Gebruiksaanwijzing /service van het product SG50028PK9NA van de fabrikant Cisco Systems
Ga naar pagina of 638
Cis c o 500 S erie s St ackable Manage d S witch Administration Guide Releas e 1 .3.5 ADMINISTR A TION GUIDE.
Cisco 500 S eries Stackable Manage d Switch Administration Guide 1 Con t en ts T able of C onten t s Chapter 1: Getting Started 1 Starting the Web-based Configuration Utility 1 Quick Start Device Conf.
Cisco 500 Serie s Stackable Managed Switch Admin istration Guide 2 Con te nt s Upgrade/Backup Firmware/Language 37 Active Image <Sx300-500> 41 Download/Backup Configuration/Log 42 Configuration .
Cisco 500 S eries Stackable Manage d Switch Administration Guide 3 Con t en ts Time Settings<print only> 112 System Log<print only> 112 File Management<print only> 113 Rebooting the .
Cisco 500 Serie s Stackable Managed Switch Admin istration Guide 4 Con te nt s Chapter 10: Administration: Unid irectional Link Detection 183 UDLD Overview 183 UDLD Operation 184 Usage Guidelines 187 .
Cisco 500 S eries Stackable Manage d Switch Administration Guide 5 Con t en ts Built-in Smartport Macros 236 Chapter 13: Port Management: PoE 248 PoE on the Device 248 Configuring PoE Properties 251 C.
Cisco 500 Serie s Stackable Managed Switch Admin istration Guide 6 Con te nt s Chapter 16: Managing MAC Address Tables 308 Configuring St atic MAC Addresses 309 Managing Dynamic MAC Addresses 310 Defi.
Cisco 500 S eries Stackable Manage d Switch Administration Guide 7 Con t en ts Overview 416 Configurable Elements of VRRP 420 Configuring VRRP 423 Chapter 21: Security 428 Defining Users 430 Configuri.
Cisco 500 Serie s Stackable Managed Switch Admin istration Guide 8 Con te nt s <Sx300-500>Defining Time Ranges 510 <Sx300-500>Authentication Method and Port Mode Support 511 Chapter 23: Se.
Cisco 500 S eries Stackable Manage d Switch Administration Guide 9 Con t en ts Chapter 26: Security: Secure Sensitive Data Management 562 Introduction 562 SSD Rules 563 SSD Properties 569 Configuratio.
Cisco 500 Serie s Stackable Managed Switch Admin istration Guide 10 Con te nt s Defining SNMP Communities 647 Defining Trap Settings 649 Notification Recipients 650 SNMP Notification Filters 654.
1 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion ) 1 Get ting St ar te d This section provides an introduction to the web-bas ed configuration u.
Getting Started Star ting the W eb -bas ed Configur a tion Utilit y 2 Cisco Small Busines s 200 , 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1 NOTE When the device is using the f act or y default IP addr ess of 192. 168.
Get ting Star te d Star ting the Web-b ase d C on figura tion Utilit y Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 3 1 When the login at tempt is succes sful, the Get ting Star ted page app ears.
Getting Started Star ting the W eb -bas ed Configur a tion Utilit y 4 Cisco Small Busines s 200 , 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1 Configuration change s hav e not yet been saved t o the Star tup Configuration file.
Get ting Star te d Quick Star t Devic e Configur a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion ) 5 1 Quick Star t D evic e C onfigura tion T o simplify device configuration throug h quick navigation, the Getting Star ted page provides links t o the most commonly use d pages .
Getting Started In terface Naming C onven tions 6 Cisco Small Busines s 200 , 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1 Inter face Naming C onventions Within the GU.
Get ting Star te d Dif fer ences B etween 500 D evice s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion ) 7 1 • Enabling IP v 4 routing is done differ ently in the devices , as f ollows : - SG500XSG500X G/ESW2-550X —IP v 4 routing must be enabled in the IP v 4 Inter face page.
Getting Started W indow Na viga tion 8 Cisco Small Busines s 200 , 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1 Window Na viga tion This se ction describ es the f eatures of the web- base d switch configuratio n utility.
Get ting Star te d W indow Naviga tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion ) 9 1 Language Menu This menu provides the f ollowing options : • Sele ct a language: Sele ct one of the languages that appear in the menu.
Getting Started W indow Na viga tion 10 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1 Management But tons The f ollowing table de scrib es the commonly-use d but t ons that appear on various pages in the system.
Get ting Star te d W indow Naviga tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 11 1 Cop y Sett in gs A table typically c ontains one or mor e entries containing configuration s ett ings.
Getting Started W indow Na viga tion 12 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 1.
2 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 13 St a tus and St a tistic s This sect ion describ es how to view device statistic s.
Status and Statistics Vi e w in g Et h e r n e t I nt e r fa c e s 14 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 T o displa y Ethernet statistics and/ or s et the refr esh rate: STEP 1 Click Sta tus and Statistics > Interfac e .
Status and Statistic s V iewing E therlike Sta tis tics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 15 2 Viewing Etherlik e St a tistics The Etherlik e page displays statistics per p or t according to the Etherlik e MIB standard definition.
Status and Statistics V iewing G VRP Sta tistics 16 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 • Click View All Interface s Statistics to see all por ts on a single page.
Status and Statistic s V iewing 802. 1 X E AP S ta tis tics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 17 2 • Invalid A t tribute V alue —In valid at tribute value err o rs. • Invalid A ttribute Length —Invalid attribute le ngth err ors.
Status and Statistics V iewing T C AM Utiliz a tion 18 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 • EAP Re que st /ID Frames T ransmit ted —E AP Req/ID frames transmit ted by the por t .
Status and Statistic s Health Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 19 2 • IP v4 Routing - In Use —Numb er of T CAM en tries use d f or IP v4 r outing. - Maximum — N u m b e r o f a v a i l a b l e TC A M e n t r i e s t h a t c a n b e u s e d fo r I P v4 ro ut i n g.
Status and Statistics Managing RMON 20 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 RMON decreases the traf fic bet ween the manager and the.
Status and Statistic s Managing RMON Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 21 2 • Pack ets Rec eived —Number of goo d packets r eceived, including Multicast and Broadcast packets. • B r oa dca st Pa c k et s R ece iv ed —Nu m ber of g ood Br oadca st pa ck ets r eceived .
Status and Statistics Managing RMON 22 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 • Frames of 512 to 1023 By te s —Number of frames , containing 512- 1023 by tes that wer e r ec eived.
Status and Statistic s Managing RMON Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 23 2 • Ow n e r —Enter the RMON station or user that requested the RMON inf o rmation. STEP 4 Click Apply .
Status and Statistics Managing RMON 24 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 • Fra g me nt s —Fragments (packets with les s than 64 octets) r eceived, ex clud ing framing bits, but including FC S octets.
Status and Statistic s Managing RMON Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 25 2 - Non e —No action occurs when the alarm goe s off . - Lo g ( E v e n t Lo g T a b l e) —Add a lo g entr y to the E vent L o g table when the alarm is trigger ed.
Status and Statistics Managing RMON 26 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2 D efining RMON Alarms RMON alarms pr ovide a mechanism f.
Status and Statistic s Vi e w L o g Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 27 2 • Rising Event —Select an event t o be per f ormed when a rising event is triggered. E v ents ar e cr eat ed in the E vents page.
Status and Statistics Vi e w L o g 28 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 2.
3 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 29 Administra tion: System Lo g This section de scribes the System L o g f eature, which enables the device to generat e multiple independent lo gs .
Administration: System Log Setting Syst em L o g Settings 30 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 3 The event severity levels ar e list ed from the highest s everity to the lowest s everity , as f ollows : • Eme r g en cy —Syst em is no t usable.
Administration: System Lo g Setting Remo te L ogging S ettings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 31 3 • Originator Identifier —Enable s adding an origin identifier to S YSL OG mes sages .
Administration: System Log Setting Remote L ogging S e ttings 32 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 3 NOTE If the Aut o option is selected, the system tak es the source IP addr es s from the IP address defined on the outgoing interface.
Administration: System Lo g Vi e w i n g M e m o r y L o g s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 33 3 Viewing Memor y Lo gs The device can write t o the f ollowin g logs: • L og in R AM (cleared during reboot).
Administration: System Log V iewing Memory Logs 34 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 3 This page contains the f ollowing fields: • Log Index —L og entr y number . • Log Time — T ime when mes sage was generated.
4 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 35 Administra tion: F ile Man agement This section de scribe s how syst em files are managed.
Administration: F ile Managemen t Sys tem F iles 36 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 Configuration files on the device are defined by their ty p e , and contain the set tings and parameter values f o r the device.
Administration: File Management Syste m Files Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 37 4 Only the syst em can copy the Star tup Configuration to the Mirr or Configuration. However , you can copy fr om the Mirr or Configuration to other file typ es or t o another device.
Administration: F ile Managemen t Upgrade/Backup Firmw are/Language 38 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 This se ction covers the.
Administration: File Management Upgrade/Backup Firm war e/Language Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 39 4 - Copy image from TFTP /S CP ser ver to mast er , using the Upgrade/ Backup Firmwar e/Language page.
Administration: F ile Managemen t Upgrade/Backup Firmw are/Language 40 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 • Ba c k u p —Specifies that a c opy of the file type is to be sav ed t o a file on another device.
Administration: File Management Upgrade/Backup Firm war e/Language Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 41 4 • Remote SSH S er ver Authentication — T o enable SS H s er ver authentication (which is disable d by default), click Edit .
Administration: F ile Managemen t Active I mage 42 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 - Link L ocal — The IP v6 address uniquely identifie s hosts on a single network link .
Administration: File Management Download/B ackup Configur a tion/L og Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 43 4 • Active Im age V ersion Numb er —Displays the firmwar e ve rsion of the active image.
Administration: F ile Managemen t D ownload/Backup Configura tion/Log 44 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 • C h a n g e Q u e u e s M o d e f r o m 4 t o 8 —Queue-relat e d configurations must be examined and adjust ed t o meet QoS obje ctives with the new Queues mode.
Administration: File Management Download/B ackup Configur a tion/L og Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 45 4 Select either Downlo ad or Backup as the Sa ve Acti o n . Dow n loa d Sa v e Act i on —Specifies that the file on another device replace s a file type on the device.
Administration: F ile Managemen t D ownload/Backup Configura tion/Log 46 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 • Link L ocal — The IP v6 address uniquely identifie s hosts on a single network link .
Administration: File Management Download/B ackup Configur a tion/L og Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 47 4 STEP 4 If you selected via HTTP /HTTPS , enter the paramet ers as described in this st ep.
Administration: F ile Managemen t D ownload/Backup Configura tion/Log 48 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 SSH Client Authentic a tion —Client authentication can be done in one of the f ollowing ways: • Use S SH Client —Sets permanent S SH us er cr edentials .
Administration: File Management Configur a tion Files Proper tie s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 49 4 If Sa v e Act ion is Bac.
Administration: F ile Managemen t Cop y /Sa ve Con figur at io n 50 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 STEP 2 If r equired, disable Auto Mirror C onfigura tion . This disables the aut omatic creation of mirr or configuration files .
Administration: File Management Auto Configura tion via DHCP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 51 4 • If you ar e backing up a configuration file, sele ct one of the f ollowing f ormats f or the b ackup file.
Administration: F ile Managemen t Auto Configur a tion via DHCP 52 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 Aut o Configura tion via DHCP v 4 is triggered in the f ollowi ng cases : • After r eboot when an IP addres s is allocated or renewed dynamically (using DHCP v 4) .
Administration: File Management Auto Configura tion via DHCP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 53 4 Auto C onfigura tion Downlo ad.
Administration: F ile Managemen t Auto Configur a tion via DHCP 54 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 Auto C onfigura tion Proc e .
Administration: File Management Auto Configura tion via DHCP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 55 4 • If the inf ormation is available, the TFTP /S CP ser v er is acces se d t o download the file from it.
Administration: F ile Managemen t Auto Configur a tion via DHCP 56 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 4 ser ver table. This ensures that each de vice has its own r eser ved IP addres s and other r elevant inf ormation.
Administration: File Management Auto Configura tion via DHCP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 57 4 • IP V e rsion —Select whether an IP v 4 or an IP v6 address is us ed. • IP v 6 Addres s Typ e —Select the IP v6 addres s ty pe (if IP v6 is used) .
5 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 58 Administrat ion: Stack Man agement This sect ion describ es how stacks are ma naged.
Administr a tion: Stack Managemen t Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 59 5 An example of eight devices conne ct ed into .
Administr a tion: Stack Managemen t T ype s of U nits in Stack Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 60 5 Typ e s of Units in St ack A stack consists of a maximum of eight units .
Administr a tion: Stack Managemen t T ype s of U nits in Stack Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 61 5 Unit LEDs The device has 4 LEDs marked as 1 , 2, 3, 4, which are use d t o display the unit ID of each unit (e.
Administr a tion: Stack Managemen t Stack T opolo gy Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 62 5 Stack T op olo gy T y pes o f S ta ck .
Administr a tion: Stack Managemen t Unit ID Assignmen t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 63 5 • Merging t wo stacks into a sing.
Administr a tion: Stack Managemen t Unit ID Assignmen t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 64 5 Duplicate Unit Shut D own The f ollowing shows a case where one of the duplicat e units (aut o-number ed) is re nu m b e re d .
Administr a tion: Stack Managemen t Mast er Sele c tion Pr oc ess Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 65 5 The f ollowing shows a case where one of the duplicat e units is r enumbered.
Administr a tion: Stack Managemen t Stack Changes Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 66 5 • MAC Addr es s—I f both units ID s ar e the same, the unit with the lowest MAC addr es s is chosen.
Administr a tion: Stack Managemen t Stack Changes Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 67 5 • One or more duplicat e unit ID s exist . Aut o numbering resolves conflicts and assigns unit ID s .
Administr a tion: Stack Managemen t Unit F ailure in Stack Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 68 5 The f ollowing shows what happ ens when a user -assigne d, mast er -enable d unit with Unit ID 1 joins a stack that already has a mast er unit with user -assigne d unit ID 1 .
Administr a tion: Stack Managemen t Unit F ailure in Stack Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 69 5 If a unit is inser ted into a ru.
Administr a tion: Stack Managemen t Sof t ware Auto S ynchronization in St ack Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 70 5 Re co nnec t.
Administr a tion: Stack Managemen t Stack Unit Mode Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 71 5 • Adva nced Hyb ri d— A de vi c e i n A dv an c e d H yb ri d m o de ca n b e c on ne c ted t o Sx 500 and SG500X /ESW2-550 X devic es to f orm a stack .
Administr a tion: Stack Managemen t Stack Unit Mode Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 72 5 C onsistency of St ack Unit Mode s in the St ack All units in the stack must have the same stack unit mode.
Administr a tion: Stack Managemen t Stack Unit Mode Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 73 5 Changing the Stack Unit Mo de Change th.
Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 74 5 • SG500XG: - Standalone to Native Stacki.
Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 75 5 • SG500XG Devic es— Any por ts can be stack or net work . By default the device is standalone.
Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 76 5 Pairs of Por ts The f ollowing table des c.
Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 77 5 Auto Sele c tion of Por t Spe e d Y ou can set the stacking cable t ype to be discover ed automatically when the cable is connected t o the por t (aut o-disc over y is the de fault setting) .
Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 78 5 The f o llowing describ es the po ss ible combinations of cable s typ es and po rt s.
Administr a tion: Stack Managemen t Stack Por ts Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 79 5 100Mbs S FP Module MFEBX 1 Not suppor ted .
Administr a tion: Stack Managemen t Default Configur a t ion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 80 5 D efault C onfigura tion The f.
Administr a tion: Stack Managemen t Syst em Mode s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 81 5 • Change the stack mode of a device t o one of the stacking modes , change the unit ID , stack p or ts, and the spee d of the stack p orts of all the devices in a stack .
Administr a tion: Stack Managemen t Syst em Mode s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 82 5 STEP 1 Click Admin ist ra tion > System Mo de and Stack Management .
Administr a tion: Stack Managemen t Syst em Mode s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 83 5 • Model Name —Mo del name of a known and active unit .
5 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 57 Administra tion This section describ es how to view syst em inf ormation and configure various options on the device.
Administration Dev i ce M ode l s 58 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 D evic e Mo dels All models can be fully manage d through the web-base d switch configuration utility. NOTE Each model can be s et to La y er 3 system mode by using the System Mode and Stack Management page.
Admin ist ra ti on Dev ice M od el s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 59 5 SG500 -28P SG500 -28P -K9 28-Port Gigabit PoE Stackabl.
Administration Syst em Settings 60 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 System S et tings The Syst em Summar y page prov ides a grap hic view of the devic e, and displa ys device status, hardwar e inf ormation, firmwar e v ersion inf ormation, general P oE status, and other items.
Admin ist ra ti on Syst em Settings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 61 5 • System Uptime — T ime that has elaps ed since the last reboot . • Current Time —Current syst em time.
Administration Syst em Settings 62 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 • SNMP Ser vice —Displays whether SNMP is enable d/ disable d. • Te l n e t S e r v i c e —Displays whether T elnet is enabled/ disabled.
Admin ist ra ti on Cons ole Settings (Autobaud Ra te Suppor t) Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 63 5 - Us e D ef au l t — The d.
Administration Management In terface 64 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 STEP 1 Click Adm in ist ra tion > Con so l e Se t ti n g s . STEP 2 Select one of the f ollowing: • Au to D e te c ti on — The cons ole baud rate is det e cted aut omatically .
Admin ist ra ti on Ti m e S e t t i n g s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 65 5 T o s et the idle se ssion time out f or various t ype s of ses sions: STEP 1 Click Admin ist ra tion > Idle Se s sion Timeout .
Administration Reb o ot in g t he D evi c e 66 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 There ar e cases when you might pr ef er to set the t ime of the reboot for some time in the futur e.
Admin ist ra ti on Routing R es ource s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 67 5 • Rebo ot to Factor y D efaults —Reboots the device by using the fact or y default configuration. This proces s erase s the Star tup Configuration file and the backup configuration file.
Administration Rou tin g Res ourc e s 68 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 If IP v6 r outing is enabled on the device, the f ollo.
Admin ist ra ti on Routing R es ource s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 69 5 • To t a l —Displays the number of T C AM entries which are curr ently b eing used.
Administration Health 70 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 STEP 3 Sav e the new set tings by clicking Apply . This checks the f easibilit y of the T CAM allocation. If i t is incorrect , an error mes sage is displayed.
Admin ist ra ti on Diagno stics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 71 5 T o view t he device health parameters, click St atus and Statistic s > Health . If the device is in Standalone mode , the f ollowing fields ar e display ed: • Fan S t atu s —F an status.
Administration Disc over y - Bonjour 72 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 Dis c over y - B onjour See Bo n jo ur . Dis c over y - LLDP See Configuring LLDP . Dis c over y - CDP See Configuring CDP .
Admin ist ra ti on Ping Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 73 5 in this drop-down field. If the Ho st Defi nition field was By IP Address , only the ex isting IP addresse s of the typ e spec ifie d in the IP V ersion field wil l be display ed.
Administration T r aceroute 74 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5 T rac eroute T raceroute discovers the IP r outes along which packets wer e forwarded by sending an IP packet t o the target host and back t o the device.
Admin ist ra ti on T raceroute Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 75 5 • TT L —Enter the ma ximum number of hops that T rac er out e permits. This is used to pr ev ent a case wher e the sent frame gets int o an endless lo op.
Administration T r aceroute 76 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5.
Admin ist ra ti on T raceroute Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 77 5.
Administration T r aceroute 78 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5.
Admin ist ra ti on T raceroute Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 79 5.
Administration T r aceroute 80 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5.
Admin ist ra ti on T raceroute Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 81 5.
Administration T r aceroute 82 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 5.
Admin ist ra ti on T raceroute Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 83 5.
6 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 72 Administra tion: Time S et tings Synchr onized syst em clocks provide a frame of ref erence betw een all devices on the network .
Administ ra tion: Time Set tings Syst em T ime Options Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 73 6 System Time Options Syst em time can be se t manually by the user , d ynamically from an SNTP ser ver , or synchroniz ed from the PC running the GUI.
Administration: Time Settings SNTP Mo des 74 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 Time Zone and Daylight Savings Time (DST ) The T i.
Administ ra tion: Time Set tings Configuring Sys t em T ime Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 75 6 C onfiguring System Time S elec ting S ource of System Time Use the System T ime page to select t he syst em time source.
Administration: Time Settings Configuring Syst em T ime 76 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 Manual Set tings —S et the date and time manually . The local time is used when there is no alt ernate sour ce of time, such as an SNTP s er ver : • Date —Ent er the system dat e.
Administ ra tion: Time Set tings Configuring Sys t em T ime Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 77 6 - Fro m —Day and time that DST start s.
Administration: Time Settings Configuring Syst em T ime 78 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 • IP v4 S ource Inter face —S el.
Administ ra tion: Time Set tings Configuring Sys t em T ime Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 79 6 • Sou rce —How SNTP s er ver was defined, f or e xample : manually or from DHCP v6 ser ver .
Administration: Time Settings Configuring Syst em T ime 80 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 is a secondar y ser ver , and so f orth.
Administ ra tion: Time Set tings Configuring Sys t em T ime Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 81 6 Select an interfac e and select the reception/transmis sion options. STEP 4 Click Apply to sav e the set tings t o the Running Configuration file.
Administration: Time Settings Configuring Syst em T ime 82 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 • Authentication K ey —Enter the ke y use d f or aut hentication (up to eight characters ) .
Administ ra tion: Time Set tings Configuring Sys t em T ime Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 83 6 of the network is blo ck ed (see Chapter 9 , “C onfiguring Por t s ” and Chapter 9 , “Configuring L AG Set tings” ) • Limit PoE operation to a specifie d period.
Administration: Time Settings Configuring Syst em T ime 84 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 6 STEP 3 T o add a new recurring time range, click Add .
7 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 85 Administra tion: Diagno stic s This section c ontains inf ormation f or configuring por t mirroring, running cable tests, and viewing device op erational inf ormation.
Administration: Diagnostics Te s t i n g C o p p e r P o r t s 86 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 7 • (Optional) Disable EEE (see the Port Management > Green Ethernet > Pr oper ties page) Use a CA T5 data cable when t esting cables using ( VCT ) .
Administration: Diagno stic s Displaying Op tical Mo dule Sta tus Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 87 7 I f t h e p o r t b e i n.
Administration: Diagnostics Displa ying Optical Module Sta tus 88 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 7 • MGBLH 1 : 1000BA SE-LH S FP transc eiver , f or single-mo de fiber , 1310 nm wav elength, suppor ts up to 40 km.
Administration: Diagno stic s Configuring P or t and VL AN Mirroring Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 89 7 C onfiguring Por t and.
Administration: Diagnostics V iewing CP U Utiliz a tion and Secure Core T echnolo gy 90 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 7 - Active —B oth source and destination inter faces are up and f orwarding traffic.
Administration: Diagno stic s V iewing CPU Utiliz ation and S ecure Core T e chnolo gy Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 91 7 Excessive traf fic bur dens the CPU , and might prev ent normal device operation.
8 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 92 Administra tion: Dis c over y This sect ion pr ovides inf ormation f or configuring Dis cover y .
Administration: Disc over y Bon jo ur Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 93 8 When Bonjour Discover y is disable d, the device st ops any ser vice typ e adver tisements and does not respond to r equests f or ser vic e fr om network management applications.
Administration: Discovery LLDP and CDP 94 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 STEP 3 Click Apply to updat e the Running Configuration file. STEP 4 T o enable Bonjour on an interface, click Add.
Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 95 8 • CDP and LLDP end devices, such as IP phones, learn the voice VL AN configuration from CDP and LLDP adv er tisements .
Administration: Discovery Configuring LLDP 96 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Displaying LLD P Loc al Information • Displ.
Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 97 8 4. A s sociate LLDP MED netw ork policies and the optional LLDP- MED TL Vs t o the desired int er faces by using the LLDP MED Port Set tings page.
Administration: Discovery Configuring LLDP 98 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Chassis ID Adver tisement —Select one of the f ollowing options f or advertis ement in the LLDP mes sage s: - MAC Address —Adver tise the MAC address of the device.
Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 99 8 • SNMP Notification —Select En able to send notifications t o SNMP notification recipients; f or example, an SNMP managing system, when ther e is a topology change.
Administration: Discovery Configuring LLDP 100 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 - Auto Adver tis e —Spe cifies that the sof tware would aut omatically choos e a management ad dr es s to adv er t ise from all the IP addr es ses of the product .
Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 101 8 Set ting LLDP MED Net work Policy An LLDP -MED net work policy is a relat e d set of configuration s ettings fo r a specific real-time application such as vo ice, or vide o.
Administration: Discovery Configuring LLDP 102 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • VL AN T ag —S elect whether the traffic is T agge d or Untagged. • User Priorit y —Select the traffic priorit y applied to traffic defined by this network p olicy .
Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 103 8 • SNMP Notification —Sele ct whether S NM.
Administration: Discovery Configuring LLDP 104 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 LL D P P o r t S tat u s Gl ob al In fo r m ati o n • Chas sis ID Subt ype — T ype of chas sis ID (f or e xample, MAC addr ess).
Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 105 8 Click LLDP L ocal Inf ormation Details to see the details of the LLDP and LLDP MED TL V s sent to the neighbor .
Administration: Discovery Configuring LLDP 106 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 MA C/PHY Details • Auto-Negoti ation Suppor ted —Por t spee d auto-negotiation suppor t status .
Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 107 8 • Current Capabilitie s —MED capabilities enabled on the p or t . • Dev ice C l a ss —LLDP -MED endp oint device class .
Administration: Discovery Configuring LLDP 108 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • VL AN Typ e — VLAN t ype for which the network policy is define d. The po ssible field value s ar e: - Ta g g e d —Indicates the network policy is define d f o r tagged VL ANs .
Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 109 8 The LLDP Neighbor Inf ormation page contains the f o llowing fields: Por t Details • Lo ca l Por t —P or t number .
Administration: Discovery Configuring LLDP 110 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Auto-Ne gotiation Enabled —Por t spe ed auto-negotiation active status. The pos sible values are T rue and F alse.
Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 111 8 • Remote R x —Indicates the time (in micr.
Administration: Discovery Configuring LLDP 112 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 802. 1 VL AN and Protocol • PVI D —Adv ertise d por t VL AN ID . PPVID T able • VID —Pro tocol VLAN ID .
Administration: Disc over y Configuring LLDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 113 8 Access i n g L L D P S ta t i s t i cs The LLDP Statistics page displays LLDP statistica l inf o rmation per p or t .
Administration: Discovery Configuring LLDP 114 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 T o view LLDP overloading inf ormation: STEP 1 Click Adm in ist ra tion > Disc over y - LLDP > LLDP O verlo ading .
Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 115 8 - Status —If the LLDP MED extended p ower via MDI packets were sent , or if they were overloade d.
Administration: Discovery Configuring CDP 116 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 S et ting CDP Proper tie s Similar to LLDP , CDP .
Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 117 8 • CDP V e rsion —Select the version of CDP t o use.
Administration: Discovery Configuring CDP 118 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Syslo g Duplex Misma tch —Check to send a SY S L OG mes sage when duplex inf ormation is mismatched.
Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 119 8 This page provides the f ollowing fields : • Interfac e —Sele ct the interface to be defined.
Administration: Discovery Configuring CDP 120 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Syste m Na me T L V - Sys te m N am e — S ystem name of the device. • Address TL V - Addres s 1 -3— IP addres ses (adver tised in the devic e address TL V ) .
Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 121 8 • CoS f or Untr ust ed Ports TL V - CoS for Untruste d Por ts —If Ex tended T rust is disable d on the por t , this fields displa ys the Layer 2 CoS v alue, meaning, an 802.
Administration: Discovery Configuring CDP 122 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8 • Sys te m N am e —Neighbors system name. • Loc al Inter face —Numb er of the local por t to which the neighbor is conne ct ed.
Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 123 8 NOTE Clicking on the Clear T able but ton disconnect all c onnected devices if from CDP , and if Aut o Smartp or t is enabled change all por t t ype s t o default .
Administration: Discovery Configuring CDP 124 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 8.
Administration: Disc over y Configuring CDP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 125 8.
9 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 124 Por t Management This section de scribe s por t configurat ion, link aggregation, and the Green Ethernet f eature.
Por t Management Setting Por t C onfigur a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 125 9 7 . If PoE is suppor ted and enabled f or the device, configure the device as descr ibed in Por t Management: PoE .
Port Management Setting Por t Configura tion 126 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 - Combo F iber — S FP Fiber G igabit I nter face Conver ter Por t with the f ollowing value s: 100M and 1000M (typ e: C omboF ).
Por t Management Setting Por t C onfigur a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 127 9 • Administrative Duplex Mode —Select the p or t duplex mode. This field is configurable only when aut o-negotiation is disabled, and the p or t spee d is s e t to 1 0 M o r 1 0 0 M .
Port Management Setting Por t Configura tion 128 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 - MDI —Sele ct to connect this device to a station by using a straight through cable.
Por t Management Link Aggrega tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 129 9 • Por t Se curit y —Select to enable the err or recover y mechanism for the port securit y err -disable state.
Port Management Link Aggr egation 130 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 Link Aggregation O ver view Link Aggr egation Control Prot o col (L ACP) is part of the IEEE spe cification ( 802.
Por t Management Link Aggrega tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 131 9 Ev er y LAG has the f ollowing charact eristics : • All por ts in a LAG must be of the s ame media t ype.
Port Management Link Aggr egation 132 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 T o configure a dynamic LAG, per f orm the f ollowing actions : 1.
Por t Management Link Aggrega tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 133 9 • Unit /Slot— Displays the stacking member f or which L AG inf ormation is defined.
Port Management Link Aggr egation 134 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 • Re activate Suspende d L AG —Select t o r eactivat e a p ort if the L AG has been dis abled through the lock ed por t se curit y option or thr ough A CL configurations .
Por t Management Link Aggrega tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 135 9 C onfiguring LA C P A dynamic LAG is LACP -enabled, and LACP is run on ever y candidate por t defined in the L AG.
Port Management Link Aggr egation 136 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 However , ther e are cases when one link par tner is temporarily not configured f or LACP .
Por t Management UDLD Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 137 9 STEP 5 Click Apply . The Running Configuration file is updated. UDLD See Por t Management : Unidirection al Link Dete ction .
Port Management Configuring Gr een Etherne t 138 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 operational mode is fast , transparent , and no frames are lost . This mode is suppor ted on both GE and FE por ts .
Por t Management Configuring Gr een Etherne t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 139 9 Power Saving by Dis abling Por t LEDs The Dis able Port LED s f eature allows the us er t o sav e extra power consumed by device LEDs .
Port Management Configuring Gr een Etherne t 140 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 LLDP is use d t o select the optimal s et of paramet ers f or b oth devices . If LLDP is not suppor ted by the link par tner , or is disabled , 802.
Por t Management Configuring Gr een Etherne t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 141 9 Default Configuration By default, 802.3az EEE and EEE LLDP are enabled globally and per por t .
Port Management Configuring Gr een Etherne t 142 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 STEP 4 T o s ee 802.3 EEE-r elat ed inf ormation on the local device, open the Administration > Disc over y LLDP >LLDP Local Inf ormation page, and view the inf ormation in the 802.
Por t Management Configuring Gr een Etherne t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 143 9 STEP 3 Click Apply . The Gr een Ethernet Proper ties ar e written t o the Running Configuration file.
Port Management Configuring Gr een Etherne t 144 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 9 NOTE Shor t -r each mode is only suppor ted on RJ45 GE por ts; it doe s not apply t o Combo por ts .
Por t Management Configuring Gr een Etherne t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 145 9.
10 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 146 Por t Management : Unidire ction al Link D ete c tion This sect ion describ es how the Unidirectional Link D etection (UDLD) f eature.
Por t Management: Unidire ctional Link Dete ction UDLD Op er a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 147 10 All connected device s must suppor t UDLD f or the prot o col to succes sfully detect unidir ectional links .
Port Management: Unidirectional Link Detection UDLD Opera tion 148 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 10 UDLD is enabled on a por t when one of the f ollowing occurs : • The por t is a fiber por t and UDLD is enabled globally .
Por t Management: Unidire ctional Link Dete ction UDLD Op er a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 149 10 If an interface is do.
Port Management: Unidirectional Link Detection Usage Guideline s 150 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 10 UDLD again begins running on the p or t . If the link is still un idir ectional, UDLD shuts it down again after the UDLD e xpiration time e xpir es , f or instanc e.
Por t Management: Unidire ctional Link Dete ction Default Settings and Configur a tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 151 10 • UDLD and La yer 2 Pr ot ocols UDLD runs on a por t independently from other La yer 2 pr otocols running on the same por t , such as S TP or LACP .
Port Management: Unidirectional Link Detection Configuring UDLD 152 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 10 STEP 2 Click Apply Wor k f.
Por t Management: Unidire ctional Link Dete ction Configuring UDLD Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 153 10 • Fiber Port UDLD D efault State — This field is only relevant f or fib er por ts.
Port Management: Unidirectional Link Detection Configuring UDLD 154 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 10 determination (if there was one), or since UDLD began running on the por t , so that the state is not y et dete rmined.
Por t Management: Unidire ctional Link Dete ction Configuring UDLD Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 155 10 • State —State of the link betwe en the local and neighboring device on the local po r t .
11 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 156 Smar tp or t This document de scribe s the Smar tp or ts f eature.
Smar tp or t Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 157 11 Ov e rv i e w The Smar tpor t f eatur e pr ovides a convenient wa y t o sa ve and shar e common configurations .
Smartport Wha t is a Smar tp or t 158 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 Wha t is a Smar tp or t A Smar tpor t is an inter face to which a built -in (or user -define d) macro ma y be applied.
Smar tp or t Smar tpor t T yp es Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 159 11 • Statically fro m a Smar tpor t macro by name only from the CLI. A Smar tpor t macro can be applied by its Smar tpor t typ e statically fr om CLI and GUI, and dynamically by Auto Smartpor t .
Smartport Smar tp or t Macros 160 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 If Aut o Smar tpor t assigns a Smar tp ort t ype to an inter.
Smar tp or t Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 161 11 There ar e t wo t ypes of Smar tp or t macr os : • Built-In — The se ar e macr os provided by the syst em.
Smartport Macro F ailure and the Reset Opera tion 162 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 - Else the c orresponding anti-macro is applied and the interface s status is set t o Def au lt.
Smar tp or t Auto Smartp or t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 163 11 Ther e are two ways t o apply a Smar tpor t macro by Smartp ort t ype to an interface : • Static Smar tpor t Y ou manually assign a Smartp ort t ype to an int erface.
Smartport Auto Smar tpor t 164 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 • Enable d — This manually enabl es Auto Smar tpor t and places it into operation immediately .
Smar tp or t Auto Smartp or t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 165 11 SR Bridge 0x04 Ignore Switch 0x08 Switch Host 0x 10 Host IG.
Smartport Auto Smar tpor t 166 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 NOTE If only the IP Phone and Host bits ar e set , then the Smar tpor t t ype is ip_phone_desktop.
Smar tp or t Er ror H an d li n g Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 167 11 Pe rsiste nt status of an interface is disabled, the interface reverts to the default Smar tpor t typ e when the attaching devic e to it ages out , the int erfac e goes down, or the device is r ebooted.
Smartport Rela tionship s with Other Fea tur es and Back wards Compa tibility 168 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 Rela tionships with O ther Featur e s and B ack wards C omp a tibilit y Aut o Smartp or t is enabled by default and ma y be disable d.
Smar tp or t Common Smar tp or t T asks Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 169 11 W ork flow2: T o configure an in ter face a s a s.
Smartport Configuring Smar tp or t Using The W eb -bas ed Interface 170 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 W ork flow4: T o rerun.
Smar tp or t Configuring Smartp or t Using The Web-b ase d In terfac e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 171 11 Smar tpor t Prop er tie s T o c onfigur e the Smartp or t f eature globally : STEP 1 Click Smar tp or t > Prop er ties .
Smartport Configuring Smar tp or t Using The W eb -bas ed Interface 172 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 Smar tpor t Typ e S et tings Use the Smar tpor t T ype Set tings page to edit the Smar tpor t T ype s ettings and view the Macro Sour ce.
Smar tp or t Configuring Smartp or t Using The Web-b ase d In terfac e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 173 11 • Macro P aramet ers —Displays the f ollowing fields f or three parameters in the macro: - Parameter Name —Name of paramet er in macro .
Smartport Configuring Smar tp or t Using The W eb -bas ed Interface 174 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 since the last macro application.
Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 175 11 STEP 1 Select a n int er face and click Edit . STEP 2 Enter the fields. • Interfac e —Sele ct the por t or LAG.
Smartport Built-in Smar tpor t Macros 176 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 Macr o code fo r the f ollowing Smar tpor t typ es a.
Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 177 11 # @ no_desktop [no_desktop] #macro description N.
Smartport Built-in Smar tpor t Macros 178 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 no_printer [no_printer] #macro description No printe.
Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 179 11 [no_guest] #macro description No guest # no swit.
Smartport Built-in Smar tpor t Macros 180 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 # no smartport switchport trunk native v lan smartpo.
Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 181 11 no smartport switchport trunk nati ve vlan smart.
Smartport Built-in Smar tpor t Macros 182 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 no port security mode # no smartport storm-control b.
Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 183 11 #$voice_vlan = 1 # smartport switchport trunk al.
Smartport Built-in Smar tpor t Macros 184 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 [no_ip_phone_desktop] #macro description no ip_phone.
Smar tp or t Built-in Smar tpor t Macros Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 185 11 # #macro key description: $voice_v lan: The voic.
Smartport Built-in Smar tpor t Macros 186 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 11 # no smartport storm-co ntrol broadcast enable no sm.
12 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 187 Por t Management : PoE The P ower over Ethernet (P oE) f eature is only a vailable on PoE-base d devices . F or a list of Po E-base d devices , ref er to the De v ice M od e l s sect io n.
Port Management: PoE PoE o n t h e D e v ic e 188 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 12 Power ov er Ethernet can be used in any ent .
Por t Management : PoE PoE on t he D e vi c e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 189 12 Y ou can decide the f ollowing: • Maximum power a PS E is allowed to supply to a PD • During device operation, to change the mode from Class Power Limit t o Port Limit and vice versa.
Port Management: PoE Configuring PoE Pr op er tie s 190 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 12 a P oE device acting as a PSE may mistakenly det e ct and supply power to an attaching PS E , including other PoE swit ches, as a legacy PD .
Por t Management : PoE Configuring P oE Settings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 191 12 • Tr a p s —Enable or disable traps. If traps are enab led, you must also enable SNMP and co nfigur e at least one SNMP Notification Recipient .
Port Management: PoE Configuring PoE Settings 192 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 12 • Class Limit : Power is limit e d based on the clas s of the c onnect ed PD . F or thes e sett ings t o be active, the syst em must be in PoE Class Limit mode.
Por t Management : PoE Configuring P oE Settings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 193 12 • Administrative P ower Allo cation — This field app ears only if the Power Mode set in the PoE Pr oper ties page is Port Limit .
Port Management: PoE Configuring PoE Settings 194 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 12.
13 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 195 VL AN Man agement This section c overs the f ollowing topics: • VL ANs • Configuring .
VLAN Management VL ANs 196 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 VL AN Des cription Each VLAN is co nfigur ed with a unique VI D ( VL AN ID) with a value fr om 1 t o 4094.
VL AN Management VL ANs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 197 13 VL AN Roles VLANs function at Layer 2.
VLAN Management VL ANs 198 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 Cust omer traffic is encapsulated with an S-tag with TPID 0x8100, r egar dles s of whether it was originally c-tagged or untagge d.
VL AN Management Configuring Def ault VL AN S ettings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 199 13 C onfiguring D efault VL AN S et ti.
VLAN Management Crea tin g VL ANs 200 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 • De fault VL AN ID After Reb oot —Enter a new VLAN ID to r eplace the default VLAN ID after r eboot . STEP 3 Click Apply .
VL AN Management Configuring VL AN Int er f ace S ettings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 201 13 The page enables the creation of either a single VLAN or a range of VLANs .
VLAN Management De f i ni n g VLAN M e mbe r s hi p 202 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 - Customer —S electing this option pla ces the interface in QinQ mode. This enables you to use your own VLAN arrangements (PVID) across the provider network .
VL AN Management De fin i ng V L AN Me m ber shi p Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 203 13 Untagged por t membership betwe en two VL AN-a war e devi ces with no intervening VL AN-awar e devices , must be t o the same VL AN.
VLAN Management De f i ni n g VLAN M e mbe r s hi p 204 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 • Multicast T V VLAN — The interface us ed f or Digital T V using Multicast IP . The por t joins the VL AN with a VL AN tag of Multicast T V VL AN.
VL AN Management GV R P S e t t i n g s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 205 13 • LA G —If int er face selected is Port , displa ys the LAG in which it is a member . STEP 3 Sele ct a por t , and click the Join VL AN but ton.
VLAN Management GV R P S e t t i n g s 206 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 When a por t joins a VLAN by using GVRP , it is added to the VLAN as a dynamic member , unle ss this was expr essly forbidden in the P ort VL AN Membership page.
VL AN Management VL AN Gr oups Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 207 13 VL AN Gr oup s VLAN groups are used f or load balancing of traffic on a Layer 2 network . Pa cke ts ar e assigned a VLAN according t o various classifications that have been configured ( such as VLAN groups).
VLAN Management VL AN Groups 208 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 Wo rk f l ow T o define a MAC- based VL AN gr oup: 1 . A s sign a MAC addr ess to a VLAN group ID (using the MAC-Based Groups page).
VL AN Management VL AN Gr oups Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 209 13 - Le n g t h — Prefix of the MAC addr e ss • Group ID —Enter a user -created VLAN group ID number . STEP 4 Click Apply .
VLAN Management VL AN Groups 210 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 1 . D efine a prot o col group (using the Pr ot ocol-B ased Groups page).
VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 211 13 Protoc ol-B as ed Group s to VL AN Mapping T o map a prot o col group to a por t , the p or t must be in General mo de and not have D V A configured on it ( see C onfiguring VL AN Interfac e S et tings ).
VLAN Management Vo i c e V L A N 212 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 V oic e VL AN O ver view This se ction covers the f ollow.
VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 213 13 The devic e suppor ts a single voice VL AN. By de fault , the voic e VLAN is VLAN 1 . The voice VLAN is defaulted t o VLAN 1 .
VLAN Management Vo i c e V L A N 214 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 V oic e E nd-Points T o ha ve a v oice VLAN work properly.
VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 215 13 NOTE The default configuration list her e applies t o swit ches whose firmware v ersion suppor ts Aut o V oice VLAN out of the box.
VLAN Management Vo i c e V L A N 216 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 NOTE If the device is in Lay er 2 syst em mode, it can synchroniz e with only VSD P capable switches in the same ma nagement VL AN.
VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 217 13 V oic e VL AN C onstraints The f ollowing c onstraints exist: • Only one V oice VL AN is suppor ted.
VLAN Management Vo i c e V L A N 218 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 STEP 4 Sel ect th e A ut o V oice VL AN Activation method. NOTE If the device is currently in T elephony OUI mode, you must disab le it bef ore you can configure Aut o V oice Vlan STEP 5 Click Apply .
VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 219 13 Configuring V oice VL AN Proper tie s Use the V oic e VLAN Proper ties page f or the following: • V iew how voice VLAN is currently configured.
VLAN Management Vo i c e V L A N 220 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 - Enable T elephony OUI —Enable Dynamic V oic e VLAN in T elephony OUI mode. - Disable —Disable Aut o V oice Vlan or T elephony OUI.
VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 221 13 • Sou rce T y pe —Displays the type of source wher e the voice VLAN is discovered by the root device. • CoS/802.
VLAN Management Vo i c e V L A N 222 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 • Vo i c e V L A N I D — The identifier of the current voice VLAN. • CoS/802. 1 p — The advertis ed or configur ed CoS/802.
VL AN Management Vo i c e V L A N Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 223 13 T o c onfigure T elephony OUI and/ or add a new V oice VL AN OUI: STEP 1 Click VL AN Man agement > Vo i c e V L A N > Te l e p h o n y O U I .
VLAN Management Vo i c e V L A N 224 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 Adding Inter fac es to V oice VL A N on Ba sis of OUIs Th.
VL AN Management Acc e ss Po r t Multicast TV VL AN Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 225 13 Ac c e s s Por t Multic ast T V VL AN.
VLAN Management Acces s P ort Mu lti cas t TV V L A N 226 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 IGMP Sno oping Multicast T V VL AN r elies on IGMP snooping, which means that : • Subscrib ers use IGMP mess ages to join or lea ve a Multica st group.
VL AN Management Acc e ss Po r t Multicast TV VL AN Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 227 13 Configuration Wo rk f l ow Configure T V VLAN with the following st ep s: 1 .
VLAN Management Cust omer P or t Multicas t TV VL AN 228 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 Por t Multic ast VL AN Memb ership T .
VL AN Management Cust omer P or t Multicas t TV VL AN Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 229 13 All packets fr om the sub scriber t.
VLAN Management Cust omer P or t Multicas t TV VL AN 230 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 13 To m a p C P E V L A N s : STEP 1 Click VLAN Management > Customer P ort Multicast T V VLAN > CPE VL AN t o VLAN.
14 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 231 Sp anning T re e This section de scribe s the Spanning T ree Pr otocol (STP) (IEEE802.
Spanning Tree Configuring S TP Status and Global Settings 232 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 The device suppor ts the f ollowing Spanning T ree Pr ot ocol versions : • Classic STP – Provides a single path bet ween any two end stations , av oiding and eliminating lo ops .
Sp anning Tree Configuring S TP Sta tus and Global Settings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 233 14 • BPDU Handling —Sele ct how Bridge Pr ot ocol Da ta Unit (BPDU) pack ets ar e managed when STP is disabled on the por t or the device.
Spanning Tree Defining Spanning T ree Int er face S e ttings 234 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 • T op ology Change s Counts — The total number of S TP t opology changes that hav e occurred.
Sp anning Tree Defining Spannin g T r ee In ter f ace S ettings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 235 14 • Root Guard —Enables or disable s Root Guar d on the device. The Root Guar d option pr ovides a way t o enfor c e the r oot bridge placement in the network .
Spanning Tree Configur ing Rapid Spann ing T ree S etting s 236 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 - Blo ck ing — The po r t is curr ently blocked, and cannot f or ward traffic (with the ex c eption of BPDU data) or learn MA C addresse s.
Sp anning Tree Configuring R apid Spanning T r ee S ettings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 237 14 T o enter RS TP settings : STEP 1 Click Sp anning T r ee > STP Status and Global S ettings .
Spanning Tree Configur ing Rapid Spann ing T ree S etting s 238 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 - Design at ed — The interface through which the bridge is connected t o the LAN, which provides the lowest co st path fr om the LAN to the R oot Bridge.
Sp anning Tree Multiple S panning T ree Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 239 14 Multiple Sp anning T re e Multiple Spanning T ree Prot o col (MSTP) is used to separat e the S TP por t state bet ween various domains (on dif f erent VL ANs ).
Spanning Tree Mapping VL ANs to a MS TP I nstance 240 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 Switches int ended to be in the s ame MST r egion are never separated by switches from another MS T r egion.
Sp anning Tree De fin ing M S TP I n s tan ce Se tt ing s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 241 14 F or those VL ANs that are not explicitly mapped to one of the MS T instances , the device automatically maps them to the CIS T (C ore and Inte rnal Spanning T ree) instance.
Spanning Tree De f i n in g MS TP I nt erf ace Sett i n g s 242 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 • Included VL AN —Displa ys the VLANs mappe d t o the selected instance.
Sp anning Tree De fin i ng M S TP I n te rf ace Se tti ng s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 243 14 STEP 5 Enter the parameters. • Instanc e ID —S elect the MS T instance to be configured.
Spanning Tree De f i n in g MS TP I nt erf ace Sett i n g s 244 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 14 - Bac k u p — The interface provides a b ackup path t o the designated por t path t oward the Spanning T ree le av es .
Sp anning Tree De fin i ng M S TP I n te rf ace Se tti ng s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 245 14.
15 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 246 Man aging MA C A ddre s s T able s This section de scribe how to add MA C addresse s t o the syst em.
Ma nagi ng M A C Ad d r ess T a bl es Configuring Sta tic MAC Address e s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 247 15 C onfiguring Static MA C A ddres s e s Static MAC addr ess es are assigne d t o a specific physical int erface and VL AN on the device.
Managing MAC Address Tables Managing Dynamic MAC Addresse s 248 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 15 Managing D yn amic MA C Addres.
Ma nagi ng M A C Ad d r ess T a bl es De fin in g R eser v ed M A C Ad d r esses Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 249 15 D efinin.
16 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 250 Multic ast This section de scribe s the Multicast F or warding f eature, and covers the f.
Multic ast Multicas t Forwar ding Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 251 16 F or Multicast f or warding t o work acr oss IP subnets , node s, and routers must be Multicast-capable. A Multicast -capable node must be able to: • Send and receive Multicast pack ets.
Multicast Multicast F orwarding 252 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 The device can f or ward Multicast streams based on one of.
Multic ast Defining Multicas t Proper ties Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 253 16 I f t h e d e vi c e i s en a b l e d a s a n I G M P Qu e r i e r , i t s t a r ts a f te r 6 0 s ec on d s h ave p a s s e d with no IGMP traffic (queries) det ected fr om a Multicast rout er .
Multicast Defining Multicas t Pr op er tie s 254 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 A common wa y of repr e senting Multicast membership is the (S, G) notation where S is the (single) sour ce send ing a Multicast stream of data, and G is the IP v 4 or IP v6 group addr ess .
Multic ast Adding MAC Gr oup Address Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 255 16 STEP 3 Click Apply . The Running Configuration file is updated. Adding MAC Gr oup Addres s The device supp or ts f o r warding incoming Multicast traffic bas ed on the Multicast gr oup inf ormation.
Multicast Adding MAC Gr oup Addr ess 256 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 Entries that wer e crea ted both in this page a nd in the IP Multicast Gr oup Addres s page are displa y ed.
Multic ast Adding IP Multicast Gr oup Addresse s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 257 16 Adding IP Multic ast Group Addres se s The IP Multicast G roup Addr es s page is similar t o the MAC Gr oup Addr es s page ex c ept that Multicast groups are identified by IP addr ess es .
Multicast Configuring IGMP Snooping 258 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 • Sourc e Sp ecific —Indicates that the entr y contains a sp ecific source, and adds the addr es s in the IP Source Address field.
Multic ast Configuring IGMP Sn ooping Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 259 16 When IGMP Snooping is enable d globally or on a VL AN, all IGMP pack ets ar e f or warded t o the CPU .
Multicast Configuring IGMP Snooping 260 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 Ther e can be only one IGMP Querier in a network . The device suppor ts standar ds-base d IGMP Querier elec tion.
Multic ast MLD Snooping Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 261 16 • Operational Last Memb er Quer y Inter val —Displa ys the Last Member Quer y Inter val sent by the ele ct ed querier .
Multicast MLD Snooping 262 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 In an appr oach similar to IGMP snooping, MLD frames are snoop ed as they are f or war ded by the device from stations t o an upstream Multicast r out er and vice versa.
Multic ast Quer ying IGMP /MLD IP Multicast G r oup Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 263 16 • Operational Quer y Robustnes s —Displays the r obustnes s variable sent by the elected querier .
Multicast Defining Multic ast R out er Po r ts 264 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 Ther e might be a dif f erence bet ween information on this page and, f or example, inf ormation displa yed in the MAC Gr oup Addr es s page .
Multic ast Defining F orward All Multicast Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 265 16 T o statically c onfigur e or see dynamically- detect ed por ts conne ct ed to the Multicast rout er : STEP 1 Click Multic ast > Multicast Router Por t .
Multicast D e fining Unr egistered Multicast Settings 266 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16 IGMP or MLD mes sages ar e not f or warded to por ts defined as Fo r w a rd All . NOTE The configuration aff e cts only the por ts that are members of the selected VLAN.
Multic ast Defining Unr egister ed Multicas t Settings Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 267 16 Y ou can select a p or t t o r eceive or filter unr egist ered Multicast str eams. The configuratio n is valid f or a n y VLAN of which it is a mem ber (or will b e a member) .
Multicast D e fining Unr egistered Multicast Settings 268 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 16.
17 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 268 IP C onfigura tion IP int er face addr es ses can b e configured manually by the user , or automatically configured by a DHCP se r ver .
IP Configuration Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 269 17 retains much of the La yer 2 functionalit y , such as Spanning T ree Pr ot ocol and VLAN memb ership.
IP Configuration Over view 270 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 When a VLAN is configured to use dynamic IP v 4 addres ses , the device is sues DHCP v 4 requests until it is assigned an IP v 4 addr e ss from a DHCPv 4 ser ver .
IP Configuration Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 271 17 All the IP addr es ses configured or as signed to the device ar e r ef erred to as Management IP addr es ses in this guide.
IP Configuration IPv4 Managemen t and In terface s 272 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 T o configure an IP v6 loopback interface, do the f ollowing: • In Lay er 2, add a loopback inter face in the Administration > Management Interface > IP v6 Interfaces page.
IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 273 17 - Static —Manually define a static IP address . NOTE DHCP Option 12 (Host Name option ) is suppor ted when the device is a DHCP client .
IP Configuration IPv4 Managemen t and In terface s 274 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Auto Configuration via DHCP —Displa ys status of Aut o Configuration f eature. Y ou can configure this fr om Administration > F ile Management > DHCP A ut o Confi gurati on .
IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 275 17 • Mask —C onfigured IP addr es s mask . • Status —Results of the IP address duplication check .
IP Configuration IPv4 Managemen t and In terface s 276 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 ! CAUT I ON When the system is in one o.
IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 277 17 NOTE Y ou cannot configur e a static r oute thr ough a directly-connected IP subnet wher e the device gets its IP addr es s from a DHCP server .
IP Configuration IPv4 Managemen t and In terface s 278 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • ARP Entr y Age Out —Ent er the number of sec onds that dynamic addr ess es can remain in the ARP table.
IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 279 17 • MA C Addres s —Ent er the MAC addr ess of the lo cal device. STEP 6 Click Apply . The ARP entr y is saved t o the Running Configuration file.
IP Configuration IPv4 Managemen t and In terface s 280 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 UDP Rela y /IP Help er The UDP Rela y /IP Help er f eature is only a vailable when the device is in La yer 3 system mode.
IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 281 17 An untrusted por t is a por t that is not allowed to assign DHCP address es.
IP Configuration IPv4 Managemen t and In terface s 282 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • DHCP Inser tion - Add Option 82 info rmation t o pack ets that do not ha ve f oreign Option 82 inf ormation.
IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 283 17 The f ollowing de scribe s how DHCP req.
IP Configuration IPv4 Managemen t and In terface s 284 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 The f ollowing de scrib es how DHCP Rep.
IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 285 17 Option 82 inser tion disable d Pac ke t.
IP Configuration IPv4 Managemen t and In terface s 286 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 The f ollowing de scrib es how DHCP r e.
IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 287 17 The DHCP Snooping Binding databas e is also use d by IP Source Guar d and Dynamic ARP Inspe ction f eatures to det ermine legitimate packet sour ces .
IP Configuration IPv4 Managemen t and In terface s 288 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 STEP 6 Device f orwards DHCPOFFER , DHCP AC K , or DHCPNAK . The f ollowing summarize s how DHCP pack ets ar e handled fr om both trusted and untrusted por ts.
IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 289 17 DHCP Sno oping Along With DHCP Rela y I.
IP Configuration IPv4 Managemen t and In terface s 290 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 STEP 1 Enable DHCP Sno oping and/ or DH CP Relay in the IP C onfigura tion > DHCP > Propertie s page or in the Se curit y > DHCP Snooping > Proper ties page.
IP Configuration IPv4 Management and In terface s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 291 17 STEP 2 Click Apply . The set tings ar e written t o the Running Configuration file. STEP 3 T o define a DHCP ser ver , click Add .
IP Configuration IPv4 Managemen t and In terface s 292 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 DHCP Sno oping Binding Da tabas e See How the DHCP Snooping Binding Databas e is Built f or a de scription of how dynamic entries are added to the DHCP Snooping Binding database.
IP Configuration DHCP S er ver Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 293 17 STEP 3 Enter the fields: • VL AN ID — VLAN on which packet is e xpected. • MAC Addr es s— MAC addr ess of packet .
IP Configuration DHCP Ser ver 294 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 Depe nd e n ci es Betwee n F ea tu res • It is impo ssible.
IP Configuration DHCP S er ver Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 295 17 DHCP v4 S er ver T o c onfigur e the device as a DHCP v 4 s er ver : STEP 1 Click IP Configuration > IP v 4 Management and Int erfac es > DHCP Ser ver > Proper ties to displa y the Pr oper ties page.
IP Configuration DHCP Ser ver 296 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Mask —Enter one of f ollowing : - Network Mask —Che ck and ent er the pool’ s network mask . - Prefix L ength —Check and ent er the number of bits that compris e the address pr efix.
IP Configuration DHCP S er ver Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 297 17 - Mi xe d —A combination of b -node and p-no de communications is us ed to r egister and r esolve NetBIOS name s.
IP Configuration DHCP Ser ver 298 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 T o manually allocate a permanent IP addres s t o a specific client : STEP 1 Click IP Configuration > IP v 4 Management and Int erfac es > DHCP Ser ver > Static Hosts to displa y the Static Hosts page.
IP Configuration DHCP S er ver Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 299 17 - Hybrid —A hybrid combination of b -node and p-node is us ed. When configured to use h-node, a computer always tries p-node first and use s b-no de only if p-node fails.
IP Configuration DHCP Ser ver 300 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 T o configure one or more DHCP options: STEP 1 Click IP Configuration > IP v 4 Management and Int erfac es > DHCP Ser ver > DHCP Options .
IP Configuration DHCP S er ver Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 301 17 Addres s Binding Use the Addres s Binding page to view and remov e the IP addresse s allocated by the device and their c orresponding MAC addr es se s.
IP Configuration IPv6 Management and In terface s 302 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 IP v 6 Management and Inter face s The Int ernet Prot o col version 6 (IPv6) is a net work -lay er pr ot ocol f or packet - switched int ernetworks .
IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 303 17 • Directly-attache d, meaning tha.
IP Configuration IPv6 Management and In terface s 304 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 - Link -Layer —(D efa ult). If you sele ct this option, the MAC addr es s of the device is use d.
IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 305 17 • Tu n n e l T y p e —(Not present f or S x 500) If the IP v6 interface is a tunnel, select its typ e: Manual or ISA T AP (se e IP v 6 T unnel ).
IP Configuration IPv6 Management and In terface s 306 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 STEP 7 Click Apply t o enable IP v6 proces sing on the selected interface.
IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 307 17 • Remaining Information Refresh Time —Remaining time until ne xt refresh. • DNS Ser vers —List of DNS ser vers received from the DHCPv6 se r ver .
IP Configuration IPv6 Management and In terface s 308 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 record is not r esolved, IS A T AP ho st name-to-addr ess mapping is searched in the host mapping table.
IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 309 17 STEP 6 Enter the f ollowing fields: • Type —Displays the tunnel type : Manual or ISA T AP .
IP Configuration IPv6 Management and In terface s 310 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • ISA T AP Router Name — (For ISA T AP tunnels only) Select one of the f ollowing options to configure a global string that r epresents a spe cific aut omatic tunnel ro uter domain name.
IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 311 17 - Anycast —(La yer 3 only) The IPv6 addres s is an Any cast address . This is an address that is as signe d t o a set of inter faces that t ypically belong to differ ent no des .
IP Configuration IPv6 Management and In terface s 312 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Suppres s Router Adver tisement —Select Ye s to suppr ess IP v6 router advertis ement transmissions on the interface.
IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 313 17 The int er val bet ween transmis si.
IP Configuration IPv6 Management and In terface s 314 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 - Prefix -Length — The length of the IP v6 prefix.
IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 315 17 - Offlink —C onfigures the specified prefix as offlink . The prefix will be adver tised with t he L -bit clear .
IP Configuration IPv6 Management and In terface s 316 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Metric —Cost of this hop.
IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 317 17 T o define IP v6 neighbors : STEP 1 In La yer 2 syst em mode, click Ad ministra tion > Management In ter face > IP v6 Neighb ors .
IP Configuration IPv6 Management and In terface s 318 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 STEP 3 Ent er values f or the f ollowing fields : • Interfac e — The neighboring IP v6 interface to be added.
IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 319 17 T o creat e a pr efix list: STEP 1 (In Lay er 3) Click IP Configuration > IP v 6 Management Interfac es > IP v6 Pref ix List .
IP Configuration IPv6 Management and In terface s 320 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Lower Than —Maximum pr efix length to be used f or matching. Select one of the f o llowing options: - No L i mi t —No maxi mum pr efix le ngth t o be used f or matching.
IP Configuration IPv6 Manag ement and I n ter f ace s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 321 17 network . Only one link local address is suppor ted. If a link local address ex ists on the int erface, this entr y replaces the address in the configuration.
IP Configuration IPv6 Management and In terface s 322 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Int er face List — This is a per -int er face list of DHCP v6 ser vers .
IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 323 17 Enter the fields: • Sourc e Interfac e —Sele ct the interface (por t , LAG, VLAN or tunnel) f or which DHCP v6 Rela y is enabled.
IP Configuration Do m a i n N am e 324 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 • Polling Time out —Ent er the numb er of seconds that the devic e will wait f or a response to a DNS query .
IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 325 17 - Link L o cal — The IP v6 addres s uniquely identifies hosts on a single network link .
IP Configuration Do m a i n N am e 326 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17 Ho st Mapping Host name/IP address mappings are st or ed in the Host Mapping T able (DNS cache).
IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 327 17 - No Resp onse — There was no r esponse, but system can tr y again in future. • TT L — If this is a dynamic entr y , how long will it remain in the cache.
IP Configuration Do m a i n N am e 328 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17.
IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 329 17.
IP Configuration Do m a i n N am e 330 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17.
IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 331 17.
IP Configuration Do m a i n N am e 332 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17.
IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 333 17.
IP Configuration Do m a i n N am e 334 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17.
IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 335 17.
IP Configuration Do m a i n N am e 336 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17.
IP Configuration Domain Name Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 337 17.
IP Configuration Do m a i n N am e 338 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 17.
19 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 379 IP C onfigura tion: RIP v2 This section de scrib es the Routing Inf ormat ion Pr otocol (RIP) version 2 f eature.
IP Configuration: RIPv2 How Rip Opera tes on the Device 380 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 • RFC2453 RIP V ersion 2, November 1998 • RFC2082 RIP -2 MD5 Authentication, Januar y 1997 • RFC 1724 RIP V ersion 2 MIB Extension Received RIP v 1 packets ar e dr opped.
IP Configuration: RIP v2 How Rip Opera tes on the D evice Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 381 19 It is your r esponsibilit y t o set the offset f or each interface ( 1 by default) .
IP Configuration: RIPv2 How Rip Opera tes on the Device 382 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 See RIP v2 S ettings on an IP Inter face fo r m o r e i n fo r m a t i o n .
IP Configuration: RIP v2 How Rip Opera tes on the D evice Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 383 19 If th ese f eatu r es ar e ena bl ed, r eject ed r o ut es ar e adv er ti sed b y r out es wi th a metric of 16.
IP Configuration: RIPv2 How Rip Opera tes on the Device 384 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 Using RIP in Net work with Non-Rip D evice s Static r oute configuration and connected inter faces must be taken into account when using RIP .
IP Configuration: RIP v2 Configuring RIP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 385 19 • MD5 —Use s MD5 digest authentication. Each rout er is configured with a set of secret ke ys. This s et is called a ke y c ha i n .
IP Configuration: RIPv2 Configuring RIP 386 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 - Configure the offset added to the metric f or incoming rout es on an IP int er face, using the RIP v2 Set tings page.
IP Configuration: RIP v2 Configuring RIP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 387 19 STEP 3 Re distribute Static Route —Select to enable this f eature (des cribed in Redistribution Fe ature .
IP Configuration: RIPv2 Configuring RIP 388 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 RIP v2 S et tings on an IP Interface T o c onfigur e RIP on an IP int er face : STEP 1 Click IP Configuration > RIP v2 > RIP v2 S et tings .
IP Configuration: RIP v2 Configuring RIP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 389 19 • Key Pas sw ord —If Te x t was selected as the authentication t ype, enter the pas sword to be used.
IP Configuration: RIPv2 Configuring RIP 390 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 STEP 2 T o clear al l interface c ount ers , click Clear All Interface Counters .
IP Configuration: RIP v2 Configuring RIP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 391 19 Creating an Ac ce s s List T o s et the global configuration of an acces s list . STEP 1 Click IP C onfigura tion > Ac ce ss Li st > Acce ss Lis t Setting s .
IP Configuration: RIPv2 Configuring RIP 392 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 • Sourc e IP v4 Addres s —Source IP v 4 addr ess . The f o llowing options ar e available: - An y —All IP addr es ses are included.
20 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 393 IP C onfigura tion: VRRP This chapter describe s how V ir tual Router R edundancy Prot o col ( VRRP) works and how t o configure virtual rout ers running VRRP thr ough the WEB GUI.
IP Configuration: VRRP Over view 394 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 Co n s tr ai n ts VRRP is only suppor ted on S G500 X /ESW2-55 0X swit ches. VRRP T opolo gy The f ollowing shows a L AN topology in which VRRP is configured.
IP Configuration: VRRP Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 395 20 Rout er B and C function as a vir tual router backups .
IP Configuration: VRRP Over view 396 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 Load Sharing VRRP T op ology In this t opolo gy , t wo vir tual rout ers ar e configured. F o r vir tual r out er 1 , rA is the owner of IP address 192.
IP Configuration: VRRP Configur able Elemen ts of VRRP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 397 20 C onfigurable Elements of VRRP A vir tual r outer must be assigned an uniqu e virtual rout er identifier ( VRID) among all the vir tual r out ers on the same LAN.
IP Configuration: VRRP Configur able E lemen ts o f VRRP 398 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 • If ther e is at least one VRRP r out er of the virtual router operating in both VRRP v2 and VRRPv3.
IP Configuration: VRRP Configur able Elemen ts of VRRP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 399 20 All the VRRP r outers supporting the same vir tual rout er must ha ve the same configuration.
IP Configuration: VRRP Configuring VRRP 400 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 • Enabled - When a VRRP r oute r is config ur ed with higher priorit y than the current mast er is up, it r eplaces the current master .
IP Configuration: VRRP Configuring VRRP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 401 20 • Descr i p ti o n —User -defined string identif ying vir tual r outer . • Status —Sele ct t o enable VRRP on the device.
IP Configuration: VRRP Configuring VRRP 402 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 • Status —Is VRRP enabled. • IP Address O wner — The owner of the IP address of the vir tual rout er .
IP Configuration: VRRP Configuring VRRP Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 403 20 • In valid VRRP Pack et T ype —Displays number of packets with in valid VRRP packet types . • In valid VRRP ID —Displays number of pack ets with in valid VRRP IDs.
18 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 328 Sec u r i t y This section de scrib es device s ecurit y and acces s control.
Secu r ity De fin i ng U ser s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 329 18 • Co nfiguring T AC A C S+ • Configurin g R ADIUS • Configurin g Por t Se curit y • 802.
Security De fin i ng Us er s 330 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 NOTE It is not permitted to delet e all users . If all users are selected, the De l e t e button is disabled. T o add a new user : STEP 1 Click Adm in ist ra tion > Us er Acco un ts .
Secu r ity De fin i ng U ser s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 331 18 - Read / Wr i te M anag em en t Access ( 15 ) —User can acce ss the GUI, and can configure the device. STEP 5 Click Apply .
Security Configuring T ACACS+ 332 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Do not r epeat or reverse the manufacturers name or any variant reached by changing the case of the charact ers.
Secu r ity Configuring T ACACS+ Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 333 18 • Authoriza tion —P er f orme d at login. Af t er the authentication ses sion is completed, an authorization s es sion star ts using the authenticated username.
Security Configuring T ACACS+ 334 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 The f ollowing information is sent to the T AC ACS+ ser ver .
Secu r ity Configuring T ACACS+ Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 335 18 STEP 3 Select TA C A C S + in the Management Acce ss Authentication page, so that when a user logs onto the device, authenticati on is per f ormed on the T ACA CS+ ser ver instead of in the local database.
Security Configuring T ACACS+ 336 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Sou r ce IPv4 —(In La yer 3 syst em mode only) Select the devic e IPv 4 source interface to be used in me s sages sent for communication with the TA C A C S + s e r v e r.
Secu r ity Configuring T ACACS+ Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 337 18 • Priorit y —Ent er the or der in which this T A CACS+ ser ver is used. Z er o is the highest priorit y T ACA CS+ ser ver and is the first ser ver use d.
Security Configur ing R ADIUS 338 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 C onfiguring R ADIUS Remot e Authorization Dial-In User Ser vic e (R ADIUS) ser vers provide a centralized 802.
Secu r ity Configuring RADIUS Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 339 18 Interactions With O ther Features Y ou cannot enable acc ounting on both a R ADIUS and T ACA CS+ s er ver .
Security Configur ing R ADIUS 340 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Dea d T i m e —Enter the number of minut es that elaps e bef ore a non- responsive R ADIUS ser ver is bypas se d f or s er vic e r eque sts.
Secu r ity Configuring RADIUS Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 341 18 - Glo b al — The IP v6 address is a glob al Unicast IPV 6 t ype that is visible and r eachable from other networks .
Security Key M anag eme nt 342 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 - All —R ADIUS ser ver is use d f or authenticating user that ask t o administer the device and f or 802. 1 X authentication.
Secu r ity Key Ma na ge me nt Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 343 18 - User Defined (Plain tex t)— Ent er a plainte xt version NOTE Both the Acce pt Lif e T ime and the Send Lif e T i me values can be enter ed.
Security Key M anag eme nt 344 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 Creating a K ey Set tings Use the Ke y Chain Set tings page t o add a k ey t o an alr eady e xisting k ey chain. STEP 1 Click Sec ur i ty > Ke y M an a g e m en t > Ke y S e t ti n g s .
Secu r ity Management Acce ss Method Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 345 18 - Day s —Number of days that the k e y-identifier is valid. - Ho ur s —Numb er of hours that the ke y-identifier is valid.
Security Management Acce ss Method 346 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Sourc e IP Address —IP addres ses or subnets . Acc es s t o management methods might diff er among user groups.
Secu r ity Management Acce ss Method Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 347 18 A caution mes sage displays if you selected any othe.
Security Management Acce ss Method 348 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 - All — A p p l i es to al l po r ts, VLA N s, a n d LA Gs. - Us er D ef in e d —Applie s t o selected interfac e.
Secu r ity Management Acce ss Method Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 349 18 STEP 1 Click Secu r i ty > Mgmt Ac c es s Metho d > Profile Rules . STEP 2 Sele ct the Filt er field, and an acce ss profile.
Security Management Acce ss Authentica tion 350 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Interfac e —Ent er the interface number . • Applies to S ource IP Addres s —Select the t ype of s our ce IP address to which the acces s profile applies.
Secu r ity Se cure Sensitive Da ta Managemen t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 351 18 If an authentication method fails or the us er has insuff icient privilege level, the user is de ni ed a ccess t o the de vi ce.
Security SSL Serve r 352 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 SS L Se r ve r This se ction describ es the Se cur e Socket Lay er (SS L ) f eature. S SL O ver view The Secure Socket La yer (SS L) f eature is used to open an HTTPS ses sion to the device.
Secu r ity SSL Serve r Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 353 18 • Va l i d T o — Sp ecifies the date up to which the cer tificate is valid.
Security SSH Serve r 354 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Private K ey (Encr ypted) —S elect and copy in the RS A private k ey in encr ypted f o rm. • Priva te K ey (Plain text) —Select and copy in the RSA private ke y in plain te x t fo r m .
Secu r ity Configuring T CP /UDP S er vic es Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 355 18 • Te l n e t —Disabled by fact or y default • SSH —Disabled by factor y default The active T CP c onnections are also display ed in this window .
Security Defining St orm Cont rol 356 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Loc al IP Addre ss —L ocal I P a d dr es s t hr ough w h ich the device is off ering the ser v ice. • Loc al Por t —L o cal UDP por t through which the device is of f ering the s er vice.
Secu r ity Configuring P or t S ecurit y Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 357 18 • Storm C ontrol Mode —Select one of the mod.
Security Configuring P or t Se curit y 358 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 When a frame fr om a new MA C addr es s is det ecte.
Secu r ity 802 . 1 X Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 359 18 - Sec u r e Pe rma nen t —K eeps the current dynamic MAC addr e sse s as sociated with the por t and learns up to the maximum number of addr es ses allowed on the p or t ( set by Ma x N o .
Security Denial of Ser vice Preven tion 360 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 D enial of S er vic e Prevention A Denial of Ser vice (DoS) at tack is a hack er at tempt t o make a dev ice unavailable to i t s u s e rs .
Secu r ity Denial of S er vice Preven tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 361 18 • Mar tian Address es —Mar tian address es are illegal from the point of view of the IP prot oc ol.
Security Denial of Ser vice Preven tion 362 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • Pr event T CP co nnections from a specific int.
Secu r ity Denial of S er vice Preven tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 363 18 STEP 1 Click Secu r i ty > Deni al of Ser vic e Prevention > Se curit y Suite Set tings . The Sec u r i ty S ui te Se t tin gs displays.
Security Denial of Ser vice Preven tion 364 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 SYN Protection The network por ts might be use d by hackers t o attack the devic e in a S YN attack , which consume s T CP resources (buf f ers ) and CPU power .
Secu r ity Denial of S er vice Preven tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 365 18 • Current Status —Int erface status . The pos sible values are: - Nor m al —No attack was ident ified on this inter face.
Security Denial of Ser vice Preven tion 366 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 STEP 3 T o add a Mar tian addres s click Add . STEP 4 En te r t h e p a r a me te r s . • IP V ersion —Indicates the suppor ted IP version.
Secu r ity Denial of S er vice Preven tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 367 18 - Us e r De f i ne d —Enter a port number . - All Por ts —S elect to indicat e that all por ts are filt ered.
Security Denial of Ser vice Preven tion 368 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 STEP 4 Click Apply . The S YN rat e pr ot ection is define d, and the Running C onfiguration is updated.
Secu r ity DHCP Sno oping Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 369 18 • Interfac e —Sele ct the interface on which the IP fragmentation is being defined.
Security IP S ource Guard 370 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 • DHCP Snooping must b e globally enabled in order t o enable IP Source Guard on an int er face.
Secu r ity IP S ource Guard Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 371 18 C onfiguring IP Sourc e Guard W ork Flow T o c onfigure IP So.
Security IP S ource Guard 372 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 STEP 1 Click Sec ur i ty > IP Sourc e Guard > Interface S et tings. STEP 2 Sele ct por t /L AG from the Fil t er field and click Go .
Secu r ity ARP Inspe ction Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 373 18 The entries in the Binding datab ase are displa yed: • VL AN ID — VLAN on which packet is e xpected. • MAC Addr es s— MAC a ddr ess to be mat ched.
Security ARP Inspection 374 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 The f ollowing shows an example of ARP cache poisoning. ARP Cache Pois oning Hosts A , B, and C are connected to the swit ch on int er faces A , B and C, all of which ar e on the same subnet .
Secu r ity ARP Inspe ction Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 375 18 • T rusted — Packets ar e not inspected. • Untrusted — Packets ar e insp ected as describe d above. ARP inspec tion is per f ormed only on untrust ed interfac es .
Security ARP Inspection 376 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 Interaction B et ween ARP Insp ect i o n a n d D H C P S n oo p i ng If DHCP Snooping is enabled, ARP Insp ection us es the DHCP Snooping Binding database in add ition t o the ARP acce ss c ontro l rules .
Secu r ity ARP Inspe ction Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 377 18 STEP 1 Click Securi ty > ARP Inspection > Proper ties . Enter the f ollowing fields : • ARP Insp ec tion Status — Select to enable ARP Inspe ction.
Security ARP Inspection 378 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18 STEP 3 Sel ect Tr u s t e d or Untrusted and click Apply t o save the set tings to the Running Configurat ion file.
Secu r ity F irst Hop Se curit y Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 379 18 D efining ARP Insp e ction VL AN S et tings T o enable ARP Inspe ction on VLANs and as sociate Acce ss Control Gr oups with a VL AN: STEP 1 Click Securi ty > ARP Inspection > VL AN Set tings .
Security Fir st H o p S ec u ri t y 380 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 18.
19 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 381 S e curit y : 802. 1 X Authentic a tion This section de scribe s 802. 1 X authentication. It covers the f ollowin g t opics: • O ver view of 802.
Security: 802.1X Authentication Over view o f 802. 1 X 382 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 This is described in the figur e b elow: A network devic e can be either a client / s upplicant , authen ticat or or both per p or t .
Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 383 19 See Por t Ho st Mo des f or more inf ormation. The f ollowing aut hentication methods are suppor ted: • 802.
Security: 802.1X Authentication Authen tica tor Over view 384 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 • f orce-unauthorized Port authentication is dis abled and the p or t transmits all traf fic via the guest VLAN and unauthenticated VL ANs .
Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 385 19 When a por t is unauthorized and a gue st VL AN is enabled, untagged traf fic is remapped to the guest VLAN.
Security: 802.1X Authentication Authen tica tor Over view 386 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 - SG500X G Multiple Authenti c a.
Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 387 19 This is descr ibed in the following: Figur e 1 802. 1 x-B as e d Authentication MAC-Bas e d Authentication MAC-based authentication is an alternativ e t o 802.
Security: 802.1X Authentication Authen tica tor Over view 388 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 WEB -B as e d Authentication WEB-b ased authentication is us ed to authe nticate end users who r equest ac ces s to a network through a swit ch.
Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 389 19 After authent ication is complet ed, the switch f or wards all tra ffic arriving fr om the client on the por t , as shown in the figure below .
Security: 802.1X Authentication Authen tica tor Over view 390 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 NOTE • When web-bas ed authenticati on is not suppor t ed, guest VLAN and D V A cannot be configured in multi-s ess ion mode.
Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 391 19 Ho st Mode s with Gue st.
Security: 802.1X Authentication Authen tica tor Over view 392 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 F or a device to be authenticat .
Se curit y : 802. 1 X Authentic a tion Authentica tor Ov er view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 393 19 Viola tion Mo de In single-host mode you can c onfigur e the action to be taken when an unauthorized host on authorized por t at t empts t o acce ss the inter face.
Security: 802.1X Authentication Common T asks 394 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 C ommon T asks W ork flow 1 : T o enable 802. 1 x authentication on a p or t: STEP 1 Click Securit y > 802.
Se curit y : 802. 1 X Authentic a tion Comm on T asks Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 395 19 STEP 4 Click Apply , and the Running Configuration file is updated. Use the Copy Settings button t o copy settings from one port to another .
Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 396 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 802. 1 X C onfigura tion Thr ough the GUI D efining 802. 1 X Prop er tie s The 802.
Se curit y : 802. 1 X Authentic a tion 802. 1 X C on figur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 397 19 - If t.
Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 398 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 STEP 1 Click Sec ur i ty > 802. 1 X /MAC/ W eb Authentication > Por t Authentication .
Se curit y : 802. 1 X Authentic a tion 802. 1 X C on figur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 399 19 After .
Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 400 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 • Maximum WBA Login A t tempts —A vail able only in La yer 2 swit ch mode.
Se curit y : 802. 1 X Authentic a tion 802. 1 X C on figur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 401 19 T o define 802. 1X advanced set tings f or p ort s: STEP 1 Click Secu r i ty > 802.
Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 402 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 Viewing Authenticated Ho sts T o view details about authenticat ed users : STEP 1 Click Sec ur i ty > 802.
Se curit y : 802. 1 X Authentic a tion 802. 1 X C on figur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 403 19 W eb Authentication Customiza tion This page enables designing web-b ased authentication page s in various languages .
Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 404 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 T o cust omize the web-authentication pages : STEP 1 Click Sec ur i ty > 802.
Se curit y : 802. 1 X Authentic a tion 802. 1 X C on figur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 405 19 - Non e —No logo. - Default —Use the default logo. - Other —Selec t t o ent er a customiz ed logo.
Security: 802.1X Authentication 802. 1 X Configura tion Through the GUI 406 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 • Language Dropdown L ab el —Ent er the label of the language selection dropdown.
Se curit y : 802. 1 X Authentic a tion Defining T ime R ange s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 407 19 STEP 15 Enter the Su ccess M essag e , which is the te xt that will b e displayed if the end user succe ssfully lo gs in.
Security: 802.1X Authentication Authenti ca tion Me thod and Port Mo de Suppor t 408 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19 Mo de B ehavior The f ollowing table de scrib es how authenticated and non-authenticated traffic is handled in vari ous situations .
Se curit y : 802. 1 X Authentic a tion Authent ica tion Me thod and Port Mo de Suppor t Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 409 19 F.
Security: 802.1X Authentication Authenti ca tion Me thod and Port Mo de Suppor t 410 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 19.
20 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 410 S e curit y : IP V6 F irst Hop S e curit y This se ction describ es how First Hop Se curity (FHS) works and how t o configure it in the GUI.
Se curit y : IPV6 First Hop S ecurit y F irst Hop Se curit y Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 411 20 F irst Hop S e curit y O ver view IP v6 FHS is a suit e of f eatures designe d t o secure link operations in an IP v6 - enabled net work .
Security: IPV6 First Hop Security Fi rst Hop Se curit y Over view 412 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 IP v 6 First Hop Se curi.
Se curit y : IPV6 First Hop S ecurit y F irst Hop Se curit y Over view Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 413 20 • Neighbor Solic.
Security: IPV6 First Hop Security Fi rst Hop Se curit y Over view 414 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 IP v 6 First Hop Se curit y Perimeter IP v6 First Hop Securit y switches can f orm a per imet er separating untrusted area from trust ed ar ea.
Se curit y : IPV6 First Hop S ecurit y Rout er Adver tisement Guar d Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 415 20 The device-r ole command in the Neighbor Bi nding policy configur ation screen specifie s the perimeter .
Security: IPV6 First Hop Security DHCPv 6 Guard 416 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 • V alidation of received Neighbor Dis cover y prot ocol mes sage s.
Se curit y : IPV6 First Hop S ecurit y Neighbor Binding In t egrit y Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 417 20 Neighb or Binding Integrit y Neighbor Binding (NB) Int egrit y establishe s binding of neighbors .
Security: IPV6 First Hop Security Neighb or Binding In tegrit y 418 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 NBI-NDP metho d The NBI-ND.
Se curit y : IPV6 First Hop S ecurit y A ttack Pro tecti on Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 419 20 NBI-NDP suppor ts a lif etime timer . A value of the timer is configurable in the Neighbor Binding Settings page.
Security: IPV6 First Hop Security At t ac k Prot e cti o n 420 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 • A Neighbor Advertis ement (NA) mes sage is dropped if the target IP v6 address is bound with another int er face.
Se curit y : IPV6 First Hop S ecurit y Pol ic i e s, Gl ob al Pa ra mete r s a n d S y stem D efa ul t s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V.
Security: IPV6 First Hop Security Common T asks 422 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 When a user -defined p olicy is attache d to an interface, the default policy f or that int er face is detached.
Se curit y : IPV6 First Hop S ecurit y Comm on T asks Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 423 20 STEP 3 If required, either configur e a user -defined p olicy or add rules to the def ault p o l i c i e s fo r t h e fe a t u re .
Security: IPV6 First Hop Security Default Settings and C onfigur a tion 424 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 STEP 3 If requir ed, either configure a user -defin ed policy or add rules to the default p o l i c i e s for t h e fe a t u r e .
Se curit y : IPV6 First Hop S ecurit y Be f ore Y ou St art Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 425 20 B e for e Y ou Star t No preliminar y tasks are r equired.
Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 426 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 RA G.
Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 427 20 • Other C onfiguration Flag — This field specifie s verification of the adver tised O ther Configuration flag within an IP v6 R A Guard policy .
Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 428 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 T o cr eat e an R A Guard policy or to configur e the system-defined def ault policies , click Add and ent er the ab ove paramet ers.
Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 429 20 • Dev ice R ole —S elect either Ser v er or Clien t t o specify the role of the device attache d to the port f or DHCP v6 Guard.
Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 430 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 T o configure ND Inspection on p or ts or LAGs : STEP 1 Click Sec ur i ty > F irst Hop Se curit y > ND Insp e ction S et tings .
Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 431 20 STEP 5 If required, click either At t ac h Po l i c y to V L AN or Att ach Policy to Interface .
Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 432 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 STEP 4 Enter the f oll owing fiel ds: • Policy Name —Enter a user -defined p olicy name.
Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 433 2.
Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 434 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 FHS Status T o displa y the global configuration f or the FHS f eatures: STEP 1 Click Sec ur i ty > F irst Hop Se curit y > FHS St a tus.
Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 435 20 - Device Role: —ND Inspe ction device role. - Dro p Un s e cu re : —Are unsecure mes sages dropped.
Security: IPV6 First Hop Security Configuring F irst H op Se curit y through W eb GUI 436 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 20 FHS .
Se curit y : IPV6 First Hop S ecurit y Configuring F irs t Hop Se curit y through W eb GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 437 2.
22 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 457 S e curit y : S SH Client This section de scrib es the device when it functions as a n SS H client .
Secu r i ty: SSH C li e n t Pr o t ec tio n Me th ods Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 458 22 When files are downloaded via TF TP or HTTP , the data transf er is unsecured.
Security: SSH Client Pro te c tion Me thods 459 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 22 The username/password must then be cre ated on the device.
Secu r i ty: SSH C li e n t SSH S er ver Authentica tion Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 460 22 When a privat e k ey is crea ted on a dev ice, it is also pos sible to cr eat e an as sociated passph rase .
Security: SSH Client SSH Client Authen tica tion 461 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 22 S SH Client Authen tic a tion SS H client authentication by password is enabled by default , with the username/ password being “anon ymous ”.
Secu r i ty: SSH C li e n t Be f ore Y ou Begin Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 462 22 Be f o r e Y o u Beg i n The f ollowing a.
Security: SSH Client SSH Client Configur a tion Thr ough the GUI 463 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 22 STEP 4 If the public/privat e k ey method is being used, per f orm the f ollowing steps: a.
Secu r i ty: SSH C li e n t SSH Client Configur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 464 22 S SH User Authent.
Security: SSH Client SSH Client Configur a tion Thr ough the GUI 465 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 22 • Generate —Generate a ne w ke y . • Edit —Displa y the k eys f or copying/pasting to another device.
Secu r i ty: SSH C li e n t SSH Client Configur a tion Thr ough the GUI Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 466 22 - Link L o cal — The IP v6 addres s uniquely identifies hosts on a single network l ink .
Security: SSH Client SSH Client Configur a tion Thr ough the GUI 467 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 22 - Gl ob al — The IP v6 addres s is a global Unicast IPV 6 t ype that is visible and reachable from other netw orks.
21 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 438 S e curit y : S e cure S ensitive Da ta Man agement Secure Sensitive Data (SS D) is an archit ecture that facilitat es the prot e ction of sensitive data on a dev ice, such as passwo rds and k e ys.
Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t SSD R u les Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 439 21 SSD gr ants read permission to sensitive data on ly to authenticated and authorized users, and according to SSD rules.
Security: Secure Sensitive Data Ma nagement SSD R u les 440 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 NOTE A device may not suppor t all the channels defined by SS D .
Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t SSD R u les Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 441 21 - (Higher) Plain text On ly —Us ers are permitted to acc es s sensitive data in plainte x t only .
Security: Secure Sensitive Data Ma nagement SSD R u les 442 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 NOTE Not e the f ollowing : • The default Read mode f or the Secure XML SNMP and Inse cure XML SNMP management channe ls must be identical t o their r ead permission.
Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t SSD R u les Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 443 21 is recommended that the user authentication proce ss on a device is se cured.
Security: Secure Sensitive Data Ma nagement SSD Proper tie s 444 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 SSD D efault Re ad Mode S e s.
Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t SSD Proper tie s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 445 21 • Characte.
Security: Secure Sensitive Data Ma nagement SSD Proper tie s 446 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 • Unrestrict ed (default)— The devic e includes its pas sphrase when creating a configuration file.
Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t Configur a tion Files Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 447 21 Re ad Mode Each ses sion has a Read mode. This determines how sensi tive data appears.
Security: Secure Sensitive Data Ma nagement Configur a tion Files 448 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 The SS D indicator in a file is set acc ording t o the user ’ s instruction, during copy , to include encr ypted, plainte x t or ex clude sensitive data fr om a file.
Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t Configur a tion Files Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 449 21 • If .
Security: Secure Sensitive Data Ma nagement Configur a tion Files 450 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 • Configurat ion comma.
Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t Configur a tion Files Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 451 21 Sensiti.
Security: Secure Sensitive Data Ma nagement SSD Ma n a g em en t C ha nn e l s 452 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 S SD Management Channels Device s can be managed over management channels such as telnet, S S H, and web.
Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t Configuring SSD Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 453 21 Passwor d recover y is curr ently activated fr om the bo ot menu and allows the user t o log on to the t erminal without authentication.
Security: Secure Sensitive Data Ma nagement Configuring SSD 454 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21 • User D efine d (Plain tex t) —Ent er a new passphras e. • Con fir m P a ss ph r a se —Confirm the new pas sphrase.
Secu r ity: Sec u r e Se ns i t iv e D a ta M ana gem e n t Configuring SSD Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 455 21 • Read Permis sion— The read permissions ass ociated with the rule.
Security: Secure Sensitive Data Ma nagement Configuring SSD 456 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 21.
23 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 468 S e curit y : S SH S er ver This section de scribe s how to establish an S SH s es sion on the device.
Security: SSH Server Common T asks 469 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 23 C ommon T asks This se ction describ es so me common tasks per f ormed using the S SH S er ver fe a t u re .
Secu r i ty: SSH Se rver SSH Se rver Co n fig u r a ti o n P ages Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 470 23 S SH S er ver C onfigura tion Page s This section de scribe s the pages used to configure the SS H Se rve r fe a t u re .
Security: SSH Server SSH S er ver Configura tion Pages 471 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 23 • SSH Us er Authentic a tion by Public K ey —Sele ct to perform authentication of the SS H client user using the public key .
Secu r i ty: SSH Se rver SSH Se rver Co n fig u r a ti o n P ages Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 472 23 • Edit —Enables you to copy in a k ey fr om another device. • Del e t e —Enables you t o delet e a k ey .
Security: SSH Server SSH S er ver Configura tion Pages 473 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 23.
24 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 474 Access Co n tr o l The Acce ss C ontr ol List (ACL ) f eature is part of the se curity me chanism. ACL definitions ser ve as one of the mechanisms to define tra ffic f lows that ar e given a specific Quality of Ser vice (QoS).
Access Control Acces s Co n t r ol L is ts 475 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 When a pack et mat ches an ACE filt er , the ACE action is tak en and that A CL proces sing is st opped.
Acce ss Cont ro l De fin i ng M AC - ba sed A CL s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 476 24 Crea ting A CLs Work flow T o creat e ACLs and asso ciat e them with an int er face, per f orm the f ollowing : 1 .
Access Control De f i ni n g MA C - ba sed A C L s 477 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 MAC-base d ACLs ar e defined in the MAC Bas ed ACL page. The rule s are defined in the MAC Base d ACE page .
Acce ss Cont ro l De fin i ng M AC - ba sed A CL s Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 478 24 • Time Range —Sele ct to enable limiting the use of the ACL t o a specific time range.
Access Control IPv4-bas ed ACLs 479 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 IP v4-b as e d A CL s IP v 4-b ase d ACLs ar e used to check IPv4 pack ets, while other t ype s of frames, such as ARPs, are not checked.
Acce ss Cont ro l IPv4-b ase d A CLs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 480 24 Adding Rule s (ACEs) to an IP v4-B ase d ACL NOTE Each IPv 4-base d rule consumes one TC AM rule.
Access Control IPv4-bas ed ACLs 481 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 - EGP —Ex terior Gatewa y Prot oc ol - IGP —Int erior Gat eway Prot o col - UDP —User Datagram Prot ocol - HMP —Host Mapping Prot oc ol - RDP —Reliable Datagram Pr otocol.
Acce ss Cont ro l IPv4-b ase d A CLs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 482 24 • Sou rce I P Wi ldca rd M as k —Enter the mask to define a range of IP addresse s . Not e that this mask is diff er ent than in other uses, such as subnet mask .
Access Control IPv 6-B ase d A CLs 483 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 - D S CP to M a tc h —D i f feren t ia te d S e r ve .
Acce ss Cont ro l IPv6 -B ase d ACLs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 484 24 NOTE AC Ls are also used as the building elemen ts of flow definitions f or per -flow QoS handling (see QoS Ad va n ced M o de ).
Access Control IPv 6-B ase d A CLs 485 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 • Time Range —Select to enable limiting the use of the ACL to a specific time range. • Time Range Name —If T ime Range is sele cted, select the time range t o be use d.
Acce ss Cont ro l IPv6 -B ase d ACLs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 486 24 - Range —Sele ct a range of T CP /UDP source por ts to which the packet is matched. • Dest in a tio n P ort —S elect one of the a vailable values .
Access Control Defining ACL Bin ding 487 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 24 D efining ACL Binding When an ACL is bound to an interface ( por t , L AG or VL AN), its ACE rules are applied to pack ets arriving at tha t interface.
Acce ss Cont ro l Defining ACL B inding Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 488 24 • De fault Action —Select one of the f ollowing options: - Den y An y —If pack et does not match an ACL, it is denied (dropped) .
25 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 489 Qualit y of S er vic e The Quality of Ser vice f eature is applied throughout the network to ensur e that network traf fic is prioritized according t o requir ed criteria and the desi r ed traffi c r eceive s pr ef erential tr eatment .
Qualit y of S er vice QoS Fea tures and Comp onents Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 490 25 Q oS Fe a tures and C omp onen ts The QoS f eatur e is used to optimiz e network p er f ormanc e.
Quality of Service QoS Fea tures and Components 491 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 QoS Mod es The QoS mode that is sele ct ed applies to all int er faces in the system. • Ba s ic Mod e—Clas s of Ser vic e (CoS) .
Qualit y of S er vice QoS Fea tures and Comp onents Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 492 25 • When disabling Q oS, the shaper and queue set ting (WRR /SP bandwidth setting) ar e r eset t o defa ult valu es.
Quality of Service Configuring QoS - General 493 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 C onfiguring Q oS - General The QoS Propertie.
Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 494 25 STEP 2 Click Apply . The interface default CoS value is saved t o Running C onfiguration file.
Quality of Service Configuring QoS - General 495 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 T o select the priorit y method and enter WRR data. STEP 1 Click Qualit y of Ser vice > General > Queue .
Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 496 25 The f ollowing table de scribes the defau.
Quality of Service Configuring QoS - General 497 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 By changing the CoS/802.
Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 498 25 • The device is in Q oS Advanced mo de and the packets belongs t o flows that is DS CP trusted Non-IP pack ets ar e alwa ys classified to the best-eff ort queue.
Quality of Service Configuring QoS - General 499 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 The f ollowing table s des cribe the defaul t.
Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 500 25 DSCP 60 52 44 36 28 20 12 4 Queue 6 6 7 5.
Quality of Service Configuring QoS - General 501 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 The f ollowing table s des cribe the defaul t.
Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 502 25 STEP 3 Click Apply .
Quality of Service Configuring QoS - General 503 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 • Ingres s Commit te d Burst Size (CB S) —Enter the maximum burst size of data f or the ingress inter face in by tes of data.
Qualit y of S er vice Configuring QoS - General Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 504 25 This page enables shaping the egress f or up t o eight queues on each interface. STEP 4 Select the Interface .
Quality of Service Configuring QoS - General 505 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 T o define the VLAN ingres s rat e limit: STEP 1 Click Qualit y of Ser vice > General > VL AN Ingres s Rate Limit .
Qualit y of S er vice QoS Ba s i c Mod e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 506 25 Qo S Ba s i c M od e In QoS Basic mo de, a specific domain in the net work can be defined as trusted.
Quality of Service QoS Ba s i c M od e 507 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 • CoS/802. 1 p — T r affic is mappe d to queues base d on the VPT field in the VLAN tag, or bas ed on the per -por t default CoS/802.
Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 508 25 T o e n ter Q o S s e t t i ng s p e r in te r fa c e : STEP 1 Click Qualit y of Ser vic e > Qo S Bas i c Mod e > Interface S et tings .
Quality of Service QoS A dv a n ced M od e 509 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 • Per flow QoS ar e applied t o flows by binding the policies to the desir ed ports.
Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 510 25 4. Creat e a policy using the P olicy T able page, and as sociate the policy with one or mor e class map s using the P olicy Cl ass Map page.
Quality of Service QoS A dv a n ced M od e 511 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 In QoS A dv anced Mod e , when the Default Mode Status is set to Not T rust ed, the default CoS values configured on the inter face is ignor ed and all the traf fic goes to queue 1 .
Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 512 25 F or e xample: A ssume that there ar e three levels of servic e: Silver , Gold, and Platinum and the DS CP incoming values us ed to mark these levels are 10 , 20 , and 30 respectively .
Quality of Service QoS A dv a n ced M od e 513 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 T o define a Class Map : STEP 1 Click Qualit y of Ser vice > Qo S A d va n ced M ode > Clas s Mapping .
Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 514 25 This can be done by using the ACLs in the class map (s ) t o match the desired traffic, and by using a p olicer to apply the QoS on the mat ching traffic.
Quality of Service QoS A dv a n ced M od e 515 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 D efining Aggre ga te Policers An aggregat e policer applie s the QoS to one or mor e class maps , theref ore one or more flows.
Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 516 25 C onfiguring a Policy The Policy T able Map page displays the li st of advanced Q oS polices define d in the syst em.
Quality of Service QoS A dv a n ced M od e 517 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 STEP 3 T o add a new class map, click Add . STEP 4 En te r t h e p a r a me te r s . • Policy Name —Displays th e policy to which the class map is being added.
Qualit y of S er vice QoS A d va n ced M od e Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 518 25 If Polic e Typ e is Single , enter the f ollowing QoS parameters: • Ingres s Commit te d Information Ra te (CIR) —Ent er the CIR in Kbps.
Quality of Service Manag ing QoS Sta tisti cs 519 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 • Binding —Sele ct t o bind the policy t o the int er face. • Permit Any —Select to f or ward packets on the int er fac e if they do not mat ch an y policy .
Qualit y of S er vice Managing Q oS Sta tis tics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 520 25 • Out-of-Pr ofile By te s —Number of out-pr ofile by t es received. STEP 2 Click Add. STEP 3 Enter the parameters.
Quality of Service Manag ing QoS Sta tisti cs 521 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25 T o view Queues Statistic s: STEP 1 Click Qualit y of Ser vice > QoS S ta tis tics > Queues St atistics .
Qualit y of S er vice Managing Q oS Sta tis tics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 522 25 - Unit No —Sele cts the unit number . - Por t —Selects the por t on the sele cted unit number f or which statistic s are displa yed.
Quality of Service Manag ing QoS Sta tisti cs 523 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 25.
Qualit y of S er vice Managing Q oS Sta tis tics Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 524 25.
26 Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 521 SNMP Thi s sect io n desc ri bes t he Si mp le Netw or k Management Prot ocol (S NMP) f eatur e that pr ovides a method f or managing network device s.
SNMP SNMP V ersions and Workflow Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 522 26 SNMP v1 and v2 T o c ontro l acces s to the syst em, a list of communit y entries is define d. Each communit y entr y consists of a communit y strin g and its acc es s privilege.
SNMP SNMP V ersions and W ork flow 523 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 The f ollowing is the recommende d seri e s of actions f or configuring S NMP : If you decide to use S NMP v 1 or v 2: STEP 1 Na vigate t o the SNMP -> C ommunities page and click Add .
SNMP Model OIDs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 524 26 STEP 5 Optionally , enable or disable trap s by using the T rap Set tings page. STEP 6 Optionally , define a notification filter( s ) by using the Notification Filt er page.
SNMP SNMP Engine ID 525 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 The private Object IDs are placed under : enterprises( 1).cisc o(9 ).otherEnterprises (6).cis cosb ( 1).swit ch001 ( 101 ).
SNMP SNMP Engine ID Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 526 26 T o define the S NMP engine ID : STEP 1 Click SNMP > Engine ID . STEP 2 Cho ose which to use f or Lo c al Engine ID .
SNMP Configuring SNMP V iews 527 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 • Link Loc al Inter face —Select the link local int erface (if IP v6 Address T ype Link L ocal is sele cted) fr om the list .
SNMP Crea ting SNMP Groups Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 528 26 - Us e r De f i ne d —Enter an OID not off e r ed in the S elect from list option. STEP 4 Sele ct or des elect Include in view .
SNMP Crea ting SNMP Groups 529 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 • Authentication (Authentication and no privacy) • Authentication and privacy SN MPv3 provides a means of controlling the content each user can read or write and the notifications they r eceive.
SNMP Managing SNMP Us ers Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 530 26 • View —As so ciating a view with the read, write, and notify ac ces s privile ges of the gr oup limits the scope of the MIB tree to which the gr oup has r ead, write, and notify acce ss .
SNMP Managing SNMP Users 531 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 T o displa y SNMP us ers and define new ones : STEP 1 Click SNMP > Users . This page contains existing users. STEP 2 Click Add.
SNMP Defining SNMP Communities Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 532 26 • Authentication Password —If authentication is acc omplished by either a MD5 or a SH A password, ent er the local user pas sword in either Encr ypted or Plain te x t .
SNMP Defining SNMP Communit ies 533 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 T o define SNMP c ommunities : STEP 1 Click SNMP > Communitie s . This page contains a table of configured SNMP communitie s and their pr oper ties .
SNMP De fin i ng T r a p Se tti ngs Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 534 26 Read Write—Management acces s is read-writ e. Changes can be made t o the device configuration, but not to the communit y .
SNMP Notifica tion Recipients 535 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 Notific a tion Re cipients T rap mes sage s are generat e d to r ep or t syste m events, as define d in RFC 1215.
SNMP Notifi ca tion R ecipients Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 536 26 • T raps IP v4 Sourc e Inter face —Select the s our ce interface whos e IPv6 address wi ll be use d as the source IP v6 addres s in trap mes sa ges f or communication with IP v6 S NMP ser vers .
SNMP Notifica tion Recipients 537 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 • Ret rie s —Enter the number of time s that the device resends an inf orm re qu e st . • Communit y String —Sele ct from the pull-down the communit y string of the trap manager .
SNMP Notifi ca tion R ecipients Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 538 26 STEP 2 Click Add. STEP 3 Enter the parameters. • Ser ver Definition —S elect whether t o specify the remot e log ser ver by IP address or na me.
SNMP SNMP Notifi ca tion Filt ers 539 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26 NOTE The Securit y Lev el her e depends on which User Name was sele ct ed. If this User Name was configured as No Authentication, the Se curity Level is No Authentication only .
SNMP SNMP Notification F ilters Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 540 26 T o define a notification filter : STEP 1 Click SNMP > Notific a tion Filter . The Notification Filt er page contains no tification inf ormation for each filt er .
SNMP SNMP Notifi ca tion Filt ers 541 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26.
SNMP SNMP Notification F ilters Cisco Small Busines s 200, 300 and 500 Series Managed Swit ch Administration Guide (Int ernal V ersion) 542 26.
SNMP SNMP Notifi ca tion Filt ers 543 Cisco Small Busines s 200, 300 and 500 Series Manage d Switch Administration Guide (Internal V ersion) 26.
© 2012-2013 Cisco Systems, Inc. All rights r eser ved. 78-21349-01 Cisco and the Cisco logo are trademarks or registere d trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a li st of Cisco trademarks, go to this URL: www.
Een belangrijk punt na aankoop van elk apparaat Cisco Systems SG50028PK9NA (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen Cisco Systems SG50028PK9NA heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens Cisco Systems SG50028PK9NA vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding Cisco Systems SG50028PK9NA leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over Cisco Systems SG50028PK9NA krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van Cisco Systems SG50028PK9NA bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de Cisco Systems SG50028PK9NA kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met Cisco Systems SG50028PK9NA . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.