Switch management

Manage your switches.

You can view system information and configure settings for the selected switch. The summary section gives a quick view of the following information.

Information

Description

Alerts

Shows the number of alerts the switch has reported to Sophos Central. Click the number to view the alerts page.

Connection usage

Shows the current connection as the percentage that is available.

PoE status

Shows the power over ethernet status as a percentage of the wattage currently used.

Switch Management summary.

The second part of the summary section shows an overview of the switch ports. Hover your cursor over a port to view the port settings.

Switch summary overview panel.

The following information and configuration options are available:

  • System details.
  • VLANs.
  • Port settings.
  • Task queue.
  • Diagnostics.

System details

The System details section gives an overview of the switch system. You can also reapply the switch settings or remove your switch from Sophos Central management.

System details.

The following table describes the system details.

Option

Description

Serial no.

Shows the serial number of the switch.

Model

Shows the switch model.

Device name

Shows the device name. The default name is the same as the switch model.

State

The status of the switch.

  • Registering: Waiting to connect.
  • Connected: Connected.
  • Registered: Registered.
  • Unregistered: Registration timed out.
  • Disconnected: Disconnected for X amount of time.
  • Synchronized: Synchronized.
  • Waiting for sync: Waiting for synchronization.
  • Pending: Tasks pending.
  • Syncing: Synchronizing.
  • Out of sync: Error needs attention.
  • Suspended: Firmware is out of date and needs to be updated.

Site

The site template that's applied to the switch.

MAC Address

The MAC address of the switch.

Powered on

When the switch was last powered on.

Click Reboot to restart the switch.

Firmware

Shows the version of both the switch firmware and the Sophos Central agents. You can apply apply new agent firmware when it becomes available.

To stop managing your switch from Sophos Central, click Remove from Sophos Central.

VLANs

On the VLANs page, you can add, delete and edit the VLANs assigned to the switch.

To add a VLAN, do as follows:

  1. Click Add VLAN.
  2. In the Add VLAN window, enter the VLAN information and click Save.

The information you must enter is described in the table below:

  • Name: Enter a name for the VLAN.
  • VLAN ID: Enter the VLAN ID. This must be a number from 2 to 4094.
  • Color: Select a color to be displayed in the admin console for the VLAN. This is only a visual guide and doesn't affect the VLAN function.
  • Description: Enter a description for the VLAN.
  • Untagged ports: rom the drop-down menu, select which ports are untagged. These ports will only allow traffic to pass from the single VLAN.
    Warning All untagged ports use the default VLAN ID. To allow traffic from other VLANs ports must be tagged.
  • Tagged ports: From the drop-down menu, select which ports will be tagged. These are trunk ports, allowing traffic from multiple VLANs to pass through a single port.
Add VLAN window.

Port settings

Warning If you use LAG, don't make any configuration changes to the LAG ports. For more information, see knowledgebase article 4518.

The Port settings page allows the configuration of individual switch ports, and displays information for each port.

The following information and configuration options are described in the table below.

Option

Description

Port

Shows the port number.

Label

Shows the label, if any, that you've assigned to the port.

Flow control

Shows the current flow control status of the port. The status can be:

  • Enabled: Flow control is turned on.
  • Disabled: Flow control is turned off.
  • Not set: Flow control status hasn't been configured.

Speed / Duplex

Show the current speed and duplex setting of the port. The setting can be:

  • Auto: The speed and duplex settings are automatically negotiated between connected ports.
  • 10M / Half: Ten megabit, half-duplex.
  • 10m / Full: Ten megabit, full-duplex.
  • 100M / Half: One hundred megabit, half-duplex.
  • 100M / Full: One hundred megabit, full-duplex.
  • 1G / Full: One gigabit, full-duplex.
  • Disabled: The port is disabled.
  • Not set: The port hasn't been configured.

Untagged VLAN

Shows the untagged VLAN assigned to the port. Only one untagged VLAN can be assigned to a single port.

Tagged VLAN

Shows the tagged VLANs assigned to the port. You can assign multiple tagged VLANs to a single port.

Configuration source

Shows how the port was configured. You can configure a port manually or by using a site template.

Task queue

The task queue shows an overview of actions, and their status, that have been carried out on the switch. You can also synchronize settings between Sophos Central and the switch.

Task queue.

Turn on Auto refresh to automatically refresh the task queue when new actions are taken.

Click Synchronize to synchronize changes made in Sophos Central with the switch.

Warning If you use LAG on any of your switch ports, don't use synchronize. For more details, see knowledgebase article 4518.

The task queue table shows the following information.

Option

Description

Status

Shows the status of the task.

  • Registering: Waiting to connect.
  • Connected: Connected.
  • Registered: Registered.
  • Unregistered: Registration timed out.
  • Disconnected: Disconnected for X amount of time.
  • Synchronized: Synchronized.
  • Waiting: A task is waiting to be completed. You can skip a waiting task by clicking the Skip button next to the status.
  • Pending: Tasks pending.
  • Syncing: Synchronizing.
  • Out of sync: Error needs attention.
  • Suspended: Firmware is out of date and needs to be updated.

Switch

Shows the serial number of the switch that the task is created for.

Site

Shows the site of the switch.

Entity

Shows the switch module that the task relates to. For example, synchronization, firmware, and remote support.

Action

The action that the task performs. For example, turning on or turning off firmware updates or remote support.

Created at

Shows the date and time the task was created.

Diagnostics

You can generate reports and view information about the performance of your switch. You can also open a remote support tunnel to allow remote debugging by Sophos support.

Note The remote debugging only allows access to the switches CLI and doesn't give access to the web admin of the switch. To allow support to access the web admin you need to set up a remote session.

The reports are opened in the local switch admin console in a new browser window.

You must be on the same subnet as the switch you wish to access from Sophos Central.

The following table describes the available diagnostic information.

Option

Description

Resource Usage

Shows a real-time graphical report displaying the current system CPU and memory usage.

Opens the local switch web UI at Monitor > Realtime Meters.

Port Statistics

Shows details of the in and out packet counts and TX and RX errors for each individual port.

Opens the local switch web UI at Monitor > Statistics > Ports.

MAC Address Table

Shows the MAC address table, which gives information about discovered devices for each individual port and VLAN.

Opens the local switch web UI at Monitor > Dynamic MAC Address Monitor > Static MAC Address.

PoE Power Usage

The dashboard and PoE Port settings pages provide details per port on current, voltage, and power draw information.

Opens the local switch web UI at Monitor > Dashboard > PoE Power Settings.

Network Diagnostics

You can use ping and traceroute to test switch connectivity and Layer three routing functionality.

Opens the local switch web UI at Analyze > Ping Test Analyze > Trace Route.

Event Logging

You can use the local logging page to configure which events will be logged locally on the switch. You may need to enable logging of higher error levels to detect certain events. You must only turn this on while troubleshooting. The logged details are shown on the log table.

Opens the local switch web UI at Monitor > Local Logging Monitor > Log Table.

Cable Diagnostics

Select the ports that are connected to the cable you want to test. Click Test to run a cable diagnostics test on the selected switch ports.

Opens the local switch web UI at Analyze > Diag Tools.

SFP Module Info

Shows what capabilities and information your connected fiber modules are providing to the switch.

Opens the local switch web UI at Monitor > SFP Module Information.

Open local switch management

Opens to local switch web admin console.

Turn on remote debugging

Allows debugging access by Sophos support.

To turn on remote debugging, do as follows:

  1. Select the validity period from the drop-down list.
  2. Click Turn on.