Cisco Sg3008 Manual
Have a look at the manual Cisco Sg3008 Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Administration: Time Settings Configuring System Time 78 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 6 •IPv4 Source Interface—Select the IPv4 interface whose IPv4 address will be used as the source IPv4 address in messages used for communication with the SNTP server. •IPv6 Source Interface—Select the IPv6 interface whose IPv6 address will be used as the source IPv6 address in messages used for communication with the SNTP server. NOTEIf the Auto option is selected, the system takes the source IP address from the IP address defined on the outgoing interface. This page displays the following information for each Unicast SNTP server: •SNTP Server—SNTP server IP address. The preferred server, or hostname, is chosen according to its stratum level. •Poll Interval—Displays whether polling is enabled or disabled. •Authentication Key ID—Key Identification used to communicate between the SNTP server and device. •Stratum Level—Distance from the reference clock expressed as a numerical value. An SNTP server cannot be the primary server (stratum level 1) unless polling interval is enabled. •Status—SNTP server status. The possible values are: -Up—SNTP server is currently operating normally. -Down—SNTP server is currently not available. -Unknown—SNTP server is currently being searched for by the device. - In Process—Occurs when the SNTP server has not fully trusted its own time server (i.e. when first booting up the SNTP server). •Last Response—Date and time of the last time a response was received from this SNTP server. •Offset—The estimated offset of the servers clock relative to the local clock, in milliseconds. The host determines the value of this offset using the algorithm described in RFC 2030. •Delay—The estimated round-trip delay of the servers clock relative to the local clock over the network path between them, in milliseconds. The host determines the value of this delay using the algorithm described in RFC 2030.
Administration: Time Settings Configuring System Time Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 79 6 •Source—How SNTP server was defined, for example: manually or from DHCPv6 server. •Interface—Interface on which packets are received. STEP 3To add a Unicast SNTP server, enable SNTP Client Unicast. STEP 4Click Add. STEP 5Enter the following parameters: •Server Definition—Select if the SNTP server is going to be identified by its IP address or if you are going to select a well-known SNTP server by name from the list. NOTETo specify a well-known SNTP server, the device must be connected to the Internet and configured with a DNS server or configured so that a DNS server is identified by using DHCP. (See DNS Settings) •IP Version—Select the version of the IP address: Version 6 or Version 4. •IPv6 Address Type—Select the IPv6 address type (if IPv6 is used). The options are -Link Local—The IPv6 address uniquely identifies hosts on a single network link. A link local address has a prefix of FE80, is not routable, and can be used for communication only on the local network. Only one link local address is supported. If a link local address exists on the interface, this entry replaces the address in the configuration. -Global—The IPv6 address is a global Unicast IPV6 type that is visible and reachable from other networks. •Link Local Interface—Select the link local interface (if IPv6 Address Type Link Local is selected) from the list. •SNTP Server IP Address—Enter the SNTP server IP address. The format depends on which address type was selected. •SNTP Server—Select the name of the SNTP server from a list of well-known NTP servers. If other is chosen, enter name of SNTP server in the adjacent field. •Poll Interval—Select to enable polling of the SNTP server for system time information. All NTP servers that are registered for polling are polled, and the clock is selected from the server with the lowest stratum level (distance from the reference clock) that is reachable. The server with the lowest stratum is considered to be the primary server. The server with the next lowest stratum
Administration: Time Settings Configuring System Time 80 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 6 is a secondary server, and so forth. If the primary server is down, the device polls all servers with the polling setting enabled, and selects a new primary server with the lowest stratum. •Authentication—Select the check box to enable authentication. •Authentication Key ID—If authentication is enabled, select the value of the key ID. (Create the authentication keys using the SNTP Authentication page.) STEP 6Click Apply. The STNP server is added, and you are returned to the main page. Configuring the SNTP Mode The device can be in active and/or passive mode (see SNTP Modes for more information). To enable receiving SNTP packets from all servers on the subnet and/or to enable transmitting time requests to SNTP servers: STEP 1Click Administration > Time Settings > SNTP Multicast/Anycast. STEP 2Select from the following options: •SNTP IPv4 Multicast Client Mode (Client Broadcast Reception)—Select to receive system time IPv4 Multicast transmissions from any SNTP server on the subnet. •SNTP IPv6 Multicast Client Mode (Client Broadcast Reception)—Select to receive system time IPv6 Multicast transmissions from any SNTP server on the subnet. •SNTP IPv4 Anycast Client Mode (Client Broadcast Transmission)—Select to transmit SNTP IPv4 synchronization packets requesting system time information. The packets are transmitted to all SNTP servers on the subnet. •SNTP IPv6 Anycast Client Mode (Client Broadcast Transmission)—Select to transmit SNTP IPv6 synchronization packets requesting system time information. The packets are transmitted to all SNTP servers on the subnet. STEP 3If the system is in Layer 3 system mode, click Add to select the interface for SNTP reception/transmission.
Administration: Time Settings Configuring System Time Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 81 6 Select an interface and select the reception/transmission options. STEP 4Click Apply to save the settings to the Running Configuration file. Defining SNTP Authentication SNTP clients can authenticate responses by using HMAC-MD5. An SNTP server is associated with a key, which is used as input together with the response itself to the MD5 function; the result of the MD5 is also included in the response packet. The SNTP Authentication page enables configuration of the authentication keys that are used when communicating with an SNTP server that requires authentication. The authentication key is created on the SNTP server in a separate process that depends on the type of SNTP server you are using. Consult with the SNTP server system administrator for more information. Workflow STEP 1Enable authentication in the SNTP Authentication page. STEP 2Create a key in the SNTP Authentication page. STEP 3Associate this key with an SNTP server in the SNTP Unicast page. To enable SNTP authentication and define keys: STEP 1Click Administration > Time Settings > SNTP Authentication. STEP 2Select SNTP Authentication to support authentication of an SNTP session between the device and an SNTP server. STEP 3Click Apply to update the device. STEP 4Click Add. STEP 5Enter the following parameters: •Authentication Key ID—Enter the number used to identify this SNTP authentication key internally.
Administration: Time Settings Configuring System Time 82 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 6 •Authentication Key—Enter the key used for authentication (up to eight characters). The SNTP server must send this key for the device to synchronize to it. •Trusted Key—Select to enable the device to receive synchronization information only from a SNTP server by using this authentication key. STEP 6Click Apply. The SNTP Authentication parameters are written to the Running Configuration file. Time Range Time ranges can be defined and associated with the following types of commands, so that they are applied only during that time range: •ACLs •8021X Port Authentication •Por t Stat •Ti m e - B a s e d P o E There are two types of time ranges: •Absolute —This type of time range begins on a specific date or immediately and ends on a specific date or extends infinitely. It is created in the Time Range pages. A recurring element can be added to it. •Recurring — This type of time range contains a time range element that is added to an absolute range, and begins and ends on a recurring basis. It is defined in the Recurring Range pages. If a time range includes both absolute and recurring ranges, the process associated with it is activated only if both absolute start time and the recurring time range have been reached. The process is deactivated when either of the time ranges is reached. The device supports a maximum of 10 absolute time ranges. All time specifications are interpreted as local time (Daylight Saving Time does not affect this).To ensure that the time range entries take effect at the desired times, the system time must be set. The time-range feature can be used for the following: •Limit access of computers to the network during business hours (for example), after which the network ports are locked, and access to the rest
Administration: Time Settings Configuring System Time Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 83 6 of the network is blocked (see Chapter 9, “Configuring Ports” and Chapter 9, “Configuring LAG Settings”) •Limit PoE operation to a specified period. Absolute Time Range To define an absolute time range: STEP 1Click Administration > Ti m e S e t t i n g s > Ti m e Range. The existing time ranges are displayed. STEP 2To add a new time range, click Add. STEP 3Enter the following fields: •Time Range Name—Enter a new time range name. •Absolute Starting Time—To define the start time, enter the following: -Immediate—Select for the time range to start immediately. -Date, Time—Enter the date and time that the Time Range begins. •Absolute Ending Time—To define the start time, enter the following: -Infinite—Select for the time range to never end. -Date, Time—Enter the date and time that the Time Range ends. STEP 4To add a recurring time range, click Recurring Range. Recurring Time Range A recurring time element can be added to an absolute time range. This limits the operation to certain time periods within the absolute range. To add a recurring time range element to an absolute time range: STEP 1Click Administration > Ti m e S e t t i n g s > Recurring Range. The existing recurring time ranges are displayed (filtered per a specific, absolute time range.) STEP 2Select the absolute time range to which to add the recurring range.
Administration: Time Settings Configuring System Time 84 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 6 STEP 3To add a new recurring time range, click Add. STEP 4Enter the following fields: •Recurring Starting Time—Enter the date and time that the Time Range begins on a recurring basis. Recurring Ending Time—Enter the date and time that the Time Range ends on a recurring basis.
7 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 85 Administration: Diagnostics This section contains information for configuring port mirroring, running cable tests, and viewing device operational information. It covers the following topics: •Testing Copper Ports •Displaying Optical Module Status •Configuring Port and VLAN Mirroring •Viewing CPU Utilization and Secure Core Technology Testing Copper Ports The Copper Test page displays the results of integrated cable tests performed on copper cables by the Virtual Cable Tester (VCT). VCT performs two types of tests: •Time Domain Reflectometry (TDR) technology tests the quality and characteristics of a copper cable attached to a port. Cables of up to 140 meters long can be tested. These results are displayed in the Test Results block of the Copper Test page. •DSP-based tests are performed on active GE links to measure cable length. These results are displayed in the Advanced Information block of the Copper Test page. Preconditions to Running the Copper Por t Test Before running the test, do the following: •(Mandatory) Disable Short Reach mode (see the Port Management > Green Ethernet > Properties page)
Administration: Diagnostics Te s t i n g C o p p e r P o r t s 86 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 7 •(Optional) Disable EEE (see the Port Management > Green Ethernet > Properties page) Use a CAT5 data cable when testing cables using (VCT). Accuracy of the test results can have an error range of +/- 10 for Advanced Testing and +/- 2 for basic testing. ! CAUTIONWhen a port is tested, it is set to the Down state and communications are interrupted. After the test, the port returns to the Up state. It is not recommended that you run the copper port test on a port you are using to run the web-based switch configuration utility, because communications with that device are disrupted. To test copper cables attached to ports: STEP 1Click Administration > Diagnostics > Copper Test. STEP 2Select the port on which to run the test. STEP 3Click Copper Test. STEP 4When the message appears, click OK to confirm that the link can go down or Cancel to abort the test. The following fields are displayed in the Test Results block: •Last Update—Time of the last test conducted on the port. •Test Results—Cable test results. Possible values are: -OK—Cable passed the test. -No Cable—Cable is not connected to the port. -Open Cable—Cable is connected on only one side. -Shor t Cable—Short circuit has occurred in the cable. -Unknown Test Result—Error has occurred. •Distance to Fault—Distance from the port to the location on the cable where the fault was discovered. •Operational Port Status—Displays whether port is up or down.
Administration: Diagnostics Displaying Optical Module Status Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 87 7 If the por t being tested is a Giga por t , the Advanced Information block contains the following information, which is refreshed each time you enter the page: •Cable Length: Provides an estimate for the length. •Pair—Cable wire pair being tested. •Status—Wire pair status. Red indicates fault and Green indicates status OK. •Channel—Cable channel indicating whether the wires are straight or cross- over. •Polarity—Indicates if automatic polarity detection and correction has been activated for the wire pair. •Pair Skew—Difference in delay between wire pairs. NOTETDR tests cannot be performed when the port speed is 10Mbit/Sec. Displaying Optical Module Status The Optical Module Status page displays the operating conditions reported by the SFP (Small Form-factor Pluggable) transceiver. Some information might not be available for SFPs that do not support the digital diagnostic monitoring standard SFF-8472. MSA-compatible SFPs The following FE SFP (100Mbps) transceivers are supported: •MFEBX1: 100BASE-BX-20U SFP transceiver for single-mode fiber, 1310 nm wavelength, supports up to 20 km. •MFEFX1: 100BASE-FX SFP transceiver, for multimode fiber, 1310 nm wavelength, supports up to 2 km. •MFELX1: 100BASE-LX SFP transceiver, for single-mode fiber, 1310 nm wavelength, supports up to 10 km. The following GE SFP (1000Mbps) transceivers are supported: •MGBBX1: 1000BASE-BX-20U SFP transceiver, for single-mode fiber, 1310 nm wavelength, supports up to 40 km.