ALLIED AT-8088-SC Management Software User Guide
- June 13, 2024
- Allied
Table of Contents
ALLIED AT-8088-SC Management Software
Product Information
| Product Name | AT-S39 Management Software |
|---|---|
| Supported Switch Models | AT-8012M, AT-8012M-QS, AT-8016F/xx (MT, SC and ST), |
AT-8024,
AT-8024GB, AT-8024M, AT-8026FC, AT-8026T, and AT-8088/xx (MT and
SC) FAST ETHERNET SWITCHES
Version| 3.3.0
User’s Guide| AT-S39 User’s Guide
Revision| PN 613-50245-00 Rev J
Product Usage Instructions
Section I Overview
This section provides an overview of the product’s features and
functionalities.
Section II Local and Telnet Management
This section explains how to start a local or Telnet management session.
Chapter 2 Starting a Local or Telnet Management Session
This chapter provides detailed instructions on how to start a local or
Telnet management session.
For local management session:
- Follow the steps mentioned in the user manual to initiate a local management session.
- Refer to page 30 for more information on the local management session.
Chapter 3 Basic Switch Parameters
This chapter covers the basic parameters of the switch and explains when a
switch needs an IP address.
Chapter 4 Enhanced Stacking
This chapter provides an overview of enhanced stacking and how to return to
the master switch.
To return to the master switch:
- Follow the instructions given in the user manual to navigate back to the master switch.
- Refer to page 64 for more details on returning to the master switch.
Chapter 6 Port Security
This chapter explains port security and its overview.
Chapter 7 Port Trunking
This chapter provides an overview of port trunking.
Chapter 9 STP and RSTP
This chapter covers STP (Spanning Tree Protocol) and RSTP (Rapid Spanning
Tree Protocol) and their overview.
Management
®
Software
AT-S39
User’s Guide
AT-8012M, AT-8012M-QS, AT-8016F/xx (MT, SC and ST), AT-8024, AT-8024GB, AT-
8024M, AT-8026FC, AT-8026T, and AT-8088/xx (MT and SC) FAST ETHERNET SWITCHES
VERSION 3.3.0
PN 613-50245-00 Rev J
Copyright © 2004 Allied Telesyn, Inc. 960 Stewart Drive Suite B, Sunnyvale, CA 94085 USA All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn, Inc. Microsoft is a registered trademark of Microsoft Corporation, Netscape Navigator is a registered trademark of Netscape Communications Corporation. All other product names, company names, logos or other designations mentioned herein are trademarks or registered trademarks of their respective owners. Allied Telesyn, Inc. reserves the right to make changes in specifications and other information contained in this document without prior written notice. The information provided herein is subject to change without notice. In no event shall Allied Telesyn, Inc. be liable for any incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this manual or the information contained herein, even if Allied Telesyn, Inc. has been advised of, known, or should have known, the possibility of such damages.
Preface
This guide contains instructions on how to configure an AT-8000 Series Fast
Ethernet Switch using the AT-S39 management software. The AT-8000 Series
consists of the following Fast Ethernet switches:
AT-8012M AT-8012M-QS AT-8016F/xx (MT, SC and ST) AT-8024 AT-8024GB AT-8024M
AT-8026FC AT-8026T AT-8088/xx (MT and SC)
13
Preface
How This Guide is Organized
This manual is divided into three sections.
Section I: Overview
This section contains just one chapter. It reviews the different ways that you
can access the AT-S39 management software on a switch.
Section II: Local and Telnet Management
The chapters in this section explain how to manage a switch from a local
management session or a Telnet management session.
A local management session is established by connecting a terminal or PC to
the RS-232 Terminal Port on the front panel of the switch.
A Telnet management session is established using the Telnet application
protocol. This type of management session can be performed from any
workstation on your network that has the application protocol.
Section III: Web Browser Management
The chapters in this section explain how to manage a switch using a web
browser, such as Microsoft® Internet Explorer or Netscape® Navigator, from a
workstation on your network.
Document Conventions
This document uses the following conventions:
Note Notes provide additional information.
AT-S39 User’s Guide
Warning Warnings inform you that performing or omitting a specific action may result in bodily injury.
Caution Cautions inform you that performing or omitting a specific action may result in equipment damage or loss of data.
15
Preface
Where to Find Web-based Guides
The installation and user guides for all Allied Telesyn products are available
in Portable Document Format (PDF) from on our web site at
www.alliedtelesyn.com. You can view the documents on-line or download them
onto a local workstation or server.
16
AT-S39 User’s Guide
Contacting Allied Telesyn
This section provides Allied Telesyn contact information for technical support as well as sales or corporate information.
Online Support
You can request technical support online by accessing the Allied Telesyn Knowledge Base from the following web site: http://kb.alliedtelesyn.com. You can use the Knowledge Base to submit questions to our technical support staff and review answers to previously asked questions.
Email and Telephone
Support
For Technical Support via email or telephone, refer to the Support & Services section of the Allied Telesyn web site: http://www.alliedtelesyn.com.
Returning Products
Products for return or repair must first be assigned a Return Materials Authorization (RMA) number. A product sent to Allied Telesyn without a RMA number will be returned to the sender at the sender’s expense.
To obtain a RMA number, contact Allied Telesyn’s Technical Support at our web site: http://www.alliedtelesyn.com.
For Sales or Corporate
Information
You can contact Allied Telesyn for sales or corporate information at our web site: http://www.alliedtelesyn.com. To find the contact information for your country, select Contact Us -> Worldwide Contacts.
17
Preface
Management Software Updates
You can download new releases of management software for our managed products
from either of the following Internet sites:
Allied Telesyn web site: http://www.alliedtelesyn.com Allied Telesyn FTP
server: ftp://ftp.alliedtelesyn.com
To download new software from the Allied Telesyn FTP server using your
workstation’s command prompt, you need FTP client software and you must log in
to the server. Enter “anonymous” as the user name and your email address for
the password.
18
Section I
Overview
The chapter in this section provides a brief overview of the AT-S39 management
software. It explains some of the functions that you can perform with the
management software and reviews different methods for accessing the AT-S39
software on an AT-8000 Series Fast Ethernet Switch.
19
Chapter 1
Overview
The AT-S39 management software is intended for the AT-8000 Series Fast
Ethernet Switches. The software is used to monitor and adjust a switch’s
operating parameters. Some of the functions you can perform with the software
include:
Enable and disable ports Configure port parameters, such as port speed and
duplex mode Create virtual LANs (VLANs) Create port trunks and port mirrors
Assign an Internet Protocol (IP) address and subnet mask Activate and
configure a spanning tree protocol Activate enhanced stacking functions
Configure Class of Service (COS) Enable and configure IGMP snooping Enable and
configure broadcast storm control Download and upload image and configuration
files Configure port security Enable port access control The AT-S39 management
software comes pre-installed on the switch with default settings for all
operating parameters. If the default settings are adequate for your network,
you can use the switch as an unmanaged switch simply by connecting the unit to
your network, as explained in the hardware installation guide, and powering ON
the device.
20
AT-S39 User’s Guide
Note The default settings for the management software can be found in Appendix
A, AT-S39 Default Settings on page 331.
To actively manage a switch, such as to change or adjust the operating
parameters, you must access the switch’s AT-S39 management software. The
AT-S39 software features a menu interface and a command line interface that
make it very easy to use, and a special interface for managing a switch with a
web browser.
There are four different ways to access the management software on an AT-8000
Series switch. In this guide, these methods are referred to as management
sessions. They are:
Local Management Session
Telnet Management Session
Web Browser Management Session
SNMP Management Session
The following sections in this chapter briefly describe each type of
management session.
21
Section I: Overview
Local Management Session
You establish a local management session with an AT-8000 Series switch by
connecting a terminal or a PC with a terminal emulator program to the RS232
Terminal port on the front panel of the switch, using a straight-through
RS-232 cable. This type of management session is referred to as “local”
because you must be physically close to the switch, such as in the wiring
closet where the switch is located.
Once the session is started, a menu is displayed and you can make selections
to configure and monitor the switch. You can configure all of a switch’s
operating parameters from a local management session.
Note For instructions on starting a local management session, refer to
Starting a Local Management Session on page 31.
A switch does not need an Internet Protocol (IP) address for you to manage it
locally. You can start a local management session on a switch at any time. It
will not affect the forwarding of frames by the device.
If you assign an AT-8000 Series switch an IP address and designate it as a
master switch of an enhanced stack, you can will be able to manage all of the
switches in the enhanced stack, all from the same local management session.
Note For further information on enhanced stacking, refer to Enhanced Stacking
Overview on page 58.
Telnet Management Session
Any management workstation on your network that has the Telnet application
protocol can be used to manage an AT-8000 Series switch. This type of
management session is referred to in this guide as a remote management session
because you do not have to be in the wiring closet where the switch you want
to manage is located. You can manage the switch from any workstation on the
network that has the application protocol.
To establish a Telnet management session with a switch, there must be at least
one AT-8000 Series switch in the subnet that has been assigned an Internet
Protocol (IP) address. Only one switch in a subnet needs to have an IP
address. Once you have established a Telnet management session with the switch
that has an IP address, you can use the enhanced stacking feature of the
AT-S39 software to access all the other enhanced stacking switches in the same
subnet.
Note For further information on enhanced stacking, refer to Enhanced Stacking
Overview on page 58.
Note For instructions on how to start a Telnet management session, refer to
Starting a Telnet Management Session on page 35.
A Telnet management session gives you complete access to all of a switch’s
operating parameters. You can perform nearly all the same functions from a
Telnet management session as you can from a local management session.
23
Section I: Overview
Web Browser Management Session
You can also use a web browser to manage a switch. This too is referred to as
remote management, just like a Telnet management session. You can manage a
switch from any workstation on your network that has a web browser.
Note For instructions on starting this type of management session, refer to
Starting a Web Browser Management Session on page 242.
In order to start a web browser management session, there must be at least one
enhanced stacking switch in the subnet with an IP address and whose stacking
status has been set to master. Once you have started a management session on
the master switch, you can manage all of the switches in the enhanced stack.
Note For further information on enhanced stacking, refer to Enhanced Stacking
Overview on page 58.
24
AT-S39 User’s Guide
SNMP Management Session
Another way to remotely manage the switch is with an SNMP management program.
A familiarity with Management Information Base (MIB) objects is necessary for
this type of management.
The AT-S39 software supports the following MIBs:
SNMP MIB-II (RFC 1213)
Bridge MIB (RFC 1493)
Interface Group MIB (RFC 1573)
Ethernet MIB (RFC 1643)
Remote Network MIB (RFC 1757)
Allied Telesyn managed switch MIB
You must download the Allied Telesyn managed switch MIB (atistackinfo.mib and
atiswitch.mib) file from the Allied Telesyn web site and compile the file with
your SNMP program. For instructions, refer to your SNMP management
documentation.
Note SNMP management does not utilize the enhanced stacking feature.
Consequently, you must assign an IP address to each switch to be managed with
an SNMP program.
25
Section I: Overview
Management Access Levels
There are two levels of management access on an AT-8000 Series switch: Manager
and Operator. When you log in as a Manager, you can view and configure all of
a switch’s operating parameters. When you log in as an Operator, you can only
view the operating parameters; you cannot change any values.
You log in as a manager or an operator by entering the appropriate password
when you start an AT-S39 management session. To log in as a manager, type
“manager” as the login and “friend” as the password. The default user name for
operator is “operator” and the password is also “operator”. The login names
and passwords are case-sensitive.
26
Section II
Local and Telnet Management
The chapters in this section explain how to manage an AT-8000 Series switch
from a local or Telnet management session. The chapters include:
Chapter 2: Starting a Local or Telnet Management Session on page 29
Chapter 3: Basic Switch Parameters on page 38 Chapter 4: Enhanced Stacking on
page 57 Chapter 5: Port Parameters on page 65 Chapter 6: Port Security on page
76 Chapter 7: Port Trunking on page 82 Chapter 8: Port Mirroring on page 92
Chapter 9: STP and RSTP on page 96 Chapter 10: Virtual LANs Overview on page
118 Chapter 11: Creating Port-based and Tagged VLANs on page
134 Chapter 12: Multiple VLAN Modes on page 153 Chapter 13: MAC Address Table
on page 161 Chapter 14: Class of Service on page 174 Chapter 15: IGMP Snooping
on page 179 Chapter 16: Broadcast Storm Control on page 187 Chapter 17:
TACACS+ and RADIUS Protocols on page 192
27
Section II: Local and Telnet Management
Chapter 18: 802.1x Port-Based Access Control on page 202 Chapter 19: Ethernet
Statistics on page 215 Chapter 20: File Downloads and Uploads on page 220
28
Chapter 2
Starting a Local or Telnet Management Session
This chapter contains the procedure for starting a local or Telnet management
session on an AT-8000 Series switch. The sections in the chapter are:
Local Management Session on page 30 Telnet Management Session on page 35
Saving Your Parameter Changes on page 37
29
Section II: Local or Telnet Management
Local Management Session
On the front panel of the switch is a port labelled RS232 Terminal Port. You
can use this port to establish a local (out-of-band) management session with
the switch’s AT-S39 management software.
A local management session is so named because you must be close to the
switch, usually within a few meters, to start this type of management session.
This typically means that you must be in the wiring closet where the switch is
located.
A switch does not need an IP address to be managed from a local management
session. You can start a local management session at any time on any AT-8000
Series switch in your network. A local management session does not interfere
with the flow of Ethernet traffic through the unit.
Starting a local management session on a switch that has been configured as a
Master switch allows you to manage all the switches in the enhanced stack from
the same local management session. You do not have to start a separate local
management session for each switch. This can simplify network management.
Starting a local management session on a switch that is not part of an
enhanced stack or that is a slave switch allows you to manage just that
switch.
Note For information on enhanced stacking, refer to Enhanced Stacking Overview
on page 58.
30
AT-S39 User’s Guide
Starting a Local Management Session
To start a local management session, perform the following procedure:
1. Connect one end of the straight-through RS232 management cable with a DB-9
connector to the RS232 Terminal Port on the switch. (The management cable is
included with the switch.)
PORT B
DE
LINK
RS-232 TERMINAL PORT
MODE
FAULT MASTER
PWR
Figure 1 Connecting a Terminal or PC to the RS232 Terminal Port
2. Connect the other end of the cable to an RS-232 port on a terminal or PC
with a terminal emulator program.
3. Configure the terminal or terminal emulator program as follows: Baud rate:
1200 bps to 115200 bps (default 9600; see Note below) Data bits: 8 Parity:
None Stop bits: 1 Flow control: None
31
Section II: Local or Telnet Management
Note The switch has an auto-detect feature on the serial port that
automatically determines the speed of the local terminal. You activate this
feature by pressing the Return or Enter key twice on your keyboard when you
initially start the local interface or within five seconds after powering on
or resetting the switch. The switch determines the speed of the terminal and
automatically configures the speed of the RS232 Terminal Port accordingly.
Otherwise, the switch uses a default baud rate of 9600 bits per second (bps).
The switch maintains the terminal port speed until the system is again powered
on or reset. The range of the port’s baud rate is 1200 to 115200 bps.
Note The port settings are for a DEC VT100 or ANSI terminal, or an equivalent
terminal emulator program.
Note During boot up, the switch displays the following prompt: Press
4. Press the Return key twice.
Prompts are displayed for a login name and password.
5. To view and change the switch’s configuration, log in as a Manger. The
login name is “manager” and the default password “friend”. To just view the
configuration, log in as an operator. The login name is “operator” and the
default password is also “operator”. Login names and passwords are case-
sensitive. For information on the two access levels, refer to Management
Access Levels on page 26. For instructions on how to change a password, refer
to Configuring the Management Passwords on page 51.
32
AT-S39 User’s Guide
The Main Menu is shown in Figure 2.
Allied Telesyn Ethernet Switch AT-8024GB – AT-S39 Sales Switch
Login Privilege: Manager Main Menu
1 – Port Menu 2 – VLAN Menu 3 – Spanning Tree Menu 4 – Administration Menu 5 –
System Config Menu 6 – MAC Address Tables 7 – Ethernet Statistics 8 –
Diagnostics 9 – Enhanced Stacking C – Command Line Interface
Q – Quit
Enter your selection?
Figure 2 Main Menu
To select a menu item, type the corresponding letter or number.
Pressing the Esc key or typing the letter R in a submenu or menu, returns you
to the previous menu.
Please note the following:
The Command Line Interface selection in the Main Menu is described in the
AT-S39 Command Line Interface User’s Guide.
If the prompt “Manager$” or “Operator$” is displayed instead of the Main Menu,
the management software has been configured to initially display the command
line prompt instead of the Main Menu. To display the menu, type menu and press
Return.
Enhanced Stacking
Starting a local management session on the master switch of an enhanced stack enables you to manage all the switches in the same enhanced stack from the same management session. This can save you the time and trouble of having to start a separate local management session each time you want to manage a switch in your network. It can also save you from having to go to the different wiring closets where the switches are located.
Starting a local management session on a slave switch or a switch that is not part of an enhanced switch allows you to manage just that switch.
33
Section II: Local or Telnet Management
For information on enhanced stacking and how to manage different switches from the same management session, refer to Chapter 4, Enhanced Stacking on page 57.
Quitting from a Local Session
To quit a local session, return to the Main Menu and type Q for Quit.
You should always exit from a management session when you are finished
managing a switch. This can prevent unauthorized individuals from making
changes to a switch’s configuration should you leave your management station
unattended.
Note You cannot operate both a local management session and a Telnet management session on the same switch simultaneously. Failure to properly exit from a local or Telnet management session may block future management sessions.
34
AT-S39 User’s Guide
Telnet Management Session
You can use the Telnet application protocol from a workstation on your network
to manage an AT-8000 Series switch. This type of management is referred to as
remote management because, unlike a local management session, you do not have
to be in the wiring closet where the switch is located. You can use any
workstation on your network with the application protocol to manage the
switch.
In terms of functionally, there are almost no differences between managing a
switch locally through the RS232 Terminal Port and remotely with the Telnet
application protocol. You see the same menu selections and have nearly the
same management capabilities.
Starting a Telnet management session requires that there be at least one
enhanced stacking switch in your network that has an IP address and whose
enhanced stacking status has been set to master. That switch is referred to as
the master switch. Once you have started a Telnet management session on the
master switch, you have management access to all enhanced stacking switches,
including the AT-8000 Series switch, that reside in the same enhanced stack.
Note For background information on enhanced stacking, refer to Enhanced Stacking Overview on page 58.
Starting a Telnet Management Session
To start a Telnet management session, specify the IP address of the master switch of the enhanced stack in the Telnet application protocol and enter the management software password when prompted. The default password for manager access is “friend”. The default password for operator access is “operator”. Logins and passwords are casesensitive. For information on the two access levels, refer to Management Access Levels on page 26. (For instructions on how to change a password, refer to Configuring the Management Passwords on page 51.)
The Main Menu of a Telnet management session is the same menu seen in a local management session, as shown in Figure 2 on page 33. You can perform nearly all the same functions from a local management session as you can from a Telnet management session.
The menus also function the same. To make a selection, type its corresponding number of letter. To return to a previous menu, type R or press ESC twice.
35
Section II: Local or Telnet Management
Note You can run only one Telnet management session on a switch at a time. Additionally, you cannot run both a Telnet management session and a local management session on the same switch at the same time.
Quitting from a Telnet
Management Session
To end a Telnet management session, return to the Main Menu and type Q for Quit.
36
AT-S39 User’s Guide
Saving Your Parameter Changes
When you make a change to a switch parameter, the change is, in most cases,
immediately activated on the switch as soon as you enter it. However, a
parameter change is initially saved only to temporary memory by the switch and
will be lost the next time you reset or power cycle the unit. To permanently
save a change, you must select the S Save Configuration Changes option. You
should select that menu option whenever you have made a change to a switch
parameter that you want the switch to retain even when it is reset or power
cycled. If you do not see the menu option, then there are no parameter changes
to be saved.
37
Chapter 3
Basic Switch Parameters
This chapter contains a variety of information and procedures. There is a
discussion on when to assign an IP address to a switch and the different ways
that you can go about it. There are also procedures for resetting the switch,
activating the original switch default settings, and more.
Sections in the chapter include:
When Does a Switch Need an IP Address? on page 39
Configuring an IP Address and Switch Name on page 41
Activating the BOOTP and DHCP Client Software on page 44
Configuring SNMP Community Strings and Trap IP Addresses on page 46
Resetting a Switch on page 49
Configuring the AT-S39 Management Security Features on page 50
Viewing the AT-S39 Version Number and Switch MAC Address on page 53
Pinging a Remote System on page 54
Returning the AT-S39 Software to the Factory Default Values on page 55
Configuring the Console Startup Mode on page 56
38
AT-S39 User’s Guide
When Does a Switch Need an IP Address?
One of the tasks to building or expanding a network is deciding which of the
managed switches need a unique IP address. In the past the rule was that a
managed switch needed an IP address if you wanted to manage it remotely, such
as with the Telnet application protocol or a web browser. However, if a
network contained a lot of managed switches, having to assign each one an IP
address was often cumbersome and time consuming. It was also often difficult
keeping track of all the IP addresses.
The enhanced stacking feature of the AT-8000 Series, AT-8400 Series, and AT-
8524M switches simplifies all this. With enhanced stacking, you only need to
assign an IP address to one switch in each subnet in your network. The switch
with the IP address is referred to as the Master switch of the enhanced stack.
All switches in the same stack share the IP address.
Starting a local or remote management session on the Master switch
automatically gives you complete management access to all the other switches
in the same enhanced stack.
This feature has two primary benefits. First, it reduces the number of IP
addresses you have to assign to your network devices. Second, it allows you to
configure multiple switches through the same local or remote management
session.
Note For additional information on enhanced stacking, refer to Enhanced
Stacking Overview on page 58.
When you assign a switch an IP address, you must also assign it a subnet mask.
The switch uses the subnet mask to determine which portion of an IP address
represents the network address and which the node address.
You must also assign the switch a gateway address if the switch and a remote
management workstation are separated by a router. This gateway address is the
IP address of the router through which the switch and remote management
station will communicate.
If you do not plan to remotely manage any of the AT-8000 Series switches in
your network, you do not need to assign any of them an IP address. The
switches can operate without an IP address and you will still be able to
manage them completely using local management sessions.
39
Section II: Local and Telnet Management
How Do You Assign an IP
Address?
Once you have decided which, if any, switches on your network need an IP address, you have to access the AT-S39 software on the switches and assign the addresses. There are actually two ways in which a switch can obtain an IP address.
The first method is for you to assign the IP configuration information manually. This procedure is explained in Configuring an IP Address and Switch Name on page 41.
The second method is for you to activate the BOOTP and DHCP services on the switch and have the switch automatically download its IP configuration information from a BOOTP or DHCP server on your network. This procedure is explained in Activating the BOOTP and DHCP Client Software on page 44.
Note Initially assigning an IP address to a switch or activating BOOTP and DHCP can only be done through a local management session, unless the switch is a part of an existing enhanced stack.
40
AT-S39 User’s Guide
Configuring an IP Address and Switch Name
The procedure in this section explains how to manually assign an IP address,
subnet mask, and gateway address to the switch from a local or Telnet
management session. (If you want the switch to obtain its IP configuration
from a DHCP or BOOTP server on your network, go to the procedure Activating
the BOOTP and DHCP Client Software on page 44.)
This procedure also explains how to assign a name to the switch, along with
other optional information, such as the name of the administrator responsible
for maintaining the unit and the location of the switch.
To manually set a switch’s IP address, perform the following procedure:
1. From the Main Menu, type 4 to select Administration Menu.
The Administration Menu is shown in Figure 3.
Allied Telesyn Ethernet Switch AT-8024 – AT-S39 Sales Switch
Login Privilege: Manager Administration Menu
1 – IP Address …….. 0.0.0.0 2 – Subnet Mask ……. 0.0.0.0 3 – Default Gateway …
0.0.0.0 4 – System Name ……. Sales Switch 5 – Administrator ….. Jane Smith 6 –
Comments ………. Bldg. 12, Rm. 201 7 – Set Password …… 8 – BOOTP/DHCP ……..
Disabled
9 – Reset Switch A – Server-based Authentication D – Downloads & Uploads P –
Ping a Remote System
R – Return to Previous Menu
Enter your selection?
Figure 3 Administration Menu
41
Section II: Local and Telnet Management
2. Change the parameters as desired.
The parameters in the IP Parameters menu are described below:
1 – IP Address This parameter specifies the IP address of the switch. You must
assign an IP address if you want the switch to function as the Master switch
of an enhanced stack. (Slave switches do not need and IP address.) You must
also assign it an IP address if it will not be part of an enhanced stack and
you want to be able to manage it remotely using Telnet or a web browser. The
IP address must be entered in the format: xxx.xxx.xxx.xxx. The default value
is 0.0.0.0.
2 – Subnet Mask This parameter specifies the subnet mask for the switch. You
must specify a subnet mask if you assigned an IP address to the switch. The
mask address must be entered in the format: xxx.xxx.xxx.xxx. The default value
is 0.0.0.0.
3 – Default Gateway This parameter specifies the default router’s IP address.
This address is required if you intend to remotely manage the switch from a
management station that is separated from the switch by a router. The gateway
address must be entered in the format: xxx.xxx.xxx.xxx. The default value is
0.0.0.0.
4 – System Name This parameter specifies a name for the switch (for example,
Sales Ethernet switch). This parameter is optional. The name can be up to 30
alphanumeric characters. Spaces are allowed.
Note You should assign each switch a name. The names can help you identify the
various switches in your network. This can help you avoid performing a
configuration procedure on the wrong switch.
5 – Administrator This parameter specifies the name of the network
administrator responsible for managing the switch. This parameter is optional.
The name can be up to 30 alphanumeric characters. Spaces are allowed.
6 – Comments This parameter specifies additional information about the Fast
Ethernet switch, such as its location (for example, 4th Floor, room 402B).
This parameter is optional. Comments can be up to 30 alphanumeric characters.
Spaces are allowed.
42
AT-S39 User’s Guide
7 – Set Password This parameter is used to change the Manager and Operator’s
login passwords. For instructions, refer to Configuring the Management
Passwords on page 51.
8 – BOOTP/DHCP This selection activates and deactivates the BOOTP and DHCP
client software on the switch. For information on this selection, refer to
Activating the BOOTP and DHCP Client Software on page 44.
9 – Reset Switch This selection resets the switch, as explained in Resetting a
Switch on page 49.
A – Server-based Authentication This selection is used to configure the
TACACS+ and RADIUS client software on the switch. For information on this
feature, refer to Chapter 17, TACACS+ and RADIUS Protocols on page 192.
Downloads and Uploads For information on this selection, refer to Chapter 20,
File Downloads and Uploads on page 220.
R – Ping a Remote System For information on this selection, refer to Pinging a
Remote System on page 54.
3. After you have set the parameters, type S to select Save Configuration
Changes.
Note A change to any parameter in this menu, including IP address, subnet
mask, and gateway address, is immediately activated on the switch.
43
Section II: Local and Telnet Management
Activating the BOOTP and DHCP Client Software
The BOOTP and DHCP application protocols were developed to simplify network
management. They are used to automatically assign IP configuration information
to the devices on your network, such as an IP address, subnet mask, and a
default gateway address.
An AT-8000 Series switch contains the client software of these protocols and
can obtain IP configuration information from a BOOTP or DHCP server on your
network. If you activate this feature, the switch seeks its IP address and
other IP configuration information from a BOOTP or DHCP server on your network
whenever you reset or power ON the device.
For this to work there must be a BOOTP or DHCP server residing on your network
and you must configure the service by entering in the switch’s MAC address and
other appropriate information.
BOOTP and DHCP application protocols allow you to specify how the IP address
is to be assigned to the switch. Choices are static and dynamic. If you choose
static, the server will always assign the same IP address to the switch when
the switch is reset or powered ON. This is the preferred configuration. Since
the BOOTP and DHCP services always assigns the same IP address to a switch,
you will always know which IP address to use when you need to remotely manage
a particular switch.
If you choose dynamic, the server will assign any unused IP address that it
has not already assigned to another device. This means that a switch might
have a different IP address each time you reset or power cycle the device,
making it difficult for you to remotely manage the unit.
Note The default setting for the BOOTP and DHCP client software is disabled.
To activate or deactivate the BOOTP and DHCP client software on the switch,
perform the following procedure:
1. From the Main Menu, type 4 to select Administration Menu.
The Administration in Figure 3 on page 41 is displayed.
2. Type 8 to select BOOTP/DHCP.
The following prompt is displayed:
BOOTP/DHCP (E-Enabled, D-Disabled):
3. Type E to enable BOOTP and DHCP services on the switch or D to disable the
services and press Return. The default is disabled.
44
AT-S39 User’s Guide
4. Type S to select Save Configuration Changes.
Note If you activate the BOOTP and DHCP client software, the switch
immediately begins to query the network for a BOOTP or DHCP server. The switch
continues to query the network for its IP configuration until it receives a
response.
Any static IP address, subnet mask, and gateway address assigned to the switch
are deleted from the Administration menu and replaced with the values the
switch receives from the BOOTP or DHCP server. If you later disable BOOTP and
DHCP, these values are returned to their default setting of 0.0.0.0.
45
Section II: Local and Telnet Management
Configuring SNMP Community Strings and Trap IP Addresses
To configure the SNMP community strings for the switch and assign up to four
IP addresses of management stations to receive traps from the switch, perform
the following procedure:
Note SNMP access is disabled by default. To enable SNMP access, refer to
Configuring Management Access on page 52.
1. From the Main Menu, type 5 to select System Config Menu. The System
Configuration Menu is shown in Figure 4.
Allied Telesyn Ethernet Switch AT-8024GB – AT-S39 Sales Switch
Login Privilege: Manager System Config Menu
1 – MAC Aging Time ……………….. 300 seconds 2 – Switch Mode ………………….. Tagged 3 –
Console Disconnect Timer Interval . 10 minute(s) 4 – Web Server Status ……………..
Enabled 5 – SNMP Access ………………….. Disabled 6 – Console Startup Mode …………..
Menu 7 – Reset to Factory Defaults
A – Advanced Configuration
R – Return to Previous Menu
Enter your selection?
Figure 4 System Configuration Menu
46
AT-S39 User’s Guide
2. From the System Configuration Menu, type A to select Advanced
Configuration. The Advanced Configuration menu is shown in Figure 5.
Allied Telesyn Ethernet Switch AT-8024GB – AT-S39 Sales Switch
Login Privilege: Manager Advanced Configuration Menu
1 – IGMP Snooping Configuration 2 – Broadcast Timers Setup 3 – SNMP
Configuration
R – Return to Previous Menu
Enter your selection:
Figure 5 Advanced Configuration Menu
3. From the Advanced Configuration menu, type 3 to select SNMP Configuration.
The SNMP Configuration menu is shown in Figure 6.
Allied Telesyn Ethernet Switch AT-8024GB – AT-S39 Sales Switch
Login Privilege: Manager SNMP Configuration
1 – GET Community ………….. public 2 – SET Community ………….. private 3 – Trap
Community …………. public
4 – Trap Receiver 1 ………… 0.0.0.0 5 – Trap Receiver 2 ………… 0.0.0.0 6 – Trap
Receiver 3 ………… 0.0.0.0 7 – Trap Receiver 4 ………… 0.0.0.0
S – Save Configuration Changes R – Return to Previous Menu
Enter your selection:
Figure 6 SNMP Configuration Menu
47
Section II: Local and Telnet Management
4. Adjust the parameters as desired. To change a value, type its
corresponding number and, when prompted, enter the new value. The parameters
are described below.
1 – GET Community 2 – SET Community 3 – Trap Community Use these parameters to
set a switch’s SNMP community strings. A community string can be up to
thirteen characters. Community strings are case sensitive and can contain
spaces and special characters, such as an exclamation point (!).
4 – Trap Receiver 1 5 – Trap Receiver 2 6 – Trap Receiver 3 7 – Trap Receiver
4 Use these selections to specify the IP addresses of up to four management
workstations on your network to receive traps from the switch.
Changes to the SNMP parameters are immediately activated on the switch.
5. After making your changes, type S to select Save Configuration Changes.
48
AT-S39 User’s Guide
Resetting a Switch
This procedure reboots the switch.
Note Any configuration changes not saved will be lost once the switch reboots.
To save your configuration changes, return to the Main Menu and type S to
select Save Configuration Changes.
Caution The switch will not forward traffic during the brief period required
to reload its operating software. Some network traffic may be lost.
To reset a switch, perform the following procedure:
1. From the Main Menu, type 4 to select Administrator Menu.
2. From the Administrator Menu, type 9 to select Reset Switch.
The following prompt is displayed:
Do you want to proceed with the switch reboot? [Yes/No] ->
3. Type Y to reset the switch or N to cancel this procedure.
If you are running a local management session, you will see this prompt:
Please press
- To view the initialization messages
Entering any key other thankey does not guarantee the above …
4. To view the initialization messages during the reset process, press Return.
The switch reinitializes its operating system, a task requiring approximately 20 seconds to complete. Once complete, the switch is again ready for normal network operations.
5. To resume managing the switch, you must reestablish your management session.
49
Section II: Local and Telnet Management
Configuring the AT-S39 Management Security Features
The AT-S39 software has several security features that can help prevent
unauthorized individuals from changing a switch’s parameter settings. The
security features are:
Manager and Operator Passwords – The management software has two standard,
management login accounts: Manager and Operator. The Manager account allows
you to configure all switch parameters, while the Operator account only allows
you to view the parameter settings. The default login name for Manager access
is “manager” and the password is “friend”. The login name and password for
Operator access are both “operator”. Login names and passwords are case-
sensitive. For instructions on how to change a password, refer to Configuring
the Management Passwords on page 51. (You can create additional management
login accounts for the switch if your network contains a TACACS+ or RADIUS
authentication protocol server. For instructions, refer to Chapter 17, TACACS+
and RADIUS Protocols on page 192.)
Console Timeout – This parameter causes the management software to
automatically end a management session if it does not detect any activity from
the local or remote management station after the specified period of time.
This security feature can prevent unauthorized individuals from using your
management station should you step away from your system while configuring a
switch. The default for the console timeout value is 10 minutes. For
instructions on how to set this security feature, refer to Configuring
Management Access on page 52.
Web Access – You can disable the web browser management feature on the switch,
and so prevent individuals from managing the switch remotely using a web
browser. The default setting for web browser management access is enabled. For
instructions on how to set this security feature, refer to Configuring
Management Access on page 52.
SNMP Access – You can also disable the SNMP management feature on the switch,
and so prevent individuals from managing the switch remotely using a SNMP
management program. The default setting for SNMP access is disabled. For
instructions on how to set this security feature, refer to Configuring
Management Access on page 52.
50
AT-S39 User’s Guide
Configuring the Management Passwords
There are two levels of management access on an AT-8000 Series switch: Manager and Operator. When you log in as a Manager, you can view and configure all of a switch’s operating parameters. When you log in as an Operator, you can only view the operating parameters; you cannot change any values.
The default password for Manager access is “friend”. The default password for Operator access is “operator”. A password can be from 0 to 20 alphanumeric characters. Passwords are case-sensitive.
Caution You should not use spaces or special characters, such as asterisks (*) and exclamation points (!), in a password if you will be managing the switch from a web browser. Many web browsers cannot handle special characters in passwords.
To change the Manager or Operator password, perform the following procedure:
1. From the Main Menu, type 4 to select Administrator Menu. 2. From the
Administrator Menu, type 7 to select Set Password.
The Passwords Menu is shown in Figure 7.
Allied Telesyn Ethernet Switch AT-8024GB – AT-S39 Login Privilege: Manager
Passwords Menu 1 – Set Manager Password 2 – Set Operator Password
R – Return to Previous Menu
Enter your selection?
Figure 7 Passwords Menu
3. Type 1 to change the Manager password or type 2 to change the Operator
password.
4. Follow the prompts. You are asked to enter the new password twice.
The new password is automatically saved by the management software. You do not
need to use the Save Configuration Changes menu selection to permanently save
the new password.
51
Section II: Local and Telnet Management
Configuring Management
Access
To configure the console timer, web access, and SNMP access security features
of the AT-S39 management software, perform the following procedure:
1. From the Main Menu, type 5 to select System Config Menu.
The System Config Menu is shown in Figure 4 on page 46.
2. To configure the console timer, type 3 to select Console Disconnect Timer
Interval and, when prompted, enter a value of from 1 to 60 minutes. The
default value is ten minutes.
For example, if you specify 2 minutes, the AT-S39 management software
automatically ends a local or remote management session if it does not detect
any activity from the management station after 2 minutes.
A new console timer value takes affect the next time you start a local or
remote management session.
3. To configure web browser access, type 4 to select Web Server Status and,
when prompted, type E to enable the web server or D to disable it. The default
value is enabled.
For example, if you disable the web server, no one can manage the switch
remotely using a web browser.
4. To configure SNMP management access of the switch, type 5 to select SNMP
Access and, when prompted, type E to enable SNMP management access or D to
disable it. The default value is disabled.
When SNMP access is disabled, no one can manage the switch remotely using an
SNMP management program.
Your changes are immediately activated on the switch.
5. After you have made the desired changes, type S to select Save
Configuration Changes.
52
AT-S39 User’s Guide
Viewing the AT-S39 Version Number and Switch MAC Address
The procedure in this section displays the following switch information:
AT-S39 version number Bootloader version number Serial number MAC Address
To display the information, type 8 to select Diagnostics from the Main Menu.
The Diagnostics menu is shown in Figure 8.
Allied Telesyn Ethernet Switch AT-8024 – AT-S39 Login Privilege: Manager
Diagnostics 1 – Application Software Version …. AT-S39 v3.3.0 2 – Application
Software Build Date . May 12 2004 19:32:40 3 – Bootloader Version …………..
ATS39_LOADER v2.1.0 4 – Bootloader Build Date ……….. Jul 21 2002 16:37:14 5 –
Serial Number ………………. S05248014600028 6 – MAC Address …………………
00:30:84:52:03:80 7 – System Up Time ……………… 20D:15H:24M:51S 8 – Uplink
Information
R – Return to Previous Menu
Enter your selection?
Figure 8 Diagnostics Menu
The information displayed in selections 1 through 7 in this menu is for
viewing purposes only. For information on option 8, refer to Displaying Uplink
Information on page 74.
53
Section II: Local and Telnet Management
Pinging a Remote System
You can instruct the switch to ping a remote device on your network. This
procedure is useful in determining whether a valid link exists between the
switch and another device.
Note The switch must have an IP address in order for you to perform this
procedure. This means that in most cases you must perform this procedure from
the master switch of an enhanced switch.
To instruct the switch to ping a network device, perform the following
procedure:
1. From the Main Menu, type 4 to select Administration Menu.
2. From the Administration Menu, type P to select Ping a Remote System.
The following prompt is displayed:
Please enter an IP address ->
3. Enter the IP address of the end node you want the switch to ping and press
Return.
The results of the ping command are displayed on the screen. To stop the ping,
press any key.
54
AT-S39 User’s Guide
Returning the AT-S39 Software to the Factory Default Values
The procedure in this section returns all AT-S39 software parameters to their
default values. This procedure also deletes any VLANs you created on the
switch. The AT-S39 software default values can be found in Appendix A, AT-S39
Default Settings on page 331.
Caution Performing this procedure resets the switch. The switch will not
forward traffic during the brief period required to reload its operating
software. Some data traffic may be lost.
To return the AT-S39 management software to its default settings, perform the
following procedure:
1. From the Main Menu, type 5 to select System Config Menu.
2. From the System Configuration Menu, type 7 to select Reset to Factory
Defaults.
The following prompt is displayed:
Are you sure you want to reset to Factory Defaults? [Yes/No] ->
3. Type Y for yes or N for no.
The following prompt is displayed:
Do you want to reset IP, Subnet and Gateway as well? [Yes/No] ->
4. If you type Y for yes, all switch parameters including the IP address,
subnet mask, and gateway address are changed to their default values. If you
type N for no, all switch parameters excluding those settings are changed to
their default values.
The following prompt is displayed:
The Factory Defaults take effect only after the Switch reboots. Do you want to
proceed with switch reboot? [Yes/No] ->
5. Type Y to reset the switch.
The operating parameters are returned to their default values and the switch
is reset.
55
Section II: Local and Telnet Management
Configuring the Console Startup Mode
You can configure the AT-S39 software to display either the Main Menu or the
command line interface prompt ($) whenever you start a local or remote
management session. The default is the Main Menu.
To change the console startup mode, perform the following procedure:
1. From the Main Menu, type 5 to select System Config Menu. 2. From the
System Configuration Menu, type 6 to select Console
Startup Mode. The following prompt is displayed:
Enter Console Mode (M-Menu, C-CLI):
3. Type M if you want a management session to always start with the Main
Menu, or C if you want it to display the command line interface prompt. The
default is the Main Menu. A change to the console startup mode takes effect
the next time you start a local or remote management session.
56
Chapter 4
Enhanced Stacking
This chapter explains the enhanced stacking feature. The sections in this
chapter include:
Enhanced Stacking Overview on page 58 Setting a Switch’s Enhanced Stacking
Status on page 61 Selecting a Switch in an Enhanced Stack on page 63
57
Section II: Local and Telnet Management
Enhanced Stacking Overview
The enhanced stacking feature can make it easier for you to manage the AT-8000
Series switches in your network. It offers the following benefits:
You can manage up to 24 switches from one local or remote management session.
This eliminates the need of having to start separate management sessions for
the different switches in your network.
The switches can share the same IP address. This reduces the number of IP
addresses you need to assign to your network devices for remote management.
Remotely managing a new switch in your network is simplified. You simply
connect it to your network. Once connected, you can begin to manage it
immediately from any workstation in your network.
Guidelines Here are a few guidelines to implementing enhanced stacking in your
network:
A enhanced stack can consist of any Allied Telesyn switches that feature
enhanced stacking, including the AT-8000 Series switches, the AT-8400 Series
switches, and the AT-8524M switch.
An enhanced stack cannot span subnets.
All of the switches in an enhanced stack must use the same management VLAN.
This is the VLAN on which the switch expects to receive remote management
packets. You can create more than one enhanced stack in a subnet by assigning
switches to different Management VLANs. For information about Management
VLANs, refer to Designating a Management VLAN on page 151.
An enhanced stack must have at least one master switch. The master switch can
be any Allied Telesyn switch that supports enhanced stacking.
You must assign the master switch an IP address and subnet mask.
You must set the master switch’s stacking status to Master.
The enhanced stacking feature uses the IP address 176.16.16.16. Do not assign
this address to any device on your subnet if you intend to use the enhanced
stacking feature.
58
AT-S39 User’s Guide
There are three basic steps to implementing this feature on your network:
1. You must select a switch in your network to function as the master switch
of the stack.
The master switch can be any switch that supports enhanced stacking, such as
an AT-8000 Series switch, an AT-8400 Series switch, or an AT-8524M switch. For
networks that consist of more than one subnet, there must be at least one
master switch in each subnet.
It is recommended that each enhanced stack have two master switches, each
assigned a unique IP address. That way, should you remove one of the master
switches from the network, such as for maintenance, you all still be able to
remotely manage the other switches in the stack using the second master
switch.
2. You must assign the master switch an IP address and subnet mask.
A master switch must have an IP address and subnet mask. The other switches in
an enhanced stack, referred to as slave switches, do not.
If an enhanced stack will have more than one master switch, you must assign
each master switch a unique IP address.
Note You can set the IP address manually or activate the BOOTP and DHCP client
software on a master switch and have the switch obtain its IP information from
a BOOTP or DHCP server on your network. Initially assigning an IP address or
activating the BOOTP and DHCP services can only be performed through a local
management session of the master switch.
For instructions on how to set the IP address manually, refer to Configuring
an IP Address and Switch Name on page 41. For instructions on activating the
BOOTP and DHCP services, refer to Activating the BOOTP and DHCP Client
Software on page 44.
3. Change the enhanced stacking status of the master switch to Master.
This is explained in the procedure Setting a Switch’s Enhanced Stacking Status
on page 61.
59
Section II: Local and Telnet Management
Figure 9 is an example of the enhanced stacking feature.
Master 1 IP Address 149.32.11.22
Master 2 IP Address 149.32.11.16
Master 1 IP Address 149.32.09.18
Master 2 IP Address 149.32.09.24
PWR MASTER FAULT
RS-232 TERMINAL PORT
Subnet A
Router Subnet B
Figure 9 Enhanced Stacking Example The example consists of a network of two
subnets interconnected with a router. Each subnet consists of one enhanced
stack. Two switches in each subnet have been selected as master switches of
the enhanced stacks, and each has been assigned a unique IP address. To manage
the switches of an enhanced stack, you could start a local or a remote
management session with one of the master switches in the enhanced stack. You
would then have management access to all the enhanced stacking switches in the
same stack.
60
AT-S39 User’s Guide
Setting a Switch’s Enhanced Stacking Status
The enhanced stacking status of the switch can be master switch, slave switch,
or unavailable. Each status is described below:
Master switch – A master switch of a stack can be used to manage all the other
switches in the stack. Once you establish a local or remote management session
with the Master switch, you can access and manage all the switches in the
stack. A master switch must have a unique IP address. You can manually assign
a master switch an IP address or activate the BOOTP and DHCP services on the
switch.
Slave switch – A slave switch can be remotely managed through a master switch.
It does not need an IP address or subnet mask. This is the default setting for
a switch.
Unavailable – A switch with an unavailable stacking status cannot be remotely
managed through enhanced stacking. A switch with this designation can be
managed locally. To be managed remotely, a switch with an unavailable stacking
status must be assigned a unique IP address.
Note You cannot change the stacking status of a switch accessed through
enhanced stacking. To change the stacking status of a switch that does not
have an IP address or subnet mask, such as a slave switch, you must use a
local management session. If the switch has an IP address and subnet mask, you
can use either a local or a Telnet management session.
To adjust a switch’s enhanced stacking status, perform the following
procedure:
1. From the Main Menu, type 9 to select Enhanced Stacking. The Enhanced
Stacking menu is shown in Figure 10.
Allied Telesyn Ethernet Switch AT-8024 – AT-S39 Login Privilege: Manager
Enhanced Stacking 1 – Switch State-(M)aster/(S)lave/(U)navailable…. Master 2 –
Stacking Services
S – Save Configuration Changes R – Return to Previous Menu
Enter your selection?
Figure 10 Enhanced Stacking Menu
61
Section II: Local and Telnet Management
The menu displays the current status of the switch at the end of selection “1
– Switch State.” For example, the switch’s current status in the figure above
is Master.
Note The “2 – Stacking Services” selection is included in the menu only for
master switches.
2. To change a switch’s stacking status, type 1 to select Switch State. The
following prompt is displayed.
Enter new setup (M/S/U) ->
3. Type M to change the switch to a master switch, S to make it a slave
switch, or U to make the switch unavailable. Press Return. A change to the
status is immediately activated on the switch.
4. Type S to select Save Configuration Changes.
62
AT-S39 User’s Guide
Selecting a Switch in an Enhanced Stack
The first thing you should do before performing a procedure on a switch in an
enhanced stack is check to be sure you are performing it on the correct
switch. If you assigned system names to your switches, then this is easy. The
name of the switch being managed is always displayed at the top of every
management menu.
When you start a management session on the Master switch of an enhanced stack,
you are by default addressing that particular switch. The management tas