Active500EM Wired Web User Interface Manual

Published on December 2016 | Categories: Documents | Downloads: 20 | Comments: 0 | Views: 180
of 289
Download PDF   Embed   Report

AT&T and ICC Active500EM Wired Web User Interface Manual

Comments

Content

active500EM Wired Web Interface

ARC1000MAP

ARC2000MAP

User’s Manual Quick Start Guide

This is the active500EM Wired Web Interface User’s Manual. It contains instructions to configure the active500EM Access Control data networking switch and any of its associated access points (AP).

Intended audience
This manual is designed to be used by network managers, administrators, and technicians who are responsible for installing networking equipment in enterprise and service provider environments. Knowledge of telecommunication and Internet protocol (IP) technologies and advanced knowledge of LAN/WLAN networking is assumed.

Documentation
activeARC® product and support documentation consists of a variety of manuals, installation guides, videos, knowledge articles, sample designs, and troubleshooting and FAQ guides to assist you with the deployment of your new and innovative solution. These and other documents are available for download at www.att.com/activearc/support. To view PDF files, use Adobe Acrobat Reader® 5.0 or newer. Download Acrobat Reader® for free from the Adobe website: www.adobe.com/products.

Contact information
Phone: 855.MYARC11 (855.692.7211) E-mail: [email protected] [email protected]

Icons

Table of Contents

Contact

Previous Page

Next Page

active500EM Wired Web Interface User’s Manual i

Safety precautions
For safe and efficient use, read the following information.

Text conventions
Table 0-1: Text conventions

Icon
NOTE

Description Emphasizes information to improve product use. Indicates important information or instructions that must be followed. Indicates how to avoid equipment damage or faulty application. Issues warnings to avoid personal injury.

IMPORTANT CAUTION WARNING

Below is a listing of safety precautions and definitions.
Table 0-2: Safety precautions

Icon WARNING WARNING CAUTION

Description
Before working on this equipment, be aware of good safety practices and the hazards involved with electrical circuits. To reduce risk of fire hazard and electric shock, do not install the unit near a damp location. To reduce the risk of fire, use only number 26 AWG or larger UL Listed or CSA Certified telecommunication line cord for all network and telecommunication connections.

• • •

Keep the product in a clean and dust-free location. Use only a soft, damp cloth to clean the product. DO NOT expose the product to liquid or moisture. DO NOT expose the product to extreme temperatures.

active500EM Wired Web Interface User’s Manual ii

Table of contents
Intended audience...................................................................................................i Documentation.........................................................................................................i Contact information................................................................................................i Icons............................................................................................................................i 2.2.4 Configure SNMP manager security IP..........................................24 2.2.5 SNMP statistics..................................................................................24 2.3 SSH management.......................................................................................... 25 2.3.1 Switch on-off SSH.............................................................................. 25 2.3.2 SSH management.............................................................................26 2.4.1 TFTP client service............................................................................ 27 2.4.2 TFTP server service..........................................................................28 2.4.3 FTP client service..............................................................................29 2.4.4 FTP server service............................................................................30 2.5 Telnet server configuration..........................................................................31 2.5.1 Telnet server state..............................................................................31 2.5.2 Max numbers of telnet access connection..................................31 2.6 Maintenance and debugging command.................................................. 32 2.6.1 Debug command............................................................................... 33 2.6.2 Show switchport interface..............................................................34 2.6.3 Others..................................................................................................36

Safety precautions........................................................................... ii
Text conventions.....................................................................................................ii

Table of contents............................................................................. iii Chapter 1: Introduction to web configuration interface..........1
1.1 Configuration preparation................................................................................ 1 1.1.1 Computer requirements....................................................................... 1 1.1.2 Management via web............................................................................ 1 1.2 Web interface introduction............................................................................ 7 1.2.1 Login to the active500EM switch..................................................... 7 1.2.2 Web interface introduction............................................................... 8 1.2.3 Menu introduction............................................................................... 8 1.2.4 The active500EM logout function.................................................13

Chapter 3: Port configuration.....................................................37
3.1 Ethernet port configuration......................................................................... 37 3.1.1 Port layer 1 attribution configuration............................................. 37 3.1.2 Bandwidth control configuration...................................................39 3.1.3 Switchport description.................................................................... 40 3.1.4 Port combo forced mode configuration..................................... 40 3.1.5 Port scan mode................................................................................. 40 3.2 VLAN interface configuration......................................................................41 3.2.1 Add interface VLAN............................................................................41 3.2.2 L3 interface IP address mode configuration..............................42 3.3 SPAN configuration........................................................................................42 3.3.1 SPAN configuration...........................................................................42 3.4 Loopback-detection configuration...........................................................43

Chapter 2: The active500EM management............................ 14
2.1 The active500EM basic configuration........................................................14 2.1.1 Login user configuration....................................................................14 2.1.2 Login user authentication method configuration.......................15 2.1.3 Login user security IP management...............................................15 2.1.4 Basic configuration............................................................................16 2.1.5 Save current running-configuration..............................................17 2.2 SNMP configuration........................................................................................18 2.2.1 SNMP authentication.........................................................................18 2.2.2 SNMP management.......................................................................... 22 2.2.3 Community managers..................................................................... 22

active500EM Wired Web Interface User’s Manual iii

3.4.1 Port loopback-detection mode configuration...........................44 3.4.2 VLAN loopback-detection configuration....................................44 3.4.3 Loopback-detection interval-time configuration.....................45 3.4.4 Loopback-detection control recovery configuration..............45 3.5 Isolate-port configuration...........................................................................46 3.5.1 Isolate-port group configuration...................................................46 3.5.2 Interface join group configuration................................................46 3.5.3 Show isolate-port group.................................................................47 3.6 Port storm-control configuration..............................................................47 3.6.1 Storm-control configuration..........................................................47 3.7 Port debug and maintenance......................................................................48 3.7.1 Show port information......................................................................48 3.7.2 Show entire traffic information......................................................48 3.8 ULDP configuration.......................................................................................49 3.8.1 ULDP global enable configuration.................................................49 3.8.2 ULDP hello message configuration..............................................50 3.8.3 ULDP recovery time configuration...............................................50 3.8.4 Show ULDP configuration...............................................................50 3.9 LLDP configuration.........................................................................................51 3.9.1 LLDP global enable configuration..................................................51 3.9.2 LLDP port status configuration..................................................... 52 3.9.3 LLDP tx-interval config.................................................................... 52 3.9.4 LLDP msgTxHold configuration.................................................... 53 3.9.5 LLDP transmit delay configuration............................................... 53 3.9.6 LLDP notification interval configuration.....................................54 3.9.7 LLDP neighbors max-num configuration....................................54 3.9.8 LLDP too many neighbors configuration.................................... 55 3.9.9 LLDP transmit optional tlv configuration.................................... 55 3.9.10 Show LLDP configuration..............................................................56 3.10 Jumbo packet forwarding configuration................................................56

4.1 MAC address table configuration................................................................ 57 4.1.1 MAC address aging-time configuration........................................ 57 4.1.2 Configurate MAC address...............................................................58 4.1.3 Delete MAC address..........................................................................59 4.1.4 MAC address query...........................................................................59

Chapter 5: VLAN configuration..................................................60
5.1 VLAN configuration....................................................................................... 60 5.1.1 Create/remove VLAN........................................................................ 60 5.1.2 Assign ports for VLAN........................................................................61 5.1.3 Port type configuration.....................................................................61 5.1.4 Trunk port configuration..................................................................62 5.1.5 Private-VLAN configuration............................................................63 5.2 GVRP configuration.......................................................................................63 5.2.1 Enable global GVRP...........................................................................63 5.2.2 Enable GVRP on port........................................................................64 5.2.3 GARP parameters configuration...................................................64 5.3 VLAN-translation configuration.................................................................65 5.3.1 Enable/Disable VLAN-translation..................................................65 5.3.2 Add/Delete VLAN-translation........................................................66 5.3.3 VLAN-translation miss drop configuration.................................66 5.3.4 Show VLAN-translation...................................................................67 5.4 Dynamic VLAN configuration......................................................................67 5.4.1 Protocol VLAN mode configuration..............................................67 5.5 Dot1q-tunnel configuration.........................................................................68 5.5.1 Enable dot1q tunnel...........................................................................68 5.5.2 Dot1q tunnel tpid configuration....................................................68

Chapter 6: IGMP snooping configuration................................ 69
6.1 Switch on-off IGMP snooping.......................................................................69 6.2 IGMP snooping VLAN enable.......................................................................69 6.3 IGMP snooping configuration.....................................................................70 6.4 IGMP snooping mrouter port configuration............................................70

Chapter 4: MAC address table configuration..........................57

active500EM Wired Web Interface User’s Manual iv

6.5 IGMP snooping query configuration...........................................................71

Chapter 10: AM configuration..................................................... 92
10.1 AM global configuration...............................................................................92 10.1.1 Enable/disable AM............................................................................92 10.2 AM port configuration.................................................................................93 10.2.1 Enable/disable AM port..................................................................93 10.2.2 AM IP-pool configuration..............................................................93 10.2.3 AM MAC-IP-pool configuration....................................................94 10.3 Show AM port configuration......................................................................95 10.3.1 Show AM port configuration..........................................................95 10.3.2 Clear port AM pool..........................................................................95

Chapter 7: MLD snooping configuration..................................72
7.1 Switch on-off MLD snooping......................................................................... 72 7.2 MLD snooping VLAN configuration............................................................ 73 7.3 MLD snooping configuration....................................................................... 73 7.4 MLD snooping mrouter port configuration.............................................. 74 7.5 MLD snooping query configuration............................................................ 74

Chapter 8: ACL configuration.................................................... 75
8.1 Time range configuration............................................................................. 75 8.2 Numeric ACL...................................................................................................76 8.2.1 Standard numeric ACL.....................................................................76 8.2.2 Extended numeric ACL................................................................... 77 8.2.3 Delete numeric ACL.........................................................................82 8.3 Name ACL........................................................................................................82 8.3.1 Standard name ACL..........................................................................82 8.3.2 Extended name ACL........................................................................83 8.3.3 Delete name ACL..............................................................................85 8.4 Filter configuration........................................................................................86 8.4.1 Firewall configuration.......................................................................86 8.4.2 ACL binding configuration.............................................................87 8.5 Show ACL configuration...............................................................................87 8.5.1 Show access list.................................................................................87 8.5.2 Show access group..........................................................................88 8.5.3 Show firewall......................................................................................88 8.5.4 Show time range...............................................................................88

Chapter 11: Port channel configuration.................................... 96
11.1 LACP port group configuration...................................................................96

Chapter 12: DHCP configuration.................................................97
12.1 DHCP management...................................................................................... 97 12.1.1 Enable DHCP...................................................................................... 97 12.2 DHCP server configuration........................................................................98 12.2.1 Dynamic pool configuration..........................................................98 12.2.2 Manual DHCP IP pool configuration.......................................... 105 12.2.3 Address pool name configuration.............................................106 12.2.4 DHCP packet statistics................................................................ 107 12.3 DHCP relay configuration......................................................................... 107 12.3.1 DHCP relay configuration.............................................................108 12.4 DHCP debugging........................................................................................108 12.4.1 Delete record..................................................................................108 12.4.2 Show IP-MAC binding....................................................................110 12.4.3 Show conflict-logging...................................................................110

Chapter 9: IPv6 ACL configuration............................................ 89
9.1 IPv6 standard access-list configuration....................................................89 9.2 IPv6 name access-list configuration........................................................ 90 9.3 Attach IPv6 ACL to port.................................................................................91

Chapter 13: DHCP snooping configuration............................. 111
13.1 DHCP snooping global configuration.......................................................111 13.1.1 Enable/disable DHCP snooping.....................................................111 13.1.2 DHCP snooping binding configuration...................................... 112

active500EM Wired Web Interface User’s Manual v

13.1.3 DHCP snooping binding user configuration............................. 112 13.1.4 DHCP snooping action count configuration............................. 113 13.1.5 DHCP snooping limit-rate configuration................................... 113 13.1.6 DHCP snooping helper-server configuration........................... 114 13.2 DHCP snooping port configuration......................................................... 114 13.2.1 Enable/disable DHCP snooping binding dot1x......................... 114 13.2.2 Enable/disable DHCP snooping binding user.......................... 115 13.2.3 Enable/disable DHCP snooping trust........................................ 115 13.2.4 DHCP snooping action configuration....................................... 115 13.3 Show DHCP snooping configuration....................................................... 116 13.3.1 Show DHCP snooping configuration.......................................... 116

16.1.1 Class-map configuration.............................................................. 126 16.1.2 Classification criteria configuration...........................................127 16.2 Policy-map configuration..........................................................................127 16.2.1 Policy-map configuration............................................................ 128 16.2.2 Class-map use to policy-map configuration.......................... 128 16.3 Apply QoS to port....................................................................................... 129 16.3.1 QOS port trust state configuration............................................ 129 16.3.2 QoS port cos parameters configuration.................................. 130 16.3.3 QoS port select queue schedule algorithm configuration.. 130 16.3.4 QoS port wrr algorithm queue weight configuration............ 130 16.3.5 QoS port wdrr algorithm queue weight configuration.......... 131 16.3.6 QoS port queue bandwidth configuration.............................. 132 16.3.7 QoS service policy configuration.............................................. 132 16.4 QoS policy-class-map configuration..................................................... 133 16.4.1 Policy-class-map accounting configuration........................... 133 16.4.2 Aggregate policy configuration................................................ 133 16.4.3 Policy-class-map policy configuration.................................... 134 16.4.4 Policy-class-map set configuration......................................... 135 16.5 QoS mapping configuration.................................................................... 135 16.5.1 CoS-to-IntP mapping.................................................................... 136 16.5.2 CoS-to-DP mapping..................................................................... 136 16.5.3 DSCP-to-DSCP mapping..............................................................137 16.5.4 DSCP-to-IntP mapping................................................................ 138 16.5.5 DSCP-to-DP mapping.................................................................. 139 16.5.6 EXP-to-IntP mapping................................................................... 139 16.5.7 EXP-to-DP mapping.....................................................................140 16.5.8 IntP-to-DSCP mapping................................................................140 16.5.9 IntP-to-EXP mapping...................................................................140 16.6 QoS aggregate policy configuration...................................................... 141 16.7 QoS service policy configuration............................................................ 142

Chapter 14: SNTP configuration.................................................117
14.1 SNTP server configuration......................................................................... 117 14.2 Request interval configuration................................................................ 118 14.3 Time difference configuration................................................................. 118 14.4 Show sntp...................................................................................................... 119

Chapter 15: NTP configuration..................................................120
15.1 NTP global configuration........................................................................... 120 15.1.1 NTP global switch configuration.................................................. 120 15.1.2 NTP server and version configuration........................................ 121 15.1.3 NTP broadcast or multicast address count configuration....122 15.1.4 NTP access group configuration.................................................122 15.1.5 NTP authenticate configuration................................................. 123 15.2 NTP interface configuration.................................................................... 124 15.2.1 NTP interface switch configuration........................................... 124 15.3 NTP configuration display........................................................................ 125 15.3.1 NTP status display.......................................................................... 125

Chapter 16: QoS configuration..................................................126
16.1 Class-map configuration........................................................................... 126

Chapter 17: Layer3 forward configuration..............................143

active500EM Wired Web Interface User’s Manual vi

17.1 IP route aggregate configuration............................................................. 143 17.1.1 Route aggregate configuration................................................... 143 17.2 ARP configuration....................................................................................... 144 17.2.1 ARP configuration........................................................................... 144 17.2.2 Clear ARP cache............................................................................. 144 17.2.3 Show ARP......................................................................................... 145 17.2.4 Proxy ARP configuration.............................................................. 145 17.3 Gratuitous ARP configuration.................................................................. 145 17.3.1 Gratuitous-ARP interval time configuration............................. 146 17.3.2 Interface gratuitous-ARP interval time configuration.......... 146 17.3.3 Show gratuitous-ARP configuration......................................... 147 17.4 ARP protection configuration.................................................................. 147 17.4.1 ARP GUARD configuration............................................................ 147 17.4.2 ANTI-ARPSCAN configuration.................................................... 148 17.5 Show IP traffic.............................................................................................. 153

18.3.10 RIP maximum-prefix................................................................... 166 18.3.11 Neighbor configuration.............................................................. 167 18.3.12 Network configuration................................................................ 167 18.3.13 Offset-list configuration............................................................ 167 18.3.14 Passive interface configuration............................................... 168 18.3.15 Receive buffer size configuration............................................ 168 18.3.16 Redistribute route configuration............................................. 168 18.3.17 RIP route configuration.............................................................. 169 18.3.18 RIP timer configuration.............................................................. 169 18.3.19 Version configuration................................................................. 169 18.4 OSPF configuration.................................................................................... 170 18.4.1 OSPF enable.................................................................................... 170 18.4.2 OSPF area configuration..............................................................172 18.4.3 OSPF interface configuration.................................................... 173 18.4.4 Other parameters configuration................................................174 18.7 Show IP route................................................................................................177

Chapter 18: Route configuration...............................................154
18.1 Policy based routing................................................................................... 154 18.1.1 Route map configuration.............................................................. 154 18.1.2 IP prefix configuration................................................................... 158 18.2 Static route configuration........................................................................ 159 18.2.1 Static route configuration............................................................160 18.3 RIP configuration........................................................................................160 18.3.1 Enable RIP......................................................................................... 161 18.3.2 Clear IP route configuration........................................................ 161 18.3.3 Default configuration................................................................... 162 18.3.4 Distance configuration................................................................ 162 18.3.5 Distribute-list configuration....................................................... 163 18.3.6 Interface RIP configuration......................................................... 163 18.3.7 Key or key-chain configuration.................................................. 164 18.3.8 Send-lifetime configuration....................................................... 165 18.3.9 Accept-lifetime configuration................................................... 166

Chapter 19: IPv6 route configuration......................................178
19.1 IPv6 configuration....................................................................................... 178 19.1.1 IPv6 basic configuration................................................................ 178 19.1.2 IPv6 ND configuration................................................................... 179 19.1.3 IPv6 tunnel configuration.............................................................180 19.1.4 Show IPv6 neighbor.......................................................................180 19.3 OSPFv3 configuration................................................................................ 181 19.3.1 OSPFv3 area configuration........................................................... 181 19.3.2 OSPFv3 default-metric configuration...................................... 182 19.3.3 OSPFv3 max-concurrent-DD configuration........................... 182 19.3.4 OSPFv3 ABR type configuration................................................ 183 19.3.5 OSPFv3 passive-interface........................................................... 183 19.3.6 OSPFv3 redistribute configuration........................................... 184 19.3.7 OSPFv3 route ID configuration.................................................. 184 19.3.8 OSPFv3 route configuration....................................................... 185

active500EM Wired Web Interface User’s Manual vii

19.3.9 OSPFv3 timer configuration....................................................... 185 19.3.10 OSPFv3 IPv6 (no parameter) configuration.......................... 185 19.3.11 OSPFv3 IPv6 (two parameter) configuration......................... 186 19.3.12 OSPFv3 IPv6 (multi parameter) configuration..................... 187 19.4 Show IPv6 route.......................................................................................... 187 19.4.1 Show IPv6 route database............................................................ 187 19.4.2 Show IPv6 NSM route.................................................................... 188 19.4.3 Show IPv6 FIB................................................................................. 188 19.4.4 Show IPv6 route statistics........................................................... 188

20.3.3 DVMRP report metric configuration........................................ 197 20.3.4 Out put report delay.................................................................... 198 20.3.5 DVMRP reject-non-pruners....................................................... 198 20.3.6 DVMRP runnel configuration..................................................... 198 20.4 DCSCM configuration............................................................................... 199 20.4.1 DCSCM source-control enable/disable configuration......... 199 20.4.2 DCSCM destination-control enable/disable configuration.199 20.4.3 DCSCM source-control access-group configuration........200 20.4.4 DCSCM destination-control access-group configuration.200 20.4.5 DCSCM destination-control access-group configuration (sip). 200 20.4.6 DCSCM destination-control access-group configuration (vMAC)........................................................................................................ 201 20.4.7 Multicast policy configuration.................................................. 201 20.4.8 ACL multicast source control.................................................. 202 20.5 IGMP configuration.................................................................................. 202 20.5.1 Access-group and immediate-leave configuration............. 203 20.5.2 IGMP query-interval configuration.......................................... 203 20.5.3 Maximum response-time and timeout configuration........ 204 20.5.4 Limit and version configuration............................................... 204 20.5.5 IGMP join group configuration................................................. 205 20.5.6 IGMP static group configuration............................................. 205

Chapter 20: Multicast protocol configuration.......................189
20.1 PIM configuration....................................................................................... 189 20.1.1 Multicast common configuration...............................................190 20.1.2 Accept-register and JP-timer configuration..........................190 20.1.3 RP-address configuration...........................................................190 20.1.4 RP-reachability configuration..................................................... 191 20.1.5 Limit and suppression configuration........................................ 191 20.1.6 Ignore RP-set-priority configuration......................................... 191 20.1.7 Register checksum and KAT configuration............................. 192 20.1.8 Register-source configuration.................................................. 192 20.1.9 BSR candidate configuration..................................................... 193 20.1.10 RP candidate configuration...................................................... 193 20.1.11 SSM configuration........................................................................ 193 20.1.12 Port mode configuration............................................................ 194 20.1.13 Hello interval and holdtime configuration............................. 194 20.1.14 DR-priority and neighbor-filter configuration...................... 195 20.1.15 Exclude-genid configuration.................................................... 195 20.2 PIM-DM configuration............................................................................... 196 20.2.1 State-refresh interval configuration......................................... 196 20.3 DVMRP configuration................................................................................ 196 20.3.1 Enable DVMRP................................................................................ 197 20.3.2 Port enable DVMRP...................................................................... 197

Chapter 21: IPv6 multicast protocol configuration.............206
21.1 IPv6 PIM configuration.............................................................................. 206 21.1.1 IPv6 multicast common configuration..................................... 207 21.1.2 IPv6 accept-register and JP-timer configuration................. 207 21.1.3 IPv6 RP-address configuration.................................................. 208 21.1.4 IPv6 RP-reachability configuration........................................... 208 21.1.5 IPv6 limit-and suppression configuration............................... 208 21.1.6 IPv6 ignore RP-set-priority configuration............................... 209 21.1.7 IPv6 register checksum and KAT configuration..................... 209

active500EM Wired Web Interface User’s Manual viii

21.1.8 IPv6 BSR candidate configuration............................................. 210 21.1.9 IPv6 RP candidate configuration................................................ 210 21.1.10 IPv6 register-source configuration........................................... 211 21.1.11 IPv6 SSM configuration ................................................................ 211 21.1.12 IPv6 port mode configuration.....................................................212 21.1.13 IPv6 hello interval and holdtime configuration.......................212 21.1.14 IPv6 DR-priority and neighbor-filter configuration.............. 213 21.1.15 IPv6 dxclude-genid configuration............................................ 213 21.2 PIM-DM6 configuration............................................................................. 214 21.2.1 IPv6 state-refresh interval configuration................................. 214 21.3 MLD configuration...................................................................................... 214 21.3.1 MLD access-group and immediate leave configuration....... 215 21.3.2 MLD query-interval configuration............................................. 215 21.3.3 MLD max response-time and timeout configuration........... 216 21.3.4 MLD limit and version configuration......................................... 216 21.3.5 MLD join group configuration......................................................217 21.3.6 MLD static group configuration..................................................217

23.1.1 Instance configuration..................................................................223 23.1.2 Field name configuration.............................................................223 23.1.3 Revision-level configuration.......................................................224 23.2 Spanning-tree port configuration.........................................................224 23.2.1 PortFast configuration.................................................................224 23.2.2 Port priority configuration..........................................................225 23.2.3 Port cost configuration...............................................................225 23.2.4 Spanning-tree port mode...........................................................226 23.2.5 Link-type configuration..............................................................226 23.2.6 Spanning-tree agreement port configuration......................227 23.3 Spanning-tree global configuration......................................................227 23.3.1 Spanning-tree global agreement port configuration...........228 23.3.2 Forward-time configuration.......................................................228 23.3.3 Hello-time configuration............................................................228 23.3.4 Max age time configuration........................................................229 23.3.5 Max hop time configuration.......................................................229 23.3.6 Spanning tree mode configuration......................................... 230 23.3.7 Priority configuration.................................................................. 230 23.4 Show spanning-tree................................................................................. 230 23.4.1 Instance information.................................................................... 231 23.4.2 Revision-level information......................................................... 231

Chapter 22: VRRP configuration...............................................218
22.1 VRRP set........................................................................................................ 218 22.1.1 Create VRRP ID................................................................................ 218 22.1.2 VRRP virtual IP configuration...................................................... 219 22.1.3 VRRP interface................................................................................ 219 22.1.4 VRRP enable.................................................................................... 219 22.1.5 VRRP preempt............................................................................... 220 22.1.6 VRRP priority.................................................................................. 220 22.1.7 VRRP interval.................................................................................. 220 22.1.8 VRRP circuit......................................................................................221 22.2 Show VRRP information.............................................................................221

Chapter 24: Cluster basic configuration............................... 232
24.1 Cluster configuration.................................................................................232 24.2 Cluster candidate information.............................................................. 234 24.3 Cluster member information................................................................. 234 24.4 Cluster member configuration.............................................................. 234 24.5 Cluster member auto configuration.....................................................235 24.6 Cluster member reset...............................................................................235 24.7 Cluster topology configuration..............................................................235 24.8 Cluster topology information.................................................................236

Chapter 23: Spanning-tree configuration............................ 222
23.1 Spanning-tree field configuration..........................................................222

active500EM Wired Web Interface User’s Manual ix

Chapter 25: MRPP configuration............................................. 237
25.1 MRPP global configuration.......................................................................237 25.1.1 MRPP global switch configuration..............................................237 25.1.2 MRPP poll time configuration......................................................238 25.1.3 MRPP domain ID configuration...................................................238 25.2 MRPP port configuration..........................................................................238 25.2.1 MRPP port property configuration............................................239 25.3 MRPP domain configuration....................................................................239 25.3.1 MRPP control VLAN configuration............................................ 240 25.3.2 MRPP node mode configuration.............................................. 240 25.3.3 MRPP hello timer configuration................................................. 241 25.3.4 MRPP fail timer configuration.................................................... 241 25.3.5 MRPP domain switch configuration..........................................242 25.4 MRPP domain switch configuration.......................................................242 25.4.1 MRPP display...................................................................................243 25.4.2 MRPP statistics display................................................................243 25.4.3 Clear MRPP statistics...................................................................243

Chapter 27: ULSM configuration.............................................250
27.1 ULSM global configuration....................................................................... 250 27.1.1 ULSM group configuration........................................................... 250 27.2 ULSM port configuration.......................................................................... 251 27.2.1 ULSM port property configuration............................................. 251 27.3 ULSM configuration display..................................................................... 251 27.3.1 ULSM display...................................................................................252

Chapter 28: Authentication configuration........................... 253
28.1 RADIUS client configuration.....................................................................253 28.1.1 RADIUS global configuration.......................................................253 28.1.2 RADIUS authentication configuration..................................... 254 28.1.3 RADIUS accounting configuration............................................255 28.2 TACACS server configuration.................................................................255 28.2.1 TACACS global configuration.....................................................256 28.2.2 TACACS server host configuration..........................................256 28.3 802.1x configuration.................................................................................257 28.3.1 802.1x global configuration.........................................................257 28.3.2 802.1x port authentication configuration...............................258 28.3.3 802.1x port MAC configuration..................................................259 28.3.4 802.1x port status list.................................................................. 260

Chapter 26: ULPP Configuration.............................................244
26.1 ULPP global configuration....................................................................... 244 26.1.1 ULPP group configuration........................................................... 244 26.2 ULPP port configuration..........................................................................245 26.2.1 ULPP port property configuration.............................................245 26.3 ULPP group configuration...................................................................... 246 26.3.1 ULPP group description configuration.................................... 246 26.3.2 ULPP group property configuration.........................................247 26.4 ULPP configuration display.....................................................................247 26.4.1 ULPP group configuration display............................................ 248 26.4.2 ULPP port statistics display...................................................... 248 26.4.3 ULPP port property display....................................................... 248 26.4.4 ULPP port statistics clear.......................................................... 249

Chapter 29: DOS attack protection configuration...............261
29.1 Source IP equal destination IP DOS attack protection configuration.261 29.2 Source port equal destination port DOS attack protection configuration....................................................................................................... 261 29.3 TCP DOS attacks on invalid flags configuration.................................262 29.4 ICMP DOS attack protection configuration.........................................262 29.5 ICMP packet-size configuration.............................................................263 29.6 First fragment IP packet DOS attack protection configuration......263

active500EM Wired Web Interface User’s Manual x

Chapter 30: SSL configuration................................................264
30.1 IP HTTP server configuration.................................................................. 264 30.2 SSL global configuration..........................................................................265 30.3 SSL server monitor port configuration.................................................265 30.4 SSL secure-ciphersuite configuration................................................ 266

Chapter 31: sFlow Configuration............................................. 267
31.1 sFlow collector global address configuration......................................267 31.2 sFlow collector port address configuration........................................ 268 31.3 sFlow agent address configuration....................................................... 268 31.4 sFlow priority configuration.................................................................... 269 31.5 sFlow header length configuration....................................................... 269 31.6 sFlow data length configuration............................................................ 270 31.7 sFlow rate configuration.......................................................................... 270 31.8 sFlow counter interval configuration..................................................... 271 31.9 sFlow analyzer configuration................................................................... 271

Chapter 32: IPv6 security ra configuration............................ 272
32.1 IPv6 security ra global configuration.....................................................272 32.2 IPv6 security ra port configuration........................................................273 32.3 Show IPv6 security ra................................................................................273

Glossary......................................................................................... 274

active500EM Wired Web Interface User’s Manual xi

Chapter 1: Introduction to web configuration interface
The active500EM switch provides a Web configuration interface. This chapter will familiarize you with the Web configuration interface.

1.1 Configuration preparation
The active500EM can be managed through the Web interface.

1.1.1 Computer requirements
• • PC with an operating system installed (Win XP®, Win 7®, Win 8®, Mac OS® 10.6/7) Web browser (Internet Explorer® 8/9/10, Google Chrome™, Firefox®, Safari®)

1.1.2 Management via web
To configure the active500EM locally, the PC’s and the active500EM’s IP addresses should be configured in the same subnet. The active500EM’s default IP address is 192.168.1.1, and the subnet mask is 255.255.255.0. The following are steps to create a network connection: Step 1: Set up the environment. Connect the Ethernet port for the PC to the switch’s port with an Ethernet cable. The figure is as follows:

active500EM Wired Web Interface User’s Manual 1

Step 2: Set the network connection (as shown with Windows 7®). Click Start. Select Control Panel. Click view network status and tasks, and then click Local Area Connection. The Local Area Connection Status dialog box will appear. The figure is as follows:

active500EM Wired Web Interface User’s Manual 2

Click Properties to open the Local Area Connection Properties dialog box. The figure is as follows:

active500EM Wired Web Interface User’s Manual 3

Select Internet Protocol Version 4 (TCP/IPv4), and then click Properties to open the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box. Select Use the following IP address, type the IP address (between 192.168.1.2 and 192.168.1.254) and the subnet mask (255.255.255.0), and then click OK. The figure is as follows:

active500EM Wired Web Interface User’s Manual 4

Step 3: Use the PING command to ensure the connection status between the PC and the active500EM. Click Start, and then type CMD in the text box to generate the following dialog box:

Press ENTER to open the Command Prompt window. Type ping 192.168.1.1 (the active500EM’s default IP address), and then press ENTER. If the network is connected, the window will include the following text:

active500EM Wired Web Interface User’s Manual 5

Step 4: Cancel proxy server. If the current PC uses the proxy server to access the Internet, the proxy server must be disabled. Complete the following steps to disable the proxy server: 1. Open the Web browser, and select Tools/Internet Options to open the Internet Options window. 2. Select Connections in the Internet Options window, and then click LAN Settings to open the Local Area Network (LAN) Settings dialog box. The figure is as follows:

3. Ensure that Use a proxy server for your LAN is not selected. Otherwise, clear the selection, and then click OK.

active500EM Wired Web Interface User’s Manual 6

1.2 Web interface introduction
1.2.1 Login to the active500EM switch
Open your Web browser, type the IP address 192.168.1.1 in the address bar, and then press ENTER to open the login page for the active500EM, as shown below. Type the user name and password (the default user name is admin, and the password is admin). Click Login, or press ENTER to open theNetwork Web configuration page. Control System

(NCS)

Username: Password:

activeARC® NCS Solution
Website: https://att.com/activearc Support Phone: 855.MYARC11 (855.692.7211) Email: [email protected] © 2013 International Communications Corporation, Inc. All Rights Reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property licensed to International Communications Corporation, Riverside, California. Printed in USA. Issue 2.0 8/02/13. activeARC is the Registered Trademark of International Communications Corporation, Inc.

The Network Control System (NCS), is a data networking ecosystem comprised of hardware and software designed to control the data network. NCS is a unified platform of integrated activeARC® management software, one or more Access Control Data Networking Switches, and one or more Access Points. It is the umbrella for a variety of software driven solutions made to create efficiency in data networks and communication.

active500EM Wired Web Interface User’s Manual 7

1.2.2 Web interface introduction
Upon logging in, the Dashboard will appear, showing System Info, Device Info, Managed AP, and Support with four tabs: WLAN Configuration, Monitor, Management, and Wired Configuration. When a tab is clicked, the related configuration page will open, listing the features on the left side. The right side is the configuration zone for that feature. Pause the mouse pointer on the menu option on the left bar to open the corresponding submenu/page, and then click the page label to configure the corresponding function for the active500EM.

1.2.3 Menu introduction
This table provides a detailed connected configuration interface function for each menu option.
Menu Switch basic configuration Page Switch basic configuration SNMP configuration SSH management Firmware update Telnet server configuration Maintenance and debugging command Page function Configure the switch’s Web language, user, clock, etc. Configure the SNMP authentication, management, community manager, etc. Configure switching SSH on/off , SSH management Update switch via FTP or TFTP Configure the Telnet server status Maintenance and debugging command, such as show running-config, etc.

active500EM Wired Web Interface User’s Manual 8

Menu Port configuration

Page Ethernet port configuration VLAN interface configuration SPAN configuration Loopback-detection configuration Isolate-port configuration Isolation port configuration Port debug and maintenance ULDP configuration LLDP configuration Jumbo packet forwarding configuration MAC address table configuration VLAN configuration GVRP configuration VLAN-translation configuration Dynamic VLAN configuration Dot1q tunnel configuration IGMP snooping configuration MLD snooping configuration Time range configuration Numeric ACL Name ACL Filter configuration Show ACL configuration ACL binding configuration IPv6 ACL configuration AM global configuration AM port configuration Show AM port configuration

Page function Configure port layer 1 attribution, bandwidth control, etc. Configure port layer 1 attribution, bandwidth control, etc. Configure port mirroring Configure port loopback-detection mode, port loopback-detection intervaltime, if the loopback-detection controls auto recovery Configure isolate-port group, interface join group, etc. Show storm control configuration Show port information and entire traffic information ULDP enable config, ULDP hello message config, ULDP recovery timer, etc. LLDP enable configuration, LLDP port status configuration, Tx-interval config, etc. Jumbo packet forwarding configuration Configure MAC address table and aging-time; delete MAC address, etc. Add or remove VLAN; configure ingress VLAN rules Enable global/port GVRP, GVRP configuration Enable/disable VLAN translation; add/remove VLAN translation, etc. Protocol VLAN configuration Enable dot1q tunnel and dot1q tunnel tpid configuration Global/port enable IGMP snooping, IGMP snooping configuration, etc. Switch on-off MLD snooping, MLD snooping port enable, etc. Time range configuration Standard/extended numeric ACL; delete numeric ACL Standard/extended name ACL; delete name ACL Configure firewall ACL; attach ACL to port Show access list, access group, firewall, and time range Attach ACL to port, show access group, clear PACL statistics, etc. Configure IPv6 standard/name access-list; attach IPv6 ACL to port, etc. Enable/disable AM Configure AM port enable, AM IP-pool, and AM MAC-IP-pool Show AM port configuration, clear port AM pool

MAC address table configuration VLAN configuration

IGMP snooping configuration MLD snooping configuration ACL configuration

IPv6 ACL configuration AM configuration

active500EM Wired Web Interface User’s Manual 9

Menu Port channel configuration DHCP configuration

Page Port channel configuration DHCP management DHCP server configuration DHCP relay configuration DHCP debugging DHCP snooping global configuration DHCP snooping port configuration Show DHCP snooping configuration SNTP configuration NTP global configuration NTP interface configuration NTP configuration display Qos port configuration QoS class-map configuration QoS policy-map configuration QoS policy-class-map configuration QoS mapping configuration QoS aggregate policy configuration QoS service policy configuration

DHCP snooping configuration

Page function Configure LACP group LACP port, etc. Enable DHCP Configure dynamic/manual address pool DHCP relay configuration Delete record; display IP-MAC binding information and log information for addresses that have a conflict record, etc. Configure DHCP snooping status, binding, binding user, number of port defense actions, etc. Configure DHCP snooping binding dot1x, binding user, trust attributes of a port, etc. Show DHCP snooping configuration Configure SNTP/NTP server, the sending request time interval from SNTP client to NTP/SNTP server, etc. NTP global switch configuration, etc. NTP interface switch configuration Show NTP status QoS port trust state configuration, QoS port CoS parameters configuration, etc. Add/delete/configure class-map and classification criteria configuration Add/delete/configure the policy-map, class map use to policy map configuration Configure policy class-map accounting configuration, aggregate policy configuration, etc. Configure CoS-to-DSCP mapping, DSCP-to-CoS mapping, DSCP mutation mapping, IP-precedence-to-DSCP mapping, etc. Configure aggregate policy name, committed information rate, committed burst size, etc. Configure policy-map name to VLAN

SNTP configuration NTP configuration

QoS configuration

active500EM Wired Web Interface User’s Manual 10

Menu Forward configuration

Route configuration

IPv6 route configuration

Multicast protocol configuration

Page IP route aggregation configuration ARP configuration Gratuitous ARP configuration ARP protection configuration Show IP traffic Policy-based routing Static route configuration RIP configuration OSPF configuration Show IP route IPv6 configuration OSPFv3 configuration Show IPv6 route PIM configuration PIM-DM configuration DVMRP configuration DCSCM configuration IGMP configuration

Page function IP route aggregate configuration ARP configuration, clear ARP cache, and show ARP Configure global/interface gratuitous-arp interval time, etc. ARP GUARD configuration and anti-ARP scanning prevention configuration Check statistic information of IP packets Router map and IP prefix Static route and static VPN route configuration Enable RIP, default, neighbor, network configuration, etc. OSPF enable, area, interface, other parameters configuration Show IP route IPv6 basic, ND and tunnel configuration, etc. OSPFv3 area, route, timer configuration, etc. Show IPv6 route database, NSM route, FIB, route stations Multicast command configuration, etc. State-refresh interval configuration Configure the DVMRP report metric, reject-non-pruners, tunnel, etc. Configure DCSCM source-control, destination-control, source-control access-group, etc. Configure IGMP query-interval, static group, access-group, immediate leave, etc. IPv6 multicast common configuration, etc. IPv6 state-refresh interval configuration Configure MLD access-group and immediate leave, query-interval, max response-time and timeout, static group, join group, version, and limit Configure instance and field name and count the revision-level Set the current port as edge port, port priority, port cost, etc. Configure spanning-tree global agreement port, forward-time, hello-time, etc. Show instance information and revision-level information

IPv6 multicast protocol configuration

IPv6 PIM configuration PIM-DM6 configuration MLD configuration Spanning-tree field configuration Spanning-tree port configuration Spanning-tree global configuration Show spanning-tree

Spanning-tree configuration

active500EM Wired Web Interface User’s Manual 11

Menu MRPP configuration

ULPP configuration

ULSM configuration

Cluster basic configuration

Page MRPP global configuration MRPP port configuration MRPP domain configuration MRPP domain switch configuration ULPP global configuration ULPP port configuration ULPP group configuration ULPP configuration display ULSM global configuration ULSM port configuration ULSM configuration display Cluster basic configuration

Page function MRPP global switch configuration, etc. MRPP port property configuration MRPP control VLAN configuration, etc. MRPP display, etc. ULPP group configuration ULPP port property configuration ULPP group description configuration, etc. ULPP group configuration display, etc. ULSM group configuration ULSM port property configuration ULSM display Cluster configuration, cluster candidate information, cluster member information, cluster member configuration, cluster member auto configuration, cluster member reset, cluster topology configuration, cluster topology information, etc. RADIUS global/authentication/accounting configuration TACACS global configuration, etc. Configure 802.1x global enable, port authentication, port MAC, and port status list MAB enable configuration, etc. Source IP equal destination IP DOS attack protection configuration, source port equal destination port DOS attack protection configuration, TCP DOS attack on invalid flags configuration, etc. Configure HTTP server enable, SSL enable, SSL server monitor port, etc. sFlow collector global address configuration, sFlow collector port address configuration, sFlow agent address configuration, sFlow priority configuration, sFlow header length configuration, sFlow data length configuration, sFlow rate configuration, sFlow counter interval configuration, sFlow analyzer configuration

Authentication configuration

RADIUS client configuration TACACS server configuration 802.1x configuration MAB configuration DOS attack protection configuration SSL configuration sFlow configuration

DOS attack protection configuration SSL configuration sFlow configuration

active500EM Wired Web Interface User’s Manual 12

Menu IPv6 security RA configuration

Page IPv6 security RA global configuration IPv6 security RA port configuration Show IPv6 security RA

Page function IPv6 security RA global configuration IPv6 security RA port configuration Show IPv6 security RA

1.2.4 The active500EM logout function
Click Logout to return to the login page.

The chapters that follow describe how to enable and configure various features offered by the activeARC® solution. Many features must be enabled by following the configuration steps as described in this user manual in order to properly access the advanced configuration options for that particular feature. If the feature is not enabled, users may not be able perform advanced configuration for that feature and warning messages may be displayed identifying that the feature must first be enabled before configuration can complete.

active500EM Wired Web Interface User’s Manual 13

Chapter 2: The active500EM management
2.1 The active500EM basic configuration
Click the Management tab, and pause the mouse pointer over Switch basic configuration to display the sub-nodes, through which users can configure the switch’s login user, user authentication method, login user Security IP, basic clock, switch name, exec timeout, and save current running configuration.

2.1.1 Login user configuration
From the Management tab, click Switch basic configuration -> Login user configuration to add or remove users for the switch. Example: In the User and Password fields, type user. In the Priority field, type 15.

• •

User – Choose a specific user name Password – Configure a specific password

active500EM Wired Web Interface User’s Manual 14

• • •

Encrypted text – Select whether the password information is displayed Priority – Only users with the priority of 15 can log in to the WEB management interface Operation – Select to Add or Remove the user

2.1.2 Login user authentication method configuration
From the Management tab, click Switch basic configuration -> Login user authentication method configuration to configure VTY (login with Telnet and SSH), Web, and console to select the authentication mode priority of the login user.

2.1.3 Login user security IP management
From the Management tab, click Switch basic configuration -> Login user security IP management to configure the user’s security IP.

active500EM Wired Web Interface User’s Manual 15

2.1.4 Basic configuration
From the Management tab, click Switch basic configuration -> Basic configuration to configure the basic clock, switch name, and exec timeout. 1. Basic clock configuration – Set the system’s date and time. Example: Users should configure HH:MM:SS as 23:00:00 and YY.MM.DD as 2002.08.01, and then click Apply.

2. Configure exec timeout Example: Configure the timeout as 6 minutes and 6 seconds, and then click Apply.

3. Configure switch prompt Example: Configure the Switch name as Switch, and then click Apply.

active500EM Wired Web Interface User’s Manual 16

2.1.5 Save current running-configuration
From the Management tab, click Switch basic configuration -> Save current running-configuration to save the current runningconfiguration. 1. Save current running-configuration – Click Apply to save the current running-configuration.

Display the information after successfully saving the current running-configuration.

2. Save current configuration before reboot? – Select Yes or No. Reboot the active500EM by clicking Apply.

3. Reboot with the default configuration – Clear all current configurations and reboot the switch by clicking Apply.

active500EM Wired Web Interface User’s Manual 17

2.2 SNMP configuration
For any configurations discussed in the following subsections, SNMP must be started as described in this section. If SNMP is not started, the user may receive the message to “Start SNMP first before continuing the requested configuration”. From the Management tab, pause the mouse pointer over SNMP configuration to configure SNMP-related functions. Note: Start SNMP to configure the related functions. Set the SNMP switch status as Open, and then click Apply.

2.2.1 SNMP authentication
From the Management tab, pause the mouse pointer over SNMP configuration -> SNMP authentication to configure users, groups, views, etc.

2.2.1.1 Users
From the Management tab, click SNMP configuration -> SNMP authentication -> Users to add or remove SNMP users. • • • • • SNMP username – The user name, containing 1–32 characters SNMP group – The group name that the user belongs to, containing 1–32 characters Security level – The encryption level of the current user: noAuthNoPriv does not authenticate and does not use DES for the packet encryption; authPriv uses DES for packet encryption; authNoPriv does not use DES for the packet encryption Authentication protocol – Set the using algorithm: MD5 or SHA Authentication password – The current user’s authentication password

active500EM Wired Web Interface User’s Manual 18

• • • • •

Privacy protocol - Sets the packet encryption security level. When authPriv security level is selected, DES is used as the currently supported type for packet encryption Privacy password – Password for setting packet encryption for Privacy Protocol IPv4 access control list – Enter the IPv4 Access Control List number that has been previously configured (Optional) IPv6 access control list – Enter the IPv6 Access Control List number that has been previously configured (Optional) Operation – Select Add or Remove

Example: Set the SNMP username as tester, SNMP group as UserGroup, select authPriv for the Security level, the Authentication protocol as MD5. Set the Authentication password as hellohello, select DES for the Privacy protocol, the Operation as Add, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 19

2.2.1.2 Groups
From the Management tab, click SNMP configuration -> SNMP authentication -> Groups to add or remove SNMP user groups. • • • • • • SNMP group – The name of the SNMP user group Security level – The encryption level of the current user: noAuthNoPriv does not authenticate and does not use DES for the packet encryption; authPriv uses DES for packet encryption; authNoPriv does not use DES for the packet encryption Read SNMP view – Set the readable view name Write SNMP view – Set the writable view name Notify SNMP view – Set the notifiable view name Operation – Select Add or Remove

Example: Type UserGroup in the SNMP group field, select the Security level as authPriv, and type max in three SNMP views. From the Operation drop-down list, select Add, and then click Apply.

2.2.1.3 Views
From the Management tab, click SNMP configuration -> SNMP authentication -> Views to add or remove SNMP views. • • • • SNMP view – Set the view name, containing 1–32 characters OID – OID number or corresponding node name, containing 1–255 characters Type – Include/exclude this OID Operation – Select Add or Remove active500EM Wired Web Interface User’s Manual 20

Example: In the SNMP view field, type max, and for OID, type 1.3.6.1.4.1.41721.2.2.1. Select the Type as Include, the Operation as Add, and then click Apply.

2.2.1.4 SNMP engineid configuration
From the Management tab, click SNMP configuration -> SNMP authentication -> SNMP engineid configuration to configure the engine ID. • • Engineid – The engine ID shown in 1–32 digit hex characters Operation – Select Configuration or Default

Example: Type the Engineid as a66688999f, select the Operation as Configuration, and then click Apply.

active500EM Wired Web Interface User’s Manual 21

2.2.2 SNMP management
Click Switch basic configuration -> SNMP configuration -> SNMP management to set SNMP Agent, RMON, TRAP and Security IP state. Example: Select SNMP Agent state as Open, RMON state as Open, Trap state as Open, Security IP state as Close, and then click Apply. The operation is as follows: • • • • SNMP Agent state – Open/Close SNMP agent server function RMON state – Open/Close RMON function Trap state – Open/Close the receiving trap information for the device SecurityIP state – Open/Close the safety IP address authentication on NMS manage station



2.2.3 Community managers
Click Switch basic configuration -> SNMP configuration -> Community managers to manage community string and configure TRAP manager. 1. Community managers – Configure the community string and the access priority. • • Community string (1–255 characters) – Set the community string Access priority – Includes Read only and Read and write

active500EM Wired Web Interface User’s Manual 22

Example: Configure the Community string as public and the Access priority is Read only. After configuring the Community string and the Access priority, click Apply. The figure is as follows:

2. TRAP manager configuration Click Switch basic configuration -> SNMP configuration -> Community managers to configure the IP address and the community strings of the management station, which will receive SNMP Trap messages. • • Trap receiver – The IP address to be used to receive SNMP Trap messages Community string (1–255 characters) – used to receive Trap messages

Example: Configure the Trap receiver as 192.168.1.100, the Community string as trap, and then click Apply.

active500EM Wired Web Interface User’s Manual 23

2.2.4 Configure SNMP manager security IP
Click Switch basic configuration -> SNMP configuration -> Configure snmp manager security IP to configure the security IP address that will be allowed access to the management station. • Security IP address – The security IP address of NMS Example: Configure the Security IP address as 192.168.1.100, and then click Apply. The figure is as follows:

2.2.5 SNMP statistics
Click Switch basic configuration -> SNMP configuration -> SNMP statistics to display the feedback information.

active500EM Wired Web Interface User’s Manual 24

2.3 SSH management
Secure Shell (SSH) connections use a trusted SSL certificate for user logon to the web GUI interfaces. Browsers, such as Internet Explorer®, Firefox®, Safari® and Chrome™, come preinstalled with a predetermined set of root certificates. These certificates serve as trusted third parties and work instantly to provide seamless usability. The activeARC® solution accepts root SSL certificates from all browsers for a secure and encrypted https login. Users are not allowed to introduce their own certificates, thereby reducing the risk of unauthorized system access. For any configurations discussed in the following subsections, SSH must be started as described in this section. If SSH is not started, the user may receive the message to “Start SSH first before continuing the requested configuration”. Click Switch basic configuration -> SSH management to configure the SSH related functions. Note: First, start SSH to configure the related functions. Configure the SSH switch status as Open, and then click Apply.

2.3.1 Switch on-off SSH
Click Switch basic configuration -> SSH management -> Switch on-off SSH to open or close SSH function.

active500EM Wired Web Interface User’s Manual 25

2.3.2 SSH management
Click Switch basic configuration -> SSH management -> SSH management to configure SSH timeout management and SSH reauthentication management, and to create an SSH RSA key. SSH timeout – Set SSH timeout; the default value is 180 seconds.

SSH reauthentication – Set SSH reauthentication times; the default value is 3 times.

SSH RSA key – The modulus that is used to compute the host key; valid range is 768 to 2048; the default value is 1024.

active500EM Wired Web Interface User’s Manual 26

2.4 Firmware update
Pause the mouse pointer over Switch basic configuration -> Firmware update to configure the Node Tree Diagram. Keywords and diagrams are as follows:

1. TFTP service, including: • • • • TFTP client service – to configure TFTP client TFTP server service – to configure TFTP server FTP client service – to configure FTP client FTP server service – to configure FTP server

2. FTP service, including:

2.4.1 TFTP client service
Click Switch basic configuration -> Firmware update -> TFTP service -> TFTP client service to open the configuration interface. Phrases are explained as follows: • • • • • Server IP address – Server’s IP address Local file name –Ranging from 1 to 100 characters Server file name –Ranging from 1 to 100 characters Operation type – Includes Upload and Download Transmission type – ascii to transmit files by using ASCII standard; binary means files are transmitted in binary standard

active500EM Wired Web Interface User’s Manual 27

Example: The following figure shows how to get the system file from TFTP Server. The IP address is 192.168.1.100, the Local file name is nos.img, and the Server file is nos.img. Click Apply.

2.4.2 TFTP server service
Click Switch basic configuration -> Firmware update -> TFTP service -> TFTP server service to open the configuration interface. Phrases are explained as follows: • • • Server state – The state of the server (Open or Close) TFTP Timeout – The timeout TFTP Retransmit times – Times of retransmit

Example: Set the server state as Open, and configure suitable TFTP Timeout and Retransmit times, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 28

2.4.3 FTP client service
Click Switch basic configuration -> Firmware update -> FTP service -> FTP client service to open the configuration interface. Phrases are explained as follows: • • • • • • • Server IP address – Server’s IP address User name – The name of the user, ranging from 1 to 100 characters Password – The specific password, ranging from 1 to 100 characters Local file name – Ranging from 1 to 100 characters Server file name – Ranging from 1 to 100 characters Operation type – Includes Upload and Download Transmission type – ascii to transmit files by using ASCII standard; binary means files are transmitted in binary standard

Example: The following figure shows how to get the system file from the FTP server. TheIP address is 192.168.1.100, Local file name is nos.img, and Server file name is nos.img. The FTP user is switch, and the Password is switch. Click Apply.

active500EM Wired Web Interface User’s Manual 29

2.4.4 FTP server service
Click Switch basic configuration -> Firmware update -> FTP service -> FTP server service to open and configure the FTP server service node, which includes FTP server service and FTP user name and password setting. Phrases of FTP server service are explained as follows: • • • • • • FTP server state – The state of the server (Open or Close) FTP Timeout – Timeout, ranging from 5 to 3600 seconds User – The name of the user Password – The specific password State – Displays the password state, which includes Plain text and Encrypted text. Plain text displays the password; Encrypted text cannot display the password Operation type – Includes Add and Remove user

Phrases of FTP user name and password setting are explained as follows:

Example 1: Set the FTP server state as Open and the FTP Timeout as 600 seconds, and then click Apply.

Example 2: Input the User as switch and the Password as switch. Select the State as Plain text and the Operation type as Add, and then click Apply.

active500EM Wired Web Interface User’s Manual 30

2.5 Telnet server configuration
On the left directory of the home page, pause the mouse pointer over Switch basic configuration -> Telnet server configuration to configure Telnet server state, Max numbers of telnet access connection for sub-nodes.

2.5.1 Telnet server state
Click Switch basic configuration -> Telnet server configuration -> Telnet server state to configure the Telnet server state. Example: Select the Telnet server state as Open, and then click Apply to start Telnet server. The figure is as follows:

2.5.2 Max numbers of telnet access connection
Click Switch basic configuration -> Telnet server configuration -> Max numbers of telnet access connection to configure the maximum numbers of Telnet access connection. Example: Set the Telnet access connection number as 10, and then click Apply.

active500EM Wired Web Interface User’s Manual 31

2.6 Maintenance and debugging command
Pause the mouse pointer over Switch basic configuration -> Maintenance and debugging command to choose the sub-nodes and open the corresponding configuration interface.

The sub-nodes are as follows: • • • • • • • • • Debug command – Debugs the connection state of the switch show clock – Shows the current time show cpu usage – Shows CPU usage information in the current running state show memory usage – Shows memory usage information in the current running state show flash – Shows Flash file information show running-config – Shows the current parameters configuration show switchport interface – Shows properties of VLAN ports show tcp – Shows the current TCP connection with the switch show udp – Shows the current UDP connection with the switch active500EM Wired Web Interface User’s Manual 32

• •

show telnet login – Shows the client messages that connect with the switch through Telnet show version – Shows the version number of the switch

2.6.1 Debug command
Click Switch basic configuration -> Maintenance and debugging command -> Debug command to open the configuration interface, so as to configure Basic host configuration, PING, and Traceroute for the node. The figures are as follows: 1. Basic host configuration – Configure the mapping relationship between the switch and the IP address Example: Configure the Host name as London and the IP address as 200.121.1.1, and then click Apply. This configuration will be applied to the switch. The figure is as follows:

2. PING Phrases are explained as follows: • • Host name – The name of the host IP address – The IP address destination

Example: Type the Host name as London and the IP address as 192.168.1.180, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 33

3. Traceroute Phrases are explained as follows: • • • • IP address – The destination IP address Host name – The name of host Hops – The maximum passing hops Timeout – The timeout of data packets

2.6.2 Show switchport interface
Click Switch basic configuration -> Maintenance and debugging command -> show switchport interface to view the switchports status.

active500EM Wired Web Interface User’s Manual 34

active500EM Wired Web Interface User’s Manual 35

2.6.3 Others
Other parts are easier to configure in the Maintenance and debugging command node. Click a configuration node, and the related messages will appear. Example: 1. Show the clock – The figure is as follows:

2. Show Flash files – The figure is as follows:

active500EM Wired Web Interface User’s Manual 36

Chapter 3: Port configuration
3.1 Ethernet port configuration
This chapter discusses how to configure and enable various features on the Gigabit Ethernet ports available on the active500EM. Please note that the configurations for ports 1/0/25 to 1/0/28 will be valid only when the SFP uplink module is plugged into the controller. Click the Wired Configuration tab, and then pause the mouse pointer over Port configuration -> Ethernet port configuration to open the Ethernet port configuration node, so as to configure Port layer 1 attribution, Bandwidth control, Switchport description, Port combo forced mode, and Port scan mode. The figure is as follows:

3.1.1 Port layer 1 attribution configuration
Click Port configuration -> Ethernet port configuration -> Port layer 1 attribution configuration to configure the following information: • • • Port – The specific configuration port mdi – Set the cable type of the Ethernet port: auto indicates auto identification of cable types; across indicates crossover cable support only; normal indicates straight-through cable support only Admin status – No shutdown or shut down the port

• Speed/Duplex status – Set Ethernet port speed and duplex, including auto-negotiation, 10Mbps Half, 10Mbps Full, 100Mbps Half, 100Mbps Full, 1000Mbps Half, 1000Mbps Full • • • Module type – Set the type of 100Base-FX module; auto-detected: automatic to detect; no-phy-integrated: there is no phy- integrated 100Base-TX module; phy-integrated: phy- integrated 100Base-TX module (this option must be used with 100Base- FX and only used to fiber or combo port; the combo port must be configured in sfp-forced mode) 1000M mode – Select the 1000M mode as Master or Slave Fiber portMode – Including Auto and No negotiation

active500EM Wired Web Interface User’s Manual 37

• •

Flow control status – Displays the current flow control status; options include Valid flow control or Invalid flow control Loopback – Whether to configure the loopback testing function of Ethernet port.

Example: Assign the Port to be Ethernet1/0/1, and set mdi as auto, the Admin status as no shutdown, Speed/Duplex status as Auto, Module type as auto detected, 1000M Mode as master, fiber portMode as Auto, Flow control status as Invalid flow control, and Loopback as no loopback. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 38

The Port list table displays the related information of the specific port configuration.

3.1.2 Bandwidth control configuration
Click Port configuration -> Ethernet port configuration -> Bandwidth control configuration to configure the bandwidth control. • • • Port – The specific configuration port. Bandwidth control level – Port bandwidth control. Control type – Transmit refers to the bandwidth control performed only in sending data; Receive refers to the bandwidth control performed only in receiving data from outside; Both refers to the bandwidth control when the port receives and sends data. Operation – Including Configuration and Default.



Example: Choose the Port to be Ethernet1/0/1, set the Bandwidth control level as 100K, the Control type as Transmit, and the Operation as Configuration, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 39

3.1.3 Switchport description
Click Port configuration -> Ethernet port configuration -> Switchport description to configure the switchport description. Example: Select the Port to be Ethernet1/0/1, type the Description as Connect PC1, and select the Operation as Configuration. Click Apply to apply the description configuration. The figure is as follows:

3.1.4 Port combo forced mode configuration
Click Port configuration -> Ethernet port configuration -> Port combo forced mode config to configure the combo mode. Example: Select the Port to be Ethernet1/0/25. Select the forced mode as sfp-preferred-auto, and then click Apply. The figure is as follows:

3.1.5 Port scan mode

active500EM Wired Web Interface User’s Manual 40

3.2 VLAN interface configuration
Pause the mouse pointer over Port configuration -> VLAN interface configuration to open the Interface VLAN configuration node, so as to add the VLAN interface and configure the IP address for interface VLAN.

3.2.1 Add interface VLAN
Click Port configuration -> VLAN interface configuration -> Add interface VLAN to add or remove the VLAN interface. Example: Select the VLAN ID to be 1 and the Operation as Add, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 41

3.2.2 L3 interface IP address mode configuration
Click Port configuration -> VLAN interface configuration -> L3 interface IP address mode configuration to open the configuration interface, so as to configure IP address mode for Layer 3 interface. Example: Select VLAN interface as Vlan1, IP mode as Specify IP address. Type the Interface IP address as 192.168.1.10, Interface network mask as 255.255.255.0, and the Operation as Add, and then click Apply. The IP address of the network management port is set as 192.168.1.10/24 for VLAN1 interface. The figure is as follows:

3.3 SPAN configuration
Pause the mouse pointer over Port configuration -> SPAN configuration to open the port mirroring function interface node. The figure is as follows:

3.3.1 SPAN configuration
Click Port configuration -> SPAN configuration -> SPAN configuration to open the port mirroring function interface node, so as to configure and check the destination port mirroring and source port mirroring. • • • Session – Configure the mirror session value; currently only 1 is supported Destination port – Set the mirror destination port number Operation – Select Add or Remove

active500EM Wired Web Interface User’s Manual 42

Example: Select the Session as 1, the Destination port as 1/0/7, and the Operation as Add, and then click Apply. The figures are as follows:

3.4 Loopback-detection configuration
Pause the mouse pointer over Port configuration -> Loopback-detection configuration to open the nodes of port loopback-detection configuration, so as to configure the port loopback-detection mode, VLAN loopback-detection, loopback-detection interval-time, and loopback-detection control recovery. The figure is as follows:

active500EM Wired Web Interface User’s Manual 43

3.4.1 Port loopback-detection mode configuration
Click Port configuration -> Loopback-detection configuration -> Port Loopback- detection mode configuration to configure the port loopback-detection mode. • • • Port – The specific configuration port Loopback-detection mode – Specifies the loopback-detection mode: shutdown, block, or learning Operation – Includes Add and Remove

Example: Select the Port as Ethernet1/0/1, Loopback-detection mode as block, and the Operation as Add, and then click Apply. The figure is as follows:

3.4.2 VLAN loopback-detection configuration
Click Port configuration -> Loopback-detection configuration -> VLAN Loopback- detection configuration to configure the port loopback-detection mode. Example: Select the Port as Ethernet1/0/1, VLAN ID as 1, and the Operation as Add, and then click Apply. The port loopback-detection of port1/0/1 is enabled in VLAN1. The figure is as follows:

active500EM Wired Web Interface User’s Manual 44

3.4.3 Loopback-detection interval-time configuration
Click Port configuration -> Loopback-detection configuration -> Loopback-detection interval-time configuration to configure the port loopback-detection interval-time. This includes Loopback-detection interval time and no Loopback-detection interval time. Example: Type the Loopback-detection interval time as 6 and the no Loopback-detection interval time as 4. Select the Operation as Configuration, and then click Apply. The figure is as follows:

3.4.4 Loopback-detection control recovery configuration
Click Port configuration -> Loopback-detection configuration -> Loopback-detection control recovery configuration to configure whether the loopback-detection controls auto recovery. Example: Type the Recovery switch timeout as 30, and then click Apply. The loopback-detection control will execute auto recovery after 30 seconds. The figure is as follows:

active500EM Wired Web Interface User’s Manual 45

3.5 Isolate-port configuration
3.5.1 Isolate-port group configuration
Pause the mouse pointer over Port configuration->Isolate-port configuration, and then click Isolate-port group configuration to configure the isolate-port group. • • Group name – Added or deleted isolate-port group’s name Operation – Includes Add or Delete

Example: Type the Group name as 1, select the Operation as Add, and then click Apply.

3.5.2 Interface join group configuration
Pause the mouse pointer over Port configuration->Isolate-port configuration, and then click Interface join group config to add the port to the appointed isolate-port group. • • • Group name – Added or deleted isolate-port group’s name Port –Will be added in the isolate-port group Operation – Includes Add or Delete

Example: Type the Group name as 1. Select the Port as Ethernet1/0/1 and the Operation as Add, and then click Apply.

active500EM Wired Web Interface User’s Manual 46

3.5.3 Show isolate-port group
Pause the mouse pointer over Port configuration->Isolate-port configuration, and then click Show isolate-port group to display the isolate-port group information. Example: Type the Group name as 1, and then click Apply.

3.6 Port storm-control configuration
3.6.1 Storm-control configuration
Pause the mouse pointer over Port configuration ->Port storm-control config ->storm-control configuration to display the configuration options for traffic limit for broadcasts, multicasts, and unicasts on all switch ports. • • • • Port – Specific configuration port Storm-control type – unicast limits unicast traffic; multicast limits multicast traffic; broadcast limits broadcast traffic Storm-control value – Number of Kbit allowed to pass per second, ranging from 1 to 1000000 Operation – Includes Add or Remove

Example: Select the Port as Ethernet1/0/1 and storm-control type as broadcast. Type the storm-control value as 1000. Select the Operation as Add, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 47

3.7 Port debug and maintenance
3.7.1 Show port information
Click Port configuration -> Port debug and maintenance -> Show port information, and then select the port to check its information. The figure is as follows:

3.7.2 Show entire traffic information
Click Port configuration -> Port debug and maintenance -> Show entire traffic information to check the entire traffic information. The figure is as follows:

active500EM Wired Web Interface User’s Manual 48

3.8 ULDP configuration
3.8.1 ULDP global enable configuration
Click Port configuration-> ULDP configuration-> ULDP global enable configuration to enable the global or port ULDP configuration. ULDP global enable configuration: • • ULDP global enable type - ULDP enable, ULDP aggressive-mode, ULDP manual shutdown, or ULDP reset all port Operation - Enable or Disable

Example: Choose ULDP global enable type as ULDP enable, and configure the Operation as Enable. Click Apply. The figure is as follows:

ULDP port enable configuration: • • • Port - Appoint the configured port ULDP port enable type - ULDP port enable, ULDP port aggressive-mode, or ULDP reset port Operation - Enable or Disable

Example: Choose the Port as Ethernet1/0/1 and the ULDP port enable type as ULDP port enable, and configure the Operation as Enable. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 49

3.8.2 ULDP hello message configuration
Click Port configuration-> ULDP configuration-> ULDP Hello message config to configure the ULDP Hello message interval. Example: Configure the ULDP Hello message time as 5, choose the Operation as Configuration, and click Apply. The figure is as follows:

3.8.3 ULDP recovery time configuration
Click Port configuration-> ULDP configuration-> ULDP recovery time config to configure the ULDP recover time. Example: Configure the ULDP Hello message time as 30, choose the Operation as Configuration, and click Apply. The figure is as follows:

3.8.4 Show ULDP configuration
Click Port configuration-> ULDP configuration-> Show ULDP configuration to show the ULDP configuration information. Example: Choose the Port as all, and click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 50

3.9 LLDP configuration
3.9.1 LLDP global enable configuration
Click Port configuration -> LLDP configuration -> LLDP global enable configuration to enable the global or port LLDP configuration. LLDP global enable configuration: • LLDP enable - Enable or Disable Example: Choose the LLDP enable as Enable, and click Apply. The figure is as follows:

LLDP port enable configuration: • • • Port - Appoint the configured port LLDP port enable type - LLDP port enable or LLDP port trap enable Operation - Enable or Disable

Example: Choose the Port as Ethernet1/0/1 and the LLDP port enable type as LLDP port enable, and configure the Operation as Enable. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 51

3.9.2 LLDP port status configuration
Click Port configuration -> LLDP configuration -> LLDP port status config to configure the LLDP port status. • • Port - Appoint the configured port LLDP port status - Options include both, disable, receive, or send

Example: Choose the Port as Ethernet1/0/1, choose the LLDP port status as send, and click Apply. The figure is as follows:

3.9.3 LLDP tx-interval config
Click Port configuration -> LLDP configuration -> LLDP tx-interval config to configure the LLDP tx-interval. • • LLDP tx-interval - the range is 5-32768 Operation - Configuration or Default

Example: Configure the LLDP tx-interval as 5, choose the Operation as Configuration, and click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 52

3.9.4 LLDP msgTxHold configuration
Click Port configuration -> LLDP configuration -> LLDP msgTxHold config to configure the LLDP msgTxHold. • • LLDP msgTxHold value - The range is 2-10 Operation - Configuration or Default

Example: Configure the LLDP msgTxHold value as 2, choose the Operation as Configuration, and click Apply. The figure is as follows:

3.9.5 LLDP transmit delay configuration
Click Port configuration -> LLDP configuration -> LLDP transmit delay config to configure the LLDP transmit delay. • • LLDP transmit delay value - The range is 1-8192 Operation - Configuration or Default

Example: Configure the LLDP transmit delay value as 1, choose the Operation as Configuration, and click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 53

3.9.6 LLDP notification interval configuration
Click Port configuration -> LLDP configuration -> LLDP transmit delay config to configure the LLDP notification interval. • • LLDP notification interval value - The range is 5-3600 Operation - Configuration or Default

Example: Configure the LLDP notification interval value as 5, choose the Operation as Configuration, and click Apply. The figure is as follows:

3.9.7 LLDP neighbors max-num configuration
Click Port configuration -> LLDP configuration -> LLDP neighbors max-num config to configure the LLDP neighbors max-num. • • • Port - Appoint the configured port LLDP neighbors max-num value - The range is 5-500 Operation - Configuration or Default

Example: Choose the Port as Ethernet 1/0/1, configure the LLDP neighbors max-num value as 5, choose the Operation as Configuration, and click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 54

3.9.8 LLDP too many neighbors configuration
Mouse over and click Port configuration -> LLDP configuration -> LLDP too many neighbors configuration to configure the LLDP too many neighbors. • • Port - Appoint the configured port LLDP too many neighbors value - delete (delete a remote date) or discard (drop the received packet)

Example: Choose the Port as Ethernet 1/0/1, choose the LLDP too many neighbors value as discard, and click Apply. The figure is as follows:

3.9.9 LLDP transmit optional tlv configuration
Click Port configuration -> LLDP configuration -> LLDP transmit optional tlv config to configure the LLDP transmit optional tlv config. Example: Choose the Port as Ethernet 1/0/1, select LLDP port description and LLDP system capability. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 55

3.9.10 Show LLDP configuration
Click Port configuration -> LLDP configuration -> Show LLDP configuration to show the LLDP information. Example: Choose the LLDP too mangy neighbors value as show LLDP, choose the Port as all, and click Apply. The figure is as follows:

3.10 Jumbo packet forwarding configuration
Click Port configuration -> Jumbo packet forwarding configuration to configure the jumbo packet forwarding. • • Jumbo packet size - The maximum transmission unit range and it is 1500-16000 (the unit is byte) Operation - Configuration or Default

Example: Configure the Jumbo packet size as 1500, choose the Operation as Configuration, and click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 56

Chapter 4: MAC address table configuration
Pause the mouse pointer over MAC address table configuration to open MAC address table configuration nodes, so as to configure MAC address table, MAC-binding. The figure is as follows:

4.1 MAC address table configuration
Pause the mouse pointer over MAC address table configuration to open MAC address table configuration nodes MAC address agingtime configuration, Configurate MAC address, Delete MAC address, and MAC address query.

4.1.1 MAC address aging-time configuration
Click MAC address table configuration -> MAC address aging-time configuration to configure MAC address aging-time. Example: Type MAC address aging-time as 600. Select the Operation as Configuration, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 57

4.1.2 Configurate MAC address
Click MAC address table configuration -> Configurate MAC address to add or remove static MAC address entries. Example: Type the MAC address as F8-F7-D3-00-03-F1. Select VLAN ID as 100, Port list as Ethernet1/0/1, and Operation as Add, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 58

4.1.3 Delete MAC address
Click MAC address table configuration -> Delete MAC address to delete static, dynamic, blackhole addresses by selecting Delete by VLAN ID, Delete by MAC, and Delete by port. The figure is as follows:

4.1.4 MAC address query
Click MAC address table configuration -> MAC address query to query static, dynamic, blackhole addresses by selecting Query by MAC, Query by VLAN ID, and Query by port. The figure is as follows:

active500EM Wired Web Interface User’s Manual 59

Chapter 5: VLAN configuration
5.1 VLAN configuration
Pause the mouse pointer over VLAN configuration -> VLAN configuration to open VLAN configuration nodes Create/Remove VLAN, Assign ports for VLAN, Port type configuration, Hybrid port configuration, Trunk port configuration, and Private-vlan configuration. The figure is as follows:

5.1.1 Create/remove VLAN
Pause the mouse pointer over VLAN configuration -> VLAN configuration -> Create/Remove VLAN-> VLAN ID configuration to add or remove VLAN. • • • • VLAN ID – Type the VLAN ID VLAN Name – Type the specific name string of VLAN VLAN Type – Select private vlan (isolated), private vlan (community), private vlan (primary), or universal vlan Operation – Select Add or Remove.

Example: Type the VLAN ID as 100, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 60

5.1.2 Assign ports for VLAN
Pause the mouse pointer over VLAN configuration -> VLAN configuration -> Assign ports for VLAN -> Assign ports for VLAN to assign Ethernet ports for VLAN. Example: Select the VLAN ID as 100, the Port as Ethernet1/0/1, and the Operation as Add, and then click Apply. The figure is as follows:

5.1.3 Port type configuration
Pause the mouse pointer over VLAN configuration -> VLAN configuration -> Port type configuration -> Set port mode (access/ hybrid/trunk) to configure the port type as access/hybrid and trunk mode. • • • Port – Specifies the port name Type – Trunk means the port allows traffic of multiple VLAN; access indicates the port belongs to one VLAN only State – Options include Enable VLAN ingress check and Disable VLAN ingress check

Example: Select the Port as Ethernet1/0/1, the Type as trunk, and the State as Enable VLAN ingress check, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 61

5.1.4 Trunk port configuration
Click VLAN configuration -> VLAN configuration -> Trunk port configuration -> VLAN setting for trunk port to set the PVID for trunk port and the allowed VLAN. 1. Add/remove the trunk port PVID Example: Select the Port as Ethernet1/0/25, type the Trunk native VLAN as 100, and then click Apply. The figure is as follows:

2. Set trunk allowed VLAN. The figure is as follows:

active500EM Wired Web Interface User’s Manual 62

5.1.5 Private-VLAN configuration
Pause the mouse pointer over VLAN configuration -> VLAN configuration -> Private-VLAN configuration -> Private-VLAN association to set the private-VLAN binding. Example: Select the Designate Primary-vlan as 100. Type the Association vlan list as 200. Select the Operation as Configuration, and then click Apply. The figure is as follows:

5.2 GVRP configuration
Click VLAN configuration -> GVRP configuration to open the GVRP configuration nodes, so as to enable/disable the global or port GVRP function and configure the GARP parameters. The figure is as follows:

5.2.1 Enable global GVRP
Click VLAN configuration -> GVRP configuration -> Enable global GVRP to enable the global GVRP, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 63

5.2.2 Enable GVRP on port
Click VLAN configuration -> GVRP configuration -> Enable GVRP on port to enable or disable the GVRP function of the port. Example: Select the Port as Ethernet1/0/1; and select the Enable/Disable GVRP as Enable. Click Apply. The figure is as follows:

5.2.3 GARP parameters configuration
Pause the mouse pointer over VLAN configuration -> GVRP configuration -> GARP configuration to configure the parameters, which include Join timer, Leave timer, Hold timer, etc. Example: Type the Join timer as 200, the Leave timer as 600, Leaveall timer as 10000, and the Operation as Configuration. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 64

5.3 VLAN-translation configuration
Pause the mouse pointer over VLAN configuration -> VLAN-translation configuration to display the sub-nodes. The figure is as follows:

5.3.1 Enable/Disable VLAN-translation
Pause the mouse pointer over VLAN configuration -> VLAN-translation configuration, and then click Enable/DisableVLANtranslation to enable or disable VLAN translation on the port. The figure is as follows:

active500EM Wired Web Interface User’s Manual 65

5.3.2 Add/Delete VLAN-translation
Pause the mouse pointer over VLAN configuration -> VLAN-translation configuration, and then click Add/Delete VLAN-translation to configure VLAN translation settings on the port. The figure is as follows:

5.3.3 VLAN-translation miss drop configuration
Pause the mouse pointer over VLAN configuration -> VLAN-translation configuration, and then click VLAN-translation miss drop configuration to set packet dropping when checking VLAN-translation is failing. The figure is as follows:

active500EM Wired Web Interface User’s Manual 66

5.3.4 Show VLAN-translation
Pause the mouse pointer over VLAN configuration -> VLAN-translation configuration, and then click Show VLAN-translation to display VLAN translation settings. The figure is as follows:

5.4 Dynamic VLAN configuration
Pause the mouse pointer over VLAN configuration -> dynamic vlan configuration to display the sub-nodes. The figure is as follows:

5.4.1 Protocol VLAN mode configuration
Pause the mouse pointer over VLAN configuration -> dynamic vlan configuration -> protocol vlan configuration, and then click protocol vlan mode configuration to configure dynamic VLAN for the protocols. The figure is as follows:

active500EM Wired Web Interface User’s Manual 67

5.5 Dot1q-tunnel configuration
Pause the mouse pointer over VLAN configuration -> Dot1q tunnel configuration to display the sub-nodes. The figure is as follows:

5.5.1 Enable dot1q tunnel
Pause the mouse pointer over VLAN configuration -> Dot1q tunnel configuration, and then click Enable dot1q tunnel to enable Dot1q tunnel on the port. The figure is as follows:

5.5.2 Dot1q tunnel tpid configuration
Pause the mouse pointer over VLAN configuration -> Dot1q tunnel configuration, and then click Dot1q tunnel tpid configuration to select the protocol. The figure is as follows:

active500EM Wired Web Interface User’s Manual 68

Chapter 6: IGMP snooping configuration
For any configurations discussed in the following subsections, Switch on-off IGMP snooping should be set to Open as described in section 6.1. If IGMP snooping is not set to open, the user may receive the message that the “IGMP snooping port is disabled and the current configuration is invalid”. Pause the mouse pointer over IGMP snooping configuration to display the sub-nodes. The figure is as follows:

6.1 Switch on-off IGMP snooping
Click IGMP snooping configuration -> Switch on-off IGMP snooping to open or close the switch’s IGMP snooping function. Example: Select the Switch on-off IGMP snooping as Open. Click Apply.

6.2 IGMP snooping VLAN enable
Click IGMP snooping configuration -> IGMP snooping VLAN enable to open or close the specified VLAN’s IGMP snooping function. Example: Select the VLAN ID as vlan 1 and the Operation type as Open. Click Apply.

active500EM Wired Web Interface User’s Manual 69

6.3 IGMP snooping configuration
Click IGMP snooping configuration -> IGMP snooping configuration to configure the VLAN ID, Immediately leave configuration, L2general-querier configuration, Group number, or Source table number. Example: Select the VLAN ID as vlan1. Select the Immediate leave configuration check box. Click Apply.

6.4 IGMP snooping mrouter port configuration
Click IGMP snooping configuration -> IGMP snooping mrouter port configuration to configure the static mrouter port and mrouter port alive time of the VLAN. Example: Select the VLAN ID as vlan 1, the Mrouter port as Ethernet1/0/1, the Mrouter port alive time as 100, and the Operation type as Add. Click Apply.

active500EM Wired Web Interface User’s Manual 70

6.5 IGMP snooping query configuration
Click IGMP snooping configuration -> IGMP snooping query configuration to configure the Query-Interval, Query-mrsp configuration, Query-robustness configuration, and Suppression-query-time configuration of IGMP snooping. Example: Select the VLAN ID as vlan 1. Select the Query-Interval and type the value as 100. Select the Operation type as Add. Click Apply.

active500EM Wired Web Interface User’s Manual 71

Chapter 7: MLD snooping configuration
For any configurations discussed in the following subsections, Switch on-off MLD snooping should be set as Open as described in section 7.1. If MLD snooping is not set as open, the user may receive the message that the “MLD snooping port is disabled and the current configuration is invalid”. Pause the mouse pointer over MLD snooping configuration to display the MLD snooping on the switch, as shown in the following figure.

7.1 Switch on-off MLD snooping
Pause the mouse pointer over MLD snooping configuration, and then click Switch on-off MLD snooping to open or close the MLD snooping function of the switch. Example: Select the Switch on-off MLD snooping as Open, and then click Apply.

active500EM Wired Web Interface User’s Manual 72

7.2 MLD snooping VLAN configuration
Pause the mouse pointer over MLD snooping configuration, and then click MLD snooping port enable to open or close the MLD snooping function of the appointed VLAN. Example: Select the VLAN ID as vlan 1, select the Operation type as Open, and then click Apply.

7.3 MLD snooping configuration
Pause the mouse pointer over MLD snooping configuration, and then click MLD snooping configuration to configure the Immediate leave, L2-general-querier, Group number, and Source table number. Example: Select the VLAN ID as vlan 1, select the Immediate leave configuration check box, and then click Apply.

active500EM Wired Web Interface User’s Manual 73

7.4 MLD snooping mrouter port configuration
Pause the mouse pointer over MLD snooping configuration, and then click MLD snooping mrouter port configuration to configure the static mrouter port and mrouter port alive time of VLAN. Example: Select the VLAN ID as vlan 1 and the Mrouter port as Ethernet 1/0/1. Type the MRouter port alive time as 100. Select the Operation type as Add, and then click Apply.

7.5 MLD snooping query configuration
Pause the mouse pointer over MLD snooping configuration, and then click MLD snooping query configuration to configure the QueryInternal, Query-mrsp, Query-robustness, and Suppression-query-time of MLD snooping. Example: Select the VLAN ID as vlan 1. Select Query-internal and type the value as 100. Select the Operation type as Add, and then click Apply.

active500EM Wired Web Interface User’s Manual 74

Chapter 8: ACL configuration
Pause the mouse pointer over ACL configuration to display the sub-nodes. The figure is as follows:

8.1 Time range configuration
Click ACL configuration -> Time range configuration -> Time range configuration to configure the time range. The figure is as follows:

active500EM Wired Web Interface User’s Manual 75

8.2 Numeric ACL
8.2.1 Standard numeric ACL
Pause the mouse pointer over ACL configuration -> Numeric ACL -> Standard numeric ACL to display the sub-nodes. The figure is as follows:

8.2.1.1 IP standard ACL
Click ACL configuration -> Numeric ACL -> Standard numeric ACL -> IP standard ACL to set up/add a IP standard numeric access list. • • • • • List name – Ranges from 1 to 99 Rule – Options include permit and deny Source address type – Options include Any IP, Specified IP, and Host IP Source IP – Source IP address Reverse network mask – Reverse network mask for source IP

Example: Type the List name as 20 and the Source IP as 192.168.1.0, and then click Apply.

active500EM Wired Web Interface User’s Manual 76

8.2.1.2 MAC standard ACL
Click ACL configuration -> Numeric ACL -> Standard numeric ACL -> MAC standard ACL to define a MAC standard ACL rule. • • • • • List name – Ranges from 700 to 799 Rule – Options include permit and deny Source address type – Options include Any MAC, Specified MAC, and Host MAC Source MAC – Source MAC address Reverse network mask – Reverse network mask for source MAC

Example: Type the List name as 700 and the Source MAC as 00-00-00-00-00-01, and then click Apply.

8.2.2 Extended numeric ACL
Pause the mouse pointer over ACL configuration -> Numeric ACL -> Extended numeric ACL to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 77

8.2.2.1 IP extended ACL
Click ACL configuration -> Numeric ACL -> Extended numeric ACL -> IP extended ACL to set up/add an IP extended numeric access list. • Operation type – Options include ICMP, IGMP, TCP, UDP, EIGRP, GRE, IGRP, IPINIP, OSPF, IP, and Specified_protocol It contains the following: • • • • • • • • • • • • • ICMP extended, includes: ICMP type and ICMP code IGMP extended, includes: IGMP type TCP extended, includes: Source port, Destination port, TCP sign (optional) UDP extended, includes: Source port, Destination port Specified extended – input protocol number manually

List name – Ranges from 100 to 199 Rule – Options include permit and deny Source address type – Options include Any IP, Specified IP, and Host IP Source IP – Source IP address Reverse network mask – Reverse network mask for source IP Destination address type – Options include Any IP, Specified IP, and Host IP Destination IP – Destination IP address Reverse network mask – Reverse network mask for destination IP

• IP precedence – IP based packet prioritization field with valid value range from 0-7, 0 being the lowest and 7 being the highest priority • • TOS – IP Type of Service priority field (0-15) Time range name – Select the time range that has been previously configured

active500EM Wired Web Interface User’s Manual 78

Example: Type the List name as 110, select deny for the Rule, type the IP destination as 10.1.1.0, and then click Apply.

8.2.2.2 MAC extended ACL
Click ACL configuration -> Numeric ACL -> Extended numeric ACL -> MAC extended ACL to define a MAC extended ACL rule. • • • • • • List name – Ranges from 1100 to 1199 Rule – Options include permit and deny Source address type – Options include Any MAC, Specified MAC, and Host MAC Source MAC – Source MAC address Reverse network mask – Reverse network mask for source MAC Destination address type – Options include Any MAC, Specified MAC, and Host MAC active500EM Wired Web Interface User’s Manual 79

• • •

Destination MAC – Destination MAC address Reverse network mask – Reverse network mask for destination MAC Packet type – Options include None, Tagged-802.3, Tagged-eth2, Untagged-802.3, and Untagged-eth2

Example: Type the List name as 1100. Select permit for the Rule, select Any MAC for both the Destination MAC and Source MAC, and select Tagged-eth2 for the Packet. Click Apply.

active500EM Wired Web Interface User’s Manual 80

8.2.2.3 MAC-IP extended ACL
Click ACL configuration -> Numeric ACL -> Extended numeric ACL -> MAC-IP extended ACL to define a MAC-IP extended ACL rule. Example: Type the Source MAC as 00-12-34-45-XX-XX, select the Destination address type as Any MAC, type the Source IP as 100.1.1.0, and select the Destination address type as Any IP. Click Apply.

active500EM Wired Web Interface User’s Manual 81

8.2.3 Delete numeric ACL
Click ACL configuration -> Numeric ACL -> Delete Numeric ACL to open the configure interface. Example: Type the List name as 1100, and then click Apply.

8.3 Name ACL
8.3.1 Standard name ACL
Pause the mouse pointer over ACL configuration -> Name ACL -> Standard name ACL to display the sub-nodes. The figure is as follows:

8.3.1.1 IP standard ACL
Pause the mouse pointer over ACL configuration -> Name ACL -> Standard name ACL, and then click IP standard ACL to open the configuration interface. The List name of IP standard ACL can be configured in the same way as numeric ACL, but its name cannot be an all digits (0–9) string, while the list name of a numeric ACL must be all digits. Example: Type the List name as ipFlow; select the Rule as permit and the Source address type as Specified IP. Type the Source IP as 10.1.1.0 and the Reverse network mask as 0.0.0.255. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 82

8.3.2 Extended name ACL
Pause the mouse pointer over ACL configuration -> Name ACL -> Extended name ACL to display the sub-nodes. The figure is as follows:

8.3.2.1 IP extended ACL
Pause the mouse pointer over ACL configuration -> Name ACL -> Extended name ACL, and then click IP extended ACL to open the configuration interface. The IP extended ACL list name can be configured in the same way as numeric ACL, but its name cannot be all digits (0–9), while the list name of a numeric ACL must be in all digits. Example: Set up the List name as tcpFlow, allowing the IP packets of any source IP and to any destination IP address to pass , and then click Apply.

active500EM Wired Web Interface User’s Manual 83

8.3.2.2 MAC extended ACL
Pause the mouse pointer over ACL configuration -> Name ACL -> Extended name ACL, and then click MAC extended ACL to open the configuration interface and define a rule for a MAC extended name ACL. • • • • • • • • • List name – Must be 1–64 letters Rule – Options include permit and deny Source address type – Options include Any MAC, Specified MAC, and Host MAC Source MAC – Source MAC address Reverse network mask – Reverse network mask for source MAC Destination address type – Options include Any MAC, Specified MAC, and Host MAC Destination MAC – Destination MAC address Reverse network mask – Reverse network mask for destination MAC Packet type – Options include None, Tagged-802.3, Tagged-eth2, Untagged-802.3, and Untagged-eth2

Example: Type the List name as mac_acl. Select deny for the Rule, Tagged-802.3 for the packet type, and type 00-12-11-23-00-00 for the Source MAC. Click Apply.

active500EM Wired Web Interface User’s Manual 84

8.3.2.3 MAC-IP extended ACL
Pause the mouse pointer over ACL configuration -> Name ACL -> Extended name ACL, and then click MAC-IP extended ACL to open the configuration interface and define a rule for MAC-IP extended name ACL. The List name of MAC-IP extended ACL can be configured in the same way as a numeric ACL, but its list name cannot be all digits (0–9), while the list name of a numeric ACL must be all digits. Example: Type the List name as macip_acl. Select deny for the ICMP packet for any destination or source MAC address and any destination or source IP address, and then click Apply.

8.3.3 Delete name ACL
Pause the mouse pointer over ACL configuration -> Name ACL, and then click Delete Name ACL to open the configuration interface. Example: Type the List name as macip_acl, and then click Apply.

active500EM Wired Web Interface User’s Manual 85

8.4 Filter configuration
For any configurations discussed in the following subsections, the firewall should be enabled on the controller by creating a global permit or deny rule as described in section 8.4.1. If the firewall is not configured as described, the user may receive a message that the “Firewall is disabled and the requested command cannot be performed”.

8.4.1 Firewall configuration
Pause the mouse pointer over ACL configuration -> Filter configuration, and then click Firewall configuration to open the configuration interface. • • Packet filtering – Opens and closes the firewall Firewall default action – Sets the firewall default action

Example: Open the Switch firewall configuration dialog box, and select permit as the Firewall default action. Click Apply.

active500EM Wired Web Interface User’s Manual 86

8.4.2 ACL binding configuration
8.4.2.1 Attach ACL to port
Pause the mouse pointer over ACL configuration -> ACL binding configuration, and then click Attach ACL to port to open the configuration interface. Example: Type aaa as the List name. Select in for the ACL Attached Direction, and select Ethernet1/0/1 for the Port. Click Apply.

8.5 Show ACL configuration
Pause the mouse pointer over ACL configuration -> Show ACL configuration to display the sub-nodes. The figure is as follows:

8.5.1 Show access list
Click ACL configuration -> Show ACL configuration -> Show access list to open the configuration interface. Example: Type the Access list as ALL, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 87

8.5.2 Show access group
Pause the mouse pointer over ACL configuration -> ACL binding configuration, and then click Show access group to open the configuration interface. It shows the port ACL binding instance. Example: Select the Port or Interface name as ALL, and then click Apply. The figure is as follows:

8.5.3 Show firewall
Pause the mouse pointer over ACL configuration -> Show ACL configuration, and then click Show firewall to open the configuration interface. It displays the information for the filter packet. Example: Click Refresh to view the firewall update status.

8.5.4 Show time range
Pause the mouse pointer over ACL configuration -> Show ACL configuration, and then click Show time range to open the configuration interface. It shows the information for time range. Example: Type the Time-range name as ALL. Click Apply.

active500EM Wired Web Interface User’s Manual 88

Chapter 9: IPv6 ACL configuration
For any configurations discussed in the following subsections, the Firewall default action should be set to permit as described in section 8.4.1. If the Firewall default action is not set to permit, the user may receive a message that the “Firewall is disabled and the ACL cannot be attached to the port or that IPv6 ACL for the vlan can not be attached”. Pause the mouse pointer over IPv6 ACL configuration to display the sub-nodes. The figure is as follows:

9.1 IPv6 standard access-list configuration
Click IPv6 ACL configuration, and then click IPv6 standard access-list configuration to open the configuration interface. It sets up an IPv6 standard access list or adds a rule table if the access list is already set up. • • Access list number – Ranges from 500 to 599 Rule – Options include permit and deny

• Source address type – Options include Host-source (no need to type the prefix for IPv6 address), Any-source, and IPv6 source prefix (need to type the prefix for IPv6 address) • • IPv6 address – Type the IPv6 address and the prefix length for IPv6 address Operation – Select Add or Remove

active500EM Wired Web Interface User’s Manual 89

Example: Type the Access list number as 520. Select the Rule as permit, the Source address type as IPv6 source prefix, the IPv6 address as 2003:1:2:3::1/64, and the Operation as Add, and then click Apply. The figure is as follows:

9.2 IPv6 name access-list configuration
Click IPv6 ACL configuration -> IPv6 name access-list configuration to open the configuration interface. It sets up an IPv6 name access list and allows you to add an access rule every time. • • IPv6 name access-list – Character string length is 1–32 Rule – Options include permit and deny

• Source address type – Options include Host-source (no need to type the prefix for IPv6 address), Any-source, and IPv6 source prefix (need to type the prefix for IPv6 address) • • IPv6 address – Type the IPv6 address and the prefix length for IPv6 address Operation – Select Add or Remove

active500EM Wired Web Interface User’s Manual 90

Example: Type the IPv6 name access list as ipv6Flow. Select the Rule as permit, the Source address type as IPv6 source prefix, the IPv6 address as 2003:1:2:3::1/64, and the Operation as Add, and then click Apply. The figure is as follows:

9.3 Attach IPv6 ACL to port
Click IPv6 ACL configuration -> Attach IPv6 ACL to port to open the configuration interface. Example: Select the Port as Ethernet1/0/1. Type the List name as 520. Select the ACL Attached Direction as in and the Operation type as Add, and then click Apply.

active500EM Wired Web Interface User’s Manual 91

Chapter 10: AM configuration
Pause the mouse pointer over AM configuration to display the sub-nodes. The figure is as follows:

10.1 AM global configuration
Pause the mouse pointer over AM configuration -> AM global configuration to display the sub-nodes. The figure is as follows:

10.1.1 Enable/disable AM
Pause the mouse pointer over AM configuration -> AM global configuration, and then click Enable/Disable AM to open the configuration interface. It enables/disables the AM global function. • AM status – Options include Enable and Disable Example: Select the AM status as Enable. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 92

10.2 AM port configuration
Pause the mouse pointer over AM configuration -> AM port configuration to display the sub-nodes. The figure is as follows:

10.2.1 Enable/disable AM port
Pause the mouse pointer over AM configuration -> AM port configuration, and then click Enable/Disable AM port to open the configuration interface. It enables/disables the AM port function. • • Port – Ethernet1/0/1 AM port status – Options include Enable and Disable

Example: Select the Port as Ethernet1/0/1 and the AM port status as Enable. Click Apply. The figure is as follows:

10.2.2 AM IP-pool configuration
Pause the mouse pointer over AM configuration -> AM port configuration, and then click AM IP-Pool configuration to open the configuration interface. It configures the port forwarding IP. • • • • Port – Ethernet1/0/1 IP address – Beginning address of a segment address in IP-pool Count – Number of consecutive addresses begin from IP address Operation – Select Add or Remove

active500EM Wired Web Interface User’s Manual 93

Example: Select the Port Ethernet1/0/1 of the switch to transmit ARP packets and IP packets. The IP packets’ source addresses are 30 consecutive IP addresses, which begin from IP address 192.168.1.1. Click Apply.

10.2.3 AM MAC-IP-pool configuration
Click AM configuration -> AM port configuration -> AM MAC-IP-Pool configuration to open the configuration interface. It configures the port forwarding MAC-IP. • • • • Port – Ethernet1/0/1-28 IP address – Source IP address MAC address – Source MAC address Operation – Select Add or Remove

Example: Select the Port Ethernet1/0/1 of the switch to allow data packets with a source MAC address of f8-f7-d3-00-03-f1 and a source IP address of 192.168.1.1 to be forwarded. Click Apply.

active500EM Wired Web Interface User’s Manual 94

10.3 Show AM port configuration
Pause the mouse pointer over AM configuration -> Show AM port configuration to display the sub-nodes. The figure is as follows:

10.3.1 Show AM port configuration
Click AM configuration -> Show AM port configuration -> Show AM port configuration to open the configuration interface. It displays the AM port information. • Port – Ethernet1/0/1-28 Example: Select the Port as Ethernet1/0/1, and then click Apply.

10.3.2 Clear port AM pool
Click AM configuration -> Show AM port configuration -> Clear port AM Pool to open the configuration interface. It clears all the MACIP-Pool or all the IP-Pool or both. • Operation – Options include all, ip-pool, and mac-ip-pool Example: Select the Operation as all to clear all the IP-Pool, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 95

Chapter 11: Port channel configuration
Pause the mouse pointer over Port channel configuration to display the sub-nodes. The LACP port group configuration interface is used to configure and display the group. The LACP port configuration interface is used to configure and display the group members. The figure is as follows:

11.1 LACP port group configuration
Click Port channel configuration -> LACP port group configuration to open the configuration interface. • • Group number – Ranges from 1 to 128 Load balance mode – Includes src-mac, dst-mac, dst-src-mac, src-ip, dst-ip, and dst-src-ip

Example: Type the Group number as 1 and the Load balance mode as src-mac, and then click Apply. The LACP port group configuration shows the configuration information:

active500EM Wired Web Interface User’s Manual 96

Chapter 12: DHCP configuration
Pause the mouse pointer over DHCP configuration to display the sub-nodes. The figure is as follows:

12.1 DHCP management
Pause the mouse pointer over DHCP configuration -> DHCP management to display the sub-nodes. The figure is as follows:

12.1.1 Enable DHCP
Pause the mouse pointer over DHCP configuration -> DHCP management, and then click Enable DHCP to open the configuration interface. It can open/close the DHCP server and logging for address conflicts. Example: Select Open for the DHCP server status and the Conflict logging status. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 97

12.2 DHCP server configuration
Pause the mouse pointer over DHCP configuration -> DHCP server configuration to display the sub-nodes. The figure is as follows:

12.2.1 Dynamic pool configuration
Pause the mouse pointer over DHCP configuration -> DHCP server configuration, and then click Dynamic pool configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 98

12.2.1.1 Dynamic address pool configuration
Pause the mouse pointer over DHCP configuration -> DHCP server configuration -> Dynamic pool configuration, and then click Dynamic address pool configuration to open the configuration interface. It can configure the dynamic address pool. DHCP client node type - b-node stands for broadcasting node; h-node for hybrid node that broadcasts after point-to-point communication; m-node for hybrid node to communicate in point-to-point after broadcast; p-node for point-to-point node. The controller configures DHCP for the subnet using the specific Network mask typed on this screen. This IP subnet can be subnetted down to a limited number of IPs, which becomes the range. For example, the IP address field value of 192.168.1.100 and a Network mask field value of 255.255.255.252 will set the IP address range to the two IPs of 192.168.1.101 and 192.168.1.102 for the devices. 192.168.1.100 is the network and 192.168.1.103 is the broadcast IP of this subnet, thereby configuring the range of the DHCP pool. This configuration allows the DHCP subnets and static IP subnets to be separate per the product design. Example: Select the DHCP pool name, and type the DHCP pool domain name. Type the Network mask as 255.255.255.0 and the IP address as 192.168.1.0. Select the DHCP client node type as b-node. Select the Address lease timeout as Infinite, select the Operation as Add, and then click Apply.

active500EM Wired Web Interface User’s Manual 99

12.2.1.2 Client’s default gateway configuration
Pause the mouse pointer over DHCP configuration -> DHCP server configuration -> Dynamic pool configuration, and then click Client’s default gateway configuration to open the configuration interface. It can configure the client’s default gateway. The IP address of default gateway(s) should be in the same subnet with the DHCP client IP; the switch supports the gateway addresses. The gateway address assigned first has the highest priority, and the priority of other gateway addresses will be receded in order. Example: Select 1 for the DHCP pool name. Type the default gateways as 192.168.1.2 and 192.168.1.100. Click Apply.

active500EM Wired Web Interface User’s Manual 100

12.2.1.3 Client DNS server configuration
Pause the mouse pointer over DHCP configuration -> DHCP server configuration -> Dynamic pool configuration, and then click Client DNS server configuration to type the configuration interface. It can configure the client DNS server. Up to eight DNS server addresses can be configured by the system. The DNS server address assigned first has the highest priority, and the priority of other DNS servers will be receded in order. Example: Select 1 for the DHCP pool name. Type 192.168.1.101 as the DNS server address for DHCP clients. Click Apply.

active500EM Wired Web Interface User’s Manual 101

12.2.1.4 Client WINS server configuration
Pause the mouse pointer over DHCP configuration -> DHCP server configuration -> Dynamic pool configuration, and then click Client WINS server configuration to open the configuration interface. It can configure the client WINS server. Up to eight WINS server addresses can be configured. The WINS server address assigned first has the highest priority. Therefore, address 1 has the highest priority, and address 2 the second. Example: Select 1 for the DHCP pool name. Type 192.168.1.10 for WINS server 0. Click Apply.

active500EM Wired Web Interface User’s Manual 102

12.2.1.5 DHCP file server address configuration
Click DHCP configuration -> DHCP server configuration -> Dynamic pool configuration -> DHCP file server address configuration to open the configuration interface. It can configure the bootfiles name for DHCP client and the server address to save the bootfiles. Example: Select 1 for the DHCP pool name. Type the DHCP client bootfile name as c:\temp\nos.img. The bootfile is saved in address 192.168.1.50. Click Apply.

active500EM Wired Web Interface User’s Manual 103

12.2.1.6 DHCP network parameter configuration
Click DHCP configuration -> DHCP server configuration -> Dynamic pool configuration -> DHCP network parameter configuration to open the configuration interface, so as to configure the specific network parameters. Example: Type the network parameter Code as 72 and select the DHCP address pool name 1. Select the Network parameter value type as IP ADDRESS. Type the Network parameter value as 192.168.1.150. Click Apply.

12.2.1.7 Excluded address configuration
Click DHCP configuration -> DHCP server configuration -> Dynamic pool configuration -> Excluded address configuration to open the configuration interface, so as to exclude the specific addresses from dynamic assignment. Example: Reserving addresses from 192.168.1.2 to 192.168.1.10 will not allow addresses in this range to be dynamically assigned. Click Apply.

active500EM Wired Web Interface User’s Manual 104

12.2.2 Manual DHCP IP pool configuration
Pause the mouse pointer over DHCP configuration -> DHCP server configuration -> Manual DHCP IP pool configuration to display the sub-nodes. The figure is as follows:

12.2.2.1 Static address pool configuration
Pause the mouse pointer over DHCP configuration -> DHCP server configuration -> Manual DHCP IP pool configuration, and then click Static address pool configuration to open the configuration interface. • Parameter choose – RFC is the specified hardware ARP type, ranging from 1 to 255. Ethernet is 10Mb Ethernet. ieee802 is IEEE802 net, and its default protocol type is Ethernet.

Example: When binding an address manually, enter the IP address 192.168.1.25, which binds the user whose Hardware address is 00-10-5a-60-af-12 and configures the User as network for the user whose Client identifier is 00-10-5a-60-af-12. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 105

12.2.3 Address pool name configuration
Pause the mouse pointer over DHCP configuration -> DHCP server configuration, and then click Address pool name configuration to open the configuration interface, so as to configure the DHCP address pool. Example: Type the DHCP pool name as 1, and then select Add pool for the Operation type. Click Apply.

active500EM Wired Web Interface User’s Manual 106

12.2.4 DHCP packet statistics
Pause the mouse pointer over DHCP configuration -> DHCP server configuration, and then click DHCP packet statistics to open the configuration interface. It can display the statistics information of various DHCP packets.

12.3 DHCP relay configuration
Pause the mouse pointer over DHCP configuration -> DHCP relay configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 107

12.3.1 DHCP relay configuration
Pause the mouse pointer over DHCP configuration, and then click DHCP relay configuration to open the configuration interface. Users can set DHCP relay to forward UDP broadcast packets on the port and specify the destination IP address for the DHCP relay to forward UDP packets. Example: Type the Range as 67, select the Operation as Add, and click Apply. Set DHCP packets to be forwarded to the IP address 192.168.1.5, select the L3 Interface as Vlan 1, Operation as Add, and click Apply. The figure is as follows:

12.4 DHCP debugging
Pause the mouse pointer over DHCP configuration -> DHCP debugging to display the sub-nodes. The figure is as follows:

12.4.1 Delete record
Pause the mouse pointer over DHCP configuration -> DHCP debugging -> Delete record to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 108

12.4.1.1 Delete binding log
Pause the mouse pointer over DHCP configuration -> DHCP debugging -> Delete record, and then click Delete binding log to enter the configuration interface, so as to delete the specific or all binding log. Example: Select Delete all binding log to delete the binding log of all IP addresses, which binds with the hardware address. Click Apply.

12.4.1.2 Delete conflict log
Pause the mouse pointer over DHCP configuration -> DHCP debugging -> Delete record, and then click Delete conflict log to open the configuration interface. It can delete the address that has a conflict log. Example: Select Delete conflict address area as Delete specify conflict log. The IP address 192.168.1.18 is identified with a conflict record. It deletes the record from the address conflict log. Click Apply.

12.4.1.3 Delete DHCP server statistics log
Pause the mouse pointer over DHCP configuration -> DHCP debugging -> Delete record, and then click Delete DHCP server statistics log to open the configuration interface, so as to delete DHCP server statistics log and clear the DHCP server counter. Example: Clear the DHCP statistics log. Click Apply.

active500EM Wired Web Interface User’s Manual 109

12.4.2 Show IP-MAC binding
Pause the mouse pointer over DHCP configuration -> DHCP debugging, and then click Show IP-MAC binding to open the configure interface. The IP-MAC binding information is displayed.

Example: The figure is as follows:

12.4.3 Show conflict-logging
Pause the mouse pointer over DHCP configuration -> DHCP debugging, and then click Show conflict-logging to open the configuration interface. It displays the log information for addresses that have conflict records.

Example: The figure is as follows:

active500EM Wired Web Interface User’s Manual 110

Chapter 13: DHCP snooping configuration
Pause the mouse pointer over DHCP Snooping configuration to display the sub-nodes. The figure is as follows:

13.1 DHCP snooping global configuration
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping global configuration to display the sub-nodes. The figure is as follows:

13.1.1 Enable/disable DHCP snooping
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping global configuration, and then click Enable/Disable DHCP Snooping to open the configuration interface. This configures the DHCP snooping status. Example: Select the DHCP Snooping status as Enable. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 111

13.1.2 DHCP snooping binding configuration
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping global configuration, and then click DHCP Snooping binding configuration to open the configuration interface. This configures the DHCP snooping binding status. Example: Select Enable for the DHCP Snooping binding status. Click Apply. The figure is as follows:

13.1.3 DHCP snooping binding user configuration
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping global configuration, and then click DHCP Snooping binding user configuration to open the configuration interface. This configures the DHCP snooping binding user. The figure is as follows:

active500EM Wired Web Interface User’s Manual 112

13.1.4 DHCP snooping action count configuration
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping global configuration, and then click DHCP Snooping action count configuration to open the configuration interface. This configures the number of defense actions on the port. Example: Type DHCP Snooping action count as 10, select the Operation as Add, and click Apply. The figure is as follows:

13.1.5 DHCP snooping limit-rate configuration
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping global configuration, and then click DHCP Snooping limit-rate configuration to open the configuration interface. This configures the DHCP message limit rate. Example: Type Packet per second as 100, select the Operation as Add, and click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 113

13.1.6 DHCP snooping helper-server configuration
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping global configuration, and then click DHCP Snooping helper-server configuration to open the configuration interface. It can configure the Helper-server address and UDP port. The figure is as follows:

13.2 DHCP snooping port configuration
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping port configuration to display the sub-nodes. The figure is as follows:

13.2.1 Enable/disable DHCP snooping binding dot1x
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping port configuration, and then click Enable/Disable DHCP Snooping binding dot1x to open the configuration interface. It can enable or disable DHCP snooping binding dot1x function. The figure is as follows:

active500EM Wired Web Interface User’s Manual 114

13.2.2 Enable/disable DHCP snooping binding user
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping port configuration, and then click Enable/Disable DHCP Snooping binding user to open the configuration interface. It can enable or disable DHCP snooping binding user function. The figure is as follows:

13.2.3 Enable/disable DHCP snooping trust
Click DHCP Snooping configuration -> DHCP Snooping port configuration, and then click Enable/ Disable DHCP Snooping trust to open the configuration interface. It can enable or disable the DHCP snooping trust attributes of a port. The figure is as follows:

13.2.4 DHCP snooping action configuration
Pause the mouse pointer over DHCP Snooping configuration -> DHCP Snooping port configuration, and then click DHCP Snooping action configuration to open the configuration interface. This adds or removes the automatic defense action of a port. The figure is as follows:

active500EM Wired Web Interface User’s Manual 115

13.3 Show DHCP snooping configuration
Pause the mouse pointer over DHCP Snooping configuration -> Show DHCP Snooping configuration to display the sub-nodes. The figure is as follows:

13.3.1 Show DHCP snooping configuration
Pause the mouse pointer over DHCP Snooping configuration -> Show DHCP Snooping configuration, and then click Show DHCP Snooping configuration to open the configuration interface. This shows the information for DHCP snooping configuration. Example: Select DHCP Snooping show object as Ethernet 1/0/1, and click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 116

Chapter 14: SNTP configuration
Pause the mouse pointer over SNTP configuration to display the sub-nodes. The figure is as follows:

14.1 SNTP server configuration
Pause the mouse pointer over SNTP configuration, and then click SNTP server configuration to configure the SNTP server address and version. Example: Type the Server address as 192.168.1.60, select the Version as 4, and the Operation as Add. Click Apply. This will show the present configuration and the server state of SNTP client. The figures are as follows:

active500EM Wired Web Interface User’s Manual 117

14.2 Request interval configuration
Pause the mouse pointer over SNTP configuration, and then click Request interval configuration to configure the interval of sending requests from SNTP client to NTP/SNTP server. Example: Type the Interval as 64, select the Operation as Configuration, and then click Apply. The figure is as follows:

14.3 Time difference configuration
Pause the mouse pointer over SNTP configuration, and then click Time difference configuration to configure the time difference between the SNTP client and UTC. • • • Time zone – The name of the time zone Time difference – Options include After-utc and Before-utc Time value – Ranges from 0 to 23, 0 to 59

Example: Type the time zone as Hawaii. Select Before-utc for the time difference. Type the Time value as 10, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 118

14.4 Show sntp
Click SNTP configuration -> Show sntp to show the SNTP configuration information. The figure is as follows:

active500EM Wired Web Interface User’s Manual 119

Chapter 15: NTP configuration
15.1 NTP global configuration
Pause the mouse pointer over NTP configuration -> NTP global configuration to display the sub-nodes. The figure is as follows:

15.1.1 NTP global switch configuration
Pause the mouse pointer over NTP configuration -> NTP global configuration, and then click NTP global switch configuration to open the NTP Global Switch Configuration page. Example: Enable the NTP global switch configuration by selecting Enable, and then click Apply.

active500EM Wired Web Interface User’s Manual 120

15.1.2 NTP server and version configuration
Pause the mouse pointer over NTP configuration -> NTP global configuration, and then click NTP server configuration to open the NTP Server and Version Configuration page. Example: Type the Server address as 192.168.1.10, the Version as 4, and the Key is 1. Select Add for Operation, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 121

15.1.3 NTP broadcast or multicast address count configuration
Pause the mouse pointer over NTP configuration -> NTP global configuration, and then click NTP broadcast or multicast address count configuration to configure the NTP broadcast or multicast address count. Example: Type the Address max count as 100, select the Operation as Add, and then click Apply.

15.1.4 NTP access group configuration
Pause the mouse pointer over NTP configuration -> NTP global configuration, and then click NTP access group configuration to configure the NTP access group. Example: Click ACL configuration -> numeric ACL -> standard numeric ACL -> IP standard ACL to globally configure an ACL 10, as follows:

active500EM Wired Web Interface User’s Manual 122

Click NTP configuration -> NTP global configuration -> NTP access group configuration to configure the NTP access group. Example: Type the Access list as 10, select the Operation as Add, and then click Apply.

15.1.5 NTP authenticate configuration
Pause the mouse pointer over NTP configuration -> NTP global configuration, and then click NTP authenticate configuration to configure the NTP authentication. Example: Select the NTP authenticate switch as Enable and the Key type as none. Select the Operation as Add, and then click Apply.

active500EM Wired Web Interface User’s Manual 123

15.2 NTP interface configuration
Pause the mouse pointer over NTP configuration -> NTP interface configuration to display the sub-nodes. The figure is as follows:

15.2.1 NTP interface switch configuration
Pause the mouse pointer over NTP configuration -> NTP interface configuration, and then click NTP interface switch configuration to open th configuration page. Example: Select the VLAN interface as Vlan1. Select Enable for the NTP interface configuration and broadcast for the NTP interface client, and then click Apply.

active500EM Wired Web Interface User’s Manual 124

15.3 NTP configuration display
Pause the mouse pointer over NTP configuration -> NTP configuration display to display the sub-nodes. The figure is as follows:

15.3.1 NTP status display
Pause the mouse pointer over NTP configuration -> NTP configuration display, and then click NTP status display to display the NTP status information.

active500EM Wired Web Interface User’s Manual 125

Chapter 16: QoS configuration
Pause the mouse pointer over QoS configuration to display the sub-nodes. The figure is as follows:

16.1 Class-map configuration
Pause the mouse pointer over QoS configuration -> Class-map configuration to display the sub-nodes. The figure is as follows:

16.1.1 Class-map configuration
Click QoS configuration -> QOS Class-map configuration -> class-map configuration to open the configuration interface. It can add or remove a class map. Example: Type the Class-map name as c1, and select the Operation as Add. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 126

16.1.2 Classification criteria configuration
Pause the mouse pointer over QoS configuration ->Class-map configuration, and then click Classification criteria configuration to open the configuration interface, so as to configure the match standard of the class map. Example: Select the Classification criteria rule as ip precedence and the Class-map name as c1. Type the IP precedence0 as 0. Click Apply.

16.2 Policy-map configuration
Pause the mouse pointer over QoS configuration -> QOS Policy-map configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 127

16.2.1 Policy-map configuration
Pause the mouse pointer over QoS configuration -> QOS Policy-map configuration, and then click Policy-map configuration to open the configuration interface. It can add or remove a policy map. Example: Type the Policy-map name as p1. Click Apply. The figure is as follows:

16.2.2 Class-map use to policy-map configuration
Pause the mouse pointer over QoS configuration -> QOS Policy-map configuration, and then click Class-map use to Policy-map configuration to open the configuration interface. It can configure the policy-map use to class map. Example: Select the Policy-map name as p1, the Class-map name as c1, and the Operation as Add, and click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 128

16.3 Apply QoS to port
Pause the mouse pointer over QoS configuration -> QoS port configuration to display the sub-nodes. The figure is as follows:

16.3.1 QOS port trust state configuration
Click QoS configuration -> QoS port configuration -> QoS Port trust state configuration to configure the trust mode of the port. • • • Port – The specific port Packet class rule – Options include COS and DSCP Operation – Select Add or Remove

Example: Select the Port as Ethernet1/0/1, the Packet class rule as COS, and the Operation as Add, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 129

16.3.2 QoS port cos parameters configuration
Pause the mouse pointer over QoS configuration -> QoS port configuration, and then click QoS port cos parameters configuration to configure the default CoS value of the port. The figure is as follows:

16.3.3 QoS port select queue schedule algorithm configuration
Pause the mouse pointer over QoS configuration -> QoS port configuration, and then click QoS port select queue schedule algorithm configuration to configure the queue schedule algorithm. The figure is as follows:

16.3.4 QoS port wrr algorithm queue weight configuration
Pause the mouse pointer over QoS configuration -> QoS port configuration QoS port wrr algoritham queue weight configuration to set the queue wrr weight of the port. • • Weight for queue 1–8 – WRR weight value, ranging from 0 to 15 Operation – Select Add or Remove

active500EM Wired Web Interface User’s Manual 130

Example: Type 1 for Weight1, 2 for Weight2, 3 for Weight3, 4 for Weight4, 5 for Weight5, 6 for Weight6, 7 for Weight7, and 8 for Weight8. Select the Operation as Add, and then click Apply. The figure is as follows:

16.3.5 QoS port wdrr algorithm queue weight configuration
Pause the mouse pointer over QoS configuration -> QoS port configuration and then click QoS port wdrr algorithm queue weight configuration to configure the queue weight options for WDRR algorithm. The figure is as follows:

active500EM Wired Web Interface User’s Manual 131

16.3.6 QoS port queue bandwidth configuration
Pause the mouse pointer over QoS configuration -> QoS port configuration, and then click QoS port queue bandwidth configuration to configure the minimum and maximum queue bandwidth options for the port. The figure is as follows:

16.3.7 QoS service policy configuration
Pause the mouse pointer over QoS configuration -> QoS port configuration, and then click QoS service policy configuration to add/ remove the policy map from the port. The figure is as follows:

active500EM Wired Web Interface User’s Manual 132

16.4 QoS policy-class-map configuration
Pause the mouse pointer over QoS configuration -> QoS policy-class-map configuration to display the sub-nodes. The figure is as follows:

16.4.1 Policy-class-map accounting configuration
Pause the mouse pointer over QoS configuration -> QoS policy-class-map configuration, and then click Policy-class-map accounting configuration to enable/disable the accounting function. The figure is as follows:

16.4.2 Aggregate policy configuration
Pause the mouse pointer over QoS configuration -> QoS policy-class-map configuration, and then click Aggregate policy configuration to add/remove the aggregate policy. The figure is as follows:

active500EM Wired Web Interface User’s Manual 133

16.4.3 Policy-class-map policy configuration
Pause the mouse pointer over QoS configuration -> QoS policy-class-map configuration, and then click Policy-class-map policy configuration to configure policy-class-map policy settings. The figure is as follows:

active500EM Wired Web Interface User’s Manual 134

16.4.4 Policy-class-map set configuration
Pause the mouse pointer over QoS configuration -> QoS policy-class-map configuration, and then click Policy-class-map set configuration to configure classification criteria rule for policy-class-map. The figure is as follows:

16.5 QoS mapping configuration
Pause the mouse pointer over QoS configuration -> QoS mapping configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 135

16.5.1 CoS-to-IntP mapping
Pause the mouse pointer over QoS Configuration -> QoS mapping configuration, and then click CoS-to-IntP mapping to set the priority mapping of QoS. The figure is as follows:

16.5.2 CoS-to-DP mapping
Pause the mouse pointer over QoS Configuration -> QoS mapping configuration, and then click CoS-to-DP mapping to set the priority mapping of QoS. The figure is as follows:

active500EM Wired Web Interface User’s Manual 136

16.5.3 DSCP-to-DSCP mapping
Pause the mouse pointer over QoS Configuration -> QoS mapping configuration, and then click DSCP-to-DSCP mapping to set the priority mapping of QoS. The figure is as follows:

active500EM Wired Web Interface User’s Manual 137

16.5.4 DSCP-to-IntP mapping
Pause the mouse pointer over QoS Configuration -> QoS mapping configuration, and then click DSCP-to-IntP mapping to set the priority mapping of QoS. The figure is as follows:

active500EM Wired Web Interface User’s Manual 138

16.5.5 DSCP-to-DP mapping
Pause the mouse pointer over QoS Configuration -> QoS mapping configuration and then click DSCP-to-DP mapping to set the priority mapping of QoS. The figure is as follows:

16.5.6 EXP-to-IntP mapping
Pause the mouse pointer over QoS Configuration -> QoS mapping configuration, and then click EXP-to-IntP mapping to set the priority mapping of QoS. The figure is as follows:

active500EM Wired Web Interface User’s Manual 139

16.5.7 EXP-to-DP mapping
Pause the mouse pointer over QoS Configuration -> QoS mapping configuration and then click EXP-to-DP mapping to set the priority mapping of QoS. The figure is as follows:

16.5.8 IntP-to-DSCP mapping
Pause the mouse pointer over QoS Configuration -> QoS mapping configuration, and then click IntP-to-DSCP mapping to set the priority mapping of QoS. The figure is as follows:

16.5.9 IntP-to-EXP mapping
Pause the mouse pointer over QoS Configuration -> QoS mapping configuration, and then click IntP-to-EXP mapping to set the priority mapping of QoS. The figure is as follows:

active500EM Wired Web Interface User’s Manual 140

16.6 QoS aggregate policy configuration
Pause the mouse pointer over QoS configuration and then click QoS aggregate policy configuration to open the configuration interface. It can configure the aggregate policy name, rate, normal burst, etc. The figure is as follows:

active500EM Wired Web Interface User’s Manual 141

16.7 QoS service policy configuration
Click QoS Configuration ->QoS service policy configuration to add/remove the policy map and VLAN association. The figure is as follows:

active500EM Wired Web Interface User’s Manual 142

Chapter 17: Layer3 forward configuration
Pause the mouse pointer over L3 forward configuration to display the sub-nodes. The figure is as follows:

17.1 IP route aggregate configuration
Pause the mouse pointer over L3 forward configuration -> IP route Aggregate configuration to display the sub-nodes. The figure is as follows:

17.1.1 Route aggregate configuration
Click L3 forward configuration -> IP route Aggregate configuration -> Route aggregate configuration to enable/disable the switch to use the optimized IP route aggregation algorithm. The figure is as follows:

active500EM Wired Web Interface User’s Manual 143

17.2 ARP configuration
Pause the mouse pointer over L3 forward configuration -> ARP configuration to display the sub-nodes. The figure is as follows:

17.2.1 ARP configuration
Click L3 forward configuration -> ARP configuration -> ARP configuration to configure the static ARP entries. The figure is as follows:

17.2.2 Clear ARP cache
Click L3 forward configuration -> ARP configuration -> Clear ARP cache, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 144

17.2.3 Show ARP
Click L3 forward configuration -> ARP configuration -> Show ARP to show the ARP mapping table. The figure is as follows:

17.2.4 Proxy ARP configuration
Click L3 forward configuration -> ARP configuration -> Proxy ARP configuration to enable/disable the proxy ARP for VLAN interface. The figure is as follows:

17.3 Gratuitous ARP configuration
Pause the mouse pointer over L3 forward configuration -> Gratuitous arp configuration to show the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 145

17.3.1 Gratuitous-ARP interval time configuration
Click L3 forward configuration -> Gratuitous arp configuration -> gratuitous-arp interval time configuration to enable/disable the gratuitous ARP function and configure gratuitous ARP interval time globally. Example: Type the interval time as 400, select the Operation as Add, and then click Apply. Gratuitous ARP is enabled in global configuration mode and the interval time is set at 400 seconds. The figure is as follows:

17.3.2 Interface gratuitous-ARP interval time configuration
Click L3 forward configuration -> Gratuitous arp configuration -> interface gratuitous-arp interval time configuration to configure the interface gratuitous-ARP interval time. Example: Select Vlan ID as 1. Type the interval time as 400. Select the Operation as Add, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 146

17.3.3 Show gratuitous-ARP configuration
Click L3 forward configuration -> Gratuitous arp configuration -> show gratuitous-arp configuration to check the configuration information of gratuitous-ARP function. The figures are as follows:

17.4 ARP protection configuration
Pause the mouse pointer over L3 forward configuration -> ARP protection configuration to show the sub-nodes. The figure is as follows:

17.4.1 ARP GUARD configuration
Click L3 forward configuration -> ARP protection configuration -> ARP GUARD configuration -> ARP GUARD configuration to add or remove an ARP GUARD address. The figure is as follows:

active500EM Wired Web Interface User’s Manual 147

17.4.2 ANTI-ARPSCAN configuration
For any configurations discussed in the following subsections, ANTI-ARPSCAN on-off status should be enabled as described in section 17.4.2.1. If ANTI-ARPSCAN on-off status is not enabled, the user may receive the message that “Global ANTI-ARPSCAN is disabled and the current configuration is invalid”. Pause the mouse pointer over L3 forward configuration -> ARP protection configuration -> ANTI-ARPSCAN configuration to show the sub-nodes. The figure is as follows:

17.4.2.1 ANTI-ARPSCAN on-off configuration
Click L3 forward configuration -> ARP protection configuration -> ANTI-ARPSCAN configuration -> ANTI-ARPSCAN on-off configuration to enable or disable ARP scanning prevention globally. The figure is as follows:

active500EM Wired Web Interface User’s Manual 148

17.4.2.2 ANTI-ARPSCAN port-cased threshold configuration
Click L3 forward configuration -> ARP protection configuration -> ANTI-ARPSCAN configuration -> ANTI-ARPSCAN port-based threshold configuration to set the threshold of receiving messages for the port-based ARP scanning prevention. If the rate of received ARP messages exceeds the threshold, the port will close. The unit is packet/second. The figure is as follows:

17.4.2.3 ANTI-ARPSCAN IP-based threshold configuration
Click L3 forward configuration -> ARP protection configuration -> ANTI-ARPSCAN configuration -> ANTI-ARPSCAN IP-based threshold configuration to set the threshold of receiving messages for the IP-based ARP scanning prevention. If the rate of received ARP messages exceeds the threshold, all ports of the switch will block the IP messages from this IP. The ports, which connect with this IP, will also block the ARP messages from this IP. The unit is packet/second. The figure is as follows:

active500EM Wired Web Interface User’s Manual 149

17.4.2.4 ANTI-ARPSCAN trust port configuration
Click L3 forward configuration -> ARP protection configuration -> ANTI-ARPSCAN configuration -> ANTI-ARPSCAN trust port configuration to configure any port as a trust-port or a supertrust-port. Example: Select the Port as Ethernet1/0/1 and the Port trust status as trust-port, and then click Apply. The figure is as follows:

17.4.2.5 ANTI-ARPSCAN trust IP configuration
Click L3 forward configuration -> ARP protection configuration -> ANTI-ARPSCAN configuration -> ANTI-ARPSCAN trust IP configuration to configure the trust IP. Example: Type the IP address as 100.1.1.10 and the Network mask as 255.255.255.0. Select the Operation as Add, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 150

17.4.2.6 ANTI-ARPSCAN recovery on-off configuration
Click L3 forward configuration -> ARP protection configuration -> ANTI-ARPSCAN configuration -> ANTI-ARPSCAN recovery on-off configuration to enable/ disable the auto recovery function. The figure is as follows:

17.4.2.7 ANTI-ARPSCAN recovery time configuration
Click L3 forward configuration -> ARP protection configuration -> ANTI-ARPSCAN configuration -> ANTI-ARPSCAN recovery time configuration to configure the auto recovery time. The figure is as follows:

active500EM Wired Web Interface User’s Manual 151

17.4.2.8 Show ANTI-ARPSCAN information
Click L3 forward configuration -> ARP protection configuration -> ANTI-ARPSCAN configuration -> Show ANTI-ARPSCAN information to check ARP scanning prevention running information. The figure is as follows:

active500EM Wired Web Interface User’s Manual 152

17.5 Show IP traffic
Click L3 forward configuration -> Show IP Traffic to show IP traffic information. The figure is as follows:

active500EM Wired Web Interface User’s Manual 153

Chapter 18: Route configuration
Pause the mouse pointer over Route configuration to display the sub-nodes. The figure is as follows:

18.1 Policy based routing
Pause the mouse pointer over Route configuration -> Policy based routing to display the sub- nodes. The figure is as follows:

18.1.1 Route map configuration
Pause the mouse pointer over Route configuration -> Policy based routing -> Route map configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 154

18.1.1.1 Route map configuration
Click Route configuration -> Policy based routing -> Route map configuration -> Route map Name to configure the route map name, match mode, and route map number. The figure is as follows:

18.1.1.2 Match
Click Route configuration -> Policy based routing -> Route map configuration -> Match to match the as-path, community, interface, IP, metric, origin, route-type, and tag. The figure is as follows:

active500EM Wired Web Interface User’s Manual 155

Match type: • • • • • • • • as-path (configure the AS path domain to match the BGP routing messages) community (configure the community attributes to match the BGP routing messages) interface (configure to match the interfaces) IP (configure the routing prefix or next-hop) metric (configure the metric value to match the routing messages) origin (configure the origin to match the BGP routing messages) route-type (configure the route type to match the OSPF routing messages) tag (configure the tag domain to match the OSPF routing messages)

18.1.1.3 Set
Click Route configuration -> Policy based routing -> Route map configuration -> Set to set the aggregator, as-path, and atomicaggregate. The figure is as follows:

active500EM Wired Web Interface User’s Manual 156

Set : • • • • • • • • • • • • • • • aggregator (assign an AS number for BGP aggregator) as-path (add AS numbers in the AS path domain of the BGP routing message) atomic-aggregate (configure the atomic aggregate attributes) comm-list (configure BGP to delete the community attributes from the inbound or outbound routing messages) community (configure the community attributes of the BGP routing message) extcommunity (configure the extended community attributes of the BGP routing messages) nexthop (configure the next-hop of the route) local-preference (configure the local priority of BGP route) metric (configure the metric value of the route) metric-type (configure the metric type of the OSPF routing messages) origin (configure the origin code of the BGP routing messages) originator-id (configure the origin IP address of the BGP routing messages) tag (configure the tag domain of OSPF routing messages) vpnv4 (configure the next-hop of BGP VPNv4 routing messages) weight (configure the weight value of BGP routing messages)

18.1.1.4 Show route map
Click Route configuration -> Policy based routing -> Route map configuration -> Show route map to show the route map. The figure is as follows:

active500EM Wired Web Interface User’s Manual 157

18.1.2 IP prefix configuration
Pause the mouse pointer over Route configuration -> Policy based routing -> IP Prefix configuration to display the sub-nodes. The figure is as follows:

18.1.2.1 IP prefix list
Click Route configuration -> Policy based routing -> IP Prefix configuration -> IP prefix list to configure the IP prefix name, number, mode, and address. The figure is as follows:

active500EM Wired Web Interface User’s Manual 158

18.1.2.2 IP prefix description
Click Route configuration -> Policy based routing -> IP Prefix configuration -> IP prefix description to configure the description of the prefix list. The figure is as follows:

18.1.2.3 Show IP prefix-list
Click Route configuration -> Policy based routing -> IP Prefix configuration -> Show ip prefix-list to show IP prefix-list information. The figure is as follows:

18.2 Static route configuration
Pause the mouse pointer over Route configuration -> Static route configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 159

18.2.1 Static route configuration
Click Route configuration -> Static route configuration -> Static route configuration to configure the Destination IP address, Network mask or prefix-length, and Nexthop or Interface null0. The figure is as follows:

18.3 RIP configuration
Pause the mouse pointer over Route configuration -> RIP configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 160

18.3.1 Enable RIP
Click Route configuration -> RIP configuration -> Enable RIP to enable/disable RIP. The figure is as follows:

18.3.2 Clear IP route configuration
Click Route configuration -> RIP configuration -> Clear IP Route configuration to clear the specific route configuration. The figure is as follows:

Route class: • • • • • • • • • ip-address: clear the routes which match the destination address from the RIP route tables kernel: delete kernel routes from the RIP route table static: delete static routes from the RIP route table connected: delete direct routes from the RIP route table rip: only delete RIP routes from the RIP route table ospf: only delete OSPF routes from the RIP route table isis: only delete ISIS routes from the RIP route table bgp: only delete BGP routes from the RIP route table all: delete all routes from the RIP route table

active500EM Wired Web Interface User’s Manual 161

18.3.3 Default configuration
Click Route configuration -> RIP configuration -> Default configuration to configure some default values. 1. Select the Operation as Add to allow the network 0.0.0.0 to be redistributed into the RIP. Click Apply. The figure is as follows:

2. Set the Default metric value of the introduced route. The figure is as follows:

18.3.4 Distance configuration
Click Route configuration -> RIP configuration -> Distance configuration to configure the distance. The figure is as follows:

active500EM Wired Web Interface User’s Manual 162

18.3.5 Distribute-list configuration
Click Route configuration -> RIP configuration -> Distribute-list configuration to use access-list or prefix-list to filter the update the route packets. The figure is as follows:

18.3.6 Interface RIP configuration
Click Route configuration -> RIP configuration -> Interface RIP configuration to specify RIP configuration of the interface. The figure is as follows:

Command: • • ip rip authentication key-chain: enable RIPV2 authentication on an interface and further configure the adopted key chain ip rip authentication mode: configure the authentication mode

active500EM Wired Web Interface User’s Manual 163

• • • • • • •

ip rip authentication string: set the password used in RIP authentication ip rip authentication cisco-compatible: after configuring this command, the Cisco RIP packets will be receivable by configuring the plaintext authentication or MD5 authentication no ip rip receive-packet: set the interface to be able to receive RIP packets ip rip receive version: set the version information of the RIP packets the interface receives no ip rip send-packet: set the interface to be unable to receive the RIP packets ip rip send version: set the version information of the RIP packets the interface receives ip rip split-horizon: enable split horizon

18.3.7 Key or key-chain configuration
Click Route configuration -> RIP configuration -> Key or key-chain configuration to add/delete keys, key-chains, and key-strings. 1. Enter a Key chain management mode and configure a key chain. The figure is as follows:

2. Add or delete keys in Key management. The figure is as follows:

active500EM Wired Web Interface User’s Manual 164

3. Configure a Key string corresponding to a key. The figure is as follows:

18.3.8 Send-lifetime configuration
Click Route configuration -> RIP configuration -> Send-LifeTime configuration to configure the send-lifetime of a key in key chain. The figure is as follows:

active500EM Wired Web Interface User’s Manual 165

18.3.9 Accept-lifetime configuration
Click Route configuration -> RIP configuration -> Accept-LifeTime configuration to configure the accept-lifetime of a key in key chain. The figure is as follows:

18.3.10 RIP maximum-prefix
Click Route configuration -> RIP configuration -> RIP maximum-prefix to configure the maximum number of RIP routes in the route table. The figure is as follows:

active500EM Wired Web Interface User’s Manual 166

18.3.11 Neighbor configuration
Click Route configuration -> RIP configuration -> Neighbor configuration to specify the neighbor address. The figure is as follows:

18.3.12 Network configuration
Click Route configuration -> RIP configuration -> Network configuration to configure the RIP protocol network. The figure is as follows:

18.3.13 Offset-list configuration
Click Route configuration -> RIP configuration -> Offset-list configuration to add an offset value to the metric value of the routes learned by RIP. The figure is as follows:

active500EM Wired Web Interface User’s Manual 167

18.3.14 Passive interface configuration
Click Route configuration -> RIP configuration -> Passive interface configuration to set the desired interface to passive interface configuration. This sets this particular interface not to send RIP updates, but it can still receive updates from its neighbors. These RIP broadcast packets are sent between RIP configured Layer 3 neighboring switches that inform each other of subsequent route changes in the network. The figure is as follows:

18.3.15 Receive buffer size configuration
Click Route configuration -> RIP configuration -> Receive buffer size configuration to configure the UDP Receive buffer size of RIP. The figure is as follows:

18.3.16 Redistribute route configuration
Click Route configuration -> RIP configuration -> Redistribute route configuration to introduce the routes learned from other routing protocols into RIP. The figure is as follows:

active500EM Wired Web Interface User’s Manual 168

18.3.17 RIP route configuration
Click Route configuration -> RIP configuration -> RIP Route configuration to configure a static RIP route. The figure is as follows:

18.3.18 RIP timer configuration
Click Route configuration -> RIP configuration -> RIP timer configuration to adjust the RIP Update time, Invalid time, and Garbage time. The figure is as follows:

18.3.19 Version configuration
Click Route configuration -> RIP configuration -> Version configuration to configure the version of all RIP data packets sent/received by router interfaces. Sent and received data packet is version 1 by default. The figure is as follows:

active500EM Wired Web Interface User’s Manual 169

18.4 OSPF configuration
Pause the mouse pointer over Route configuration -> OSPF configuration to display the sub-nodes. The figure is as follows:

18.4.1 OSPF enable
Pause the mouse pointer over Route configuration -> OSPF configuration -> OSPF enable to display the sub-nodes. The figure is as follows:

18.4.1.1 OSPF enable
Click Route configuration -> OSPF configuration -> OSPF enable -> OSPF enable to enable/disable OSPF. The figure is as follows:

active500EM Wired Web Interface User’s Manual 170

18.4.1.2 OSPF area configuration for port (must)
Click Route configuration -> OSPF configuration -> OSPF enable -> OSPF area configuration for port (must) to enable the OSPF routing function on the interface that, along with the IP address, matches the network address. When a certain segment belongs to a certain area, segment interfaces belong to this area, initiating hello and database interaction with the connected neighbor. The figure is as follows:

18.4.1.3 Router-ID configuration (optional)
Click Route configuration -> OSPF configuration -> OSPF enable -> Router-ID configuration (optional) to configure a router ID for the OSPF process. The figure is as follows:

active500EM Wired Web Interface User’s Manual 171

18.4.1.4 Don’t send the hello packet on passive-interface
Click Route configuration -> OSPF configuration -> OSPF enable -> Don’t send the hello packet on passive-interface to configure the hello group not to be sent on specific interfaces. The figure is as follows:

18.4.2 OSPF area configuration
Pause the mouse pointer over Route configuration -> OSPF configuration -> OSPF area configuration to display the sub-nodes. The figure is as follows:

18.4.2.1 OSPF area configuration
Click Route configuration -> OSPF configuration -> OSPF area configuration -> OSPF area configuration to configure the authentication mode of the OSPF area and the cost of the default summary route. The figure is as follows:

active500EM Wired Web Interface User’s Manual 172

Operation type: • • • • • • • authentication: configure the authentication mode of the OSPF area default-cost: configure the cost of the default summary route filter-list: configure the filter of broadcasting summary routing on the ABR nssa: set the area to be Not-So-Stubby-Area (NSSA) area range: aggregate the OSPF route on the area border stub: define a stub area virtual-link: configure a logical link between two backbone areas physically divided by a non-backbone area

18.4.3 OSPF interface configuration
Pause the mouse pointer over Route configuration -> OSPF configuration -> OSPF interface configuration to display the sub-nodes. The figure is as follows:

18.4.3.1 OSPF interface configuration
Click Route configuration -> OSPF configuration -> OSPF interface configuration -> OSPF interface configuration to specify the authentication mode and authentication key required in sending and receiving OSPF packets on the interfaces. The figure is as follows:

active500EM Wired Web Interface User’s Manual 173

Operation type: • • • • • • • • • • • • authentication: specify the authentication mode required to send and receive OSPF packets on the interfaces authentication-key: specify the authentication key required to send and receive OSPF packet on the interfaces cost: specify the cost required to run OSPF protocol on the interfaces database-filter: open the LSA database filter switch on specific interface dead-interval: specify the dead interval for neighboring Layer 3 switch disable: stop the OSPF group process on the interface hello-interval: specify the hello-interval on the interface message-digest-key: specify the key ID and value of MD5 authentication on the interface mtu: specify the mtu value of the interface as the OSPF group structure mtu-ignore: use this command to ignore the mtu size when switching DD network: configure the OSPF network type of the interface priority: configure the priority when electing “Defined layer 3 switch” at the interface

• retransmit-interval: specify the retransmit interval of link state announcements between the interface and adjacent layer 3 switches • transmit-delay: set the transmit delay value of LSA transmission

18.4.4 Other parameters configuration
Pause the mouse pointer over Route configuration -> OSPF configuration -> Other parameters configuration to display the subnodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 174

18.4.4.1 Other configuration
Click Route configuration -> OSPF configuration -> Other parameters configuration -> Other Configuration to designate how OSPF calculates the default metric value, configures to rfc1583 compatible, and creates a default external route to OSPF route area. The figure is as follows:

Operation type: • • • • • • • • • auto-cost: set the way in which OSPF calculates the default metric value compatible: configure to rfc1583 compatible default-information: create a default external route to the OSPF route area default-metric: set the default metric value of the OSPF routing protocol distance: configure the OSPF manage distance base on route type distribute-list: filter the network in the routing update host: set a stub host to belong to a certain area max-concurrent-dd: set the maximum concurrent number of dd in the OSPF process neighbor: configure the OSPF router connecting the NBMA network

active500EM Wired Web Interface User’s Manual 175

• • • • • • •

abr- type: configure a OSPF ABR type database: configure the max LSA number database-external: configure the size of external link database and the waiting time before the route exits the overflow state passive-interface: configure the hello group so that it is not sent on specific interfaces redistribute: introduce the route learned from other routing protocols into OSPF summary-address: summarize or restrain the external route with a specific address scope timers-spf: adjust the value of the route calculating timer

18.4.4.2 Clear process
Click Route configuration -> OSPF configuration -> Other parameters configuration -> Clear process to clear and restart OSPF routing processes. One certain OSPF process will be cleared by specifying the process ID. Otherwise, all OSPF processes will be cleared. The figure is as follows:

active500EM Wired Web Interface User’s Manual 176

18.7 Show IP route
Click Route configuration -> Show IP route to show the route table. The figure is as follows:

Parameter choose: • • • • • • • • • • • destination: the destination network address prefix: the destination network address, plus the prefix length database: the route database connected: the direct route static: the static route rip: the RIP route ospf: the OSPF route bgp: the BGP route isis: the ISIS route kernel: the kernel route statistics: the number of routes

active500EM Wired Web Interface User’s Manual 177

Chapter 19: IPv6 route configuration
Pause the mouse pointer over IPv6 Route configuration to display the sub-nodes. The figure is as follows:

19.1 IPv6 configuration
Pause the mouse pointer over IPv6 Route configuration -> IPv6 configuration to display the sub-nodes. The figure is as follows:

19.1.1 IPv6 basic configuration
Click IPv6 Route configuration -> IPv6 configuration -> IPv6 basic configuration to enable functions such as Unicast IPv6 Data Packet Transmit, Neighbor Discovery, and Router Advertisement and Routing Protocol. The figure is as follows:

active500EM Wired Web Interface User’s Manual 178

19.1.2 IPv6 ND configuration
Click IPv6 Route configuration -> IPv6 configuration -> IPv6 ND configuration to set the number of neighbor requests when detecting duplicated addresses and to set the time interval of neighbor requests. The figure is as follows:

Command: • • • • • • • • • dad attempts: set the number of neighbor requests when detecting duplicated address ns-interval: set the time interval of neighbor requests supress-ra: suppress the router advertisement ra-lifetime: configure the router advertisement lifetime min-ra-interval: set the minimum time interval max-ra-interval: set the maximum time interval prefix: configure the address prefix and the correlative parameters used by router advertisement neighbor : set a static neighbor table clear IPv6 neighbors: clear the neighbor cache of IPv6

active500EM Wired Web Interface User’s Manual 179

19.1.3 IPv6 tunnel configuration
Click IPv6 Route configuration -> IPv6 configuration -> IPv6 tunnel configuration to create/delete tunnels and configure the IPv4 address of the tunnel source point. The figure is as follows:

Command: • • • • • • interface tunnel: create/delete tunnels tunnel source: configure the IPv4 address of tunnel source point tunnel destination: configure the IPv4 address of tunnel destination tunnel nexthop: configure the IPv4 address of tunnel nexthop tunnel mode: configure the tunnel mode tunnel address: configure the tunnel IP address

19.1.4 Show IPv6 neighbor
Click IPv6 Route configuration -> IPv6 configuration -> show IPv6 neighbor to show the neighbor table’s information. The figure is as follows:

active500EM Wired Web Interface User’s Manual 180

19.3 OSPFv3 configuration
Pause the mouse pointer over IPv6 Route configuration -> OSPFv3 configuration to display the sub-nodes. The figure is as follows:

19.3.1 OSPFv3 area configuration
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 area configuration to configure the cost of sending to the default summary route in the stub or NSSA area, aggregate the OSPF route on the area border, and define area stub area. The figure is as follows:

active500EM Wired Web Interface User’s Manual 181

Operation type: • • • • area default-cost: configure the cost of sending to the default summary route in the stub or NSSA area area range: aggregate the OSPF route on the area border area stub: define a stub area area virtual-link: configure a logical link between two backbone areas physically divided by a non-backbone area

19.3.2 OSPFv3 default-metric configuration
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 default-metric configuration to configure the OSPFv3 defaultmetric. The figure is as follows:

19.3.3 OSPFv3 max-concurrent-DD configuration
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 max-concurrent-dd configuration to configure the current dd max concurrent number in the OSPF processing with this command. The figure is as follows:

active500EM Wired Web Interface User’s Manual 182

19.3.4 OSPFv3 ABR type configuration
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 ABR type configuration to configure the current ABR max concurrent number in the OSPF processing with this command. The figure is as follows:

OSPFv3 ABR type: • • • cisco: identified by Cisco ABR ibm: realize by IBM ABR standard: realize with standard (RFC2328) ABR

19.3.5 OSPFv3 passive-interface
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 passive-interface to configure the hello group so that it is not sent on specific interfaces. The figure is as follows:

active500EM Wired Web Interface User’s Manual 183

19.3.6 OSPFv3 redistribute configuration
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 redistribute configuration to introduce the route learned from other routing protocols into OSPFv3. The figure is as follows:

OSPFv3 redistribute configuration: • • • • • • kernel: introduce from kernel route connected: introduce from direct route static: introduce from static route rip: introduce from the RIP route isis: introduce from ISIS route bgp: introduce from BGP route

19.3.7 OSPFv3 route ID configuration
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 route ID configuration to configure the router ID for OSPFv3 process. The figure is as follows:

active500EM Wired Web Interface User’s Manual 184

19.3.8 OSPFv3 route configuration
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 route configuration to start the OSPFv3 routing process and enter OSPFv3 mode for configuring the OSPFv3 routing process. The figure is as follows:

19.3.9 OSPFv3 timer configuration
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 timer configuration to adjust the route calculation timer value. The figure is as follows:

19.3.10 OSPFv3 IPv6 (no parameter) configuration
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 IPv6 (no parameter) configuration to change the display results of show IPv6 OSPF route command or restore to default display mode. The figure is as follows:

active500EM Wired Web Interface User’s Manual 185

19.3.11 OSPFv3 IPv6 (two parameter) configuration
Click IPv6 Route configuration -> OSPFv3 configuration -> OSPFv3 IPv6 (two parameter) configuration to specify the cost required to run the OSPF protocol on the interface and to specify the dead interval for a neighboring Layer 3 switch. The figure is as follows:

OSPFv3 Command select: • • • • • • ipv6 ospf cost: specify the cost required to run the OSPF protocol on the interface ipv6 ospf dead-interval: specify the dead interval for a neighboring Layer 3 switch ipv6 ospf hello-interval: specify the hello-interval on the interface ipv6 ospf priority: configure the priority when electing “Defined Layer 3 switch” at the interface ipv6 ospf retransmit-interval: specify the retransmit interval of link state announcements between the interface and adjacent layer 3 switches ipv6 ospf transmit-delay: configure the LSA sending delay time on the interface

active500EM Wired Web Interface User’s Manual 186

19.3.12 OSPFv3 IPv6 (multi parameter) configuration
Click IPv6 Route configuration-> OSPFv3 configuration-> OSPFv3 IPv6 (multi parameter) configuration to enable the OSPF route on the interface. The figure is as follows:

19.4 Show IPv6 route
Pause the mouse pointer over IPv6 Route configuration -> show IPv6 route to display the sub-nodes. The figure is as follows:

19.4.1 Show IPv6 route database
Click IPv6 Route configuration -> show IPv6 route -> show IPv6 route database to show the IPv6 route. The figure is as follows:

active500EM Wired Web Interface User’s Manual 187

19.4.2 Show IPv6 NSM route
Click IPv6 Route configuration -> show IPv6 route -> show IPv6 NSM route to show the IPv6 NSM route. The figure is as follows:

19.4.3 Show IPv6 FIB
Click IPv6 Route configuration -> show IPv6 route -> show IPv6 FIB to show the IPv6 FIB. The figure is as follows:

19.4.4 Show IPv6 route statistics
Click IPv6 Route configuration -> show IPv6 route -> show IPv6 route statistics to show the IPv6 route statistics. The figure is as follows:

active500EM Wired Web Interface User’s Manual 188

Chapter 20: Multicast protocol configuration
Pause the mouse pointer over Multicast protocol configuration to display the sub-nodes. The figure is as follows:

20.1 PIM configuration
Pause the mouse pointer over Multicast protocol configuration -> PIM configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 189

20.1.1 Multicast common configuration
Click Multicast protocol configuration -> PIM configuration -> Multicast common configuration to enable/disable PIM protocol globally. The figure is as follows:

20.1.2 Accept-register and JP-timer configuration
Click Multicast protocol configuration -> PIM configuration -> accept-register and JP-timer configuration to filter the specified multicast source and multicast address and to set the join/prune timer value. The figure is as follows:

20.1.3 RP-address configuration
Click Multicast protocol configuration -> PIM configuration -> RP-address configuration to configure the global static RP or static RP for a multicast address range. The figure is as follows:

active500EM Wired Web Interface User’s Manual 190

20.1.4 RP-reachability configuration
Click Multicast protocol configuration -> PIM configuration -> RP-reachability configuration to enable/disable the RP-reachability configuration during the DR registration process. The figure is as follows:

20.1.5 Limit and suppression configuration
Click Multicast protocol configuration -> PIM configuration -> limit and suppression configuration to configure the rate of DR when sending registration packets. Configure the Register suppression time. The figure is as follows:

20.1.6 Ignore RP-set-priority configuration
Click Multicast protocol configuration -> PIM configuration -> ignore RP-set-priority configuration. Use only the Hashing mechanism, and ignore the RP priority. The figure is as follows:

active500EM Wired Web Interface User’s Manual 191

20.1.7 Register checksum and KAT configuration
Click Multicast protocol configuration -> PIM configuration -> register checksum and kat configuration to use the entire packet length when calculating the register packet checksum specified by group-list and to configure the KAT (KeepAlive Timer) values on the RP (S, G) table. The figure is as follows:

20.1.8 Register-source configuration
Click Multicast protocol configuration -> PIM configuration -> register-source configuration to configure the source address for DR when sending registration packets to override the default source address. The default source address is typically an RPF neighbor, which is generated from the source host. The figure is as follows:

active500EM Wired Web Interface User’s Manual 192

20.1.9 BSR candidate configuration
Click Multicast protocol configuration -> PIM configuration -> BSR candidate configuration to configure the candidate BSR information for PIM-SM to compete the BSR router with another candidate BSR. The figure is as follows:

20.1.10 RP candidate configuration
Click Multicast protocol configuration -> PIM configuration -> RP candidate configuration to configure the candidate RP information for PIM-SM to compete the RP router with another candidate RP. The figure is as follows:

20.1.11 SSM configuration
Click Multicast protocol configuration -> PIM configuration -> ssm configuration to configure the PIM SSM multicast group address range. The figure is as follows:

active500EM Wired Web Interface User’s Manual 193

20.1.12 Port mode configuration
Click Multicast protocol configuration -> PIM configuration -> port mode configuration to enable PIM-DM protocol or PIM-SM protocol or to disable PIM-SM (i.e., PIM-SM does not send or receive any package) on the interface, in order to enable IGMP (i.e., receive and send IGMP packets). The figure is as follows:

20.1.13 Hello interval and holdtime configuration
Click Multicast protocol configuration -> PIM configuration -> hello interval and holdtime configuration to configure the time interval for hello packets and the holdtime value in hello messages. The holdtime value is used to describe the neighbor timeout. If a neighbor’s hello packet is not received within that time, remove this neighbor’s record. The figure is as follows:

active500EM Wired Web Interface User’s Manual 194

20.1.14 DR-priority and neighbor-filter configuration
Click Multicast protocol configuration -> PIM configuration -> DR-priority and neighbor-filter configuration to configure, cancel, or change the DR priority value. Configure the neighbor’s access list. The figure is as follows:

20.1.15 Exclude-genid configuration
Click Multicast protocol configuration -> PIM configuration -> Exclude-genid configuration to set the hello packets (sent by PIM SM) to exclude genid options. The figure is as follows:

active500EM Wired Web Interface User’s Manual 195

20.2 PIM-DM configuration
Pause the mouse pointer over Multicast protocol configuration -> PIM-DM configuration to display the sub-nodes. The figure is as follows:

20.2.1 State-refresh interval configuration
Click Multicast protocol configuration -> PIM-DM configuration -> state-refresh interval configuration to configure the interval to send state-refresh packets in global mode. The figure is as follows:

20.3 DVMRP configuration
Pause the mouse pointer over Multicast protocol configuration -> DVMRP configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 196

20.3.1 Enable DVMRP
Click Multicast protocol configuration -> DVMRP configuration -> Enable DVMRP to enable/disable the DVMRP protocol globally. The figure is as follows:

20.3.2 Port enable DVMRP
Click Multicast protocol configuration -> DVMRP configuration -> PORT Enable DVMRP to enable/disable DVMRP protocol on the interface. The figure is as follows:

20.3.3 DVMRP report metric configuration
Click Multicast protocol configuration -> DVMRP configuration -> DVMRP report metric configuration to configure the interface DVMRP report metric value. The figure is as follows:

active500EM Wired Web Interface User’s Manual 197

20.3.4 Out put report delay
Click Multicast protocol configuration -> DVMRP configuration -> out put report delay to configure the delay of transmitting the DVMRP report on the interface and how many times it transmits. The figure is as follows:

20.3.5 DVMRP reject-non-pruners
Click Multicast protocol configuration -> DVMRP configuration -> DVMRP Reject-non-pruners to configure the interface rejects so as to set up a neighbor relationship with non-pruning/grafting DVMRP routers. The figure is as follows:

20.3.6 DVMRP runnel configuration
Click Multicast protocol configuration -> DVMRP configuration -> DVMRP tunnel configuration to configure a DVMRP tunnel. The figure is as follows:

active500EM Wired Web Interface User’s Manual 198

20.4 DCSCM configuration
Pause the mouse pointer over Multicast protocol configuration -> DCSCM configuration to display the sub-nodes. The figure is as follows:

20.4.1 DCSCM source-control enable/disable configuration
Click Multicast protocol configuration -> DCSCM configuration -> DCSCM Source- control enable/disable configuration to enable source control globally. The figure is as follows:

20.4.2 DCSCM destination-control enable/disable configuration
Click Multicast protocol configuration -> DCSCM configuration -> DCSCM destination- control enable/disable configuration to enable IPv4 and IPv6 destination controls globally. The figure is as follows:

active500EM Wired Web Interface User’s Manual 199

20.4.3 DCSCM source-control access-group configuration
Click Multicast protocol configuration -> DCSCM configuration -> DCSCM Source- control access-group configuration to configure the port’s source control access list. The figure is as follows:

20.4.4 DCSCM destination-control access-group configuration
Click Multicast protocol configuration -> DCSCM configuration -> DCSCM destination-control access-group configuration to configure the port’s destination control access list. The figure is as follows:

20.4.5 DCSCM destination-control access-group configuration (sip)
Click Multicast protocol configuration -> DCSCM configuration -> DCSCM destination-control access-group configuration (sip) to configure the destination control access list for the specified segment. The figure is as follows:

active500EM Wired Web Interface User’s Manual 200

20.4.6 DCSCM destination-control access-group configuration (vMAC)
Click Multicast protocol configuration -> DCSCM configuration -> DCSCM destination-control access-group configuration (vMAC) to configure the destination control access list for the specified VLAN-MAC. The figure is as follows:

20.4.7 Multicast policy configuration
Click Multicast protocol configuration -> DCSCM configuration -> Multicast policy configuration to configure the multicast policy. The figure is as follows:

active500EM Wired Web Interface User’s Manual 201

20.4.8 ACL multicast source control
Click Multicast protocol configuration -> DCSCM configuration -> ACL multicast source control to configure the source control access list and destination control access list. The figure is as follows:

20.5 IGMP configuration
Pause the mouse pointer over Multicast protocol configuration -> IGMP configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 202

20.5.1 Access-group and immediate-leave configuration
Click Multicast protocol configuration -> IGMP configuration -> Access-group and immediate leave configuration to configure the interface’s filtering conditions for the IGMP group. Configure the router so it does not send the query when IGMP is working in the immediate leave mode (i.e., the host computer sends a member qualification report) to the subnet, as there are no members in this group. The figure is as follows:

20.5.2 IGMP query-interval configuration
Click Multicast protocol configuration -> IGMP configuration -> IGMP query-interval configuration to configure the interval of IGMP query messages sent periodically. Configure the interval for the specified group query sent by this interface. The figure is as follows:

active500EM Wired Web Interface User’s Manual 203

20.5.3 Maximum response-time and timeout configuration
Click Multicast protocol configuration -> IGMP configuration -> Max response-time and timeout configuration to configure the timeout of the interface for the IGMP query. Configure the maximum response time for the IGMP query. The figure is as follows:

20.5.4 Limit and version configuration
Click Multicast protocol configuration -> IGMP configuration -> Limit and Version configuration to configure the IGMP version on the interface. Configure the number limit of the IGMP status. The figure is as follows:

active500EM Wired Web Interface User’s Manual 204

20.5.5 IGMP join group configuration
Click Multicast protocol configuration -> IGMP configuration -> IGMP Join Group configuration to configure the interface to join in some IGMP groups. The figure is as follows:

20.5.6 IGMP static group configuration
Click Multicast protocol configuration -> IGMP configuration -> IGMP Static Group configuration to configure the interface to join an IGMP static group. The figure is as follows:

active500EM Wired Web Interface User’s Manual 205

Chapter 21: IPv6 multicast protocol configuration
Pause the mouse pointer over IPv6 Multicast protocol configuration to display the sub-nodes. The figure is as follows:

21.1 IPv6 PIM configuration
Pause the mouse pointer over IPv6 Multicast protocol configuration -> IPv6 PIM configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 206

21.1.1 IPv6 multicast common configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 Multicast common configuration to enable/disable the IPv6 PIM protocol globally. The figure is as follows:

21.1.2 IPv6 accept-register and JP-timer configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 accept-register and JP-timer configuration to filter the specified multicast source and multicast address, which are set to join/prune timer value. The figure is as follows:

active500EM Wired Web Interface User’s Manual 207

21.1.3 IPv6 RP-address configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 RP-address configuration to configure the global static RP or static RP for a multicast address range. The figure is as follows:

21.1.4 IPv6 RP-reachability configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 RP-reachability configuration to enable/disable the RPreachability configuration during the DR register process. The figure is as follows:

21.1.5 IPv6 limit-and suppression configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 limit-suppression configuration to configure the rate of DR when sending registration packets. Configure the Register suppression time value. The figure is as follows:

active500EM Wired Web Interface User’s Manual 208

21.1.6 IPv6 ignore RP-set-priority configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 ignore RP- set-priority configuration. Use the Hashing mechanism, and ignore the RP priority. The figure is as follows:

21.1.7 IPv6 register checksum and KAT configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 register checksum and kat configuration to use the entire packet length when calculating the register packet checksum specified by group-list. Configure the KAT (KeepAlive Timer) values on the RP (S, G) table. The figure is as follows:

active500EM Wired Web Interface User’s Manual 209

21.1.8 IPv6 BSR candidate configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 BSR candidate configuration to configure the candidate BSR information for PIM-SM to compete the BSR router with other candidate BSR. The figure is as follows:

21.1.9 IPv6 RP candidate configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 RP candidate configuration to configure the candidate RP information for PIM-SM to compete the RP router with other candidate RP. The figure is as follows:

active500EM Wired Web Interface User’s Manual 210

21.1.10 IPv6 register-source configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 register- source configuration to configure the source address for DR when sending a registration packet. To override the default source address, the default source address is usually an RPF neighbor, which is generated from the source host. The figure is as follows:

21.1.11 IPv6 SSM configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 SSM configuration to configure the PIM SSM multicast group address range. The figure is as follows:

active500EM Wired Web Interface User’s Manual 211

21.1.12 IPv6 port mode configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 port mode configuration to enable the PIM-DM protocol or PIM-SM protocol or to disable PIM-SM (i.e., PIM-SM does not send or receive any package) on the interface to enable IGMP (i.e., receive and send IGMP packets). The figure is as follows:

21.1.13 IPv6 hello interval and holdtime configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 hello interval and holdtime configuration to configure the interval for hello packets and the holdtime value in hello messages. The holdtime value is used to describe the neighbor timeout. If the neighbor’s hello packet is not received within that time, remove this neighbor’s record. The figure is as follows:

active500EM Wired Web Interface User’s Manual 212

21.1.14 IPv6 DR-priority and neighbor-filter configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 DR-priority and neighbor-filter configuration to configure, cancel, or change the DR priority value. Configure the neighbor access list. The figure is as follows:

21.1.15 IPv6 dxclude-genid configuration
Click IPv6 multicast protocol configuration -> IPv6 PIM configuration -> IPv6 Exclude-genid configuration to set the hello packets (sent by PIM SM) to exclude genid options. The figure is as follows:

active500EM Wired Web Interface User’s Manual 213

21.2 PIM-DM6 configuration
Pause the mouse pointer over IPv6 multicast protocol configuration -> PIM-DM6 configuration to display the sub-nodes. The figure is as follows:

21.2.1 IPv6 state-refresh interval configuration
Click IPv6 multicast protocol configuration -> PIM-DM6 configuration -> IPv6 state- refresh interval configuration to configure the interval for sending state-refresh packets in global mode. The figure is as follows:

21.3 MLD configuration
Pause the mouse pointer over IPv6 multicast protocol configuration -> MLD configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 214

21.3.1 MLD access-group and immediate leave configuration
Click IPv6 multicast protocol configuration -> MLD configuration -> MLD access-group and immediate leave configuration to configure the filtering conditions of the interface for IGMP group. Configure the router so that it does not send the query when IGMP is working in the immediate leave mode (i.e., the host computer sends a member competence report), as there are no members in the group. The figure is as follows:

21.3.2 MLD query-interval configuration
Click IPv6 multicast protocol configuration -> MLD configuration -> MLD query-interval configuration to configure the interval of IGMP query messages sent periodically. Configure the interval for the specified group query sent by this interface. The figure is as follows:

active500EM Wired Web Interface User’s Manual 215

21.3.3 MLD max response-time and timeout configuration
Click IPv6 multicast protocol configuration -> MLD configuration -> MLD max response- time and timeout configuration to configure the timeout of the interface for the IGMP query. Configure the maximum response time for the IGMP query. The figure is as follows:

21.3.4 MLD limit and version configuration
Click IPv6 multicast protocol configuration -> MLD configuration -> MLD Limit and Version configuration to configure the IGMP version on the interface. Configure the number limit of the IGMP status in this interface. The figure is as follows:

active500EM Wired Web Interface User’s Manual 216

21.3.5 MLD join group configuration
Click IPv6 multicast protocol configuration -> MLD configuration -> MLD Join Group configuration to configure the interface so as to join in a multicast group. The figure is as follows:

21.3.6 MLD static group configuration
Click IPv6 multicast protocol configuration -> MLD configuration -> MLD Static Group configuration to configure an IGMP static group or static source in the interface. The figure is as follows:

active500EM Wired Web Interface User’s Manual 217

Chapter 22: VRRP configuration
Pause the mouse pointer over VRRP configuration to display the sub-nodes. The figure is as follows:

22.1 VRRP set
Pause the mouse pointer over VRRP configuration -> VRRP set to display the sub-nodes. The figure is as follows:

22.1.1 Create VRRP ID
Click VRRP configuration -> VRRP set -> Create VRRP ID to create or remove a virtual router. Example: Type the virtual router ID as 10, and then click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 218

22.1.2 VRRP virtual IP configuration
Click VRRP configuration -> VRRP set -> VRRP virtual IP configuration to add a dummy IP address to a standby cluster. The figure is as follows:

22.1.3 VRRP interface
Click VRRP configuration -> VRRP set -> VRRP interface to add a layer-three interface to a standby cluster. The figure is as follows:

22.1.4 VRRP enable
Click VRRP configuration -> VRRP set -> VRRP enable to enable the corresponding virtual router. The figure is as follows:

active500EM Wired Web Interface User’s Manual 219

22.1.5 VRRP preempt
Click VRRP configuration -> VRRP set -> VRRP preempt to select the VRRP preempt as true or false. The figure is as follows:

22.1.6 VRRP priority
Click VRRP configuration -> VRRP set -> VRRP priority to set the VRRP priority level. The figure is as follows:

22.1.7 VRRP interval
Click VRRP configuration -> VRRP set -> VRRP interval to set the VRRP time value, to adjust the Master to send VRRP packet intervals. The figure is as follows:

active500EM Wired Web Interface User’s Manual 220

22.1.8 VRRP circuit
Click VRRP configuration -> VRRP set -> VRRP circuit to set the VRRP interface monitor. The figure is as follows:

22.2 Show VRRP information
Click VRRP configuration -> show VRRP information to display the VRRP standby cluster status and the configuration information. The figure is as follows:

active500EM Wired Web Interface User’s Manual 221

Chapter 23: Spanning-tree configuration
For any configurations discussed in the following subsections, enable MSTP, Global MSTP and Port MSTP should be enabled as described in section 23.3.1. If MSTP, Global MSTP, and Port MSTP are not enabled, the user may receive the message that “MSTP, Global MSTP or Port MSTP need to first be enabled in order to perform the requested configuration”. Pause the mouse pointer over Spanning-tree configuration to process various configurations of spanning-tree.

23.1 Spanning-tree field configuration
Pause the mouse pointer over Spanning-tree configuration -> Spanning-tree field configuration to configure the sub-nodes in the spanning-tree field. The figure is as follows:

active500EM Wired Web Interface User’s Manual 222

23.1.1 Instance configuration
Click Spanning-tree configuration -> Spanning-tree field configuration -> Instance configuration to open the configuration interface, so as to create an instance, configure the mappings between VLANs and instances, or add the mapping between VLAN and the specific instance. Example: In the Instance name and VLAN name fields, type 1. Click Apply.

23.1.2 Field name configuration
Click Spanning-tree configuration -> Spanning-tree field configuration -> Field name configuration to open the configuration interface so as to configure the spanning-tree field name. Example: Type the Field name as mstp-test. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 223

23.1.3 Revision-level configuration
Click Spanning-tree configuration -> Spanning-tree field configuration -> Revision- level configuration to open the configuration interface. In MST region mode, the configuration is used to count the revision level of the MST label. Example: Type the Revision-level as 2000. Click Apply.

23.2 Spanning-tree port configuration
Pause the mouse pointer over Spanning-tree configuration -> Spanning-tree Port configuration to configure the sub-nodes in Spanning-tree Port Configuration. The figure is as follows:

23.2.1 PortFast configuration
Click Spanning-tree configuration -> Spanning-tree port configuration -> PortFast configuration to open the configuration interface. Configure the current port as a boundary port. Example: Select the Port as Ethernet1/0/1. The figure is as follows:

active500EM Wired Web Interface User’s Manual 224

23.2.2 Port priority configuration
Click Spanning-tree configuration -> Spanning-tree port configuration -> Port priority configuration to open the configuration interface and set the current port priority for the specified instance. Example: Select the Port as Ethernet1/0/1. Type the Instance name as 1. Type the Priority as 32. The figure is as follows:

23.2.3 Port cost configuration
Click Spanning-tree configuration -> Spanning-tree port configuration -> Port cost configuration to open the configuration interface and set the path cost of the current port in the specified instance. Example: Select the Port as Ethernet1/0/1. Type the Instance name as 2 and the Cost as 3000000.

active500EM Wired Web Interface User’s Manual 225

23.2.4 Spanning-tree port mode
Click Spanning-tree configuration -> Spanning-tree port configuration -> Spanning- tree port mode to force the port to run in the MSTP mode. Example: Select the Port as Ethernet1/0/1 to run in the MSTP mode.

23.2.5 Link-type configuration
Click Spanning-tree configuration -> Spanning-tree port configuration -> Link-type configuration to open the configuration interface and set the link type of the current port. Link-type: • • • auto: set auto-negotiation force-true: force the link as point-to-point type force-false: force the link as non point-to-point type

Example: Select force-true to force the Port Ethernet1/0/1 as point-to-point type. The figure is as follows:

active500EM Wired Web Interface User’s Manual 226

23.2.6 Spanning-tree agreement port configuration
Click Spanning-tree configuration -> Spanning-tree port configuration -> Spanning- tree agreement port configuration to open the configuration interface and enable spanning-tree in port configuration mode. Example: Select the Operation as Disable to disable the Port Ethernet1/0/1 in the enabled MSTP global configuration.

23.3 Spanning-tree global configuration
For any configurations discussed in the following subsections, Global Spanning tree, MSTP, Global MSTP and Port MSTP should be enabled as described in the following sections. If Global Spanning Tree, MSTP, Global MSTP, and Port MSTP are not enabled, the user may receive the message that “MSTP, Global MSTP, or Port MSTP need to first be enabled in order to perform the requested configuration”. Pause the mouse over Spanning-tree configuration -> Spanning-tree Global configuration to configure the sub-nodes in Spanningtree Global Configuration. The figure is as follows:

active500EM Wired Web Interface User’s Manual 227

23.3.1 Spanning-tree global agreement port configuration
Click Spanning-tree configuration -> Spanning-tree global configuration -> Spanning- tree global agreement port configuration to enable Spanning-tree in the global mode.

23.3.2 Forward-time configuration
Click Spanning-tree configuration -> Spanning-tree global configuration -> Forward- time configuration to open the configuration interface and set the switch forward-time delay. Example: In global mode, type the MSTP Forward-time as 20 (seconds).

23.3.3 Hello-time configuration
Click Spanning-tree configuration -> Spanning-tree global configuration -> Hello-time configuration to open the configuration interface and set the switch hello time. Example: In global mode, type the MSTP Bridge hello time as 5 (seconds).

active500EM Wired Web Interface User’s Manual 228

23.3.4 Max age time configuration
Click Spanning-tree configuration -> Spanning-tree global configuration -> Max age time configuration to open the configuration interface and set the maximum aging time for BPDU. Example: In global mode, type the Max age time as 25 (seconds).

23.3.5 Max hop time configuration
Click Spanning-tree configuration -> Spanning-tree global configuration -> Max hop time configuration to open the configuration interface and set the maximum BPDU hops in the spanning-tree field. Example: Type the Max hop time as 32.

active500EM Wired Web Interface User’s Manual 229

23.3.6 Spanning tree mode configuration
Click Spanning-tree configuration -> Spanning-tree global configuration -> Spanning tree mode configuration to open the configuration interface and set the switch’s running spanning-tree mode. Example: Select the running spanning tree Mode as Mstp.

23.3.7 Priority configuration
Click Spanning-tree configuration -> Spanning-tree global configuration ->Priority configuration to open the configuration interface and set the bridge priority for the specified instance. Example: Type the Instance name as 2 and the Priority as 4096.

23.4 Show spanning-tree
Pause the mouse over Spanning-tree configuration -> Show Spanning-tree to see the Spanning-tree Status and Configuration in place. Users can check the Instance information and Revision-Level information. The figure is as follows:

active500EM Wired Web Interface User’s Manual 230

23.4.1 Instance information
Click Spanning-tree configuration -> Show spanning-tree -> Instance information to open the configuration interface and show MSTP protocol and the instances information. Example: Type the Instance name as 0, and then click Apply. The figure is as follows:

23.4.2 Revision-level information
Click Spanning-tree configuration -> Show spanning-tree -> Revision-Level configuration to display the effective parameters configuration for the MSTP field. The figure is as follows:

active500EM Wired Web Interface User’s Manual 231

Chapter 24: Cluster basic configuration
For any configurations discussed in the following subsections, the Cluster Commander functions should be enabled as described in section 24.1. If these Cluster Commander functions are not enabled, the user may receive the message to “Start the commander first before continuing the requested configuration”. Pause the mouse pointer over Cluster basic configuration. The figure is as follows:

24.1 Cluster configuration
Click Cluster basic configuration -> Cluster configuration to open the configuration interface, so as to configure Cluster state, Cluster ip-pool, Cluster keepalive interval, Cluster commander, Cluster auto-add, Cluster keepalive losscount, etc. The figures are as follows:

active500EM Wired Web Interface User’s Manual 232

active500EM Wired Web Interface User’s Manual 233

24.2 Cluster candidate information
Click Cluster basic configuration -> Cluster candidate information to open the configuration interface and show Cluster candidate information. The figure is as follows:

24.3 Cluster member information
Click Cluster basic configuration -> Cluster member information to open the configuration interface and show Cluster member information. The figure is as follows:

24.4 Cluster member configuration
Click Cluster basic configuration -> Cluster member configuration to open the configuration interface in order to manually add the candidate switch to the cluster. The figure is as follows:

active500EM Wired Web Interface User’s Manual 234

24.5 Cluster member auto configuration
Click Cluster basic configuration -> Cluster member auto configuration to open the configuration interface and to convert auto-add members into user-config members. The figure is as follows:

24.6 Cluster member reset
Click Cluster basic configuration -> Cluster member reset to open the configuration interface and reset the member switch in the commander switch. The figure is as follows:

24.7 Cluster topology configuration
Click Cluster basic configuration -> Cluster topology configuration to open the configuration interface and display the cluster topology configuration. The figure is as follows:

active500EM Wired Web Interface User’s Manual 235

24.8 Cluster topology information
Click Cluster basic configuration -> Cluster topology information to open the configuration interface and show the cluster topology information. The figure is as follows:

active500EM Wired Web Interface User’s Manual 236

Chapter 25: MRPP configuration
For any configurations discussed in the following subsections, MRPP global switch configuration should be enabled as described in section 25.1.1. If MRPP global switch configuration is not enabled, the user may receive the message that “Global MRPP needs to first be enabled before performing the requested configuration”. Pause the mouse pointer over MRPP configuration to display the sub-nodes. The figure is as follows:

25.1 MRPP global configuration
Pause the mouse pointer over MRPP configuration -> MRPP global configuration to display the sub-nodes. The figure is as follows:

25.1.1 MRPP global switch configuration
Pause the mouse pointer over MRPP configuration -> MRPP global configuration, and then click MRPP global switch configuration to open the configuration page. Example: Enable the MRPP function by selecting Enable, and then click Apply.

active500EM Wired Web Interface User’s Manual 237

25.1.2 MRPP poll time configuration
Pause the mouse pointer over MRPP configuration -> MRPP global configuration, and then click MRPP poll time configuration to configure the MRPP poll time. Example: Type the MRPP poll time as 200, select the Operation as Configuration, and then click Apply.

25.1.3 MRPP domain ID configuration
Pause the mouse pointer over MRPP configuration -> MRPP global configuration, and then click MRPP domain id configuration to configure the MRPP domain ID value. Example: Type the MRPP domain as 12, select the Operation as Configuration, and then click Apply.

25.2 MRPP port configuration
Pause the mouse pointer over MRPP configuration -> MRPP port configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 238

25.2.1 MRPP port property configuration
Click MRPP configuration -> MRPP port configuration -> MRPP port property configuration to configure the MRPP port property. Example: Select the Port as Ethernet1/0/1, type the MRPP domain as 12, select primary for the MRPP port property, select the Operation as Configuration, and then click Apply.

25.3 MRPP domain configuration
Pause the mouse pointer over MRPP configuration -> MRPP domain configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 239

25.3.1 MRPP control VLAN configuration
Pause the mouse pointer over MRPP configuration -> MRPP domain configuration, and then click MRPP control vlan config to configure the MRPP control VLAN. Example: Select the MRPP domain as 12, type the VLAN ID as 1, select the Operation as Configuration, and then click Apply.

25.3.2 MRPP node mode configuration
Pause the mouse pointer over MRPP configuration -> MRPP domain configuration, and then click MRPP node mode config to configure the MRPP node mode. Example: Select the MRPP domain as 12 and the MRPP node mode as master, and then click Apply.

active500EM Wired Web Interface User’s Manual 240

25.3.3 MRPP hello timer configuration
Pause the mouse pointer over MRPP configuration -> MRPP domain configuration, and then click MRPP hello timer config to configure the range of the MRPP hello timer. Example: Select the MRPP domain as 12, type the MRPP hello timer range as 1, select the Operation as Configuration, and then click Apply.

25.3.4 MRPP fail timer configuration
Pause the mouse pointer over MRPP configuration -> MRPP domain configuration, and then click MRPP fail timer config to configure the range of the MRPP fail timer. Example: Select the MRPP domain as 12, type the MRPP fail timer range as 15, select the Operation as Configuration, and then click Apply.

active500EM Wired Web Interface User’s Manual 241

25.3.5 MRPP domain switch configuration
Pause the mouse pointer over MRPP configuration -> MRPP domain configuration, and then click MRPP domain switch config to configure the MRPP domain switch. Example: Select the MRPP domain as 12 and the Operation as Configuration, and then click Apply.

25.4 MRPP domain switch configuration
Pause the mouse pointer over MRPP configuration -> MRPP domain switch config to display all the nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 242

25.4.1 MRPP display
Pause the mouse pointer over MRPP configuration -> MRPP domain switch config, and then click MRPP display to configure it. Example: Select the MRPP domain as all, and then click Apply.

25.4.2 MRPP statistics display
Pause the mouse pointer over MRPP configuration -> MRPP domain switch config, and then click MRPP statistics display to configure it. Example: Select the MRPP domain as all, and then click Apply.

25.4.3 Clear MRPP statistics
Pause the mouse pointer over MRPP configuration -> MRPP domain switch config, and then click Clear MRPP statistics to clear it. Example: Select the MRPP domain as all, and then click Apply.

active500EM Wired Web Interface User’s Manual 243

Chapter 26: ULPP Configuration
Pause the mouse pointer over ULPP configuration to display the sub-nodes. The figure is as follows:

26.1 ULPP global configuration
Pause the mouse pointer over ULPP configuration -> ULPP global configuration to display the sub-nodes. The figure is as follows:

26.1.1 ULPP group configuration
Pause the mouse pointer over ULPP configuration -> ULPP global configuration, and then click ULPP group configuration to open the configuration page. Example: Type the ULPP group as 1, select the Operation as Configuration, and then click Apply.

active500EM Wired Web Interface User’s Manual 244

26.2 ULPP port configuration
Pause the mouse pointer over ULPP configuration -> ULPP global configuration, and then click ULPP port configuration to display the sub-nodes. The figure is as follows:

26.2.1 ULPP port property configuration
Pause the mouse pointer over ULPP configuration -> ULPP global configuration, and then click ULPP port property configuration to open the configuration page. Example: Select the port as Ethernet 1/0/1. Select the ULPP port flush mode as mac, and select the accompanying check box. Type the ULPP port control vlan as 1, and select the accompanying check box. Select the ULPP group as 1. Select the ULPP port mode as master, and select the accompanying check box. Select the Operation as Configuration, and then click Apply.

active500EM Wired Web Interface User’s Manual 245

26.3 ULPP group configuration
Pause the mouse pointer over ULPP configuration -> ULPP group configuration to display the sub-nodes. The figure is as follows:

26.3.1 ULPP group description configuration
Pause the mouse pointer over ULPP configuration -> ULPP global configuration, and then click ULPP group description configuration to open the configuration page. Example: Select the ULPP group as 1, type the ULPP group description as aaa, select the Operation as Configuration, and then click Apply.

active500EM Wired Web Interface User’s Manual 246

26.3.2 ULPP group property configuration
Pause the mouse pointer over ULPP configuration -> ULPP global configuration, and then click ULPP group property configuration to open the configuration page. Example: Select the ULPP group as 1. Select the ULPP group preemption mode as on, and select the accompanying check box. Type the ULPP group preemption delay as 5, and select the accompanying check box. Type the ULPP group control vlan as 1, and select the accompanying check box. Type the ULPP group protect vlan as 10, and select the accompanying check box. Select the ULPP group flush mode as mac, and select the accompanying check box. Select the Operation as Configuration, and then click Apply.

26.4 ULPP configuration display
Pause the mouse pointer over ULPP configuration -> ULPP configuration display to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 247

26.4.1 ULPP group configuration display
Pause the mouse pointer over ULPP configuration -> ULPP configuration display, and then click ULPP group configuration display to display the ULPP group configuration. Example: Select the ULPP group as all, and then click Apply.

26.4.2 ULPP port statistics display
Pause the mouse pointer over ULPP configuration -> ULPP configuration display, and then click ULPP port statistics display to display the ULPP port statistics. Example: Select the Port as Ethernet1/0/1, and then click Apply.

26.4.3 ULPP port property display
Pause the mouse pointer over ULPP configuration -> ULPP configuration display, and then click ULPP port property display to display the port property information.

active500EM Wired Web Interface User’s Manual 248

26.4.4 ULPP port statistics clear
Pause the mouse pointer over ULPP configuration -> ULPP configuration display, and then click ULPP port statistics clear to clear the ULPP port statistics information. Example: Select the Port as Ethernet1/0/1, and then click Apply.

active500EM Wired Web Interface User’s Manual 249

Chapter 27: ULSM configuration
Pause the mouse pointer over ULSM configuration to display the sub-nodes. The figure is as follows:

27.1 ULSM global configuration
Pause the mouse pointer over ULSM configuration -> ULSM global configuration to display the sub-nodes. The figure is as follows:

27.1.1 ULSM group configuration
Pause the mouse pointer over ULSM configuration -> ULSM global configuration, and then click ULSM group configuration to open the ULSM Group Configuration page. Example: Type the ULSM group as 1, select the Operation as Add, and then click Apply.

active500EM Wired Web Interface User’s Manual 250

27.2 ULSM port configuration
Pause the mouse pointer over ULSM configuration -> ULSM port configuration to display the sub-nodes. The figure is as follows:

27.2.1 ULSM port property configuration
Pause the mouse pointer over ULSM configuration -> ULSM port configuration, and then click ULSM port property configuration to open the configuration page. Example: Select the Port as Ethernet1/0/1. Select the ULSM group as 1, the ULSM port property as uplink, and the Operation as Configuration, and then click Apply.

27.3 ULSM configuration display
Pause the mouse pointer over ULSM configuration -> ULSM configuration display to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 251

27.3.1 ULSM display
Pause the mouse pointer over ULSM configuration -> ULSM configuration display, and then click ULSM display to display the ULSM information. Example: Select the ULSM group as all, and then click Apply.

active500EM Wired Web Interface User’s Manual 252

Chapter 28: Authentication configuration
Pause the mouse pointer over Authentication configuration to display the sub-nodes. The figure is as follows:

28.1 RADIUS client configuration
Pause the mouse pointer over Authentication configuration -> RADIUS client configuration to display the sub-nodes. The figure is as follows:

28.1.1 RADIUS global configuration
Click Authentication configuration -> RADIUS client configuration -> RADIUS global configuration to open the configuration interface, so as to set the RADIUS client operation and parameter configuration. • • • • • • • Authentication status – Options include Enable and Disable the AAA authentication function Accounting – Options include Enable and Disable the AAA accounting function RADIUS key operation – Options include Add and Remove RADIUS key – Between 1 and 64 characters System recovery time – Ranges from 1 to 255 RADIUS retransmit times – Ranges from 0 to 100 RADIUS server timeout – Range from 1 to 1000

active500EM Wired Web Interface User’s Manual 253

Example: Enable the AAA authentication status, disable the AAA accounting function, and set the RADIUS key as test. Click Apply. The figure is as follows:

28.1.2 RADIUS authentication configuration
Click Authentication configuration -> RADIUS client configuration -> RADIUS authentication configuration to open the configuration interface and to set the RADIUS authentication server IP address and port number. • • • • Authentication server IP – IPv4 address Authentication serverport (optional) – Ranges from 0 to 65535 Primary authentication server – Options include Primary authentication server and Non-primary authentication server Operation – Options include Add and Remove

Example: Type the RADIUS authentication server IP address as 192.168.1.200 and the port as 3000. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 254

28.1.3 RADIUS accounting configuration
Click Authentication configuration -> RADIUS client configuration -> RADIUS accounting configuration to open the configure interface and to configure the RADIUS accounting server IP address and port number. • • • • Accounting server IP – IPv4 address Accounting serverport (optional) – Ranges from 0 to 65535 Primary accounting server – Options include Primary accounting server and Non-primary accounting server Operation – Options include Add and Remove

Example: Type the Accounting server IP address as 192.168.1.200 and the port as 2000. Click Apply. The figure is as follows:

28.2 TACACS server configuration
Pause the mouse pointer over Authentication configuration -> TACACS server configuration to display the sub-nodes. The figure is as follows:

active500EM Wired Web Interface User’s Manual 255

28.2.1 TACACS global configuration
Click Authentication configuration -> TACACS server configuration -> TACACS global configuration to open the configuration interface and configure the TACSCS key string and TACACS server timeout. • • TACSCS key – Between 1 and 16 characters TACACS server timeout – Ranges from 1 to 60 seconds

Example: Type the TACACS key as test and the TACACS server timeout as 3, and click Apply. The figure is as follows:

28.2.2 TACACS server host configuration
Click Authentication configuration -> TACACS server configuration -> TACACS server host configuration to open the configuration interface and configure the IP address and the port number of the TACACS authentication server. • • • • Authentication server IP – IPV4 address Authentication server port (optional) – Ranges from 0 to 65535 Primary authentication server – Options include Primary authentication server and Non-primary authentication server Operation – Options include Add and Delete

Example: Type TACACS authentication server IP as 192.168.1.200 and the port (optional) as 3000. Select Primary authentication server. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 256

28.3 802.1x configuration
Pause the mouse pointer over Authentication configuration -> 802.1x configuration to display the sub-nodes. The figure is as follows:

28.3.1 802.1x global configuration
Click Authentication configuration -> 802.1x configuration -> 802.1x Global configuration to open the configuration interface, enable the 802.1x function, and configure the parameters. • • • • • • • • • • 802.1x status – Options include Enable and Disable Maximum retransmission times of EAP-request/identity – Ranges from 1 to 10 Reauthenticate client periodically – Options include Enable and Disable Holddown time for authentication failure – Ranges from 1 to 65535 Reauthenticate client interval – Ranges from1 to 65535 Resending EAP-request/identity interval – Ranges from 1 to 65535 EAP relay authentication mode – Options include Forbid and Permit Private Client - Options include Forbid and Permit MAC filtering – Options include Forbid and Permit 802.1x unicast – Options include Enable and Disable

Example: Disable the 802.1x status, type the Maximum retransmission times of EAP-request/identity as 2, and Disable the Reauthenticate client periodically function. Type the Holddown time for authentication failure as 10, the Reauthenticate client interval as 3600, and the Resending EAP-request/identity interval as 30. Forbid the EAP relay authentication function and MAC filtering function, and Disable the 802.1x unicast function. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 257

28.3.2 802.1x port authentication configuration
Click Authentication configuration -> 802.1x configuration -> 802.1x port authentication configuration to open the configuration interface, so as to enable the 802.1x port authentication function and configure the parameters. • • • • • • Port – Ethernet1/0/1 - 28 802.1X status – Options include Enable and Disable Authentication type – Options include auto (802.1x), force-unauthorized, and force-authorized Authentication mode – Options include Port-based and MAC-based Port maximum user – Ranges from 1 to 256 Guest VLAN ID – Ranges from 0 to 4094; 0 is default value

active500EM Wired Web Interface User’s Manual 258

Example: Disable the 802.1x status on Port Ethernet1/0/1, select the Authentication type as force-unauthorized and the Authentication mode as Port-based. Type the Port maximum user as 1, and then click Apply. The figure is as follows:

28.3.3 802.1x port MAC configuration
Click Authentication configuration -> 802.1x configuration -> 802.1x port MAC configuration to open the configuration interface, so as to add/delete the MAC filter entry. • • • Port – Ethernet1/0/1-28 MAC –Tthe MAC address to be added/deleted Operation – Options include Add MAC filter entry and Remove MAC filter entry

Example: Select Add MAC filter entry for the MAC address 00-00-01-00-02-03 on Ethernet1/0/1. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 259

28.3.4 802.1x port status list
Click Authentication configuration -> 802.1x configuration -> 802.1x port status list to open the configuration interface, so as to display the port status and enable the reauthentication function. • • • • • Port – Ethernet1/0/1 - 28 802.1X status – Options include Enable and Disable Authentication type – Display the authentication type Authentication status – Display the authentication status Authentication mode – Display the authentication mode

Example: Display the authentication status for Ethernet1/0/1. The figure is as follows:

active500EM Wired Web Interface User’s Manual 260

Chapter 29: DOS attack protection configuration
Pause the mouse pointer over DOS attack protection configuration to display the sub-nodes. The figure is as follows:

29.1 Source IP equal destination IP DOS attack protection configuration
Click DOS attack protection configuration -> Source IP equal destination IP DOS attack protection configuration to open the configuration interface and to enable/disable the source IP equals destination IP DOS attack protection function. • DOS attack protection status – Options include Enable and Disable Example: To drop the source IP equal destination IP packet, select Enable. Click Apply. The figure is as follows:

29.2 Source port equal destination port DOS attack protection configuration
Click DOS attack protection configuration -> Source port equal destination port DOS attack protection configuration to open the configuration interface and to enable/disable source port equal destination port DOS attack protection function. • DOS attack protection status – Options include Enable and Disable Example: Select the DOS attack protection status as Enable. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 261

29.3 TCP DOS attacks on invalid flags configuration
Click DOS attack protection configuration -> TCP DOS attacks on invalid flags configuration to open the configuration interface, so as to enable/disable the TCP DOS attack on invalid flags function. With this function enabled, the switch can drop the following four data packets, which contain unauthorized TCP label: SYN=1 while source port is smaller than 1024; TCP label positions are all 0 while it’s serial No.=0; FIN=1, URG=1, PSH=1 and the TCP serial No.=0;SYN=1 and FIN=1. This function can associate with dosattack-check ipv4first-fragment enable command. • DOS attack protection status – Options include Enable and Disable Example: Select the DOS attack protection status as Enable. Click Apply. The figure is as follows:

29.4 ICMP DOS attack protection configuration
Click DOS attack protection configuration -> ICMP DOS attack protection configuration to open the configuration interface, so as to enable/disable the ICMP DOS attack protection function. • DOS attack protection status – Options include Enable and Disable Example: Select the DOS attack protection status as Enable. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 262

29.5 ICMP packet-size configuration
Click DOS attack protection configuration -> ICMP packet-size configuration to open the configuration interface in order to configure the maximum length of the ICMPv4 data packet permitted by the switch. • Packet-size – Ranges from 64 to 1023 Example: Type the maximum length of the ICMPv4 data packet permitted by the switch to 100, and then click Apply. The figure is as follows:

29.6 First fragment IP packet DOS attack protection configuration
Click DOS attack protection configuration -> First fragment IP packet DOS attack protection configuration to open the configuration interface and enable the function that the switch checks IPv4’s first fragment packet. • DOS attack protection status – Options include Enable and Disable Example: Select DOS attack protection status as Enable, and click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 263

Chapter 30: SSL configuration
Secure Shell (SSH) connections use a trusted SSL certificate for user logon to the web GUI interfaces. Browsers, such as Internet Explorer®, Firefox®, Safari® and Chrome™, come preinstalled with a predetermined set of root certificates. These certificates serve as trusted third parties and work instantly to provide seamless usability. The activeARC® solution accepts root SSL certificates from all browsers for a secure and encrypted https login. Users are not allowed to introduce their own certificates, thereby reducing the risk of unauthorized system access. Pause the mouse pointer over SSL configuration to display the sub-nodes. The figure is as follows:

30.1 IP HTTP server configuration
Click SSL configuration -> IP HTTP server configuration to open the configuration interface, so as to enable/disable IP HTTP server function. • IP HTTP server status – Options include Enable and Disable Example: Select the IP HTTP server status as Enable. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 264

30.2 SSL global configuration
Click SSL configuration -> SSL global configuration to open the configuration interface and enable/disable SSL status. • SSL status – Options include Enable and Disable Example: Select the SSL status as Enable. Click Apply. The figure is as follows:

30.3 SSL server monitor port configuration
Click SSL configuration -> SSL server monitor port configuration to open the configuration interface, so as to configure the SSL server monitor port number. • • Port number – Ranges from 1025 to 65535; default value is 443 Operation – Options include Add and Remove

Example: Type the SSL server monitor port as 1500. Click Apply.

active500EM Wired Web Interface User’s Manual 265

30.4 SSL secure-ciphersuite configuration
Click SSL configuration -> SSL secure-ciphersuite configuration to open the configuration interface, so as to add/remove SSL secure-ciphersuite. • Secure-ciphersuite type – Options include des-cbc3-sha, rc4-128-sha,des-cbc-sha, and rc4-md5 Example: Select the SSL secure-ciphersuite type as des-cbc3-sha, and select the Operation as Add. Click Apply. The figure is as follows:

active500EM Wired Web Interface User’s Manual 266

Chapter 31: sFlow Configuration
Pause the mouse pointer over sFlow configuration to display the sub-nodes. The figure is as follows:

31.1 sFlow collector global address configuration
Pause the mouse pointer over sFlow configuration, and then click sFlow collector global address configuration to open the configuration page. Example: Type the IP address as 192.168.1.2 and the destination port NO. as 1025. Select the Operation as Configuration, and then click Apply.

active500EM Wired Web Interface User’s Manual 267

31.2 sFlow collector port address configuration
Pause the mouse pointer over sFlow configuration, and then click sFlow collector port address configuration to open the configuration page. Example: Select the Port as Ethernet1/0/1, type the IP address as 192.168.1.2 and the destination port NO. as 1025, select the Operation as Configuration, and then click Apply.

31.3 sFlow agent address configuration
Pause the mouse pointer over sFlow configuration, and then click sFlow agent address configuration to open the configuration page. Example: Type the IP address as 192.168.1.2, select the Operation as Configuration, and then click Apply.

active500EM Wired Web Interface User’s Manual 268

31.4 sFlow priority configuration
Pause the mouse pointer over sFlow configuration, and then click sFlow priority configuration to open the configuration page. Example: Type the agent priority value as 1, select the Operation as Configuration, and then click Apply.

31.5 sFlow header length configuration
Pause the mouse pointer over sFlow configuration, and then click sFlow header length configuration to open the configuration page. Example: Select the Port as Ethernet1/0/1, type the header length as 32, select the Operation as Configuration, and then click Apply.

active500EM Wired Web Interface User’s Manual 269

31.6 sFlow data length configuration
Pause the mouse pointer over sFlow configuration, and then click sFlow data length configuration to open the configuration page. Example: Select the Port as Ethernet1/0/1, type the data length as 500, select the Operation as Configuration, and then click Apply.

31.7 sFlow rate configuration
Pause the mouse pointer over sFlow configuration, and then click sFlow rate configuration to open the configuration page. Example: Select the Port as Ethernet1/0/1 and the direction as input. Type the rate value as 1000, select the Operation as Configuration, and then click Apply.

active500EM Wired Web Interface User’s Manual 270

31.8 sFlow counter interval configuration
Pause the mouse pointer over sFlow configuration, and then click sFlow counter interval configuration to open the configuration page. Example: Select the Port as Ethernet1/0/1, type the counter interval as 20, select the Operation as Configuration, and then click Apply.

31.9 sFlow analyzer configuration
Pause the mouse pointer over sFlow configuration, and then click sFlow analyzer configuration to open the configuration page. Example: Select the Operation as Configuration, and then click Apply.

active500EM Wired Web Interface User’s Manual 271

Chapter 32: IPv6 security ra configuration
Pause the mouse pointer over IPV6 security ra configuration to display the sub-nodes. The figure is as follows:

32.1 IPv6 security ra global configuration
Pause the mouse pointer over IPV6 security ra configuration, and then click IPv6 Security ra global configuration to open the configuration page. Example: Select Enable for the Operation, and then click Apply.

active500EM Wired Web Interface User’s Manual 272

32.2 IPv6 security ra port configuration
Pause the mouse pointer over IPV6 security ra configuration, and then click IPv6 security ra port configuration to open the configuration page. Example: Select the Port as Ethernet1/0/1 and the Operation as Enable, and then click Apply.

32.3 Show IPv6 security ra
Pause the mouse pointer over IPV6 security ra configuration, and then click show IPv6 security ra to open the configuration page. Example: Select the Port as ALL, and then click Apply.

active500EM Wired Web Interface User’s Manual 273

Glossary
ACL ANSI ASN.1 Access Control List; policies that determine which LAN endpoints can place and receive calls. American National Standards Institute; the primary organization for fostering the development of technology standards in the United States. Abstract Syntax Notation One; a language that defines the way data is sent across dissimilar communication systems. Ensures that the data received is the same as the data transmitted by providing a common syntax for specifying Application layer (program-to-program communications) protocols. Address Resolution Protocol; protocol to automatically map IP addresses to hardware MAC addresses. Command Line Interface; a user interface in which you type commands instead of choosing them from a menu or selecting an icon. Dynamic Host Configuration Protocol; a protocol that assigns unique IP addresses to devices, then releases and renews these addresses as devices leave and rejoin the network. Domain Name Server; a system for converting hostnames and domain names into IP addresses on the Internet or on local networks that use the TCP/IP protocol. A backup operation that automatically switches to a standby database, server, or network if the primary system fails or is temporarily shut down. For example, if the master active500EM goes down, a backup active500EM in the cluster mode will take over the functions of the unit that is no longer operational. Fiber Distributed Data Interface; a set of ANSI and ISO standards for data transmission on fiber optic lines in a local area network (LAN) that can extend in range up to 200 km (124 miles). Fully Qualified Domain Name; the portion of an Internet Uniform Resource Locator (URL) that fully identifies the server program that an Internet request is addressed to. Includes the second-level domain name (such as “whatis.com”) and any other levels (for example, “www.whatis.com” or “www1.somesite.com”). The prefix “http://” added to the fully-qualified domain name completes the URL. File Transfer Protocol; an application layer protocol that uses TCP to transfer data files between machines or hosts. Hypertext Transfer Protocol; protocol for transferring Web pages. HTTP over SSL; protocol enabling the secured transmission of Web pages. Internet Control Message Protocol; extension of the Internet Protocol (IP) used to generate message and control packets. Internet Key Exchange; an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access. Internet Protocol; a packet-based protocol for delivering data across networks. Internet Protocol Security; protocol used to secure traffic across an IP network. A worldwide federation of national standards bodies from some 100 countries, with one standards body representing each member country.

ARP CLI DHCP DNS Failover

FDDI FQDN

FTP HTTP HTTPS ICMP IKE IP IPsec ISO

active500EM Wired Web Interface User’s Manual 274

LAN

MAC MIB NAS NAT NTP OSPF PoE PPP QoS RADIUS RIP RTP SA SHA SNMP SNTP SSH

Local Area Network; a group of computers and associated devices that share a common communications line or wireless link. Typically, connected devices share the resources of a single processor or server within a small geographic area (for example, within an office building). Usually, the server has applications and data storage that are shared in common by multiple computer users. The network may serve as few as two or three users (for example, in a home network) or as many as thousands of users (for example, in an FDDI network). Media Access Control address; a unique numeric code that is permanently assigned to each unit of most types of networking hardware, such as access controllers, by the manufacturer at the factory. Management Information Base; a hierarchical database used by the simple network management protocol (SNMP) to describe the particular device being monitored. MIB objects are identified using ASN.1 syntax. Network Access Server; a gateway device that acts as the single point of access to a resource. The device references an authentication server to determine if access is granted. Network Address Translation or Network Address Translator; the translation of an Internet Protocol address (IP address) used within one network to a different IP address known within another network. Network Time Protocol; a networking protocol for clock synchronization between computer systems over packetswitched, variable-latency data networks. Open Shortest Path First; a protocol for exchanging routing information within a network. Power over Ethernet; a protocol to provide power to devices like IP cameras and wireless access points via an Ethernet connection. Point-to-point protocol; a computer network protocol used to transfer a datagram between two directly connected (point-to-point) computers. Quality of Service; techniques used to assure a given level of performance as measured by the transmission rate and error rates. Remote Authentication Dial-In User Service; a client/server protocol and software that enables remote authentication of users attempting to log in to the unit. Routing Information Protocol; protocol for exchanging routing information within a network. Real-Time Transfer Protocol; an Internet protocol standard that specifies a way for programs to manage the real-time transmission of multimedia data over either unicast or multicast network services. Security Association; used by IKE and IPsec to determine how data is encrypted, decrypted, and authenticated by the secure gateways. Secure Hash Algorithm (SHA); a standard algorithm that makes a larger (60-bit) message digest and is similar to MD4. Simple Network Management Protocol; protocol to monitor and control devices in a TCP/IP network. Simple Network Time Protocol; a simplified version of Network Time Protocol (NTP) that is used to synchronize computer clocks on a network. Secure Shell; a network protocol that allows data to be exchanged using a secure channel between two networked devices.

active500EM Wired Web Interface User’s Manual 275

SSL Stateful TCP Telnet TFTP UDP VLAN VoIP

VPN WAN Web Web browser

Secure Socket Layer; Secure Sockets Layer (SSL) is a commonly used protocol for managing the security of a message transmission on the Internet. Maintains the last known or current status of an application. Transmission Control Protocol; a set of rules (protocol) used along with the Internet Protocol (IP) to send data in the form of message units between computers over the Internet. Protocol that provides remote terminal connection service. Trivial File Transfer Protocol; a technology for transferring files between network devices. User Datagram Protocol; a communications protocol that offers a limited amount of service when messages are exchanged between computers in a network that uses Internet Protocol (IP). Virtual LAN; a logical subcomponent of a physical network. It functions as a separate network to isolate its traffic from the rest of the network. Voice over Internet Protocol; technology that allows telephone calls to be made over computer networks like the Internet. VoIP converts analog voice signals into digital data packets and supports real-time, two-way transmission of conversations using Internet Protocol (IP). Virtual Private Network; a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization’s network. Wide Area Network; communications network that uses such devices as telephone lines, satellite dishes, or radio waves to span a larger geographic area than can be covered by a LAN. Also known as the World Wide Web or www; the collection of sites accessible through the Internet. A client program that initiates requests to a Web server and displays the information that the server returns.

active500EM Wired Web Interface User’s Manual 276

www.att.com/activearc

© 2013 International Communications Corporation, Inc. All Rights Reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property licensed to lnternationaI Communications Corporation, Riverside, California. Printed in U.S.A. Issue 8.0 AT&T 9/19/13. activeARC is a registered trademark of International Communications Corporation,Inc. Acrobat Reader is a registered trademark of Adobe Systems, Inc. Mac OS is a registered trademark of Apple, Inc. Windows, Windows Server 2003, Windows Vista and Microsoft Internet Explorer are registered trademarks of Microsoft. All other trademarks are property of their respective owners. Test results and examples are subject to unique business conditions, client IT environment, ICC products deployed, and other factors. These results may not be typical; your results may vary.

active500EM Wired Web Interface User’s Manual 277

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close