Cisco Systems SG50028PK9NA инструкция обслуживания

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638

Идти на страницу of

Хорошее руководство по эксплуатации

Законодательство обязывает продавца передать покупателю, вместе с товаром, руководство по эксплуатации Cisco Systems SG50028PK9NA. Отсутствие инструкции либо неправильная информация, переданная потребителю, составляют основание для рекламации в связи с несоответствием устройства с договором. В законодательстве допускается предоставлении руководства в другой, чем бумажная форме, что, в последнее время, часто используется, предоставляя графическую или электронную форму инструкции Cisco Systems SG50028PK9NA или обучающее видео для пользователей. Условием остается четкая и понятная форма.

Что такое руководство?

Слово происходит от латинского "instructio", тоесть привести в порядок. Следовательно в инструкции Cisco Systems SG50028PK9NA можно найти описание этапов поведения. Цель инструкции заключается в облегчении запуска, использования оборудования либо выполнения определенной деятельности. Инструкция является набором информации о предмете/услуге, подсказкой.

К сожалению немного пользователей находит время для чтения инструкций Cisco Systems SG50028PK9NA, и хорошая инструкция позволяет не только узнать ряд дополнительных функций приобретенного устройства, но и позволяет избежать возникновения большинства поломок.

Из чего должно состоять идеальное руководство по эксплуатации?

Прежде всего в инструкции Cisco Systems SG50028PK9NA должна находится:
- информация относительно технических данных устройства Cisco Systems SG50028PK9NA
- название производителя и год производства оборудования Cisco Systems SG50028PK9NA
- правила обслуживания, настройки и ухода за оборудованием Cisco Systems SG50028PK9NA
- знаки безопасности и сертификаты, подтверждающие соответствие стандартам

Почему мы не читаем инструкций?

Как правило из-за нехватки времени и уверенности в отдельных функциональностях приобретенных устройств. К сожалению само подсоединение и запуск Cisco Systems SG50028PK9NA это слишком мало. Инструкция заключает ряд отдельных указаний, касающихся функциональности, принципов безопасности, способов ухода (даже то, какие средства стоит использовать), возможных поломок Cisco Systems SG50028PK9NA и способов решения проблем, возникающих во время использования. И наконец то, в инструкции можно найти адресные данные сайта Cisco Systems, в случае отсутствия эффективности предлагаемых решений. Сейчас очень большой популярностью пользуются инструкции в форме интересных анимаций или видео материалов, которое лучше, чем брошюра воспринимаются пользователем. Такой вид инструкции позволяет пользователю просмотреть весь фильм, не пропуская спецификацию и сложные технические описания Cisco Systems SG50028PK9NA, как это часто бывает в случае бумажной версии.

Почему стоит читать инструкции?

Прежде всего здесь мы найдем ответы касательно конструкции, возможностей устройства Cisco Systems SG50028PK9NA, использования отдельных аксессуаров и ряд информации, позволяющей вполне использовать все функции и упрощения.

После удачной покупки оборудования/устройства стоит посвятить несколько минут для ознакомления с каждой частью инструкции Cisco Systems SG50028PK9NA. Сейчас их старательно готовят или переводят, чтобы они были не только понятными для пользователя, но и чтобы выполняли свою основную информационно-поддерживающую функцию.

Содержание руководства

  • Страница 1

    Cis c o 500 S erie s St ackable Manage d S witch Administration Guide Releas e 1 .3.5 ADMINISTR A TION GUIDE[...]

  • Страница 2

    Cisco 500 S eries Stackable Manage d Switch Administration Guide 1 Con t en ts T able of C onten t s Chapter 1: Getting Started 1 Starting the Web-based Configuration Utility 1 Quick Start Device Configuration 5 Interface Naming Conventions 6 Differences Between Sx500, S G500X, ESW2-550X and the SG500XG De- vices<Sx500> 7 Window Navigation 8 [...]

  • Страница 3

    Cisco 500 Serie s Stackable Managed Switch Admin istration Guide 2 Con te nt s Upgrade/Backup Firmware/Language 37 Active Image <Sx300-500> 41 Download/Backup Configuration/Log 42 Configuration Files Properties 48 Copy/Save Co nfiguration 49 Auto Configuration via DHCP 50 Chapter 5: Administration: Stack Management 58 Overview 59 Types of Uni[...]

  • Страница 4

    Cisco 500 S eries Stackable Manage d Switch Administration Guide 3 Con t en ts Time Settings<print only> 112 System Log<print only> 112 File Management<print only> 113 Rebooting the Device 113 Routing Resources<Sx300-500> 115 Health 119 Diagnostics<print only> 121 Discover y - Bonjou r<print only> 121 UDLD<pri[...]

  • Страница 5

    Cisco 500 Serie s Stackable Managed Switch Admin istration Guide 4 Con te nt s Chapter 10: Administration: Unid irectional Link Detection 183 UDLD Overview 183 UDLD Operation 184 Usage Guidelines 187 Dependencies On Other Features 187 Default Settings and Co nfiguration 188 Before You Start 188 Common UDLD Tasks 188 Configuring UDLD 189 Chapter 11:[...]

  • Страница 6

    Cisco 500 S eries Stackable Manage d Switch Administration Guide 5 Con t en ts Built-in Smartport Macros 236 Chapter 13: Port Management: PoE 248 PoE on the Device 248 Configuring PoE Properties 251 Configuring PoE Settings 253 Chapter 14: VLAN Management 256 VLANs 257 Configuring Default VLAN Settings 260 Creating VLANs 261 Configuring VLAN Interf[...]

  • Страница 7

    Cisco 500 Serie s Stackable Managed Switch Admin istration Guide 6 Con te nt s Chapter 16: Managing MAC Address Tables 308 Configuring St atic MAC Addresses 309 Managing Dynamic MAC Addresses 310 Defining Reserved MAC Addresses 311 Chapter 17: Multicast 312 Multicast Forwarding 312 Defining Multicast Properties 316 Adding MAC Group Address 317 Addi[...]

  • Страница 8

    Cisco 500 S eries Stackable Manage d Switch Administration Guide 7 Con t en ts Overview 416 Configurable Elements of VRRP 420 Configuring VRRP 423 Chapter 21: Security 428 Defining Users 430 Configuring TACACS+<Sx300-500> 433 Configuring RADIUS 438 Key Manageme nt<Sx500> 442 Management Acce ss Method 445 Management Access Authentication[...]

  • Страница 9

    Cisco 500 Serie s Stackable Managed Switch Admin istration Guide 8 Con te nt s <Sx300-500>Defining Time Ranges 510 <Sx300-500>Authentication Method and Port Mode Support 511 Chapter 23: Security: First Hop Security 515 First Hop Security Overview 516 Router Advertisement Guard 520 Neighbor Discov ery Inspection 520 DHCPv6 Guard 521 Neig[...]

  • Страница 10

    Cisco 500 S eries Stackable Manage d Switch Administration Guide 9 Con t en ts Chapter 26: Security: Secure Sensitive Data Management 562 Introduction 562 SSD Rules 563 SSD Properties 569 Configuration Files 571 SSD Management Channels 576 Menu CLI and Password Recovery 577 Configuring SSD 577 Chapter 27: Access Control 582 Access Control Lists 582[...]

  • Страница 11

    Cisco 500 Serie s Stackable Managed Switch Admin istration Guide 10 Con te nt s Defining SNMP Communities 647 Defining Trap Settings 649 Notification Recipients 650 SNMP Notification Filters 654[...]

  • Страница 12

    1 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion ) 1 Get ting St ar te d This section provides an introduction to the web-bas ed configuration utilit y , and covers the f o llowing t opics : • Star ting the Web-b ase d C onfigura tion Utilit y • Quick Star t Devic e Configuration • Inter[...]

  • Страница 13

    Getting Started Star ting the W eb -bas ed Configur a tion Utilit y 2 Cisco Small Busines s 200 , 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1 NOTE When the device is using the f act or y default IP addr ess of 192. 168. 1 .254, its power LED flashes continuously . When the devic e is using a DHCP as signed IP addre[...]

  • Страница 14

    Get ting Star te d Star ting the Web-b ase d C on figura tion Utilit y Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 3 1 When the login at tempt is succes sful, the Get ting Star ted page app ears. If you ent ered an incorrect username or pas sword, an err or mes sage appears and the L ogin [...]

  • Страница 15

    Getting Started Star ting the W eb -bas ed Configur a tion Utilit y 4 Cisco Small Busines s 200 , 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1 Configuration change s hav e not yet been saved t o the Star tup Configuration file. The flashing can be disable d by clicking on the Disable Sav e Icon Blinking but ton on t[...]

  • Страница 16

    Get ting Star te d Quick Star t Devic e Configur a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion ) 5 1 Quick Star t D evic e C onfigura tion T o simplify device configuration throug h quick navigation, the Getting Star ted page provides links t o the most commonly use d pages . Ther e ar[...]

  • Страница 17

    Getting Started In terface Naming C onven tions 6 Cisco Small Busines s 200 , 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1 Inter face Naming C onventions Within the GUI, int e r faces are denot e d by concatenating the f ollowing elements : • Typ e of interface : The f ollowing t ype s of int er faces are f ound o[...]

  • Страница 18

    Get ting Star te d Dif fer ences B etween 500 D evice s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion ) 7 1 • Enabling IP v 4 routing is done differ ently in the devices , as f ollows : - SG500XSG500X G/ESW2-550X —IP v 4 routing must be enabled in the IP v 4 Inter face page. - Sx 500— W[...]

  • Страница 19

    Getting Started W indow Na viga tion 8 Cisco Small Busines s 200 , 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1 Window Na viga tion This se ction describ es the f eatures of the web- base d switch configuratio n utility. Applic a tion Header The Application Header a ppears on ev ery page. It provides the f ollowing [...]

  • Страница 20

    Get ting Star te d W indow Naviga tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion ) 9 1 Language Menu This menu provides the f ollowing options : • Sele ct a language: Sele ct one of the languages that appear in the menu. This language will be the web - base d configu ration utilit y lan[...]

  • Страница 21

    Getting Started W indow Na viga tion 10 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1 Management But tons The f ollowing table de scrib es the commonly-use d but t ons that appear on various pages in the system. But ton Name D es cription Use the pull- down menu to configure the number of e[...]

  • Страница 22

    Get ting Star te d W indow Naviga tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 11 1 Cop y Sett in gs A table typically c ontains one or mor e entries containing configuration s ett ings. Instead of modif ying each entr y individually , it is po ssib le t o modif y one entr y and then c[...]

  • Страница 23

    Getting Started W indow Na viga tion 12 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1[...]

  • Страница 24

    2 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 13 St a tus and St a tistic s This sect ion describ es how to view device statistic s. It covers the f ollowin g t opics: • System Su mmar y • Viewing Ethernet Interfac e s • Viewing Etherlik e St a tistics • Viewing G VRP Statistics ?[...]

  • Страница 25

    Status and Statistics Vi e w in g Et h e r n e t I nt e r fa c e s 14 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 T o displa y Ethernet statistics and/ or s et the refr esh rate: STEP 1 Click Sta tus and Statistics > Interfac e . STEP 2 En te r t h e p a r a me te r s . • Interfac e [...]

  • Страница 26

    Status and Statistic s V iewing E therlike Sta tis tics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 15 2 Viewing Etherlik e St a tistics The Etherlik e page displays statistics per p or t according to the Etherlik e MIB standard definition. The r efresh rate of the inf ormation can be s el[...]

  • Страница 27

    Status and Statistics V iewing G VRP Sta tistics 16 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 • Click View All Interface s Statistics to see all por ts on a single page. Viewing G VRP Sta tistic s The GVRP page displa ys inf ormation regarding GARP VLAN Registration Prot o col (GV R P[...]

  • Страница 28

    Status and Statistic s V iewing 802. 1 X E AP S ta tis tics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 17 2 • Invalid A t tribute V alue —In valid at tribute value err o rs. • Invalid A ttribute Length —Invalid attribute le ngth err ors. • Invalid Even t —In valid events. T o [...]

  • Страница 29

    Status and Statistics V iewing T C AM Utiliz a tion 18 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 • EAP Re que st /ID Frames T ransmit ted —E AP Req/ID frames transmit ted by the por t . • EAP Re que st F rames Transmitte d —E AP Request frames transmit ted by the por t . • Inv[...]

  • Страница 30

    Status and Statistic s Health Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 19 2 • IP v4 Routing - In Use —Numb er of T CAM en tries use d f or IP v4 r outing. - Maximum — N u m b e r o f a v a i l a b l e TC A M e n t r i e s t h a t c a n b e u s e d fo r I P v4 ro ut i n g. • IP v[...]

  • Страница 31

    Status and Statistics Managing RMON 20 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 RMON decreases the traf fic bet ween the manager and the device because the SN MP manager does not have t o poll the device frequently f or inf ormation, and enables the manager t o get time ly status r epo[...]

  • Страница 32

    Status and Statistic s Managing RMON Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 21 2 • Pack ets Rec eived —Number of goo d packets r eceived, including Multicast and Broadcast packets. • B r oa dca st Pa c k et s R ece iv ed —Nu m ber of g ood Br oadca st pa ck ets r eceived . Thi[...]

  • Страница 33

    Status and Statistics Managing RMON 22 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 • Frames of 512 to 1023 By te s —Number of frames , containing 512- 1023 by tes that wer e r ec eived. • Frames of 1024 By te s or More —Number of frames, containing 1024-2000 by t es , and Jum bo F[...]

  • Страница 34

    Status and Statistic s Managing RMON Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 23 2 • Ow n e r —Enter the RMON station or user that requested the RMON inf o rmation. STEP 4 Click Apply . The entr y is added t o the Hist or y Control T able page , and the Running Configuration file is[...]

  • Страница 35

    Status and Statistics Managing RMON 24 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 • Fra g me nt s —Fragments (packets with les s than 64 octets) r eceived, ex clud ing framing bits, but including FC S octets. • Jabbers — T otal number of received packets that wer e longer than 20[...]

  • Страница 36

    Status and Statistic s Managing RMON Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 25 2 - Non e —No action occurs when the alarm goe s off . - Lo g ( E v e n t Lo g T a b l e) —Add a lo g entr y to the E vent L o g table when the alarm is trigger ed. - T rap (S NMP M anager and SY S L O [...]

  • Страница 37

    Status and Statistics Managing RMON 26 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 D efining RMON Alarms RMON alarms pr ovide a mechanism f or s etting thresholds and sampling int er vals to generat e e x ception events on an y counter or an y other SNMP object counter maintained by the a[...]

  • Страница 38

    Status and Statistic s Vi e w L o g Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 27 2 • Rising Event —Select an event t o be per f ormed when a rising event is triggered. E v ents ar e cr eat ed in the E vents page. • Fa lling Threshold —Ent er the value that triggers the falling th[...]

  • Страница 39

    Status and Statistics Vi e w L o g 28 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2[...]

  • Страница 40

    3 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 29 Administra tion: System Lo g This section de scribes the System L o g f eature, which enables the device to generat e multiple independent lo gs . Each log is a set of me ss ages des cribing syst em events. The device generat es the f ollowi[...]

  • Страница 41

    Administration: System Log Setting Syst em L o g Settings 30 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 3 The event severity levels ar e list ed from the highest s everity to the lowest s everity , as f ollows : • Eme r g en cy —Syst em is no t usable. • Aler t —Action is neede d. [...]

  • Страница 42

    Administration: System Lo g Setting Remo te L ogging S ettings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 31 3 • Originator Identifier —Enable s adding an origin identifier to S YSL OG mes sages . The options ar e: - Non e —Do not include the origin identifier in S Y SL OG mes sage [...]

  • Страница 43

    Administration: System Log Setting Remote L ogging S e ttings 32 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 3 NOTE If the Aut o option is selected, the system tak es the source IP addr es s from the IP address defined on the outgoing interface. STEP 3 Click Add . STEP 4 En te r t h e p a r[...]

  • Страница 44

    Administration: System Lo g Vi e w i n g M e m o r y L o g s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 33 3 Viewing Memor y Lo gs The device can write t o the f ollowin g logs: • L og in R AM (cleared during reboot). • L og in Flash memor y (cleared only upon user command) . Y ou can[...]

  • Страница 45

    Administration: System Log V iewing Memory Logs 34 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 3 This page contains the f ollowing fields: • Log Index —L og entr y number . • Log Time — T ime when mes sage was generated. • Sev e ri t y —Even t s eve ri t y . • Desc r ip ti on [...]

  • Страница 46

    4 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 35 Administra tion: F ile Man agement This section de scribe s how syst em files are managed. The f ollowing topics are covered: • System F ile s • Upgrade/B ackup Firm ware/Language • Active Im age • Downlo ad/B ackup Configura tion/Lo[...]

  • Страница 47

    Administration: F ile Managemen t Sys tem F iles 36 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 Configuration files on the device are defined by their ty p e , and contain the set tings and parameter values f o r the device. When a configuration is r ef erenced on the devic e, it is r ef [...]

  • Страница 48

    Administration: File Management Syste m Files Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 37 4 Only the syst em can copy the Star tup Configuration to the Mirr or Configuration. However , you can copy fr om the Mirr or Configuration to other file typ es or t o another device. The option of[...]

  • Страница 49

    Administration: F ile Managemen t Upgrade/Backup Firmw are/Language 38 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 This se ction covers the f ollowing topics: • Upgrade/B ackup Firm ware/Language • Active Im age • D ownload/B ack up Co nfigura tion/Log • Configuration Files Proper[...]

  • Страница 50

    Administration: File Management Upgrade/Backup Firm war e/Language Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 39 4 - Copy image from TFTP /S CP ser ver to mast er , using the Upgrade/ Backup Firmwar e/Language page. - Change the active image, using the Active Image page. - Reboot , using [...]

  • Страница 51

    Administration: F ile Managemen t Upgrade/Backup Firmw are/Language 40 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 • Ba c k u p —Specifies that a c opy of the file type is to be sav ed t o a file on another device. Enter the f ollowing fields : • Fil e Ty p e —Sele ct the destinat[...]

  • Страница 52

    Administration: File Management Upgrade/Backup Firm war e/Language Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 41 4 • Remote SSH S er ver Authentication — T o enable SS H s er ver authentication (which is disable d by default), click Edit . This tak es you t o the SSH S e rver Authenti[...]

  • Страница 53

    Administration: F ile Managemen t Active I mage 42 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 - Link L ocal — The IP v6 address uniquely identifie s hosts on a single network link . A link local addr es s has a pr efix of FE80 , is not routable, and can be use d f or communication only[...]

  • Страница 54

    Administration: File Management Download/B ackup Configur a tion/L og Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 43 4 • Active Im age V ersion Numb er —Displays the firmwar e ve rsion of the active image. • Active Im age After Reb oot —Displa ys the image that is active a fter r e[...]

  • Страница 55

    Administration: F ile Managemen t D ownload/Backup Configura tion/Log 44 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 • C h a n g e Q u e u e s M o d e f r o m 4 t o 8 —Queue-relat e d configurations must be examined and adjust ed t o meet QoS obje ctives with the new Queues mode. See [...]

  • Страница 56

    Administration: File Management Download/B ackup Configur a tion/L og Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 45 4 Select either Downlo ad or Backup as the Sa ve Acti o n . Dow n loa d Sa v e Act i on —Specifies that the file on another device replace s a file type on the device. Ent[...]

  • Страница 57

    Administration: F ile Managemen t D ownload/Backup Configura tion/Log 46 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 • Link L ocal — The IP v6 address uniquely identifie s hosts on a single network link . A link lo cal address has a prefix of FE80 , is not r outable, and can be used f[...]

  • Страница 58

    Administration: File Management Download/B ackup Configur a tion/L og Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 47 4 STEP 4 If you selected via HTTP /HTTPS , enter the paramet ers as described in this st ep. Select the Sa ve Act i o n . If Sa v e Act ion is Download (replacing the file o[...]

  • Страница 59

    Administration: F ile Managemen t D ownload/Backup Configura tion/Log 48 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 SSH Client Authentic a tion —Client authentication can be done in one of the f ollowing ways: • Use S SH Client —Sets permanent S SH us er cr edentials . Click Syste [...]

  • Страница 60

    Administration: File Management Configur a tion Files Proper tie s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 49 4 If Sa v e Act ion is Bac k up (copying a file t o another device), enter the f ollowing fields (in addition t o those fields listed above) : • Sou r ce F ile T ype —S ele[...]

  • Страница 61

    Administration: F ile Managemen t Cop y /Sa ve Con figur at io n 50 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 STEP 2 If r equired, disable Auto Mirror C onfigura tion . This disables the aut omatic creation of mirr or configuration files . When dis abling this f eature, the mirr or conf[...]

  • Страница 62

    Administration: File Management Auto Configura tion via DHCP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 51 4 • If you ar e backing up a configuration file, sele ct one of the f ollowing f ormats f or the b ackup file. - Exclude —Sensitive data is not included in the b ackup file. - En[...]

  • Страница 63

    Administration: F ile Managemen t Auto Configur a tion via DHCP 52 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 Aut o Configura tion via DHCP v 4 is triggered in the f ollowi ng cases : • After r eboot when an IP addres s is allocated or renewed dynamically (using DHCP v 4) . • Upon an[...]

  • Страница 64

    Administration: File Management Auto Configura tion via DHCP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 53 4 Auto C onfigura tion Downlo ad Protoc ol ( TF TP or S CP) The Aut o Configuration download protocol can be configured, as f ollows: • Au to B y Fi l e E x te ns i on —(Default)[...]

  • Страница 65

    Administration: F ile Managemen t Auto Configur a tion via DHCP 54 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 Auto C onfigura tion Proc e s s When the Aut o Configuration proce ss is trigger ed, the f ollowing sequenc e of events occurs : • The DHCP ser ver is acces sed to acquire the [...]

  • Страница 66

    Administration: File Management Auto Configura tion via DHCP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 55 4 • If the inf ormation is available, the TFTP /S CP ser v er is acces se d t o download the file from it. The download proces s is done only if the new configuration filename is d[...]

  • Страница 67

    Administration: F ile Managemen t Auto Configur a tion via DHCP 56 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 ser ver table. This ensures that each de vice has its own r eser ved IP addres s and other r elevant inf ormation. T o configure aut o configuration: STEP 1 Click Adm in ist ra t[...]

  • Страница 68

    Administration: File Management Auto Configura tion via DHCP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 57 4 • IP V e rsion —Select whether an IP v 4 or an IP v6 address is us ed. • IP v 6 Addres s Typ e —Select the IP v6 addres s ty pe (if IP v6 is used) . The options are: - Link[...]

  • Страница 69

    5 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 58 Administrat ion: Stack Man agement This sect ion describ es how stacks are ma naged. It covers the f ollowing topics : • O ver view • Type s of Units in Stack • Stack T op ology • Unit ID As signment • Master S elec tion Proc es s [...]

  • Страница 70

    Administr a tion: Stack Managemen t Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 59 5 An example of eight devices conne ct ed into a stack is shown in the f ollowing : Stack Architecture (Chain T opolo gy) A stack provides the f ollowing b enefits: • Network capacit y can be exp[...]

  • Страница 71

    Administr a tion: Stack Managemen t T ype s of U nits in Stack Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 60 5 Typ e s of Units in St ack A stack consists of a maximum of eight units . A unit in a stack is one of the fo l l o w i n g t y p e s : • Master — The master unit’ s ID must[...]

  • Страница 72

    Administr a tion: Stack Managemen t T ype s of U nits in Stack Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 61 5 Unit LEDs The device has 4 LEDs marked as 1 , 2, 3, 4, which are use d t o display the unit ID of each unit (e.g. on Unit ID 1 , LED 1 is ON and the other LEDs are OFF). T o su p[...]

  • Страница 73

    Administr a tion: Stack Managemen t Stack T opolo gy Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 62 5 Stack T op olo gy T y pes o f S ta ck T o po l og y The units in a stack can be conne ct ed in one of the f ollowing type s of t opologie s: Chain T opolo gy —One stack por t (either lef[...]

  • Страница 74

    Administr a tion: Stack Managemen t Unit ID Assignmen t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 63 5 • Merging t wo stacks into a single stack • Splitt ing the stack • Inser ting other slav e units t o the stack , f or instanc e becaus e the units were pr eviously disconne cted f[...]

  • Страница 75

    Administr a tion: Stack Managemen t Unit ID Assignmen t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 64 5 Duplicate Unit Shut D own The f ollowing shows a case where one of the duplicat e units (aut o-number ed) is re nu m b e re d . Duplicate Unit Renumb ered[...]

  • Страница 76

    Administr a tion: Stack Managemen t Mast er Sele c tion Pr oc ess Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 65 5 The f ollowing shows a case where one of the duplicat e units is r enumbered. The one with the lowe r MAC r etains its unit ID ( see Master Sele ction Proc es s fo r a descrip[...]

  • Страница 77

    Administr a tion: Stack Managemen t Stack Changes Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 66 5 • MAC Addr es s—I f both units ID s ar e the same, the unit with the lowest MAC addr es s is chosen. NOTE F or a stack to operat e, it must ha ve a master unit . A mast er unit is defined[...]

  • Страница 78

    Administr a tion: Stack Managemen t Stack Changes Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 67 5 • One or more duplicat e unit ID s exist . Aut o numbering resolves conflicts and assigns unit ID s . In case of manual numbering, only one unit retains its unit ID and the other(s ) ar e s[...]

  • Страница 79

    Administr a tion: Stack Managemen t Unit F ailure in Stack Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 68 5 The f ollowing shows what happ ens when a user -assigne d, mast er -enable d unit with Unit ID 1 joins a stack that already has a mast er unit with user -assigne d unit ID 1 . The ne[...]

  • Страница 80

    Administr a tion: Stack Managemen t Unit F ailure in Stack Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 69 5 If a unit is inser ted into a running stack , and is selected as a backup unit , the mast er synchroniz es it so that it has an up-to date configuration, and then generates a S YN C [...]

  • Страница 81

    Administr a tion: Stack Managemen t Sof t ware Auto S ynchronization in St ack Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 70 5 Re co nnec ting the Original Master Unit Af ter Failover After failov er , if the original mast er is connected again, the mast er selection pr oc es s is per f o[...]

  • Страница 82

    Administr a tion: Stack Managemen t Stack Unit Mode Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 71 5 • Adva nced Hyb ri d— A de vi c e i n A dv an c e d H yb ri d m o de ca n b e c on ne c ted t o Sx 500 and SG500X /ESW2-550 X devic es to f orm a stack . In this mo de, VRRP and/ or RIP[...]

  • Страница 83

    Administr a tion: Stack Managemen t Stack Unit Mode Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 72 5 C onsistency of St ack Unit Mode s in the St ack All units in the stack must have the same stack unit mode. When the stack is initialized, it runs a topology discover y algorithm that c oll[...]

  • Страница 84

    Administr a tion: Stack Managemen t Stack Unit Mode Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 73 5 Changing the Stack Unit Mo de Change the stack unit mode of a device to r emove it fr om a stack (by changing its stack unit mode to Standalone), or when co nfiguring it to become par t of [...]

  • Страница 85

    Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 74 5 • SG500XG: - Standalone to Native Stacking— Retained only when the unit is f orced t o bec ome the ma st er unit with unit ID = 1 - Native to Advance d Hybrid X G— Retained only when the[...]

  • Страница 86

    Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 75 5 • SG500XG Devic es— Any por ts can be stack or net work . By default the device is standalone. When you con vert a devic e fr om one of the Stacking modes t o Standalone mode, all its stac[...]

  • Страница 87

    Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 76 5 Pairs of Por ts The f ollowing table des cribes the pairs of p or ts that ar e a vailable on the device in the various stack unit modes : P o rt S peeds The spee d of stack por ts can be set m[...]

  • Страница 88

    Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 77 5 Auto Sele c tion of Por t Spe e d Y ou can set the stacking cable t ype to be discover ed automatically when the cable is connected t o the por t (aut o-disc over y is the de fault setting) . [...]

  • Страница 89

    Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 78 5 The f o llowing describ es the po ss ible combinations of cable s typ es and po rt s. Stack Por ts Net work Por ts Conne ctor Typ e S 1 -S2-5G for S G500X / ESW2- 550X and S3-S4 for Sx500 S1 ,[...]

  • Страница 90

    Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 79 5 100Mbs S FP Module MFEBX 1 Not suppor ted Not suppor ted Not suppor t ed Not suppor t ed 100Mbs Not suppor ted Othe r SFPs 1 G Acco r d in g to : Fo rc e d u s e r speed EEPROM speed 1G s p ee[...]

  • Страница 91

    Administr a tion: Stack Managemen t Default Configur a t ion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 80 5 D efault C onfigura tion The f ollowing are the device defaults in the various stacking modes : Interactions With O ther Fe a tures RIP and VRRP ar e not suppor ted in Basic Hybrid[...]

  • Страница 92

    Administr a tion: Stack Managemen t Syst em Mode s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 81 5 • Change the stack mode of a device t o one of the stacking modes , change the unit ID , stack p or ts, and the spee d of the stack p orts of all the devices in a stack . • Change the sy[...]

  • Страница 93

    Administr a tion: Stack Managemen t Syst em Mode s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 82 5 STEP 1 Click Admin ist ra tion > System Mo de and Stack Management . The operational status of a standalone device or a stack is displa yed in the Operational Stat us block : • Stack Un[...]

  • Страница 94

    Administr a tion: Stack Managemen t Syst em Mode s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 83 5 • Model Name —Mo del name of a known and active unit . • Stack C onnec tion 1 —Inf ormation f or the fir st stack connection: - Por t — The t ype of the stack por t that is connect[...]

  • Страница 95

    5 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 57 Administra tion This section describ es how to view syst em inf ormation and configure various options on the device. It covers the f ollowin g t opics: • Dev i ce M ode ls • System Set tings • Cons ole S ettings (Autob aud Rate Sup po[...]

  • Страница 96

    Administration Dev i ce M ode l s 58 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 D evic e Mo dels All models can be fully manage d through the web-base d switch configuration utility. NOTE Each model can be s et to La y er 3 system mode by using the System Mode and Stack Management page. [...]

  • Страница 97

    Admin ist ra ti on Dev ice M od el s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 59 5 SG500 -28P SG500 -28P -K9 28-Port Gigabit PoE Stackable Managed Switch 180W 24 SG500 -52 SG500 -52-K9 52-P or t Gigabit Stackable Managed Switch N/ A N / A SG500 -52MP SG500 -52MP -K9 52-P or t Gigabit Ma[...]

  • Страница 98

    Administration Syst em Settings 60 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 System S et tings The Syst em Summar y page prov ides a grap hic view of the devic e, and displa ys device status, hardwar e inf ormation, firmwar e v ersion inf ormation, general P oE status, and other items. [...]

  • Страница 99

    Admin ist ra ti on Syst em Settings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 61 5 • System Uptime — T ime that has elaps ed since the last reboot . • Current Time —Current syst em time. • Ba se M AC Ad d r ess —Device MAC addr es s. If the system is in stack mode, the base M[...]

  • Страница 100

    Administration Syst em Settings 62 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 • SNMP Ser vice —Displays whether SNMP is enable d/ disable d. • Te l n e t S e r v i c e —Displays whether T elnet is enabled/ disabled. • SSH Se rvice —Displa ys whether SS H is enabled/ disable d[...]

  • Страница 101

    Admin ist ra ti on Cons ole Settings (Autobaud Ra te Suppor t) Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 63 5 - Us e D ef au l t — The default hostname (Syst em Name) of these switches is: switch 123456 , wher e 123456 r epr esents the last three by tes of the device MAC address in hex[...]

  • Страница 102

    Administration Management In terface 64 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 STEP 1 Click Adm in ist ra tion > Con so l e Se t ti n g s . STEP 2 Select one of the f ollowing: • Au to D e te c ti on — The cons ole baud rate is det e cted aut omatically . • Static —Select [...]

  • Страница 103

    Admin ist ra ti on Ti m e S e t t i n g s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 65 5 T o s et the idle se ssion time out f or various t ype s of ses sions: STEP 1 Click Admin ist ra tion > Idle Se s sion Timeout . STEP 2 Sele ct the timeout f or the each s es sion from the corresp[...]

  • Страница 104

    Administration Reb o ot in g t he D evi c e 66 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 There ar e cases when you might pr ef er to set the t ime of the reboot for some time in the futur e. This could happen f or example in one of the f ollowing case s: • Y ou ar e per f orming actio[...]

  • Страница 105

    Admin ist ra ti on Routing R es ource s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 67 5 • Rebo ot to Factor y D efaults —Reboots the device by using the fact or y default configuration. This proces s erase s the Star tup Configuration file and the backup configuration file. The stack [...]

  • Страница 106

    Administration Rou tin g Res ourc e s 68 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 If IP v6 r outing is enabled on the device, the f ollowing table describe s the number of T C AM entries used by the various f eatur es : The Rout er Resources page enables you t o adjust the T CAM alloca[...]

  • Страница 107

    Admin ist ra ti on Routing R es ource s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 69 5 • To t a l —Displays the number of T C AM entries which are curr ently b eing used. • Maximum Entries —Select one of the f ollowing options: - Us e D ef au l t —On Sx 500 the number of T CAM [...]

  • Страница 108

    Administration Health 70 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 STEP 3 Sav e the new set tings by clicking Apply . This checks the f easibilit y of the T CAM allocation. If i t is incorrect , an error mes sage is displayed. If it is correct , the allocation is saved t o the Running C[...]

  • Страница 109

    Admin ist ra ti on Diagno stics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 71 5 T o view t he device health parameters, click St atus and Statistic s > Health . If the device is in Standalone mode , the f ollowing fields ar e display ed: • Fan S t atu s —F an status. The f ollowing[...]

  • Страница 110

    Administration Disc over y - Bonjour 72 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 Dis c over y - B onjour See Bo n jo ur . Dis c over y - LLDP See Configuring LLDP . Dis c over y - CDP See Configuring CDP . Ping Ping is a utility used to t est if a r emot e host can be r eached and t o [...]

  • Страница 111

    Admin ist ra ti on Ping Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 73 5 in this drop-down field. If the Ho st Defi nition field was By IP Address , only the ex isting IP addresse s of the typ e spec ifie d in the IP V ersion field wil l be display ed. NOTE If the A ut o option is selected[...]

  • Страница 112

    Administration T r aceroute 74 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 T rac eroute T raceroute discovers the IP r outes along which packets wer e forwarded by sending an IP packet t o the target host and back t o the device. The T racerout e page shows each hop bet ween the device an[...]

  • Страница 113

    Admin ist ra ti on T raceroute Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 75 5 • TT L —Enter the ma ximum number of hops that T rac er out e permits. This is used to pr ev ent a case wher e the sent frame gets int o an endless lo op. The T rac er oute command t erminates when the dest[...]

  • Страница 114

    Administration T r aceroute 76 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5[...]

  • Страница 115

    Admin ist ra ti on T raceroute Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 77 5[...]

  • Страница 116

    Administration T r aceroute 78 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5[...]

  • Страница 117

    Admin ist ra ti on T raceroute Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 79 5[...]

  • Страница 118

    Administration T r aceroute 80 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5[...]

  • Страница 119

    Admin ist ra ti on T raceroute Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 81 5[...]

  • Страница 120

    Administration T r aceroute 82 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5[...]

  • Страница 121

    Admin ist ra ti on T raceroute Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 83 5[...]

  • Страница 122

    6 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 72 Administra tion: Time S et tings Synchr onized syst em clocks provide a frame of ref erence betw een all devices on the network . Network time synchronization is critical because ever y aspe ct of managing, se curing, planning, and debugging[...]

  • Страница 123

    Administ ra tion: Time Set tings Syst em T ime Options Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 73 6 System Time Options Syst em time can be se t manually by the user , d ynamically from an SNTP ser ver , or synchroniz ed from the PC running the GUI. If an S NTP ser ver is chose n, the [...]

  • Страница 124

    Administration: Time Settings SNTP Mo des 74 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 Time Zone and Daylight Savings Time (DST ) The T ime Z one and D ST can be set on the device in the f ollowing ways: • Dynamic configuration of the devic e thro ugh a DHCP ser ver , where: - Dynamic[...]

  • Страница 125

    Administ ra tion: Time Set tings Configuring Sys t em T ime Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 75 6 C onfiguring System Time S elec ting S ource of System Time Use the System T ime page to select t he syst em time source. If the source is manual, you can ent er the time here. ! CA[...]

  • Страница 126

    Administration: Time Settings Configuring Syst em T ime 76 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 Manual Set tings —S et the date and time manually . The local time is used when there is no alt ernate sour ce of time, such as an SNTP s er ver : • Date —Ent er the system dat e. [...]

  • Страница 127

    Administ ra tion: Time Set tings Configuring Sys t em T ime Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 77 6 - Fro m —Day and time that DST start s. - To —Day and ti me that DST ends. Selecting Recurring allows diff er ent cust omization of the start and stop of DS T : • Fro m —Dat[...]

  • Страница 128

    Administration: Time Settings Configuring Syst em T ime 78 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 • IP v4 S ource Inter face —S elect the IP v 4 int er face whose IP v 4 addr es s will be us ed as the source IP v 4 ad dr es s in mes sages used f or communication with the SNTP s e[...]

  • Страница 129

    Administ ra tion: Time Set tings Configuring Sys t em T ime Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 79 6 • Sou rce —How SNTP s er ver was defined, f or e xample : manually or from DHCP v6 ser ver . • Interfac e —Inter face on which pack ets ar e r eceived. STEP 3 T o add a Unic[...]

  • Страница 130

    Administration: Time Settings Configuring Syst em T ime 80 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 is a secondar y ser ver , and so f orth. If the primar y s er ver is down, the device polls all s er vers with the polling set ting enable d, and select s a new primar y ser ver with the[...]

  • Страница 131

    Administ ra tion: Time Set tings Configuring Sys t em T ime Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 81 6 Select an interfac e and select the reception/transmis sion options. STEP 4 Click Apply to sav e the set tings t o the Running Configuration file. D efining SNTP Authentication SNTP[...]

  • Страница 132

    Administration: Time Settings Configuring Syst em T ime 82 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 • Authentication K ey —Enter the ke y use d f or aut hentication (up to eight characters ) . The S NTP ser ver must send this k ey f or the devic e t o synchroniz e t o it . • T ru[...]

  • Страница 133

    Administ ra tion: Time Set tings Configuring Sys t em T ime Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 83 6 of the network is blo ck ed (see Chapter 9 , “C onfiguring Por t s ” and Chapter 9 , “Configuring L AG Set tings” ) • Limit PoE operation to a specifie d period. Abs olute[...]

  • Страница 134

    Administration: Time Settings Configuring Syst em T ime 84 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 STEP 3 T o add a new recurring time range, click Add . STEP 4 Enter the f oll owing fiel ds: • Rec ur rin g St ar t ing T i me —Ent er the date and time that the T ime Range begins o[...]

  • Страница 135

    7 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 85 Administra tion: Diagno stic s This section c ontains inf ormation f or configuring por t mirroring, running cable tests, and viewing device op erational inf ormation. It covers the f ollowin g t opics: • T e sting Copp er Por ts • Displ[...]

  • Страница 136

    Administration: Diagnostics Te s t i n g C o p p e r P o r t s 86 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 7 • (Optional) Disable EEE (see the Port Management > Green Ethernet > Pr oper ties page) Use a CA T5 data cable when t esting cables using ( VCT ) . Accuracy of the test r [...]

  • Страница 137

    Administration: Diagno stic s Displaying Op tical Mo dule Sta tus Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 87 7 I f t h e p o r t b e i n g te s te d is a G i g a p o r t , t h e Advanced Inf ormation block contains the f ollowing information, which is r efr eshed each time you enter th[...]

  • Страница 138

    Administration: Diagnostics Displa ying Optical Module Sta tus 88 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 7 • MGBLH 1 : 1000BA SE-LH S FP transc eiver , f or single-mo de fiber , 1310 nm wav elength, suppor ts up to 40 km. • MGBLX 1 : 1000BA S E-LX SFP transceiver , f or single-mo d[...]

  • Страница 139

    Administration: Diagno stic s Configuring P or t and VL AN Mirroring Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 89 7 C onfiguring Por t and VL AN Mirroring Po r t mirroring is used on a network devic e t o send a copy of network packets seen on one device po r t , multiple device por ts ,[...]

  • Страница 140

    Administration: Diagnostics V iewing CP U Utiliz a tion and Secure Core T echnolo gy 90 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 7 - Active —B oth source and destination inter faces are up and f orwarding traffic. - Not R ea d y —Either s our ce or destination (or both) ar e down or [...]

  • Страница 141

    Administration: Diagno stic s V iewing CPU Utiliz ation and S ecure Core T e chnolo gy Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 91 7 Excessive traf fic bur dens the CPU , and might prev ent normal device operation. The device uses the S ecure Cor e T e chnology (SCT ) f eature t o ensur[...]

  • Страница 142

    8 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 92 Administra tion: Dis c over y This sect ion pr ovides inf ormation f or configuring Dis cover y . It covers the f ollowin g t opics: • Bo n jo ur • LLDP and CDP • Configuring LLDP • Con fig u r i n g C D P Bo n j o u r As a Bonjour c[...]

  • Страница 143

    Administration: Disc over y Bon jo ur Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 93 8 When Bonjour Discover y is disable d, the device st ops any ser vice typ e adver tisements and does not respond to r equests f or ser vic e fr om network management applications. T o glob ally enable Bon[...]

  • Страница 144

    Administration: Discovery LLDP and CDP 94 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 STEP 3 Click Apply to updat e the Running Configuration file. STEP 4 T o enable Bonjour on an interface, click Add. STEP 5 Select the inter face, and click Apply . NOTE Click Del ete t o disable Bonjour [...]

  • Страница 145

    Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 95 8 • CDP and LLDP end devices, such as IP phones, learn the voice VL AN configuration from CDP and LLDP adv er tisements . By default , the device is enabled to send out CDP and LLDP adv er tisemen[...]

  • Страница 146

    Administration: Discovery Configuring LLDP 96 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Displaying LLD P Loc al Information • Displa ying LLDP Neighbors Informa tion • Access i n g L LD P S t a tis tic s • LLDP O verloading LLDP O ver view LLDP is a pr otocol that enables net [...]

  • Страница 147

    Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 97 8 4. A s sociate LLDP MED netw ork policies and the optional LLDP- MED TL Vs t o the desired int er faces by using the LLDP MED Port Set tings page. 5. If Auto Smartp ort is to detect the capa bilit[...]

  • Страница 148

    Administration: Discovery Configuring LLDP 98 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Chassis ID Adver tisement —Select one of the f ollowing options f or advertis ement in the LLDP mes sage s: - MAC Address —Adver tise the MAC address of the device. - Host Name —Adver tise [...]

  • Страница 149

    Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 99 8 • SNMP Notification —Select En able to send notifications t o SNMP notification recipients; f or example, an SNMP managing system, when ther e is a topology change. The time inter val bet ween[...]

  • Страница 150

    Administration: Discovery Configuring LLDP 100 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 - Auto Adver tis e —Spe cifies that the sof tware would aut omatically choos e a management ad dr es s to adv er t ise from all the IP addr es ses of the product . In case of multiple IP address e[...]

  • Страница 151

    Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 101 8 Set ting LLDP MED Net work Policy An LLDP -MED net work policy is a relat e d set of configuration s ettings fo r a specific real-time application such as vo ice, or vide o. A network policy , if[...]

  • Страница 152

    Administration: Discovery Configuring LLDP 102 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • VL AN T ag —S elect whether the traffic is T agge d or Untagged. • User Priorit y —Select the traffic priorit y applied to traffic defined by this network p olicy . This is the C oS value.[...]

  • Страница 153

    Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 103 8 • SNMP Notification —Sele ct whether S NMP notification is sent on a per -por t basis when an end station that suppor ts MED is discovered; f or example a SNMP managing system, when ther e is[...]

  • Страница 154

    Administration: Discovery Configuring LLDP 104 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 LL D P P o r t S tat u s Gl ob al In fo r m ati o n • Chas sis ID Subt ype — T ype of chas sis ID (f or e xample, MAC addr ess). • Chassis ID —Identifier of chassis . Wher e the chassis ID s[...]

  • Страница 155

    Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 105 8 Click LLDP L ocal Inf ormation Details to see the details of the LLDP and LLDP MED TL V s sent to the neighbor . Click LLDP Neighbor Inf ormation Details to see the details of the LLDP and LLDP -[...]

  • Страница 156

    Administration: Discovery Configuring LLDP 106 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 MA C/PHY Details • Auto-Negoti ation Suppor ted —Por t spee d auto-negotiation suppor t status . • Auto-Ne gotiation Enabled —P ort s peed a ut o-n ego ti at io n a ct iv e sta tu s. • Aut[...]

  • Страница 157

    Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 107 8 • Current Capabilitie s —MED capabilities enabled on the p or t . • Dev ice C l a ss —LLDP -MED endp oint device class . The pos sible device class es are: - Endpoint Clas s 1 —Indicate[...]

  • Страница 158

    Administration: Discovery Configuring LLDP 108 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • VL AN Typ e — VLAN t ype for which the network policy is define d. The po ssible field value s ar e: - Ta g g e d —Indicates the network policy is define d f o r tagged VL ANs . - Untagged ?[...]

  • Страница 159

    Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 109 8 The LLDP Neighbor Inf ormation page contains the f o llowing fields: Por t Details • Lo ca l Por t —P or t number . • MSAP Entr y —Device Media S er vice Acc es s P oint (MSAP) entr y num[...]

  • Страница 160

    Administration: Discovery Configuring LLDP 110 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Auto-Ne gotiation Enabled —Por t spe ed auto-negotiation active status. The pos sible values are T rue and F alse. • Auto-Ne gotiation Adver tise d Cap abilities —Por t spee d aut o-negoti[...]

  • Страница 161

    Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 111 8 • Remote R x —Indicates the time (in micro seconds) that the r eceiving link par tner requests that the transmitting link par tner waits befor e transmis sion of data f ollowing L ow P ower I[...]

  • Страница 162

    Administration: Discovery Configuring LLDP 112 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 802. 1 VL AN and Protocol • PVI D —Adv ertise d por t VL AN ID . PPVID T able • VID —Pro tocol VLAN ID . • Suppor ted —Supp or ted P ort and Prot ocol VL AN IDs . • Enable d —En ab l[...]

  • Страница 163

    Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 113 8 Access i n g L L D P S ta t i s t i cs The LLDP Statistics page displays LLDP statistica l inf o rmation per p or t . T o view the LLDP statistics: STEP 1 Click Admin ist ra tion > Disc over y[...]

  • Страница 164

    Administration: Discovery Configuring LLDP 114 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 T o view LLDP overloading inf ormation: STEP 1 Click Adm in ist ra tion > Disc over y - LLDP > LLDP O verlo ading . This page contains the f ollowing fields f or each por t : • Interfac e ?[...]

  • Страница 165

    Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 115 8 - Status —If the LLDP MED extended p ower via MDI packets were sent , or if they were overloade d. • 802.3 TL Vs - Size (Bytes) — T otal LLDP MED 802.3 TL V s packets byte size. - Status —[...]

  • Страница 166

    Administration: Discovery Configuring CDP 116 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 S et ting CDP Proper tie s Similar to LLDP , CDP (Cisco Discover y Protoc ol) is a link la yer pr ot ocol f or dir ectly conne ct ed neighbors to adv er tise themselve s and their capabilities t o ea[...]

  • Страница 167

    Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 117 8 • CDP V e rsion —Select the version of CDP t o use. • CDP Hold Time —Amount of time that CDP packets are held befor e the packets ar e discarded, measured in multiples of the TL V Adver ti[...]

  • Страница 168

    Administration: Discovery Configuring CDP 118 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Syslo g Duplex Misma tch —Check to send a SY S L OG mes sage when duplex inf ormation is mismatched. This means that the dupl e x inf orm ation in the incoming frame do es not match what the lo[...]

  • Страница 169

    Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 119 8 This page provides the f ollowing fields : • Interfac e —Sele ct the interface to be defined. • CDP Status —Select t o enable/ dis able the CDP publis hing option f or the port . NOTE The [...]

  • Страница 170

    Administration: Discovery Configuring CDP 120 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Syste m Na me T L V - Sys te m N am e — S ystem name of the device. • Address TL V - Addres s 1 -3— IP addres ses (adver tised in the devic e address TL V ) . • Por t T L V - Por t ID —[...]

  • Страница 171

    Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 121 8 • CoS f or Untr ust ed Ports TL V - CoS for Untruste d Por ts —If Ex tended T rust is disable d on the por t , this fields displa ys the Layer 2 CoS v alue, meaning, an 802. 1 D/802. 1 p prior[...]

  • Страница 172

    Administration: Discovery Configuring CDP 122 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Sys te m N am e —Neighbors system name. • Loc al Inter face —Numb er of the local por t to which the neighbor is conne ct ed. • Adver tis ement V ersion —CDP prot o col version. • Tim[...]

  • Страница 173

    Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 123 8 NOTE Clicking on the Clear T able but ton disconnect all c onnected devices if from CDP , and if Aut o Smartp or t is enabled change all por t t ype s t o default . Viewing CDP Statistics The CDP [...]

  • Страница 174

    Administration: Discovery Configuring CDP 124 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8[...]

  • Страница 175

    Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 125 8[...]

  • Страница 176

    9 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 124 Por t Management This section de scribe s por t configurat ion, link aggregation, and the Green Ethernet f eature. It covers the f ollowin g t opics: • Con fig u r i n g P o rts • Set ting Por t Configuration • Link Aggregation • UD[...]

  • Страница 177

    Por t Management Setting Por t C onfigur a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 125 9 7 . If PoE is suppor ted and enabled f or the device, configure the device as descr ibed in Por t Management: PoE . S et ting Por t C onfigura tion Po r ts can be configured in the f ollowing [...]

  • Страница 178

    Port Management Setting Por t Configura tion 126 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 - Combo F iber — S FP Fiber G igabit I nter face Conver ter Por t with the f ollowing value s: 100M and 1000M (typ e: C omboF ). - 10G-Fiber Optics—Ports with sp eed of either 1G or 10G. NOTE [...]

  • Страница 179

    Por t Management Setting Por t C onfigur a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 127 9 • Administrative Duplex Mode —Select the p or t duplex mode. This field is configurable only when aut o-negotiation is disabled, and the p or t spee d is s e t to 1 0 M o r 1 0 0 M . A t p[...]

  • Страница 180

    Port Management Setting Por t Configura tion 128 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 - MDI —Sele ct to connect this device to a station by using a straight through cable. - Auto —Select t o configure this device to aut omatically detect the correct pinouts f or the c onnection[...]

  • Страница 181

    Por t Management Link Aggrega tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 129 9 • Por t Se curit y —Select to enable the err or recover y mechanism for the port securit y err -disable state. • 802. 1 x Single Ho st Viola tion —Select to enable err or r ecover y me chanism f or[...]

  • Страница 182

    Port Management Link Aggr egation 130 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 Link Aggregation O ver view Link Aggr egation Control Prot o col (L ACP) is part of the IEEE spe cification ( 802.3az) that enables you to bundle several physical ports together to f orm a single lo gical ch[...]

  • Страница 183

    Por t Management Link Aggrega tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 131 9 Ev er y LAG has the f ollowing charact eristics : • All por ts in a LAG must be of the s ame media t ype. • T o add a p or t t o the LAG, it cannot be long to any VLAN ex cept the default VL AN. • Po[...]

  • Страница 184

    Port Management Link Aggr egation 132 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 T o configure a dynamic LAG, per f orm the f ollowing actions : 1. E n a b l e L A C P o n t h e L A G . A s s i g n u p t o 1 6 c a n d i d a t e s p o r t s t o t h e d y n a m i c L A G by sele cting and [...]

  • Страница 185

    Por t Management Link Aggrega tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 133 9 • Unit /Slot— Displays the stacking member f or which L AG inf ormation is defined. • Por t List —Move those por ts that ar e t o be assigne d t o the LAG from the Por t List to th e LA G M em be r[...]

  • Страница 186

    Port Management Link Aggr egation 134 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 • Re activate Suspende d L AG —Select t o r eactivat e a p ort if the L AG has been dis abled through the lock ed por t se curit y option or thr ough A CL configurations . • Administrative Auto Negoti [...]

  • Страница 187

    Por t Management Link Aggrega tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 135 9 C onfiguring LA C P A dynamic LAG is LACP -enabled, and LACP is run on ever y candidate por t defined in the L AG. L ACP Priorit y and Rule s LACP system priority and L ACP por t priority are both used to [...]

  • Страница 188

    Port Management Link Aggr egation 136 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 However , ther e are cases when one link par tner is temporarily not configured f or LACP . One example f or such case is when the link par tner is on a device, which is in the process of r eceiving its c on[...]

  • Страница 189

    Por t Management UDLD Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 137 9 STEP 5 Click Apply . The Running Configuration file is updated. UDLD See Por t Management : Unidirection al Link Dete ction . PoE See Por t Management : PoE . C onfiguring Green Ethernet This section de scribe s the Gr[...]

  • Страница 190

    Port Management Configuring Gr een Etherne t 138 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 operational mode is fast , transparent , and no frames are lost . This mode is suppor ted on both GE and FE por ts . • Shor t-Reach Mo de — This f eatur e pr ovides f or power savings on a sho[...]

  • Страница 191

    Por t Management Configuring Gr een Etherne t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 139 9 Power Saving by Dis abling Por t LEDs The Dis able Port LED s f eature allows the us er t o sav e extra power consumed by device LEDs . Since most of the time the devices are in an unoccupied r [...]

  • Страница 192

    Port Management Configuring Gr een Etherne t 140 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 LLDP is use d t o select the optimal s et of paramet ers f or b oth devices . If LLDP is not suppor ted by the link par tner , or is disabled , 802.3az EEE still be operational, but it might not b[...]

  • Страница 193

    Por t Management Configuring Gr een Etherne t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 141 9 Default Configuration By default, 802.3az EEE and EEE LLDP are enabled globally and per por t . I nteractions Bet w een Fea tures The f ollowing de scribe 802.3az EEE interactions with other f e[...]

  • Страница 194

    Port Management Configuring Gr een Etherne t 142 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 STEP 4 T o s ee 802.3 EEE-r elat ed inf ormation on the local device, open the Administration > Disc over y LLDP >LLDP Local Inf ormation page, and view the inf ormation in the 802.3 Energy [...]

  • Страница 195

    Por t Management Configuring Gr een Etherne t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 143 9 STEP 3 Click Apply . The Gr een Ethernet Proper ties ar e written t o the Running Configuration file. S et ting Green Ethernet Proper ties for Por ts The P or t Set tings page displa ys the curr[...]

  • Страница 196

    Port Management Configuring Gr een Etherne t 144 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 NOTE Shor t -r each mode is only suppor ted on RJ45 GE por ts; it doe s not apply t o Combo por ts . • 802.3 Energy Ef ficient Ethernet (EEE)— Stat e of the por t regar ding the EEE fe a t u r[...]

  • Страница 197

    Por t Management Configuring Gr een Etherne t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 145 9[...]

  • Страница 198

    10 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 146 Por t Management : Unidire ction al Link D ete c tion This sect ion describ es how the Unidirectional Link D etection (UDLD) f eature. It covers the f ollowin g t opics: • UDLD O ver view • UDLD Operation • Usage Guideline s • De p[...]

  • Страница 199

    Por t Management: Unidire ctional Link Dete ction UDLD Op er a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 147 10 All connected device s must suppor t UDLD f or the prot o col to succes sfully detect unidir ectional links . If only the local device suppor ts UDLD, it is not pos sible [...]

  • Страница 200

    Port Management: Unidirectional Link Detection UDLD Opera tion 148 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 10 UDLD is enabled on a por t when one of the f ollowing occurs : • The por t is a fiber por t and UDLD is enabled globally . • The por t is a copper por t and you specifically[...]

  • Страница 201

    Por t Management: Unidire ctional Link Dete ction UDLD Op er a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 149 10 If an interface is down and UDLD is enable d, the device removes all neighbor inf ormation and sends at least one ULDL message to the neighbors inf orming them that the po[...]

  • Страница 202

    Port Management: Unidirectional Link Detection Usage Guideline s 150 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 10 UDLD again begins running on the p or t . If the link is still un idir ectional, UDLD shuts it down again after the UDLD e xpiration time e xpir es , f or instanc e. • Manua[...]

  • Страница 203

    Por t Management: Unidire ctional Link Dete ction Default Settings and Configur a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 151 10 • UDLD and La yer 2 Pr ot ocols UDLD runs on a por t independently from other La yer 2 pr otocols running on the same por t , such as S TP or LACP . F[...]

  • Страница 204

    Port Management: Unidirectional Link Detection Configuring UDLD 152 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 10 STEP 2 Click Apply Wor k fl ow 2 : T o ch ange the UDLD configurat io n of a fiber p or t or to enable UDLD on a copper p or t, p er form the f ollow ing steps : STEP 1 Open th[...]

  • Страница 205

    Por t Management: Unidire ctional Link Dete ction Configuring UDLD Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 153 10 • Fiber Port UDLD D efault State — This field is only relevant f or fib er por ts. The UDLD stat e of copper por ts must b e set individually in the UDLD Int er face Se[...]

  • Страница 206

    Port Management: Unidirectional Link Detection Configuring UDLD 154 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 10 determination (if there was one), or since UDLD began running on the por t , so that the state is not y et dete rmined. - Bid ire ct io nal — T raf fic sent by the lo cal dev[...]

  • Страница 207

    Por t Management: Unidire ctional Link Dete ction Configuring UDLD Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 155 10 • State —State of the link betwe en the local and neighboring device on the local po r t . The f ollowing val ues ar e pos sible : - Detect ion — The latest UDLD stat[...]

  • Страница 208

    11 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 156 Smar tp or t This document de scribe s the Smar tp or ts f eature. It contains the f ollowing t opics : • O ver view • What is a Smar tp or t • Smar tp or t Typ es • Smar tp or t Macro s • Macro F ailure and the Rese t Operation [...]

  • Страница 209

    Smar tp or t Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 157 11 Ov e rv i e w The Smar tpor t f eatur e pr ovides a convenient wa y t o sa ve and shar e common configurations . By applying the same Smar tpor t macro to multiple int er fac es , the int erface s shar e a common set[...]

  • Страница 210

    Smartport Wha t is a Smar tp or t 158 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 Wha t is a Smar tp or t A Smar tpor t is an inter face to which a built -in (or user -define d) macro ma y be applied. Thes e macr os are designed to pr ovide a means of quickly configuri ng the device to s[...]

  • Страница 211

    Smar tp or t Smar tpor t T yp es Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 159 11 • Statically fro m a Smar tpor t macro by name only from the CLI. A Smar tpor t macro can be applied by its Smar tpor t typ e statically fr om CLI and GUI, and dynamically by Auto Smartpor t . Aut o Smar [...]

  • Страница 212

    Smartport Smar tp or t Macros 160 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 If Aut o Smar tpor t assigns a Smar tp ort t ype to an interface and the interface is not configured to be Aut o Smar tp or t P ersistent, then its Smar tp or t typ e is re-initializ ed to Default in the f ollo[...]

  • Страница 213

    Smar tp or t Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 161 11 There ar e t wo t ypes of Smar tp or t macr os : • Built-In — The se ar e macr os provided by the syst em. One macr o applies the configuration pro file and the other r emoves it . The macro names of the[...]

  • Страница 214

    Smartport Macro F ailure and the Reset Opera tion 162 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 - Else the c orresponding anti-macro is applied and the interface s status is set t o Def au lt. Macro F ailure and the Res e t Op era tion A Smar tport macro might f ail if ther e is a conf[...]

  • Страница 215

    Smar tp or t Auto Smartp or t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 163 11 Ther e are two ways t o apply a Smar tpor t macro by Smartp ort t ype to an interface : • Static Smar tpor t Y ou manually assign a Smartp ort t ype to an int erface. The corresponding Smar tpor t macro is a[...]

  • Страница 216

    Smartport Auto Smar tpor t 164 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 • Enable d — This manually enabl es Auto Smar tpor t and places it into operation immediately . • Enable by Auto V oice VL AN — This enable s Aut o Smartp or t t o operate if Aut o V oice VLAN is enabled a[...]

  • Страница 217

    Smar tp or t Auto Smartp or t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 165 11 SR Bridge 0x04 Ignore Switch 0x08 Switch Host 0x 10 Host IGMP conditional filt ering 0x20 Ignore Repeat er 0x 40 Ignore V oIP Phone 0x80 ip_phone Remot ely-Managed Device 0x 100 Ignore CAST P hone P or t 0x200[...]

  • Страница 218

    Smartport Auto Smar tpor t 166 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 NOTE If only the IP Phone and Host bits ar e set , then the Smar tpor t t ype is ip_phone_desktop. Multiple D evice s At tache d to the Por t The device derives the Smartpor t t ype of a connected device via the c[...]

  • Страница 219

    Smar tp or t Er ror H an d li n g Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 167 11 Pe rsiste nt status of an interface is disabled, the interface reverts to the default Smar tpor t typ e when the attaching devic e to it ages out , the int erfac e goes down, or the device is r ebooted. En[...]

  • Страница 220

    Smartport Rela tionship s with Other Fea tur es and Back wards Compa tibility 168 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 Rela tionships with O ther Featur e s and B ack wards C omp a tibilit y Aut o Smartp or t is enabled by default and ma y be disable d. T elephony OUI cannot funct[...]

  • Страница 221

    Smar tp or t Common Smar tp or t T asks Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 169 11 W ork flow2: T o configure an in ter face a s a static Smar tpor t , per f orm the fol lo wing steps : STEP 1 T o enable the Smar tpor t featur e on the inter face, open the Smar tpor t > Interfac[...]

  • Страница 222

    Smartport Configuring Smar tp or t Using The W eb -bas ed Interface 170 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 W ork flow4: T o rerun a Smar tp or t macro after it has failed, p er form the fol l ow in g st e p s : STEP 1 In the Int er face Settings page, sele ct an int erfac e with[...]

  • Страница 223

    Smar tp or t Configuring Smartp or t Using The Web-b ase d In terfac e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 171 11 Smar tpor t Prop er tie s T o c onfigur e the Smartp or t f eature globally : STEP 1 Click Smar tp or t > Prop er ties . STEP 2 Enter the parameters. • Administrat[...]

  • Страница 224

    Smartport Configuring Smar tp or t Using The W eb -bas ed Interface 172 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 Smar tpor t Typ e S et tings Use the Smar tpor t T ype Set tings page to edit the Smar tpor t T ype s ettings and view the Macro Sour ce. By default , each Smar tpor t t yp[...]

  • Страница 225

    Smar tp or t Configuring Smartp or t Using The Web-b ase d In terfac e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 173 11 • Macro P aramet ers —Displays the f ollowing fields f or three parameters in the macro: - Parameter Name —Name of paramet er in macro . - Parameter Value —Curr[...]

  • Страница 226

    Smartport Configuring Smar tp or t Using The W eb -bas ed Interface 174 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 since the last macro application. Y ou hav e t o be familiar with the current configurations on the device and the de finition of the macro to det ermine if a reapplication[...]

  • Страница 227

    Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 175 11 STEP 1 Select a n int er face and click Edit . STEP 2 Enter the fields. • Interfac e —Sele ct the por t or LAG. • Smar tp or t Type —Displays the Smartp or t type currently assigned to the p[...]

  • Страница 228

    Smartport Built-in Smar tpor t Macros 176 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 Macr o code fo r the f ollowing Smar tpor t typ es are pr ovide d: • desktop • printer • guest • serve r • ho st • ip_camera • ip_phone • ip_phone_desktop • switch • rou ter • ap d[...]

  • Страница 229

    Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 177 11 # @ no_desktop [no_desktop] #macro description No Desktop # no smartport switchport trunk nati ve vlan smartport switchport trunk allowed vlan remove all # no port security no port security mode no [...]

  • Страница 230

    Smartport Built-in Smar tpor t Macros 178 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 no_printer [no_printer] #macro description No printer # no switchport access vlan no switchport mode # no port security no port security mode # no smartport storm-control broadcast e nable no smartport [...]

  • Страница 231

    Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 179 11 [no_guest] #macro description No guest # no switchport access vlan no switchport mode # no port security no port security mode # no smartport storm-control broadca st enable no smartport storm-contr[...]

  • Страница 232

    Smartport Built-in Smar tpor t Macros 180 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 # no smartport switchport trunk native v lan smartport switchport trunk allowed vla n remove all # no port security no port security mode no port security max # no smartport storm-control broadcast e na[...]

  • Страница 233

    Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 181 11 no smartport switchport trunk nati ve vlan smartport switchport trunk allowed vlan remove all # no port security no port security mode no port security max # no smartport storm-control broadca st en[...]

  • Страница 234

    Smartport Built-in Smar tpor t Macros 182 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 no port security mode # no smartport storm-control broadcast e nable no smartport storm-control broadcast l evel no smartport storm-control include-mul ticast # spanning-tree portfast auto # @ ip_phone [...]

  • Страница 235

    Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 183 11 #$voice_vlan = 1 # smartport switchport trunk allowed vlan remove $voice_vlan no smartport switchport trunk nati ve vlan smartport switchport trunk allowed vlan remove all # no port security no port[...]

  • Страница 236

    Smartport Built-in Smar tpor t Macros 184 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 [no_ip_phone_desktop] #macro description no ip_phone_desktop #macro keywords $voice_vlan # #macro key description: $voice_vlan: The voice VLAN ID # #Default Values are #$voice_vlan = 1 # smartport switc[...]

  • Страница 237

    Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 185 11 # #macro key description: $voice_v lan: The voice VLAN ID # no smartport switchport trunk nati ve vlan smartport switchport trunk allowed vlan remove all # no spanning-tree link-type # @ router [rou[...]

  • Страница 238

    Smartport Built-in Smar tpor t Macros 186 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 # no smartport storm-co ntrol broadcast enable no smartport storm-co ntrol broadcast level # no spanning-tree link-type # @ ap [ap] #macro description ap #macro keywords $native_vlan $voice_vl an # #mac[...]

  • Страница 239

    12 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 187 Por t Management : PoE The P ower over Ethernet (P oE) f eature is only a vailable on PoE-base d devices . F or a list of Po E-base d devices , ref er to the De v ice M od e l s sect io n. This section de scribes how to use the P oE f eatu[...]

  • Страница 240

    Port Management: PoE PoE o n t h e D e v ic e 188 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 12 Power ov er Ethernet can be used in any ent erprise net work that deploys r elatively low-powered device s connected to the Ethernet LAN, such as : • IP phones • W i r eless a cce ss p oi n [...]

  • Страница 241

    Por t Management : PoE PoE on t he D e vi c e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 189 12 Y ou can decide the f ollowing: • Maximum power a PS E is allowed to supply to a PD • During device operation, to change the mode from Class Power Limit t o Port Limit and vice versa. The p[...]

  • Страница 242

    Port Management: PoE Configuring PoE Pr op er tie s 190 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 12 a P oE device acting as a PSE may mistakenly det e ct and supply power to an attaching PS E , including other PoE swit ches, as a legacy PD . Ev en though Sx200/300/500 P oE switches are P[...]

  • Страница 243

    Por t Management : PoE Configuring P oE Settings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 191 12 • Tr a p s —Enable or disable traps. If traps are enab led, you must also enable SNMP and co nfigur e at least one SNMP Notification Recipient . • Pow e r T r a p T h re sh o ld —Ent[...]

  • Страница 244

    Port Management: PoE Configuring PoE Settings 192 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 12 • Class Limit : Power is limit e d based on the clas s of the c onnect ed PD . F or thes e sett ings t o be active, the syst em must be in PoE Class Limit mode. That mode is configured in the [...]

  • Страница 245

    Por t Management : PoE Configuring P oE Settings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 193 12 • Administrative P ower Allo cation — This field app ears only if the Power Mode set in the PoE Pr oper ties page is Port Limit . If the Power mode is Power Limit , enter the power in mi[...]

  • Страница 246

    Port Management: PoE Configuring PoE Settings 194 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 12[...]

  • Страница 247

    13 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 195 VL AN Man agement This section c overs the f ollowing topics: • VL ANs • Configuring D e fault VL AN S ettings • Creating VL ANs • Configuring VL AN Interface S et tings • Defi nin g VLAN M em be rs hip • GVR P S et ti ng s •[...]

  • Страница 248

    VLAN Management VL ANs 196 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 VL AN Des cription Each VLAN is co nfigur ed with a unique VI D ( VL AN ID) with a value fr om 1 t o 4094. A por t on a device i n a bridged networ k is a member o f a VLAN if it can se nd data to and r e ceive data f[...]

  • Страница 249

    VL AN Management VL ANs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 197 13 VL AN Roles VLANs function at Layer 2. All VLAN traf fic (Unicast /Broadcast /Multicast) remains within its VLAN. D evices at tached to diff er ent VLANs do not have dir ect connectivit y t o each other over the Eth[...]

  • Страница 250

    VLAN Management VL ANs 198 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 Cust omer traffic is encapsulated with an S-tag with TPID 0x8100, r egar dles s of whether it was originally c-tagged or untagge d. The S-tag allows this traffic to be treat ed as an aggregat e within a pr ovider brid[...]

  • Страница 251

    VL AN Management Configuring Def ault VL AN S ettings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 199 13 C onfiguring D efault VL AN S et tings When using fact or y default settings , the device automatically creat es VLAN 1 as the default VLAN, th e default int er face status of all p ort[...]

  • Страница 252

    VLAN Management Crea tin g VL ANs 200 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 • De fault VL AN ID After Reb oot —Enter a new VLAN ID to r eplace the default VLAN ID after r eboot . STEP 3 Click Apply . STEP 4 Click Sa v e (in the upper-right corner of the window) and sav e the Ru[...]

  • Страница 253

    VL AN Management Configuring VL AN Int er f ace S ettings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 201 13 The page enables the creation of either a single VLAN or a range of VLANs . STEP 3 T o cr eat e a single VLAN, s elect the VL AN radio but t on, enter the VLAN ID ( VID) , and optio[...]

  • Страница 254

    VLAN Management De f i ni n g VLAN M e mbe r s hi p 202 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 - Customer —S electing this option pla ces the interface in QinQ mode. This enables you to use your own VLAN arrangements (PVID) across the provider network . The device is in Q-in-Q mod[...]

  • Страница 255

    VL AN Management De fin i ng V L AN Me m ber shi p Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 203 13 Untagged por t membership betwe en two VL AN-a war e devi ces with no intervening VL AN-awar e devices , must be t o the same VL AN. In other wor ds, the PVID on the por ts b etwe en the t[...]

  • Страница 256

    VLAN Management De f i ni n g VLAN M e mbe r s hi p 204 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 • Multicast T V VLAN — The interface us ed f or Digital T V using Multicast IP . The por t joins the VL AN with a VL AN tag of Multicast T V VL AN. See Acces s P or t Multicast T V VL [...]

  • Страница 257

    VL AN Management GV R P S e t t i n g s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 205 13 • LA G —If int er face selected is Port , displa ys the LAG in which it is a member . STEP 3 Sele ct a por t , and click the Join VL AN but ton. STEP 4 Enter the values f or the f ollowing fields[...]

  • Страница 258

    VLAN Management GV R P S e t t i n g s 206 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 When a por t joins a VLAN by using GVRP , it is added to the VLAN as a dynamic member , unle ss this was expr essly forbidden in the P ort VL AN Membership page. If t he V L AN d oe s n ot exis t , it [...]

  • Страница 259

    VL AN Management VL AN Gr oups Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 207 13 VL AN Gr oup s VLAN groups are used f or load balancing of traffic on a Layer 2 network . Pa cke ts ar e assigned a VLAN according t o various classifications that have been configured ( such as VLAN groups).[...]

  • Страница 260

    VLAN Management VL AN Groups 208 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 Wo rk f l ow T o define a MAC- based VL AN gr oup: 1 . A s sign a MAC addr ess to a VLAN group ID (using the MAC-Based Groups page). 2. For each r equired inter face: a . A s s i g n t h e V L A N g r o u p t o [...]

  • Страница 261

    VL AN Management VL AN Gr oups Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 209 13 - Le n g t h — Prefix of the MAC addr e ss • Group ID —Enter a user -created VLAN group ID number . STEP 4 Click Apply . The MAC addr ess is as signed to a VLAN gr oup. Mapping VL A N Group to VL AN Per[...]

  • Страница 262

    VLAN Management VL AN Groups 210 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 1 . D efine a prot o col group (using the Pr ot ocol-B ased Groups page). 2. For each r e quired int erfac e, assign the prot ocol group t o a VLAN (using P r o t o c o l - B a s e d G r o u p s t o V L A N p a [...]

  • Страница 263

    VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 211 13 Protoc ol-B as ed Group s to VL AN Mapping T o map a prot o col group to a por t , the p or t must be in General mo de and not have D V A configured on it ( see C onfiguring VL AN Interfac e S et tings ). [...]

  • Страница 264

    VLAN Management Vo i c e V L A N 212 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 V oic e VL AN O ver view This se ction covers the f ollowing topics: • Dy na m i c V oi ce VLAN M od es • Auto V o ice VL AN, Auto Smar tpor t s, CDP , and LLDP • Vo i c e V L A N Q o S • V o ice VL [...]

  • Страница 265

    VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 213 13 The devic e suppor ts a single voice VL AN. By de fault , the voic e VLAN is VLAN 1 . The voice VLAN is defaulted t o VLAN 1 . A dif f er ent v oice VL AN can be manually configured. It can also be dynamic[...]

  • Страница 266

    VLAN Management Vo i c e V L A N 214 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 V oic e E nd-Points T o ha ve a v oice VLAN work properly , the voice devices, such as Cisc o phones and V oIP endpoints , must be as signed to the v oice VL AN wher e it sends and r eceives its voice traffi[...]

  • Страница 267

    VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 215 13 NOTE The default configuration list her e applies t o swit ches whose firmware v ersion suppor ts Aut o V oice VLAN out of the box. It als o applies to unconfigur ed switches that ha ve been upgrade d to t[...]

  • Страница 268

    VLAN Management Vo i c e V L A N 216 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 NOTE If the device is in Lay er 2 syst em mode, it can synchroniz e with only VSD P capable switches in the same ma nagement VL AN. If the device is in Lay er 3 syst em mode, it can synchronize with V SDP ca[...]

  • Страница 269

    VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 217 13 V oic e VL AN C onstraints The f ollowing c onstraints exist: • Only one V oice VL AN is suppor ted. • A VLAN that is defined as a V oice VL AN cannot be re moved In addition the f ollowing c onstraint[...]

  • Страница 270

    VLAN Management Vo i c e V L A N 218 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 STEP 4 Sel ect th e A ut o V oice VL AN Activation method. NOTE If the device is currently in T elephony OUI mode, you must disab le it bef ore you can configure Aut o V oice Vlan STEP 5 Click Apply . STEP 6[...]

  • Страница 271

    VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 219 13 Configuring V oice VL AN Proper tie s Use the V oic e VLAN Proper ties page f or the following: • V iew how voice VLAN is currently configured. • Configure the VLAN ID of the V oice VL AN. • Configur[...]

  • Страница 272

    VLAN Management Vo i c e V L A N 220 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 - Enable T elephony OUI —Enable Dynamic V oic e VLAN in T elephony OUI mode. - Disable —Disable Aut o V oice Vlan or T elephony OUI. • Auto V oic e VL AN A ctivation —If Aut o V oice VL AN was enable[...]

  • Страница 273

    VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 221 13 • Sou rce T y pe —Displays the type of source wher e the voice VLAN is discovered by the root device. • CoS/802. 1 p —Displays CoS/802. 1 p values to be use d by the LLDP -MED as a voice net work p[...]

  • Страница 274

    VLAN Management Vo i c e V L A N 222 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 • Vo i c e V L A N I D — The identifier of the current voice VLAN. • CoS/802. 1 p — The advertis ed or configur ed CoS/802. 1 p values that are used by the LLDP-MED as a voice net work policy . • D[...]

  • Страница 275

    VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 223 13 T o c onfigure T elephony OUI and/ or add a new V oice VL AN OUI: STEP 1 Click VL AN Man agement > Vo i c e V L A N > Te l e p h o n y O U I . The T elephon y OUI page cont ains the f ollowing fields[...]

  • Страница 276

    VLAN Management Vo i c e V L A N 224 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 Adding Inter fac es to V oice VL A N on Ba sis of OUIs The QoS at tribut es can be assigne d per por t to the voice packets in one of the f ollowing mo des : • All —Quality of S er vice (QoS) value s con[...]

  • Страница 277

    VL AN Management Acc e ss Po r t Multicast TV VL AN Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 225 13 Ac c e s s Por t Multic ast T V VL AN Multicast T V VL ANs enable Multicast transmissions to subscribers who are not on the same data VL AN (La yer 2-isolated), without replicating the Mu[...]

  • Страница 278

    VLAN Management Acces s P ort Mu lti cas t TV V L A N 226 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 IGMP Sno oping Multicast T V VL AN r elies on IGMP snooping, which means that : • Subscrib ers use IGMP mess ages to join or lea ve a Multica st group. • Devi ce perf orms IG MP s no[...]

  • Страница 279

    VL AN Management Acc e ss Po r t Multicast TV VL AN Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 227 13 Configuration Wo rk f l ow Configure T V VLAN with the following st ep s: 1 . D efine a T V VL AN by as sociating a M ulticast group t o a VLAN (using the Multicast Gr oup t o VLAN page) [...]

  • Страница 280

    VLAN Management Cust omer P or t Multicas t TV VL AN 228 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 Por t Multic ast VL AN Memb ership T o define the Multi cast T V VL AN configuration: STEP 1 Click VLAN Management > A c ce s s Po r t M ul ti c as t T V VL A N > Po r t M ul ti c a[...]

  • Страница 281

    VL AN Management Cust omer P or t Multicas t TV VL AN Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 229 13 All packets fr om the sub scriber to the ser vice provider network are encapsulat ed by the acce ss device with the subs criber ’ s VL AN configured as cust omer VLAN (Outer tag or S-[...]

  • Страница 282

    VLAN Management Cust omer P or t Multicas t TV VL AN 230 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 To m a p C P E V L A N s : STEP 1 Click VLAN Management > Customer P ort Multicast T V VLAN > CPE VL AN t o VLAN. STEP 2 Click Add . STEP 3 Enter the f oll owing fiel ds: • CPE VL[...]

  • Страница 283

    14 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 231 Sp anning T re e This section de scribe s the Spanning T ree Pr otocol (STP) (IEEE802. 1D and IEEE802. 1Q) and covers the f ollowing topics: • STP Flavors • Configuring STP Status and Global S et tings • De fining Spanning Tr ee Inte[...]

  • Страница 284

    Spanning Tree Configuring S TP Status and Global Settings 232 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 The device suppor ts the f ollowing Spanning T ree Pr ot ocol versions : • Classic STP – Provides a single path bet ween any two end stations , av oiding and eliminating lo ops .[...]

  • Страница 285

    Sp anning Tree Configuring S TP Sta tus and Global Settings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 233 14 • BPDU Handling —Sele ct how Bridge Pr ot ocol Da ta Unit (BPDU) pack ets ar e managed when STP is disabled on the por t or the device. BPDUs are used t o transmit spanning tr[...]

  • Страница 286

    Spanning Tree Defining Spanning T ree Int er face S e ttings 234 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 • T op ology Change s Counts — The total number of S TP t opology changes that hav e occurred. • L ast T op ology Change — The time int er val that elapse d since the last[...]

  • Страница 287

    Sp anning Tree Defining Spannin g T r ee In ter f ace S ettings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 235 14 • Root Guard —Enables or disable s Root Guar d on the device. The Root Guar d option pr ovides a way t o enfor c e the r oot bridge placement in the network . Root Guar d [...]

  • Страница 288

    Spanning Tree Configur ing Rapid Spann ing T ree S etting s 236 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 - Blo ck ing — The po r t is curr ently blocked, and cannot f or ward traffic (with the ex c eption of BPDU data) or learn MA C addresse s. - Listening — The p or t is in List [...]

  • Страница 289

    Sp anning Tree Configuring R apid Spanning T r ee S ettings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 237 14 T o enter RS TP settings : STEP 1 Click Sp anning T r ee > STP Status and Global S ettings . Enable RSTP . STEP 2 Click Sp anning T ree > RSTP In terface Settin gs . The RS [...]

  • Страница 290

    Spanning Tree Configur ing Rapid Spann ing T ree S etting s 238 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 - Design at ed — The interface through which the bridge is connected t o the LAN, which provides the lowest co st path fr om the LAN to the R oot Bridge. - Alternat e —Provides[...]

  • Страница 291

    Sp anning Tree Multiple S panning T ree Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 239 14 Multiple Sp anning T re e Multiple Spanning T ree Prot o col (MSTP) is used to separat e the S TP por t state bet ween various domains (on dif f erent VL ANs ). For e xample, while por t A is blocked[...]

  • Страница 292

    Spanning Tree Mapping VL ANs to a MS TP I nstance 240 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 Switches int ended to be in the s ame MST r egion are never separated by switches from another MS T r egion. If they are separat ed, the region bec omes t wo separat e re gi on s . This mapp[...]

  • Страница 293

    Sp anning Tree De fin ing M S TP I n s tan ce Se tt ing s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 241 14 F or those VL ANs that are not explicitly mapped to one of the MS T instances , the device automatically maps them to the CIS T (C ore and Inte rnal Spanning T ree) instance. The CI[...]

  • Страница 294

    Spanning Tree De f i n in g MS TP I nt erf ace Sett i n g s 242 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 • Included VL AN —Displa ys the VLANs mappe d t o the selected instance. The default mapping is that all VLANs are mapped to the common and internal spanning tr ee (CIST ) inst[...]

  • Страница 295

    Sp anning Tree De fin i ng M S TP I n te rf ace Se tti ng s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 243 14 STEP 5 Enter the parameters. • Instanc e ID —S elect the MS T instance to be configured. • Interfac e —Sele ct the interface f or which the MS TI set tings ar e t o be def[...]

  • Страница 296

    Spanning Tree De f i n in g MS TP I nt erf ace Sett i n g s 244 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 - Bac k u p — The interface provides a b ackup path t o the designated por t path t oward the Spanning T ree le av es . Ba ck up ports occur w hen two por ts are connected in a l[...]

  • Страница 297

    Sp anning Tree De fin i ng M S TP I n te rf ace Se tti ng s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 245 14[...]

  • Страница 298

    15 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 246 Man aging MA C A ddre s s T able s This section de scribe how to add MA C addresse s t o the syst em. It covers the f o llowing t opics : • Configuring St a tic MAC Addr es s es • Managing D ynamic MA C Addres se s • Def in i n g R e[...]

  • Страница 299

    Ma nagi ng M A C Ad d r ess T a bl es Configuring Sta tic MAC Address e s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 247 15 C onfiguring Static MA C A ddres s e s Static MAC addr ess es are assigne d t o a specific physical int erface and VL AN on the device. If that address is detected o[...]

  • Страница 300

    Managing MAC Address Tables Managing Dynamic MAC Addresse s 248 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 15 Managing D yn amic MA C Addres se s The Dynamic Address T able (bridging table) c ontains the MAC addr ess es acquired by monitoring the sour ce addresse s of frames entering the d[...]

  • Страница 301

    Ma nagi ng M A C Ad d r ess T a bl es De fin in g R eser v ed M A C Ad d r esses Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 249 15 D efining Re s e r ve d MA C Addre s s e s When the device receive s a frame with a De stination MAC address that b elongs to a r ese r ved range (per the IEE[...]

  • Страница 302

    16 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 250 Multic ast This section de scribe s the Multicast F or warding f eature, and covers the f ollowing top ic s : • Multicast For warding • De fining Multicast Proper tie s • Addi ng M A C Gro up Ad dr ess • Ad d in g IP Mul tica st Gr[...]

  • Страница 303

    Multic ast Multicas t Forwar ding Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 251 16 F or Multicast f or warding t o work acr oss IP subnets , node s, and routers must be Multicast-capable. A Multicast -capable node must be able to: • Send and receive Multicast pack ets. • Register the[...]

  • Страница 304

    Multicast Multicast F orwarding 252 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 The device can f or ward Multicast streams based on one of the f ollowing options: • Multicast MAC Group Addr ess • IP Multicast Group Addr ess (G) • A combination of the source IP addr ess (S) and the [...]

  • Страница 305

    Multic ast Defining Multicas t Proper ties Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 253 16 I f t h e d e vi c e i s en a b l e d a s a n I G M P Qu e r i e r , i t s t a r ts a f te r 6 0 s ec on d s h ave p a s s e d with no IGMP traffic (queries) det ected fr om a Multicast rout er . [...]

  • Страница 306

    Multicast Defining Multicas t Pr op er tie s 254 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 A common wa y of repr e senting Multicast membership is the (S, G) notation where S is the (single) sour ce send ing a Multicast stream of data, and G is the IP v 4 or IP v6 group addr ess . If a[...]

  • Страница 307

    Multic ast Adding MAC Gr oup Address Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 255 16 STEP 3 Click Apply . The Running Configuration file is updated. Adding MAC Gr oup Addres s The device supp or ts f o r warding incoming Multicast traffic bas ed on the Multicast gr oup inf ormation. Thi[...]

  • Страница 308

    Multicast Adding MAC Gr oup Addr ess 256 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 Entries that wer e crea ted both in this page a nd in the IP Multicast Gr oup Addres s page are displa y ed. For those cr eat ed in the IP Multicast Group Addr es s page, the IP addr es ses are con verte[...]

  • Страница 309

    Multic ast Adding IP Multicast Gr oup Addresse s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 257 16 Adding IP Multic ast Group Addres se s The IP Multicast G roup Addr es s page is similar t o the MAC Gr oup Addr es s page ex c ept that Multicast groups are identified by IP addr ess es . T[...]

  • Страница 310

    Multicast Configuring IGMP Snooping 258 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 • Sourc e Sp ecific —Indicates that the entr y contains a sp ecific source, and adds the addr es s in the IP Source Address field. If not , the entr y is added as a (*,G) entr y , an IP group ad dr es[...]

  • Страница 311

    Multic ast Configuring IGMP Sn ooping Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 259 16 When IGMP Snooping is enable d globally or on a VL AN, all IGMP pack ets ar e f or warded t o the CPU . The CPU analyzes the incoming packets, and det ermines the f ollowing : • Which por ts are aski[...]

  • Страница 312

    Multicast Configuring IGMP Snooping 260 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 Ther e can be only one IGMP Querier in a network . The device suppor ts standar ds-base d IGMP Querier elec tion. So me of the values of the operational paramet ers of this table ar e sent by the elected [...]

  • Страница 313

    Multic ast MLD Snooping Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 261 16 • Operational Last Memb er Quer y Inter val —Displa ys the Last Member Quer y Inter val sent by the ele ct ed querier . • Im m e d i ate L e ave —Enable Imme diat e L ea ve t o de crease the time it tak es t[...]

  • Страница 314

    Multicast MLD Snooping 262 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 In an appr oach similar to IGMP snooping, MLD frames are snoop ed as they are f or war ded by the device from stations t o an upstream Multicast r out er and vice versa. This facility enable s a device to conclude the[...]

  • Страница 315

    Multic ast Quer ying IGMP /MLD IP Multicast G r oup Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 263 16 • Operational Quer y Robustnes s —Displays the r obustnes s variable sent by the elected querier . • Quer y Inter val —Enter the Quer y Interval value to be use d by the de vice i[...]

  • Страница 316

    Multicast Defining Multic ast R out er Po r ts 264 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 Ther e might be a dif f erence bet ween information on this page and, f or example, inf ormation displa yed in the MAC Gr oup Addr es s page . A ssuming that the system is in MAC-based groups a[...]

  • Страница 317

    Multic ast Defining F orward All Multicast Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 265 16 T o statically c onfigur e or see dynamically- detect ed por ts conne ct ed to the Multicast rout er : STEP 1 Click Multic ast > Multicast Router Por t . STEP 2 Enter some or all of f ollowing [...]

  • Страница 318

    Multicast D e fining Unr egistered Multicast Settings 266 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 IGMP or MLD mes sages ar e not f or warded to por ts defined as Fo r w a rd All . NOTE The configuration aff e cts only the por ts that are members of the selected VLAN. T o define F or [...]

  • Страница 319

    Multic ast Defining Unr egister ed Multicas t Settings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 267 16 Y ou can select a p or t t o r eceive or filter unr egist ered Multicast str eams. The configuratio n is valid f or a n y VLAN of which it is a mem ber (or will b e a member) . This f [...]

  • Страница 320

    Multicast D e fining Unr egistered Multicast Settings 268 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16[...]

  • Страница 321

    17 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 268 IP C onfigura tion IP int er face addr es ses can b e configured manually by the user , or automatically configured by a DHCP se r ver . This se ction provides inf orm ation f o r defining the device IP address es , either manually or by m[...]

  • Страница 322

    IP Configuration Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 269 17 retains much of the La yer 2 functionalit y , such as Spanning T ree Pr ot ocol and VLAN memb ership. • In La yer 3 syst em mode on Sx 500 devices only , the device do es not suppor t MAC-based VL AN, D ynamic [...]

  • Страница 323

    IP Configuration Over view 270 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 When a VLAN is configured to use dynamic IP v 4 addres ses , the device is sues DHCP v 4 requests until it is assigned an IP v 4 addr e ss from a DHCPv 4 ser ver . In Lay er 2 system mode, only the management VLAN[...]

  • Страница 324

    IP Configuration Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 271 17 All the IP addr es ses configured or as signed to the device ar e r ef erred to as Management IP addr es ses in this guide. If the pages f or Lay er 2 and La yer 3 ar e dif f er ent , both versions are displa yed[...]

  • Страница 325

    IP Configuration IPv4 Managemen t and In terface s 272 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 T o configure an IP v6 loopback interface, do the f ollowing: • In Lay er 2, add a loopback inter face in the Administration > Management Interface > IP v6 Interfaces page. C onfigu[...]

  • Страница 326

    IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 273 17 - Static —Manually define a static IP address . NOTE DHCP Option 12 (Host Name option ) is suppor ted when the device is a DHCP client . If DHCP Option 12 is received from a DHCP ser ver [...]

  • Страница 327

    IP Configuration IPv4 Managemen t and In terface s 274 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Auto Configuration via DHCP —Displa ys status of Aut o Configuration f eature. Y ou can configure this fr om Administration > F ile Management > DHCP A ut o Confi gurati on . ST[...]

  • Страница 328

    IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 275 17 • Mask —C onfigured IP addr es s mask . • Status —Results of the IP address duplication check . - Te n t a t i v e — There is no final r esult f or the IP address duplication chec[...]

  • Страница 329

    IP Configuration IPv4 Managemen t and In terface s 276 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 ! CAUT I ON When the system is in one of the stacking modes with a Backup Master pr e sent , it is recommended to configure the IP a ddress as a static addr ess to pr event disconne cting f[...]

  • Страница 330

    IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 277 17 NOTE Y ou cannot configur e a static r oute thr ough a directly-connected IP subnet wher e the device gets its IP addr es s from a DHCP server . • Metric —Enter the administrativ e dist[...]

  • Страница 331

    IP Configuration IPv4 Managemen t and In terface s 278 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • ARP Entr y Age Out —Ent er the number of sec onds that dynamic addr ess es can remain in the ARP table. A dynamic address ages out after the time it is in the table ex c eed s the ARP[...]

  • Страница 332

    IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 279 17 • MA C Addres s —Ent er the MAC addr ess of the lo cal device. STEP 6 Click Apply . The ARP entr y is saved t o the Running Configuration file. ARP Pro x y The Pr oxy ARP technique is u[...]

  • Страница 333

    IP Configuration IPv4 Managemen t and In terface s 280 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 UDP Rela y /IP Help er The UDP Rela y /IP Help er f eature is only a vailable when the device is in La yer 3 system mode. Switches do not typically r oute IP Br o adcast packets betwe en IP[...]

  • Страница 334

    IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 281 17 An untrusted por t is a por t that is not allowed to assign DHCP address es. By default , all por ts are consider ed untrusted until you declar e them trust ed (in the DHCP Snooping Interfa[...]

  • Страница 335

    IP Configuration IPv4 Managemen t and In terface s 282 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • DHCP Inser tion - Add Option 82 info rmation t o pack ets that do not ha ve f oreign Option 82 inf ormation. • DHCP Passthrough - F or ward or r eject DHCP pack ets that contain Optio[...]

  • Страница 336

    IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 283 17 The f ollowing de scribe s how DHCP request packets ar e handled when both DHCP Snooping and DHCP Relay ar e enabled: Option 82 Inser tion Disable d Pac ke t i s s en t without Option 82 Pa[...]

  • Страница 337

    IP Configuration IPv4 Managemen t and In terface s 284 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 The f ollowing de scrib es how DHCP Reply pack ets ar e handled when DHCP Snooping is dis abled: Option 82 Inser tion Enabled Relay – is sen t with Option 82 Bridge – Option 82 is added[...]

  • Страница 338

    IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 285 17 Option 82 inser tion disable d Pac ke t is sen t without Option 82 Pac ke t is sent with the original Option 82 Relay – discards Option 82 Bridge – Pac ket is sent without Option 82 Rel[...]

  • Страница 339

    IP Configuration IPv4 Managemen t and In terface s 286 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 The f ollowing de scrib es how DHCP r eply packets ar e handled when both DHCP Snooping and DHCP Rela y ar e enabled DHCP Sno oping Binding Da tab as e DHCP Snooping builds a databas e (kno[...]

  • Страница 340

    IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 287 17 The DHCP Snooping Binding databas e is also use d by IP Source Guar d and Dynamic ARP Inspe ction f eatures to det ermine legitimate packet sour ces . DHCP T rusted Por ts Po r ts can be ei[...]

  • Страница 341

    IP Configuration IPv4 Managemen t and In terface s 288 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 STEP 6 Device f orwards DHCPOFFER , DHCP AC K , or DHCPNAK . The f ollowing summarize s how DHCP pack ets ar e handled fr om both trusted and untrusted por ts. The DHCP Sno oping Binding da[...]

  • Страница 342

    IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 289 17 DHCP Sno oping Along With DHCP Rela y If both DHCP Snooping and DHCP Relay ar e globally enabled, then if DHCP Snooping is enabled on the client's VL AN, DHCP Snooping rules c ontained[...]

  • Страница 343

    IP Configuration IPv4 Managemen t and In terface s 290 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 STEP 1 Enable DHCP Sno oping and/ or DH CP Relay in the IP C onfigura tion > DHCP > Propertie s page or in the Se curit y > DHCP Snooping > Proper ties page. STEP 2 Define the i[...]

  • Страница 344

    IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 291 17 STEP 2 Click Apply . The set tings ar e written t o the Running Configuration file. STEP 3 T o define a DHCP ser ver , click Add . STEP 4 Enter the IP addr es s of the DHCP ser ver and clic[...]

  • Страница 345

    IP Configuration IPv4 Managemen t and In terface s 292 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 DHCP Sno oping Binding Da tabas e See How the DHCP Snooping Binding Databas e is Built f or a de scription of how dynamic entries are added to the DHCP Snooping Binding database. Not e the [...]

  • Страница 346

    IP Configuration DHCP S er ver Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 293 17 STEP 3 Enter the fields: • VL AN ID — VLAN on which packet is e xpected. • MAC Addr es s— MAC addr ess of packet . • IP Address— IP addr es s of packet . • Interfac e —Unit /Slot /Int er face [...]

  • Страница 347

    IP Configuration DHCP Ser ver 294 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 Depe nd e n ci es Betwee n F ea tu res • It is impo ssible to configure DHCP ser ver and DHCP client on the system at the same time, meanin g: if one inter face is DHCP client enable d, it is impo ssible to e[...]

  • Страница 348

    IP Configuration DHCP S er ver Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 295 17 DHCP v4 S er ver T o c onfigur e the device as a DHCP v 4 s er ver : STEP 1 Click IP Configuration > IP v 4 Management and Int erfac es > DHCP Ser ver > Proper ties to displa y the Pr oper ties page.[...]

  • Страница 349

    IP Configuration DHCP Ser ver 296 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Mask —Enter one of f ollowing : - Network Mask —Che ck and ent er the pool’ s network mask . - Prefix L ength —Check and ent er the number of bits that compris e the address pr efix. • Address Poo[...]

  • Страница 350

    IP Configuration DHCP S er ver Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 297 17 - Mi xe d —A combination of b -node and p-no de communications is us ed to r egister and r esolve NetBIOS name s. M-no de first uses b -nod e; then, if nece ss ar y , p-node. M-no de is typically not the b [...]

  • Страница 351

    IP Configuration DHCP Ser ver 298 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 T o manually allocate a permanent IP addres s t o a specific client : STEP 1 Click IP Configuration > IP v 4 Management and Int erfac es > DHCP Ser ver > Static Hosts to displa y the Static Hosts page.[...]

  • Страница 352

    IP Configuration DHCP S er ver Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 299 17 - Hybrid —A hybrid combination of b -node and p-node is us ed. When configured to use h-node, a computer always tries p-node first and use s b-no de only if p-node fails. This is the default . - Mi xe d —[...]

  • Страница 353

    IP Configuration DHCP Ser ver 300 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 T o configure one or more DHCP options: STEP 1 Click IP Configuration > IP v 4 Management and Int erfac es > DHCP Ser ver > DHCP Options . The pr eviously-configured DHCP options are displa y ed.. STEP[...]

  • Страница 354

    IP Configuration DHCP S er ver Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 301 17 Addres s Binding Use the Addres s Binding page to view and remov e the IP addresse s allocated by the device and their c orresponding MAC addr es se s. T o view and/ or remov e addr es s bindings: STEP 1 Clic[...]

  • Страница 355

    IP Configuration IPv6 Management and In terface s 302 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 IP v 6 Management and Inter face s The Int ernet Prot o col version 6 (IPv6) is a net work -lay er pr ot ocol f or packet - switched int ernetworks . IP v6 was designed to r eplace IP v 4, t[...]

  • Страница 356

    IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 303 17 • Directly-attache d, meaning that the destination is directly-at tached to an interface on the device, s o that the pack et destination (which is the interface) is us ed as the next-[...]

  • Страница 357

    IP Configuration IPv6 Management and In terface s 304 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 - Link -Layer —(D efa ult). If you sele ct this option, the MAC addr es s of the device is use d. - E nterp rise Num ber —If y ou select this option, enter the f ollowing fields . • En[...]

  • Страница 358

    IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 305 17 • Tu n n e l T y p e —(Not present f or S x 500) If the IP v6 interface is a tunnel, select its typ e: Manual or ISA T AP (se e IP v 6 T unnel ). STEP 5 T o configure the i nt er fa[...]

  • Страница 359

    IP Configuration IPv6 Management and In terface s 306 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 STEP 7 Click Apply t o enable IP v6 proces sing on the selected interface. Regular IP v6 interfaces have the f ollowing addres ses automatically configured: • Link local addres s using EUI[...]

  • Страница 360

    IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 307 17 • Remaining Information Refresh Time —Remaining time until ne xt refresh. • DNS Ser vers —List of DNS ser vers received from the DHCPv6 se r ver . • DNS Dom ain S earch List ?[...]

  • Страница 361

    IP Configuration IPv6 Management and In terface s 308 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 record is not r esolved, IS A T AP ho st name-to-addr ess mapping is searched in the host mapping table. - When the IS A T AP router IPv 4 addr es s is not r esolve d via the DNS proces s, t[...]

  • Страница 362

    IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 309 17 STEP 6 Enter the f ollowing fields: • Type —Displays the tunnel type : Manual or ISA T AP . • Tu n n e l S t at e —Sele ct to enable the tunnel. • L i n k S t a t u s S N M P [...]

  • Страница 363

    IP Configuration IPv6 Management and In terface s 310 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • ISA T AP Router Name — (For ISA T AP tunnels only) Select one of the f ollowing options to configure a global string that r epresents a spe cific aut omatic tunnel ro uter domain name.[...]

  • Страница 364

    IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 311 17 - Anycast —(La yer 3 only) The IPv6 addres s is an Any cast address . This is an address that is as signe d t o a set of inter faces that t ypically belong to differ ent no des . A pa[...]

  • Страница 365

    IP Configuration IPv6 Management and In terface s 312 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Suppres s Router Adver tisement —Select Ye s to suppr ess IP v6 router advertis ement transmissions on the interface. If this f eature is not suppresse d, enter the f ollowing fields .[...]

  • Страница 366

    IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 313 17 The int er val bet ween transmis sions should be les s than or equal t o the IPv6 r outer adv er tisement lif etime if y ou configure the r out e as a default r outer by using this comm[...]

  • Страница 367

    IP Configuration IPv6 Management and In terface s 314 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 - Prefix -Length — The length of the IP v6 prefix. A decimal value that indicat es how many of the high-or der c ontiguous bits of the addr es s compris e the pr efix (the network por tion[...]

  • Страница 368

    IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 315 17 - Offlink —C onfigures the specified prefix as offlink . The prefix will be adver tised with t he L -bit clear . The prefix will not be ins er ted into the r outing table as a connect[...]

  • Страница 369

    IP Configuration IPv6 Management and In terface s 316 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Metric —Cost of this hop. STEP 2 Click Add t o add a static default rout er . STEP 3 Enter the f oll owing fiel ds: • Nex t Hop — The IP addres s of the ne xt destination to which [...]

  • Страница 370

    IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 317 17 T o define IP v6 neighbors : STEP 1 In La yer 2 syst em mode, click Ad ministra tion > Management In ter face > IP v6 Neighb ors . In La yer 3 syst em mode, click IP C onfiguratio[...]

  • Страница 371

    IP Configuration IPv6 Management and In terface s 318 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 STEP 3 Ent er values f or the f ollowing fields : • Interfac e — The neighboring IP v6 interface to be added. • IP v 6 Addre ss —Ent er the IP v6 network address as signed to the int[...]

  • Страница 372

    IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 319 17 T o creat e a pr efix list: STEP 1 (In Lay er 3) Click IP Configuration > IP v 6 Management Interfac es > IP v6 Pref ix List . -or (In Lay er 2)Click A dministration > IP v 6 M[...]

  • Страница 373

    IP Configuration IPv6 Management and In terface s 320 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Lower Than —Maximum pr efix length to be used f or matching. Select one of the f o llowing options: - No L i mi t —No maxi mum pr efix le ngth t o be used f or matching. - Us er D ef[...]

  • Страница 374

    IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 321 17 network . Only one link local address is suppor ted. If a link local address ex ists on the int erface, this entr y replaces the address in the configuration. - Glo b al —An IP v6 add[...]

  • Страница 375

    IP Configuration IPv6 Management and In terface s 322 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Int er face List — This is a per -int er face list of DHCP v6 ser vers . When a DHCP v6 packet is r e ceived on an interface, the packet is rela yed both t o the ser vers on the interf[...]

  • Страница 376

    IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 323 17 Enter the fields: • Sourc e Interfac e —Sele ct the interface (por t , LAG, VLAN or tunnel) f or which DHCP v6 Rela y is enabled. • Us e Global D e stinations Only —S elect to f or ward packets t o the [...]

  • Страница 377

    IP Configuration Do m a i n N am e 324 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Polling Time out —Ent er the numb er of seconds that the devic e will wait f or a response to a DNS query . • Polling Inter val —Ent er how often (in seconds) the device sends DNS quer y pack ets[...]

  • Страница 378

    IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 325 17 - Link L o cal — The IP v6 addres s uniquely identifies hosts on a single network link . A link lo cal address has a prefix of FE80 , is not r outable, and can be use d f or c ommunication only on the local n[...]

  • Страница 379

    IP Configuration Do m a i n N am e 326 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 Ho st Mapping Host name/IP address mappings are st or ed in the Host Mapping T able (DNS cache). This cache can contain the f ollowing typ e of entries : • Static Entries — The se are mapping pairs tha[...]

  • Страница 380

    IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 327 17 - No Resp onse — There was no r esponse, but system can tr y again in future. • TT L — If this is a dynamic entr y , how long will it remain in the cache. • Remaining T TL — If this is a dynamic entr [...]

  • Страница 381

    IP Configuration Do m a i n N am e 328 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17[...]

  • Страница 382

    IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 329 17[...]

  • Страница 383

    IP Configuration Do m a i n N am e 330 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17[...]

  • Страница 384

    IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 331 17[...]

  • Страница 385

    IP Configuration Do m a i n N am e 332 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17[...]

  • Страница 386

    IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 333 17[...]

  • Страница 387

    IP Configuration Do m a i n N am e 334 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17[...]

  • Страница 388

    IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 335 17[...]

  • Страница 389

    IP Configuration Do m a i n N am e 336 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17[...]

  • Страница 390

    IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 337 17[...]

  • Страница 391

    IP Configuration Do m a i n N am e 338 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17[...]

  • Страница 392

    19 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 379 IP C onfigura tion: RIP v2 This section de scrib es the Routing Inf ormat ion Pr otocol (RIP) version 2 f eature. It covers the f ollowin g t opics: • O ver view • How Rip Operates on the D evice • Con fig u r i n g R I P NOTE RIP is[...]

  • Страница 393

    IP Configuration: RIPv2 How Rip Opera tes on the Device 380 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 • RFC2453 RIP V ersion 2, November 1998 • RFC2082 RIP -2 MD5 Authentication, Januar y 1997 • RFC 1724 RIP V ersion 2 MIB Extension Received RIP v 1 packets ar e dr opped. How Rip[...]

  • Страница 394

    IP Configuration: RIP v2 How Rip Opera tes on the D evice Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 381 19 It is your r esponsibilit y t o set the offset f or each interface ( 1 by default) . The f ollowing illustrates the configurat ion of the metric offset f or various interface s, b a[...]

  • Страница 395

    IP Configuration: RIPv2 How Rip Opera tes on the Device 382 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 See RIP v2 S ettings on an IP Inter face fo r m o r e i n fo r m a t i o n . F iltering Routing Updates Y ou can filt er incoming and outgoing rout es f or a giv en IP int er face usin[...]

  • Страница 396

    IP Configuration: RIP v2 How Rip Opera tes on the D evice Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 383 19 If th ese f eatu r es ar e ena bl ed, r eject ed r o ut es ar e adv er ti sed b y r out es wi th a metric of 16. The rout e c onfigurations can be propagat ed using one of the f oll[...]

  • Страница 397

    IP Configuration: RIPv2 How Rip Opera tes on the Device 384 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 Using RIP in Net work with Non-Rip D evice s Static r oute configuration and connected inter faces must be taken into account when using RIP . This is shown in the f ollowing, which il[...]

  • Страница 398

    IP Configuration: RIP v2 Configuring RIP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 385 19 • MD5 —Use s MD5 digest authentication. Each rout er is configured with a set of secret ke ys. This s et is called a ke y c ha i n . Each k ey chain consists of one or mor e ke ys. Each key has [...]

  • Страница 399

    IP Configuration: RIPv2 Configuring RIP 386 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 - Configure the offset added to the metric f or incoming rout es on an IP int er face, using the RIP v2 Set tings page. - Enable passive mode on an IP interface, using the RIP v2 S ettings page. - Con[...]

  • Страница 400

    IP Configuration: RIP v2 Configuring RIP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 387 19 STEP 3 Re distribute Static Route —Select to enable this f eature (des cribed in Redistribution Fe ature . STEP 4 If Re distribute Static Route is enabled, sele ct an option f or the Redistribute [...]

  • Страница 401

    IP Configuration: RIPv2 Configuring RIP 388 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 RIP v2 S et tings on an IP Interface T o c onfigur e RIP on an IP int er face : STEP 1 Click IP Configuration > RIP v2 > RIP v2 S et tings . STEP 2 RIP paramet ers ar e displa yed per IP int erf[...]

  • Страница 402

    IP Configuration: RIP v2 Configuring RIP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 389 19 • Key Pas sw ord —If Te x t was selected as the authentication t ype, enter the pas sword to be used. • Key Ch a in —If MD5 was sele ct ed as the authentication mode, enter the ke y chain to[...]

  • Страница 403

    IP Configuration: RIPv2 Configuring RIP 390 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 STEP 2 T o clear al l interface c ount ers , click Clear All Interface Counters . Displa ying the RIP v2 Pe ers Datab ase T o view the RIP P e ers (neighbors) database: STEP 1 Click IP Configuration &[...]

  • Страница 404

    IP Configuration: RIP v2 Configuring RIP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 391 19 Creating an Ac ce s s List T o s et the global configuration of an acces s list . STEP 1 Click IP C onfigura tion > Ac ce ss Li st > Acce ss Lis t Setting s . STEP 2 T o add a new Acc es s Lis[...]

  • Страница 405

    IP Configuration: RIPv2 Configuring RIP 392 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 • Sourc e IP v4 Addres s —Source IP v 4 addr ess . The f o llowing options ar e available: - An y —All IP addr es ses are included. - Us er D ef in e d —Enter an IP addr e ss . • Sou r ce IP[...]

  • Страница 406

    20 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 393 IP C onfigura tion: VRRP This chapter describe s how V ir tual Router R edundancy Prot o col ( VRRP) works and how t o configure virtual rout ers running VRRP thr ough the WEB GUI. NOTE The SF500 models do not supp ort the VRRP f eature. I[...]

  • Страница 407

    IP Configuration: VRRP Over view 394 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 Co n s tr ai n ts VRRP is only suppor ted on S G500 X /ESW2-55 0X swit ches. VRRP T opolo gy The f ollowing shows a L AN topology in which VRRP is configured. In this example, Rout ers A , B and C are VRRP a[...]

  • Страница 408

    IP Configuration: VRRP Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 395 20 Rout er B and C function as a vir tual router backups . If the vir tual rout er mast er fails, the rout er configured with the higher priority be comes the vir tual rout er master and pr ovides ser vice to [...]

  • Страница 409

    IP Configuration: VRRP Over view 396 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 Load Sharing VRRP T op ology In this t opolo gy , t wo vir tual rout ers ar e configured. F o r vir tual r out er 1 , rA is the owner of IP address 192. 168.2. 1 and is the vir tual rout er mast er , and rB [...]

  • Страница 410

    IP Configuration: VRRP Configur able Elemen ts of VRRP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 397 20 C onfigurable Elements of VRRP A vir tual r outer must be assigned an uniqu e virtual rout er identifier ( VRID) among all the vir tual r out ers on the same LAN. All VRRP rout ers sup[...]

  • Страница 411

    IP Configuration: VRRP Configur able E lemen ts o f VRRP 398 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 • If ther e is at least one VRRP r out er of the virtual router operating in both VRRP v2 and VRRPv3. In this case , config ur e your VRRP r out er t o operate in VRRP v3 even tho u[...]

  • Страница 412

    IP Configuration: VRRP Configur able Elemen ts of VRRP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 399 20 All the VRRP r outers supporting the same vir tual rout er must ha ve the same configuration. If the configur ations are dif f erent , the configuration of the master is used. A b acku[...]

  • Страница 413

    IP Configuration: VRRP Configuring VRRP 400 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 • Enabled - When a VRRP r oute r is config ur ed with higher priorit y than the current mast er is up, it r eplaces the current master . • Disabled - Even if a VRRP r outer with a higher priority [...]

  • Страница 414

    IP Configuration: VRRP Configuring VRRP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 401 20 • Descr i p ti o n —User -defined string identif ying vir tual r outer . • Status —Sele ct t o enable VRRP on the device. • Ve r s i o n —Sele ct the version of VRR P t o be use d on this[...]

  • Страница 415

    IP Configuration: VRRP Configuring VRRP 402 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 • Status —Is VRRP enabled. • IP Address O wner — The owner of the IP address of the vir tual rout er . • Master /B ackup Status —Is the virtual rout er the mast er or backup. • Skew T im[...]

  • Страница 416

    IP Configuration: VRRP Configuring VRRP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 403 20 • In valid VRRP Pack et T ype —Displays number of packets with in valid VRRP packet types . • In valid VRRP ID —Displays number of pack ets with in valid VRRP IDs. • In valid Prot ocol Numb[...]

  • Страница 417

    18 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 328 Sec u r i t y This section de scrib es device s ecurit y and acces s control. The syst em handles various typ es of se curit y . The f ollowing list of topics des cribes the various t ype s of securit y f eatures des cribed in this se ctio[...]

  • Страница 418

    Secu r ity De fin i ng U ser s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 329 18 • Co nfiguring T AC A C S+ • Configurin g R ADIUS • Configurin g Por t Se curit y • 802. 1 X • De fining Time Ranges Prot e ction fr om other ne twork users is describ ed in the f ollowing sections [...]

  • Страница 419

    Security De fin i ng Us er s 330 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 NOTE It is not permitted to delet e all users . If all users are selected, the De l e t e button is disabled. T o add a new user : STEP 1 Click Adm in ist ra tion > Us er Acco un ts . This page displays the u[...]

  • Страница 420

    Secu r ity De fin i ng U ser s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 331 18 - Read / Wr i te M anag em en t Access ( 15 ) —User can acce ss the GUI, and can configure the device. STEP 5 Click Apply . The user is added to the Running Configuration file of the device. Set ting Passwo[...]

  • Страница 421

    Security Configuring T ACACS+ 332 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Do not r epeat or reverse the manufacturers name or any variant reached by changing the case of the charact ers. STEP 4 If the Password Complexit y S et tings are enabled, the f ollowing parameters may be c[...]

  • Страница 422

    Secu r ity Configuring T ACACS+ Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 333 18 • Authoriza tion —P er f orme d at login. Af t er the authentication ses sion is completed, an authorization s es sion star ts using the authenticated username. The T ACACS+ ser ver then checks user priv[...]

  • Страница 423

    Security Configuring T ACACS+ 334 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 The f ollowing information is sent to the T AC ACS+ ser ver by the device when a user lo gs in or out: Def au l t s The f ollowing defaults are r elevant t o this f eature: • No default T A CACS+ ser ver is d[...]

  • Страница 424

    Secu r ity Configuring T ACACS+ Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 335 18 STEP 3 Select TA C A C S + in the Management Acce ss Authentication page, so that when a user logs onto the device, authenticati on is per f ormed on the T ACA CS+ ser ver instead of in the local database. N[...]

  • Страница 425

    Security Configuring T ACACS+ 336 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Sou r ce IPv4 —(In La yer 3 syst em mode only) Select the devic e IPv 4 source interface to be used in me s sages sent for communication with the TA C A C S + s e r v e r. • Sou r ce I Pv6 —(In Lay er[...]

  • Страница 426

    Secu r ity Configuring T ACACS+ Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 337 18 • Priorit y —Ent er the or der in which this T A CACS+ ser ver is used. Z er o is the highest priorit y T ACA CS+ ser ver and is the first ser ver use d. If it cannot establish a session with the high pr[...]

  • Страница 427

    Security Configur ing R ADIUS 338 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 C onfiguring R ADIUS Remot e Authorization Dial-In User Ser vic e (R ADIUS) ser vers provide a centralized 802. 1 X or MAC-based network acc es s control. The device is a R ADIUS client that can use a R ADIUS s[...]

  • Страница 428

    Secu r ity Configuring RADIUS Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 339 18 Interactions With O ther Features Y ou cannot enable acc ounting on both a R ADIUS and T ACA CS+ s er ver . Radius Workflow T o us er a R ADIUS ser ver , do the f ollowing : STEP 1 Open an acc ount f or the de[...]

  • Страница 429

    Security Configur ing R ADIUS 340 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Dea d T i m e —Enter the number of minut es that elaps e bef ore a non- responsive R ADIUS ser ver is bypas se d f or s er vic e r eque sts. If the value is 0 , the ser ver is not bypas se d. • Key St r[...]

  • Страница 430

    Secu r ity Configuring RADIUS Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 341 18 - Glo b al — The IP v6 address is a glob al Unicast IPV 6 t ype that is visible and r eachable from other networks . • Link Loc al Inter face —Sele ct the link local inter face (if IPv6 Ad dr es s T ype [...]

  • Страница 431

    Security Key M anag eme nt 342 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 - All —R ADIUS ser ver is use d f or authenticating user that ask t o administer the device and f or 802. 1 X authentication. STEP 6 T o display sensitive data in plaint ext f orm in the c onfiguration file, cli[...]

  • Страница 432

    Secu r ity Key Ma na ge me nt Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 343 18 - User Defined (Plain tex t)— Ent er a plainte xt version NOTE Both the Acce pt Lif e T ime and the Send Lif e T i me values can be enter ed. The Accept Lif e T ime indicate s when the key-identifier f or re[...]

  • Страница 433

    Security Key M anag eme nt 344 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 Creating a K ey Set tings Use the Ke y Chain Set tings page t o add a k ey t o an alr eady e xisting k ey chain. STEP 1 Click Sec ur i ty > Ke y M an a g e m en t > Ke y S e t ti n g s . STEP 2 T o add a new[...]

  • Страница 434

    Secu r ity Management Acce ss Method Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 345 18 - Day s —Number of days that the k e y-identifier is valid. - Ho ur s —Numb er of hours that the ke y-identifier is valid. - Mi nu t e s —Number of minut es that the ke y-identifier is vali d. - S[...]

  • Страница 435

    Security Management Acce ss Method 346 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Sourc e IP Address —IP addres ses or subnets . Acc es s t o management methods might diff er among user groups. For e xample, one user gr oup might be able to acce ss the devic e module only by using[...]

  • Страница 436

    Secu r ity Management Acce ss Method Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 347 18 A caution mes sage displays if you selected any other acces s profile, warning you that , depending on the s elected acces s profile, y ou might be disc onnected fr om the web- base d configuration util[...]

  • Страница 437

    Security Management Acce ss Method 348 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 - All — A p p l i es to al l po r ts, VLA N s, a n d LA Gs. - Us er D ef in e d —Applie s t o selected interfac e. • Interfac e —Ent er the interface numb er if User Define d was sele ct ed. • Ap[...]

  • Страница 438

    Secu r ity Management Acce ss Method Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 349 18 STEP 1 Click Secu r i ty > Mgmt Ac c es s Metho d > Profile Rules . STEP 2 Sele ct the Filt er field, and an acce ss profile. Click Go . The selected acce ss profile appears in the Pr ofile Rule T[...]

  • Страница 439

    Security Management Acce ss Authentica tion 350 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Interfac e —Ent er the interface number . • Applies to S ource IP Addres s —Select the t ype of s our ce IP address to which the acces s profile applies. The Sou r ce I P Ad dre ss field[...]

  • Страница 440

    Secu r ity Se cure Sensitive Da ta Managemen t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 351 18 If an authentication method fails or the us er has insuff icient privilege level, the user is de ni ed a ccess t o the de vi ce. In ot he r wor ds, if authentication fails at an authentication[...]

  • Страница 441

    Security SSL Serve r 352 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 SS L Se r ve r This se ction describ es the Se cur e Socket Lay er (SS L ) f eature. S SL O ver view The Secure Socket La yer (SS L) f eature is used to open an HTTPS ses sion to the device. An HTTPS s es sion may be op[...]

  • Страница 442

    Secu r ity SSL Serve r Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 353 18 • Va l i d T o — Sp ecifies the date up to which the cer tificate is valid. • Cer tificate Source— Spe cifies whether the c er tificate was generat ed by the syst em (Aut o Generat ed) or the user (User D efi[...]

  • Страница 443

    Security SSH Serve r 354 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Private K ey (Encr ypted) —S elect and copy in the RS A private k ey in encr ypted f o rm. • Priva te K ey (Plain text) —Select and copy in the RSA private ke y in plain te x t fo r m . STEP 4 Click Displa y S[...]

  • Страница 444

    Secu r ity Configuring T CP /UDP S er vic es Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 355 18 • Te l n e t —Disabled by fact or y default • SSH —Disabled by factor y default The active T CP c onnections are also display ed in this window . T o c onfigure T CP /UDP se r vice s: ST[...]

  • Страница 445

    Security Defining St orm Cont rol 356 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Loc al IP Addre ss —L ocal I P a d dr es s t hr ough w h ich the device is off ering the ser v ice. • Loc al Por t —L o cal UDP por t through which the device is of f ering the s er vice. • Appl[...]

  • Страница 446

    Secu r ity Configuring P or t S ecurit y Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 357 18 • Storm C ontrol Mode —Select one of the mode s: - U n kn own U nicas t, M u lti cast & B r oadc ast —Counts unknown Unicast , Br oadcast , and Multicast tra ffic towar ds the bandwidth th[...]

  • Страница 447

    Security Configuring P or t Se curit y 358 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 When a frame fr om a new MA C addr es s is det ected on a port where it is not authorized (the por t is clas sically locked, and there is a new MAC addr ess , or the por t is dynamically locked, and th[...]

  • Страница 448

    Secu r ity 802 . 1 X Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 359 18 - Sec u r e Pe rma nen t —K eeps the current dynamic MAC addr e sse s as sociated with the por t and learns up to the maximum number of addr es ses allowed on the p or t ( set by Ma x N o . of Add r esses A l lo wed [...]

  • Страница 449

    Security Denial of Ser vice Preven tion 360 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 D enial of S er vic e Prevention A Denial of Ser vice (DoS) at tack is a hack er at tempt t o make a dev ice unavailable to i t s u s e rs . DoS attacks s aturat e the device with ext ernal communicat[...]

  • Страница 450

    Secu r ity Denial of S er vice Preven tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 361 18 • Mar tian Address es —Mar tian address es are illegal from the point of view of the IP prot oc ol. See Ma r t ia n A d dr esses f or more details. • ICMP Attack —Sending malformed ICMP pa[...]

  • Страница 451

    Security Denial of Ser vice Preven tion 362 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Pr event T CP co nnections from a specific interface (SYN F i lt ering page) and rate limit the packets (S YN Rate Pr ot ection page) • Configure the blocking of cer tain ICMP packets (ICMP F il[...]

  • Страница 452

    Secu r ity Denial of S er vice Preven tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 363 18 STEP 1 Click Secu r i ty > Deni al of Ser vic e Prevention > Se curit y Suite Set tings . The Sec u r i ty S ui te Se t tin gs displays. CPU Protection Me chanism: Enable d indicat es that S[...]

  • Страница 453

    Security Denial of Ser vice Preven tion 364 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 SYN Protection The network por ts might be use d by hackers t o attack the devic e in a S YN attack , which consume s T CP resources (buf f ers ) and CPU power . Since the CPU is prot e ct ed using SC[...]

  • Страница 454

    Secu r ity Denial of S er vice Preven tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 365 18 • Current Status —Int erface status . The pos sible values are: - Nor m al —No attack was ident ified on this inter face. - Blo cke d — T raff ic is not f or warded on this inter face. - A[...]

  • Страница 455

    Security Denial of Ser vice Preven tion 366 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 STEP 3 T o add a Mar tian addres s click Add . STEP 4 En te r t h e p a r a me te r s . • IP V ersion —Indicates the suppor ted IP version. Curr ently , supp or t is only o f fe r e d fo r I P v4 [...]

  • Страница 456

    Secu r ity Denial of S er vice Preven tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 367 18 - Us e r De f i ne d —Enter a port number . - All Por ts —S elect to indicat e that all por ts are filt ered. STEP 4 Click Apply . The S YN filt er is defined, and the Running C onfiguration f[...]

  • Страница 457

    Security Denial of Ser vice Preven tion 368 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 STEP 4 Click Apply . The S YN rat e pr ot ection is define d, and the Running C onfiguration is updated. ICMP Filtering The ICMP Filt ering page enables the blo cking of ICMP pack ets from cert ain so[...]

  • Страница 458

    Secu r ity DHCP Sno oping Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 369 18 • Interfac e —Sele ct the interface on which the IP fragmentation is being defined. • IP Addres s —Enter an IP network from which the fragment ed IP packets is filt ered or select All Addres s es to bl ock[...]

  • Страница 459

    Security IP S ource Guard 370 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • DHCP Snooping must b e globally enabled in order t o enable IP Source Guard on an int er face. • IP source guard can be active on an int er face only if: - DHCP Snooping is enabled on at least one of the por [...]

  • Страница 460

    Secu r ity IP S ource Guard Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 371 18 C onfiguring IP Sourc e Guard W ork Flow T o c onfigure IP Sour ce Guard: STEP 1 Enable DHCP Snooping in the IP Configurat ion > DHCP > Pr oper ties page or in the Securit y > DHCP Snooping > Proper [...]

  • Страница 461

    Security IP S ource Guard 372 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 STEP 1 Click Sec ur i ty > IP Sourc e Guard > Interface S et tings. STEP 2 Sele ct por t /L AG from the Fil t er field and click Go . The por ts/LAGs on this unit ar e display ed along with the f ollowing: ?[...]

  • Страница 462

    Secu r ity ARP Inspe ction Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 373 18 The entries in the Binding datab ase are displa yed: • VL AN ID — VLAN on which packet is e xpected. • MAC Addr es s— MAC a ddr ess to be mat ched. • IP Address— IP addr es s t o be matched. • Inter[...]

  • Страница 463

    Security ARP Inspection 374 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 The f ollowing shows an example of ARP cache poisoning. ARP Cache Pois oning Hosts A , B, and C are connected to the swit ch on int er faces A , B and C, all of which ar e on the same subnet . Their IP , MAC addr ess[...]

  • Страница 464

    Secu r ity ARP Inspe ction Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 375 18 • T rusted — Packets ar e not inspected. • Untrusted — Packets ar e insp ected as describe d above. ARP inspec tion is per f ormed only on untrust ed interfac es . ARP pack ets that ar e r eceived on the [...]

  • Страница 465

    Security ARP Inspection 376 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 Interaction B et ween ARP Insp ect i o n a n d D H C P S n oo p i ng If DHCP Snooping is enabled, ARP Insp ection us es the DHCP Snooping Binding database in add ition t o the ARP acce ss c ontro l rules . If DHCP Sn[...]

  • Страница 466

    Secu r ity ARP Inspe ction Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 377 18 STEP 1 Click Securi ty > ARP Inspection > Proper ties . Enter the f ollowing fields : • ARP Insp ec tion Status — Select to enable ARP Inspe ction. • ARP P ack et V alidation— Select to enable the f[...]

  • Страница 467

    Security ARP Inspection 378 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 STEP 3 Sel ect Tr u s t e d or Untrusted and click Apply t o save the set tings to the Running Configurat ion file. Def i ni n g A R P I n spect io n Access Con tr ol T o add entries to the ARP Inspection table: STEP[...]

  • Страница 468

    Secu r ity F irst Hop Se curit y Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 379 18 D efining ARP Insp e ction VL AN S et tings T o enable ARP Inspe ction on VLANs and as sociate Acce ss Control Gr oups with a VL AN: STEP 1 Click Securi ty > ARP Inspection > VL AN Set tings . STEP 2 [...]

  • Страница 469

    Security Fir st H o p S ec u ri t y 380 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18[...]

  • Страница 470

    19 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 381 S e curit y : 802. 1 X Authentic a tion This section de scribe s 802. 1 X authentication. It covers the f ollowin g t opics: • O ver view of 802. 1 X • Authenticator Ov er view • Common T asks • 802. 1 X C onfiguration Through the [...]

  • Страница 471

    Security: 802.1X Authentication Over view o f 802. 1 X 382 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 This is described in the figur e b elow: A network devic e can be either a client / s upplicant , authen ticat or or both per p or t . Client or Supplicant A client or supplicant is a n[...]

  • Страница 472

    Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 383 19 See Por t Ho st Mo des f or more inf ormation. The f ollowing aut hentication methods are suppor ted: • 802. 1 x-based —Suppor ted in all authentication modes . • MAC-b[...]

  • Страница 473

    Security: 802.1X Authentication Authen tica tor Over view 384 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 • f orce-unauthorized Port authentication is dis abled and the p or t transmits all traf fic via the guest VLAN and unauthenticated VL ANs . F or mor e inf ormation s ee D efining [...]

  • Страница 474

    Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 385 19 When a por t is unauthorized and a gue st VL AN is enabled, untagged traf fic is remapped to the guest VLAN. T agge d traffic is dropped unle ss it b elongs t o the guest VL [...]

  • Страница 475

    Security: 802.1X Authentication Authen tica tor Over view 386 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 - SG500X G Multiple Authenti c a tion Methods If mor e than one authentication method is enabled on the switch, the f ollowing hierarch y of authentication methods is applied: • 80[...]

  • Страница 476

    Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 387 19 This is descr ibed in the following: Figur e 1 802. 1 x-B as e d Authentication MAC-Bas e d Authentication MAC-based authentication is an alternativ e t o 802. 1 X authentica[...]

  • Страница 477

    Security: 802.1X Authentication Authen tica tor Over view 388 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 WEB -B as e d Authentication WEB-b ased authentication is us ed to authe nticate end users who r equest ac ces s to a network through a swit ch. It enable s clients dir ectly conne c[...]

  • Страница 478

    Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 389 19 After authent ication is complet ed, the switch f or wards all tra ffic arriving fr om the client on the por t , as shown in the figure below . Figur e 3 WEB -B ase d Authent[...]

  • Страница 479

    Security: 802.1X Authentication Authen tica tor Over view 390 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 NOTE • When web-bas ed authenticati on is not suppor t ed, guest VLAN and D V A cannot be configured in multi-s ess ion mode. • When web -base d authentication is suppor ted, gue[...]

  • Страница 480

    Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 391 19 Ho st Mode s with Gue st VL AN The host mo des work with gue st VLAN in the f ollowing wa y : • Single-Host and Mult i-Host Mode Untagged traf fic and tagged traffic b elon[...]

  • Страница 481

    Security: 802.1X Authentication Authen tica tor Over view 392 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 F or a device to be authenticat ed and authorized at a por t which is D V A-enabled: • The R ADIUS se r ver must authenticat e the device and dynamically as sign a VLAN to the devi[...]

  • Страница 482

    Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 393 19 Viola tion Mo de In single-host mode you can c onfigur e the action to be taken when an unauthorized host on authorized por t at t empts t o acce ss the inter face. This is d[...]

  • Страница 483

    Security: 802.1X Authentication Common T asks 394 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 C ommon T asks W ork flow 1 : T o enable 802. 1 x authentication on a p or t: STEP 1 Click Securit y > 802. 1 X /MAC/Web A u thentication > Pr oper ties . STEP 2 Enable P ort-based Authent[...]

  • Страница 484

    Se curit y : 802. 1 X Authentic a tion Comm on T asks Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 395 19 STEP 4 Click Apply , and the Running Configuration file is updated. Use the Copy Settings button t o copy settings from one port to another . W ork flow 4: T o configure the quiet p eri[...]

  • Страница 485

    Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 396 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 802. 1 X C onfigura tion Thr ough the GUI D efining 802. 1 X Prop er tie s The 802. 1 X Pr oper ties page is used to globally enable 802. 1 X and define how por ts are [...]

  • Страница 486

    Se curit y : 802. 1 X Authentic a tion 802. 1 X C on figur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 397 19 - If the por t state changes from Authorized to Not A ut h o ri z e d , the por t is added to th e guest VL AN only aft er the Gue s t VL A N time out has e[...]

  • Страница 487

    Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 398 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 STEP 1 Click Sec ur i ty > 802. 1 X /MAC/ W eb Authentication > Por t Authentication . This page displays authentication settings f or all por ts . STEP 2 Select [...]

  • Страница 488

    Se curit y : 802. 1 X Authentic a tion 802. 1 X C on figur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 399 19 After an authentication failur e, and if guest VL AN is activated globally on a given por t , the guest VL AN is automatically assigned to the unauthorized [...]

  • Страница 489

    Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 400 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 • Maximum WBA Login A t tempts —A vail able only in La yer 2 swit ch mode. Ent er the maximum number of login attempts allowed on the interface. Sele ct either Infi[...]

  • Страница 490

    Se curit y : 802. 1 X Authentic a tion 802. 1 X C on figur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 401 19 T o define 802. 1X advanced set tings f or p ort s: STEP 1 Click Secu r i ty > 802. 1 X /MAC/ W eb Authentication > Ho st and Se s sion Authentication[...]

  • Страница 491

    Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 402 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 Viewing Authenticated Ho sts T o view details about authenticat ed users : STEP 1 Click Sec ur i ty > 802. 1 X /MAC/ W eb Authentication > Authenticated Ho sts . [...]

  • Страница 492

    Se curit y : 802. 1 X Authentic a tion 802. 1 X C on figur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 403 19 W eb Authentication Customiza tion This page enables designing web-b ased authentication page s in various languages . Y ou can add up to 4 languages. NOTE [...]

  • Страница 493

    Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 404 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 T o cust omize the web-authentication pages : STEP 1 Click Sec ur i ty > 802. 1 X /MAC / W eb Authentication > Web Authen tication Customization. This page displa[...]

  • Страница 494

    Se curit y : 802. 1 X Authentic a tion 802. 1 X C on figur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 405 19 - Non e —No logo. - Default —Use the default logo. - Other —Selec t t o ent er a customiz ed logo. If the Ot h er logo option is selected, the f ollow[...]

  • Страница 495

    Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 406 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 • Language Dropdown L ab el —Ent er the label of the language selection dropdown. • Login But ton L abel —Enter the label of the login but ton. • Login Pro gr[...]

  • Страница 496

    Se curit y : 802. 1 X Authentic a tion Defining T ime R ange s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 407 19 STEP 15 Enter the Su ccess M essag e , which is the te xt that will b e displayed if the end user succe ssfully lo gs in. STEP 16 Cli ck Apply and the set tings ar e saved t o [...]

  • Страница 497

    Security: 802.1X Authentication Authenti ca tion Me thod and Port Mo de Suppor t 408 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 Mo de B ehavior The f ollowing table de scrib es how authenticated and non-authenticated traffic is handled in vari ous situations . Unauthenticated Tra f fic [...]

  • Страница 498

    Se curit y : 802. 1 X Authentic a tion Authent ica tion Me thod and Port Mo de Suppor t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 409 19 Fu l l multi- sessi o n s Frames are re-mapped to the guest VLAN Frames are re- mapped to the guest VLAN unless they belongs to the unauthent icated VL[...]

  • Страница 499

    Security: 802.1X Authentication Authenti ca tion Me thod and Port Mo de Suppor t 410 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19[...]

  • Страница 500

    20 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 410 S e curit y : IP V6 F irst Hop S e curit y This se ction describ es how First Hop Se curity (FHS) works and how t o configure it in the GUI. It covers the f ollowin g t opics: • First Hop Securit y Over view • Router Adver tisement Gua[...]

  • Страница 501

    Se curit y : IPV6 First Hop S ecurit y F irst Hop Se curit y Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 411 20 F irst Hop S e curit y O ver view IP v6 FHS is a suit e of f eatures designe d t o secure link operations in an IP v6 - enabled net work . It is base d on the Neighbor [...]

  • Страница 502

    Security: IPV6 First Hop Security Fi rst Hop Se curit y Over view 412 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 IP v 6 First Hop Se curit y Comp onents IP v6 First Hop Securit y includes the following f eatures: • IP v6 First Hop Securit y Common • RA G u a r d • ND Inspec tion ?[...]

  • Страница 503

    Se curit y : IPV6 First Hop S ecurit y F irst Hop Se curit y Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 413 20 • Neighbor Solicitation (NS) me ss ages • ICMP v6 Redirect message s • Cer tification P ath Adver tisement (CP A) me s sages • Cer tifica tion Path Solicitation[...]

  • Страница 504

    Security: IPV6 First Hop Security Fi rst Hop Se curit y Over view 414 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 IP v 6 First Hop Se curit y Perimeter IP v6 First Hop Securit y switches can f orm a per imet er separating untrusted area from trust ed ar ea. All switches inside the perime[...]

  • Страница 505

    Se curit y : IPV6 First Hop S ecurit y Rout er Adver tisement Guar d Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 415 20 The device-r ole command in the Neighbor Bi nding policy configur ation screen specifie s the perimeter . Each IP v6 Firs t Hop Se curity switch establishes binding for n[...]

  • Страница 506

    Security: IPV6 First Hop Security DHCPv 6 Guard 416 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 • V alidation of received Neighbor Dis cover y prot ocol mes sage s. • Egress filtering Me ss age V alidation ND Inspection validates the Neighbor Dis cover y prot o col mes sage s, b ased[...]

  • Страница 507

    Se curit y : IPV6 First Hop S ecurit y Neighbor Binding In t egrit y Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 417 20 Neighb or Binding Integrit y Neighbor Binding (NB) Int egrit y establishe s binding of neighbors . A separate, independent instance of NB Integrity runs on each VLAN on w[...]

  • Страница 508

    Security: IPV6 First Hop Security Neighb or Binding In tegrit y 418 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 NBI-NDP metho d The NBI-NDP method us ed is bas ed on the FCFS- SA VI method spe cified in RFC6620 , with the f ollowing dif f erences : • Unlike F CFS-SA VI, which supp or t[...]

  • Страница 509

    Se curit y : IPV6 First Hop S ecurit y A ttack Pro tecti on Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 419 20 NBI-NDP suppor ts a lif etime timer . A value of the timer is configurable in the Neighbor Binding Settings page. The timer is r estar ted each time that the bound IP v6 addr es s[...]

  • Страница 510

    Security: IPV6 First Hop Security At t ac k Prot e cti o n 420 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 • A Neighbor Advertis ement (NA) mes sage is dropped if the target IP v6 address is bound with another int er face. Protection against IP v 6 Duplication Addre ss D ete ction Sp o[...]

  • Страница 511

    Se curit y : IPV6 First Hop S ecurit y Pol ic i e s, Gl ob al Pa ra mete r s a n d S y stem D efa ul t s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 421 20 A malicious host could send IP v6 me ss ag es with a differ ent destination IP v6 addr es s f or the last hop fo r war ding, causing o[...]

  • Страница 512

    Security: IPV6 First Hop Security Common T asks 422 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 When a user -defined p olicy is attache d to an interface, the default policy f or that int er face is detached. If the user - define policy is detache d from the int erface, the default polic[...]

  • Страница 513

    Se curit y : IPV6 First Hop S ecurit y Comm on T asks Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 423 20 STEP 3 If required, either configur e a user -defined p olicy or add rules to the def ault p o l i c i e s fo r t h e fe a t u re . STEP 4 Attach the po licy t o a VLAN, p or t or LAG u[...]

  • Страница 514

    Security: IPV6 First Hop Security Default Settings and C onfigur a tion 424 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 STEP 3 If requir ed, either configure a user -defin ed policy or add rules to the default p o l i c i e s for t h e fe a t u r e . STEP 4 A ttach the p olicy t o a VLAN[...]

  • Страница 515

    Se curit y : IPV6 First Hop S ecurit y Be f ore Y ou St art Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 425 20 B e for e Y ou Star t No preliminar y tasks are r equired. C onfiguring F irst Hop Se curit y thr ough W eb GUI FHS C ommon S et tings Use the FHS Set tings page to enable the FHS[...]

  • Страница 516

    Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 426 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 RA Gu a r d Se tti n gs Use the R A Guard Settings page to enable the R A Guard f eature o n a specifie d group of VLANs and to set the global configurati[...]

  • Страница 517

    Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 427 20 • Other C onfiguration Flag — This field specifie s verification of the adver tised O ther Configuration flag within an IP v6 R A Guard policy .[...]

  • Страница 518

    Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 428 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 T o cr eat e an R A Guard policy or to configur e the system-defined def ault policies , click Add and ent er the ab ove paramet ers. If requir ed, click [...]

  • Страница 519

    Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 429 20 • Dev ice R ole —S elect either Ser v er or Clien t t o specify the role of the device attache d to the port f or DHCP v6 Guard. - I nheri ted ?[...]

  • Страница 520

    Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 430 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 T o configure ND Inspection on p or ts or LAGs : STEP 1 Click Sec ur i ty > F irst Hop Se curit y > ND Insp e ction S et tings . STEP 2 Ent er the f[...]

  • Страница 521

    Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 431 20 STEP 5 If required, click either At t ac h Po l i c y to V L AN or Att ach Policy to Interface . Neighb or Binding S et tings The Neighbor Binding t[...]

  • Страница 522

    Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 432 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 STEP 4 Enter the f oll owing fiel ds: • Policy Name —Enter a user -defined p olicy name. • Dev ice R o l e —Select either Serve r or Client t o sp[...]

  • Страница 523

    Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 433 20 Policy Att achment (Por t) T o at tach a policy to one or more por ts or L AGs: STEP 1 Click Secu r i ty > F irst Hop Se curit y > Policy Att [...]

  • Страница 524

    Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 434 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 FHS Status T o displa y the global configuration f or the FHS f eatures: STEP 1 Click Sec ur i ty > F irst Hop Se curit y > FHS St a tus. STEP 2 Sel[...]

  • Страница 525

    Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 435 20 - Device Role: —ND Inspe ction device role. - Dro p Un s e cu re : —Are unsecure mes sages dropped. - Mi ni m al S e c u ri t y Leve l : —If u[...]

  • Страница 526

    Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 436 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 FHS Statistics T o displa y FHS statistics : STEP 1 Click Sec ur i ty > F irst Hop Se curit y > FHS St a tistics: STEP 2 The f ollowing fields are d[...]

  • Страница 527

    Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 437 20[...]

  • Страница 528

    22 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 457 S e curit y : S SH Client This section de scrib es the device when it functions as a n SS H client . It covers the f ollowin g t opics: • Se cure Copy (S CP) and S SH • Protection Metho ds • SSH S er ver Authentic a tion • SSH Clie[...]

  • Страница 529

    Secu r i ty: SSH C li e n t Pr o t ec tio n Me th ods Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 458 22 When files are downloaded via TF TP or HTTP , the data transf er is unsecured. When files are downloaded via S CP , the inf ormation is downloade d fr om the SCP ser ver t o the device [...]

  • Страница 530

    Security: SSH Client Pro te c tion Me thods 459 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 22 The username/password must then be cre ated on the device. When data is transf erred from the ser v er to the devi ce, the username/pas sword supplied by the device must match the username/pas swo[...]

  • Страница 531

    Secu r i ty: SSH C li e n t SSH S er ver Authentica tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 460 22 When a privat e k ey is crea ted on a dev ice, it is also pos sible to cr eat e an as sociated passph rase . This passphras e is used to encr ypt the private k ey and t o impor t it [...]

  • Страница 532

    Security: SSH Client SSH Client Authen tica tion 461 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 22 S SH Client Authen tic a tion SS H client authentication by password is enabled by default , with the username/ password being “anon ymous ”. The user must configure the f ollowi ng inf o[...]

  • Страница 533

    Secu r i ty: SSH C li e n t Be f ore Y ou Begin Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 462 22 Be f o r e Y o u Beg i n The f ollowing actions must b e per f ormed bef ore using the SCP f eature : • When using the password a uthentication m ethod, a username/password must be s et up [...]

  • Страница 534

    Security: SSH Client SSH Client Configur a tion Thr ough the GUI 463 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 22 STEP 4 If the public/privat e k ey method is being used, per f orm the f ollowing steps: a. Select whether to use an RS A or DS A k ey , cr eat e a username and then generate [...]

  • Страница 535

    Secu r i ty: SSH C li e n t SSH Client Configur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 464 22 S SH User Authentic a tion Use this page to select an SS H user au thentication method, set a username and password on the device, if the password method is selected o[...]

  • Страница 536

    Security: SSH Client SSH Client Configur a tion Thr ough the GUI 465 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 22 • Generate —Generate a ne w ke y . • Edit —Displa y the k eys f or copying/pasting to another device. • Del et e —Delete the k ey . • Det ai ls —Display the k [...]

  • Страница 537

    Secu r i ty: SSH C li e n t SSH Client Configur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 466 22 - Link L o cal — The IP v6 addres s uniquely identifies hosts on a single network l ink . A link lo cal address has a prefix of FE80 , is not r outable, and can be u[...]

  • Страница 538

    Security: SSH Client SSH Client Configur a tion Thr ough the GUI 467 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 22 - Gl ob al — The IP v6 addres s is a global Unicast IPV 6 t ype that is visible and reachable from other netw orks. • Link Loc al Inter face —Select the link lo cal inte[...]

  • Страница 539

    21 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 438 S e curit y : S e cure S ensitive Da ta Man agement Secure Sensitive Data (SS D) is an archit ecture that facilitat es the prot e ction of sensitive data on a dev ice, such as passwo rds and k e ys. The facility makes use of passphras es ,[...]

  • Страница 540

    Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t SSD R u les Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 439 21 SSD gr ants read permission to sensitive data on ly to authenticated and authorized users, and according to SSD rules. A device aut henticate s and authorizes manageme[...]

  • Страница 541

    Security: Secure Sensitive Data Ma nagement SSD R u les 440 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 NOTE A device may not suppor t all the channels defined by SS D . Elements of an SSD Rule An SS D rule includes the f ollowing elements: • User t ype— The us er typ es suppor ted i[...]

  • Страница 542

    Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t SSD R u les Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 441 21 - (Higher) Plain text On ly —Us ers are permitted to acc es s sensitive data in plainte x t only . Users will als o ha ve r e ad and writ e permission to SS D parame[...]

  • Страница 543

    Security: Secure Sensitive Data Ma nagement SSD R u les 442 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 NOTE Not e the f ollowing : • The default Read mode f or the Secure XML SNMP and Inse cure XML SNMP management channe ls must be identical t o their r ead permission. • Read permis[...]

  • Страница 544

    Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t SSD R u les Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 443 21 is recommended that the user authentication proce ss on a device is se cured. T o secure the user authentication proces s, you can use the local authentication databas[...]

  • Страница 545

    Security: Secure Sensitive Data Ma nagement SSD Proper tie s 444 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 SSD D efault Re ad Mode S e ssion O verride The syst em contains sensitive data in a se ssion, as either encr ypted or plaint e xt , based on the read permis sion and the def ault[...]

  • Страница 546

    Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t SSD Proper tie s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 445 21 • Character Clas ses — The pas sphrase must hav e at least one upper case charact er , one lower cas e character , one numeric charact er , and one sp ecial c[...]

  • Страница 547

    Security: Secure Sensitive Data Ma nagement SSD Proper tie s 446 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 • Unrestrict ed (default)— The devic e includes its pas sphrase when creating a configuration file. This enables any de vice accepting the configuration file to learn the pass[...]

  • Страница 548

    Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t Configur a tion Files Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 447 21 Re ad Mode Each ses sion has a Read mode. This determines how sensi tive data appears. The Read mode can be either Plai nte x t , in which case sensitive dat[...]

  • Страница 549

    Security: Secure Sensitive Data Ma nagement Configur a tion Files 448 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 The SS D indicator in a file is set acc ording t o the user ’ s instruction, during copy , to include encr ypted, plainte x t or ex clude sensitive data fr om a file. SS D [...]

  • Страница 550

    Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t Configur a tion Files Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 449 21 • If ther e is an SS D control block in the s ource configuration file and the file fails the SS D int egrit y check , and/ or file integrity che ck , the [...]

  • Страница 551

    Security: Secure Sensitive Data Ma nagement Configur a tion Files 450 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 • Configurat ion commands with encr ypted sensitive data, that ar e encr ypted with the k ey generat ed from the local passphras e, are configured into the Running Configur[...]

  • Страница 552

    Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t Configur a tion Files Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 451 21 Sensitive Data Zero- T ouch Auto Configuration SS D Z er o-touch A ut o Configuration is the auto configuration of target devices with encr ypted sensitive d[...]

  • Страница 553

    Security: Secure Sensitive Data Ma nagement SSD Ma n a g em en t C ha nn e l s 452 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 S SD Management Channels Device s can be managed over management channels such as telnet, S S H, and web. SS D categories the channels into the f ollowing t ypes[...]

  • Страница 554

    Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t Configuring SSD Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 453 21 Passwor d recover y is curr ently activated fr om the bo ot menu and allows the user t o log on to the t erminal without authentication. If SS D is suppor ted, thi[...]

  • Страница 555

    Security: Secure Sensitive Data Ma nagement Configuring SSD 454 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 • User D efine d (Plain tex t) —Ent er a new passphras e. • Con fir m P a ss ph r a se —Confirm the new pas sphrase. SS D R u les Only users with SS D read permission of Pl[...]

  • Страница 556

    Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t Configuring SSD Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 455 21 • Read Permis sion— The read permissions ass ociated with the rule. These can be the f ollowing: - Exclude —Lowest r ead permis sion. Users are not permit te[...]

  • Страница 557

    Security: Secure Sensitive Data Ma nagement Configuring SSD 456 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21[...]

  • Страница 558

    23 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 468 S e curit y : S SH S er ver This section de scribe s how to establish an S SH s es sion on the device. It covers the f ollowin g t opics: • O ver view • Common T asks • SSH Se rve r Co n f ig u r a tio n Pa g es O ver view The SS H S[...]

  • Страница 559

    Security: SSH Server Common T asks 469 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 23 C ommon T asks This se ction describ es so me common tasks per f ormed using the S SH S er ver fe a t u re . W ork flow 1 : T o lo gon to the device o ver S S H using the device ’s automatica lly-created[...]

  • Страница 560

    Secu r i ty: SSH Se rver SSH Se rver Co n fig u r a ti o n P ages Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 470 23 S SH S er ver C onfigura tion Page s This section de scribe s the pages used to configure the SS H Se rve r fe a t u re . S SH User Authentic a tion Use the S SH User Authen[...]

  • Страница 561

    Security: SSH Server SSH S er ver Configura tion Pages 471 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 23 • SSH Us er Authentic a tion by Public K ey —Sele ct to perform authentication of the SS H client user using the public key . • Automatic Login — This field can be enabled if th[...]

  • Страница 562

    Secu r i ty: SSH Se rver SSH Se rver Co n fig u r a ti o n P ages Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 472 23 • Edit —Enables you to copy in a k ey fr om another device. • Del e t e —Enables you t o delet e a k ey . • De tails —Enable s you t o view the generat e d ke y [...]

  • Страница 563

    Security: SSH Server SSH S er ver Configura tion Pages 473 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 23[...]

  • Страница 564

    24 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 474 Access Co n tr o l The Acce ss C ontr ol List (ACL ) f eature is part of the se curity me chanism. ACL definitions ser ve as one of the mechanisms to define tra ffic f lows that ar e given a specific Quality of Ser vice (QoS). For mor e in[...]

  • Страница 565

    Access Control Acces s Co n t r ol L is ts 475 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 When a pack et mat ches an ACE filt er , the ACE action is tak en and that A CL proces sing is st opped. If the packet does not mat ch the ACE filt er , the next ACE is pr oces sed . If a ll A CE s[...]

  • Страница 566

    Acce ss Cont ro l De fin i ng M AC - ba sed A CL s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 476 24 Crea ting A CLs Work flow T o creat e ACLs and asso ciat e them with an int er face, per f orm the f ollowing : 1 . Create one or more of the f ollowing typ es of ACLs: a. MAC-base d ACL b[...]

  • Страница 567

    Access Control De f i ni n g MA C - ba sed A C L s 477 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 MAC-base d ACLs ar e defined in the MAC Bas ed ACL page. The rule s are defined in the MAC Base d ACE page . T o define a MAC- based ACL: STEP 1 Click A ccess Co nt r ol > MA C-B ase d A[...]

  • Страница 568

    Acce ss Cont ro l De fin i ng M AC - ba sed A CL s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 478 24 • Time Range —Sele ct to enable limiting the use of the ACL t o a specific time range. • Time Range Name —If T ime Range is sele ct ed, sele ct the time range to be used. T ime ran[...]

  • Страница 569

    Access Control IPv4-bas ed ACLs 479 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 IP v4-b as e d A CL s IP v 4-b ase d ACLs ar e used to check IPv4 pack ets, while other t ype s of frames, such as ARPs, are not checked. The f ollowing fields can b e matched: • IP pr otocol (by name f or [...]

  • Страница 570

    Acce ss Cont ro l IPv4-b ase d A CLs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 480 24 Adding Rule s (ACEs) to an IP v4-B ase d ACL NOTE Each IPv 4-base d rule consumes one TC AM rule. Not e that the T CAM allocation is per f ormed in couples , such that , f or the first ACE, 2 T C AM rul[...]

  • Страница 571

    Access Control IPv4-bas ed ACLs 481 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 - EGP —Ex terior Gatewa y Prot oc ol - IGP —Int erior Gat eway Prot o col - UDP —User Datagram Prot ocol - HMP —Host Mapping Prot oc ol - RDP —Reliable Datagram Pr otocol. - IDPR —Inter -Domain Po[...]

  • Страница 572

    Acce ss Cont ro l IPv4-b ase d A CLs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 482 24 • Sou rce I P Wi ldca rd M as k —Enter the mask to define a range of IP addresse s . Not e that this mask is diff er ent than in other uses, such as subnet mask . Here, set ting a bit as 1 indicates[...]

  • Страница 573

    Access Control IPv 6-B ase d A CLs 483 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 - D S CP to M a tc h —D i f feren t ia te d S e r ve s C o d e Po i nt (D S CP ) to m atc h - IP Precedence t o m at c h —IP precedenc e is a model of T OS (t ype of ser vic e) that the network uses to[...]

  • Страница 574

    Acce ss Cont ro l IPv6 -B ase d ACLs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 484 24 NOTE AC Ls are also used as the building elemen ts of flow definitions f or per -flow QoS handling (see QoS Ad va n ced M o de ). Defining an IP v 6 -bas ed A CL T o define an IP v6 -based ACL: STEP 1 C[...]

  • Страница 575

    Access Control IPv 6-B ase d A CLs 485 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 • Time Range —Select to enable limiting the use of the ACL to a specific time range. • Time Range Name —If T ime Range is sele cted, select the time range t o be use d. T i me ranges ar e describ e[...]

  • Страница 576

    Acce ss Cont ro l IPv6 -B ase d ACLs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 486 24 - Range —Sele ct a range of T CP /UDP source por ts to which the packet is matched. • Dest in a tio n P ort —S elect one of the a vailable values . ( They are the same as f or the Source Port fiel[...]

  • Страница 577

    Access Control Defining ACL Bin ding 487 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 D efining ACL Binding When an ACL is bound to an interface ( por t , L AG or VL AN), its ACE rules are applied to pack ets arriving at tha t interface. Pack ets that do not match an y of the ACEs in the [...]

  • Страница 578

    Acce ss Cont ro l Defining ACL B inding Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 488 24 • De fault Action —Select one of the f ollowing options: - Den y An y —If pack et does not match an ACL, it is denied (dropped) . - Permit An y —If pack et does not match an ACL, it is perm i[...]

  • Страница 579

    25 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 489 Qualit y of S er vic e The Quality of Ser vice f eature is applied throughout the network to ensur e that network traf fic is prioritized according t o requir ed criteria and the desi r ed traffi c r eceive s pr ef erential tr eatment . Th[...]

  • Страница 580

    Qualit y of S er vice QoS Fea tures and Comp onents Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 490 25 Q oS Fe a tures and C omp onen ts The QoS f eatur e is used to optimiz e network p er f ormanc e. QoS provides the following : • Classification of incoming traffic to traffic class es ,[...]

  • Страница 581

    Quality of Service QoS Fea tures and Components 491 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 QoS Mod es The QoS mode that is sele ct ed applies to all int er faces in the system. • Ba s ic Mod e—Clas s of Ser vic e (CoS) . All traffic of the s ame class receives the same treatment[...]

  • Страница 582

    Qualit y of S er vice QoS Fea tures and Comp onents Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 492 25 • When disabling Q oS, the shaper and queue set ting (WRR /SP bandwidth setting) ar e r eset t o defa ult valu es. All other user configur ati ons remain intact . Qo S W or kf l o w T o[...]

  • Страница 583

    Quality of Service Configuring QoS - General 493 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 C onfiguring Q oS - General The QoS Propertie s P age contains fields f or setting the QoS mo de f or the system (Basic, Advanc ed, or Disable d, as des cribed in the “QoS Mo de s” sec ti on [...]

  • Страница 584

    Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 494 25 STEP 2 Click Apply . The interface default CoS value is saved t o Running C onfiguration file. Configuring Q oS Queue s The device suppor ts either 4 or 8 queues f or each int erface (selecte[...]

  • Страница 585

    Quality of Service Configuring QoS - General 495 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 T o select the priorit y method and enter WRR data. STEP 1 Click Qualit y of Ser vice > General > Queue . STEP 2 En te r t h e p a r a me te r s . • Queue —Displays the queue number . ?[...]

  • Страница 586

    Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 496 25 The f ollowing table de scribes the default mapping when ther e ar e 8 queues: 11 B e s t E f f o r t 2 2 Excellent Eff or t 3 3 Critical Application - L VS phone SIP 43 V i d e o 5 4 V oic e[...]

  • Страница 587

    Quality of Service Configuring QoS - General 497 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 By changing the CoS/802. 1 p to Queue mapping (CoS/802. 1 p to Queu e) and the Queue schedule metho d and bandwidth alloca tion (Queue page) , it is pos sible to achieve the desired quality of s [...]

  • Страница 588

    Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 498 25 • The device is in Q oS Advanced mo de and the packets belongs t o flows that is DS CP trusted Non-IP pack ets ar e alwa ys classified to the best-eff ort queue.[...]

  • Страница 589

    Quality of Service Configuring QoS - General 499 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 The f ollowing table s des cribe the defaul t DS CP to queue mapping f or a 4-queue system: The f ollowing table s des cribe the defaul t DS CP to queue mapping f or a 8-queue system wher e 7 is [...]

  • Страница 590

    Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 500 25 DSCP 60 52 44 36 28 20 12 4 Queue 6 6 7 5 4321 DSCP 59 51 43 35 27 19 11 3 Queue 6 6 7 5 4321 DSCP 58 50 42 34 26 18 10 2 Queue 6 6 7 5 4321 DSCP 57 49 41 33 25 17 9 1 Queue 6 6 7 5 4321 DSCP[...]

  • Страница 591

    Quality of Service Configuring QoS - General 501 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 The f ollowing table s des cribe the defaul t DS CP to queue mapping f or a 8-queue system w here 8 is highest : To m a p D S C P t o q u e u e s : STEP 1 Click Qualit y of Ser vice > General [...]

  • Страница 592

    Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 502 25 STEP 3 Click Apply . The Running Configuration file is updated. C onfiguring B andwidth The Bandwidth page enable s users to define two values , Ingres s Rate Limit and Egress Shaping Rate, w[...]

  • Страница 593

    Quality of Service Configuring QoS - General 503 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 • Ingres s Commit te d Burst Size (CB S) —Enter the maximum burst size of data f or the ingress inter face in by tes of data. This amount can be sent even if it temporarily incr eases the b a[...]

  • Страница 594

    Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 504 25 This page enables shaping the egress f or up t o eight queues on each interface. STEP 4 Select the Interface . STEP 5 For each queue that is r equired, enter the f ollowing fields : • Enabl[...]

  • Страница 595

    Quality of Service Configuring QoS - General 505 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 T o define the VLAN ingres s rat e limit: STEP 1 Click Qualit y of Ser vice > General > VL AN Ingres s Rate Limit . This page displays the VLAN Ingress Rate Limit T able. STEP 2 Click Add .[...]

  • Страница 596

    Qualit y of S er vice QoS Ba s i c Mod e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 506 25 Qo S Ba s i c M od e In QoS Basic mo de, a specific domain in the net work can be defined as trusted. W ithin that domain, pack ets ar e mark ed with 802. 1 p priorit y and/ or D S CP t o signal the[...]

  • Страница 597

    Quality of Service QoS Ba s i c M od e 507 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 • CoS/802. 1 p — T r affic is mappe d to queues base d on the VPT field in the VLAN tag, or bas ed on the per -por t default CoS/802. 1 p value (if there is no VLAN tag on the inc oming packet), th[...]

  • Страница 598

    Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 508 25 T o e n ter Q o S s e t t i ng s p e r in te r fa c e : STEP 1 Click Qualit y of Ser vic e > Qo S Bas i c Mod e > Interface S et tings . STEP 2 Select Por t or LA G t o displa y the list [...]

  • Страница 599

    Quality of Service QoS A dv a n ced M od e 509 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 • Per flow QoS ar e applied t o flows by binding the policies to the desir ed ports. A po lic y a nd it s c lass maps ca n be bou nd t o o ne or mor e ports, bu t each por t is bound with at mo s[...]

  • Страница 600

    Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 510 25 4. Creat e a policy using the P olicy T able page, and as sociate the policy with one or mor e class map s using the P olicy Cl ass Map page. Y ou can also spe cify the QoS, if ne eded , by ass[...]

  • Страница 601

    Quality of Service QoS A dv a n ced M od e 511 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 In QoS A dv anced Mod e , when the Default Mode Status is set to Not T rust ed, the default CoS values configured on the inter face is ignor ed and all the traf fic goes to queue 1 . See the Qualit[...]

  • Страница 602

    Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 512 25 F or e xample: A ssume that there ar e three levels of servic e: Silver , Gold, and Platinum and the DS CP incoming values us ed to mark these levels are 10 , 20 , and 30 respectively . If this[...]

  • Страница 603

    Quality of Service QoS A dv a n ced M od e 513 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 T o define a Class Map : STEP 1 Click Qualit y of Ser vice > Qo S A d va n ced M ode > Clas s Mapping . This page displays the alr eady-defined class maps . STEP 2 Click Add . A new clas s ma[...]

  • Страница 604

    Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 514 25 This can be done by using the ACLs in the class map (s ) t o match the desired traffic, and by using a p olicer to apply the QoS on the mat ching traffic. A policer is configured with a QoS spe[...]

  • Страница 605

    Quality of Service QoS A dv a n ced M od e 515 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 D efining Aggre ga te Policers An aggregat e policer applie s the QoS to one or mor e class maps , theref ore one or more flows. An aggregation polic er can su ppor t class map s from diff erent po[...]

  • Страница 606

    Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 516 25 C onfiguring a Policy The Policy T able Map page displays the li st of advanced Q oS polices define d in the syst em. The page also allows you t o cr eate and delete police s. Only thos e polic[...]

  • Страница 607

    Quality of Service QoS A dv a n ced M od e 517 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 STEP 3 T o add a new class map, click Add . STEP 4 En te r t h e p a r a me te r s . • Policy Name —Displays th e policy to which the class map is being added. • Class Map Name —Select an e[...]

  • Страница 608

    Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 518 25 If Polic e Typ e is Single , enter the f ollowing QoS parameters: • Ingres s Commit te d Information Ra te (CIR) —Ent er the CIR in Kbps. Se e a description of this in the B andwidth page. [...]

  • Страница 609

    Quality of Service Manag ing QoS Sta tisti cs 519 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 • Binding —Sele ct t o bind the policy t o the int er face. • Permit Any —Select to f or ward packets on the int er fac e if they do not mat ch an y policy . NOTE P ermit Any can be defi[...]

  • Страница 610

    Qualit y of S er vice Managing Q oS Sta tis tics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 520 25 • Out-of-Pr ofile By te s —Number of out-pr ofile by t es received. STEP 2 Click Add. STEP 3 Enter the parameters. • Interfac e —Sele ct the interface f or which statistic s are accu[...]

  • Страница 611

    Quality of Service Manag ing QoS Sta tisti cs 521 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 T o view Queues Statistic s: STEP 1 Click Qualit y of Ser vice > QoS S ta tis tics > Queues St atistics . This page displays the f ollowing fields : • Refresh Rate —Sele ct the time pe[...]

  • Страница 612

    Qualit y of S er vice Managing Q oS Sta tis tics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 522 25 - Unit No —Sele cts the unit number . - Por t —Selects the por t on the sele cted unit number f or which statistic s are displa yed. - All Por ts —Sp ecifies that statistic s are displ[...]

  • Страница 613

    Quality of Service Manag ing QoS Sta tisti cs 523 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25[...]

  • Страница 614

    Qualit y of S er vice Managing Q oS Sta tis tics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 524 25[...]

  • Страница 615

    26 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 521 SNMP Thi s sect io n desc ri bes t he Si mp le Netw or k Management Prot ocol (S NMP) f eatur e that pr ovides a method f or managing network device s. It covers the f ollowin g t opics: • SNMP V ersions and Workflow • Model OIDs • S[...]

  • Страница 616

    SNMP SNMP V ersions and Workflow Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 522 26 SNMP v1 and v2 T o c ontro l acces s to the syst em, a list of communit y entries is define d. Each communit y entr y consists of a communit y strin g and its acc es s privilege. The syst em responds only t[...]

  • Страница 617

    SNMP SNMP V ersions and W ork flow 523 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 The f ollowing is the recommende d seri e s of actions f or configuring S NMP : If you decide to use S NMP v 1 or v 2: STEP 1 Na vigate t o the SNMP -> C ommunities page and click Add . The c ommunity c[...]

  • Страница 618

    SNMP Model OIDs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 524 26 STEP 5 Optionally , enable or disable trap s by using the T rap Set tings page. STEP 6 Optionally , define a notification filter( s ) by using the Notification Filt er page. STEP 7 Define a notification recipient(s ) by usi[...]

  • Страница 619

    SNMP SNMP Engine ID 525 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 The private Object IDs are placed under : enterprises( 1).cisc o(9 ).otherEnterprises (6).cis cosb ( 1).swit ch001 ( 101 ). SNMP Engine ID The Engine ID is used by S NMP v3 entiti es to uniquely identify them. An S NMP a[...]

  • Страница 620

    SNMP SNMP Engine ID Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 526 26 T o define the S NMP engine ID : STEP 1 Click SNMP > Engine ID . STEP 2 Cho ose which to use f or Lo c al Engine ID . • Us e D efau lt —Select to use the device-generated engine ID . The default engine ID is bas [...]

  • Страница 621

    SNMP Configuring SNMP V iews 527 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 • Link Loc al Inter face —Select the link local int erface (if IP v6 Address T ype Link L ocal is sele cted) fr om the list . • Serve r IP Add r ess /N a m e— Ent er the IP address or domain name of the [...]

  • Страница 622

    SNMP Crea ting SNMP Groups Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 528 26 - Us e r De f i ne d —Enter an OID not off e r ed in the S elect from list option. STEP 4 Sele ct or des elect Include in view . If this is selected, the sele ct ed MIBs are included in the view , other wise th[...]

  • Страница 623

    SNMP Crea ting SNMP Groups 529 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 • Authentication (Authentication and no privacy) • Authentication and privacy SN MPv3 provides a means of controlling the content each user can read or write and the notifications they r eceive. A group define[...]

  • Страница 624

    SNMP Managing SNMP Us ers Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 530 26 • View —As so ciating a view with the read, write, and notify ac ces s privile ges of the gr oup limits the scope of the MIB tree to which the gr oup has r ead, write, and notify acce ss . - View —Select a p[...]

  • Страница 625

    SNMP Managing SNMP Users 531 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 T o displa y SNMP us ers and define new ones : STEP 1 Click SNMP > Users . This page contains existing users. STEP 2 Click Add. This page provides inf orm ation f or assigning S NMP acc es s control privileges to[...]

  • Страница 626

    SNMP Defining SNMP Communities Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 532 26 • Authentication Password —If authentication is acc omplished by either a MD5 or a SH A password, ent er the local user pas sword in either Encr ypted or Plain te x t . Local user pas swords ar e c ompar [...]

  • Страница 627

    SNMP Defining SNMP Communit ies 533 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 T o define SNMP c ommunities : STEP 1 Click SNMP > Communitie s . This page contains a table of configured SNMP communitie s and their pr oper ties . STEP 2 Click Add. This page enables net work managers t[...]

  • Страница 628

    SNMP De fin i ng T r a p Se tti ngs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 534 26 Read Write—Management acces s is read-writ e. Changes can be made t o the device configuration, but not to the communit y . SNMP A dm in— Use r h as a ccess t o a ll device configuration options , as[...]

  • Страница 629

    SNMP Notifica tion Recipients 535 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 Notific a tion Re cipients T rap mes sage s are generat e d to r ep or t syste m events, as define d in RFC 1215. The system can generate traps defined in the MIB that it supp or ts. T rap receivers (aka Notifi[...]

  • Страница 630

    SNMP Notifi ca tion R ecipients Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 536 26 • T raps IP v4 Sourc e Inter face —Select the s our ce interface whos e IPv6 address wi ll be use d as the source IP v6 addres s in trap mes sa ges f or communication with IP v6 S NMP ser vers . • Info[...]

  • Страница 631

    SNMP Notifica tion Recipients 537 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 • Ret rie s —Enter the number of time s that the device resends an inf orm re qu e st . • Communit y String —Sele ct from the pull-down the communit y string of the trap manager . Communit y String name[...]

  • Страница 632

    SNMP Notifi ca tion R ecipients Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 538 26 STEP 2 Click Add. STEP 3 Enter the parameters. • Ser ver Definition —S elect whether t o specify the remot e log ser ver by IP address or na me. • IP V e rsion —Select either IP v 4 or IP v6. • IP [...]

  • Страница 633

    SNMP SNMP Notifi ca tion Filt ers 539 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 NOTE The Securit y Lev el her e depends on which User Name was sele ct ed. If this User Name was configured as No Authentication, the Se curity Level is No Authentication only . However , if this User Name [...]

  • Страница 634

    SNMP SNMP Notification F ilters Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 540 26 T o define a notification filter : STEP 1 Click SNMP > Notific a tion Filter . The Notification Filt er page contains no tification inf ormation for each filt er . The table is able to filt er notificatio[...]

  • Страница 635

    SNMP SNMP Notifi ca tion Filt ers 541 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26[...]

  • Страница 636

    SNMP SNMP Notification F ilters Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 542 26[...]

  • Страница 637

    SNMP SNMP Notifi ca tion Filt ers 543 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26[...]

  • Страница 638

    © 2012-2013 Cisco Systems, Inc. All rights r eser ved. 78-21349-01 Cisco and the Cisco logo are trademarks or registere d trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a li st of Cisco trademarks, go to this URL: www.cisco.co m/go/trademarks. Thir d-party trademarks me ntioned are t he propert y of their r espe[...]