Netgear GS716Tv2 GS716Tv2/GS724Tv3 Software Admin Manual
Netgear GS716Tv2 - ProSafe Gigabit Managed Switch Manual
 |
View all Netgear GS716Tv2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Netgear GS716Tv2 manual content summary:
- Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 1
GS716Tv2 and GS724Tv3 Software Administration Manual NETGEAR, Inc. 350 E. Plumeria Drive San Jose CA 95134 USA 202-10484-01 July 2009 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 2
software upgrades. NETGEAR, INC. Support Information Phone: 1-888-NETGEAR, for US & Canada only. For other countries, see your Support information card. E-mail: [email protected] North American NETGEAR website: http://www.netgear.com Trademarks NETGEAR, the NETGEAR instructions Smart Switch gemäß - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 3
or TV receiver, it may become the cause of radio interference. Read instructions for correct handling. Product and Publication Details Model Number: Publication Date: and GS724T July 2009 GS716T/GS724T Series Smart Switch Gigabit Smart Switch Business English 202-10484-01 1.0 iii v1.0, July 2009 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 4
iv v1.0, July 2009 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 5
in a Network without a DHCP Server 1-4 Manually Assigning Network Parameters 1-5 Configuring the Network Settings on the Administrative System 1-6 SmartWizard Discovery Utilities 1-6 Password Change ...1-7 Firmware Upgrade 1-7 Exit ...1-8 Understanding the User Interfaces 1-9 Using the Web - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 6
GS716Tv2 and GS724Tv3 Software Administration Manual Chapter 2 Configuring System Information System Information ...2-1 Defining System Information 2-3 Network Connectivity ...2-3 Time ...2-5 Time Configuration 2-6 SNTP Global Status 2-8 SNTP Server Configuration 2-10 SNTP Server Status 2-11 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 7
GS716Tv2 and GS724Tv3 Software Administration Manual Port VLAN ID Configuration 3-14 Configuring Spanning Tree Protocol 3-16 STP Switch Configuration/Status 3-17 CST Configuration 3-19 CST Port Configuration 3-21 CST Port Status ...3-23 Rapid STP Configuration 3-24 MST Configuration 3-26 MST - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 8
GS716Tv2 and GS724Tv3 Software Administration Manual Chapter 5 Managing Device Security Management Security Settings 5-1 Change Password ...5-2 RADIUS Configuration 5-3 Configuring TACACS 5-10 Authentication List Configuration 5-13 Configuring Management Access 5-15 HTTP Configuration 5-15 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 9
the Switch 7-1 Reset Configuration to Defaults 7-2 Upload File From Switch 7-3 Uploading Files ...7-5 Download File To Switch 7-5 TFTP File Download 7-6 HTTP File Download 7-8 File Management ...7-10 Dual Image Configuration 7-10 Viewing the Dual Image Status 7-12 Troubleshooting ...7-13 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 10
GS716Tv2 and GS724Tv3 Software Administration Manual Appendix B Configuration Examples Virtual Local Area Networks (VLANs B-1 VLAN Example Configuration B-2 Access Control Lists (ACLs B-4 MAC ACL Example Configuration B-5 Standard IP ACL Example Configuration B-6 802.1X ...B-8 802.1X Example - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 11
About This Manual The NETGEAR® GS716Tv2 and GS724Tv3 Software Administration Manual describes how to configure and operate the Gigabit Smart Switch using its included software features by using the Web-based graphical user interface (GUI). The book describes the software configuration procedures and - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 12
GS716Tv2 and GS724Tv3 Software Administration Manual • Chapter 5, "Managing Device Security" on page 5-1 contains information about configuring switch names, extensions User input, IP addresses, GUI screen text Command prompt, CLI text, code URL links • Formats. This manual uses the following - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 13
GS716Tv2 and GS724Tv3 Software Administration Manual Tip: This format is used to highlight a procedure that will save time or resources. Warning: A caution provides information about critical aspects of the configuration, combination of settings, events, or procedures that can adversely affect - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 14
GS716Tv2 and GS724Tv3 Software Administration Manual How to Use This Manual The HTML version of this manual includes the following: • Buttons, and , for browsing forwards or backwards through the manual described in the manual. •A button to access the full NETGEAR, Inc. online knowledge base for - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 15
GS716Tv2 and GS724Tv3 Software Administration Manual • Click the print icon in the upper left of your browser window. Tip: If your printer supports printing two pages on a single sheet of paper, you can save paper and printer ink by selecting this feature. Revision History Part Number Version - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 16
GS716Tv2 and GS724Tv3 Software Administration Manual xvi v1.0, July 2009 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 17
, you must connect the switch to the network. The switch comes up with a default IP address of 192.168.0.239, and DHCP is enabled by default. To access the switch over a network, you must first configure it with network information (an IP address, subnet mask, and default gateway). You can assign - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 18
GS716Tv2 and GS724Tv3 Software Administration Manual Follow these steps: 1. Power on the switch. 2. Configure network information. 3. The switch comes up with a default IP address of 192.168.0.239. After the switch is connected to the network, you can use the default IP address for remote access to - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 19
GS716Tv2 and GS724Tv3 Software Administration Manual SmartWizard Discovery in a Network with a DHCP Server To install the switch in a network with a DHCP server, use the following steps: 1. Connect the Gigabit Smart Switch to a DHCP network. 2. Power on the switch by connecting its AC-DC power - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 20
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 1-2 Use your Web browser to manage your switch. The default password is password. Then use this page to proceed to management of the switch covered in "Using the Web Interface" on page 1-9. SmartWizard Discovery in a Network without a DHCP - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 21
GS716Tv2 and GS724Tv3 Software Administration Manual Manually Assigning Network Parameters If your network has no DHCP service, you must assign a static IP address to your switch. If you choose, you can assign it a static IP address, even if your network has DHCP service. To assign a static IP - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 22
GS716Tv2 and GS724Tv3 Software Administration Manual Configuring the Network Settings on the Administrative System The settings value should be identical to that set in the switch. The PC IP address must be different from that of the switch but lie in the same subnet. SmartWizard Discovery Utilities - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 23
GS716Tv2 and GS724Tv3 Software Administration Manual • "Password Change" on page 1-7 • "Firmware Upgrade" on page 1-7 Password Change To set a new password: 1. Click Password Change from the Switch Setting section. The Password Change screen appears. You can set a new password. In this process, you - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 24
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 1-5 2. Enter the following values into the appropriate places in the form: • Product Assigned Firmware. The location of the new firmware. If you do not know the location, you can click Browse to locate the file. • Upgrade Password. Enter - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 25
following procedures to log on to the Web interface: 1. Open a Web browser and enter the IP address of the switch in the Web browser address field. 2. The factory default password is password. Type the password into the field on the login screen, as shown in Figure 1-6 on page 1-10, and then click - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 26
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 1-6 3. After the system authenticates you, the System Information page displays. 1-10 v1.0, July 2009 Getting Started - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 27
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 1-7 shows the layout of the GS716T/GS724T software Web interface. Each Web page contains three main areas: navigation tree on the left, the configuration status and options, and the tabs at the top that provide access to all the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 28
GS716Tv2 and GS724Tv3 Software Administration Manual subfolder, and HTML page in the navigation menu. When you Apply button sends the updated configuration to the switch. Configuration changes take effect immediately. Click Cancel to cancel the configuration on the screen and reset the data on the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 29
GS716Tv2 and GS724Tv3 Software Administration Manual Device View The Device View is a Java® applet that displays the ports on the switch. This graphic provides an alternate way to navigate to configuration and monitoring options. The graphic also provides information about device ports, current - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 30
GS716Tv2 and GS724Tv3 Software Administration Manual in configuring and managing the switch. The online help pages are context sensitive. For example, if the IP Addressing page For GS716T/GS724T software that includes the SNMP module, you can configure SNMP groups and users that can manage traps - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 31
GS716Tv2 and GS724Tv3 Software Administration Manual GS716T/GS724T switches use both standard public MIBs for standard functionality and private MIBs that support additional switch functionality. All private MIBs begin with a "-" prefix. The main object for interface configuration is in -SWITCHING- - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 32
Convention GS716T/GS724T Switch supports physical and logical interfaces. Interfaces are identified by their type and the interface number. The physical ports are gigabit interfaces and are numbered on the front panel. You configure the logical interfaces by using the software. The following table - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 33
on page 2-3 • "Time" on page 2-5 • "Denial of Service" on page 2-13 • "Green Ethernet Configuration" on page 2-15 • "SNMP V1/V2" on page 2-16 • "SNMP v3 User Configuration" on page 2-21 • "LLDP" on page 2-23 System Information After a successful login, the System Information page displays. Use this - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 34
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 2-1 Table 2-1. System Description Fields Field System Name System Location System Contact Serial Number System Object ID Date & Time System Up Time Base MAC Address Model Name Description Enter the name you want to use to identify this - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 35
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-1. System Description Fields (continued) Field Boot Version Software Version Description The bootcode version of the switch. The software version of the switch. Defining System Information 1. Open the System Information page. 2. Define - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 36
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 2-2 2. To access the switch over a network, you must first configure it with IP information (IP address, subnet mask, and default gateway). You can configure the IP information using any of the following options: • Dynamic IP Address (DHCP - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 37
GS716Tv2 and GS724Tv3 Software Administration Manual 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch for polling a server for which the IP address is known. SNTP servers that have been configured on the device are the only - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 38
GS716Tv2 and GS724Tv3 Software Administration Manual method is selected, SNTP information is accepted only from SNTP servers defined on the device using the SNTP Server Configuration page. The device retrieves synchronization information, either by actively requesting information or at every poll - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 39
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 2-3 To configure the time through SNTP: 1. Select the Clock Source as SNTP by checking the radio button. 2. When the Clock Source is set to 'SNTP', the Date and Time fields are grayed out (disabled). The switch gets the date and time from - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 40
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-3. Time Configuration Fields (continued) Field Time Time Zone Description Specifies the duration of the box in hours, minutes and seconds since the last reboot. When using SNTP/NTP time servers to update the switch's clock, the time - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 41
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-4. SNTP Global Configuration Fields Field Version Supported Mode Last Update Time Last Attempt Time Last Attempt Status Server IP Address Address Type Server Stratum Reference Clock Id Server Mode Description Specifies the SNTP Version - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 42
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-4. SNTP Global Configuration Fields (continued) Field Description Unicast Sever Max Entries Unicast Server Current Entries Specifies the maximum number of unicast server entries that can be configured on this client. Specifies the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 43
SNTP server, select the IP address of the server to remove from the Server list, and then click Delete. The entry is removed, and the device is updated. 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 5. If you change any - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 44
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click System Management Time SNTP Server Configuration in the navigation menu. Figure 2-6 Table 2-6. SNTP Server Status Fields Field Address Last Update Time Last Attempt Time Last Attempt Status Description Specifies all the existing - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 45
the switch. Denial of Service Use the Denial of Service (DoS) page to configure DoS control. The GS716T/GS724T software provides support for classifying and blocking specific types of DoS attacks. You can configure your system to monitor and block six types of attacks: • SIP=DIP: Source IP address - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 46
IP address equal to the destination IP address. The factory default is disabled. Enable or disable this option by selecting the corresponding line on the pulldown entry field. Enabling First Fragment DoS prevention causes the switch to drop packets that have a TCP header smaller than the configured - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 47
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-7. Denial of Service Configuration Fields (continued) Field Description Denial of Service switch to drop packets that have TCP/UDP source port equal to TCP/UDP destination port. The factory default is disabled. Denial of Service ICMP - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 48
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click System Management Green Ethernet Configuration. Figure 2-8 Table 2-8. Green Ethernet Configuration off. 3. Click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. SNMP V1/V2 The - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 49
GS716Tv2 and GS724Tv3 Software Administration Manual Community Configuration To display this page, click System SNMP SNMP V1/V2 Community Configuration in the navigation tree. By default, two SNMP Communities exist: • Private, with Read/Write privileges and status set to Enable. • Public, with - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 50
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-9. SNMP V1/V2 Community Configurable Data Field Management Station IP Management Station IP Mask Community String Access Mode Status Description Taken together, the Management Station IP and the Management Station IP Mask denote a range - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 51
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-10. Command Buttons Field Add Delete Cancel Apply Description Add the currently selected receiver configuration to the switch. Delete the currently selected receiver configuration. Cancel the configuration on the screen. Reset the data - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 52
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-11. SNMP Trap Configuration (continued) Field Community String Status Description Enter the community string for the SNMP trap packet to be sent to the trap manager. This may be - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 53
GS716Tv2 and GS724Tv3 Software Administration Manual factory default is enabled. 2. If you make any changes to this page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. 3. Click Cancel to cancel the configuration on the screen and reset - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 54
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 2-12 Table 2-14. SNMP v3 User Configuration Field SNMP v3 Access Mode Authentication Protocol Encryption Protocol Encryption Key Description The SNMPv3 access privileges for the user account. The admin account always has Read/Write - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 55
GS716Tv2 and GS724Tv3 Software Administration Manual 3. Click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. LLDP The IEEE 802.1AB-defined standard, Link Layer Discovery Protocol (LLDP), allows stations residing on an 802 LAN to advertise - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 56
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 2-13 Table 2-15. LLDP Configuration Fields Field Description LLDP Properties TLV Advertised Interval Specifies the interval at which frames are transmitted. The default is 30 seconds, and the valid range is 1-32768 seconds. Hold - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 57
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 2-14 Table 2-16. LLDP Port Settings Fields Field Interface Admin Status Management IP Address Description Specifies the port to be affected by these parameters. Select the status for transmitting and receiving LLDP packets. The options - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 58
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-16. LLDP Port Settings Fields (continued) Field Notification Optional TLV(s) Description When notifications are enabled, LLDP interacts with the Trap Manager to notify subscribers of remote data change statistics. The default is - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 59
GS716Tv2 and GS724Tv3 Software Administration Manual Local Information Use the LLDP Local Information page to view the data that each port . Identifies the type of data displayed in the Port ID field. Identifies the physical address of the port. Configuring System Information v1.0, July 2009 2-27 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 60
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-17. LLDP Local Information Fields (continued) Field Port Description Advertisement Description Identifies the user-defined description of the port. To configure the Port Description, see "Configuring and Viewing Device Port Information" - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 61
GS716Tv2 and GS724Tv3 Software Administration Manual Table 2-18. Local Port Information Field Description Managed Address Address SubType Address Interface SubType Interface Number Displays the type of address the management interface uses, such as an IPv4 address. Displays the address support - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 62
GS716Tv2 and GS724Tv3 Software Administration Manual Service address of the port on the remote system from which the data was sent. Identifies the system name associated with the remote device. If the field is blank, the name might not be configured on the remote system. 2. Click Refresh to update - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 63
GS724Tv3 Software Administration Manual 3. To view more information about the remote device, click the link in the MSAP Entry field. A popup window displays information for the selected port. Figure 2-18 4. Click Refresh to refresh the page with the most current data from the switch. Configuring - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 64
GS716Tv2 and GS724Tv3 Software Administration Manual 2-32 v1.0, July 2009 Configuring System Information - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 65
the following features: • "Port Configuration" on page 3-1 • "Flow Control" on page 3-4 Port Configuration Use the Port Configuration page to configure the physical interfaces on the switch. To access the Port Configuration page: 1. Click Switching Ports Port Configuration in the navigation tree - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 66
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 3-1 Table 3-1. Port Configuration Fields Field Port Description Port Type Admin Mode Port Speed Description Select the port from the menu to display or configure data for that port. If you select All, the changes you make to the Port - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 67
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-1. Port Configuration Fields (continued) Field Auto Power Down Mode Short Cable Mode Physical Status Link Status Link Trap Maximum Frame Size MAC Address PortList Bit Offset ifIndex Description Use the menu to select the port's Green - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 68
GS716Tv2 and GS724Tv3 Software Administration Manual Flow Control IEEE 802.3x flow control Table 3-2. Switch Flow Control Configuration Fields Field Description Global Flow Control (IEEE 802.3x) Mode Enables or disables IEEE 802.3x flow control on the system. The factory default is disabled. - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 69
GS716Tv2 and GS724Tv3 Software Administration Manual a LAG. The LAG by default becomes a member of the management switch treats the LAG as if it were a single link. To access the LAG Configuration page: 1. Click Switching LAG Basic LAG Configuration in the navigation tree. Configuring Switching - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 70
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 3-3 Table 3-3. LAG (Port Channel) Configuration Fields Field LAG Name Description LAG ID Link Trap Admin want to have a trap sent when link status changes. The factory default is Disable. Select Enable or Disable from the menu. When the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 71
GS716Tv2 and GS724Tv3 Software Administration Manual 2. Click Add to update the switch with the values on this screen. 3. To remove a configured LAG (port channel), select it and click Delete. All ports that were members of this LAG are removed from the LAG and included in the default VLAN. 4. Click - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 72
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-4. LAG Membership Fields (continued) Field Port Selection Table Current Members Description Select the ports as members of this LAG. Displays the LAGs on the current channel. 2. Click Cancel to cancel the configuration on the screen - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 73
GS716Tv2 and GS724Tv3 Software Administration Manual 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 4. If you make any changes to this page, click Apply to send the updated configuration to the switch. Configuration - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 74
GS716Tv2 and GS724Tv3 Software Administration Manual Managing VLANs Adding Virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2 header, which is fast, and like a router, it - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 75
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Switching VLAN Basic VLAN Configuration in the navigation tree. Figure 3-7 Table 3-7. VLAN Configuration Fields Field Description VLAN ID VLAN Name Specify the VLAN Identifier for the new VLAN. (You can only enter data in this - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 76
GS716Tv2 and GS724Tv3 Software Administration Manual 5. If you make any changes to this page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. VLAN Membership Configuration Use this page to configure VLAN Port Membership for a particular - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 77
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 3-9 3. To change the VLAN tagging for one or more ports, click each port to make traffic forwarded by the interface tagged (T) or untagged (U). Table 3-8. VLAN Membership Configuration Fields Field VLAN ID Group Operation VLAN Name - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 78
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-8. VLAN Membership Configuration Fields (continued) Field Untagged/Tagged Port Members VLAN Type Description Click Untagged Port Members or Tagged Port Members to see the port list and use - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 79
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 3-10 Table 3-9. Port VLAN ID Configuration Fields Field Interface Port VLAN ID (PVID) Acceptable Frame Types Description Select the physical interface for which you want to display or configure data. Specify the range of Port VLAN IDs - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 80
VLAN standard. The factory default is disable. Specify the default 802.1p priority assigned to untagged packets arriving at the port. Possible values are 0-7. 2. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 3. If you make - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 81
GS716Tv2 and GS724Tv3 Software Administration Manual Note: For two bridges to be in the same region, the force version should be 802.1s and their configuration name, digest key, and revision level should match. For additional information about regions and their effect on network topology, refer to - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 82
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 3-11 Table 3-10. Spanning Tree Switch Configuration/Status Fields Field Spanning Tree State STP Operation Mode Configuration Name Configuration Revision Level Configuration Digest Key BPDU Flooding Bridge Identifier Description Enables - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 83
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-10. Spanning Tree Switch Configuration/Status Fields (continued) Field Time Since Topology Change Topology Change Count Topology Change Designated Root Root Path Cost Root Port Max Age (secs) Forward Delay ( - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 84
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 3-12 Table 3-11. Spanning Tree CST Configuration/Status Fields Field Bridge Priority Bridge Max Age (secs) Bridge Hello Time (secs) Description When switches it will be set to 0. The default priority is 32768. Specifies the bridge - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 85
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-11. Spanning Tree CST Configuration/Status Fields (continued) Field Bridge Forward Delay (secs) Spanning Tree Maximum Hops Description Specifies the switch forward delay time, which indicates the amount of time in seconds a bridge - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 86
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 3-13 Table 3-13. Spanning Tree CST Port Configuration Edge Port with the CST. Possible values are Enable or Disable. The default is Disable. The Forwarding state of this port. Set the Path Cost July 2009 Configuring Switching Information - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 87
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-13. Spanning Tree CST Port Configuration/Status Fields (continued) Field Port ID Hello Timer Description The port identifier for the specified port within the CST. It is made up from the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 88
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-14. Spanning Tree CST Port Status Fields Field Description Interface Port Role Designated Root Designated Cost Designated Bridge Designated Port Select a physical or port channel interface to configure. The port is associated with the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 89
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click SwitchingSTPAdvanced RSTP in the navigation tree. Forwarding State of this port. 2. Click Refresh to update the information on the screen with the most current data. Configuring Switching Information v1.0, July 2009 3-25 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 90
GS716Tv2 and GS724Tv3 Software Administration Manual MST Configuration Use the Spanning Tree MST Configuration page to configure Multiple Spanning Tree (MST) on the switch. To display the Spanning Tree MST Configuration page: 1. Click SwitchingSTPAdvanced MST Configuration in the navigation - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 91
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-16. Spanning Tree MST Configuration (continued) Field Description VLAN ID This gives a list box of all VLANs on the switch made up from the bridge priority and the base MAC address of the bridge. Root Path Cost Displays the path cost - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 92
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Switching STP Advanced MST Port Configuration in the navigation tree. Figure 3-17 and Figure 3-18 show the left and right portions of the Web page. Figure 3-17 Figure 3-18 Note: If no MST instances have been configured on the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 93
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 3-19 Table 3-17. Spanning Tree MST Port Status Fields Field Select MST Administrative Mode associated with the port or port channel. Possible values are Enable or Disable. Configuring Switching Information v1.0, July 2009 3-29 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 94
GS716Tv2 and GS724Tv3 Software Administration Manual and the base MAC address of the bridge. Displays configuration on the screen and reset the data on the screen to the latest value of the switch. 3. Click Refresh to update the screen with the latest MST information. 4. If you make any configuration - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 95
GS716Tv2 and GS724Tv3 Software Administration Manual STP Statistics Use the Spanning Tree Statistics page to view information about the number and type of bridge protocol data units (BPDUs) transmitted and received on each port. To display the Spanning Tree Statistics page: 1. Click Switching STP - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 96
GS716Tv2 and GS724Tv3 Software Administration Manual Configuring IGMP Snooping Internet Group Management Protocol (IGMP) Snooping is a feature that allows a switch to forward multicast traffic intelligently on the switch. Multicast IP traffic is traffic that is destined to a host group. Host groups - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 97
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Switching Multicast IGMP Snooping IGMP Snooping Configuration in the navigation tree. Figure 3-21 Table 3-19. IGMP Snooping Configuration Fields Field Description IGMP Snooping Status Select the administrative mode for IGMP - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 98
GS716Tv2 and GS724Tv3 Software Administration Manual 2. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 3. If you make any configuration changes, click Apply to apply the new settings to the switch. Configuration changes take - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 99
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-20. IGMP Snooping Interface Configuration Fields (continued) Field Host Timeout Max Response Time MRouter Timeout Fast Leave Admin Mode Description Specify the amount of time you want the switch to wait for a report for a particular - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 100
GS716Tv2 and GS724Tv3 Software Administration Manual • "IGMP Snooping Table" on page 3-36 • "MFDB Table" on page 3-37 • "MFDB Statistics" on page 3-39 • "IGMP Snooping VLAN Configuration Fields Field MAC Address VLAN ID Description A multicast MAC address for which the switch has forwarding and/or - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 101
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-21. IGMP Snooping Table Fields (continued) Field Type Description Interface Description This displays the type of the entry. Static entries are those that are configured by the end user. Dynamic entries are added to the table as a - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 102
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 3-24 Table 3-22. MFDB Table Fields Field MAC Address VLAN ID Component Type Description Description The MAC Address to which the multicast MAC address is related. To search by MAC address, enter the address with the MFDB table entry you - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 103
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-22. MFDB Table Fields (continued) Field Interface Forwarding Interfaces Description The list of interfaces that are designated for forwarding (Fwd) and filtering (Flt) for the selected address. The resultant forwarding list is derived - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 104
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-23. Multicast Forwarding Database Statistics Fields Field Description Max MFDB Table Entries Most MFDB Entries Since Last Reset Shows the maximum number of entries that the Multicast Forwarding Database table can hold. The largest - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 105
GS716Tv2 and GS724Tv3 Software Administration Manual To access the IGMP Snooping VLAN Configuration page: 1. Click Switching Multicast IGMP Snooping IGMP Snooping VLAN Configuration in the navigation tree. Figure 3-26 Table 3-24. IGMP Snooping VLAN Configuration Fields Field VLAN ID Fast - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 106
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-24. IGMP Snooping VLAN Configuration Fields (continued) Field Maximum Response Time MRouter Timeout Query Mode Query Interval Description Enter the amount of time in seconds that a switch will wait after sending a query on an interface - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 107
GS716Tv2 and GS724Tv3 Software Administration Manual IGMP Snooping Querier Configuration Use this page to enable or disable the IGMP Snooping Querier feature, specify the IP address of the router to perform the querying, and configure the related parameters. To access this page: 1. Click Switching - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 108
GS716Tv2 and GS724Tv3 Software Administration Manual 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 4. If you configure an IGMP snooping querier, click Apply to apply the new settings to the switch. Configuration changes - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 109
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-26. IGMP Snooping Querier VLAN Configuration in which the least IP address operates as the querier in that the configuration on the screen and reset the data on the screen to the latest value of the switch. 5. If you configure a - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 110
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Switching Multicast IGMP Snooping Querier Querier VLAN Status in the navigation tree. Figure 3-29 Table 3-27. IGMP Snooping Querier VLAN Status Fields Field VLAN ID Operational State Operational Version Last Querier Address - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 111
GS716Tv2 and GS724Tv3 Software Administration Manual Table 3-27. IGMP Snooping Querier VLAN Status Fields (continued) Field Description Last Querier Version Displays the IGMP protocol version of the last querier from which a - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 112
GS716Tv2 and GS724Tv3 Software Administration Manual • Interface: Select Interface from the menu, enter the interface ID in g1, g2... format, then, click Go. If any entries with learned on that interface exist, they are displayed. Figure 3-30 Table 3-28. MAC Address Table Fields Field - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 113
GS716Tv2 and GS724Tv3 Software Administration Manual 4. Click Refresh to redisplay the page to show the latest MAC Addresses. 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Dynamic Address Configuration Use the Advanced - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 114
GS716Tv2 and GS724Tv3 Software Administration Manual Note: IEEE 802.1d recommends a default of 300 seconds, which is the factory default. 2. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 3. Click Apply to apply to send the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 115
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 3-32 Table 3-30. MAC Address Table Fields Field Description VLAN ID MAC Address Interface The VLAN ID associated with the MAC Address. A unicast MAC Address for which the switch has forwarding and/or filtering information. The MAC - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 116
GS716Tv2 and GS724Tv3 Software Administration Manual 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Static MAC Address Use the Static MAC Address Configuration page to view static MAC addresses configured on an interface. - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 117
GS716Tv2 and GS724Tv3 Software Administration Manual 4. After you enter the MAC address and VLAN ID of the statically configured MAC address to delete, click Delete to remove the MAC address from the port and apply the new settings to the system. The screen refreshes, and the MAC address no longer - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 118
GS716Tv2 and GS724Tv3 Software Administration Manual 3-54 v1.0, July 2009 Configuring Switching Information - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 119
subsections: • "Configuring Class of Service" on page 4-1 In a typical switch, each physical port consists of one or more queues for transmitting packets on the attached network. Multiple queues per port are often provided to give preference to certain packets over others based on user-defined - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 120
GS716Tv2 and GS724Tv3 Software Administration Manual • "Interface Queue Configuration" on page 4-5 • "802.1p to Queue Mapping" on page 4-6 • "DSCP to Queue Mapping" on page 4-7 Basic CoS Configuration Use the Trust Mode Configuration page to set the class of service trust mode of an interface. Each - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 121
GS716Tv2 and GS724Tv3 Software Administration Manual Table 4-1. Basic CoS Configuration Fields Field Description Global Global Trust Mode Interface Select the Global option to apply the same trust mode to all CoS configurable interfaces. Specifies whether or not all interfaces trust a - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 122
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 4-2 Table 4-2. Interface Configuration Fields Field Description Interface Indicates the interface to be affected by the Interface Shaping Rate. Select the check box in the heading row to apply a - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 123
GS716Tv2 and GS724Tv3 Software Administration Manual Interface Queue Configuration Use the Interface Queue Configuration page to define what a particular queue does by configuring switch egress queues. User-configurable parameters control the amount of bandwidth used by the queue, the queue depth - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 124
GS716Tv2 and GS724Tv3 Software Administration Manual Table 4-3. Interface Queue Configuration Fields (continued) Field Minimum user to create the desired service characteristics for different types of traffic. • Weighted: Weighted round robin associates a weight to each queue. This is the default - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 125
GS716Tv2 and GS724Tv3 Software Administration Manual Table 4-4. Current 802.1p Priority Mapping Table Fields Field Description Global Interface Select the Global option to apply the same 802.1p priority mapping to all CoS configurable interfaces. The menu contains all CoS configurable - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 126
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click the QoS CoS tab, and then click the Advanced DSCP to Queue Mapping link. Figure 4-5 Table 4-5. IP DSCP Mapping Configuration the configuration on the screen and reset the data on the screen to the latest value of the switch. 3. - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 127
Access Control Lists" Management Security Settings From the Management Security Settings page, you can configure the login password, Remote Authorization Dial-In User Service (RADIUS) settings, Terminal Access Controller Access Control System (TACACS+) settings, and authentication lists. To - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 128
GS716Tv2 and GS724Tv3 Software Administration Manual Change Password Use the page to change the login password. To display the page: 1. Click Security Management Security User Configuration Change Password in the navigation tree. Figure 5-1 Table 5-1. User Accounts Fields Field Description - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 129
GS716Tv2 and GS724Tv3 Software Administration Manual RADIUS Configuration RADIUS servers provide additional security for networks. The RADIUS server maintains a user database, which contains per-user authentication information. RADIUS servers provide a centralized authentication method for: • Web - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 130
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-2. RADIUS Configuration Fields Field Description Current Server IP Address Shows the IP address of the current server. This field is blank if no servers are configured. If more than one RADIUS servers are configured, the current - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 131
GS716Tv2 and GS724Tv3 Software Administration Manual Server Configuration Use the RADIUS Server Configuration page to view and configure various settings for the current RADIUS server configured on the system. To access the RADIUS Server Configuration page: 1. Click Security Management Security, - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 132
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-3. RADIUS Server Configuration Fields (continued) Field to the server address, and then click Delete. 5. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 6. If you - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 133
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-4. RADIUS Server Statistics Fields default values. 8. Click Refresh to refresh the page with the most current data from the switch. Accounting Server Configuration Use the RADIUS Accounting Server Configuration page to view and configure - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 134
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Security Management Security, and then click the RADIUS Accounting Server Configuration in the navigation tree. Figure 5-4 Table 5-5. RADIUS Accounting Server Configuration Fields Field Description Accounting Server Address Enter - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 135
GS716Tv2 and GS724Tv3 Software Administration Manual To add a RADIUS Accounting server: 1. Enter information about the server into the appropriate fields and click Apply. Table 5-6. RADIUS Accounting Server Fields Field Description Accounting Server Address Displays the IP address of the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 136
GS716Tv2 and GS724Tv3 Software Administration Manual Configuring TACACS+ TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services: • Authentication: Provides authentication during - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 137
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-7. TACACS+ Configuration Fields Field Description Key String is 1-30. 2. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 3. If you make any changes to the page - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 138
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-8. TACACS+ Configuration Fields Field Description TACACS+ Server Server Address Use the list to select the IP address of the TACACS+ server to view or configure. If fewer than five TACACS+ servers are configured on the system, the Add - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 139
IP Address drop down menu, and then click Delete. Authentication List Configuration Use the Authentication List page to configure the default login list. A login list specifies one or more authentication methods to validate switch or port access for the admin user. Note: Admin is the only user - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 140
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-10. Authentication Profile Fields Field Description List Name The switch supports a new login list. 2. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 3. If - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 141
GS716Tv2 and GS724Tv3 Software Administration Manual Configuring Management Access From the Access page, you can configure HTTP and Secure HTTP access to the GS716T and GS724T. You can also configure Access Control Profiles and Access Rules. The Security Access tab contains the following folders: - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 142
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-11. HTTP Configuration Fields Field Description Java Mode This select field is used to Enable or Disable the Web Java Mode. This applies to both secure and un-secure HTTP connections. The currently configured value is shown when the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 143
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 5-10 Table 5-12. Secure HTTP Configuration Fields Field HTTPS Admin Mode SSL Version 3 TLS Version 1 HTTPS Port HTTPS Session Soft Timeout Description Enables or Disables the Administrative Mode of Secure HTTP. The currently configured - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 144
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-12. Secure HTTP Configuration Fields (continued) Field HTTPS of (0-4). The default value is 4. The currently configured value is shown when the Web page is displayed. Certificate Download For the Web server on the switch to accept HTTPS - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 145
download. You may enter up to 32 characters. The factory default is blank. 2. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 3. If you change any of the settings on the page, click Apply to send the updated configuration - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 146
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Security Access, and then click the Access Control Access Profile Configuration link. Figure 5-12 Table 5-14. Access Profile Configuration Fields Field Description Access Profile Name Enter the name of the access profile to be - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 147
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-15. Profile Summary Fields (continued) Field Source IP Address Mask Priority Description Shows the IP Address of the client that may or may not originate management traffic. Shows the subnet mask associated with the IP address. Shows - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 148
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-16. Access Rule Configuration Fields Field Description Rule Type Service Type Select Permit to allow access to the switch administrative pages for traffic that meets the criteria you configure for the rule. Any traffic that does not - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 149
GS716Tv2 and GS724Tv3 Software Administration Manual The 802.1X network has three components: • Authenticators: Specifies the port that is authenticated before permitting system access. • Supplicants: Specifies the host connected to the authenticated port requesting access to the system services. • - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 150
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-17. Port Access Control-Port Configuration Fields Field Description Port Based Authentication Select Enable or Disable 802.1X administrative mode on the switch. State The default is Disable. This feature permits port-based - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 151
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 5-15 Figure 5-16 Managing Device Security v1.0, July 2009 5-25 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 152
moving the interface into unauthorized state. The switch cannot provide authentication services to the client through the interface. This field allows the user to configure the Guest VLAN ID on the interface. The valid range is 0-4093.The default value is 0. Enter 0 to reset the Guest VLAN ID on the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 153
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-18. Port Authentication Port Configuration Fields (continued) Field Description Max EAP Requests Supplicant Timeout (secs) Server Timeout (secs) Control Direction Protocol Version PAE Capabilities Authenticator PAE State This input - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 154
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-18. Port Authentication Port Configuration Fields (continued) Field Backend State EAPOL Flood Mode Description This field displays the current state of the backend authentication state machine. Possible values are as - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 155
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Security Port Authentication Advanced Port Summary in the system access by moving the interface into unauthorized state. The switch cannot provide authentication services to the client through the interface. This field indicates the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 156
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-19. Port Summary Fields (continued) Field Reauthentication Enabled Port Status Description Displays if reauthentication is enabled on the selected port. This is a configurable field. The possible values are 'true' and 'false'. If the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 157
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Security Traffic Control, and then click the MAC Filter MAC Filter Configuration link. Figure 5-18 Table 5-20. Switch Configuration Fields Field MAC Filter VLAN ID MAC Address Source Port Members Destination Port Members - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 158
GS716Tv2 and GS724Tv3 Software Administration Manual 2. To delete a configured MAC Filter, select it from the menu, and then click Delete. 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 4. If you make changes to the page, - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 159
GS716Tv2 and GS724Tv3 Software Administration Manual Storm Control A broadcast storm is the result of an excessive number of broadcast messages simultaneously transmitted across a network by a single port. Forwarded message responses can - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 160
GS716Tv2 and GS724Tv3 Software Administration Manual percent of the total threshold between 0-100%. The default is 5%. Table 5-23. Port Settings Fields Field Description source MAC addresses can be forwarded. All other packets are discarded. To display the Port Security Configuration page: 1. - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 161
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 5-21 Table 5-24. Port Security Configuration Fields Field MAC address. 2. Click Refresh to refresh the page with the most current data from the switch. 3. Click Cancel to cancel the configuration on the screen and reset the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 162
GS716Tv2 and GS724Tv3 Software Administration Manual Dynamic locking implements a 'first arrival' mechanism for Port Security. You specify how many addresses can be learned on the locked port. If the limit has not been reached, then a packet with an unknown source MAC address is learned and - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 163
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-26. Port Security Configuration Fields (continued) Field Max Allowed Dynamically Learned MAC Max Allowed Statically Locked MAC Enable Violation Traps Description Sets the maximum number of dynamically learned MAC addresses on the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 164
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 5-23 Table 5-27. Port Security Settings Fields Field Convert Dynamic Address to Static Description Select the check box to convert a dynamically learned MAC address to a statically locked address. The Dynamic MAC Address entries are - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 165
GS716Tv2 and GS724Tv3 Software Administration Manual To display the Protected Ports Membership page: 1. Click the default state is Unprotected. 2. Click Refresh to refresh the page with the most current data from the switch. 3. Click Cancel to cancel the configuration on the screen and reset the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 166
GS716Tv2 and GS724Tv3 Software Administration Manual You first create an IPv4-based or MAC-based ACL ID. Then, you create a rule and assign it to a unique ACL ID. Next, you define the rules, which can identify protocols, source, and destination IP and MAC addresses, and other packet-matching - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 167
GS716Tv2 and GS724Tv3 Software Administration Manual To display the MAC ACL page: 1. Click Security ACL. The MAC ACL page is under the Basic link. Figure 5-25 The MAC ACL table shows the number of ACLs currently configured in the switch and the maximum number of ACLs that can be configured. The - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 168
GS716Tv2 and GS724Tv3 Software Administration Manual MAC Rules Use the MAC Rules page to define rules for MAC-based ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. A default 'deny all' rule is the last rule of - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 169
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-31. MAC ACL Rule Configuration Fields (continued) Field Assign Queue Match Every CoS Destination MAC Destination MAC Mask EtherType Key EtherType User Value Source MAC Source MAC Mask VLAN Description Specifies the hardware egress queue - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 170
GS716Tv2 and GS724Tv3 Software Administration Manual 3. To delete a rule, select the check box associated with the rule and click Delete. 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 5. To change a rule, select the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 171
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-32. MAC ACL Rule Configuration not specified by the user, a sequence number configuration on the screen and reset the data on the screen to the latest value of the switch. 3. Click Apply to save any changes to the running configuration - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 172
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Security ACL, then click the Basic Binding Table link. Figure 5-28 Table 5-33. MAC ACL Rule Configuration to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 3. To delete - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 173
GS716Tv2 and GS724Tv3 Software Administration Manual IP ACL IP ACLs allow network managers to define traffic classifications. Use the IP ACL Configuration page to add or remove IP-based ACLs. To display the IP ACL page: 1. Click Security ACL, then click the Advanced IP ACL link. Figure 5-29 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 174
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-34. IP ACL Configuration Fields Field Description IP ACL Enter an ACL ID. The ID is an integer in the following range: • 1-99: Creates an IP Standard ACL, which allows you to permit or deny traffic from a source IP address. • 100-199: - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 175
on the screen and reset the data on the screen to the latest value of the switch. 5. If you change any of the settings on the page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. Table 5-35. IP ACL Rule Configuration Fields Field ACL ID - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 176
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-35. IP ACL Rule Configuration Fields (continued) Field Action Assign Queue ID Match Every Source IP Address Source IP Mask Description Selects the ACL forwarding action, which is one of the following: • Permit - Forwards packets which - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 177
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Security ACL, then click the Advanced IP Extended Rules link. Figure 5-31 2. To add an IP ACL rule, select the ACL ID to add the rule to, and then click Add. The Extended ACL Rules configuration page displays as shown in Figure 5-32 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 178
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 5-32 Table 5-36. IP ACL Rule Configuration Fields Field ACL Drops packets which meet the ACL criteria. Specifies the hardware egress queue identifier used to handle all packets matching this IP ACL rule. Valid range of Queue IDs is 0-3. - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 179
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-36. IP ACL Rule Configuration Fields (continued) Field Src IP Address Src IP Mask Src L4 Port Dst IP Address Dst IP Mask Description Requires a packet's source port IP address to match the address listed here. Enter an IP Address in the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 180
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-36. IP ACL Rule Configuration Fields (continued) Field Dst L4 Port Service Type • Destination L4 Port Number: If the destination L4 keyword is Other, enter a user-defined Port ID by which packets are matched to the rule. Select one of - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 181
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 5-33 Table 5-37. IP ACL Binding Configuration Fields Field Description ACL ID Select an existing IP ACL. Direction Sequence Number Port Selection Table Specifies the packet filtering direction for ACL. The only valid direction is - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 182
GS716Tv2 and GS724Tv3 Software Administration Manual IP Binding Table Use the IP Binding Table page to view or delete the IP ACL bindings. To display the IP Binding Table: 1. Click Security ACL, then click the Advanced Binding Table link. Figure 5-34 Table 5-38. IP ACL Binding Table Fields - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 183
Statistics" on page 6-1 • "Viewing Port Statistics" on page 6-4 • "Managing Logs" on page 6-14 • "Configuring Port Mirroring" on page 6-23 Switch Statistics The pages in the Switch Statistics folder contain a variety of information about the number and type of traffic transmitted from and received - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 184
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 6-1 Table 6-1. Switch Statistics Fields Field Description ifIndex This object indicates the ifIndex of the interface table entry associated with the processor of this switch. Octets Received The total number of octets of data - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 185
GS716Tv2 and GS724Tv3 Software Administration Manual Table 6-1. Switch be transmitted to the Broadcast address, including those that were discarded switch were last cleared. 2. Click Clear Counters to clear all the statistics counters, resetting all switch summary and detailed statistics to default - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 186
GS716Tv2 and GS724Tv3 Software Administration Manual Viewing Port Statistics The pages in the Ports folder contain a variety of information about the number and type of traffic transmitted from and received on the switch. • "Port Statistics" on page 6-4 • "Port Detailed Statistics" on page 6-5 • " - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 187
GS716Tv2 and GS724Tv3 Software Administration Manual received that were directed to the broadcast address. This does not include multicast packets. Packets on the switch, select the check box in the row heading and click Clear. The button resets all statistics for all ports to default values. 3. - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 188
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 6-3 Table 6-3. Port Detailed Statistics Fields Field Interface MST ID ifIndex Port Type Description Use the drop down menu to select the interface for which data is to be displayed or configured. Displays the created or existing MSTs. - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 189
GS716Tv2 and GS724Tv3 Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field Port Channel ID Port Role STP Mode STP State Admin or not to send a trap when link status changes. The factory default is enabled: • Enable: Specifies that the system sends a trap - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 190
GS716Tv2 and GS724Tv3 Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field Description Packets RX and TX 64 Octets The total number of packets (including bad packets) received or transmitted - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 191
GS716Tv2 and GS724Tv3 Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field Description received that were directed to a multicast address. This number does not include packets directed to the broadcast address. Broadcast Packets Received The total number of - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 192
GS716Tv2 and GS724Tv3 Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field tree is being modified. Reserved Address Discards The number of frames discarded that are destined to an IEEE 802.1 reserved address and are not supported by the system. Broadcast - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 193
GS716Tv2 and GS724Tv3 Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field total number of packets that higher-level protocols requested be transmitted to the Broadcast address, including those that were discarded or not sent. Total Transmit Errors The - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 194
GS716Tv2 and GS724Tv3 Software Administration Manual Table 6-3. Port Detailed Statistics Fields (continued) Field last cleared. 2. Click Clear to clear all the counters. This resets all statistics for this port to the default values. 3. Click Refresh to refresh the data on the screen and - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 195
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 6-4 Table 6-4. EAP Statistics Fields Field version number attached to the most recently received EAPOL frame. Displays the source MAC Address attached to the most recently received EAPOL frame. Displays the number of unrecognized EAPOL - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 196
GS716Tv2 and GS724Tv3 Software Administration Manual switch, select the check box in the row heading and click Clear. The button resets all statistics for all ports to default Memory Logs" on page 6-14 • "FLASH Log Configuration" on page 6-16 • "Server Log Configuration" on page 6-19 • "Trap Logs" on - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 197
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 6-5 Table 6-5. Memory Log Configuration Fields Field Description Admin Status Determines whether to log messages. • Enable: Enables system logging. • Disable: Prevents the system from logging messages. Behavior Indicates the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 198
GS716Tv2 and GS724Tv3 Software Administration Manual is the 237th message logged. Example user-level message: Aug 24 05 update the page with the latest messages in the log. 4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 199
GS716Tv2 and GS724Tv3 Software Administration Manual • The second log type is the system operation if the startup log is configured, it stores messages up to its limit. The operation log, if configured, then begins to store the messages. Use the FLASH Log Configuration page to enable or disable - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 200
GS716Tv2 and GS724Tv3 Software Administration Manual Table 6-7. FLASH Log Configuration Fields Field Description Admin Status Severity Filter Enable or disable logging by selecting the corresponding check box. The default is Disable. • Enable: A log that is 'Enabled' logs messages. • Disable: A - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 201
GS716Tv2 and GS724Tv3 Software Administration Manual Server Log Configuration Use the Server Log Configuration page to allow the switch to send log messages to the remote logging hosts configured on the system. To access the Server Log Configuration page: 1. Click the Monitoring Logs tab, and then - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 202
GS716Tv2 and GS724Tv3 Software Administration Manual The Server Log Configuration page also contains the Server Configuration table. Table 6-10. Host Configuration Fields Field Description Host Address Status Port Severity Filter Enter the IP address of the host configured for syslog. Shows - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 203
GS716Tv2 and GS724Tv3 Software Administration Manual Trap Logs Use the Trap Logs page to view information about the SNMP traps generated on the switch. To Field Description Number of Traps Since Last Reset The number of traps that have occurred since the switch last reboot. Trap Log Capacity The - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 204
GS716Tv2 and GS724Tv3 Software Administration Manual Table 6-12. Trap Logs Field Description Log The sequence number of this trap. System Up Time The time at which this trap occurred, expressed in days, hours, minutes and seconds since the last reboot of the switch. Trap Information - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 205
GS716Tv2 and GS724Tv3 Software Administration Manual Table 6-13. Event Log Fields Field Description specific ports of the switch. As such, many switch ports are configured as source ports and one switch port is configured as a destination port. You have the ability to configure how traffic is - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 206
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Monitoring Port Mirroring in the navigation menu. Figure 6-10 Table 6-14. Multiple Port Mirroring Fields Field Description Source Port Lists all the ports on the system. Select the check box next to a port to configure it as a - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 207
"Upload File From Switch" on page 7-3 • "Download File To Switch" on page 7-5 • "File Management" on page 7-10 • "Troubleshooting" on page 7-13 Reset The Reset menu contains links to the following options: • "Rebooting the Switch" on page 7-1 • "Reset Configuration to Defaults" on page 7-2 Rebooting - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 208
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Maintenance Reset Device Reboot in the navigation tree. Figure 7-1 2. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 3. Click Apply to send the updated - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 209
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Maintenance Reset Factory Default in the navigation tree. Figure 7-2 2. Click Cancel to cancel the operation on the screen and reset the data on the screen to the latest value of the switch. 3. Click Apply to restore the factory - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 210
GS716Tv2 and GS724Tv3 Software Administration Manual To display the File Upload page: 1. Click Maintenance Upload File Upload in the navigation tree. Figure 7-3 Table 7-1. Upload File from Switch Fields Field File Type Image Name Transfer Mode Server Address Type Server Address Description - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 211
without TFTP server IP address) fields. 4. Click the Start File Transfer check box, and then click Apply. 5. Click Cancel to cancel the operation on the screen and reset the data on the screen to the latest value of the switch. Download File To Switch The switch supports system file downloads from - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 212
GS716Tv2 and GS724Tv3 Software Administration Manual TFTP File Download Use the Download File to Switch page to download device software, the image file, the configuration files and SSL files from a TFTP server to the switch. You can also download files via HTTP. See "HTTP File Download" on page 7-8 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 213
GS716Tv2 and GS724Tv3 Software Administration Manual Table 7-2. Download File to Switch Fields Field File Type Image Name Server Address Type TFTP Server IP Transfer File Path Remote File Name Start File Transfer Description Specify what type of file you want to download to the switch: • Code: - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 214
GS716Tv2 and GS724Tv3 Software Administration Manual Downloading a File to the Switch Before you download a file to the switch, the following conditions must be true: • The file to download from the TFTP server is on the server in the appropriate directory. • The file is in the correct format. • The - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 215
Specify the type of file you want to download: • Code: Choose this option to upgrade the operational software in flash (default). • Text Configuration: Choose this option to update the switch's configuration. If the file has errors the update will be stopped. • SSL Trusted Root Certificate PEM - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 216
GS716Tv2 and GS724Tv3 Software Administration Manual Note: After a file transfer is started, switch restarts. This feature reduces switch down time when upgrading or downgrading the GS716T/GS724T software. The File Management menu contains links to the following options: • "Dual Image Configuration - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 217
GS716Tv2 and GS724Tv3 Software Administration Manual 1. Click Maintenance File Management Dual Image Dual Image Configuration in the navigation menu. Figure 7-6 The Active Image page contains the following fields: Table 7-4. Dual Image Configuration Fields Field Image Name Current Active - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 218
GS716Tv2 and GS724Tv3 Software Administration Manual 6. Click Cancel to cancel the operation on the screen and reset the data on the screen to the latest value of the switch. 7. Click Apply to update the image description on the switch. Viewing the Dual Image Status You can use the Dual Image Status - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 219
to update or change the system images, see "File Management" on page 7-10. Troubleshooting The Troubleshooting menu contains links to the following options: • "Ping" on page 7-13 • "TraceRoute" on page 7-14 Ping Use the Ping page to tell the switch to send a Ping request to a specified IP address - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 220
GS716Tv2 and GS724Tv3 Software Administration Manual Table 7-6. Ping Fields Field IP Address Count Interval Size Ping Description Specify the IP address. Specify the number of pings to send. The valid range is 1-15. Specify the number of seconds between pings sent. The valid range is 1-60. - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 221
GS716Tv2 and GS724Tv3 Software Administration Manual Figure 7-9 Table 7-7. TraceRoute Fields Field IP Address Probes Per Hop MaxTTL InitTTL MaxFail Interval Port Size TraceRoute Definition Specify the IP address screen and reset the data on the screen to the latest value of the switch. 3. Click - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 222
GS716Tv2 and GS724Tv3 Software Administration Manual 7-16 v1.0, July 2009 Maintenance - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 223
Appendix A Hardware Specifications and Default Values GS7xxT Gigabit Smart Switch Specifications The GS7xxT Gigabit Smart Switch conforms to the TCP/IP, UDP, HTTP, ICMP, TFTP, DHCP, IEEE 802.1D, IEEE 802.1p, and IEEE 802.1Q standards. Table A-1. GS7xxT Gigabit Smart Switch Specifications Feature - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 224
GS716Tv2 and GS724Tv3 Software Administration Manual GS7xxTR Gigabit Smart Switch Features and Defaults Table A-3. Port Characteristics Feature Auto negotiation/static speed/ duplex Auto MDI/MDIX 802.3x flow control/back pressure Port mirroring Port trunking (aggregation) 802.1D - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 225
Boot code update DHCP/manual IP System name configuration Configuration save/restore Firmware upgrade Restore defaults Dual image support Factory reset Sets Supported 1 1 1 1 1 1 (Web and front-panel button) 1 1 Default N/A 192.168.0.239 NULL N/A N/A N/A Enabled N/A Hardware Specifications and - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 226
GS716Tv2 and GS724Tv3 Software Administration Manual Table A-8. Other Features Feature Sets Supported IGMP snooping v1/v2 16 on GS716T/ 24 on GS724T (per port) Configurations upload/download 1 EAPoL flooding 16 on GS716T/ 24 on GS724T (per port) BPDU flooding 16 on GS716T/ 24 on GS724T ( - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 227
contains information about how to configure the following features: • " be defined as a broadcast domain. Hubs, bridges, or switches in the same physical segment or segments connect all end of user, or primary application). To enable traffic to flow between VLANs, traffic must go through a router, - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 228
GS716Tv2 and GS724Tv3 Software Administration Manual VLANs have a number of advantages: • It is easy to do network segmentation. Users that communicate most frequently with each other can be grouped into common VLANs, regardless of physical location. Each group's traffic is contained largely within - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 229
GS716Tv2 and GS724Tv3 Software Administration Manual In this example, you create two new VLANs, change the port membership for default VLAN 1, and assign port members to the two new VLANs: 1. In the Basic VLAN Configuration screen (see "VLAN Configuration" on page 3-10), create the following VLANs: - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 230
GS716Tv2 and GS724Tv3 Software Administration Manual Access Control Lists (ACLs) ACLs ensure that only authorized users have access to specific resources while blocking off any unwarranted attempts to reach network resources. ACLs are used to provide traffic flow control, restrict contents - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 231
GS716Tv2 and GS724Tv3 Software Administration Manual of binding an ACL to each port. MAC ACL Example Configuration The following example shows how to create a MAC-based on page 5-40). By default, this ACL will be bound on the inbound direction, which means the switch will examine traffic as it enters - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 232
GS716Tv2 and GS724Tv3 Software Administration Manual 3. From the MAC Binding Configuration screen, assign the Sales_ACL to the interface gigabit ports 6, 7, 8, 9, and 10, and then click Apply (See "MAC Binding Configuration assigned to the hardware egress queue 0, which is the default queue. All - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 233
GS716Tv2 and GS724Tv3 Software Administration Manual 1. From the IP ACL screen, create a new IP ACL with an IP ACL ID of 1 (See "IP ACL" on page 5-47). 2. From the IP Rules screen, create a rule for IP ACL 1 with the following settings: • Rule ID: 1 • Action: Deny • Assign Queue ID: 0 (optional - 0 - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 234
GS716Tv2 and GS724Tv3 Software Administration Manual The IP ACL in this example matches all packets with the source IP address and subnet mask of the Finance department's network and deny it on the Ethernet interfaces 14, 15, 16, 17, 18, 19, and 20 of the switch. The second rule permits all non- - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 235
GS716Tv2 and GS724Tv3 Software Administration Manual The ports of an 802.1X authenticator switch provide the means in which it can offer services to other systems reachable via the LAN. Port-based network access control allows the operation of a switch GS716T/GS724T switches support the Authenticator - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 236
GS716Tv2 and GS724Tv3 Software Administration Manual Supplicant Authenticator Switch Authentication Server (RADIUS) 192.168.10.23 Supplicant Figure B-2 802.1X Example Configuration This example shows how to configure the switch so that 802.1X-based authentication is required on the ports in a - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 237
GS716Tv2 and GS724Tv3 Software Administration Manual This example uses the default values for the port authentication settings, but there are several additional settings that you can configure. For example, the EAPOL Flood Mode field allows you to enable the forwarding of EAPoL frames when 802.1X is - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 238
GS716Tv2 and GS724Tv3 Software Administration Manual single Common and Internal Spanning Tree (CIST). The CIST supports the automatic determination of each MST region, choosing its they use STP, RSTP or MSTP, send information in configuration messages via Bridge Protocol Data Units (BPDUs) to assign - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 239
GS716Tv2 and GS724Tv3 Software Administration Manual To support multiple spanning trees, a MSTP bridge has to be configured with an unambiguous Configuration This example shows how to create an MSTP instance from the GS716T/GS724T switch. The example network has three different GS716T/GS724T switches - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 240
GS716Tv2 and GS724Tv3 Software Administration Manual Ports g1-g5 Connected to Hosts Ports g1-g5 Connected to Hosts Ports g6-g10 Connected to Switch 2 and 3 Switch 1 Root Bridge Ports g6-g10 Connected to Switch 1 and 2 Ports g6-g10 Connected to Switch 1 and 3 Switch 2 Ports g1-g5 Connected to - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 241
GS716Tv2 and GS724Tv3 Software Administration Manual Note: Bridge priority values are multiples of 4096. If you do not specify a root bridge and all switches have the same Bridge Priority value, the switch with the lowest MAC address is elected as the root bridge (see "CST Configuration" on page 3- - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 242
GS716Tv2 and GS724Tv3 Software Administration Manual also have hosts in the Sales and HR departments. The hosts connected from Switch 2 use VLAN 500, MST instance 2 to communicate with the hosts on Switch 3 directly. Likewise, hosts of Switch 1 use VLAN 300, MST instance 1 to communicate with the - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 243
GS716Tv2 and GS724Tv3 Software Administration Manual Index A Alert 6-18, 6-20 authentication enable 1-15 C Certificate 5-18 Changing the password 5-2 Configuration 802.1X 5-23 Access Control Lists 5-39 Access Profile 5-19 Access Rule 5-21 Authentication List 5-13 Community 2-17 CoS 4-2 Dual Image - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 244
GS716Tv2 and GS724Tv3 Software Administration Manual Dual Image Status 7-12 E EAP 6-12 EAPOL 6-13 Emergency 6-18, 6-20 Error 6-18, 6-20 F file management 7-10 firmware upgrade 1-7 G getting started 1-1 Green Ethernet 2-15 H Help HTML-based 1-12 HTML 1-11 HTTP 5-15 over an encrypted Secure Sockets - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 245
GS716Tv2 and GS724Tv3 Software Administration Manual P password change 5-2 login 5-2 new 5-2 reset 5-2 Ping 7-13 port authentication 5-22 summary 5-28 Profiles 5-13 Q QoS 4-1 802.1p to Queue Mapping 4-6 R RADIUS 5-1 authentication port 5-8 authentication server 5-6 server 5-3 registering 1-ii Reset - Netgear GS716Tv2 | GS716Tv2/GS724Tv3 Software Admin Manual - Page 246
GS716Tv2 and GS724Tv3 Software Administration Manual Local 2-6 UTC 2-7 Zone 2-6 Time Zone 2-8 TraceRoute 7-14 Traffic Control 5-30 Trap Flags 2-20 Manager 2-20 U Unicast 2-5 upload a file 7-5 upload configuration 7-3 V VLAN 3-10 ID 3-10 managing 3-10 Port VLAN ID 3-14 W Warning 6-18, 6-20 Web
-
1 -
2 -
3 -
4 -
5 -
6 -
7 -
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
 |
 |
202-10484-01
July 2009
NETGEAR
, Inc.
350 E. Plumeria Drive
San Jose CA 95134 USA
GS716Tv2 and GS724Tv3
Software Administration
Manual