350 East Plumeria Drive
San Jose, CA 95134
USA
July 2016
208-10803-03
M4200 and M4300 Series ProSAFE
Managed Switches
Software Setup Manual
Software Version 12.0.2
2
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Support
Thank you for purchasing this NETGEAR product. You can visit www.netgear.com/support to register your product, get help,
access the latest downloads and user manuals, and join our community. We recommend that you use only official NETGEAR
support resources.
Conformity
For the current EU Declaration of Conformity, visit http://kb.netgear.com/app/answers/detail/a_id/11621.
Compliance
For regulatory compliance information, visit http://www.netgear.com/about/regulatory.
See the regulatory compliance document before connecting the power supply.
Trademarks
© NETGEAR, Inc., NETGEAR and the NETGEAR Logo are trademarks of NETGEAR, Inc. Any non-NETGEAR trademarks are
used for reference purposes only.
Revision History
Publication Part Number Publish Date Comments
208-10803-03 July 2016 Changed the subnet over which you can access the
Ethernet network port to 169.254.0.0/16.
Changed the subnet over which you can reach the
out-of-band (OOB) port to 192.168.0.0/16 and changed the
default IP address of the OOB port to 192.168.0.239.
208-10803-02 January 2016 Updated the subnet mask information for access to an
Ethernet network port.
Added the subnet and subnet mask information for access
to the OOB port.
208-10803-01 December 2015 Original publication
3
Contents
Chapter 1 Get Started
Available Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Overview of the Switch Access Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Overview of the Web Management Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Start the Switch and Observe the Power-On Self-Test . . . . . . . . . . . . . . . . . . . . 6
Prepare a Terminal if You Intend to Use a Console Port. . . . . . . . . . . . . . . . . . . . . 7
Prepare a Computer With Terminal Emulation Software . . . . . . . . . . . . . . . . . 7
Access the Switch Through a Console Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Set Up or Find the Switch IP Address Configuration . . . . . . . . . . . . . . . . . . . . . . . 8
Use the Web Management Interface to Set Up the
IP Address Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Use a Console Port and the ezconfig Utility to Set Up the
IP Address Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Use a Console Port and the CLI to Set Up the IP Address Configuration . . . 17
Find the IP Address Configuration Assigned by a DHCP Server . . . . . . . . . . 18
Access the Web Management Interface When You Know the IP Address . . . . 18
Configure an SNMPv3 User Profile Using the Web Management Interface. . . 19
Chapter 2 Use the Auto Install Configuration
Auto Install Configuration Concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Switch IP Address Assignment Concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
TFTP IP Address and Configuration File Name Concepts. . . . . . . . . . . . . . . . . . . 22
About Conflicting TFTP Server Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . 23
About DNS Server Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
About Obtaining a Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Host-Specific Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Default Network Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
About Obtaining an Image From a TFTP Server Through Auto Install . . . . . . . . 25
Configure Auto Install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Configure Auto Install Through the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Configure Auto Install Through the Web Management Interface . . . . . . . . . 27
Monitor and Complete the Auto Install Process . . . . . . . . . . . . . . . . . . . . . . . . 28
Event Logging for the Auto Install Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Chapter 3 Register Your Switch
Register Your Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
4
1
1. Get Started
This manual describes software configuration tasks that are most commonly used when you
install a new NETGEAR M4200 or M4300 series ProSAFE managed switch.
Use this manual to perform the initial configuration of your switch after you install it as described
in the hardware installation guide. The installation guide that comes with your switch provides an
extract of the information that is presented in this software setup manual.
This chapter includes the following sections:
Available Publications
Overview of the Switch Access Options
Overview of the Web Management Interface
Start the Switch and Observe the Power-On Self-Test
Prepare a Terminal if You Intend to Use a Console Port
Set Up or Find the Switch IP Address Configuration
Access the Web Management Interface When You Know the IP Address
Configure an SNMPv3 User Profile Using the Web Management Interface
Note: For more information about the topics covered in this manual, visit the
support website at netgear.com/support.
Note: Firmware updates with new features and bug fixes are made
available from time to time at downloadcenter.netgear.com. Some
products can regularly check the site and download new firmware, or
you can check for and download new firmware manually. If the
features or behavior of your product does not match what is
described in this manual, you might need to update your firmware.
Get Started
5
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Available Publications
A number of other publications are available for your switch at downloadcenter.netgear.com,
including the following publications:
The installation guide for your switch:
- Installation NETGEAR ProSAFE Managed Switches, M4200 Series
- Installation NETGEAR ProSAFE Managed Switches, M4300 Series
The hardware installation guide for your switch:
- ProSAFE Managed Switch Series M4200 Hardware Installation Guide
- ProSAFE Managed Switch Series M4300 Hardware Installation Guide
M4200 and M4300 Series ProSAFE Managed Switches CLI Command Reference
Manual
See this manual for information about the command structure and CLI commands that
you can use to configure the switch. The manual provides CLI descriptions, syntax, and
default values.
M4200 and M4300 Series ProSAFE Managed Switches Software Administration Manual
M4200 and M4300 Series ProSAFE Managed Switches User Manual
Overview of the Switch Access Options
To configure the switch, you can access it through any of the Ethernet network ports,
out-of-band (OOB) port (also referred to as the service port), or one of the console ports:
Ethernet network port. Use an Ethernet network connection to access either the web
management interface or the CLI through an SSH or Telnet utility. You can use either the
default IP address of the switch or a custom IP address. For you to access the switch
over a custom IP address, you first must configure the IP address, or, if you use a DHCP
server, find the DHCP-assigned IP address, which for an Ethernet network port is
referred to as the management address.
OOB port. Use an Ethernet out-of-band (OOB) connection to access either the web
management interface or the CLI through an SSH or Telnet utility. You can use either the
default IP address of the switch or a custom IP address. For you to access the switch
over a custom IP address, you first must configure the IP address, or, if you use a DHCP
server, find the DHCP-assigned IP address, which for the OOB port is referred to as the
service port address.
Console port. Use the CLI over either a computer with a Windows, MAC, or Linux
operating system and a terminal emulation program or a VT100/ANSI terminal. To
configure the management address and the service port address, you can use either the
CLI or the ezconfig tool.
For more information about these access and configuration options, see Set Up or Find the
Switch IP Address Configuration on page 8.
Get Started
6
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Overview of the Web Management Interface
To access the switch through the web management interface, use the latest version of a web
browser such as Google Chrome, Mozilla Firefox, or Microsoft Internet Explorer.
The web management interface and CLI differ in various ways. For example, on the web
management interface, you can display the entire forwarding database. The CLI displays
only 10 entries starting at specified addresses.
The switch accommodates two types of users: administrative users and guests. An
administrative user can configure the switch for network application, but a guest cannot. The
guest can only view the settings and status of the network. By default, both users can log in
without a password. We strongly recommend that you create a unique password for the
administrative user before placing the switch into production.
The web management interface lets you configure and use the following types of features:
System. Configuration and status information for system features and services such as
the timer, DNS server, IP address, and system resource usage
Switching. Features that relate to Layer 2 services such as VLANs, link aggregation,
Spanning Tree Protocol, port configuration, and the MAC address table
Routing. Layer 3 services such as VLAN routing, port routing, and protocols such as RIP,
OSPF, VRRP, and other protocols
QoS. Quality of Service features such as DiffServ and CoS queue assignment
Security. Security services such as 802.1x port authentication, traffic control with various
forwarding controls, and ACLs
Monitoring. Ethernet port statistics, various system logs, and port mirroring
Maintenance. Services to perform a firmware upgrade, to save the configuration, and to
perform a backup of the configuration
Start the Switch and Observe the Power-On Self-Test
When you supply power to the switch, the switch goes through a power-on self-test (POST).
The POST runs every time that the switch initializes and checks the switch hardware before
the switch boots. If the POST detects a critical problem, the startup procedure stops. The
boot process runs for approximately 60 seconds.
If POST passes successfully, a valid executable image loads into RAM. If you connect a local
terminal to the switch, POST messages display on the terminal and indicate test success or
failure.
Get Started
7
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Prepare a Terminal if You Intend to Use a Console Port
If you intend to use one of the console ports for initial configuration of the switch, connect a
computer with a Windows, MAC, or Linux operating system and a terminal emulation
program or a VT100/ANSI terminal to one of the console ports on the switch.
You can use one of the following console ports on the switch:
Mini USB console port. The switch comes with a mini USB to USB cable, which you can
use to connect the mini USB console port on the switch to a USB port on a computer with
a Windows, MAC, or Linux operating system or a VT100/ANSI terminal.
Note: To use the mini USB port, you must install the USB driver on the
computer. (The Windows USB driver is on the resource CD.)
RJ-45 RS232 console port. The RJ-45 RS232 serial port uses the following settings:
- Baud rate. 115,200 bps
- Data bits. 8
- Parity. None
- Stop bit. 1
- Flow control. None
You can use the console cable that comes in the product package to connect the switch’s
RJ-45 RS232 console port to the DB9 port on the computer or VT100/ANSI terminal.
Prepare a Computer With Terminal Emulation Software
If you use a computer with a Windows, MAC, or Linux operating system instead of a
VT100/ANSI terminal, configure the terminal emulation software:
On a computer with a Windows operating system, you can use HyperTerminal or Tera
Term.
On a computer with a MAC operating system, you can use ZTerm.
On a computer with a Linux operating system, you can use TIP.
To configure the terminal emulation software:
1. Select one of the serial ports to connect to the console.
2. Set the data rate, format, and flow control:
- Baud rate. 115,200 bps
- Data bits. 8
- Parity. None
- Stop bit. 1
- Flow control. None
3. Under Properties, select the correct mode.
4. Select terminal keys.
Get Started
8
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Access the Switch Through a Console Port
You can use a locally or remotely attached terminal to access the switch through a console
port.
To access the switch through a console port:
1. Connect a computer with a Windows, MAC, or Linux operating system and a terminal
emulation program or a VT100/ANSI terminal and open the appropriate COM port.
When the terminal interface initializes, the login user prompt displays.
2. Enter your user name and password.
The default user name is admin and the password is blank (that is, do not enter a
password).
You can now access the switch with its default configuration.
For information about how to perform the initial configuration of the switch through either
the CLI or the ezconfig tool, see the following sections:
Use a Console Port and the CLI to Set Up the IP Address Configuration on page 17
Use a Console Port and the ezconfig Utility to Set Up the IP Address Configuration on
page 12
Set Up or Find the Switch IP Address Configuration
Before you can use the switch in your network, you must set up its IP address configuration
or find the DHCP-assigned IP addresses. The IP address configuration includes the IP
address, subnet mask, and gateway of the management interface and the IP address, subnet
mask, and gateway of the OOB port.
For information about which ports you can use to access the switch, see Overview of the
Switch Access Options on page 5.
Set up the initial IP address configuration of the switch or find the DHCP-assigned IP
addresses by using one of the following methods:
Web management interface. Use the web management interface through the OOB port
or any Ethernet network port to access the switch over its default IP address and change
the IP address configuration (see Use the Web Management Interface to Set Up the IP
Address Configuration on page 9).
Tip: Use the web management interface for configuration instead of the CLI.
Web configuration is quicker and easier than entering the multiple
required CLI commands.
ezconfig. Use the ezconfig utility through the mini USB console port or RJ-45 RS232
console port to access the switch and change the IP address configuration (see Use a
Console Port and the ezconfig Utility to Set Up the IP Address Configuration on page 12).
Get Started
9
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
CLI. Use the CLI through the mini USB console port or RJ-45 RS232 console port to
access the switch and change the IP address configuration (see Use a Console Port and
the CLI to Set Up the IP Address Configuration on page 17).
DHCP server. Connect a DHCP server through the OOB port or any Ethernet network
port, use the CLI through the mini USB console port or RJ-45 RS232 console port to
access the switch, and find the DHCP-assigned IP addresses (see Find the IP Address
Configuration Assigned by a DHCP Server on page 18).
Use the Web Management Interface to Set Up the
IP Address Configuration
You can configure the switch IP address configuration through the web management
interface.
For detailed information about how to use the web management interface to configure the
switch with all its options, see the M4200 and M4300 Series ProSAFE Managed Switches
Web Management User Manual, which is available at downloadcenter.netgear.com.
To set up the switch IP address configuration through the web management interface:
1. Prepare your computer with a static IP address:
For access over an Ethernet network port, use a static IP address in the
169.254.0.0/16 subnet.
For example, use 169.254.100.201 for your computer.
For access over the OOB port, use a static IP address in the 192.168.0.0/16 subnet.
For example, use 192.168.0.201 for your computer.
2. Connect an Ethernet cable from an Ethernet port on your computer either to an Ethernet
network port on the switch or to the OOB port on the switch.
3. Launch a web browser such as Google Chrome, Mozilla Firefox, or Microsoft Internet
Explorer.
4. Enter the default IP address of the switch in the web browser address field:
For access over an Ethernet network port, enter 169.254.100.100.
For access over the OOB port, enter 192.168.0.239.
The login window opens.
5. Enter the user name and password.
The default admin user name is admin and the default admin password is blank, that is,
do not enter a password.
6. Click the Login button.
The web management interface menu displays.
7. To set up the service port, do the following:
a. Select System > Management > IPv4 Service Port.
Get Started
10
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
b. Select the Service Port Configuration Protocol None radio button.
c. In the IP Address field, enter the IP address for the service port.
For example, enter 172.26.1.110.
Note: The OOB port is also referred to as the service port.
d. In the Subnet Mask field, enter the subnet mask for the service port.
For example, enter 255.255.255.0.
e. In the Default Gateway field, enter the default gateway for the service port.
For example, enter 172.26.1.1.
f. Click the Apply button.
Your settings are saved.
8. To set up the IP address in the management VLAN, do the following:
a. Select System > Management > IPv4 Management VLAN Configuration.
b. In the IP Address field, enter the IP address for the switch.
For example, enter 10.100.5.100.
Get Started
11
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
c. In the Subnet Mask field, enter the subnet mask for the switch.
For example, enter 255.255.255.0.
d. In the Gateway field, enter the network IP address for the gateway.
For example, enter 10.100.5.1.
e. Click the Apply button.
Your settings are saved.
9. To set up the management interface, do the following:
a. Select System > Management > IPv4 Management Interface Configuration.
b. Select the Configuration Method Manual radio button.
c. In the IP Address field, enter the IP address for the management interface.
For example, enter 10.100.4.100.
d. In the Subnet Mask field, enter the subnet mask for the management interface.
For example, enter 255.255.255.0.
e. In the Gateway field, enter the default gateway for the management interface.
For example, enter 10.100.4.1.
f. Click the Apply button.
Your settings are saved.
10. Log out of the web management interface.
11. Return your computer to its original settings.
If you want log in to the web management interface again, you now must use one of the
newly assigned network IP addresses.
Get Started
12
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Use a Console Port and the ezconfig Utility to Set Up the
IP Address Configuration
You can manually configure the IP address of the switch through a console port by using the
Easy Setup Wizard (ezconfig). The switch provides a mini USB console port and an RJ-45
RS232 console port.
The ezconfig utility is an interactive utility that provides a simplified procedure for setting up
the following basic switch settings:
Switch management interface IP address
Switch OOB port (service port) IP address
Switch admin user password
Switch name and location
You can enter ezconfig either in Global Config mode (#) or in Display mode (>).
At any point in the setup, you can type Q to abort the program. ezconfig checks for any
changes and prompts you to save the changes.
To set up the switch IP address configuration through a console port and start the
ezconfig utility:
1. Connect a computer with a Windows, MAC, or Linux operating system and a terminal
emulation program or a VT100/ANSI terminal and open the appropriate COM port.
For more information, see Prepare a Terminal if You Intend to Use a Console Port on
page 7.
When the terminal interface initializes, the user login prompt displays.
2. Enter your user name and password.
The default admin user name is admin and the default admin password is blank, that is,
do not enter a password.
3. Enter the ezconfig command.
The utility displays the following text:
(Switch) >ezconfig
NETGEAR EZ Configuration Utility
--------------------------------
Hello and Welcome!
This utility will walk you through assigning the IP address for
the switch management CPU. It will allow you to save the changes
at the end. After the session, simply use the newly assigned IP
address to access the Web GUI using any public domain Web browser.
Get Started
13
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Admin password not defined. Do you want to assign the admin
password (password length should vary in a range of 8 - 64
characters)? (Y/N/Q)
You are prompted to change the admin password.
4. For security reasons, change the default password by typing Y, typing a new password, and
confirming the password.
If you already set the password and do not want to change it again, type N.
Enter new password:********
Confirm new password:********
Password Changed!
The 'enable' password required for switch configuration through
the command line interface is currently not configured. Do you
wish to change it (Y/N/Q)? y
Enter new password:********
Confirm new password:********
Password Changed!
5. To change the management VLAN ID, type Y, and type a new VLAN ID.
Current Management VLAN ID: 1
Do you want to set new Management VLAN ID (Y/N/Q)?
You are prompted to set up the IP address of the switch.
6. Set up the IP address of the switch, either manually (type C) or through DHCP (type D):
Assigning an IPv4 address to your switch management
Current IPv4 Address Configuration
----------------------------------
Management VLAN ID: 1
IPv4 Address Assignment Mode: Manual
IPv4 Address: 0.0.0.0
Subnet Mask: 0.0.0.0
Default Router IPv4: 0.0.0.0
Routing Mode: Enable
IPv4 address has been assigned manually. What do you want to do?
C - Change IPv4 address.
D - Assign IPv4 address for the switch using DHCP Mode(current
IPv4 address will be lost).
Get Started
14
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
N - Skip this option and go to the next question.
Q - Quit.
? - Help.
(C/D/N/Q/?)?
If the switch was already assigned an IP address and you do not want to change the IP
address again, type N.
ezconfig displays the current IP address and subnet mask. By default, the network DHCP
server assigns IP addresses automatically according to DHCP. However, you can
overwrite the DHCP client mode by assigning a fixed IP address here. Once a fixed IP
address is assigned, ezconfig automatically disables DHCP client mode and assigns the
static IP address to the management VLAN.
7. To set up IPv6 address for management VLAN, type C to assign a new global IPv6 address,
or type D to get an IP6 address from an IPv6 DHCP server, or type A to generate the IPv6
address automatically.
Management VLAN ID: 1
IPv6 Address: fe80::6eb0:ceff:fef9:f6e3/64
IPv6 Current state: TENT
EUI64: Disabled
Routing Mode: Enable
IPv6 address has been assigned manually. What do you want to do?
C - Add IPv6 address.
D - Assign IPv6 address for the switch using DHCP Mode.
A - Assign IPv6 address for the switch using Auto Mode.
N - Skip this option and go to the next question.
Q - Quit.
? - Help.
(C/D/A/N/Q/?)
8. To set up an IPv4 address for the OOB port (which is also referred to as the service port),
type Y to assign the IPv4 address manually.
Current Out of Band(service port) IPv4 Address Configuration
--------------------------------
IP Address Assignment Mode: DHCP
IP Address: 172.26.2.135
Get Started
15
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Subnet Mask: 255.255.255.0
Default Router: 172.26.2.1
Do you want to assign IPv4 address manually? (Y/N/Q)?
The IPv4 address will be assigned automatically by the DHCP server in your network.
You can disable DHCP mode and use a static (fixed) IPv4 address. If fixed IPv4 address
mode is selected, DHCP mode is disabled, and you are prompted to set the values for
these fields.
9. To set up an IPv6 address for the OOB port (which is also referred to as the service port),
type A to generate an IPv6 address automatically, or type D to get an IPv6 address from the
DHCP server, or type C to add an IPv6 address to the OOB port.
Service port IPv6 Address Mode: None
IPv6 Administrative Mode: Enabled
Service port IPv6 Address Mode autoconfigure: Disabled
IPv6 Address: fe80::6eb0:ceff:fef9:f6e1/64
Network IPv6 address gateway:
IPv6 Default Router: fe80::222:3fff:fe9e:9605
EUI Flag: True
The IPv6 address has been assigned manually. What do you want to
do?
A - Assign IPv6 address for the switch using Auto Mode.
D - Assign IPv6 address for the switch using DHCP Mode.
G - Assign IPv6 Gateway.
C - Add IPv6 address.
N - Skip this option and go to the next question.
Q - Quit.
? - Help.
10. To change the management interface, type O to select the OOB port (which is also referred
to as the service port) as the source IP address of the management protocol such as syslog,
SNMP client, and so on. Or type V to select the IP address of the management LAN as the
source IP address of the management protocol.
Current Management Interface Configuration
--------------------------------
Management Interface: L3 Management VLAN
Current management interface is L3 Management VLAN. What do you
want to do?
Get Started
16
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
O - Change to Out of Band port (service port).
V - Change to L3 Management VLAN.
N - Skip this option and go to the next question.
Q - Quit.
? - Help.
(O/V/N/Q/?)
11. To enable the routing interface, type Y.
Do you want routing to be enabled (Y/N)?
12. Assign a switch name and location information.
Enter alphanumeric characters only. Characters such as # and $ are not supported. The
number of characters cannot exceed 31 characters.
Assigning System Name, System Location and System Contact to your
switch management
Current Configuration
--------------------------------
System Name:
System Location:
System Contact:
Do you want to assign switch name and location information?
(Y/N/Q)
Assigning SNTP server for time stamp to your switch management
Current Configuration
--------------------------------
SNTP system clock server: unicast
SNTP server:
Do you want to enable SNTP system clock server? (Y/N)
13. Save the configuration by typing Y.
There are changes detected, do you wish to save the changes
permanently (Y/N)?
y
The configuration changes have been saved successfully.
Please enter 'show running-config' to see the final configuration.
Thanks for using EzConfig!
Get Started
17
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Your changes are saved in flash memory (permanent storage).
The switch is now ready for web-based management as well as for management through
Telnet and SSH.
Use a Console Port and the CLI to Set Up the IP Address
Configuration
You can manually configure the IP address of the switch through a console port by using the
CLI. The switch provides a mini USB console port and an RJ-45 RS232 console port.
To set up the switch IP address configuration through a console port and the CLI:
1. Connect a computer with a Windows, MAC, or Linux operating system and a terminal
emulation program or a VT100/ANSI terminal and open the appropriate COM port.
For more information, see Prepare a Terminal if You Intend to Use a Console Port on
page 7.
When the terminal interface initializes, the user login prompt displays.
2. Enter your user name and password.
The default admin user name is admin and the default admin password is blank, that is,
do not enter a password.
3. Configure the IP address of the switch’s management interface in default management
VLAN 1 by entering the following command:
(management switch) (config) #ip management vlan 1 ipaddress
subnetmask
4. Configure the IP address of the switch’s gateway by entering the following command:
(management switch) (config) #ip default-gateway gateway-addr
5. Disable DHCP mode on the switch’s OOB port by entering the following command:
(management switch) #serviceport protocol none
6. Configure the IP address of the switch’s OOB port (which is also referred to as the
service port) by entering the following command:
(management switch) #serviceport ip ipaddress subnetmask [gateway]
7. To retain these changes during a reset of the switch, type save at the main menu prompt,
and type y to confirm the changes.
8. To view the changes and verify the IP address information, enter the following commands:
For the management interface: (management switch) #show ip management
For the service port: (management switch) #show serviceport
The switch is now ready for web-based management as well as for management through
Telnet and SSH.
Get Started
18
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Find the IP Address Configuration Assigned by a DHCP Server
If your network includes a DHCP server, the DHCP server automatically assigns the IP
address configuration to the switch. By default, the switch functions as a DHCP client,
allowing both the management interface and OOB port (which is also referred to as the
service port) to be assigned IP addresses by the DHCP server. The first time that you
connect the switch to the network, the DHCP server configures the switch with the IP
address, subnet, and other information.
If you want the DHCP server to assign a particular IP address to the switch, for example in an
IP address–to–MAC address binding configuration, you must preconfigure the DHCP server
with the IP address and MAC information for the switch. After you configure the DHCP server,
the first time that you connect the switch to the network, the DHCP server configures the
switch with the IP address, subnet, and other information that you supplied.
To find the IP address configuration that is assigned by a DHCP server:
1. Connect a computer with a Windows, MAC, or Linux operating system and a terminal
emulation program or a VT100/ANSI terminal and open the appropriate COM port.
For more information, see Prepare a Terminal if You Intend to Use a Console Port on
page 7.
When the terminal interface initializes, the user login prompt displays.
2. Enter your user name and password.
The default admin user name is admin and the default admin password is blank, that is,
do not enter a password.
3. To find the assigned IP addresses, enter the following commands:
For the management interface: (management switch) #show ip management
For the service port: (management switch) #show serviceport
The active IP address displays.
4. Use either the management interface IP address or the OOB port IP address to log in to the
switch’s web management interface.
Access the Web Management Interface When You Know
the IP Address
This procedure describes how to access the web management interface when you already
know the switch IP address for your access method.
Either connect to an Ethernet network port and use the management interface IP address or
connect to the OOB port and use the OOB port IP address.
Get Started
19
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
To access the web management interface:
1. Connect an Ethernet cable from an Ethernet port on your computer either to an Ethernet
network port on the switch or to the OOB port on the switch.
2. Launch a web browser such as Google Chrome, Mozilla Firefox, or Microsoft Internet
Explorer.
3. Enter http://<ipaddress> in the URL field of your browser, in which <ipaddress> is either
the management interface IP address or the OOB port IP address, depending on your
type of connection.
A login window opens.
4. Enter admin for the user name, leave the password field blank, and click the LOGIN button.
The System Information page displays. You can now navigate from this page to other
pages and configure your switch.
You are ready to configure the switch through the web management interface. For detailed
information about how to use the web management interface to configure the switch with all
its options, see the M4200 and M4300 Series ProSAFE Managed Switches Web
Management User Manual, which is available at downloadcenter.netgear.com.
Configure an SNMPv3 User Profile Using the Web
Management Interface
Configuring an SNMPv3 user profile is a part of the user configuration. Any user can connect
to the switch using the SNMPv3 protocol, but for authentication and encryption, additional
steps are needed.
This procedure describes how to access the web management interface and configure an
SNMPv3 user profile when you already know the switch IP address for your access method.
Either connect to an Ethernet network port and use the management interface IP address or
connect to the OOB port and use the OOB port IP address.
To configure an SNMP V3 new user profile:
1. Connect an Ethernet cable from an Ethernet port on your computer either to an Ethernet
network port on the switch or to the OOB port on the switch.
2. Launch a web browser such as Google Chrome, Mozilla Firefox, or Microsoft Internet
Explorer.
3. Enter http://<ipaddress> in the URL field of your browser, in which <ipaddress> is either
the management interface IP address or the OOB port IP address, depending on your
type of connection.
A login window opens.
4. Enter admin for the user name, leave the password field blank, and click the LOGIN button.
The System Information page displays.
Get Started
20
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
5. Select System > Configuration > User Accounts.
The User Accounts page displays.
6. From the User menu, select Create.
A new user is created.
7. In the User Name field, enter a new user name.
8. In the Password field, enter a new password and then retype it in the Confirm Password
field.
Note: If SNMPv3 authentication is used for this user, the password must be
eight or more alphanumeric characters.
9. If you do not need authentication and encryption, go to Step 13.
10. To enable authentication, from the Authentication Protocol menu, select either MD5 or
SHA.
11. If you do not need encryption, go to Step 13.
12. To enable encryption, from the Encryption Protocol menu, select DES. In the Encryption
Key field, enter an encryption code of eight or more alphanumeric characters.
13. Click the Apply button.
Your settings are saved.
21
2
2. Use the Auto Install Configuration
Auto Install is a software feature that provides for the configuration of a switch automatically
when the switch is initialized and no configuration file is found on the switch.
This chapter includes the following sections:
Auto Install Configuration Concepts
Switch IP Address Assignment Concepts
TFTP IP Address and Configuration File Name Concepts
About Conflicting TFTP Server Configurations
About DNS Server Requirements
About Obtaining a Configuration File
About Obtaining an Image From a TFTP Server Through Auto Install
Configure Auto Install
Use the Auto Install Configuration
22
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Auto Install Configuration Concepts
The downloaded configuration file is not distributed across the chassis. When an
administrator saves the configuration, the configuration file is distributed to all blades.
The Auto Install process requires you to enable DHCP. The downloaded configuration file is
not automatically saved to the startup-config file. An administrator must explicitly issue a
save request to save the configuration. The Auto Install process depends on the
configuration of other devices in the network, including a DHCP server or a TFTP server and,
if necessary, a DNS server.
Auto Install occurs in three phases:
1. Configuration or assignment of an IP address to the switch
2. Assignment of a TFTP server
3. Downloading a configuration file for the switch from the TFTP server
Switch IP Address Assignment Concepts
If DHCP is enabled on the switch and an IP address is not yet assigned, the switch requests
an IP address assignment. The IP address assignment through DHCP normally functions
with the Auto Install feature. That is, the following information that is returned from the server
is recognized:
The IP address (yiaddr) and subnet mask (option 1) to be assigned to the switch.
The IP address of a default gateway (option 3), if needed for IP address communication.
Some network configurations require the specification of a default gateway through which
some IP address communication can occur. Option 3 of a DHCP response specifies the
default gateway.
After an IP address is assigned to the switch, if a host name is not already assigned, then
Auto Install issues a DNS request for the corresponding host name. This host name is also
displayed as the CLI prompt the same as if the hostname command was used.
TFTP IP Address and Configuration File Name Concepts
A DHCP server might return the following TFTP configuration file and IP address information:
The name of the configuration file (bootfile or option 67) to be downloaded from the TFTP
server.
The identification of the TFTP server from which to obtain the bootfile. See the following
fields:
- The host name of the TFTP server (option 66 or sname). Either the TFTP address or
name is specified, not both, in most network configurations. If a TFTP host name is
given, a DNS server is required to translate the name to an IP address.
- The IP address of the TFTP server (option 150).
- The address of the TFTP server (siaddr) to be used for Auto Install requests.
Use the Auto Install Configuration
23
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
You can also enter this information manually.
No DHCP configuration is saved in the startup-config file.
About Conflicting TFTP Server Configurations
The TFTP server IP address can be deduced from multiple sources. It is selected from one of
the following fields, listed from the highest priority to the lowest:
The sname field of a DHCP reply
The TFTP server name (option 66) of a DHCP reply
The TFTP server address (option 150) field of a DHCP reply
The siaddr field of a DHCP reply
About DNS Server Requirements
A DNS server is required to resolve the IP address of the TFTP server only if the sname or
option 66 value is used.
About Obtaining a Configuration File
After obtaining IP addresses for both the switch and the TFTP server, the Auto Install process
attempts to download a configuration file. A host-specific configuration file is downloaded, if
possible. Otherwise, a network configuration file is used as a bridge to get the final
configuration. For more information, see Host-Specific Configuration File on page 23 and
Default Network Configuration File on page 24.
Host-Specific Configuration File
If the DHCP server specifies a bootfile name, the switch attempts to download a host-specific
configuration file. The switch makes three unicast TFTP requests for the specified bootfile. If
the unicast attempts fail, or if a TFTP server address was not provided, the Auto Install
process stops. No broadcast attempts are made.
Note: The bootfile is required for a file type of *.cfg. The bootfile cannot be
named fastpath.cfg, startup-config, or hpc_broad.cfg.
These names are reserved.
Use the Auto Install Configuration
24
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Default Network Configuration File
If the switch cannot find the specified bootfile or the bootfile name from the DHCP server, the
switch attempts to download the default network configuration file (fp-net.cfg). The switch
issues TFTP requests for a network configuration file in the same manner that it attempts to
download a host-specific configuration file.
The default network configuration file must contain IP address–to–host name mappings using
the command ip host hostname address. If the default network configuration file does
not contain the switch IP address, the switch uses DNS to attempt to resolve its host name.
The following example is a sample fp-net.cfg file:
config
...
ip host switch_to_setup 192.168.1.10
ip host another_switch 192.168.1.11
... <other hostname definitions>
exit
When a host name is determined, the switch issues a TFTP request for a file named
hostname.cfg, in which hostname is the first eight characters of the switch’s host name.
If the switch cannot map its IP address to a host name, Auto Install sends TFTP requests for
the default configuration file host.cfg.
The following table summarizes the configuration files that can be downloaded, and the order
in which they are sought.
Table 1. Configuration files and order
Order Sought File Name Description Final File Sought
1 bootfile.cfg Host-specific configuration file, ending in a *.cfg file
extension. bootfile represents the name of the file.
Yes
2 fp-net.cfg Default network configuration file. No
3 hostname.cfg Host-specific configuration file, associated with host
name. hostname is the first eight characters of the
switch’s host name.
Yes
4 host.cfg Default configuration file. Yes
Use the Auto Install Configuration
25
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
The following table displays the determining factors for issuing unicast TFTP requests.
About Obtaining an Image From a TFTP Server Through
Auto Install
You can use Auto Install to let the switch download an image from a TFTP server using
DHCP option 125. The image update can either upgrade or downgrade the firmware on the
switch.
For the switch to be able to download an image from a TFTP server, the DHCP server must
include an image description file that lists the name of the image that the switch must
download from the TFTP server. For example, the autoinstall_dhcp image description
file on the DHCP server lists the m6100v10.2.0.12 image name that the switch must
download from the TFTP server.
Option 125 in the DHCP server must contain the following information (the example uses the
autoinstall_dhcp image description file and the m6100v10.2.0.12 image name):
Enterprise number (4 octets). 0x0000 0x11ae
In decimals, the enterprise number for NETGEAR is 4526.
Data length (1 octet). 0x12
The data length includes the SubOption code plus the SubOption length plus the image
description file name: 1+1+16.
- SubOption code (2 octets). 0x05
- SubOption length (1 octet). 0x10
The length of the name of the image description file.
- Image description file name (N octets).
61.7574.6f69.6e73.7461.6c6c.5f64.6863.70
In plain text, the name of the image description file is autoinstall_dhcp.
The content of the autoinstall_dhcp image description file is m6100v10.2.0.12.stk,
which is the name of the image that the switch must download from the TFTP server.
You can change the name for the image description file, but then you must also change the
option 125 data length, which is based on the SubOption code, SubOption length, and image
description file name.
Table 2. Unicast TFTP requests
TFTP Server
Address Available
Host-Specific Router
Configuration File Name Available
TFTP Request Method
Yes Yes Issue a unicast request to the TFTP server for the
host-specific router configuration file.
Yes No Issue a unicast request to the TFTP server for a
default network or router configuration file.
Use the Auto Install Configuration
26
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Configure Auto Install
The following figure shows an Auto Install configuration with a DHCP server and a TFTP
server, allowing a configuration file to be distributed across a chassis.
The following information is configured on the DHCP server:
The IP address (yiaddr) and subnet mask (option1)
The name of the configuration file (bootfile or option 67)
The IP address of the TFTP server (option 150)
The configuration file is located on the TFTP server (for example, switch.cfg).
Figure 1. Components in an Auto Install configuration
Configure Auto Install Through the CLI
This section describes how to configure Auto Install through the CLI.
To use the CLI to configure Auto Install:
1. Download the configuration file from the TFTP server.
2. Save the configuration file automatically after autoconfig completes.
(Netgear switch) #boot host auto-save
3. Continue Auto Install:
(Netgear switch) #boot autoinstall start
192.168.0.1
192.168.0.2
192.168.0.3
DHCP
server
TFTP
server
Use the Auto Install Configuration
27
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
4. Request an IP address, configuration file name, and TFTP IP address from the DHCP
server:
(Netgear switch) #
Config file 'startup-config' created successfully.
AutoInstalled configuration is saved.
(Netgear switch) #show autoinstall
AutoInstall Mode.............................. Stopped
AutoInstall Persistent Mode................... Enabled
AutoSave Mode................................. Disabled
AutoInstall Retry Count....................... 3
AutoInstall State............................. AutoInstall is
completed.
Auto Install is now completed.
Configure Auto Install Through the Web Management
Interface
This section describes how to configure Auto Install through the web management interface.
To use the web management interface to configure Auto Install:
1. Prepare your computer with a static IP address:
For access over an Ethernet network port, use a static IP address in the
169.254.0.0/16 subnet.
For example, use 169.254.100.201 for your computer.
For access over the OOB port, use a static IP address in the 192.168.0.0/16 subnet.
For example, use 192.168.0.201 for your computer.
2. Connect an Ethernet cable from an Ethernet port on your computer to an Ethernet network
port on the switch or to the OOB port on the switch.
3. Launch a web browser such as Google Chrome, Mozilla Firefox, or Microsoft Internet
Explorer.
4. Enter the default IP address of the switch in the web browser address field:
For access over an Ethernet network port, enter 169.254.100.100.
For access over the OOB port, enter 192.168.0.239.
A login window opens.
5. Enter the user name and password.
The default admin user name is admin and the default admin password is blank, that is,
do not enter a password.
Use the Auto Install Configuration
28
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
6. Click the Login button.
The web management interface menu displays.
7. Select Maintenance > Save Config > Auto Install Configuration.
8. From the AutoInstall Mode menu, select Start.
9. From the AutoSave Mode menu, select Enabled.
10. Click the Apply button.
Your settings are saved and the Auto Install process starts.
Monitor and Complete the Auto Install Process
When the switch boots in the absence of a saved configuration file, a message displays on
the console stating that the Auto Install procedure is beginning. A message displays when
Auto Install is complete. The message also indicates that the configuration must be saved to
prevent Auto Install from being performed on the next reboot.
When Auto Install is successfully completed, the messages are in the buffered log, not on the
console. You can execute a show running-config command to validate the contents of
the configuration. You must be logged in as administrator.
About Saving the Configuration
An administrator must explicitly save the downloaded configuration in nonvolatile memory so
that the configuration is available on the next reboot. If you are using the CLI, first make sure
that the configuration is correct, and then enter the copy running-config
startup-config command.
If the Host-Specific Configuration File Is Not Found
If the Auto Install process fails to download any configuration file, a message is logged. If a
final configuration file is not downloaded, the entire process repeats every 10 minutes.
Use the Auto Install Configuration
29
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
How to Terminate the Auto Install Process
You can terminate the Auto Install process at any time before downloading any configuration
files. Terminate the Auto Install process if the switch is disconnected from the network or if no
configuration files are configured on the TFTP server. Termination of the Auto Install process
ends further periodic requests for a host-specific file.
About Managing the Downloaded Configuration Files
The configuration files downloaded through Auto Install are stored in nonvolatile memory.
The files can be managed (viewed, displayed, deleted) along with files downloaded through
the configuration scripting utility.
A configuration file is not automatically deleted after it is downloaded. However, the
configuration file does not take effect upon a reboot. If you save the configuration file, the
saved configuration takes effect upon reboot. If you do not save the configuration file, the
Auto Install process occurs again on a subsequent reboot. A repeated install might cause
previously downloaded files to be overwritten.
About Restarting the Auto Install Process
If the configuration file is not found on the switch, the Auto Install process automatically starts
a subsequent reboot. A restart of the install process can occur if the configuration was never
saved on the switch or if you issued a command to erase the configuration file.
During a particular session, you can restart the Auto Install process if you previously stopped
it during the same login session. This action reinitiates the process for that login session only.
We recommend that you restart the install process only when you are certain that the
configuration is clear.
If no configuration file is stored on the switch, reinitialization of the switch after you enter the
erase startup-config command automatically activates the Auto Install process.
Event Logging for the Auto Install Process
The switch logs a message for each of the following events:
The Auto Install component receives a configuration file name and other options upon
resolving an IP address through a DHCP client. The boot option values are logged.
The Auto Install component initiates a TFTP request for a boot (configuration) file and
receives the file, or the request times out. File names and server IP addresses and host
names are logged.
The Auto Install component initiates a request for a host name. The IP address and
resolved host name are logged.
The Auto Install component initiates a TFTP request for a hostname.cfg file and
receives the file, or the request times out. File names and server IP addresses and host
names are logged.
The start of a configuration script is being applied.
The CLI scripting utility fails to apply a configuration file.
Use the Auto Install Configuration
30
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
The Auto Install process is complete.
The name of the specified configuration file conflicts with a reserved configuration file
name.
31
3
3. Register Your Switch
This chapter describes how to register your switch. The chapter includes the following section:
Register Your Switch
Register Your Switch
32
M4200 and M4300 Series ProSAFE Managed Switches Software Setup Manual
Register Your Switch
Registering your switch gives you access to phone or online support and validates the
hardware warranty.
To register your product:
1. Visit my.netgear.com.
2. If you own a NETGEAR account, type your email address and password and click the
LOGIN button.
If you did not yet create an account, your NETGEAR account is created automatically
when you register your product.
3. Click the REGISTER NOW button.
The NETGEAR Product Registration page displays.
4. Complete the fields to register your product.
5. Click the FINISH button.
Your product is registered. If you do not already own a NETGEAR account, your new
account is created.