iSSE-G2252 Switches52-Port Layer 2 Gigabit Ethernet SwitchSSE-G2252P Switches52-Port Layer 2 Gigabit Ethernet Switch with 48 PoE-Capable PortsUSER’S M
SSE-G2252/SSE-G2252P Switches USER’S MANUALxManufacturing Materials...2-10Chapter
SSE-G2252/SSE-G2252P Switches User’s Manual5-12• The FTP connection is made with PASV mode enabled. PASV mode is needed to traverse some fire walls, e
SSE-G2252/SSE-G2252P Switches User’s Manual38-32Example SSE-G2252(config)#interface ethernet 1/1SSE-G2252(config-if)#ip igmp max-groups 10SSE-G2252(co
38-33Chapter 38: Multicast Filtering Commandsport-channel channel-id (Range: 1-12)Default SettingNoneCommand ModePrivileged ExecExample SSE-G2252#show
SSE-G2252/SSE-G2252P Switches User’s Manual38-34show ip igmp throttle interfaceThis command displays the interface settings for IGMP throttling.Syntax
38-35Chapter 38: Multicast Filtering Commands38-4 Multicast VLAN RegistrationThis section describes commands used to configure Multicast VLAN Registra
SSE-G2252/SSE-G2252P Switches User’s Manual38-36Default Setting MVR is disabled.No MVR group address is defined.The default number of contiguous addre
38-37Chapter 38: Multicast Filtering Commandsmvr immediate-leaveThis command causes the switch to immediately remove an interface from a multicast str
SSE-G2252/SSE-G2252P Switches User’s Manual38-38mvr typeThis command configures an interface as an MVR receiver or source port. Use the no form to res
38-39Chapter 38: Multicast Filtering CommandsSSE-G2252(config)#interface ethernet 1/7SSE-G2252(config-if)#mvr type receiverSSE-G2252(config-if)#mvr vl
SSE-G2252/SSE-G2252P Switches User’s Manual38-40show mvrThis command shows information about the global MVR configuration settings when entered withou
38-41Chapter 38: Multicast Filtering CommandsThe following displays information about the interfaces attached to the MVR VLAN:SSE-G2252#show mvr inter
5-13Chapter 5: Basic Management TasksThe following syntax must be observed:tftp://host[/filedir]/• tftp:// – Defines TFTP protocol for the server conn
SSE-G2252/SSE-G2252P Switches User’s Manual38-42Table 38-8. show mvr members - Display Description Field DescriptionMVR Forwarding Entry CountThe num
39-1Chapter 39: LLDP CommandsChapter 39LLDP CommandsLink Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring devic
SSE-G2252/SSE-G2252P Switches User’s Manual39-2lldp dot1-tlv proto-identaConfigures an LLDP-enabled port to advertise the supported protocolsIClldp do
39-3Chapter 39: LLDP CommandslldpThis command enables LLDP globally on the switch. Use the no form to disable LLDP.Syntax[no] lldpDefault SettingEnabl
SSE-G2252/SSE-G2252P Switches User’s Manual39-4ExampleSSE-G2252(config)#lldp holdtime-multiplier 10SSE-G2252(config)#lldp med-fast-start-countThis com
39-5Chapter 39: LLDP CommandsCommand ModeGlobal ConfigurationCommand Usage• This parameter only applies to SNMP applications which use data stored in
SSE-G2252/SSE-G2252P Switches User’s Manual39-6lldp reinit-delayThis command configures the delay before attempting to re-initialize after LLDP ports
39-7Chapter 39: LLDP CommandsCommand Usage• The transmit delay is used to prevent a series of successive LLDP transmissions during a short period of r
SSE-G2252/SSE-G2252P Switches User’s Manual39-8lldp basic-tlv management-ip-addressThis command configures an LLDP-enabled port to advertise the manag
39-9Chapter 39: LLDP CommandsSyntax[no] lldp basic-tlv port-descriptionDefault SettingEnabledCommand ModeInterface Configuration (Ethernet, Port Chann
SSE-G2252/SSE-G2252P Switches User’s Manual5-14• ftp://192.168.0.1/The user name and password are empty, so “anonymous” will be the user name and the
SSE-G2252/SSE-G2252P Switches User’s Manual39-10lldp basic-tlv system-descriptionThis command configures an LLDP-enabled port to advertise the system
39-11Chapter 39: LLDP CommandsExampleSSE-G2252(config)#interface ethernet 1/1SSE-G2252(config-if)#lldp basic-tlv system-nameSSE-G2252(config-if)#lldp
SSE-G2252/SSE-G2252P Switches User’s Manual39-12lldp dot1-tlv proto-vidThis command configures an LLDP-enabled port to advertise port-based protocol V
39-13Chapter 39: LLDP CommandsExampleSSE-G2252(config)#interface ethernet 1/1SSE-G2252(config-if)#no lldp dot1-tlv pvidSSE-G2252(config-if)#lldp dot1-
SSE-G2252/SSE-G2252P Switches User’s Manual39-14Command UsageThis option advertises link aggregation capabilities, aggregation status of the link, and
39-15Chapter 39: LLDP CommandsDefault SettingEnabledCommand ModeInterface Configuration (Ethernet, Port Channel)Command UsageRefer to Section 21-3: &q
SSE-G2252/SSE-G2252P Switches User’s Manual39-16lldp med-location civic-addrThis command configures an LLDP-MED-enabled port to advertise its location
39-17Chapter 39: LLDP CommandsAny number of CA type and value pairs can be specified for the civic address location, as long as the total does not exc
SSE-G2252/SSE-G2252P Switches User’s Manual39-18lldp med-notificationThis command enables the transmission of SNMP trap notifications about LLDP-MED c
39-19Chapter 39: LLDP CommandsDefault SettingEnabledCommand ModeInterface Configuration (Ethernet, Port Channel)Command UsageThis option advertises ex
5-15Chapter 5: Basic Management Tasks...5-6 Setting the System ClockSimple Network Time Protocol (SNTP) allows the switch to set its internal clock ba
SSE-G2252/SSE-G2252P Switches User’s Manual39-20lldp med-tlv locationThis command configures an LLDP-MED-enabled port to advertise its location identi
39-21Chapter 39: LLDP CommandsExampleSSE-G2252(config)#interface ethernet 1/1SSE-G2252(config-if)#lldp med-tlv med-capSSE-G2252(config-if)#lldp med-tl
SSE-G2252/SSE-G2252P Switches User’s Manual39-22Command Usage• This option sends out SNMP trap notifications to designated target stations at the inte
39-23Chapter 39: LLDP Commands LLDP Re-initialization Delay : 2 sec. LLDP Notification Interval : 5 sec. LLDP MED Fast Start Count : 4LLDP Port C
SSE-G2252/SSE-G2252P Switches User’s Manual39-24show lldp info local-deviceThis command shows LLDP global and interface-specific configuration setting
39-25Chapter 39: LLDP Commands Port ID : 00-1A-7E-AC-2B-13 Port Description : Ethernet Port on unit 1, port 1 MED Capability : LLDP-MED Cap
SSE-G2252/SSE-G2252P Switches User’s Manual39-26 System Name : System Description : SSE-G2252 Managed GE Switch Port Description : Etherne
39-27Chapter 39: LLDP CommandsExampleswitch#show lldp info statistics LLDP Device Statistics Neighbor Entries List Last Updated : 2450279 seconds Ne
SSE-G2252/SSE-G2252P Switches User’s Manual39-28Notes
40-1Chapter 40: Domain Name Service CommandsChapter 40Domain Name Service CommandsThese commands are used to configure Domain Naming System (DNS) serv
SSE-G2252/SSE-G2252P Switches User’s Manual5-165. Click APPLYSetting the SNTP Polling IntervalUse the SYSTEM > TIME (CONFIGURE GENERAL - SNTP) page
SSE-G2252/SSE-G2252P Switches User’s Manual40-2ip domain-listThis command defines a list of domain names that can be appended to incomplete host names
40-3Chapter 40: Domain Name Service Commandsip domain-lookupThis command enables DNS host name-to-address translation. Use the no form to disable DNS.
SSE-G2252/SSE-G2252P Switches User’s Manual40-4ip domain-nameThis command defines the default domain name appended to incomplete host names (i.e., hos
40-5Chapter 40: Domain Name Service Commandsip hostThis command creates a static entry in the DNS table that maps a host name to an IPv4 address. Use
SSE-G2252/SSE-G2252P Switches User’s Manual40-6ip name-serverThis command specifies the address of one or more domain name servers to use for name-to-
40-7Chapter 40: Domain Name Service Commandsipv6 hostThis command creates a static entry in the DNS table that maps a host name to an IPv6 address. Us
SSE-G2252/SSE-G2252P Switches User’s Manual40-8clear hostThis command deletes dynamic entries from the DNS table.Syntax clear host {name | *}name - Na
40-9Chapter 40: Domain Name Service Commandsshow dns cacheThis command displays entries in the DNS cache.Command Mode Privileged ExecExample SSE-G2252
SSE-G2252/SSE-G2252P Switches User’s Manual40-10show hostsThis command displays the static host name-to-address mapping table.Command Mode Privileged
41-1Chapter 41: DHCP CommandsChapter 41DHCP CommandsThese commands are used to configure Dynamic Host Configuration Protocol (DHCP) client functions.
5-17Chapter 5: Basic Management TasksSpecifying SNTP Time ServersUse the SYSTEM > TIME (CONFIGURE TIME SERVER) page to specify the IP address for u
SSE-G2252/SSE-G2252P Switches User’s Manual41-2ip dhcp client class-idThis command specifies the DCHP client vendor class identifier for the current i
41-3Chapter 41: DHCP Commandsip dhcp restart clientThis command submits a BOOTP or DHCP client request.Default Setting NoneCommand Mode Privileged Exe
SSE-G2252/SSE-G2252P Switches User’s Manual41-4ipv6 dhcp restart client vlanThis command submits a DHCPv6 client request.Syntax ipv6 dhcp restart clie
41-5Chapter 41: DHCP Commandsshow ip dhcp client-identifierThis command shows the DHCP client identifier for all interfaces.Command Mode Privileged Ex
SSE-G2252/SSE-G2252P Switches User’s Manual41-6Command Mode Privileged ExecExample SSE-G2252#show ipv6 dhcp vlan 1VLAN 1 is in DHCP client mode, Rapid
42-1Chapter 42: IP Interface CommandsChapter 42IP Interface Commands An IP Version 4 and Version 6 address may be used for management access to the sw
SSE-G2252/SSE-G2252P Switches User’s Manual42-2Basic IPv4 ConfigurationThis section describes commands used to configure IP addresses for VLAN interfa
42-3Chapter 42: IP Interface CommandsCommand Usage • An IP address must be assigned to this device to gain management access over the network or to co
SSE-G2252/SSE-G2252P Switches User’s Manual42-4ip default-gatewayThis command specifies the default gateway for destinations not found in the local ro
42-5Chapter 42: IP Interface Commandsshow ip default-gatewayThis command shows the IPv4 default gateway configured for this device.Default Setting Non
SSE-G2252/SSE-G2252P Switches User’s Manual5-18Setting the Time ZoneUse the SYSTEM > TIME (CONFIGURE TIME SERVER) page to set the time zone. SNTP u
SSE-G2252/SSE-G2252P Switches User’s Manual42-6tracerouteThis command shows the route packets take to the specified destination. Syntax traceroute hos
42-7Chapter 42: IP Interface CommandspingThis command sends (IPv4) ICMP echo request packets to another node on the network.Syntax ping host [count co
SSE-G2252/SSE-G2252P Switches User’s Manual42-8Example SSE-G2252#ping 10.1.0.9Type ESC to abort.PING to 10.1.0.9, by 5 32-byte payload ICMP packets, t
42-9Chapter 42: IP Interface CommandsCommand Mode Global ConfigurationCommand Usage • When a ARP entry expires, it is deleted from the cache and an AR
SSE-G2252/SSE-G2252P Switches User’s Manual42-10show arpThis command displays entries in the Address Resolution Protocol (ARP) cache.Command Mode Norm
5-19Chapter 5: Basic Management Tasks5-7 Configuring the Console PortUse the SYSTEM > CONSOLE menu to configure connection parameters for the switc
SSE-G2252/SSE-G2252P Switches User’s Manual5-20• Data Bits – Sets the number of data bits per character that are interpreted and generated by the cons
5-21Chapter 5: Basic Management Tasks5-8 Configuring Telnet SettingsUse the SYSTEM > TELNET menu to configure parameters for accessing the CLI over
xiTable of ContentsAutomatic Operation Code Upgrade...5-115-6 Setting the System Clock...
SSE-G2252/SSE-G2252P Switches User’s Manual5-22• Silent Time – Sets the amount of time the management interface is inaccessible after the number of un
5-23Chapter 5: Basic Management Tasks• CPU Utilization – CPU utilization over specified interval.Web InterfaceTo display CPU utilization:1. Click SYST
SSE-G2252/SSE-G2252P Switches User’s Manual5-245-11 Resetting the SystemUse the SYSTEM > RELOAD menu to restart the switch immediately, at a specif
5-25Chapter 5: Basic Management Tasks• minutes – The number of minutes, combined with the hours, before the switch resets. (Range: 0-59)• At – Specifi
SSE-G2252/SSE-G2252P Switches User’s Manual5-26Figure 5-18. Restarting the Switch (Immediately)Figure 5-19. Restarting the Switch (In)
5-27Chapter 5: Basic Management TasksFigure 5-20. Restarting the Switch (At)Figure 5-21. Restarting the Switch (Regularly)
SSE-G2252/SSE-G2252P Switches User’s Manual5-28
6-1Chapter 6: Interface ConfigurationChapter 6Interface ConfigurationThis chapter describes the following topics:• Port Configuration – Configures con
SSE-G2252/SSE-G2252P Switches User’s Manual6-2• The 1000BASE-T standard does not support forced mode. Auto-negotiation should always be used to establ
6-3Chapter 6: Interface ConfigurationAvoid using flow control on a port connected to a hub unless it is actually required to solve a problem. Otherwis
SSE-G2252/SSE-G2252P Switches USER’S MANUALxiiUntagged VLANs ...7-3Autom
SSE-G2252/SSE-G2252P Switches User’s Manual6-4Configuring by Port RangeUse the INTERFACE > PORT > GENERAL (CONFIGURE BY PORT RANGE) page to enab
6-5Chapter 6: Interface ConfigurationFigure 6-2. Configuring Connections by Port Range
SSE-G2252/SSE-G2252P Switches User’s Manual6-6Displaying Connection StatusUse the Interface > PORT > GENERAL (SHOW INFORMATION) page to display
6-7Chapter 6: Interface ConfigurationConfiguring Local Port MirroringUse the INTERFACE > PORT > MIRROR page to mirror traffic from any source po
SSE-G2252/SSE-G2252P Switches User’s Manual6-8• When mirroring port traffic, the target port must be included in the same VLAN as the source port when
6-9Chapter 6: Interface ConfigurationTo display the configured mirror sessions:1. Click INTERFACE > PORT > MIRROR.2. Select SHOW from the Action
SSE-G2252/SSE-G2252P Switches User’s Manual6-10CLI References See Section 30-2: "RSPAN Mirroring Commands" on page 30-5 for CLI reference in
6-11Chapter 6: Interface Configuration• MAC address learning is not supported on RSPAN uplink ports when RSPAN is enabled on the switch. Therefore, ev
SSE-G2252/SSE-G2252P Switches User’s Manual6-12• Type – Specifies the traffic type to be mirrored remotely. (Options: Rx, Tx, Both)• Destination Port
6-13Chapter 6: Interface ConfigurationShowing Port or Trunk StatisticsUse the INTERFACE > PORT/TRUNK > STATISTICS or CHART page to display stand
xiiiTable of Contents10-2 Storm Control...10-410-3 Automatic Traffic Con
SSE-G2252/SSE-G2252P Switches User’s Manual6-14CLI References See "show interfaces counters" on page 27-14 for CLI reference information.Par
6-15Chapter 6: Interface ConfigurationTransmitted Broadcast PacketsThe total number of packets that higher-level protocols requested be transmitted, a
SSE-G2252/SSE-G2252P Switches User’s Manual6-16Web InterfaceTo show a list of port statistics:1. Click INTERFACE > PORT > STATISTICS.2. Select t
6-17Chapter 6: Interface ConfigurationTo show a chart of port statistics:1. Click INTERFACE > PORT > CHART.2. Select the statistics mode to disp
SSE-G2252/SSE-G2252P Switches User’s Manual6-18Performing Cable DiagnosticsUse the INTERFACE > PORT > CABLE TEST page to test the cable attached
6-19Chapter 6: Interface ConfigurationFor link-down ports, the reported distance to a fault is accurate to within +/- 2 meters. For link-up ports, the
SSE-G2252/SSE-G2252P Switches User’s Manual6-20The switch supports both static trunking and dynamic Link Aggregation Control Protocol (LACP). Static t
6-21Chapter 6: Interface ConfigurationCLI References See Chapter 28: "Link Aggregation Commands" on page 28-1 and Chapter 27: "Interfac
SSE-G2252/SSE-G2252P Switches User’s Manual6-22To configure connection parameters for a static trunk:1. Click INTERFACE > TRUNK > STATIC.2. Sele
6-23Chapter 6: Interface ConfigurationConfiguring a Dynamic TrunkUse the INTERFACE > TRUNK > DYNAMIC (CONFIGURE AGGREGATOR) page to set the admi
SSE-G2252/SSE-G2252P Switches USER’S MANUALxivConfiguring Global Settings for Network Access ...14-24Configuring Network
SSE-G2252/SSE-G2252P Switches User’s Manual6-24• Ports are only allowed to join the same Link Aggregation Group (LAG) if (1) the LACP port system prio
6-25Chapter 6: Interface ConfigurationWeb InterfaceTo configure the admin key for a dynamic trunk:1. Click INTERFACE > TRUNK > DYNAMIC.2. Select
SSE-G2252/SSE-G2252P Switches User’s Manual6-26To configure LACP parameters for group members:1. Click INTERFACE > TRUNK > DYNAMIC.2. Select CON
6-27Chapter 6: Interface Configuration4. Modify the required interface settings. (Refer to "Configuring by Port List" on page 6-1 for a desc
SSE-G2252/SSE-G2252P Switches User’s Manual6-28Displaying LACP Port CountersUse the INTERFACE > TRUNK > DYNAMIC (CONFIGURE AGGREGATION PORT - SH
6-29Chapter 6: Interface ConfigurationDisplaying LACP Settings and Status for the Local SideUse the INTERFACE > TRUNK > DYNAMIC (CONFIGURE AGGRE
SSE-G2252/SSE-G2252P Switches User’s Manual6-30Web InterfaceTo display LACP settings and status for the local side:1. Click INTERFACE > TRUNK >
6-31Chapter 6: Interface ConfigurationDisplaying LACP Settings and Status for the Remote SideUse the INTERFACE > TRUNK > DYNAMIC (CONFIGURE AGGR
SSE-G2252/SSE-G2252P Switches User’s Manual6-32Web InterfaceTo display LACP settings and status for the remote side:1. INTERFACE > TRUNK > DYNAM
6-33Chapter 6: Interface ConfigurationCLI References See Section 30-1: "Local Port Mirroring Commands" on page 30-1 for CLI reference inform
xvTable of ContentsDisplaying Information for Dynamic IP Source Guard Bindings...14-8814-13 DHCP Snooping...
SSE-G2252/SSE-G2252P Switches User’s Manual6-34Web InterfaceTo configure a local mirror session:1. Click INTERFACE > TRUNK > MIRROR2. Select ADD
6-35Chapter 6: Interface ConfigurationCommand Usage• IEEE 802.3 defines the Ethernet standard and subsequent power requirements based on cable connect
SSE-G2252/SSE-G2252P Switches User’s Manual6-363. Click APPLY.6-4 Traffic SegmentationIf tighter security is required for passing traffic from differe
6-37Chapter 6: Interface ConfigurationWeb InterfaceTo enable traffic segmentation:1. Click INTERFACE > TRAFFIC SEGMENTATION.2. Select CONFIGURE GLO
SSE-G2252/SSE-G2252P Switches User’s Manual6-383. Click PORT or TRUNK to specify the interface type.4. Select UPLINK or DOWNLINK in the Direction list
6-39Chapter 6: Interface ConfigurationWithout VLAN trunking, you would have to configure VLANs 1 and 2 on all intermediate switches – C, D and E; othe
SSE-G2252/SSE-G2252P Switches User’s Manual6-40Figure 6-35. Configuring VLAN Trunking
7-1Chapter 7: VLAN ConfigurationChapter 7VLAN ConfigurationThis chapter includes the following topics:• IEEE 802.1Q VLANs – Configures static and dyna
SSE-G2252/SSE-G2252P Switches User’s Manual7-2• Port overlapping, allowing a port to participate in multiple VLANs• End stations can belong to multipl
7-3Chapter 7: VLAN ConfigurationPort OverlappingPort overlapping can be used to allow access to commonly shared network resources among different VLAN
SSE-G2252/SSE-G2252P Switches USER’S MANUALxvi15-7 Setting A Time Range ...15-71Chapter 1
SSE-G2252/SSE-G2252P Switches User’s Manual7-4Forwarding Tagged/Untagged FramesIf you want to create a small port-based VLAN for devices attached dire
7-5Chapter 7: VLAN ConfigurationParametersThese parameters are displayed in the web interface:• VLAN ID – ID of VLAN or range of VLANs (1-4093).Up to
SSE-G2252/SSE-G2252P Switches User’s Manual7-6Adding Static Members to VLANsUse the VLAN > STATIC (MODIFY VLAN AND MEMBER PORTS, EDIT MEMBER BY INT
7-7Chapter 7: VLAN Configuration• PVID – VLAN ID assigned to untagged frames received on the interface. (Default: 1)When using Access mode, and an int
SSE-G2252/SSE-G2252P Switches User’s Manual7-8Edit Member by Interface RangeAll parameters are the same as those described under the earlier section f
7-9Chapter 7: VLAN Configuration3. Select a port or trunk configure.4. Modify the settings for any interface as required. 5. Click APPLY.To configure
SSE-G2252/SSE-G2252P Switches User’s Manual7-10Configuring Dynamic VLAN RegistrationUse the VLAN > DYNAMIC page to enable GVRP globally on the swit
7-11Chapter 7: VLAN Configuration• LeaveAll – The interval between sending out a LeaveAll query message for VLAN group participants and the port leavi
SSE-G2252/SSE-G2252P Switches User’s Manual7-12To show the dynamic VLAN joined by this switch:1. Click VLAN > DYNAMIC.2. Select SHOW DYNAMIC VLAN f
7-13Chapter 7: VLAN Configuration7-2 IEEE 802.1Q TunnelingIEEE 802.1Q Tunneling (QinQ) is designed for service providers carrying traffic for multiple
xviiTable of ContentsShowing Multicast Group Members...18-30Chapter 19 Using the Command Line Interfa
SSE-G2252/SSE-G2252P Switches User’s Manual7-14When a double-tagged packet enters another trunk port in an intermediate or core switch in the service
7-15Chapter 7: VLAN Configuration3. After packet classification through the switching process, the packet is written to memory with one tag (an outer
SSE-G2252/SSE-G2252P Switches User’s Manual7-168. If the egress port is an untagged member of the SPVLAN, the outer tag will be stripped. If it is a t
7-17Chapter 7: VLAN ConfigurationEnabling QinQ Tunneling on the SwitchUse the VLAN > TUNNEL (CONFIGURE GLOBAL) page to configure the switch to oper
SSE-G2252/SSE-G2252P Switches User’s Manual7-18Adding an Interface to a QinQ TunnelFollow the guidelines in the preceding section to set up a QinQ tun
7-19Chapter 7: VLAN Configuration• Uplink – Configures QinQ tunneling for an uplink port to another device within the service provider network.Web Int
SSE-G2252/SSE-G2252P Switches User’s Manual7-20VLAN for each major protocol running on your network. Do not add port members at this time. 2. Create a
7-21Chapter 7: VLAN Configuration4. Select an entry from the Frame Type list.5. Select an entry from the Protocol Type list.6. Enter an identifier for
SSE-G2252/SSE-G2252P Switches User’s Manual7-22Command Usage• When creating a protocol-based VLAN, only assign interfaces using this configuration scr
7-23Chapter 7: VLAN ConfigurationTo show the protocol groups mapped to a port or trunk:1. Click VLAN > PROTOCOL.2. Select CONFIGURE INTERFACE from
SSE-G2252/SSE-G2252P Switches USER’S MANUALxviiishow memory...21-
SSE-G2252/SSE-G2252P Switches User’s Manual7-24Command Usage• Each IP subnet can be mapped to only one VLAN ID. An IP subnet consists of an IP address
7-25Chapter 7: VLAN ConfigurationTo show the configured IP subnet VLANs:1. Click VLAN > IP SUBNET.2. Select SHOW from the Action list.7-5 Configuri
SSE-G2252/SSE-G2252P Switches User’s Manual7-26• Configured MAC addresses cannot be broadcast or multicast addresses.• When MAC-based, IP subnet-based
7-27Chapter 7: VLAN Configuration7-6 Configuring VLAN MirroringUse the VLAN > MIRROR (ADD) page to mirror traffic from one or more source VLANs to
SSE-G2252/SSE-G2252P Switches User’s Manual7-28ParametersThese parameters are displayed in the web interface:• Source VLAN – A VLAN whose traffic will
8-1Chapter 8: Address Table SettingsChapter 8Address Table SettingsSwitches store the addresses for all known devices. This information is used to pas
SSE-G2252/SSE-G2252P Switches User’s Manual8-2ParametersThese parameters are displayed in the web interface:• VLAN – ID of configured VLAN. (Range: 1-
8-3Chapter 8: Address Table Settings8-2 Changing the Aging TimeUse the MAC Address > Dynamic (Configure Aging) page to set the aging time for entri
SSE-G2252/SSE-G2252P Switches User’s Manual8-48-3 Displaying the Dynamic Address TableUse the MAC ADDRESS > DYNAMIC (SHOW DYNAMIC MAC) page to disp
8-5Chapter 8: Address Table Settings8-4 Clearing the Dynamic Address TableUse the MAC ADDRESS > DYNAMIC (CLEAR DYNAMIC MAC) page to remove any lear
xixTable of Contentsshow log...21-43show logging...
SSE-G2252/SSE-G2252P Switches User’s Manual8-68-5 Configuring MAC Address MirroringUse the MAC ADDRESS > MIRROR (ADD) page to mirror traffic matchi
8-7Chapter 8: Address Table Settings• Target Port – The port that will mirror the traffic from the source port. (SSE-G2252/P: 1-52)Web InterfaceTo mir
SSE-G2252/SSE-G2252P Switches User’s Manual8-8
9-1Chapter 9: Spanning Tree AlgorithmChapter 9Spanning Tree AlgorithmThis chapter describes the following basic topics:• Configuring Loopback Detectio
SSE-G2252/SSE-G2252P Switches User’s Manual9-2STPSTP uses a distributed algorithm to select a bridging device (STP-compliant switch, bridge or router)
9-3Chapter 9: Spanning Tree AlgorithmAn MST Region consists of a group of interconnected bridges that have the An MST Region consists of a group of in
SSE-G2252/SSE-G2252P Switches User’s Manual9-4Once you specify the VLANs to include in a Multiple Spanning Tree Instance (MSTI), the protocol will aut
9-5Chapter 9: Spanning Tree Algorithm• Release – Allows an interface to be manually released from discard mode. This is only available if the interfac
SSE-G2252/SSE-G2252P Switches User’s Manual9-6Uses RSTP for the internal state machine, but sends only 802.1D BPDUs. This creates one spanning tree in
9-7Chapter 9: Spanning Tree Algorithm• Priority – Bridge priority is used in selecting the root device, root port, and designated port. The device wit
SSE-G2252/SSE-G2252P Switches USER’S MANUALiiThe information in this USER’S MANUAL has been carefully reviewed and is believed to be accurate. The ven
SSE-G2252/SSE-G2252P Switches USER’S MANUALxxsnmp-server enable traps ...22-7snmp-se
SSE-G2252/SSE-G2252P Switches User’s Manual9-8• Maximum: The lower of 40 or [2 x (Forward Delay - 1)]• Forward Delay – The maximum time (in seconds) t
9-9Chapter 9: Spanning Tree AlgorithmConfiguration Settings for MSTP • Max Instance Numbers – The maximum number of MSTP instances to which this switc
SSE-G2252/SSE-G2252P Switches User’s Manual9-10Figure 9-5. Configuring Global Settings for STA (STP)Figure 9-6. Configuring Global Settings for STA (R
9-11Chapter 9: Spanning Tree AlgorithmDisplaying Global Settings for STAUse the SPANNING TREE > STA (CONFIGURE GLOBAL - SHOW INFORMATION) page to d
SSE-G2252/SSE-G2252P Switches User’s Manual9-12• Root Port – The number of the port on this switch that is closest to the root. This switch communicat
9-13Chapter 9: Spanning Tree AlgorithmPARAMETERSThese parameters are displayed in the web interface:• Interface – Displays a list of ports or trunks.•
SSE-G2252/SSE-G2252P Switches User’s Manual9-14• Range: 0-240, in steps of 16• Admin Path Cost – This parameter is used by the STA to determine the be
9-15Chapter 9: Spanning Tree Algorithm• Admin Edge Port – Refer to “Admin Edge Status for all ports” at the beginning of this section. • BPDU Guard –
SSE-G2252/SSE-G2252P Switches User’s Manual9-169-5 Displaying Interface Settings for STAUse the SPANNING TREE > STA (CONFIGURE INTERFACE - SHOW INF
9-17Chapter 9: Spanning Tree Algorithm• If two ports of a switch are connected to the same segment and there is no other STA device attached to this s
xxiTable of Contents24-4 TACACS+ Client...24-13tacacs-server host...
SSE-G2252/SSE-G2252P Switches User’s Manual9-18Web InterfaceTo display interface settings for STA:1. Click SPANNING TREE > STA.2. Select CONFIGURE
9-19Chapter 9: Spanning Tree Algorithm9-6 Configuring Multiple Spanning TreesUse the SPANNING TREE > MSTP (CONFIGURE GLOBAL) page to create an MSTP
SSE-G2252/SSE-G2252P Switches User’s Manual9-203. Add the VLANs that will share this MSTI on the Spanning Tree > MSTP (Configure Global - Add Membe
9-21Chapter 9: Spanning Tree Algorithm3. Select SHOW INFORMATION from the Action list. 4. Select an MST ID. The attributes displayed on this page are
SSE-G2252/SSE-G2252P Switches User’s Manual9-229-7 Configuring Interface Settings for MSTPUse the SPANNING TREE > MSTP (CONFIGURE INTERFACE - CONFI
9-23Chapter 9: Spanning Tree Algorithm• Priority – Defines the priority used for this port in the Spanning Tree Protocol. If the path cost for all por
SSE-G2252/SSE-G2252P Switches User’s Manual9-24To display MSTP parameters for a port or trunk:1. Click SPANNING TREE > MSTP.2. Select CONFIGURE INT
10-1Chapter 10: Congestion ControlChapter 10Congestion ControlThe switch can set the maximum upload or download data transfer rate for any port. It ca
SSE-G2252/SSE-G2252P Switches User’s Manual10-2Therefore, when the rate limit is set at 64 kbit/s, each scale has a shared bandwidth of 80 bytes.When
10-3Chapter 10: Congestion ControlParametersThese parameters are displayed in the web interface:• Port – Displays the port number.• Type – Indicates t
SSE-G2252/SSE-G2252P Switches USER’S MANUALxxii24-9 802.1X Port Authentication...24-46dot1x defau
SSE-G2252/SSE-G2252P Switches User’s Manual10-410-2 Storm ControlUse the TRAFFIC > CONGESTION CONTROL > STORM CONTROL page to configure broadcas
10-5Chapter 10: Congestion ControlParametersThese parameters are displayed in the web interface:• Interface – Displays a list of ports or trunks.• Typ
SSE-G2252/SSE-G2252P Switches User’s Manual10-610-3 Automatic Traffic ControlUse the TRAFFIC > CONGESTION CONTROL > AUTO TRAFFIC CONTROL pages t
10-7Chapter 10: Congestion Control• The traffic control response of rate limiting can be released automatically or manually. The control response of s
SSE-G2252/SSE-G2252P Switches User’s Manual10-8Command Usage• After the apply timer expires, the settings in the TRAFFIC > AUTOMATIC TRAFFIC CONTRO
10-9Chapter 10: Congestion ControlConfiguring ATC Thresholds and ResponsesUse the TRAFFIC > CONGESTION CONTROL > AUTO TRAFFIC CONTROL (CONFIGURE
SSE-G2252/SSE-G2252P Switches User’s Manual10-10• Alarm Fire Threshold – The upper threshold for ingress traffic beyond which a storm control response
10-11Chapter 10: Congestion ControlFigure 10-6. Configuring ATC Interface Attributes
SSE-G2252/SSE-G2252P Switches User’s Manual10-12Notes
11-1Chapter 11: Class of ServiceChapter 11Class of ServiceClass of Service (CoS) allows you to specify which data packets have greater precedence when
xxiiiTable of Contentsnetwork-access mode mac-authentication...25-14network-access port-mac-filter...
SSE-G2252/SSE-G2252P Switches User’s Manual11-2• If the output port is an untagged member of the associated VLAN, these frames are stripped of all VLA
11-3Chapter 11: Class of ServiceCLI ReferencesSee "queue mode" on page 36-2 and "show queue mode" on page 36-6 for CLI reference i
SSE-G2252/SSE-G2252P Switches User’s Manual11-4• Strict Mode – If “Strict and WRR” mode is selected, then a combination of strict and weighted service
11-5Chapter 11: Class of ServiceMapping CoS Values to Egress QueuesUse the TRAFFIC > PRIORITY > PHB TO QUEUE page to specify the hardware output
SSE-G2252/SSE-G2252P Switches User’s Manual11-6CLI ReferencesSee "qos map phb-queue" on page 36-10 for CLI reference information.Command Usa
11-7Chapter 11: Class of ServiceTo show the internal PHB to hardware queue map:1. Click TRAFFIC > PRIORITY > PHB TO QUEUE.2. Select SHOW from th
SSE-G2252/SSE-G2252P Switches User’s Manual11-8Because different priority information may be contained in the traffic, this switch maps priority value
11-9Chapter 11: Class of ServiceWeb InterfaceTo configure the trust mode:1. Click PRIORITY > TRUST MODE.2. Select the interface type to display (PO
SSE-G2252/SSE-G2252P Switches User’s Manual11-10• This map is only used when the priority mapping mode is set to DSCP (see page 11-8), and the ingress
11-11Chapter 11: Class of ServiceWeb InterfaceTo map DSCP values to internal PHB/drop precedence:1. Click TRAFFIC > PRIORITY > DSCP TO DSCP.2. S
SSE-G2252/SSE-G2252P Switches USER’S MANUALxxivip arp inspection log-buffer logs...25-46ip arp
SSE-G2252/SSE-G2252P Switches User’s Manual11-12CLI ReferencesSee "qos map cos-dscp" on page 36-7 for CLI reference information.Command Usag
11-13Chapter 11: Class of ServiceWeb InterfaceTo map CoS/CFI values to internal PHB/drop precedence:1. Click TRAFFIC > PRIORITY > COS TO DSCP.2.
SSE-G2252/SSE-G2252P Switches User’s Manual11-14Figure 11-11. Showing CoS to DSCP Internal Mapping
12-1Chapter 12: Quality of ServiceChapter 12Quality of Service This chapter describes the following tasks required to apply QoS policies:"Configu
SSE-G2252/SSE-G2252P Switches User’s Manual12-2Command UsageTo create a service policy for a specific category or ingress traffic, follow these steps:
12-3Chapter 12: Quality of ServiceAdd Rule• Class Name – Name of the class map.• Type – Only one match command is permitted per class map, so the matc
SSE-G2252/SSE-G2252P Switches User’s Manual12-4To edit the rules for a class map: 1. Click TRAFFIC > DIFFSERV.2. Select CONFIGURE CLASS from the St
12-5Chapter 12: Quality of Service12-3 Creating QoS PoliciesUse the TRAFFIC > DIFFSERV (CONFIGURE POLICY) page to create a policy map that can be a
SSE-G2252/SSE-G2252P Switches User’s Manual12-6• The PHB label is composed of five bits, three bits for per-hop behavior, and two bits for the color s
12-7Chapter 12: Quality of ServiceThe metering policy guarantees a deterministic behavior where the volume of green packets is never smaller than what
xxvTable of ContentsChapter 27 Interface Commands ...27-1interface ...
SSE-G2252/SSE-G2252P Switches User’s Manual12-8• if the packet has been precolored as yellow or if Tc(t)-B < 0, the packet is yellow and Tp is decr
12-9Chapter 12: Quality of ServiceSee Table 11-5: "Default Mapping of CoS/CFI to Internal PHB/Drop Precedence" on page 11-12). • Set PHB – C
SSE-G2252/SSE-G2252P Switches User’s Manual12-10• srTCM (Police Meter) – Defines the committed information rate (CIR, or maximum throughput), committe
12-11Chapter 12: Quality of Service• trTCM (Police Meter) – Defines the committed information rate (CIR, or maximum throughput), peak information rate
SSE-G2252/SSE-G2252P Switches User’s Manual12-12• Set IP DSCP – Decreases DSCP priority for out of conformance traffic. (Range: 0-63).• Drop – Drops o
12-13Chapter 12: Quality of ServiceTo edit the rules for a policy map: 1. Click TRAFFIC > DIFFSERV.2. Select CONFIGURE POLICY from the Step list.3.
SSE-G2252/SSE-G2252P Switches User’s Manual12-1412-4 Attaching a Policy Map to a PortUse the TRAFFIC > DIFFSERV (CONFIGURE INTERFACE) page to bind
12-15Chapter 12: Quality of ServiceFigure 12-9. Attaching a Policy Map to a Port
SSE-G2252/SSE-G2252P Switches User’s Manual12-16
13-1Chapter 13: VoIP Traffic ConfigurationChapter 13VoIP Traffic ConfigurationThis chapter covers the following topics:• "Configuring VoIP Traffi
SSE-G2252/SSE-G2252P Switches USER’S MANUALxxviChapter 30 Port Mirroring Commands ...30-130-1 Local Port Mirroring Comm
SSE-G2252/SSE-G2252P Switches User’s Manual13-2Command Usage All ports are set to VLAN access mode by default. Prior to enabling VoIP for a port (by s
13-3Chapter 13: VoIP Traffic Configuration13-3 Configuring Telephony OUIVoIP devices attached to the switch can be identified by the manufacturer’s Or
SSE-G2252/SSE-G2252P Switches User’s Manual13-4To show the MAC OUI numbers used for VoIP equipment: 1. Click TRAFFIC > VOIP.2. Select CONFIGURE OUI
13-5Chapter 13: VoIP Traffic Configuration• Mode – Specifies if the port will be added to the Voice VLAN when VoIP traffic is detected. (Default: None
SSE-G2252/SSE-G2252P Switches User’s Manual13-63. Configure any required changes to the VoIP settings each port.4. Click APPLY. Figure 13-4. Configuri
14-1Chapter 14: Security MeasuresChapter 14Security MeasuresYou can configure this switch to authenticate users logging into the system for management
SSE-G2252/SSE-G2252P Switches User’s Manual14-214-1 AAA Authorization and AccountingThe Authentication, authorization, and accounting (AAA) feature pr
14-3Chapter 14: Security MeasuresConfiguring Local/Remote Logon AuthenticationUse the SECURITY > AAA > SYSTEM AUTHENTICATION page to specify loc
SSE-G2252/SSE-G2252P Switches User’s Manual14-4Configuring Remote Logon Authentication ServersUse the SECURITY > AAA > SERVER page to configure
14-5Chapter 14: Security MeasuresCLI ReferencesSee Section 24-3: "RADIUS Client" on page 24-7, Section 24-4: "TACACS+ Client" on p
xxviiTable of ContentsChapter 34 Spanning Tree Commands...34-1spanning-tree...
SSE-G2252/SSE-G2252P Switches User’s Manual14-6• Authentication Key – Encryption key used to authenticate logon access for client. Do not use blank sp
14-7Chapter 14: Security Measures4. Select GLOBAL to specify the parameters that apply globally to all specified servers, or select a specific Server
SSE-G2252/SSE-G2252P Switches User’s Manual14-85. Enter the group name, followed by the index of the server to use for each priority level.6. Click AP
14-9Chapter 14: Security MeasuresConfiguring AAA AccountingUse the SECURITY > AAA > ACCOUNTING page to enable accounting of requested services f
SSE-G2252/SSE-G2252P Switches User’s Manual14-10Configure Service• Accounting Type – Specifies the service as 802.1X, Command or Exec as described in
14-11Chapter 14: Security MeasuresTo configure the accounting method applied to various service types and the assigned server group: 1. Click SECURITY
SSE-G2252/SSE-G2252P Switches User’s Manual14-12To configure the accounting method applied to specific interfaces, console commands entered at specifi
14-13Chapter 14: Security MeasuresTo display a summary of the configured accounting methods and assigned server groups for specified service types: 1.
SSE-G2252/SSE-G2252P Switches User’s Manual14-14Configuring AAA AuthorizationUse the SECURITY > AAA > AUTHORIZATION page to enable authorization
14-15Chapter 14: Security Measures• Interface - Displays the console or Telnet interface to which these rules apply. (This field is null if the author
SSE-G2252/SSE-G2252P Switches USER’S MANUALxxviiishow bridge-ext...3
SSE-G2252/SSE-G2252P Switches User’s Manual14-16To configure the authorization method applied to local console, Telnet, or SSH connections: 1. Click S
14-17Chapter 14: Security Measures14-2 Configuring User AccountsUse the SECURITY > USER ACCOUNTS page to control management access to the switch ba
SSE-G2252/SSE-G2252P Switches User’s Manual14-18Web InterfaceTo configure user accounts: 1. Click SECURITY > USER ACCOUNTS.2. Select ADD from the A
14-19Chapter 14: Security Measures14-3 Web AuthenticationWeb authentication allows stations to authenticate and access the network in situations where
SSE-G2252/SSE-G2252P Switches User’s Manual14-20• Login Attempts – Configures the amount of times a supplicant may attempt and fail authentication bef
14-21Chapter 14: Security MeasuresConfiguring Interface Settings for Web AuthenticationUse the SECURITY > WEB AUTHENTICATION (CONFIGURE INTERFACE)
SSE-G2252/SSE-G2252P Switches User’s Manual14-2214-4 Network Access (MAC Address Authentication) Some devices connected to switch ports may not be abl
14-23Chapter 14: Security Measures• When port status changes to down, all MAC addresses mapped to that port are cleared from the secure MAC address ta
SSE-G2252/SSE-G2252P Switches User’s Manual14-24• The Filter-ID attribute is empty.• The Filter-ID attribute format for dynamic QoS assignment is unre
14-25Chapter 14: Security Measures• Reauthentication Time – Sets the time period after which a connected host must be reauthenticated. When the reauth
xxixTable of Contentsvoice vlan mac-address ...35-38switchport voice vlan ...
SSE-G2252/SSE-G2252P Switches User’s Manual14-26• Max MAC Count1 – Sets the maximum number of MAC addresses that can be authenticated on a port via MA
14-27Chapter 14: Security Measures3. Click the GENERAL button.4. Make any configuration changes required to enable address authentication on a port, s
SSE-G2252/SSE-G2252P Switches User’s Manual14-28• Trap and shutdown – An SNMP trap is sent and the port is shut down.• Shutdown – The port is shut dow
14-29Chapter 14: Security MeasuresCommand Usage• Specified MAC addresses are exempt from authentication.• Up to 65 filter tables can be defined.• Ther
SSE-G2252/SSE-G2252P Switches User’s Manual14-30Displaying Secure MAC Address InformationUse the SECURITY > NETWORK ACCESS (SHOW INFORMATION) page
14-31Chapter 14: Security MeasuresWeb InterfaceTo display the authenticated MAC addresses stored in the secure MAC address table: 1. Click SECURITY &g
SSE-G2252/SSE-G2252P Switches User’s Manual14-32Command Usage• HTTP and HTTPS are implemented as mutually exclusive services on the switch. (HTTP can
14-33Chapter 14: Security Measures• HTTPS Port – Specifies the UDP port number used for HTTPS connection to the switch’s web interface. (Default: Port
SSE-G2252/SSE-G2252P Switches User’s Manual14-34CLI ReferencesSee Section 24-6: "Web Server" on page 24-27 for CLI reference information.Par
14-35Chapter 14: Security MeasuresThe Secure Shell (SSH) includes server/client applications intended as a secure replacement for the older Berkeley r
iiiPrefaceAbout this ManualThis manual is written for professional system integrators, Information Technology professionals, service personnel, techni
SSE-G2252/SSE-G2252P Switches USER’S MANUALxxxChapter 38 Multicast Filtering Commands ...38-138-1 IGMP Snooping...
SSE-G2252/SSE-G2252P Switches User’s Manual14-36Accounts page as described on Section 14-2: "Configuring User Accounts" on page 14-17.) The
14-37Chapter 14: Security MeasuresAuthenticating SSH v2 Clientsa. The client first queries the switch to determine if DSA public key authentication us
SSE-G2252/SSE-G2252P Switches User’s Manual14-38• The server key is a private key that is never shared outside the switch.• The host key is shared wit
14-39Chapter 14: Security Measures• Host-Key Type – The key type used to generate the host key pair (i.e., public and private keys). (Range: RSA (Vers
SSE-G2252/SSE-G2252P Switches User’s Manual14-40Importing User Public KeysUse the SECURITY > SSH (CONFIGURE USER KEY - COPY) page to upload a user’
14-41Chapter 14: Security Measures• Source File Name – The public key file to upload. Web InterfaceTo copy the SSH user’s public key: 1. Click SECURIT
SSE-G2252/SSE-G2252P Switches User’s Manual14-4214-7 Access Control ListsAccess Control Lists (ACL) provide packet filtering for IPv4 frames (based on
14-43Chapter 14: Security MeasuresShowing TCAM UtilizationUse the SECURITY > ACL (CONFIGURE ACL - SHOW TCAM) page to show utilization parameters fo
SSE-G2252/SSE-G2252P Switches User’s Manual14-44Setting the ACL Name and TypeUse the SECURITY > ACL (CONFIGURE ACL - ADD) page to create an ACL.CLI
14-45Chapter 14: Security MeasuresWeb InterfaceTo configure the name and type of an ACL: 1. Click SECURITY > ACL.2. Select CONFIGURE ACL from the S
xxxiTable of Contentsmvr...38-35mvr immediate-leave
SSE-G2252/SSE-G2252P Switches User’s Manual14-46ParametersThese parameters are displayed in the web interface:• Type – Selects the type of ACLs to sho
14-47Chapter 14: Security MeasuresConfiguring an Extended IPv4 ACLUse the SECURITY > ACL (CONFIGURE ACL - ADD RULE - IP EXTENDED) page to configure
SSE-G2252/SSE-G2252P Switches User’s Manual14-48• Type – Selects the type of ACLs to show in the Name list.• Name – Shows the names of ACLs matching t
14-49Chapter 14: Security Measures• 32 (urg) – Urgent pointerFor example, use the code value and mask below to catch packets with the following flags
SSE-G2252/SSE-G2252P Switches User’s Manual14-50Configuring a Standard IPv6 ACLUse the SECURITY > ACL (CONFIGURE ACL - ADD RULE - IPV6 STANDARD) pa
14-51Chapter 14: Security Measures• Source IPv6 Address – An IPv6 source address or network class. The address must be formatted according to RFC 2373
SSE-G2252/SSE-G2252P Switches User’s Manual14-52Configuring an Extended IPv6 ACLUse the SECURITY > ACL (CONFIGURE ACL - ADD RULE - IPV6 EXTENDED) p
14-53Chapter 14: Security Measures• Time Range – Name of a time range.Web InterfaceTo add rules to an Extended IPv6 ACL: 1. Click SECURITY > ACL.2.
SSE-G2252/SSE-G2252P Switches User’s Manual14-54Configuring a MAC ACLUse the SECURITY > ACL (CONFIGURE ACL - ADD RULE - MAC) page to configure a MA
14-55Chapter 14: Security Measures• Source/Destination Bit Mask – Hexadecimal mask for source or destination MAC address.• Packet Format – This attrib
SSE-G2252/SSE-G2252P Switches USER’S MANUALxxxiiChapter 40 Domain Name Service Commands...40-1ip domain-list...
SSE-G2252/SSE-G2252P Switches User’s Manual14-56Configuring an ARP ACLUse the SECURITY > ACL (CONFIGURE ACL - ADD RULE - ARP) page to configure ACL
14-57Chapter 14: Security Measures• Source/Destination IP Subnet Mask – Subnet mask for source or destination address. (See the description for Subnet
SSE-G2252/SSE-G2252P Switches User’s Manual14-58Binding a Port to an Access Control ListAfter configuring ACLs, use the SECURITY > ACL (CONFIGURE I
14-59Chapter 14: Security MeasuresWeb InterfaceTo bind an ACL to a port: 1. Click SECURITY > ACL.2. Select CONFIGURE INTERFACE from the Step list.3
SSE-G2252/SSE-G2252P Switches User’s Manual14-60• By default, ARP Inspection is disabled both globally and on all VLANs.• If ARP Inspection is globall
14-61Chapter 14: Security Measures• IP – Checks the ARP body for invalid and unexpected IP addresses. These addresses include 0.0.0.0, 255.255.255.255
SSE-G2252/SSE-G2252P Switches User’s Manual14-62Web InterfaceTo configure global settings for ARP Inspection: 1. Click SECURITY > ARP INSPECTION.2.
14-63Chapter 14: Security Measures• If Static is not specified, ARP packets are first validated against the selected ACL; if no ACL rules match the pa
SSE-G2252/SSE-G2252P Switches User’s Manual14-64CLI ReferencesSee Section 25-6: "ARP Inspection" on page 25-43 for CLI reference information
14-65Chapter 14: Security MeasuresDisplaying ARP Inspection StatisticsUse the SECURITY > ARP INSPECTION (SHOW INFORMATION - SHOW STATISTICS) page t
xxxiiiTable of Contentsipv6 address link-local...42-18ipv6 enable...
SSE-G2252/SSE-G2252P Switches User’s Manual14-66Web InterfaceTo display statistics for ARP Inspection: 1. Click SECURITY > ARP INSPECTION.2. Select
14-67Chapter 14: Security MeasuresWeb InterfaceTo display the ARP Inspection log: 1. Click SECURITY > ARP INSPECTION.2. Select SHOW INFORMATION fro
SSE-G2252/SSE-G2252P Switches User’s Manual14-68• If anyone tries to access a management interface on the switch from an invalid address, the switch w
14-69Chapter 14: Security MeasuresTo show a list of IP addresses authorized for management access: 1. Click SECURITY > IP FILTER.2. Select SHOW fro
SSE-G2252/SSE-G2252P Switches User’s Manual14-70Command Usage• The default maximum number of MAC addresses allowed on a secure port is zero (that is,
14-71Chapter 14: Security MeasuresWeb InterfaceTo set the maximum number of addresses which can be learned on a port: 1. Click SECURITY > PORT SECU
SSE-G2252/SSE-G2252P Switches User’s Manual14-7214-11 Configuring 802.1X Port Authentication Network switches can provide open and easy access to netw
14-73Chapter 14: Security MeasuresThis switch uses the Extensible Authentication Protocol over LANs (EAPOL) to exchange authentication protocol messag
SSE-G2252/SSE-G2252P Switches User’s Manual14-74• The RADIUS server and 802.1X client support EAP. (The switch only supports EAPOL in order to pass th
14-75Chapter 14: Security Measures• Identity Profile Password – The dot1x supplicant password used to identify this switch as a supplicant when respon
SSE-G2252/SSE-G2252P Switches USER’S MANUALxxxivNotes
SSE-G2252/SSE-G2252P Switches User’s Manual14-76Command Usage• When the switch functions as a local authenticator between supplicant devices attached
14-77Chapter 14: Security MeasuresIn this mode, only one host connected to a port needs to pass authentication for all other hosts to be granted netwo
SSE-G2252/SSE-G2252P Switches User’s Manual14-78• Guest VLAN – All traffic for the port is assigned to a guest VLAN. The guest VLAN must be separately
14-79Chapter 14: Security MeasuresConfiguring Port Supplicant Settings for 802.1X Use the SECURITY > PORT AUTHENTICATION (CONFIGURE INTERFACE – SUP
SSE-G2252/SSE-G2252P Switches User’s Manual14-80Command Usage• When devices attached to a port must submit requests to another authenticator on the ne
14-81Chapter 14: Security Measures3. Click SUPPLICANT. 4. Modify the supplicant settings for each port as required.5. Click APPLYDisplaying 802.1X Sta
SSE-G2252/SSE-G2252P Switches User’s Manual14-82Rx Last EAPOLSrcThe source MAC address carried in the most recent EAPOL frame received by this Authent
14-83Chapter 14: Security MeasuresWeb InterfaceTo display port authenticator statistics for 802.1X: 1. Click SECURITY > PORT AUTHENTICATION.2. Sele
SSE-G2252/SSE-G2252P Switches User’s Manual14-8414-12 IP Source GuardIP Source Guard is a security feature that filters IP traffic on network interfac
14-85Chapter 14: Security Measures• If DHCP snooping is enabled, IP source guard will check the VLAN ID, source IP address, port number, and source MA
1-1Chapter 1: IntroductionChapter 1IntroductionThis section provides an overview of the switch, and introduces some basic concepts about network switc
SSE-G2252/SSE-G2252P Switches User’s Manual14-86Configuring Static Bindings for IP Source GuardUse the SECURITY > IP SOURCE GUARD > STATIC CONFI
14-87Chapter 14: Security Measures• MAC Address – A valid unicast MAC address. • IP Address – A valid unicast IP address, including classful types A,
SSE-G2252/SSE-G2252P Switches User’s Manual14-88Displaying Information for Dynamic IP Source Guard BindingsUse the SECURITY > IP SOURCE GUARD >
14-89Chapter 14: Security Measures14-13 DHCP SnoopingThe addresses assigned to DHCP clients on insecure ports can be carefully controlled using the dy
SSE-G2252/SSE-G2252P Switches User’s Manual14-90• If DHCP snooping is enabled globally, and also enabled on the VLAN where the DHCP packet is received
14-91Chapter 14: Security Measures• When the DHCP Snooping Information Option 82 is enabled, the requesting client (or an intermediate relay agent tha
SSE-G2252/SSE-G2252P Switches User’s Manual14-92• Replace – Replaces the Option 82 information circuit-id and remote-id fields in the client’s request
14-93Chapter 14: Security Measures• When the DHCP snooping is globally disabled, DHCP snooping can still be configured for specific VLANs, but the cha
SSE-G2252/SSE-G2252P Switches User’s Manual14-94Command Usage• A trusted interface is an interface that is configured to receive only messages from wi
14-95Chapter 14: Security MeasuresDisplaying DHCP Snooping Binding InformationUse the IP SERVICE > DHCP > SNOOPING (SHOW INFORMATION) page to di
SSE-G2252/SSE-G2252P Switches User’s Manual1-21-2 Description of Software FeaturesThe switch provides a wide range of advanced performance enhancing f
SSE-G2252/SSE-G2252P Switches User’s Manual14-96• Store – Writes all dynamically learned snooping entries to flash memory. This function can be used t
15-1Chapter 15: Basic Administration ProtocolsChapter 15Basic Administration ProtocolsThis chapter describes basic administration tasks including:• Co
SSE-G2252/SSE-G2252P Switches User’s Manual15-2CLI ReferencesSee Section 21-6: "Event Logging" on page 21-37 for CLI reference information.P
15-3Chapter 15: Basic Administration ProtocolsWeb InterfaceTo configure the logging of error messages to system memory: 1. Click ADMINISTRATION > L
SSE-G2252/SSE-G2252P Switches User’s Manual15-4Remote Log ConfigurationUse the ADMINISTRATION > LOG > REMOTE page to send log messages to syslog
15-5Chapter 15: Basic Administration Protocols• Server IP Address – Specifies the IP address of a remote server which will be sent syslog messages.Web
SSE-G2252/SSE-G2252P Switches User’s Manual15-6• Severity – Sets the syslog severity threshold level (see Table 15-1: "Logging Levels" on pa
15-7Chapter 15: Basic Administration ProtocolsTo specify SMTP servers: 1. Click ADMINISTRATION > LOG > SMTP.2. Select CONFIGURE SERVER from the
SSE-G2252/SSE-G2252P Switches User’s Manual15-815-2 Link Layer Discovery ProtocolLink Layer Discovery Protocol (LLDP) is used to discover basic inform
15-9Chapter 15: Basic Administration Protocols• Hold Time Multiplier – Configures the time-to-live (TTL) value sent in LLDP advertisements as shown in
1-3Chapter 1: IntroductionAuthentication This switch authenticates management access via the console port, Telnet, or a web browser. User names and pa
SSE-G2252/SSE-G2252P Switches User’s Manual15-10Web InterfaceTo configure LLDP timing attributes: 1. Click ADMINISTRATION > LLDP.2. Select CONFIGUR
15-11Chapter 15: Basic Administration ProtocolsThis option sends out SNMP trap notifications to designated target stations at the interval specified b
SSE-G2252/SSE-G2252P Switches User’s Manual15-12• System Description – The system description is taken from the sysDescr object in RFC 3418, which inc
15-13Chapter 15: Basic Administration Protocols• Extended Power – This option advertises extended Power-over-Ethernet capability details, such as powe
SSE-G2252/SSE-G2252P Switches User’s Manual15-14Configuring LLDP Interface Civic-Address Use the ADMINISTRATION > LLDP (CONFIGURE INTERFACE – ADD C
15-15Chapter 15: Basic Administration Protocols• Any number of CA type and value pairs can be specified for the civic address location, as long as the
SSE-G2252/SSE-G2252P Switches User’s Manual15-16To show the physical location of the attached device: 1. Click ADMINISTRATION > LLDP.2. Select CONF
15-17Chapter 15: Basic Administration Protocols• Chassis ID – An octet string indicating the specific identifier for the particular chassis in this sy
SSE-G2252/SSE-G2252P Switches User’s Manual15-18Web InterfaceTo display LLDP information for the local device: 1. Click ADMINISTRATION > LLDP.2. Se
15-19Chapter 15: Basic Administration ProtocolsDisplaying LLDP Remote Port InformationUse the ADMINISTRATION > LLDP (SHOW REMOTE DEVICE INFORMATION
SSE-G2252/SSE-G2252P Switches User’s Manual1-4Rate LimitingThis feature controls the maximum rate for traffic transmitted or received on an interface.
SSE-G2252/SSE-G2252P Switches User’s Manual15-20• Port Description – A string that indicates the port’s description. If RFC 2863 is implemented, the i
15-21Chapter 15: Basic Administration Protocols• Remote Port Auto-Neg Adv-Capability – The value (bitmap) of the ifMauAutoNegCapAdvertisedBits object
SSE-G2252/SSE-G2252P Switches User’s Manual15-22• Remote Power Pair Controlable – Indicates whether the pair selection can be controlled for sourcing
15-23Chapter 15: Basic Administration ProtocolsDisplaying Device StatisticsUse the ADMINISTRATION > LLDP (SHOW DEVICE STATISTICS) page to display s
SSE-G2252/SSE-G2252P Switches User’s Manual15-24Port/Trunk• Frames Discarded – Number of frames discarded because they did not conform to the general
15-25Chapter 15: Basic Administration Protocols15-3 Power Over EthernetPower over Ethernet (PoE) is a system for safely providing electrical power, al
SSE-G2252/SSE-G2252P Switches User’s Manual15-26Displaying the Switch’s Overall PoE Power BudgetUse the ADMINISTRATION > POE (CONFIGURE GLOBAL) pag
15-27Chapter 15: Basic Administration ProtocolsSetting The Port PoE Power BudgetUse the ADMINISTRATION > POE (CONFIGURE INTERFACE) page to set the
SSE-G2252/SSE-G2252P Switches User’s Manual15-28• If a device is connected to a critical or high-priority port and would cause the switch to exceed it
15-29Chapter 15: Basic Administration Protocols15-4 Simple Network Management Protocol Simple Network Management Protocol (SNMP) is a communication pr
1-5Chapter 1: Introduction• Spanning Tree Protocol (STP, IEEE 802.1D) – This protocol provides loop detection. When there are multiple physical paths
SSE-G2252/SSE-G2252P Switches User’s Manual15-30The SNMPv3 security structure consists of security models, with each model having it’s own security le
15-31Chapter 15: Basic Administration ProtocolsCommand UsageConfiguring SNMPv1/2c Management AccessTo configure SNMPv1 or v2c management access to the
SSE-G2252/SSE-G2252P Switches User’s Manual15-32Configuring Global Settings for SNMPUse the ADMINISTRATION > SNMP (CONFIGURE GLOBAL) page to enable
15-33Chapter 15: Basic Administration ProtocolsSetting the Local Engine IDUse the ADMINISTRATION > SNMP (CONFIGURE ENGINE - SET ENGINE ID) page to
SSE-G2252/SSE-G2252P Switches User’s Manual15-34Specifying a Remote Engine IDUse the ADMINISTRATION > SNMP (CONFIGURE ENGINE - ADD REMOTE ENGINE) p
15-35Chapter 15: Basic Administration ProtocolsTo show the remote SNMP engine IDs:1. Click ADMINISTRATION > SNMP.2. Select CONFIGURE ENGINE from th
SSE-G2252/SSE-G2252P Switches User’s Manual15-36Add OID Subtree• View Name – Lists the SNMP views configured in the Add View page. • OID Subtree – Add
15-37Chapter 15: Basic Administration ProtocolsTo add an object identifier to an existing SNMP view of the switch’s MIB database:1. Click ADMINISTRATI
SSE-G2252/SSE-G2252P Switches User’s Manual15-38Configuring SNMPv3 Groups Use the ADMINISTRATION > SNMP (CONFIGURE GROUP) page to add an SNMPv3 gro
15-39Chapter 15: Basic Administration ProtocolsTable 15-8. Supported Notification Messages Model Level GroupRFC 1493 TrapsnewRoot 1.3.6.1.2.1.17.0
SSE-G2252/SSE-G2252P Switches USER’S MANUALivDiffServDifferentiated Services provides quality of service on large networks by employing a well-defined
SSE-G2252/SSE-G2252P Switches User’s Manual1-6Traffic Prioritization This switch prioritizes each packet based on the required level of service, using
SSE-G2252/SSE-G2252P Switches User’s Manual15-40Private TrapsswPowerStatusChangeTrap1.3.6.1.4.1.10876.101.202.2.1.0.1This trap is sent when the power
15-41Chapter 15: Basic Administration ProtocolsWeb InterfaceTo configure an SNMP group:1. Click ADMINISTRATION > SNMP.2. Select CONFIGURE GROUP fro
SSE-G2252/SSE-G2252P Switches User’s Manual15-42To show SNMP groups:1. Click ADMINISTRATION > SNMP.2. Select CONFIGURE GROUP from the STEP list.3.
15-43Chapter 15: Basic Administration ProtocolsSetting Community Access Strings Use the Administration, SNMP (CONFIGURE USER - ADD COMMUNITY) page to
SSE-G2252/SSE-G2252P Switches User’s Manual15-44To show the community access strings:1. Click ADMINISTRATION > SNMP.2. Select CONFIGURE USER from t
15-45Chapter 15: Basic Administration Protocols• AuthPriv – SNMP communications use both authentication and encryption.• Authentication Protocol – The
SSE-G2252/SSE-G2252P Switches User’s Manual15-463. Select SHOW SNMPV3 LOCAL USER from the ACTION list.Configuring Remote SNMPv3 Users Use the ADMINIST
15-47Chapter 15: Basic Administration ProtocolsParametersThese parameters are displayed in the web interface:• User Name – The name of user connecting
SSE-G2252/SSE-G2252P Switches User’s Manual15-48To show remote SNMPv3 users:1. Click ADMINISTRATION > SNMP.2. Select CONFIGURE USER from the STEP l
15-49Chapter 15: Basic Administration ProtocolsSpecifying Notification ManagersUse the ADMINISTRATION > SNMP (CONFIGURE NOTIFICATION) page to speci
1-7Chapter 1: IntroductionAuthenticationPrivileged Exec LevelUsername “ADMIN”Password “ADMIN”Normal Exec LevelUsername “guest”Password “guest”Enable P
SSE-G2252/SSE-G2252P Switches User’s Manual15-504. Create a group that includes the required notify view (see "Configuring SNMPv3 Groups" on
15-51Chapter 15: Basic Administration ProtocolsSNMP Version 3• IP Address – IP address of a new management station to receive notification message (i.
SSE-G2252/SSE-G2252P Switches User’s Manual15-524. Fill in the required parameters based on the selected SNMP version. 5. Click APPLY.Figure 15-35. Co
15-53Chapter 15: Basic Administration ProtocolsTo show configured notification managers:1. Click ADMINISTRATION > SNMP.2. Select CONFIGURE NOTIFICA
SSE-G2252/SSE-G2252P Switches User’s Manual15-54CLI ReferencesSee Chapter 23: "Remote Monitoring Commands" on page 23-1 for CLI reference in
15-55Chapter 15: Basic Administration Protocols• Falling Event Index – The index of the event to use if an alarm is triggered by monitored variables r
SSE-G2252/SSE-G2252P Switches User’s Manual15-56Figure 15-40. Showing Configured RMON Alarms
15-57Chapter 15: Basic Administration ProtocolsConfiguring RMON EventsUse the ADMINISTRATION > RMON (CONFIGURE GLOBAL - ADD - EVENT) page to set th
SSE-G2252/SSE-G2252P Switches User’s Manual15-58• Owner – Name of the person who created this entry. (Range: 1-127 characters)Web InterfaceTo configur
15-59Chapter 15: Basic Administration ProtocolsFigure 15-42. Showing Configured RMON Events
SSE-G2252/SSE-G2252P Switches User’s Manual1-8LLDP Status EnabledVirtual LANsDefault VLAN 1PVID 1Acceptable Frame Type AllIngress Filtering DisabledSw
SSE-G2252/SSE-G2252P Switches User’s Manual15-60Configuring RMON History SamplesUse the ADMINISTRATION > RMON (CONFIGURE INTERFACE - ADD - HISTORY)
15-61Chapter 15: Basic Administration Protocols3. Select ADD from the ACTION list.4. Click HISTORY.5. Select a port from the list as the data source.6
SSE-G2252/SSE-G2252P Switches User’s Manual15-62To show collected RMON history samples:1. Click ADMINISTRATION > RMON.2. Select CONFIGURE INTERFACE
15-63Chapter 15: Basic Administration ProtocolsConfiguring RMON Statistical SamplesUse the ADMINISTRATION > RMON (CONFIGURE INTERFACE - ADD - STATI
SSE-G2252/SSE-G2252P Switches User’s Manual15-64Web InterfaceTo enable regular sampling of statistics on a port:1. Click ADMINISTRATION > RMON.2. S
15-65Chapter 15: Basic Administration ProtocolsTo show collected RMON statistical samples:1. Click ADMINISTRATION > RMON.2. Select CONFIGURE INTERF
SSE-G2252/SSE-G2252P Switches User’s Manual15-6615-6 Switch ClusteringSwitch clustering is a method of grouping switches together to enable centralize
15-67Chapter 15: Basic Administration Protocols• The cluster VLAN 4093 is not configured by default. Before using clustering, take the following actio
SSE-G2252/SSE-G2252P Switches User’s Manual15-68Web InterfaceTo configure a switch cluster:1. Click ADMINISTRATION > CLUSTER.2. Select CONFIGURE GL
15-69Chapter 15: Basic Administration Protocols3. Select ADD from the ACTION list.4. Select one of the cluster candidates discovered by this switch, o
2-1Chapter 2: System SafetyChapter 2System SafetyThis chapter provides system safety procedures for use with both the SSE-G2252 and SSE-G2252P switche
SSE-G2252/SSE-G2252P Switches User’s Manual15-70Managing Cluster MembersUse the ADMINISTRATION > CLUSTER (SHOW MEMBER) page to manage another switc
15-71Chapter 15: Basic Administration Protocols15-7 Setting A Time RangeUse the ADMINISTRATION > TIME RANGE page to sets a time range during which
SSE-G2252/SSE-G2252P Switches User’s Manual15-72Web InterfaceTo configure a time range: 1. Click ADMINISTRATION > TIME RANGE.2. Select ADD from the
15-73Chapter 15: Basic Administration ProtocolsTo show the rules configured for a time range: 1. Click ADMINISTRATION > TIME RANGE.2. Select SHOW R
SSE-G2252/SSE-G2252P Switches User’s Manual15-74
16-1Chapter 16: IP ConfigurationChapter 16IP ConfigurationThis chapter describes how to configure an IP interface for management access to the switch
SSE-G2252/SSE-G2252P Switches User’s Manual16-2Command Usage Use the ping command to see if another site on the network can be reached. The following
16-3Chapter 16: IP Configuration16-2 Address Resolution Protocol Address Resolution Protocol (ARP) is used to map an IP address to a physical layer (i
SSE-G2252/SSE-G2252P Switches User’s Manual16-4The aging time determines how long dynamic entries remain in the cache. If the timeout is too short, th
16-5Chapter 16: IP Configuration16-3 Setting the Switch’s IP Address (IP Version 4)Use the SYSTEM > IP page to configure an IPv4 address for manage
SSE-G2252/SSE-G2252P Switches User’s Manual2-22-2 General Safety PrecautionsFollow these rules to ensure general safety:• Keep the area around the swi
SSE-G2252/SSE-G2252P Switches User’s Manual16-6• IP Address – Address of the VLAN to which the management station is attached. Valid IP addresses cons
16-7Chapter 16: IP Configuration16-4 Setting the Switch’s IP Address (IP Version 6)This section describes how to configure an IPv6 interface for manag
SSE-G2252/SSE-G2252P Switches User’s Manual16-8Command UsageIPv6 includes two distinct address types – link-local unicast and global unicast. A link-l
16-9Chapter 16: IP ConfigurationConfiguring IPv6 Interface Settings Use the IP > IPV6 CONFIGURATION (CONFIGURE INTERFACE) page to configure general
SSE-G2252/SSE-G2252P Switches User’s Manual16-10• If auto-configuration is not selected, then an address must be manually configured using the Add Int
16-11Chapter 16: IP ConfigurationCommand Usage• All IPv6 addresses must be formatted according to RFC 2373 “IPv6 Addressing Architecture,” using 8 col
SSE-G2252/SSE-G2252P Switches User’s Manual16-12• Global – Configures an IPv6 global unicast address with a full IPv6 address including the network pr
16-13Chapter 16: IP Configuration3. Specify the VLAN to configure, select the address type, and then enter an IPv6 address and prefix length.4. Click
SSE-G2252/SSE-G2252P Switches User’s Manual16-14A node is also required to compute and join the associated solicited-node multicast addresses for ever
16-15Chapter 16: IP ConfigurationWeb InterfaceTo show neighboring IPv6 devices:1. Click IP > IPV6 CONFIGURATION.2. Select SHOW IPV6 NEIGHBORS from
2-3Chapter 2: System Safety2-4 Operating PrecautionsCare must be taken to assure that the cover of the switch is in place when it is operating to assu
SSE-G2252/SSE-G2252P Switches User’s Manual16-16Showing IPv6 StatisticsUse the IP > IPV6 CONFIGURATION (SHOW STATISTICS) page to display statistics
16-17Chapter 16: IP Configuration• UDP – User Datagram Protocol provides a datagram mode of packet switched communications. It uses IP as the underlyi
SSE-G2252/SSE-G2252P Switches User’s Manual16-18Reassembly Request DatagramsThe number of IPv6 fragments received which needed to be reassembled at th
16-19Chapter 16: IP ConfigurationICMPv6 StatisticsICMPv6 receivedInputThe total number of ICMP messages received by the interface which includes all t
SSE-G2252/SSE-G2252P Switches User’s Manual16-20Web InterfaceTo show the IPv6 statistics:1. Click IP > IPV6 CONFIGURATION.2. Select SHOW STATISTICS
16-21Chapter 16: IP ConfigurationFigure 16-11. Showing IPv6 Statistics (IPv6)Figure 16-12. Showing IPv6 Statistics (ICMPv6)
SSE-G2252/SSE-G2252P Switches User’s Manual16-22Figure 16-13. Showing IPv6 Statistics (UDP)
17-1Chapter 17: IP ServicesChapter 17IP ServicesThis chapter describes how to configure Domain Name Service (DNS) on this switch. For information on D
SSE-G2252/SSE-G2252P Switches User’s Manual17-2Web InterfaceTo configure general settings for DNS:1. Click IP SERVICE > DNS.2. Select CONFIGURE GLO
17-3Chapter 17: IP ServicesParametersThese parameters are displayed in the web interface:• Domain Name – Name of the host. Do not include the initial
SSE-G2252/SSE-G2252P Switches User’s Manual2-4CE Mark Declaration of Conformance for EMI and Safety (EEC)This information technology equipment complie
SSE-G2252/SSE-G2252P Switches User’s Manual17-417-3 Configuring a List of Name ServersUse the IP SERVICE > DNS - GENERAL (ADD NAME SERVER) page to
17-5Chapter 17: IP ServicesTo show the list name servers:1. Click IP SERVICE, DNS.2. Select SHOW NAME SERVERS from the ACTION list.17-4 Configuring St
SSE-G2252/SSE-G2252P Switches User’s Manual17-6To show static entries in the DNS table:1. Click IP SERVICE > DNS - STATIC HOST TABLE.2. Select SHOW
17-7Chapter 17: IP Services• Type – This field includes CNAME which specifies the host address for the owner, and ALIAS which specifies an alias.• IP
SSE-G2252/SSE-G2252P Switches User’s Manual17-8
18-1Chapter 18: Multicast FilteringChapter 18Multicast Filtering This chapter describes how to configure the following multicast services:• Layer 2 IG
SSE-G2252/SSE-G2252P Switches User’s Manual18-2This switch can use Internet Group Management Protocol (IGMP) to filter multicast traffic. IGMP Snoopin
18-3Chapter 18: Multicast FilteringStatic IGMP Router Interface – If IGMP snooping cannot locate the IGMP querier, you can manually designate a known
SSE-G2252/SSE-G2252P Switches User’s Manual18-4Configuring IGMP Snooping and Query ParametersUse the MULTICAST > IGMP SNOOPING > GENERAL page to
18-5Chapter 18: Multicast FilteringWhen IGMP snooping is disabled globally, snooping can still be configured per VLAN interface, but the interface set
2-5Chapter 2: System SafetySafety ComplianceThis product complies with and conforms to the following international Product Safety standards as applica
SSE-G2252/SSE-G2252P Switches User’s Manual18-6• TCN Query Solicit – Sends out an IGMP general query solicitation when a spanning tree topology change
18-7Chapter 18: Multicast FilteringThis attribute configures the IGMP report/query version used by IGMP snooping. Versions 1 - 3 are all supported, an
SSE-G2252/SSE-G2252P Switches User’s Manual18-8Specifying Static Interfaces for a Multicast RouterUse the MULTICAST > IGMP SNOOPING > MULTICAST
18-9Chapter 18: Multicast FilteringTo show the static interfaces attached to a multicast router:1. Click MULTICAST > IGMP SNOOPING > MULTICAST R
SSE-G2252/SSE-G2252P Switches User’s Manual18-10Assigning Interfaces to Multicast ServicesUse the MULTICAST > IGMP SNOOPING > IGMP MEMBER (ADD S
18-11Chapter 18: Multicast FilteringTo show the static interfaces assigned to a multicast service:1. Click MULTICAST > IGMP SNOOPING > IGMP MEMB
SSE-G2252/SSE-G2252P Switches User’s Manual18-12Setting IGMP Snooping Status per InterfaceUse the MULTICAST > IGMP SNOOPING > INTERFACE (CONFIGU
18-13Chapter 18: Multicast Filtering• Multicast Router Solicitation – Devices send Solicitation messages in order to solicit Advertisement messages fr
SSE-G2252/SSE-G2252P Switches User’s Manual18-14If version exclusive is disabled on a VLAN, then this setting is based on the global setting configure
18-15Chapter 18: Multicast Filtering• Query Interval – The interval between sending IGMP general queries. (Range: 2-31744 seconds; Default: 125 second
SSE-G2252/SSE-G2252P Switches User’s Manual2-6France and Peru onlyThis unit cannot be powered from IT1 supplies. If your supplies are of IT type, this
SSE-G2252/SSE-G2252P Switches User’s Manual18-16To resolve this problem, the source address in proxied IGMP query messages can be replaced with any va
18-17Chapter 18: Multicast FilteringDisplaying Multicast Groups Discovered by IGMP SnoopingUse the MULTICAST > IGMP SNOOPING > FORWARDING ENTRY
SSE-G2252/SSE-G2252P Switches User’s Manual18-1818-3 Filtering and Throttling IGMP GroupsIn certain switch applications, the administrator may want to
18-19Chapter 18: Multicast FilteringWeb InterfaceTo enable IGMP filtering and throttling on the switch:1. Click MULTICAST > IGMP SNOOPING > FILT
SSE-G2252/SSE-G2252P Switches User’s Manual18-20When the access mode is set to permit, IGMP join reports are processed when a multicast group falls wi
18-21Chapter 18: Multicast FilteringTo add a range of multicast groups to an IGMP filter profile:1. Click MULTICAST > IGMP SNOOPING > FILTER.2.
SSE-G2252/SSE-G2252P Switches User’s Manual18-22Configuring IGMP Filtering and Throttling for InterfacesUse the MULTICAST > IGMP SNOOPING > FILT
18-23Chapter 18: Multicast Filtering• Deny - The new multicast group join report is dropped.• Replace - The new multicast group replaces an existing g
SSE-G2252/SSE-G2252P Switches User’s Manual18-24MVR maintains the user isolation and data security provided by VLAN segregation by passing only multic
18-25Chapter 18: Multicast FilteringConfiguring Global MVR SettingsUse the MULTICAST > MVR (Configure General) page to enable MVR globally on the s
2-7Chapter 2: System Safety• La prise secteur doit se trouver à proximité de l’appareil et son accès doit être facile. Vous ne pouvez mettre l’apparei
SSE-G2252/SSE-G2252P Switches User’s Manual18-26Web InterfaceTo configure global settings for MVR:1. Click MULTICAST > MVR.2. Select CONFIGURE GENE
18-27Chapter 18: Multicast FilteringReceiver ports should not be configured as a member of the MVR VLAN. Also, note that VLAN membership for MVR recei
SSE-G2252/SSE-G2252P Switches User’s Manual18-28• MVR Status – Shows the MVR status. MVR status for source ports is “Active” if MVR is globally enable
18-29Chapter 18: Multicast FilteringCLI ReferencesSee "mvr vlan group" on page 38-39 for CLI reference information.ParametersThese parameter
SSE-G2252/SSE-G2252P Switches User’s Manual18-30Showing Multicast Group MembersUse the MULTICAST > MVR (SHOW MEMBER) page to show the interfaces as
19-1Chapter 19: Using the Command Line InterfaceChapter 19Using the Command Line InterfaceThis chapter describes how to use the Command Line Interface
SSE-G2252/SSE-G2252P Switches User’s Manual19-2Telnet ConnectionTelnet operates over the IP transport protocol. In this environment, your management s
19-3Chapter 19: Using the Command Line Interface19-2 Entering CommandsThis section describes how to enter CLI commands.Keywords and ArgumentsA CLI com
SSE-G2252/SSE-G2252P Switches User’s Manual19-4Showing CommandsIf you enter a “?” at the command prompt, the system will display the first level of ke
19-5Chapter 19: Using the Command Line Interface ssh Secure shell server connections startup-config Startup system configur
vPrefaceIEEE 802.1QVLAN Tagging—Defines Ethernet frame tags which carry VLAN information. It allows switches to assign endstations to different virtua
SSE-G2252/SSE-G2252P Switches User’s Manual2-8• Die Netzsteckdose muß in der Nähe des Geräts und leicht zugänglich sein. Die Stromversorgung des Gerät
SSE-G2252/SSE-G2252P Switches User’s Manual19-6Partial Keyword LookupIf you terminate a partial keyword with a question mark, alternatives that match
19-7Chapter 19: Using the Command Line InterfaceExec CommandsWhen you open a new console session on the switch with the user name and password “guest,
SSE-G2252/SSE-G2252P Switches User’s Manual19-8Configuration CommandsConfiguration commands are privileged level commands used to modify switch settin
19-9Chapter 19: Using the Command Line InterfaceFor example, you can use the following commands to enter interface configuration mode, and then return
SSE-G2252/SSE-G2252P Switches User’s Manual19-10Showing Status InformationThere are various “show” commands which display configuration settings or th
19-11Chapter 19: Using the Command Line InterfaceOutput Modifiers Some of the show commands include options for output modifiers. For example, the “sh
SSE-G2252/SSE-G2252P Switches User’s Manual19-12Interface Configures the connection parameters for all Ethernet ports, aggregated links, and VLANspage
19-13Chapter 19: Using the Command Line InterfaceThe access mode shown in the following tables is indicated by these abbreviations: ACL (Access Contro
SSE-G2252/SSE-G2252P Switches User’s Manual19-14Notes
20-1Chapter 20: General CommandsChapter 20General CommandsThese commands are used to control the command access mode, configuration mode, and other ba
2-9Chapter 2: System Safety2-6 Warnings and Cautionary MessagesEnvironmental StatementsThe manufacturer of this product endeavours to sustain an envir
SSE-G2252/SSE-G2252P Switches User’s Manual20-2Default Setting ConsoleCommand Mode Global ConfigurationExample SSE-G2252(config)#prompt RD2RD2(config)
20-3Chapter 20: General Commandsreload cancel - Cancels the specified reload option.Default Setting NoneCommand Mode Global ConfigurationCommand Usage
SSE-G2252/SSE-G2252P Switches User’s Manual20-4Command Usage • “super” is the default password required to change the command mode from Normal Exec to
20-5Chapter 20: General CommandsDefault Setting NoneCommand Mode Normal Exec, Privileged ExecCommand Usage The history buffer size is fixed at 10 Exec
SSE-G2252/SSE-G2252P Switches User’s Manual20-6Command Mode Privileged ExecExample SSE-G2252#configureSSE-G2252(config)#Related Commands "end&quo
20-7Chapter 20: General CommandsDefault Setting NoneCommand Mode Privileged ExecCommand Usage This command resets the entire system.Example This examp
SSE-G2252/SSE-G2252P Switches User’s Manual20-8Example This example shows how to return to the Privileged Exec mode from the Interface Configuration m
21-1Chapter 21: System Management CommandsChapter 21System Management CommandsThese commands are used to control system logs, passwords, user names, m
SSE-G2252/SSE-G2252P Switches User’s Manual21-221-1 Device DesignationThis section describes commands used to configure information that uniquely iden
21-3Chapter 21: System Management Commands21-2 System StatusThis section describes commands used to display system information.show access-list tcam-u
SSE-G2252/SSE-G2252P Switches User’s Manual2-10• Design of products to maximize recyclables at the end of the product’s life span.• Continual monitori
SSE-G2252/SSE-G2252P Switches User’s Manual21-4Example SSE-G2252#show access-list tcam-utilization Total Policy Control Entries : 512 Free Policy
21-5Chapter 21: System Management CommandsCommand Mode Privileged ExecCommand Usage • Use this command in conjunction with the show startup-config com
SSE-G2252/SSE-G2252P Switches User’s Manual21-6!interface ethernet 1/1 switchport allowed vlan add 1 untagged switchport native vlan 1 qos map dscp-mu
21-7Chapter 21: System Management Commandsshow startup-configThis command displays the configuration file stored in non-volatile memory that is used t
SSE-G2252/SSE-G2252P Switches User’s Manual21-8show systemThis command displays system information.Default Setting NoneCommand Mode Normal Exec, Privi
21-9Chapter 21: System Management Commandsshow tech-supportThis command displays a detailed list of system settings designed to help technical support
SSE-G2252/SSE-G2252P Switches User’s Manual21-10show usersShows all active console and Telnet sessions, including user name, idle time, and IP address
21-11Chapter 21: System Management Commandsshow versionThis command displays hardware and software version information for the system.Command Mode Nor
SSE-G2252/SSE-G2252P Switches User’s Manual21-1221-3 Frame SizeThis section describes commands used to configure the Ethernet frame size on the switch
21-13Chapter 21: System Management Commands21-4 File ManagementManaging FirmwareFirmware can be uploaded and downloaded to or from an FTP/TFTP server.
3-1Chapter 3: Initial ConfigurationChapter 3Initial ConfigurationThis chapter includes information on connecting to the switch and basic configuration
SSE-G2252/SSE-G2252P Switches User’s Manual21-14boot systemThis command specifies the file or image used to start up the system.Syntax boot system {bo
21-15Chapter 21: System Management Commandscopy This command moves (upload/download) a code image or configuration file between the switch’s flash
SSE-G2252/SSE-G2252P Switches User’s Manual21-16• The Boot ROM and Loader cannot be uploaded or downloaded from the FTP/TFTP server. You must follow t
21-17Chapter 21: System Management CommandsTFTP server ip address: 10.1.0.19Source certificate file name: SS-certificateSource private file name: SS-p
SSE-G2252/SSE-G2252P Switches User’s Manual21-18deleteThis command deletes a file or image.Syntax delete filenamefilename - Name of configuration file
21-19Chapter 21: System Management CommandsDefault Setting NoneCommand Mode Privileged ExecCommand Usage • If you enter the command dir without any pa
SSE-G2252/SSE-G2252P Switches User’s Manual21-20whichbootThis command displays which files were booted when the system powered up.Syntax whichbootDefa
21-21Chapter 21: System Management CommandsCommand Usage • This command is used to enable or disable automatic upgrade of the operational code. When t
SSE-G2252/SSE-G2252P Switches User’s Manual21-22upgrade opcode pathThis command specifies an TFTP server and directory in which the new opcode is stor
21-23Chapter 21: System Management Commands21-5 LineYou can access the onboard configuration program by attaching a VT100 compatible device to the ser
SSE-G2252/SSE-G2252P Switches User’s Manual3-2• Filter packets using Access Control Lists (ACLs)• Configure up to 256 IEEE 802.1Q VLANs • Enable GVRP
SSE-G2252/SSE-G2252P Switches User’s Manual21-24lineThis command identifies a specific line for configuration, and to process subsequent line configur
21-25Chapter 21: System Management CommandsdatabitsThis command sets the number of data bits per character that are interpreted and generated by the c
SSE-G2252/SSE-G2252P Switches User’s Manual21-26exec-timeoutThis command sets the interval that the system waits until user input is detected. Use the
21-27Chapter 21: System Management CommandsloginThis command enables password checking at login. Use the no form to disable password checking and allo
SSE-G2252/SSE-G2252P Switches User’s Manual21-28parityThis command defines the generation of a parity bit. Use the no form to restore the default sett
21-29Chapter 21: System Management CommandspasswordThis command specifies the password for a line. Use the no form to remove the password.Syntaxpasswo
SSE-G2252/SSE-G2252P Switches User’s Manual21-30password-threshThis command sets the password intrusion threshold which limits the number of failed lo
21-31Chapter 21: System Management Commandssilent-timeThis command sets the amount of time the management console is inaccessible after the number of
SSE-G2252/SSE-G2252P Switches User’s Manual21-32speedThis command sets the terminal line’s baud rate. This command sets both the transmit (to terminal
21-33Chapter 21: System Management CommandsstopbitsThis command sets the number of the stop bits transmitted per byte. Use the no form to restore the
3-3Chapter 3: Initial ConfigurationFor a description of how to use the CLI, see Chapter 19: "Using the Command Line Interface" on page 19-1.
SSE-G2252/SSE-G2252P Switches User’s Manual21-34timeout login responseThis command sets the interval that the system waits for a user to log into the
21-35Chapter 21: System Management CommandsdisconnectThis command terminates an SSH, Telnet, or console connection.Syntax disconnect session-idsession
SSE-G2252/SSE-G2252P Switches User’s Manual21-36show lineThis command displays the terminal line’s parameters.Syntax show line [console | vty]console
21-37Chapter 21: System Management Commands21-6 Event LoggingThis section describes commands used to configure event logging on the switch.logging fac
SSE-G2252/SSE-G2252P Switches User’s Manual21-38Example SSE-G2252(config)#logging facility 19SSE-G2252(config)#logging historyThis command limits sysl
21-39Chapter 21: System Management CommandsExample SSE-G2252(config)#logging history ram 0SSE-G2252(config)#logging hostThis command adds a syslog ser
SSE-G2252/SSE-G2252P Switches User’s Manual21-40logging onThis command controls logging of error messages, sending debug or error messages to a loggin
21-41Chapter 21: System Management Commandslogging trapThis command enables the logging of system messages to a remote server, or limits the syslog me
SSE-G2252/SSE-G2252P Switches User’s Manual21-42clear logThis command clears messages from the log buffer.Syntax clear log [flash | ram]flash - Event
21-43Chapter 21: System Management Commandsshow logThis command displays the log messages stored in local memory.Syntax show log {flash | ram}flash -
SSE-G2252/SSE-G2252P Switches User’s Manual3-43-2 Basic ConfigurationConsole ConnectionThe CLI program provides two different command levels — normal
SSE-G2252/SSE-G2252P Switches User’s Manual21-44show loggingThis command displays the configuration settings for logging messages to local switch memo
21-45Chapter 21: System Management CommandsThe following example displays settings for the trap function.SSE-G2252#show logging trapSyslog logging: En
SSE-G2252/SSE-G2252P Switches User’s Manual21-4621-7 SMTP AlertsThese commands configure SMTP event handling, and forwarding of alert messages to the
21-47Chapter 21: System Management Commandslogging sendmail hostThis command specifies SMTP servers that will be sent alert messages. Use the no form
SSE-G2252/SSE-G2252P Switches User’s Manual21-48logging sendmail levelThis command sets the severity threshold used to trigger alert messages. Use the
21-49Chapter 21: System Management Commandslogging Sendmail Destination-EmailThis command specifies the email recipients of alert messages. Use the no
SSE-G2252/SSE-G2252P Switches User’s Manual21-50logging Sendmail Source-EmailThis command sets the email address used for the “From” field in alert me
21-51Chapter 21: System Management CommandsExampleSSE-G2252#show logging sendmailSMTP servers-----------------------------------------------192.168.1.
SSE-G2252/SSE-G2252P Switches User’s Manual21-52sntp clientThis command enables SNTP client requests for time synchronization from NTP or SNTP time se
21-53Chapter 21: System Management Commandssntp pollThis command sets the interval between sending time requests when the switch is set to SNTP client
3-5Chapter 3: Initial ConfigurationSetting an IP AddressYou must establish IP address information for the switch to obtain management access through t
SSE-G2252/SSE-G2252P Switches User’s Manual21-54sntp serverThis command sets the IP address of the servers to which SNTP time requests are issued. Use
21-55Chapter 21: System Management Commandsshow sntpThis command displays the current time and configuration settings for the SNTP client, and indicat
SSE-G2252/SSE-G2252P Switches User’s Manual21-56clock timezoneThis command sets the time zone for the switch’s internal clock.Syntax clock timezone na
21-57Chapter 21: System Management Commandsclock timezone-predefinedThis command uses predefined time zone configurations to set the time zone for the
SSE-G2252/SSE-G2252P Switches User’s Manual21-58calendar setThis command sets the system clock. It may be used if there is no time server on your netw
21-59Chapter 21: System Management Commandsshow calendarThis command displays the system clock.Default Setting NoneCommand Mode Normal Exec, Privilege
SSE-G2252/SSE-G2252P Switches User’s Manual21-60time-rangeThis command specifies the name of a time range, and enters time range configuration mode. U
21-61Chapter 21: System Management CommandsabsoluteThis command sets the time range for the execution of a command. Use the no form to remove a previo
SSE-G2252/SSE-G2252P Switches User’s Manual21-62periodicThis command sets the time range for the periodic execution of a command. Use the no form to r
21-63Chapter 21: System Management CommandsExampleThis example configures a time range for the periodic occurrence of an event. SSE-G2252(config)#time
SSE-G2252/SSE-G2252P Switches User’s Manual3-6To assign an IPv4 address to the switch, complete the following steps 1. From the Global Configuration m
SSE-G2252/SSE-G2252P Switches User’s Manual21-6421-10Switch ClusteringSwitch Clustering is a method of grouping switches together to enable centralize
21-65Chapter 21: System Management CommandsclusterThis command enables clustering on the switch. Use the no form to disable clustering.Syntax [no] clu
SSE-G2252/SSE-G2252P Switches User’s Manual21-66cluster commanderThis command enables the switch as a cluster Commander. Use the no form to disable th
21-67Chapter 21: System Management CommandsCommand ModeGlobal ConfigurationCommand Usage • An “internal” IP address pool is used to assign IP addresse
SSE-G2252/SSE-G2252P Switches User’s Manual21-68ExampleSSE-G2252(config)#cluster member mac-address 00-12-34-56-78-9a id 5SSE-G2252(config)#rcommandTh
21-69Chapter 21: System Management Commandsshow clusterThis command shows the switch clustering configuration.Command Mode Privileged ExecExampleSSE-G
SSE-G2252/SSE-G2252P Switches User’s Manual21-70show cluster candidatesThis command shows the discovered Candidate switches in the network.Command Mod
22-1Chapter 22: SNMP CommandsChapter 22SNMP CommandsControls access to this switch from management stations using the Simple Network Management Protoc
SSE-G2252/SSE-G2252P Switches User’s Manual22-2snmp-serverThis command enables the SNMPv3 engine and services for all management clients (i.e., versio
22-3Chapter 22: SNMP Commandssnmp-server communityThis command defines community access strings used to authorize management access by clients using S
3-7Chapter 3: Initial Configuration(None)Joined group address(es):FF02::1:FF11:6700FF02::1IPv6 link MTU is 1500 bytesND DAD is enabled, number of DAD
SSE-G2252/SSE-G2252P Switches User’s Manual22-4snmp-server contactThis command sets the system contact string. Use the no form to remove the system co
22-5Chapter 22: SNMP Commandssnmp-server locationThis command sets the system location string. Use the no form to remove the location string.Syntax sn
SSE-G2252/SSE-G2252P Switches User’s Manual22-6show snmpThis command can be used to check the status of SNMP communications.Default Setting NoneComman
22-7Chapter 22: SNMP Commandssnmp-server enable trapsThis command enables this device to send Simple Network Management Protocol traps or informs (i.e
SSE-G2252/SSE-G2252P Switches User’s Manual22-8snmp-server host This command specifies the recipient of a Simple Network Management Protocol notificat
22-9Chapter 22: SNMP CommandsCommand Usage • If you do not enter an snmp-server host command, no notifications are sent. In order to configure the swi
SSE-G2252/SSE-G2252P Switches User’s Manual22-106. Specify the target host that will receive inform messages with the snmp-server host command as desc
22-11Chapter 22: SNMP CommandsCommand Usage • An SNMP engine is an independent SNMP agent that resides either on this switch or on a remote device. Th
SSE-G2252/SSE-G2252P Switches User’s Manual22-12snmp-server groupThis command adds an SNMP group, mapping SNMP users to SNMP views. Use the no form to
22-13Chapter 22: SNMP Commands• For additional information on the notification messages supported by this switch, see Table 15-8: "Supported Noti
SSE-G2252/SSE-G2252P Switches USER’S MANUALviLink Aggregation See Port Trunk. LLDPLink Layer Discovery Protocol is used to discover basic information
SSE-G2252/SSE-G2252P Switches User’s Manual3-8FF02::1:FF00:0FF02::1:FF11:6700FF02::1IPv6 link MTU is 1500 bytesND DAD is enabled, number of DAD attemp
SSE-G2252/SSE-G2252P Switches User’s Manual22-14Command Usage • Local users (i.e., the command does not specify a remote engine identifier) must be co
22-15Chapter 22: SNMP Commandssnmp-server viewThis command adds an SNMP view which controls user access to the MIB. Use the no form to remove an SNMP
SSE-G2252/SSE-G2252P Switches User’s Manual22-16show snmp engine-idThis command shows the SNMP engine ID.Command Mode Privileged ExecExampleThis examp
22-17Chapter 22: SNMP CommandsRead View: defaultviewWrite View: noneNotify View: noneStorage Type: volatileRow Status: activeGroup Name: publicSecurit
SSE-G2252/SSE-G2252P Switches User’s Manual22-18EngineId: 800000ca030030f1df9ca00000User Name: steveAuthentication Protocol: md5Privacy Protocol: des5
22-19Chapter 22: SNMP CommandsnlmThis command enables or disables the specified notification log.Syntax [no] nlm filter-namefilter-name - Notification
SSE-G2252/SSE-G2252P Switches User’s Manual22-20Syntax [no] snmp-server notify-filter profile-name remote ip-addressprofile-name - Notification log pr
22-21Chapter 22: SNMP Commands• When a trap host is created with the snmp-server host command, a default notify filter will be created as shown in the
SSE-G2252/SSE-G2252P Switches User’s Manual22-22show snmp notify-filterThis command displays the configured notification logs.Command Mode Privileged
23-1Chapter 23: Remote Monitoring CommandsChapter 23Remote Monitoring CommandsRemote Monitoring allows a remote device to collect information or respo
3-9Chapter 3: Initial Configuration Index: 1001, MTU: 1500, Bandwidth: 1g Address Mode is DHCP IP Address: 192.168.0.5 Mask: 255.255.255.0 Proxy A
SSE-G2252/SSE-G2252P Switches User’s Manual23-2rmon alarm This command sets threshold bounds for a monitored variable. Use the no form to remove an al
23-3Chapter 23: Remote Monitoring Commands• If the current value is greater than or equal to the rising threshold, and the last sample value was less
SSE-G2252/SSE-G2252P Switches User’s Manual23-4Command Mode Global ConfigurationCommand Usage • If an event is already defined for an index, the entry
23-5Chapter 23: Remote Monitoring CommandsCommand Usage • By default, each index number equates to a port on the switch, but can be changed to any num
SSE-G2252/SSE-G2252P Switches User’s Manual23-6ExampleSSE-G2252(config)#interface ethernet 1/1Console(config-if)#rmon collection rmon1 controlEntry 1
23-7Chapter 23: Remote Monitoring CommandsExampleSSE-G2252#show rmon history Entry 1 is valid, and owned by Monitors 1.3.6.1.2.1.2.2.1.1.1 every 1800
SSE-G2252/SSE-G2252P Switches User’s Manual23-8show rmon statistics This command shows the information collected for all configured entries in the sta
24-1Chapter 24: Authentication CommandsChapter 24Authentication Commands You can configure this switch to authenticate users logging into the system f
SSE-G2252/SSE-G2252P Switches User’s Manual24-224-1 User AccountsThe basic commands required for management access are listed in this section. This sw
24-3Chapter 24: Authentication CommandsExample SSE-G2252(config)#enable password level 15 0 adminSSE-G2252(config)#Related Commands"enable"
SSE-G2252/SSE-G2252P Switches User’s Manual3-103. Type “ipv6 enable” and press <Enter> to enable IPv6 on an interface that has not been configur
SSE-G2252/SSE-G2252P Switches User’s Manual24-4Command Usage The encrypted password is required for compatibility with legacy password settings (i.e.,
24-5Chapter 24: Authentication CommandsCommand Mode Global ConfigurationCommand Usage • RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best e
SSE-G2252/SSE-G2252P Switches User’s Manual24-6authentication loginThis command defines the login authentication method and precedence. Use the no for
24-7Chapter 24: Authentication Commands24-3 RADIUS ClientRemote Authentication Dial-in User Service (RADIUS) is a logon authentication protocol that u
SSE-G2252/SSE-G2252P Switches User’s Manual24-8radius-server auth-portThis command sets the RADIUS server network port. Use the no form to restore the
24-9Chapter 24: Authentication Commandsradius-server hostThis command specifies primary and backup RADIUS servers, and authentication and accounting p
SSE-G2252/SSE-G2252P Switches User’s Manual24-10radius-server keyThis command sets the RADIUS encryption key. Use the no form to restore the default.S
24-11Chapter 24: Authentication Commandsradius-server timeoutThis command sets the interval between transmitting authentication requests to the RADIUS
SSE-G2252/SSE-G2252P Switches User’s Manual24-12show radius-serverThis command displays the current settings for the RADIUS server.Default Setting Non
24-13Chapter 24: Authentication Commands24-4 TACACS+ ClientTerminal Access Controller Access Control System (TACACS+) is a logon authentication protoc
3-11Chapter 3: Initial Configuration• If the switch does not receive a DHCP response prior to completing the bootup process, it will continue to send
SSE-G2252/SSE-G2252P Switches User’s Manual24-14Command Mode Global ConfigurationExample SSE-G2252(config)#tacacs-server 1 host 192.168.1.25 port 181
24-15Chapter 24: Authentication Commandstacacs-server portThis command specifies the TACACS+ server network port. Use the no form to restore the defau
SSE-G2252/SSE-G2252P Switches User’s Manual24-16Example SSE-G2252#show tacacs-serverRemote TACACS+ server configuration:Global settings: Server Port N
24-17Chapter 24: Authentication Commandsaaa accounting commandsThis command enables the accounting of Exec mode commands. Use the no form to disable t
SSE-G2252/SSE-G2252P Switches User’s Manual24-18aaa accounting dot1xThis command enables the accounting of requested 802.1X services for network acces
24-19Chapter 24: Authentication Commandsaaa accounting execThis command enables the accounting of requested Exec services for network access. Use the
SSE-G2252/SSE-G2252P Switches User’s Manual24-20aaa accounting updateThis command enables the sending of periodic updates to the accounting server. Us
24-21Chapter 24: Authentication Commandsaaa authorization execThis command enables the authorization for Exec access. Use the no form to disable the a
SSE-G2252/SSE-G2252P Switches User’s Manual24-22aaa group serverUse this command to name a group of security server hosts. To remove a server group fr
24-23Chapter 24: Authentication CommandsCommand Usage • When specifying the index for a RADIUS server, that server index must already be defined by th
SSE-G2252/SSE-G2252P Switches User’s Manual3-12 option space dynamicProvision code width 1 length 1 hash size 2; option dynamicProvision.tftp-server-n
SSE-G2252/SSE-G2252P Switches User’s Manual24-24accounting execThis command applies an accounting method to local console, Telnet or SSH connections.
24-25Chapter 24: Authentication Commandsauthorization execThis command applies an authorization method to local console, Telnet or SSH connections. Us
SSE-G2252/SSE-G2252P Switches User’s Manual24-26show accountingThis command displays the current accounting settings per function and per port.Syntax
24-27Chapter 24: Authentication Commands24-6 Web ServerThis section describes commands used to configure web browser management access to the switch.i
SSE-G2252/SSE-G2252P Switches User’s Manual24-28ip http serverThis command allows this device to be monitored or configured from a browser. Use the no
24-29Chapter 24: Authentication CommandsCommand Usage • HTTP and HTTPS are implemented as mutually exclusive services on the switch. • If you enable H
SSE-G2252/SSE-G2252P Switches User’s Manual24-30ip http secure-portThis command specifies the UDP port number used for HTTPS connection to the switch’
24-31Chapter 24: Authentication Commands24-7 Telnet ServerThis section describes commands used to configure Telnet management access to the switch.ip
SSE-G2252/SSE-G2252P Switches User’s Manual24-32ip telnet portThis command specifies the TCP port number used by the Telnet interface. Use the no form
24-33Chapter 24: Authentication Commandsip telnet serverThis command allows this device to be monitored or configured from Telnet. Use the no form to
3-13Chapter 3: Initial ConfigurationCommunity Strings (for SNMP version 1 and 2c Clients)Community strings are used to control management access to SN
SSE-G2252/SSE-G2252P Switches User’s Manual24-3424-8 Secure ShellThis section describes the commands used to configure the SSH server. Note that you a
24-35Chapter 24: Authentication CommandsTo use the SSH server, complete these steps:1. Generate a Host Key Pair – Use the ip ssh crypto host-key gener
SSE-G2252/SSE-G2252P Switches User’s Manual24-36Authenticating SSH v1.5 Clientsa. The client sends its RSA public key to the switch. b. The switch com
24-37Chapter 24: Authentication Commandsip ssh authentication-retriesThis command configures the number of times the SSH server attempts to reauthenti
SSE-G2252/SSE-G2252P Switches User’s Manual24-38ip ssh serverThis command enables the Secure Shell (SSH) server on this switch. Use the no form to dis
24-39Chapter 24: Authentication Commandsip ssh server-key sizeThis command sets the SSH server key size. Use the no form to restore the default settin
SSE-G2252/SSE-G2252P Switches User’s Manual24-40ip ssh timeoutThis command configures the timeout for the SSH server. Use the no form to restore the d
24-41Chapter 24: Authentication CommandsDefault Setting Deletes both the DSA and RSA key.Command Mode Privileged ExecExample SSE-G2252#delete public-k
SSE-G2252/SSE-G2252P Switches User’s Manual24-42Related Commands"ip ssh crypto zeroize" on page 24-42"ip ssh save host-key" on pag
24-43Chapter 24: Authentication Commandsip ssh save host-keyThis command saves the host key from RAM to flash memory. Syntax ip ssh save host-keyDefau
SSE-G2252/SSE-G2252P Switches User’s Manual3-14SSE-G2252(config)#snmp-server host 10.1.19.98 robin version 2cSSE-G2252(config)#snmp-server host 10.1.1
SSE-G2252/SSE-G2252P Switches User’s Manual24-44show public-keyThis command shows the public key for the specified user or for the host.Syntax show pu
24-45Chapter 24: Authentication CommandsCommand Mode Privileged ExecExample SSE-G2252#show sshConnection Version State Username Encrypti
SSE-G2252/SSE-G2252P Switches User’s Manual24-4624-9 802.1X Port AuthenticationThe switch supports IEEE 802.1X (dot1x) port-based access control that
24-47Chapter 24: Authentication Commandsdot1x defaultThis command sets all configurable dot1x global and port settings to their default values.Command
SSE-G2252/SSE-G2252P Switches User’s Manual24-48ExampleThis example instructs the switch to pass all EAPOL frame through to any ports in STP forwardin
24-49Chapter 24: Authentication CommandsCommand UsageFor guest VLAN assignment to be successful, the VLAN must be configured and set as active (see th
SSE-G2252/SSE-G2252P Switches User’s Manual24-50dot1x operation-modeThis command allows hosts (clients) to connect to an 802.1X-authorized port. Use t
24-51Chapter 24: Authentication Commandsdot1x port-controlThis command sets the dot1x mode on a port interface. Use the no form to restore the default
SSE-G2252/SSE-G2252P Switches User’s Manual24-52dot1x re-authenticationThis command enables periodic re-authentication for a specified port. Use the n
24-53Chapter 24: Authentication Commandsdot1x timeout quiet-periodThis command sets the time that a switch port waits after the maximum request count
3-15Chapter 3: Initial ConfigurationDue to the size limit of the flash memory, the switch supports only two operation code files. However, you can hav
SSE-G2252/SSE-G2252P Switches User’s Manual24-54dot1x timeout re-authperiodThis command sets the time period after which a connected client must be re
24-55Chapter 24: Authentication Commandsdot1x timeout supp-timeoutThis command sets the time that an interface on the switch waits for a response to a
SSE-G2252/SSE-G2252P Switches User’s Manual24-56dot1x timeout tx-periodThis command sets the time that an interface on the switch waits during an auth
24-57Chapter 24: Authentication Commandsdot1x re-authenticateThis command forces re-authentication on all ports or a specific interface.Syntaxdot1x re
SSE-G2252/SSE-G2252P Switches User’s Manual24-58dot1x identity profileThis command sets the dot1x supplicant user name and password. Use the no form t
24-59Chapter 24: Authentication Commandsdot1x max-startThis command sets the maximum number of times that a port supplicant will send an EAP start fra
SSE-G2252/SSE-G2252P Switches User’s Manual24-60dot1x pae supplicantThis command enables dot1x supplicant mode on a port. Use the no form to disable d
24-61Chapter 24: Authentication Commandsdot1x timeout auth-periodThis command sets the time that a supplicant port waits for a response from the authe
SSE-G2252/SSE-G2252P Switches User’s Manual24-62dot1x timeout held-periodThis command sets the time that a supplicant port waits before resending its
24-63Chapter 24: Authentication Commandsdot1x timeout start-periodThis command sets the time that a supplicant port waits before resending an EAPOL st
SSE-G2252/SSE-G2252P Switches User’s Manual3-16To restore configuration settings from a backup server, enter the following command:1. From the Privile
SSE-G2252/SSE-G2252P Switches User’s Manual24-64show dot1xThis command shows general port authentication related settings on the switch or a specific
24-65Chapter 24: Authentication Commands• Reauth Period – Time after which a connected client must be re-authenticated ("dot1x timeout re-authper
SSE-G2252/SSE-G2252P Switches User’s Manual24-66ExampleSSE-G2252#show dot1xGlobal 802.1X Parameters System Auth Control : EnabledAuthenticator P
24-67Chapter 24: Authentication Commands State : InitializeSSE-G2252#24-10Management IP FilterThis section describes commands used to co
SSE-G2252/SSE-G2252P Switches User’s Manual24-68• IP address can be configured for SNMP, web, and Telnet access respectively. Each of these groups can
24-69Chapter 24: Authentication Commandsshow managementThis command displays the client IP addresses that are allowed management access to the switch
SSE-G2252/SSE-G2252P Switches User’s Manual24-70Notes
25-1Chapter 25: General Security MeasuresChapter 25General Security Measures This switch supports many methods of segregating traffic for clients atta
SSE-G2252/SSE-G2252P Switches User’s Manual25-225-1 Port Security These commands can be used to configure the maximum number of device MAC addresses t
25-3Chapter 25: General Security MeasuresMaximum Addresses: 0Command Mode Interface Configuration (Ethernet)Command Usage • The default maximum number
4-1Chapter 4: Using the Web InterfaceChapter 4 Using the Web InterfaceThis switch provides an embedded HTTP web agent. Using a web browser you can co
SSE-G2252/SSE-G2252P Switches User’s Manual25-4"shutdown" on page 27-10"mac-address-table static" on page 33-225-2 Network Access
25-5Chapter 25: General Security Measuresnetwork-access agingUse this command to enable aging for authenticated MAC addresses stored in the secure MAC
SSE-G2252/SSE-G2252P Switches User’s Manual25-6network-access mac-filterUse this command to add a MAC address into a filter table. Use the no form of
25-7Chapter 25: General Security Measuresmac-authentication reauth-timeUse this command to set the time period after which a connected MAC address mus
SSE-G2252/SSE-G2252P Switches User’s Manual25-8network-access dynamic-qosUse this command to enable the dynamic QoS feature for an authenticated port.
25-9Chapter 25: General Security MeasuresExample The following example enables the dynamic QoS feature on port 1.SSE-G2252(config)#interface ethernet
SSE-G2252/SSE-G2252P Switches User’s Manual25-10network-access guest-vlanUse this command to assign all traffic on a port to a guest VLAN when 802.1x
25-11Chapter 25: General Security MeasuresExampleSSE-G2252(config)#interface ethernet 1/1SSE-G2252(config-if)#network-access link-detectionSSE-G2252(c
SSE-G2252/SSE-G2252P Switches User’s Manual25-12network-access link-detection link-upUse this command to detect link-up events. When detected, the swi
25-13Chapter 25: General Security MeasuresDefault SettingDisabledCommand ModeInterface ConfigurationExampleSSE-G2252(config)#interface ethernet 1/1SSE
viiPrefaceQinQQinQ tunneling is designed for service providers carrying traffic for multiple customers across their networks. It is used to maintain c
SSE-G2252/SSE-G2252P Switches User’s Manual4-24-2 Navigating the Web Browser InterfaceTo access the web-browser interface you must first enter a user
SSE-G2252/SSE-G2252P Switches User’s Manual25-14network-access mode mac-authenticationUse this command to enable network access authentication on a po
25-15Chapter 25: General Security Measuresnetwork-access port-mac-filterUse this command to enable the specified MAC address filter. Use the no form o
SSE-G2252/SSE-G2252P Switches User’s Manual25-16ExampleSSE-G2252(config-if)#mac-authentication intrusion-action block-trafficSSE-G2252(config-if)#mac-
25-17Chapter 25: General Security Measuresclear network-accessUse this command to clear entries from the secure MAC addresses table.Syntaxclear networ
SSE-G2252/SSE-G2252P Switches User’s Manual25-18show network-accessUse this command to display the MAC authentication settings for port interfaces.Syn
25-19Chapter 25: General Security Measuresshow network-access mac-address-tableUse this command to display secure MAC address table entries.Syntaxshow
SSE-G2252/SSE-G2252P Switches User’s Manual25-20show network-access mac-filterUse this command to display information for entries in the MAC filter ta
25-21Chapter 25: General Security Measuresweb-auth login-attemptsThis command defines the limit for failed web authentication login attempts. After th
SSE-G2252/SSE-G2252P Switches User’s Manual25-22web-auth quiet-periodThis command defines the amount of time a host must wait after exceeding the limi
25-23Chapter 25: General Security MeasuresExample SSE-G2252(config)#web-auth session-timeout 1800SSE-G2252(config)#web-auth system-auth-controlThis co
4-3Chapter 4: Using the Web InterfaceConfiguration OptionsConfigurable parameters have a dialog box or a drop-down list. Once a configuration change
SSE-G2252/SSE-G2252P Switches User’s Manual25-24web-authThis command enables web authentication for an interface. Use the no form to restore the defau
25-25Chapter 25: General Security MeasuresExample SSE-G2252#web-auth re-authenticate interface ethernet 1/2Failed to reauth.SSE-G2252#web-auth re-auth
SSE-G2252/SSE-G2252P Switches User’s Manual25-26show web-authThis command displays global web authentication parameters.Command ModePrivileged ExecExa
25-27Chapter 25: General Security Measuresshow web-auth summaryThis command displays a summary of web authentication port parameters and statistics.Co
SSE-G2252/SSE-G2252P Switches User’s Manual25-2825-4 DHCP SnoopingDHCP snooping allows a switch to protect a network from rogue DHCP servers or other
25-29Chapter 25: General Security MeasuresCommand Usage • Network traffic may be disrupted when malicious DHCP messages are received from an outside s
SSE-G2252/SSE-G2252P Switches User’s Manual25-30• If the DHCP snooping is globally disabled, all dynamic bindings are removed from the binding table.•
25-31Chapter 25: General Security Measuresip dhcp snooping information optionThis command enables the DHCP Option 82 information relay for the switch.
SSE-G2252/SSE-G2252P Switches User’s Manual25-32ip dhcp snooping information policyThis command sets the DHCP snooping information option policy for D
25-33Chapter 25: General Security Measuresip dhcp snooping verify mac-addressThis command verifies the client’s hardware address stored in the DHCP pa
SSE-G2252/SSE-G2252P Switches User’s Manual4-4Panel DisplayThe web agent displays an image of the switch’s ports. The Mode can be set to display diffe
SSE-G2252/SSE-G2252P Switches User’s Manual25-34ip dhcp snooping vlanThis command enables DHCP snooping on the specified VLAN. Use the no form to rest
25-35Chapter 25: General Security Measuresip dhcp snooping trustThis command configures the specified interface as trusted. Use the no form to restore
SSE-G2252/SSE-G2252P Switches User’s Manual25-36clear ip dhcp snooping database flashThis command removes all dynamically learned snooping entries fro
25-37Chapter 25: General Security Measuresshow ip dhcp snooping bindingThis command shows the DHCP snooping binding table entries.Command Mode Privile
SSE-G2252/SSE-G2252P Switches User’s Manual25-38ip source-guard bindingThis command adds a static address to the source-guard binding table. Use the n
25-39Chapter 25: General Security MeasuresExampleThis example configures a static source-guard binding on port 5.SSE-G2252(config)#ip source-guard bin
SSE-G2252/SSE-G2252P Switches User’s Manual25-40• When enabled, traffic is filtered based upon dynamic entries learned via DHCP snooping, or static ad
25-41Chapter 25: General Security Measuresip source-guard max-bindingThis command sets the maximum number of entries that can be bound to an interface
SSE-G2252/SSE-G2252P Switches User’s Manual25-42show ip source-guardThis command shows whether source guard is enabled or disabled on each interface.C
25-43Chapter 25: General Security Measures25-6 ARP InspectionARP Inspection validates the MAC-to-IP address bindings in Address Resolution Protocol (A
4-5Chapter 4: Using the Web InterfaceMain Menu Using the onboard web agent, you can define system parameters, manage and control the switch, and all
SSE-G2252/SSE-G2252P Switches User’s Manual25-44ip arp inspectionThis command enables ARP Inspection globally on the switch. Use the no form to disabl
25-45Chapter 25: General Security Measuresip arp inspection filterThis command specifies an ARP ACL to apply to one or more VLANs. Use the no form to
SSE-G2252/SSE-G2252P Switches User’s Manual25-46ip arp inspection log-buffer logsThis command sets the maximum number of entries saved in a log messag
25-47Chapter 25: General Security Measuresip arp inspection validateThis command specifies additional validation of address components in an ARP packe
SSE-G2252/SSE-G2252P Switches User’s Manual25-48ip arp inspection vlanThis command enables ARP Inspection for a specified VLAN or range of VLANs. Use
25-49Chapter 25: General Security Measuresip arp inspection limitThis command sets a rate limit for the ARP packets received on a port. Use the no for
SSE-G2252/SSE-G2252P Switches User’s Manual25-50ip arp inspection trustThis command sets a port as trusted, and thus exempted from ARP Inspection. Use
25-51Chapter 25: General Security Measuresshow ip arp inspection interfaceThis command shows the trust status and ARP Inspection rate limit for ports.
SSE-G2252/SSE-G2252P Switches User’s Manual25-52Command ModePrivileged ExecExampleSSE-G2252#show ip arp inspection logTotal log entries number is 1Num
25-53Chapter 25: General Security Measuresshow ip arp inspection vlanThis command shows the configuration settings for VLANs, including ARP Inspection
SSE-G2252/SSE-G2252P Switches User’s Manual4-6FileCopy Allows the transfer and copying filesSet Startup Sets the startup fileShow Shows the files stor
SSE-G2252/SSE-G2252P Switches User’s Manual25-54Notes
26-1Chapter 26: Access Control ListsChapter 26Access Control ListsAccess Control Lists (ACL) provide packet filtering for IPv4 frames (based on addres
SSE-G2252/SSE-G2252P Switches User’s Manual26-2access-list ip This command adds an IP access list and enters configuration mode for standard or extend
26-3Chapter 26: Access Control Listspermit, deny, redirect-to (Standard IP ACL) This command adds a rule to a Standard IPv4 ACL. The rule sets a filte
SSE-G2252/SSE-G2252P Switches User’s Manual26-4Example This example configures one permit rule for the specific address 10.1.1.21 and another rule for
26-5Chapter 26: Access Control Listsno {permit | deny | redirect-to interface} tcp {any | source address-bitmask | host source} {any | destination add
SSE-G2252/SSE-G2252P Switches User’s Manual26-6Command Usage• All new rules are appended to the end of the list.• Address bit masks are similar to a s
26-7Chapter 26: Access Control ListsExampleThis example accepts any incoming packets if the source address is within subnet 10.7.1.x. For example, if
SSE-G2252/SSE-G2252P Switches User’s Manual26-8ip access-group This command binds an IPv4 ACL to a port. Use the no form to remove the port.Syntaxip a
26-9Chapter 26: Access Control ListsInterface ethernet 1/2 IP access-list david inSSE-G2252#Related Commands"ip access-group" on page 26-8sh
4-7Chapter 4: Using the Web InterfaceConfigure GeneralConfigure Configures trunk connection settingsShow InformationDisplays trunk connection setting
SSE-G2252/SSE-G2252P Switches User’s Manual26-1026-2 IPv6 ACLsThe commands in this section configure ACLs based on IPv6 addresses, and next header typ
26-11Chapter 26: Access Control Listsaccess-list ipv6 This command adds an IP access list and enters configuration mode for standard or extended IPv6
SSE-G2252/SSE-G2252P Switches User’s Manual26-12permit, deny, redirect-to (Standard IPv6 ACL) This command adds a rule to a Standard IPv6 ACL. The rul
26-13Chapter 26: Access Control ListsExample This example configures one permit rule for the specific address 2009:DB9:2229::79 and another rule for t
SSE-G2252/SSE-G2252P Switches User’s Manual26-14destination-ipv6-address - An IPv6 destination address or network class. The address must be formatted
26-15Chapter 26: Access Control ListsConsole(config-ext-ipv6-acl)#permit 2009:DB9:2229::79/8Console(config-ext-ipv6-acl)#This allows packets to any de
SSE-G2252/SSE-G2252P Switches User’s Manual26-16ipv6 access-group This command binds a port to an IPv6 ACL. Use the no form to remove the port.Syntaxi
26-17Chapter 26: Access Control Listsshow ipv6 access-groupThis command shows the ports assigned to IPv6 ACLs.Command ModePrivileged ExecExample Conso
SSE-G2252/SSE-G2252P Switches User’s Manual26-18access-list mac This command adds a MAC access list and enters MAC ACL configuration mode. Use the no
26-19Chapter 26: Access Control Listspermit, deny, redirect-to (MAC ACL)This command adds a rule to a MAC ACL. The rule filters packets matching a spe
SSE-G2252/SSE-G2252P Switches User’s Manual4-8VLAN Trunking Allows unknown VLAN groups to pass through the specified interfaceVLAN Virtual LANStaticCo
SSE-G2252/SSE-G2252P Switches User’s Manual26-20no {permit | deny | redirect-to interface} tagged-802.3 {any | host source | source address-bitmask}{a
26-21Chapter 26: Access Control ListsCommand ModeMAC ACLCommand Usage• New rules are added to the end of the list.• The ethertype option can only be u
SSE-G2252/SSE-G2252P Switches User’s Manual26-22mac access-groupThis command binds a MAC ACL to a port. Use the no form to remove the port.Syntaxmac a
26-23Chapter 26: Access Control Listsshow mac access-groupThis command shows the ports assigned to MAC ACLs.Command ModePrivileged ExecExample SSE-G22
SSE-G2252/SSE-G2252P Switches User’s Manual26-24access-list arp This command adds an ARP access list and enters ARP ACL configuration mode. Use the no
26-25Chapter 26: Access Control Listspermit, deny (ARP ACL)This command adds a rule to an ARP ACL. The rule filters packets matching a specified sourc
SSE-G2252/SSE-G2252P Switches User’s Manual26-26Example This rule permits packets from any source IP and MAC address to the destination subnet address
26-27Chapter 26: Access Control Lists26-5 ACL InformationThis section describes commands used to display ACL information.show access-groupThis command
SSE-G2252/SSE-G2252P Switches User’s Manual26-28show access-listThis command shows all ACLs and associated rules.Syntaxshow access-list [[arp [acl-nam
27-1Chapter 27: Interface CommandsChapter 27Interface CommandsThese commands are used to display or set communication parameters for an Ethernet port,
4-9Chapter 4: Using the Web InterfaceMAC-BasedAdd Maps traffic with specified source MAC address to a VLANShow Shows source MAC address to VLAN mappi
SSE-G2252/SSE-G2252P Switches User’s Manual27-2interfaceThis command configures an interface type and enters interface configuration mode. Use the no
27-3Chapter 27: Interface CommandsExample To specify port 4, enter the following command:SSE-G2252(config)#interface ethernet 1/4SSE-G2252(config-if)#
SSE-G2252/SSE-G2252P Switches User’s Manual27-4capabilitiesThis command advertises the port capabilities of a given interface during auto-negotiation.
27-5Chapter 27: Interface CommandsSSE-G2252(config-if)#Related Commands "negotiation" on page 27-9"speed-duplex" on page 27-10&quo
SSE-G2252/SSE-G2252P Switches User’s Manual27-6flowcontrolThis command enables flow control. Use the no form to disable flow control.Syntax [no] flowc
27-7Chapter 27: Interface Commandsgiga-phy-modeThis command forces two connected ports into a master/slave configuration to enable 1000BASE-T full dup
SSE-G2252/SSE-G2252P Switches User’s Manual27-8media-typeThis command forces the port type selected for the combination ports. Use the no form to rest
27-9Chapter 27: Interface CommandsnegotiationThis command enables auto-negotiation for a given interface. Use the no form to disable auto-negotiation.
SSE-G2252/SSE-G2252P Switches User’s Manual27-10shutdown This command disables an interface. To restart a disabled interface, use the no form.Syntax [
27-11Chapter 27: Interface CommandsDefault Setting • Auto-negotiation is enabled by default.• When auto-negotiation is disabled, the default speed-dup
SSE-G2252/SSE-G2252P Switches User’s Manual4-10Show Information Shows global settings for an MST instanceConfigure InterfaceConfigure Configures inter
SSE-G2252/SSE-G2252P Switches User’s Manual27-12switchport packet-rateThis command configures broadcast, multicast and unknown unicast storm control.
27-13Chapter 27: Interface Commands• The description of effective rate limiting (see Command Usage under Section 10-1: "Rate Limiting" on pa
SSE-G2252/SSE-G2252P Switches User’s Manual27-14Example The following example clears statistics on port 5.SSE-G2252#clear counters ethernet 1/5SSE-G22
27-15Chapter 27: Interface Commands 5525 Multi-cast Output 170 Broadcast Input 11 Broadcas
SSE-G2252/SSE-G2252P Switches User’s Manual27-16port-channel channel-id (Range: 1-12) vlan vlan-id (Range: 1-4093) Default Setting Shows the status fo
27-17Chapter 27: Interface CommandsSyntax show interfaces switchport [interface]interface ethernet unit/portunit - Unit identifier. (Range: 1) port -
SSE-G2252/SSE-G2252P Switches User’s Manual27-18Example This example shows the configuration setting for port 21.SSE-G2252#show interfaces switchport
27-19Chapter 27: Interface Commandsshow interfaces transceiverThis command displays identifying information for the specified transceiver, as well as
SSE-G2252/SSE-G2252P Switches User’s Manual27-20Example Console#show interfaces transceiver ethernet 1/25SFP Information of Ethernet 1/25 Identifier :
27-21Chapter 27: Interface CommandsCommand Usage • Cable diagnostics are performed using Digital Signal Processing (DSP) test methods.• This cable tes
4-11Chapter 4: Using the Web InterfaceShow Rule Shows the traffic classification rules for a class mapConfigure PolicyAdd Creates a policy map to app
SSE-G2252/SSE-G2252P Switches User’s Manual27-22show cable-diagnostics This command shows the results of a cable diagnostics test.SYNTAX show cable-di
27-23Chapter 27: Interface CommandsCommand Usage • IEEE 802.3 defines the Ethernet standard and subsequent power requirements based on cable connectio
SSE-G2252/SSE-G2252P Switches User’s Manual27-24show power-save This command shows the configuration settings for power savings.Syntax show power-save
28-1Chapter 28: Link Aggregation CommandsChapter 28Link Aggregation CommandsPorts can be statically grouped into an aggregate link (i.e., trunk) to in
SSE-G2252/SSE-G2252P Switches User’s Manual28-2• Any of the Gigabit ports on the front panel can be trunked together, including ports of different med
28-3Chapter 28: Link Aggregation CommandsExample The following example creates trunk 1 and then adds port 11:SSE-G2252(config)#interface port-channel
SSE-G2252/SSE-G2252P Switches User’s Manual28-4ExampleThe following shows LACP enabled on ports 10-12. Because LACP has also been enabled on the ports
28-5Chapter 28: Link Aggregation Commandslacp admin-key (Ethernet Interface)This command configures a port's LACP administration key. Use the no
SSE-G2252/SSE-G2252P Switches User’s Manual28-6lacp port-priorityThis command configures LACP port priority. Use the no form to restore the default se
28-7Chapter 28: Link Aggregation Commandslacp system-priorityThis command configures a port's LACP system priority. Use the no form to restore th
SSE-G2252/SSE-G2252P Switches USER’S MANUALviiiUTCUniversal Time Coordinate. UTC is a time scale that couples Greenwich Mean Time (based solely on the
SSE-G2252/SSE-G2252P Switches User’s Manual4-12Show InformationSummaryShows the configured accounting methods, and the methods applied to specific int
SSE-G2252/SSE-G2252P Switches User’s Manual28-8lacp admin-key (Port Channel)This command configures a port channel's LACP administration key stri
28-9Chapter 28: Link Aggregation Commandsshow lacpThis command displays LACP information.Syntax show lacp [port-channel] {counters | internal | neighb
SSE-G2252/SSE-G2252P Switches User’s Manual28-10SSE-G2252#show lacp 1 internalPort Channel : 1--------------------------------------------------------
28-11Chapter 28: Link Aggregation CommandsTable 28-3. show lacp internal - Display Description Field DescriptionOper Key Current operational value of
SSE-G2252/SSE-G2252P Switches User’s Manual28-12SSE-G2252#show lacp 1 neighborsPort Channel 1 neighbors-----------------------------------------------
28-13Chapter 28: Link Aggregation Commands SSE-G2252#show lacp sysidPort Channel System Priority System MAC Address----------------------------
SSE-G2252/SSE-G2252P Switches User’s Manual28-14Notes
29-1Chapter 29: Power Over Ethernet CommandsChapter 29Power Over Ethernet CommandsThe commands in this group control the power that can be delivered t
SSE-G2252/SSE-G2252P Switches User’s Manual29-2Command Usage • The switch automatically detects attached PoE devices by periodically transmitting test
29-3Chapter 29: Power Over Ethernet Commandspower inlineThis command instructs the switch to automatically detect if a PoE-compliant device is connect
4-13Chapter 4: Using the Web InterfaceConfigure Global Configures SSH server settingsConfigure Host KeyGenerate Generates the host key pair (public a
SSE-G2252/SSE-G2252P Switches User’s Manual29-4power inline maximum allocationThis command limits the power allocated to specific ports. Use the no fo
29-5Chapter 29: Power Over Ethernet CommandsDefault Setting 3 (low)Command Mode Interface ConfigurationCommand Usage • If the power demand from device
SSE-G2252/SSE-G2252P Switches User’s Manual29-6power inline time-rangeThis command binds a time-range to a port during which PoE is supplied to the at
29-7Chapter 29: Power Over Ethernet CommandsUnit: 1Compatible mode : Enabled Time Max UsedInterface Admin Range
SSE-G2252/SSE-G2252P Switches User’s Manual29-8show power inline time-rangeThis command displays the time-range and current status for specific ports
29-9Chapter 29: Power Over Ethernet Commandsshow power poeUse this command to display the current power status for the switch.Command Mode Privileged
SSE-G2252/SSE-G2252P Switches User’s Manual29-10Notes
30-1Chapter 30: Port Mirroring CommandsChapter 30Port Mirroring CommandsData can be mirrored from a local port on the same switch or from a remote por
SSE-G2252/SSE-G2252P Switches User’s Manual30-2port monitorThis command configures a mirror session. Use the no form to clear a mirror session.Syntax
30-3Chapter 30: Port Mirroring Commands• When mirroring traffic from a port or trunk, the mirror port/trunk and monitor port speeds should match, othe
SSE-G2252/SSE-G2252P Switches User’s Manual4-14Authenticator Displays protocol statistics for port authenticatorSupplicant Displays protocol statist
SSE-G2252/SSE-G2252P Switches User’s Manual30-4show port monitorThis command displays mirror information.Syntax show port monitor [interface | vlan vl
30-5Chapter 30: Port Mirroring Commands30-2 RSPAN Mirroring Commands Remote Switched Port Analyzer (RSPAN) allows you to mirror traffic from remote sw
SSE-G2252/SSE-G2252P Switches User’s Manual30-6• Spanning Tree – If the spanning tree is disabled, BPDUs will not be flooded onto the RSPAN VLAN. MAC
30-7Chapter 30: Port Mirroring CommandsCommand Mode Global ConfigurationCommand Usage • One or more source ports can be assigned to the same RSPAN ses
SSE-G2252/SSE-G2252P Switches User’s Manual30-8Command Mode Global ConfigurationCommand Usage • Only one destination port can be configured on the sam
30-9Chapter 30: Port Mirroring Commandsuplink - A port configured to receive or transmit remotely mirrored traffic.interfaceethernet unit/port unit -
SSE-G2252/SSE-G2252P Switches User’s Manual30-10no rspan sessionUse this command to delete a configured RSPAN session.Syntaxno rspan session session-i
30-11Chapter 30: Port Mirroring Commandsshow rspanUse this command to displays the configuration settings for an RSPAN session.Syntaxshow rspan sessio
SSE-G2252/SSE-G2252P Switches User’s Manual30-12Notes
31-1Chapter 31: Rate Limit CommandsChapter 31Rate Limit CommandsThis function allows the network manager to control the maximum rate for traffic trans
4-15Chapter 4: Using the Web InterfacePort/Trunk DetailsDisplays detailed information about a remote device connected to this switchShow Device Stati
SSE-G2252/SSE-G2252P Switches User’s Manual31-2Command Usage • Using both rate limiting and storm control on the same interface may lead to unexpected
32-1Chapter 32: Automatic Traffic Control CommandsChapter 32Automatic Traffic Control CommandsAutomatic Traffic Control (ATC) configures bounding thre
SSE-G2252/SSE-G2252P Switches User’s Manual32-2auto-traffic-control apply-timer This command sets the time at which to apply the control response afte
32-3Chapter 32: Automatic Traffic Control CommandsExample This example sets the apply timer to 200 seconds for all ports.SSE-G2252(config)#auto-traffi
SSE-G2252/SSE-G2252P Switches User’s Manual32-4Syntax [no] auto-traffic-control {broadcast | multicast}broadcast - Specifies automatic storm control f
32-5Chapter 32: Automatic Traffic Control Commandsshutdown - If a control response is triggered, the port is administratively disabled. A port disable
SSE-G2252/SSE-G2252P Switches User’s Manual32-6auto-traffic-control alarm-clear-thresholdThis command sets the lower threshold for ingress traffic ben
32-7Chapter 32: Automatic Traffic Control Commandsauto-traffic-control alarm-fire-thresholdThis command sets the upper threshold for ingress traffic b
SSE-G2252/SSE-G2252P Switches User’s Manual32-8auto-traffic-control auto-control-releaseThis command automatically releases a control response of rate
32-9Chapter 32: Automatic Traffic Control Commandsauto-traffic-control control-releaseThis command manually releases a control response. Syntax auto-t
SSE-G2252/SSE-G2252P Switches User’s Manual4-16Configure NotificationAddConfigures notification managers to receive messages on key events that occur
SSE-G2252/SSE-G2252P Switches User’s Manual32-10snmp-server enable port-traps atc broadcast-alarm-clearThis command sends a trap when broadcast traffi
32-11Chapter 32: Automatic Traffic Control Commandssnmp-server enable port-traps atc broadcast-alarm-fireThis command sends a trap when broadcast traf
SSE-G2252/SSE-G2252P Switches User’s Manual32-12snmp-server enable port-traps atc broadcast-control-applyThis command sends a trap when broadcast traf
32-13Chapter 32: Automatic Traffic Control Commandssnmp-server enable port-traps atc broadcast-control-releaseThis command sends a trap when broadcast
SSE-G2252/SSE-G2252P Switches User’s Manual32-14snmp-server enable port-traps atc multicast-alarm-clearThis command sends a trap when multicast traffi
32-15Chapter 32: Automatic Traffic Control Commandssnmp-server enable port-traps atc multicast-alarm-fireThis command sends a trap when multicast traf
SSE-G2252/SSE-G2252P Switches User’s Manual32-16snmp-server enable port-traps atc multicast-control-applyThis command sends a trap when multicast traf
32-17Chapter 32: Automatic Traffic Control Commandssnmp-server enable port-traps atc multicast-control-releaseThis command sends a trap when multicast
SSE-G2252/SSE-G2252P Switches User’s Manual32-18show auto-traffic-controlThis command shows global configuration settings for automatic storm control.
32-19Chapter 32: Automatic Traffic Control CommandsExampleSSE-G2252#show auto-traffic-control interface ethernet 1/1Eth 1/1 Information---------------
4-17Chapter 4: Using the Web InterfaceShow Rule Shows the time specified by a ruleIPGeneral Ping Sends ICMP echo request packets to another node on t
SSE-G2252/SSE-G2252P Switches User’s Manual32-20Notes
33-1Chapter 33: Address Table CommandsChapter 33Address Table CommandsThese commands are used to configure the address table for filtering specified a
SSE-G2252/SSE-G2252P Switches User’s Manual33-2mac-address-table aging-timeThis command sets the aging time for entries in the address table. Use the
33-3Chapter 33: Address Table Commandsdelete-on-reset - Assignment lasts until the switch is reset. permanent - Assignment is permanent. Default Setti
SSE-G2252/SSE-G2252P Switches User’s Manual33-4clear mac-address-table dynamicThis command removes any learned entries from the forwarding database.De
33-5Chapter 33: Address Table CommandsCommand Usage • The MAC Address Table contains the MAC addresses associated with each interface. Note that the T
SSE-G2252/SSE-G2252P Switches User’s Manual33-6show mac-address-table countThis command shows the number of MAC addresses used and the number of avail
34-1Chapter 34: Spanning Tree CommandsChapter 34Spanning Tree CommandsThis section includes commands that configure the Spanning Tree Algorithm (STA)
SSE-G2252/SSE-G2252P Switches User’s Manual34-2spanning-treeThis command enables the Spanning Tree Algorithm globally for the switch. Use the no form
34-3Chapter 34: Spanning Tree Commandsspanning-tree cisco-prestandardThis command configures spanning tree operation to be compatible with Cisco prest
SSE-G2252/SSE-G2252P Switches User’s Manual4-18DHCP Dynamic Host Configuration ProtocolSnoopingConfigure GlobalEnables DHCP snooping globally, MAC-add
SSE-G2252/SSE-G2252P Switches User’s Manual34-4Command Usage This command sets the maximum time (in seconds) the root device will wait before changing
34-5Chapter 34: Spanning Tree Commandsspanning-tree max-ageThis command configures the spanning tree bridge maximum age globally for this switch. Use
SSE-G2252/SSE-G2252P Switches User’s Manual34-6spanning-tree modeThis command selects the spanning tree mode for this switch. Use the no form to resto
34-7Chapter 34: Spanning Tree Commands• Be careful when switching between spanning tree modes. Changing modes stops all spanning-tree instances for th
SSE-G2252/SSE-G2252P Switches User’s Manual34-8spanning-tree priorityThis command configures the spanning tree priority globally for this switch. Use
34-9Chapter 34: Spanning Tree Commandsspanning-tree mst configuration This command changes to Multiple Spanning Tree (MST) configuration mode. Default
SSE-G2252/SSE-G2252P Switches User’s Manual34-10spanning-tree transmission-limitThis command configures the minimum interval between the transmission
34-11Chapter 34: Spanning Tree Commandsmax-hopsThis command configures the maximum number of hops in the region before a BPDU is discarded. Use the no
SSE-G2252/SSE-G2252P Switches User’s Manual34-12mst priorityThis command configures the priority of a spanning tree instance. Use the no form to resto
34-13Chapter 34: Spanning Tree Commandsmst vlanThis command adds VLANs to a spanning tree instance. Use the no form to remove the specified VLANs. Usi
4-19Chapter 4: Using the Web InterfaceConfigure InterfaceAssigns IGMP filter profiles to port interfaces and sets throttling actionMVR Multicast VLAN
SSE-G2252/SSE-G2252P Switches User’s Manual34-14nameThis command configures the name for the multiple spanning tree region in which this switch is loc
34-15Chapter 34: Spanning Tree CommandsrevisionThis command configures the revision number for this multiple spanning tree configuration of this switc
SSE-G2252/SSE-G2252P Switches User’s Manual34-16spanning-tree bpdu-filterThis command filters all BPDUs received on an edge port. Use the no form to d
34-17Chapter 34: Spanning Tree Commandsspanning-tree bpdu-guardThis command shuts down an edge port (i.e., an interface set for fast forwarding) if it
SSE-G2252/SSE-G2252P Switches User’s Manual34-18spanning-tree costThis command configures the spanning tree path cost for the specified interface. Use
34-19Chapter 34: Spanning Tree CommandsCommand Usage • This command is used by the Spanning Tree Algorithm to determine the best path between devices.
SSE-G2252/SSE-G2252P Switches User’s Manual34-20SSE-G2252(config-if)#spanning-tree edge-portSSE-G2252(config-if)#spanning-tree link-typeThis command c
34-21Chapter 34: Spanning Tree CommandsSyntax[no] spanning-tree loopback-detectionDefault Setting EnabledCommand ModeInterface Configuration (Ethernet
SSE-G2252/SSE-G2252P Switches User’s Manual34-22spanning-tree loopback-detection release-modeThis command configures the release mode for a port that
34-23Chapter 34: Spanning Tree Commandsspanning-tree loopback-detection trapThis command enables SNMP trap notification for Spanning Tree loopback BPD
SSE-G2252/SSE-G2252P Switches User’s Manual4-20
SSE-G2252/SSE-G2252P Switches User’s Manual34-24Default Setting By default, the system automatically detects the speed and duplex mode used on each po
34-25Chapter 34: Spanning Tree Commandsspanning-tree mst port-priorityThis command configures the interface priority on a spanning instance in the Mul
SSE-G2252/SSE-G2252P Switches User’s Manual34-26spanning-tree port-priorityThis command configures the priority for the specified interface. Use the n
34-27Chapter 34: Spanning Tree Commandsspanning-tree root-guardThis command prevents a designated port3 from taking superior BPDUs into account and al
SSE-G2252/SSE-G2252P Switches User’s Manual34-28spanning-tree spanning-disabledThis command disables the spanning tree algorithm for the specified int
34-29Chapter 34: Spanning Tree CommandsExample Console#spanning-tree loopback-detection release ethernet 1/1Console#spanning-tree protocol-migrationTh
SSE-G2252/SSE-G2252P Switches User’s Manual34-30show spanning-treeThis command shows the configuration for the common spanning tree (CST), for all ins
34-31Chapter 34: Spanning Tree CommandsExampleSSE-G2252#show spanning-treeSpanning Tree Information---------------------------------------------------
SSE-G2252/SSE-G2252P Switches User’s Manual34-32show spanning-tree mst configurationThis command shows the configuration of the multiple spanning tree
35-1Chapter 35: VLAN CommandsChapter 35VLAN CommandsA VLAN is a group of ports that can be located anywhere in the network, but communicate as though
5-1Chapter 5: Basic Management TasksChapter 5Basic Management TasksThis chapter describes the following topics:• Displaying System Information – Provi
SSE-G2252/SSE-G2252P Switches User’s Manual35-235-1 GVRP and Bridge Extension CommandsGARP VLAN Registration Protocol defines a way for switches to ex
35-3Chapter 35: VLAN Commandsgarp timerThis command sets the values for the join, leave and leaveall timers. Use the no form to restore the timers’ de
SSE-G2252/SSE-G2252P Switches User’s Manual35-4Related Commands"show garp timer" on page 35-6switchport forbidden vlanThis command configure
35-5Chapter 35: VLAN Commandsswitchport gvrpThis command enables GVRP for a port. Use the no form to disable it.Syntax [no] switchport gvrpDefault Set
SSE-G2252/SSE-G2252P Switches User’s Manual35-6show bridge-extThis command shows the configuration for bridge extension commands.Default Setting NoneC
35-7Chapter 35: VLAN CommandsCommand Mode Normal Exec, Privileged ExecExample SSE-G2252#show garp timer ethernet 1/1Eth 1/ 1 GARP timer status: Join T
SSE-G2252/SSE-G2252P Switches User’s Manual35-835-2 Editing VLAN Groupsvlan databaseThis command enters VLAN database mode. All commands in this mode
35-9Chapter 35: VLAN CommandsvlanThis command configures a VLAN. Use the no form to restore the default settings or delete a VLAN.Syntax vlan vlan-id
SSE-G2252/SSE-G2252P Switches User’s Manual35-10Example The following example adds a VLAN, using VLAN ID 105 and name RD5. The VLAN is activated by de
35-11Chapter 35: VLAN Commandsinterface vlanThis command enters interface configuration mode for VLANs, which is used to configure VLAN parameters for
ixTable of ContentsChapter 1 Introduction...1-11-1 Key Features...
SSE-G2252/SSE-G2252P Switches User’s Manual5-2• System Name – Name assigned to the switch system.• System Location – Specifies the system location.• S
SSE-G2252/SSE-G2252P Switches User’s Manual35-12switchport acceptable-frame-types This command configures the acceptable frame types for a port. Use t
35-13Chapter 35: VLAN Commandsswitchport allowed vlanThis command configures VLAN groups on the selected interface. Use the no form to restore the def
SSE-G2252/SSE-G2252P Switches User’s Manual35-14Example The following example shows how to add VLANs 1, 2, 5 and 6 to the allowed list as tagged VLANs
35-15Chapter 35: VLAN CommandsSyntax switchport mode {access | hybrid | trunk}no switchport modeaccess - Specifies an access VLAN interface. The port
SSE-G2252/SSE-G2252P Switches User’s Manual35-16switchport native vlanThis command configures the PVID (i.e., default VLAN ID) for a port. Use the no
35-17Chapter 35: VLAN Commandsvlan-trunkingThis command allows unknown VLAN groups to pass through the specified interface. Use the no form to disable
SSE-G2252/SSE-G2252P Switches User’s Manual35-18• If both VLAN trunking and ingress filtering are disabled on an interface, packets with unknown VLAN
35-19Chapter 35: VLAN CommandsExample The following example shows how to display information for VLAN 1:SSE-G2252#show vlan id 1VLAN ID:
SSE-G2252/SSE-G2252P Switches User’s Manual35-2035-5 Configuring IEEE 802.1Q TunnelingIEEE 802.1Q tunneling (QinQ tunneling) uses a single Service Pro
35-21Chapter 35: VLAN Commands• If the spanning tree protocol is enabled, be aware that a tunnel access or tunnel uplink port may be disabled if the s
5-3Chapter 5: Basic Management TasksMain Board Information• Serial Number – The serial number of the switch.• Number of Ports – Number of built-in por
SSE-G2252/SSE-G2252P Switches User’s Manual35-22switchport dot1q-tunnel modeThis command configures an interface as a QinQ tunnel port. Use the no for
35-23Chapter 35: VLAN Commandsswitchport dot1q-tunnel tpidThis command sets the Tag Protocol Identifier (TPID) value of a tunnel port. Use the no form
SSE-G2252/SSE-G2252P Switches User’s Manual35-24show dot1q-tunnelThis command displays information about QinQ tunnel ports.Command Mode Privileged Exe
35-25Chapter 35: VLAN CommandsSyntax[no] traffic-segmentation [uplink interface-list downlink interface-list]uplink – Specifies an uplink interface.do
SSE-G2252/SSE-G2252P Switches User’s Manual35-26ExampleSSE-G2252#show traffic-segmentationPrivate VLAN status: DisabledUp-link Port: Ethernet 1/12Down
35-27Chapter 35: VLAN Commandsprotocol-vlan protocol-group (Configuring Groups)This command creates a protocol group, or to add specific protocols to
SSE-G2252/SSE-G2252P Switches User’s Manual35-28protocol-vlan protocol-group (Configuring Interfaces)This command maps a protocol group to a VLAN for
35-29Chapter 35: VLAN Commandsshow protocol-vlan protocol-groupThis command shows the frame and protocol type associated with protocol groups.Syntax s
SSE-G2252/SSE-G2252P Switches User’s Manual35-30show interfaces protocol-vlan protocol-groupThis command shows the mapping from protocol groups to VLA
35-31Chapter 35: VLAN Commands35-8 Configuring IP Subnet VLANsWhen using IEEE 802.1Q port-based VLAN classification, all untagged frames received by a
SSE-G2252/SSE-G2252P Switches User’s Manual5-4Usage GuidelinesTo use jumbo frames, both the source and destination end nodes (such as a computer or se
SSE-G2252/SSE-G2252P Switches User’s Manual35-32Command Usage• Each IP subnet can be mapped to only one VLAN ID. An IP subnet consists of an IP addres
35-33Chapter 35: VLAN Commands35-9 Configuring MAC Based VLANsWhen using IEEE 802.1Q port-based VLAN classification, all untagged frames received by a
SSE-G2252/SSE-G2252P Switches User’s Manual35-34Command Usage• The MAC-to-VLAN mapping applies to all ports on the switch.• Source MAC addresses can b
35-35Chapter 35: VLAN Commands35-10Configuring Voice VLANsThe switch allows you to specify a Voice VLAN for the network and set a CoS priority for the
SSE-G2252/SSE-G2252P Switches User’s Manual35-36voice vlanThis command enables VoIP traffic detection and defines the Voice VLAN ID. Use the no form t
35-37Chapter 35: VLAN Commandsvoice vlan agingThis command sets the Voice VLAN ID time out. Use the no form to restore the default.Syntaxvoice vlan ag
SSE-G2252/SSE-G2252P Switches User’s Manual35-38voice vlan mac-addressThis command specifies MAC address ranges to add to the OUI Telephony list. Use
35-39Chapter 35: VLAN Commandsswitchport voice vlan This command specifies the Voice VLAN mode for ports. Use the no form to disable the Voice VLAN fe
SSE-G2252/SSE-G2252P Switches User’s Manual35-40switchport voice vlan priorityThis command specifies a CoS priority for VoIP traffic on a port. Use th
35-41Chapter 35: VLAN Commandsswitchport voice vlan ruleThis command selects a method for detecting VoIP traffic on a port. Use the no form to disable
5-5Chapter 5: Basic Management Tasks• Traffic Classes – This switch provides mapping of user priorities to multiple traffic classes. (Refer to Chapter
SSE-G2252/SSE-G2252P Switches User’s Manual35-42switchport voice vlan securityThis command enables security filtering for VoIP traffic on a port. Use
35-43Chapter 35: VLAN Commandsshow voice vlanThis command displays the Voice VLAN settings on the switch and the OUI Telephony list.Syntaxshow voice v
SSE-G2252/SSE-G2252P Switches User’s Manual35-44Notes
36-1Chapter 36: Class of Service CommandsChapter 36Class of Service CommandsThe commands described in this section allow you to specify which data pac
SSE-G2252/SSE-G2252P Switches User’s Manual36-2queue modeThis command sets the scheduling mode used for processing each of the class of service (CoS)
36-3Chapter 36: Class of Service Commands• A weight can be assigned to each of the weighted queues (and thereby to the corresponding traffic prioritie
SSE-G2252/SSE-G2252P Switches User’s Manual36-4queue weightThis command assigns weights to the four class of service (CoS) priority queues when using
36-5Chapter 36: Class of Service Commandsswitchport priority defaultThis command sets a priority for incoming untagged frames. Use the no form to rest
SSE-G2252/SSE-G2252P Switches User’s Manual36-6show queue modeThis command shows the current queue mode.Command Mode Privileged ExecExample SSE-G2252#
36-7Chapter 36: Class of Service Commands36-2 Priority Commands (Layer 3 and 4)This section describes commands used to configure Layer 3 and 4 traffic
SSE-G2252/SSE-G2252P Switches User’s Manual5-65-5 Managing System FilesThis section describes how to upgrade the switch operating software or configur
SSE-G2252/SSE-G2252P Switches User’s Manual36-8Default SettingCommand Mode Interface Configuration (Port, Static Aggregation)Command Usage • The defau
36-9Chapter 36: Class of Service CommandsSSE-G2252(config-if)#qos map dscp-mutationThis command maps DSCP values in incoming packets to per-hop behavi
SSE-G2252/SSE-G2252P Switches User’s Manual36-10Command Mode Interface Configuration (Port, Static Aggregation)Command Usage • Enter a value pair for
36-11Chapter 36: Class of Service CommandsDefault SettingCommand Mode Interface Configuration (Port, Static Aggregation)Command Usage • Enter a queue
SSE-G2252/SSE-G2252P Switches User’s Manual36-12qos map trust-modeThis command sets QoS mapping to DSCP or CoS. Use the no form to restore the default
36-13Chapter 36: Class of Service Commandsshow qos map dscp-mutationThis command shows the ingress DSCP to internal DSCP map.Syntax show qos map dscp-
SSE-G2252/SSE-G2252P Switches User’s Manual36-14show qos map phb-queueThis command shows internal per-hop behavior to hardware queue map.Syntax show q
36-15Chapter 36: Class of Service Commandsshow qos map cos-dscpThis command shows ingress CoS/CFI to internal DSCP map.Syntax show qos map cos-dscp in
SSE-G2252/SSE-G2252P Switches User’s Manual36-16show qos map trust-modeThis command shows the QoS mapping mode.Syntax show qos map trust-mode interfac
37-1Chapter 37: Quality of Service CommandsChapter 37Quality of Service CommandsThe commands described in this section are used to configure Different
5-7Chapter 5: Basic Management Tasks• FTP Upgrade – Copies a file from an FTP server to the switch.• FTP Download – Copies a file from the switch to a
SSE-G2252/SSE-G2252P Switches User’s Manual37-2Creating a Service Policy for a Specific Category of Ingress Traffic1. Use the class-map command to des
37-3Chapter 37: Quality of Service Commands• One or more class maps can be assigned to a policy map ("policy-map" on page 37-6). The policy
SSE-G2252/SSE-G2252P Switches User’s Manual37-4matchThis command defines the criteria used to classify traffic. Use the no form to delete the matching
37-5Chapter 37: Quality of Service CommandsSSE-G2252(config)#class-map rd-class#2 match-any SSE-G2252(config-cmap)#match ip precedence 5SSE-G2252(conf
SSE-G2252/SSE-G2252P Switches User’s Manual37-6policy-mapThis command creates a policy map that can be attached to multiple interfaces, and enters Pol
37-7Chapter 37: Quality of Service CommandsclassThis command defines a traffic classification upon which a policy can act, and enters Policy Map Class
SSE-G2252/SSE-G2252P Switches User’s Manual37-8police flowThis command defines an enforcer for classified traffic based on the metered flow rate. Use
37-9Chapter 37: Quality of Service CommandsThe token bucket C is initially full, that is, the token count Tc(0) = BC. Thereafter, the token count Tc i
SSE-G2252/SSE-G2252P Switches User’s Manual37-10conform-action - Action to take when rate is within the CIR and BC. (There are enough tokens in bucket
37-11Chapter 37: Quality of Service Commands• If Tc is less than BC, Tc is incremented by one• If Te is less then BE, Te is incremented by one• Otherw
SSE-G2252/SSE-G2252P Switches User’s Manual5-86. Set the file type to OPERATION > CODE or LOADER. 7. Enter the name of the file to download.8. Sele
SSE-G2252/SSE-G2252P Switches User’s Manual37-12police trtcm-colorThis command defines an enforcer for classified traffic based on a two rate three co
37-13Chapter 37: Quality of Service CommandsCommand Usage • You can configure up to 16 policers (i.e., class maps) for ingress ports.• The committed-r
SSE-G2252/SSE-G2252P Switches User’s Manual37-14• The trTCM can be used to mark a IP packet stream in a service, where different, decreasing levels of
37-15Chapter 37: Quality of Service CommandsExample This example creates a policy called “rd-policy,” uses the class command to specify the previously
SSE-G2252/SSE-G2252P Switches User’s Manual37-16set phbThis command services IP traffic by setting a per-hop behavior value for a matching packet (as
37-17Chapter 37: Quality of Service Commandsservice-policyThis command applies a policy map defined by the policy-map command to the ingress side of a
SSE-G2252/SSE-G2252P Switches User’s Manual37-18show class-mapThis command displays the QoS class maps which define matching criteria used for classif
37-19Chapter 37: Quality of Service Commandsshow policy-map This command displays the QoS policy maps which define classification criteria for incomin
SSE-G2252/SSE-G2252P Switches User’s Manual37-20show policy-map interfaceThis command displays the service policy assigned to the specified interface.
38-1Chapter 38: Multicast Filtering CommandsChapter 38Multicast Filtering CommandsThis switch uses IGMP (Internet Group Management Protocol) to check
5-9Chapter 5: Basic Management TasksWeb InterfaceTo save the running configuration file:1. Click SYSTEM, then FILE. 2. Select COPY from the Action lis
SSE-G2252/SSE-G2252P Switches User’s Manual38-2ip igmp snooping unsolicited-report-intervalSpecifies how often the upstream interface should transmit
38-3Chapter 38: Multicast Filtering Commandsip igmp snoopingThis command enables IGMP snooping globally on the switch or on a selected VLAN interface.
SSE-G2252/SSE-G2252P Switches User’s Manual38-4ip igmp snooping proxy-reportingThis command enables IGMP Snooping with Proxy Reporting. Use the no for
38-5Chapter 38: Multicast Filtering Commandsip igmp snooping querierThis command enables the switch as an IGMP querier. Use the no form to disable it.
SSE-G2252/SSE-G2252P Switches User’s Manual38-6ip igmp snooping router-alert-option-check This command discards any IGMPv2/v3 packets that do not incl
38-7Chapter 38: Multicast Filtering Commandsip igmp snooping router-port-expire-timeThis command configures the querier time out. Use the no form to r
SSE-G2252/SSE-G2252P Switches User’s Manual38-8Command Usage • When a spanning tree topology change occurs, the multicast membership information learn
38-9Chapter 38: Multicast Filtering Commandsip igmp snooping tcn-query-solicit This command instructs the switch to send out an IGMP general query sol
SSE-G2252/SSE-G2252P Switches User’s Manual38-10ip igmp snooping unregistered-data-flood This command floods unregistered multicast traffic into the a
38-11Chapter 38: Multicast Filtering Commandsip igmp snooping unsolicited-report-interval This command specifies how often the upstream interface shou
SSE-G2252/SSE-G2252P Switches User’s Manual5-10To start using the new firmware or configuration settings, reboot the system via the System > Reset
SSE-G2252/SSE-G2252P Switches User’s Manual38-12ip igmp snooping versionThis command configures the IGMP snooping version. Use the no form to restore
38-13Chapter 38: Multicast Filtering Commandsip igmp snooping version-exclusiveThis command discards any received IGMP messages (except for multicast
SSE-G2252/SSE-G2252P Switches User’s Manual38-14ip igmp snooping vlan general-query-suppressionThis command suppresses general queries except for port
38-15Chapter 38: Multicast Filtering Commandsip igmp snooping vlan immediate-leaveThis command immediately deletes a member port of a multicast servic
SSE-G2252/SSE-G2252P Switches User’s Manual38-16ip igmp snooping vlan last-memb-query-count This command configures the number of IGMP proxy group-spe
38-17Chapter 38: Multicast Filtering Commandsip igmp snooping vlan last-memb-query-intvl This command configures the last-member-query interval. Use t
SSE-G2252/SSE-G2252P Switches User’s Manual38-18ip igmp snooping vlan mrdThis command enables sending of multicast router solicitation messages. Use t
38-19Chapter 38: Multicast Filtering Commandsip igmp snooping vlan proxy-addressThis command configures a static source address for locally generated
SSE-G2252/SSE-G2252P Switches User’s Manual38-20ip igmp snooping vlan proxy-query-interval This command configures the interval between sending IGMP p
38-21Chapter 38: Multicast Filtering Commandsip igmp snooping vlan proxy-query-resp-intvl This command configures the maximum time the system waits fo
5-11Chapter 5: Basic Management TasksAutomatic Operation Code UpgradeUse the SYSTEM > FILE (AUTOMATIC OPERATION CODE UPGRADE) page to automatically
SSE-G2252/SSE-G2252P Switches User’s Manual38-22ip igmp snooping vlan staticThis command adds a port to a multicast group. Use the no form to remove t
38-23Chapter 38: Multicast Filtering Commandsshow ip igmp snoopingThis command shows the IGMP snooping, proxy, and query configuration settings.Comman
SSE-G2252/SSE-G2252P Switches User’s Manual38-24show ip igmp snooping group This command shows known multicast group, source, and host port mappings f
38-25Chapter 38: Multicast Filtering Commands38-2 Static Multicast RoutingThis section describes commands used to configure static multicast routing o
SSE-G2252/SSE-G2252P Switches User’s Manual38-26Example The following shows how to configure port 11 as a multicast router port within VLAN 1.SSE-G225
38-27Chapter 38: Multicast Filtering Commands38-3 IGMP Filtering and ThrottlingIn certain switch applications, the administrator may want to control t
SSE-G2252/SSE-G2252P Switches User’s Manual38-28ip igmp filter (Global Configuration)This command globally enables IGMP filtering and throttling on th
38-29Chapter 38: Multicast Filtering CommandsCommand Mode Global ConfigurationCommand Usage A profile defines the multicast groups that a subscriber i
SSE-G2252/SSE-G2252P Switches User’s Manual38-30rangeThis command specifies multicast group addresses for a profile. Use the no form to delete address
38-31Chapter 38: Multicast Filtering CommandsCommand Usage • The IGMP filtering profile must first be created with the ip igmp profile command before
Kommentare zu diesen Handbüchern