Tenda TEG3224P, User Manual

Page 1: ......

Page 2: ...u would like to know more about our product information please visit our website at http www tendacn com Disclaimer Pictures images and product specifications herein are for references only To improve...

Page 3: ...Use Notes 1 Use the provided accessories such as the cable mounting kit etc 2 Ensure the basic supply voltage standard must be met 3 Keep the power plug clean and dry in case of electric shock or oth...

Page 4: ...h 7 2 3 Connecting to Protective Grounding Line 8 2 3 1 With Grounding Bar 8 2 3 2 Without Grounding Bar 8 2 4 Connecting the power cord 9 2 5 Connecting to Interface Cable 9 2 5 1 Connecting to Conso...

Page 5: ...34 4 6 4 IGSP 137 4 6 5 SNMP 140 4 6 6 DHCP Relay 146 4 6 7 DHCP Snooping 153 4 7 QoS 156 4 7 1 QoS Configuration 156 4 7 2 Traffic Control 161 4 7 3 ACL 163 4 8 Security 169 4 8 1 Attack Defense 169...

Page 6: ...MAC VLAN 202 5 3 17 Protocol VLAN 202 5 3 18 Voice VLAN 202 5 3 19 MAC Configuration 203 5 3 20 QoS Configuration 204 5 3 21 STP Configuration 205 5 3 22 IGMP configuration 208 5 3 23 Time Range Mana...

Page 7: ...sification management VLAN ARP attack defense worm attack defense DoS attack defense MAC attack defense IP MAC PORT VLAN Bind MAC filter and other safety settings through visual WEB interface operatio...

Page 8: ...t Interface One Console port Operating Temperature 0 40 Storage Temperature 40 70 Operating Humidity 10 90 RH non condensing Storage Humidity 5 90 RH non condensing Safety UL 60950 1 CAN CSAC22 2 No 6...

Page 9: ...4 Edge port 5 P2P port 6 STP BPDU packets statistics ACL 1 MAC ACL Up to 100 entries can be configured 2 IPv4 ACL Up to 100 entries can be configured 3 Time range limit Safety 1 ARP attack defense wor...

Page 10: ...mproperly Solid System is functioning improperly Blinking System is functioning properly PoE MAX 1 Green Off Power available for additional PDs Solid Reaching max power budget 354 2W and no more power...

Page 11: ...ate Working Mode 10Mbps auto sensing Half Full duplex auto negotiation 100Mbps auto sensing Half Full duplex auto negotiation 1000Mbps auto sensing Full duplex auto negotiation Note SFP fiber ports ca...

Page 12: ...restart and all LEDs will be on When the rebooting finished SYS LED will be blinking indicating restoring to default factory settings 1 4 3 Fan This device has three fans for heat dissipation one for...

Page 13: ...Workbench If a standard 19 inch rack is not available place the switch on a clean flat workbench Attach the 4 footpads to corresponding position of the switch bottom to avoid potential sliding and vib...

Page 14: ...n Note Firefighting hoses and building lightning rods are not proper options for grounding bar The grounding cable on the switch should be connected to the grounding bar in the IT room 2 3 2 Without G...

Page 15: ...different standards Please determine whether to install the card slot to fix the power cord according to the actual situation 2 5 Connecting to Interface Cable 2 5 1 Connecting to Console Port Follow...

Page 16: ...plugged in at the same time the fiber port becomes active The SFP module accommodates a standard SFP module with an LC connector 2 5 4 Connecting to PDs Connect PDs PoE powered devices for example 80...

Page 17: ...can t be 192 168 0 1 WEB Browser Microsoft IE 8 0 or higher Ethernet Cable One CAT 5 RJ45 cable 3 1 2 Configuration Preparation 1 Launch the browser such as IE8 enter http 192 168 0 1 and then press...

Page 18: ...he console port on the switch Step 2 Run terminal program for example terminal in Windows 3 X Hyper Terminal in Windows 9X Windows 2000 Windows XP an example of Windows XP is described below on PC and...

Page 19: ...User Guide 13 Figure 3 1 New Connection Figure 3 2 Connect To...

Page 20: ...p 3 Power the switch press Enter input user name and password admin admin by default and then press Enter again Below screen will appear 3 3 Telnet Login Take Windows XP as an example click Start Run...

Page 21: ...e Web manager It includes below sections Menu Submenu Description System Configuration System Info This section displays the device s system parameters System Time This section allows you to configure...

Page 22: ...and allows users to config port mirroring settings Port Statistics Displays the number of packets transmitted and received on corresponding ports Link Aggregation Displays and allows users to config s...

Page 23: ...Management Time Range Allows users to configure absolute time periodic time time slices etc Device Management MAC Displays MAC table and allows users to manually add static MAC addresses and fast bind...

Page 24: ...P priority 0 63 is supported Scheduling Scheme SP and WRR are supported By default it is SP Port Priority Port priority 0 7 The default is 0 Rate Limit Allows users to configure ingress and egress rat...

Page 25: ...802 1X settings Smart Configuration Corporate and hotel network administrators can use this section to easily configure file server port and router port For details please refer to 4 9 Maintenance Al...

Page 26: ...onfig a static IP address which will be used to access the switch s web manager The default is 192 168 0 1 Subnet Mask Config the corresponding subnet mask of the IP address specified above The defaul...

Page 27: ...not be updated or synchronized with other devices and will be restored to factory defaults after system reboot 2 System Time Config Click System Configuration System Time to enter interface below Ste...

Page 28: ...lick Save Configurations 2 Do not operate the device while reset is in process Otherwise it may be damaged Reboot Click System Configuration Reboot to enter the below screen and click the Reboot butto...

Page 29: ...ation Authentication Authenticate the users and the servers based on the certificates to ensure the data are transmitted to the correct users and servers SSL server and clients obtain CA certificates...

Page 30: ...nts and the server Session ID certificate of the other side cryptography algorithm and primary security key are included in the session SSL change cipher spec protocol Clients and the server inform re...

Page 31: ...ownloaded key User Click Administration System Security User to enter interface below Fields on the screen are described below Field Description Login Timeout This field specifies how long the web man...

Page 32: ...them Telnet Enable disable Telnet management When enabled you can manage the switch via Telnet To change password do as follows 1 On the User Management screen click admin to enter below interface 2...

Page 33: ...ew password 6 Click OK 7 Exit from the management interface and use the new user name and password to re access the switch Note Apart from the default administrator up to 5 technicians and 10 users ca...

Page 34: ...low control enabled on both the switch and its link partner the switch when encountering congestion will send flow control frames to notify the link partner of such upon receiving such frames the link...

Page 35: ...screen and a screen for configuring the specific port will display To config a group of ports as a batch task click Config on the main screen and you will enter the intended screen Note 1 This device...

Page 36: ...s to a mirroring destination port You can attach a monitoring device to the mirroring destination port to view details about the packets passing through the copied port s This is useful for network mo...

Page 37: ...s Only outgoing packets are copied to the monitor port Egress Ingress Both inbound and outbound packets on the corresponding port are copied to the monitor port mirroring destination port Note 1 The m...

Page 38: ...aggregation groups multiple Ethernet ports together in parallel to act as a single logical link Aggregation enabled devices treat all physical links ports in an aggregation group entirely as a single...

Page 39: ...n group as a single link on the switch level On the port level the STP will use the port parameters of the Master Port in the calculation of port cost and in determining the state of the link aggregat...

Page 40: ...ve both service packets and LACP frames ports in blocked status can only send receive LACP frames Link Aggregation View Config Click Port Management Link Aggregation to enter the main link aggregation...

Page 41: ...ated Note Once ports in static aggregation group are linked successfully they will be aggregated and not be affected by port speed LACP Aggregation Config To enter the configuration screen as seen bel...

Page 42: ...default is 32768 LACP Status Displays Enable when corresponding port joins a LACP aggregation group and Disable when the port does not join any LACP aggregation group or joined a static aggregation gr...

Page 43: ...tion group with higher priority will be selected The primary device of LACP aggregation group is determined by priority management MAC address The primary port of LACP aggregation group is determined...

Page 44: ...3 Port configuration considerations in link aggregation To share egress ingress traffic load member ports in an aggregation group must be set to the same configurations with respect to STP port priori...

Page 45: ...etwork administration Members of a VLAN group can be geographically dispersed as they are logically related instead of physically on the same VLAN Thus network administrators do not need to re config...

Page 46: ...LAN ID actually ranges from 1 to 4094 802 1Q VLAN Port link type When creating the 802 1Q VLAN you should set the link type for the port according to its connected device The link types of port includ...

Page 47: ...to The PVID for an access port is the ID of the VLAN it belongs to the default PVID for a trunk hybrid port is 1 and this value is configurable 2 This switch does not support ingress filter feature O...

Page 48: ...User Guide 42 To switch to Port VLAN Select Port VLAN and click OK 802 1Q VLAN Config To enter the screen below click VLAN Management 802 1Q VLAN To add QVLAN Access port...

Page 49: ...to 4029 You can config multiple VLANs by entering x x in the VLAN ID field where x represents any number between 2 and 4029 For example 1 10 indicates 10 QVLANs while 1 10 indicates 2 QVLANs 2 Up to 1...

Page 50: ...and click 4 Click OK Add trunk port 1 Click Trunk Port to enter the trunk port interface 2 Click New 3 Enter 1 24 in Trunk Port field 4 Enter 1 or an existing VLAN ID in the PVID field 5 Click VLAN Al...

Page 51: ...delete a trunk port in the trunk port view To delete a single trunk port click the Delete button to delete a batch of trunk ports click and then the Batch Delete button Note 1 An existing Hybrid port...

Page 52: ...ing x x where x represents any number between 1 and 24 For example 1 24 denotes 24 ports while 1 24 indicates 2 ports 3 PVID Enter an existing VLAN ID 4 Tagged VLAN Enter a value between 1 and 4094 or...

Page 53: ...Same settings should not be concurrently configured in both Add Tagged VLAN field and Delete Untagged VLAN field 3 Settings configured in Delete Untagged VLAN field should not be concurrently the sam...

Page 54: ...y If you toggle 802 1Q VLAN to port VLAN related VLAN configurations will be cleared Create a port based VLAN 1 Toggle to the Port VLAN mode to enter the Port VLAN interface 2 Click Port VLAN to enter...

Page 55: ...ser terminal and VLAN will be bound accurately and flexibly Benefits of MAC VLAN A MAC address corresponds to a single VLAN ID For the device in a MAC VLAN if its MAC address is bound to VLAN the devi...

Page 56: ...AN to enter interface below Create MAC VLAN 1 Click New to enter interface below 2 Enter the MAC address you wish to configure 3 Enter the corresponding MAC address description 4 Select this MAC VLAN...

Page 57: ...e MAC addresses which identifies an upper layer protocol encapsulating the frame data Once Frame type on this device is set to Ethernet II Ether Type of this protocol VLAN will match 13 14th bytes of...

Page 58: ...t will be forwarded normally Otherwise the packet will be discarded Protocol Model Config Click VLAN Management Protocol VLAN Protocol Model to enter interface below Fields on the screen are described...

Page 59: ...tII LLC and SNAP 5 Click OK Note 1 It is not advisable to add special type into the protocol model such as 0X8100 and 0x88a8 2 EthernetII Protocol VLAN matches with 13 14th bytes to map VLAN LLC Proto...

Page 60: ...d Port 5 Click OK Delete protocol VLAN Click Delete to delete corresponding protocol VLAN 4 3 4 Voice VLAN Voice VLAN Overview Voice VLAN is a VLAN designed for voice data flow partition By creating v...

Page 61: ...Hybrid ports of other VLANs on the switch can transmit voice and data traffic when voice VLAN feature is enabled As IP phone varies different ports need different supporting conditions As for phones...

Page 62: ...port must already exist and can t be voice VLAN And the default VLAN is allowed to pass on the connected port Hybrid Supported but the default VLAN of the connected port must already exist and can t...

Page 63: ...As for the port joining in voice VLAN under manual mode you need to delete it manually 3 Click OK to save your configurations Note Only in 802 1Q VLAN mode can you enable voice VLAN Port Setup To disp...

Page 64: ...ure voice VLAN port setttings click Config on the port setup page OUI Setup Click VLAN Management Voice VLAN OUI Setup to enter interface below To configure OUI settings 1 To add a new OUI address cli...

Page 65: ...060 B900 0000 FFFF FF00 0000 Philips NEC 5 00D0 1E00 0000 FFFF FF00 0000 Pingtel 6 00E0 7500 0000 FFFF FF00 0000 Polycom 7 00E0 BB00 000 0 FFFF FF00 0000 3com 2 To delete an OUI address click Delete o...

Page 66: ...and can t be used by other ports When it is dynamic according to actual used power allocation in full load power will be allocated by port priority priority port number If the priority is the same the...

Page 67: ...d is available for configuration if Static Power Distribution is selected from the power management mode pull down list In dynamic mode it displays IEEE 802 3af Enter a valid power value between 0 15...

Page 68: ...e ACLs effective configure a periodic time section to make ACLs effective on the fixed days of the week 4 5 1 Time Range Click Time Range Management Time Range to enter interface below Fields on the s...

Page 69: ...orresponding time range ID Absolute Time Configures this time range s absolute time from 2000 January 1st to 2035 December 31th Periodic Time Configures this time range s periodic time from Mon to Sun...

Page 70: ...MAC address the device forwards the frame to all ports except the receiving port i e broadcast packets multicast packets and unknown unicast packets will be forwarded MAC Forwarding Table Aging Schem...

Page 71: ...nd all MAC address entries on it will be displayed Bind Click this button to bind corresponding MAC address to a specific port And the same button changes to Bound after being clicked To view MAC addr...

Page 72: ...click Batch Delete To delete all MAC address entries click Delete All Note The Delete All and Batch Delete options do not take effect on bound MAC address entries Static MAC Address Click Device Manag...

Page 73: ...id broadcast storm However spare redundant links are indispensable to ensure reliability Spanning tree allows a network design to include spare redundant links to provide automatic backup paths if an...

Page 74: ...tance As well as STP MSTP uses BPDUs to generate spanning tree The only difference is that the BPDU for MSTP carries the MSTP configuration information on the switches MSTP allows formation of MST reg...

Page 75: ...etup to enter interface below Fields on the screen are described below Field Description STP Status Enable Disable STP globally By default the STP feature is disabled STP Version Select the desired ve...

Page 76: ...switch from a Listening state to a Learning state or from a Learning state to a Forwarding state Valid values range from 4 to 30 seconds The default is 15s Max Hop count Config max hop count In MSTP m...

Page 77: ...nt STP MSTP Instance to enter interface below Fields on the screen are described below Field Description Instance ID Instance ID 0 15 0 the inter domain spanning tree Status Enable Disable the corresp...

Page 78: ...130 Port Setup To configure STP port settings click Device Management STP Port Setup To config STP settings on a single port click the corresponding port as seen below Fields on the screen are descri...

Page 79: ...e edge ports P2P Port A P2P port is also capable of rapid transition Under RSTP MSTP all ports operating in full duplex mode are considered to be P2P ports By default port establishes a link automatic...

Page 80: ...and the same instance mapping Set VLAN 10 30 100 to map instance 1 and set Device 1 as the root bridge of instance 1 Set VLAN 20 40 200 to map instance 2 and set Device 2 as the root bridge of instan...

Page 81: ...iguration Save configurations Steps 1 Add vlan10 20 30 40 100 200 2 Set ports on Device 1 and Device 2 to Hybrid and Tagged 3 Set Device 1 and Device 2 s domain name to TEG3224P set modification level...

Page 82: ...as device identification capabilities and configuration settings is represented in TLV Type Length Value format according to the IEEE 802 1ab standard and these TLVs are encapsulated in LLDPDU Link La...

Page 83: ...ntrol this device info s age time on the neighboring device 2 10s Sending Delay When local configurations change each LLDP packet will be sent after one sending delay time 1 8192s and sending time int...

Page 84: ...tch of ports concurrently click Config as seen below Fields on the screen are described below Field Description Port Properties Select LLDP working status Disable Send Only Receive Only Transmit or ma...

Page 85: ...hich sends LLDP packets on the neighboring device Chassis ID Display the MAC address of the neighboring device Address Management Display the management IP address of the neighboring device Port Stati...

Page 86: ...tive multicast group members exist on the subnet After receiving an IGMP general query the switch forwards it through all ports in the VLAN except the port that receives the query and performs corresp...

Page 87: ...specific query the switch forwards it through all its router ports in the VLAN and all member ports for that multicast group The switch also performs the following actions on the port that received t...

Page 88: ...n this VLAN Multicast VLAN ID This option becomes visible when multicast VLAN is enabled This VLAN ID must already exist in 802 1Q VLAN and only ports in this VLAN can forward multicast packets Valid...

Page 89: ...ice supports SNMPv3 and is compatible with SNMPv1 and SNMPv2c SNMPv3 adopts user name and password authentication mode The switch supports SNMPv1 and SNMPv2c both of which use community names for auth...

Page 90: ...st create a view before you can create a community 8 Community Name Click Standard and select public or private click Custom and enter a community name of up to 31 characters 9 Access Right Select Rea...

Page 91: ...m the password at least 8 characters If noauth nopriv is selected this field will be greyed out 5 Select an Encryption Mode from the drop down list and enter a password and confirm password at least 8...

Page 92: ...nopriv 3 Specify Read only View Read Write View Notification View respectively from the corresponding drop down list To edit groups click the corresponding Group Name to enter the interface for modifi...

Page 93: ...ap Send Warmstart Trap to designated host when the SNMP is disabled on the switch Linkdown Trap Send Linkdown Trap to designated host when an up link becomes down Linkup Trap Send Linkup Trap to desig...

Page 94: ...ap Version Select v1 v2c or V3 By default the switch interacts with NMS using the SNMP v1 6 Click OK With above settings applied successfully NMS on the host can receive Traps sent by the SNMP agent o...

Page 95: ...rwards configuration info to clients via DHCP relay and thus clients are dynamically configured Option 82 Option 82 records the location of the DHCP Client Administrator can be acquainted with the loc...

Page 96: ...re described below Field Description DHCP Relay Enable Disable DHCP relay feature DHCP relay will only take effect when DHCP relay is enabled globally By default it is disabled Option82 Status Enable...

Page 97: ...the VLAN ID ranging from 2 to 4094 and the VLAN ID must be existing 802 1Q VLAN ID 2 Enable the IPV4 setup status 3 Enter the valid IPV4 address say 1 1 1 1 4 Enter the valid subnet mask say 255 0 0 0...

Page 98: ...ify the VLAN virtual interface click the corresponding VLAN ID as below Remote DHCP Server Click Device Management DHCP Relay Remote DHCP Server to enter interface below 1 To create a remote DHCP serv...

Page 99: ...rver must be in the same network segment with one of the virtual interfaces 2 Virtual interfaces on which DHCP relay has been enabled can t select remote servers which are in the same network segment...

Page 100: ...and click OK DHCP relay on VLAN virtual interface 2 is enabled When all DHCH relay settings are finished clients connected to all servers in VLAN 2 can obtain IP from the DHCP IP pool in VLAN 3 For mo...

Page 101: ...only obtain IP addresses legal servers assign to them If illegal DHCP servers exist in computer networking DHCP clients might obtain incorrect IP addresses and parameters thus leading to abnormal com...

Page 102: ...rce MAC Address Check up Config whether source MAC address check up feature is enabled or not Port Setup To configure DHCP snooping port settings click Device Management DHCP Snooping Port Setup as be...

Page 103: ...ious Option 82 information will be replaced by the default contents on this device and forwarded When DHCP relay receives DHCP packets without Option 82 the default contents on this device will be add...

Page 104: ...owsing or emailing do not rely on QoS as they function however much or little bandwidth is available However for critical inelastic services or applications that require a certain minimum level of ban...

Page 105: ...values ranging from 0 to 15 The RFC 2474 redefined the IPv4 ToS field as the DS field The DSCP priority is denoted by the first 6 bits bits 0 5 with available values ranging from 0 to 63 while the las...

Page 106: ...ith care The moment a higher priority packet arrived in its queue however servicing of the lower priority packets would be interrupted in favor of the higher priority queue or packets will be dropped...

Page 107: ...scheme first and then configure the queue weight values accordingly 802 1P To configure CoS priority settings click QoS QoS Configuration 802 1P as below Then select the queue values for CoS priority...

Page 108: ...en according to the CoS queue mapping table it assigns packets with DSCP priority to queues which CoS priority corresponds to Port Priority To configure port priority settings click QoS QoS Configurat...

Page 109: ...ch port via configuring the available bandwidth of each port In this way the network bandwidth can be reasonably distributed and utilized Rate limit adopts token bucket for flow control If rate limit...

Page 110: ...h to filter broadcast multicast and unknown unicast frames in the network If the transmission rate of the three kind packets exceeds the set bandwidth the packets will be automatically discarded to av...

Page 111: ...urces An access control list ACL implements packet filter via configured rules and operations attached to a packet When the switch receives a packet it analyzes the packet using currently applied ACL...

Page 112: ...ays all existing MAC based ACLs and rules thereof To delete an existing MAC based ACL Select the ACL you wish to delete from the ACL drop down list and click on the Delete ACL button To create MAC bas...

Page 113: ...Destination MAC Specify source MAC and destination MAC of packets for a rule to match Note If Any is selected the rule will match and apply to all packets with whatever source MAC destination MAC Mes...

Page 114: ...reof To delete an existing IP based ACL Select the ACL you wish to delete from the ACL drop down list and click on the Delete ACL button To batch delete rules in an ACL Select the ACL and rules thereo...

Page 115: ...kets for a rule to match Note If Any is selected the rule will match and apply to all packets with whatever source IP destination IP Source Port Specify source port number to match TCP UDP messages No...

Page 116: ...orresponding rule you wish to modify configure required modifications and click OK Port ACL Binding Click QoS ACL Port ACL Binding to enter interface below To display port binding rules select a port...

Page 117: ...rate limit is just designed as a solution to these problems ARP rate limit enabled ports will enter a protection status and discard all ARP messages received if they exceed the set threshold When prot...

Page 118: ...ARP rate limit feature is not enabled Normal System does not detect ARP attacks and then forwards these ARP messages normally Drop ARP System detects ARP attacks and drops these malicious ARP message...

Page 119: ...Attack Defense feature is enabled the switch directly discards messages that match features of predefined virus so that PC and other network devices will not be infected Click Security Attack Defense...

Page 120: ...this virus attack is automatically enabled What you just added will appear on the page To undo defense against this virus attack simply uncheck it or directly click Delete To delete a batch of items s...

Page 121: ...and allows you to config the DoS Attack Defense settings By default all DoS Attacks are disabled For detailed description of each DoS attack click the Help button on the web page MAC Attack Defense MA...

Page 122: ...nknown MAC address By default the number of MAC addresses that a port can learn is not limited To set a MAC address learning limit on a single port Click the corresponding port to enter the configurat...

Page 123: ...t will continue to learn MAC addresses until the maximum MAC number is reached 4 8 2 IP Filter After you have configured and activated the IP MAC Port VLAN Binding settings the device will perform str...

Page 124: ...P MAC Port VLAN Binding entry manually 2 Enter an IP address for example 192 168 10 1 3 Enter a MAC address for example aaaa bbbb cccc 4 Enter a port number for example 24 This item is optional 5 Ente...

Page 125: ...tch the active IP MAC Port VLAN Binding entries can pass such port s otherwise are dropped directly No Selecting NO sets corresponding port s as trusted port s namely IP packets will not be examined w...

Page 126: ...p interface to check whether the IP filter is disabled if not such port will not be able to receive any IP packets Thus before you delete an IP MAC Port VLAN Binding entry ensure that the IP filter ha...

Page 127: ...1 The MAC address in the Static Address Table can not be added to the Filtering Address Table 2 This MAC address filtering function is not available if the 802 1X feature is enabled 4 8 4 802 1X 802 1...

Page 128: ...ecks users connection status If a user is detected not responding to re authentication messages for a certain time length it will then be disconnected If it wishes to reconnect to the device it must i...

Page 129: ...hat is on the same net segment as the switch s management IP address Authorized Shared Key Enter the authorized shared key as it is on the Radius authentication authorization server Recertification En...

Page 130: ...ure will be enabled Then users connected to this port need authenticating first to communicate with other devices Note If PORT is select from Access Control Method drop down list the default maximum a...

Page 131: ...r TX EAP EAP packets sent from ports to 802 1x clients RADIUS RADIUS packets sent from ports to 802 1x server RX EAP EAP packets received from 802 1x clients to ports RADIUS RADIUS packets sent from p...

Page 132: ...be automatically set to 5 respectively Game Update Server Port If a group of ports are set to connect game update servers flow control will be automatically enabled on them and port priority will be...

Page 133: ...e assets thereof including hard drive image and update package By default no service type is enabled Server Port Specify port s to be connected to server If the port is used for diskless service syste...

Page 134: ...port say Higher High Standard or Low which represents 7 5 3 1 respectively For example If you select High priority of the file serve port will be set to 5 Router Port Specify a port to connect to a ro...

Page 135: ...ification of Syslog Log log info Trap warning info Debug debugging info 2 Eight Levels of Syslog The Logs of switch are classified into the following eight levels The smaller value has the higher prio...

Page 136: ...default it is enabled Enable Server Check to enable log server Log Severity Level Only logs of severity level equal to or lower than the specified one can be sent to the log host Server IP Config log...

Page 137: ...operates by sending Internet Control Message Protocol ICMP echo request packets to the target host and waiting for an ICMP response In the process it measures the time from transmission to reception...

Page 138: ...time interval 100 1000ms The default is 100ms Ping Result Display the ping result Tracert Check up Tracert Overview Tracert is a computer network diagnostic tool for displaying the route path and meas...

Page 139: ...ed 6 When Device A receives this unreachable ICMP error it knows packets have reached Device D and the route packets have passed from Device A to Device D is obtained 1 1 1 2 1 1 2 2 1 1 3 2 To implem...

Page 140: ...may be lost When the page refreshes the action of saving configurations is completed 2 Backup Settings Once you have configured the device the way you want you can save all settings to your local har...

Page 141: ...To go back to previous directory press the key is invalid in Tenda To activate a command press Enter after you finish entering it Three access rights are available for the command line interface admi...

Page 142: ...work TENDA config show ip Note View the IP address obtained automatically 5 3 5 User configuration TENDA config local user 123456 admin admin Note Change default password to 123456 TENDA config local...

Page 143: ...ondary SNTP Server IP address to 192 168 111 78 TENDA config sntp broadcastdelay 100 Note Set Sync Interval to 100s TENDA config clock timezone GMT 0800 Note Set Time Zone to GMT 0800 Beijing 5 3 7 Re...

Page 144: ...100 Note Set port speed to 100 TENDA config if speed auto Note Set port speed to auto auto negotiation TENDA config if duplex full Note Set duplex to full duplex TENDA config if cos 7 Note Set port pr...

Page 145: ...ENDA show interfaces counter Note View statistics on all ports 5 3 13 Config Port Rate Limit TENDA config interface range gigabitethernet 0 1 TENDA config if rate limit input 100 Note Set ingress rate...

Page 146: ...ad balance dst mac Note Config destination MAC algorithm TENDA config port channel load balance src dst mac Note Config source and destination MAC algorithm TENDA config port channel load balance src...

Page 147: ...port 2 port 5 and port 6 TENDA config if switchport access vlan 1 Note Delete port 2 port 5 and port 6 from QVLAN2 A port must belong to a single VLAN and belong to VLAN1 by default Delete QVLAN TENDA...

Page 148: ...ort mode access Note Change port 24 to access port trunk port 24 becomes nonexistent TENDA config interface range gigabitethernet 0 1 10 TENDA config if switchport mode access Note Change ports 1 10 t...

Page 149: ...e gigabitethernet 0 1 24 TENDA config if switchport mode access Note Delete all hybrid ports VLAN mode toggle TENDA config private vlan on Note Switch VLAN mode from QVLAN to Port VLAN TENDA config pr...

Page 150: ...0 0001 TENDA show mac vlan Note View MAC VLAN configurations 5 3 17 Protocol VLAN TENDA configure terminal TENDA config protocol vlan marble eth type 0x800 frame type snap Note Create a protocol VLAN...

Page 151: ...e vlan mode manual Note Set voice VLAN mode of port 6 to manual TENDA config if switchport voice vlan Note Enable voice VLAN on port 6 TENDA config if no switchport voice vlan Note Disable voice VLAN...

Page 152: ...nterface gigabitethernet 0 1 vlan 1 Note Delete a single static MAC address Display MAC address TENDA show mac address table Note Display all MAC addresses TENDA show mac address table address 0000 00...

Page 153: ...P TENDA config spanning tree Note Enable STP TENDA config no spanning tree Note Disable STP Config STP system settings TENDA config spanning tree mode stp Note Set STP version to stp TENDA config span...

Page 154: ...ree hello time Note Delete current Hello Time setting and restore it to the default 2 TENDA config no spanning tree forward time Note Delete current forward delay setting and restore it to the default...

Page 155: ...rt s TENDA config if no spanning tree autoedge Note Set corresponding port s to non edge port s TENDA config if spanning tree link type point to point auto Note spanning tree link type point to point...

Page 156: ...anning tree detail Note Display all STP info TENDA show spanning tree enable instance Note Display all enable instances and linkup port info TENDA show spanning tree region configuration Note Display...

Page 157: ...g interface range gigabitethernet 0 1 4 Note Enter port configuration directory TENDA config if fast leave on Note Enable IGMP port fast leave TENDA config if fast leave off Note Disable IGMP port fas...

Page 158: ...y high low medium Note Configure current port priority setting and it only takes effect in static mode TENDA config if power timerange 1 100 Note Configure current specified time range ID and not spec...

Page 159: ...ter ACL 1 TENDA config ip nacl rule 1 deny tcp src ip any eq any dst ip any eq any Note Add rule 1 and deny all TCP packets to pass TENDA config ip nacl rule 2 rate limit 64 ip src ip 192 168 10 1 src...

Page 160: ...g mac nacl no bind to interface range gigabitethernet 0 1 Note Delete binding between ACL 125 and port 1 TENDA config ip access list extended 1 TENDA config ip nacl no bind to interface range gigabite...

Page 161: ...ble BLAT TCP Attack Defense TENDA config ip deny blat udp Note Enable BLAT UDP Attack Defense TENDA config no ip deny blat udp Note Disable BLAT UDP Attack Defense 5 3 27 Worm Attack Defense Configura...

Page 162: ...10 TENDA config interface rang gigabitethernet 0 11 20 TENDA config if no ip arp inspection trust Note Disable ARP Attack Defense on ports11 20 5 3 29 Config MAC Attack Defense TENDA config interface...

Page 163: ...d IP MAC Port VLAN binding entry bind the IP address of 192 168 0 5 and MAC address of 0000 0000 0002 to port 5 in VLAN4094 Port binding and unbinding TENDA config interface range gigabitethernet 0 1...

Page 164: ...g service dhcp Note Enable DHCP feature globally TENDA config no service dhcp Note Disable DHCP feature globally TENDA config service information option82 Note Enable Option82 TENDA config service inf...

Page 165: ...config ip helper address 4 192 168 10 1 Note Set remote server ID4 IP 192 168 10 1 TENDA config no ip helper address 4 Note Delete remote server ID4 DHCP relay configuration TENDA config interface vla...

Page 166: ...y keep Note Set option strategy to keep TENDA config if ip dhcp snooping information policy replace Note Set option strategy to replace TENDA config if ip dhcp snooping information option Note Enable...

Page 167: ...ize to 1500 TENDA config snmp server version 1 2c Note Specify SNMP version as V1 and V2c TENDA config snmp server version 1 Note Set SNMP version to V1 TENDA config snmp server version V2c Note Set S...

Page 168: ...2 Note Set destination host IP to 192 168 0 1 Trap version to V2c UDP port number to 162 and community name to public TENDA config snmp server host 172 16 100 20 traps version 1 555 udp port 200 Note...

Page 169: ...on the same net segment as device TENDA config radius server key WinRadius Note Specify a key for the 802 1X server TENDA config dot1x re authentication Note Enable 802 1X re authentication TENDA con...

Page 170: ...DA show dot1x all Note Display 802 1X global settings and port status TENDA show dot1x statistics Note Display all ports status TENDA show dot1x interface gigabitethernet 0 1 Note Display a single por...

Page 171: ...fig if no port isolated Note Disable port isolation Display settings on port TENDA show interface gigabitethernet 0 3 Note Display basic settings on port 3 TENDA show interface status Note Display bas...

Page 172: ...tus line and a message of its own Auto negotiation Auto negotiation is an Ethernet procedure by which two connected devices choose common transmission parameters such as speed duplex mode and flow con...

Page 173: ...well as routers can have network ACLs Access control lists can generally be configured to control both inbound and outbound traffic and in this context they are similar to firewalls DHCP The Dynamic H...

Page 174: ...es Yet IPv4 is still the dominant protocol of the internet Its successor of IPv6 is increasing in use though slow MAC Table An Ethernet device uses a MAC address table for forwarding frames When forwa...

Page 175: ...loops or the need for manual enabling disabling of these backup links In 1998 the IEEE 802 1w introduced Rapid Spanning Tree Protocol RSTP RSTP provides significantly faster spanning tree convergence...

Page 176: ...Datagram Protocol UDP is one of the core members of the Internet protocol suite the set of network protocols used for the Internet With UDP computer applications can send messages in this case referr...

Page 177: ...accordance with the instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case t...