ZyXEL GS2200-48 User Guide
ZyXEL GS2200-48 Manual
 |
View all ZyXEL GS2200-48 manuals
Add to My Manuals
Save this manual to your list of manuals |
ZyXEL GS2200-48 manual content summary:
- ZyXEL GS2200-48 | User Guide - Page 1
GS2200-8/24 Series Intelligent Layer 2 GbE Switch Default Login Details IP Address http://192.168.1.1 User Name admin Password 1234 Firmware Version 4.00 Edition 1, 12/2011 www.zyxel.com Copyright © 2011 ZyXEL Communications Corporation - ZyXEL GS2200-48 | User Guide - Page 2
- ZyXEL GS2200-48 | User Guide - Page 3
CD for support documents. Documentation Feedback Send your comments, questions or suggestions to: [email protected] Thank you! The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 30099, Taiwan. GS2200-8/24 User's Guide 3 - ZyXEL GS2200-48 | User Guide - Page 4
in which you bought the device. See http://www.zyxel.com/web/contact_us.php for contact information. Please have the following information ready when you contact an office. • Product model and serial number. • Warranty Information. • Date that you received your device. 4 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 5
• Brief description of the problem and the steps you took to solve it. About This User's Guide GS2200-8/24 User's Guide 5 - ZyXEL GS2200-48 | User Guide - Page 6
to configure or helpful tips) or recommendations. Syntax Conventions • The GS2200-8, GS2200-8HP, GS2200-24 and GS2200-24P may be referred to as the "Switch", the "device", the "system" or the "product" in this User's Guide. Differentiation is made where needed. • Product labels, screen names, field - ZyXEL GS2200-48 | User Guide - Page 7
Server DSLAM Telephone Router Firewall Document Conventions GS2200-8/24 User's Guide 7 - ZyXEL GS2200-48 | User Guide - Page 8
ports. • Place connecting cables carefully so that no one will step on them or stumble over them. • Always disconnect all cables from this device before servicing with a fuse of the same type and rating. • The POE (Power over Ethernet) devices that supply or receive power and GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 9
...165 Multicast ...168 AAA ...182 IP Source Guard ...193 Loop Guard ...215 Layer 2 Protocol Tunneling ...219 PPPoE ...223 Error Disable ...231 Static Route ...237 Differentiated Services ...240 DHCP ...244 ARP Learning ...250 Maintenance ...255 Access Control ...261 GS2200-8/24 User's Guide 9 - ZyXEL GS2200-48 | User Guide - Page 10
Contents Overview Diagnostic ...285 Syslog ...287 Cluster Management ...290 MAC Table ...296 ARP Table ...299 Configure Clone ...301 Troubleshooting ...303 Product Specifications ...307 10 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 11
Brackets to the Switch 28 2.3.3 Mounting the Switch on a Rack 29 2.4 Wall Mounting (for GS2200-8 only 29 Chapter 3 Hardware Panels...31 3.1 Overview ...31 3.2 Front Panels ...31 3.2.1 Console Port ...33 3.2.2 Gigabit Ethernet Ports ...33 3.2.3 Mini-GBIC Slots ...34 GS2200-8/24 User's Guide 11 - ZyXEL GS2200-48 | User Guide - Page 12
Introduction 55 6.3.2 Creating a VLAN ...55 6.3.3 Configuring DHCP Relay ...58 6.3.4 Troubleshooting ...59 Chapter 7 System Status and Port Statistics...60 7.1 Overview ...60 7.1.1 What You Can Do ...60 7.2 Port Status Summary ...61 7.2.1 Status: Port Details ...63 12 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 13
...69 8.4 Introduction to VLANs ...70 8.5 Switch Setup Screen ...71 8.6 IP Setup ...72 8.6.1 Management IP Addresses ...73 8.7 Port Setup ...75 8.8 PoE Status ...76 8.8.1 PoE Setup ...79 Chapter 9 VLAN ...83 9.1 What You Can Do ...103 11.1.2 What You Need To Know ...103 GS2200-8/24 User's Guide 13 - ZyXEL GS2200-48 | User Guide - Page 14
118 13.8 Configure Multiple Spanning Tree Protocol 120 13.8.1 Multiple Spanning Tree Protocol Port Configuration 123 13.9 Multiple Spanning Tree Protocol Status 123 13.10 Technical Reference Control Setup ...133 Chapter 16 Mirroring ...134 16.1 Overview ...134 14 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 15
Control Protocol 142 17.5 Technical Reference ...143 17.5.1 Static Trunking Example ...143 Chapter 18 Port Authentication ...145 18.1 Overview ...145 18.1.1 What You Can Do ...145 18.1.2 What You 21.1.1 What You Can Do ...160 21.2 Configuring Policy Rules ...160 GS2200-8/24 User's Guide 15 - ZyXEL GS2200-48 | User Guide - Page 16
Vendor Specific Attribute ...190 24.6.2 Supported RADIUS Attributes 191 24.6.3 Attributes Used for Authentication 192 Chapter 25 IP Source Guard...193 25.1 Overview ...193 25.1.1 What You Can Do ...193 25.1.2 What You Need to Know ...194 25.2 IP Source Guard ...194 16 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 17
.3 IP Source Guard Static Binding ...195 25.4 DHCP Snooping ...196 25.5 DHCP Snooping Configure ...199 25.5.1 DHCP Snooping Port Configure -Port ...227 28.3.2 PPPoE IA Per-Port Per-VLAN 228 28.3.3 PPPoE IA for VLAN ...230 Chapter 29 Error Disable ...231 29.1 Overview ...231 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 18
Overview ...237 30.1.1 What You Can Do ...237 30.2 Configuring Static Routing ...238 Chapter 31 Differentiated Services...240 31.1 Overview ...240 31.1.1 What You Can Do ...240 31.1.2 What You Need to Learning ...252 Chapter 34 Maintenance ...255 34.1 Overview ...255 18 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 19
255 34.2.1 Load Factory Default ...256 34.2.2 Save Configuration ...256 34.2.3 Reboot System ...257 34.3 Firmware Upgrade ...257 34.4 User 265 35.4 Setting Up Login Accounts ...266 35.5 Service Port Access Control 268 35.6 Remote Management ...268 35.7 Technical ...289 GS2200-8/24 User's Guide 19 - ZyXEL GS2200-48 | User Guide - Page 20
Power, Hardware Connections, and LEDs 303 42.2 Switch Access and Login ...304 42.3 Switch Configuration ...306 Chapter 43 Product Specifications ...307 Appendix A Changing a Fuse ...315 Appendix B Common Services ...317 Appendix C Legal Information ...321 Index ...323 20 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 21
PART I User's Guide 21 - ZyXEL GS2200-48 | User Guide - Page 22
22 - ZyXEL GS2200-48 | User Guide - Page 23
the GS2200-24P supports the IEEE 802.3af PoE standard. Ports 1 to 4 on the GS2200-8HP can supply power of up to 30W per Ethernet port. Ports 5 to 8 on the GS2200-8HP and ports 1 to 24 on the GS2200-24P can supply power of up to 15.4W per Ethernet port. Key feature differences between Switch models - ZyXEL GS2200-48 | User Guide - Page 24
to centralize multiple servers at a single location. Figure 2 Bridging Application 1.1.3 High Performance Switching Example The Switch is ideal for connecting two networks that need high bandwidth. In the following example, use trunking to connect these two networks. 24 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 25
complex maintenance. The Switch can provide the same bandwidth as switches. Moreover, the current LAN structure can be retained as all ports can freely communicate with each other. Figure 3 High Performance Switched page 83. 1.1.4.1 Tag-based VLAN Example Ports in the same VLAN group share the - ZyXEL GS2200-48 | User Guide - Page 26
or even crashes. If you forget your password, you will have to reset the Switch to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the Switch. You could simply restore your last configuration. 26 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 27
in a wiring closet with other equipment. Follow the steps below to mount your Switch on a standard EIA rack using a rackmounting kit. 2.3.1 Rack-mounted Installation Requirements Make sure the rack will safely support the combined weight of all the equipment it contains. GS2200-8/24 User's Guide 27 - ZyXEL GS2200-48 | User Guide - Page 28
Philips screwdriver, install the M3 flat head screws through the mounting bracket holes into the Switch. 3 Repeat steps 1 and 2 to install the second mounting bracket on the other side of the Switch. 4 You may now mount the Switch on a rack. Proceed to the next section. 28 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 29
GS2200-8 only) Do the following to attach your Switch to a wall. Insecure mounting may damage the device or cause injury. ZyXEL Switch. Note: Make sure the screws are securely fixed to the wall and strong enough to hold the weight of the Switch with the connection cables. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 30
the back of the Switch with the screws on the wall. Hang the Switch on the screws. Figure 7 Wall-mounting Example 135 mm The Switch should be wall-mounted horizontally. The Switch's side panels with ventilation (mm). Figure 8 Masonry Plug and 3.5 mm Self-Tapping Screw 30 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 31
Front Panels The following figure shows the front panel of the Switch. Figure 9 Front Panel (GS2200-8) LEDs Console Port Ethernet Ports Dual Personality Interfaces Figure 10 Front Panel (GS2200-8HP) LEDs Console Port PoE Ethernet Ports Dual Personality Interfaces GS2200-8/24 User's Guide 31 - ZyXEL GS2200-48 | User Guide - Page 32
switch or router. The GS2200-8HP supports the IEEE 802.3at High Power over Ethernet (PoE) standard and the GS2200-24P supports the IEEE 802.3af PoE standard. Ports 1 to 4 on the GS2200-8HP can supply power of up to 30W per Ethernet port. Ports 5 to 8 on the GS2200-8HP and ports 1 to 24 on the GS2200 - ZyXEL GS2200-48 | User Guide - Page 33
is turned on, an Ethernet port negotiates with the peer automatically to determine the connection speed and duplex mode. If the peer Ethernet port does not support autonegotiation or turns off this feature, the Switch determines the connection speed by detecting the GS2200-8/24 User's Guide 33 - ZyXEL GS2200-48 | User Guide - Page 34
Ethernet port are the same in order to connect. 3.2.2.1 Default Ethernet Negotiation Settings The factory default negotiation settings for the Gigabit ports on the Switch • Connection speed: GS2200-8/8HP: 100 Megabit per second (Mbps) or 1 Gigabit per second (Gbps) GS2200-24/24P: 1 Gigabit per - ZyXEL GS2200-48 | User Guide - Page 35
Transceiver's Latch Example Figure 17 Transceiver Removal Example 3.2.4 Power Connector Note: Make sure you are using the correct power source as shown on the panel. GS2200-8/24 User's Guide 35 - ZyXEL GS2200-48 | User Guide - Page 36
of the Switch and as an aid in troubleshooting. Table 3 LED Descriptions LED COLOR PWR Green SYS Green PPS (GS2200-24P only) ALM Green Red Ethernet Ports LNK/ACT Green STATUS On Off On Blinking Off On Off On Off Blinking Amber On Blinking PoE Amber (GS2200-8HP or GS2200-24P only - ZyXEL GS2200-48 | User Guide - Page 37
PART II Technical Reference 37 - ZyXEL GS2200-48 | User Guide - Page 38
38 - ZyXEL GS2200-48 | User Guide - Page 39
associated default password is 1234. The date and time display as shown if you have not configured a time server nor manually entered a time and date in the General Setup screen. Figure 18 Web Configurator: Login 4 Click OK to view the first web configurator screen. GS2200-8/24 User's Guide 39 - ZyXEL GS2200-48 | User Guide - Page 40
Screen The Status screen is the first screen that displays when you access the web configurator. This guide uses the GS2200-24P screens as an example. The screens may vary slightly for different models. The following figure shows the navigating components of a web configurator screen. Figure 19 Web - ZyXEL GS2200-48 | User Guide - Page 41
can configure the IP address, subnet mask (necessary for Switch management) and DNS (domain name server) and set up to 64 IP routing domains. Port Setup This link takes you to a screen where you can configure settings for individual Switch ports. PoE (For GS2200-8HP or GS2200-24P only) This link - ZyXEL GS2200-48 | User Guide - Page 42
multicast MAC addresses for port(s). These static multicast IP Application Static Routing This link takes you to a screen where you can configure static routes. A static route defines how the Switch should forward traffic by configuring the TCP/IP parameters manually. 42 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 43
) of devices attached to what ports and VLAN IDs. ARP Table This link takes you to a screen where you can view the MAC addresses - IP address resolution table. Configure Clone This link takes you to a screen where you can copy attributes of one port to other ports. GS2200-8/24 User's Guide 43 - ZyXEL GS2200-48 | User Guide - Page 44
Switch's power is turned off. Note: Use the Save link when you are done with a configuration session. 4.5 Switch Lockout You could block yourself (and all others) from managing the Switch if you do one of the following: 1 Delete the management VLAN (default is VLAN 1). 44 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 45
a service port number but forget it. Note: Be careful not to lock yourself and others out of the Switch. 4.6 Resetting the Switch If you lock yourself (and others) from the Switch or forget the administrator password, you will need to reload the factory-default configuration file or reset the Switch - ZyXEL GS2200-48 | User Guide - Page 46
Click Logout in a screen to exit the web configurator. You have to log in with your password again after you log out. This is recommended after you finish a management session for security reasons. configurator screen to view an online help description of that screen. 46 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 47
broadcast frames to the VLAN group in which the port(s) belongs. You can do this with port-based VLAN or tagged static VLAN with fixed port members. In this example, you want to configure port 1 as a member of VLAN 2. Figure 22 Initial Setup Network Example: VLAN GS2200-8/24 User's Guide 47 - ZyXEL GS2200-48 | User Guide - Page 48
the run-time memory. Settings in the run-time memory are lost when the Switch's power is turned off. 5.1.2 Setting Port VID Use PVID to add a tag to incoming untagged frames received on that port so that the frames are forwarded to the VLAN group that the tag defines. 48 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 49
Switch Management IP Address The default management IP address of the Switch is 192.168.1.1. You can configure another IP address in a different subnet for management purposes. The following figure shows an example. Figure 24 Initial Setup Example: Management IP Address GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 50
which you want this management IP address to belong. This is the same as the VLAN ID you configure in the Static VLAN screen. 7 Click Add to save your changes back to the runtime memory. Settings in the run-time memory are lost when the Switch's power is turned off. 50 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 51
DHCP Client (B) 6 1 and 100 DHCP Client (C) 7 1 and 100 PVID 100 100 100 DHCP SNOOPING PORT TRUSTED Yes No No 1 Access the Switch through http://192.168.1.1 by default. Log into the Switch by entering the username (default: admin) and password (default: 1234). GS2200-8/24 User's Guide 51 - ZyXEL GS2200-48 | User Guide - Page 52
26 Tutorial: Create a VLAN and Add Ports to It 3 Go to Advanced Application > VLAN > VLAN Port Setting, and set the PVID of the ports 5, 6 and 7 to 100. This tags untagged incoming frames on ports 5, 6 and 7 with the tag 100. Figure 27 Tutorial: Tag Untagged Frames 52 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 53
screen appears. Select Trusted in the Server Trusted state field for port 5 because the DHCP server is connected to port 5. Keep ports 6 and 7 Untrusted because they are connected to DHCP clients. Click Apply. Figure 29 Tutorial: Set the DHCP Server Port to Trusted GS2200-8/24 User's Guide 53 - ZyXEL GS2200-48 | User Guide - Page 54
Port ----- 7 6.3 How to Use DHCP Relay on the Switch This tutorial describes how to configure your Switch to forward DHCP client requests to a specific DHCP server. The DHCP server can then assign a specific IP address based on the information in the DHCP requests. 54 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 55
102. Figure 32 Tutorial: DHCP Relay Scenario DHCP Server 192.168.2.3 Port 2 PVID=102 A VLAN 102 172.16.1.18 6.3.2 Creating a VLAN Follow the steps below to configure port 2 as a member of VLAN 102. 1 Access the web configurator through the Switch's management port. GS2200-8/24 User's Guide 55 - ZyXEL GS2200-48 | User Guide - Page 56
, enter a descriptive name (VLAN 102 for example) in the Name field and enter 102 in the VLAN Group ID field. 5 Select Fixed to configure port 2 to be a permanent member of this VLAN. 6 Clear the TX Tagging check box to set the Switch to remove VLAN tags before sending. 56 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 57
Setting link in the VLAN Status screen. Figure 35 Tutorial: Click the VLAN Port Setting Link 9 Enter 102 in the PVID field for port 2 to add a tag to incoming untagged frames received on that port so that the frames are forwarded to the VLAN group that the tag defines. GS2200-8/24 User's Guide 57 - ZyXEL GS2200-48 | User Guide - Page 58
Port IP Application > DHCP and then the Global link to open the DHCP Relay screen. 2 Select the Active check box. 3 Enter the DHCP server's IP address (192.168.2.3 in this example) in the Remote DHCP Server 1 field. 4 Select the Option 82 and the Information check boxes. 58 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 59
, make sure: 1 Client A is connected to the Switch's port 2 in VLAN 102. 2 You configured the correct VLAN ID, port number and system name for DHCP relay on both the DHCP server and the Switch. 3 You clicked the Save link on the Switch to have your settings take effect. GS2200-8/24 User's Guide 59 - ZyXEL GS2200-48 | User Guide - Page 60
summary with links to each port showing statistical details. 7.1.1 What You Can Do • Use the Port Status Summary screen (Section 7.2 on page 61) to view the port statistics. • Use the Port Details screen (Section 7.2.1 on page 63) to display individual port statistics. GS2200-8/24 User's Guide 60 - ZyXEL GS2200-48 | User Guide - Page 61
screen as shown next. Figure 38 Status (GS2200-24) Figure 39 Status (GS2200-24P) The following table describes the labels in this screen. Table 7 Status LABEL DESCRIPTION Port This identifies the Ethernet port. Click a port number to display the Port Details screen (refer to Figure 40 on - ZyXEL GS2200-48 | User Guide - Page 62
FORWARDING if the link is up, otherwise, it displays STOP. (For GS2200-8HP or GS2200-24P only) This field displays whether or not a powered device (PD) is allowed to receive power from the Switch on this port. This fields displays whether LACP (Link Aggregation Control Protocol) has been enabled - ZyXEL GS2200-48 | User Guide - Page 63
the port number you are viewing. Name This field displays the name of the port. Link This field displays the speed (either 100M for 100Mbps or 1000M for 1000Mbps) and the duplex (F for full duplex or H for half duplex). It also shows the cable type (Copper or Fiber). GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 64
Protocol) is enabled, this field displays the STP state of the port (see Section 13.1 on page 109 for more information). LACP defined as the number of maximum collisions before the retransmission count is reset. Late This is the number of times a late collision is 64 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 65
Chapter 7 System Status and Port Statistics Table 8 Status: Port Details (continued) LABEL 128-255 256-511 512-1023 10241518 Giant DESCRIPTION This and the maximum frame size. The maximum frame size varies depending on your switch model. See Chapter 43 on page 307. GS2200-8/24 User's Guide 65 - ZyXEL GS2200-48 | User Guide - Page 66
) to view the current amount of power that PDs are receiving from the Switch and use the PoE Setup screen (Section 8.8.1 on page 79) to set the priority levels for the Switch in distributing power to PDs. (These screens are available to GS2200-8HP and GS2200-24P only.) GS2200-8/24 User's Guide 66 - ZyXEL GS2200-48 | User Guide - Page 67
the Switch for identification purposes. Product Model This field displays the product model of the Switch. Use this information when searching for firmware upgrade or looking for other support information for temperatures below the threshold and Error for those above. GS2200-8/24 User's Guide 67 - ZyXEL GS2200-48 | User Guide - Page 68
Note: The fan speed information is available only on the GS2200-8HP and GS2200-24P that have fans. This field displays this fan's current speed This field displays the percentage tolerance of the voltage with which the Switch still works. Normal indicates that the voltage is within an acceptable - ZyXEL GS2200-48 | User Guide - Page 69
) is similar to Time (RFC-868). Time Server IP Address Current Time None is the default value. Enter the time manually. Each time you turn on the Switch, the time and date will be reset to 1970-1-1 0:0:0. Enter the IP address of your timeserver. The Switch searches for the timeserver for up to 60 - ZyXEL GS2200-48 | User Guide - Page 70
is one hour ahead of GMT or UTC (GMT+1). Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on see the printers and hard disks of another user in the same building. 70 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 71
traffic. See Chapter 9 on page 83 for information on port-based and 802.1Q tagged VLANs. 8.5 Switch Setup Screen Click Basic Setting > Switch Setup in the navigation panel to display the screen as values. See the chapter on VLAN setup for more background information. GS2200-8/24 User's Guide 71 - ZyXEL GS2200-48 | User Guide - Page 72
to reset the fields. 8.6 IP Setup Use the IP Setup screen to configure the Switch IP address, default gateway device, the default domain name server and the management VLAN ID. The default gateway specifies the IP address of the default gateway (next hop) for outgoing traffic. 72 GS2200-8/24 User - ZyXEL GS2200-48 | User Guide - Page 73
the network. The factory default IP address is 192.168.1.1. The subnet mask specifies the network number portion of an IP address. The factory default subnet mask is 255.255.255.0. You can configure up to 64 IP addresses which are used to access and manage the Switch from the ports belonging to the - ZyXEL GS2200-48 | User Guide - Page 74
Gateway This field displays the IP address of the default gateway. Delete Check the management IP addresses that you want to remove in the Delete column, then click the Delete button. Cancel Click Cancel to clear the selected check boxes in the Delete column. 74 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 75
this port. You can enter up to 64 alpha-numerical characters. Type Note: Due to space limitation, the port name may be truncated in some web configurator screens. This field displays 10/100M for Fast Ethernet connections and 10/100/1000M for Gigabit connections. GS2200-8/24 User's Guide 75 - ZyXEL GS2200-48 | User Guide - Page 76
when you are done configuring. Click Cancel to begin configuring this screen afresh. 8.8 PoE Status Note: The following screens are available for the GS2200-8HP or GS2200-24P model only. Some features are only available for the Ethernet ports (1 to 8 or 1 to 24). 76 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 77
-8HP and ports 1 to 24 on the GS2200-24P can supply power of up to 15.4W per Ethernet port. Note: The GS2200-24P is compatible with ZyXEL's PPS250 power module. The PPS250 provides additional external PoE power budget on top of the internal power budget of the GS2200-24P. Refer to the User's Guide - ZyXEL GS2200-48 | User Guide - Page 78
the amount of power the Switch can still provide for PoE. Note: The GS2200-24P must have at least 20 W of remaining power in order to supply power to a PoE device, even if the PoE device needs less than 20 W. This is the port index number. This field shows which ports can receive power from the - ZyXEL GS2200-48 | User Guide - Page 79
amount of power the PD could use from the Switch on this port. This field displays the maximum amount of current drawn by the PD from the Switch on this port. 8.8.1 PoE Setup Use this screen to set the priority levels for the Switch in distributing power to PDs. GS2200-8/24 User's Guide 79 - ZyXEL GS2200-48 | User Guide - Page 80
PD priority on the port. Select High to set the Switch to assign the remaining power to the port after all critical priority ports are served. Select Low to set the Switch to assign the remaining power to the port after all critical and high priority ports are served. 80 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 81
time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide 81 - ZyXEL GS2200-48 | User Guide - Page 82
Chapter 8 Basic Setting 82 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 83
port. The remaining twelve bits define the VLAN ID, giving a possible maximum number of 4,096 VLANs. Note that user priority and VLAN ID are independent of each other. A frame with VID (VLAN Identifier) of null (0) is called a priority frame, meaning that only the priority GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 84
IEEE 802.1Q VLAN terminology. Table 16 IEEE 802.1Q VLAN Terminology VLAN PARAMETER TERM VLAN Type Permanent VLAN DESCRIPTION This is a static VLAN created manually. Dynamic VLAN This is a VLAN configured by a GVRP registration/ deregistration process. 84 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 85
tags 1 and 2 (VLAN groups that are unknown to those switches) to pass through their VLAN trunking port(s). Figure 49 Port VLAN Trunking 9.1.2.3 Select the VLAN Type Select a VLAN type in the Basic Setting > Switch Setup screen. Figure 50 Switch Setup > Select VLAN Type GS2200-8/24 User's Guide 85 - ZyXEL GS2200-48 | User Guide - Page 86
can also tag all outgoing frames (that were previously untagged) from a port with the specified VID. 9.2 VLAN Status Click Advanced Application > VLAN display all VLANs configured on the Switch. This is the number of VLANs configured on the Switch. This is the number of VLANs GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 87
and ports not participating in a VLAN are marked as "- ". This field shows how long it has been since a normal VLAN was registered or a static VLAN was set up. This field shows how this VLAN was added to the Switch. dynamic: using GVRP static: added as a permanent entry GS2200-8/24 User's Guide 87 - ZyXEL GS2200-48 | User Guide - Page 88
Static VLAN Use this screen to configure and view 802.1Q VLAN parameters for the Switch. To configure a static VLAN, click Static VLAN in the VLAN Status screen to the valid range is between 1 and 4094. Port The port number identifies the port you are configuring. 88 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 89
are copied to all the ports as soon as you make them. Select Normal for the port to dynamically join this VLAN group using GVRP. This is the default selection. Select Fixed for the port to be a permanent member summary table. Click Cancel to clear the Delete check boxes. GS2200-8/24 User's Guide 89 - ZyXEL GS2200-48 | User Guide - Page 90
all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. 90 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 91
services). You also have a subnet based VLAN with priority 5 and VID of 200 for traffic received from IP subnet 192.168.1.0/24 (video services). Lastly, you configure VLAN with priority 3 and VID of 300 for traffic received from IP subnet 10.1.1.0/24 (data services). All GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 92
un-tagged packets and is applicable only when you use IEEE 802.1Q tagged VLAN. Note: You can not enable subnet-based VLANs on the Switch when the Guest VLAN feature is activated on a port. 92 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 93
Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 94
ARP traffic, when they go through the uplink port to a backbone switch C. Figure 57 Protocol Based VLAN Application Example 9.6.1 Configuring Protocol Based VLAN Click Protocol Based VLAN in the VLAN Port Setting screen to display the configuration screen as shown. 94 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 95
Switch when the Guest VLAN feature is activated on a port. Figure 58 Advanced Application > VLAN > VLAN Port IP protocol in hexadecimal notation is 0800, and Novell IPX protocol is 8137. VID Priority Add Cancel Index Active Port port belongs to this protocol based VLAN. GS2200-8/24 User's Guide 95 - ZyXEL GS2200-48 | User Guide - Page 96
the Switch uses a default VLAN ID of 1. You cannot change it. Note: In screens (such as IP Setup and Filtering) that require a VID, you must enter 1 as the VID. The port-based VLAN setup screen is shown next. The CPU management port forms a VLAN with all Ethernet ports. 96 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 97
9 VLAN 9.7.1 Configure a Port-based VLAN Select Port Based as the VLAN Type in the Basic Setting > Switch Setup screen and then click Advanced Application > VLAN from the navigation panel to display the next screen. Figure 59 Port Based VLAN Setup (All Connected) GS2200-8/24 User's Guide 97 - ZyXEL GS2200-48 | User Guide - Page 98
Chapter 9 VLAN Figure 60 Port Based VLAN Setup (Port Isolation) 98 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 99
in this protocol based VLAN. Type 1. 3 Give this protocol-based VLAN a descriptive name. Type IP-VLAN. 4 Select the protocol. Leave the default value IP. 5 Type the VLAN ID of an existing VLAN. In our example we already created a static VLAN with an ID of 5. Type 5. GS2200-8/24 User's Guide 99 - ZyXEL GS2200-48 | User Guide - Page 100
to 0 and click Add. Figure 61 Protocol Based VLAN Configuration Example To add more ports to this protocol based VLAN. 1 Click the index number of the protocol based VLAN entry. Click 1 2 Change the value in the Port field to the next port you want to add. 3 Click Add. 100 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 101
port to access the Switch. See Chapter 19 on page 151 for more information on port security. Click Advanced Application > Static MAC Forwarding in the navigation panel to display the configuration screen as shown. Figure 62 Advanced Application > Static MAC Forwarding GS2200-8/24 User's Guide 101 - ZyXEL GS2200-48 | User Guide - Page 102
following table describes the labels in this screen. Table 24 Advanced Application > Static MAC Forwarding LABEL DESCRIPTION Active port where the MAC address entered in the previous field will be automatically forwarded. Click Add to save your rule to the Switch's run-time memory. The Switch - ZyXEL GS2200-48 | User Guide - Page 103
a multicast MAC address that has been manually entered in the multicast table. Static no members, then the switch will either flood the multicast frames to all ports or drop them. You ports. With static multicast forwarding, you can forward these multicasts to port(s) GS2200-8/24 User's Guide 103 - ZyXEL GS2200-48 | User Guide - Page 104
Forwarding to A Single Port Figure 65 Static Multicast Forwarding to Multiple Ports 11.2 Configuring Static Multicast Forwarding Use this screen to configure rules to forward specific multicast frames, such as streaming or control frames, to specific port(s). 104 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 105
hyphen (-). For example, enter "3-5" for ports 3, 4, and 5. Enter "3,5,7" for ports 3, 5, and 7. Add Click Add to save your rule to the Switch's run-time memory. The Switch loses this rule if it is turned off the specified multicast MAC address will be forwarded. GS2200-8/24 User's Guide 105 - ZyXEL GS2200-48 | User Guide - Page 106
field displays the port(s) within a identified VLAN group to which frames containing the specified multicast MAC address will be forwarded. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. 106 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 107
through the Switch. 12.2 Configure a Filtering Rule Use this screen to create rules for traffic going through the Switch. Click Advanced Application > Filtering in the navigation panel to display the screen as shown next. Figure 67 Advanced Application > Filtering GS2200-8/24 User's Guide 107 - ZyXEL GS2200-48 | User Guide - Page 108
number. Click Add to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses Click Cancel to reset the fields to your previous configuration. Click Clear to clear the fields to the factory defaults. This field displays GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 109
Overview The Switch supports Spanning Tree ports. • Use the Multiple Spanning Tree Protocol Status screen (Section 13.9 on page 123) to view the MSTP status. 13.1.2 What You Need to Know Read on for concepts on STP that can help you configure the screens in this chapter. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 110
65535 1 to 65535 1 to 65535 On each bridge, the root port is the port through which this bridge communicates with the root. It is the port on this switch with the lowest path cost to the root (the root path cost). bridge. If a bridge does not get a Hello BPDU after a 110 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 111
STP Port States PORT STATE DESCRIPTION Disabled STP is disabled (default). switch A. To set up MRSTP, activate MRSTP on the Switch and specify which port(s) belong to which spanning tree. Note: Each port can belong to one STP tree only. Figure 68 MRSTP Network Example GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 112
that represents the entire network's connectivity. • Grouping of multiple bridges (or switching devices) into regions that appear as one single bridge on the network. which STP mode (RSTP, MRSTP or MSTP) you configure on the Switch. This screen is described in detail in the section that follows the - ZyXEL GS2200-48 | User Guide - Page 113
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide 113 - ZyXEL GS2200-48 | User Guide - Page 114
will then become the root switch. Select a value from the drop-down list box. The lower the numeric value you assign, the higher the priority for this bridge. Bridge Priority determines the root bridge, which in turn determines Hello Time, Max Age and Forwarding Delay. 114 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 115
port forms a loop in a switch. Ports with a higher priority numeric value are disabled first. The allowed range is between 0 and 255 and the default value is 128. Path cost is the cost of transmitting a frame on to a LAN through that port for more information on RSTP. GS2200-8/24 User's Guide 115 - ZyXEL GS2200-48 | User Guide - Page 116
This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree. This is the number of times the spanning tree has been reconfigured. This is the time since the spanning tree was last reconfigured. 116 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 117
will then become the root switch. Select a value from the drop-down list box. The lower the numeric value you assign, the higher the priority for this bridge. Bridge Priority determines the root bridge, which in turn determines Hello Time, Max Age and Forwarding Delay. GS2200-8/24 User's Guide 117 - ZyXEL GS2200-48 | User Guide - Page 118
port forms a loop in a switch. Ports with a higher priority numeric value are disabled first. The allowed range is between 0 and 255 and the default value is 128. Path cost is the cost of transmitting a frame on to a LAN through that port for more information on MRSTP. 118 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 119
This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree. This is the number of times the spanning tree has been reconfigured. This is the time since the spanning tree was last reconfigured. GS2200-8/24 User's Guide 119 - ZyXEL GS2200-48 | User Guide - Page 120
Application > Spanning Tree Protocol screen. See Multiple STP on page 112 for more information on MSTP. Figure 75 Advanced Application > Spanning Tree Protocol > MSTP 120 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 121
port Switch will be chosen as the root bridge within the spanning tree instance. Enter priority values between 0 and 61440 in increments of 4096 (thus valid values are 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344 and 61440). GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 122
click: Enabled VLAN(s) Port * • Add - port here. Priority decides which port should be disabled when more than one port forms a loop in a switch. Ports with a higher priority numeric value are disabled first. The allowed range is between 0 and 255 and the default display the ports configured to - ZyXEL GS2200-48 | User Guide - Page 123
Apply Cancel Note: An edge port becomes a non-edge port as soon as it receives a Bridge Protocol Data Unit (BPDU). Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it STP on page 112 for more information on MSTP. GS2200-8/24 User's Guide 123 - ZyXEL GS2200-48 | User Guide - Page 124
a configuration message before attempting to reconfigure. This is the time (in seconds) the root switch will wait before changing states (that is, listening to learning to forwarding). This is the path cost from the root port on this Switch to the root switch. 124 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 125
root switch. This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the MST instance. 13.10 Technical Reference This section provides technical background information on the topics discussed in this chapter. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 126
MSTP Network Example The following figure shows a network example where two VLANs are configured on the two switches. If the switches are using STP or RSTP, the link for VLAN 2 will be blocked as STP and RSTP region) is increased by one when BPDUs traverse the region. 126 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 127
Tree (CIST) A CIST represents the connectivity of the entire network and it is equivalent to a spanning tree in an STP/RSTP. The CIST is the default MST instance (MSTID 0). Any VLANs that are not members of an MST instance are members of the CIST. In an MSTP-enabled network, there is - ZyXEL GS2200-48 | User Guide - Page 128
Chapter 13 Spanning Tree Protocol that runs between MST regions and single spanning tree devices. A network may contain multiple MST regions and other network segments running RSTP. Figure 81 MSTP and Legacy RSTP Network Example 128 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 129
Control screen. Bandwidth control means defining a maximum allowable bandwidth for out-going traffic flows on a port. 14.1.1 What You Can Do Use the Bandwidth Control screen (Section 14.2 on page 130) to limit the bandwidth for traffic going through the Switch. GS2200-8/24 User's Guide 129 - ZyXEL GS2200-48 | User Guide - Page 130
. Active Egress Rate Note: Ingress rate bandwidth control applies to layer 2 traffic only. Select this check box to activate egress rate limits on this port. Specify the maximum bandwidth allowed in kilobits per second (Kbps) for the out-going traffic flow on a port. 130 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 131
the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS2200-8/24 User's Guide 131 - ZyXEL GS2200-48 | User Guide - Page 132
limits for each packet type on each port. 15.1.1 What You Can Do Use the Broadcast Storm Control screen (Section 15.2 on page 133) to limit the number of broadcast, multicast and destination lookup failure (DLF) packets the Switch receives per second on the ports. GS2200-8/24 User's Guide 132 - ZyXEL GS2200-48 | User Guide - Page 133
changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to reset the fields. GS2200-8/24 User's Guide 133 - ZyXEL GS2200-48 | User Guide - Page 134
copy the traffic to) in order that you can examine the traffic from the monitor port without interference. 16.1.1 What You Can Do Use the Mirroring screen (Section 16.2 on page 135) to select a monitor port and specify the traffic flow to be copied to the monitor port. GS2200-8/24 User's Guide 134 - ZyXEL GS2200-48 | User Guide - Page 135
in this row are copied to all the ports as soon as you make them. Select this option to mirror the traffic on a port. Specify the direction of the traffic to mirror by selecting from the drop-down list box. Choices are Egress (outgoing), Ingress (incoming) and Both. GS2200-8/24 User's Guide 135 - ZyXEL GS2200-48 | User Guide - Page 136
the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. 136 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 137
Protocol (LACP). 17.1.2 What You Need to Know The Switch supports both static and dynamic link aggregation. Note: In a port, the port can automatically negotiate with the ports at the remote end of a link to establish trunk groups. LACP also allows port redundancy, that GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 138
Aggregation Status screen displays by default. See Section 17.1 on page 137 for more information. Figure 85 Advanced Application > Link Aggregation Status 1. Port Priority and Port Number are 0 as it is the aggregator ID for the trunk group, not the individual port. 138 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 139
's source and destination IP addresses. This field displays how these ports were added to the trunk group. It displays: • Static - if the ports are configured as static members of a trunk group. • LACP - if the ports are configured to join a trunk group via LACP. GS2200-8/24 User's Guide 139 - ZyXEL GS2200-48 | User Guide - Page 140
you need to configure to enable static link aggregation. Group ID The field identifies the link aggregation group, that is, one logical link containing multiple ports. Active Select this option to activate a trunk group. 140 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 141
Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 142
: Do not configure this screen unless you want to enable dynamic link aggregation. Active Select this checkbox to enable Link Aggregation Control Protocol (LACP). 142 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 143
Select either 1 second or 30 seconds. Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save This example shows you how to create a static port trunk group for ports 2-5. GS2200-8/24 User's Guide 143 - ZyXEL GS2200-48 | User Guide - Page 144
figure shows ports 2-5 on switch A connected to switch B. Figure ports that should belong to this group as shown in the figure below. Click Apply when you are done. Figure 89 Trunking Example - Configuration Screen Your trunk group 1 (T1) configuration is now complete. 144 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 145
the login credentials, the Switch sends an 2. At the time of writing, IEEE 802.1x is not supported by all operating systems. See your operating system documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client software. GS2200-8/24 User's Guide 145 - ZyXEL GS2200-48 | User Guide - Page 146
Switch and the port(s)) then configure the RADIUS server settings in the Auth and Acct > Radius Server Setup screen. Click Advanced Application > Port Authentication in the navigation panel to display the screen as shown. Figure 91 Advanced Application > Port Authentication 146 GS2200-8/24 User - ZyXEL GS2200-48 | User Guide - Page 147
the client still does not respond to the second request, the Switch blocks the client from accessing the port or sends the client to the Guest VLAN when a Guest VLAN is enabled on the port. The client needs to send a new request to be authenticated by the Switch again. GS2200-8/24 User's Guide 147 - ZyXEL GS2200-48 | User Guide - Page 148
a guest VLAN to a port. In the Port Authentication > 802.1x screen click Guest Vlan to display the configuration screen as shown. Note: You can not enable the Guest VLAN feature on a port when a subnet-based VLAN or protocol-based VLAN is activated on the Switch. 148 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 149
port. Clients that fail authentication are placed in the guest VLAN and can receive limited services. A guest VLAN is a pre-configured VLAN on the Switch the first user who did authentication logs out or disconnects from the port, rest of the users are blocked until a user does the authentication - ZyXEL GS2200-48 | User Guide - Page 150
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 150 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 151
learning is still enabled even though the port security is not activated. 19.1.1 What You Can Do Use the Port Security screen (Section 19.2 on page 152) to enable port security and disable MAC address learning. You can also enable the port security feature on a port. GS2200-8/24 User's Guide 151 - ZyXEL GS2200-48 | User Guide - Page 152
all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. 152 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 153
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide 153 - ZyXEL GS2200-48 | User Guide - Page 154
packet classifier on the Switch. It also discusses Quality of Service (QoS) and classifier concepts as employed by the Switch. 20.1.1 What You Can traffic from the same protocol port (such as Telnet) to form a flow. Configure QoS on the Switch to group and prioritize GS2200-8/24 User's Guide 154 - ZyXEL GS2200-48 | User Guide - Page 155
following table describes the labels in this screen. Table 48 Advanced Application > Classifier LABEL Active Name Layer 2 DESCRIPTION character pairs). Port Type the port number to which the rule should be applied. You may choose one port only or all ports (Any). GS2200-8/24 User's Guide 155 - ZyXEL GS2200-48 | User Guide - Page 156
the factory defaults. 20.2.1 Viewing and Editing Classifier Configuration To view a summary of the classifier configuration, scroll down to the summary table at the bottom of the Classifier screen. To change the settings of a rule, click a number in the Index field. 156 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 157
50 Common Ethernet Types and Protocol Numbers ETHERNET TYPE PROTOCOL NUMBER IP ETHII 0800 X.75 Internet 0801 NBS Internet 0802 ECMA Internet list. Table 51 Common IP Protocol Types and Protocol Numbers PROTOCOL TYPE PROTOCOL NUMBER ICMP 1 TCP 6 UDP 17 GS2200-8/24 User's Guide 157 - ZyXEL GS2200-48 | User Guide - Page 158
IP Protocol Types and Protocol Numbers PROTOCOL TYPE PROTOCOL NUMBER EGP 8 L2TP 115 Some of the most common TCP and UDP port numbers are: Table 52 Common TCP and UDP Port Numbers PROTOCOL NAME TCP/UDP PORT 317 for information on commonly used port numbers. 20.3 Classifier Example The - ZyXEL GS2200-48 | User Guide - Page 159
Chapter 20 Classifier After you have configured a classifier, you can configure a policy (in the Policy screen) to define action(s) on the classified traffic flow. Figure 98 Classifier: Example GS2200-8/24 User's Guide 159 - ZyXEL GS2200-48 | User Guide - Page 160
Classifier screen. 21.2 Configuring Policy Rules You must first configure a classifier in the Classifier screen. Refer to Section 20.2 on page 154 for more information. GS2200-8/24 User's Guide 160 - ZyXEL GS2200-48 | User Guide - Page 161
have to set the field(s) that is related to the action(s) you configure in the Action field. General VLAN ID Specify a VLAN ID number. Egress Port Type the number of an outgoing port. Priority Specify a priority level. GS2200-8/24 User's Guide 161 - ZyXEL GS2200-48 | User Guide - Page 162
to Class 2 and the action is to foward the packets to the egress port, the Switch will forward the packets. If Policy 1 applies to Class 1 and the to reset the fields back to your previous configuration. Click Clear to set the above fields back to the factory defaults. This GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 163
bottom of the Policy screen. To change the settings of a rule, click a number in the Index field. Figure 100 Advanced Application > Policy Rule: Summary Table GS2200-8/24 User's Guide 163 - ZyXEL GS2200-48 | User Guide - Page 164
Chapter 21 Policy Rule 21.3 Policy Example The figure below shows an example Policy screen where you configure a policy to limit bandwidth on a traffic flow classified using the Example classifier (refer to Section 20.3 on page 158). Figure 101 Policy Example 164 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 165
services queues on a rotating basis and is activated only when a port has more traffic than it can handle. A queue is a given an amount of bandwidth irrespective of the incoming traffic on that port. This queue then moves to the back of the list. The next queue is given GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 166
.2 Configuring Queuing Use this screen to set priorities for the queues of the Switch. This distributes bandwidth across the different traffic queues. Click Advanced Application > Queuing Method in the navigation panel. Figure 102 Advanced Application > Queuing Method 166 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 167
Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 168
group multicast traffic only to ports that are members of that group. • Use Switch can passively snoop on IGMP packets transferred between IP multicast routers/switches and IP multicast hosts to learn the IP multicast group membership. It checks IGMP packets passing GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 169
service port on the Switch that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast traffic. Once configured, the Switch maintains a forwarding table that matches the multicast stream to the associated multicast group. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 170
not forward multicast traffic to the receiver ports. In compatible mode, the Switch does not send any IGMP reports. In this case, you must manually configure the forwarding settings on the multicast on multicasting. Figure 105 Advanced Application > Multicast 170 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 171
displays the multicast VLAN ID. Port This field displays the port number that belongs to the multicast group. Multicast Group This field displays IP multicast group addresses. 23.3 on multicasting. Figure 106 Advanced Application > Multicast > Multicast Setting GS2200-8/24 User's Guide 171 - ZyXEL GS2200-48 | User Guide - Page 172
the destination IP address within Switch waits for an IGMP report before removing an IGMP snooping membership entry when an IGMP leave message is received on this port from a host. Select this option to limit the number of multicast groups this port is allowed to join. 172 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 173
Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 174
Switch learn multicast group membership information of any VLANs automatically. Select fixed to have the Switch Switch can this screen. The Switch drops any IGMP control Switch's run-time memory. The Switch loses VLANs upon which the Switch is to perform IGMP Switch's run-time memory. The Switch - ZyXEL GS2200-48 | User Guide - Page 175
additional rule(s) for a profile that you have already added, enter the profile name and specify a different IP multicast address range. Type the starting multicast IP address for a range of multicast IP addresses that you want to belong to the IGMP filter profile. GS2200-8/24 User's Guide 175 - ZyXEL GS2200-48 | User Guide - Page 176
the receiver port(s) and a source port for each multicast VLAN. Click Advanced Applications > Multicast > Multicast Setting > MVR link to display the screen as shown next. Note: You can create up to three multicast VLANs and up to 256 multicast rules on the Switch. 176 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 177
Switch replaces ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 178
Group Configuration in the MVR screen. Note: A port can belong to more than one multicast VLAN. However, IP multicast group addresses in different multicast VLANs cannot overlap. Figure 110 Advanced Application > Multicast > Multicast Setting > MVR: Group Configuration 178 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 179
1. In addition, port 7 belongs to the multicast group with VID 200 to receive multicast traffic (the News and Movie channels) from the remote streaming media server, S. Computers A, B and C in VLAN 1 are able to receive the traffic. Figure 111 MVR Configuration Example GS2200-8/24 User's Guide 179 - ZyXEL GS2200-48 | User Guide - Page 180
Chapter 23 Multicast To configure the MVR settings on the Switch, create a multicast group in the MVR screen and set the receiver and source ports. Figure 112 MVR Configuration Example 180 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 181
Chapter 23 Multicast To set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group for the multicast VLAN 200. Figure 113 MVR Group Configuration Example Figure 114 MVR Group Configuration Example GS2200-8/24 User's Guide 181 - ZyXEL GS2200-48 | User Guide - Page 182
CHAPTER 24 AAA 24.1 Overview This chapter describes how to configure authentication and authorization settings on the Switch. The external servers that perform authentication and authorization functions are known as AAA servers. The Switch supports RADIUS (Remote Authentication Dial-In User Service, - ZyXEL GS2200-48 | User Guide - Page 183
RADIUS Transport Protocol UDP (User Datagram Protocol) Encryption Encrypts the password sent for authentication. TACACS+ TCP (Transmission Control Protocol) All communication between the client (the Switch) and the TACACS server is encrypted. 24.2 AAA Screens The AAA screens allow you to enable - ZyXEL GS2200-48 | User Guide - Page 184
representing a RADIUS server entry. Enter the IP address of an external RADIUS server in dotted decimal notation. The default port of a RADIUS server for authentication is 1812. You need not change this value unless your network administrator instructs you to do so. 184 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 185
Enter the IP address of an external RADIUS accounting server in dotted decimal notation. UDP Port The default port of a RADIUS accounting server for accounting is 1813. You need not change this value unless your network administrator instructs you to do so. Shared Secret Specify a password (up - ZyXEL GS2200-48 | User Guide - Page 186
, then the Switch waits for a response from the first TACACS+ server for 15 seconds and then tries the second TACACS+ server. This is a read-only number representing a TACACS+ server entry. Enter the IP address of an external TACACS+ server in dotted decimal notation. 186 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 187
Address Enter the IP address of an external TACACS+ accounting server in dotted decimal notation. TCP Port The default port of a TACACS+ accounting server is 49. You need not change this value unless your network administrator instructs you to do so. Shared Secret Specify a password (up to 32 - ZyXEL GS2200-48 | User Guide - Page 188
for access privilege level specify them in Method 2 and Method 3 fields. Select local to have the Switch check the access privilege configured for local authentication. Select radius or tacacs+ to have the Switch check the access privilege via the external servers. 188 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 189
Switch. Set whether the Switch provides the following services to a user. Active Method • Exec: Allow an administrator which logs in the Switch . The Switch supports the following types of events to be sent to the accounting server(s): Active Broadcast • System - Configure the Switch to send - ZyXEL GS2200-48 | User Guide - Page 190
Switch supports VSAs that allow you to perform the following actions based on user authentication: • Limit bandwidth on incoming or outgoing traffic for the port the user connects to. • Assign account privilege levels (See the CLI Reference Guide via the RADIUS server. 190 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 191
Tunnel-Private-Group-ID = VLAN ID Note: You must also create a VLAN with the specified VID on the Switch. 24.6.2 Supported RADIUS Attributes Remote Authentication Dial-In User Service (RADIUS) attributes are data used to define specific authentication elements in a user profile, which is stored on - ZyXEL GS2200-48 | User Guide - Page 192
-Password NAS-Identifier NAS-IP-Address 24.6.3.3 Attributes Used by the IEEE 802.1x Authentication User-Name NAS-Identifier NAS-IP-Address NAS-Port NAS-Port-Type - This value is set to Ethernet(15) on the Switch. Calling-Station-Id Frame-MTU EAP-Message State Message-Authenticator 192 GS2200-8/24 - ZyXEL GS2200-48 | User Guide - Page 193
syslog server yet. • Use the ARP Inspection Configure screen (Section 25.9 on page 207) to enable ARP inspection on the Switch. You can also configure the length of time the Switch stores records of discarded ARP packets and global settings for the ARP inspection log. GS2200-8/24 User's Guide 193 - ZyXEL GS2200-48 | User Guide - Page 194
Need to Know The Switch builds the binding table by snooping DHCP packets (dynamic bindings) and from information provided manually by administrators (static bindings). IP source guard consists of infinity if the binding is always valid (for example, a static binding). 194 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 195
Chapter 25 IP Source Guard Table 67 IP Source Guard (continued) LABEL Type DESCRIPTION This field displays how the Switch learned the binding. static: This binding was learned from information provided manually by an administrator. VID Port dhcp-snooping: This binding was learned by snooping - ZyXEL GS2200-48 | User Guide - Page 196
This field displays the IP address assigned to the MAC address in the binding. This field displays how long the binding is valid. This field displays how the Switch learned the binding. VLAN Port Delete Cancel static: This binding was learned from information provided manually by an administrator - ZyXEL GS2200-48 | User Guide - Page 197
Chapter 25 IP Source Guard Write delay timer This field displays how long (in seconds) the Switch tries to complete a specific update in the DHCP snooping database before Abort timer This field displays how long (in seconds) the Switch waits to update the DHCP snooping database after the current - ZyXEL GS2200-48 | User Guide - Page 198
displays the number of bindings the Switch ignored because the Switch already had a binding with the same MAC address and VLAN ID. This field displays the number of bindings the Switch ignored because the port number was a trusted interface or does not exist anymore. 198 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 199
to enable DHCP snooping on the Switch (not on specific VLAN), specify the VLAN where the default DHCP server is located, and configure the DHCP snooping database. The DHCP snooping database stores the current bindings on a secure, external TFTP server so that they are GS2200-8/24 User's Guide 199 - ZyXEL GS2200-48 | User Guide - Page 200
trusted ports. DHCP Vlan Note: If DHCP is enabled and there are no trusted ports, DHCP requests will not succeed. Select a VLAN ID if you want the Switch to domain name or IP address}/directory, if applicable/file name; for example, tftp://192.168.10.1/database.txt. 200 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 201
to their last-saved values. 25.5.1 DHCP Snooping Port Configure Use this screen to specify whether ports are trusted or untrusted ports for DHCP snooping. Note: If DHCP snooping is enabled but there are no trusted ports, DHCP requests cannot reach the DHCP server. GS2200-8/24 User's Guide 201 - ZyXEL GS2200-48 | User Guide - Page 202
at which DHCP packets arrive is too high. Specify the maximum number for DHCP packets (1-2048) that the Switch receives from each port each second. The Switch discards any additional DHCP packets. Enter 0 to disable this limit, which is recommended for trusted ports. 202 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 203
Chapter 25 IP Source Guard Table 71 DHCP Snooping Port Configure (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is Snooping Configure screen. See Section 25.5 on page 199. GS2200-8/24 User's Guide 203 - ZyXEL GS2200-48 | User Guide - Page 204
source VLAN ID in the MAC address filter. Port This field displays the source port of the discarded ARP packet. Expiry (sec) This field displays how long (in seconds) the MAC address filter remains in the Switch. You can also delete the record manually (Delete). 204 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 205
in the binding table, but the IP address was not valid. Delete Cancel Change Pages Port: The MAC address, VLAN ID, and IP address were in the binding table, but the port number was not valid. Select ARP packets received from the VLAN since the Switch last restarted. GS2200-8/24 User's Guide 205 - ZyXEL GS2200-48 | User Guide - Page 206
consolidated into this log message. The Switch consolidates identical log messages generated by ARP packets in the log consolidation interval into one log message. You can configure this interval in the ARP Inspection Configure screen. See Section 25.9 on page 207. 206 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 207
can also configure the length of time the Switch stores records of discarded ARP packets and global settings for the ARP inspection log. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure. Figure 129 ARP Inspection Configure GS2200-8/24 User's Guide 207 - ZyXEL GS2200-48 | User Guide - Page 208
to their last-saved values. 25.9.1 ARP Inspection Port Configure Use this screen to specify whether ports are trusted or untrusted ports for ARP inspection. You can also specify the maximum rate at which the Switch receives ARP packets on each untrusted port. To 208 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 209
is 1 second, then the Switch accepts a maximum of 15 ARP packets in every one-second interval. If the burst interval is 5 seconds, then the Switch accepts a maximum of 75 ARP packets in every five-second interval. Enter the length (1-15 seconds) of the burst interval. GS2200-8/24 User's Guide 209 - ZyXEL GS2200-48 | User Guide - Page 210
Chapter 25 IP Source Guard Table 77 ARP Inspection Port Configure (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned Select No to disable ARP inspection on the VLAN. 210 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 211
address and source IP address in the packet do not match any of the current bindings. • The packet is a RELEASE or DECLINE packet, and the source MAC address and source port do not match any of the current bindings. • The rate at which DHCP packets arrive is too high. GS2200-8/24 User's Guide 211 - ZyXEL GS2200-48 | User Guide - Page 212
IP Source Guard 25.10.1.2 DHCP Snooping Database The Switch stores the binding table in volatile memory. If the Switch Switch can reload the dynamic bindings from the DHCP snooping database after the Switch The Switch can add Switch can add the following information: • Slot ID (1 byte), port Switch - ZyXEL GS2200-48 | User Guide - Page 213
IP Source Guard 25.10.1.4 Configuring DHCP Snooping Follow these steps to configure DHCP snooping on the Switch. 1 Enable DHCP snooping on the Switch. 2 Enable DHCP snooping on each VLAN, and configure DHCP relay option 82. 3 Configure trusted and untrusted ports . GS2200-8/24 User's Guide 213 - ZyXEL GS2200-48 | User Guide - Page 214
one day before you enable ARP inspection so that the Switch has enough time to build the binding table. 2 Enable ARP inspection on each VLAN. 3 Configure trusted and untrusted ports, and specify the maximum number of ARP packets that each port can receive per second. 214 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 215
out broadcast messages the messages loop back to the switch and are re-broadcast again and again causing a broadcast storm. If a switch (not in loop state) connects to a switch in loop state, then it will be affected by the switch in loop state in the following way: GS2200-8/24 User's Guide 215 - ZyXEL GS2200-48 | User Guide - Page 216
guard also protects against standard network loops. The following figure illustrates three switches forming a loop. A sample path of the loop guard probe packet is also shown. In this example, the probe packet is sent from port N and returns on another port. As long 216 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 217
has returned to the Switch. Figure 137 Loop Guard - Network Loop A P P N P Note: After resolving the loop problem on your network you can re-activate the disabled port via the web configurator (see Section 8.7 on page 75) or via commands (See the CLI Reference Guide). 26.2 Loop Guard Setup - ZyXEL GS2200-48 | User Guide - Page 218
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 218 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 219
following example, if you enable L2PT for STP, you can have switches A, B, C and D in the same spanning tree, even though switch A is not directly connected to switches B, C and D. Topology change information can be propagated throughout the service provider's network. GS2200-8/24 User's Guide 219 - ZyXEL GS2200-48 | User Guide - Page 220
the tunnel ports. • The Tunnel port is an egress port at the edge of the service provider's network and connected to another service provider's switch. Incoming encapsulated layer 2 protocol packets received on a tunnel port are decapsulated and sent to an access port. 220 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 221
. Port This field displays the port number. * Use this row to make the setting the same for all ports. Use this row first and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. GS2200-8/24 User's Guide 221 - ZyXEL GS2200-48 | User Guide - Page 222
tunnel VTP (VLAN Trunking Protocol) packets so that all customer switches can use consistent VLAN configuration through the service provider's network. The Switch supports PAgP (Port Aggregation Protocol), LACP (Link Aggregation Control Protocol) and UDLD (UniDirectional Link Detection) tunneling - ZyXEL GS2200-48 | User Guide - Page 223
on the Switch. • Use the PPPoE Per-Port screen (Section 28.3.1 on page 227) to set the port state and configure PPPoE intermediate agent sub-options on a per-port basis. • Use the PPPoE Per-Port Per-VLAN -specific Tag Format Tag_Type Tag_Len Value i1 i2 (0x0105) GS2200-8/24 User's Guide 223 - ZyXEL GS2200-48 | User Guide - Page 224
a Circuit ID string for a specific VLAN on a port or for a specific port, and disable the flexible Circuit ID syntax in the PPPoE > Intermediate Agent screen, the Switch automatically generates a Circuit ID string according to the default Circuit ID syntax which is 224 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 225
to configure the PPPoE Intermediate Agent on the Switch. Click Advanced Application > PPPoE in the navigation panel to display the screen as shown. Click Click Here to go to the Intermediate Agent screen. Figure 142 Advanced Application > PPPoE Intermediate Agent GS2200-8/24 User's Guide 225 - ZyXEL GS2200-48 | User Guide - Page 226
any Circuit ID string (using CLI commands) on the Switch, the Switch will use the string specified in the access-nodeidentifier field. Specify a string that the Switch adds in the Agent Circuit ID sub-option. You can enter up to 53 ASCII characters. Spaces are allowed. 226 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 227
will drop all PPPoE packets if you enable the PPPoE Intermediate Agent on the Switch and there are no trusted ports. Click the Port link in the Intermediate Agent screen to display the screen as shown. Figure 144 Advanced Application > PPPoE > Intermediate Agent > Port GS2200-8/24 User's Guide 227 - ZyXEL GS2200-48 | User Guide - Page 228
and received on an untrusted port, the Switch adds a vendor-specific tag to the packet and then forwards it to the trusted port(s). • The Switch discards PADO and PADS Port Per-VLAN Use this screen to configure PPPoE IA settings that apply to a specific VLAN on a port. 228 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 229
Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 230
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 230 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 231
, you need to enable the port(s) or allow the packets on a port manually via the web configurator or the commands. With error-disable recovery, you can set the disabled port(s) to become active or start receiving the packets again after the time interval you specify. GS2200-8/24 User's Guide 231 - ZyXEL GS2200-48 | User Guide - Page 232
the maximum number of control packets (ARP, BPDU and/or IGMP) that the Switch can receive or transmit on a port. Click the Click Here link next to CPU protection in the Advanced Application > Detect screen. Figure 148 Advanced Application > Errdisable > CPU protection 232 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 233
this screen to have the Switch detect whether the control packets exceed the rate limit configured for a port and configure the action to take the Switch detect if the configured rate limit for a specific control packet is exceeded and take the action selected below. GS2200-8/24 User's Guide 233 - ZyXEL GS2200-48 | User Guide - Page 234
the error-disable recovery function on the Switch. Reason This field displays the supported features that allow the Switch to shut down a port or discard packets on a port according to the feature requirements and what to all the entries as soon as you make them. 234 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 235
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide 235 - ZyXEL GS2200-48 | User Guide - Page 236
Chapter 29 Error Disable 236 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 237
, Telnet, SSH, or SNMP. Use IP static routes to have the Switch respond to remote management stations that are not reachable through the default gateway. The Switch can also use static routes to send data 30.2 on page 238) to activate/deactivate this static route. GS2200-8/24 User's Guide 237 - ZyXEL GS2200-48 | User Guide - Page 238
to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the above fields to your previous configuration. Clear Click Clear to set the above fields back to the factory defaults. Index This field displays the index number of the route. Click a number to edit - ZyXEL GS2200-48 | User Guide - Page 239
of your Switch that will forward the packet to the destination. Metric This field displays the cost of transmission for routing purposes. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. GS2200-8/24 User's Guide 239 - ZyXEL GS2200-48 | User Guide - Page 240
the DS field. Figure 153 DiffServ: Differentiated Service Field DSCP (6 bits) CU (2 bits) DSCP is backward compatible with the three precedence bits in the ToS octet so that non-DiffServ compliant, ToS-enabled network device will not conflict with the DSCP mapping. GS2200-8/24 User's Guide 240 - ZyXEL GS2200-48 | User Guide - Page 241
Chapter 31 Differentiated Services The DSCP value determines the PHB (Per-Hop marking rules or IEEE 802.1p priority mapping on the Switch. Click IP Application > DiffServ in the navigation panel to display the screen as shown. Figure 155 IP Application > DiffServ GS2200-8/24 User's Guide 241 - ZyXEL GS2200-48 | User Guide - Page 242
0 1 2 3 32 - 39 4 40 - 47 5 48 - 55 6 56 - 63 7 31.3.1 Configuring DSCP Settings To change the DSCP-IEEE 802.1p mapping click the DSCP Setting link in the DiffServ screen to display the screen as shown next. Figure 156 IP Application > DiffServ > DSCP Setting 242 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 243
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide 243 - ZyXEL GS2200-48 | User Guide - Page 244
on the following criteria: • Global: The Switch forwards all DHCP requests to the same DHCP server. • VLAN: The Switch is configured on a VLAN by VLAN basis. The Switch can be configured to relay DHCP requests to different DHCP servers for clients in different VLAN. GS2200-8/24 User's Guide 244 - ZyXEL GS2200-48 | User Guide - Page 245
alone switches. Port ID (1 byte) This is the port that the DHCP client is connected to. VLAN ID (2 bytes) This is the VLAN that the port belongs IP Application > DHCP in the navigation panel. The DHCP Status screen displays. Figure 157 IP Application > DHCP Status GS2200-8/24 User's Guide 245 - ZyXEL GS2200-48 | User Guide - Page 246
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 246 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 247
domain of the DHCP clients. Click IP Application > DHCP in the navigation panel, then click the VLAN link In the DHCP Status screen that displays. Note: You must set up a management IP address for each VLAN that you want to configure DHCP settings for on the Switch. GS2200-8/24 User's Guide 247 - ZyXEL GS2200-48 | User Guide - Page 248
DHCP settings apply. Enter the IP address of a DHCP server in dotted decimal notation. Select the Option 82 check box to have the Switch add information (slot number, port number and VLAN ID) to 1) to the DHCP server with an IP address of 192.168.1.100. Requests from 248 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 249
DHCP server with an IP address of 172.23.10.100. Figure 162 DHCP Relay for Two VLANs DHCP:192.168.1.100 VLAN 1 VLAN 2 DHCP:172.23.10.100 For the example network, configure the VLAN Setting screen as shown. Figure 163 DHCP Relay for Two VLANs Configuration Example GS2200-8/24 User's Guide 249 - ZyXEL GS2200-48 | User Guide - Page 250
replies to the ARP requests sent by the Switch. This can help prevent ARP spoofing. In the following example, the Switch does not have IP address and MAC address mapping information for hosts A and B in its ARP table, and host A wants to ping host B. Host A sends an GS2200-8/24 User's Guide 250 - ZyXEL GS2200-48 | User Guide - Page 251
ARP packet to detect IP collisions. If a Switch updates its ARP table with either an ARP reply or a gratuitous ARP request. ARP-Request When the Switch is in ARP-Request learning mode, it updates the ARP table with both ARP replies, gratuitous ARP requests and ARP requests. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 252
MAC address from the ARP request sent by host A. The Switch then forwards host B's ICMP reply to host A right after getting Click IP Application > ARP Learning in the navigation panel to display the screen as shown next. Figure 164 IP Application > ARP Learning 252 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 253
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide 253 - ZyXEL GS2200-48 | User Guide - Page 254
Chapter 33 ARP Learning 254 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 255
factory defaults, save the current configuration settings and restart the Switch. • Use the Firmware Upgrade screen (Section 34.3 on page 257) to upload the latest firmware on the Switch. Firmware Upgrade Click Click Here to go to the Firmware Upgrade screen. GS2200-8/24 User's Guide 255 - ZyXEL GS2200-48 | User Guide - Page 256
reset all Switch configurations to the factory defaults. Figure 166 Load Factory Default: Start 3 In the web configurator, click the Save button in the top of the screen to make the changes take effect. If you want to access the Switch web configurator again, you may need to change the IP address - ZyXEL GS2200-48 | User Guide - Page 257
the Switch and apply the new firmware immediately. (Firmware upgrades are only applied after a reboot). Click Upgrade to load the new firmware. After the firmware upgrade process is complete, see the System Info screen to verify your current firmware version number. GS2200-8/24 User's Guide 257 - ZyXEL GS2200-48 | User Guide - Page 258
have specified the file, click Restore. "config" is the name of the configuration file on the Switch, so your backup configuration file is automatically renamed when you restore using this screen. 34.5 Backup a Save to save the configuration file to your computer. 258 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 259
for later use. Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device. 34.6.3 FTP Command Line Procedure 1 Launch the FTP client on your computer. 2 Enter open, followed by a space and the IP address of your Switch. GS2200-8/24 User's Guide 259 - ZyXEL GS2200-48 | User Guide - Page 260
Restrictions FTP will not work when: • FTP service is disabled in the Service Access Control screen. • The IP address(es) in the Remote Management screen does not match the client IP address. If it does not match, the Switch will disconnect the FTP session immediately. 260 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 261
Switch. • Use the Remote Management screen (Section 35.6 on page 268) to specify a group of one or more "trusted computers" from which an administrator may use a service to manage the Switch. 35.2 The Access Control Main Screen Use this screen to display the main screen. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 262
) values. Version Select the SNMP version for the Switch. The SNMP version on the Switch must match the version on the SNMP manager. Choose SNMP version 2c (v2c), SNMP version 3 (v3) or both (v3v2c). Note: SNMP version 2c is backwards compatible with SNMP version 1. 262 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 263
Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 264
only sends traps from selected categories). Apply Cancel Note: The poe and fanspeed options are only available in the GS2200-8HP and GS220024P. Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save - ZyXEL GS2200-48 | User Guide - Page 265
manager. Username Security Level Specify the username of a login account on the Switch. Select whether you want to implement authentication and/or encryption for SNMP communication slower. Enter the password of up to 32 ASCII characters for SNMP user authentication. GS2200-8/24 User's Guide 265 - ZyXEL GS2200-48 | User Guide - Page 266
time. • An administrator is someone who can both view and configure Switch changes. The username for the Administrator is always admin. The default administrator password is 1234. Note: It is highly recommended that you change the default administrator password (1234). 266 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 267
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide 267 - ZyXEL GS2200-48 | User Guide - Page 268
this screen afresh. 35.6 Remote Management Use this screen to specify a group of one or more "trusted computers" from which an administrator may use a service to manage the Switch. Click Management > Access Control > Remote Management to view the screen as shown next. 268 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 269
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide 269 - ZyXEL GS2200-48 | User Guide - Page 270
SNMP is only available if TCP/IP is configured. Figure 178 SNMP Management Model An SNMP managed network consists of two be collected about a switch. Examples of variables include number of packets received, node port status and so on a series of GetNext operations. 270 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 271
to the GS2200-8HP. Table 112 SNMP System Traps OPTION coldstart warmstart OBJECT LABEL coldStart warmStart OBJECT ID 1.3.6.1.6.3.1.1.5.1 1.3.6.1.6.3.1.1.5.2 DESCRIPTION This trap is sent when the Switch is turned on. This trap is sent when the Switch restarts. GS2200-8/24 User's Guide 271 - ZyXEL GS2200-48 | User Guide - Page 272
890.1.5.8.56.27.2.1 This trap is sent when the Switch automatically resets. 1.3.6.1.4.1.890.1.5.8.59.27.2.1 1.3.6.1.4.1.890.1.5.8.60.27.2.1 when the Switch gets the time and date from a time server. 1.3.6.1.4.1.890.1.5.8.59.27.2.2 1.3.6.1.4.1.890.1.5.8.60.27.2.2 272 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 273
is sent when the power supply of PoE failed. The trigger situation includes internal/external power supply failure, external fan speed failure, and external power has exceed normal temperature. This trap is sent when the power supply of PoE returns to the normal state. GS2200-8/24 User's Guide 273 - ZyXEL GS2200-48 | User Guide - Page 274
voltage) is 1.3.6.1.4.1.890.1.5.8.60.27.2.1 above or below a factory set normal range. DDMIRxPowerEventClear 1.3.6.1.4.1.890.1.5.8.55.27.2.2 This trap is .27.2.2 DDMITxBiasEventClear 1.3.6.1.4.1.890.1.5.8.60.27.2.2 DDMITxPowerEventClear DDMIVoltageEventClear 274 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 275
name and/or password. AuthenticationFailureEventOn 1.3.6.1.4.1.890.1.5.8. to incorrect user name and/or password. 1.3.6.1.4.1.890.1.5.8.59.27.2.1 1.3.6.1.4.1.890.1.5.8.60 IP Traps . This trap is sent when a ping test (consisting of a series of ping probes) fails. This trap is sent when a ping test - ZyXEL GS2200-48 | User Guide - Page 276
This trap is sent when the MSTP root 1.3.6.1.4.1.890.1.5.8.56.107.70.2 switch changes. 1.3.6.1.4.1.890.1.5.8.59.107.70.2 1.3.6.1.4.1.890.1.5.8.60.107.70.2 1.3.6.1.4.1.890.1.5.8. RMON "falling" threshold. The trap is sent when the Switch detects a connectivity fault. 276 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 277
client automatically saves any new server public keys. In subsequent connections, the server public key is checked against the saved version on the client computer. GS2200-8/24 User's Guide 277 - ZyXEL GS2200-48 | User Guide - Page 278
a certificate. You must apply for a certificate for the browser from a CA that is a trusted CA on the Switch. Please refer to the following figure. 1 HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the Switch's WS (web server). 278 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 279
Service Access Control screen, then the Switch blocks all HTTP connection attempts. 35.7.3.1 HTTPS Example If you haven't changed the default HTTPS port on the Switch, then in your browser enter "https:// Switch IP Box (Internet Explorer 6) Internet Explorer 7 or 8 GS2200-8/24 User's Guide 279 - ZyXEL GS2200-48 | User Guide - Page 280
Chapter 35 Access Control When you attempt to access the Switch HTTPS server, a screen with the message "There is a problem with this website's security certificate." may display. If that is certificates. Figure 184 Certificate Error (Internet Explorer 7 or 8) EXAMPLE 280 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 281
Chapter 35 Access Control Click Install Certificate... and follow the on-screen instructions to install the certificate in your browser. Figure 185 Certificate (Internet Explorer 7 or 8) GS2200-8/24 User's Guide 281 - ZyXEL GS2200-48 | User Guide - Page 282
Mozilla Firefox Warning Messages When you attempt to access the Switch HTTPS server, a This Connection is Unstructed screen may display. If that is the case, click I Understand the Risks and then the Add Exception... button. Figure 186 Security Alert (Mozilla Firefox) 282 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 283
187 Security Alert (Mozilla Firefox) EXAMPLE 35.7.3.2 The Main Screen After you accept the certificate and enter the login username and password, the Switch main screen appears. The lock displayed in the bottom right of the browser status bar (in Internet Explorer 6 or GS2200-8/24 User's Guide 283 - ZyXEL GS2200-48 | User Guide - Page 284
Chapter 35 Access Control Mozilla Firefox) or next to the address bar (in Internet Explorer 7 or 8) denotes a secure connection. Figure 188 Example: Lock Denoting a Secure Connection EXAMPLE 284 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 285
the Diagnostic screen (Section 36.2 on page 285) to check system logs, ping IP addresses or perform port tests. 36.2 Diagnostic Click Management > Diagnostic in the navigation panel to open this text box. Click Clear to empty the text box and reset the syslog entry. GS2200-8/24 User's Guide 285 - ZyXEL GS2200-48 | User Guide - Page 286
Type the IP address of a device that you want to ping in order to test a connection. Ethernet Port Test Click Ping to have the Switch ping the IP address (in the field to the left). Enter a port number and click Port Test to perform an internal loopback test. 286 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 287
syslog screens. The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate Setup Use this screen to configure the device's system logging settings. GS2200-8/24 User's Guide 287 - ZyXEL GS2200-48 | User Guide - Page 288
memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 288 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 289
edit the entry later). Server Address Enter the IP address of the syslog server. Log Level to save your changes to the Switch's run-time memory. The Switch loses these changes if it Clear to return the fields to the factory defaults. Index This is the index number GS2200-8/24 User's Guide 289 - ZyXEL GS2200-48 | User Guide - Page 290
to be able to communicate with one another. Table 121 ZyXEL Clustering Management Specifications Maximum number of cluster 24 members Cluster Member Models Must be compatible with ZyXEL cluster management implementation. Cluster Manager The switch through which you manage the cluster member - ZyXEL GS2200-48 | User Guide - Page 291
the cluster manager switch. Each number in the Index column is a hyperlink leading to the cluster member switch's web configurator (see Figure 195 on page 294). This is the cluster member switch's hardware MAC address. This is the cluster member switch's System Name. GS2200-8/24 User's Guide 291 - ZyXEL GS2200-48 | User Guide - Page 292
Model Status DESCRIPTION This field displays the model name. This field displays: Online (the cluster member switch is accessible) Error (for example the cluster member switch password was changed or the switch Management > Cluster Management > Configuration EXAMPLE 292 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 293
member switch's System Name. Model This is the cluster member switch's model name. Remove Select this checkbox and then click the Remove button to remove a cluster member switch from the cluster. Cancel Click Cancel to begin configuring this screen afresh. GS2200-8/24 User's Guide 293 - ZyXEL GS2200-48 | User Guide - Page 294
that cluster member switch's web configurator home page. This cluster member web configurator home page and the home page that you'd see if you accessed it directly are different. Figure 195 Cluster Management: Cluster Member Web Configurator Screen example example 294 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 295
to the cluster member switch. fw-00-a0-c5-01-23-46 This is the cluster member switch's firmware name as seen in the cluster manager switch. config-00-a0-c5-01-23-46 This is the cluster member switch's configuration file name as seen in the cluster manager switch. GS2200-8/24 User's Guide 295 - ZyXEL GS2200-48 | User Guide - Page 296
If the Switch has already learned the port for this MAC address, then it forwards the frame to that port. • If the Switch has not already learned the port for this MAC address, then the frame is flooded to all ports. Too much port flooding leads to network congestion. GS2200-8/24 User's Guide 296 - ZyXEL GS2200-48 | User Guide - Page 297
Chapter 39 MAC Table • If the Switch has already learned the port for this MAC address, but the destination port is the same as the port it came in on, then it filters the frame. Figure navigation panel to display the following screen. Figure 198 Management > MAC Table GS2200-8/24 User's Guide 297 - ZyXEL GS2200-48 | User Guide - Page 298
only in the Filtering screen and the default filtering action is Discard source. Click port where the above MAC address is forwarded. This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). 298 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 299
The Switch fills in its own MAC and IP address in the sender address fields, and puts the known IP address of the target in the target IP address field. In addition, the Switch the ARP table to view IP-to-MAC address mapping(s) and remove specific dynamic ARP entries. GS2200-8/24 User's Guide 299 - ZyXEL GS2200-48 | User Guide - Page 300
. This field displays the port to which the device connects. CPU means this learned IP address is the Switch's management IP address. This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). 300 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 301
of one port onto other ports. 41.2 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports. Click Management > Configure Clone to open the following screen. Figure 200 Management > Configure Clone GS2200-8/24 User's Guide 301 - ZyXEL GS2200-48 | User Guide - Page 302
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 302 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 303
Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Switch Access and Login • Switch to replace any damaged cables. GS2200-8/24 User's Guide 303 - ZyXEL GS2200-48 | User Guide - Page 304
computer is in the same subnet as the Switch. (If you know that there are routers between your computer and the Switch, skip this step.) 5 Reset the device to its factory defaults, and try to access the Switch with the default IP address. See Section 4.6 on page 45. 304 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 305
you have configured a secured client IP address, your computer's IP address must match it. Refer to the chapter on access control for details. 3 Disconnect and re-connect the cord to the Switch. 4 If this does not work, you have to reset the device to its factory defaults. See Section 4.6 on page 45 - ZyXEL GS2200-48 | User Guide - Page 306
configuration into the Switch's nonvolatile memory each time you make changes. Click Save at the top right corner of the web configurator to save the configuration permanently. See also Section 34.5 on page 258 for more information about how to save your configuration. 306 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 307
summarize the Switch's hardware and firmware features. Table 128 Hardware Specifications SPECIFICATION Dimensions DESCRIPTION Desktop design • GS2200-8 : 250*148*44.5 mm • GS2200-8HP: 330*230*44.5 mm 1U and standard 19" rack mountable Weight • GS2200-24: 440*173*44 mm • GS2200-24P: 440*310 - ZyXEL GS2200-48 | User Guide - Page 308
GS2200-24/24P: 56 Gbps GS2200-8/8HP: 14.9 million packets per second GS2200-24/24P: 41.7 million packets per second Table 129 Firmware Specifications FEATURE DESCRIPTION Default IP Address 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) Administrator User Name admin Default Password - ZyXEL GS2200-48 | User Guide - Page 309
network. IGMP Snooping The Switch supports IGMP snooping, enabling group multicast traffic to be only forwarded to ports that are members of that group; thus allowing you to significantly reduce multicast traffic passing through your Switch. Differentiated Services (DiffServ) With DiffServ, the - ZyXEL GS2200-48 | User Guide - Page 310
(port lock) Switching fabric: 20 Gbps or 56 Gbps, non-blocking Max. Frame size: 9 K bytes Forwarding frame: IEEE 802.3, IEEE 802.1q, Ethernet II, PPPoE Prevent the forwarding of corrupted packets 148809 pps at 100 Mbps / 1488095 pps at 1 Gbps with 64 bytes packets 310 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 311
1 pps stepping Support rate limiting per IP/TCP/UDP port DHCP client Filtering Multicast AAA DHCP relay Support L2 MAC filtering, L3 IP filtering, Layer 4 TCP/UDP socket IGMP snooping (IGMP v1/v2/v3, 16 VLAN maximum-user configurable) Support RADIUS and TACACS+ GS2200-8/24 User's Guide 311 - ZyXEL GS2200-48 | User Guide - Page 312
MAC addresses per port SSH v1/v2 SSL Multiple RADIUS servers Multiple TACACS+ servers 802.1X VLAN and bandwidth assignment. IP source guard Static IP/MAC binding DHCP snooping ARP Inspection ARP Freeze Guest VLAN PPPoE IA and option 82 PoE feature (GS2200-8HP and GS2200-24P only) IPv6 - ZyXEL GS2200-48 | User Guide - Page 313
Supported Service Security Model (USM GS2200-8 and GS22008HP only) Safety UL 60950-1 (GS2200-8/8HP only) CSA 60950-1 (GS2200-24/24P only) CNS 14336-1 (GS2200-8/8HP only) EN 60950-1 EMC IEC 60950-1 FCC Part 15 (Class A) CE EMC (Class A) CNS 13438 (GS2200-8/8HP only) GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 314
Chapter 43 Product Specifications 314 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 315
. Dispose of the burnt-out fuse properly. Installing a Fuse 1 The Switch is shipped from the factory with one spare fuse included in a box-like section of the fuse fuse housing back into the Switch until you hear a click. 4 Plug the power cord back into the unit. GS2200-8/24 User's Guide 315 - ZyXEL GS2200-48 | User Guide - Page 316
Appendix A Changing a Fuse 316 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 317
port by ICQ. Authentication protocol used by some servers. Border Gateway Protocol. DHCP Client. DHCP Server. A popular videoconferencing solution from White Pines Software. Domain Name Server, a service that matches web names (for example www.zyxel.com) to IP wide web. GS2200-8/24 User's Guide 317 - ZyXEL GS2200-48 | User Guide - Page 318
Table 132 Commonly Used Services (continued) NAME HTTPS PROTOCOL TCP PORT(S) 443 ICMP User- client computer get e-mail from a POP3 server through a temporary connection (TCP/IP or other). Point-to-Point Tunneling Protocol enables secure transfer of data over :1215). 318 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 319
132 Commonly Used Services (continued) NAME SQL-NET PROTOCOL TCP PORT(S) 1521 SSH STRM common on the Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into ). Another videoconferencing solution. GS2200-8/24 User's Guide 319 - ZyXEL GS2200-48 | User Guide - Page 320
Appendix B Common Services 320 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 321
for a Class A digital switch, pursuant to Part 15 of in accordance with the instruction manual, may cause harmful interference zyxel.com. 2 Select your product on the ZyXEL home page to go to that product's page. 3 Select the certification you wish to view from this page. GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 322
. You may also refer to the warranty policy for the region in which you bought the device at http://www.zyxel.com/web/support_warranty_info.php. Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com. 322 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 323
266 remote management 268 service port 268 SNMP 270 address learning, MAC 92, 94 Address Resolution Protocol (ARP) 250, 299, 301, 302 administrator password 267 age 121 aggregator ID 140, 142 airflow 36 applications backbone 23 bridging 24 IEEE 802.1Q VLAN 25 switched workgroup 24 ARP how it works - ZyXEL GS2200-48 | User Guide - Page 324
Index cloning a port See port cloning cluster management 290 and switch passwords 293 cluster manager 290, 293 cluster member 290, 293 cluster member firmware upgrade 295 network example 290 setup 292 specification 290 status 291 switch models 290 VID 293 web configurator 294 cluster manager 290 - ZyXEL GS2200-48 | User Guide - Page 325
database, MAC table 296 firmware 67 upgrade 257, 295 flow Gigabit ports 33 GMT (Greenwich Mean Time) 70 GVRP 84, 90, 91 and port assignment IEEE 802.1x activate 147, 186 port authentication 145 reauthentication 148 IGMP version 174 IGMP throttling 173 ingress port 99 ingress rate, and bandwidth - ZyXEL GS2200-48 | User Guide - Page 326
255 main screen 255 Management Information Base (MIB) 270 management port 99 managing the device good habits 26 using FTP. See FTP. 26 using Telnet. See command interface. 26 using the command interface. See command interface. 26 man-in-the-middle attacks 213 326 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 327
222 password port based VLAN type 71 port cloning 301, 302 advanced settings 301, 302 basic settings 301, 302 port details 63 port isolation 99 port mirroring 134, 135 direction 135 egress 135 ingress 135 port redundancy 137 port security 151 limit MAC address learning 153 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 328
fuses 315 resetting 45, 256 to factory default settings 256 restoring configuration 45, 258 RFC 3164 287 Round Robin Scheduling 165 RSTP 109 S safety certifications 313 safety warnings 8 save configuration 44, 256 Secure Shell See SSH service access control 268 service port 268 Simple Network - ZyXEL GS2200-48 | User Guide - Page 329
MSTP 123 port 61 port details 63 power 68 GS2200-8/24 User's Guide STP 115 port priority 115, 118 port state 111 root port 110 status 115, 118 terminology 110 vs. loop guard 215 subnet based VLAN 93 and DHCP VLAN 93 priority 93 setup 92 subnet based VLANs 91 switch lockout 44 switch reset 45 switch - ZyXEL GS2200-48 | User Guide - Page 330
, and RADIUS 191 tutorials 51 DHCP snooping 51 Type of Service (ToS) 240 U UDLD 222 UniDirectional Link Detection, see UDLD untrusted ports ARP inspection 214 DHCP snooping 211 PPPoE IA 225 user profiles Robin Scheduling (WRR) 166 WRR (Weighted Round Robin Scheduling) 165 GS2200-8/24 User's Guide - ZyXEL GS2200-48 | User Guide - Page 331
Z ZyNOS (ZyXEL Network Operating System) 259 Index GS2200-8/24 User's Guide 331 - ZyXEL GS2200-48 | User Guide - Page 332
Index 332 GS2200-8/24 User's Guide
-
1 -
2 -
3 -
4 -
5 -
6 -
7 -
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
-
269
-
270
-
271
-
272
-
273
-
274
-
275
-
276
-
277
-
278
-
279
-
280
-
281
-
282
-
283
-
284
-
285
-
286
-
287
-
288
-
289
-
290
-
291
-
292
-
293
-
294
-
295
-
296
-
297
-
298
-
299
-
300
-
301
-
302
-
303
-
304
-
305
-
306
-
307
-
308
-
309
-
310
-
311
-
312
-
313
-
314
-
315
-
316
-
317
-
318
-
319
-
320
-
321
-
322
-
323
-
324
-
325
-
326
-
327
-
328
-
329
-
330
-
331
-
332
 |
 |
www.zyxel.com
GS2200-8/24 Series
Intelligent Layer 2 GbE Switch
Copyright © 2011
ZyXEL Communications Corporation
Firmware Version 4.00
Edition 1, 12/2011
Default Login Details
IP Address
User Name
admin
Password
1234