Home » Netgear Manuals » Hubs & Switches » Netgear FS728TLP » Manual Viewer

Netgear FS728TLP Web Management User Guide - Page 195

Click the, button., Enable, Disable, Other, domain, ftpdata, telnet, IP DSCP, IP Precedence, IP TOS

Add to My Manuals
Save this manual to your list of manuals

Page 195 highlights

ProSAFE FS526Tv2, FS726Tv2, and FS728TLP Smart Switches Settings Description CPU Notification Mode Note: This menu applies only to model 728TLP. This menu is available only if you selected a Deny link on the ACL Wizard screen and is masked out if you selected a Permit link. Specify whether PoE power is turned off to a port if the ACL rejects the traffic from the port: • Enable. PoE power to the port is turned off. To reestablish PoE power to the port, turn on the PoE power manually (see Configure the PoE Ports on page 75). • Disable. PoE power to the port is not turned off. Protocol Type (Optional) Specify the protocol that needs to be compared against the information in a packet: All, ICMP, IGMP, IP, TCP, UDP, or Other. If you select Other, enter a protocol number in the range from 0 to 255 in the field next to the menu. Src L4 Port or Dst L4 Port Specify the TCP or UDP source or destination port that needs to be compared against the information in a packet: Other, domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, or www. Each of these selections is translated into the associated port number, which is used as both the start port and end port of the port range. If you select Other, enter a port number in the range from 0 to 65535 in the field next to the menu. Service Type (Optional) Specify the service type match conditions for the extended IP ACL rule. The possible values are IP DSCP, IP precedence, and IP ToS, which are alternative ways of specifying a match criterion for the same service type field in the IP header. Each service type uses a different user notation. Select one of the following radio buttons, and specify the value that is associated with the service type: • IP DSCP. Specifies the IP DiffServ Code Point (DSCP) field, which is defined as the high-order 6 bits of the service type octet in the IP header. Select an IP DSCP value from the menu. To specify a numeric value in the field next to the menu, select other from the menu, and enter an integer in the range from 0 to 63 in the field. • IP Precedence. Specifies the IP precedence field, which is defined as the high-order 3 bits of the service type octet in the IP header. In the field next to the radio button, enter an integer in the range from 0 to 7. • IP TOS. Specifies the Type of Service (ToS) bits, which is defined as all 8 bits of the service type octet in the IP header. In the first field next to the radio button, enter the 2-digit hexadecimal ToS bits number in the range from 00 to FF. In the second and rightmost field, enter the 2-digit hexadecimal ToS mask number, also in the range from 00 to FF. The ToS mask number specifies the bit positions that are used for comparison against the IP ToS field in a packet. For example, to check for an IP ToS value that has both bit 7 (the most significant bit) and bit 5 set and that has bit 1 clear, enter 0xA0 as the ToS bits number, and enter 0xFF as the ToS mask number. 7. Click the Apply button. Manage Access Control Lists 195

Section	Page
ProSAFE FS526Tv2, FS726Tv2, and FS728TLP Smart Switches	1
Contents	3
1. Introduction	9
Smart Switch Hardware Installation	10
Switch Management Methods	10
Web Management Interface	11
Access the Web Management Interface	11
Change the Language (Model FS726Tv2 Only)	13
Allowed Characters for User-Defined Fields	13
Use the Device View Screen as an Alternate Way to Configure the Smart Switch	13
Interface Naming Conventions	19
Ports on Model FS728TLP	19
Ports on Model FS726Tv2	19
Ports on Model FS526Tv2	20
Access Online Help from the Web Management Interface	20
Access NETGEAR Support	21
Access the User Guide Online	21
Organization of the Web Management Interface	22
2. Connect the Smart Switch to Your Network	28
Connect the Smart Switch to the Network	29
Use Automatic Switch Discovery for a Network with a DHCP Server	29
Use Automatic Switch Discovery for a Network without a DHCP Server	32
Configure the Network Settings from a Local Computer	34
Register the Smart Switch with NETGEAR	38
3. Configure Basic System Settings	40
Configure System Information	41
Configure the IP Settings and Management VLAN for the Network Interface	42
Change the IP Settings	42
Change the Management VLAN	45
Configure the Time Settings and SNTP Servers	45
Configure the Time Settings Manually	46
Manage SNTP Servers	47
Configure the Time Settings Through SNTP	49
4. Manage Access to the Switch	52
Manage the Password for the Smart Switch	53
Change the Password	53
Reset the Password	54
Configure Secure Access to the Smart Switch	54
Configure the Global Settings for HTTP Sessions	54
Manage the Access Profile and Access Rules	55
5. Configure Ports	60
Configure the Options for the Physical Ports and LAGs	61
Enable Flow Control	64
Configure the Auto-VoIP Mode	65
6. Configure Power over Ethernet (Model FS728TLP Only)	67
View the Global PoE Information and Enable PoE SNMP Traps	68
View the Global PoE Power Information	68
Enable PoE SNMP Traps	69
Configure Dual Detection of Powered Devices	69
Manage the Timer Schedules	70
Create a Timer Schedule	70
Configure a Timer Schedule	71
Enable Timer Schedules	74
Remove a Timer Schedule	75
Configure the PoE Ports	75
7. Configure VLANs and a Voice VLAN	79
Configure VLANs	80
Manage Custom VLANs	80
Manage VLAN Memberships	82
Configure Port VLAN IDs for Ports and LAGs	85
Configure a Voice VLAN	87
Configure Global Voice VLAN Properties	87
Configure the Voice VLAN Port Setting	88
Manage the Voice VLAN OUIs	90
8. Configure LAGs and LAG Membership	92
Link Aggregation Group Concepts	93
Configure a LAG	93
Manage LAG Memberships	95
Manage Members of a LAG	95
View Members of a LAG	96
Configure the LACP Global Priority	97
Configure the LACP Port Priority	97
9. Manage the Unicast Forwarding Database	99
Forwarding Database Concepts	100
View, Search, and Clear the MAC Address Table	100
View and Search the MAC Address Table	100
Remove Dynamically Learned MAC Addresses	101
Configure Dynamic Address Aging	102
Manage Static MAC Addresses	102
Add a Static MAC Address	103
Change a Static MAC Address	103
Remove a Static MAC Address	104
10. Configure Multicast	105
Multicast Concepts	106
Enable the Auto-Video Option	106
Configure IGMP Snooping	107
Configure the Global IGMP Snooping Options	107
Configure IGMP for Individual Ports and LAGs	108
View, Search, and Clear the IGMP Snooping Table	111
View and Search the Multicast Forwarding Database Table	112
View the Multicast Forwarding Database Statistics	114
Configure IGMP Snooping for VLANs	115
Manage Multicast Groups and Group Memberships	118
Manage Multicast Groups	118
Manage Multicast Group Memberships	119
Configure the IGMP Snooping Querier	121
Configure the Global IGMP Snooping Querier Options	121
Manage IGMP Snooping Querier VLANs	122
View the IGMP Snooping Querier VLAN Status	124
11. Configure Spanning Tree Protocol	126
Spanning Tree Protocol Concepts	127
Configure the Global STP Options and View the STP Status	127
Configure the CST	129
Configure CST on Ports and LAGs	130
View the CST Port and LAG Status	133
View the RSTP Port and LAG Status	135
View the STP Statistics	136
12. Configure Class of Service	138
Quality of Service Concepts	139
Class of Service Concepts	139
Configure the Global and Interface Trust Modes	139
Configure the CoS Trust Mode Globally	140
Configure the CoS Trust Mode for an Individual Port or LAG	141
Configure CoS on Ports and LAGs	142
Configure CoS Queues and Queue Options for Physical Ports and LAGs	143
Configure 802.1p to Queue Mapping	146
Configure DSCP to Queue Mapping	147
13. Manage RADIUS and Port Authentication and Traffic Control	149
Configure RADIUS Authentication	150
Configure the Global RADIUS Options	150
Manage the RADIUS Servers	151
Manage the RADIUS Accounting Server	154
Configure Port Authentication	157
Globally Enable Authentication for Port and Guest VLAN Access	158
Configure Authentication for Individual Ports	158
Start the Initialization Sequence or Reauthentication Sequence for Ports	163
View the Port Summary	164
Configure Traffic Control	166
Configure Storm Control	166
Configure Port Security	169
Configure Protected Ports	175
14. Manage Access Control Lists	177
Access Control List Concepts	178
Use the ACL Wizard to Configure ACLs	178
View the ACL Wizard Screen and View the Options	178
Use the ACL Wizard to Create an ACL Based on MAC Addresses	180
Use the ACL Wizard to Create an ACL Based on a Source IP Address	184
Use the ACL Wizard to Create an ACL Based on a Destination IP Address	188
Use the ACL Wizard to Create an ACL Based on TCP or UDP Ports	192
Manually Configure and Assign MAC ACLs	197
Manage MAC ACL Names	197
Manage MAC ACL Rules	199
Configure MAC ACL Bindings for Ports and LAGs	203
View the MAC ACL Binding Table	206
Manually Configure and Assign IP ACLs	207
Manage IP ACL Identifiers	208
Manage Basic IP ACL Rules	209
Manage Extended IP ACL Rules	212
Configure IP ACL Bindings for Ports and LAGs	216
View the IP ACL Binding Table	219
15. Configure System Management Options	221
Configure Denial of Service	222
Globally Enable Denial of Service	223
Manually Configure Denial of Service	223
Configure the Green Ethernet Features	225
Configure Link Layer Discovery Protocol	226
Configure the Global LLDP and LLDP-MED Properties	227
Configure LLDP for Ports	228
Configure LLDP-MED for Individual Ports	230
View the LLDP-MED Network Policy TLV for an Individual Port	232
View the LLDP Local Device and Local Port Information	233
View the LLDP Neighbors Information	237
16. Monitor the Switch and Traffic	242
View Statistics	243
View and Clear the Switch Statistics	243
View and Clear Statistics for Ports and LAGs	245
View and Clear Detailed Statistics for an Individual Port or LAG	248
View and Clear EAP Statistics for Ports	254
View the Results of a Cable Test	257
Configure and View the System Logs	258
Message Format Concepts	259
Configure, View, and Clear the Memory Log	260
Configure, View, and Clear the Flash Log	261
Configure Syslog Servers and Enable the Server Log	263
View and Clear the SNMP Trap Log	265
Manage Port Mirroring	267
17. Switch Management Tools	270
Download and Upgrade the Firmware	271
Use HTTP to Download Firmware	271
Use TFTP to Download Firmware	272
Upgrade the Firmware	273
Manage Two Firmware Images	275
Make an Image Active	276
Permanently Remove an Image	278
View the Dual Image Status	278
Save the Firmware, Running Configuration File, and Logs	279
Save the Firmware or Running Configuration File over HTTP	280
Save the Firmware, Running Configuration File, or Logs over TFTP	280
Download the Running Configuration File	282
Download the Running Configuration File over HTTP	282
Download the Running Configuration File over TFTP	283
Reboot the Smart Switch	284
Return the Smart Switch to Factory Default Settings	285
18. Configure SNMP	287
SNMP Concepts	288
Configure the SNMPv1 and SNMPv2 Options	288
Manage the SNMP Communities	288
Manage the SNMP Trap Receivers	290
Configure the SNMP Trap Flags	292
Configure SNMP3 User Authentication and Encryption	293
A. Smart Control Center Utilities	295
Install the Smart Control Center and Discover the Smart Switch	296
Overview of the Network Utilities	296
Configure the IP Address Settings of the Smart Switch	297
Change the Password for Accessing the Smart Switch	298
Save and Restore the Configuration File	299
Upgrade the Firmware	303
View and Manage Tasks	305
B. Configuration Examples	307
Virtual Local Area Networks	308
VLAN Advantages	308
VLAN Sample Configuration	309
Access Control Lists	310
Traffic Filtering Concepts	310
MAC ACL Sample Configuration	311
Standard IP ACL Sample Configuration	313
802.1X Authentication	314
Port Access Entity Roles	315
802.1X Sample Configuration	315
C. Factory Default Software Settings	318
Default Login Settings	319
IPv4, DHCP, VLAN, and Clock Settings	319
Port Characteristics	319
PoE Settings (Model FS728TLP Only)	321
Quality of Service and Traffic Control Settings	321
Security Settings	322
Multicast and Forwarding Database Settings	323
Management Settings	324
Image, File, and Logging Settings	325
D. Notification of Compliance	326

Match case Limit results 1 per page

Manage Access Control Lists

195

ProSAFE FS526Tv2, FS726Tv2, and FS728TLP Smart Switches

Click the

Apply

button.

CPU Notification Mode

Note:

This menu

applies only to model

728TLP.

This menu is available only if you selected a Deny link on the ACL Wizard

screen and is masked out if you selected a Permit link.

Specify whether PoE power is turned off to a port if the ACL rejects the traffic

from the port:

•

Enable

. PoE power to the port is turned off. To reestablish PoE power to the

port, turn on the PoE power manually (see

Configure the PoE Ports

page

75).

•

Disable

. PoE power to the port is not turned off.

Protocol Type

(Optional) Specify the protocol that needs to be compared against the

information in a packet:

All

ICMP

IGMP

TCP

UDP

, or

Other

If you select Other, enter a protocol number in the range from 0 to 255 in the

field next to the menu.

Src L4 Port

Dst L4 Port

Specify the TCP or UDP source or destination port that needs to be compared

against the information in a packet:

Other

domain

echo

ftp

ftpdata

http

smtp

snmp

telnet

tftp

, or

www

Each of these selections is translated into the associated port number, which is

used as both the start port and end port of the port range.

If you select Other, enter a port number in the range from 0 to 65535 in the field

next to the menu.

Service Type

(Optional) Specify the service type match conditions for the extended IP ACL

rule. The possible values are IP DSCP, IP precedence, and IP ToS, which are

alternative ways of specifying a match criterion for the same service type field in

the IP header. Each service type uses a different user notation.

Select one of the following radio buttons, and specify the value that is

associated with the service type:

•

IP DSCP

. Specifies the IP DiffServ Code Point (DSCP) field, which is

defined as the high-order 6 bits of the service type octet in the IP header.

Select an IP DSCP value from the menu. To specify a numeric value in the

field next to the menu, select

other

from the menu, and enter an integer in

the range from 0 to 63 in the field.

•

IP Precedence

. Specifies the IP precedence field, which is defined as the

high-order 3 bits of the service type octet in the IP header. In the field next

to the radio button, enter an integer in the range from 0 to 7.

•

IP TOS

. Specifies the Type of Service (ToS) bits, which is defined as all

bits of the service type octet in the IP header.

In the first field next to the radio button, enter the 2-digit hexadecimal ToS

bits number in the range from 00 to FF. In the second and rightmost field,

enter the 2-digit hexadecimal ToS mask number, also in the range from 00

to FF.

The ToS mask number specifies the bit positions that are used for

comparison against the IP ToS field in a packet. For example, to check for

an IP ToS value that has both bit 7 (the most significant bit) and bit 5 set

and that has bit

1 clear, enter 0xA0 as the ToS bits number, and enter 0xFF

as the ToS mask number.

Settings

Description