ZyXEL ES3500-24 User Guide
ZyXEL ES3500-24 Manual
 |
View all ZyXEL ES3500-24 manuals
Add to My Manuals
Save this manual to your list of manuals |
ZyXEL ES3500-24 manual content summary:
- ZyXEL ES3500-24 | User Guide - Page 1
ES3500 Series Intelligent L2 switch Version 4.00 Edition 3, 06/2012 Quick Start Guide User's Guide Default Login Details LAN IP Address http://192.168.1.1 User Name admin Passwordwww.zyxel.com 1234 Copyright © 2012 ZyXEL Communications Corporation - ZyXEL ES3500-24 | User Guide - Page 2
in your product firmware or your computer operating system. Every effort has been made to ensure that the information in this manual is accurate. Related Documentation • CLI Reference Guide The CLI Reference Guide explains how to use the Command-Line Interface (CLI) to configure the Switch. Note: It - ZyXEL ES3500-24 | User Guide - Page 3
Contents Overview Contents Overview User's Guide ...17 Getting to Know Your Switch ...19 Hardware Installation and Connection 25 ...172 Queuing Method ...177 VLAN Stacking ...180 Multicast ...187 AAA ...202 IP Source Guard ...215 Loop Guard ...234 VLAN Mapping ...238 Layer 2 Protocol Tunneling - ZyXEL ES3500-24 | User Guide - Page 4
Contents Overview Differentiated Services ...270 DHCP ...278 Maintenance ...285 Access Control ...292 Diagnostic ...317 Syslog ...318 Cluster Management ...321 MAC Table ...327 ARP Table ...330 Configure Clone ...332 Troubleshooting ...335 4 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 5
of Contents ...5 Part I: User's Guide 17 Chapter 1 Getting to Know Your Switch 19 1.1 Introduction ...19 1.1.1 Backbone Application 19 1.1.2 Bridging Example ...20 1.1.3 High Performance Switching Example 20 1.1.4 IEEE 802.1Q VLAN Application Examples 21 1.1.5 IPv6 Support ...22 1.2 Ways to - ZyXEL ES3500-24 | User Guide - Page 6
49 5.2 Configuring Switch Management IP Address 50 Chapter 6 Tutorials ...52 6.1 How to Use DHCP Snooping on the Switch 52 6.2 How to Use DHCP Relay on the Switch 55 6.2.1 DHCP Relay Tutorial Introduction 56 6.2.2 Creating a VLAN ...56 6.2.3 Configuring DHCP Relay 58 6.2.4 Troubleshooting ...59 - ZyXEL ES3500-24 | User Guide - Page 7
to VLANs ...87 8.4.1 Smart Isolation ...88 8.5 Switch Setup ...89 8.6 IP Setup ...91 8.6.1 Management IP Addresses 91 8.7 Port Setup ...93 8.8 PoE Based VLANs ...109 9.9 Configuring Protocol Based VLAN 110 9.10 Create an IP-based VLAN Example 111 9.11 Port-based VLAN Setup 112 9.11.1 Configure - ZyXEL ES3500-24 | User Guide - Page 8
.2 Bandwidth Control Setup 143 Chapter 15 Broadcast Storm Control ...145 15.1 Broadcast Storm Control Setup 145 Chapter 16 Mirroring ...147 16.1 Port Mirroring Setup ...147 8 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 9
Per-Hop Behavior 172 21.2 Configuring Policy Rules 172 21.3 Viewing and Editing Policy Configuration 175 21.4 Policy Example ...176 Chapter 22 Queuing Method ...177 ES3500 Series User's Guide 9 - ZyXEL ES3500-24 | User Guide - Page 10
184 23.4.2 Selective Q-in-Q ...185 Chapter 24 Multicast ...187 24.1 Multicast Overview ...187 24.1.1 IP Multicast Addresses 187 24.1.2 IGMP Filtering ...187 24.1.3 IGMP Snooping ...187 24.1.4 IGMP Snooping and 25.2 AAA Screens ...203 25.2.1 RADIUS Server Setup 203 10 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 11
25.3 Supported RADIUS Attributes 211 25.3.1 Attributes Used for Authentication 212 25.3.2 Attributes Used for Accounting 212 Chapter 26 IP Source Guard...215 26.1 IP Source Guard Layer-2 Protocol Tunneling Mode 243 29.2 Configuring Layer 2 Protocol Tunneling 244 ES3500 Series User's Guide 11 - ZyXEL ES3500-24 | User Guide - Page 12
.1 Green Ethernet Overview 265 34.2 Configuring Green Ethernet 266 Chapter 35 Static Route ...267 35.1 Static Routing Overview 267 35.2 Configuring Static Routing 268 12 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 13
Firmware Upgrade ...287 38.6 Restore a Configuration File 288 38.7 Backup a Configuration File 288 38.8 FTP Command Line ...289 38.8.1 Filename Conventions 289 38.8.2 FTP Command Line Procedure 290 38.8.3 GUI-based FTP Clients 290 38.8.4 FTP Restrictions ...290 ES3500 Series User's Guide 13 - ZyXEL ES3500-24 | User Guide - Page 14
292 39.3.1 SNMP v3 and Security 293 39.3.2 Supported MIBs ...294 39.3.3 SNMP Traps ...294 39 .9.3 The Main Screen ...313 39.10 Service Port Access Control 314 39.11 Remote Switch Management 323 42.3 Clustering Management Configuration 325 Chapter 43 MAC Table ...327 14 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 15
Clone ...332 Chapter 46 Troubleshooting...335 46.1 Power, Hardware Connections, and LEDs 335 46.2 Switch Access and Login 337 46.3 Switch Configuration ...339 Appendix A Common Services 341 Appendix B Legal Information 345 Safety Warnings...348 Index ...351 ES3500 Series User's Guide 15 - ZyXEL ES3500-24 | User Guide - Page 16
Table of Contents 16 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 17
PART I User's Guide 17 - ZyXEL ES3500-24 | User Guide - Page 18
18 - ZyXEL ES3500-24 | User Guide - Page 19
Switch. 1.1 Introduction The Switch is a layer-2 standalone Ethernet switch. There are three models of the Switch. Table 1 Switch models and features MODEL ES3500-24 DISTINGUISHING FEATURES 24 10/100 Ethernet ports ES3500-24HP PoE switch All 10 ports support Green Ethernet to reduce switch - ZyXEL ES3500-24 | User Guide - Page 20
switches, routers, computers, print servers etc. Figure 1 Backbone Application 1.1.2 Bridging Example In this example, the Switch -GBIC port on the Switch. Moreover, the Switch eases supervision and maintenance Application 1.1.3 High Performance Switching Example The Switch is ideal for connecting - ZyXEL ES3500-24 | User Guide - Page 21
be retained as all ports can freely communicate with each other. Figure 3 High Performance Switched Workgroup Application 1.1.4 IEEE 802.1Q VLAN Application Examples A VLAN (Virtual Local Area Network) time by adding, moving or changing ports without any re-cabling. ES3500 Series User's Guide 21 - ZyXEL ES3500-24 | User Guide - Page 22
of the Switch using a (supported) web browser. See Chapter 4 on page 37. • Command Line Interface. Line commands offer an alternative to the web configurator and in some cases are necessary to configure advanced features. See the CLI Reference Guide. • FTP. Use FTP for firmware upgrades and - ZyXEL ES3500-24 | User Guide - Page 23
1.3 Good Habits for Managing the Switch Do the following things regularly to make the Switch more secure and to manage the Switch more effectively. • Change the password your password, you will have to reset the Switch to its factory default settings. If you backed up an earlier configuration file, you - ZyXEL ES3500-24 | User Guide - Page 24
Chapter 1 Getting to Know Your Switch 24 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 25
Scenarios MODEL MOUNTING TYPE ES3500-24 19" rack-mounted ES3500-24HP 19" rack-mounted ES3500-8PD Desktop (rack-mountable) Note: For proper ventilation, allow at least 4 inches (10 cm) of clearance at the front and 3.4 inches (8 cm) at the back of the Switch. This is especially important - ZyXEL ES3500-24 | User Guide - Page 26
screwdriver, install the M3 flat head screws through the mounting bracket holes into the Switch. 3 Repeat steps 1 and 2 to install the second mounting bracket on the other side of the Switch. 4 You may now mount the Switch on a rack. Proceed to the next section. 26 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 27
) Figure 8 Mounting the Switch on a Rack (desktop models) 2 Using a #2 Philips screwdriver, install the M5 flat head screws through the mounting bracket holes into the rack. 3 Repeat steps 1 and 2 to attach the second mounting bracket on the other side of the rack. ES3500 Series User's Guide 27 - ZyXEL ES3500-24 | User Guide - Page 28
panels of the Switch. Figure 9 ES3500-24 Front Panel LEDs Dual-personality Interfaces Ethernet Ports Figure 10 ES3500-24 Rear Panel Figure 11 ES3500-24HP Front Panel LEDs Console Port AC Power Connection Dual-personality Interfaces Ethernet Ports Console Port ES3500 Series User's Guide 28 - ZyXEL ES3500-24 | User Guide - Page 29
ES3500-24HP Rear Panel Chapter 3 Hardware Overview Figure 13 ES3500-8PD Front Panel LEDs Dual-personality Interfaces AC Power Connection Ethernet Ports PoE In Console Port Figure 14 ES3500 backbone Ethernet switches. Console Port The console port is for local configuration of the Switch. AC - ZyXEL ES3500-24 | User Guide - Page 30
not support autonegotiation or turns off this feature, the Switch Default Ethernet Negotiation Settings The factory default negotiation settings for the Gigabit ports on the Switch are: • Speed: Auto • Duplex: Auto • Flow control: Off • Link Aggregation: Disabled 30 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 31
both computers and switches/hubs. 3.1.3 Transceiver transmitter and a receiver. The Switch does not come with transceivers Switch is operating. You can use different transceivers to connect to Ethernet switches it clicks into place. 3 The Switch automatically detects the installed transceiver. Check - ZyXEL ES3500-24 | User Guide - Page 32
transceiver out of the slot. Figure 17 Removing the Fiber Optic Cables Figure 18 Opening the Transceiver's Latch Example Figure 19 Transceiver Removal Example 32 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 33
After you connect the power to the Switch, view the LEDs to ensure proper functioning of the Switch and as an aid in troubleshooting. Table 4 ES3500-24 LED Descriptions LED COLOR STATUS DESCRIPTION data. 1000Base-T Ethernet Ports (in Dual-personality Interface) ES3500 Series User's Guide 33 - ZyXEL ES3500-24 | User Guide - Page 34
in full-duplex mode. Off The Gigabit port is negotiating in half-duplex mode. Table 5 ES3500-24HP LED Descriptions LED COLOR STATUS DESCRIPTION PWR Green On The system is turned on. Off The system . 1000Base-T Ethernet Ports (in Dual-personality Interface) 34 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 35
Chapter 3 Hardware Overview Table 5 ES3500-24HP LED Descriptions (continued) LED COLOR STATUS DESCRIPTION LNK/ACT Green Blinking The system is transmitting/receiving Off This port is receiving power over Ethernet. This port is not receiving power over Ethernet. ES3500 Series User's Guide 35 - ZyXEL ES3500-24 | User Guide - Page 36
Chapter 3 Hardware Overview 36 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 37
(enabled by default). • Java permissions (enabled by default). 4.2 System Login 1 Start your web browser. 2 Type "http://" and the IP address of the Switch (for example, the default management IP address is 192.168.1.1) in the Location or Address field. Press [ENTER]. ES3500 Series User's Guide 37 - ZyXEL ES3500-24 | User Guide - Page 38
The login screen appears. The default username is admin and associated default password is 1234. The date and time display as shown if you have not configured a time server nor manually entered a time and date screen that displays when you access the web configurator. 38 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 39
Switch's nonvolatile memory. Nonvolatile memory is saved in the configuration file from which the Switch booted from and it stays the same even if the Switch configuration file. C - Click this link to go to the status page of the Switch. D - Click this link to log out of the web configurator. E - - ZyXEL ES3500-24 | User Guide - Page 40
where you can configure the management IP address, subnet mask (necessary for Switch management) and DNS (domain name server). Port Setup This link takes you to screens where you can configure speed, flow control and priority settings for individual Switch ports. 40 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 41
configure the Switch to supply configured in the Switch Setup menu). You communicating via the Switch. Port Security the Switch to group packets configure the Switch to perform services via Service) or TACACS+ (Terminal Access Controller Access-Control System Plus). IP the Switch. Layer 2 Protocol - ZyXEL ES3500-24 | User Guide - Page 42
Switch. PPPoE This link takes you to screens where you can configure how the Switch Switch to reduce port power consumption. See Chapter 34 on page 266 for more details. IP Switch should forward traffic by configuring the TCP/IP parameters manually firmware address - IP address resolution table. - ZyXEL ES3500-24 | User Guide - Page 43
(managing through the data ports) if you do one of the following: 1 Delete the management VLAN (default is VLAN 1). 2 Delete all port-based VLANs with the CPU port as a member. The "CPU port" is the management port of the Switch. 3 Filter all traffic to the CPU port. ES3500 Series User's Guide 43 - ZyXEL ES3500-24 | User Guide - Page 44
password and/or IP address. 7 Prevent all services from accessing the Switch. 8 Change a service port number but forget it. Note: Be careful not to lock yourself and others out of the Switch. If you upload" message before activating XMODEM upload on your terminal. 44 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 45
Version: ES3500-24_4.00(AABR.0) | 11/01/2011 14:14:51 Press any key to enter debug mode within 3 seconds Enter Debug Mode ras> atlc Starting XMODEM upload (CRC mode).... CCCCCCCCCCCCCCCC Total 393216 bytes received. Erasing OK ras> atgo The Switch is now reinitialized with a default configuration - ZyXEL ES3500-24 | User Guide - Page 46
Chapter 4 The Web Configurator 46 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 47
steps for the initial setup: • Create a VLAN • Set port VLAN ID • Configure the Switch IP management address 5.1.1 Creating a VLAN VLANs confine broadcast frames to the VLAN group in which the port as a member of VLAN 2. Figure 25 Initial Setup Network Example: VLAN ES3500 Series User's Guide 47 - ZyXEL ES3500-24 | User Guide - Page 48
the Switch, select Fixed to configure port 1 to be a permanent member of the VLAN only. 4 To ensure that VLAN-unaware devices (such as computers and hubs) can receive frames properly, clear the TX Tagging check box to set the Switch to remove VLAN tags before sending. 48 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 49
to save the settings to the run-time memory. Settings in the run-time memory are lost when the Switch's power is turned off. 5.1.2 Setting Port VID Use PVID to add a tag to incoming untagged frames in the run-time memory are lost when the Switch's power is turned off. ES3500 Series User's Guide 49 - ZyXEL ES3500-24 | User Guide - Page 50
enter 192.168.1.1 (the default management IP address) in the address bar to access the web configurator. See Section 4.7 on page 45 for more information. 3 Click Basic Setting > IP Setup in the navigation panel. 4 Configure the related fields in the IP Setup screen. 50 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 51
and 255.255.255.0 as the subnet mask. 6 In the VID field, enter the ID of the VLAN group to which you want this management IP address to belong. This is the same as the VLAN ID you configure in the Static VLAN screen. 7 Click Add to save your changes back - ZyXEL ES3500-24 | User Guide - Page 52
Client (B) 6 DHCP Client (C) 7 VLAN 1 and 100 1 and 100 1 and 100 PVID 100 100 100 DHCP SNOOPING PORT TRUSTED Yes No No 1 Access the Switch through http://192.168.1.1. Log into the Switch by entering the username (default: admin) and password (default: 1234). ES3500 Series User's Guide 52 - ZyXEL ES3500-24 | User Guide - Page 53
> VLAN Port Setting, and set the PVID of the ports 5, 6 and 7 to 100. This tags untagged incoming frames on ports 5, 6 and 7 with the tag 100. ES3500 Series User's Guide 53 - ZyXEL ES3500-24 | User Guide - Page 54
Chapter 6 Tutorials 4 Go to Advanced Application > IP Source Guard > DHCP snooping > Configure, activate and specify VLAN 100 as the DHCP VLAN as shown. Click connected to port 5. Keep ports 6 and 7 Untrusted because they are connected to DHCP clients. Click Apply. 54 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 55
Port ----- 7 6.2 How to Use DHCP Relay on the Switch This tutorial describes how to configure your Switch to forward DHCP client requests to a specific DHCP server. The DHCP server can then assign a specific IP address based on the information in the DHCP requests. ES3500 Series User's Guide 55 - ZyXEL ES3500-24 | User Guide - Page 56
and want to have it assign a specific IP address (say 172.16.1.18) and gateway number in the DHCP request. Client A connects to the Switch's port 2 in VLAN 102. DHCP Server 192.168.2.3 configurator through the Switch's port which is not in VLAN 102. 2 Go to Basic Setting > Switch Setup and set - ZyXEL ES3500-24 | User Guide - Page 57
permanent member of this VLAN. 6 Clear the TX Tagging check box to set the Switch to remove VLAN tags before sending. 7 Click Add to save the settings to the run-time memory. Settings in the run-time memory are lost when the Switch's power is turned off. 8 Click the VLAN Status link in the Static - ZyXEL ES3500-24 | User Guide - Page 58
IP Application > DHCP and then the Global link to open the DHCP Relay screen. 2 Select the Active check box. 3 Enter the DHCP server's IP address (192.168.2.3 in this example) in the Remote DHCP Server 1 field. 4 Select the Option 82 and the Information check boxes. 58 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 59
permanently. 7 The DHCP server can then assign a specific IP address based on the DHCP request. 6.2.4 Troubleshooting Check the client A's IP address. If it did not receive the IP address 172.16.1.18, make sure: 1 Client A is connected to the Switch's port 2 in VLAN 102. 2 You configured the correct - ZyXEL ES3500-24 | User Guide - Page 60
6 Tutorials Switch B is connected to switch A. In in this tutorial are as follows: Table 10 Settings in this Tutorial SWITCH PORT CONNECTED VLAN A Port 5 (to C) 1 Port 12 (to PORT TRUSTED Untrusted Trusted Trusted Trusted 6.3.1 Configuring Switch A 1 Click Advanced Application > PPPoE - ZyXEL ES3500-24 | User Guide - Page 61
. Click Apply. Then Click Intermediate Agent on the top of the screen. 3 The Intermediate Agent screen appears. Click VLAN on the top of the screen. ES3500 Series User's Guide 61 - ZyXEL ES3500-24 | User Guide - Page 62
Yes to enable PPPoE IA in VLAN 1 and also select Circuit-id and Remote-id to allow the Switch to add these two strings to frames tagged with VLAN 1 and pass to the PPPoE server. Click Apply. 6.3.2 Configuring Switch B The example uses another ES3500-24 as switch B. 62 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 63
Chapter 6 Tutorials 1 Click Advanced Application > PPPoE > Intermediate Agent. Select Active then click Apply. Click Port on the top of the screen. 2 Select Trusted for ports 11 and 12 and then click Apply. Then Click Intermediate Agent on the top of the screen. ES3500 Series User's Guide 63 - ZyXEL ES3500-24 | User Guide - Page 64
and End VID. Click Apply. 5 Then select Yes to enable PPPoE IA in VLAN 1 and also select Circuit-id and Remote-id to allow the Switch to add these two strings to frames tagged with VLAN 1 and pass to the PPPoE server. Click Apply. 64 - ZyXEL ES3500-24 | User Guide - Page 65
not successfully receive an IP address assigned by the to Use Error Disable and Recovery on the Switch This tutorial shows you how to shut down Switch to wait for a period of time (10 minutes) before resuming the port automatically, after the problem on the Switch. Then select the Active option of - ZyXEL ES3500-24 | User Guide - Page 66
and Timer Status for loopguard and ARP entries. Also enter 180 (180 seconds = 3 minutes) in the Interval field for both entries. Then click Apply. 66 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 67
the authentication server. In this guest VLAN, clients can surf the Internet through the default gateway attached to port 10, but are not allowed to access other network resources, 200. 1 Access the web configurator through the Switch's port which is not in VLAN 200. ES3500 Series User's Guide 67 - ZyXEL ES3500-24 | User Guide - Page 68
Chapter 6 Tutorials 2 Go to Basic Setting > Switch Setup and set the VLAN type to 802.1Q. Click Apply to save the to be permanent members of this VLAN. 6 Clear the TX Tagging check box to set the Switch to remove VLAN tags before sending frames out of these ports. 68 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 69
to save the settings to the run-time memory. Settings in the run-time memory are lost when the Switch's power is turned off. 8 Click the VLAN Status link in the Static VLAN screen and then the VLAN that the frames are forwarded to the VLAN group that the tag defines. ES3500 Series User's Guide 69 - ZyXEL ES3500-24 | User Guide - Page 70
validate access to ports 1~8 to clients based on a RADIUS server. 1 Click Advanced Application > Port Authentication and then the Click Here link for 802.1x. 70 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 71
the first Active checkbox to enable 802.1x authentication on the Switch. Select the Active checkboxes for ports 1 to 8 to turn on 802.1x authentication on the selected ports. Click Apply. 6.5.3 Enabling Guest VLAN 1 Click the Guest Vlan link in the 802.1x screen. ES3500 Series User's Guide 71 - ZyXEL ES3500-24 | User Guide - Page 72
200 in this example) on ports 1, 2 and 3. The Switch puts unauthenticated clients in the specified guest VLAN. Set Host-mode to Multi-Secure to have the Switch authenticate each client that connects to one of these ports, port in the same VLAN. You use private VLAN to 72 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 73
each port to a separate VLAN and creating a different IP routing domain for each individual port. Internet In this example 1 Access the web configurator through the Switch's port which is not in VLAN 123. 2 Go to Basic Setting > Switch Setup and set the VLAN type to ES3500 Series User's Guide 73 - ZyXEL ES3500-24 | User Guide - Page 74
permanent members of this VLAN. 6 Clear the TX Tagging check box to set the Switch to remove VLAN tags before sending frames out of these ports. 7 Click Add to run-time memory. Settings in the run-time memory are lost when the Switch's power is turned off. 8 Click the VLAN Status link in the - ZyXEL ES3500-24 | User Guide - Page 75
to save your configuration permanently. 6.6.2 Creating a Private VLAN Rule Follow the steps below to configure private VLAN for VLAN 123. 1 Click Advanced Application > Private VLAN. ES3500 Series User's Guide 75 - ZyXEL ES3500-24 | User Guide - Page 76
send traffic to each other. From port 2, 3, or 4, you should be able to access the device that attaches to port 25, such as a server or default gateway. 76 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 77
PART II Technical Reference 77 - ZyXEL ES3500-24 | User Guide - Page 78
78 - ZyXEL ES3500-24 | User Guide - Page 79
: Different models have different numbers of ports, so these screens may show a different number of ports from the model you're using. Figure 28 Status ES3500 Series User's Guide 79 - ZyXEL ES3500-24 | User Guide - Page 80
number and then click Clear Counter to erase the recorded statistical information for that port, or select Any to clear statistics for all ports. 80 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 81
. Use this screen to check status and detailed performance data about an individual port on the Switch. Figure 29 Status > Port Details The following table describes the labels in this screen. Table you are viewing. Name This field displays the name of the port. ES3500 Series User's Guide 81 - ZyXEL ES3500-24 | User Guide - Page 82
512 bits of the packets have already been transmitted. Error Packet The following fields display detailed information about packets received that were in error. 82 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 83
number of packets (including bad packets) received that were between 1519 octets and the maximum frame size. The maximum frame size varies depending on your switch model. ES3500 Series User's Guide 83 - ZyXEL ES3500-24 | User Guide - Page 84
mode. 8.2 System Information In the navigation panel, click Basic Setting > System Info to display the screen as shown. You can check the firmware version number and monitor the Switch temperature and voltage in this screen. Figure 30 Basic Setting > System Info ES3500 Series User's Guide 84 - ZyXEL ES3500-24 | User Guide - Page 85
Switch. ZyNOS F/W Version This field displays the version number of the Switch 's current firmware the temperature sensors on the Switch printed circuit board. Current This above. Fan Speed (RPM) (ES3500-24HP only) A properly functioning fan voltage with which the Switch still works. Status - ZyXEL ES3500-24 | User Guide - Page 86
) is similar to Time (RFC-868). Time Server IP Address Current Time None is the default value. Enter the time manually. Each time you turn on the Switch, the time and date will be reset to 1970-1-1 0:0. Enter the IP address of your timeserver. The Switch searches for the timeserver for up to 60 - ZyXEL ES3500-24 | User Guide - Page 87
is one hour ahead of GMT or UTC (GMT+1). Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on see the printers and hard disks of another user in the same building. ES3500 Series User's Guide 87 - ZyXEL ES3500-24 | User Guide - Page 88
received on designated port 8 from switch C will not be forwarded to any other isolated ports on switch B. A B Before Smart Isolation: Isolated ports: 2~6 Root port: 7 Designated port: 8 After Smart Isolation: Isolated ports: 2~6, 8 Root port: 7 Designated port: 8 88 C ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 89
Switch. If the network topology changes, the Switch Switch Setup Click Basic Setting > Switch Switch Setup The following table describes the labels in this screen. Table 15 Basic Setting > Switch Switch. The designated port(s) then different switches from RSTP on the Switch. Smart isolation does - ZyXEL ES3500-24 | User Guide - Page 90
relearned). GARP Timer: Switches join VLANs by making 65535 milliseconds; the default is 200 milliseconds. than Join Timer; the default is 600 milliseconds. Leave service. Frames without an explicit priority tag are given the default to the Switch's run-time memory. The Switch loses these changes - ZyXEL ES3500-24 | User Guide - Page 91
. The factory default subnet mask is 255.255.255.0. You can configure up to 64 IP addresses which are used to access and manage the Switch from the ports belonging to the pre-defined VLAN(s). Note: You must configure a VLAN first. Figure 33 Basic Setting > IP Setup ES3500 Series User's Guide 91 - ZyXEL ES3500-24 | User Guide - Page 92
number to edit the rule. IP Address This field displays the IP address. IP Subnet Mask This field displays the subnet mask. VID This field displays the ID number of the VLAN group. Default Gateway This field displays the IP address of the default gateway. 92 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 93
IP addresses that you want to remove in the Delete column, then click the Delete button. Cancel Click Cancel to clear the selected check boxes in the Delete column. 8.7 Port Setup Use this screen to configure Switch a port. The factory default for all ports is enabled ES3500 Series User's Guide 93 - ZyXEL ES3500-24 | User Guide - Page 94
-24HP supports the IEEE 802.3at Power over Ethernet plus (PoE+) standard. The Switch is Power Sourcing Equipment (PSE) because it provides a source of power via its Ethernet ports, and each device that receives power through an Ethernet port is a Powered Device (PD). 94 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 95
below, the IP camera and IP phone get their power directly from the Switch. Aside Switch, whether it is in Classification or Consumption mode. Total Power This field displays the total power the Switch can provide to the connected PoEenabled devices on the PoE ports. ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 96
The ranges are as follows. PD Priority • Class 0 - Default, 0.44 to 12.94 • Class 1 - Optional, 0.44 to 3.84 • Class 2 - Optional, 3.84 to 6.49 • Class 3 - Optional, 6.49 to 12.95 • Class 4 - Reserved (PSEs classify as Class 0) in a switch that supports IEEE 802.3af only. Optional, 12.95 to 25.50 - ZyXEL ES3500-24 | User Guide - Page 97
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the nonvolatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide 97 - ZyXEL ES3500-24 | User Guide - Page 98
for each PoE port to make sure the high priority ports get power. Note: In classification mode, up to five ports can be active. (The ES3500-24HP reserves 36W per port and the total power budget is 180W). Select consumption mode if you want more ports to be active. 98 - ZyXEL ES3500-24 | User Guide - Page 99
an 802.1Q VLANunaware switch to an 802.1Q VLAN-aware switch, the Switch first decides where to forward the frame, and then inserts a VLAN tag reflecting the ingress port's default VID. The default PVID is VLAN 1 ), thus confining the broadcast to a specific domain. ES3500 Series User's Guide 99 - ZyXEL ES3500-24 | User Guide - Page 100
DESCRIPTION VLAN Type Permanent VLAN This is a static VLAN created manually. VLAN Administrative Control VLAN Tag Control VLAN Port Dynamic VLAN frames on a port. If set, the Switch discards incoming frames for VLANs that do not have this port as a member. 100 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 101
E automatically allow frames with VLAN group tags 1 and 2 (VLAN groups that are unknown to those switches) to pass through their VLAN trunking port(s). Figure 38 Port VLAN Trunking 9.4 Select the VLAN Type previously untagged) from a port with the specified VID. ES3500 Series User's Guide 101 - ZyXEL ES3500-24 | User Guide - Page 102
Search to display all VLANs configured on the Switch. This is the number of VLANs configured on the Switch. This is the number of VLANs that static VLAN was set up. This field shows how this VLAN was added to the Switch; dynamic - using GVRP, static added as a permanent entry or other - added in - ZyXEL ES3500-24 | User Guide - Page 103
long it has been since a normal VLAN was registered or a static VLAN was set up. This field shows how this VLAN was added to the Switch; dynamic - using GVRP, static added as a permanent entry or other - added in another way such as via Multicast VLAN Registration (MVR - ZyXEL ES3500-24 | User Guide - Page 104
Use this screen to configure and view 802.1Q VLAN parameters for the Switch. See Section 9.1 on page 99 for more information on static VLAN. for the port to dynamically join this VLAN group using GVRP. This is the default selection. Select Fixed for the port to be a permanent member of this VLAN - ZyXEL ES3500-24 | User Guide - Page 105
Group ID. Add Click Add to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network. Port - ZyXEL ES3500-24 | User Guide - Page 106
services). You can also have a subnet based VLAN with priority 5 and VID of 200 for traffic received from IP subnet 192.168.1.0/24 (video services). Lastly, you can configure VLAN with priority 3 and VID of 300 for traffic received from IP subnet 10.1.1.0/24 (data 106 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 107
All untagged incoming frames will be classified based on their source IP subnet and prioritized accordingly. That is, video services receive the highest priority and data the lowest. Figure 44 the VLAN Port Setting screen to display the configuration screen as shown. ES3500 Series User's Guide 107 - ZyXEL ES3500-24 | User Guide - Page 108
the IP subnet Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 108 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 109
or not. Name This field shows the name the subnet based VLAN. IP This field shows the IP address of the subnet for this subnet based VLAN. Mask-Bits This field through the uplink port to a backbone switch C. Figure 46 Protocol Based VLAN Application Example ES3500 Series User's Guide 109 - ZyXEL ES3500-24 | User Guide - Page 110
the protocol number in hexadecimal notation. For example, the IP protocol in hexadecimal notation is 0800, and Novell IPX that the Switch will assign to frames belonging to this VLAN. Click Add to save your changes to the Switch's run-time memory. The Switch loses these ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 111
Leave the default value IP. 5 Type the VLAN ID of an existing VLAN. In our example we already created a static VLAN with an ID of 5. Type 5. 6 Leave the priority set to 0 and click Add. Figure 48 Protocol Based VLAN Configuration Example To add more ports to this protocol based VLAN. ES3500 Series - ZyXEL ES3500-24 | User Guide - Page 112
are specific only to the Switch on which they were created. Note: When you activate port-based VLAN, the Switch uses a default VLAN ID of 1. You cannot change it. Note: In screens (such as IP Setup and Filtering) that directly. Click Apply to save your settings. 112 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 113
Chapter 9 VLAN The following screen shows users on a port-based, all-connected VLAN configuration. Figure 49 Advanced Application > VLAN > Port Based VLAN Setup (All Connected) ES3500 Series User's Guide 113 - ZyXEL ES3500-24 | User Guide - Page 114
Chapter 9 VLAN The following screen shows users on a port-based, port-isolated VLAN configuration. Figure 50 Advanced Application > VLAN: Port Based VLAN Setup (Port Isolation) 114 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 115
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide 115 - ZyXEL ES3500-24 | User Guide - Page 116
Configuring Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table. Static MAC addresses do not age out. only computers in the MAC address table on a port to access the Switch. See Chapter 19 on page 165 for more information on port security - ZyXEL ES3500-24 | User Guide - Page 117
forwarded. Click Add to save your rule to the Switch's run-time memory. The Switch loses this rule if it is turned off or loses screen afresh. Click Clear to reset the fields to the factory defaults. Click an index number to modify a static MAC address rule ES3500 Series User's Guide 117 - ZyXEL ES3500-24 | User Guide - Page 118
multicast address is a multicast MAC address that has been manually entered in the multicast table. Static multicast addresses do not group first. If a multicast group has no members, then the switch will either flood the multicast frames to all ports or drop them. ES3500 Series User's Guide 118 - ZyXEL ES3500-24 | User Guide - Page 119
11.2 Configuring Static Multicast Forwarding Use this screen to configure rules to forward specific multicast frames, such as streaming or control frames, to specific port(s). ES3500 Series User's Guide 119 - ZyXEL ES3500-24 | User Guide - Page 120
and 5. Enter "3,5,7" for ports 3, 5, and 7. Add Click Add to save your rule to the Switch's run-time memory. The Switch loses this rule if it is turned off or loses power, so use the Save link on the top the specified multicast MAC address will be forwarded. 120 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 121
address will be forwarded. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. ES3500 Series User's Guide 121 - ZyXEL ES3500-24 | User Guide - Page 122
.1 Configure a Filtering Rule Configure the Switch to filter traffic based on the traffic source MAC address (specified in the MAC field). The Switch can still send frames to the MAC address. Select address (specified in the MAC address). The Switch can still receive frames originating from the MAC - ZyXEL ES3500-24 | User Guide - Page 123
number. Add Click Add to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses afresh. Clear Click Clear to clear the fields to the factory defaults. Index This field displays the index number of the rule. ES3500 Series User's Guide 123 - ZyXEL ES3500-24 | User Guide - Page 124
CHAPTER 13 Spanning Tree Protocol The Switch supports Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP) as defined in the to 600 40 to 400 10 to 60 ALLOWED RANGE 1 to 65535 1 to 65535 1 to 65535 1 to 65535 ES3500 Series User's Guide 124 - ZyXEL ES3500-24 | User Guide - Page 125
ports, eliminating any possible network loops. STP-aware switches exchange Bridge Protocol Data Units (BPDUs) periodically. When States PORT STATE DESCRIPTION Disabled STP is disabled (default). Blocking Only configuration and management BPDUs are received ES3500 Series User's Guide 125 - ZyXEL ES3500-24 | User Guide - Page 126
RSTP MRSTP (Multiple RSTP) is ZyXEL's proprietary feature that is compatible with RSTP and STP. With MRSTP, you can have more than one spanning tree on your Switch and assign port(s) to each tree as traffic from different VLANs can use distinct paths in a region. 126 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 127
Network Example The following figure shows a network example where two VLANs are configured on the two switches. If the switches are using STP or RSTP, the link for VLAN 2 will be blocked as STP and RSTP region) is increased by one when BPDUs traverse the region. ES3500 Series User's Guide 127 - ZyXEL ES3500-24 | User Guide - Page 128
of the entire network and it is equivalent to a spanning tree in an STP/RSTP. The CIST is the default MST instance (MSTID 0). Any VLANs that are not members of an MST instance are members of the CIST. running RSTP. Figure 61 MSTP and Legacy RSTP Network Example 128 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 129
, MRSTP or MSTP) you configure on the Switch. This screen is described in detail in the STP standards on the Switch. 13.3 Spanning Tree Configuration Use the Spanning of the STP modes on the Switch. Click Configuration in the Advanced one of the STP modes on the Switch. Select Rapid Spanning Tree, Multiple Rapid - ZyXEL ES3500-24 | User Guide - Page 130
Configuration (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use Tree Protocol > Configuration screen to enable RSTP on the Switch. 130 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 131
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide 131 - ZyXEL ES3500-24 | User Guide - Page 132
is the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree. This is the number of times the spanning tree has been reconfigured. This is the time since the spanning tree was last reconfigured. 132 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 133
Time, Max Age and Forwarding Delay. This is the time interval in seconds between BPDU (Bridge Protocol Data Units) configuration message generations by the root switch. The allowed range is 1 to 10 seconds. ES3500 Series User's Guide 133 - ZyXEL ES3500-24 | User Guide - Page 134
when more than one port forms a loop in the Switch. Ports with a higher priority numeric value are disabled first. The allowed range is between 0 and 255 and the default value is 128. Path cost is the cost of 13.1 on page 124 for more information on MRSTP. 134 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 135
is the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree. This is the number of times the spanning tree has been reconfigured. This is the time since the spanning tree was last reconfigured. ES3500 Series User's Guide 135 - ZyXEL ES3500-24 | User Guide - Page 136
Application > Spanning Tree Protocol screen. See Section 13.1.5 on page 126 for more information on MSTP. Figure 68 Advanced Application > Spanning Tree Protocol > MSTP 136 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 137
Switch will be chosen as the root bridge within the spanning tree instance. Enter priority values between 0 and 61440 in increments of 4096 (thus valid values are 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344 and 61440). ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 138
when more than one port forms a loop in the Switch. Ports with a higher priority numeric value are disabled first. The allowed range is between 0 and 255 and the default value is 128. Path cost is the cost of . Click Cancel to begin configuring this screen afresh. 138 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 139
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide 139 - ZyXEL ES3500-24 | User Guide - Page 140
a configuration message before attempting to reconfigure. This is the time (in seconds) the root switch will wait before changing states (that is, listening to learning to forwarding). This is the path cost from the root port on this Switch to the root switch. 140 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 141
the root switch. Internal Cost Port ID This is the path cost from the root port in this MST instance to the regional root switch. This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the MST instance. ES3500 Series User's Guide 141 - ZyXEL ES3500-24 | User Guide - Page 142
drop. Note: The CIR should be less than the PIR. Note: The sum of CIRs cannot be greater than or equal to the uplink bandwidth. ES3500 Series User's Guide 142 - ZyXEL ES3500-24 | User Guide - Page 143
> Bandwidth Control LABEL Active Port * DESCRIPTION Select this check box to enable bandwidth control on the Switch. This field displays the port number. Settings in this row apply to all ports. Use this row second (Kbps) for the out-going traffic flow on a port. ES3500 Series User's Guide 143 - ZyXEL ES3500-24 | User Guide - Page 144
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 144 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 145
labels in this screen. Table 42 Advanced Application > Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the Switch. Clear this check box to disable this feature. Port This field displays a port number. ES3500 Series User's Guide 145 - ZyXEL ES3500-24 | User Guide - Page 146
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 146 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 147
Application > Mirroring LABEL DESCRIPTION Active Select this check box to activate port mirroring on the Switch. Clear this check box to disable the feature. Monitor Port The monitor port is the port monitor port. Port This field displays the port number. ES3500 Series User's Guide 147 - ZyXEL ES3500-24 | User Guide - Page 148
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 148 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 149
form a trunk group. The Switch supports both static and dynamic link aggregation Switch adheres to the IEEE 802.3ad standard for static and dynamic (LACP) port trunking. The Switch supports connect all ports point-to-point to the same Ethernet switch and configure the ports for LACP trunking. • LACP - ZyXEL ES3500-24 | User Guide - Page 150
PORT PRIORITY PORT NUMBER 00 0000 Table 45 Link Aggregation ID: Peer Switch SYSTEM PRIORITY MAC ADDRESS KEY 0000 00-00-00-00-00-00 navigation panel. The Link Aggregation Status screen displays by default. See Section 17.1 on page 149 for more port. 150 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 151
's source and destination IP addresses. This field displays how these ports were added to the trunk group. It displays: • Static - if the ports are configured as static members of a trunk group. • LACP - if the ports are configured to join a trunk group via LACP. ES3500 Series User's Guide 151 - ZyXEL ES3500-24 | User Guide - Page 152
ID The field identifies the link aggregation group, that is, one logical link containing multiple ports. Active Select this option to activate a trunk group. 152 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 153
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide 153 - ZyXEL ES3500-24 | User Guide - Page 154
Protocol (LACP). System Priority LACP system priority is a number between 1 and 65,535. The switch with the lowest system priority (and lowest port number if system priority is the same) becomes the group, that is, one logical link containing multiple ports. 154 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 155
second or 30 seconds. Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use shows ports 2-5 on switch A connected to switch B. Figure 77 Trunking Example - Physical Connections B A ES3500 Series User's Guide 155 - ZyXEL ES3500-24 | User Guide - Page 156
the figure below. Click Apply when you are done. Figure 78 Trunking Example - Configuration Screen EXAMPLE Your trunk group 1 (T1) configuration is now complete. 156 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 157
Authentication Dial In User Service, RFC 2138, 2139 same port, the Switch performs IEEE 802. supported by all operating systems. See your operating system documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client software. ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 158
18 Port Authentication provides the login credentials, the Switch sends an authentication request to a RADIUS server. The 802.1x authentication. The main difference is that the Switch does not prompt the client for login credentials. The login credentials are based 158 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 159
authentication, first activate the port authentication method(s) you want to use (both on the Switch and the port(s)), then configure the RADIUS server settings in the AAA > Radius in the screen that appears. Figure 81 Advanced Application > Port Authentication ES3500 Series User's Guide 159 - ZyXEL ES3500-24 | User Guide - Page 160
802.1x authentication on the Switch. Note: You must first enable 802.1x authentication on the Switch before configuring it on each port by default. That is, the Switch attempts to authenticate a client twice. If the client does not respond to the first authentication request, the Switch tries - ZyXEL ES3500-24 | User Guide - Page 161
of seconds the Switch waits for client's save your changes to the Switch's run-time memory. The Switch loses these changes if it is enabled on the Switch and its ports, clients that the port(s). You can configure your Switch to have one VLAN that acts configures switches or routers with the guest network - ZyXEL ES3500-24 | User Guide - Page 162
-authenticated users to access limited network resources through the Switch. You must also enable IEEE 802.1x authentication on the Switch and the associated ports. Enter the number that identifies the guest VLAN. Make sure this is a VLAN recognized in your network. 162 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 163
Authentication > 802.1x > Guest VLAN (continued) LABEL Host-mode DESCRIPTION Specify how the Switch authenticates users when more than one user connect to the port (using a hub). Select . Figure 85 Advanced Application > Port Authentication > MAC Authentication ES3500 Series User's Guide 163 - ZyXEL ES3500-24 | User Guide - Page 164
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 164 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 165
/or configured static MAC addresses to pass through a port on the Switch. The Switch can learn up to 16K MAC addresses in total with no limit together with MAC address learning as this will result in many broadcasts. By default, MAC address learning is still enabled even though the port security is - ZyXEL ES3500-24 | User Guide - Page 166
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 166 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 167
chapter introduces and shows you how to configure the packet classifier on the Switch. 20.1 About the Classifier and QoS Quality of Service (QoS) refers to both a network's ability to deliver data with minimum configure policy rules, refer to Chapter 21 on page 172. ES3500 Series User's Guide 167 - ZyXEL ES3500-24 | User Guide - Page 168
to all MAC addresses. To specify a source, select the second choice and type a MAC address in valid MAC address format (six hexadecimal character pairs). 168 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 169
provided. IP Protocol Select an IP protocol Switch will pick out the packets that are sent to establish TCP connections. Enter a source IP in the IP Protocol field IP Address/ Address Prefix Enter a destination IP in the IP Protocol field Switch's run-time memory. The Switch factory defaults. 20 - ZyXEL ES3500-24 | User Guide - Page 170
55 Common Ethernet Types and Protocol Number ETHERNET TYPE PROTOCOL NUMBER IP ETHII 0800 X.75 Internet 0801 NBS Internet 0802 ECMA Internet 80D5 AppleTalk AARP 80F3 Some of the most common IP ports are: Table 56 Common IP Ports PORT NUMBER PORT NAME 21 FTP 23 Telnet 25 SMTP 53 - ZyXEL ES3500-24 | User Guide - Page 171
a classifier, you can configure a policy to define action(s) on the classified traffic flow. See Chapter 21 on page 172 for information on configuring a policy rule. ES3500 Series User's Guide 171 - ZyXEL ES3500-24 | User Guide - Page 172
. 21.1.2 DSCP and Per-Hop Behavior DiffServ defines a new DS (Differentiated Services) field to replace the Type of Service (TOS) field in the IP header. The DS field contains a 2-bit unused field and a 6-bit Refer to Section 20.2 on page 167 for more information. ES3500 Series User's Guide 172 - ZyXEL ES3500-24 | User Guide - Page 173
the fields below for this policy. You only have to set the field(s) that is related to the action(s) you configure in the Action field. ES3500 Series User's Guide 173 - ZyXEL ES3500-24 | User Guide - Page 174
between 0 and 63. Specify the type of service (TOS) priority level. You can configure the the 802.1p priority field with the IP TOS value and send the packet to save your changes to the Switch's run-time memory. The Switch loses these changes if it defaults. 174 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 175
which this policy applies. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. ES3500 Series User's Guide 175 - ZyXEL ES3500-24 | User Guide - Page 176
Chapter 21 Policy Rule 21.4 Policy Example The figure below shows an example Policy screen where you configure a policy to limit bandwidth on a traffic flow classified using the Example classifier (refer to Section 20.4 on page 171). Figure 92 Policy Example 176 EXAMPLE ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 177
Priority Queuing (SPQ) services queues based on priority only. As traffic comes into the Switch, traffic on the with larger weights get more guaranteed bandwidth than queues with smaller weights. By default, the weight for Q0 is 1, for Q1 is 2, for Q2 is 160 KB ES3500 Series User's Guide 177 - ZyXEL ES3500-24 | User Guide - Page 178
empty. Weighted Round Robin Scheduling (WRR) uses the same algorithm as round robin scheduling, but services queues based on their priority and queue weight (the number you configure in the queue Weight panel. Figure 93 Advanced Application > Queuing Method 178 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 179
get more service than queues Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 180
Switch. See the chapter on VLANs for more background information on Virtual LAN 23.1 VLAN Stacking Overview A service service provider can manage up to 4,094 service provider to provide different service, based on specific VLANs, for many different customers. A service service are Service Provider - ZyXEL ES3500-24 | User Guide - Page 181
frame switching. • Select Access Port for ingress ports on the service provider's service provider's VLAN (using the outer VLAN tag defined by the Service Provider's (SP) VLAN ID (VID)). Note: Static VLAN Tx Tagging MUST be enabled on a port where you choose Tunnel Port. ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 182
Service Provider Tag Protocol Identifier) is the service Switch adds the SP TPID tag to all incoming frames on the service Switch only adds the SP TPID tag to all incoming frames on the service service provider) is shown next. Configure the fields as highlighted in the Switch TPID (Service Provider) - ZyXEL ES3500-24 | User Guide - Page 183
the Switch. The the Switch ignore Switch add service provider's network. Select Tunnel Port to have the Switch add the Tunnel TPID tag to all outgoing frames sent on this port. In order to support Switch adds in the outer VLAN tag of the frames sent on the tunnel port(s). The Switch the Switch needs to - ZyXEL ES3500-24 | User Guide - Page 184
the service provider's Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 184 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 185
ID. Select a priority level (from 0 to 7). This is the service provider's priority level that adds to the frames received on this port. highest. Click Add to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses ES3500 Series User's Guide 185 - ZyXEL ES3500-24 | User Guide - Page 186
the packets from the subscribers. Priority This is the service provider's priority level in the packets. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the Delete check boxes. 186 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 187
groups (that it has learned from IGMP snooping or that you have manually configured) to ports that are members of that group. IGMP snooping generates no additional network traffic, allowing you to significantly reduce multicast traffic passing through your Switch. ES3500 Series User's Guide 187 - ZyXEL ES3500-24 | User Guide - Page 188
should be performed on. This is referred to as fixed mode. In fixed mode the Switch does not learn multicast group membership of any VLANs other than those explicitly added as an the multicast group. Multicast Group This field displays IP multicast group addresses. 188 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 189
traffic only to ports that are members of that group. Querier Select this option to allow the Switch to send IGMP General Query messages to the VLANs with the multicast hosts attached. Host Timeout Specify that you want to allow to join multicast groups. ES3500 Series User's Guide 189 - ZyXEL ES3500-24 | User Guide - Page 190
A multicast router will not forward a packet with the destination IP address within this range to other networks. See the IANA in this group. Port * Specify the action to perform when the Switch receives a frame with a reserved multicast address. Select Drop to discard ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 191
, select Default to prohibit Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 192
Switch learn multicast group membership information of any VLANs automatically. Select fixed to have the Switch the Switch can learn in this screen. The Switch drops any IGMP control the Switch's run-time memory. The Switch loses these add VLANs upon which the Switch is to perform IGMP snooping - ZyXEL ES3500-24 | User Guide - Page 193
a range of multicast groups that clients connected to the Switch are able to join. A profile contains a range of multicast IP addresses which you want clients to be able to join. Figure 101 Advanced Application > Multicast > Multicast Setting > IGMP Filtering Profile ES3500 Series User's Guide 193 - ZyXEL ES3500-24 | User Guide - Page 194
IP address, enter it in both the Start Address and End Address fields. Click Add to save the profile to the Switch's run-time memory. The Switch )) that use multicast traffic across an Ethernet ring-based service provider network. MVR allows one single multicast VLAN to be ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 195
the Switch does not send any IGMP reports. In this case, you must manually Switch to leave the multicast group. The Switch sends a query to VLAN 1 on the receiver port (in this case, an uplink port on the Switch). If there is another subscriber device connected to this ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 196
will still be on the list of forwarding destination for the multicast traffic. Otherwise, the Switch removes the receiver port from the forwarding table. Figure 103 MVR Multicast Television Example VLAN multicast VLANs and up to 256 multicast rules on the Switch. 196 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 197
ports in the multicast VLAN. Port * Select Compatible to set the Switch not to send IGMP reports. This field displays the port number on the Switch. Settings in this row apply to all ports. Use this row only row are copied to all the ports as soon as you make them. ES3500 Series User's Guide 197 - ZyXEL ES3500-24 | User Guide - Page 198
frames transmitted. Add Click Add to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, multicast data sent to this multicast group. Configure MVR IP multicast group address(es) in the Group Configuration screen. Click Group - ZyXEL ES3500-24 | User Guide - Page 199
purposes. Enter the starting IP multicast address of the multicast IP multicast addresses. Click Add to save your changes to the Switch's run-time memory. The Switch IP address of the multicast group. This field displays the ending IP 2 and 3 on the Switch belong to VLAN 1. In addition, - ZyXEL ES3500-24 | User Guide - Page 200
Example VLAN 1 1 2 A B 3 News: 224.1.4.10 ~ 224.1.4.50 Multicast VID 200 Movie: 230.1.2.50 ~230.1.2.60 7 S C To configure the MVR settings on the Switch, create a multicast group in the MVR screen and set the receiver and source ports. Figure 107 MVR Configuration Example EXAMPLE 200 - ZyXEL ES3500-24 | User Guide - Page 201
Chapter 24 Multicast To set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group VLAN 200. Figure 108 MVR Group Configuration Example Figure 109 MVR Group Configuration Example EXAMPLE EXAMPLE ES3500 Series User's Guide 201 - ZyXEL ES3500-24 | User Guide - Page 202
Switch but user B cannot. The Switch can authorize users based on user accounts configured on the Switch recording what a user is doing. The Switch can use an external server to track when Switch supports RADIUS (Remote Authentication Dial-In User Service locally on the Switch, your Switch is able to - ZyXEL ES3500-24 | User Guide - Page 203
AAA screens allow you to enable authentication, authorization, accounting or all of them on the Switch. First, configure your authentication and accounting server settings (RADIUS, TACACS+ or both) and Section 25.3 on page 211 for RADIUS attributes utilized by the ES3500 Series User's Guide 203 - ZyXEL ES3500-24 | User Guide - Page 204
representing a RADIUS server entry. Enter the IP address of an external RADIUS server in dotted decimal notation. The default port of a RADIUS server for authentication is 1812. You need not change this value unless your network administrator instructs you to do so. 204 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 205
accounting server entry. IP Address Enter the IP address of an external RADIUS accounting server in dotted decimal notation. UDP Port The default port of a RADIUS accounting server for accounting is 1813. You need not change this value unless your network administrator instructs you to do so - ZyXEL ES3500-24 | User Guide - Page 206
then the Switch waits for a response from the first TACACS+ server for 15 seconds and then tries the second TACACS+ server. This is a read-only number representing a TACACS+ server entry. Enter the IP address of an external TACACS+ server in dotted decimal notation. 206 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 207
a TACACS+ accounting server entry. IP Address Enter the IP address of an external TACACS+ accounting server in dotted decimal notation. TCP Port The default port of a TACACS+ accounting server is 49. You need not change this value unless your network administrator instructs you to do so. Shared - ZyXEL ES3500-24 | User Guide - Page 208
for access privilege level specify them in Method 2 and Method 3 fields. Select local to have the Switch check the access privilege configured for local authentication. Select radius or tacacs+ to have the Switch check the access privilege via the external servers. 208 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 209
Switch. Set whether the Switch provides the following services to a user. Active Method • Exec: Allow an administrator which logs in the Switch Switch supports the following types of events to be sent to the accounting server(s): Active Broadcast • System - Configure the Switch the Switch sends - ZyXEL ES3500-24 | User Guide - Page 210
25 AAA Table 75 Advanced Application > AAA > AAA Setup (continued) LABEL Mode DESCRIPTION The Switch supports two modes of recording login events. Select: Method • start-stop - to have the Switch send information to the accounting server when a user begins a session, during a user's session (if - ZyXEL ES3500-24 | User Guide - Page 211
Remote Authentication Dial-In User Service (RADIUS) attributes are data used to define specific authentication, and accounting elements in a user profile, which is stored on the RADIUS server. This section lists the RADIUS attributes supported by the Switch. ES3500 Series User's Guide 211 - ZyXEL ES3500-24 | User Guide - Page 212
value is set to Ethernet(15) on the Switch. Calling-Station-Id Frame-MTU EAP-Message State Message-Authenticator 25.3.2 Attributes Used for Accounting The following sections list the attributes sent from the Switch to the RADIUS server when performing authentication. 212 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 213
Accounting System Events NAS-IP-Address NAS-Identifier Acct- User-Name NAS-Identifier NAS-IP-Address Service-Type Acct-Status-Type Acct- UPDATE User-Name NAS-Identifier NAS-IP-Address Service-Type Calling-Station-Id Acct-Status - ZyXEL ES3500-24 | User Guide - Page 214
Table 80 RADIUS Attributes - Exec Events via Console ATTRIBUTE User-Name START INTERIM-UPDATE NAS-IP-Address NAS-Port Class Called-Station-Id Calling-Station-Id -Cause Acct-Input-Gigawords Acct-Output-Gigawords STOP 214 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 215
, the Switch discards the packet. The Switch builds the binding table by snooping DHCP packets (dynamic bindings) and from information provided manually by administrators (static bindings). IP source guard each port (trusted or untrusted) can receive each second. ES3500 Series User's Guide 215 - ZyXEL ES3500-24 | User Guide - Page 216
IP Source Guard Trusted ports are connected to DHCP servers or other switches. The Switch discards DHCP packets from trusted ports only if the rate at which DHCP packets arrive is too high. The Switch learns dynamic bindings from trusted ports. Note: The Switch . 216 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 217
IP Source Guard 26.1.1.3 DHCP Relay Option 82 Information The Switch can add information to DHCP requests that it does not discard. This provides the DHCP server more information about the source of the requests. The Switch Then, computer X does the following things: ES3500 Series User's Guide 217 - ZyXEL ES3500-24 | User Guide - Page 218
IP the Switch identifies filter remains in the Switch. These MAC address Switch receives ARP packets on untrusted ports. The Switch does not discard ARP packets on trusted ports for any reason. The Switch Switch can send syslog messages to Switch can on the Switch. 1 so that the Switch has enough time - ZyXEL ES3500-24 | User Guide - Page 219
Switch learns the bindings by snooping DHCP packets (dynamic bindings) and from information provided manually by administrators (static bindings). To open this screen, click Advanced Application > IP Source Guard. Figure 117 IP with the same MAC address and VLAN ES3500 Series User's Guide 219 - ZyXEL ES3500-24 | User Guide - Page 220
the source MAC address in the binding. This field displays the IP address assigned to the MAC address in the binding. This field displays how the Switch learned the binding. VLAN Port Delete Cancel static: This binding was learned from information provided manually by an ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 221
various statistics about the DHCP snooping database. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping. Figure 119 DHCP Snooping The following table describes the labels in field displays the location of the DHCP snooping database. ES3500 Series User's Guide 221 - ZyXEL ES3500-24 | User Guide - Page 222
writes This field displays the number of times the Switch was unable to update the bindings in the DHCP snooping database. Database detail First successful access This field displays the first time the Switch accessed the DHCP snooping database for any reason. 222 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 223
Switch or using CLI commands. See the Ethernet Switch CLI Reference Guide. Binding collisions This field displays the number of bindings the Switch ignored because the Switch to enable DHCP snooping on the Switch (not on specific VLAN), specify the VLAN where the default DHCP server is located, and - ZyXEL ES3500-24 | User Guide - Page 224
> IP Source the Switch. You still ID if you want the Switch to forward DHCP packets to not want the Switch to forward DHCP packets out. In this case, the Switch waits to start the next update tftp://{domain name or IP address}/directory, if applicable/file 10-65535 seconds) the Switch waits to update the - ZyXEL ES3500-24 | User Guide - Page 225
whether ports are trusted or untrusted ports for DHCP snooping. Note: The Switch will drop all DHCP requests if you enable DHCP snooping and there are Advanced Application > IP Source Guard > DHCP Snooping > Configure > Port. Figure 121 DHCP Snooping Port Configure ES3500 Series User's Guide 225 - ZyXEL ES3500-24 | User Guide - Page 226
(Chapter 37 on page 278) to DHCP requests that the Switch relays to a DHCP server for each VLAN. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > VLAN. Figure 122 lowest VLAN ID you want to manage in the section below. 226 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 227
Switch identifies an unauthorized ARP packet, it automatically creates a MAC address filter to block traffic from the source MAC address and source VLAN ID of the unauthorized ARP packet. To open this screen, click Advanced Application > IP the discarded ARP packet. ES3500 Series User's Guide 227 - ZyXEL ES3500-24 | User Guide - Page 228
Switch. You can also delete the record manually (Delete). This field displays the reason the ARP packet was discarded. MAC+VLAN: The MAC address and VLAN ID were not in the binding table. IP this screen, click Advanced Application > IP Source Guard > ARP Inspection > Switch last restarted. Request This field - ZyXEL ES3500-24 | User Guide - Page 229
Sender IP This field displays the source IP Switch consolidates identical log messages generated by ARP packets in the log consolidation interval into one log message. You can configure this interval in the ARP Inspection Configure screen. See Section 26.7 on page 230. ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 230
also configure the length of time the Switch stores records of discarded ARP packets and global settings for the ARP inspection log. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure. Figure 126 ARP Inspection Configure 230 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 231
Use this screen to specify whether ports are trusted or untrusted ports for ARP inspection. You can also specify the maximum rate at which the Switch receives ARP packets on each untrusted port. To ES3500 Series User's Guide 231 - ZyXEL ES3500-24 | User Guide - Page 232
> IP Source Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click this to reset the values in this screen to their last-saved values. 232 ES3500 - ZyXEL ES3500-24 | User Guide - Page 233
on each VLAN and to specify when the Switch generates log messages for receiving ARP packets from each VLAN. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure > reset the values in this screen to their last-saved values. ES3500 Series User's Guide 233 - ZyXEL ES3500-24 | User Guide - Page 234
be affected by the switch in loop state in the following way: • It will receive broadcast messages sent out from the switch in loop state. • It will receive its own broadcast messages that it sends out as they loop back. It will then rebroadcast those messages again. ES3500 Series User's Guide 234 - ZyXEL ES3500-24 | User Guide - Page 235
example, the probe packet is sent from port N and returns on another port. As long as loop guard is enabled on port N. The Switch will shut down port N if it detects that the probe packet has returned to the Switch. Figure 132 Loop Guard - Network Loop A P P N P ES3500 Series User's Guide 235 - ZyXEL ES3500-24 | User Guide - Page 236
Chapter 27 Loop Guard Note: After resolving the loop problem on your network you can re-activate the disabled port via the web configurator (see Section 8.7 on page 93) or via commands (see the Ethernet Switch CLI Reference Guide). 27.2 Loop Guard Setup Click Advanced Application > Loop Guard in the - ZyXEL ES3500-24 | User Guide - Page 237
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide 237 - ZyXEL ES3500-24 | User Guide - Page 238
rule. The Switch translates the VLAN ID from 12 into 123 before forwarding the packets. Any packets carrying a VLAN tag other than 12 (such as 10) and received on port 3 will be dropped. Figure 134 VLAN mapping example 12 10 123 Port 3 10 Service Provider Network ES3500 Series User's Guide 238 - ZyXEL ES3500-24 | User Guide - Page 239
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide 239 - ZyXEL ES3500-24 | User Guide - Page 240
Add to insert the entry in the summary table below and save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link Delete button. Cancel Click Cancel to clear the Delete check boxes. 240 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 241
Chapter 28 VLAN Mapping ES3500 Series User's Guide 241 - ZyXEL ES3500-24 | User Guide - Page 242
example, if you enable L2PT for STP, you can have switches A, B, C and D in the same spanning tree, even though switch A is not directly connected to switches B, C and D. Topology change information can be propagated throughout the service provider's network. ES3500 Series User's Guide 242 - ZyXEL ES3500-24 | User Guide - Page 243
switches at different sites, such as A and B, you can enable protocol tunneling on edge switches service provider's edge device (1 or 2 in Figure 138 on page 243) and connected to a customer switch of the service provider's network and connected to another service provider's switch. Incoming - ZyXEL ES3500-24 | User Guide - Page 244
basis. CDP Note: Changes in this row are copied to all the ports as soon as you make them. Select this option to have the Switch tunnel CDP (Cisco Discovery Protocol) packets so that other Cisco devices can be discovered through the service provider's network. 244 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 245
and remote) networks. Select this option to have the Switch tunnel VTP (VLAN Trunking Protocol) packets so that all customer switches can use consistent VLAN configuration through the service provider's network. The Switch supports PAgP (Port Aggregation Protocol), LACP (Link Aggregation Control - ZyXEL ES3500-24 | User Guide - Page 246
for monitoring switched networks. An sFlow agent embedded on a switch or router gets troubleshooting. For example, you can use it to know which IP address or which type of traffic caused network congestion. Figure 140 sFlow Application sFlow Agent sFlow Collector ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 247
(N) from 256 to 65535. The Switch captures every one out of N packets for this port and creates sFlow datagram. Specify a time interval (from 20 to 120 in seconds) the Switch waits before sending the sFlow datagram and packet counters for this port to the collector. ES3500 Series User's Guide 247 - ZyXEL ES3500-24 | User Guide - Page 248
Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields to your previous configuration. 248 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 249
Click Clear to clear the fields to the factory defaults. Index This field displays the index number of this entry. Collector Address This field displays IP address of the sFlow collector. UDP Port This field displays port number the Switch uses to send sFlow datagram to the collector. Delete - ZyXEL ES3500-24 | User Guide - Page 250
31.1.1 PPPoE Intermediate Agent Tag Format If the PPPoE Intermediate Agent is enabled, the Switch adds a vendor-specific tag to PADI (PPPoE Active Discovery Initialization) and PADR (PPPoE String SubOpt 0x01 (1 byte) Length N (1 byte) String (63 bytes) Value ES3500 Series User's Guide 250 - ZyXEL ES3500-24 | User Guide - Page 251
length of the field. The Switch takes the Circuit ID string you manually configure for a VLAN on a (1 byte) VLAN ID (4 bytes) 31.1.2.2 WT-101 Default Circuit ID Syntax If you do not configure a Circuit ID Switch adds to PADI and PADR packets from PPPoE clients. ES3500 Series User's Guide 251 - ZyXEL ES3500-24 | User Guide - Page 252
on a trusted port, the Switch forwards it to all other the Switch forwards it to other trusted port(s). Note: The Switch will Switch adds a vendor-specific tag to the packet and then forwards it to the trusted port(s). • The Switch Intermediate Agent on the Switch. Click Advanced Application Switch - ZyXEL ES3500-24 | User Guide - Page 253
to identify the PPPoE intermediate agent. Hyphens (-) and spaces are also allowed. The default is the Switch's host name. Use this section to configure the Circuit ID field in the PADI pound key (#), semi-colon (;), period (.), comma (,), forward slash (/) or space. ES3500 Series User's Guide 253 - ZyXEL ES3500-24 | User Guide - Page 254
> Intermediate Agent (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link copied to all the ports as soon as you make them. 254 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 255
> Port > VLAN screen) has the highest priority. Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on PPPoE IA settings that apply to a specific VLAN on a port. ES3500 Series User's Guide 255 - ZyXEL ES3500-24 | User Guide - Page 256
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 256 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 257
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide 257 - ZyXEL ES3500-24 | User Guide - Page 258
, you need to enable the port(s) or allow the packets on a port manually via the web configurator or the commands. With error-disable recovery, you can set the disabled port(s) to become active or start receiving the packets again after the time interval you specify. ES3500 Series User's Guide 258 - ZyXEL ES3500-24 | User Guide - Page 259
screen to limit the maximum number of control packets (ARP, BPDU and/or IGMP) that the Switch can receive or transmit on a port. Click the Click Here link next to CPU protection in Errdisable Detect screen. Figure 149 Advanced Application > Errdisable > CPU protection ES3500 Series User's Guide 259 - ZyXEL ES3500-24 | User Guide - Page 260
can configure the action that the Switch takes when the limit is exceeded. See Section save your changes to the Switch's run-time memory. The Switch loses these changes if it Use screen to have the Switch detect whether the control packets have the Switch detect if the configured rate limit for - ZyXEL ES3500-24 | User Guide - Page 261
the Switch takes Switch drops all the specified control packets on the port. • rate-limitation - The Switch the Switch's run-time memory. The Switch loses the Switch to Switch. Reason This field displays the supported features that allow the Switch option to allow the Switch to wait for the specified - ZyXEL ES3500-24 | User Guide - Page 262
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 262 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 263
a VLAN in a simple way. If you enable a private VLAN rule for a VLAN on the Switch, the Switch automatically adds all ports (except the uplink port(s)) in this VLAN to the isolated port list and blocks enabled. Otherwise, this VLAN is blocked from the whole network. ES3500 Series User's Guide 263 - ZyXEL ES3500-24 | User Guide - Page 264
the summary table below and save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or configuration. Clear Click Clear to clear the fields to the factory defaults. Index This is the index number of the rule. Active This ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 265
, so Short Reach saves power by adjusting the transmit power of each port according to the length of cable attached to that port. Note: The ES3500-8PD supports Green Ethernet completely. Note: The ES3500-24 only supports EEE. ES3500 Series User's Guide 265 - ZyXEL ES3500-24 | User Guide - Page 266
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 266 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 267
reply traffic to default gateway R1 which routes it back to the manager's computer. The Switch needs a static route to tell it to use router R2 to send traffic to an SNMP trap server on network N2. Figure 155 Static Routing Overview N1 N2 Telnet SNMP R1 R2 ES3500 Series User's Guide 267 - ZyXEL ES3500-24 | User Guide - Page 268
Add to insert a new static route to the Switch's run-time memory. The Switch loses these changes if it is turned off or to set the above fields back to the factory defaults. Index This field displays the index number of IP network address of the final destination. 268 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 269
is an immediate neighbor of your Switch that will forward the packet to the destination. This field displays the cost of transmission for routing purposes. Click Delete to remove the selected entry from the summary table. Click Cancel to clear the Delete check boxes. ES3500 Series User's Guide 269 - ZyXEL ES3500-24 | User Guide - Page 270
new DS (Differentiated Services) field to replace the Type of Service (ToS) field in the IP header. The DS field contains a 6-bit DSCP field which can define up to 64 service levels and the on the configured marking rules. A network administrator can then apply ES3500 Series User's Guide 270 - ZyXEL ES3500-24 | User Guide - Page 271
CIR and PIR values are based on the guaranteed and maximum bandwidth respectively as negotiated between a service provider and client. Two Rate Three Color Marker evaluates incoming packets and marks them with one any of colors, then the packets proceed unchanged. ES3500 Series User's Guide 271 - ZyXEL ES3500-24 | User Guide - Page 272
Chapter 36 Differentiated Services 36.2.1 TRTCM-Color-blind Mode All packets are evaluated against the PIR. If a packet exceeds the PIR it is .3 Activating DiffServ Activate DiffServ to apply marking rules or IEEE 802.1p priority mapping on the selected port(s). 272 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 273
screen. Table 114 IP Application > DiffServ LABEL Active Port * DESCRIPTION Select this option to enable DiffServ on the Switch. This field displays the index number of a port on the Switch. Settings in this the DiffServ screen to display the screen as shown next. ES3500 Series User's Guide 273 - ZyXEL ES3500-24 | User Guide - Page 274
this screen. Table 115 IP Application > DiffServ > 2-rate 3 Color Marker LABEL DESCRIPTION Active Select this to activate TRTCM (Two Rate Three Color Marker) on the Switch. The Switch evaluates and marks the make them. Select this to activate TRTCM on the port. 274 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 275
Chapter 36 Differentiated Services Table 115 IP Application > DiffServ > 2-rate 3 Color priority. Add Click Add to insert a new DSCP profile to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, the profile settings. ES3500 Series User's Guide 275 - ZyXEL ES3500-24 | User Guide - Page 276
Services Table 116 IP 1p mapping to allow the Switch to prioritize all traffic based 1p mapping table. The following table shows the default DSCP-to-IEEE802.1p mapping. Table 117 Default DSCP-IEEE 802.1p Mapping DSCP VALUE 0 IP Application > DiffServ > DSCP Setting 276 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 277
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide 277 - ZyXEL ES3500-24 | User Guide - Page 278
by VLAN basis. The Switch can be configured to relay DHCP requests to different DHCP servers for clients in different VLAN. 37.2 DHCP Status Click IP Application > DHCP in the navigation panel. The DHCP Status screen displays. Figure 165 IP Application > DHCP Status ES3500 Series User's Guide 278 - ZyXEL ES3500-24 | User Guide - Page 279
the initial IP address leasing, the Switch helps to relay network information (such as the IP address and subnet mask) between a DHCP client and a DHCP server. Once the DHCP client obtains an IP address according to system name set in Basic Settings > General Setup. ES3500 Series User's Guide 279 - ZyXEL ES3500-24 | User Guide - Page 280
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 280 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 281
check box to set the Switch to send additional information (such as the VLAN ID) together with the DHCP requests to the DHCP server. This allows the DHCP server to assign the appropriate IP address according to the VLAN ID. Figure 168 DHCP Relay Configuration Example ES3500 Series User's Guide 281 - ZyXEL ES3500-24 | User Guide - Page 282
that it relays to a DHCP server. Click Add to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save DHCP relay configuration, this field displays the first remote DHCP server IP address. 282 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 283
37 DHCP Table 122 IP Application > DHCP > VLAN rooms (VLAN 1) to the DHCP server with an IP address of 192.168.1.100. Requests from the academic buildings (VLAN 2) are sent to the other DHCP server with an IP address of 172.16.10.100. Figure 170 DHCP Relay for Two - ZyXEL ES3500-24 | User Guide - Page 284
Chapter 37 DHCP 284 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 285
Config 1 to reboot the system and load Configuration 1 on the Switch. Click Config 2 to reboot the system and load Configuration 2 on the Switch. Note: Make sure to click the Save button in any screen to save your settings to the current configuration on the Switch. ES3500 Series User's Guide 285 - ZyXEL ES3500-24 | User Guide - Page 286
the Switch web configurator again, you may need to change the IP address of your computer to be in the same subnet as that of the default Switch IP address erased after you reboot the Switch. 38.4 Reboot System Reboot System allows you to restart the Switch without physically turning the power off - ZyXEL ES3500-24 | User Guide - Page 287
the Switch and apply the new firmware immediately. (Firmware upgrades are only applied after a reboot). Click Upgrade to load the new firmware. After the firmware upgrade process is complete, see the System Info screen to verify your current firmware version number. ES3500 Series User's Guide 287 - ZyXEL ES3500-24 | User Guide - Page 288
of your device from which you may restore at a later date. Back up your current Switch configuration to a computer using the Backup Configuration screen. Figure 177 Management > Maintenance > Backup Click Save to save the configuration file to your computer. 288 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 289
use FTP commands to upload firmware to any image. The Switch supports dual firmware images, ras-0 and ras-1. You can switch from one to the other by using the boot image command, where is 1 (ras-0) or 2 (ras-1). See the CLI Reference Guide for more information about using commands - ZyXEL ES3500-24 | User Guide - Page 290
and firmware files should be transferred in binary mode. Specify the default remote directory (path). Specify the default local directory (path). 38.8.4 FTP Restrictions FTP will not work when: • FTP service is disabled in the Service Access Control screen. 290 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 291
Chapter 38 Maintenance • The IP address(es) in the Remote Management screen does not match the client IP address. If it does not match, the Switch will disconnect the FTP session immediately. ES3500 Series User's Guide 291 - ZyXEL ES3500-24 | User Guide - Page 292
TCP/IP-based devices. SNMP is used to exchange management information between the network management system (NMS) and a network element (NE). A manager station can manage and monitor the Switch through the network via SNMP version one (SNMPv1), SNMP version 2c or ES3500 Series User's Guide 292 - ZyXEL ES3500-24 | User Guide - Page 293
an SNMP management operation. SNMP is only available if TCP/IP is configured. Figure 179 SNMP Management Model An SNMP managed that define each piece of information to be collected about a switch. Examples of variables include number of packets received, node ES3500 Series User's Guide 293 - ZyXEL ES3500-24 | User Guide - Page 294
with "1.3.6.1.4.1.890.1.5.8.61" are specific to the ES3500-24 switch. The OIDs beginning with "1.3.6.1.4.1.890.1.5.8.72" are specific to the ES3500-8PD switch. The OIDs beginning with "1.3.6.1.4.1.890.1.5.8.73" are specific to the ES3500-24HP switch. Note: OIDs are common across all models - ZyXEL ES3500-24 | User Guide - Page 295
.27.2.1 ES3500-24HP: 1.3.6.1.4.1.890.1.5.8.73.27.2.1 ES3500-24: 1.3.6.1.4.1.890.1.5.8.61.27.2.2 ES3500-8PD: 1.3.6.1.4.1.890.1.5.8.72.27.2.2 ES3500-24HP: 1.3.6.1.4.1.890.1.5.8.73.27.2.2 ES3500-24: 1.3.6.1.4.1.890.1.5.8.61.27.2.1 ES3500-8PD: 1.3.6.1.4.1.890.1.5.8.72.27.2.1 ES3500-24HP: 1.3.6.1.4.1.890 - ZyXEL ES3500-24 | User Guide - Page 296
72.27.2.1 ES3500-24HP: 1.3.6.1.4.1.890.1.5.8.73.27.2.1 ES3500-24: 1.3.6.1.4.1.890.1.5.8.61.27.2.2 ES3500-8PD: 1.3.6.1.4.1.890.1.5.8.72.27.2.2 ES3500-24HP: 1.3.6.1.4.1.890.1.5.8.73.27.2.2 DESCRIPTION This trap is sent when the Switch automatically resets. This trap is sent when the Switch resets by - ZyXEL ES3500-24 | User Guide - Page 297
61.130.4.2 ES3500-8PD: 1.3.6.1.4.1.890.1.5.8.72.130.4.2 ES3500-24HP: 1.3.6.1.4.1.890.1.5.8.73.130.4.2 DESCRIPTION This trap is sent when an error is detected on a port, such as a loop occurs or the rate limit for specific control packets is exceeded. This trap is sent when the Switch ceases the - ZyXEL ES3500-24 | User Guide - Page 298
ES3500-8PD: 1.3.6.1.4.1.890.1.5.8.72.27.2.1 transceiverddmiEventClear ES3500-24HP: 1.3.6.1.4.1.890.1.5.8.73.27.2.1 ES3500-24: 1.3.6.1.4.1.890.1.5.8.61.27.2.2 ES3500-8PD: 1.3.6.1.4.1.890.1.5.8.72.27.2.2 ES3500-24HP is sent when the RADIUS server can be reached. 298 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 299
ES3500-24HP: 1.3.6.1.4.1.890.1.5.8.73.27.2.2 DESCRIPTION This trap is sent when there is no response message from the RADIUS accounting server. This trap is sent when the RADIUS accounting server can be reached. Table 130 SNMP IP when a traceroute test is completed. ES3500 Series User's Guide 299 - ZyXEL ES3500-24 | User Guide - Page 300
.1.5.8.61.36.2.1 DESCRIPTION This trap is sent when the STP root switch changes. This trap is sent when the MRSTP root switch changes. ES3500-8PD: 1.3.6.1.4.1.890.1.5.8.72.36.2.1 ES3500-24HP: 1.3.6.1.4.1.890.1.5.8.73.36.2.1 ES3500-24: 1.3.6.1.4.1.890.1.5.8.61.107.70.1 This trap is sent when the - ZyXEL ES3500-24 | User Guide - Page 301
the SNMP version and community (password) values. Version Select the SNMP version for the Switch. The SNMP version on the Switch must match the version on the SNMP manager. Choose SNMP version 2c (v2c), SNMP used by SNMP managers using SNMP version 2c or lower. ES3500 Series User's Guide 301 - ZyXEL ES3500-24 | User Guide - Page 302
SNMP manager. Trap Destination Version IP Port Username The Trap Community string Switch. Specify the version of the SNMP trap messages. Enter the IP to the Switch's run-time memory. The Switch loses these ES3500-24HP supports fanspeed and poe system traps. Figure 181 Management > Access Control - ZyXEL ES3500-24 | User Guide - Page 303
destination IP address in the SNMP Setting screen. Type Options Use the rest of the screen to select which traps the Switch sends to that SNMP manager. Select the categories of SNMP traps that the Switch is . Figure 182 Management > Access Control > SNMP > User ES3500 Series User's Guide 303 - ZyXEL ES3500-24 | User Guide - Page 304
previous configuration. Click Clear to reset the fields to the factory defaults. This is a read-only number identifying a login account on the Switch. Click on an index number to view more details and edit encryption method used for SNMP communication with this user. 304 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 305
password (1234). • A non-administrator (username is something other than admin) is someone who can view but not configure Switch settings. Click Management > Access Control > Logins to view the screen as shown next. Figure 183 Management > Access Control > Logins ES3500 Series User's Guide 305 - ZyXEL ES3500-24 | User Guide - Page 306
Password Type the existing system password (1234 is the default password when shipped). New Password Enter your new system the CLI. For more information on assigning privileges see the Ethernet Switch CLI Reference Guide. User Name Set a user name (up to 32 ASCII ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 307
the client and the server. The client then sends its authentication information (user name and password) to the server to log in to the server. ES3500 Series User's Guide 307 - ZyXEL ES3500-24 | User Guide - Page 308
figure. 1 HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the Switch's WS (web server). 2 HTTP connection requests from a web browser go to port 80 (by default) on the Switch's WS (web server). Figure 186 HTTPS Implementation 308 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 309
in the Service Access Control screen, then the Switch blocks all HTTP connection attempts. 39.9 HTTPS Example If you haven't changed the default HTTPS port on the Switch, then in your browser enter "https:// Switch IP Address/" as the web site address where "Switch IP Address" is the IP address or - ZyXEL ES3500-24 | User Guide - Page 310
39.9.1.2 Internet Explorer 7 or 8 When you attempt to access the Switch HTTPS server, a screen with the message "There is a problem with this website's security certificate." may display. If that is the Figure 189 Certificate Error (Internet Explorer 7 or 8) EXAMPLE 310 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 311
Chapter 39 Access Control Click Install Certificate... and follow the on-screen instructions to install the certificate in your browser. Figure 190 Certificate (Internet Explorer 7 or 8) ES3500 Series User's Guide 311 - ZyXEL ES3500-24 | User Guide - Page 312
Chapter 39 Access Control 39.9.2 Mozilla Firefox Warning Messages When you attempt to access the Switch HTTPS server, a This Connection is Untrusted screen may display. If that is the case, click I Understand the Risks and then the Add Exception... button. Figure - ZyXEL ES3500-24 | User Guide - Page 313
screen. Figure 192 Security Alert (Mozilla Firefox) EXAMPLE 39.9.3 The Main Screen After you accept the certificate and enter the login username and password, the Switch main screen appears. The lock displayed in the bottom right of the browser status bar (in Internet Explorer 6 or - ZyXEL ES3500-24 | User Guide - Page 314
Denoting a Secure Connection EXAMPLE 39.10 Service Port Access Control Service Access Control allows you to decide what services you may use to access the Switch. You may also change the default service port and configure "trusted computer(s)" for each service in 314 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 315
this option for the corresponding services that you want to allow to access the Switch. Service Port For Telnet, SSH, FTP, HTTP or HTTPS services, you may change the default service port by typing the new > Remote Management to view the screen as shown next. ES3500 Series User's Guide 315 - ZyXEL ES3500-24 | User Guide - Page 316
it. Start Address End Address Configure the IP address range of trusted computers from which you can manage this Switch. The Switch checks if the client IP address of a computer requesting a service or protocol matches the range set here. The Switch immediately disconnects the session if it does - ZyXEL ES3500-24 | User Guide - Page 317
ping IP addresses IP address of a device that you want to ping in order to test a connection. Ethernet Port Test Click Ping to have the Switch ping the IP address (in the field to the left). Enter a port number and click Port Test to perform an internal loopback test. ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 318
.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can message. 7 Debug: The message is intended for debug-level purposes. ES3500 Series User's Guide 318 - ZyXEL ES3500-24 | User Guide - Page 319
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. ES3500 Series User's Guide 319 - ZyXEL ES3500-24 | User Guide - Page 320
edit the entry later). Server Address Enter the IP address of the syslog server. Log Level to save your changes to the Switch's run-time memory. The Switch loses these changes if it Clear to return the fields to the factory defaults. Index This is the index number of ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 321
Members The switches being managed by the cluster manager switch. In the following example, switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster members. Figure 199 Clustering Application Example ES3500 Series User's Guide 321 - ZyXEL ES3500-24 | User Guide - Page 322
example the cluster member switch password was changed or the switch was set as the manager and so left the member list, etc.) Offline (the switch is disconnected - Offline shows approximately 1.5 minutes after the link between cluster member and manager goes down) 322 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 323
Screen example example 42.2.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following OK ftp: 262144 bytes sent in 0.63Seconds 415.44Kbytes/sec. ftp> ES3500 Series User's Guide 323 - ZyXEL ES3500-24 | User Guide - Page 324
to the cluster member switch. fw-00-a0-c5-01-23-46 This is the cluster member switch's firmware name as seen in the cluster manager switch. config-00-a0-c5-01-23-46 This is the cluster member switch's configuration file name as seen in the cluster manager switch. 324 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 325
Manager Active Select Active to have this Switch become the cluster manager switch. A cluster can only have one manager. Other (directly connected) switches that are set to be cluster managers Manager. You may use up to 32 printable characters (spaces are allowed). ES3500 Series User's Guide 325 - ZyXEL ES3500-24 | User Guide - Page 326
member switch's System Name. Model This is the cluster member switch's model name. Remove Select this checkbox and then click the Remove button to remove a cluster member switch from the cluster. Cancel Click Cancel to begin configuring this screen afresh. 326 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 327
forwarded or filtered across the Switch's ports. It shows what Switch) or static (manually entered in the Static MAC Forwarding screen). The Switch Switch has already learned the port for this MAC address, then it forwards the frame to that port. • If the Switch • If the Switch has already learned the - ZyXEL ES3500-24 | User Guide - Page 328
. Select All to display any entry in the MAC table of the Switch. Select Static to display the MAC entries manually configured on the Switch. Select MAC and enter a MAC address in the field provided to to display and arrange the data according to port number. 328 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 329
entries. These entries will then display only in the Filtering screen and the default filtering action is Discard source. Click Cancel to change the fields back to is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). ES3500 Series User's Guide 329 - ZyXEL ES3500-24 | User Guide - Page 330
on the LAN. The Switch fills in its own MAC and IP address in the sender address fields, and puts the known IP address of the target in the target IP address field. In addition, the Switch puts all ones in and then sends the packet to the MAC address that replied. ES3500 Series User's Guide 330 - ZyXEL ES3500-24 | User Guide - Page 331
This field displays the port to which the device connects. CPU means this learned IP address is the Switch's management IP address. This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). ES3500 Series User's Guide 331 - ZyXEL ES3500-24 | User Guide - Page 332
from a source port to a destination port or ports. Click Management > Configure Clone to open the following screen. Note: Only the ES3500-24HP supports Power over Ethernet. Note: The ES3500-8PD supports Green Ethernet completely. The ES3500-24 only supports EEE. ES3500 Series User's Guide 332 - ZyXEL ES3500-24 | User Guide - Page 333
Figure 207 Management > Configure Clone Chapter 45 Configure Clone ES3500 Series User's Guide 333 - ZyXEL ES3500-24 | User Guide - Page 334
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 334 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 335
and re-connect the power cord to the Switch. 6 If the problem continues, contact the vendor. The ALM LED is on. 1 Turn the Switch off and on. 2 Disconnect and re-connect the power adaptor or cord to the Switch. 3 If the problem continues, contact the vendor. ES3500 Series User's Guide 335 - ZyXEL ES3500-24 | User Guide - Page 336
Troubleshooting Switch off and on. 5 Disconnect and re-connect the power cord to the Switch. 6 If the problem to be powered via Ethernet and make sure the Switch has enough remaining power to supply the device the other end of the link probably doesn't support Green Ethernet. If the port comes up, - ZyXEL ES3500-24 | User Guide - Page 337
the Switch, skip this step.) 5 Reset the device to its factory defaults, and try to access the Switch with the default IP address. See Section 4.6 on page 44. 6 If the problem continues, contact the vendor, or try one of the advanced suggestions. Advanced Suggestions ES3500 Series User's Guide 337 - ZyXEL ES3500-24 | User Guide - Page 338
Chapter 46 Troubleshooting • Try to access the Switch using another service, such as Telnet. If you can access the Switch, check the remote management settings to find out why the Switch does not respond to HTTP. I can see the Login screen, but I cannot log in to the Switch. 1 Make sure you have - ZyXEL ES3500-24 | User Guide - Page 339
into the Switch's nonvolatile memory each time you make changes. Click Save at the top right corner of the web configurator to save the configuration permanently. See also Section 38.3 on page 286 for more information about how to save your configuration. ES3500 Series User's Guide 339 - ZyXEL ES3500-24 | User Guide - Page 340
Chapter 46 Troubleshooting 340 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 341
popular videoconferencing solution from White Pines Software. Domain Name Server, a service that matches web names (for example www.zyxel.com) to IP numbers. The IPSEC ESP (Encapsulation Security Protocol) tunneling protocol uses this service. Finger is a UNIX or Internet related command that can be - ZyXEL ES3500-24 | User Guide - Page 342
(TCP/IP or other service that enables real time sound over the web. Remote Execution Daemon. Remote Login. Remote Telnet. The Real Time Streaming (media control) Protocol (RTSP) is a remote control for multimedia on the Internet. Simple File Transfer Protocol. 342 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 343
Appendix A Common Services Table 149 Commonly Used Services (continued) NAME common on the Internet and in UNIX environments. It operates over TCP/ IP networks. Its primary function is to allow users to log into remote Protocol). Another videoconferencing solution. ES3500 Series User's Guide 343 - ZyXEL ES3500-24 | User Guide - Page 344
Appendix A Common Services 344 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 345
ZyXEL manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL ZyXEL ZyXEL Network Operating System) is a registered trademark of ZyXEL digital switch, pursuant instruction manual - ZyXEL ES3500-24 | User Guide - Page 346
to http://www.zyxel.com. 2 Select your product on the ZyXEL home page to go to from this page. ZyXEL Limited Warranty ZyXEL warrants to the original faulty workmanship and/or materials, ZyXEL will, at its discretion, will be solely at the discretion of ZyXEL. This warranty shall not apply if - ZyXEL ES3500-24 | User Guide - Page 347
any kind to the purchaser. To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material Authorization number (RMA firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products. ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 348
will step on them or stumble over them. • Always disconnect all cables from this device before servicing or disassembling. • Use ONLY an appropriate power adaptor or cord for your device. Connect it to electrical and electronic equipment should be treated separately. 348 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 349
/1/24 WEEE Direktiv 2002/96/EC (WEEE: hantering av elektriskt och elektroniskt avfall) 2008/34/EC Deklaration undertecknad av: Namn/Titel: Raymond Huang / Quality & Customer Service Division Assistant VP Datum (åååå/mm/dd): 2011/1/24 ES3500 Series User's Guide 349 - ZyXEL ES3500-24 | User Guide - Page 350
Appendix B Legal InformationSafety Warnings 350 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 351
applications backbone 19 bridging 20 IEEE 802.1Q VLAN 21 switched workgroup 20 ARP how it works 330 table 331 ARP authorization privilege levels 210 ES3500 Series User's Guide setup 208 auto-crossover and Internal Spanning Tree) 126 Class of Service (CoS) 270 classifier 167, 169 and QoS 167 - ZyXEL ES3500-24 | User Guide - Page 352
firmware upgrade 323 network example 321 setup 325 specification 321 status 322 switch service level 270 what it does 270 DSCP (DiffServ Code Point) 270 Dual-personality interfaces description 19 location 29 dynamic link aggregation 149 D daylight saving time 87 default ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 353
filename convention, configuration 289 filtering 122 rules 122 filtering database, MAC table 327 firmware 85 upgrade 287, 323 flow control 94 back pressure 94 IEEE802.3x 94 Protocol version 6, see IPv6 introduction 19 IP address 92 IP interface 91 IP setup 91 ES3500 Series User's Guide 353 - ZyXEL ES3500-24 | User Guide - Page 354
217 DHCP snooping 215 static bindings 215 IP subnet mask 92 IPv6 22 Neighbor Discovery viewing 328 maintenance 285 configuration backup 288 current configuration 285 firmware 287 main screen 285 restoring configuration 288 Management Information Base middle attacks 217 max ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 355
Dependent Interface Crossover) 31 MIB and SNMP 293 supported MIBs 294 MIB (Management Information Base) 293 87 multicast 187 802.1 priority 189 and IGMP 187 IGMP throttling 191 IP addresses 187 overview 187 setup 189 multicast group 193 multicast VLAN 198 332, 334 ES3500 Series User's Guide 355 - ZyXEL ES3500-24 | User Guide - Page 356
, See RSTP. 124 reboot load configuration 286 reboot system 286 Reference Guide, CLI 2 registration product 347 related documentation 2 remote management 315 service 316 trusted computers 316 resetting 44, 286 to factory default settings 286 restoring configuration 44, 288 RFC 3164 318 Round Robin - ZyXEL ES3500-24 | User Guide - Page 357
286 service access control 314 service port users 303 version 3 293 versions supported 292 SNMP traps 294 setup 302 supported 294, 295, 298, 300 Spanning switch lockout 43 switch reset 44 switch setup 89 syslog 218, 318 protocol 318 server setup 320 settings 319 ES3500 Series User's Guide Index 357 - ZyXEL ES3500-24 | User Guide - Page 358
snooping 52 358 Error Disable 65 PPPoE IA 59 Two Rate Three Color Marker (TRTCM) 271 Type of Service (ToS) 270 U UDLD 245 UniDirectional Link Detection, see UDLD untrusted ports ARP inspection 218 DHCP snooping (Virtual Local Area Network) 87 VLAN ID 92 VLAN mapping 238 ES3500 Series User's Guide - ZyXEL ES3500-24 | User Guide - Page 359
layout 38 login 37 logout 45 navigation panel 40 weight, queuing 178 Weighted Round Robin Scheduling (WRR) 178 WRR (Weighted Round Robin Scheduling) 178 Z ZyNOS (ZyXEL Network Operating System) 289 ES3500 Series User's Guide Index 359 - ZyXEL ES3500-24 | User Guide - Page 360
Index 360 ES3500 Series User's Guide
-
1 -
2 -
3 -
4 -
5 -
6 -
7 -
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
-
269
-
270
-
271
-
272
-
273
-
274
-
275
-
276
-
277
-
278
-
279
-
280
-
281
-
282
-
283
-
284
-
285
-
286
-
287
-
288
-
289
-
290
-
291
-
292
-
293
-
294
-
295
-
296
-
297
-
298
-
299
-
300
-
301
-
302
-
303
-
304
-
305
-
306
-
307
-
308
-
309
-
310
-
311
-
312
-
313
-
314
-
315
-
316
-
317
-
318
-
319
-
320
-
321
-
322
-
323
-
324
-
325
-
326
-
327
-
328
-
329
-
330
-
331
-
332
-
333
-
334
-
335
-
336
-
337
-
338
-
339
-
340
-
341
-
342
-
343
-
344
-
345
-
346
-
347
-
348
-
349
-
350
-
351
-
352
-
353
-
354
-
355
-
356
-
357
-
358
-
359
-
360
 |
 |
Quick Start Guide
www.zyxel.com
ES3500 Series
Intelligent L2 switch
Version 4.00
Edition 3, 06/2012
Copyright © 2012 ZyXEL Communications Corporation
User’s Guide
Default Login Details
LAN IP Address
User Name
admin
Password
1234