanced Application > AAA > T ACACS+ Server S[...]

  • Página 187

    Chapter 24 AAA GS2200-8/24 User’s Gui de 187 TCP P ort Th e default port of a T ACA CS+ server for authentication is 49 . Y ou need not change this value unless your network administ rator instruct s you to do so. Shared Secret Specify a password (up to 32 alphanum eric char acters) as the k ey to be shared between the external T ACACS+ server an[...]

  • Página 188

    Chapter 24 AAA GS2200-8/24 User’s Gui de 188 24.5 AAA Setup Use this screen to configure authentication and authorization settings on the Sw itch. Click on the AAA Setup link in the AAA scre en to view the screen as shown. Figure 1 19 Advanced Application > AAA > AAA Setup The following table describes the labels in this screen. T a ble 64 [...]

  • Página 189

    Chapter 24 AAA GS2200-8/24 User’s Gui de 189 Login These fields specif y which database the S witch should use (first, secon d and third) to authenticat e administrator accounts (users for Switch management). Configure t he local user acco unts in th e Access Control > Logins screen. The T ACACS + and RADIUS are external servers. Before you sp[...]

  • Página 190

    Chapter 24 AAA GS2200-8/24 User’s Gui de 190 24.6 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 24.6.1 V endor Specific Attribute RFC 2865 standard specifies a method for sending vendor-specific information between a RADIUS server and a network access device (for exampl e, th[...]

  • Página 191

    Chapter 24 AAA GS2200-8/24 User’s Gui de 191 The following table describes the VS As supported on the Switch. 24.6.1.1 T unnel Pr otocol Attribute Y ou can configure tunnel protocol attributes on th e RADIUS server (refer to your RADIUS server documentation) to assign a port on the Switch to a VLAN based on IEEE 802.1x authentication. The port VL[...]

  • Página 192

    Chapter 24 AAA GS2200-8/24 User’s Gui de 192 24.6.3 Attributes Used for Authentication The following sections list the attributes sent from the Switch to the RADIUS serv er when performing authentication. 24.6.3.1 Attributes Used for Authenticating Privilege Access User-Name - The format of the User-Name attribute is $enab # $ , where # is the pr[...]

  • Página 193

    GS2200-8/24 User’s Gui de 193 C HAPTER 25 IP Source Guard 25.1 Overview Use IP source guard to filter unauthoriz ed DHCP and ARP packets in your network. IP source guard uses a binding table to distinguish between authorized and unauthorized DHCP and ARP packets in y our network. A binding contains these key attributes: •M A C a d d r e s s •[...]

  • Página 194

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 194 •U s e t h e ARP Inspection Port Configure screen ( Section 25.9.1 on page 208 ) to specify whether ports are trusted or untrusted ports for ARP inspecti on. •U s e t h e ARP Inspection VLAN Configure screen ( Section 25.9.2 on pa ge 210 ) to enable ARP inspection on each VLAN and to sp[...]

  • Página 195

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 195 25.3 IP Source Guard S t atic Binding Use this screen to manage static bindings for DHCP snooping and ARP inspection. Static bindings are uniquely identified by the MAC address and VLAN ID. Each MAC address and VLAN ID can only be in one static binding. If you try to create a static binding[...]

  • Página 196

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 196 The following table describes the labels in this screen. 25.4 DHCP Snooping Use this screen to look at various statistics abou t the DHCP snooping database. T o open this screen, click Advanced Application > IP So urce Guard > DHCP Snooping . T a ble 68 IP Source Guard Static Binding [...]

  • Página 197

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 197 Figure 122 DHCP Snooping The following table describes the labels in this screen. T a ble 69 DHCP Snooping LABEL DESCRIPTION Database Status This section displays the c urren t settings for the DHCP snooping database. Y ou can configure them in the DHCP Snooping Configure screen. See Sectio[...]

  • Página 198

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 198 Agent runnin g This field di splays the status of th e current update or acce ss of the DHCP snooping database. none : The Switch is not accessin g the DHCP snooping database. read : The Switch is loading dynamic bindings from the DHCP snooping database. write : The Switch is updating the D[...]

  • Página 199

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 199 25.5 DHCP Snooping Configure Use this screen to enable DHCP snooping on the Sw itch (not on specific VLAN), s pecify the VLA N where the defau lt DH CP server is lo ca ted , and configure the DHCP snooping database. The DHCP snooping database stores the current bindings on a secure, externa[...]

  • Página 200

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 200 still av ailable after a restart. T o open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure . Figure 123 DHCP Snooping Configure The following table describes the labels in this screen. T a ble 70 DHCP Snooping Configure LABEL DESCRIPTION Active[...]

  • Página 201

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 201 25.5.1 DHCP Snooping Port Configure Use this screen to specify whether ports are tr usted or untrusted ports for DHCP snooping. Note: If DHCP snooping is enabl ed but there are no t rusted ports, DHCP requests cannot reach the DHCP server . Timeout interv al Enter how long (10-65535 s econd[...]

  • Página 202

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 202 Y ou can also specify the maximum number for DHCP pack ets that each port (trus ted or untrusted) can receive each second. T o open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > Port . Figure 124 DHCP Snooping Po rt Configure The followi[...]

  • Página 203

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 203 25.5.2 DHCP Snooping VLAN Configure Use this screen to enable DHCP snooping on each VLAN and to specify whether or not the Sw itch adds DHCP relay agent option 82 information ( Chapter 32 on page 244 ) to DHCP requests that the Sw i tc h r e l ay s t o a D H C P s e r ve r f o r e a c h V L[...]

  • Página 204

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 204 25.6 ARP Inspection S t atus Use this screen to look at the current list of MAC address filters that were created because the Switch identified an unautho rized ARP packet. Wh en the S witch identi fies an unauthori zed ARP packet, it automatically creates a MAC address filt er to block tra[...]

  • Página 205

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 205 25.7 ARP Inspection VLAN S t atus Use this screen to look at various statistics about ARP packets in each VLAN. T o open this screen, click Advanced Applicati on > IP Source Gu ard > ARP In s p ect ion > VLAN Status . Figure 127 ARP Inspection VLAN Status The following table descri[...]

  • Página 206

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 206 25.8 ARP Inspection Log S t atus Use this screen to look at log messages that were gener ated by ARP packets and that h ave not been sent to the syslog server yet. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Log Status . Figure 128 ARP Insp[...]

  • Página 207

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 207 25.9 ARP Inspection Configure Use this screen to enable ARP inspection on the Sw itch. Y ou can also configure the length of time the Switch stores records of discarded ARP pack ets and global settings for the ARP inspection log. T o open this screen, click Advanced Applica tion > IP Sou[...]

  • Página 208

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 208 The following table describes the labels in this screen. 25.9.1 ARP Inspection Port Configure Use this screen to specify whether ports are trusted or untrusted ports for ARP inspection. Y ou can also specify the maximum rate at which the Switch receives ARP packets on each untrusted port. T[...]

  • Página 209

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 209 open this screen, click Advanced Application > IP Sour ce Guard > ARP Inspection > Configure > Port . Figure 130 ARP Inspection Port Con figure The following table describes the labels in this screen. T a ble 77 ARP Inspection Port Configure LABEL DESCRIPTION Port This field dis[...]

  • Página 210

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 210 25.9.2 ARP Inspection VLAN Configure Use this screen to enable ARP inspection on each VLAN and to specify when the Switch generates log messages for receiving ARP packets from each VLAN. T o open this screen, click Advanced Application > IP Source G uard > ARP Inspection > Configur[...]

  • Página 211

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 21 1 25.10 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 25.10.1 DHCP Snooping Overv iew Use DHCP snooping to filter un au thorized DHCP packets on the ne twork and to build the binding table dynamically . This can prevent [...]

  • Página 212

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 212 25.10.1.2 DHCP Snooping Dat aba se The Switch stores the binding table in volatile memor y . If the Switch restarts, it loads static bindings from permanent memory but loses the dynamic bindings, in which case the devi ces in the network have to send DHCP reques ts again. As a result, it is[...]

  • Página 213

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 213 25.10.1.4 Configuring DHCP Snooping Follow th ese steps to configure DHCP snooping on the Switch. 1 Enable DHCP snooping on the Switch. 2 Enable DHCP snooping on each VLAN, and configure DHCP relay option 82. 3 Configure trusted and untrusted ports, and specify th e maximum number of DHCP p[...]

  • Página 214

    Chapter 25 IP Source Guard GS2200-8/24 User’s Gui de 214 25.10.2.2 T ru sted vs. Untrusted Ports Every port is either a trusted port or an untrusted port for ARP inspection. This setting is independent of the trusted/untrusted setting for DHCP snooping. Y ou can al so spec ify the maximum rate at which the S witch receives ARP packets on untruste[...]

  • Página 215

    GS2200-8/24 User’s Gui de 215 C HAPTER 26 Loop Guard 26.1 Overview This chapter shows you how to configure the Switch to guard against loops on th e edge of your network. Loop guard allows you to configure the Switch to shut down a port if it detects that packets sent out on that port loop back to the Switch. While y ou can use Spanning T ree Pro[...]

  • Página 216

    Chapter 26 Loop Guard GS2200-8/24 User’s Gui de 216 • It will receive broadcast messages sent out from the switch in loop state. • It will receive its own broadcast messages that it sends out as they loop back. It will then re- broadcast those messages again. The following figure shows port N on switch A connected to switch B . S witch B is i[...]

  • Página 217

    Chapter 26 Loop Guard GS2200-8/24 User’s Gui de 217 as loop guard is enabled on port N . The S witch will shut down port N if it detects that the probe packet has returned to the S witch. Figure 137 Loop Guard - Network Loop Note: After resolving the loop problem on yo ur network y ou can re-activ ate the disabled port via the web configur ator ([...]

  • Página 218

    Chapter 26 Loop Guard GS2200-8/24 User’s Gui de 218 The following table describes the labels in this screen. T a ble 79 Advanced Application > Loop Guard LABEL DESCRIPTION Active Sel ect this opti on to en able loop guard on the Switch. The Switch generates syslog, intern al log mess ages as well as SNMP traps when it shuts down a port via the[...]

  • Página 219

    GS2200-8/24 User’s Gui de 219 C HAPTER 27 Layer 2 Protocol Tunneling 27.1 Overview This chapter shows you how to configure la yer 2 protocol tunneling on the Switch. 27.1.1 What Y ou Can Do Use the Layer 2 Protocol Tunnel screen ( Section 27.2 on page 221 ) to enable layer 2 protocol tunneling on the Switch and specify a MAC address with which th[...]

  • Página 220

    Chapter 27 Layer 2 Protocol Tunnel ing GS2200-8/24 User’s Gui de 220 T o emulate a point-to-point topology between two customer switches at different sites, such as A and B , you can enable protocol tunneling on edge switches 1 and 2 for P AgP (Port Aggregation Protocol), LACP or UDLD (UniDirectional Link Detection). Figure 140 L2PT Network Examp[...]

  • Página 221

    Chapter 27 Layer 2 Protocol Tunneling GS2200-8/24 User’s Gui de 221 27.2 Configuring Layer 2 Prot ocol T unneling Click Advance d Application > Layer 2 Protocol Tunneling in the navigation panel to display the screen as shown. Figure 141 Advanced Application > Layer 2 Protocol T unneling The following table describes the labels in this scre[...]

  • Página 222

    Chapter 27 Layer 2 Protocol Tunnel ing GS2200-8/24 User’s Gui de 222 CDP Selec t th is option to have the Switch tunn el CDP (Cisc o Discovery Proto col) packets so th at other Cisco devices can be discovered th rough the service provid er ’s network. STP Select this o ption to have the Swit ch tunnel STP (Spann ing T re e Protocol) pac kets s [...]

  • Página 223

    GS2200-8/24 User’s Gui de 223 C HAPTER 28 PPPoE 28.1 PPPoE Intermediate Agent Overview This chapter describes how the Switch give s a PPP oE termination server additional information that the server can use to identify and authenticate a PPP oE client. A PPP oE Intermediate Agent (PPP oE IA) is deploy ed between a PPPoE server and PPPoE clients. [...]

  • Página 224

    Chapter 28 PPPoE GS2200-8/24 User’s Gui de 224 The T ag_T ype is 0x0105 for vendor-specific tags, as defined in RFC 2516. The T ag_Le n indicates the length of V alue, i1 and i2. The V alue is the 32 -bit number 0x00000DE9, which stands for the “ ADSL Forum” IANA entry . i1 and i2 are PPPoE intermed iate agent sub-options, which contain addit[...]

  • Página 225

    Chapter 28 PPPoE GS2200-8/24 User’s Gui de 225 defined in the DSL F orum W orking T ext (WT)-101. The default access node identifier is the ho st name of the PPP oE intermediate agent and the eth indicates “Ethernet” . 28.1.2.3 Port St ate Every port is either a trusted port or an untrust ed port for the PPPoE intermediate agent. This setting[...]

  • Página 226

    Chapter 28 PPPoE GS2200-8/24 User’s Gui de 226 28.3 PPPoE Intermediate Agent Use this screen to configure the Switch to giv e a PPPoE termination server additional subscriber information that the server can use to identify and authenticate a PPP oE client. Click Advanced Application > PPPoE > Intermediate Ag ent in the na vigation panel to [...]

  • Página 227

    Chapter 28 PPPoE GS2200-8/24 User’s Gui de 227 28.3.1 PPPoE IA Per-Port Use this screen to specify whether individual ports are trusted or untrusted ports and have the Switch add extr a information to PPP oE discovery packets from PPPoE clients on a per-port basis. Note: The Switch will drop all PPP oE packets if you enabl e the PPP oE Intermedia[...]

  • Página 228

    Chapter 28 PPPoE GS2200-8/24 User’s Gui de 228 The following table describes the labels in this screen. 28.3.2 PPPoE IA Per-Port Per-VLAN Use this screen to configure PPP oE IA settings that apply to a specific VLAN on a port. T a ble 87 Advanced Application > PPPoE > Intermediate Agent > P ort LABEL DESCRIPTION Port This field displays [...]

  • Página 229

    Chapter 28 PPPoE GS2200-8/24 User’s Gui de 229 Click the VLAN link in the Intermediate Agent > Port screen to display the screen as shown. Figure 145 Advanced Application > PPPoE > Intermediate Agent > P o rt > VL AN The following table describes the labels in this screen. T a ble 88 Advanced Application > PPPoE > In termedia[...]

  • Página 230

    Chapter 28 PPPoE GS2200-8/24 User’s Gui de 230 28.3.3 PPPoE IA for VLAN Use this screen to set whether the PPPoE Intermedia te Agent is enabled on a VLAN and whether the Switch appends the Circuit ID and/or R emote ID to PPP oE di scovery pack ets from a specific VLAN. Click the VLAN link in the Intermediate Agent screen to display the screen as [...]

  • Página 231

    GS2200-8/24 User’s Gui de 231 C HAPTER 29 Error Disable 29.1 Overview This chapter shows you how to configure the r ate limit for control packets on a port, and set the Switch to take an action (such as to shut down a port or stop sending packets) on a port when the Switch detects a pre-configured error . It also shows you how to configure the S [...]

  • Página 232

    Chapter 29 Error Disable GS2200-8/24 User’s Gui de 232 29.2 The Error Disable Screen Use this screen to configure error disable related settings. Click Advanced Application > Errdisable in the navigation panel to open the following screen. Figure 147 Advanced Application > Errdisable 29.3 CPU Protection Configuration Use this screen to limi[...]

  • Página 233

    Chapter 29 Error Disable GS2200-8/24 User’s Gui de 233 The following table describes the labels in this screen. 29.4 Error-Disable Detect Configuration Use this screen to have the Switch detect whether the control packets exceed the r ate limit configured for a port and configu re the action to take once the limi t is exceeded. Click the Click He[...]

  • Página 234

    Chapter 29 Error Disable GS2200-8/24 User’s Gui de 234 29.5 Error-Disable R ecovery Configuration Use this screen to configure the Switch to automati cally undo an action after the error is gone. Click the Click Here link next to Errdisable Recovery in the Advanced Application > Errdisable screen to display the screen as shown. Figure 150 Adva[...]

  • Página 235

    Chapter 29 Error Disable GS2200-8/24 User’s Gui de 235 Timer Status Select this option to allow the Swit ch to wait for th e specified time inte rval to acti vate a port or allow speci fic pack et s on a port, afte r the e rror w as gone. Deselect th is option to turn off this rule. Interval Enter the number of seconds (fro m 30 to 259200 0) for [...]

  • Página 236

    Chapter 29 Error Disable GS2200-8/24 User’s Gui de 236[...]

  • Página 237

    GS2200-8/24 User’s Gui de 237 C HAPTER 30 Static Route 30.1 Overview This chapter shows you how to configure static routes. The Switch uses IP for communication with management computers, for example using HT TP , T elnet , SSH, or SNMP . Use IP static routes to hav e the Switch respond to remote management stations that are not reachable through[...]

  • Página 238

    Chapter 30 Static Route GS2200-8/24 User’s Gui de 238 30.2 Configuring S t atic Routing Click IP Applicati on > Static Routing in the navigation panel to display the screen as shown. Figure 152 IP Application > Static Routing The following table describes the related labels you use to create a static route. T a ble 93 IP Application > St[...]

  • Página 239

    Chapter 30 Static Route GS2200-8/24 User’s Gui de 239 Destinat ion Address This field displays the IP network address of the fi nal destinatio n. Subnet Mask This field di splays th e subnet mask f or this destination. Gatew ay Address This field displays the IP addr ess of th e gatew a y . The gateway is an immediate neighbor of your Switch that[...]

  • Página 240

    GS2200-8/24 User’s Gui de 240 C HAPTER 31 Differentiated Services 31.1 Overview This chapter shows you how to configure Differ entiated Services (DiffS erv) on the Switch . Quality of Service (QoS) is used to prioritize sour ce-to-destination traffic flows. All packets in the flow are given the same priority . Y ou can use CoS (class of service) [...]

  • Página 241

    Chapter 31 Differenti ated Services GS2200-8/24 User’s Gui de 241 The DSCP value determines the PHB (P er-Hop Behavior), that each pack et gets as it is forwarded across the DiffServ network. Based on the marking ru le different kinds of traffic can be mark ed for different priorities of forwarding. R esources can then be allocated according to t[...]

  • Página 242

    Chapter 31 Differentiated Services GS2200-8/24 User’s Gui de 242 The following table describes the labels in this screen. 31.3 DSCP-to-IEEE 802.1p Priority Settings Y ou can configure the DSCP to IEEE 802.1p mapping to allow the Switch to prioritize all tr affic based on the incoming DSCP value according to the DiffServ to IEEE 802.1p mapping tab[...]

  • Página 243

    Chapter 31 Differenti ated Services GS2200-8/24 User’s Gui de 243 The following table describes the labels in this screen. T a ble 96 IP Application > DiffServ > DSCP Setting LABEL DESCRIPTION 0 … 63 This is the DSCP classifi cation iden tification nu mber . T o set the IEEE 802. 1p priority mapping, se lect the prior ity level from the d[...]

  • Página 244

    GS2200-8/24 User’s Gui de 244 C HAPTER 32 DHCP 32.1 DHCP Overview This chapter shows you how to configure the DHCP feature. DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configur ation at start-up from a server . If you configure the S witch as a DHCP relay agent, then the Switch for[...]

  • Página 245

    Chapter 32 DHCP GS2200-8/24 User’s Gui de 245 DHCP Relay Configure DHCP relay on th e Switch if the DHCP clients and the DHCP server are n ot in the same broadcast domain. During the initial IP addre ss leasing, the Switch helps to relay network information (such as the IP address and subnet mask) between a DHCP client and a DHCP server . Once th[...]

  • Página 246

    Chapter 32 DHCP GS2200-8/24 User’s Gui de 246 The following table describes the labels in this screen. 32.3 Configuring DHCP Global Relay Configure global DHCP relay in the DHCP Relay screen. Click IP Application > DHCP in the navigation panel and click the Global link to displa y the screen as shown. Figure 158 IP Application > DHCP > G[...]

  • Página 247

    Chapter 32 DHCP GS2200-8/24 User’s Gui de 247 32.3.1 Global DHCP Re lay Configuration Example The following figure shows a network ex ample w here the Switc h is used to rela y DHCP re quests f or the VLAN1 and VLAN2 domains. There is only one DHCP serv er that services the DHCP clients in both domains. Figure 159 Global DHCP R elay Network Examp[...]

  • Página 248

    Chapter 32 DHCP GS2200-8/24 User’s Gui de 248 See Section 8.6 on page 72 for information on how to set up management IP addresses for VLANs. Figure 161 IP Application > DHCP > VLAN The following table describes the labels in this screen. 32.4.1 Example: DHCP Relay for T wo VLANs The following example displays two VLANs (VIDs 1 and 2) for a [...]

  • Página 249

    Chapter 32 DHCP GS2200-8/24 User’s Gui de 249 the academic buildings (VLAN 2) are sent to th e other DHCP server with an IP address of 172.23.10.100. Figure 162 DHCP Relay for T wo VLANs For the example network, configure the VLAN Setting screen as shown. Figure 163 DHCP Rela y for T wo VLANs Configuration Example VLAN 1 VLAN 2 DHCP: 192.168.1.10[...]

  • Página 250

    GS2200-8/24 User’s Gui de 250 C HAPTER 33 ARP Learning 33.1 ARP Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also kn own as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long. In an Ethernet LAN[...]

  • Página 251

    Chapter 33 ARP Learning GS2200-8/24 User’s Gui de 251 ARP request to the S witch and then sends an IC MP request after getting the ARP reply from the Switch. The Sw itch finds no matched entry for host B in the ARP table and broadcasts the ARP request to all the devices on the LAN. When the S w itch receives the ARP reply from host B , it updates[...]

  • Página 252

    Chapter 33 ARP Le arning GS2200-8/24 User’s Gui de 252 Therefore in the following example, the Switch can learn host A ’s MAC address from the ARP request sent by host A . The Switch then forwards host B ’ s ICMP reply to host A right after getting host B ’ s MAC address and ICMP reply . 33.2 Configuring ARP Learning Click IP Application &g[...]

  • Página 253

    Chapter 33 ARP Learning GS2200-8/24 User’s Gui de 253 The following table describes the labels in this screen. T a ble 101 IP Application > ARP Learning LABEL DESCRIPTION Port This fiel d displays the port number . * Settings in this row apply to all ports. Use this row only if you want to mak e some sett ings the same for all po rts. Use this[...]

  • Página 254

    Chapter 33 ARP Le arning GS2200-8/24 User’s Gui de 254[...]

  • Página 255

    GS2200-8/24 User’s Gui de 255 C HAPTER 34 Maintenance 34.1 Overview This chapter explains how to configure the screens that let y ou maintain the firmware and configuration files. 34.1.1 What Y ou Can Do •U s e t h e Maintenance screen ( Section 34.2 on p age 255 ) to return to the factory defaults, save the current configuration settings and r[...]

  • Página 256

    Chapter 34 Maintenance GS2200-8/24 User’s Gui de 256 34.2.1 Load Factory Default Follow th e steps below to reset the S witch back to the factory defaults. 1 In the Maintenance screen, click the Click Here button next to Load Factory Default to clear all Switch configur ation information you configured and return to the factory defaults. 2 Click [...]

  • Página 257

    Chapter 34 Maintenance GS2200-8/24 User’s Gui de 257 34.2.3 Reboot System Reboot System allows you to restart the S witch without physically turning the power off . It also allows you to load configuration one ( Config 1 ) or configuration two ( Config 2 ) when you reboot. Follow the steps below to reboot the Switch. 1 In the Maintenance screen, [...]

  • Página 258

    Chapter 34 Maintenance GS2200-8/24 User’s Gui de 258 34.4 Restore a Configuration File Use this screen to restore a previously saved configur ation from your computer to the S witch. Figure 169 Management > Maintenance > R estore Configuration T ype the path and file name of the configur ation file you wish to restore in the File Path text [...]

  • Página 259

    Chapter 34 Maintenance GS2200-8/24 User’s Gui de 259 34.6 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 34.6.1 FTP Command Line This section shows some examples of uploading to or downloading files from the Switch using FTP commands. First, understand the filename conventions[...]

  • Página 260

    Chapter 34 Maintenance GS2200-8/24 User’s Gui de 260 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested (the default is “1234”). 5 Enter bin to set transfer mode to binary . 6 Use put to transfer files from the computer to the Sw itch, for example, put firmware.bin ras transfers the firmw are on your computer (fi[...]

  • Página 261

    GS2200-8/24 User’s Gui de 261 C HAPTER 35 Access Control 35.1 Overview This chapter describes how to control access to the Switch. A console port and FTP are allowed one session each, T elnet and SSH share nine sessions, up to five W eb sessions (five different user names and passwords) and/or limitless SNMP access control sessions are allowed. A[...]

  • Página 262

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 262 Click Management > Access Control in the navigation panel to display the main screen as shown. Figure 171 Management > Access Control 35.3 Configuring SNMP Use this screen to configure your SNMP settings. Click Management > Access Control > SNMP to view the screen as shown. Figur[...]

  • Página 263

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 263 Get Community Enter the Get Community string, which is the password for the incoming Get- and GetNext- requests fro m the management station. The Get Community string is only used by SNMP ma nagers using SNMP v ersion 2c or lower . Set Communi t y Enter the Set Community stri ng, which is th[...]

  • Página 264

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 264 35.3.1 Configuring SNMP T rap Group Use the Trap Group screen to specify the types of SNMP tr aps that should be sent to each SNMP manager . Click Management > Access Control > SNMP > Trap Group to view the screen as shown. Figure 173 Management > Access Control > SNMP > T [...]

  • Página 265

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 265 35.3.2 Configuring SNMP User From the SNMP screen, click User to view the screen as shown. Use the User screen to create SNMP users for authentication with managers using SNMP v3 and associate them to SNMP groups. An SNMP user is an SNMP manager . Figure 174 Management > Access Control &g[...]

  • Página 266

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 266 35.4 Setting Up Login Account s Use this screen to assign which users can access the Switch via web configur ator at any one time. Up to five people (one administr ator and four non-administrators) may access the S witch via web configurator at any one time. • An administrator is someone w[...]

  • Página 267

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 267 • A non-administr ator (username is something other than admin ) is someone who can view but not configure Switch settings. Click Management > Access Control > Logins to view the screen as shown next. Figure 175 Management > Access Control > Logins The following table describes[...]

  • Página 268

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 268 35.5 Service Port Ac cess Control Use this screen to decide what services you may use to access the Switch. Service Access Control allows you to decide what services you ma y use to access the Switch. Y ou may also change the default service port and conf igure “trusted computer(s)” for [...]

  • Página 269

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 269 Y o u can specify a group of one or m ore “trusted computers” from which an administrator ma y use a service to manage the Switch. Click Access Control to return to the Access Control screen. Figure 177 Management > Access Control > Remote Management The following table describes t[...]

  • Página 270

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 270 35.7 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 35.7.1 About SNMP Simple Network Management Protocol (SNMP) is an application layer protocol used to manage and monitor T CP/IP-based devices. SNMP is used to exchange m[...]

  • Página 271

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 271 SNMP v3 and Security SNMP v3 enhances security for SNMP manage ment. SNMP managers can be required to authenticate with agents before co ndu cting SNMP management sessions. Security can be further enhanced by encrypti ng the SNMP messages sent from the managers. Encryption protects the conte[...]

  • Página 272

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 272 temperatu re T emperat ureEventOn 1.3.6.1.4.1. 890.1.5.8.55.2 7.2.1 1.3.6.1.4.1.890 .1.5.8.56.2 7.2.1 1.3.6.1.4.1.890 .1.5.8.59.2 7.2.1 1.3.6.1.4.1.890 .1.5.8.60.2 7.2.1 This trap is sent when the tem p erature goes above or below the normal operating r ang e. T emperat ureEvent Clear 1.3.6.[...]

  • Página 273

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 273 intrusionloc k IntrusionLockEventOn 1.3.6.1.4.1.890.1.5 .8.55.27.2.1 1.3.6.1.4.1.8 90.1.5.8.56.27. 2.1 1.3.6.1.4.1.8 90.1.5.8.59.27. 2.1 1.3.6.1.4.1.8 90.1.5.8.60.27. 2.1 This trap is sent when intrusion lock occurs on a port. loopguard LoopguardEv entOn 1.3. 6.1.4.1.890.1.5 .8.55.27.2.1 1.3[...]

  • Página 274

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 274 T a ble 113 SNMP InterfaceTraps OPTION OBJECT LABEL OBJECT ID DESCRIPTION linkup linkUp 1.3.6.1.6.3.1.1.5.4 This trap is sent when the Etherne t link is up. LinkDownEven tClear 1.3.6.1.4.1.890.1.5.8. 55.27.2.2 1.3.6.1.4.1.89 0.1.5.8.56.27. 2.2 1.3.6.1.4.1.89 0.1.5.8.59.27. 2.2 1.3.6.1.4.1.89[...]

  • Página 275

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 275 T a ble 114 AAA Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION authentication authenticati onF ailure 1.3. 6.1.6.3.1.1.5 .5 This t rap is sent when authenticati on fails due to incorrect user name and/or password. AuthenticationF ailureEventOn 1.3.6.1.4.1.890. 1.5.8.55.27.2.1 1.3.6.1.4.1.8 [...]

  • Página 276

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 276 T a ble 116 SNMP Switch Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION stp STPN ewRoot 1.3.6.1.2.1.17.0. 1 This trap is sent when t he STP root switch changes . MRSTPNewR oot 1.3.6.1.4.1.890.1.5.8.55. 36.2.1 1.3.6.1.4.1.89 0.1.5.8.56.36. 2.1 1.3.6.1.4.1.89 0.1.5.8.59.36. 2.1 1.3.6.1.4.1.89 [...]

  • Página 277

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 277 35.7.2 SSH Overview Unlike T elnet or F TP , which transmit data in clear text, SSH (Secure Shell) is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts ov er an unsecured network. Figure 179 SSH Commun[...]

  • Página 278

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 278 2 Encryption Method Once the identification is verified, both the client and server must agree on the type of encryption method to use. 3 Authentication and Data T ransmission After the identification is verified and data en cr yption activated, a secure tunnel is established between the cli[...]

  • Página 279

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 279 2 HT TP connection requests from a we b browser go to port 80 (by default) on the S witch’ s WS (web server). Figure 181 HT TPS Implementation Note: If you disable HTTP in the Service Access Control screen, then the Switch blocks all HT TP connection attempts. 35.7.3.1 HTTPS Example If you[...]

  • Página 280

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 280 When you attempt to access the Switch HT TPS server , a screen with the message "There is a problem with this websi te's security certificate." may display . If that i s the case, click Continue to this website (not recommended) to proceed to the web configur ator login screen[...]

  • Página 281

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 281 Click Install Certificate... and follow the on-screen instructions to install the certificate in your browser . Figure 185 Certificate (Internet Explorer 7 or 8)[...]

  • Página 282

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 282 Mozilla Firefox W arning Messages When you attempt to access the Switch HTTPS server , a This Connecti on is Unstr ucted screen may display . If that is the case, click I Understand the Risks and then the Add Exception... button. Figure 186 Security Alert (Mozilla Firefox)[...]

  • Página 283

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 283 Confirm the HT TPS serv er URL matches. Click Confirm Security Exception to proceed to the web configurator login screen. Figure 187 Security Alert (Mozilla Firefox) 35.7.3.2 The Main Screen After you accept the certificate and enter the logi n username and password, the S witch main screen [...]

  • Página 284

    Chapter 35 Access Control GS2200-8/24 User’s Gui de 284 Mozilla Firefox) or next to the address bar (in Internet Explorer 7 or 8) denotes a secure connection. Figure 188 Example: Lock Denoting a Secure Connection EXAMPLE[...]

  • Página 285

    GS2200-8/24 User’s Gui de 285 C HAPTER 36 Diagnostic 36.1 Overview This chapter explains the Diagnostic screen. Use the Diagnostic screen ( Section 36.2 on pa ge 285 ) to check system logs, ping IP addresses or perform port tests. 36.2 Diagnostic Click Management > Diagnostic in the navigation panel to open this screen. Use this screen to chec[...]

  • Página 286

    Chapter 36 Diagnostic GS2200-8/24 User’s Gui de 286 IP Ping T ype the IP address of a device that you want to ping in orde r to test a conn ection. Click Ping to have the Switch ping the IP address (in the fi eld to the left). Ethernet Port T est Ente r a port number and click Port Test to perform an internal loopback test. T a ble 117 Ma nagemen[...]

  • Página 287

    GS2200-8/24 User’s Gui de 287 C HAPTER 37 Syslog 37.1 Overview This chapter explains the syslog screens. The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server . Syslog is def[...]

  • Página 288

    Chapter 37 Syslog GS2200-8/24 User’s Gui de 288 Click Management > Syslog in the navigation panel to display this screen. The syslog feature sends logs to an external syslog server . Figure 190 Management > Syslog The following table describes the labels in this screen. T a ble 119 Ma nagement > Syslog LABEL DESCRIPTION Syslog Select Act[...]

  • Página 289

    Chapter 37 Syslog GS2200-8/24 User’s Gui de 289 37.3 Syslog Server Setup Click Management > Syslog > Syslog Server Setup to view the screen as shown next. Use this screen to configure a list of external syslog servers. Figure 191 Management > Syslog > S yslog Server Setup The following table describes the labels in this screen. T a bl[...]

  • Página 290

    GS2200-8/24 User’s Gui de 290 C HAPTER 38 Cluster Management 38.1 Overview This chapter introduces cluster management. Cluster Management allows y ou to manage switches through one S witch, called the cluster manager . The switches must be directly connected an d be in the same VL AN group so as to be able to communicate with one another . In the[...]

  • Página 291

    Chapter 38 Cluster Management GS2200-8/24 User’s Gui de 291 38.1.1 What Y ou Can Do •U s e t h e Cluster Management screen ( Section 38.2 on page 291 ) to view the role of the Switch within the cluster and to access a cluster member switch’ s web configurator . •U s e t h e Clustering Management Configuration screen ( Section 3 8.1 on page [...]

  • Página 292

    Chapter 38 Cluster Ma nagement GS2200-8/24 User’s Gui de 292 38.3 Clustering Management Configuration Use this screen to configure clustering management. Click Managem ent > Cluster Managemen t > Configuration to display the next screen. Figure 194 Management > Cluster Management > Configur ation Model This field displa ys the mode l [...]

  • Página 293

    Chapter 38 Cluster Management GS2200-8/24 User’s Gui de 293 The following table describes the labels in this screen. T a ble 123 Management > Cluster Management > Configuration LABEL DESCRIPTION Clustering M anager Active Select Activ e to have this S witch become the c l uster manager swit ch. A clus ter can only have one manager . Other ([...]

  • Página 294

    Chapter 38 Cluster Ma nagement GS2200-8/24 User’s Gui de 294 38.4 T echnical Reference This section provides technical background information on the topics discussed in this chapter . 38.4.1 Cluster Member Switch Management Go to the Clustering Management Status screen of the cluster manager switch and then select an Index hyperlink fro m the lis[...]

  • Página 295

    Chapter 38 Cluster Management GS2200-8/24 User’s Gui de 295 38.4.1.1 Uploading Firmware to a Cluster Member Switch Y o u can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example. Figure 196 Example: Uploading Firmware to a Cluster Member S witch The following table explains som[...]

  • Página 296

    GS2200-8/24 User’s Gui de 296 C HAPTER 39 MAC Table 39.1 Overview This chapter introduces the MAC Table screen. The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the Switch’ s ports. It shows what device MAC address, belonging to what VLAN group (if any) is forwarded to wh[...]

  • Página 297

    Chapter 39 MAC Table GS2200-8/24 User’s Gui de 297 • If the Switch has already learned th e port for th is MAC address, but the destination port is the same as the port it came in on, then it filters the frame. Figure 197 MAC T able Flowchart 39.2 V iewing the MAC T able Use this screen to check whether the MAC address is dynamic or static. Cli[...]

  • Página 298

    Chapter 39 MAC Table GS2200-8/24 User’s Gui de 298 The following table describes the labels in this screen. T a ble 125 Management > MAC Table LABEL DESCRIPTION Condition Select on e of the button s and click Search to only disp lay the data which mat ches the criteria you spec ified. Select All to display any entry i n the MAC table of the Sw[...]

  • Página 299

    GS2200-8/24 User’s Gui de 299 C HAPTER 40 ARP Table 40.1 Overview This chapter introduces ARP T able. Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also kn own as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 [...]

  • Página 300

    Chapter 40 ARP Table GS2200-8/24 User’s Gui de 300 Click Management > ARP Table in the navigation panel to open the following screen. Figure 199 Management > ARP T able The following table describes the labels in this screen. T a ble 126 Management > ARP Table LABEL DESCRIPTION Condition Specify how you want the Switch to remove AR P ent[...]

  • Página 301

    GS2200-8/24 User’s Gui de 301 C HAPTER 41 Configure Clone 41.1 Overview This chapter shows you how you can copy the settings of one port onto other ports. 41.2 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports. Click Management > Conf igure Clon e to open the following [...]

  • Página 302

    Chapter 41 Configure C lone GS2200-8/24 User’s Gui de 302 The following table describes the labels in this screen. T a ble 127 Management > Configure Clone LABEL DESCRIPTION Sourc e/ Destinat ion Port Enter the source port under the Source label . This port’s attributes are copied. Enter the destinat ion po rt or ports under the Destination [...]

  • Página 303

    GS2200-8/24 User’s Gui de 303 C HAPTER 42 Troubleshooting This chapter offers some suggestions to solve problems you might encounter . The potential problems are divided into the following categories. • Po wer , Hardware Connections, and LEDs • Switch Access and Login • Switch Configur ation 42.1 Power , Hardware Connections, and LEDs The S[...]

  • Página 304

    Chapter 42 Troubleshootin g GS2200-8/24 User’s Gui de 304 4 Disconnect and re-connect the power adaptor or cord to the Switch. 5 If the problem continues, contact the v e ndor . 42.2 Switch Access and Login I forgot the IP address for the Switch. 1 The default IP address is 192.168.1.1 . 2 Use the console port to log in to the S witch. 3 If this [...]

  • Página 305

    Chapter 42 Troubleshoo ting GS2200-8/24 User’s Gui de 305 6 If the problem continues, contact the v e ndor , or try one of the advanced suggestions. Advanced Suggestions • T ry to access the Switch using another service, such as T elnet. If you can access the Switch, check the remote management settings to find out why the Switch does not respo[...]

  • Página 306

    Chapter 42 Troubleshootin g GS2200-8/24 User’s Gui de 306 Click the Display button in the System Log field in the Management > Diagnostic screen to check for unauthorized access to y our Switch. T o avoid unauthorized access, configure the secured client setting in the Management > Access Control > Remote Management screen for teln et, H[...]

  • Página 307

    GS2200-8/24 User’s Gui de 307 C HAPTER 43 Product Specifications The following tables summarize the S witch’ s hardware and firmware features. T a ble 128 Hardware Specifications SPECIFICATION DESCRIPTION Dimensions Desktop design • GS2200-8 : 250*148 *44.5 mm • GS2200-8HP: 330*230*4 4.5 mm 1U and standard 19” rack mountable • GS2200-24[...]

  • Página 308

    Chapter 43 Product Specifications GS2200-8/24 User’s Gui de 308 Interfaces GS2200-8: 8 100/1000BASE- T GS2200-8HP: 8 100/1000BASE- T PoE GS2200-24: 24 100/100 0BASE- T GS2200-24P: 24 100/1000 BASE- T PoE 2 or 4 GbE Dual P ersonality interfaces (Each interface has one 1000Base- T RJ-45 port and one Small Form-F actor Pluggable (SFP) slot, wi th on[...]

  • Página 309

    Chapter 43 Product Specificati ons GS2200-8/24 User’s Gui de 309 Number of Login Accounts Configur able on the Switch 4 m a nage ment accounts con f igured on the Switch. Authentication via RADIUS and T ACACS+ also available. Maximum Fr ame Size 9 K (9216 b ytes) VLAN A VLAN (Virtual Local Area Network) al lows a physical netwo rk to be partition[...]

  • Página 310

    Chapter 43 Product Specifications GS2200-8/24 User’s Gui de 310 Port Authenticati on and Securi ty For security , the Switch allows aut hen tication us ing IEEE 802.1x with an external RADIUS server and port secu rity that allows only packets wi th dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on [...]

  • Página 311

    Chapter 43 Product Specificati ons GS2200-8/24 User’s Gui de 31 1 STP IEEE 802.1w Rapid Spanni ng T ree Protocol (RSTP) Multiple Rapid Spanning T ree capability IEEE 802.1s Multiple Spanning T ree Protocol QoS IEEE 802.1p with 8 CoS per port 802.3x flow control SPQ, WF Q, or SP Q/W FQ co mbi na tio n c ap a bl e Rule-based bandwidth control (ingr[...]

  • Página 312

    Chapter 43 Product Specifications GS2200-8/24 User’s Gui de 312 The following list, which is not exhaustive, illu strates the standards supported in the Switch. Security Static MAC address filtering Static MAC address forwarding MAC Freeze IEEE 802.1x port -based authenticat ion Limiting number of dynamic MAC addresses per port SSH v1/ v2 SSL Mul[...]

  • Página 313

    Chapter 43 Product Specificati ons GS2200-8/24 User’s Gui de 313 RFC 1757 RMON RFC 1901 SNMPv2c Simple Network Management Protocol version 2c RFC 2138 RADIUS (Remote Authenticati on D ial In User Service) RFC 2233 ifVHCPacketGroup RFC 2236 Internet Group Mana gement Protocol, V ersion 2. RFC 2674 P-BRIDGE-MIB, Q-BRIDGE-MIB RFC 2865 RADIUS - Vendo[...]

  • Página 314

    Chapter 43 Product Specifications GS2200-8/24 User’s Gui de 314[...]

  • Página 315

    GS2200-8/24 User’s Gui de 315 A PPENDIX A Changing a Fuse This appendix shows you how to remov e and install fuses for the Switch. If you use a fuse other than an incl uded fuse, make sure it matches the fuse specifications in the chap ter on product specifications. Removing a Fuse Disconnect all power from the Switch before y ou begin this proce[...]

  • Página 316

    Appendix A Changing a Fuse GS2200-8/24 User’s Gui de 316[...]

  • Página 317

    GS2200-8/24 User’s Gui de 317 A PPENDIX B Common Services The following table lists some commonly-used services and their associated protocols and port numbers. For a comprehensive list of port number s, ICMP type/code numbers and services, visit the IANA (I nterne t Assigned Number Authority) web site. • Name : This is a short, descriptive nam[...]

  • Página 318

    Appendix B Common Services GS2200-8/24 User’s Gui de 318 HT TPS TCP 443 HTTPS is a secured http session o ften used in e - commerce. ICMP User- Defined 1 Internet Control Message Pr otocol is often used for diagnostic or routing purposes. ICQ UDP 4000 This is a popular In ternet chat progr am. IGMP (MUL TICAST) User-Defined 2 Internet Group Mu lt[...]

  • Página 319

    Appendix B Common Services GS2200-8/24 User’s Gui de 319 SQL -NET TCP 1521 Structured Query L anguage is an in terface to access data on many different ty pes of data base systems, including mainframes, midrange systems, UNIX systems and network servers. SSH TCP / U DP 22 Secure She ll Re mote Login Program. STRM WORKS UDP 1558 Stream Works Proto[...]

  • Página 320

    Appendix B Common Services GS2200-8/24 User’s Gui de 320[...]

  • Página 321

    GS2200-8/24 User’s Gui de 321 A PPENDIX C Legal Information Copyright Copyright © 2011 by Z yXEL Communications Corpor ation. Th e co n te n ts o f t h is p ub l ic a t io n m a y n o t b e re p r od uc e d in a ny pa r t or as a w ho l e, t ra ns c ri b ed , st o re d in a re t ri e va l s y st e m, t r anslated into any language, or tr ansmitt[...]

  • Página 322

    Appendix C Legal Informa tion GS2200-8/24 User’s Gui de 322 ZyXEL Limited W arranty Z yXEL warrants to the original e nd user (purchaser) th at this pr oduct is free from any defects in material or workmanship for a speci fic period (the Warranty P eri od) from the date of pur chase. The Warranty P erio d varies by region. Check with your vendor [...]

  • Página 323

    Index GS2200-8/24 User’s Gui de 323 Index Numbers 802.1P priority 76 A AAA 182 AAA (Authentication and Authorization) 182 access control limitations 261 login account 266 remote management 268 service port 268 SNMP 270 address learning, MAC 92 , 94 Address R esolution Protocol (ARP) 250 , 299 , 301 , 302 administrator password 267 age 121 aggrega[...]

  • Página 324

    Index GS2200-8/24 User’s Gui de 324 cloning a port See port cloning cluster management 290 and switch passwords 293 cluster manager 290 , 293 cluster member 290 , 293 cluster member firmware upgr ade 295 network example 290 setup 292 specification 290 status 291 switch models 290 VID 293 web config urator 294 cluster manager 290 cluster member 29[...]

  • Página 325

    Index GS2200-8/24 User’s Gui de 325 F fan speed 68 FCC interference statement 321 file transfer using FTP command example 259 filename convention, configur ation configuration file names 259 filtering 107 rules 107 filtering database, MAC table 296 firmware 67 upgrade 257 , 295 flow control 76 back pressure 76 IEEE802.3x 76 forwarding delay 121 f[...]

  • Página 326

    Index GS2200-8/24 User’s Gui de 326 IP address 74 IP interface 73 IP setup 72 IP source guard 193 , 194 ARP inspection 194 , 213 DHCP snooping 194 , 21 1 static bindings 194 IP subnet mask 74 L L2PT 219 access port 220 CDP 219 configuration 221 encapsulation 219 LACP 220 MAC address 219 mode 220 overview 219 PAg P 220 point to point 220 STP 219 t[...]

  • Página 327

    Index GS2200-8/24 User’s Gui de 327 max age 121 hops 121 MDIX (Media Dependent Interface Crossover) 34 MIB and SNMP 270 supported MIBs 271 MIB (Management Information Base) 270 mirroring ports 134 monitor port 135 mounting brackets 28 MRSTP status 11 8 MST ID 127 MST Instance, See MSTI 127 MST region 126 MSTI 127 MSTP 109 , 11 2 bridge ID 124 , 1[...]

  • Página 328

    Index GS2200-8/24 User’s Gui de 328 MAC address learning 151 overview 151 setup 152 , 217 , 221 port setup 75 port status 61 port VLAN ID, see PVID 91 port VLAN trunking 85 port-based VLAN 96 all connected 99 port isolation 99 settings wizard 99 ports diagnostics 286 mirroring 134 speed/duplex 76 standby 138 power volt age 68 power connector 35 p[...]

  • Página 329

    Index GS2200-8/24 User’s Gui de 329 SNMP 270 agent 270 and MIB 270 and security 271 authentication 265 , 266 communities 263 management model 270 manager 270 MIB 271 network components 270 object variables 270 protocol operations 270 security 265 , 266 setup 262 trap group 264 users 265 vers ion 3 27 1 versions supported 27 0 SNMP traps 271 , 27 [...]

  • Página 330

    In d ex GS2200-8/24 User’s Gui de 330 temperature indicator 67 terminal emulation 33 time current 69 time zone 70 Time (RFC-868) 69 time server 69 time service protocol 69 format 69 trademarks 321 transceiver MultiSource Agreement (MSA) 34 transceivers 34 installation 34 remov al 35 traps destination 263 trunk group 137 trunking 137 example 143 t[...]

  • Página 331

    Index GS2200-8/24 User’s Gui de 331 Z Z y NOS (Z yXEL Network Operating System) 259[...]

  • Página 332

    Index GS2200-8/24 User’s Gui de 332[...]