Installation Guide
Page 1
... your switch. • Attached to configure the switch). • CLI: Use the command-line interface (CLI) through a console port. After the POST completes, the Power LED indicates the results: • Solid green. Configure your new password. 6. Enter admin for indoor use a computer on the same subnet as main UI, through the OOB port or any Ethernet network port, or through the Type-C USB console port or RJ-45 RS232 console port. On first login, you can download by visiting netgear.com/support/download/. 1. NOTE...
... your switch. • Attached to configure the switch). • CLI: Use the command-line interface (CLI) through a console port. After the POST completes, the Power LED indicates the results: • Solid green. Configure your new password. 6. Enter admin for indoor use a computer on the same subnet as main UI, through the OOB port or any Ethernet network port, or through the Type-C USB console port or RJ-45 RS232 console port. On first login, you can download by visiting netgear.com/support/download/. 1. NOTE...
Installation Guide
Page 2
... terminal. 3. Access the CLI to configure the switch To use the CLI for initial configuration and assign a static or dynamic IP address to the switch, connect a computer or VT100/ANSI terminal to one of the console ports on the switch. 1. Using the ezconfig utility, set up a console connection, see the CLI reference manual, which can download by visiting netgear.com/support/download/. • Console cable for use with the next step. 7. Find the IP address assigned by a DHCP server By default, the switch functions as the service port), type...
... terminal. 3. Access the CLI to configure the switch To use the CLI for initial configuration and assign a static or dynamic IP address to the switch, connect a computer or VT100/ANSI terminal to one of the console ports on the switch. 1. Using the ezconfig utility, set up a console connection, see the CLI reference manual, which can download by visiting netgear.com/support/download/. • Console cable for use with the next step. 7. Find the IP address assigned by a DHCP server By default, the switch functions as the service port), type...
User Manual
Page 11
... OOB port on the switch ports and cannot be switched or routed to as the user name, in the web browser address field: The login page displays. 6. Connect an Ethernet cable from operational network traffic on the switch. 3. The first time that the port can configure network information on this port is enabled so that you connect the OOB port directly to access the switch over the OOB port You can receive an IP address from a DHCP server in...
... OOB port on the switch ports and cannot be switched or routed to as the user name, in the web browser address field: The login page displays. 6. Connect an Ethernet cable from operational network traffic on the switch. 3. The first time that the port can configure network information on this port is enabled so that you connect the OOB port directly to access the switch over the OOB port You can receive an IP address from a DHCP server in...
User Manual
Page 28
... Auto-LAG is enabled by default.) • LLDP must be configured automatically. AV Line of Fully Managed Switches M4250 Series If the switch automatically configures a port as a trunk. Typically, a connection between the switch and a partner device such as a router, access point, or another switch functions as a trunk (that is, an Auto-Trunk), all VLANs on the switch become part of the trunk, and all M4250 switch models, the Auto-Trunk feature is enabled by default.) • The interconnected ports on an Auto-LAG. The Auto-Trunk...
... Auto-LAG is enabled by default.) • LLDP must be configured automatically. AV Line of Fully Managed Switches M4250 Series If the switch automatically configures a port as a trunk. Typically, a connection between the switch and a partner device such as a router, access point, or another switch functions as a trunk (that is, an Auto-Trunk), all VLANs on the switch become part of the trunk, and all M4250 switch models, the Auto-Trunk feature is enabled by default.) • The interconnected ports on an Auto-LAG. The Auto-Trunk...
User Manual
Page 31
... to use each subsequent time that are saved. In the address field of your local device password, and click the AV UI Login button. The Overview page displays. 4. This setting indicates that the querier for a network profile: 1. AV Line of Fully Managed Switches M4250 Series To configure the IGMP querier for the network profile participates in querier election, in which the lowest numbered IP address operates as the user...
... to use each subsequent time that are saved. In the address field of your local device password, and click the AV UI Login button. The Overview page displays. 4. This setting indicates that the querier for a network profile: 1. AV Line of Fully Managed Switches M4250 Series To configure the IGMP querier for the network profile participates in querier election, in which the lowest numbered IP address operates as the user...
User Manual
Page 65
... the switch. Remove port authentication from individual ports: 1. To remove port authentication mode from individual ports After you remove port authentication form a port, the switch allows traffic on page 63). • Disable 802.1X access authentication: Turn off the 802.1x Access Authentication button so that you log in, no password is the default setting. 6. The first time that it displays green and is positioned to the right. This is required. To save the settings to use...
... the switch. Remove port authentication from individual ports: 1. To remove port authentication mode from individual ports After you remove port authentication form a port, the switch allows traffic on page 63). • Disable 802.1X access authentication: Turn off the 802.1x Access Authentication button so that you log in, no password is the default setting. 6. The first time that it displays green and is positioned to the right. This is required. To save the settings to use...
User Manual
Page 77
... name. 6. AV Line of your local device password, and click the AV UI Login button. By default, the SNTP Server Address 1 field contains the NETGEAR SNTP server (time-a.netgear.com), but you can add a system name, which the switch operates. 7. Your settings are saved. The window closes. Add a system name You can replace that it displays green and is optional. 8. To add a system name: 1. By default, no password is configured. Launch a web browser. 2. In the...
... name. 6. AV Line of your local device password, and click the AV UI Login button. By default, the SNTP Server Address 1 field contains the NETGEAR SNTP server (time-a.netgear.com), but you can add a system name, which the switch operates. 7. Your settings are saved. The window closes. Add a system name You can replace that it displays green and is optional. 8. To add a system name: 1. By default, no password is configured. Launch a web browser. 2. In the...
User Manual
Page 84
... admin as the user name, in the Password field, enter your network profile assignments and any custom profile templates. However, you then must specify a local device password to use each subsequent time that you log in . Manage and monitor the switch 84 Audio Video User Manual Launch a web browser. 2. However, you then must specify a local device password to use each subsequent time that you log in . Reset the switch to factory default settings...
... admin as the user name, in the Password field, enter your network profile assignments and any custom profile templates. However, you then must specify a local device password to use each subsequent time that you log in . Manage and monitor the switch 84 Audio Video User Manual Launch a web browser. 2. However, you then must specify a local device password to use each subsequent time that you log in . Reset the switch to factory default settings...
Product Datasheet
Page 1
... years of networking expertise in AV with M4300 and M4500 series with all ports in the back, or all ports in the front Industry standard management • Industry standard command line interface (CLI), main NETGEAR IT web interface (GUI), SNMP, sFlow and RSPAN • The NETGEAR EngageTM Controller manages all M4250 models • Built-in live performances when lip sync is critical Other IT use 1Gbps or 10Gbps...
... years of networking expertise in AV with M4300 and M4500 series with all ports in the back, or all ports in the front Industry standard management • Industry standard command line interface (CLI), main NETGEAR IT web interface (GUI), SNMP, sFlow and RSPAN • The NETGEAR EngageTM Controller manages all M4250 models • Built-in live performances when lip sync is critical Other IT use 1Gbps or 10Gbps...
Product Datasheet
Page 5
... (DOT1X; Telnet; SSH Audio over IP profiles SNMP, MIBs RSPAN Radius Users, TACACS+ AVB profile Video over IP profiles Mixed Audio and Video profiles IPv4 / IPv6 ACL and QoS, DiffServ IPv4 / IPv6 Multicast Filtering IPv4 / IPv6 Policing and Convergence Auto-VoIP Spanning Tree Green Ethernet VLANs Trunking Port Channel Ingress/ egress 1 Kbps shaping Time-based Single Rate Policing NETGEAR IGMPTM Plus for AV installers AV-related controls HTTPs CLI; MAB; Datasheet | M4250 series AV Line Managed Switches Software-at...
... (DOT1X; Telnet; SSH Audio over IP profiles SNMP, MIBs RSPAN Radius Users, TACACS+ AVB profile Video over IP profiles Mixed Audio and Video profiles IPv4 / IPv6 ACL and QoS, DiffServ IPv4 / IPv6 Multicast Filtering IPv4 / IPv6 Policing and Convergence Auto-VoIP Spanning Tree Green Ethernet VLANs Trunking Port Channel Ingress/ egress 1 Kbps shaping Time-based Single Rate Policing NETGEAR IGMPTM Plus for AV installers AV-related controls HTTPs CLI; MAB; Datasheet | M4250 series AV Line Managed Switches Software-at...
Product Datasheet
Page 10
or to IEEE 802.1AX with dynamic LAGs or port-channel (highly tunable LACP Link Aggregation Control Protocol ) LACP mode automatically reverts to and from Static LAG, useful when the host isn't LACP anymore, for instance during a factory reset or re-configuration Auto-LAG: If more than other vendor's Per VLAN RSTP for strict interoperability • FastBackbone feature selects new indirect port when an indirect port fails • Including industry-standard RPVST+ interoperability...
or to IEEE 802.1AX with dynamic LAGs or port-channel (highly tunable LACP Link Aggregation Control Protocol ) LACP mode automatically reverts to and from Static LAG, useful when the host isn't LACP anymore, for instance during a factory reset or re-configuration Auto-LAG: If more than other vendor's Per VLAN RSTP for strict interoperability • FastBackbone feature selects new indirect port when an indirect port fails • Including industry-standard RPVST+ interoperability...
Product Datasheet
Page 11
... routes that are supported for central software upgrades and configuration files management (HTTP, TFTP), including in highly secured versions (HTTPS, SFTP, SCP) Simple Network Time Protocol (SNTP) can be used to synchronize network resources and for adaptation of NTP, and can provide synchronized network timestamp either in a given VLAN on a given interface The M4250 series automatically configure the interconnect between switches for robust topologies With IGMP Plus, Auto-Trunk and Auto-LAG, your deployment will JUST WORK...
... routes that are supported for central software upgrades and configuration files management (HTTP, TFTP), including in highly secured versions (HTTPS, SFTP, SCP) Simple Network Time Protocol (SNTP) can be used to synchronize network resources and for adaptation of NTP, and can provide synchronized network timestamp either in a given VLAN on a given interface The M4250 series automatically configure the interconnect between switches for robust topologies With IGMP Plus, Auto-Trunk and Auto-LAG, your deployment will JUST WORK...
Product Datasheet
Page 12
... a router which switches IP packets transparently, a DHCP relay agent processes DHCP messages and generates new DHCP messages • Supports DHCP Relay Option 82 circuit-id and remote-id for VLANs Router Discovery Protocol is an extension to ICMP and enables hosts to dynamically discover the IP address of routers on local IP subnets • Multiple Helper IPs feature allows to configure a DHCP relay agent with multiple DHCP server addresses per routing interface and...
... a router which switches IP packets transparently, a DHCP relay agent processes DHCP messages and generates new DHCP messages • Supports DHCP Relay Option 82 circuit-id and remote-id for VLANs Router Discovery Protocol is an extension to ICMP and enables hosts to dynamically discover the IP address of routers on local IP subnets • Multiple Helper IPs feature allows to configure a DHCP relay agent with multiple DHCP server addresses per routing interface and...
Product Datasheet
Page 13
... and Dynamic ARP Inspection use the DHCP snooping bindings database per port and per -port basis on the switch • MAB initiates after unsuccessful dot1x authentication process (configurable time out), when clients don't respond to any binding and to enforce source IP/MAC addresses for malicious users traffic elimination Time-based Layer 2 / Layer 3-v4 / Layer 3-v6 / Layer 4 Access Control Lists (ACLs) can be binded to ports, Layer 2 interfaces, VLANs and LAGs (Link Aggregation Groups or Port channel) for fast unauthorized data prevention and...
... and Dynamic ARP Inspection use the DHCP snooping bindings database per port and per -port basis on the switch • MAB initiates after unsuccessful dot1x authentication process (configurable time out), when clients don't respond to any binding and to enforce source IP/MAC addresses for malicious users traffic elimination Time-based Layer 2 / Layer 3-v4 / Layer 3-v6 / Layer 4 Access Control Lists (ACLs) can be binded to ports, Layer 2 interfaces, VLANs and LAGs (Link Aggregation Groups or Port channel) for fast unauthorized data prevention and...
Product Datasheet
Page 14
... switches in the same Layer 2 network • Private VLANs are useful in DMZ when servers are tried in this order: Dot1x, then MAB, then Captive Portal (web authentication) • With BYOD, such Tiered Authentication is to detect and avoid unidirectional link forwarding anomalies in a Layer 2 communication channel Both "normal-mode" and "aggressive-mode" are supported for perfect compatibility with other users' traffic SSL version 3 and TLS version 2 ensure Web...
... switches in the same Layer 2 network • Private VLANs are useful in DMZ when servers are tried in this order: Dot1x, then MAB, then Captive Portal (web authentication) • With BYOD, such Tiered Authentication is to detect and avoid unidirectional link forwarding anomalies in a Layer 2 communication channel Both "normal-mode" and "aggressive-mode" are supported for perfect compatibility with other users' traffic SSL version 3 and TLS version 2 ensure Web...
Product Datasheet
Page 42
dense mode) PIM-DM (IPv6) PIM-SM (Multicast Routing - Datasheet | M4250 series AV Line Managed Switches Per VLAN Rapid STP (PVRSTP) STP Loop Guard STP Root Guard STP BPDU Guard STP BPDU Filtering STP BPDU Flooding L2 Services - Multicast Routing IGMP Proxy MLD Proxy Any Source Multicast (ASM) Source Specific Multicast (SSM) Multicast streams routing between subnets, VLANs Multicast static routes (IPv4, IPv6) Neighbor discovery PIM-DM (Multicast Routing - DHCP DHCP IPv4 / DHCP IPv6 Client DHCP IPv4 / DHCP IPv6 Server (Stateless, Stateful) DHCP Snooping IPv4 / IPv6 BootP Relay IPv4...
dense mode) PIM-DM (IPv6) PIM-SM (Multicast Routing - Datasheet | M4250 series AV Line Managed Switches Per VLAN Rapid STP (PVRSTP) STP Loop Guard STP Root Guard STP BPDU Guard STP BPDU Filtering STP BPDU Flooding L2 Services - Multicast Routing IGMP Proxy MLD Proxy Any Source Multicast (ASM) Source Specific Multicast (SSM) Multicast streams routing between subnets, VLANs Multicast static routes (IPv4, IPv6) Neighbor discovery PIM-DM (Multicast Routing - DHCP DHCP IPv4 / DHCP IPv6 Client DHCP IPv4 / DHCP IPv6 Server (Stateless, Stateful) DHCP Snooping IPv4 / IPv6 BootP Relay IPv4...
Product Datasheet
Page 44
...Attacks Protection CPU Rate Limiting ICMP throttling Management Management ACL (MACAL) Max Rules Out of band Management Radius accounting TACACS+ Malicious Code Detection Network Traffic Access Control Lists (ACLs) Time-based ACLs Protocol-based ACLs ACL over VLANs Dynamic ACLs IEEE 802.1x Radius Port Access Authentication 802.1x MAC Address Authentication Bypass (MAB) Network Authentication Successive Tiering Port Security IP Source Guard DHCP Snooping Dynamic ARP Inspection IPv6 RA Guard Stateless Mode MAC Filtering Port MAC Locking Private Edge VLAN Private VLANs Quality of Service (QoS) -
...Attacks Protection CPU Rate Limiting ICMP throttling Management Management ACL (MACAL) Max Rules Out of band Management Radius accounting TACACS+ Malicious Code Detection Network Traffic Access Control Lists (ACLs) Time-based ACLs Protocol-based ACLs ACL over VLANs Dynamic ACLs IEEE 802.1x Radius Port Access Authentication 802.1x MAC Address Authentication Bypass (MAB) Network Authentication Successive Tiering Port Security IP Source Guard DHCP Snooping Dynamic ARP Inspection IPv6 RA Guard Stateless Mode MAC Filtering Port MAC Locking Private Edge VLAN Private VLANs Quality of Service (QoS) -
Product Datasheet
Page 48
... selection; RSVA/1.0 state management cookies - SSH transport layer protocol RFC 2576 - An Architecture for the Simple Network Management Protocol (SNMP) RFC 1867 - RFC 4716 - RFC 4419 - SNMP Applications Java Script™ 1.3 Advanced Management Industry-standard CLI with file upload extensions Configurable Management VLAN RFC 1901 - Context-sensitive help Optional user password encryption Multisession Telnet server Auto Image Upgrade PAGE 48 of SNMP Protocol Operations RFC 1157 - Telnet option specifications RFC 3415 - SMI...
... selection; RSVA/1.0 state management cookies - SSH transport layer protocol RFC 2576 - An Architecture for the Simple Network Management Protocol (SNMP) RFC 1867 - RFC 4716 - RFC 4419 - SNMP Applications Java Script™ 1.3 Advanced Management Industry-standard CLI with file upload extensions Configurable Management VLAN RFC 1901 - Context-sensitive help Optional user password encryption Multisession Telnet server Auto Image Upgrade PAGE 48 of SNMP Protocol Operations RFC 1157 - Telnet option specifications RFC 3415 - SMI...
Product Datasheet
Page 50
... address - IPv6 flow label - IP DSCP to a specific queue - Minimum and maximum bandwidth per queue - Generate trap log entries containing rule hit counts Auto VoIP RFC 1112 - Congestion control in IPv4/IPv6 headers RFC 2475 - Using ARP to a specific port - An architecture for IP multicasting RFC3973 - Datasheet | M4250 series AV Line Managed Switches RFC 826 - The BSD syslog protocol with RFC 5424 update RFC 951 - Ethernet ARP RFC 894 - VLAN...
... address - IPv6 flow label - IP DSCP to a specific queue - Minimum and maximum bandwidth per queue - Generate trap log entries containing rule hit counts Auto VoIP RFC 1112 - Congestion control in IPv4/IPv6 headers RFC 2475 - Using ARP to a specific port - An architecture for IP multicasting RFC3973 - Datasheet | M4250 series AV Line Managed Switches RFC 826 - The BSD syslog protocol with RFC 5424 update RFC 951 - Ethernet ARP RFC 894 - VLAN...
Product Datasheet
Page 54
....2 for HTTPS web-based access 2048-bit RSA key pairs SHA2-256 and SHA2-512 cryptographic hash functions File transfers (uploads, downloads) Secured protocols for file transfers HTTP Max Sessions SSL/HTTPS Max Sessions HTTP Download (firmware) Email Alerting Syslog (RFC 3164) (RFC 5424) Persistent log supported User Admin Management User ID configuration Max number of configured users Support multiple READWRITE Users Max number of IAS users (internal user database) Authentication login lists Authentication Enable lists Yes Provides...
....2 for HTTPS web-based access 2048-bit RSA key pairs SHA2-256 and SHA2-512 cryptographic hash functions File transfers (uploads, downloads) Secured protocols for file transfers HTTP Max Sessions SSL/HTTPS Max Sessions HTTP Download (firmware) Email Alerting Syslog (RFC 3164) (RFC 5424) Persistent log supported User Admin Management User ID configuration Max number of configured users Support multiple READWRITE Users Max number of IAS users (internal user database) Authentication login lists Authentication Enable lists Yes Provides...