User ManualTable of ContentsContents3Overview111.1 Hardware Overview111.1.1 Physical Specifications121.1.1.1 Power Cord Specifications121.1.1.2 Power Protection121.1.1.3 Cabling Requirements121.1.2 System Status LED Codes121.1.2.1 Start Up131.1.2.2 Primary131.1.2.3 Standby131.1.2.4 Error Codes131.1.3 10/100/1000 Port Status LED Codes131.2 Software Overview141.2.1 Infrastructure Features141.2.1.1 Installation Feature151.2.1.2 Licensing Support151.2.1.3 Configuration Management151.2.1.4 Diagnostics151.2.1.5 Serviceability161.2.1.6 Tracing / Logging161.2.1.7 Process Monitor161.2.1.8 Hardware Abstraction Layer and Drivers161.2.1.9 Redundancy161.2.1.10 Secure Network Time Protocol (SNTP)171.2.1.11 Password Recovery171.2.2 Wireless Switching171.2.2.1 Physical Layer Features181.2.2.2 Rate Limiting181.2.2.3 Proxy-ARP191.2.2.4 HotSpot / IP Redirect191.2.2.5 IDM (Identity Driven Management)201.2.2.6 Voice Prioritization201.2.2.7 Self Healing201.2.2.8 Wireless Capacity211.2.2.9 AP and MU Load Balancing211.2.2.10 Wireless Roaming221.2.2.11 Power Save Polling241.2.2.12 QoS241.2.2.13 Wireless Layer 2 Switching251.2.2.14 Automatic Channel Selection251.2.2.15 WMM-Unscheduled APSD251.2.3 Wired Switching261.2.3.1 DHCP Servers261.2.3.2 DDNS261.2.3.3 GRE Tunneling261.2.3.4 VLAN Enhancements271.2.3.5 Interface Management271.2.3.6 Multiple WLAN Support271.2.4 Management Features271.2.5 Security Features281.2.5.1 Encryption and Authentication281.2.5.2 MU Authentication291.2.5.3 Secure Beacon301.2.5.4 MU to MU Allow301.2.5.5 MU to MU Disallow301.2.5.6 Switch-to-Wired301.2.5.7 802.1x Authentication301.2.5.8 IEEE 802.1AB LLDP311.2.5.9 WIPS311.2.5.10 Rogue AP Detection321.2.5.11 ACLs331.2.5.12 Local Radius Server331.2.5.13 IPSec VPN331.2.5.14 NAT341.2.5.15 Certificate Management341.2.6 Access Port Support34Switch Web UI Access and Image Upgrades352.1 Accessing the Switch Web UI352.1.1 Web UI Requirements352.1.2 Connecting to the Switch Web UI362.2 Switch Password Recovery372.3 Upgrading the Switch Image382.3.1 Upgrading the Switch Image from 1.4.x or 2.x to Version 3.x382.4 Auto Installation392.5 Downgrading the Switch Image412.6 AP-4131 Access Point to Access Port Conversion41Switch Information453.1 Viewing the Switch Interface453.1.1 Viewing the Switch Configuration463.1.1.1 Viewing Dashboard Details483.1.2 Viewing Switch Statistics503.2 Viewing Switch Port Information523.2.1 Viewing the Port Configuration523.2.1.1 Editing the Port Configuration533.2.2 Viewing the Ports Runtime Status543.2.3 Viewing the Ports Statistics553.2.3.1 Detailed Port Statistics573.2.3.2 Viewing the Port Statistics Graph583.3 Viewing Switch Configurations603.3.1 Viewing the Detailed Contents of a Config File613.3.2 Editing a Config File623.3.3 Transferring a Config File633.4 Viewing Switch Firmware Information643.4.1 Editing the Switch Firmware653.4.2 Enabling Global Settings for the Failover Image663.4.3 Updating the Switch Firmware673.5 Configuring Automatic Updates683.6 Viewing the Switch Alarm Log703.6.1 Viewing Alarm Log Details713.7 Viewing Switch Licenses723.8 How to use the Filter Option73Network Setup754.1 Displaying the Network Interface754.2 Viewing Network IP Information774.2.1 Configuring DNS774.2.1.1 Adding an IP Address for a DNS Server784.2.1.2 Configuring Global Settings784.2.2 Configuring IP Forwarding794.2.2.1 Adding a New Static Route814.2.3 Viewing Address Resolution824.3 Viewing and Configuring Layer 2 Virtual LANs834.3.1 Editing the Details of an Existing VLAN854.4 Configuring Switch Virtual Interfaces864.4.1 Configuring the Virtual Interface864.4.1.1 Adding a Virtual Interface884.4.1.2 Modifying a Virtual Interface884.4.2 Viewing Virtual Interface Statistics894.4.2.1 Viewing Virtual Interface Statistics914.4.2.2 Viewing the Virtual Interface Statistics Graph934.5 Viewing and Configuring Switch WLANs944.5.1 Configuring WLANs944.5.1.1 Editing the WLAN Configuration964.5.1.2 Configuring Authentication Types1004.5.1.3 Configuring Different Encryption Types1134.5.2 Viewing WLAN Statistics1194.5.2.1 Viewing WLAN Statistics in Detail1214.5.2.2 Viewing WLAN Statistics in a Graphical Format1234.5.2.3 Viewing WLAN Switch Statistics1254.5.3 Viewing VLAN/Tunnel Assignments1264.5.4 Configuring WMM1274.5.4.1 Editing WMM Settings1304.6 Viewing Associated MU Details1314.6.1 Viewing MU Status1314.6.1.1 Viewing MU Details1334.6.2 Viewing MU Statistics1344.6.2.1 Viewing MU Statistics in Detail1364.6.2.2 View a MU Statistics Graph1384.7 Viewing Access Port Information1384.7.1 Configuring Access Port Radios1394.7.1.1 Configuring an AP’s Global Settings1414.7.1.2 Editing AP Settings1424.7.1.3 Adding APs1474.7.2 Viewing AP Statistics1484.7.2.1 Viewing AP Statistics in Detail1504.7.2.2 Viewing AP Statistics in Graphical Format1514.7.3 Configuring WLAN Assignment1524.7.3.1 Editing a WLAN Assignment1534.7.4 Configuring WMM1544.7.4.1 Editing WMM Settings1554.8 Viewing Access Port Adoption Defaults1564.8.1 Configuring AP Adoption Defaults1564.8.1.1 Editing Default Radio Adoption Settings1584.8.2 Configuring Layer 3 Access Port Adoption1624.8.3 Configuring WLAN Assignment1624.8.4 Configuring WMM1644.8.4.1 Editing Access Port Adoption WMM Settings1654.9 Viewing Access Port Status1664.9.1 Viewing Adopted Access Ports1664.9.2 Viewing Unadopted Access Ports167Switch Services1715.1 Displaying the Services Interface1725.2 DHCP Server Settings1735.2.1 Configuring the Switch DHCP Server1735.2.1.1 Editing the Properties of an Existing DHCP Pool1755.2.1.2 Adding a New DHCP Pool1765.2.1.3 Configuring DHCP Global Options1785.2.1.4 Configuring DHCP Server DDNS Values1795.2.2 Viewing the Attributes of Existing Host Pools1815.2.3 Configuring Excluded IP Address Information1825.2.4 Configuring DHCP Server Relay Information1835.2.5 Viewing DHCP Server Status1855.3 Configuring Secure NTP1865.3.1 Defining the SNTP Configuration1865.3.2 Adding a New SNTP Symmetric Key1885.3.3 Defining a SNTP Neighbor Configuration1895.3.4 Adding an NTP Neighbor1915.3.5 Viewing SNTP Associations1925.3.6 Viewing SNTP Status1945.4 Configuring Switch Redundancy1955.4.1 Reviewing Redundancy Status1985.4.2 Configuring Redundancy Group Membership2005.4.2.1 Displaying Redundancy Member Details2025.4.2.2 Adding a Redundancy Group Member2045.4.3 Redundancy Group License Aggregation Rules2045.5 Layer 3 Mobility2055.5.1 Configuring Layer 3 Mobility2055.5.2 Defining the Layer 3 Peer List2085.5.3 Reviewing Layer 3 Peer List Statistics2095.5.4 Reviewing Layer 3 MU Status2105.6 Configuring GRE Tunnels2115.6.1 Editing the Properties of a GRE Tunnel2145.6.2 Adding a New GRE Tunnel2155.7 Configuring Self Healing2165.7.1 Configuring Self Healing Neighbor Details2175.7.1.1 Editing the Properties of a Neighbor2185.8 Configuring Switch Discovery2205.8.1 Configuring Discovery Profiles2205.8.1.1 Adding a New Discovery Profile2225.8.2 Viewing Discovered Switches223Switch Security2256.1 Displaying the Main Security Interface2256.2 AP Intrusion Detection2276.2.1 Enabling and Configuring AP Detection2276.2.1.1 Adding or Editing an Allowed AP2296.2.2 Approved APs (Reported by APs)2306.2.3 Unapproved APs (Reported by APs)2316.2.4 Unapproved APs (Reported by MUs)2326.3 MU Intrusion Detection2336.3.1 Configuring MU Intrusion Detection2336.3.2 Viewing Filtered MUs2356.4 Configuring Wireless Filters2366.4.1 Editing an Existing Wireless Filter2386.4.2 Adding a new Wireless Filter2396.4.3 Associating an ACL with WLAN2406.5 Configuring ACLs2406.5.1 ACL Overview2416.5.1.1 Router ACLs2416.5.1.2 Port ACLs2426.5.1.3 Wireless LAN ACLs2436.5.1.4 ACL Actions2436.5.1.5 Precedence Order2436.5.2 Configuring an ACL2446.5.2.1 Adding a New ACL2446.5.2.2 Adding a New ACL Rule2456.5.2.3 Editing an Existing Rule2476.5.3 Attaching an ACL2486.5.3.1 Adding a New ACL Configuration2486.5.4 Attaching an ACL on a WLAN Interface/Port2496.5.4.1 Adding a New ACL WLAN Configuration2506.5.5 Reviewing ACL Statistics2516.6 Configuring NAT Information2526.6.1 Defining Dynamic NAT Translations2526.6.1.1 Adding a New Dynamic NAT Configuration2546.6.2 Defining Static NAT Translations2556.6.2.1 Adding a New Static NAT Configuration2566.6.3 Configuring NAT Interfaces2586.6.4 Viewing NAT Status2596.7 Configuring IKE Settings2606.7.1 Defining the IKE Configuration2616.7.2 Setting IKE Policies2626.7.3 Viewing SA Statistics2666.8 Configuring IPSec VPN2676.8.1 Defining the IPSec Configuration2696.8.1.1 Editing an Existing Transform Set2706.8.1.2 Adding a New Transform Set2716.8.2 Defining the IPSec VPN Remote Configuration2736.8.3 Configuring IPSEC VPN Authentication2746.8.4 Configuring Crypto Maps2766.8.4.1 Crypto Map Entries2776.8.4.2 Crypto Map Peers2796.8.4.3 Crypto Map Manual SAs2816.8.4.4 Crypto Map Transform Sets2826.8.4.5 Crypto Map Interfaces2846.8.5 Viewing IPSec Security Associations2856.9 Configuring the Radius Server2866.9.1 Radius Overview2866.9.1.1 User Database2876.9.1.2 Authentication of Terminal/Management User(s)2886.9.1.3 Access Policy2886.9.1.4 Proxy to External Radius Server2886.9.1.5 LDAP2886.9.1.6 Accounting2886.9.2 Using the Switch’s Radius Server Versus an External Radius2886.9.3 Defining the Radius Configuration2896.9.3.1 Radius Client Configuration2906.9.3.2 Radius Proxy Server Configuration2906.9.4 Configuring Radius Authentication and Accounting2916.9.5 Configuring Radius Users2936.9.6 Configuring Radius User Groups2956.9.7 Viewing Radius Accounting Logs2976.10 Creating Server Certificates2986.10.1 Using Trustpoints to Configure Certificates2996.10.1.1 Creating a Server / CA Root Certificate3006.10.2 Configuring Trustpoint Associated Keys3056.10.2.1 Adding a New Key3066.10.2.2 Transferring Keys307Switch Management3097.1 Displaying the Management Access Interface3097.2 Configuring Access Control3107.3 Configuring SNMP Access3127.3.1 Configuring SNMP v1/v2 Access3137.3.1.1 Editing an Existing SNMP v1/v2 Community Name3147.3.2 Configuring SNMP v3 Access3147.3.2.1 Editing a SNMP v3 Authentication and Privacy Password3167.3.3 Accessing SNMP v2/v3 Statistics3177.4 Configuring SNMP Traps3197.4.1 Enabling Trap Configuration3197.4.2 Configuring Trap Thresholds3217.4.2.1 Wireless Trap Threshold Values3237.5 Configuring SNMP Trap Receivers3247.5.1 Editing SNMP Trap Receivers3257.5.2 Adding SNMP Trap Receivers3257.6 Configuring Management Users3267.6.1 Configuring Local Users3267.6.1.1 Creating a New Local User3277.6.1.2 Modifying an Existing Local User3287.6.1.3 Creating a Guest Admin and Guest User3307.6.2 Configuring Switch Authentication3317.6.2.1 Modifying the Properties of an Existing Radius Server3337.6.2.2 Adding a New Radius Server334Diagnostics3378.1 Displaying the Main Diagnostic Interface3378.1.1 Switch Environment3388.1.2 CPU Performance3398.1.3 Switch Memory Allocation3408.1.4 Switch Disk Allocation3408.1.5 Switch Memory Processes3418.1.6 Other Switch Resources3428.2 Configuring System Logging3438.2.1 Log Options3438.2.2 File Management3458.2.2.1 Viewing the Entire Contents of Individual Log Files3468.2.2.2 Transferring Log Files3478.3 Reviewing Core Snapshots3488.3.1 Transferring Core Snapshots3498.4 Reviewing Panic Snapshots3508.4.1 Viewing Panic Details3528.4.2 Transferring Panic Files3528.5 Debugging the Applet3538.6 Configuring a Ping3548.6.1 Modifying the Configuration of an Existing Ping Test3568.6.2 Adding a New Ping Test3568.6.3 Viewing Ping Statistics358Size: 7.78 MBPages: 364Language: EnglishOpen manual