WSG24POE - Admin Guide - English

The line of Wildix network switches WSGxxPOE is going EOL after the current stock is over.

You can check the availability of items remaining in stock on WMP.

This manual explains how to log in and to configure WSG24POE via administrator web interface of the switch.

Version created: June 2016

Version updated: June 2018

Permalink: https://wildix.atlassian.net/wiki/x/jQrOAQ


On this page:

Initial connection  

Turn on the switch

Before powering on the switch, make sure the voltage is correct. The power supply socket is situated on the back panel of the switch.

Plug the power supply into the switch: the power indicator on the front panel must turn on.

LED indicators and ports description

Front panel:



Ports description:

  • 10/100/1000Mbps RJ45 ports (1-24): connect devices with 10 / 100 / 1000Mbps bandwidth.

  • SFP ports (SFP1, SFP2): install SFP module and connect devices with 1000Mbps bandwidth.

  • Console port (Console): connect a serial port of PC / terminal for monitoring and configuring the Switch.

  • Reset button (Reset): (device is connected to power supply) press and hold the button for about 5 sec.


LEDs description:

LED

Color

Status

Description

PWR

Green

ON

Power is supplied

OFF

No power

Link / Act / Speed

(1-24)

Orange (10/100Mbps)

ON

A valid link is established

OFF

No link is established

Green (1000Mbps)

Blinking

Data packets are received or transmitted

Link / Act / Speed (SFP1,2)

Green

ON

A valid link is established

OFF

No link is established

Blinking

Data packets are received or transmitted

PoE (1-24)

Yellow

ON

A PoE PD (Powered Device) is connected to the port

OFF

No PD is connected to the port

Blinking

The PoE power circuit may be in short or the power current may be overloaded.

Access web interface

The default settings of the Switch:

  • Default IP address: 192.168.2.1

  • Default user name: admin

  • Default password: admin

(PC must be in the same network as the switch: 192.168.2.xxx)

Connection of devices

Connect devices to the ports of the Switch using a network cable (check the datasheet for more information). 1-24 ports have power supply function (see the datasheet for the max power output)

How to configure Voice and Data Vlans

Firmware version: V103SP6D180529 and Firmware version: V103SP7D230713

Upgrade the switch

  1. Download the firmware from Google Drive: https://drive.google.com/drive/folders/1KSkyO5Plf8DckvhH3dENsJ8MDDJ8uxcI or the latest version of firmware https://drive.google.com/file/d/1jiA3Md2Wob2wBB7vltMWPujFu5plR_er/view?usp=sharing
    Access the web interface of the switch, Menu System-> System Update to upgrade the switch
  2. After the upgrade to this version the switch must be reset: press and hold the Reset button for about 5 sec.

Connection Scenario

  • Phones and PCs are connected to the switch
  • LAN port of the PBX is connected to the switch (WAN port of the PBX is connected to WAN switch, for external access)
  • Phones and Wildix devices as well as LAN PBX port get the IP from the Switch, in our example, from the pool 192.168.1/24
  • PCs get IP from the external DHCP server, reachable by the switch via port 1, in our example, 192.168.133.91

Create new VLAN ID

  1. Go to VLAN Management → Vlan Config → Vlan Settings
  2. You have Vlan 1 created by default in this menu
  3. Create Vlan 2 and enable it for all the ports excluding the port that you used to connect the switch to PC

Create Voice VLAN

  1. Go to VLAN Management → Voice Vlan → Voice VLAN Config
  2. Set the flag for Voice VLAN Enable and set Voice VLAN ID
  3. Go to the tab Voice VLAN Port Config and enable VLAN on ports all the ports excluding the one you used to connect your PC 
  4. Disable VLAN on the port on which the external DCHP server is supposed to be reachable (port 1 in our example)



Configure the Management VLAN

  1. Go to System → Config 
  2. Make sure the switch time settings are correct in System Time section
  3. The Management Vlan is already configured on Vlan1 by default (192.168.2.1)
  4. Press Set Management VLAN
  5. Set:
    • Management VLAN: 2 (Voice VLAN ID)
    • Management IP: 192.168.100.1 (Management IP of the switch on Vlan2)
    • Subnet mask: 255.255.255.0 
    • Default gateway: 0.0.0.0
  6. Press Save

Note: The IP pool of DHCP server running on Vlan2 must be in the same network as the Management IP on Vlan2 (in our example, 192.168.100.0/24), this is why we change the Management IP on Vlan1.


In our example we have also changed Management VLAN1:



Note: after changing Management VLAN 1, you will lose access to the switch and you will have to reconnect using the new IP.

Set Hybrid Ports

  1. Go to VLAN Management → Vlan Config → Hybrid Port Settings 
  2. Remove VLAN TAG: 1-2 for ports 2-26:


Enable DHCP Server

  1. Go to DHCPServer → Dhcp Config and enable the option (move the switch in ON position)
  2. Go to the tab Pool Config to configure the pool of IP addresses released by DHCP server

In our example the Pool ID 2 is associated to Vlan 2 and is used to assign IP addresses from the following range: 192.168.100.1 - 192.168.100.255 (external DHCP server for PC will be connected to port 1):



External DHCP 

To disable Voice VLANs and internal DHCP server, and to enable only the external DHCP to release IP addresses, you have to disable Voice Vlan in Vlan Management → Voice VLAN

To enable external DHCP to release IP addresses to the PC network, we have to enable the Trusted IP port, to which the DHCP server is connected.

Go to Security → Firewall → Dhcp Trusted Port to add the trusted port:


To enable external DHCP server to release IP addresses to the PC network, we have to enable the snooping Vlan on Vlan1, where the DCHP server is connected. 

Go to the tab Other configuration → Dhcp Snooping Vlan and add the Vlan1:


Results

Going back to VLAN Management → Vlan Config menu, you should see the following configuration:


  • Wildix Phones connected to any ports of the Switch receive IP address from Vlan 2 pool
  • PCs connected to Switch ports receive IP from Vlan 1 pool
  • Wildix Phones connected to any ports and PCs connected to PC port of the phone: phone gets IP on Vlan 2, PC gets IP on Vlan 1


Menu description and configuration

Home

The home page displays the following information:

  • Configuration menu (at the bottom)

  • Software and Hardware Versions (on the top)

  • Status of ports

Quickly Set

  • Create a VLAN

  • Add port in VLAN

  • Set the basic information and change the switch login password


Configuration example

Create VLAN:



Add port in VLAN:



Set the basic information:



Change the switch login password (use the IP address set up on the previous step to log in):


PORT Management

Submenus:

  • Basic Config

  • Port Aggregation

  • Port Mirroring

  • Port Limit

  • Storm Control

  • Port Isolation

  • Port Information

Basic Config

Set up:

  • Port Speed

  • Status

  • Duplex Mode

  • Flow Control

  • Cross Type Detection


Configuration example:


Port Aggregation

  • Select Load Balancing method
  • Expand the port bandwidth or achieve the bandwidth of the redundancy backup


Configuration example:

Set the ports 9-10 for aggregation of port 1, the aggregation port 1 can build switch links if connected to another switch aggregation port 1:


Port Mirroring

  • Open port mirror feature

All packets on the source port are copied and forwarded to the destination port, destination port is usually connected to a packet analyzer to analyze the source port, multiple ports can be mirrored to a destination port.


Configuration example

Set a mirror group for port 3 regulatory port 4, 5, 6 on and out flow conditions:



Port Limit

Set up:

  • Input Speed Limit

  • Output Speed Limit

1Mbit/s=1000Kbit/s=1000/8KB/s=125KB/s (The theoretical rate of 1M bandwidth is 125KB/s)


Configuration example

Set up on port 5 input rate - to 6400KB/s, the output rate - to 3200KB/s



Storm Control

  • Set suppression limits


Configuration example

Set up on port 20 broadcast limit is set to 200pps, the multicast limit - to 400pps, the unicast limit - to 350pps.



Port Isolation

  • Isolate port from one or multiple destination ports

All packets on the source port are not forwarded from the isolated port, and one port can be separated from multiple destination ports.

Ports that have been added to the aggregate port aren't also capable of being a destination port and source port. Destination port and source port cannot be the same.


Configuration example

VLAN Management

Manage:

  • Vlan Config
  • Voice VLAN

Vlan Config

Manage:

  • VLAN Settings

  • Access Port Settings

  • Trunk Port Setting

  • Hybrid Port Settings

VLAN settings
  • Create VLANs and set the port to the VLAN (port default state for the access mode)

Default VLAN cannot be deleted. Add ports to access port, port access mode can only be a member of the VLAN.


Screen Shot 2016-03-24 at 12.04.28.png


Configuration example

Create VLAN2:


Screen Shot 2016-03-24 at 12.07.59.png

Trunk-port setting

  • Set port to Trunk port


Configuration example

PVID=VLAN2.
PC1: 192.168.2.122, port 18, access VLAN2.
PC2: 192.168.2.123, port 7, Trunk allowed VLAN 1-2.
PC3: 192.168.2.124, port 6, access VLAN1 (The default port belongs to VLAN1).
Can let the PC2 PING PC1, cannot PING PC3.

Screen Shot 2016-03-24 at 12.12.56.png


Hybrid-port setting

  • Allows to set VLAN tags


Hybrid port receives a packet and checks if there is VLAN tag, and based on it forwards the packet or discards it.

Configuration example

Create VLANs 10, 20, VLAN sets the Native VLAN port 1 to 10, to tag VLAN for 10, 20, sets the Native VLAN port 2 to 20, to tag VLAN for 10, 20.


Screen Shot 2016-03-24 at 12.19.41.png


Screen Shot 2016-03-24 at 12.20.13.png

Fault / Safety

  • Anti Attack

  • Channel Detection

  • ACL

Anti Attack

  • Anti DHCP Attack

  • Anti DOS

  • IP Source Guard

  • Anti Three Bind

Anti DHCP Attack
  • Allows you to select port as a trusted port


Configuration example


Screen Shot 2016-03-24 at 12.33.52.png


Screen Shot 2016-03-24 at 12.34.12.png

Set trusted port and prohibited port:


Screen Shot 2016-03-24 at 12.34.31.png

Screen Shot 2016-03-24 at 12.35.00.png


Verify source MAC address and set server IP address:


Screen Shot 2016-03-24 at 12.35.46.png

Set option82 information:


Screen Shot 2016-03-24 at 12.37.20.png


Set port 7 for binding:

Screen Shot 2016-03-24 at 12.37.58.png


Anti DOS
  • Enable anti DOS attack function to intercept attack packets and illegal TCP packets


Screen Shot 2016-03-24 at 12.41.03.png

IP Source Guard
  • Enable the packet filter control to prevent illegal messages through the port and limit illegal use of network resources


Configuration example

Set port 14 as a secure port

Screen Shot 2016-03-24 at 12.43.14.png


Anti Three Bind
  • Allows to bind IP address and MAC address


Configuration example

Screen Shot 2016-03-24 at 12.47.53.png


Channel Detection

Pint testing
  • Ping a host


Configuration example

Ping IP address of PC connected to the switch


Screen Shot 2016-03-24 at 13.35.53.png


Tracert testing
  • Perform an interface traceroute test


Configuration example

Check an IP address of PC connected to the switch


Screen Shot 2016-03-24 at 13.40.41.png


Cable testing
  • Check connection status of device


Configuration example


Screen Shot 2016-03-24 at 13.42.18.png


ACL

  • Set up ACL rules and their priority


Configuration example

Set the timetable for your ACL rule:


Screen Shot 2016-03-24 at 13.45.30.png


Create ACL rules:


Screen Shot 2016-03-24 at 13.46.12.png


Screen Shot 2016-03-24 at 13.47.35.png

Apply ACL to ports:


Screen Shot 2016-03-24 at 13.48.02.png

PoE

  • PoE Config

  • PoE Port Config

PoE Config

To receive trap notices, SNMP must be open and the Trap must be set to the target host.

Senior management
  • View PoE state information

  • Change the configuration


Configuration example

Alarm power set to 245W, reserved power to 15%, open the supply mode and the alarm power.


Screen Shot 2016-03-24 at 13.54.34.png


Temperature distribution
  • Set up the alarm threshold


Configuration example

1 warning threshold is set to 80 chip, chip 2 warning threshold is set to 100, chip 3 alarm threshold is set to 120:


Screen Shot 2016-03-24 at 14.01.11.png

PoE port config

  • PoE port configuration: enable / disable, set port priority, set up detection mode and max power


Configuration example

Set port 8 to active, set the maximum power to 23W, detection mode for AF, set high priority.


Screen Shot 2016-03-24 at 15.03.30.png


MSTP

  • Mstp Region

  • Mstp Bridge


MSTP Region

  • Modify the domain name

  • Map instance to VLAN


Configuration example

Change the region to DEADBEEF0102, region name is 123, instance 4 is mapped to a VLAN 2:


Screen Shot 2016-03-24 at 15.07.48.png

MSTP Bridge

  • Enable STP bridge function, set up bridge priority


(hello_time+1)×2<=max_age<=(f_delay-1)×2, enable the switch to set instance priority.



Screen Shot 2016-03-24 at 15.13.22.png


Configuration example

Enable STP bridge function (set “Enable” to “on”) and create an instance of the priority, set up time parameters, set up pattern to “mstp”:


Screen Shot 2016-03-24 at 15.20.55.png


Select the created instance and set the priority for the selected port (ports):


Screen Shot 2016-03-24 at 15.21.47.png


DHCP Relay

  • DHCP Relay

  • Option82

DHCP Relay

  • Enable DHCP relay function

  • Set up the IP address of relay server and the status


DCHP server and switches must be in the same network segment.

Configuration example

Set up DHCP server IP and view the status:


Screen Shot 2016-03-29 at 15.24.29.png


Option82

  • Set option82 circuit control, remote proxy, IP address


Configuration example


Screen Shot 2016-03-29 at 15.33.43.png


QOS

  • Remark

  • Queue config

  • Mapping the queue


Remark

Allows mapping different packages to different COS, according to different matching rules and then map different packages to different queues and set up priority value.

Configuration example

Destination address for 00:01:23:09:35:36 are forwarded to ports 3, 4, 5, 6, priority is set up to “3”


Screen Shot 2016-03-29 at 15.44.35.png


Queue config

  • Set up queue scheduling policy


RR round-robin scheduling

SP absolute priority scheduling

WRR weighted round-robin scheduling

WFQ weighted fair scheduling


Configuration example

Screen Shot 2016-03-29 at 16.09.43.png


Mapping the queue

  • Service class to queue mapping

  • Differential service to service class mapping

  • Port to service class mapping


Service class queue mapping
  • Map service category to queues


Configuration example

Map Cos 3 to queue 7, set the queue weight 7 to 10


Screen Shot 2016-06-27 at 18.40.53.png


Differential service class mapping
  • Map services to service categories


Cos priority is greater than the DSCP, DSCP priority is greater than the port.

Configuration example

Map DSCP values 3, 12, 23 to cos 5:


Screen Shot 2016-06-27 at 18.43.07.png


Port to service class mapping
  • Map a port to corresponding service category


Cos priority is greater than the DSCP, DSCP priority is greater than the port.

Configuration example

Map ports 4, 5, 6 to cos4, cos5, cos6 respectively

Screen Shot 2016-03-29 at 17.31.19.png

Address table

  • Mac address add and delete

  • Mac study and Aging

  • Mac address filtering

Mac add and delete

  • Add static Mac and delete Mac

  • View current Mac address table


Configuration example

Set static Mac address:

Screen Shot 2016-03-30 at 10.24.43.png


Delete Mac address:

Screen Shot 2016-03-30 at 10.25.36.png


Mac study and Aging

  • Set Mac address study limit and Mac address aging time


Configuration example

Set ports 5, 6, 7, 8 address study limit 2000:

Screen Shot 2016-06-27 at 18.44.36.png


Set up aging time to 2 minutes:

Screen Shot 2016-03-30 at 10.28.21.png


Mac address filtering

  • Add Mac Address to the filter

It’s impossible to add Multicast Mac Addresses


Configuration example

Screen Shot 2016-06-27 at 18.56.48.png

SNMP Config

  • SNMP Config

  • Rmon Config


SNMP Config

  • Community Config

  • Group Config

  • User Config

  • Trap Config

  • View Config


SNMP Config

Open SNMP:

Screen Shot 2016-06-28 at 13.17.08.png


Community Config
  • Specify the group access (read/write)

Max number of groups is 8.


Configuration example

Screen Shot 2016-06-28 at 15.56.32.png


View Config
  • Set the view rules to allow or disable access to some MIB objects


Configuration example


Screen Shot 2016-06-28 at 16.35.33.png


Group Config

First add a new View rule list via “View Config” menu, then add a new group in “Group Config”.

Configuration example


Screen Shot 2016-06-28 at 16.32.10.png


User Config

First add a new Group in “Group Config” menu, then add a new user in “User Config”

Configuration example


Screen Shot 2016-06-28 at 17.26.08.png


Trap Config

Configure SNMP trap hosts to receive messages.

Configuration example

Screen Shot 2016-06-28 at 17.48.35.png


Rmon Config

  • Statistics Group

  • History Group

  • Alarm Group

  • Event Group


Statistics Group
  • Set Ethernet interface statistics


Configuration example

Screen Shot 2016-06-28 at 18.13.19.png


History Group

  • Record the history of Ethernet interface information


Configuration example


Screen Shot 2016-06-28 at 18.17.59.png

Event Group

  • Create event group

When the event is triggered, the system sends the trap message and / or writes to the log


Configuration example

Screen Shot 2016-06-28 at 18.26.18.png

Alarm Group

  • Define alarm groups and specify the types of alarms


Configuration example


Screen Shot 2016-06-28 at 18.30.03.png

System

  • System Config

  • System Update

  • Config Management

  • Config Save

  • Administrator Privileges

  • Debug Log


System config

  • System settings

  • System restart

  • Password change

  • Ssh login

  • Telnet login

  • System log


System settings

Configuration example

(First create VLAN 2 in VLAN > VLAN Config:)


Screen Shot 2016-06-29 at 10.17.53.png


Screen Shot 2016-06-29 at 10.18.25.png


Screen Shot 2016-06-29 at 10.18.55.png


Screen Shot 2016-06-29 at 10.19.41.png


System restart

Click “Restart”, the process can take up to one minute. The page is automatically refreshed after the switch is restarted.


Screen Shot 2016-06-29 at 10.20.56.png


Password change

Example:


Screen Shot 2016-06-29 at 10.24.36.png


SSH login

  • Open SSH access


Screen Shot 2016-06-29 at 10.25.37.png

Telnet login

  • Open Telnet access


Screen Shot 2016-06-29 at 10.26.49.png


System log

  • Set up the syslog server and log level

  • View the logs


Configuration example


Screen Shot 2016-06-29 at 10.27.58.png


Screen Shot 2016-06-29 at 10.28.03.png

System update

This menu allows you to upload the new version. Before proceeding with the upgrade, make sure that the Switch model is correct.

During the upgrade, the web page might become temporarily unavailable, please do not power off or restart the Switch.

When the upgrade procedure is over, the prompt is shown on the web