Tripp Lite NGI-S16 Owner's Manual
  1. Manuals
  2. Brands
  3. Tripp Lite Manuals
  4. Network Router
  5. NGI-S16
  6. Owner's manual

Tripp Lite NGI-S16 Owner's Manual

16 10/100/1000base-t rj45 ports lite managed industrial ethernet switch
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual

Advertisement

Table of Contents
loading

Related Manuals for Tripp Lite NGI-S16

Summary of Contents for Tripp Lite NGI-S16

  • Page 2 COPYRIGHT All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, whether electronic, mechanical, photo copying, recording or otherwise, without the prior written permission of the publisher. FCC WARNING This equipment has been tested and found to comply with the limits for a class A device, pursuant to part 15 of FCC rules.
  • Page 3 An exposed wire lead from a DC-input power source can conduct harmful levels of electricity. Be sure that no exposed portion of the Warning DC-input power source wire extends from the terminal block plug. Ethernet cables must be shielded when used in a central office environment.
  • Page 4 When mounting this unit in a partially filled rack, load the rack from  the bottom to top with the heaviest component at bottom of the rack. If the rack is provided with stabilizing devices, install the stabilizers  before mounting or servicing the unit in the rack. This unit might have more than one power supply connection.

  • Page 5: Table Of Contents

    Table of Contents ABOUT THIS MANUAL ....................9 1.1........................9 ELCOME 1.1.......................... 9 URPOSE 1.2........................ 9 ERMS SAGE ABOUT THE SWITCH ....................10 2.1........................10 EATURES 2.2......................11 PECIFICATIONS HARDWARE DESCRIPTION ..................12 3.1........................ 12 ONNECTORS 3.2.
  • Page 6 4.5......................51 YSTEM ETTINGS 4.5.1....................... 51 YSTEM ETTINGS 4.5.1.1. CLI C ....................51 ONFIGURATION 4.5.1.2. TCP S ..................51 ODBUS ETTINGS 4.5.1.2.1. CLI C ................... 51 ONFIGURATION 4.5.1.3. IGMP S ..................... 52 NOOPING 4.5.1.3.1. CLI C ................... 52 ONFIGURATION 4.5.1.4.
  • Page 7 6.3.1. CLI C ....................93 ONFIGURATION 6.3.2....................94 ONFIGURATION 6.4......................95 ERVER ONTROL 6.4.1. CLI C ....................95 ONFIGURATION 6.4.2....................96 ONFIGURATION 6.5......................98 TORM ONTROL 6.5.1....................98 LARM HRESHOLD 6.5.1.1. CLI C ....................98 ONFIGURATION 6.5.1.2.
  • Page 8 8.1.4..................124 VENT ETTINGS 8.1.4.1. CLI C .................... 124 ONFIGURATION 8.1.4.2.................... 124 ONFIGURATION 8.1.5..................126 ECEIVER ETTINGS 8.1.5.1. CLI C .................... 126 ONFIGURATION 8.1.5.2.................... 126 ONFIGURATION 8.2. SNMP 3 ........................128 8.2.1. SNMP ...................... 128 ROUP 8.2.1.1.

  • Page 9: About This Manual

    This manual describes how to install and configure the Lite Managed Industrial PoE+ Ethernet Switch. 1.2. Terms/ Usage In this manual, the term “Switch” (first letter upper case) refers to the NGI-S16 Switch, and “switch” (first letter lower case) refers to other switches.

  • Page 10: About The Switch

    2. About the Switch 2.1. Features Configuration Security Wizard Setting 802.1X Radius Dashboard Setting PoE Setting Port Security Per port PoE function enable/disable Server Control PD Alive check Storm Control Power Delay VLAN Setting PoE Schedule Port Setting Diagnostic Loop Detection Alarm Information Port Priority Port Mirroring...

  • Page 11: Specifications

    2.2. Specifications IEEE Standards IEEE 802.3 10Base-T IEEE 802.3u 100Base-TX IEEE 802.3ab 1000Base-T IEEE 802.3x Flow Control IEEE 802.1p Class of Service, priority protocols IEEE 802.1ab Link Layer Discovery Protocol IEEE 802.3az EEE, Energy Efficient Ethernet IEEE 802.3 Nway Auto-negotiation Performance Switching fabric 32Gbps Non-blocking...

  • Page 12: Hardware Description

    3. Hardware Description NGI-S16 Front Panel 16 10/100/1000Base-T ports Lite-managed Industrial Gigabit Ethernet Switch. 3.1. Connectors The Switch utilizes copper port connectors functioning under Ethernet/Fast Ethernet/Gigabit Ethernet standards. 10/100/1000Base-T Ports The 10/100/1000Base-T ports support network speeds of 10Mbps, 100Mbps or 1000Mbps, and can operate in half- and full-duplex transfer modes.

  • Page 13: Nstallation

     Leave at least 10cm of space at the front and rear of the unit for ventilation. Attention: The NGI-S16 is an open type device and NGI-S16 shall be DIN-Rail mounted or wall mounted (optional) in cabinet or enclosure Hardware Installation ...
  • Page 14 Location: The NGI-S16 can be DIN-Rail-mounted in cabinet or enclosure. Mounting the switch Place the NGI-S16 on the DIN rail from above using the slot. Push the front of the switch toward the mounting surface until it snaps into place with a click sound.
  • Page 15 Attention A corrosion-free mounting rail is advisable. When installing, make sure to allow for enough space to properly install the cabling. Wiring Power Inputs Use “Terminal Block (PWR)” for primary power and “Terminal Block (RPS)” for secondary power source, to be a Redundant Power Input. Top view of Terminal Block is shown in picture: Connect power cables to terminal block: Use your finger to press the orange plug on top of terminal block connector to insert power cables...
  • Page 16 separately. You can use the type of signal transmitted through a wire to determine which wires should • be kept separate. The rule of thumb is that wiring that shares similar electrical characteristics can be bundled together • You should separate input wiring from output wiring •...

  • Page 17: Led Indicators

    The correct power supply voltage is listed on the product label. Check the voltage of your power source to make sure that you are using the correct voltage. Do NOT use a voltage greater than what is specified on the product label. Calculate the maximum possible current in each power wire and common wire.

  • Page 18: Dip Switches

    1. This device may not cause harmful interference. 2. This device must accept any interference received including interference that may cause undesired operation. ATTENTION If the equipment is used in a manner not specified by the Tripp Lite, the protection provided by the equipment may be impaired.

  • Page 19: Configuration

    4. Configuration Initially, the new device connects the network using default IP (192.168.0.254). Access the IP address to enter the Wizard. After three seconds the “Welcome” screen will switch to the set-up screen as shown below. The following flow chart illustrates the installation and subsequent steps after plug in.
  • Page 20 Step 2: IP Address is to configure the management IP user can select DHCP mode or static mode to configure the switch IP as shown below...
  • Page 21 Step 3: Access Mode is to access the device have 2 options Security mode (HTTPs, SSH, and SNMPv3) and Normal mode (HTTPs, SSH, SNMPv3, HTTP, TELNET, and SNMPv1/v2). Default: User name: admin Password: admin After successful completion of the settings, the web-link will take you to the “Topology Map” as landing page shown below where you can access the Dashboard, Login, and Information.

  • Page 22: Dashboard Settings

    4.2. Dashboard Settings The dashboard setting enables you to control the performance of the switch like CPU, Memory, Port Tx Usage, Port Rx Usage. Learn option to obtain to port registration information. Parameter Description Port Registration Learn Learn This field is to obtain the port registration information. Reset Reset option to reset the port registration information Port Link Down Statistics...
  • Page 23 User can configure threshold value to normal, alert, critical CPU Usage percentage or disable the feature User can configure threshold value to normal, alert, critical Memory Usage percentage or disable the feature User can configure threshold value to normal, alert, critical Port Tx Usage percentage of the interface Tx usage or disable the feature User can configure threshold value to normal, alert, critical...

  • Page 24: Port Settings

    4.3. Port Settings State In port configuration you can enable or disable the port. If the port is disabled the port remains off without any operation. To keep it operating, place the port in enable state. Speed It defines in which speed the port should operate. The speeds that it can operate are 10/100/1000Mbps.

  • Page 25: Port Configuration

    Auto (auto-negotiation) allows one port to negotiate with a peer port automatically to obtain the connection speed and duplex mode that both ends support. When auto-negotiation is turned on, a port on the Switch negotiates with the peer automatically to determine the connection speed and duplex mode.
  • Page 26 interface description STRINGs This command configures a description for the specific port. interface no description This command configures the default port description. configure interface range gigabitethernet1/0/ This command enters the if-range PORTLISTS configure node. if-range description STRINGs This command configures a description for the specific ports.

  • Page 27: Web Configuration

    4.3.1.2. Web Configuration Parameter Description Port Settings Port Selects a port or a range of ports on which to configure the port. State Select option to enable / disable the port. Speed/duplex Select a speed/duplex for port(s). Flow Control User can configure flow control on interface on/off Apply Click Apply to take effect the settings.

  • Page 28: Loop Detection Configuration

    Speed/Duplex This field displays the speed/duplex of a port. Flow Control Display the status on the flow control on interface on/off Link Status This field displays the link status of a port. 4.3.2. Loop Detection Configuration Loop detection is designed to handle loop problems on the edge of your network. This can occur when a port is connected to a Switch that is in a loop state.
  • Page 29  The default Loop Detection Destination MAC is 00:0b:04:AA:AA:AB  The default Port Loop-Detection state is disabled for all ports.

  • Page 30: Cli Configuration

    4.3.2.1. CLI Configuration Node Command Description enable show loop-detection This command displays the current loop detection configurations. enable configure terminal This command changes the node to configure node. configure loop-detection This command disables / enables the loop detection (disable|enable) on the switch. configure loop-detection address This command configures the destination MAC for...

  • Page 31: Web Configuration

    4.3.2.2. Web Configuration Parameter Description Configuration Settings User can configure loop-detection state enable/disable globally by State default it is disabled. Enter the destination MAC address the probe packets will be sent to. MAC Address If the port receives these same packets the port will be shut down. Port Select a port on which to configure loop guard protection.
  • Page 32 Select Enable to reactivate the port automatically after the designated Recovery State recovery time has passed. Recovery Time Specify the recovery time in minutes that the Switch will wait before (min) reactivating the port. This can be between 1 to 60 minutes. Apply Click Apply to save your changes to the Switch.

  • Page 33: Port Priority

    4.3.3. Port Priority Typically, networks operate on a best-effort delivery basis, which means that all traffic has equal priority and an equal chance of being delivered in a timely manner. When congestion occurs, all traffic has an equal chance of being dropped. Using Port Priority feature, you can select specific network traffic, and prioritize it according to its relative importance.

  • Page 34: Web Configuration

    4.3.3.2. Web Configuration Parameter Description Port Priority Settings Selects a port or a range of ports on which to configure the Port priority. Select a priority for packets received by the port. Only packets Priority without 802.1p priority tagged will be applied the priority you set here.

  • Page 35: Ring Settings

    4.4. Ring Settings 4.4.1. ERPS The ITU-T G.8032 Ethernet Ring Protection Switching feature implements protection switching mechanisms for Ethernet layer ring topologies. This feature uses the G.8032 Ethernet Ring Protection (ERP) protocol, defined in ITU-T G.8032, to provide protection for Ethernet traffic in a ring topology, while ensuring that no loops are within the ring at the Ethernet layer.
  • Page 36 Wait to restore (WTR) timer -- The RPL owner uses the WTR timer. The WTR timer applies to the revertive mode to prevent frequent triggering of the protection switching due to port flapping or intermittent signal failure defects. When this timer expires, the RPL owner sends a R-APS (NR, RB) through the ring.

  • Page 37: Erps Configuration

    The control vlan of the instance must be same as the Control VLAN; otherwise, you will get an error. If you still want to use this instance, you can change the Control VLAN to same as the control vlan of the instance first. And then configures the instance. 4.4.1.1.

  • Page 38: Web Configuration

    4.4.1.1.2. Web Configuration Parameter Description ERPS Global Settings Global State Enables / disables the global ERPS state. ERPS Ring Settings Ring ID Configures the ring ID. The Valid value is from 1 to 255. State Enables/ disables the ring state. Ring Name Configures the ring name.(Up to 32 characters) Revertive...
  • Page 39 (min). Configures the Control MEL for the ring. The Valid value is from 0 to 7. The default is 7. Configures the Guard time for the ring. The Valid value is from 10 to Guard Timer 2000 (ms). Configures the left port and its type for the ring. The valid port type is Left Port one of Owner, Neighbor or Normal.

  • Page 40: Erps Instance Configuration

    4.4.1.2. ERPS Instance Configuration 4.4.1.2.1. CLI Configuration Node Command Description enable show erps instance This command displays all of the ERPS instance configurations. enable show erps instance This command displays the specific ERPS instance <1-2> configurations. enable configure terminal This command changes the node to configure node. configure erps instance This command enters the instance configure node.

  • Page 41: Stp/Rstp

    Instance The instance ID. Control VLAN The control VLAN of the instance. Data VLAN The data VLANs of the instance. 4.4.2. STP/RSTP (R)STP detects and breaks network loops and provides backup links between switches, bridges or routers. It allows a Switch to interact with other (R)STP compliant switches in your network to ensure that only one path exists between any two stations on the network.
  • Page 42 cost to the root among the bridges connected to the LAN. Forward Time (Forward Delay): This is the maximum time (in seconds) the Switch will wait before changing states. This delay is required because every switch must receive information about topology changes before it starts to forward frames.
  • Page 43 The Spanning Tree Protocol (STP) is defined in the IEEE Standard 802.1D. As the name suggests, it creates a spanning tree within a mesh network of connected layer-2 bridges (typically Ethernet switches), and disables those links that are not part of the tree, leaving a single active path between any two network nodes.
  • Page 44 This is used to configure the minimum interval between the transmission of consecutive RSTP BPDUs. This function can only be enabled in RSTP mode. The range is from 1 to 10 seconds. Hello Time: Set the time at which the root switch transmits a configuration message. The range is from 1 to 10 seconds.

  • Page 45: Stp Configuration

    4.4.2.1. STP Configuration 4.4.2.1.1. CLI Configuration Node Command Description enable show spanning-tree This command displays the spanning tree information active for only active port(s) enable show spanning-tree This command displays the spanning tree information blockedports for only blocked port(s) enable show spanning-tree This command displays the spanning tree information statistics PORT_ID...

  • Page 46: Web Configuration

    (disable|enable) function for the specific port. configure interface range This command enters the if-range configure node. gigabitethernet1/0/ PORTLISTS if-range spanning-tree This command configures enables/disables the STP (disable|enable) function for the specific port. 4.4.2.1.2. Web Configuration Parameter Description STP Settings Select Enabled to use Spanning Tree Protocol (STP) or Rapid State Spanning Tree Protocol (RSTP).
  • Page 47 becomes the designated port for the attached LAN. If it is a root port, a new root port is selected from among the Switch ports attached to the network. The allowed range is 6 to 40 seconds. This is the time interval in seconds between BPDU (Bridge Protocol Hello Time Data Units) configuration message generations by the root switch.

  • Page 48: Stp Port Settings

    4.4.2.2. STP Port Settings 4.4.2.2.1. CLI Configuration Node Command Description enable show spanning-tree This command displays the spanning tree information port detail PORT_ID for the interface port. enable configure terminal This command changes the node to configure node. configure interface IFNAME This command enters the interface configure node.

  • Page 49: Web Configuration

    32-bit based value range 1-200000000. if-range no spanning-tree cost This command configures the path cost to default for the specific port. if-range spanning-tree This command configures the port priority for the port-priority <0-240> specific port. Default: 128. if-range no spanning-tree This command configures the port priority to default for port-priority the specific port.
  • Page 50 Edge Port Configures the port type for the specific port. Edge or Non-Edge. BPDU Filter Enables/Disables the BPDU filter function for the specific port. BPDU Guard Enables/Disables the BPDU guard function for the specific port. ROOT Guard Enables/Disables the BPDU root guard function for the specific port. Click Apply to take effect the settings.

  • Page 51: System Settings

    4.5. System Settings 4.5.1. System Settings Host Name The hostname is same as the SNMP system name. Its length is up to 64 characters. Management VLAN The hosts connect to the ports belong to the Management VLAN can manage the Switch only.

  • Page 52: Igmp Snooping

    (disable|enable) switch. 4.5.1.3. IGMP Snooping The IGMP snooping is for multicast traffic. The Switch can passively snoop on IGMP packets transferred between IP multicast routers/switches and IP multicast hosts to learn the IP multicast group membership. It checks IGMP packets passing through it, picks out the group registration information, and configures multicasting accordingly.

  • Page 53: Ipv4 Settings

    enable configure terminal This command changes the node to configure node. configure igmp-snooping (disable This command disables / enables the IGMP | enable) snooping on the switch. configure igmp-snooping vlan This command enables the IGMP snooping function VLANLISTS on a VLAN or range of VLANs. configure no igmp-snooping vlan This command disables the IGMP snooping function...
  • Page 54 eth0 ip dhcp client This command configures a DHCP client function (disable|enable|renew| for the system. next_restart) Disable: Use a static IP address on the switch. Enable & Renew: Use DHCP client to get an IP address from DHCP server. next_restart: The settings will take effect on next system restart.

  • Page 55: Web Configuration

    4.5.1.5. Web Configuration Parameter Description System Settings Enter up to 64 alphanumeric characters for the name of your Hostname Switch. The hostname should be the combination of the digit or the alphabet or hyphens (-) or underscores (_). Management VLAN This field is to configure Management VLAN Modbus TCP Settings Modbus TCP State...
  • Page 56 which to have the Switch not perform IGMP snooping Specify the action to perform when the Switch receives an Unknown Multicast unknown multicast frame. Select Drop to discard the frame(s). Packets Select Flooding to send the frame(s) to all ports. IPv4 Settings Select Enable to allow the Switch to automatically get an IP address from a DHCP server.

  • Page 57: Network Topology

    5. Network Topology The Topology Map is a feature to check neighbor devices’ information or to configure them easily. Click the Topology Map, the system will display topology as below. All devices connect to the Switch directly and support LLDP will be displayed on the screen. Such as below figure, the Switch is its neighbor device.

  • Page 58: Map Settings

    5.1. Map Settings The Topology Map function allow user to upload a picture file as the background or just change the background color. For special purpose, it also allow user to upload a device picture as an ICON for the port. That is, it will not care what device is connected to the port. Notice: These image files need be uploaded with web configuration.

  • Page 59: Web Configuration

    5.1.2. Web Configuration Background You can upload your company floor layout plan picture in to the background image so that you can identify easily where the switch has been placed. Picture To choice a file which you want to display it in the background and the Preview window will display your select immediately.
  • Page 60 Color Allow user to select standard color for the background and the Preview window will display your select immediately. Alter Device ICON: The settings allow user to remap the device ICON in the Topology Map. Parameter Description Background Select “Picture” to upload a picture as the background of the Topology Map.
  • Page 61 To upload a picture for the device ICON remapping. Image The picture should be in GIF/PNG/JPG/BMP format and its file size cannot be larger than 40 KB. Preview To display your configurations and then make decision if apply your configurations.

  • Page 62: Neighbor Devices

    5.2. Neighbor Devices 5.2.1. LLDP The Link Layer Discovery Protocol (LLDP) specified in this standard allows stations attached to an IEEE 802 LAN to advertise, to other stations attached to the same IEEE 802 LAN, the major capabilities provided by the system incorporating that station, the management address or addresses of the entity or entities that provide management of those capabilities, and the identification of the station’s point of attachment to the IEEE 802 LAN required by those management entity or entities.

  • Page 63: Web Configuration

    5.2.1.2. Web Configuration Parameter Description LLDP Settings State Globally enables / disables the LLDP on the Switch. Tx Interval Configures the interval to transmit the LLDP packets. Configures the tx-hold time which determines the TTL of the Tx Hold Switch’s message. (TTL=tx-hold * tx-interval) Time To Live The hold time for the Switch’s information.

  • Page 64: Manual Registration

    System Capabilities The neighbor’s capability. Management The neighbor’s management address. Address Time To Live The hold time for the neighbor’s information. 5.2.2. Manual Registration If devices do not support LLDP and ONVIF, user has to enter the details of it by manually under manual registration.

  • Page 65: Web Configuration

    5.2.2.2. Web Configuration For devices which do not support ONVIF or LLDP, User can input the device’s MAC address and then the Switch will discover the device and display it on the Lamungan Map. Parameter Description Manual Registration Settings Type The kind of devices connected to the Switch.

  • Page 66: Onvif

    5.2.3. ONVIF ONVIF is an open industry forum that provides and promotes standardized interfaces for effective interoperability of IP-based physical security products. The Switch use ONVIF to discovery if there is ONVIF device connected to the Switch. ONVIF settings and ONVIF Neighbor The page show the detail information about ONVIF settings and ONVIF devices connected to the Switch.

  • Page 67: Web Configuration

    5.2.3.2. Web Configuration Parameter Description ONVIF Settings Select option to enable / disable the ONVIF feature on the State Switch. Configures the sending ONVIF discovery packet interval. Tx Interval Valid range is 6 ~ 3600 seconds. Apply Click Apply to take effect the settings. Refresh Click Refresh to begin configuring this screen afresh.
  • Page 68 MAC Address The MAC address on the ONVIF device. VLAN ID The VLAN ID of the ONVIF device join. Product Name Name of the product added Product Type What kind of product that is added Model Model of the product Location Location where it is placed Web Service Address...

  • Page 69: Topology Map

    5.3. Topology Map The Topology Map is a feature to check neighbor devices’ information or to configure them easily. Click the Topology Map, the system will display topology as below. All devices connect to the Switch directly and support LLDP will be displayed on the screen. If the neighbor device is a Switch which supports Lamungan server function, click the right key of the mouse.
  • Page 70 You can view the basic details of the devices connected to the host, by placing the cursor on it. When there is something wrong with the device (SEN-8428PL), the screen will appear as below. So that you can find the details of events that have gone wrong, and correct it.

  • Page 71: Client Switch Management

    5.3.1. Client Switch Management By Right clicking on the neighbor non-lite Switch you get this menu and you can configure as shown below. Non-lite Switch menu: Save All Device Location  To fix the location of all devices on the map, so that it restores its places after refresh. Login Web GUI ...

  • Page 72: Quick Configuration Menu

    5.3.2. Quick configuration menu By Right clicking on the neighbor Lite management switch you get this menu, and you can configure as shown below. By Right clicking on the neighbor switch (only Lite management switches) you get this menu, and you can configure as shown below.

  • Page 74: Ip Configuration

    5.3.2.1. IP Configuration Parameter Description IPv4 Settings Configures the DHCP client function for your Switch. DHCP Client Enable means the Switch get an IP address from a DHCP server. Configures a static IPv4 address for your Switch in dotted IP Address decimal notation.

  • Page 75: Loop Detection Configuration

    5.3.2.2. Loop Detection Configuration Parameter Description Loop Detection Settings Select this option to enable / disable loop detection on the State Switch. Select a port or a range of ports which to configure loop Port detection. Select option to enable/disable the loop detection feature on State port(s).

  • Page 76: Port Configuration

    5.3.2.3. Port Configuration Parameter Description Port Settings Port Selects a port or a range of ports on which to configure the port. State Select option to enable / disable the port. Apply Click Apply to take effect the settings. Refresh Click Refresh to begin configuring this screen afresh.

  • Page 77: Port Mirror Configuration

    5.3.2.4. Port Mirror Configuration Parameter Description Port Mirror Settings Select option to enable / disable the port mirroring feature on the State Switch. Selects a port which packets received and transmitted by this Source Port port will be copied to the destination port. Destination Port Select a port which connects to a network traffic analyzer.

  • Page 78: Storm Control Configuration

    priority. Priority Selects “Low”, “Medium” and “High” priority for the port(s). Click Apply to take effect the settings. Apply Refresh Click Refresh to begin configuring this screen afresh. Port Priority Status Port This field displays a port number. Priority This field displays the priority for a port. 5.3.2.6.

  • Page 79: Save Configuration

    This field displays the DLF storm control state on the port. 5.3.2.7. Save Configuration Parameter Description Save Configuration Click Save Configuration to save the current running Save Configuration configuration to the NVRAM. 5.3.2.8. Save All Device Location To fix the location of all devices on the topology map, so that it restores its places after refresh.

  • Page 80: Security

    6. Security 6.1. 802.1X IEEE 802.1X is an IEEE Standard for port-based Network Access Control ("port" meaning a single point of attachment to the LAN infrastructure). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN, either establishing a point-to-point connection or preventing it if authentication fails.
  • Page 81 Local User Accounts By storing user profiles locally on the Switch, your Switch is able to authenticate users without interacting with a network authentication server. However, there is a limit on the number of users you may authenticate in this way. Guest VLAN: The Guest VLAN in IEEE 802.1x port authentication on the switch to provide limited services to clients, such as downloading the IEEE 802.1x client.

  • Page 82: Configuration

    6.1.1. Configuration 6.1.1.1. CLI Configuration Node Command Description enable show dot1x This command displays the current 802.1x configurations. enable show dot1x username This command displays the current user accounts for the local authentication. enable show dot1x This command displays the local accounting records. accounting-record enable configure terminal...

  • Page 83: Web Configuration

    6.1.1.2. Web Configuration Parameter Description Global Settings Select Enable to permit 802.1 x authentications on the Switch. State Note: You must first enable 802.1 x authentications on the Switch before configuring it on each port. Select whether to use Local or RADIUS as the authentication method. The Local method of authentication uses the “guest”...
  • Page 84 Specify a password (up to 32 alphanumeric characters) as the key to be shared between the external RADIUS server and the Switch. This key Share Key is not sent over the network. This key must be the same on the external RADIUS server and the Switch.

  • Page 85: Port Configuration

    6.1.2. Port Configuration 6.1.2.1. CLI Configuration Node Command Description enable show dot1x port This command displays the current 802.1x PORTLISTS configurations for the specific port. enable configure terminal This command changes the node to configure node. configure interface IFNAME This command enters the interface configure node. interface dot1x This command configures the control direction for...

  • Page 86: Web Configuration

    6.1.2.2. Web Configuration Parameter Description Port Settings Port Select a port number to configure. Select Enable to permit 802.1 x authentications on the port. 802.1x State You must first enable 802.1 x authentications on the Switch before configuring it on each port. Select Both to drop incoming and outgoing packets on the port Admin Control when a user has not passed 802.1x port authentication.
  • Page 87 name and password to stay connected to the port. Select Auto to require authentication on the port. Select Force Authorized to always force this port to be Port Control Mode authorized. Select Force Unauthorized to always force this port to be unauthorized.

  • Page 88: Acl

    This field displays the amount of times the Switch will try to Max-req Time connect to the authentication server before determining the server is down. This field displays how often a client has to re-enter his or her Reauth period username and password to stay connected to the port.
  • Page 89 MACADDR mask for the profile. destination mac This command configures the destination MAC and MACADDR mask for the profile. MACADDR destination mac This command configures the destination MAC and MACADDR mask for the profile. The second MACADDR parameter MACADDR is the mask for the profile. no destination mac This command removes the destination MAC from the profile.
  • Page 90 Where the IPMASK mask allows users to filter a range of IP in the packets’ source IP or destination IP. For example: source ip 172.20.1.1 255.255.0.0 The command will filter source IP range from 172.20.0.0 to 172.20.255.255 Example: L2SWITCH#configure terminal L2SWITCH(config)#access-list 111 L2SWITCH(config-acl)#vlan 2 L2SWITCH(config-acl)#source interface 1...

  • Page 91: Web Configuration

    6.2.2. Web Configuration Parameter Description Access Control List Settings Profile Name The access control profile name. Selects Disables / Drop / Permits action for the profile. State Ethernet Type Configures the Ethernet type of the packets that you want to filter. VLAN Configures the VLAN of the packets that you want to filter.
  • Page 92 Configures the bitmap mask of the destination MAC of the packets that you want to filter. Mask of If the Destination MAC field has been configured and this field is Destination MAC empty, it means the profile will filter the one MAC configured in Destination MAC field.

  • Page 93: Port Security

    6.3. Port Security The Switch will learn the MAC address of the device directly connected to a particular port and allow traffic through. We will ask the question: “How do we control who and how many can connect to a switch port?” This is where port security can assist us. The Switch allow us to control which devices can connect to a switch port or how many of them can connect to it (such as when a hub or another switch is connected to the port).

  • Page 94: Web Configuration

    6.3.2. Web Configuration Parameter Description Port Security Settings Select Enable/Disable to permit Port Security on the Switch. Port Security Port Select a port number to configure. Select Enable/Disable to permit Port Security on the port. State The maximum number of MAC addresses allowed per interface. Maximum MAC The acceptable range is 1 to 1000.

  • Page 95: Server Control

    6.4. Server Control The function allows users to enable or disable the HTTP, HTTPS, SNMPv1/v2c, SNMPv3, SSH, Telnet service individually. 6.4.1. CLI Configuration Node Command Description enable show server status This command displays the current server status. enable configure terminal This command changes the node to configure node.

  • Page 96: Web Configuration

    6.4.2. Web Configuration Parameter Description Server Settings HTTP Server State Selects Enable or Disable to enable or disable the HTTP service. HTTPS Server Selects Enable or Disable to enable or disable the HTTPS service. State SNMPv1/v2c Selects Enable or Disable to enable or disable the SNMPv1/v2c Server State service.
  • Page 97 Status SNMPv1/v2c Server Displays the current SNMPv1/v2c service status Status SNMPv3 Server Displays the current SNMPv3 service status Status SSH Server Status Displays the current SSH service status. Telnet Server Status Displays the current Telnet service status.

  • Page 98: Storm Control

    6.5. Storm Control 6.5.1. Alarm Threshold When the selected packet rate is over the alarm threshold, the Switch will send syslog alarm to syslog server. 6.5.1.1. CLI Configuration Node Command Description enable show bandwidth-limit This command displays the current rate control configurations.

  • Page 99: Web Configuration

    6.5.1.2. Web Configuration Parameter Description Alarm Threshold Settings State Select option to enable / disable the alarm threshold feature on the Switch. Port Selects a port or a range of ports on which to configure the alarm threshold. State Selects Enable / Disable the alarm threshold for the port(s). Packet Type Selects packet type one of Broadcast / Multicast / Bcast+Mcast.

  • Page 100: Storm Control

    6.5.2. Storm Control A broadcast storm means that your network is overwhelmed with constant broadcast or multicast traffic. Broadcast storms can eventually lead to a complete loss of network connectivity as the packets proliferate. Storm Control protects the Switch bandwidth from flooding packets, including broadcast packets, multicast packets, and destination lookup failure (DLF).

  • Page 101: Web Configuration

    6.5.2.2. Web Configuration Parameter Description Storm Control Settings Select individual port number or range for which you want to configure Port storm control settings. Configure the packet rate in pps to allow on interfaces. Disable for 0 and Rate ranges 1 ~ 5000. Type Click the check box to select Multicast / Broadcast / DLF storm control.

  • Page 102: Vlan

    Rate(pps) 6.6. VLAN 6.6.1. Port Isolation The port isolation is a port-based virtual LAN feature. It partitions the switching ports into virtual private domains designated on a per port basis. Data switching outside of the port’s private domain is not allowed. It will ignore the packets’ tag VLAN information. This feature is a per port setting to configure the egress port(s) for the specific port to forward its received packets.

  • Page 103: Web Configuration

    6.6.1.2. Web Configuration Parameter Description Port Isolation Settings Select a port number to configure its port isolation settings. Port Select All Ports to configure the port isolation settings for all ports on the Switch. An egress port is an outgoing port, that is, a port through which a data packet leaves.

  • Page 104: Vlan

    Apply Click Apply to take effect the settings. Refresh Click Refresh to begin configuring this screen afresh. Port Isolation Status “V” indicates the port’s packets can be sent to that port. “-” indicates the port’s packets cannot be sent to that port. 6.6.2.
  • Page 105 where to forward the frame, and then inserts a VLAN tag reflecting the ingress port's default VID. The default PVID is VLAN 1 for all ports, but this can be changed. A broadcast frame (or a multicast frame for a multicast group that is known by the system) is duplicated only on ports that are members of the VID (except the ingress port itself), thus confining the broadcast to a specific domain.

  • Page 106: Cli Configuration

    another switch. Default Settings All ports join in the VLAN 1. 6.6.2.1. CLI Configuration Node Command Description enable show vlan VLANID This command displays the VLAN configurations. enable configure terminal This command changes the node to configure node. configure vlan <1~4094> This command enables a VLAN and enters the VLAN node.

  • Page 107: Web Configuration

    6.6.2.2. Web Configuration Parameter Description VLAN Settings Select a port number to configure from the drop-down box. Port Select All to configure all ports at the same time. Role Select role on interface as access or trunk. User can configure maximum of 5 VLAN’s on each interface in the VLAN format 1,3,7,10,25 Apply...

  • Page 108: Diagnostic

    7. Diagnostic 7.1. Alarm The feature displays if there are any abnormal situation need process immediately. Alarm LED: On - When any alarm events happen. The web pages show you the detail alarm reason. 7.1.1. CLI Configuration Node Command Description enable show alarm-info This command displays alarm information.

  • Page 109: Port Mirror

    Disable – port 9 speed controlled by user configurations. Enable – port 9 speed is 100M-Full. The field displays the current port 10 100M-Full settings. P10 100Fx Disable – port 10 speed controlled by user configurations. Enable – port 10 speed is 100M-Full. Click Refresh to begin configuring this screen afresh.

  • Page 110: Web Configuration

    7.2.2. Web Configuration Parameter Description Port Mirror Settings Select option to enable / disable the port mirroring feature on the State Switch globally. Monitor to Port Select the port which connects to a network traffic analyzer. Settings in this field apply to all ports. Use this field only if you want to make some settings the same for All Ports all ports.

  • Page 111: Port Statistics

    7.3. Port Statistics This feature helps users to monitor the ports’ statistics, to display the link up ports’ traffic utilization only. 7.3.1. CLI Configuration Node Command Description enable show port-statistics This command displays the link up ports’ statistics. Example : L2SWITCH#show port-statistics Packets Bytes...

  • Page 112: Port Utilization

    7.4. Port Utilization This feature helps users to monitor the ports’ traffic utilization, to display the link up ports’ traffic utilization only. 7.4.1. CLI Configuration Node Command Description enable show port-utilization This command displays the link up ports’ traffic <bps|Kbps|Mbps> utilization.

  • Page 113: Syslog

    Rx Utilization (bps) The field display Rx utilization in bps. Tx Utilization (%) The field display Tx utilization in percentage. Tx Utilization (bps) The field display Tx utilization in bps. 7.5. Syslog The syslog function records some of system information for debugging purpose. Each log message recorded with one of these levels, Alert / Critical / Error / Warning / Notice / Information.

  • Page 114: Web Configuration

    7.5.2. Web Configuration Parameter Description Enter the Syslog server IP address. Server IP Select Enable to activate switch sent log message to Syslog server when any new log message occurred. Click Apply to take effect the settings. Apply Click Refresh to begin configuring this screen afresh. Refresh Select Alert/Critical/Error/Warning/Notice/Information to Log Level...

  • Page 115: Utilization Threshold

    7.6. Utilization Threshold This feature alerts the user when the packet rate in the particular port is above the required rate. 7.6.1. CLI Configuration Node Command Description enable configure terminal This command changes the node to configure node. configure port-utilization The command disables / enables the port utilization threshold threshold function globally.

  • Page 116: Web Configuration

    7.6.2. Web Configuration Parameter Description Alarm Threshold Settings Select option to enable / disable the alarm threshold feature on the State Switch. Selects a port or a range of ports on which to configure the alarm Port threshold. State Selects Enable / Disable the alarm threshold for the port(s). Configures the threshold rate.
  • Page 117 Port This field displays a port number. State This field displays the current alarm threshold state for the port. Status This field displays if alarm threshold has happened on the port. Packet Rate This field displays the current threshold.

  • Page 118: Management

    8. Management 8.1. Simple Network Management Protocol (SNMP) Simple Network Management Protocol (SNMP) is used in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF).

  • Page 119: Web Configuration

    8.1.1.2. Web Configuration Parameter Description SNMP Settings SNMP State Select option to enable / disable the SNMP on the Switch. System Name User can configure system name System Location User can configure the switch deployed location for reference User can configure System Contact person information like name System Contact or number Click Apply to take effect the settings.

  • Page 120: Web Configuration

    STRING (ro|rw) Permission(ro/rw), Trusted host IP/Subnet mask. trusted-host IPADDR/Subnet Mask Example: L2SWITCH#configure terminal  L2SWITCH(config)#snmp community public rw trusted-host 192.168.200.106/24  8.1.2.2. Web Configuration Parameter Description Community Name Enter a Community string; this will act as a password for requests from the management station.

  • Page 121: Snmp Event Settings

    Click Apply to take effect the settings. Apply Click Refresh to begin configuring this screen afresh. Refresh Community Name List This field displays the index number of an entry. Community String This field displays the community string of an entry. Rights This field displays the right of an entry.

  • Page 122: Web Configuration

    configure snmp trap-event This command enables/disables the stp-topology-change stp-topology-change trap. (disable/enable) configure snmp trap-event This command enables/disables thetraffic-monitor traffic-monitor trap. (disable/enable) 8.1.3.2. Web Configuration Parameter Description Trap Event Settings Select all Enables all of trap events. Deselect All Disables all of trap events. Alarm-Over-Heat Trap when system’s temperature is too high.
  • Page 123 Apply Click Apply to configure the settings. Refresh Click Refresh to begin configuring this screen afresh.

  • Page 124: Port Trap Event Settings

    8.1.4. Port Trap Event Settings The features allow users to enable/disables port-link-change trap notification by individual port. 8.1.4.1. CLI Configuration Node Command Description enable show snmp port-link-change-trap This command displays the SNMP port link-change trap configurations. enable configure terminal This command changes the node to configure node.
  • Page 125 Port Selects the range of ports. State User can enable /disable trap events when port link change. Apply Click Apply to configure the settings. Refresh Click Refresh to begin configuring this screen afresh.

  • Page 126: Trap Receiver Settings

    8.1.5. Trap Receiver Settings The features allow users to configure trap receiver configuration. 8.1.5.1. CLI Configuration Node Command Description enable configure terminal This command changes the node to configure node. configure snmp trap-receiver This command configures the trap receiver’s IPADDR (v1|v2c) configurations, including the IP address, version (v1 or STRING v2c) and community String.
  • Page 127 station. Action Click Delete to remove a configured trap receiver station.

  • Page 128: Snmpv3

    8.2. SNMPv3 SNMP version 3 (SNMPv3) supports authentication and encryption. SNMPv3 uses the user-based security model (USM) for message security and the view-based access control model (VACM) for access control. USM specifies authentication and encryption. 8.2.1. SNMPv3 Group 8.2.1.1. CLI Configuration Node Command Description...

  • Page 129: Snmpv3 User

    Group Name Enter the v3 user name. Security Level Select the security level of the v3 group to use. Note that if a group is defined without a read view than all objects are Read View available to read. (default value is none.) if no write or notify view is defined, no write access is granted and no Write View objects can send notifications to members of the group.

  • Page 130: Web Configuration

    8.2.2.2. Web Configuration Parameter Description User Settings User Name Enter the v3 user name. Group Name Map the v3 user name into a group name. Select the security level of the v3 user to use. noauth means no authentication and no encryption. Security Level auth means messages are authenticated but not encrypted.

  • Page 131: Snmpv3 View

    User Name This field displays the v3 user name. Group Name This field displays the group name which the v3 user mapping. Auth Protocol These fields display the security level to this v3 user. Priv Protocol Rowstatus This field displays the v3 user row status. Action Click Delete to remove a v3 user.

  • Page 132: Web Configuration

    8.2.3.2. Web Configuration Parameter Description View Settings Enter the v3 view name for creating an entry in the SNMPv3 MIB View Name view table. The OID defining the root of the subtree to add to (or exclude from) View Subtree the named view.

  • Page 133: Cli Configuration

    is transmitted; this information is outside its scope and must be obtained separately. UDP Port: 123. Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening. Note: The SNTP server always replies the UTC current time.

  • Page 134: Web Configuration

    | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday) MONTH HOUR configure time ntp-server This command disables / enables the NTP server (disable|enable) state. configure time ntp-server This command sets the IP address of your time IP_ADDRESS server.
  • Page 135 hour, minute and second format. The new date and time then appear in the Current Date and Current Time fields after you click Apply. Enable Select this option to use Network Time Protocol (NTP) for the Network Time time service. Protocol Select a pre-designated time server or type the IP address or type NTP Server...
  • Page 136 stop using Daylight Saving Time at the same moment (1 A.M. GMT or UTC). So in the European Union you would select Last, Sunday, 10(October) and the last field depends on your time zone. In Germany for instance, you would select 2:00 because Germany's time zone is one hour ahead of GMT or UTC (GMT+1).

  • Page 137: System Information

    8.4. System Information The System Information window appears each time you log into the program. Alternatively, this window can be accessed by clicking System Information. 8.4.1. CLI Configuration Node Command Description enable show interface eth0 This command will display the interface et0 information.

  • Page 138: System Management

    Built Date This field displays the built date of the firmware. This field displays whether the DHCP client is enabled on the DHCP Client Switch. IP Address This field indicates the IP address of the Switch. Subnet Mask This field indicates the subnet mask of the Switch. Default Gateway This field indicates the default gateway of the Switch.
  • Page 139 configure archive download-config This command downloads configure file to URL_PATH user-default-config. user-default-config configure copy factory-default-config to This command copies factory-default-config user-default-config file to user-default-config file. configure copy startup-config to This command copies the startup-config file user-default-config to user-default-config file. There are three configuration files: startup-config.

  • Page 140: Web Configuration

    8.5.1.2. Web Configuration Click the “Choose File” button to select the new configuration file which you want to upgrade it to the Switch. Click the “Upload” button to start the upgrade procedures. Click the “Download” button to download the current configurations to local host. Reset Configuration Click the “Reset”...

  • Page 141: Firmware

    8.5.2. Firmware Upgrade Firmware 8.5.2.1. CLI Configuration Node Command Description enable configure terminal This command changes the node to configure node. configure archive download-fw This command downloads a new copy of firmware file <URL PATH> from TFTP / FTP / HTTP server. Where <URL PATH>...

  • Page 142: Reboot

    8.5.3. Reboot 8.5.3.1. CLI Configuration Node Command Description enable configure terminal This command changes the node to configure node. configure reboot This command reboots the system. 8.5.3.2. Web Configuration Click the “Reboot” button to restart the Switch.

  • Page 143: User Account

    8.6. User Account The Switch allows users to create up to 6 dot1x user account and 6 non-dot1x user account. The user name and the password should be the combination of the digit or the alphabet. The last admin user account cannot be deleted. Users should input a valid user account to login the CLI or web management.

  • Page 144: Web Configuration

    8.6.2. Web Configuration Parameter Description User Account Settings User Name Type a new username or modify an existing one. Type a new password or modify an existing one. Enter up to 32 User Password alphanumeric or digit characters. Select with which group the user associates. admin (read and User Authority write) or normal (read only) or dot1x(Dot1X user for local authentication).

  • Page 145: Warranty & Product Registration

    WARRANTY & PRODUCT REGISTRATION 3-Year Limited Warranty TRIPP LITE warrants its products to be free from defects in materials and workmanship for a period of three (3) years from the date of initial purchase. TRIPP LITE’s obligation under this warranty is limited to repairing or replacing (at its sole option) any such defective products. To obtain service under this warranty, you must obtain a Returned Material Authorization (RMA) number from TRIPP LITE or an authorized TRIPP LITE service center.
  • Page 146 Tripp Lite has a policy of continuous improvement. Specifications are subject to change without notice. Photos and illustrations may differ slightly from actual products. 21-04-322 93-3EDD_RevA...

Table of Contents