Quick Start Guide HES7000 Fully Managed All-Gigabit, Secure Ethernet Switch Revision 3.0.0 July 31, 2015
NOTICE GDI Communications ( ) retains the right to make changes to its products or specifications to improve performance, reliability or manufacturability. All information in this document, including descriptions of features, functions, performance, technical specifications and availability, is subject to change without notice at any time. While the information furnished herein is held to be accurate and reliable, no responsibility will be assumed by for any loss due to its use. Furthermore, the information contained herein does not convey to the purchaser of Ethernet Switch devices any license under the patent right of any manufacturer. products are not intended for use in life support products where failure of an product could reasonably be expected to result in death or personal injury. Anyone using a product in such an application without express written consent of an officer of GDI Communications LLC does so at their own risk, and agrees to fully indemnify for any damages that may result from such use or sale. Safety of Laser Products, IEC 60825. While products support IEC 60825, use of products does not ensure compliance to IEC 60825. Buyers are responsible for ensuring compliance to IEC 60825. Buyers must fully indemnify for any damages resulting from non-compliance to IEC 60825.
TERMS OF USE The information provided by GDI Communications ( ) in this document pursuant to these terms ( Agreement ) is intended for instructive purposes only. IN NO EVENT SHALL GDI COMMUNICATIONS LLC BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, OR OTHER PECUNIARY LOSS) ARISING OUT OF USE OR INABILITY TO USE THE CLI EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. This Agreement is governed by the laws of the State of Nevada, without regard to principles of conflicts of laws. Each provision of this Agreement is severable. If a provision is found to be unenforceable, this finding does not affect the enforceability of the remaining provisions of this Agreement. This Agreement is binding on successors and assigns. By accessing the information contained in or referenced by this document, you acknowledge that You have read this Agreement, that you understand it, that you agree to be bound by its terms, and that this is the complete and exclusive statement of the Agreement between you and regarding the information and ICLI.
, 2015
Index Section 1: Section 2: Section 3: Appendix A: Appendix B: Introduction Command Line Interface (CLI) Web Interface Specifications CLI Commands
Section 1: Introduction The GDI HES7000 Series of Ethernet switches were designed with the demands of the Traffic and ITS markets in mind. The GDI Ethernet switch line is designed to be installed in either an air-conditioned office or in a cabinet located on the corner of an intersection or beside the highway. The GDI HES7000 Series of Ethernet switches are industrially hardened devices that operate from 34 o C to +74 o C, making them ideal for operation in harsh environments while not sacrificing any features. The GDI HES7000 Ethernet switches provide VLAN and ID tagged VLAN (IEEE802.1Q), IGMP snooping, spanning tree algorithm (IEEE 802.1D), IEEE 802.3 compliant flow control, port prioritization and MAC based trunking. GDI Ethernet switches provide a range of management options for remote installations. Choose from SNMP, Telnet/FTP, and web based management tools. The GDI HES7000 Ethernet switch provides up to 10 ports of connectivity. The switch can be delivered in a variety of configurations. For example, the HES7000 can be configured for ten 10/100/1000BaseTx copper ports or eight 10/100/1000BaseTx copper ports and two 100/1000BaseX SFP fiber optic ports. The HES7000 series switches utilize standard SFP plug-in modules in either multimode or singlemode configurations to provide installation flexibility. Contact the factory for available configurations. The GDI HES7000 is available in several mounting configurations. The HES7000 is available as a shelf mount, wall mount with mounting ears, 19 rack mount or an option for a space saving plug-in to the input file of the cabinet. Management of the GDI HES7000 switch can be accomplished thru the local RS232 port or by an HTTP web based Ethernet Graphical User Interface (GUI).
Section 2: Command Line Interface To use the Command Line Interface: To use the command line interface connect a PC COM port to the RS-232 connector Console Port and activate a terminal program, e.g. Putty, HyperTerminal or TeraTerm under Windows OS. The COM port must be set up to run 8 data bits, 1 stop bit, no parity, 115200 baud and without flow control. To access the icli (Console Port) Interface: To get access to the icli you must login to the properly connected Console Port by entering a user name and password. The default user name is "admin" and the password is an empty string "",. Do not enter a password (Note that the password is configurable). Simply hit the Enter Key on your PC keyboard. You may logout at any time using the exit command. You can get help by pressing "?" to get a list of commands (see Appendix B). The help info depends on the context. To setup DHCP IP Address Mode: To change the IP configuration to DHCP mode in the command line interface and view help commands, refer to the following example: i.e., if a DHCP server is available on the network, use the following case steps to enable DHCP mode: 1) Setup the system name using the commands: # configure terminal (config)# hostname my-switch
2) Enable DHCP client: my-switch(config)# interface vlan 1 my-switch(config-if-vlan)# ip address dhcp my-switch(config-if-vlan)# end To setup Static IP Address Mode: If a DHCP server is not available on the network you can setup a Static IP Address. To change the IP configuration to Static IP in the command line interface, refer to the following example: i.e., use the following case steps to setup a static IP Address: 1) Setup the static IP address using the following commands: my-switch# configure terminal my-switch(config)# interface vlan 1 my-switch(config-if-vlan)# ip address 192.168.1.1 255.255.255.0 my-switch(config-if-vlan)# ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx my-switch(config-if-vlan)# end Where xxx.xxx.xxx.xxx is the next hop gateway To save configuration use the following command # copy running-config startup-config In either case, you may now run a Colasoft utility available at the link below or other means to find the IP Address assigned by the DHCP Server or view the address you assigned statically: http://www.colasoft.com/mac_scanner/index.php?act=download_success&v=free Note that the HES7000 is pre-configured with DHCP enabled and with a fallback IP Address of 192.168.1.1 so these steps are provided for informational purposes and if the configuration needs to be changed or if one cannot determine the IP address to access the Generic User (web) Interface pages.
Section 3: Web Interface To access the web interface, type in the assigned IP address (for example, 192.168.1.1) in a web browser. When prompted for a user name, enter "admin". For password, do not enter anything in the password field box. Simply click the apply tab. You may now browse the Configuration, Monitoring and Maintenance selections in the GUI. Refer to the following HES7000 GUI web interface page for IP Configuration: To save configuration use Maintenance tab. (Maintenance > Configuration > save startup-config) Netmask Cheat Sheet
Appendix A: Specifications Form Factor/Environmental: Size 1.6H x 5.5W x 8.00D Weight 1 lb. Case Material Aluminum, black anodized Mounting wall mount ears (1) Temperature TS-2 1998, Section 2, paragraphs 2.2.7.3, 2.2.7.4, 2.2.7.5, 2.2.7.6 (no fans) Humidity 95% non-condensing Optional: Conformal Coating Vibration TS-2 1998, Section 2, paragraphs 2.2.8.4 Mechanical Shock TS-2 1998, Section 2, paragraphs 2.1.10 Electrical Transients TS-2 1998, Section 2, paragraphs 2.1.6.1, 2.1.6.2, 2.1.7, 2.1.8 Power Requirements: Input voltage 12 VDC; temperature hardened power supply (-40 to 75C) Power Consumption 10 W Critical Alarm Relay Form-C failsafe contact relay: 1A @ 30 VDC (optional) Port Configuration: Copper Ports 8-10/100/100BaseTX ports If fiber ports are not fitted 2 extra copper ports can be fitted Fiber Ports 2 100/1000BaseX ports minimum Supports standard SFP plug-in modules Fiber Connectors ST, SC, FC, LC Fiber Type Multimode - 850 & 1310 nm Singlemode 1310 nm Fiber Distance Multimode 2 km Single Mode 10 & 25 km Typical Link Budget Multimode 17 db Single mode 17 db (10 km) 19 db (25 km) Local Config Port DB9 RS232, HTTP web-base Ethernet Graphical User Interface (GUI) Security: user password to guard against unauthorized configuration SSH/SSL Enable/Disable Ports MAC based Port Security Port Blocking block either TX or RX functionality on per port basis Switch Properties: Switching method: Store & Forward Switching latency: 7 us Switching bandwidth: over 16Gbps MAC Addresses: 8192 MAC address table size: 32kbytes Priority Queues: 4 Frame buffer memory: 4000kbit VLANs: 4096 IGMP multicast groups: 8192 Port rate limiting: 2, 16, 128, 256, 512 kbps, 1, 10, 2, 4, 8, 10, 102Mbps No head of line blocking Broadcast Storm Filtering Port Rate Limiting: limits unicast and multicast traffic Port Based Network Access Control Standard, Multiple and Rapid Spanning Tree Event Logging and Alarms IEEE Compliance: 802.3-10BaseT 802.3u-100BaseTX, 100BaseFX 802.3x-Flow Control 802.3z-1000BaseLX 802.3ab-1000BaseTX 802.3ad-Link Aggregation 802.1d-MAC Bridges 802.1d-Spanning Tree Protocol 802.1p-Class of Service 802.1q-VLAN Tagging 802.1w-Rapid Spanning Tree Protocol 802.1x-Port Based Network Access Control
IETF RFC Compliance: RFC768-UDP RFC783-TFTP RFC791-IP RFC792-ICMP RFC793-TCP RFC826-ARP RFC854-Telnet RFC894-IP over Ethernet RFC1112-IGMP v1 RFC1541-DHCP (client) RFC2068-HTTP RFC2236-IGMP v2 RFC2284-EAP RFC2475-Differentiated Services Network Management: HTTP graphical web-based SNMP v1, v2c Telnet, VT100 Command Line Interface (CLI) Port Mirroring Loss of Link Management o Dynamically scales the bandwidth and provides failover when a link goes down Configuration via ASCll Text File Ability to update firmware on like switches remotely on a per switch basis via TFTP Design for following Approvals: Hazardous Locations: Class 1, Division 2 ISO: Designed and manufactured using a ISO9001: 2000 certified quality program CE Marking Emissions: FCC Part 15 (Class A), EN55022 (CISPR22 Class A) Safety: ccsaus (Compliant with CSA C22.2 No. 60950, UL 60950, EN60950) Laser Eye Safety (FDA/CDRH): Complies with 21 CFR Chapter1, Subchapter J. Warranty 2 Years-Applicable to design or manufacturing related product defects
Appendix B: CLI Commands Blue text is user input. Black text are responses. my-switch#? clear Reset functions configure Enter configuration mode copy Copy from source to destination debug Debugging functions delete Delete one file in flash: file system dir Directory of all files in flash: file system disable Turn off privileged commands do To run exec commands in config mode dot1x IEEE Standard for port-based Network Access Control enable Turn on privileged commands erps Ethernet Ring Protection Switching exit Exit from EXEC mode firmware Firmware upgrade/swap help Description of the interactive help system ip IPv4 commands link-oam Link OAM configuration logout Exit from EXEC mode more Display file no Negate a command or set its defaults ping Send ICMP echo messages ptp Enable wireless mode for an interface. reload Reload system. -- more --, next page: Space, continue: g, quit: ^C my-switch# configure terminal my-switch(config)#? aaa Authentication, Authorization and Accounting access Access management access-list Access list aggregation Aggregation mode banner Define a login banner clock Configure time-of-day clock default Set a command to its defaults do To run exec commands in config mode dot1x IEEE Standard for port-based Network Access Control enable Modify enable password parameters end Go back to EXEC mode eps Ethernet Protection Switching. erps Ethernet Ring Protection Switching evc Ethernet Virtual Connections exit Exit from current mode green-ethernet Green ethernet (Power reduction). gvrp Enable GVRP feature help Description of the interactive help system hostname Set system's network name interface Select an interface to configure ip Internet Protocol ipmc IPv4/IPv6 multicast configuration -- more --, next page: Space, continue: g, quit: ^C my-switch(config)# end my-switch# show? aaa Login methods access Access management access-list Access list aggregation Aggregation port configuration clock Configure time-of-day clock dot1x IEEE Standard for port-based Network Access Control eps Ethernet Protection Switching erps Ethernet Ring Protection Switching evc Ethernet Virtual Connections green-ethernet Green ethernet (Power reduction) history Display the session command history interface Interface status and configuration ip Internet Protocol ipmc IPv4/IPv6 multicast configuration ipv6 IPv6 configuration commands lacp LACP configuration/status line TTY line information link-oam Link OAM configuration lldp Display LLDP neighbors information. logging Syslog loop-protect Loop protection configuration mac Mac Address Table information -- more --, next page: Space, continue: g, quit: ^C
my-switch# configure terminal my-switch(config)# interface vlan 1 my-switch(config-if-vlan)# ip? ip Interface Internet Protocol config commands ipv6 IPv6 configuration commands my-switch(config-if-vlan)# ip? ip address { { <address> <netmask> } { dhcp [ fallback <fallback_address> <fallback_netmask> [ timeout <fallback_timeout> ] ] } } ip dhcp server ip igmp snooping ip igmp snooping compatibility { auto v1 v2 v3 } ip igmp snooping last-member-query-interval <ipmc_lmqi> ip igmp snooping priority <cos_priority> ip igmp snooping querier { election address <v_ipv4_ucast> } ip igmp snooping query-interval <ipmc_qi> ip igmp snooping query-max-response-time <ipmc_qri> ip igmp snooping robustness-variable <ipmc_rv> ip igmp snooping unsolicited-report-interval <ipmc_uri> my-switch(config-if-vlan)# ip address? <ipv4_addr> IP address dhcp Enable DHCP my-switch(config-if-vlan)# ip address? ip address { { <address> <netmask> } { dhcp [ fallback <fallback_address> <fallback_netmask> [ timeout <fallback_timeout> ] ] } } my-switch(config-if-vlan)# ip address % Incomplete command. my-switch(config-if-vlan)# end