Instruction/ maintenance manual of the product 7000 Series NETGEAR
Go to page of 220
202-10238-02 May 2008 NETGEAR , Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA NETGEAR 7000 Series Managed Switch Administration Guide Ve r s i o n 7 .
ii v1.0, May 2008 © 2008 by NETGEAR, Inc. All rights reserved. T rademarks NETGEAR and Auto Uplink are trademarks or regis ter ed trademarks of NETGEAR , Inc. . Microsoft, W indows, and W indow s NT are registered trademar ks of Microsoft Corporation.
v1.0, May 2008 iii • This device may not cause harmful interference, and • This device must accept any inte rference received, including interferen ce that may caus e undesired operation.
v1.0, May 20 08 iv Product and Publication Det ails Model Number: 7xxx Publication Date: May 2008 Product Family: Managed Switch Product Name: 7000 Series Managed Switch Home or Business Prod uc t: Business Language: Engl ish Publication Part Number: 202-10238-02 Publication V ersion Number: 1.
v v1.0, May 2008 Content s NETGEAR 7000 Series Managed Switch Ad ministration Guide V ersion 7.2 About This Manual Conventions, Formats and Scope ............................ ............. ................. ................ ......... xv How to Use This Manual .
vi v1.0, May 2008 Setting Up the Switch IP Address .... ... ... ... .... ............ ............. ................. ............ ............ 3-2 Assigning Switch Name and Location Informat ion .......... ................ ............. .............
vii v1.0, May 2008 VLAN Routing RIP Configuration .............. ... ... ... .... ... ... ... .... ... ... ... .... ... ... ... ............. .. 7-7 CLI Example ...... ............. ................. ............ ................. ............. ......
viii v1.0, May 2008 Example #2: Configure a One-Way Access Using a TCP Flag in an ACL .......... ..... 9-4 CLI Commands .. ................. ............. ................ ................ ............. ................ ..... 9-5 Web Interface Procedure .
ix v1.0, May 2008 Chapter 12 IGMP Snooping Overview ............. ................ ................ ................ ................ ................ ................ ......... .1 2 - 1 CLI Examples . ............. ................ ............. ....
x v1.0, May 2008 Example #4: session-limit and session-timeout ........ ................ ................ ............. 16-3 Chapter 17 Port Mirroring Overview ............. ................ ................ ................ ................ .........
xi v1.0, May 2008 Switch S tack Cabling (FSM73xxS) ............ ... ............. ............. ................ ............. ... 20-4 S tack Master Election and Re-Election ..... ...... ................ ............. ................ .......... 20-5 S tack Member Numbers .
xii v1.0, May 2008 Chapter 22 IGMP Querier CLI Examples . ............. ................ ............. ................ ................. ............. ................ ...... 22- 2 Example #1: Enable IGMP Querier . .......... ... ............. ......
xiii v1.0, May 2008 Example .............. ................ ................ ................ ................ ................ ................ ......... .2 6 - 1 Example 1#: Enable 802.1x Authentication on One Port in a VLAN ... ... ... ... .... ...
xiv v1.0, May 2008.
xv v1.0, May 2008 About This Manual The NETGEAR 7000 Series Managed Switch Ad ministrat ion Guide V ersion 7.2 describes how to install, configure and trou bleshoot the 7000 Se ries Managed Switch. The informa tion in this manual is intended for readers with intermediate computer and Internet skills.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 xvi v1.0, May 2008 • Scope. This manual is written for the 7000 Series Managed Switch according to these specifications: .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 xvii v1.0, May 2008 • Click the PDF of This Chapter link at the top left of any page in the chapter you want to print. The PDF version of the chapter you were viewing o pens in a browser window .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 xviii v1.0, May 2008.
1-1 v1.0, May 2008 Chapter 1 Introduction This document provid es an understanding of th e CLI and W eb configuratio n options for software Release 7.2 features. Document Organization This document provides exa mples of the use of the switch software in a typical network.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 1-2 Introduction v1.0, May 2008 – Class of Service (CoS) – Differentiated Services • Multicast – IGMP Snooping • Security.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Introduction 1-3 v1.0, May 2008 CLI Document ation The Command Line Refer ence provides information about the CLI commands used to configure the switch and the sta ck . The do cument provides CLI descriptions, syntax, and default values.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 1-4 Introduction v1.0, May 2008.
2-5 v1.0, May 2008 Chapter 2 Getting S tarted Connect a terminal to the sw itch to begin configuration. In-band and Out-of-band Connectivity Ask the system administrator to determine whet her you will configure the switch for in-band or out-of-band connec tivity .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-6 Getting Started v1.0, May 2008 gateway IP address of the default r outer , if the switch is a node outside the IP range of the .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-7 v1.0, May 2008 6. Set the IP address, subnet mask, and gate way address by issue the following command: config network parms ipaddress netmask g ateway 7.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-8 Getting Started v1.0, May 2008 d. Set the flow control to none. e. Select the proper mode under Properti es .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-9 v1.0, May 2008 • The console co nnection was establish ed and the console prompt appears on the screen of a VT100 terminal or terminal equivalent. The initial switch configuratio n is performed through the c onsole port.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-10 Getting Started v1.0, May 2008 Sof tware Installation This section contains procedures to help you b ecome acquainted quickly with the switch software. Before installing switch software, you should verify that the switch operates with the most recent firmware.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-11 v1.0, May 2008 • Uploading from Network ing Device to Out-of-Band PC (Only XMODEM) • Downloading from Out-.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-12 Getting Started v1.0, May 2008 copy system:run- ning-config nvram:startup- config Privileged EXEC Saves passwords and all other changes to the device. If you do not save the configurat ion, all changes are lost when you power down or reset the networking device.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-13 v1.0, May 2008 copy nvram:error- log <tftp:// <ipaddress>/ <filepath>/<file- name>> Privileged EXEC Starts the error log upload, displays the mode and typ e of upload and confirms th e upload i s progressing.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-14 Getting Started v1.0, May 2008 copy <tftp:// <ipaddress>/ <filepath>/<file- name>> sys- tem:image Privileged EXEC Sets the destination (downlo ad) datatype to be an image.
3-1 v1.0, May 2008 Chapter 3 Using Ezconfig for Switch Setup Ezconfig is an interactive utility that provides a si mplified procedure for setting up the following switch parameters: • Switch managem.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 3-2 Using Ezconfig for Switch Setup v1.0, May 2008 Changing the Password The first question it will ask is whet her you wish to change the admin passw ord. For security reasons, you should change the password by typing Y .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Using Ezconfig for Switch Setup 3-3 v1.0, May 2008 If an IP address is already assigned, and you do not wish to change the IP address again, simply type N.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 3-4 Using Ezconfig for Switch Setup v1.0, May 2008 If during the session, the switch loses its po wer , the setup informat ion will be lost if Ezconfig does not have the chance to save th e changes before power-down.
4-1 v1.0, May 2008 Chapter 4 Using the W eb Interface This chapter is a brief introduction to the web in terface; for example, it ex plains how to access the W eb-based management panels to con figure and m anage the system. Y ou can manage your switch through a W eb brow ser and Internet connection.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 4-2 Using the Web Interf ace v1.0, May 2008 2. Enable W eb mode: a. At the CLI prompt, enter the show network command. b. Set Web Mode to Enabled. S t arting the Web Interface Follow these steps to start the switch W eb interface: 1.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Using the Web Interfa ce 4-3 v1.0, May 2008 The switch can accommodate two types of u sers: administrative use rs and guests. An administrative user may configur e the switch for network application, but a guest may not.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 4-4 Using the Web Interf ace v1.0, May 2008 The new PCC web interface has the follo wing four new significant features: 1.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Using the Web Interfa ce 4-5 v1.0, May 2008 –I n d e x This tag contains the site index that allows direct access to any of the pages under the main tags and sub tags. • Sub T ags The sub tag content changes depending on the selected main tag.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 4-6 Using the Web Interf ace v1.0, May 2008 Configuring an SNMP V3 User Profile Configuring an SNMP V3 user profile is a part o f user configuration. Any user can connect to the switch using the SNMPv3 protocol, but for authentication and encryption, additional steps are needed.
5-1 v1.0, May 2008 Chapter 5 V irtual LANs Adding V irtual LAN (VLAN) support to a Layer 2 switch offers some of the bene fits of both bridging and routing .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 5-2 Virtual LANs v1.0, May 2008 VLAN Configuration Example The diagram in this section shows a switch with four ports configured to handle the traffic for two VLANs.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Virtual LANs 5-3 v1.0, May 2008 Example #2: Assign Port s to VLAN2 This sequence shows how to assign ports to VLAN2, specify that frames w ill always be transmitted tagged from all member ports, and that untagged frames will be rejected on receipt.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 5-4 Virtual LANs v1.0, May 2008 Graphical User Interface Use the following screens to pe rform the same configuration usin g the Graphical User Interface: • Switching --> VLAN- -> Configuration .
6-1 v1.0, May 2008 Chapter 6 Link Aggregation This section includes instruc tions on configuring Link Aggregation u sing the Command Line Interface and the Graphical User Interface. Link Aggregation (LAG) allows the switch to treat multiple physical l inks between two end-points as a single logical link.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 6-2 Link Aggr egation v1.0, May 2008 Figure 6-1 shows the example network. Example #1: Create two LAGS Use the show port-c hannel all command to show the logical interface ids you will use to identify the LAGs in subsequent c ommands.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Link Aggregatio n 6-3 v1.0, May 2008 Example #2: Add the port s to the LAGs Example #3: Enable both LAGs By default, the system en ables link trap notification At this point, the LAGs could be added to VLANs.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 6-4 Link Aggr egation v1.0, May 2008.
7-1 v1.0, May 2008 Chapter 7 IP Routing Services IP routing services are divided into five areas : • Port Routing • VLAN Routing • Routing Information Protocol (RIP) • Open Shortest Path First.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-2 IP Routing Services v1.0, May 2008 Port Routing Configuration The 7000 Series M anaged Switch always supp orts Layer 2 bridging.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-3 v1.0, May 2008 CLI Examples This diagram shows a Layer 3 switch configured fo r port routing. It co nnects three different subnets, each connected to a diff erent port.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-4 IP Routing Services v1.0, May 2008 Example #2: Enabling Routing for Port s on the Switch Use the following commands to enable routing for ports on th e switch. The de fault link-level encapsulation format is Ethernet.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-5 v1.0, May 2008 The next section will show you how to config ure the 7000 Series Managed Switch to support VLAN routing and how to use RIP and OSPF . A port may be either a VLAN port or a router port, but not both.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-6 IP Routing Services v1.0, May 2008 Example #1: Create T wo VLANs The following code sequence show s an example of creating two VL ANs with egress frame tagging enabled. Example #2: Set Up VLAN Routing for the VLANs and the Switch.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-7 v1.0, May 2008 The next sequence shows an e xample of config uring the IP addresses and subnet masks for the virtual router ports.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-8 IP Routing Services v1.0, May 2008 CLI Example This example adds support for RIPv2 to the co nfiguration created in the base VLAN routing example. A second router , using port routing rath er than VLAN routing, has been added to the network.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-9 v1.0, May 2008 Example of configuring VLAN Rou ting with RIP support on a 7000 Series Managed Switch (Netge.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-10 IP Routing Services v1.0, May 2008 VLAN Routing OSPF Configuration For larger networks Open Shortest Path First (OSP F) is generally used in preference to RIP .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-11 v1.0, May 2008 Example of configuring OSPF on a 7000 Series Managed Switch acting as an inter-area router .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-12 IP Routing Services v1.0, May 2008 Routing Information Protocol Routing Information Prot ocol (RIP) is one of the pro tocols which may be used by routers to exchange network topology informa tion.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-13 v1.0, May 2008 • T o prevent any RIP packets from being transmitted CLI Examples The configuratio n comm.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-14 IP Routing Services v1.0, May 2008 Example #2: Enable Routing for Port s The following command sequence en ables routing and assigns IP addresses for ports 1/0/2 and 1/ 0/3. Example #3: Enable RIP for the Switch The next sequence enables RIP for the switch.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-15 v1.0, May 2008 Example #4: Enable RIP for port s 1/0/2 and 1/0/3 This command sequence en ables RIP for ports 1/0/2 and 1/0/3. Au thentication defaults to none, and no default route entry is created.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-16 IP Routing Services v1.0, May 2008 • Intra-area • Inter-area • External type 1: the route is external to the AS • Exte.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-17 v1.0, May 2008 Example #1: Configuring an Inter-Are a Router Enable Routing for the Switch. The following command sequence enables ip routing for the switch.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-18 IP Routing Services v1.0, May 2008 Specify Router ID and Enable OSPF for the Switch. The following sequence specifies the router ID and enables OSPF for the switch. Set disable1583 compatibility to prevent the routing loop.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-19 v1.0, May 2008 Example #2: Configuring OSPF on a Border Router Figure 7-6.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-20 IP Routing Services v1.0, May 2008 The following example configures OSPF on a 7000 Series Mana ged Switch operating as a border router: Enable routing for the switch.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-21 v1.0, May 2008 Proxy Address Resoluti on Protocol (ARP) This section describes the Proxy Address Resolution Protocol (ARP) feature.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-22 IP Routing Services v1.0, May 2008 CLI Examples The following are examples of the comm ands used in the proxy ARP feature. Example #1: show ip interface Example #2: ip proxy-arp (Netgear Switch) #show ip interface ? <slot/port> Enter an in terface in slot/port format.
8-1 v1.0, May 2008 Chapter 8 V i rtual Router Redundancy Protocol When an end station is statically configured w ith the address of the router that will handle its routed traf fic, a single point of failure is intro duced into the network. If the router goes down, the end station is unable to communicate.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 8-2 Virtual Router Redun dan cy Protocol v1.0, May 2008 CLI Examples This example shows how to configure the 7000 Series Manag ed Switch to support V RRP . Router 1 will be the default master router for the virtual route, and Router 2 will be the backup router .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Virtual Router Redunda ncy Pr otocol 8-3 v1.0, May 2008 Example #1: Configure VR RP on a Master Router The following is an examp le of configurin g VRRP on a 7000 Series Managed Switch acting as the master router: Enable routing for the switch.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 8-4 Virtual Router Redun dan cy Protocol v1.0, May 2008 Example #2: Configure VR RP on a Backup Router The following is an examp le of configurin g VRRP on a 7000 Series Managed Switch acting as the backup route r: Enable routing for the switch.
9-1 v1.0, May 2008 Chapter 9 Access Control List s (ACLs) This section describes the Access Control Lists (ACLs) feat ure . Overview Access Control Lists (ACLs) can control the traffic entering a network. Normally ACLs reside in a firewall router or in a router connecting two internal network s.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-2 Access Control Lists (ACLs) v1.0, May 2008 • Destination MAC address with mask • VLAN ID (or range of IDs) • Class of Service (CoS) (802.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-3 v1.0, May 2008 Process T o configure ACLs, follow these steps: • Create an ACL by specifying a n.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-4 Access Control Lists (ACLs) v1.0, May 2008 Example #2: Configure a One-W ay Access Using a TCP Flag in an ACL This example shows how to set up one-way web access using a TCP flag in an ACL.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-5 v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-6 Access Control Lists (ACLs) v1.0, May 2008 Create VLAN 200 with port 0/44 and a ssign IP address 192.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-7 v1.0, May 2008 T o use the CLI to Configure the GSM735 2S, enter the following CLI commands: Step 2: Configure the GSM7352S (see Figure 9 -2 ) Create VLAN 40 with port 1/0/24 and assign IP address 192.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-8 Access Control Lists (ACLs) v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to configur e the GSM7248R, proceed as follows: 1. Create VLAN 30 with IP address 192.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-9 v1.0, May 2008 2. Create VLAN 100 with IP address 192.168.100.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-10 Access Control Lists (ACLs ) v1.0, May 2008 3. Create VLAN 200 with IP address 192.168.200.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-11 v1.0, May 2008 4. Enable IP Routing: a. From the main menu, select Ro uting > IP > Basic > IP Configuration. A scr een similar to the following displays.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-12 Access Control Lists (ACLs ) v1.0, May 2008 b. Under Configure Routes, make the following selection and enter the following information: • Select St a t i c from the Route T y pe pulldown menu .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-13 v1.0, May 2008 7. Create an ACL with ID 101: a. From the main menu, select Security > ACL > Ad vanced > IP ACL. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-14 Access Control Lists (ACLs ) v1.0, May 2008 9. Add and configure an IP extended rule that is associated with ACL 101: a. From the main menu, select Se curity > ACL > Advanced > IP Extended Rules.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-15 v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-16 Access Control Lists (ACLs ) v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-17 v1.0, May 2008 11 . Apply ACL 101 to port 4 4: a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-18 Access Control Lists (ACLs ) v1.0, May 2008 12. Apply ACL 102 to po rt 44: a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-19 v1.0, May 2008 T o use the W eb interface to config ure the GSM7352S, proceed as follows: 1. Create VLAN 40 with IP address 192.168. 40.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-20 Access Control Lists (ACLs ) v1.0, May 2008 2. Create VLAN 50 with IP address 192.168. 50.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-21 v1.0, May 2008 3. Create VLAN 200 with IP address 192.168.200.2/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-22 Access Control Lists (ACLs ) v1.0, May 2008 4. Create a static route with IP address 192.168.100.0/2 4: a. From the main menu, select Routing > Routing T able > Bas i c > Rou te Configuration.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-23 v1.0, May 2008 5. Create a static route with IP address 192.168.30.0/24: a. From the main menu, select Routing > Routing T able > Bas i c > Rou te Configuration.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-24 Access Control Lists (ACLs ) v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-25 v1.0, May 2008 Create VLAN 48, add po rt 1/0/48 to it, and assign IP address 192.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-26 Access Control Lists (ACLs ) v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to isolate VLANs on a Laye r 3 switch by using ACLs, pr oceed as follows: 1. Create VLAN 24 with IP address 192.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-27 v1.0, May 2008 b. Enter the following informatio n in the VLAN Routing W izard: • In the Vlan ID field, enter 24 . • In the IP Address field, enter 192.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-28 Access Control Lists (ACLs ) v1.0, May 2008 e. Click Apply to save VLAN 48. 3. Create VLAN 38 with IP address 10.100.5.34: a. From the main menu, select Routing > VL AN > VLAN Routing W izard.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-29 v1.0, May 2008 b. Under IP Configuration, ma ke the following selections: • Next to Routing Mode, select the Enable radio button. • Next to IP Forwarding Mode, select the Enable radio button.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-30 Access Control Lists (ACLs ) v1.0, May 2008 6. Create an ACL with ID 102: a. From the main menu, select Security > ACL > Ad vanced > IP ACL. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-31 v1.0, May 2008 b. In the IP ACL ID field of the IP ACL T able, enter 103 . c. Click Add . 8. Add and configure an IP extended rule that is associated with ACL 101: a.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-32 Access Control Lists (ACLs ) v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-33 v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-34 Access Control Lists (ACLs ) v1.0, May 2008 10. Add and configure an IP extended rule that is associated with ACL 103: a. From the main menu, select Se curity > ACL > Advanced > IP Extended Rules.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-35 v1.0, May 2008 • Next to Action mode, select the Permit rad i o but ton. • Select False from the Match Every pulld own menu. • Select IP from the Protocol T ype pulldown menu.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-36 Access Control Lists (ACLs ) v1.0, May 2008 12. Apply ACL 101 to po rt 48: a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-37 v1.0, May 2008 13. Apply ACL 103 to port 24 and po rt 48 : a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-38 Access Control Lists (ACLs ) v1.0, May 2008 MAC ACL CLI Examples The following are examples of the comm ands used for the MAC ACLs feature. Example #1: mac access list (Netgear Switch)(Config)#mac access- list ? extended Configure extended MAC Access List parameters.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-39 v1.0, May 2008 Example #2: permit any (Netgear Switch) (Config-mac access- list)#permit ? <srcmac> Enter a MAC address. any Configure a match condition for all the destination MAC addresses in the Destination MAC Address field.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-40 Access Control Lists (ACLs ) v1.0, May 2008 Example #3 Configure mac access-group (Netgear Switch) (Config)#interface 1/0/5 (Netgear Switch) (Interface 1/0/5)#m ac ? access-group Attach MAC Access Li st to Interface.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-41 v1.0, May 2008 Example #4 permit (Netgear Switch) (Config)#mac access -list extended b2 (Netgear Switch) (Config-mac-access- list)#permit 00:00:00:00:00:00 ? <dstmac> Enter a MAC Address.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-42 Access Control Lists (ACLs ) v1.0, May 2008 Example #5: show mac access-list s (Netgear Switch) #show mac access-li sts Curren.
10-1 v1.0, May 2008 Chapter 10 Class of Service (CoS) Queuing This section describes the Class of Service (C oS) Queue Mapping and T raffic Shaping features. Overview Each port has one or more queues for packet transmission. During configuration, you can determine the mapping and conf iguration of these queues.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-2 Class of Service (CoS) Queuing v1.0, May 2008 – IP Precedence – IP Dif fServ Code Point (DSCP) The system can assign service level based upon the 802.1p priority field of the L2 header .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Class of Service (CoS) Queuing 10-3 v1.0, May 2008 – T ail drop vs. WRED Drop Precedence Conf iguration (per Queue) •W R E D p .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-4 Class of Service (CoS) Queuing v1.0, May 2008 Example #1: show classofservice trust Example #2: set clas sofservice trust mode (Netgear Switch) #show classofservic e trust ? <cr> Press Enter to execute the command.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Class of Service (CoS) Queuing 10-5 v1.0, May 2008 Example #3: show classofser vice ip-precedence mapping Example #4: Config Co s-q.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-6 Class of Service (CoS) Queuing v1.0, May 2008 Example #5: Set CoS T rus t Mode of an Interface T raffic Shaping This section describes the T raffic Shaping feature. T raffic shaping controls the amou nt and volume of traf fic transmitted through a network.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Class of Service (CoS) Queuing 10-7 v1.0, May 2008 Example #1 traffic-shape (Netgear Switch) (Config)#traffic-sh ape ? <bw> Enter the s haping bandwidth percentage from 0 to 100 in incremen ts of 5.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-8 Class of Service (CoS) Queuing v1.0, May 2008.
11-1 v1.0, May 2008 Chapter 1 1 Differentiated Services Differentiated Services ( DiffServ) is one technique for implementing Qu ality of Service (QoS) policies. Using DiffServ in your network allows you to direct ly co nfigure the relevant parameters on the switches and routers ra ther than using a re source reservation protocol.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 11-2 Differentiated Services v1.0, May 2008 – Marking the packet with a given DSCP code point, IP precedence, or CoS – Policing packets by dropping or re -marking th ose that exceed the class’ s assigned data rate – Counting the traffic within the class • Service.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Differentiated Services 11-3 v1.0, May 2008 The following examp le configures Dif fServ on a 7000 Series Managed Switch: Ensure DiffServ operation is enabled for the switch.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 11-4 Differentiated Services v1.0, May 2008 DiffServ for V oIP Configuration Example One of the most valuable uses of Dif fServ is to support V oice over IP (V oIP).
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Differentiated Services 11-5 v1.0, May 2008 a class for UDP traffic, have that traf fic marked on the inbound side, and then expedite the traffic on the outbound side.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 11-6 Differentiated Services v1.0, May 2008 The following example config ures Dif fServ V oIP support: Enter Global Config mode. Set queue 5 on all ports to use strict priority mode.
12-1 v1.0, May 2008 Chapter 12 IGMP Snooping This section describes the Internet Group Mana gement Prot ocol (IGMP) feature: IGMPv3 and IGMP Snooping. Overview IGMP: • Uses V ersion 3 of IGMP • Includes snoopin g • Snooping can be enab led per VLAN CLI Examples The following are examples of the commands used in the IGMP Snooping feature.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 12-2 IGMP Snooping v1.0, May 2008 Example #2: show igmp snooping Example #3: show mac-ad dress-t able igmp snooping (Netgear Switch) #show igmpsnoop ing? <cr> Press Enter to execute the co mmand.
13-1 v1.0, May 2008 Chapter 13 Port Security This section describes the Port Security feature. Overview Port Security: • Allows for limiting the number of MAC addresses on a given port • Packets t.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 13-2 Port Security v1.0, May 2008 Operation Port Security: • Helps secure network by preventing u nknown devices from forwarding .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Port Security 13-3 v1.0, May 2008 CLI Examples The following are examples of the commands used in the Port Security feature.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 13-4 Port Security v1.0, May 2008.
14-1 v1.0, May 2008 Chapter 14 T raceroute This section describes the T raceroute feature. Use T raceroute to discover the routes that packets take when traveli ng on a hop-by -hop basis to their destination through the network.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 14-2 Traceroute v1.0, May 2008 CLI Example The following shows an example of using the traceroute command to determi ne how many hops there are to the des tination. Th e command output shows each IP ad dress the packet passes through and how long it takes to get there.
15-1 v1.0, May 2008 Chapter 15 Configuration Scripting This section describes the Conf iguration Scripting feature. Overview Configuration Scripting: • Allows you to generate text-formatted files .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 15-2 Configuration Scripting v1.0, May 2008 Example #1: script Example #2: script list and script delete Example #3: script apply running-config.scr (Netgear Switch) #script ? apply Applies configuration script to the swit ch.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Configuration Scripting 15-3 v1.0, May 2008 Example #4: Creating a Configuration Script Example #5: Upload a Configuration Script (Netgear Switch) #show running-confi g running-config.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 15-4 Configuration Scripting v1.0, May 2008.
16-1 v1.0, May 2008 Chapter 16 Outbound T e lnet This section describes the Outbound T elnet feature. Overview Outbound T elnet: • Establishes an outbound telnet connection between a device and a re.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 16-2 Outbound Telnet v1.0, May 2008 Example #1: show network Example #2: show telnet (Netgear Switch Routing) >telnet 192 .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Outbound Telnet 16-3 v1.0, May 2008 Example #3: transport output telnet Example #4: session-limi t and session-timeout (Netgear Switch Routing) (Config)#li neconfig ? <cr> Press Enter to execute the command.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 16-4 Outbound Telnet v1.0, May 2008.
17-1 v1.0, May 2008 Chapter 17 Port Mirroring This section describes the Port Mirroring feature. Overview Port Mirroring: • Allows you to monitor network traf fi c with an external network analyzer .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 17-2 Port Mirr oring v1.0, May 2008 Example #1: show monitor session Example #2: show port all Example #3: show port interface Use this command for a specific por t.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Port Mirroring 17-3 v1.0, May 2008 port, and what is enabled or disable d on the port. Example #4: (Config) monitor session 1 mode T o set up port mirroring, s pecify th e monitor session, then the mode.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 17-4 Port Mirr oring v1.0, May 2008 Example #5: (Config) monito r session 1 source interface Specify the source (mirrored) ports and destination (probe) port.
18-1 v1.0, May 2008 Chapter 18 Simple Network T ime Protocol (SNTP) This section describes the Simple Netw ork T ime Protocol (SNTP) feature . Overview SNTP: • Used for synchronizin g network resour.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 18-2 Simple Network Time Protocol (SNTP) v1.0, May 2008 Example #2: show sntp client Example #3: show sntp server Example #4: Configure SNTP Netgear switches do not have a built-in real-time cloc k.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Simple Network Time Protocol (SNTP) 18-3 v1.0, May 2008 1. Configure the SNTP server IP address. The IP address can be either from the public NTP server or your own. Y ou can search the Intern et to locate the public server .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 18-4 Simple Network Time Protocol (SNTP) v1.0, May 2008 Example #5: Setting T ime Zone The SNTP/NTP server is set to Coordina ted Universal Time (UTC) by default. The following example shows how to set the time zone to Pacifi c Standard Time (PST) which is 8 hours behind GMT/UTC.
19-1 v1.0, May 2008 Chapter 19 Syslog This section provides informa tion about the Syslog feature. Overview Syslog: • Allows you to store system messages and/or errors • Can store to local files o.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 19-2 Syslog v1.0, May 2008 Interpreting Log Files CLI Examples The following are examples of the comm ands used in the Syslog feature. <130> JAN 01 00:00:0 6 0.0.0.0-1 UNKN [0x 800023]: boot os.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Syslog 19-3 v1.0, May 2008 Example #1: show logging Example #2: show logging buffered (Netgear Switch Routing) #show loggi ng Loggi.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 19-4 Syslog v1.0, May 2008 Example #3: show logging traplogs Example #4: show logging host s (Netgear Switch Routing) #show logging traplogs ? <cr> Press Enter to execute the c ommand.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Syslog 19-5 v1.0, May 2008 Example #5: logging port configuration (Netgear Switch Routing) #config (Netgear Switch Routing) (Config)#logging ? buffered Buffered (In-Memory) Logging Configuration.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 19-6 Syslog v1.0, May 2008.
20-1 v1.0, May 2008 Chapter 20 Managing Switch S t acks This chapter describes the concepts and recommen ded operating procedures to manage Netg ear stackable managed switches running Release 4.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-2 Managing Sw itch Stacks v1.0, May 2008 Underst anding Switch St acks A switch stack is a set of up to eight Et hernet switches connected throug h their stacking ports. One of the switches controls the operation of th e stack and is called the stack master .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-3 v1.0, May 2008 Switch St ack Membership A switch stack has up to eight stack members connected through their stacking ports. A switch stack always has one stack master .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-4 Managing Sw itch Stacks v1.0, May 2008 Switch St ack Cabling (FSM73xxS) Figure 20-1 and Figure 20-2 illustrate how indivi dual switches ar e interconnected to form a stack. Y ou can use the regular Category 5 Et hernet 8 wire cable.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-5 v1.0, May 2008 S t ack Master Election and Re-Election The stack master is el ected or re-elec ted based on one of these factors and in the order listed: 1.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-6 Managing Sw itch Stacks v1.0, May 2008 Stack members in the same switch stack cannot have the same stack member numbe r .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-7 v1.0, May 2008 Effect s of Replacing a Preconfigu red Switch in a Switch St ack When a preconfigured s.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-8 Managing Sw itch Stacks v1.0, May 2008 Switch St ack Software Comp atibility Recommendations All stack members must run the same software version to ensure comp atibility between stack members.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-9 v1.0, May 2008 Switch St ack Management Connectivity Y ou manage the switch stack and the stack member interfaces through the stack master . Y ou ca n use the web interface , the CLI, and SNMP .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-10 Managing Switch Stacks v1.0, May 2008 S tack master election specifically determined by the MAC address • Assuming that both stack members have the same priority value and software image, restart both stack members at the same time.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-11 v1.0, May 2008 S t acking Recommendations The purpose of this section is to collect notes on recommended pr ocedures and expe cted behavior of stacked manage d switches.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-12 Managing Switch Stacks v1.0, May 2008 Initial inst allation an d Power-up of a S t ack 1. Install units in rack. 2. Install all stacki ng cables. Fully connect, including the redundant stack link.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-13 v1.0, May 2008 Adding a Unit to an O perating St ack 1. Make sure the redundant stack connection is in place and functional. All stack members should be connected in a logical ring.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-14 Managing Switch Stacks v1.0, May 2008 • Add the new stack unit to the stac k using the pro cess described in s ection “Adding a Unit to an Operating Stack” .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-15 v1.0, May 2008 Merging T wo Operational S tacks It is strongly recommend ed that two functioning stacks (each having an independent master) not be merged simply by the reconnection of stack cab les.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-16 Managing Switch Stacks v1.0, May 2008 archive command (in stack configuration mode) may be issued to make another attempt to copy the software t o the unit(s) that did not get updated.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-17 v1.0, May 2008 Code Mismatch If a unit is added to a stack and it does not have the same version of co.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-18 Managing Switch Stacks v1.0, May 2008.
21-1 v1.0, May 2008 Chapter 21 Pre-Login Banner This section describes the Pre-Login Banner feature. Overview Pre-Login Banner: • Allows you to create message screens when logging into the CLI Inter.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 21-2 Pre-Login Banner v1.0, May 2008 2. T ransfer the file from the PC to the switch using TFTP (Netgear Switch Routing) #copy tftp: //192.168.77.52/banner.txt nvram:clibanner Mode..
22-1 v1.0, May 2008 Chapter 22 IGMP Querier When the switch is used in ne twork applications where video se rvice s such as IP TV , vide o streaming, and gaming are deployed, the video traf fic would normally be flooded to all connected ports because such traffic packets usually have mu lticast Ethernet addresses.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 22-2 IGMP Querier v1.0, May 2008 CLI Examples Example #1: Enable IGMP Querier Use the following CLI commands to set up the switch to genera te IGMP querier packet for a designated VLAN.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DNS 23-1 v1.0, May 2008 Chapter 23 DNS This section describes the Domain Name System (DNS) feature.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 23-2 DNS v1.0, May 2008 CLI Commands T o use the CLI to specify two DNS serve rs, enter the following CLI commands: Web Interfac e Procedure T o use the W eb interface to specify two DNS servers, proceed as follows: 1.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DNS 23-3 v1.0, May 2008 Example 2#: Manually Add a Ho st Name and an IP Address The following example shows commands to add a sta tic host name entry to the switc h so that you can use this entry to resolve the IP address.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 23-4 DNS v1.0, May 2008 2. Under DNS Host Configuration, enter the following information: • In the Host Name field, enter www .netgear .com . • In the IP Address field, enter 206.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DHCP Server 24 -1 v1.0, May 2008 Chapter 24 DHCP Server This section describes the DHCP server configuration. When a client sends a request to a DHCP server , the DHCP server assigns the IP address from ad dress pools that are sp ecified on the switch.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 24-2 DHCP Server v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to create a DHCP se rver with a dynamic pool, proceed as follows: 1. From the main menu, select System > Se rvices > DHCP Server > DHCP Se rver Configuration.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DHCP Server 24 -3 v1.0, May 2008 4. From the main menu, select System > Services > D HCP Server > D HCP Pool Configuration.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 24-4 DHCP Server v1.0, May 2008 Example #2: Configure a DHCP Server in Manual Mode The following example sh ows how to cre at e a DHCP server with a manual pool. The example is shown as CLI commands and as a W eb interface procedure.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DHCP Server 24 -5 v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to create a DHCP server with a manual pool, proceed as follows: 1. From the main menu, select System > Se rvices > DHCP Server > DHCP Se rver Configuration.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 24-6 DHCP Server v1.0, May 2008 4. Under DHCP Pool Configuration, enter the followi ng information: • Select Create from the Pool Name pulldown menu. • In the Pool Name field, enter pool_m anual .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-1 v1.0, May 2008 Chapter 25 Protected Port s This section describes how to set up protected por ts on the switch.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-2 Protected Po rts v1.0, May 2008 . The example is shown as CLI commands and as a W eb interface procedure.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-3 v1.0, May 2008 Web Interfac e Procedure T o use the W eb Interface to configure a protec ted po rt in order to isolate ports, procee d as follows: 1. Create a DHCP pool: Step 2: Create one VLAN 202 connecte d to the Internet .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-4 Protected Po rts v1.0, May 2008 a. From the main menu, select System > Se rvices > DHCP Server > DHCP Server Configuration. A screen simila r to the following displays.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-5 v1.0, May 2008 • In the Network Number field, enter 192.168.1.0 . • In the Network Mask field, enter 255.255.255 .0 . • In the Days field, enter 1 . • Click on Default Router Addresses .
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-6 Protected Po rts v1.0, May 2008 The U specifies that the egress p acket is untagged for the port. d. Click Apply to save the VLAN that includes ports 23 and 24. 3. Configure a VLAN and includ e port 1/0/48 in the VLAN: a.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-7 v1.0, May 2008 b. Under IP Configuration, ma ke the following selections: • Next to Routing Mode, select the Enable radio button. • Next to IP Forwarding Mode, select the Enable radio button.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-8 Protected Po rts v1.0, May 2008 6. Configure port 23 and port 2 4 as protected ports: a. From the main menu, select Security > T raffi c Control > Protected Port. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-1 v1.0, May 2008 Chapter 26 802.1x Port Security This section describes how to c onfigure the 802.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-2 802.1x Port Security v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-3 v1.0, May 2008 Web Interfac e Procedure T o use the W eb Interface to enable 802.1x authen tication on one port, and to allow only the user with the name “adam” to access the VLA N, proceed as follows: 1.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-4 802.1x Port Security v1.0, May 2008 b. Enter the following informatio n in the VLAN Routing W izard: • In the Vlan ID field, enter 100 . • In the IP Address field, enter 192.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-5 v1.0, May 2008 3. Add a new user account with the name “adam”: a. From the main menu, select Security > Manage ment Security > User Configuration > User Management.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-6 802.1x Port Security v1.0, May 2008 5. Enable port authentication: a. From the main menu, select Security > Port Authentication > Basic > 802.1x Configuration. A screen simila r to the following displays.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-7 v1.0, May 2008 b. Under Port Authentication, enter the following information: • In the Max Users field, enter 4 . • Select Mac based from the Port Method p ulldown menu.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-8 802.1x Port Security v1.0, May 2008.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Double VLANs 27-1 v1.0, May 2008 Chapter 27 Double VLANs This section describes how to configure the Do uble VLAN (DVLAN) feature on the switch. A DVLAN is a way to pass traffic of customers who have multiple VLANs from one customer domain to another customer domain.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 27-2 Double VLANs v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to enable a double VLAN on a VLAN, enter the following CLI commands: Figure 27-1 Create a VLAN 200 .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Double VLANs 27-3 v1.0, May 2008 Web Interfac e Procedure T o use the W eb Interface to enable a d ouble VLAN on a VLAN, proceed as follows: 1. Create static VLAN 200: a. From the main menu, select Switching > VL AN > Basic > VLAN Configuration.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 27-4 Double VLANs v1.0, May 2008 2. Add ports 24 and 48 to VLAN 20 0. a. From the main menu, select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Double VLANs 27-5 v1.0, May 2008 3. Change the Port VLAN ID (PVID) of port 24 to 200: a. From the main menu, select Switching > VLAN > Advanced > Port PVID Configuration. A screen similar to the following displays.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 27-6 Double VLANs v1.0, May 2008 4. Configure port 48 as the provider service port: a. From the main menu, select Switchi ng > VLAN > Advanced > Port DVLAN Configuration. A screen simila r to the following displays.
Index-1 v1.0, May 2008 Index Numerics 802.1x port security 26-1 A ACL 9-1 add 4-5 apply 4-5 ARP 7-21 C cancel 4-5 command archive 20-16 archive download-sw 20-8 clear config 2-14 clock timezone 18-4 c.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 Index-2 v1.0, May 2008 switch priority 20-6 switch renumber 20-14 traceroute 14-1 traf fic-shape 10-7 transport output telnet 16-3 .
NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Index-3 v1.0, May 2008 protected ports 25-1 Q QoS class 11 - 1 policy 11 - 1 service 11 - 2 R refresh 4-5 RIP 7-1 , 7-2 , 7-7 , 7-1.
NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 Index-4 v1.0, May 2008.
An important point after buying a device NETGEAR 7000 Series (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought NETGEAR 7000 Series yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data NETGEAR 7000 Series - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, NETGEAR 7000 Series you will learn all the available features of the product, as well as information on its operation. The information that you get NETGEAR 7000 Series will certainly help you make a decision on the purchase.
If you already are a holder of NETGEAR 7000 Series, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime NETGEAR 7000 Series.
However, one of the most important roles played by the user manual is to help in solving problems with NETGEAR 7000 Series. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device NETGEAR 7000 Series along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center
