3Com OfficeConnect 3CDSG10PWR manual

3Com ® Of ficeConnect Managed Gigabit PoE Switch User Guide 3CDSG10PWR www.3Com.com Part Number 10016182 Rev . AA Published July 2007[...]

3Com Corporati on 350 Campus Drive Marlborough, MA 01752-3064 Copyright © 2 007, 3Com Corporation. Al l rights re served . No part of this documen tatio n may be reproduced in any form or by any means or us ed to make any derivative work (such as tran slation, transformation, or adaptation) without w ritten permission fr om 3Com Corporation. 3Com [...]

A BOUT T HIS G UIDE This guide provides information about the Web user interface for the 3Com® OfficeConnect Managed Gigabit PoE Switch. The Web interface is a network management system that allows you to configur e, monitor , and troubleshoot your switch fr om a remote web br owser . The Web interface web pages ar e easy-to -use and easy-to-navig[...]

4 A BOUT T HIS G UIDE ■ Aggregating Ports — Provides informatio n for configuring Link Aggregation which optimizes port us age by linking a group of ports together to form a single LAG. ■ Configuring VLANs — Pr ovides informatio n for configuring VLANs. VLANs are logical subgr oups with a Local Ar ea Network (LAN) which combine user station[...]

Intended Audience 5 Intended Audience This guide is intended for networ k administrators familiar with IT concepts and terminology . If release notes are shipped with your product and the information there differs from the information in this guide, follow th e instructions in the release note s. Most user guides and r elease notes ar e available i[...]

C ONTENTS A BOUT T HIS G UIDE User Guide Overview .......................... ................ ............. ................ .......... 3 Intended Audi ence........... ................ ............. ............. ................ ............. ... 5 Conventions ............. ................ ............. ................ ............. ............[...]

2 U SING THE 3C OM W EB I NTERFACE Starting t he 3Com Web Interfa ce .................... ............. ................ ............ 31 Multi-Session W eb Connections ................. ............ ................. ....... 31 Accessing the 3Com Web Interface .. ................ ............. ............. .... 32 Understand ing the 3Com Web Inter[...]

Viewing ACL Binding ................. ............. ................ ............. .......... 83 Configuring ACL Binding ..................... ............. ............ ................. 84 Removing ACL Binding .............. ................ ............. ............. .......... 85 Enabling Broadcast Sto rm ......... ................ ...........[...]

9 C ONFIGURING IP AND MAC A DDR ESS I NFORMATION Defining IP Addr essing . ............. ................. ............ ............. ......... 126 Configuring ARP Settings .......... ............. ................ ............. ................ ... 127 Viewing ARP Settings ............. ............. ................ ............. ............ 128[...]

Configuring T rust Settings ...... ............. ................ ................ ........ 1 69 Viewing Bandwidth Settings ...... ................ ............. ............. ........ 170 Defining Ba ndwidth Set tings ................ ............. ............ ............... 172 Defining V o ice VLAN ........ ............ ................. .....[...]

A 3C OM N ETWORK M ANAGEMENT 3Com Netw ork Super visor .. ............. ................ ............. ................ .......... 212 3Com Netw ork Director ..... ................ ............. ................ ............. .......... 213 3Com Netw ork Acce ss Manager ............ ............. ................ ............. ...... 213 3Com Ent e[...]

Upgrade .......... ................ ............. ................ ............. ................ .. 233 Initialize ........ ............. ................ ............. ................ ............. ........ 234 Reboot ............ ............. ............. ................ ............. ................ ..... 235 Logout ............. .........[...]

1 G ETTING S TARTED This chapter co ntains introductory information about the 3Com ® Offi ceConnect Managed Gigabit PoE Switch (hereafter call ed the Switch) and how they can be used in your network. It covers summaries of hard ware and softwar e features and also the following topics: ■ About the OfficeConnect Ma nag ed Gigabit PoE Switch ■ F[...]

14 C HAPTER 1: G ETTING S T ARTED About the OfficeConnect Managed Gigabit PoE Switch The OfficeConnect Managed Gigabit Po E Switch is a Gigabit Ether net switching products that delivers fl exible thr ee-speed performance (10/100/1000), Power over Ethernet (P oE) and advanced voice-optimized features such as auto-QoS and auto-voice VLAN. This makes[...]

Front Panel Detail 15 Front Panel Detail Figur e 1 shows the front panel of the OfficeConnect Ma naged Gigabit PoE Switch 10-Po rt unit Figure 1 Of ficeConnect Managed Gigabit PoE Switch 10-Port—front panel. Traffic Prioritization Supported (using the IEEE Std 802.ID, 1998 Edition): Eight traffic queues per port Ethernet, Fast Ethernet, and Gigab[...]

16 C HAPTER 1: G ETTING S T ARTED LED Status Indicators The OfficeConnect Managed Gigabit PoE 10-Port Ethernet switch provides LED indicators on the fr ont panel for your convenience to monitor the switch. Ta b l e 2 describes the mea nings of the LEDs. Ta b l e 2 Description on the LEDs of the Of ficeConnect Managed Gigabit PoE Switch LED Label St[...]

System Specifications 17 System Specifications Ta b l e 3 contains the system specifications of the OfficeConnect Managed Gigabit PoE series switch. Additional specifications can be found in Appendix B “Device Specifications and Featur es” . Ta b l e 3 System specifi cations of the Switch OfficeConnect Managed Gigabit PoE series switch Specific[...]

18 C HAPTER 1: G ETTING S T ARTED Installing the Switch This section contains information that you need to install and set up your 3Com switch. WAR N IN G : Safety Information. Befor e you install or remove any components from the Switch o r carr y out any maintenan ce procedures, you must read the 3Com Switch Family Safety and Regulatory Informati[...]

Setting Up for Management 19 Setting Up for Management T o make full use of the features of fered by your switch, and to change and monitor the way it works, y ou have to access the management software that r esides on the switch . This is k nown as managi ng the switch. Mana ging the switch can help you to improve the effi ciency of the switch and[...]

20 C HAPTER 1: G ETTING S T ARTED Figure 2 W eb Interface Management over the Network Refer to “Setting Up We b In terface Management” on page 27. SNMP Management Y ou can manage a switch using an y network management workstation running the Simple Network Management Protocol (SNMP) as shown in Figur e 3 . For example, you can use th e 3Com Net[...]

Switch Setup Overview 21 Figure 4 Initial Switch Setup and Management Flow Diagram CAUTION T o protect your switch from unauthor ized access, you must change the default password as soo n as possible, even if you do not intend to actively manage your sw itch. F or more information on default users and changing default passwords, see “Default User[...]

22 C HAPTER 1: G ETTING S T ARTED IP Configuration The switch’ s IP configuration is dete rmined automatically using DHCP , or manually using values you assig n. Automatic IP Configuration using DHCP By default the switch tries to configure its IP Information without requesting user intervention. It tries to obt ain an IP address from a DHCP serv[...]

Using the Command Line Interface (CLI) 23 ■ Y our DHCP server does not allow you to allocate static IP addresses. (Static IP addresses ar e necessary to ensure that the switch is always allocated the same IP information.) For most installations, 3Com recommends that you configure th e switch IP information manually . This ma kes management simple[...]

24 C HAPTER 1: G ETTING S T ARTED Connecting the W orkstat ion to the Switch 1 Connect the workstation to the console port using the co nsole cable as shown in Figure 5. Figure 5 Connecting a W orkstation to the Switch using the Console Port T o connect the cable: a Attach the cable’ s RJ-45 connect or to the Console port of the switch. b Attach [...]

Using the Command Line Interface (CLI) 25 1 Connect to the switch Console port as descri bed in “Connecting to the Console Port” page 23 . 2 The command line interface login sequenc e begins as soon as th e switch detects a connection to it s console port. When th e pr ocess completes, the Login pr ompt display s. 3 At the logi n prompt , enter[...]

26 C HAPTER 1: G ETTING S T ARTED 5 Enter Summary to view a summary of allocated IP addr esses. The following is an example of the display from the Summary command. Select menu option# summary IP Method: default IP address: 169.254.9 9.51 Subnet mask: 255.255.0 .0 Runtime version: 00_00_38 (date 01-Apr-2007 time 15:31:29) Bootcode version: 1.0.0.12[...]

Setting Up Web Interface Management 27 Setting Up Web Interface Management This section describes how you ca n set up web inter face management over the networ k. Prer equisites ■ Ensure you have already set up the switch with IP information as described in “Met hods of Managing a Switch” on page 19 . ■ Ensure that the switch is connected t[...]

28 C HAPTER 1: G ETTING S T ARTED W eb Management Over the Netwo rk T o manage a switch using the we b interface over an IP network: 1 Be sure that you know yo ur switch’ s IP address. See “IP Configuration” on page 22 , and “Viewing IP Infor mation using the Console Port” on page 25 . 2 Check that your management workstat ion is on the s[...]

Default Users and Passwords 29 Default User s and Passwords If you intend to manage the switch or to change the default passwords, you must log in with a valid user name and password. The switch has one default user name. The default user is listed in Ta b l e 5. Use the admin default user name (no password) to login and carr y out initial switch s[...]

2 U SING THE 3C OM W EB I NTERFACE This section provides an intr oduction to the user interface, and includes the following topics: ■ Starti ng the 3Com Web I nterface ■ Understanding the 3Com Web Interface ■ Saving th e Configuratio n ■ Resetting the Device ■ Restoring Factory Defaults ■ Logging Off the Device[...]

Starting the 3Com Web Interf ace 31 Starting the 3Com Web Interface This section inclu des the following topics: ■ Multi-Session Web Connections ■ Accessing the 3Com W eb Interface Multi-Session Web Connections The Multi-Session web co nnections fe a ture enables 10 users t o be created and access the switch concurr e ntly . Access levels provi[...]

32 C HAPTER 2: U SING THE 3C OM W EB I NTERFACE Accessing the 3Com Web I nt er f a ce This section contains in formation on starting the 3Com Web interface. To access the 3Com user interface: 1 Open an Int ernet browser . 2 Enter th e device IP add ress in th e address bar and pr ess Enter . The Enter Network Pa ssword Page opens: Figure 6 Enter Ne[...]

Understanding the 3Com Web Interface 33 Figure 7 3Com W eb Interface Home Page Understanding the 3Com We b Interface The 3Com Web Interface Home Page contains the following views: ■ Ta b V i e w — Pr ovides the device summary configuration located at the top of the home page. ■ Tr e e V i e w — Provides easy navigation through the configura[...]

34 C HAPTER 2: U SING THE 3C OM W EB I NTERFACE Figure 8 W eb Interface Components The following table lists the user interface components with their corresponding numbers: This section provides the fo llowing ad ditional information: ■ Device Representation — Provides an explanation of the user interface buttons, including both management but [...]

Understanding the 3Com Web Interface 35 Device Representation The 3Com Web Interface Home Page contains a graphical panel repr esentation of the device that appears within the Device View T ab. T o access the Device Repr esentation: 1 Click Device Summary > Device View . Figure 9 Device Repr esentation 2 By selecting a specific port with you r m[...]

36 C HAPTER 2: U SING THE 3C OM W EB I NTERFACE Using Screen and T able Options 3Com contains screens and tables fo r configuring devices. This section contains the following topics: ■ Viewing Configuration Information ■ Adding Configuration Informat ion ■ Modifying Configuration Information ■ Removing Configuratio n Information Viewing Con[...]

Using Screen and Table Options 37 Adding Configuration Info rmation User -defined infor mation can be added to specific 3Com Web Interface pages, by opening the IP Setup Page . T o configure IP Setup: 1 Click Administration > IP Setup . The IP Setup Page opens: Figure 11 IP Setup Page 2 Enter requisite information in the text field. 3 Click . Th[...]

38 C HAPTER 2: U SING THE 3C OM W EB I NTERFACE Modifying Configuration Information 1 Click Administration > System Ac cess > Modify . The System Access Modify Page opens: Figure 12 System Access Modify Page 2 Modify the fields. 3 Click . The access fields ar e modified.[...]

Using Screen and Table Options 39 Removing Configuration Information 1 Click Administration > System Access > Remove . The System Access Remove Pag e opens: Figure 13 System Access Remove Page 2 Select the user account to be deleted. 3 Click . The user account is deleted, and the device is updated.[...]

40 C HAPTER 2: U SING THE 3C OM W EB I NTERFACE Saving the Configuration Configuration changes are only saved to the device once the user saves the changes to the flash memory . The Save Configuration tab allows the latest configuration to be saved to the flash memory . T o save the device configuration: 1 Click Save Configuration . The Save Config[...]

Resetting the Device 41 Resetting the Device The Reset Page enables resetting the device from a r emot e location. T o prevent the curr ent configuration from being lost, use the Save Configuration Page to save all user -defined changes to the f lash memory before r esetting the device. T o re set the device: 1 Click Administration > Reset . The[...]

42 C HAPTER 2: U SING THE 3C OM W EB I NTERFACE 3 Click . The device is r eset, and a prompt for a user name and password is displayed. Figure 16 User Name and Passwor d Page 4 Enter a user name and password to reconnect to the web interface.[...]

Restoring Factory Defaul ts 43 Restoring Factory Defaults The Restore option appears on the Reset Page . The R estore option restor es device factory defaults. T o restor e the device: 1 Click Administration > Reset . The Reset P age opens: Figure 17 Reset Page The Reset Page contains the following fi elds: ■ Initialize with Current IP Address[...]

44 C HAPTER 2: U SING THE 3C OM W EB I NTERFACE Logging Off the Device T o log off the device: 1 Click . The Logout Page opens. 2 The following message appea rs: 3 Click . The 3Com Web Interface Home Page closes.[...]

3 V IEWING B ASIC S ETTINGS This section contains in formati on for viewing basic settings. The 3Com Web Interface Home Page pr esents a device summary section that provides the system administrator with the option to view essential information required for setting up and maintaining device settings . The Dev ice Summ ar y Section contains the foll[...]

46 C HAPTER 3: V IEWING B ASIC S ETTINGS Viewing Device Settings The Device Summary Page displays parameters for viewing general device information, including the system name, location, and contact, the system MAC Addr ess, System Obje ct ID, System Up Time, and MAC addresses, and both software, boot, and hardwar e versions. T o view the Device Sum[...]

47 ■ System Object ID — Displays the vendor’ s authoritative identification of the network management subsystem contained in the entity . ■ MAC Address — Displays the device MAC addr ess. ■ System Up Time — Displays the amount of time since the most re cent device reset. The system ti me is displayed in the following format: Days, Hou[...]

48 C HAPTER 3: V IEWING B ASIC S ETTINGS Viewing Color Keys Th e Color Key Page provides information regar ding the RJ45 or SFP port status on the device. The various colors key indicate the port status, speed and link of a selected port. T o view co lor keys: 1 Click Device Summary > Color Key . The Color Key Page opens: Figure 19 Color Key Pag[...]

4 M ANAGING D EVICE S ECURITY The Management Security section provides info rmation for configuring system access, defi ning RADIUS authentication, port-based authenti cation and de fining access c ontrol list s. This section inclu des the following topics: ■ Configuring System Access ■ Defining RADIUS Clients ■ Defining Port-Based Aut hentic[...]

50 C HAPTER 4: M ANAGING D EVICE S ECURITY Configuring System Access Network administrators can define users, passwords, and access levels for users using the System Access Interface. The Multi-Session web featur e is enabled on device and allows 10 users to be created and access the switch concurrently . Access levels prov ide r ead or read/write [...]

Configuring System Access 51 Viewing System Access Settings The System Access Summar y Page displays the current use rs and access levels defi ned on the device. T o view System Access settings: 1 Click Administration > System Access > Summary . The System Access Summary Page opens: Figure 20 System Access Summary Page The System Access Summa[...]

52 C HAPTER 4: M ANAGING D EVICE S ECURITY Defining System Access The System Access Setup Page allows network administrators to define users, passwords, and access levels for user s using the System Access Interface. Monitor users have no access to this page. T o define System Access: 1 Click Administration > System Access > Setup . The Syste[...]

Configuring System Access 53 Modifying System Access The System Access Modify Page allows network administrat ors to modify users, passwords, and access levels for user s using the System Access Interface. Monitor users have no access to this page. T o modify System Access: 1 Click Administration > Syst em Acce ss > Modify . The System Access[...]

54 C HAPTER 4: M ANAGING D EVICE S ECURITY Removing System Access The System Access Remove Page allows networ k administrators to rem ove users from the System Access Interface. Monitor users have no access to this page. To r e m o v e u s e r s : 1 Click Administration > Syste m Access > Remove . Th e System Access Remove Page opens: Figure [...]

Defining RADIUS Clients 55 Defining RADIUS Clients Remote Authorization Dial-In User Ser vice (RADIUS) servers provide additional security for networks. RA DIUS servers provide a centralized authentication method for 802.1X. The default paramete rs are user -define d, and are applied to newly defined RADIUS servers. If new defa u lt parameters ar e[...]

56 C HAPTER 4: M ANAGING D EVICE S ECURITY ■ Authentication Port — Defines the authentication port. The authentication port is us ed to verify the RADIUS server authen tication. The authenticatio n port default is 1812 . ■ Number of Retries — Defines the number of transmitted requests sent to the RADIUS server before a failur e occurs. Poss[...]

Defining Port-Based Authentication (802.1X) 57 Defining Port-Based Authentication (802.1X) Port-based authentication authen ticate s users on a per -port basis via an extern al server . Only authenticated and approved system users can transmit and receive data. Ports are au thenticated via th e RADIUS server using the Extensible Authenti cation Pro[...]

58 C HAPTER 4: M ANAGING D EVICE S ECURITY Viewing 802.1X Authentication The 802.1 X Summary Page allows the ne twork administrator to view port-based authentication settings. T o view Port-based Authentication: 1 Click Security > 802.1X > Summary . The 802.1X Summar y Page opens: Figure 25 802.1X Summary Page The 802.1 X Summary Page contain[...]

Defining Port-Based Authentication (802.1X) 59 ■ Curre nt Port Control — Displays the curr ent por t authorization state. ■ Guest VLAN — Indicates whether an unauthorized port is allowed to join the Guest VLAN. The possibl e field values ar e: ■ Enable — Enab les an unaut horized port to join the Guest VLAN. ■ Disable — Disables an [...]

60 C HAPTER 4: M ANAGING D EVICE S ECURITY Defining 802.1X Authentication The 802.1 X Setup Page contains information for co nfiguring 802.1X global settings on the device an d defining specific 802.1X setting for each port individually . Monitor users have no access to this page. T o configure 802.1X Settings: 1 Click Security > 802.1X > Set[...]

Defining Port-Based Authentication (802.1X) 61 ■ Enable Guest VLAN — Provides limited network access to author ized ports. If a port is denied network a ccess via port-based authorization, but the Guest VLAN is enabled, the port receives limited network access. For example, a network administrator can use Guest VLANs to deny network access via [...]

62 C HAPTER 4: M ANAGING D EVICE S ECURITY Defining Access Control Lists Access Control Lists (ACLs) allow network managers to define classification actions and rules for sp ecific ingress ports. Packets entering an ingress port, with an active ACL are either admitted or denied entry . If they ar e denied entry , the user can disable the port. For [...]

Defining A ccess Contr ol Lists 63 Viewing MAC Based ACLs The MAC Based ACL Summary Page displays informat ion regar ding MAC Based ACLs configured on the device . Ports are r eactivated from the Port Administration Setup Page . T o view MAC Based ACLs: 1 Click Device > ACL > MAC Based ACL > Summary . The MAC Based ACL Summary Page opens: [...]

64 C HAPTER 4: M ANAGING D EVICE S ECURITY ■ Ethertype — Provides an identifier that differ entiates be tween various types of protocols. ■ Action — Indicates the ACL forwarding action. In addition, the port can be shut down, a trap can be sent to the network ad ministrator , or packet is assigned rate limiting restrictions for forwarding. [...]

Defining A ccess Contr ol Lists 65 ■ Selection ACL — Selects an existing MAC- based ACL to wh ich rules are to be added. ■ Create ACL — Defines a new user -d efined MAC-based Access Control List. Add Rules to ACL ■ Priority — Sets the rule priority , whic h determines which rule is matched to a packet on a first-matc h basis. The possib[...]

66 C HAPTER 4: M ANAGING D EVICE S ECURITY ■ Ethertype — Provides an identifier that differ entiates be tween various types of protocols. ■ Action — Specifies the ACL forwarding action. In addition, the port can be shut down, a trap can be sent to the network ad ministrator , or packet is assigned rate limiting restrictions for forwarding. [...]

Defining A ccess Contr ol Lists 67 Modifying MAC Based ACLs The MAC Based ACL Modify Page allows th e network administrator to modify an existing MAC-based ACL rule. Monitor users have no access to this page. T o modify a MAC-based ACL rule: 1 Click Device > ACL > MAC Based ACL > Modify . The MAC Based ACL Modify Page opens: Figure 29 MAC [...]

68 C HAPTER 4: M ANAGING D EVICE S ECURITY For example, if the sourc e MAC address is E0:3B:4A:C2:CA: E2 and the wildcard mask is 00:00:00:00:00:FF , the first five bytes of the MAC are used, while the last byte is ignored. For the source MAC addr ess E0:3B:4A:C2:CA:E2, this wildcar d mask matches all MAC addresses in the range E0:3B:4A:C2:CA:00 to[...]

Defining A ccess Contr ol Lists 69 Removing MAC Based ACLs The MAC Based ACL Remove Page allo ws the user to remo ve MAC-based ACLs or MAC-based ACL rules. Monitor users have no access to this page. Click Device > ACL > MAC Based ACL > Remove . The MAC Based ACL Remove Pag e opens: Figure 30 MAC Based ACL Remove Page The MAC Based ACL Remo[...]

70 C HAPTER 4: M ANAGING D EVICE S ECURITY ■ CoS Mask — Displays the wildcar d mask bits to b e applied to th e CoS. ■ Ethertype — Provides an identifier that differ entiates be tween various types of protocols. ■ Action — Indicates the ACL forwarding action. In addition, the port can be shut down, a trap can be sent to the network ad m[...]

Defining A ccess Contr ol Lists 71 Viewing IP Based ACLs The IP Based ACL Summar y Page displays informatio n regarding IP-based ACLs configured on the device. T o view IP-based A CLs: 1 Click Device > ACL > IP Based ACL > Summary . The IP Based ACL Summary Page opens: Figure 31 IP Based ACL Summary Page The IP Based ACL Summar y Page cont[...]

72 C HAPTER 4: M ANAGING D EVICE S ECURITY ■ ICMP Code — Indicates the ICMP message code for filtering ICMP packets. ICMP pack ets that are filtered by ICMP message type can also be filtered by the ICMP message code. ■ IGMP T ype — Indicates the IGMP message type filter . ■ Source Addr ess — Matches the source IP address to which packet[...]

Defining A ccess Contr ol Lists 73 Monitor users have no access to this page. T o configure IP-based ACLs: Click Device > ACL > IP Based ACL > Setup . The IP Based ACL Setu p Page opens: Figure 32 IP Based ACL Setup Page The IP Based ACL Setup Page contains the following field s: ■ Selection ACL — Selects an existing IP-bas ed ACL to w[...]

74 C HAPTER 4: M ANAGING D EVICE S ECURITY ■ Source Port — Defines the source port that is used for matched packets. Enable d only when TCP or UDP are selected in the Protocol list. The field value is either user defined or Any . If Any is selected the IP based ACL is applied to any source port. ■ Destination Port — Defines the destination [...]

Defining A ccess Contr ol Lists 75 ■ ICMP Code — If c hecked, enables specif ying an ICMP message code for filtering ICMP packets. ICMP pa ckets t hat are filtered by ICMP message type can also be filter ed by the ICMP mess age code. ■ IGMP — If checked, ena bles filtering IGMP packets for an IGMP message type. The possible values are: ■ [...]

76 C HAPTER 4: M ANAGING D EVICE S ECURITY wildcard mask m atches all IP a ddresses in the range 149.36.184.0 to 149.36.184.255. A wildcard mask must not contain leading zeroes. For example, a wildca rd mask of 010.010.011.010 is invalid, but a wildcar d mask of 10.1 0.11.10 is valid. ■ Match DSCP — Matches the packet DSCP value to the ACL. Eit[...]

Defining A ccess Contr ol Lists 77 Modifying IP Based ACLs The IP Based ACL Modify Page allow s the network administrator to modify IP Based ACL rules. T o modify an IP-based ACL rule: 1 Click Device > ACL > IP Based ACL > Modify . The IP Based ACL Modify Page opens: Monitor users have no access to this page. Figure 33 IP Based ACL Modify [...]

78 C HAPTER 4: M ANAGING D EVICE S ECURITY ■ Select from List — Selects a pr otocol from a list by which packets are matched to the rule. ■ Protocol ID — Adds user -defin ed protocols by which packets ar e matched to the rule. Each protocol has a specific protocol number which is unique. The po ssible field range is 0-255 . ■ Source Port [...]

Defining A ccess Contr ol Lists 79 ■ ICMP — If checked, enables filterin g ICMP packets for an ICMP message type. The possible values are: ■ Select from List — Selects an ICMP message type fr om a list. ■ ICMP T ype — Specifies an IC MP mess age type. ■ Any — Does not filter for an ICMP message type. ■ ICMP Code — If c hecked, e[...]

80 C HAPTER 4: M ANAGING D EVICE S ECURITY ■ Match IP Pr ecedence — Matches the packet I P Precedence value to the rule. Either the DSCP va lue or the IP Precedence value is used to match packets to the rule. ■ Action — Selects the ACL forwarding action. In addition, the port can be shut down, a trap can be sen t to the network administrato[...]

Defining A ccess Contr ol Lists 81 Figure 34 IP Based ACL Remove Page The IP Based ACL Remove Page cont ains the following fields: ■ ACL Name — Selects an ACL name from a list of the IP-based ACLs. ■ Remove ACL — Enables the ACL to be removed. ■ Checkbox (unnamed) — When checked, selects the rule for removal. The top checkbox is used to[...]

82 C HAPTER 4: M ANAGING D EVICE S ECURITY ■ Source Addr ess — Indicates the sour ce IP address. ■ Source Mask — Indicates the sour ce IP address mask. ■ Destination Addr ess — Indicates the destination IP address. ■ Destination Mask — Indicates the destinat ion IP address mask. ■ DSCP — Matches the packet DSCP valu e to the ACL[...]

Defining A ccess Contr ol Lists 83 Viewing ACL Binding Th e ACL Binding Summary Page displays the user -defined ACLs mapped to the interfaces. T o view ACL Binding: 1 Click Device > ACL > ACL Binding > Summary . The ACL Binding Summary Page opens: Figure 35 ACL Binding Summary Page The ACL Binding Summar y Page contains the followi ng fiel[...]

84 C HAPTER 4: M ANAGING D EVICE S ECURITY Configuring ACL Binding The ACL Binding Setup Page allo ws the network administrator to b ind specific ports to MAC- or IP-based ACLs. The monitor user has no access to this page. T o define ACL Binding: 1 Click Device > ACL > ACL Binding > Setup . The ACL Binding Setup Page opens: Figure 36 ACL B[...]

Defining A ccess Contr ol Lists 85 Removing ACL Binding The ACL Binding Remove Page allows the network administrator to remove user -defined ACLs from a selected interface. Monitor user s have no access to this page . T o remove ACL Binding: 1 Click Device > ACL > ACL Binding > Remove . The ACL Binding Remove Page opens: Figure 37 ACL Bind[...]

86 C HAPTER 4: M ANAGING D EVICE S ECURITY Enabling Broadcast Storm Broadcast Storm limits the amount of Multicast and Broadcast frames accepted and for warded by the device. When Layer 2 frames a re forwarded, Br oadcast and Mult icast frames are flooded to all ports on the relevant VLAN. This occupies bandw idth, and loads all nodes on all ports.[...]

Enabling Broadcast Storm 87 Monitor user s have no access to this page . T o define Broadcast Storm T raffic: 1 Click Device > Broadcast Storm > Setup . The Broadcast Storm Setup Page opens: Figure 38 Br oadcast Storm Setup Page The Broadcast Storm Setup Page cont ains the following fields: ■ Broadcast Sto rm Contr ol — Defines whether fo[...]

5 M ANAGING S YSTEM I NFORMATION This section contains in formati on for co nfiguring general system information, and includes the following: ■ Viewing System Description ■ Defining System Settings ■ Saving the Device Configuration ■ Resetting the Device[...]

89 Viewing System Description The Devi ce View Page displays parameters for configuring general device information, including the system name, location, and contact, the system MAC Addr ess, System Obje ct ID, System Up Time, and MAC addresses, and both software, boot, an d har dware versions. T o view Device Summary Information: 1 Click Device Sum[...]

90 C HAPTER 5: M ANAGING S YSTEM I NFORMATION ■ MAC Address — Displays the device MAC addr ess. ■ System Up Time — Displays the amount of time since the most re cent device reset. The system ti me is displayed in the following format: Days, H ours, Minutes, and Seconds. For example, 41 days, 2 hours, 22 minutes and 15 seconds. ■ Software [...]

91 Defining System Settings The following se ction allows syst em ad ministrators t o configure advanced system settings. The section includes the following topics: ■ Configuring System Name ■ Configuring System T ime[...]

92 C HAPTER 5: M ANAGING S YSTEM I NFORMATION Configuring System Name The System Name Page allows the Network Administrator to provide a user -defined system name, lo cation, and contact informat ion for the device. Monitor users have read-only permissions on t his page. T o configure the System Name: 1 Click Administration > System Name > Sy[...]

93 Configuring System Time The System Time Set up Page contains fields for defining system time parameters for the lo cal hardwar e cl ock. Daylight Savings T ime can be enabled on the device. Monitor users have limited permissions on this page. T o configure the System T ime: 1 Click Administration > System Time > Setup . The System Time Set[...]

94 C HAPTER 5: M ANAGING S YSTEM I NFORMATION ■ Daylight Saving — Enables setting automatic Daylig ht Savings T ime (DST) on the device, either on a non-recurring or r ecurring basis. In the non-recurring case, DST is configur ed to apply to one specific period of time only , defined by specifying the begin and end times, months, days, and year[...]

95 ■ Minutes — The minut e of the hour at which DST ends. The fiel d range is 0-59 . ■ Month — The month of the year in which DST ends. T he field range is 1-12 . ■ Day — The day of the month at which DST ends. The field range is 1-31 . ■ Ye a r — The year in which DST ends. The field range is 2000-203 7 . ■ Recurring — Enables [...]

96 C HAPTER 5: M ANAGING S YSTEM I NFORMATION Saving the Device Configuration The Save Configu ration Page allows the latest device co nfiguration to be saved to the flash memory . Monitor users have no access to this page. T o save the device configuration: 1 Click Save Configuration . The Save Configuration Page opens: Figure 42 Save Configuratio[...]

97 Resetting the Device The Reset Page enables resetting the device fr om a remote location. T o prevent the curr ent configuration from being lost, save the current device configuration befo re re se t t in g t he d e vi c e . Monitor users have no access to this page. T o reset the device configuration: 1 Click Administration > Reset . The Res[...]

6 C ONFIGURING P ORTS This section contains in formation for co nfiguring Port Settings, and includes the following sections: ■ Viewing Port Settings ■ Defining Port Settings ■ Viewing Port Details[...]

99 Viewi ng Port Settings The Port Admin istration Summar y Page permits the network manager to view the current ports configuration. When configuring the port speed and port Duplex mode, please note the following: ■ Setting the port speed to 10/100/1 000 and the Duplex mode to Half = admin speed is = 10/100/1000 ha lf and no advertisement. ■ S[...]

100 C HAPTER 6: C ONFIGURING P ORTS T o view Port Settings: 1 Click Port > Administration > Summary . The Port Adm inistrati on Summary Page opens: Figure 44 Port Administration Summary Page The Port Ad ministration Summar y Page contains the following fields: ■ Port — Indicates t he selected port number . ■ Port Status — Indicates wh[...]

101 ■ 10M — Indicates th e port is currently operating at 10 Mbps. ■ 100M — Indicates the port is currently operating at 100 Mbps. ■ 1000 M — Indicates the p ort is currently operating at 1000 Mbps. ■ Duplex Mode — Displays the port duplex mode. This field is configurable only when auto negotiatio n is disabled, and the port speed i[...]

102 C HAPTER 6: C ONFIGURING P ORTS Defining Port Settings The Port Ad ministration Setup Page allows network managers to configure port parameters for specific ports. Monitor users have no access to this page. T o configure Port Settings: 1 Click Port > Administration > Setup . The Port Administration Setup Page opens: Figure 45 Port Adminis[...]

103 ■ 10 — Indicates the port is currently operating at 10 Mbps. ■ 100 — Indicates the port is currently operating at 100 Mbps. ■ 1000 — Indicates the port is currently operating at 1000 Mbps. ■ Auto — Use to automatically configure the port. ■ No Change — Retains the current port speed. ■ Duplex — Specifies the port duplex [...]

104 C HAPTER 6: C ONFIGURING P ORTS Viewing Port Details Th e Port Detail Page displays the current port parameters for specific ports. Monitor users have no access to this page. T o view Port Details: 1 Click Port > Administration > Detail . The Port Detail Page opens: Figure 46 Port Detail Page The Port Detail Page contains the followi ng f[...]

105 ■ Speed — Displays the configured rate for the port. The port type determines what speed setting options are available. Port speeds can only be configured when auto negotiation is disabled. Th e possible field values are: ■ 10 — Indicates the port is currently operating at 10 Mbps. ■ 100 — Indicates the port is currently operating a[...]

7 A GGR EGATING P ORTS This section contains in formation for co nfiguring Link Aggregation, which optimizes port usage by linking a group of ports together to form a single LAG. A Link Aggregation Gro up (LAG) aggr egates ports or VLANs into a single virtual port or VLAN . Aggregating ports multiplies the bandwidth between the devices, incr ea ses[...]

107 Viewing Link Aggregation The Link Aggregation Summary Page displays port usage by linking a group of ports together to form a single LAG. Aggregating ports multiplies the bandwidth between the devices, incr ease s port flexibility , and provides link r edundancy . T o view Link Aggregation: 1 Click Ports > Link Aggregation > Summary . The[...]

108 C HAPTER 7: A GGREGATING P ORTS Monitor users have no access to this page. T o create Link Aggr egation: 1 Click Ports > Link Aggregation > Cr eate . The Link Aggregation Create Page opens: Figure 48 Link Aggr egation Create Page The Link Aggregation Create Page includes the following fields: ■ Enter aggregation Gr oup ID — Defines th[...]

109 Summary ■ Group ID — Displays the Link Aggr egat ed Group ID. The field range is 1-4 . ■ Ty p e — Displays the type of link aggregation. The possible field va lues are Static or LACP . ■ Member Ports — Displays the ports configur ed to the link aggregation. 2 Define the fields. 3 Click . The link a ggregation configuration is defin [...]

110 C HAPTER 7: A GGREGATING P ORTS Modifying Link Aggregation The Link Aggregation Mo dify Page optimizes port usage by linking a group of ports together to form a single LAG. Aggregating ports multiplies the bandwidth between the devices, incr ease s port flexibility , and provides link r edundancy . Monitor users have no access to this page. T o[...]

111 Deselected ports ■ White — Not a member of any aggregation. ■ Grey — Displays a member of an existing aggregation or VLAN. Summary ■ Group ID — Displays the Link Aggr egat ed Group ID. The field range is 1-4 . ■ Ty p e — Displays the link aggregation type. The possible field values are Static or LACP . ■ Member Ports — Displ[...]

112 C HAPTER 7: A GGREGATING P ORTS Removing Link Aggregation The Link Aggregation Remo ve Page allows the network manager to r emove gro up IDs containing memb er ports. Monitor users have no access to this page. T o remove Link Aggr egation: 1 Click Ports > Link Aggr egation > Remove . The Link Aggregation Remove Page opens: Figure 50 Link [...]

113 Viewing LACP LAG ports can contain dif ferent media types if the ports are operating at the same speed. Aggr egated lin ks can be set up manually or automatically established by enabling LACP on the relevant links. Aggregate ports can be linked into link-aggr egation po rt-groups. The LACP Summary Page contains fields for viewing Link Aggregati[...]

114 C HAPTER 7: A GGREGATING P ORTS Modifying LACP LAG ports can contain differ ent media types if the ports are operating at the same speed. Aggr egated links can be set up manually or automatically established by enabling LACP on the relevant links. Aggregate ports can be linked into link-aggr egation po rt-groups. The LACP Modify Page contains f[...]

115 2 Define the fields. 3 Click . The LACP Link Aggr egation is modified, and the application is updated.[...]

8 C ONFIGURING VLAN S VLANs are logical subgr oups with a Local Ar ea Network (LAN) which combine user stations and network devices into a single unit, r egardless of the physical LAN segment to whic h they ar e attached. VLANs allow network traffic to flow mo re ef ficiently within subgroups. VLANs use software to r educe the amount of ti me it ta[...]

117 Viewing VLAN Details The VLAN Detail Page provides information and global parameters on VLANs configured on the system. T o view VLAN details: 1 Click Device > VLAN > VLAN Detail . The VL AN Detail Page opens: Figure 53 VLAN Detail Page The VLAN Detail Page contains th e following information: ■ Select a VLAN to Display — Selects a VL[...]

118 C HAPTER 8: C ONFIGURING VLAN S Viewing VLAN Port Details The VLAN Port Detail Page provides information on VLAN configured ports. T o view VLAN Port details: 1 Click Device > VLAN > Port Detail . The VLAN Port Detail Page opens: Figure 54 VLAN Port Detail Page The VLAN Port Detail Page contains the following informat ion: ■ Select Port[...]

119 Creating VLANs The VLAN Setup Page allo ws the network admini strator to create or ren a m e V L AN s . The monito r users have no access to this pa ge. To c r e a t e V L A N s : 1 Click Device > VLAN > Setup . Th e VLAN Setup Page opens: Figure 55 VLAN Setup Page The VLAN Setup Page contains the following fields: Cre ate ■ VLAN IDs ?[...]

120 C HAPTER 8: C ONFIGURING VLAN S Rename VLAN ■ ID — Displays the VLAN ID sele cted from the above list. ■ Name — Defines the new VLAN name. ■ Rename — Renames the user -d efined VLAN name. 2 Enter the VLAN ID number(s). 3 Click . The VLAN(s) are cr eated, and the device is updat ed. To r e n a m e a V L A N : 1 Highlight a VLAN to be[...]

121 Modifying VLAN Settings The Modify VLAN Page allows the network man ager to rename VLANs and change VLAN membersh ip. The monito r users have no access to this pa ge. T o edit VL AN Settin gs: Click Device > VLAN > Modify VLAN . The Modify VLAN Page opens: Figure 56 Modify VLAN Page The Modify VLAN Page contains the following fields : ■[...]

122 C HAPTER 8: C ONFIGURING VLAN S ■ Not A Member — Indicates the interface is not a member of the VLAN. ■ Not available for selection — Indicates the interface is not available for selection. ■ Select port to add to this VLAN — Adds a selected port to the VLAN. ■ Select All — Allows the user to select all ports to be added to the [...]

123 Modifying Port VLAN Settings The Modify VLAN Port Page allows the network manager to modify port VLAN settings. The monito r users have no access to this pa ge. T o modify Port VLAN Settings: 1 Click Device > VLAN > Modify P ort . The Modify VLAN Port Page opens: Figure 57 Modify VLAN Port Page The Modify VLAN Port Page contains the follo[...]

124 C HAPTER 8: C ONFIGURING VLAN S 2 Select a port. 3 Select the port’ s member ship type. 4 Enter th e VLAN ID to be assigned to the port. 5 Click . The VLANs are configur ed, and the device is updated. Removing VLANs The VLAN Remove Page allows the network administrator to r emove VLANs. The monitor users have no access to this page. To d e l [...]

9 C ONFIGURING IP AND MAC A DDR ESS I NFORMATION This section contains in formation fo r def ining IP interfa ces, and includes the following sections: ■ Defini ng IP Addr essing ■ Configuring ARP Settings ■ Configuring Address T ables[...]

126 C HAPTER 9: C ONFIGURING IP AND MAC A DDRESS I NFOR MATION Defining IP Addressing The IP Setup Page contains f ields for assignin g an IP address. The Default Gateway is erased when th e IP Address is modi fied and changed. Pack ets are forwar ded to the default gateway when sent to a remote network. The monitor user has no access to this page.[...]

Configuring ARP Settings 127 Configuring ARP Settings The Address Resolu tion Protocol (ARP) converts IP addresse s into physical addresse s, and maps the IP address to a MAC addr ess. ARP allows a host to communicate with other hosts when only the IP address of its neighbors is known. This sect ion includes the following sections: ■ Viewing ARP [...]

128 C HAPTER 9: C ONFIGURING IP AND MAC A DDRESS I NFOR MATION Viewing ARP Settings The ARP Settings Summar y Page displays the curr ent ARP settings. T o view ARP Setting s: 1 Click Administration > ARP Settings > Summary . The ARP Settings Summary Page opens: Figure 60 ARP Settings Summary Page The ARP Se ttings Summar y Page contains the f[...]

Configuring ARP Settings 129 Defining ARP Settings The ARP Settin gs Setup Page allows network managers to d efine ARP parameters for sp ecific in terfaces. The monito r users have no access to this pa ge. T o configure ARP entries: 1 Click Administration > ARP Settings > Setup . The ARP Settings Setup Page opens: Figure 61 ARP Settings Setup[...]

130 C HAPTER 9: C ONFIGURING IP AND MAC A DDRESS I NFOR MATION Removing ARP Entries The ARP Settin gs Remove Page provides parameters for removing ARP entries from the ARP T able. The monitor user has no access to this page. T o remove ARP entrie s: 1 Click Administration > ARP Settings > Remove . The ARP Settings Remove Page opens: Figure 62[...]

Configuring ARP Settings 131 ■ MAC Address — Displays the station MAC addr ess, which is associated in the ARP table with the IP address. ■ Status — Displays the AR P table entry type. Possibl e field values are: ■ Dynamic — Indicates the ARP entry is learned dynamically . ■ Static — Indicates the ARP en try is a static entry . 2 Fo[...]

132 C HAPTER 9: C ONFIGURING IP AND MAC A DDRESS I NFOR MATION Configuring Address T ables MAC addr esses are stor ed in either the Static Address or the Dynamic Address databases. A pack et addressed to a destination stored in one of the databases is forwarded immedi ately to the port. The Dynamic Address T able can be sorted by inte rface, VLAN, [...]

Configuring Address Tables 133 Viewing Address T able Settings The Address T able Summar y Page displays the current MAC addr ess table configuration. T o view address table settings: 1 Click Monitoring > Addr ess T able > Summary . The Address T able Summary Page opens: Figure 63 Addr ess T able Summary Page The Addre ss T ab le Summar y Pag[...]

134 C HAPTER 9: C ONFIGURING IP AND MAC A DDRESS I NFOR MATION ■ State — Displays the MAC addr ess configuratio n method. Possible values ar e: ■ Config Static — Indicates the MAC addr ess is statically configured. ■ Config Dynamic — Indicates the MAC address is dynamically configured. ■ Port Index — Indicates the port through which[...]

Configuring Address Tables 135 ■ State — Filters the list of MAC addr e sses displayed according to the type of MAC address configuration. Possible values are: ■ All — Displays all MAC addre sses assigned to the port. ■ Static — Displays static MAC addr esses assigned to the port. ■ Dynamic — Displ ays dynamic MAC ad dr esses assign[...]

136 C HAPTER 9: C ONFIGURING IP AND MAC A DDRESS I NFOR MATION Adding MAC Addresses to the Address T able The Address T able Add Page allows the network manager to assig n MAC addresses to ports with VLANs. The monitor users have no access to this page. T o add MAC addresses to the Addr ess T able: 1 Click Monitoring > Addr ess T able > Add .[...]

Configuring Address Tables 137 ■ MAC Address — Displays the current MAC addresses listed in the MAC address table. ■ VLAN ID — Displays the VLAN ID associated with the port and MAC address. ■ State — Displays the current MAC addr ess configuration metho d. Possible values are: ■ Config Static — Indicates the MAC addr ess is statical[...]

138 C HAPTER 9: C ONFIGURING IP AND MAC A DDRESS I NFOR MATION Defining Aging Time The Address T able Setup Page allows the net work manager to define the Address T able Aging Time. The Aging T ime is the amount of time the MAC addr esses re main in the Dynamic Addr ess table befor e they are timed out if no traffic fr om the sour ce is detected. T[...]

Configuring Address Tables 139 Removing Addr ess T able Ports The Port Remove Page allows the network manager to remove ports from the Address T able. The monito r users have no access to this pa ge. T o remove ports: 1 Click Monitoring > Addr ess T able > Port Remove . The Port Remove Page opens: Figure 67 Port Remove Page The Port Remo ve P[...]

140 C HAPTER 9: C ONFIGURING IP AND MAC A DDRESS I NFOR MATION ■ State — Displays the MAC addr ess configuratio n method. Possible values ar e: ■ Config Static — Indicates the MAC addr ess is statically configured. ■ Port Index — Indicates the port through which the addr ess was learned. ■ Aging Time — Indicates the amount of time t[...]

Configuring Address Tables 141 Removing MAC Addresses fr om the Address T able The Address T able Remove Page allows th e network manager to remove current MAC addr esses from the Addr ess T able. The monito r users have no access to this pa ge. T o remove MAC addresses from the Addr ess T able: 1 Click Monitoring > Addr ess T able > Remove .[...]

142 C HAPTER 9: C ONFIGURING IP AND MAC A DDRESS I NFOR MATION ■ Port Index — Indicates the port through which the addr ess was learned. ■ Aging Time — Indicates the amount of time the MAC address remains in the Dynamic Address tabl e before it is timed out if no traffic fr om the source is de tected. The de fault value is 300 seconds. ■ [...]

10 C ONFIGURING IGMP S NOOPING This section contains in formation for configuring IGMP Sno oping. When IGMP Snooping is enabled globa lly , all IGMP pa ckets are forwarded to the CPU. The CPU analyzes the incomin g packets and determines: ■ Which ports want to join which Multicast groups. ■ Which ports have Multicast routers generating IGMP que[...]

144 C HAPTER 10: C ONFI GURING IGMP S NOOPING Defining IGMP Snooping The IGMP Snooping Setup Page allows network managers to define IGMP Snooping parameters for VLANs. The monitor u sers have read - only access to this page. T o configure IGMP Snooping: Click Device > IGMP Snooping > Setup . The IGMP Snooping Setup Page opens: Figure 69 IGMP [...]

145 ■ Enable — Enables IGMP Snooping on t he VLAN. ■ VLAN — Displays the VLAN ID. ■ Status — Displays the IGMP snooping status fo r the VLAN. The possible field values are Enable and Disable . T o enable or disable IG MP Snooping on t he device: 1 Select Enable or Disable from the IGMP Snooping Status list . 2 Click . IGMP Snooping is e[...]

11 C ONFIGURING S PANNING T RE E This section contains in formation for configu ring STP . The Spann ing T r ee Protocol (STP) provides tr ee topograph y for any arrangement of bridges. STP also provides a single path between end stations on a network, eliminating loops. Loops occur when alternate routes exist between hosts. Loops in an extended ne[...]

147 Viewing Spanning Tr e e The Spann ing T ree Su mmary Page displays the cu rrent Spanning T ree parameters for all ports. T o view Spanning T ree Summary: 1 Click Device > Spanning T r ee > Summary . The Spanning T ree Summary Page opens: Figure 70 Spanning T ree Summary Page The Spann ing T ree Su mmary Page contains the following fields:[...]

148 C HAPTER 11: C ONFI GURING S PANNING T REE ■ Root Guard — Indicates if the interface is acting as the r oot port of the switch. The possible field values are: ■ Enable — Indicates Root Guard is enabled on the port ■ Disable — Indicates Root Guar d is disabled on the port. ■ Port State — Displays the current STP state of a port. [...]

149 ■ Path Cost — Indicates the port contribution to the root path cost. The path cost is adjusted to a higher or lower value, and is used to forward traffic when a path is re-r outed. ■ Priority — Indicates the priority value of the port. The priority value influences the port choice when a br idge has two ports con nected in a loop. The p[...]

150 C HAPTER 11: C ONFI GURING S PANNING T REE Defining Spanning Tr e e Network administrators can assign STP se ttings to specific interfaces using the Sp anning T ree Setup Page . The monitor user has no access to this page. T o configure Spanning T ree Setup: 1 Click Device > Spanning T r ee > Setup . The Spanning T ree Setup Page opens: F[...]

151 ■ BPDU Handling — Determines how BPDU packets are managed when STP is disabled on the port or device. BPDUs ar e used to transmit spanning tree information. T he possible field va lues are: ■ Filtering — Filters BPDU packets when spanning tree is disabled on an interface. This is the default value. ■ Flooding — Floods BPDU packets w[...]

152 C HAPTER 11: C ONFI GURING S PANNING T REE Designated Root ■ Bridge ID — Identifies the Bridge priority and MAC address. ■ Root Bridge ID — Identifies the Root Bridge priority and MAC address. ■ Root Port — Indicates the port number that offers the lowest cost path from this bridge to the Ro ot Br idge. This field is significant whe[...]

153 Modifying Spanning Tr e e The Spanning T ree Modify Page contains information for modifying Spanning T ree parameters. Monitor users have no access to this page. T o modify Spanning T r ee: 1 Click Device > Spanning T r ee > Modify . The Spanning T ree Modify Page opens: Figure 72 Spanning T ree Modify Page The Spann ing T re e Modify Pag[...]

154 C HAPTER 11: C ONFI GURING S PANNING T REE ■ Enabled — Indicates fast link is enabled on the port. ■ Auto — Enables the device to automatically establish a fast link. ■ Disabled — Indicates fast link is disabled on the port. ■ Root Guard — Restricts the inter face fr om acting as the root port of the switch. The possible field v[...]

12 C ONFIGURING SNMP Simple Network Management Protocol (SNMP) provides a method for managing network devices. The devi ce supports the follow ing SNMP versions: ■ SNMP version 1 ■ SNMP ver sion 2c SNMP v1 and v2c The SNMP agents maintain a list of variables , which are used to manage the device. The variables ar e define d in the Management In[...]

156 C HAPTER 12: C ONFI GURING SNMP Defining SNMP Communities Access r ights ar e managed by defining communities in th e SNMP Communities Setup Page . When the community names are changed, access rights are also changed. SNMP communities are defined only for SNMP v1 and SN MP v2c. Monitor users have no access to this page. T o define SNMP communit[...]

157 ■ Insert New Community — Enables add ing an SNMP community . SNMP Management ■ Manageme nt Statio n — Defines the management station IP address for which the SNMP community is to be defined. ■ Open Access (0.0.0.0) — Pr ovides SNMP acce ss to all the stations. Community String ■ Standard — Selects pr e-defined commun ity strings[...]

158 C HAPTER 12: C ONFI GURING SNMP Removing SNMP Communities The SNMP Communities Remove Page allows the system manager to re move SNMP Communities. Monitor users have no access to this page. T o remove SNMP communities: 1 Click Administration > SNMP > Communities > Remove . The SNMP Communities Remove Page opens: Figure 74 SNMP Communiti[...]

159 ■ Access Mode — Displays the access rights of the community . The possible field values are: ■ Read Only — Management access is restricted to r ead-only , and changes cannot be made to the community . ■ Read Write — Management access is re ad-write and changes can be made to the device configuration, but not to the community . 2 For[...]

160 C HAPTER 12: C ONFI GURING SNMP The SNMP T raps Setup Page contains the following fields: ■ Recipients IP Address — Defines the IP addr ess to which the traps are sent. ■ Community String — Defines the community string of th e trap manager . ■ T rap V ersion — Specifies the trap type. The possible field values are : ■ SNMP V1 — [...]

161 The SNMP T raps Remove Page contains the following fields: ■ Checkbox (unnamed) — Whe n checked, selects an SNMP trap for removal. The top checkbox is used to select all SNMP traps for removal ■ Recipients IP — Displays the IP address to which the traps are sent. ■ Tr a p — Displays the trap type. The possible field values ar e: ■[...]

13 C ONFIGURING Q UALITY OF S ERVICE Quality of Ser vice (QoS) pr ovides the ability to implement QoS and priority queuing within a network. For exampl e, certain types of traffic that re quire minimal delay , such as V oice, Video, and real-t ime traf fic can be assigned a high pr iority queue, while other traffic can be assigned a lower priority [...]

163 Viewing CoS Settings The CoS Summary Page displays CoS default settings assigned to ports. T o view CoS Setting s: 1 Click Device > QoS > CoS > Summary . Th e CoS Summary Page opens : Figure 77 CoS Summary Page The CoS Summary Page contains the following fields: ■ Interface — Displays the interface for which the CoS default value i[...]

164 C HAPTER 13: C ONFI GURING Q UALITY OF S ERVICE Defining CoS The CoS S etup Page contains information fo r enabling QoS globally . Monitor users have no access to this page. T o configure CoS Settings: 1 Click Device > QoS > CoS Setup . The CoS Setup Page opens: Figure 78 CoS Setup Page The CoS Setu p Page contains the following fields: ?[...]

165 Viewing CoS to Queue The CoS to Queu e Summar y Page contains a table that displays the Co S values mapped to traf fic queues. T o view CoS V alu es to Queues: 1 Click Device > QoS > CoS to Queue > Summary . The CoS to Queue Summary Page opens: Figure 79 CoS to Queue Summary Page The CoS to Queu e Summar y Page contains the following f[...]

166 C HAPTER 13: C ONFI GURING Q UALITY OF S ERVICE T o configure CoS values to queues: 1 Click Device > QoS > CoS to Queue > Setup . The CoS to Queue Setup Page opens: Figure 80 CoS to Queue Setup Page The CoS to Queu e Setup Page co ntains the following fields: ■ Restore Defaults — Restor es th e device factory defau lts for mapping [...]

167 Viewing DSCP to Queue The DSCP to Queue Summar y Page co ntains fields for mapping DSCP settings to traffic queues. For example, a packet with a DSCP tag value of 3 can be assigned to queue 4. T o view the DSCP Queue: 1 Click Device > QoS > DSCP to Queue > Summary . The DSCP to Queue Summary Page opens: Figure 81 DSCP to Queue Summary [...]

168 C HAPTER 13: C ONFI GURING Q UALITY OF S ERVICE Configuring DSCP Queue The DSCP to Queue Setup Page contains fields for mapping DSCP settin gs to traffic queues. For example, a pack et with a DSCP tag value of 3 can be assigned to queue 1. The monitor user has no access to this page. To m a p CoS to Queues: 1 Click Device > QoS > DSCP to [...]

169 Configuring T rust Settings The T rust Setup Page contains information for enabling trust on the device. T o enable T rust: 1 Click Device > QoS > T rust > Setup . The T rust Setup Page opens: Figure 83 T rust Setup Page The T rust Setup Page contains the following fi elds: ■ Tr u s t M o d e — Specifies which packet fi elds to use[...]

170 C HAPTER 13: C ONFI GURING Q UALITY OF S ERVICE Viewing Bandwidth Settings The Bandwidth Summar y Page displays bandwid th settings for a specified interface. T o view Bandwidth Settings: 1 Click Device > QoS > Bandwidth > Summary . The Bandwidth Summary Page opens: Figure 84 Bandwidth Summary Page The Bandwidth Summar y Page contains [...]

171 Egr ess Shaping Rates ■ Status — Indicates the egress traffic shaping status for the interface. The possible field values are: ■ Enable — Egress traf fic shaping is enabled for the interface. ■ Disable — Egress traf fic shaping is disabl ed for th e interface. This is the default. ■ CIR — Indicates the Committed Info rmation Rat[...]

172 C HAPTER 13: C ONFI GURING Q UALITY OF S ERVICE Defining Bandwidth Settings The Bandwidth Setup Page allows network manager s to define the bandwidth settings for a specified in terface. Interface shaping can be based on an interface. Shaping is determined by the lower specified value. The interface shap ing type is selected in the Bandwidth Se[...]

173 Egr ess Shaping Rate ■ Enable Egress Shaping Rate — Enables setting Egress Shaping Rates. ■ Committed Information Rate (CIR) — Defines the CIR f or the interface. The field range is 64-1 ,000,000,000 kbits per second. ■ Committed Burst Size (CbS) — Defines the CbS for the interface. The field range is 4096-16,769,020 bytes per secon[...]

174 C HAPTER 13: C ONFI GURING Q UALITY OF S ERVICE Defining V oice VLAN V oice VLAN allows network administra t ors to enhance V oIP service by configuring ports to carry IP voice tra ffic fr om IP phon es on a specific VLAN. V o IP traffic has a preconfigu red OUI pr efix in the source MAC address. Network Administrators can configure VLANs on wh[...]

Defining Voice VLAN 175 Viewing V oice VLANs The V oice VLAN Summar y Page co ntains information about the V oice VLAN currently enabled on the device, including the ports enabled and included in the V oice VLAN. T o view V oice VLAN Settings: 1 Click Device > QoS > V o IP T ra ffic Setting > Summary . The Vo i c e V L A N Summary Page ope[...]

176 C HAPTER 13: C ONFI GURING Q UALITY OF S ERVICE ■ Ports in the V oice VLAN — Displays the ports which are included in the V oice VLAN. The possible values are: ■ Dynamic Members — Displays dynamic ports added to the V oice VLAN in Auto mode. ■ Static Members — Displa ys static ports that were manually added to the V oice VLAN. Defin[...]

Defining Voice VLAN 177 ■ V oice VLAN Aging Time — Defines th e amount of time after the last IP phone's OUI is aged out for a specific port. The V oice VLAN aging time starts after the MAC Address is aged out from the Dynamic MAC Address tabl e. The port will age out after the bridge and voice aging times. The default bridge aging t ime i[...]

178 C HAPTER 13: C ONFI GURING Q UALITY OF S ERVICE The V oice VLAN Por t Setup Page contains the fol lowing fields: ■ V oice VLAN Port Mode — Specifies the V oice VLAN mode. The possible field values are: ■ No Changes — Maintains the current V oice VLAN port/LAG settings. This is the default value. ■ None — Indicates that the selected [...]

Defining Voice VLAN 179 Viewing V oice VLAN Port Definitions The V oice VLAN Por t Details Page displays the V oice VLAN port settings for specific ports. The V oice VLAN Por t Details Page contains the following fi elds: ■ Select Port — Selects specific ports to display their V oice VLAN port definitions. The ports are color -cod ed as follows[...]

180 C HAPTER 13: C ONFI GURING Q UALITY OF S ERVICE T o view V oice VLAN Port Detail Settings: 1 Click Device > QoS > V oIP T ra f fic Setting > Port Detail . The Vo i c e VLAN Port Details Page opens: Figure 89 V oice VLAN Port Details P age 2 Select a port to view its settings. The port is highlighted blue, and the V oice VLAN port setti[...]

Defining Voice VLAN 181 T o view V oice VLAN OUI Settings: 1 Click Device > QoS > V oIP T raffic Setting > OUI Summary . The Vo i c e VLAN OUI Summary Page opens: Figure 90 V oice VLAN OUI Summary Pa ge The V oice VLAN OUI Summar y Page contains the following fields: OUI List ■ T elephony OUI(s) — Lists the OUIs curr ently enabled on t[...]

182 C HAPTER 13: C ONFI GURING Q UALITY OF S ERVICE Modifying OUI Definitions The V oice VLAN OUI Modify Page allows network administrators to add new OUIs or to r emove previously de fined OUIs from the V oice VLAN. The OUI is the first half (three most sign ificant bytes) of the MAC addr ess and is manufacturer specific, while the last three byte[...]

Defining Voice VLAN 183 2 Enter an OUI in the T elephony OUI field. 3 Enter an OUI description in the Description field. 4 Click to define a new OUI, or click to delete an existing OUI. The V oice VLAN table is modified, and the device is updated.[...]

14 M ANAGING S YSTEM F ILES The configuration file stru cture consists of the following configuration files: ■ Startup Configuration File — Contains th e commands requir ed to reconfigur e the device to the same settings as when the device is powered down or r ebooted. The Startu p file is created by copying the configuration commands from the [...]

185 This section contains in formation for def ining File maintenance and includes both configuration file mana gement as well as device access. This section contains the following topics: ■ Backing Up System Files ■ Restoring Files ■ Restore the Softwar e Image ■ Activating Image Files[...]

186 C HAPTER 14: M ANAGING S YST EM F ILES Backing Up System Files The Backup Page permits network managers to backup the system configuration to a TF TP or HTTP server . The monitor users have no access to this page. T o backup System files: 1 Click Administration > Backup & Restore > Backup . The Backup Page opens: Figure 92 Backup Page[...]

187 Restoring Files The Restore Page restor es files fr om the TF TP or HT TP server . The monito r users have no access to this pa ge. T o r estore System file s: 1 Click Administration > Backup & Restore > Restor e . The Restore Page opens: Figure 93 Restor e Page The Restore Page contains the following fields: ■ Download via TF TP ?[...]

188 C HAPTER 14: M ANAGING S YST EM F ILES Restore the Softwa re Image The Restor e Image Page permits network managers to retrieve the device software. The monitor user has no access to this page T o download the software image: 1 Click Administration > Firmwar e Upgrade > Restore Image . The Restore Image Page opens: Figure 94 Restor e Imag[...]

189 Activating Image Files Th e Active Image Page allows netw ork managers t o select and r eset the Image files. The Device Boot is downloaded onto the device through the CLI. T o upload System files: 1 Click Administration > Firmware Upgrade > Active Image . The Active Image Pa ge opens: Figure 95 Ac tive Image P age The Active Image Page c[...]

15 M ANAGING P OWER OVER E THER NET D EVICES Power over Ethernet (PoE) provides power to devices over existing LAN cabling, without updating or modifying the network infrastru cture. Power over Ether net removes the necessity of placing network devices next to power sources. Power over Ethernet can be used wit h: ■ IP Phones ■ W ireless Access [...]

191 Viewing PoE Settings The Port PoE Summar y Page displays system PoE information on the device and attached ports, monitoring th e current power usage and operational status. T o view PoE Settings: 1 Click Port > PoE > Summary . The Port PoE Summary Page opens: Figure 96 Port PoE Summary Page The Port PoE Summary Page displays the followin[...]

192 C HAPTER 15: M ANAGING P OWER OV ER E THERNET D EVICES ■ Power Used(watts) — Indicates the actual amoun t of power currently use d by the device. The field value is displayed in W atts. ■ Power Free(watts) — Displays the amount of additi onal power currently ava ilable to the device. Th e field value is displayed in W atts. ■ Select P[...]

193 Defining PoE Settings The Port PoE Setup Page allows users to configure ports for PoE. T o configure Port PoE Settings: 1 Click Port > PoE > Setup . The Port PoE Setup Pa ge opens: Figure 97 Port PoE Setup Page The Port PoE Setup Page contains the followin g fields: ■ Select Ports — Selects the ports to be configured. ■ PoE State ?[...]

194 C HAPTER 15: M ANAGING P OWER OV ER E THERNET D EVICES ■ Selected Ports — Displays the PoE configura tion for the selected ports. The fields displayed are: ■ Port — Indicates the port number . ■ State — Indicates if the port is enabled to deliver power to powered devices. The possible field value s are Enabled or Disabled . ■ Mode[...]

16 M ANAGING S YSTEM L OGS This section provides information fo r managing system logs. The system logs enable viewing device events in real time, and recor ding the events for later usage. System Logs recor d and manage events and report errors and informational messages. Event me ssages have a unique f ormat, as per the Syslog pr otocols recomme [...]

196 C HAPTER 16: M ANAGING S YST EM L OGS Viewing Logs Th e Loggin g Display Page contains all system logs in a chronological order that are saved in RAM (Cache). The monitor user has read-only access to this feature. T o view Logging: 1 Click Administration > Logging > Display . The Logging Display Page opens: Figure 98 Logging Display Page [...]

197 Configuring Logging The Logging Setup Page contains fields for defining which events are recor ded to which logs. It contains fields for enabling logs globally , and parameters for defining logs. Log messages are listed from the high est severity to the lowest severity level. The monito r users have no access to this pa ge. T o define Log Param[...]

198 C HAPTER 16: M ANAGING S YST EM L OGS The Logging Setup Page contains th e following fields: ■ Enable Local Logging — Specifies i f device local logs for Cache and servers ar e enabled. Console l ogs are enable d by default. ■ Severity level — Specifies the mi nimum severity level for which a message will be logged. Wh en a severity lev[...]

199 ■ Enable Syslogging — Specifies if device syslogs for Cache and servers ar e enabled. ■ Severity level — Specifies the mi nimum severity level for which a message will be logged. When a severi ty level is select ed, all severity level choices above the selection are selected automatically . The possible field values are: ■ Emergency ?[...]

17 V IEWING S TATISTICS This section cont ains information for viewing por t statistics, and contains the following topics: ■ Viewing Port Statistics[...]

201 Viewing Port Statistics The Port Statistics Summar y Page contains fields for viewing information about device utilization and errors that occurred on the device. T o view RMON statistics: 1 Click Ports > Statistics > Summary . Th e Port Statistics Summar y Page opens: Figure 100 Port Statistics Summary Page The Port Statistics Summar y P[...]

202 C HAPTER 17: V IEWING S TATISTICS ■ Received Bytes (Octets) — Displays the number of octets r eceived on the interface since the device wa s last refr eshed . This number includes bad packets and FCS octe ts, but excludes framing bits. ■ Received Packets — D isp lay s t he n um ber of p ac ket s rece ive d o n th e interface, in cluding[...]

203 ■ Frames of 128 to 255 Bytes — Displays the numb er of 128 to 255 byte frames received on the inte rface since the device was last ref re s he d . ■ Frames of 256 to 511 Bytes — Displays the numb er of 256 to 511 byte frames received on the inte rface since the device was last ref re s he d . ■ Frames of 512 to 1023 By tes — Display[...]

18 M ANAGING D EVICE D IAGNOSTICS This section contains in formation for viewing an d configuring port and cable diagnostics, and includes the following topics: ■ Configuring Port Mirroring ■ Viewing Cable Diagno stics[...]

Configuring Port Mirroring 205 Configuring Port Mirr oring Port mirroring monitors and mirrors ne twork traffic by forwarding copies of incoming and outgoing packets from one port to a monitoring port. Port mirroring can be used as a diagnostic tool as well as a debugging feature. Port mirr oring also enables switch performance monitoring . Network[...]

206 C HAPTER 18: M ANAGING D EVICE D IAGNOSTICS Defining Port Mirroring The Port Mirr oring Setup Page contains parameters for config uring port mirroring. The monitor user has limi ted access to this page. T o enable port mirroring: 1 Click Monitoring > Port Mirroring > Setup . The Port Mirroring Setup Page opens: Figure 101 Port Mirr oring [...]

Configuring Port Mirroring 207 ■ Select port — Selects the port for mirroring or monitoring. A port unavailable for mirroring is color ed grey . ■ Summary — Displays the current monitor and mirror ports. The fields displayed are: ■ Monitor — Displays the monitor port. ■ Mirror In — Displays ports that ar e monitored on the RX. ■ M[...]

208 C HAPTER 18: M ANAGING D EVICE D IAGNOSTICS Removing Port Mirroring The Port Mirr oring Remove Page permits the network manager to terminate port mirroring or monitoring. The monitor users have no access to this page. T o remove port mirroring: 1 Click Monitoring > Port Mirroring > Remove . The Port Mirroring Remove Page opens: Figure 102[...]

Viewing Cable Diagnostics 209 Viewing Cable Diagnostics The Cable Diagnostics Summar y Page contains fields for viewing tests on copper cables. Cable testing provides information ab out where errors occurred in the cable, the last time a cable test was performed, and the type of cable err or which occurred. The tests use Time Domain Reflectometry ([...]

210 C HAPTER 18: M ANAGING D EVICE D IAGNOSTICS ■ Cable Fault Distance — Indicates the distance in meters from the port where the cable err or occurred. ■ Last Update — Indicates the last time the port was tested. Configuring Cable Diagnostics The Diagnostics Page contains fields for performing tests on copp er cables. Cable te sting provid[...]

Viewing Cable Diagnostics 211 To t e s t c a b l e s : 1 Click Monitoring > Cable Diagnostics > Diagnostics . The Diagnostics Page opens: Figure 104 Diagnostics Page The Diagnostics Page contains the followin g fields: ■ Select a Port — Selects the port to be tested. ■ Te s t R e s u l t — Displays the cable test re sults. Possible va[...]

A 3C OM N ETWORK M ANAGEMENT 3Com has a range of network mana gement applications to address networks of all sizes and complexity , fr om small and medium businesses through large enterprises. The applications inclu de: ■ 3Com Network Supervisor ■ 3Com Network Director ■ 3Com Network Access Manager ■ 3Com E nterprise Management Suite ■ In[...]

3Com Network Director 213 3Com Network Director 3Com Network Director (3ND) is a stan dalone application th at allows you to carry out key management and ad ministrative tasks on midsized networks. By using 3ND you can disc over , map, and monitor all your 3Com devices on the network. It si mplifies tasks such as backup and restor e for 3Com device[...]

214 A PPENDIX A: 3C OM N ETWORK M ANAGEMENT 3Com Enterprise Management Suite 3Com Enterprise Management Su ite (EMS) deliver s comprehensive management that is flexible and sc alable enough to meet the needs of the largest enterprises and advanced networks. This solution provides particularly powerful conf iguration and change control functionaliti[...]

B D EVICE S PECIFICATIONS AND F EATUR ES Related Standards The 3Com ® OfficeConnect Managed Gigabit PoE Switch has been designed to the following standards: Envir onmental Physical Function 8802-3, IEEE 802.3 (Eth ernet), IEEE 802.3u (Fast Ethernet), IEEE 802.3ab (Gigab it Ethernet), IEEE 802.1D (Bridging) Safety UL 60950-1, EN 60950-1, CSA 22.2 N[...]

216 A PPENDIX B: D EVICE S PECIFICATIONS AND F EATURES Electrical Switch Features This section describes the device features. The system supports the following features: Line Frequency 50/60 Hz Input Voltage 100–240 Vac (auto ran ge) Current R ating 2 Amp (Max) Maximum Power Consumpti on 358.4 BTU/hr (114 W atts) Max Heat Dissipat ion 79 BTU/hr T[...]

Switch Features 217 Command Line Interface The Command Line Interface (CLI) is an interface using a serial connection that allows basic features to be configured, including IP address management and firmware upgradin g. The CLI is not intended as the main interface for the switch. Configuration File Management The device configuration is stor ed in[...]

218 A PPENDIX B: D EVICE S PECIFICATIONS AND F EATURES LACP LACP uses peer exchan ges across links to determine, on an ongoing basis, the aggregation capability of various lin ks, and continuously provides the maximum level of aggregation capability ac hievable between a given pair of systems. LACP automatically determines, configures, bin ds and m[...]

Switch Features 219 Power over Ethernet Provides power to devi ces over LAN connection . RADIUS Clients RADIUS is a client/server-based protocol. A RADIUS server maintain s a user database, which contains per-us er authentication information, such as user name, password and accounting information. Rapid Spanning Tree Spanning Tree can take 30-60 se[...]

220 A PPENDIX B: D EVICE S PECIFICATIONS AND F EATURES VLAN Support VLANs are collections of switching ports that comprise a single broadcast domain. Packets are classified as be longing to a VLAN based on either the VLAN tag or based on a combination of the ingress port and packet contents. Packets sharing common attri butes can be grouped in the [...]

C P IN -O UTS Null Modem Cable RJ-45 to RS-232 25-pin PC-A T Serial Cable RJ-45 to 9-pin Screen TxD RxD Ground RTS CTS DSR DCD DTR Screen RxD TxD Ground RTS DTR CTS DSR DCD Shell 3 2 5 7 8 6 1 4 1 3 2 7 4 20 5 6 8 Switch 5500 Cable connector: RJ-45 female PC/T erminal Cable connector: 25-pin male/female only required if screen always required requi[...]

222 A PPENDIX C: P IN -O UTS Modem Cable RJ-45 to RS-232 25-p in Ethernet Port RJ-45 Pin Assignments 10/100 and 1000BASE-T RJ- 45 connections. Ta b l e 10 Pin assignments Screen TxD RxD RTS CTS DSR Ground DCD DTR Screen TxD RxD RTS CTS DSR Ground DCD DTR Shell 3 2 7 8 6 5 1 4 1 2 3 4 5 6 7 8 20 Switch 5500 Cable connector: RJ-45 female RS-232 Modem[...]

Ethernet Port RJ-45 Pin Assignments 223 Ta b l e 11 Pin assignments Pin Number 10/100 1000 Ports configured as MDIX 1 Receive Data + Bidirectional Data B+ 2 Receive Data − Bidirectional Data B − 3 Transmit Data + Bidirectional Data A+ 4 Not assigned Bidirectional Data A − 5 Not assigned Bidirectional Data D+ 6 Transmit Data − Bidirectional [...]

D T R OUBLESHOOTING This section describes problems that may arise when installing the and how to resolve these issue. T his section includes the f ollowing topics: ■ Problem Management — Provides information about problem management. ■ T roubleshooting Solutions — Provides a list of tr oubleshooting issues and solutions for using the devic[...]

Troubleshooting Solutions 22 5 Problems Possible Cause Solution Cannot connect to management us ing RS-232 serial c onnection Be sure the terminal emulator program is set to VT-100 compatible, 38400 baud rate, no parity, 8 data bits and one stop bit Use the included cable, or be sure that the pin-out complies with a stan dard null-modem cable Canno[...]

226 A PPENDIX D: T ROUB LESHOOTING No connection and the port LED is off Incorrect ethernet cable, e.g., crossed rather than straight cable, or vice versa, split pair (incorrect twisting of pairs) Fiber optical cable connection is reversed Bad cable Wrong cable type Check pinout and replace if necessary Change if necessary. Check Rx and Tx on fiber[...]

E 3C OM CLI R EFER ENCE G UIDE This section describ es using the Command Li ne Inte rface (CLI) to manage the device. The device is managed thr ough the CLI from a dir ect connection to the device console port Getting Started with the Command Line Interface Using the CLI, network managers enter configuration commands and parameters to configure the[...]

228 A PPENDIX E: 3C OM CLI R EFERENCE G UIDE 3 Press Enter . The Passwor d prompt displays: The Login information is verified, and displays the follow ing CLI menu: If the passwor d is invalid, the fo llowing me ssage appears and Login process r estarts. Automatic Logout The user session is automatically terminated af ter 30 minutes in wh ich no de[...]

CLI Commands 229 ? The ? command disp lays a list of CLI commands on the device. Syntax ? Default Configuration This command has no default configu ration. User Guidelines There ar e no user gu idelines for this command. Example The following displays the list presented for the ? command: Select menu option# ? initialize ipsetup logout ping reboot [...]

230 A PPENDIX E: 3C OM CLI R EFERENCE G UIDE Ping The Ping command sends ICMP echo request packets to another no de on the network. Syntax ping [ I P address | URL| hostname ] Parameters ■ IP Address — IP addr ess to ping. ■ URL — URL addr ess to ping. ■ hostname — hostname to ping. (Ran ge: 1 - 158 characters) Default Configuration Thi[...]

CLI Commands 231 Summary The Summary command displays the curr ent IP configuration and software versions running on the device. It is intended for devices that support separate runtime and bootcode Images. Syntax summary Default Configuration This command has no default configu ration. User Guidelines There ar e no user gu idelines for this comman[...]

232 A PPENDIX E: 3C OM CLI R EFERENCE G UIDE ipSetup The ipSetup command allows the user to define an IP addr ess on the device either manually or via a DHCP server . Syntax ipSetup [ dhcp | ip-address mask [ default-gateway ip-address ]] Parameters ■ dhcp — Specifies the IP addr ess is acquired automatically from the Dynamic Host Configuration[...]

CLI Commands 233 Upgrade The Upgrade command starts a s ystem download an d thereby allowing a system upgrade. Syntax upgrade [ TF TP Server IP Address | Destination File Name | File T ype] Parameters ■ TF TP Se rver IP Address — Defines the TF TP server’ s IP addr ess. ■ Source File Name — Specifies the source file name. ■ File T ype ?[...]

234 A PPENDIX E: 3C OM CLI R EFERENCE G UIDE Initialize The Initialize command r esets the device configu ration to factory defaults, including the IP config uration. Syntax Initialize Default Configuration This command has no default configu ration. User Guidelines The system prompts for confirmation of the request. If no response is entered withi[...]

CLI Commands 235 Reboot The Reboot command simulates a powe r cycle of the device. Syntax reboot Default Configuration This command has no default configu ration. User Guidelines There ar e no user gu idelines for this command. Example Select menu option: reboot Are you sure you want to reboot the system (yes,no)[no]: no Select menu option:[...]

236 A PPENDIX E: 3C OM CLI R EFERENCE G UIDE Logout The Logout command terminates the CLI session. Syntax logout Default Configuration This command has no default configu ration. User Guidelines There ar e no user gu idelines for this command. Example Select menu option: logout exiting session... Username:[...]

CLI Commands 237 Password The Passwor d command chan ges the user’ s password. Syntax password Default Configuration This command has no default configu ration. User Guidelines The user needs to login to the session in order to change the password. Example Select menu option: password Change password for user: us ername Old password: Enter new pa[...]

F G LOSSARY Access Control List (ACL) ACLs can limit network traffic and r estrict access to certain user s or devices by checking each packet for certain IP or MAC (i.e., Layer 2) information. Address Resolution Protocol (ARP) ARP converts be tween IP addresses and MAC (i.e., h ardwar e) addresses. ARP is used to locate the MAC address correspondi[...]

239 Extensible Authentication Pr otocol over LAN (EAPOL) EAPOL is a client auth entication pr otocol use d by this switch to verif y the network access rights for any de vice that is plugged into the switch. A user name and password is r equested by t he switch, and then passed to an authentication serv er (e.g., RADIUS) for verification. EAPOL is [...]

240 A PPENDIX F: G LOSSARY Inter net Contr ol Message Pr otocol (ICMP) A network layer pr otocol that reports errors in pr ocessing IP packets. ICMP is also used by routers to feed back informat ion about bett er routing choices. Internet Group Management Protoco l (IGMP) A protocol thr ough which hosts can register with their local router for mult[...]

241 Multicast Switc hing A process whereby the switch filt ers incoming multicast frames for services for which no attached host has register ed, or forwards them to all ports contained within the designated multicast VLAN group. Out-of-Band Management Management of the network from a station not attached to the network. Port Authentication See IEE[...]

242 A PPENDIX F: G LOSSARY Remote Authentication Dial-in User Service (RADIUS) RADIUS is a logon authentication protocol that uses software running on a central server to control acce ss to RADIUS-compliant devices on the network. Remote Monitoring (RMON) RMON provides comprehensive network monitoring capabilities. It eliminates the polling r equir[...]

243 IP-like services. UDP pack ets are de liver ed just like IP packets – connection-less datagrams that may be discarded before r eaching their targets. UDP is useful when TCP would be too complex, too slow , or just unnecessary . Virtual LAN (VLAN) A Virtual LAN is a collection of ne twork nodes that shar e the same collision domain regar dless[...]

G O BTAINING S UPPORT FOR Y OUR 3C OM P R O DUCTS 3Com offers pr od uct registration, ca se management, and r e pair services through eSupport.3com.com. Y ou must ha ve a user name and password to access these services, which are described in this appendix. Register Y our Product to Gain Service Benefits T o take advantage of warranty and ot her se[...]

Access Software Downloads 245 Contact your authorized 3Com rese ller or 3Com for ad ditional product and support information. See the table of acces s numbers later in this appendix. Access Software Downloads Y ou are entitled to bug fix / maintenance releases for the version of software that you initially purchased with your 3Com pr oduct. T o obt[...]

246 A PPENDIX G: O BTAINING S U PPORT FOR Y OUR 3C OM P RODUCTS T o send a product dir ectly to 3Com for repair , you must first obtain a return materials authorization numbe r (RMA). Products sent to 3Com without authorization numb ers clearly marked on the outside of the package will be returned to the sender unopened, at the sender’ s expense.[...]

Contact Us 247 You can also obtain support in this region usin g this URL: http ://emea.3com.com/support/email.html You can also obtain non-urgent support in this region at these ema il addresses: Technical suppo rt and general requ ests: customer_support@3com.com Return material authorization: warranty_repair@3com.com Contract requests: emea_contr[...]

R EGULATORY N OTICES FCC S TATEMENT This equipment has been tested and found to comply wi th the limits for a Class A digital device, pursu ant to part 15 of the FCC rules. These limits are designed to provide reasonable protection again st harmful interference when the equipment is operated in a co mmercial environment. This equipment generates, u[...]