EnGenius EGS7228P User Manual

User ManualBusiness SolutionsUser ManualBusiness SolutionsLayer 2 Managed PoE+ Switch Neutron SeriesEGS5212FP | EGS7228P | EGS7228FP | EGS7252FPversio

10L2 Features Continued:Web-based supportSNMP v1 supportSNMP v2c supportSNMP v3 supportTFTP upgradeCommand Line Interface (CLI)SNTPRMONv1SYSLOGCable D

100Source IP Wildcard Mask:Enter the mask of the new source IP address.VLAN ID:Enter the VLAN ID to which the IP ad-dress is attached in IPv4-Based AC

101IPv6 ACLAllowsanIPv6BasedACLtobedened.Index:Displays the current number of ACLs.Name: Enter the IPv6 based ACL name. You can use up to 32 a

102IPv6 Based ACEAllows IPv6 Based Access Control Entry (ACE) to be de-nedwithinaconguredACL.ACL Name:Select the ACL from the list. Sequence:Ent

103VLAN ID:Enter the VLAN ID to which the IP address is attached in IPv4-Based ACE. The range is from 1-4094.802.1p Value: Enterthe802.1pvalue.The

104ACL BindingACLBindingisacongurationsettingthatallowsauserto choose a particular ACL for an ACL check. An ACL check is an additional chec

105QoSQuality of Service (QoS) provides the ability to implement priorityqueuingwithinanetwork.QoSenablestrafctobeprioritized,whileexcess

106CoS MappingUse the Class of Service (CoS) Mapping feature to specify whichinternaltrafcclasstomaptothecorrespondingCoS value. CoS allows

107DSCP MappingUse Differentiated Services Code Point (DSCP) Mapping featuretospecifywhichinternaltrafcclasstomaptothe corresponding DSCP v

108Port SettingsFromhere,youcanconguretheQoSportsettingsforthe Switch. Select a port you wish to set and choose a CoS value from the drop-d

109Bandwidth ControlTheBandwidthControlfeatureallowsuserstodenethebandwidthsettingsforaspeciedport’sIngressRate Limit and Egress Rat

11Physical InterfaceDimensionsEGS5212FPWidth: 13” Length: 9” Height: 1.73”DimensionsEGS7228P & EGS7228FPWidth: 9.45” Length: 4.13” Height: 1.0

110Storm ControlStorm Control limits the amount of Broadcast, Unknown Multicast, and Unknown Unicast frames accepted and forwarded by the Switch. Stor

111Security802.1XThe IEEE-802.1X port-based authentication providesa security standard for network access control with RADIUS servers and holds a

112Global SettingsFrom here, you can select whether to Enable or Disable 802.1XfortheSwitch.Ifenabled,nextchoosewhetherto Enable or Disable

113Port SettingsFromhere,youcanconguretheportsettingsastheyrelateto802.1X.First,selectthemodefromthedrop-down box. Next, choose wh

114Authenticated Host The Authenticated Host section displays the authenticated User Name, Port, Session Time, Authenticated Method, and Mac Address.

115Radius ServerRADIUS (Remote Authorization Dial-In User Service) servers provide security for networks. Radius servers provide authentication and au

116AccessHttp(s) SettingsThe EnGenius Layer 2 PoE+ Switch provides a built-in browserinterfacethatenablesyoutocongureandmanage the Switch via

117Telnet SettingsFromhere,youcancongureandmanagetheSwitch’sTelnet protocol settings. The Telnet protocol is a standard internet protocol wh

118SSH Settings Secure Shell (SSH) is a cryptographic network protocol for secure data communication network services. SSH is a way of accessing the c

119Console SettingsFromhere,youcanconguretheConsoleServicesettings for the Switch. Session Timeout:Enter the amount of time that elapses befo

12DimensionsEGS7252FPWidth: 17.3” Length: 16.1” Height: 1.7”established on the port; Solid Amber Light = A valid 10/100 Mpbs link is established on

120Port SecurityNetwork security can be increased by limiting access on aspecicporttouserswithspecicMACaddresses.PortSecurity prevents una

121DoSDoS (Denial of Service) is used for classifying and blockingspecictypesofDoSattacks.Fromhere,youcanconguretheSwitchtomonitorand

122DMAC = SMAC: Select Enabled or Disabled from the list.Land: Select Enabled or Disabled from the list.UDP Blat: Select Enabled or Disabled from th

123Port SettingsFromhereyoucancongurethePortSettingsforDoSfor the Switch. Select from the drop down list whether you wish to Enable or Disa

124MonitoringPort StatisticsThe Port Statistics section displays a summary of all port trafcstatisticsregardingthemonitoringfeaturesonthe Swit

125RMONRemote Network Monitoring, or RMON is used for sup-port monitoring and protocol analysis of LANS by en-abling various network monitors and cons

126Event Log TableFromhere,youcanviewspecicEventlogsfortheSwitch. Choose an Event log you wish to view fromt he drop-down list.Event Log Ta

127Alarm ListYoucancongureNetworkalarmstooccurwhenanet-work problem is detected. Choose your preferences for the alarm from the drop-down bo

128History ListThe RMON History List screen contains information about samples of data taken from the ports.Index:Enter the entry number for the Histo

129History Log TableFrom here, you can view the History Index for History Logs on the Switch. Select a History Index to view from the drop-down box.Hi

13The EGS Layer 2 PoE+ Switch features an embedded Web interface for the monitoring and management of your device. Management Interface

130StatisticsThe Statistics page displays general information about the Switch in terms of its ports and packet transmis-sions.Port:Selectthespecic

131Code Severity Description General Description0Emergency System is unusable A emergency condition usu-ally affecting multiple apps/servers/sites. D

132Global SettingsFrom here, you can Enable or Disable the Log settings for the Switch.Logging Service:Use the radio buttons to enable or disable the

133Local Logging:From here, you can discover the paths that a packet takes to a destination.The Switch supports log output to two directions: Flash an

134Click the Apply button to accept the changes or the Cancel button to discard them.

135Remote Logging:From here, you can discover the paths that a packet takes to a destination. Remote logging enables the Switch to send system logs to

136Log Table:From here, users can view and delete the history log. Select the Log Target you wish to view from the drop-down box.No.:A counter increme

137DiagnosticsCable DiagnosticsCable Diagnostics helps you to detect whether your cable has connectivity problems provides information about where err

138Ping TestThe Packet INternet Groper (Ping)Test allows you to verify connectivity to remote hosts. The Ping test operates by sending Internet Contro

139IPv6 Ping TestSend a ping request to a specied IPv6 address. Checkwhether the Switch can communicate with a particular network host befo

14Connecting the Switch to a NetworkDiscovery in a Network with a DHCP ServerUse this procedure to setup the Switch within a network that uses DHCP.1.

140Trace RouteThe traceroute feature is used to discover the routes that packets take when traveling to their destination. It will list all the router

141Chapter 3Maintenance

142Maintenance functions are available from the maintenance bar. Maintenance functions include: saving congurationsettings,upgrading rmware,

143Upgrading WARNING!Backupyourcongurationinformationbefore upgrading to prevent loss of settings information.Follow this procedure to upgrade t

144RebootingFollow this procedure to reboot the Switch.1. Click to start the reboot process.2. When a prompt displays, click OKtoconrmt

145 Appendix

146Quick Reference GuideHardware SpecicationsModel EGS5212FP EGS7228P EGS7228FP EGS7252FPConnectorsGigabit RJ45 Ports10 24 24 48Gigabit SFP Ports 2

147Federal Communication Commission Interference StatementThis equipment has been tested and found to comply with the limits for a Class B digital dev

148Industry Canada StatementThis device complies with RSS-210 of the Industry Canada Rules. Operation is subject to the following two conditions: (1)

149Europe – EU Declaration of ConformityThis device complies with the essential requirements of the R&TTE Directive 1999/5/EC. The following test

15Discovery on a Network without a DHCP ServerThis section describes how to set up the EGS Layer 2 Switch in a network without a DHCP server. If your

150This device is a 5GHz wideband transmission system (transceiver), intended for use in all EU member states and EFTA countries, except in France and

151Français [French] Par la présente [nom du fabricant] déclare que l’appareil [type d’appareil] est conforme aux exigences essentielles et aux autre

16Use this procedure to access the management interface throughaWebbrowserfordeviceconguration.1. Open a Web browser on your computer and ente

17 Chapter 2Management

18The navigation pane at the left of the Web browser interface contains a System tab that enables you to manage your EGS Layer 2 Switch with features

19SummaryThe Summary screen contains general device information about the Switch, including the device name, Firmware version, MAC address, IP address

2IMPORTANTTo install your Switch please refer to the Quick Installation Guide included in the product packaging.

20IP SettingsThe IP Setting screen contains elds for assigning IPaddresses.IPaddressesareeitherdenedasstaticorareretrieved using

21Dynamic IP Address (DHCP):EnablestheIPaddresstobeconguredautomatically by the DHCP server. Select this option if you have a DHCP server that

22IPv6 State:Select whether you wish to enable Auto Conguration,DHCPv6Client,orStaticforthe IPv6 address.Auto Conguration:Use this option to s

23System TimeUsetheSystemTimescreentoviewandadjustdateandtime settings.The Switch supports Simple Network Time Protocol (SNTP). SNTP assure

24To congure date/time through SNMP:1. Next to the Enable SNTP, select Enable.2. In the Time Zone Offset list, select by country or by the Coordinate

25Port SettingsUsethisscreentoviewandcongureSwitchportsettings.ThePortSettingsfeatureletsyouchangethecongurationoftheportsont

26Flow Control:Aconcentrationoftrafconaportdecreasesportbandwidth and overows buffer memory causingpacket discards and frame losses.

27PoE Power BudgetThe PoE Management screen contains system PoE information for monitoring the current power usage and assigns the total amount of po

28PoE Port SettingsThe EnGenius Layer 2 PoE+ Switches supports Power over Ethernet (PoE) as dened by the IEEE 802.3af and802.3at.Allports

29Class(Auto): Showstheclassicationofthepowereddevice.Theclassdenesthemaximumpowerthatcanbeprovidedtothepowereddevice.Thepossi

3Chapter 1 Product Overview... 6 Introduction/Package Contents...

30Apply: Click APPLY to update the the system settings.

31UsetheEEECongurationpagetocongureEnergyEfcientEthernet.Port:Display the port for which the EEEE setting is displayed.EEE Status: Enable

32L2 FeaturesThe L2 Feature tab exhibits complete standard-based Layer 2 switching capabilities, including: Link Aggregation, 802.1D single Spanning

33Whenyouaggregateports,theportsandLAGmustfulllthe following conditions: • All ports within a LAG must be the same media/ format type.

34Port TrunkingPort Trunking allows you to assign physical links to one logical link that functions as a single, higher-speed link, providing dramatic

35LACP SettingsAssign a system priority to run with Link Aggregation Control Protocol (LACP) and is become for a backup link if a link goes down. The

36LACP TimeoutLink Aggregation Control Protocol (LACP) allows the exchange of information with regard to the link aggregation between two members of a

37Mirror SettingsMirrorsnetworktrafcbyforwardingcopiesofincomingandoutgoingpacketsfromspecicportstoamonitoringport. The packet that

38NOTE: You cannot mirror a faster port onto a slower port. Forexample,ifyoutrytomirrorthetrafcfroma100Mbps port onto a 10 Mbps port, thi

39STP The Spanning Tree Algorithm (STA) can be used to detect and disable network loops, and to provide backup links between Switches. This allows the

4 - VLAN Settings... 70 - Group List...

40Once a stable network topology has been established, all bridges listen for Hello Bridge Protocol Data Units (BPDUs) transmitted from the Root Bridg

41Spanning Tree LoopsLoops occur when alternate routes exist between hosts. Loops in an extended network can cause the Switch toforwardtrafcinden

42RSTP on the other hand is much faster than STP. It can complete a convergence in seconds, so it greatly dimin-ishes the possible impact the process

43Root BridgeThe Root Bridge serves as an administrative point for all Spanning Tree calculations to determine which redundant links to block in order

44Root Address: Displays the Root Bridge MAC address. Root in Root Bridge refers to the base of the span-ningtree,whichtheSwitchcouldbecong-ur

45Port Settings STP and RSTP help guard against the formation of loops in an Ethernet network topology. A loop occurs when nodes transmit packets to e

46Edge PortsAn edge port changes its initial STP port state from a blocking state to a forwarding state immediately without going through listening an

47CIST Instance SettingsThe Common Instance Spanning Tree (CIST) protocol is formed by the spanning-tree algorithm running among bridgesthatsupport

48Enter the information to set up CIST for the Switch:Priority: Select from the list to specify the priority of the Switch for comparison in the CIST.

49CIST Port SettingsUsetheCISTPortsSettingspagetocongureandviewSTA attributes for interfaces when the spanning tree mode is set to STP or R

5 - Authenticated Host... 114 - Radius Server...

50Apply: Click APPLY to update the the system settings.Designated Root Bridge: Displays the Root Bridge for the CST. It is comprised using the bridge

51MST Instance SettingsMultiple Spanning Tree Protocol, or MSTP enables the grouping of multiple VLANs with the same topology requirements into one Mu

52MST ID: Displays the ID of the MST group that is created. A maximum of 15 groups can be set for the Switch.VLAN List:Enter the VLAN ID range from fo

53MST Port SettingsThispagedisplaysthecurrentMSTIcongurationinformation for the Switch. From here you can update theportcongurationforan

54Port State:Indicates the current STP state of a port. If en-abled, the Port State determines what forwarding actionistakenregardingtrafc.Thep

55MAC Address TableThe MAC address table contains address information thattheSwitchusestoforwardtrafcbetweentheinbound and outbound ports. A

56Dynamic MAC AddressThe Switch will automatically learn the device’s MAC address and store it to the Dynamic MAC address table. If there is no packet

57LLDPLinkLayerDiscoveryProtocol(LLDP)istheIEEE802.1ABstandardforSwitchestoadvertisetheiridentity,majorcapabilities,andneighborson

58Global SettingsSelect whether to Enable or Disable the LLDP feature on the Switch. Next, enter the Transmission interval, Holdtime Multiplier, Reini

59Local DeviceLLDP devices must support chassis and port ID advertisement, as well as the system name, system ID, system description, and system capab

6Chapter 1 Product Overview

60Remote DeviceLLDP devices must support chassis and port ID advertisement, as well as the system name, system ID, system description, and system capa

61Mode:Aggregated links can be set up manually or automatically. Select Static or LACP for the Link Aggregation type. • Static–TheLinkAggr

62IGMP SnoopingInternet Group Management Protocol (IGMP) Snooping allows a Switch to forward multicast trafc intelligently.Multicasting is us

63Global SettingsClick to Enable or Disable the IGMP Snooping feature for the Switch. Next, select whether you wish to use V2 or V3. Finally, select w

64VLAN SettingsUsetheIGMPSnoopingVLANSettingstocongureIGMPSnooping settings for VLANs on the system. The Switch performs IGMP Snooping on VL

65Querier SettingsIGMP snooping requires that one central Switch to pe-riodically query all end devices on the network to an-nounce their Multicast me

66Oper Interval:Displays the IGMP Interval of the operational querier.Max Response Interval:Enter the maximum response time used in the queries that a

67Group ListThe Group List displays VLAN ID, Group IP Address, and Members Port in the IGMP Snooping List.

68Router SettingsThe Router Settings shows the learned multicast router attached port if the port is active and a member of the VLAN. Select the

69MLD SnoopingMulticast Listener Discovery (MLD) Snooping operates on theIPv6trafclevelfordiscoveringmulticastlistenerson a directly attached

7Maximum data rates are based on IEEE 802.3ab standards. Actual throughput and range may vary depending on distance between devices or trac and bandw

70VLAN SettingsIf the Fast Leave feature is not used, a multicast querier will send a GS-query message when an MLD group leave messageisreceived.Th

71Group ListThe Group List displays VLAN ID, IPv6 Address, and Mem-bers Port in the MLD Snooping List.

72VLAN ID:Displays the VLAN ID.Router Ports Au-to-Learned:The Switch will automatically detect the presence of a multicast router and forward MLD pack

73Jumbo Frame: Enterthesizeofjumboframe.Therange is from 1522-9216 bytes.Enterthesizeofjumboframe.Therangeisfrom1522-9216 bytes. Clic

74VLANA Virtual LAN (VLAN) is a group of ports that form a logical Ethernet segment on a Layer 2 Switch which provides better administration, security

75Enabled:Enables 802.1Q VLANs. This feature isenabled by default.VID: Displays the VLAN ID for which the network policy is dened. The ran

76Adding, Editing, and Deleting Items in the ListToaddanitemtothe802.1Qlist,followthesesteps:1. Click the Add button .2

77PVIDWhen an Untagged packet enters a Switch port, the PVID (Port VLAN ID) will be attached to the untagged packet and forward frames to a VLAN

78Port:Displays the VLAN ID to which the PVID tag isassigned.CongurethePVIDtoassignuntagged or tagged frames received on the selected port.PVI

79Management VLANThe Management VLAN allows users to transfer the authority of the Switch from the default VLAN to other VLAN IDs. By default, the act

8Standard: EGS5212FP EGS7228P EGS7228FP EGS7252FPPorts8 24 24 48Power budgetPorts1-8,30WattsperPortPorts 1 - 24, 30 Watts per PortPorts 1 - 24,

80Voice VLANEnhanceyourVoiceoverIP(VoIP)servicebyconguringportstocarryIPvoicetrafcfromIPphonesonaspecicVLAN. Voice VLAN provid

81OUI SettingsThe Switches determines whether a received packet is a voice packet by checking its source MAC address. VoIP trafchasapreconguredO

82Port SettingsEnhanceVoIPservicebyconguringportstocarryIPvoicetrafc from IP phones on a specic VLAN. Voice VLANprovides QoS to

83ManagementSystem InformationThe System Information screen contains general device information including the system name, system location, and system

84User ManagementUse the User Management page to control management accesstotheSwitchbasedonmanuallyconguredusernames and passwords. A User

85File ManagementConguration ManagerThe File Management feature is used for saving your currentcongurationtoaleonyourcomputeroraTFTPserv

86Dual ImageThe Switch maintains two versions of the Switch image in its permanent storage. One image is the active image, and the second image is the

87SNMPSimple Network Management Protocol (SNMP) is an ApplicationLayerprotocoldesignedspecicallyformanaging and monitoring network devices. Sim

88In SNMPv3, User-based Security Model (USM) authenti-cation is implemented along with encryption, allowing youtocongureasecureSNMPenvironment.

89SNMP State:Enables or Disables the SMNP function. The default SNMP global state is: Enabled.Local Engine ID (10-64 Characters):Enter the Switch’s En

9Port Functions: 8,24,or4810/100/1000MbpsPortsinthefrontpanel(Depending on model)2 or 4 100/1000Mbps SFP Ports (Depending on model)1 RJ 45 P

90View ListSNMP uses an extensible design, where the available informationisdenedbyManagementInformationbases (MIBs). MIBs describe the structu

91Group ListCongureSNMPGroupstocontrolnetworkaccessonthe Switch by providing users in various groups with different management rights via the

92Community ListAccessrightsaremanagedbydeningcommunities.Click Add to add a community list to the Switch. Next, name the community and choose

93User ListFromhere,youcancongurethedetailspertainingtospecicuseraccounts.ClickAdd to add a new user.Privilege Mode: Select No Auth, Au

94Trap SettingsSNMP TrapsA trap is a type of SNMP message. The Switch can send traps to an SNMP manager when an event occurs.You can restrict user pri

95ACLAccessControlList(ACL)allowsyoutodeneclassi-¬cationrulesorestablishcriteriatoprovidesecurityto your network by blocking unautho

96Index: Displays the current number of ACLs.Name:Enter the MAC based ACL name. You can use up to 32 alphanumeric characters.Click the Apply button t

97Mac-Based ACEAllows Mac-Based Access Control Entry (ACE) to be de-nedwithinaconguredACL.ACL Name:Select the ACL from the list. Sequence: Enter

98IPv4 ACLAllowstheIPBasedACLtobedened.Index:Displays the current number of ACLs.Name: Enter the IP based ACL name. You can use up to 32 alpha

99 IPv4-Based ACEAllowsIPBasedAccessControlEntry(ACE)tobedenedwithinaconguredACL.ACL Name: Select the ACL from the list. Sequence: Ente