FAQ - PLANET Technology

FAQ Subject

Q :

[GS-5220,IGS-5225,IGS-6325 series] How to configure ACL feature by MAC address.

A :

In order to block all traffic from a certain MAC address, the Ethernet type and ARP of ACE rules must be set at the same time.

Here is an ACL example for MAC address:

Goal: Blocking the traffic with Source MAC address 00-05-1b-33-44-ed.

Step 1: Go to the ACE Configuration following the path: Security → Access Control List → ACL Configuration.

Step 2: Add an Ethernet type of ACE rule:

1. Set the Ingress Port as All, set the Frame Type as Ethernet Type.

2. Set the SMAC Filter as Specific, input the SMAC Value, and set the DMAC Filter as Any.

3. Set the EtherType Filter as Any.

4. Set the Action as Deny.

Step 3: Add an ARP of ACE rule:

1. Set the Ingress Port as All, set the Frame Type as ARP.

2. Set the SMAC Filter as Specific, input the SMAC Value, set the DMAC Filter as Any.

3. Set the ARP Parameters as Any.

4. Set the Action as Deny.

Step 4: Additionally, we recommend to set the ARP Inspection as disabled and clear the ARP table on the switch and PC.

Thus, the switch can support the goal: Blocking the traffic with Source MAC address 00-05-1b-33-44-ed.

» Link

Q :

[GS-5220,IGS-5225,IGS-6325 series] How to set RSTP on LACP and VLAN trunk ports.

A :

We would like show you an example about the testing topology:

Here are the configurations:

[IGS-6325-16T4S]

1. Go to the “Aggregation Group Configuration” page, add ports 2 and 4 into the Group 1 with LACP (Active) mode,

and add ports 19 and 20 into the Group 2 with LACP (Active) mode.

2. Go to the “Global VLAN Configuration” page, add VLAN 10 for the “Allowed Access VLANs”; set ports 2, 4, 19 and 20 as Trunk ports.

3. Go to the “STP Bridge Configuration” page, and set the Protocol Version as RSTP.

4. Go to the “STP CIST Port Configuration” page, and set the STP of ports 2, 4, 19 and 20 as enabled.

5. Save the configuration.

[IGS-6325-20T4C4X]

1. Go to the “Aggregation Group Configuration” page, add ports 2 and 4 into the Group 1 with LACP (Passive) mode,

and add ports 22 and 24 into the Group 2 with LACP (Passive) mode.

2. Go to the “Global VLAN Configuration” page, add VLAN 10 for the “Allowed Access VLANs”, and set ports 2, 4, 22 and 24 as Trunk ports.

3. Go to the “STP Bridge Configuration” page, and set the Protocol Version as RSTP.

4. Go to the “STP CIST Port Configuration” page, and set the STP of ports 2, 4, 22 and 24 as enabled.

5. Save the configuration.

6. Done.

Now the RSTP function works on LACP and VLAN trunk port of two switches.

» Link

Q :

[GS-5220, IGS-5225, IGS-6325 series] How to configure the Loop Protection feature.

A :

The Loop Protection feature offers real-time protection against network loops.

For instance, if the Edge switch’s Loop Protection feature is enabled, when the Access switch has loop issue,

the Loop Protection will stop the traffic to prevent the broadcast storm. The application is shown below:

Here is a Loop Protection example where the steps are shown below:

1. Set the Global Configuration as Enabled.

2. Select the port which you want to enable the Loop Protection feature.

3. Set the Action as Shutdown Port to stop the traffic.

4. Set the Tx mode as Enabled to allow the port actively generates loop protection PDUs.

» Link

Q :

[GS-5220,IGS-5225,IGS-6325 series] How to allow or block some IP address connect to switch via ACL feature.

A :

Here is an ACL example, shown below:

● Port 1 only accepts 192.168.0.6 and deny the other IP address.

● Port 3 only accepts 192.168.0.66 and deny the other IP address.

Step 1 : Connect your laptop to any port of the switch except ports 1 and 3, then log in to the web management.

Go to the ACL Configuration page following the path: Security → ACL Configuration.

Step 2 : Click the “+” icon to add a rule.

Step 3 : Please refer the picture below to set the Ingress Port as “Port 1”, set the Frame Type as “IPv4”, set the Action as “Permit”,

and set the SIP Filter as “192.168.0.6”. Click the “Apply” button.

Step 4 : Click the button “+” icon to add a rule.

Step 5 : Please refer the picture below to set the Ingress Port as “Port 1”, set the Frame Type as “IPv4”, set the Action as “Deny”,

and set the SIP Filter as “Any”. Click the “Apply” button.

Step 6 : Click the top “+” icon to add a rule.

Step 7 : Please refer to the picture below to set the Ingress Port as “Port 3”, set the Frame Type as “IPv4”, set the Action as “Permit”,

and set the SIP Filter as “192.168.0.66”. Click the “Apply” button.

Step 8 : Here we will add the “Deny” rule for port 3, note that the “Deny” rule must be under the “Permit” rule of port 3.

Please refer to the picture below to click the top “+” icon of the “Permit” rule of port 1 to add a rule.

Step 9 : Please refer to the picture below to set the Ingress Port as “Port 3”, set the Action as “Deny”, and set the SIP Filter as “Any”.

Click the “Apply” button.

Step 10 : All rules are done. The result is shown below:

Thus, the switch can support the goals:

● Port 1 only accepts 192.168.0.6 and deny the other IP address.

● Port 3 only accepts 192.168.0.66 and deny the other IP address.

» Link

Q :

[GS-5220,IGS-5225,IGS-6325 series] I'm trying to set up SNMPv3 on our Planet switches but I keep getting authorization errors while testing the connection. How to fix it.

A :

Here are the steps:

1. Set the SNMP as enabled.

2. Go to the “SNMPv3 Community Configuration” page, and click the “Add New Entry” button to add your community name.

3. Go to the “SNMPv3 Users” page, and click the “Add New Entry” button to add new user.

4. Go to the “SNMPv3 Groups” page, and click the “Add New Entry” button to add the Group of v3.

5. Go to the “SNMPv3 Accesses” page, and click the “Add New Entry” button to set the security level for the new group of v3.

6. Save the configuration.

» Link

Q :

[GS-4210, IGS-4215, WGS-4215 series] How to configure the IGMP Snooping function.

A :

Please follow the steps to enable IGMP Snooping feature. The example is for IGMP Snooping (v2) within VLAN1.

1. Enabling the IGMP Snooping.

Click Switching Ò IGMP Snooping Ò IGMP Setting

2. Configuring the IGMP Snooping Table.

On the same page, click the “Edit” button shown in the IGMP Snooping Table.

Set the IGMP Snooping Status and Immediate Leave to enable, and click the “Submit” button.

3. Configuring the IGMP Querier Setting.

Click Switching Ò IGMP Snooping Ò IGMP Querier Setting

Select VLAN 1, set the Querier State to enable, set the Querier Version to v2, and click the “Apply” button.

4. The IGMP Querier Status is shown below. The Querier IP should be this switch’s VLAN 1 IP.

5. Please save the running-configuration to startup-configuration.

Click the “Save Configuration” icon to save running-configuration.

6. Done.

» Link

Q :

[GS-5220, IGS-5225, IGS-6325, IGS-10020 series] How to make the switch send an SNMP Trap when one of the power inputs is disconnected.

A :

1. Enabling the SNMP System.

Click System Ò SNMP Ò System configuration

2. Configuring the Trap Destination.

Click System Ò SNMP Ò SNMP Trap configuration Ò Add New Entry

Set the SNMP v2c first, then set the Trap Destination Address as the SNMP Trap server’s IP address,

and set the Trap Destination Port to match the SNMP Trap server’s port.

3. Configuring the Fault Alarm.

Click System Ò Management Ò Fault Alarm

Set the Fault alarm to Enable, set the Record to SNMP trap, set the Event to Power Fail with both DC1 and DC2.

4. Please save the running-configuration to startup-configuration.

» Link

FAQs

Product Category

Keyword

FAQ Subject