Switch management
Manage your switches.
You can view system information and configure settings for the selected switch. The summary section gives a quick view of the following information.
System details
| Information | Description |
|---|---|
| Alerts | Shows the number of alerts the switch has reported to Sophos Central. Click the number to view the alerts page. |
| Connection usage | Shows the current connection as the percentage that is available. |
| PoE status | Shows the power over ethernet status as a percentage of the wattage currently used. |
The second part of the summary section shows an overview of the switch ports. Hover your cursor over a port to view the port settings.
The following information and configuration options are available:
- System details.
- VLANs.
- Port settings.
- Task queue.
- Diagnostics.
System details
The System details section gives an overview of the switch system. You can also reapply the switch settings or remove your switch from Sophos Central management.
The following table describes the system details.
VLANs
| Option | Description |
|---|---|
| Serial no. | Shows the serial number of the switch. |
| Model | Shows the switch model. |
| Device name | Shows the device name. The default name is the same as the switch model. |
| State | The status of the switch.
|
| Site | The site template that's applied to the switch. |
| MAC Address | The MAC address of the switch. |
| Powered on | When the switch was last powered on. Click Reboot to restart the switch. |
| Firmware | Shows the version of both the switch firmware and the Sophos Central agents. You can apply apply new agent firmware when it becomes available. |
To stop managing your switch from Sophos Central, click Remove from Sophos Central.
VLANs
On the VLANs page, you can add, delete and edit the VLANs assigned to the switch.
To add a VLAN, do as follows:
- Click Add VLAN.
- In the Add VLAN window, enter the VLAN information and click Save.
The information you must enter is described below:
- Name: Enter a name for the VLAN.
- VLAN ID: Enter the VLAN ID. This must be a number from 2 to 4094.
- Color: Select a color to be displayed in the admin console for the VLAN. This is only a visual guide and doesn't affect the VLAN function.
- Description: Enter a description for the VLAN.
-
Untagged ports: From the drop-down menu, select which ports are untagged. These ports only allow traffic to pass from the single VLAN.
Warning
All untagged ports use the default VLAN ID. To allow traffic from other VLANs ports must be tagged.
-
Tagged ports: From the drop-down menu, select which ports will be tagged. These are trunk ports, allowing traffic from multiple VLANs to pass through a single port.
Port settings
Warning
If you use LAG, don't make any configuration changes to the LAG ports. For more information, see knowledgebase article 4518.
The Port settings page allows the configuration of individual switch ports, and displays information for each port.
The following information and configuration options are described in the table below.
Task queue
| Option | Description |
|---|---|
| Port | Shows the port number. |
| Label | Shows the label, if any, that you've assigned to the port. |
| Flow control | Shows the current flow control status of the port. The status can be:
|
| Speed / Duplex | Show the current speed and duplex setting of the port. The setting can be:
|
| Untagged VLAN | Shows the untagged VLAN assigned to the port. Only one untagged VLAN can be assigned to a single port. |
| Tagged VLAN | Shows the tagged VLANs assigned to the port. You can assign multiple tagged VLANs to a single port. |
| Configuration source | Shows how the port was configured. You can configure a port manually or by using a site template. |
Task queue
The task queue shows an overview of actions, and their status, that have been carried out on the switch. You can also synchronize settings between Sophos Central and the switch.
Turn on Auto refresh to automatically refresh the task queue when new actions are taken.
Click Synchronize to synchronize changes made in Sophos Central with the switch.
Warning
If you use LAG on any of your switch ports, don't use synchronize. For more details, see knowledgebase article 4518.
The task queue table shows the following information.
Diagnostics
| Option | Description |
|---|---|
| Status | Shows the status of the task.
|
| Switch | Shows the serial number of the switch that the task is created for. |
| Site | Shows the site of the switch. |
| Entity | Shows the switch module that the task relates to. For example, synchronization, firmware, and remote support. |
| Action | The action that the task performs. For example, turning on or turning off firmware updates or remote support. |
| Created at | Shows the date and time the task was created. |
Diagnostics
You can generate reports and view information about the performance of your switch. You can also open a remote support tunnel to allow remote debugging by Sophos support.
Note
The remote debugging only allows access to the switches CLI and doesn't give access to the web admin of the switch. To allow support to access the web admin you need to set up a remote session.
The reports are opened in the local switch admin console in a new browser window.
You must be on the same subnet as the switch you wish to access from Sophos Central.
The following table describes the available diagnostic information.
| Option | Description |
|---|---|
| Resource Usage | Shows a real-time graphical report displaying the current system CPU and memory usage. Opens the local switch web UI at Monitor > Realtime Meters. |
| Port Statistics | Shows details of the in and out packet counts and TX and RX errors for each individual port. Opens the local switch web UI at Monitor > Statistics > Ports. |
| MAC Address Table | Shows the MAC address table, which gives information about discovered devices for each individual port and VLAN. Opens the local switch web UI at Monitor > Dynamic MAC Address Monitor > Static MAC Address. |
| PoE Power Usage | The dashboard and PoE Port settings pages provide details per port on current, voltage, and power draw information. Opens the local switch web UI at Monitor > Dashboard > PoE Power Settings. |
| Network Diagnostics | You can use ping and traceroute to test switch connectivity and Layer three routing functionality. Opens the local switch web UI at Analyze > Ping Test Analyze > Trace Route. |
| Event Logging | You can use the local logging page to configure which events will be logged locally on the switch. You may need to enable logging of higher error levels to detect certain events. You must only turn this on while troubleshooting. The logged details are shown on the log table. Opens the local switch web UI at Monitor > Local Logging Monitor > Log Table. |
| Cable Diagnostics | Select the ports that are connected to the cable you want to test. Click Test to run a cable diagnostics test on the selected switch ports. Opens the local switch web UI at Analyze > Diag Tools. |
| SFP Module Info | Shows what capabilities and information your connected fiber modules are providing to the switch. Opens the local switch web UI at Monitor > SFP Module Information. |
| Open local switch management | Opens to local switch web admin console. |
| Turn on remote debugging | Allows debugging access by Sophos support. |
To turn on remote debugging, do as follows:
- Select the validity period from the drop-down list.
- Click Turn on.