NETGEARメーカーGS728TPPの使用説明書/サービス説明書
ページ先へ移動 of 277
350 East Plumeria Drive San Jose, CA 95134 USA March 2013 202-11137-02 v1.0 G S7 5 2TP , G S7 2 8TP , and G S7 2 8TP P G i ga bit Sm art Sw i t c h e s So ft w ar e Adminis tr ati on Manual.
2 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Support Thank you for selecting NETGEAR products. After installing your device, locate the serial number on the label of your product and use it to register your product at https://my .netgear .
T able of Contents | 3 Content s Chapter 1 Getting Started Getting Started with the NETGEAR Switch . . . . . . . . . . . . . . . . . . . . . . . . . 9 Switch Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Connect the Switch to the Network .
4 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches DHCP Snooping Global Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 67 DHCP Snooping Interface Configuration . . . . . . . . . . . . . . . . . . . . . . . . 68 DHCP Snooping Binding Configuration .
5 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configure and View Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 Configure ARP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches MAC Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 MAC Binding Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244 User Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
8 1 1. Getting S t arted This manual describes how to configure and operate the GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches by using the web-based graphical user interface (GUI). This manual describes the software configuration procedures and explains the options available within those procedures.
9 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Getting Started with the NETGEAR Switch This chapter provides an overview of starting your NETGEAR switch and accessing the user interface. It also describes some actions that can be performed in the Smart Control Center (SCC) application, which can be downloaded to your computer .
10 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Switch Management Interface The NETGEAR switch contains an embedded web server and management software for managing and monitoring switch functions. The switch functions as a simple switch without the management software.
11 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Connect the Switch to the Network T o enable remote management of the switch through a web browser or SNMP , you must connect the switch to the network and configure it with network information (an IP address, subnet mask, and default gateway).
12 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Discover a Switch in a Network with a DHCP Server This section describes how to set up your switch in a network that has a DHCP server .
13 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 7. Select your switch by clicking the line that displays the switch, then click the Web Browser Access button. The Smart Control Center displays a login window . T o manage your switch, use your web browser .
14 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Switch Discovery in a Network Without a DHCP Server This section describes how to use the Smart Control Center to set up your switch in a network without a DHCP server . If your network has no DHCP service, you must assign a static IP address to your switch.
15 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 7. Select the Disabled radio button to disable DHCP . 8. Enter the static switch IP address, gateway IP address, and subnet mask for the switch and type your password. Tip: Y ou must enter the current password every time you use the Smart Control Center to update the switch setting.
16 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches W ARNING: When you change the IP address of your administrative system, connection to the rest of the network is lost. Be sure to write down your current network address settings before you change them.
17 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Access the Management Interface from the W eb T o access the switch management interface, use one of the following methods: • From the Smart Control Center, select the switch and click Web Browser Access .
18 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. After the system authenticates you, the System Information screen displays. Screen menu Configuration status and options Help Navigation tab Configuration menus Logout button screen Help link Figure 1.
19 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Some items in the menu expand to reveal multiple submenu links, as shown in the following: Link Submenu Links When you click a menu item that includes multiple configuration screens, the item becomes preceded by a down arrow symbol and expands to display the additional submenu links.
20 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The Device View is available by selecting System Device V iew . Depending upon the status of the port, the LED of the port status lights. Green indicates that the port is enabled. Red indicates that an error occurred on the port and the link is disabled.
21 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The following image shows the device view of the NETGEAR switch. Figure 2. Ports and LEDs on the Switching Devices Click the port you want to view or configure to see a menu that displays statistics and configuration options.
22 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches If you right-click the graphic, the main menu displays. Figure 4. Device View Drop Down Menus Help Screen Access Every screen contains a link to the online help , which contains information to help configure and manage the switch.
23 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches object for interface configuration is in -SWITCHING-MIB, which is a private MIB. Some interface configurations also involve objects in the public MIB, IF-MIB.
24 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Interface Naming Convention The switch supports physical and logical interfaces. Interfaces are identified by their type and the interface number . The switches support the following ports: • GS752TP .
25 2 2. C onf igur ing S y st em Inf or ma ti on Use the features in the System tab to define the switch’s relationship to its environment. The System tab contains links to screens described in the .
26 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Management This section describes how to display the switch status and specify some basic switch information, such as the management interface IP address, system clock settings, and DNS information.
27 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • System Location . Enter the location of this switch. Y ou can use up to 160 alphanumeric characters. The factory default is blank. • System Contact . Enter the contact person for this switch.
28 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure the network information for the management interface: 1. Select System Management IP Configuration .
29 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches When the management VLAN is set to a different value, an IP connection can be made only through a port that is part of the management VLAN. It is also mandatory that the port VLAN ID (PVID) of the port to be connected in that management VLAN be the same as the management VLAN ID.
30 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure the global settings for an IPv6 Interface: 1. Select System Management IPv6 Network Configuration . The following screen displays: 2. In the Global Configuration Section, configure the following: • Admin Mode .
31 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches IPv6 Network Neighbors T o view the IPv6 Network Interface Neighbors: Select System Management IPv6 Network Neighbors . The following screen displays: Properties of each neighbor are displayed, as described below: • IPv6 Address .
32 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Time The switch software supports the Simple Network T ime Protocol (SNTP). Y ou can also set the system time manually SNTP assures accurate network device clock time synchronization up to the millisecond.
33 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure the time by using the CPU clock cycle as the source: 1. Select System Management Time SNTP Global Configuration . The following screen displays: 2. Next to the Clock Source, select Local .
34 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The SNTP Global Status table on the T ime Configuration screen displays information about the system’s SNTP client. T able 4 describes the SNTP Global Status fields. T able 4. SNTP Global Status fields.
35 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure a new SNTP server: 1. Select System Management Time SNTP Server Configuration . The following screen displays: 2. Enter the appropriate SNTP server information in the following fields: • Server T ype .
36 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T able 5. SNTP Server Status T able Fields Field Description Address Specifies all the existing server addresses. If no server configuration exists, a message saying “No SNTP server exists” flashes on the screen.
37 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. In the DNS Default Name field, enter a default DNS name to include in DNS queries. When the system is performing a lookup on an unqualified host name, this field is provided as the domain name.
38 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The Dynamic Host Configuration table shows host name-to-IP address entries that the switch has learned. T able 6 describes the dynamic host fields. T able 6. Dynamic Host Configuration table fields Field Description Host Lists the host name you assign to the specified IP address.
39 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure the Green Ethernet Configuration features: 1. Select System Management Green Ethernet Green Ethernet Configuration . The following screen displays: 2. Enable or disable the Auto Power Down Mode.
40 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Green Ethernet Interface Configuration Using the Green Ethernet Interface Configuration feature allows for proper port configuration and the ability to enable or disable the Auto Power Down, Short Cable, and EEE Modes on specific ports.
41 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configuration changes take effect immediately . Green Ethernet Detail Use this screen to display or configure Green Ethernet details per interface. T o configure the Green Ethernet Detail feature: 1.
42 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • T w_sys_rx Echo (uSec) . Displays the amount of time the T w_sys_rx Echo has been present on the port.
43 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Energy Detect Operational Status . Displays the operational status of the Energy Detect mode for each of the local interfaces (Active or Inactive). • Short Reach Admin Mode . Displays the Short Reach Admin Mode for each of the local interfaces (Enable or Disable).
44 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches P oE Configuration T o view global PoE power information and to configure PoE SNMP trap settings, use the PoE Configuration screen. T o configure PoE trap settings: 1. Select System PoE Basic PoE Configuration .
45 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches P oE P ort Configuration Use the PoE Port Configuration screen to configure per-port PoE settings. T o assign a timer to the port: 1. Select System PoE Advanced PoE Port Configuration .
46 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches power level that the PD can actually use is slightly lower . The classes are defined as follows: • 0 . 0–15.4W • 1 . 0–4W • 2 . 0–7W • 3 . 0–15.4W • 4 . 0–30W • Timer Schedule .
47 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o create a timer: 1. Select System PoE Advanced Timer Global Configuration . The following screen displays: 2. T o add a timer , enter a name in the T imer Schedule Name field, and click ADD .
48 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure timer settings: 1. Select System PoE Advanced Timer Schedule Configuration . The following screen displays: 2. From the T imer Schedule Name list, select the name of the schedule created on the T imer Global Configuration screen.
49 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches SNMP From SNMP menu under the System tab, you can configure SNMP settings for SNMP V1/V2 and SNMPv3.
50 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o add a new SNMP community: 1. Select System SNMP SNMP V1/V2 Community Configuration . The following screen displays: 2. T o add a new SNMP community , enter community information in the available fields described below .
51 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches all valid Community Names or the set request is rejected. If you select Disable, the Community Name becomes invalid. 3. Click ADD . Configuration changes take effect immediately . T rap Configuration This screen displays an entry for every active T rap Receiver .
52 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 2. Click APPL Y . Configuration changes take effect immediately . T rap Flags Use the T rap Flags screen to enable or disable traps the switch can send to an SNMP manager .
53 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches SNMP Supported MIBs The screen allows you to view a list of the supported MIBs. T o access the Supported MIBS screen, select System SNMP SNMP V1/V2 Supported MIBS . SNMP v3 User Configuration This is the configuration for SNMP v3.
54 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure SNMPv3 settings for the user account: 1. Select System SNMP SNMP V3 User Configuration . The following screen displays: 2. Next to Authentication Protocol, select the SNMPv3 Authentication Protocol setting for the selected user account.
55 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches LLDP The IEEE 802.1AB-defined standard, Link Layer Discovery Protocol (LLDP), allows stations on an 802 LAN to advertise major capabilities and physical descriptions. A network manager views this information to identify system topology and detect bad configurations on the LAN.
56 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches LLDP Configuration Use the LLDP Configuration screen to specify LLDP and LLDP-MED parameters that are applied to the switch. T o configure global LLDP settings: 1. Select System > LLDP > Basic > LLDP Configuration .
57 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches This occurs when a new endpoint device links with the LLDP-MED network connectivity device. The default value is 3, and the range is from 1–10. 4. Click APPL Y . Configuration changes take effect immediately .
58 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Auto Advertise . Advertise the current IP address of the device as the management IP address. • Notification . When notifications are enabled, LLDP interacts with the trap manager to notify subscribers of remote data change statistics.
59 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches has the VLAN ID, priority , DSCP , tagged bit status, and unknown bit status. This information is displayed only if a network policy TL V has been transmitted. • VLAN ID . The VLAN ID associated with the policy .
60 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Network Policy • Location Identification • Extended Power via MDI: PSE • Extended Power via MDI: PD • Inventory 6. Click APPL Y to apply the new settings to the system. Configuration changes take effect immediately .
61 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 2. T o view more details about a port, click the name of the port in the Interface column of the Port Information table.
62 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Auto-Negotiation Supported Specifies whether the interface supports port-speed autonegotiation. Possible values are T rue and False. Auto-Negotiation Enabled Displays the port speed autonegotiation support status.
63 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Neighbors Information Use the LLDP Neighbors Information screen to view the data that a specified interface has received from other LLDP-enabled systems. T o display the LLDP Neighbors Information screen: 1.
64 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 2. T o view more information about the remote device, click the link in the MSAP Entry column. The following screen displays information for the selected port: The following table describes the information that displays for a selected port: T able 10.
65 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Port ID Subtype Identifies the type of data displayed in the remote system’s Port ID field. Port ID Identifies the physical address of the port on the remote system from which the data was sent.
66 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Software Revision The software version advertised by the remote device. Serial Number The serial number advertised by the remote device. Model Name The model name advertised by the remote device.
67 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Services—DHCP Snooping DHCP snooping is a useful feature that provides security by filtering untrusted DHCP messages and by building and maintaining a DHCP snooping binding table.
68 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The following screen displays: 2. Next to DHCP Snooping Mode, select Enable or Disable to turn the DHCP snooping feature on or off. The factory default is disabled. 3. Next to MAC Address V alidation, select Enable o r Disable t o turn on or of f the MAC address validation feature.
69 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The following screen displays: 2. In the Go T o Interface field, enter the interface name and click the Go button. The entry corresponding to the specified interface is selected. 3. T o configure DHCP snooping interface settings, click PORTS , LAGS , or All .
70 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches DHCP Snooping Binding Configuration T o configure DHCP binding settings: 1. Select System Services DHCP Snooping Binding Configuration .
71 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T able 1 1. DHCP Snooping Dynamic Binding Configuration fields. Field Description Interface Displays information about the interface to which a binding entry in the DHCP snooping database. MAC Address The MAC address for the binding entry in the binding database.
72 3 3. C onf igur ing S w it ching Inf or mati on Use the features you access from the Switching tab to define Layer 2 features. The Switching tab contains links to features described in the followin.
73 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches P orts The screens you access from the Ports menu allow you to view and monitor the physical port information for the ports available on the switch.
74 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 2. Next to Global Flow Control (IEEE 802.3x) Mode, enable or disable IEEE 802.3x flow control on the system. The factory default is Disable. • Enable . The switch sends pause packets if the port buf fers become full.
75 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Y ou can select multiple ports and LAGs to apply the same setting to the selected interfaces. Select the check box in the heading row to apply the same settings to all interfaces. 4. Configure or view the settings: • Description .
76 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Link Aggregation Groups Link aggregation groups (LAGs), which are also known as port channels, allow you to combine multiple full-duplex Ethernet links into a single logical link.
77 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure LAG settings: 1. Select Switching LAG Basic LAG Configuration . The following screen displays: 2. Select the check box next to the LAG to configure. Y ou can select multiple LAGs to apply the same settings to the selected interfaces.
78 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 4. Click APPL Y to send the updated configuration to the switch. Configuration changes take effect immediately .
79 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 4. Click the box below each port to include the port in the LAG. The following screen shows an example of how to configure LAG1 with ports g1–g4 as members. 5. Click APPL Y to send the updated configuration to the switch.
80 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. Click APPL Y to send the updated configuration to the switch. Configuration changes take effect immediately . LA CP P ort Configuration T o configure LACP port priority settings: 1. Select Switching LAG Advanced LACP Port Configuration .
81 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches VLANs Adding virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2 header , which is fast.
82 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure VLANs: 1. Select Switching VLAN Basic VLAN Configuration . The following screen displays: 2. T o add a VLAN, configure the VLAN ID, name, and type, and click ADD .
83 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches VLAN Membership Configuration Use this screen to configure VLAN port membership for a particular VLAN. Y ou can select the Group Operation through this screen. T o configure VLAN membership: 1.
84 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches In the following screen, ports 6, 7, and 8 are being added as tagged members to VLAN 2. 6. From the Group Operations list, select an identical configuration for all the ports. The possible values are: • T ag All .
85 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure PVID information: 1. Select Switching VLAN Advanced Port PVID Configuration . The following screen displays: 2. Select the check box next to the interfaces to configure.
86 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Disable . All frames are forwarded in accordance with the IEEE 802.1Q VLAN standard. The factory default is Disable. 6. Specify the default 802.1 p priority assigned to untagged packets arriving at the port.
87 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The following screen displays: 2. Next to V oice VLAN Status, enable or disable voice VLAN on the switch. If the switch does not handle traffic from IP phones, the status must be disabled. 3. From the V oice VLAN ID list, select the voice VLAN ID to use for voice traf fic.
88 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches V oice VLAN P ort Setting T o configure V oice VLAN port settings: 1. Select Switching V oice VLAN Advanced Port Setting . The following screen displays: 2. Select the check box next to the port to configure.
89 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • 00:12:43 . CISCO2 • 00:0F:E2 . H3C • 00:60:B9 . NITSUKO • 00:D0:1E . PINTEL • 00:E0:75 . VERILINK • 00:E0:BB . 3COM • 00:04:0D . AVAYA 1 • 00:1B:4F . AVAYA 2 Y ou can select an existing OUI or add a new OUI and description to identify the IP phones on the network.
90 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Auto - V oIP Configuration Auto-V oIP automatically makes sure that time-sensitive voice traf fic is given priority over data traffic on ports that have this feature enabled. Auto-V oIP checks for packets carrying the following V oIP protocols: • Session Initiation Protocol (SIP) • H.
91 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 2. T o configure Auto-V oIP interface settings for a physical port or a LAG port, click PORT , LAGS , or ALL . 3. Enter the interface name in the Go T o Interface field and click the Go button.
92 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches STP Configuration The STP Switch Configuration screen contains fields for enabling STP on the switch. T o configure STP settings on the switch: 1. Select Switching STP Basic STP Configuration .
93 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The Forward BPDU while STP Disabled field specifies whether spanning tree BPDUs should be forwarded or not while spanning-tree is disabled on the switch. 6. Click APPL Y to send the updated configuration to the switch.
94 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches CST Configuration T o configure Common Spanning T ree (CST) and Internal Spanning T ree on the switch, use the CST Configuration screen. T o configure CST settings: 1. Select Switching STP Advanced CST Configuration .
95 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Spanning T ree Maximum Hops. Specify the maximum number of bridge hops the information for a particular CST instance can travel before being discarded. The valid range is 1–40. 3. Click APPL Y to send the updated configuration to the switch.
96 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches CST P ort Configuration Use the CST Port Configuration screen to configure Common Spanning T ree (CST) and Internal Spanning T ree on a specific port on the switch. T o configure CST port settings: 1.
97 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Path Cost . Set the Path Cost to a new value for the specified port in the Common and Internal Spanning T ree. The valid range is 1–200000000. • Priority . The priority for a particular port within the CST .
98 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T able 14. CST Status Information. Field Description Interface Select a physical or port channel interface to configure. The port is associated with the VLANs associated with the CST . Port Role Each MST Bridge Port that is enabled is assigned a port role for each spanning tree.
99 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The following table describes the Rapid STP Status information displayed on the screen. T able 15. RSTP Status Information. Field Description Interface The physical or port channel interfaces associated with VLANs associated with the CST .
100 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The following screen displays: 2. T o add an MST instance, configure the MST values and click Add : • MST ID . Specify the ID of the MST to create. The valid range is 1–15. • Priority .
101 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The following table describes the information displayed on the screen for each configured MST instance. T able 16. MST Instance Information. Field Description Bridge Identifier The bridge identifier for the selected MST instance.
102 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches MST P ort Configuration Use the MST Port Configuration screen to configure and display Multiple Spanning T ree (MST) settings on a specific port on the switch. T o configure MST port settings: 1.
103 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 5. Click APPL Y to send the updated configuration to the switch. Configuration changes take place immediately . The following table describes the read-only MST port configuration information displayed on the CST Configuration screen.
104 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Multicast Multicast IP traffic is traf fic that is destined to a host group. The class D addresses identify the host groups for IPv4 multicast, which range from 224.0.0.0 to 239.255.255.255. The prefix ff00::/8 identifies the host groups for IPv6 multicast.
105 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o view the MFDB T able screen: 1. Select Switching Multicast MFDB MFDB T able . The following screen displays: 2. In the Search by MAC Address field, enter the MAC address whose MFDB table entry you want to display .
106 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches MFDB Statistics T o access the MFDB Statistics screen, click Switching Multicast MFDB MFDB Statistics . The following screen displays: The MFDB Statistics screen displays the following: • Max MFDB T able Entries .
107 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure Auto-Video: 1. Select Switching Multicast Auto-V ideo Configuration . The following screen displays: 2. Globally enable or disable the Auto-V ideo administrative mode for the switch by selecting Enable or Disable next to the Auto-V ideo Status radio button.
108 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches few nodes. Packets are flooded into network segments where no node has any interest in receiving the packet.
109 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Enable . Packets with unknown multicast MAC addresses in the destination field are dropped. • Disable . Packets with unknown destination multicast MAC addresses are processed. 4. Click APPL Y to send the updated configuration to the switch.
11 0 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The following table describes the fields in the IGMP Snooping T able. T able 19. IGMP Snooping T able. Field Description MAC Address A multicast MAC address for which the switch has forwarding and filtering information.
111 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 2. Select the VLAN ID and configure the IGMP Snooping values: • Fast Leave Admin Mode . Enable or disable the IGMP snooping fast leave mode for the specified VLAN ID.
11 2 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • IGMP Snooping Querier VLAN Status IGMP Snooping Querier Configuration Use this screen to enable or disable the IGMP Snooping Querier feature, specify the IP address of the router to perform the querying, and configure the related parameters.
11 3 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The Querier Expiry Interval specifies the time interval in seconds after which the last querier information is removed. The Query Expiry Interval is a read-only parameter calculated as: 2 * Query Interval + 5, so by default the value is: 2*60+5 =125.
11 4 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. Click APPL Y to send the updated configuration to the switch. Configuration changes take place immediately .
11 5 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T able 20. Querier VLAN Status Fields Field Description VLAN ID Specifies the VLAN ID on which the IGMP snooping querier is administratively enabled and for which VLAN exists in the VLAN database.
11 6 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches that want to receive the data, instead of being flooded to all ports in a VLAN. This list is constructed by snooping IPv6 multicast control packets. T o configure MLD snooping: 1. Select Switching Multicast MLD Snooping MLD Snooping Configuration .
11 7 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches MLD VLAN Configuration MLD snooping can be enabled on a per-VLAN basis. It is necessary to keep track of the interfaces that are participating in a VLAN in order to apply or remove configurations.
11 8 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches QI = (Group Membership Interval – Maximum Response T ime) / 2 8. Click ADD to enable MLD Snooping on the specified VLAN. 9. Click APPL Y to send the updated configuration to the switch. Configuration changes take place immediately .
11 9 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configuration changes take place immediately . Static Multicast Address The Static Multicast Address link feature contains features describ.
120 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. In the Multicast Address field, enter the multicast group MAC Address associated with the VLAN. • T ype . Indicates the VLAN ID status in relation to the multicast group. • Static . Attaches the VLAN ID to the multicast group as static member .
121 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. Select the check box next to the interfaces to configure. Y ou can select multiple interfaces to apply the same setting to the selected interfaces. Select the check box in the heading row to apply the same settings to all interfaces.
122 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Y ou can select multiple interfaces to apply the same setting to the selected interfaces. Select the check box in the heading row to apply the same settings to all interfaces. 4. Select the status of the interfaces.
123 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o search for an entry in the MAC Address T able: 1. Select Switching Address T able Basic Address T able . The following screen displays: 2. In the Search By field, select whether to search for MAC addresses by MAC address, VLAN ID, or interface.
124 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Dynamic Address Configuration Use the Dynamic Address screen to set the amount of time to keep a learned MAC address entry in the forwarding database.
125 4 4. C onf igur ing R ou ting The switch supports IP routing. Use the menus under the Routing tab to manage routing on the system. This chapter contains the following sections: • Configure IP Se.
126 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configure IP Settings Use the IP Configuration screen to configure routing parameters for the switch. T o access the IP Configuration screen: 1. Select Routing IP > IP Configuration .
127 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configure VLAN R outing Y ou can configure the switch software with some ports supporting VLANs and some supporting routing. Y ou can also configure the software to allow traffic on a VLAN to be treated as if the VLAN were a router port.
128 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure VLAN settings: 1. Select Routing VLAN > VLAN Routing Wizard . The following screen displays: 2. In the VLAN ID field specify a VLAN ID. This VLAN identifier (VID) associated with this VLAN is created if it does not exist.
129 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configure VLAN R outing Use the VLAN Routing Configuration screen to view information about the VLAN routing interfaces configured on the system or to assign an IP address and subnet mask to VLANs on the system.
130 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configure and View R outes From the Routing T able screen, you can configure static and default routes and view the routes that the NETGEAR switch has already learned. T o configure routes: 1.
131 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Among routes to the same destination, the route with the lowest preference value is the route entered into the forwarding database. By specifying the preference of a static route, the user controls whether a static route is more or less preferred.
132 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configure ARP The Address Resolution Protocol (ARP) associates a Layer 2 MAC address with a Layer 3 IPv4 address. The switch software features both dynamic and manual ARP configuration. With manual ARP configuration, you can statically add entries to the ARP table.
133 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches ARP Cache Use the ARP Cache screen to view entries in the ARP table, a table of the remote connections most recently seen by this switch. Select Routing ARP > Basic ARP Cache . The following screen displays: The following ARP cache fields display: • Interface .
134 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches ARP Entry Configuration T o add a static entry to the ARP table: 1. Select Routing ARP > Advanced ARP Create . The following screen displays: 2. In the IP Address field, specify the IP address that you want to add.
135 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Global ARP Configuration Use the Global ARP Configuration screen to display and change the configuration parameters of the ARP table. T o configure the global ARP settings: 1. Select Routing ARP > Advanced Global ARP Configuration .
136 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches ARP Entry Management Use this screen to remove entries from the ARP T able. T o remove entries from the ARP table: 1. Select Routing ARP > Advanced ARP Entry Management . The following screen displays: 2.
137 5 5. C onf igur e Qu alit y o f Ser v i ce Use the features you access from the QoS tab to configure Quality of Service (QoS) settings on the switch.
138 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Class of Service The Class of Service (CoS) queueing feature lets you directly configure certain aspects of switch queueing. This configuration provides the desired QoS behavior for dif ferent types of network traffic when the complexities of Dif fServ are not required.
139 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure global CoS settings: 1. Select QoS CoS Basic CoS Configuration . The following screen displays: 2. From the Global T rust Mode menu, specify whether to trust a particular packet marking at ingress.
140 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches CoS Interface Configuration Use the CoS Interface Configuration screen to apply an interface shaping rate to all interfaces or to a specific interface. T o configure CoS settings for an interface: 1.
141 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 5. In the Interface Ingress Rate Limit field, specify the ingress rate allowed. The range is 100–1000000 Kbps. The default value is 0, which means that the maximum is unlimited. 6. Click APPL Y to apply the changes to the system.
142 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches divided by the sum of all the configured weights. The sum of the minimum bandwidths for all queues does not have to equal 100. • Scheduler T ype . Select the type of queue processing. Options are Weighted and Strict.
143 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T raffic classes go from low (0) to high (3). For example, traf fic with a priority of 0 is for most data traffic and is sent using best ef fort. T raffic with a higher priority , such as 3, might be time-sensitive traffic, such as voice or video.
144 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Differentiated Services The QoS feature provides Differentiated Services (Dif fServ) support that enables traffic to be classified into streams and given certain QoS treatment in accordance with defined per-hop behaviors.
145 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Diffserv Configuration Use the Diffserv Configuration screen to display Dif fServ general status group information, which includes the current administrative mode setting as well as the number of used resources for DiffServ .
146 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches This feature changes (remarks) the DSCP tags for incoming traffic switched between trusted QoS domains. For example, assume that there are three levels of service—A, B, and C— and the DSCP incoming values used to mark these levels are 10, 20, and 30 respectively .
147 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Class Configuration Use one of the Class Configuration screens to add a DiffServ class name, or to rename or delete an existing class. For IPv4 packets use the Class Configuration screen. For IPv6 packets use the IPv6 Class Configuration screen.
148 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Use the buttons at the bottom of the screen to perform the following: • T o remove a class, select the check box beside the class name, then click DELETE . • T o cancel the configuration you just entered, click CANCEL .
149 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Source MAC . Enter the source MAC address and the mask. • Destination MAC . Enter the destination MAC address and the mask. • Protocol T ype . Select the protocol type. If you select Other , enter a protocol number in the field that appears.
150 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure an IPv6 class: 1. Select QoS DiffServ Advanced IPv6 Class Configuration . The following screen displays: 2. Enter the new class name. 3. Select the class type, and click Add .
151 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure the class match criteria: 1. In the IPv6 Class Configuration screen, select the name of the class. The following screen displays: 2. Click a class name (which is a hyperlink) for an existing class.
152 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 4. Click APPL Y to save the class. Configuration changes take effect immediately . P olicy Configuration Use the Policy Configuration screen to associate a collection of classes with one or more policy statements.
153 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure the policy attributes: 1. In the Policy Configuration screen, click the name of the policy .
154 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. If you select the Simple Policy radio button, you can configure the following fields: • Color Mode . Color aware mode requires the existence of one or more color classes that are valid for use with this policy instance; otherwise, the color mode is color blind, which is the default.
155 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Service Configuration Use the Service Configuration screen to activate a policy on an interface. T o configure DiffServ policy settings on an interface: 1. Select QoS DiffServ Advanced Service Configuration .
156 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o display and refresh service-level statistical information: 1. Select QoS DiffServ Advanced Service Statistics . The following screen displays: The following fields are displayed: • Interface .
157 6 6. Managing De v i ce Sec ur it y Use the features available from the Security tab to configure management security settings for port, user , and server security .
158 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Management Security Settings From the Management Security menu, you can configure the login password, Remote Authorization Dial-In User Service (RADIUS) settings, T erminal Access Controller Access Control System (T ACACS+) settings, and authentication lists.
159 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 4. T o confirm the password, enter it again to make sure that you entered it correctly . This field displays asterisks (*) 5. Click APPL Y to apply the new settings to the system. Configuration changes take effect immediately .
160 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure global RADIUS server settings: 1. Select Security Management Security RADIUS Global Configuration. The following screen displays: The Current Server IP Address field is blank if no servers are configured (see RADIUS Server Configuration ).
161 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches RADIUS Server Configuration Use the RADIUS Server Configuration screen to view and configure various settings for the current RADIUS server configured on the system. T o configure a RADIUS server for authentication and authorization: 1.
162 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Accounting Server Configuration Use the Accounting Server Configuration screen to view and configure various settings for a RADIUS accounting server on the network. T o configure the RADIUS accounting server: 1.
163 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configure T ACA CS+ T ACACS+ provides a centralized user management system while still retaining consistency with RADIUS and other authentication processes. T ACACS+ provides the following services: • Authentication .
164 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 2. In the Key String field, specify the authentication and encryption key for T ACACS+ communications between the switch and the T ACACS+ server . The valid range is 0–128 characters. The key must match the key configured on the T ACACS+ server .
165 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 5. In the Key String field, specify the authentication and encryption key for T ACACS+ communications between the switch and the T ACACS+ server . This key must match the encryption used on the T ACACS+ server .
166 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches HTTP Authentication List Use the HTTP Authentication List screen to configure the default HTTP login list. T o change the HTTP authentication method for the default list: 1. Select Security Management Security Authentication List > HTTP Authentication List .
167 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Note: Each authentication protocol can use up to three authentication methods. Local and None must be the last methods.
168 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. From the list in the 1 column, select the HTTPS authentication method that must appear first in the selected authentication login list.
169 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configure Management Access From the Access tab, you can configure HTTP and Secure HTTP access to the switch management interface. Y ou can also configure access control profiles and access rules.
170 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. Click APPL Y to update the switch with the HTTPS Authentication settings. Secure HTTP Configuration Secure HTTP enables the transmission of HTTP over an encrypted Secure Sockets Layer (SSL) or T ransport Layer Security (TLS) connection.
171 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches After the session is inactive for the configured amount of time, the administrator is automatically logged out and must reenter the password to access the management interface. The default value is 5 minutes.
172 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Import Certificates . Select this option to import certificate files. In the Certificate field, Public Key field and Private Key fields, paste the certificate, public key and private key from an external file.
173 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Access Profile Configuration T o set up a security access profile: 1. Select Security > Access > Access Control Access Profile Configuration . The following screen displays: 1. In the Access Profile Name field, enter the name of the access profile to be added.
174 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Access Rule Configuration T o add a security access rule: 1. Select Security > Access > Access Control Access Rule Configuration . The following screen displays: 2. In the Rule T ype field, select Permit or Deny as the action to be performed when the rule is matched.
175 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches P ort Authentication In port-based authentication mode, when 802.1x is enabled globally and on the port, successful authentication of any one supplicant attached to the port results in all users being able to use the port without restrictions.
176 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure global 802.1x settings: 1. Select Security Port Authentication Basic 802.1x Configuration . The following screen displays: 2. Next to the Port Based Authentication State, select the radio button to enable or disable 802.
177 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches P ort Authentication Use the Port Authentication screen to enable and configure port access control on one or more ports. T o configure 802.1x settings for the port: 1. Select Security Port Authentication > Advanced Port Authentication .
178 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Y ou can also select multiple check boxes to apply the same settings to the select ports, or select the check box in the heading row to apply the same settings to all ports. 3. For the selected ports, specify the following settings: • Port Control .
179 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Protocol V ersion . Displays the protocol version associated with the selected port. The only possible value is 1, corresponding to the first version of the 802.1x specification. • P AE Capabilities .
180 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches P ort Summary Use the Port Summary screen to view information about the port access control settings on a specific port. Select Security Port Authentication Advanced Port Summary .
181 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Operating Control Mode Indicates the control mode under which the port is actually operating. The possible values are: • ForceUnauthorized • ForceAuthorized • Auto • N/A: If the port is in detached state, it cannot participate in port access control.
182 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T raffic Control From the T raf fic Control menu, you can configure MAC filters, storm control, port security , and protected port settings.
183 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure storm control settings: 1. Select Security T raffic Control > Storm Control . The following screen displays: 2. Select the check box next to the port to configure. Select multiple check boxes to apply the same setting to all selected ports.
184 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches P ort Security Interface Configuration A MAC address can be defined as allowable by one of two methods: dynamically or statically . Both methods are used concurrently when a port is locked. Dynamic locking implements a first arrival mechanism for port security .
185 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Max Allowed Dynamically Learned MAC . Sets the maximum number of dynamically learned MAC addresses on the selected interface. The valid range is 0–600. The default value is 600. • Enable V iolation T raps .
186 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T able 24. Dynamic MAC addresses table fields. Field Description VLAN ID The VLAN ID corresponding to the last violation MAC address. MAC Address The MAC addresses learned on a specific port.
187 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configure Access Control Lists Access control lists (ACLs) ensure that only authorized users have access to specific resources while blocking any unwarranted attempts to reach network resources.
188 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o create an ACL: 1. Select Security ACL ACL Wizard . The following screen displays: 2. From the ACL T ype list, select the ACL type used to create the ACL. Y ou can select from 10optional types: • ACL Based on Destination MAC.
189 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • ACL Based on Source IPv6 L4 Port. Creates an ACL based on the source IPv6 layer 4 port number . 3. Configure the settings in the following table, based on the selection in the ACL T ype list: Note: The Rule ID, Action, and Match Every fields appear for all ACL types.
190 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 4. In the Binding Configuration area, the Inbound only packet filtering direction for an ACL is selected in the Direction field. 5. In the Port Selection T able area, specify the list of all available valid interfaces for ACL mapping.
191 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure a MAC ACL: 1. Select Security ACL > Basic > MAC ACL . The following screen displays: 2. Specify a name for the MAC ACL in the Name field. The name string can include alphabetic, numeric, hyphen, underscore, or space characters only .
192 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure MAC ACL rules: 1. Select Security ACL > Basic MAC Rules . The following screen displays: 2. From the ACL Name field, specify the existing MAC ACL to which the rule applies.
193 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches addresses with aa:bb:xx:xx:xx:xx result in a match (where x is any hexadecimal number). A MAC mask of 00:00:00:00:00:00 matches a single MAC address. • EtherT ype Key . Requires a packet’s EtherT ype to match the EtherT ype you select.
194 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure MAC ACL interface bindings: 1. Select Security ACL > Basic MAC Binding Configuration . The following screen displays: 1. From the ACL ID list, select an existing MAC ACL.
195 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches MA C Binding T able Use the MAC Binding T able screen to view or delete the MAC ACL bindings. Select Security ACL > Basic MAC Binding T able. The following screen displays: T able 26 describes the information displayed in the MAC Binding T able screen.
196 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches network administrator defines an ACL rule that says port number 20 can receive TCP packets. However , if a UDP packet is received, the packet is dropped. ACLs are composed of access control entries (ACE), or rules, that consist of the filters that determine traffic classifications.
197 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches IP R ules Use the IP Rules screen to define rules for IP-based standard ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded.
198 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Logging . When set to Enable, logging is enabled for this ACL rule (subject to resource availability in the device).
199 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 2. Select the ACL ID to add the rule to, and select the check box in the Extended ACL Rule table. The extended ACL Rule Configuration screen displays. 3. Configure the fields for the new rule.
200 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches during the current report interval. A fixed 5-minute report interval is used for the entire system. A trap is not issued if the ACL rule hit count is 0 for the current interval. This field is available for a deny action.
201 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches alternative ways of specifying a match criterion for the same Service T ype field in the IP header; however , each uses a dif ferent user notation. After you select the service type, specify the value associated with the type.
202 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. Click ADD . T o delete an IPv6 ACL, select the check box associated with the rule and click DELETE . IPv6 R ules Use the IPv6 Rules screen to configure the rules for the IPv6 access control lists.
203 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. Configure the settings for the new rule. • Rule ID . Enter a whole number in the range of 1–10 that is used to identify the rule. An IPv6 ACL might have up to 10 rules. • Action . Specify what action must be taken if a packet matches the rule's criteria.
204 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Select one of the keywords from the list: DOMAIN, ECHO, FTP , FTPDA T A, HTTP , SMTP , SNMP , TELNET , TFTP , and WWW . Each of these values translates into its equivalent port number , which is used as both the start and end of a port range.
205 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The following screen displays: 2. Select an existing IP ACL from the ACL ID menu. The packet filtering direction for ACL is Inbound, which means the IP ACL rules are applied to traf fic entering the port.
206 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches IP Binding T able Use the IP Binding T able screen to view or delete the IP ACL bindings. T o display the IP Binding T able, click Security ACL > Advanced IP Binding T able .
207 7 7. Monit or ing t he S y st em Use the features available from the Monitoring tab to view various information about the switch and its ports and to configure how the switch monitors events.
208 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches P orts The screens available from the Ports menu contain various information about the number and type of traffic transmitted from and received on the switch.
209 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Unicast Packets Received . The number of subnetwork-unicast packets delivered to a higher layer protocol. • Multicast Packets Received . The total number of packets received that were directed to a multicast address.
210 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches P ort Statistics The Port Statistics screen displays a summary of per-port traffic statistics on the switch. T o display a summary of per-port traffic statistics and clear or refresh the counters: 1.
21 1 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • T o clear the counters for a specific interfaces, select the check box associated with the port and click CLEAR . Y ou can also enter the interface name in the Go T o Interface field and click GO .
212 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Port Role . Each MST bridge port that is enabled is assigned a port role for each spanning tree. The port role can be one of the following values: Root Port, Designated Port, Alternate Port, Backup Port, Master Port, or Disabled Port.
213 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Packets Received 65-127 Octets . The total number of packets (including bad packets) received that were 65 through 127 octets in length inclusive (excluding framing bits but including FCS octets).
214 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Overruns . The total number of frames discarded as this port was overloaded with incoming packets, and was not able to keep up with the inflow .
215 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Use the buttons at the bottom of the screen to perform the following actions: • Click CLEAR to clear all the counters. This resets all statistics for this port to 0. • Click REFRESH to display the most current statistics.
216 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Last Frame Source . The source MAC Address attached to the most recently received EAPOL frame. • Invalid Frames Received . The number of unrecognized EAPOL frames received on this port.
217 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o display cable information: 1. Select Monitoring Ports Cable T est . The following screen displays: 2.
218 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Failure Location . The estimated distance in meters from the end of the cable to the failure location. The failure location is displayed only if the cable status is Open Cable, Short Cable, or No Cable.
219 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure the Buffered Logs settings: 1. Select Monitoring Logs Buffered Logs . The following screen displays: 2. In the Admin Status field select Enable to enable system logging or Disable to disable it.
220 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The syslog message includes the following fields: • Date • T ime • Module ( AAA in the example above). • Severity ( I in the example above). • Action ( DISSCONNECT in the example above).
221 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Port . Specify the port on the host to which syslog messages are sent. The default port is 514. • Severity Filter . Select the severity of the logs to send to the logging host. Logs with the selected severity level and all logs of greater severity are sent to the host.
222 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T rap Logs Use the T rap Logs screen to view information about the SNMP traps generated on the switch. T o view SNMP traps: • Select Monitoring Logs T rap Logs . The following screen displays: The Number of T raps Since Last Reset field is displayed.
223 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Mirroring The screen you access from the Mirroring menu enables you to view and configure port mirroring on the system. Port mirroring selects the network traffic for analysis by a network analyzer .
224 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Enable . Multiple-port mirroring is active on the selected port (that is, on all the configured source ports). • Disable . Port mirroring is not active on the selected port, but the mirroring information is retained.
225 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches System R esources Utilization The switch architecture uses a T ernary Content Addressable Memory (TCAM) to support packet actions in wire speed. TCAM holds the rules produced by other applications.
226 8 8. Maint enan ce Use the features available from the Maintenance tab to help you manage the switch. The Maintenance tab contains menus that provide access to the following features: • Reset .
227 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches R eset The Reset menu contains links that provide access to the features described in the following sections: • Device Reboot • Factory Default Device R eboot Use the Device Reboot screen to reboot the switch.
228 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Factory Default Use the Factory Default screen to reset the system configuration to the factory default values. Note: If you reset the switch to the default configuration, the IP address is reset to 192.
229 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Upload a File from the Switch The switch supports system file uploads from the switch to a remote system by using either TFTP or HTTP . Upload F ile T ypes The following types of files can be uploaded from the switch: • Archive .
230 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o upload a file from the switch to the TFTP server: 1. Select Maintenance Upload TFTP File Upload . The following screen displays: 2. Use the File T ype list to select the type of file you want to upload.
231 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 8. Select the Start File T ransfer check box to enable the file upload when you click APPL Y 9. Click APPL Y to begin the file transfer (upload). When the transfer actually begins, the last row of the table displays information about the progress of the file transfer .
232 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Download a File to the Switch The switch supports system file downloads from a remote system to the switch by using either TFTP or HTTP . Download F ile T ypes The following types of files can be downloaded to the switch: • Archive .
233 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o download a file to the switch from a TFTP server: 1. Select Maintenance Download TFTP File Download . The following screen displays: 2. From the File T ype list, select the type of file you want to download to the switch.
234 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 6. In the Remote File Name field, specify the name of the file to download from the TFTP server . Y ou can enter up to 32 characters. A file name with a space is not accepted. 7. Select the Start File T ransfer check box to enable the file upload when you click APPL Y .
235 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • T ext Configuration . A text-based configuration file. 3. In the Select File field, enter the name of the file that you want to download or click Browse to open a file upload window to locate the file.
236 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure Dual Image settings: 1. Select Maintenance > File Management > Dual Image > Dual Image Configuration . The following screen displays: 2. In the Image Name field, select one of the images from the list.
237 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The following screen displays: The Dual Image Status screen displays the following: • Image1 V er . The version of the image1 code file. • Image2 V er . The version of the image2 code file.
238 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T roubleshooting The T roubleshooting menu contains links that provide access to the features described in the following sections: • Ping • Ping IPv6 • T raceroute • Remote Diagnostics Ping Use the Ping screen to instruct the switch to send a ping request to a specified IP address.
239 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches The initial value is blank. This information is not retained across a power cycle. The maximum number of characters in a name is 160. 3. Optionally , configure the following settings: • In the Count field, specify the number of pings to send.
240 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 2. In the Ping field, select either Global or Link Global to select either the global IPv6 Address or host name or link local address to ping.
241 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o configure the T raceroute settings and send probe packets to discover the route to a host on the network: 1. Select Maintenance T roubleshooting T raceroute . The following screen displays: 2.
242 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches R emote Diagnostics The Remote Diagnostics screen lets you enable T elnet for diagnostic purposes. T o configure the remote diagnostics feature: 1. Select Maintenance T roubleshooting Remote Diagnostics .
243 9 9. Help Use the features available from the Help tab to connect to online resources for assistance, and to register your device..
244 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Online Help The Online Help link provides links to the sections described in the following sections: • Support • User Guide Support Use the Support screen to connect to the online support site at netgear .
245 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches User Guide Use the User Guide screen to access this guide, which is available on the NETGEAR website. T o access the user guide: 1. Select Help User Guide . The following screen displays: 2.
246 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches R egistration Use the Registration screen to register your switch. Completing the registration confirms your email address, lowers technical support resolution time, and ensures your shipping address accuracy .
247 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches T o register the switch: 1. Select Help Registration . The following screen displays: 2. Click REGISTER to register the switch. The switch attempts to contact the NETGEAR registration server .
248 A A. Har dw ar e Spec if i cati ons and De f ault V alue s The GS752TP , GS728TP , and GS728TPP switches conform to the TCP/IP , UDP , HTTP , ICMP , TFTP , DHCP , IEEE 802.1D, IEEE 802.1 p, and IEEE 802.1Q standards. They also conform to the IEEE802.
249 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches MAC addresses 8 K Green Ethernet Automatic power-down on port when link is down, short cable mode and EEE mode Feature V alue.
250 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Switch Features and Defaults Feature Sets Supported Default Auto negotiation/static speed/duplex All ports Auto-negotiation Auto MDI/MDIX N/A Enabled 802.
251 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Password control access 1 Idle time-out = 5 minutes Password = password Management security 1 profile with 20 rules for HTTP/HTTPS/SNMP acce.
252 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Number of ARP cache entries 1024 in switch mode, approximately 100 in router mode N/A Number of DHCP snooping bindings 8K N/A Number of DHCP.
253 B B. C onf igur ati on Ex am pl es This chapter contains information about how to configure the following features: • Virtual Local Area Networks (VLANs) • Access Control Lists (ACLs) • Differentiated Services (DiffServ) • 802.
254 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Virtual Local Area Networks (VLANs) A local area network (LAN) can generally be defined as a broadcast domain. Hubs, bridges, or switches in the same physical segment or segments connect all end node devices.
255 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Packets leaving the switch are either tagged or untagged, depending on the setting for that port’s VLAN membership properties. A U for a given port means that packets leaving the switch from that port are untagged.
256 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Access Control Lists (A CLs) ACLs ensure that only authorized users have access to specific resources while blocking of f any unwarranted attempts to reach network resources.
257 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Destination MAC . 01:02:1A:BC:DE:EF • Destination MAC Mask . 00:00:00:00:FF:FF • Source MAC . 02:02:1A:BC:DE:EF • Source MAC Mask . 00:00:00:00:FF:FF • VLAN ID . 2 For more information about MAC ACL rules, see MAC Rules on page 191.
258 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches departments. T raf fic from the Finance department is identified by each packet’s network IP address. 1. In the IP ACL screen, create an IP ACL with an IP ACL ID of 1. For more information, see IP ACL on page 195.
259 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Differentiated Services (DiffServ) Standard IP-based networks are designed to provide best effort data delivery service. Best effort service implies that the network delivers the data in a timely fashion, although there is no guarantee that it will.
260 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Layer 4 protocol (such as TCP or UDP) • Layer 4 source and destination ports • Source and destination IP addresses From a DiffServ p.
261 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches • Dropping . Drops a packet upon arrival. This is useful for emulating access control list operation using DiffServ , especially when Dif fServ and ACL cannot co-exist on the same interface.
262 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 3. Configure the following settings for Class1: • Protocol T ype . UDP • Source IP Address . 192.12.1.0 • Source Mask . 255.255.255.0 • Source L4 Port . Other , and enter 4567 as the source port value • Destination IP Address .
263 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Also the confirmed action on this flow is to send the packets with a committed rate of 10,000 Kbps and burst size of 128 KB. Packets that violate the committed rate and burst size are dropped.
264 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Access control is achieved by enforcing authentication of supplicants that are attached to a controlled ports of the authenticator . The result of the authentication process determines whether the supplicant is authorized to access services on that controlled port.
265 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches a force-authorized state and does not require any authentication. When the Port Control setting is Auto, the authenticator P AE sets the controlled port mode. 3. In the Guest VLAN field for ports g1–g8, enter 150 to assign these ports to the guest VLAN.
266 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches MSTP Spanning T ree Protocol (STP) runs on bridged networks to help eliminate loops. If a bridge loop occurs, the network can become flooded with traffic.
267 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches receive and transmit MSTP BPDUs. The MST configuration identifier has the following components: 1. Configuration identifier format selector 2. Configuration name 3. Configuration revision level 4.
268 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches In this example, ports g1–g5 are connected to host stations, so those links are not subject to network loops.
269 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches For more information, see CST Configuration on page 94. 5. In the CST Port Configuration screen, select ports g1–g8 and select Enable from the STP Status list. For more information, see CST Port Configuration on page 96.
270 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Configure VLAN R outing with Static Route VLAN R outing Overview VLANs divide broadcast domains in a LAN environment. Whenever hosts in one VLAN need to communicate with hosts in another VLAN, the traffic must be routed between them.
271 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Note: Y ou can use the VLAN Routing Wizard for creating VLANs, adding ports, and enabling them for routing by assigning the IP address and mask.
272 C C. Notif i cati on o f C om pli ance NET GEAR W ir ed Pr oducts Regulatory Compliance Information This section includes user requirements for operating this product in accordance with National laws for usage of radio spectrum and operation of radio devices.
GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches 273 FCC Guidelines for Human Exposure This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance of 20 cm between the radiator and your body .
274 Index Numerics 802.1p to queue mapping 142 802.1x 263 configuration 175 sample configuration 264 A access control 172 ACLs 187 management interface 169 Access Control Lists (ACLs) 187 , 256 access.
275 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches E EAP statistics 215 EAPOL 215 F factory defaults 228 Fan Status LED 20 firmware download 232 flow control 73 forwarding database address ta.
276 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches searching address table 122 MAC ACLs 190 binding configuration 193 binding table 195 rules 191 sample configuration 256 management security .
277 GS752TP , GS728TP , and GS728TPP Gigabit Smart Switches Spanning T ree Protocol (STP) 91 SSL 170 static multicast address 119 storm control 182 STP configuration 92 support 244 switch features and.
デバイスNETGEAR GS728TPPの購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
NETGEAR GS728TPPをまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはNETGEAR GS728TPPの技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。NETGEAR GS728TPPの取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。NETGEAR GS728TPPで得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
NETGEAR GS728TPPを既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はNETGEAR GS728TPPの不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、NETGEAR GS728TPPに関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちNETGEAR GS728TPPデバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。