Home » Lantronix Manuals » Hubs & Switches » Lantronix SISPM1040-3166-L » Manual Viewer

Lantronix SISPM1040-3166-L Web User Guide Rev G PDF 14.13 MB - Page 257

Parameter descriptions, System Configuration parameters, Reauthentication Enabled,

View all Lantronix SISPM1040-3166-L manuals

Add to My Manuals
Save this manual to your list of manuals

Page 257 highlights

Transition Networks SISPM1040-3xxx-L Web User Guide Parameter descriptions: System Configuration section parameters Mode : on or off. Indicates if IEEE 802.1X is globally enabled or disabled on the switch. If globally disabled, all ports are allowed forwarding of frames. Reauthentication Enabled : If checked, successfully authenticated supplicants/clients are reauthenticated after the interval specified by the Reauthentication Period. Reauthentication for 802.1X-enabled ports can be used to detect if a new device is plugged into a switch port or if a supplicant is no longer attached. For MAC-based ports, reauthentication is only useful if the RADIUS server configuration has changed. It does not involve communication between the switch and the client, and therefore doesn't imply that a client is still present on a port (see Aging Period below). Reauthentication Period : Determines the period, in seconds, after which a connected client must be reauthenticated. This is only active if the Reauthentication Enabled checkbox is checked. Valid values are 1 - 3600 seconds. EAPOL Timeout : Determines the time for retransmission of Request Identity EAPOL frames. Valid values are 1 - 65535 seconds. This has no effect for MAC-based ports. Aging Period : This setting applies to the following modes, i.e. modes using the Port Security functionality to secure MAC addresses: • Single 802.1X • Multi 802.1X • MAC-Based Auth. When the NAS module uses the Port Security module to secure MAC addresses, the Port Security module needs to check for activity on the MAC address in question at regular intervals and free resources if no activity is seen within a given period of time. This parameter controls exactly this period and can be set to a number between 10 and 1000000 seconds. If reauthentication is enabled and the port is in an 802.1X-based mode, this is not so critical, since supplicants that are no longer attached to the port will get removed upon the next reauthentication, which will fail. But if reauthentication is not enabled, the only way to free resources is by aging the entries. For ports in MAC-based Auth. mode, reauthentication doesn't cause direct communication between the switch and the client, so this will not detect whether the client is still attached or not, and the only way to free any resources is to age the entry. Hold Time : This setting applies to the following modes, i.e. modes using the Port Security functionality to secure MAC addresses: • Single 802.1X • Multi 802.1X • MAC-Based Auth. If a client is denied access - either because the RADIUS server denies the client access or because the RADIUS server request times out (according to the timeout specified on the "Configuration > Security > AA" page) - the client is put on hold in the Unauthorized state. The hold timer does not count during an on-going authentication. 33763 Rev. G https://www.transition.com Page 257 of 496

Section	Page
Safety Warnings and Cautions:	2
Chapter 1 - Introduction	10
1-1 Key Features	10
1-2 About This Manual	10
1-3 Related Manuals	10
Chapter 2 – Web User Interface	11
2-1 Initial Login	11
2-2 Webpage Controls	12
Webpage Messages	13
Chapter 3 - System Configuration	14
3-1 System Information	14
3-2 IP Address	16
3-2.1 Settings	16
3-2.2 Advanced Settings	18
3-2.3 Status	22
3-3 System Time	24
3-4 LLDP	27
3-4.2 LLDP-MED Configuration	30
3-4.3 LLDP Neighbor	36
3-4.4 LLDP-MED Neighbor	38
3-4.5 LLDP Neighbor PoE	41
3-4.6 LLDP Neighbor EEE	42
3-4.7 LLDP Statistics	44
3-5 UPnP	46
Chapter 4 – Port Management	48
4-1 Port Configuration	48
4-2 Port Statistics	50
4-3 Detailed Port Statistics	51
4-3 SFP Port Info	53
4-4 Energy Efficient Ethernet	55
4-5 Link Aggregation	56
4-5.1 Static Configuration	56
4-5.2 Aggregation Status	58
4-5.3 LACP Configuration	59
4-5.4 System Status	61
4-5.5 Internal Status	62
4-5.6 Neighbor Status	64
4-5.7 Port Status	66
4-6 Loop Protection	67
4-6.1 Configuration	67
4-6.2 Status	69
4-7 UDLD	70
4-7.1 UDLD Configuration	70
4-7.2 UDLD Status	72
Chapter 5 - PoE Management	74
5-1 PoE Configuration	74
5-2 PoE Management > PoE Status	77
5-3 PoE Management > PoE Power Delay	79
5-4 PoE Management > PoE Auto Checking	80
PoE Auto Checking “AutoFill” Feature	81
5-5 PoE Management > PoE Scheduling Profile	82
Chapter 6 – VLAN Management	83
6-1 VLAN Configuration	83
6-2 VLAN Membership	87
6-3 VLAN Port Status	89
6-4 VLAN Name Configuration	91
6-4 MAC-based VLAN	92
6-4.1 Configuration	92
6-4.2 Status	94
6-5 Protocol-based VLAN	95
6-5.1 Protocol to Group	95
6-5.2 Group to VLAN	97
6-6 VCL IP Subnet-based VLAN Configuration	99
6-7 GVRP	100
6-8 Private VLAN	102
6-9 Port Isolation	103
6-10 Voice VLAN	104
6-10.1 Configuration	104
6-10.2 OUI	106
Chapter 7 – Ethernet Services	107
7-1 Ports	107
7-2 EVC Port Configuration	109
7-3 EVC Encapsulation Configuration	111
7-4 EVC L2CP Profile Configuration	112
7-5 EVC L2CP Port Configuration	113
7-6 EVC CoS ID Policer Configuration	114
7-7 EVC Configuration	116
7-8 ECE Configuration	121
7-9 EVC Statistics	131
Chapter 8 – Performance Monitor	133
8-1 PM Session and Storage Configuration	133
8-2 PM Transfer Configuration	134
8-3 Performance Monitor Loss Measurement Statistics	136
8-4 Performance Monitor Delay Measurement Statistics	138
8-5 Performance Monitor EVC Statistics	141
8-6 Performance Monitor Measurement Interval Information	143
Chapter 9 – Quality of Service (QoS)	145
9-1 Port Classification	145
9-2 Port Policers	148
9-3 Port Shapers	150
9-4 Storm Control	152
9-5 Port Schedulers	154
9-6 Port PCP Remarking	155
9-7 DSCP	158
9-7.1 Port DSCP	158
9-7.2 DSCP Translation	160
9-7.3 DSCP Classification	162
9-7.4 DSCP-Based QoS	163
9-8 QoS Control List	164
9-8.1 Configuration	164
9-8.2 Status	168
9-9 QoS Statistics	170
9-10 WRED	171
Chapter 10 – HqoS (Hierarchical Quality of Service)	174
10-1 HqoS Port Configuration	174
10-2 Add New HqoS Entry	175
Chapter 11 – Spanning Tree	180
11-1 STP Configuration	180
11-2 MSTI Configuration	183
11-3 STP Status	189
11-4 Port Statistics	192
Chapter 12 – MAC Address Tables	193
12-1 Configuration	193
12-2 Information	196
Chapter 13 – Multicast	198
13-1 IGMP Snooping	198
13-1.1 Basic Configuration	198
13-1.2 VLAN Configuration	200
13-1.3 Status	202
13-1.4 Groups Information	204
13-1.5 IGMP SFM Information	206
13-2 MLD Snooping	208
13-2.1 Basic Configuration	208
13-2.2 VLAN Configuration	211
13-2.3 Status	213
13-2.4 Groups Information	215
13-2.5 MLD SFM Information	217
13-3 MVR	219
10-3.1 Basic Configuration	219
13-3.2 Statistics	222
13-3.3 Groups Information	223
13-3.4 SFM Information	224
13-4 Multicast Filtering Profile	226
13-4.1 Filtering Profile Table	226
13-4.2 Filtering Address Entry	229
Chapter 14 – DHCP	231
14-1 Snooping	231
14-1.1 Configuration	231
14-1.2 Snooping Table	233
14-1.3 Detailed Statistics	234
14-2 Relay	236
14-2.1 Configuration	236
14-2.2 Statistics	238
14-3 Server	240
14-3.1 Configuration	240
14-3.2 Status	241
Chapter 15 – Security	243
15-1 Management	243
15-1.1 Account	243
15-1.2 Privilege Levels	247
15-1.3 Auth Method	249
15-1.4 Access Method	252
15-1.5 HTTPS	254
15-2 802.1X	256
15-2.1 Configuration	256
15-2.2 Status	264
15-3 IP Source Guard	270
15-3.1 Configuration	270
15-3.2 Static Table	272
15-3.3 Dynamic Table	273
15-4 ARP Inspection	275
15-4.1 Configuration	275
15-4.2 VLAN Configuration	277
15-4.3 Static Table	279
12-4.4 Dynamic Table	280
15-5 Port Security	282
12-5.1 Configuration	282
15-5.2 Status	285
15-6 RADIUS	288
15-6.1 Configuration	288
15-6.2 Status	291
15-7 TACACS+	296
Chapter 16 – Access Control	298
16-1 Ports Configuration	298
16-2 Rate Limiters	300
16-3 Access Control List	302
16-4 ACL Status	313
Chapter 17 – SNMP	316
17-1 SNMPv1/v2c Configuration	316
17-2 SNMPv3	318
17-2.1 Communities	318
17-2.2 Users	319
17-2.3 Groups	321
17-2.4 Views	322
17-2.5 Access	323
17-3 RMON Statistics	325
17-3.1 Configuration	325
17-3.2 Status	326
17-4 RMON History	328
17-4.1 Configuration	328
17-4.2 Status	329
17-5 RMON Alarm	331
17-5.1 Configuration	331
17-5.2 Status	333
17-6 RMON Event	335
17-6.1 Configuration	335
17-6.2 Status	336
Chapter 18 – MEP	337
18-1 MEP Configuration	337
18-2 MEP Configuration Page	340
18-2.1 Fault Management	345
18-2.2Performance Monitoring	350
Chapter 19 – ERPS	357
19-1 Ethernet Ring Protection Switching	357
19-2 ERPS Instance Configuration	360
19-3 RPL Configuration	361
19-4 Sub-Ring Configuration	361
19-5 Instance Command	361
19-6 ERPS VLAN Configuration	362
Chapter 20 – EPS	364
20-1 EPS Configuration	364
Chapter 21 – Rapid Ring	369
21-1 Configuration	369
Chapter 22 – MRP	370
22-1 Configuration	370
22-2 Status	374
Chapter 23 – PTP	376
23-1 Configuration	376
23-2 Status	387
Chapter 24 – Event Notification	389
24-1 SNMP Trap	389
24-2 eMail	392
24-3 Log	394
24-3.1 Syslog	394
24-3.2 View Log	395
24-4 Digital I/O	397
24-5 Event Configuration	398
24-6 Port Event Setting	400
Chapter 25 – Diagnostics	402
25-1 Ping	402
25-2 Traceroute	404
25-3 Cable Diagnostics	406
25-4 Mirroring	408
25-5 sFlow	410
25-5.1 Configuration	410
25-5.2 Statistics	413
25-6 Traffic Test	415
25-6.1 Y.1564	415
Y.1564 Profile Overview	416
Y.1564 Profile Configuration	417
Y.1564 Report Overview	423
Y.1564 Test Start	424
25-6.2 RFC2544	427
23-6.2.1 RFC Profile Overview	427
25-6.2.2 RFC2544 Profile Configuration	428
25-6.2.3 RFC2544 Reports	433
25-6.2.4 RFC2544 Test Start	434
25-6.3 Traffic Test Loop	438
Traffic Test Loop Configuration	440
Chapter 26 – Maintenance	443
26-1 Configuration	443
26-1.1 Save startup-config	443
26-1.2 Backup	444
26-1.3 Restore	446
26-1.4 Activate	448
26-1.5 Delete	450
26-2 Restart Device	451
26-3 Factory Defaults	452
26-4 Firmware	453
24-4.1 Firmware Upgrade	453
26-4.2 Firmware Selection	454
Chapter 27- DMS (Device Management System)	455
27-1 About DMS	455
27-2 DMS Mode - DMS Controller Switch	455
27-3 DMS Controller Switch and Managed Devices	456
27-4 DMS > DMS Mode	456
27-5 DMS > Management > Map API Key	458
27-6 DMS > Management > Device List	459
27-7 DMS > Graphical Monitoring	461
27-7.1 DMS > Graphical Monitoring > Topology View	461
PoE Auto Checking “AutoFill” Feature	467
27-7.2 DMS > Graphical Monitoring > Floor View	468
27-7.3 DMS > Graphical Monitoring > Map View	471
27-8 DMS > Maintenance	475
27-8.1 DMS > Maintenance > Floor Image	475
27-8.2 DMS > Maintenance > Diagnostics	477
27-8.2 DMS > Maintenance > Traffic Monitor	479
27-8.3 DMS Firmware Upgrade Procedure	483
27-9 DMS Troubleshooting	485
Chapter 28 - Service, Warranty, Tech Support, Contact, and Compliance Information	486
Appendix A – DHCP Per Port Configuration	487
DHCP Per Port Mode and IP Configuration	488
Appendix B – MRP Configuration	490
MRP Description	490
MRP Operation	490
MRP Sample Setup	491
MRP Pre-Requisites (General)	491
MRP Web UI Configuration	492
Example 1: MRP Manager Re-Config (Web UI)	494
Example 2: Non-Blocking MRC State Recognized by MRM (Web UI)	495

Match case Limit results 1 per page

Transition Networks

SISPM1040-3xxx-L Web User Guide

33763 Rev. G

https://www.transition.com

Page

257

496

Parameter descriptions:

System Configuration section parameters

Mode

: on or off. Indicates if IEEE 802.1X is globally enabled or disabled on the switch. If globally disabled, all

ports are allowed forwarding of frames.

Reauthentication Enabled

: If checked, successfully authenticated supplicants/clients are reauthenticated after

the interval specified by the Reauthentication Period. Reauthentication for 802.1X-enabled ports can be used to

detect if a new device is plugged into a switch port or if a supplicant is no longer attached.

For MAC-based ports, reauthentication is only useful if the RADIUS server configuration has changed. It does not

involve communication between the switch and the client, and therefore doesn't imply that a client is still

present on a port (see Aging Period below).

Reauthentication Period

: Determines the period, in seconds, after which a connected client must be

reauthenticated. This is only active if the Reauthentication Enabled checkbox is checked. Valid values are 1 - 3600

seconds.

EAPOL Timeout

: Determines the time for retransmission of Request Identity EAPOL frames. Valid values are

1 - 65535 seconds. This has no effect for MAC-based ports.

Aging Period

: This setting applies to the following modes, i.e. modes using the Port Security functionality to

secure MAC addresses:

• Single 802.1X

•

Multi 802.1X

• MAC

-Based Auth.

When the NAS module uses the Port Security module to secure MAC addresses, the Port Security module needs

to check for activity on the MAC address in question at regular intervals and free resources if no activity is seen

within a given period of time. This parameter controls exactly this period and can be set to a number between 10

and 1000000 seconds.

If reauthentication is enabled and the port is in an 802.1X-based mode, this is not so critical, since supplicants

that are no longer attached to the port will get removed upon the next reauthentication, which will fail. But if

reauthentication is not enabled, the only way to free resources is by aging the entries.

For ports in MAC-based Auth. mode, reauthentication doesn't cause direct communication between the switch

and the client, so this will not detect whether the client is still attached or not, and the only way to free any

resources is to age the entry.

Hold Time

: This setting applies to the following modes, i.e. modes using the Port Security functionality to secure

MAC addresses:

• Single 802.1X

• Multi 802.1X

• MAC

-Based Auth.

If a client is denied access - either because the RADIUS server denies the client access or because the RADIUS

server request times out (according to the timeout specified on the "Configuration > Security > AA" page) - the

client is put on hold in the Unauthorized state. The hold timer does not count during an on-going authentication.