Ipecs Es-3052g User manual

SER

UIDE

iPECS is an Ericsson-LG Brand

Please read this manual carefully before

operating your set. Retain it for future reference.

ES-3052G / ES-3052GP

User Manual

SER

ANUAL

ES-3052 Series

ES-3052G MANAGED 52-PORT GE SWITCH

Layer 2 Managed Switch

with 48 10/100/1000BASE-T (RJ-45) Ports,

and 4 Gigabit SFP Ports

ES-3052GP MANAGED 52-PORT GE POE SWITCH

Layer 2 Managed Switch

with 48 10/100/1000BASE-T (RJ-45) PoE Ports,

and 4 Gigabit SFP Ports

ES-3052G

ES-3052GP

E042013/ST-R01

149100000226A

– 3 –

ES-3052 Series

ABOUT THIS GUIDE

PURPOSE This guide gives specific information on how to operate and use the

management functions of the switch.

AUDIENCE The guide is intended for use by network administrators who are

responsible for operating and maintaining network equipment;

consequently, it assumes a basic working knowledge of general switch

functions, the Internet Protocol (IP), and Simple Network Management

Protocol (SNMP).

CONVENTIONS The following conventions are used throughout this guide to show

information:

OTE

Emphasizes important information or calls your attention to related

features or instructions.

AUTION

Alerts you to a potential hazard that could cause loss of data, or

damage the system or equipment.

ARNING

Alerts you to a potential hazard that could cause personal injury.

NOTICE OF CHANGES Ericsson-LG reserves the right to change specifications at any time without

notice.

RELATED PUBLICATIONS The following publication details the hardware features of the switch,

including the physical and performance-related characteristics, and how to

install the switch:

The Installation Guide

Also, as part of the switch’s software, there is an online web-based help

that describes all management related features.

BOUT

HIS

UIDE

– 4 –

ES-3052 Series

REVISION HISTORY This section summarizes the changes in each revision of this guide.

APRIL 2013 REVISION

This is the first version of this guide. This guide is valid for software release

v1.2.16.0.

– 5 –

ES-3052 Series

CONTENTS

ABOUT THIS GUIDE 3

CONTENTS 5

FIGURES 31

TABLES 41

SECTION I GETTING STARTED 47

1INTRODUCTION 49

Key Features 49

Description of Software Features 50

System Defaults 54

2INITIAL SWITCH CONFIGURATION 57

Connecting to the Switch 57

Configuration Options 57

Required Connections 58

Remote Connections 59

Basic Configuration 60

Console Connection 60

Setting Passwords 60

Setting an IP Address 61

Downloading a Configuration File Referenced by a DHCP Server 67

Enabling SNMP Management Access 69

Managing System Files 71

Saving or Restoring Configuration Settings 72

SECTION II WEB CONFIGURATION 75

3USING THE WEB INTERFACE 77

Connecting to the Web Interface 77

ONTENTS

– 6 –

ES-3052 Series

Navigating the Web Browser Interface 78

Home Page 78

Configuration Options 79

Panel Display 79

Showing Status Information 80

Main Menu 81

4BASIC MANAGEMENT TASKS 95

Displaying System Information 95

Displaying Switch Hardware/Software Versions 97

Configuring Support for Jumbo Frames 98

Displaying Bridge Extension Capabilities 99

Managing System Files 101

Copying Files via FTP/TFTP or HTTP 101

Saving the Running Configuration to a Local File 103

Setting The Start-Up File 104

Showing System Files 104

Automatic Operation Code Upgrade 105

Setting the System Clock 110

Setting the Time Manually 110

Setting the SNTP Polling Interval 111

Specifying SNTP Time Servers 112

Setting the Time Zone 113

Configuring Summer Time 114

Configuring the Console Port 116

Configuring Telnet Settings 118

Displaying CPU Utilization 120

Displaying Memory Utilization 121

Resetting the System 121

5INTERFACE CONFIGURATION 127

Port Configuration 127

Configuring by Port List 127

Configuring by Port Range 130

Displaying Connection Status 131

Configuring Local Port Mirroring 132

Configuring Remote Port Mirroring 134

Showing Port or Trunk Statistics 138

ONTENTS

– 7 –

ES-3052 Series

Performing Cable Diagnostics 142

Trunk Configuration 144

Configuring a Static Trunk 145

Configuring a Dynamic Trunk 148

Displaying LACP Port Counters 153

Displaying LACP Settings and Status for the Local Side 154

Displaying LACP Settings and Status for the Remote Side 156

Configuring Trunk Mirroring 158

Saving Power 160

Traffic Segmentation 162

Enabling Traffic Segmentation 162

Configuring Uplink and Downlink Ports 163

VLAN Trunking 164

6 VLAN CONFIGURATION 167

IEEE 802.1Q VLANs 167

Configuring VLAN Groups 170

Adding Static Members to VLANs 171

Configuring Dynamic VLAN Registration 176

IEEE 802.1Q Tunneling 180

Enabling QinQ Tunneling on the Switch 184

Adding an Interface to a QinQ Tunnel 185

Protocol VLANs 187

Configuring Protocol VLAN Groups 187

Mapping Protocol Groups to Interfaces 189

Configuring IP Subnet VLANs 191

Configuring MAC-based VLANs 193

Configuring VLAN Mirroring 195

7ADDRESS TABLE SETTINGS 197

Setting Static Addresses 197

Changing the Aging Time 199

Displaying the Dynamic Address Table 200

Clearing the Dynamic Address Table 201

Configuring MAC Address Mirroring 202

8SPANNING TREE ALGORITHM 205

Overview 205

Configuring Loopback Detection 208

ONTENTS

– 8 –

ES-3052 Series

Configuring Global Settings for STA 209

Displaying Global Settings for STA 215

Configuring Interface Settings for STA 216

Displaying Interface Settings for STA 220

Configuring Multiple Spanning Trees 222

Configuring Interface Settings for MSTP 226

9CONGESTION CONTROL 229

Rate Limiting 229

Storm Control 231

Automatic Traffic Control 234

Setting the ATC Timers 235

Configuring ATC Thresholds and Responses 237

10 CLASS OF SERVICE 241

Layer 2 Queue Settings 241

Setting the Default Priority for Interfaces 241

Selecting the Queue Mode 242

Mapping CoS Values to Egress Queues 245

Layer 3/4 Priority Settings 248

Setting Priority Processing to DSCP or CoS 248

Mapping Ingress DSCP Values to Internal DSCP Values 249

Mapping CoS Priorities to Internal DSCP Values 252

11 QUALITY OF SERVICE 255

Overview 255

Configuring a Class Map 256

Creating QoS Policies 259

Attaching a Policy Map to a Port 269

12 VOIP TRAFFIC CONFIGURATION 271

Overview 271

Configuring VoIP Traffic 272

Configuring Telephony OUI 273

Configuring VoIP Traffic Ports 275

13 SECURITY MEASURES 279

AAA Authorization and Accounting 280

Configuring Local/Remote Logon Authentication 281

Configuring Remote Logon Authentication Servers 282

Configuring AAA Accounting 287

ONTENTS

– 9 –

ES-3052 Series

Configuring AAA Authorization 292

Configuring User Accounts 296

Web Authentication 298

Configuring Global Settings for Web Authentication 298

Configuring Interface Settings for Web Authentication 299

Network Access (MAC Address Authentication) 300

Configuring Global Settings for Network Access 303

Configuring Network Access for Ports 304

Configuring Port Link Detection 306

Configuring a MAC Address Filter 307

Displaying Secure MAC Address Information 309

Configuring HTTPS 311

Configuring Global Settings for HTTPS 311

Replacing the Default Secure-site Certificate 312

Configuring the Secure Shell 314

Configuring the SSH Server 317

Generating the Host Key Pair 318

Importing User Public Keys 320

Access Control Lists 322

Showing TCAM Utilization 323

Setting the ACL Name and Type 324

Configuring a Standard IPv4 ACL 326

Configuring an Extended IPv4 ACL 327

Configuring a Standard IPv6 ACL 331

Configuring an Extended IPv6 ACL 333

Configuring a MAC ACL 335

Configuring an ARP ACL 337

Binding a Port to an Access Control List 339

ARP Inspection 340

Configuring Global Settings for ARP Inspection 341

Configuring VLAN Settings for ARP Inspection 343

Configuring Interface Settings for ARP Inspection 345

Displaying ARP Inspection Statistics 346

Displaying the ARP Inspection Log 348

Filtering IP Addresses for Management Access 349

Configuring Port Security 351

ONTENTS

– 10 –

ES-3052 Series

Configuring 802.1X Port Authentication 353

Configuring 802.1X Global Settings 355

Configuring Port Authenticator Settings for 802.1X 356

Configuring Port Supplicant Settings for 802.1X 361

Displaying 802.1X Statistics 363

IP Source Guard 365

Configuring Ports for IP Source Guard 365

Configuring Static Bindings for IP Source Guard 367

Displaying Information for Dynamic IP Source Guard Bindings 369

DHCP Snooping 370

DHCP Snooping Configuration 373

DHCP Snooping VLAN Configuration 374

Configuring Ports for DHCP Snooping 375

Displaying DHCP Snooping Binding Information 376

DoS Protection 377

14 BASIC ADMINISTRATION PROTOCOLS 379

Configuring Event Logging 379

System Log Configuration 379

Remote Log Configuration 382

Sending Simple Mail Transfer Protocol Alerts 383

Link Layer Discovery Protocol 387

Setting LLDP Timing Attributes 387

Configuring LLDP Interface Attributes 389

Configuring LLDP Interface Civic-Address 393

Displaying LLDP Local Device Information 396

Displaying LLDP Remote Port Information 399

Displaying Device Statistics 404

Power Over Ethernet 406

Displaying the Switch’s Overall PoE Power Budget 407

Setting The Port PoE Power Budget 408

Simple Network Management Protocol 410

Configuring Global Settings for SNMP 412

Setting the Local Engine ID 413

Specifying a Remote Engine ID 414

Setting SNMPv3 Views 416

Configuring SNMPv3 Groups 419

ONTENTS

– 11 –

ES-3052 Series

Setting Community Access Strings 423

Configuring Local SNMPv3 Users 424

Configuring Remote SNMPv3 Users 426

Specifying Notification Managers 429

Remote Monitoring 434

Configuring RMON Alarms 434

Configuring RMON Events 437

Configuring RMON History Samples 440

Configuring RMON Statistical Samples 443

Switch Clustering 446

Configuring General Settings for Clusters 447

Cluster Member Configuration 448

Managing Cluster Members 450

Setting A Time Range 451

15 IP CONFIGURATION 455

Using the Ping Function 455

Address Resolution Protocol 457

Setting the ARP Timeout 457

Displaying ARP Entries 458

Setting the Switch’s IP Address (IP Version 4) 459

Setting the Switch’s IP Address (IP Version 6) 462

Configuring the IPv6 Default Gateway 462

Configuring IPv6 Interface Settings 463

Configuring an IPv6 Address 465

Showing IPv6 Addresses 467

Showing the IPv6 Neighbor Cache 469

Showing IPv6 Statistics 471

16 IP SERVICES 477

Configuring General DNS Service Parameters 477

Configuring a List of Domain Names 478

Configuring a List of Name Servers 480

Configuring Static DNS Host to Address Entries 481

Displaying the DNS Cache 483

17 MULTICAST FILTERING 485

Overview 485

ONTENTS

– 12 –

ES-3052 Series

Layer 2 IGMP (Snooping and Query) 486

Configuring IGMP Snooping and Query Parameters 488

Specifying Static Interfaces for a Multicast Router 491

Assigning Interfaces to Multicast Services 493

Setting IGMP Snooping Status per Interface 496

Displaying Multicast Groups Discovered by IGMP Snooping 501

Filtering and Throttling IGMP Groups 502

Enabling IGMP Filtering and Throttling 502

Configuring IGMP Filter Profiles 503

Configuring IGMP Filtering and Throttling for Interfaces 506

Multicast VLAN Registration 507

Configuring Global MVR Settings 509

Configuring MVR Interface Status 510

Assigning Static Multicast Groups to Interfaces 512

Showing Multicast Group Members 514

SECTION III COMMAND LINE INTERFACE 515

18 USING THE COMMAND LINE INTERFACE 517

Accessing the CLI 517

Console Connection 517

Telnet Connection 518

Entering Commands 519

Keywords and Arguments 519

Minimum Abbreviation 519

Command Completion 519

Getting Help on Commands 520

Partial Keyword Lookup 521

Negating the Effect of Commands 521

Using Command History 521

Understanding Command Modes 522

Exec Commands 522

Configuration Commands 523

Command Line Processing 524

Showing Status Information 525

Output Modifiers 526

ONTENTS

– 13 –

ES-3052 Series

CLI Command Groups 526

19 GENERAL COMMANDS 529

prompt 529

reload (Global Configuration) 530

enable 531

quit 532

show history 532

configure 533

disable 534

reload (Privileged Exec) 534

show reload 535

end 535

exit 535

20 SYSTEM MANAGEMENT COMMANDS 537

Device Designation 537

hostname 538

System Status 538

show access-list tcam-utilization 539

show memory 539

show process cpu 540

show running-config 540

show startup-config 541

show system 542

show tech-support 543

show users 543

show version 544

Frame Size 545

jumbo frame 545

File Management 546

boot system 547

copy 548

delete 551

dir 551

whichboot 552

upgrade opcode auto 553

upgrade opcode path 554

ONTENTS

– 14 –

ES-3052 Series

Line 556

line 556

databits 557

exec-timeout 558

parity 559

password 560

password-thresh 561

silent-time 562

speed 562

stopbits 563

timeout login response 564

disconnect 564

show line 565

Event Logging 566

logging facility 566

logging history 567

logging host 568

logging on 568

logging trap 569

clear log 569

show log 570

show logging 571

SMTP Alerts 572

logging sendmail 573

logging sendmail host 573

logging sendmail level 574

logging sendmail destination-email 574

logging sendmail source-email 575

show logging sendmail 576

Time 576

sntp client 577

sntp poll 578

sntp server 578

show sntp 579

clock summer-time 579

ONTENTS

– 15 –

ES-3052 Series

clock timezone 581

clock timezone-predefined 581

calendar set 582

show calendar 583

Time Range 583

time-range 583

absolute 584

periodic 585

show time-range 586

Switch Clustering 586

cluster 588

cluster commander 588

cluster ip-pool 589

cluster member 590

rcommand 590

show cluster 591

show cluster members 591

show cluster candidates 592

21 SNMP COMMANDS 593

snmp-server 594

snmp-server community 595

snmp-server contact 595

snmp-server location 596

show snmp 596

snmp-server enable traps 597

snmp-server host 598

snmp-server engine-id 601

snmp-server group 602

snmp-server user 603

snmp-server view 604

show snmp engine-id 605

show snmp group 606

show snmp user 607

show snmp view 608

nlm 608

snmp-server notify-filter 609

ONTENTS

– 16 –

ES-3052 Series

show nlm oper-status 610

show snmp notify-filter 611

22 REMOTE MONITORING COMMANDS 613

rmon alarm 614

rmon event 615

rmon collection history 616

rmon collection rmon1 617

show rmon alarms 618

show rmon events 618

show rmon history 618

show rmon statistics 619

23 AUTHENTICATION COMMANDS 621

User Accounts 621

enable password 622

username 623

Authentication Sequence 624

authentication enable 624

authentication login 625

RADIUS Client 626

radius-server acct-port 626

radius-server auth-port 627

radius-server host 627

radius-server key 628

radius-server retransmit 628

radius-server timeout 629

show radius-server 629

TACACS+ Client 630

tacacs-server host 630

tacacs-server key 631

tacacs-server port 632

show tacacs-server 632

AAA 633

aaa accounting commands 633

aaa accounting dot1x 634

aaa accounting exec 635

aaa accounting update 636

ONTENTS

– 17 –

ES-3052 Series

aaa authorization exec 637

aaa group server 638

server 638

accounting dot1x 639

accounting exec 639

authorization exec 640

show accounting 640

Web Server 641

ip http port 642

ip http server 642

ip http secure-server 643

ip http secure-port 644

Telnet Server 645

ip telnet max-sessions 645

ip telnet port 646

ip telnet server 646

show ip telnet 647

Secure Shell 647

ip ssh authentication-retries 650

ip ssh server 650

ip ssh server-key size 651

ip ssh timeout 652

delete public-key 652

ip ssh crypto host-key generate 653

ip ssh crypto zeroize 654

ip ssh save host-key 654

show ip ssh 655

show public-key 655

show ssh 656

802.1X Port Authentication 657

dot1x default 658

dot1x eapol-pass-through 658

dot1x system-auth-control 659

dot1x intrusion-action 659

dot1x max-req 660

dot1x operation-mode 660

ONTENTS

– 18 –

ES-3052 Series

dot1x port-control 661

dot1x re-authentication 662

dot1x timeout quiet-period 662

dot1x timeout re-authperiod 663

dot1x timeout supp-timeout 663

dot1x timeout tx-period 664

dot1x re-authenticate 664

dot1x identity profile 665

dot1x max-start 666

dot1x pae supplicant 666

dot1x timeout auth-period 667

dot1x timeout held-period 667

dot1x timeout start-period 668

show dot1x 668

Management IP Filter 671

management 671

show management 672

24 GENERAL SECURITY MEASURES 675

Port Security 676

port security 676

Network Access (MAC Address Authentication) 678

network-access aging 679

network-access mac-filter 679

mac-authentication reauth-time 680

network-access dynamic-qos 681

network-access dynamic-vlan 682

network-access guest-vlan 683

network-access link-detection 683

network-access link-detection link-down 684

network-access link-detection link-up 684

network-access link-detection link-up-down 685

network-access max-mac-count 685

network-access mode mac-authentication 686

network-access port-mac-filter 687

mac-authentication intrusion-action 688

mac-authentication max-mac-count 688

ONTENTS

– 19 –

ES-3052 Series

clear network-access 689

show network-access 689

show network-access mac-address-table 690

show network-access mac-filter 691

Web Authentication 691

web-auth login-attempts 692

web-auth quiet-period 693

web-auth session-timeout 693

web-auth system-auth-control 694

web-auth 694

web-auth re-authenticate (Port) 695

web-auth re-authenticate (IP) 695

show web-auth 696

show web-auth interface 696

show web-auth summary 697

DHCP Snooping 697

ip dhcp snooping 698

ip dhcp snooping database flash 700

ip dhcp snooping information option 700

ip dhcp snooping information policy 701

ip dhcp snooping verify mac-address 702

ip dhcp snooping vlan 702

ip dhcp snooping trust 703

clear ip dhcp snooping database flash 704

show ip dhcp snooping 705

show ip dhcp snooping binding 705

IP Source Guard 706

ip source-guard binding 706

ip source-guard 708

ip source-guard max-binding 709

show ip source-guard 710

show ip source-guard binding 710

ARP Inspection 711

ip arp inspection 712

ip arp inspection filter 713

ip arp inspection log-buffer logs 714

ONTENTS

– 20 –

ES-3052 Series

ip arp inspection validate 715

ip arp inspection vlan 715

ip arp inspection limit 716

ip arp inspection trust 717

show ip arp inspection configuration 718

show ip arp inspection interface 718

show ip arp inspection log 719

show ip arp inspection statistics 719

show ip arp inspection vlan 719

Denial of Service Protection 720

flow tcp-udp-port-zero 720

25 ACCESS CONTROL LISTS 723

IPv4 ACLs 723

access-list ip 724

permit, deny, redirect-to (Standard IP ACL) 725

permit, deny, redirect-to (Extended IPv4 ACL) 726

ip access-group 729

show ip access-group 729

show ip access-list 730

IPv6 ACLs 731

access-list ipv6 731

permit, deny, redirect-to (Standard IPv6 ACL) 732

permit, deny, redirect-to (Extended IPv6 ACL) 733

show ipv6 access-list 735

ipv6 access-group 735

show ipv6 access-group 736

MAC ACLs 737

access-list mac 737

permit, deny, redirect-to

(MAC ACL) 738

mac access-group 740

show mac access-group 741

show mac access-list 741

ARP ACLs 742

access-list arp 742

permit, deny (ARP ACL) 743

show arp access-list 744

This manual suits for next models

Table of contents

Other iPECS Switch manuals

iPECS

iPECS ES-3024GP User manual

Popular Switch manuals by other brands

ELCART

ELCART 42/12752 user manual

Manhattan

Manhattan IDATA HDMI-31DMH instructions

Ritual Electronics

Ritual Electronics Crime instruction manual

AAxeon

AAxeon LNP-600N user manual

Amer.com

Amer.com ATCSGR24021125 user guide

Hypercable

Hypercable TNS5310-C2P Quick installation guide

Moxa Technologies

Moxa Technologies EDS-2005-EL Series Quick installation guide

Edge-Core

Edge-Core AS7716-24SC quick start guide

Chamberlain

Chamberlain SMART GARAGE MYQ-G0301 user manual

DVDO

DVDO HDMI-KVM-21 user manual

FLIR

FLIR ACCDPS262B quick start guide

Marantz

Marantz VS3002 Specification sheet

Laser

Laser AO-USB3HUB quick start guide

UTEPO

UTEPO utp3106-psb Quick installation guide

Avocent

Avocent AutoView 1000R Brochure & specs

Pixelfly

Pixelfly TRIO-WPS42U user manual

Altusen

Altusen Altusen KH-0116 user manual

Extron electronics

Extron electronics FOX SW8 MM user guide

iPECS ES-3052G User manual

Popular Switch manuals by other brands