![Zyxel ES3500-8PD [44/360] Resetting the switch](/img/pdf.png)
Zyxel ES3500-8PD [44/360] Resetting the switch
![Zyxel ES3500-8PD [44/360] Resetting the switch](/views2/1168564/page44/bg2c.png)
Chapter 4 The Web Configurator
ES3500 Series User’s Guide
44
4 Disable all ports.
5 Misconfigure the text configuration file.
6 Forget the password and/or IP address.
7 Prevent all services from accessing the Switch.
8 Change a service port number but forget it.
Note: Be careful not to lock yourself and others out of the Switch. If you do lock yourself
out, try using out-of-band management (via the management port) to configure
the Switch.
4.6 Resetting the Switch
If you lock yourself (and others) from the Switch or forget the administrator password, you will
need to reload the factory-default configuration file or reset the Switch back to the factory defaults.
4.6.1 Reload the Configuration File
Uploading the factory-default configuration file replaces the current configuration file with the
factory-default configuration file. This means that you will lose all previous configurations and the
speed of the console port will be reset to the default of 9600bps with 8 data bit, no parity, one stop
bit and flow control set to none. The password will also be reset to “1234” and the IP address to
192.168.1.1.
To upload the configuration file, do the following:
1 Connect to the console port using a computer with terminal emulation software. See Section 3.1 on
page 28 for details.
2 Disconnect and reconnect the Switch’s power to begin a session. When you reconnect the Switch’s
power, you will see the initial screen.
3 When you see the message “Press any key to enter Debug Mode within 3 seconds ...” press
any key to enter debug mode.
4 Type atlc after the “Enter Debug Mode” message.
5 Wait for the “Starting XMODEM upload” message before activating XMODEM upload on your
terminal.
Содержание
- Default login details 1
- Es3500 series 1
- Intelligent l2 switch 1
- Quick start guide 1
- User s guide 1
- Important 2
- Keep this guide for future reference 2
- Note it is recommended you use the web configurator to configure the switch 2
- Read carefully before use 2
- Related documentation 2
- Contents overview 3
- Technical reference 77 3
- User s guide 17 3
- Chapter 1 getting to know your switch 19 5
- Chapter 2 hardware installation and connection 25 5
- Chapter 3 hardware overview 28 5
- Chapter 4 the web configurator 37 5
- Contents overview 3 5
- Part i user s guide 7 5
- Table of contents 5
- Table of contents 5 5
- Chapter 5 initial setup example 47 6
- Chapter 6 tutorials 52 6
- Chapter 7 system status and port statistics 79 6
- Part ii technical reference 7 6
- Chapter 10 static mac forward setup 116 7
- Chapter 8 basic setting 84 7
- Chapter 9 vlan 99 7
- Chapter 11 static multicast forward setup 118 8
- Chapter 12 filtering 122 8
- Chapter 13 spanning tree protocol 124 8
- Chapter 14 bandwidth control 142 8
- Chapter 15 broadcast storm control 145 8
- Chapter 16 mirroring 147 8
- Chapter 17 link aggregation 149 9
- Chapter 18 port authentication 157 9
- Chapter 19 port security 165 9
- Chapter 20 classifier 167 9
- Chapter 21 policy rule 172 9
- Chapter 22 queuing method 177 9
- Chapter 23 vlan stacking 180 10
- Chapter 24 multicast 187 10
- Chapter 25 aaa 202 10
- Chapter 26 ip source guard 215 11
- Chapter 27 loop guard 234 11
- Chapter 28 vlan mapping 238 11
- Chapter 29 layer 2 protocol tunneling 242 11
- Chapter 30 sflow 246 12
- Chapter 31 pppoe 250 12
- Chapter 32 error disable 258 12
- Chapter 33 private vlan 263 12
- Chapter 34 green ethernet 265 12
- Chapter 35 static route 267 12
- Chapter 36 differentiated services 270 13
- Chapter 37 dhcp 278 13
- Chapter 38 maintenance 285 13
- Chapter 39 access control 92 14
- Chapter 40 diagnostic 317 14
- Chapter 41 syslog 318 14
- Chapter 42 cluster management 321 14
- Chapter 43 mac table 327 14
- User s guide 17
- Backbone application 19
- Getting to know your switch 19
- Introduction 19
- Bridging example 20
- High performance switching example 20
- Ieee 802 q vlan application examples 21
- Tag based vlan example 21
- Ipv6 support 22
- Ways to manage the switch 22
- Good habits for managing the switch 23
- Desktop installation procedure 25
- Hardware installation and connection 25
- Installation scenarios 25
- Mounting the switch on a rack 25
- Attaching the mounting brackets to the switch 26
- Failure to use the proper screws may damage the unit 26
- Precautions 26
- Rack mounted installation requirements 26
- Mounting the switch on a rack 27
- Front and rear panels 28
- Hardware overview 28
- Chapter 3 hardware overview 29
- Es3500 series user s guide 29
- Figure 12 es3500 24hp rear panel 29
- Figure 13 es3500 8pd front panel 29
- Figure 14 es3500 8pd rear panel 29
- Label description 29
- Table 3 front and rear panel connections 29
- The following table describes the connectors on the front and rear panels 29
- Console port 30
- Default ethernet negotiation settings 30
- Ethernet ports 30
- Auto crossover 31
- To avoid possible eye injury do not look into an operating fiber optic module s connectors 31
- Transceiver installation 31
- Transceiver slots 31
- Transceiver removal 32
- Keep the power supply switch in the off position until you come to the procedure for turning on the power 33
- Note check the power supply requirements shown on the rear panel and make sure you are using an appropriate power source 33
- Power connector 33
- Chapter 3 hardware overview 34
- Es3500 series user s guide 34
- Led color status description 34
- Table 4 es3500 24 led descriptions continued 34
- Table 5 es3500 24hp led descriptions 34
- Chapter 3 hardware overview 35
- Es3500 series user s guide 35
- Led color status description 35
- Table 5 es3500 24hp led descriptions continued 35
- Table 6 es3500 8pd led descriptions 35
- Introduction 37
- System login 37
- The web configurator 37
- The web configurator layout 38
- B d c e 39
- Basic setting advanced application ip application management 40
- Chapter 4 the web configurator 40
- Es3500 series user s guide 40
- In the navigation panel click a main link to reveal a list of submenu links 40
- Link description 40
- Note only the es3500 24hp has a poe menu 40
- Note only the es3500 8pd has a green ethernet menu 40
- Table 7 navigation panel sub links overview 40
- Table 8 navigation panel links 40
- The following table describes the links in the navigation panel 40
- Chapter 4 the web configurator 41
- Es3500 series user s guide 41
- Link description 41
- Table 8 navigation panel links continued 41
- Chapter 4 the web configurator 42
- Es3500 series user s guide 42
- Link description 42
- Table 8 navigation panel links continued 42
- Change your password 43
- Note use the save link when you are done with a configuration session 43
- Saving your configuration 43
- Switch lockout 43
- Note be careful not to lock yourself and others out of the switch if you do lock yourself out try using out of band management via the management port to configure the switch 44
- Reload the configuration file 44
- Resetting the switch 44
- Logging out of the web configurator 45
- Creating a vlan 47
- Initial setup example 47
- Overview 47
- Note the vlan group id field in this screen and the vid field in the ip setup screen refer to the same vlan id 48
- Setting port vid 49
- Configuring switch management ip address 50
- How to use dhcp snooping on the switch 52
- Tutorials 52
- How to use dhcp relay on the switch 55
- Creating a vlan 56
- Dhcp relay tutorial introduction 56
- Dhcp server port 2 pvid 102 56
- Vlan 102 56
- Configuring dhcp relay 58
- How to use pppoe ia on the switch 59
- Troubleshooting 59
- Configuring switch a 60
- Note for related information about pppoe ia see section 31 on page 252 60
- Port 11 trusted 60
- Port 12 trusted 60
- Port 5 untrusted port 12 trusted 60
- Configuring switch b 62
- How to use error disable and recovery on the switch 65
- Note refer to section 27 on page 234 and section 32 on page 259 for more information about loop guard and errdisable 65
- Creating a guest vlan 67
- How to set up a guest vlan 67
- Internet 67
- Enabling ieee 802 x port authentication 70
- Enabling guest vlan 71
- How to do port isolation in a vlan 72
- Creating a vlan 73
- Internet 73
- Creating a private vlan rule 75
- Technical reference 77
- Overview 79
- Port status summary 79
- System status and port statistics 79
- Chapter 7 system status and port statistics 80
- Es3500 series user s guide 80
- Label description 80
- Table 11 status 80
- The following table describes the labels in this screen 80
- Status port details 81
- Chapter 7 system status and port statistics 82
- Es3500 series user s guide 82
- Label description 82
- Table 12 status port details continued 82
- Chapter 7 system status and port statistics 83
- Es3500 series user s guide 83
- Label description 83
- Table 12 status port details continued 83
- Basic setting 84
- Overview 84
- System information 84
- Chapter 8 basic setting 85
- Es3500 series user s guide 85
- Label description 85
- System info 85
- The following table describes the labels in this screen 85
- Chapter 8 basic setting 86
- Es3500 series user s guide 86
- General setup 86
- General setup in the navigation panel to display the screen as shown 86
- Label description 86
- The following table describes the labels in this screen 86
- A vlan virtual local area network allows a physical network to be partitioned into multiple logical networks devices on a logical network belong to one group a device can belong to more than one group with vlan a device cannot directly talk to or hear from devices that are not in the same group s the traffic must first go through a router 87
- Chapter 8 basic setting 87
- Es3500 series user s guide 87
- General setup continued 87
- In mtu multi tenant unit applications vlan is vital in providing isolation and security among the subscribers when properly configured vlan prevents one subscriber from accessing the network resources of another on the same lan thus a user will not see the printers and hard disks of another user in the same building 87
- Introduction to vlans 87
- Label description 87
- After smart isolation 88
- Before smart isolation 88
- Isolated ports 2 6 8 root port 7 designated port 8 88
- Isolated ports 2 6 root port 7 designated port 8 88
- Note vlan is unidirectional it only governs outgoing traffic 88
- Smart isolation 88
- Note the uplink port connected to the internet should be the root port otherwise with smart isolation enabled the isolated ports cannot access the internet 89
- Switch setup 89
- Chapter 8 basic setting 90
- Es3500 series user s guide 90
- Label description 90
- Switch setup continued 90
- Ip setup 91
- Management ip addresses 91
- Note you must configure a vlan first 91
- Chapter 8 basic setting 92
- Es3500 series user s guide 92
- Ip setup 92
- Label description 92
- The following table describes the labels in this screen 92
- Chapter 8 basic setting 93
- Es3500 series user s guide 93
- Ip setup continued 93
- Label description 93
- Note changes in this row are copied to all the ports as soon as you make them 93
- Note due to space limitation the port name may be truncated in some web configurator screens 93
- Port setup 93
- Port setup in the navigation panel to display the configuration screen 93
- The following table describes the labels in this screen 93
- Chapter 8 basic setting 94
- Es3500 series user s guide 94
- Label description 94
- Note the following screens are available for the es3500 24hp model only 94
- Port setup continued 94
- The es3500 24hp supports the ieee 802 at power over ethernet plus poe standard the switch is power sourcing equipment pse because it provides a source of power via its ethernet ports and each device that receives power through an ethernet port is a powered device pd 94
- Note the poe devices that supply or receive power and their connected ethernet cables must all be completely indoors 95
- Chapter 8 basic setting 96
- Es3500 series user s guide 96
- Label description 96
- Note the switch must have at least 16 w of remaining power in order to supply power to a poe device even if the poe device needs less than 16 w 96
- Poe setup 96
- Poe status 96
- Use this screen to set the priority levels for the switch in distributing power to pds 96
- Chapter 8 basic setting 97
- Es3500 series user s guide 97
- Label description 97
- Poe setup 97
- Poe status screen the following screen opens 97
- The following table describes the labels in this screen 97
- Forwarding tagged and untagged frames 99
- Introduction to ieee 802 q tagged vlans 99
- Automatic vlan registration 100
- Chapter 9 vlan 100
- Es3500 series user s guide 100
- Garp and gvrp are the protocols used to automatically register vlan membership across switches 100
- Garp generic attribute registration protocol allows network switches to register and de register attribute values with other garp participants within a bridged lan garp is a protocol that provides a generic mechanism for protocols that serve a more specific application for example gvrp 100
- Garp timers 100
- Gvrp garp vlan registration protocol is a registration protocol that defines a way for switches to register necessary vlan members on ports across the network enable this function to permit vlan groups beyond the local switch 100
- Please refer to the following table for common ieee 802 q vlan terminology 100
- Switches join vlans by making a declaration a declaration is made by issuing a join message using garp declarations are withdrawn by issuing a leave message a leave all message terminates all registrations garp timers set declaration timeout values 100
- Table 20 ieee 802 q vlan terminology 100
- Vlan parameter term description 100
- Port vlan trunking 101
- Select the vlan type 101
- Static vlan 101
- Chapter 9 vlan 102
- Es3500 series user s guide 102
- Label description 102
- The following table describes the labels in this screen 102
- Vlan from the navigation panel to display the vlan status screen as shown next 102
- Vlan status 102
- Vlan vlan status 102
- Chapter 9 vlan 103
- Es3500 series user s guide 103
- Label description 103
- The following table describes the labels in this screen 103
- Use this screen to view detailed port settings and status of the vlan group see section 9 on page 99 for more information on static vlan click on an index number in the vlan status screen to display vlan details 103
- Vlan detail 103
- Vlan details 103
- Chapter 9 vlan 104
- Configure a static vlan 104
- Es3500 series user s guide 104
- Label description 104
- Note changes in this row are copied to all the ports as soon as you make them 104
- Static vlan 104
- The following table describes the related labels in this screen 104
- Use this screen to configure and view 802 q vlan parameters for the switch see section 9 on page 99 for more information on static vlan to configure a static vlan click static vlan in the vlan status screen to display the screen as shown next 104
- Chapter 9 vlan 105
- Configure vlan port settings 105
- Es3500 series user s guide 105
- Label description 105
- Static vlan continued 105
- The following table describes the labels in this screen 105
- Use the vlan port setting screen to configure the static vlan ieee 802 q settings on a port see section 9 on page 99 for more information on static vlan click the vlan port setting link in the vlan status screen 105
- Vlan port setting 105
- Chapter 9 vlan 106
- Es3500 series user s guide 106
- For example an isp internet service provider may divide different types of services it provides to customers into different ip subnets traffic for voice services is designated for ip subnet 172 6 24 video for 192 68 24 and data for 10 24 the switch can then be configured to group incoming traffic based on the source ip subnet of incoming frames 106
- Label description 106
- Note changes in this row are copied to all the ports as soon as you make them 106
- Subnet based vlans 106
- Subnet based vlans allow you to group traffic into logical vlans based on the source ip subnet you specify when a frame is received on a port the switch checks if a tag is added already and the ip subnet it came from the untagged packets from the same ip subnet are then placed in the same subnet based vlan one advantage of using subnet based vlans is that priority can be assigned to traffic from the same ip subnet 106
- Vlan port setting continued 106
- You can then configure a subnet based vlan with priority 6 and vid of 100 for traffic received from ip subnet 172 6 24 voice services you can also have a subnet based vlan with priority 5 and vid of 200 for traffic received from ip subnet 192 68 24 video services lastly you can configure vlan with priority 3 and vid of 300 for traffic received from ip subnet 10 24 data 106
- Configuring subnet based vlan 107
- Internet 107
- Chapter 9 vlan 108
- Es3500 series user s guide 108
- Label description 108
- Note subnet based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 108
- Subnet based vlan 108
- Subnet based vlan setup 108
- The following table describes the labels in this screen 108
- Chapter 9 vlan 109
- Es3500 series user s guide 109
- Figure 46 protocol based vlan application example 109
- For example ports 1 2 3 and 4 belong to static vlan 100 and ports 4 5 6 7 belong to static vlan 120 you can configure a protocol based vlan a with priority 3 for arp traffic received on port 1 2 and 3 you can also have a protocol based vlan b with priority 2 for apple talk traffic received on port 6 and 7 all upstream arp traffic from port 1 2 and 3 will be grouped together and all upstream apple talk traffic from port 6 and 7 will be in another group and have higher priority than arp traffic when they go through the uplink port to a backbone switch c 109
- Label description 109
- Note protocol based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 109
- Protocol based vlans 109
- Protocol based vlans allow you to group traffic into logical vlans based on the protocol you specify when an upstream frame is received on a port configured for a protocol based vlan the switch checks if a tag is added already and its protocol the untagged packets of the same protocol are then placed in the same protocol based vlan one advantage of using protocol based vlans is that priority can be assigned to traffic of the same protocol 109
- Subnet based vlan setup 109
- Chapter 9 vlan 110
- Click protocol based vlan in the vlan port setting screen to display the configuration screen as shown 110
- Configuring protocol based vlan 110
- Es3500 series user s guide 110
- Label description 110
- Note protocols in the hexadecimal number range of 0x0000 to 0x05ff are not allowed to be used for protocol based vlans 110
- Protocol based vlan 110
- Protocol based vlan setup 110
- The following table describes the labels in this screen 110
- Create an ip based vlan example 111
- Example 111
- Configure a port based vlan 112
- Note in screens such as ip setup and filtering that require a vid you must enter 1 as the vid 112
- Note when you activate port based vlan the switch uses a default vlan id of 1 you cannot change it 112
- Port based vlan setup 112
- Chapter 9 vlan 115
- Es3500 series user s guide 115
- Label description 115
- The following table describes the labels in this screen 115
- Vlan port based vlan setup 115
- Configuring static mac forwarding 116
- Overview 116
- Static mac forward setup 116
- Chapter 10 static mac forward setup 117
- Es3500 series user s guide 117
- Label description 117
- Note static mac addresses do not age out 117
- Static mac forwarding 117
- The following table describes the labels in this screen 117
- Static multicast forward setup 118
- Static multicast forwarding overview 118
- Configuring static multicast forwarding 119
- Chapter 11 static multicast forward setup 120
- Es3500 series user s guide 120
- Label description 120
- Static multicast forwarding 120
- Static multicast forwarding to display the configuration screen as shown 120
- The following table describes the labels in this screen 120
- Chapter 11 static multicast forward setup 121
- Es3500 series user s guide 121
- Label description 121
- Static multicast forwarding continued 121
- Configure a filtering rule 122
- Filtering 122
- Chapter 12 filtering 123
- Es3500 series user s guide 123
- Filtering continued 123
- Label description 123
- Spanning tree protocol 124
- Stp rstp overview 124
- Stp terminology 124
- How stp works 125
- Stp port states 125
- Multiple rstp 126
- Multiple stp 126
- Note each port can belong to one stp tree only 126
- Mst region 127
- Mstp network example 127
- Vlan 1 vlan 2 127
- Common and internal spanning tree cist 128
- Mst instance 128
- Spanning tree configuration 129
- Spanning tree protocol status screen 129
- Configure rapid spanning tree protocol 130
- 2 hello time 1 131
- Chapter 13 spanning tree protocol 131
- Es3500 series user s guide 131
- Label description 131
- Note an edge port becomes a non edge port as soon as it receives a bridge protocol data unit bpdu 131
- Note changes in this row are copied to all the ports as soon as you make them 131
- Rstp continued 131
- Chapter 13 spanning tree protocol 132
- Es3500 series user s guide 132
- Label description 132
- Note the listening state does not exist in rstp 132
- Note this screen is only available after you activate rstp on the switch 132
- Rapid spanning tree protocol status 132
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 13 on page 124 for more information on rstp 132
- Status rstp 132
- The following table describes the labels in this screen 132
- Configure multiple rapid spanning tree protocol 133
- 2 hello time 1 134
- Chapter 13 spanning tree protocol 134
- Es3500 series user s guide 134
- Label description 134
- Mrstp continued 134
- Multiple rapid spanning tree protocol status 134
- Note an edge port becomes a non edge port as soon as it receives a bridge protocol data unit bpdu 134
- Note changes in this row are copied to all the ports as soon as you make them 134
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 13 on page 124 for more information on mrstp 134
- Chapter 13 spanning tree protocol 135
- Es3500 series user s guide 135
- Label description 135
- Note the listening state does not exist in rstp 135
- Note this screen is only available after you activate mrstp on the switch 135
- Status mrstp 135
- The following table describes the labels in this screen 135
- Configure multiple spanning tree protocol 136
- 2 hello time 1 137
- Chapter 13 spanning tree protocol 137
- Configuration screen to enable mstp on the switch 137
- Es3500 series user s guide 137
- Label description 137
- The following table describes the labels in this screen 137
- Chapter 13 spanning tree protocol 138
- Es3500 series user s guide 138
- Label description 138
- Mstp continued 138
- Note changes in this row are copied to all the ports as soon as you make them 138
- Chapter 13 spanning tree protocol 139
- Es3500 series user s guide 139
- Label description 139
- Mstp screen 139
- Multiple spanning tree protocol port configuration 139
- Note an edge port becomes a non edge port as soon as it receives a bridge protocol data unit bpdu 139
- Note changes in this row are copied to all the ports as soon as you make them 139
- The following table describes the labels in this screen 139
- Chapter 13 spanning tree protocol 140
- Es3500 series user s guide 140
- Label description 140
- Multiple spanning tree protocol status 140
- Note this screen is only available after you activate mstp on the switch 140
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 13 on page 126 for more information on mstp 140
- Status mstp 140
- The following table describes the labels in this screen 140
- Chapter 13 spanning tree protocol 141
- Es3500 series user s guide 141
- Label description 141
- Status mstp continued 141
- Bandwidth control 142
- Bandwidth control overview 142
- Cir and pir 142
- Bandwidth control 143
- Bandwidth control in the navigation panel to bring up the screen as shown next 143
- Bandwidth control setup 143
- Chapter 14 bandwidth control 143
- Es3500 series user s guide 143
- Label description 143
- Note changes in this row are copied to all the ports as soon as you make them 143
- The following table describes the related labels in this screen 143
- Bandwidth control continued 144
- Chapter 14 bandwidth control 144
- Es3500 series user s guide 144
- Label description 144
- Broadcast storm control 145
- Broadcast storm control setup 145
- Broadcast storm control continued 146
- Chapter 15 broadcast storm control 146
- Es3500 series user s guide 146
- Label description 146
- Note changes in this row are copied to all the ports as soon as you make them 146
- Mirroring 147
- Port mirroring setup 147
- Chapter 16 mirroring 148
- Es3500 series user s guide 148
- Label description 148
- Mirroring continued 148
- Note changes in this row are copied to all the ports as soon as you make them 148
- Dynamic link aggregation 149
- Link aggregation 149
- Link aggregation overview 149
- Link aggregation id 150
- Link aggregation status 150
- Chapter 17 link aggregation 151
- Es3500 series user s guide 151
- Label description 151
- Link aggregation status continued 151
- Link aggregation setting 152
- Chapter 17 link aggregation 153
- Es3500 series user s guide 153
- Label description 153
- Link aggregation setting continued 153
- Note when you enable the port security feature on the switch and configure port security settings for a port you cannot include the port in an active trunk group 153
- Link aggregation control protocol 154
- Chapter 17 link aggregation 155
- Es3500 series user s guide 155
- Figure 77 trunking example physical connections 155
- Label description 155
- Lacp continued 155
- Make your physical connections make sure that the ports that you want to belong to the trunk group are connected to the same destination the following figure shows ports 2 5 on switch a connected to switch b 155
- Note changes in this row are copied to all the ports as soon as you make them 155
- Static trunking example 155
- This example shows you how to create a static port trunk group for ports 2 5 155
- Example 156
- Ieee 802 x authentication 157
- Port authentication 157
- Port authentication overview 157
- Mac authentication 158
- Authentication reply 159
- Authentication request authentication request 159
- New connection 159
- Port authentication configuration 159
- Session granted denied 159
- Activate ieee 802 x security 160
- Chapter 18 port authentication 160
- Es3500 series user s guide 160
- Label description 160
- Note changes in this row are copied to all the ports as soon as you make them 160
- Note you must first enable 802 x authentication on the switch before configuring it on each port 160
- The following table describes the labels in this screen 160
- Use this screen to activate ieee 802 x security in the port authentication screen click 802 x to display the configuration screen as shown 160
- Chapter 18 port authentication 161
- Es3500 series user s guide 161
- Figure 83 guest vlan example 161
- Guest vlan 161
- Internet 161
- Label description 161
- Vlan 100 161
- Vlan 102 161
- When 802 x port authentication is enabled on the switch and its ports clients that do not have the correct credentials are blocked from using the port s you can configure your switch to have one vlan that acts as a guest vlan if you enable the guest vlan 102 in the example on a port 2 in the example the user a in the example that is not ieee 802 x capable or fails to enter the correct username and password can still access the port but traffic from the user is forwarded to the guest vlan that is unauthenticated users can have access to limited network resources in the same guest vlan such as the internet the rights granted to the guest vlan depends on how the network administrator configures switches or routers with the guest network feature 161
- X continued 161
- Activate mac authentication 163
- Chapter 18 port authentication 163
- Es3500 series user s guide 163
- Guest vlan continued 163
- Label description 163
- Mac authentication 163
- Use this screen to activate mac authentication in the port authentication screen click mac authentication to display the configuration screen as shown 163
- Chapter 18 port authentication 164
- Es3500 series user s guide 164
- Label description 164
- Mac authentication 164
- Note changes in this row are copied to all the ports as soon as you make them 164
- Note if the aging time in the switch setup screen is set to a lower value then it supersedes this setting see section 8 on page 89 164
- Note you must first enable mac authentication on the switch before configuring it on each port 164
- The following table describes the labels in this screen 164
- About port security 165
- Port security 165
- Port security setup 165
- Chapter 19 port security 166
- Es3500 series user s guide 166
- Label description 166
- Note changes in this row are copied to all the ports as soon as you make them 166
- Port security 166
- The following table describes the labels in this screen 166
- About the classifier and qos 167
- Classifier 167
- Configuring the classifier 167
- Chapter 20 classifier 168
- Classifier 168
- Classifier in the navigation panel to display the configuration screen as shown 168
- Es3500 series user s guide 168
- Label description 168
- The following table describes the labels in this screen 168
- Chapter 20 classifier 169
- Classifier continued 169
- Es3500 series user s guide 169
- Label description 169
- Note you must select either udp or tcp in the ip protocol field before you configure the socket numbers 169
- To view a summary of the classifier configuration scroll down to the summary table at the bottom of the classifier screen to change the settings of a rule click a number in the index field 169
- Viewing and editing classifier configuration 169
- Chapter 20 classifier 170
- Classifier summary table 170
- Es3500 series user s guide 170
- Ethernet type protocol number 170
- Label description 170
- Note when two rules conflict with each other a higher layer rule has priority over a lower layer rule 170
- Port number port name 170
- Some of the most common ip ports are 170
- Table 54 classifier summary table 170
- Table 55 common ethernet types and protocol number 170
- Table 56 common ip ports 170
- The following table describes the labels in this screen 170
- The following table shows some other common ethernet types and the corresponding protocol number 170
- Classifier example 171
- Example 171
- Configuring policy rules 172
- Diffserv 172
- Dscp and per hop behavior 172
- Policy rule 172
- Policy rules overview 172
- Chapter 21 policy rule 174
- Es3500 series user s guide 174
- Label description 174
- Policy rule continued 174
- Chapter 21 policy rule 175
- Es3500 series user s guide 175
- Label description 175
- Policy rule summary table 175
- Table 58 policy summary table 175
- The following table describes the labels in this screen 175
- To view a summary of the classifier configuration scroll down to the summary table at the bottom of the policy screen to change the settings of a rule click a number in the index field 175
- Viewing and editing policy configuration 175
- Example 176
- Policy example 176
- Queuing method 177
- Queuing method overview 177
- Strictly priority queuing 177
- Weighted fair queuing 177
- Configuring queuing 178
- Weighted round robin scheduling wrr 178
- Chapter 22 queuing method 179
- Es3500 series user s guide 179
- Label description 179
- Note changes in this row are copied to all the ports as soon as you make them 179
- Queuing method 179
- The following table describes the labels in this screen 179
- Vlan stacking 180
- Vlan stacking example 180
- Vlan stacking overview 180
- Note static vlan tx tagging must be disabled on a port where you choose normal or access port 181
- Note static vlan tx tagging must be enabled on a port where you choose tunnel port 181
- Vlan stacking port roles 181
- 0 is the lowest priority level and 7 is the highest 182
- A vlan tag service provider vlan stacking or customer ieee 802 q consists of the following three fields 182
- Chapter 23 vlan stacking 182
- Configure the fields as highlighted in the switch vlan stacking screen 182
- Es3500 series user s guide 182
- Frame format 182
- If the vlan stacking port role is access port then the switch adds the sp tpid tag to all incoming frames on the service provider s edge devices 1 and 2 in the vlan stacking example figure 182
- If the vlan stacking port role is tunnel port then the switch only adds the sp tpid tag to all incoming frames on the service provider s edge devices 1 and 2 in the vlan stacking example figure that have an sp tpid different to the one configured on the switch if an incoming frame s sp tpid is the same as the one configured on the switch then the switch will not add the tag 182
- On the switch configure priority level of the inner ieee 802 q tag in the port setup screen 182
- Priority refers to the ieee 802 p standard that allows the service provider to prioritize traffic based on the class of service cos the customer has paid for 182
- Table 60 vlan tag format 182
- Table 61 single and double tagged 802 1q frame format 182
- Table 62 802 q frame 182
- The frame format for an untagged ethernet frame a single tagged 802 q frame customer and a double tagged 802 q frame service provider is shown next 182
- Tpid tag protocol identifier is the customer ieee 802 q tag 182
- Type is a standard ethernet type code identifying the frame and indicates that whether the frame carries ieee 802 q tag information sp tpid service provider tag protocol identifier is the service provider vlan stacking tag type many vendors use 0x8100 or 0x9100 182
- Vid is the vlan id sp vid is the vid for the second service provider s vlan tag 182
- Vlan tag format 182
- Chapter 23 vlan stacking 183
- Configuring vlan stacking 183
- Es3500 series user s guide 183
- Label description 183
- Note changes in this row are copied to all the ports as soon as you make them 183
- Note you can define up to four different tunnel tpids including 8100 in this screen at a time 183
- The following table describes the labels in this screen 183
- Vlan stacking 183
- Vlan stacking to display the screen as shown 183
- Chapter 23 vlan stacking 184
- Es3500 series user s guide 184
- Label description 184
- Port based q in q 184
- Port based q in q lets the switch treat all frames received on the same port as the same vlan flows and add the same outer vlan tag to them even they have different customer vlan ids 184
- Port based qinq 184
- The following table describes the labels in this screen 184
- Vlan stacking continued 184
- Vlan stacking screen to display the screen as shown 184
- Chapter 23 vlan stacking 185
- Es3500 series user s guide 185
- Label description 185
- Note selective q in q rules are only applied to single tagged frames received on the access ports if the incoming frames are untagged or single tagged but received on a tunnel port or cannot match any selective q in q rules the switch applies the port based q in q rules to them 185
- Selective q in q 185
- Selective q in q is vlan based it allows the switch to add different outer vlan tags to the incoming frames received on one port according to their inner vlan tags 185
- Selective qinq 185
- The following table describes the labels in this screen 185
- Vlan stacking screen to display the screen as shown 185
- Chapter 23 vlan stacking 186
- Es3500 series user s guide 186
- Label description 186
- Selective qinq continued 186
- Igmp filtering 187
- Igmp snooping 187
- Ip multicast addresses 187
- Multicast 187
- Multicast overview 187
- Igmp snooping and vlans 188
- Multicast status 188
- Chapter 24 multicast 189
- Es3500 series user s guide 189
- Label description 189
- Multicast setting 189
- Multicast setting link to display the screen as shown see section 24 on page 187 for more information on multicasting 189
- Note if you enable igmp filtering you must create and assign igmp filtering profiles for the ports that you want to allow to join multicast groups 189
- The following table describes the labels in this screen 189
- Chapter 24 multicast 190
- Es3500 series user s guide 190
- Label description 190
- Multicast setting continued 190
- Note changes in this row are copied to all the ports as soon as you make them 190
- Chapter 24 multicast 191
- Es3500 series user s guide 191
- Label description 191
- Multicast setting continued 191
- Chapter 24 multicast 192
- Es3500 series user s guide 192
- Igmp snooping vlan 192
- Label description 192
- Multicast in the navigation panel click the multicast setting link and then the igmp snooping vlan link to display the screen as shown see section 24 on page 188 for more information on igmp snooping vlan 192
- Note you cannot configure the same vlan id as in the mvr screen 192
- Note you must also enable igmp snooping in the multicast setting screen first 192
- The following table describes the labels in this screen 192
- An igmp filtering profile specifies a range of multicast groups that clients connected to the switch are able to join a profile contains a range of multicast ip addresses which you want clients to be able to join profiles are assigned to ports in the multicast setting screen clients connected to those ports are then able to join the multicast groups specified in the profile each port can be assigned a single profile a profile can be assigned to multiple ports 193
- Chapter 24 multicast 193
- Es3500 series user s guide 193
- Igmp filtering profile 193
- Igmp filtering profile link to display the screen as shown 193
- Igmp snooping vlan continued 193
- Label description 193
- Chapter 24 multicast 194
- Es3500 series user s guide 194
- Igmp filtering profile 194
- Label description 194
- Multicast vlan registration mvr is designed for applications such as media on demand mod that use multicast traffic across an ethernet ring based service provider network 194
- Mvr allows one single multicast vlan to be shared among different subscriber vlans on the network while isolated in different subscriber vlans connected devices can subscribe to and unsubscribe from the multicast stream in the multicast vlan this improves bandwidth utilization with reduced multicast traffic in the subscriber vlans and simplifies multicast group management 194
- Mvr only responds to igmp join and leave control messages from multicast groups that are configured under mvr join and leave reports from other multicast groups are managed by igmp snooping 194
- Mvr overview 194
- The following table describes the labels in this screen 194
- How mvr works 195
- Multicast vlan vlan 1 195
- Mvr modes 195
- Types of mvr ports 195
- Vlan 2 195
- Vlan 3 195
- General mvr configuration 196
- Multicast vlan vlan 1 196
- Note you can create up to five multicast vlans and up to 256 multicast rules on the switch 196
- Chapter 24 multicast 197
- Es3500 series user s guide 197
- Label description 197
- Note changes in this row are copied to all the ports as soon as you make them 197
- Note your switch automatically creates a static vlan with the same vid when you create a multicast vlan in this screen 197
- The following table describes the related labels in this screen 197
- All source ports and receiver ports belonging to a multicast group can receive multicast data sent to this multicast group 198
- Chapter 24 multicast 198
- Configure mvr ip multicast group address es in the group configuration screen click group configuration in the mvr screen 198
- Es3500 series user s guide 198
- Label description 198
- Mvr continued 198
- Mvr group configuration 198
- Chapter 24 multicast 199
- Es3500 series user s guide 199
- Label description 199
- Mvr configuration example 199
- Mvr group configuration 199
- Note a port can belong to more than one multicast vlan however ip multicast group addresses in different multicast vlans cannot overlap 199
- The following figure shows a network example where ports 1 2 and 3 on the switch belong to vlan 1 in addition port 7 belongs to the multicast group with vid 200 to receive multicast traffic the 199
- The following table describes the labels in this screen 199
- Example 200
- Multicast vid 200 vlan 1 200
- Example 201
- Authentication authorization and accounting aaa 202
- Local user accounts 202
- Aaa screens 203
- Radius and tacacs 203
- Radius server setup 203
- Authentication and accounting features on the switch click on the radius server setup link in the aaa screen to view the screen as shown 204
- Chapter 25 aaa 204
- Es3500 series user s guide 204
- Label description 204
- Radius server setup 204
- The following table describes the labels in this screen 204
- Chapter 25 aaa 205
- Es3500 series user s guide 205
- Label description 205
- Radius server setup continued 205
- Chapter 25 aaa 206
- Es3500 series user s guide 206
- Label description 206
- Tacacs server setup 206
- The following table describes the labels in this screen 206
- Use this screen to configure your tacacs server settings see section 25 on page 203 for more information on tacacs servers click on the tacacs server setup link in the authentication and accounting screen to view the screen as shown 206
- Chapter 25 aaa 207
- Es3500 series user s guide 207
- Label description 207
- Tacacs server setup continued 207
- Aaa setup 208
- Chapter 25 aaa 208
- Es3500 series user s guide 208
- Label description 208
- The following table describes the labels in this screen 208
- Use this screen to configure authentication authorization and accounting settings on the switch click on the aaa setup link in the aaa screen to view the screen as shown 208
- Aaa setup continued 209
- Chapter 25 aaa 209
- Es3500 series user s guide 209
- Label description 209
- Aaa setup continued 210
- Assign account privilege levels see the cli reference guide for more information on account privilege levels for the authenticated user 210
- Chapter 25 aaa 210
- Es3500 series user s guide 210
- Label description 210
- Limit bandwidth on incoming or outgoing traffic for the port the user connects to 210
- Note refer to the documentation that comes with your radius server on how to configure vsas for users authenticating via the radius server 210
- Rfc 2865 standard specifies a method for sending vendor specific information between a radius server and a network access device for example the switch a company can create vendor specific attributes vsas to expand the functionality of a radius server 210
- The switch supports vsas that allow you to perform the following actions based on user authentication 210
- The vsas are composed of the following 210
- Vendor data a value you want to assign to the setting 210
- Vendor id an identification number assigned to the company by the iana internet assigned numbers authority zyxel s vendor id is 890 210
- Vendor specific attribute 210
- Vendor type a vendor specified attribute identifying the setting you want to modify 210
- Supported radius attributes 211
- Tunnel protocol attribute 211
- Attributes used by the ieee 802 x authentication 212
- Attributes used for accounting 212
- Attributes used for authenticating privilege access 212
- Attributes used for authentication 212
- Attributes used to login users 212
- Attributes used for accounting exec events 213
- Attributes used for accounting system events 213
- Attributes used for accounting ieee 802 x events 214
- Dhcp snooping overview 215
- Ip source guard 215
- Ip source guard overview 215
- Dhcp snooping database 216
- Note the switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 216
- Arp inspection overview 217
- Configuring dhcp snooping 217
- Dhcp relay option 82 information 217
- Arp inspection and mac address filters 218
- Configuring arp inspection 218
- Note it is recommended you enable dhcp snooping at least one day before you enable arp inspection so that the switch has enough time to build the binding table 218
- Syslog 218
- Trusted vs untrusted ports 218
- Chapter 26 ip source guard 219
- Es3500 series user s guide 219
- Figure 117 ip source guard 219
- Ip source guard 219
- Ip source guard static binding 219
- Label description 219
- Table 81 ip source guard 219
- The following table describes the labels in this screen 219
- Use this screen to manage static bindings for dhcp snooping and arp inspection static bindings are uniquely identified by the mac address and vlan id each mac address and vlan id can only be in one static binding if you try to create a static binding with the same mac address and vlan 219
- Chapter 26 ip source guard 220
- Es3500 series user s guide 220
- Figure 118 ip source guard static binding 220
- Label description 220
- Static binding 220
- Table 82 ip source guard static binding 220
- The following table describes the labels in this screen 220
- Dhcp snooping 221
- Chapter 26 ip source guard 222
- Es3500 series user s guide 222
- Label description 222
- Table 83 dhcp snooping continued 222
- Chapter 26 ip source guard 223
- Dhcp snooping configure 223
- Es3500 series user s guide 223
- Label description 223
- Table 83 dhcp snooping continued 223
- Use this screen to enable dhcp snooping on the switch not on specific vlan specify the vlan where the default dhcp server is located and configure the dhcp snooping database the dhcp snooping database stores the current bindings on a secure external tftp server so that they are 223
- Chapter 26 ip source guard 224
- Configure 224
- Es3500 series user s guide 224
- Figure 120 dhcp snooping configure 224
- Label description 224
- Note the switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 224
- Note you have to enable dhcp snooping on the dhcp vlan too 224
- Table 84 dhcp snooping configure 224
- The following table describes the labels in this screen 224
- Chapter 26 ip source guard 225
- Dhcp snooping port configure 225
- Es3500 series user s guide 225
- Figure 121 dhcp snooping port configure 225
- Label description 225
- Note the switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 225
- Table 84 dhcp snooping configure continued 225
- Use this screen to specify whether ports are trusted or untrusted ports for dhcp snooping 225
- Chapter 26 ip source guard 226
- Dhcp snooping vlan configure 226
- Es3500 series user s guide 226
- Figure 122 dhcp snooping vlan configure 226
- Label description 226
- Table 85 dhcp snooping port configure 226
- Table 86 dhcp snooping vlan configure 226
- The following table describes the labels in this screen 226
- Arp inspection 227
- Arp inspection status 227
- Chapter 26 ip source guard 227
- Es3500 series user s guide 227
- Figure 123 arp inspection status 227
- Label description 227
- Note the switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 227
- Table 86 dhcp snooping vlan configure continued 227
- Table 87 arp inspection status 227
- The following table describes the labels in this screen 227
- Arp inspection vlan status 228
- Chapter 26 ip source guard 228
- Es3500 series user s guide 228
- Figure 124 arp inspection vlan status 228
- Label description 228
- Table 87 arp inspection status continued 228
- Table 88 arp inspection vlan status 228
- The following table describes the labels in this screen 228
- Vlan status 228
- Arp inspection log status 229
- Chapter 26 ip source guard 229
- Es3500 series user s guide 229
- Figure 125 arp inspection log status 229
- Label description 229
- Log status 229
- Table 88 arp inspection vlan status 229
- Table 89 arp inspection log status 229
- The following table describes the labels in this screen 229
- Arp inspection configure 230
- Chapter 26 ip source guard 230
- Configure 230
- Es3500 series user s guide 230
- Figure 126 arp inspection configure 230
- Label description 230
- Table 89 arp inspection log status continued 230
- Arp inspection port configure 231
- Chapter 26 ip source guard 231
- Es3500 series user s guide 231
- Label description 231
- Table 90 arp inspection configure 231
- The following table describes the labels in this screen 231
- Use this screen to specify whether ports are trusted or untrusted ports for arp inspection you can also specify the maximum rate at which the switch receives arp packets on each untrusted port to 231
- Chapter 26 ip source guard 232
- Es3500 series user s guide 232
- Figure 127 arp inspection port configure 232
- Label description 232
- Table 91 arp inspection port configure 232
- The following table describes the labels in this screen 232
- Arp inspection vlan configure 233
- Chapter 26 ip source guard 233
- Es3500 series user s guide 233
- Figure 128 arp inspection vlan configure 233
- Label description 233
- Table 92 arp inspection vlan configure 233
- The following table describes the labels in this screen 233
- Loop guard 234
- Loop guard overview 234
- Loop guard setup 236
- Note after resolving the loop problem on your network you can re activate the disabled port via the web configurator see section 8 on page 93 or via commands see the ethernet switch cli reference guide 236
- Note the loop guard feature can not be enabled on the ports that have spanning tree protocol rstp mrstp or mstp enabled 236
- Chapter 27 loop guard 237
- Es3500 series user s guide 237
- Label description 237
- Loop guard continued 237
- Vlan mapping 238
- Vlan mapping example 238
- Vlan mapping overview 238
- Chapter 28 vlan mapping 239
- Click advanced application and then vlan mapping in the navigation panel to display the screen as shown 239
- Enabling vlan mapping 239
- Es3500 series user s guide 239
- Figure 135 vlan mapping 239
- Label description 239
- Table 94 vlan mapping 239
- The following table describes the labels in this screen 239
- Chapter 28 vlan mapping 240
- Click the vlan mapping configure link in the vlan mapping screen to display the screen as shown use this screen to enable and edit the vlan mapping rule s 240
- Configuring vlan mapping 240
- Es3500 series user s guide 240
- Figure 136 vlan mapping configuration 240
- Label description 240
- Table 95 vlan mapping configuration 240
- The following table describes the labels in this screen 240
- Layer 2 protocol tunneling 242
- Layer 2 protocol tunneling overview 242
- Layer 2 protocol tunneling mode 243
- Service provider s network c 243
- Configuring layer 2 protocol tunneling 244
- Chapter 29 layer 2 protocol tunneling 245
- Es3500 series user s guide 245
- Label description 245
- Layer 2 protocol tunneling continued 245
- Note you can enable l2pt services for stp lacp vtp cdp udld and pagp on the access port s only 245
- Sflow overview 246
- Chapter 30 sflow 247
- Es3500 series user s guide 247
- Label description 247
- Note changes in this row are copied to all the ports as soon as you make them 247
- Sflow in the navigation panel to display the screen as shown 247
- Sflow port configuration 247
- The following table describes the labels in this screen 247
- Chapter 30 sflow 248
- Click the collector link in the sflow screen to display the screen as shown you can configure up to four sflow collectors in this screen you may want to configure more than one collector if the traffic load to be monitored is more than one collector can manage 248
- Collector 248
- Collector screen the sflow collector does not need to be in the same subnet as the switch but it must be accessible from the switch 248
- Es3500 series user s guide 248
- Label description 248
- Note configure udp port 6343 the default on a nat router to allow port forwarding if the collector is behind a nat router configure a firewall rule for udp port 6343 the default to allow incoming traffic if the collector is behind a firewall 248
- Sflow collector configuration 248
- Sflow continued 248
- The following table describes the labels in this screen 248
- Chapter 30 sflow 249
- Collector continued 249
- Es3500 series user s guide 249
- Label description 249
- Pppoe intermediate agent overview 250
- Pppoe intermediate agent tag format 250
- Sub option format 250
- Chapter 31 pppoe 251
- Es3500 series user s guide 251
- Every port is either a trusted port or an untrusted port for the pppoe intermediate agent this setting is independent of the trusted untrusted setting for dhcp snooping or arp inspection you can also specify the agent sub options circuit id and remote id that the switch adds to padi and padr packets from pppoe clients 251
- Flexible circuit id syntax with identifier string and variables 251
- If you do not configure a circuit id string for a vlan on a specific port or for a specific port the switch adds the user defined identifier string and variables into the agent circuit id sub option the variables can be the slot id of the pppoe client the port number of the pppoe client and or the vlan id on the pppoe packet 251
- Intermediate agent screen the switch automatically generates a circuit id string according to the default circuit id syntax which is defined in the dsl forum working text wt 101 the default access node identifier is the host name of the pppoe intermediate agent and the eth indicates ethernet 251
- Port state 251
- Table 101 pppoe ia remote id sub option format 251
- Table 102 pppoe ia circuit id sub option format using identifier string and variables 251
- Table 103 pppoe ia circuit id sub option format defined in wt 101 251
- The 1 in the first field identifies this as an agent circuit id sub option and 2 identifies this as an agent remote id sub option the next field specifies the length of the field the switch takes the circuit id string you manually configure for a vlan on a port as the highest priority and the circuit id string for a port as the second priority in addition the switch puts the pppoe client s mac address into the agent remote id sub option if you do not specify any user defined string 251
- The identifier string slot id port number and vlan id are separated from each other by a pound key semi colon period comma forward slash or space an agent circuit id sub option example is switch 07 0123 and indicates the pppoe packets come from a pppoe client which is connected to the switch s port 7 and belong to vlan 123 251
- Wt 101 default circuit id syntax 251
- Note the switch will drop all pppoe discovery packets if you enable the pppoe intermediate agent and there are no trusted ports 252
- Pppoe intermediate agent 252
- The pppoe screen 252
- Chapter 31 pppoe 253
- Es3500 series user s guide 253
- Intermediate agent 253
- Intermediate agent in the navigation panel to display the screen as shown 253
- Label description 253
- The following table describes the labels in this screen 253
- Note the switch will drop all pppoe packets if you enable the pppoe intermediate agent on the switch and there are no trusted ports 254
- Pppoe ia per port 254
- Chapter 31 pppoe 255
- Es3500 series user s guide 255
- Label description 255
- Port continued 255
- Pppoe ia per port per vlan 255
- Use this screen to configure pppoe ia settings that apply to a specific vlan on a port 255
- Chapter 31 pppoe 256
- Es3500 series user s guide 256
- Label description 256
- Note changes in this row are copied to all the vlans as soon as you make them 256
- Port screen to display the screen as shown 256
- The following table describes the labels in this screen 256
- Chapter 31 pppoe 257
- Click the vlan link in the intermediate agent screen to display the screen as shown 257
- Es3500 series user s guide 257
- Label description 257
- Note changes in this row are copied to all the vlans as soon as you make them 257
- Pppoe ia for vlan 257
- The following table describes the labels in this screen 257
- Use this screen to set whether the pppoe intermediate agent is enabled on a vlan and whether the switch appends the circuit id and or remote id to pppoe discovery packets from a specific vlan 257
- Cpu protection overview 258
- Error disable 258
- Error disable recovery overview 258
- Cpu protection configuration 259
- Errdisable detect screen 259
- The error disable screen 259
- Chapter 32 error disable 260
- Cpu protection 260
- Errdisable detect 260
- Errdisable screen to display the screen as shown 260
- Error disable detect configuration 260
- Es3500 series user s guide 260
- Label description 260
- Note changes in this row are copied to all the entries as soon as you make them 260
- Note changes in this row are copied to all the ports as soon as you make them 260
- The following table describes the labels in this screen 260
- Chapter 32 error disable 261
- Errdisable detect continued 261
- Errdisable recovery 261
- Errdisable screen to display the screen as shown 261
- Error disable recovery configuration 261
- Es3500 series user s guide 261
- Label description 261
- Note changes in this row are copied to all the entries as soon as you make them 261
- The following table describes the labels in this screen 261
- Chapter 32 error disable 262
- Errdisable recovery continued 262
- Es3500 series user s guide 262
- Label description 262
- Private vlan 263
- Private vlan overview 263
- Chapter 33 private vlan 264
- Configuring private vlan 264
- Es3500 series user s guide 264
- Label description 264
- Private vlan 264
- Private vlan in the navigation panel to display the screen as shown 264
- The following table describes the labels in this screen 264
- Green ethernet 265
- Green ethernet overview 265
- Chapter 34 green ethernet 266
- Configuring green ethernet 266
- Es3500 series user s guide 266
- Green ethernet 266
- Green ethernet in the navigation panel to display the screen as shown 266
- Label description 266
- The following table describes the labels in this screen 266
- Static route 267
- Static routing overview 267
- Chapter 35 static route 268
- Configuring static routing 268
- Es3500 series user s guide 268
- Label description 268
- Static routing 268
- Static routing in the navigation panel to display the screen as shown 268
- The following table describes the related labels you use to create a static route 268
- Chapter 35 static route 269
- Es3500 series user s guide 269
- Label description 269
- Static routing continued 269
- Differentiated services 270
- Diffserv network example 270
- Diffserv overview 270
- Dscp and per hop behavior 270
- P platinum g gold s silver b bronze 271
- Two rate three color marker traffic policing 271
- Activating diffserv 272
- Exceed cir 272
- Exceed pir 272
- Red yellow 272
- Trtcm color aware mode 272
- Trtcm color blind mode 272
- Chapter 36 differentiated services 273
- Configuring 2 rate 3 color marker settings 273
- Diffserv 273
- Diffserv in the navigation panel to display the screen as shown 273
- Es3500 series user s guide 273
- Label description 273
- Note changes in this row are copied to all the ports as soon as you make them 273
- The following table describes the labels in this screen 273
- Use this screen to configure trtcm settings click the 2 rate 3 color marker link in the diffserv screen to display the screen as shown next 273
- Chapter 36 differentiated services 274
- Es3500 series user s guide 274
- Label description 274
- Note changes in this row are copied to all the ports as soon as you make them 274
- Note you cannot enable both trtcm and bandwidth control at the same time 274
- Note you must also activate diffserv on the switch and the individual ports for the switch to drop red high loss priority colored packets 274
- Rate 3 color marker 274
- The following table describes the labels in this screen 274
- Chapter 36 differentiated services 275
- Configuring dscp profiles 275
- Dscp profile 275
- Es3500 series user s guide 275
- Label description 275
- Rate 3 color marker continued 275
- The following table describes the labels in this screen 275
- Use this screen to configure dscp profiles click the dscp profile link in the 2 rate 3 color marker screen to display the screen as shown next 275
- Chapter 36 differentiated services 276
- Configuring dscp settings 276
- Dscp profile continued 276
- Dscp setting 276
- Dscp to ieee 802 p priority settings 276
- Es3500 series user s guide 276
- Label description 276
- Table 117 default dscp ieee 802 p mapping 276
- The following table shows the default dscp to ieee802 p mapping 276
- To change the dscp ieee 802 p mapping click the dscp setting link in the diffserv screen to display the screen as shown next 276
- You can configure the dscp to ieee 802 p mapping to allow the switch to prioritize all traffic based on the incoming dscp value according to the diffserv to ieee 802 p mapping table 276
- Chapter 36 differentiated services 277
- Dscp setting 277
- Es3500 series user s guide 277
- Label description 277
- The following table describes the labels in this screen 277
- Dhcp configuration options 278
- Dhcp modes 278
- Dhcp overview 278
- Dhcp status 278
- Dhcp relay 279
- Dhcp relay agent information 279
- Chapter 37 dhcp 280
- Configuring dhcp global relay 280
- Dhcp in the navigation panel and click the global link to display the screen as shown 280
- Es3500 series user s guide 280
- Global 280
- Label description 280
- The following table describes the labels in this screen 280
- Global dhcp relay configuration example 281
- Vlan1 vlan2 281
- Chapter 37 dhcp 282
- Configuring dhcp vlan settings 282
- Dhcp in the navigation panel then click the vlan link in the dhcp status screen that displays 282
- Es3500 series user s guide 282
- Label description 282
- Note you must set up a management ip address for each vlan that you want to configure dhcp settings for on the switch 282
- See section 8 on page 91 for information on how to set up management ip addresses for vlans 282
- The following table describes the labels in this screen 282
- Dhcp 172 6 0 00 283
- Dhcp 192 68 00 283
- Example dhcp relay for two vlans 283
- Maintenance 285
- The maintenance screen 285
- Load factory default 286
- Note clicking the apply or add button does not save the changes permanently all unsaved changes are erased after you reboot the switch 286
- Reboot system 286
- Save configuration 286
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 287
- Firmware upgrade 287
- Backup a configuration file 288
- Restore a configuration file 288
- Example ftp commands 289
- Filename conventions 289
- Ftp command line 289
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 290
- Ftp command line procedure 290
- Ftp restrictions 290
- Gui based ftp clients 290
- About snmp 292
- Access control 292
- Access control overview 292
- The access control main screen 292
- Snmp v3 and security 293
- Note oids are common across all models unless otherwise indicated by the model number 294
- Snmp traps 294
- Supported mibs 294
- Chapter 39 access control 295
- Es3500 series user s guide 295
- Option object label object id description 295
- Table 127 snmp system traps continued 295
- Chapter 39 access control 296
- Es3500 series user s guide 296
- Option object label object id description 296
- Table 127 snmp system traps continued 296
- Chapter 39 access control 297
- Es3500 series user s guide 297
- Option object label object id description 297
- Table 127 snmp system traps continued 297
- Table 128 snmp interface traps 297
- Chapter 39 access control 298
- Es3500 series user s guide 298
- Option object label object id description 298
- Table 128 snmp interface traps continued 298
- Table 129 aaa traps 298
- Chapter 39 access control 299
- Es3500 series user s guide 299
- Option object label object id description 299
- Table 129 aaa traps continued 299
- Table 130 snmp ip traps 299
- Chapter 39 access control 300
- Es3500 series user s guide 300
- Option object label object id description 300
- Table 131 snmp switch traps 300
- Chapter 39 access control 301
- Configuring snmp 301
- Es3500 series user s guide 301
- Label description 301
- Note snmp version 2c is backwards compatible with snmp version 1 301
- Option object label object id description 301
- Snmp to view the screen as shown use this screen to configure your snmp settings 301
- Table 131 snmp switch traps continued 301
- The following table describes the labels in this screen 301
- Chapter 39 access control 302
- Configuring snmp trap group 302
- Es3500 series user s guide 302
- Label description 302
- Note only the es3500 24hp supports fanspeed and poe system traps 302
- Snmp continued 302
- Trap group 302
- Trap group to view the screen as shown use the trap group screen to specify the types of snmp traps that should be sent to each snmp manager 302
- User screen 302
- Chapter 39 access control 303
- Configuring snmp user 303
- Es3500 series user s guide 303
- From the snmp screen click user to view the screen as shown use the user screen to create snmp users for authentication with managers using snmp v3 and associate them to snmp groups an snmp user is an snmp manager 303
- Label description 303
- The following table describes the labels in this screen 303
- Trap group 303
- Chapter 39 access control 304
- Es3500 series user s guide 304
- Label description 304
- Note the settings on the snmp manager must be set at the same security level or higher than the security level settings on the switch 304
- Note use the username and password of the login accounts you specify in this screen to create accounts on the snmp v3 manager 304
- The following table describes the labels in this screen 304
- Note it is highly recommended that you change the default administrator password 1234 305
- Setting up login accounts 305
- Chapter 39 access control 306
- Es3500 series user s guide 306
- Figure 184 ssh communication example 306
- Label description 306
- Logins 306
- Ssh overview 306
- The following table describes the labels in this screen 306
- Unlike telnet or ftp which transmit data in clear text ssh secure shell is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network 306
- How ssh works 307
- Introduction to https 308
- Requirements for using ssh 308
- Ssh implementation on the switch 308
- Example 309
- Https example 309
- Internet explorer 6 309
- Internet explorer warning messages 309
- Example 310
- Internet explorer 7 or 8 310
- Mozilla firefox warning messages 312
- Example 313
- The main screen 313
- Example 314
- Service port access control 314
- Chapter 39 access control 315
- Es3500 series user s guide 315
- Label description 315
- Remote management 315
- Remote management to view the screen as shown next 315
- Service access control 315
- Service access control to view the screen as shown 315
- The following table describes the fields in this screen 315
- Chapter 39 access control 316
- Es3500 series user s guide 316
- Label description 316
- Remote management 316
- The following table describes the labels in this screen 316
- You can specify a group of one or more trusted computers from which an administrator may use a service to manage the switch click access control to return to the access control screen 316
- Diagnostic 317
- Syslog 318
- Syslog overview 318
- Chapter 41 syslog 319
- Es3500 series user s guide 319
- Label description 319
- Syslog 319
- Syslog in the navigation panel to display this screen the syslog feature sends logs to an external syslog server use this screen to configure the device s system logging settings 319
- Syslog setup 319
- The following table describes the labels in this screen 319
- Chapter 41 syslog 320
- Es3500 series user s guide 320
- Label description 320
- Syslog server setup 320
- Syslog server setup to view the screen as shown next use this screen to configure a list of external syslog servers 320
- The following table describes the labels in this screen 320
- Cluster management 321
- Cluster management status overview 321
- Chapter 42 cluster management 322
- Cluster management in the navigation panel to display the following screen 322
- Cluster management status 322
- Es3500 series user s guide 322
- Label description 322
- Note a cluster can only have one manager 322
- The following table describes the labels in this screen 322
- Cluster member switch management 323
- Example 323
- Uploading firmware to a cluster member switch 323
- Chapter 42 cluster management 325
- Clustering management configuration 325
- Configuration 325
- Configuration to display the next screen 325
- Es3500 series user s guide 325
- Label description 325
- The following table describes the labels in this screen 325
- Chapter 42 cluster management 326
- Configuration continued 326
- Es3500 series user s guide 326
- Label description 326
- Mac table 327
- Mac table overview 327
- Chapter 43 mac table 328
- Es3500 series user s guide 328
- Label description 328
- Mac table 328
- Mac table in the navigation panel to display the following screen 328
- The following table describes the labels in this screen 328
- Viewing the mac table 328
- Chapter 43 mac table 329
- Es3500 series user s guide 329
- Label description 329
- Mac table continued 329
- Arp table 330
- Arp table overview 330
- How arp works 330
- Arp table 331
- Arp table in the navigation panel to open the following screen use the arp table to view ip to mac address mapping s and remove specific dynamic arp entries 331
- Chapter 44 arp table 331
- Es3500 series user s guide 331
- Label description 331
- The arp table screen 331
- The following table describes the labels in this screen 331
- Configure clone 332
- Chapter 45 configure clone 334
- Configure clone 334
- Es3500 series user s guide 334
- Label description 334
- The following table describes the labels in this screen 334
- Power hardware connections and leds 335
- Troubleshooting 335
- A device that you expect to be powered via ethernet doesn t receive power over ethernet 336
- A port is cabled correctly but the port status is down 336
- One of the leds does not behave as expected 336
- I cannot see or access the login screen in the web configurator 337
- I forgot the ip address for the switch 337
- I forgot the username and or password 337
- Switch access and login 337
- I can see the login screen but i cannot log in to the switch 338
- I cannot see some of advanced application submenus at the bottom of the navigation panel 338
- Pop up windows javascripts and java permissions 338
- There is unauthorized access to my switch via telnet http and ssh 338
- I lost my configuration settings after i restart the switch 339
- Switch configuration 339
- Common services 341
- Ppendi 341
- Appendix a common services 342
- Es3500 series user s guide 342
- Name protocol port s description 342
- Table 149 commonly used services continued 342
- Appendix a common services 343
- Es3500 series user s guide 343
- Name protocol port s description 343
- Table 149 commonly used services continued 343
- Legal information 345
- Ppendi 345
- Ce mark warning 346
- Notices 346
- Taiwanese bsmi bureau of standards metrology and inspection a warning 346
- Viewing certifications 346
- Zyxel limited warranty 346
- Registration 347
- Appendix b legal informationsafety warnings 348
- Es3500 series user s guide 348
- Safety warnings 348
- Appendix b legal informationsafety warnings 349
- Declaración de producto ecológico 349
- Dichiarazione green product 349
- Déclaration de produit green 349
- English deutsch español 349
- Es3500 series user s guide 349
- Français italiano nederlands 349
- Green product declaration 349
- Miljödeklaration 349
- Productmilieuverklaring 349
- Svenska 349
- Numbers 351
Похожие устройства
- Zyxel ES3500-8PD Технические характеристики
- Zyxel ES3500-8PD Справочник командного интерфейса
- Zyxel GS2210-8 Инструкция по эксплуатации
- Zyxel GS2210-8 Справочник командного интерфейса
- Zyxel GS2210-8 Технические характеристики
- Zyxel GS2210-8 Инструкция по эксплуатации
- Zyxel GS2210-24 Инструкция по эксплуатации
- Zyxel GS2210-24 Технические характеристики
- Zyxel GS2210-24 Справочник командного интерфейса
- Zyxel GS2210-24 Рекомендации по настройке
- Zyxel GS2210-48 Инструкция по эксплуатации
- Zyxel GS2210-48 Технические характеристики
- Zyxel GS2210-48 Справочник командного интерфейса
- Zyxel GS2210-48 Рекомендации по настройке
- HP pro 3520, d5s13ea Инструкция по эксплуатации
- HP designjet t520 (cq893a) Инструкция по эксплуатации
- Zyxel GS3700-24 Инструкция по эксплуатации
- Zyxel GS3700-24 Технические характеристики
- Zyxel GS3700-24 Справочник командного интерфейса
- Zyxel GS3700-48 Инструкция по эксплуатации
Скачать
Случайные обсуждения