FAQs


Product Category
Keyword
A :

In order to block all traffic from a certain MAC address, the Ethernet type and ARP of ACE rules must be set at the same time.

Here is an ACL example for MAC address:

Goal: Blocking the traffic with Source MAC address 00-05-1b-33-44-ed.

Step 1: Go to the ACE Configuration following the path: Security → Access Control List → ACL Configuration.

              

Step 2: Add an Ethernet type of ACE rule:

         1. Set the Ingress Port as All, set the Frame Type as Ethernet Type.

         2. Set the SMAC Filter as Specific, input the SMAC Value, and set the DMAC Filter as Any.

         3. Set the EtherType Filter as Any.

         4. Set the Action as Deny. 

         

Step 3: Add an ARP of ACE rule:

         1. Set the Ingress Port as All, set the Frame Type as ARP.

         2. Set the SMAC Filter as Specific, input the SMAC Value, set the DMAC Filter as Any.

         3. Set the ARP Parameters as Any.

         4. Set the Action as Deny. 

        

Step 4: Additionally, we recommend to set the ARP Inspection as disabled and clear the ARP table on the switch and PC.

             

            

Thus, the switch can support the goal: Blocking the traffic with Source MAC address 00-05-1b-33-44-ed.

A :

We would like show you an example about the testing topology:

 

Here are the configurations:

[IGS-6325-16T4S]

1. Go to the Aggregation Group Configuration page, add ports 2 and 4 into the Group 1 with LACP (Active) mode,

    and add ports 19 and 20 into the Group 2 with LACP (Active) mode.

 

2. Go to the Global VLAN Configuration page, add VLAN 10 for the “Allowed Access VLANs”; set ports 2, 4, 19 and 20 as Trunk ports.

 

3. Go to the STP Bridge Configuration page, and set the Protocol Version as RSTP.

  

4. Go to the STP CIST Port Configuration page, and set the STP of ports 2, 4, 19 and 20 as enabled.

  

5. Save the configuration. 

 

[IGS-6325-20T4C4X]

1.  Go to the Aggregation Group Configuration page, add ports 2 and 4 into the Group 1 with LACP (Passive) mode,

     and add ports 22 and 24 into the Group 2 with LACP (Passive) mode.

2.  Go to the Global VLAN Configuration page, add VLAN 10 for the “Allowed Access VLANs”, and set ports 2, 4, 22 and 24 as Trunk ports. 

 

3. Go to the STP Bridge Configuration page, and set the Protocol Version as RSTP.

 

4. Go to the STP CIST Port Configuration page, and set the STP of ports 2, 4, 22 and 24 as enabled.

 

5. Save the configuration. 

 

6. Done.

    Now the RSTP function works on LACP and VLAN trunk port of two switches. 

A :

The Loop Protection feature offers real-time protection against network loops.

For instance, if the Edge switch’s Loop Protection feature is enabled, when the Access switch has loop issue,

the Loop Protection will stop the traffic to prevent the broadcast storm. The application is shown below:

 

Here is a Loop Protection example where the steps are shown below:

1.  Set the Global Configuration as Enabled.

2.  Select the port which you want to enable the Loop Protection feature.

3. Set the Action as Shutdown Port to stop the traffic.

4. Set the Tx mode as Enabled to allow the port actively generates loop protection PDUs.

A :

Here is an ACL example, shown below: 

● Port 1 only accepts 192.168.0.6 and deny the other IP address. 

● Port 3 only accepts 192.168.0.66 and deny the other IP address.

Step 1 : Connect your laptop to any port of the switch except ports 1 and 3, then log in to the web management.

              Go to the ACL Configuration page following the path: Security → ACL Configuration. 

 

Step 2 : Click the “+” icon to add a rule. 

 

Step 3 : Please refer the picture below to set the Ingress Port as “Port 1”, set the Frame Type as “IPv4”, set the Action as “Permit”,

                and set the SIP Filter as “192.168.0.6”.  Click the “Apply” button. 

 

Step 4 : Click the button “+” icon to add a rule.

 

Step 5 : Please refer the picture below to set the Ingress Port as “Port 1”, set the Frame Type as “IPv4”, set the Action as “Deny”,

               and set the SIP Filter as “Any”.  Click the “Apply” button.

 

Step 6 : Click the top “+” icon to add a rule.

 

Step 7 : Please refer to the picture below to set the Ingress Port as “Port 3”, set the Frame Type as “IPv4”, set the Action as “Permit”,

                and set the SIP Filter as “192.168.0.66”.  Click the “Apply” button. 

 

Step 8 : Here we will add the “Deny” rule for port 3, note that the “Deny” rule must be under the “Permit” rule of port 3.

                Please refer to the picture below to click the top “+” icon of the “Permit” rule of port 1 to add a rule.

 

Step 9 : Please refer to the picture below to set the Ingress Port as “Port 3”, set the Action as “Deny”, and set the SIP Filter as “Any”.

                Click the “Apply” button. 

 

Step 10 : All rules are done. The result is shown below: 

 

Thus, the switch can support the goals: 

● Port 1 only accepts 192.168.0.6 and deny the other IP address. 

● Port 3 only accepts 192.168.0.66 and deny the other IP address.

A :

Here are the steps: 

1. Set the SNMP as enabled.

 

2. Go to the “SNMPv3 Community Configuration” page, and click the “Add New Entry” button to add your community name.

 

3. Go to the “SNMPv3 Users” page, and click the “Add New Entry” button to add new user. 

 

4. Go to the “SNMPv3 Groups” page, and click the “Add New Entry” button to add the Group of v3.

 

5. Go to the “SNMPv3 Accesses” page, and click the “Add New Entry” button to set the security level for the new group of v3.

 

6. Save the configuration.

A :

Please follow the steps to enable IGMP Snooping feature. The example is for IGMP Snooping (v2) within VLAN1. 

1. Enabling the IGMP Snooping.

    Click Switching Ò IGMP Snooping Ò IGMP Setting

    

2. Configuring the IGMP Snooping Table.

    On the same page, click the “Edit” button shown in the IGMP Snooping Table.

    

Set the IGMP Snooping Status and Immediate Leave to enable, and click the “Submit” button.

3. Configuring the IGMP Querier Setting.

    Click Switching Ò IGMP Snooping Ò IGMP Querier Setting

    Select VLAN 1, set the Querier State to enable, set the Querier Version to v2, and click the “Apply” button.

    

4. The IGMP Querier Status is shown below. The Querier IP should be this switch’s VLAN 1 IP.

    

5. Please save the running-configuration to startup-configuration.

    Click the “Save Configuration” icon to save running-configuration. 

    

6. Done.

A :

1. Enabling the SNMP System.

    Click System Ò SNMP Ò System configuration

    

2. Configuring the Trap Destination.

    Click System Ò SNMP Ò SNMP Trap configuration Ò Add New Entry

    Set the SNMP v2c first, then set the Trap Destination Address as the SNMP Trap server’s IP address,

    and set the Trap Destination Port to match the SNMP Trap server’s port.

   

3. Configuring the Fault Alarm.

    Click System Ò Management Ò Fault Alarm

    Set the Fault alarm to Enable, set the Record to SNMP trap, set the Event to Power Fail with both DC1 and DC2.

 

4. Please save the running-configuration to startup-configuration.

    

Contact Us