Extreme Networks EPICenter 6.0 Reference Manual Download Page 493 | Manualshive

Page: 493 / 580

background image

Creating a New Policy

EPICenter Reference Guide

493

Figure 256: Service selection for an IP policy

From this list you can select from the standard TCP, UDP, IP services, from Custom Applications,
or from specific named services (applications) that are known to the EPICenter policy server. In
the list shown in

Figure 256

, Baan is an example of such a service, and has been preconfigured

with a protocol and L4 port. If you select an application, the policy server will determine the L4
port from its pre-configured value in the EPICenter database.

The settings “Deny TCP SYN packets” and “Deny TCP SYN packets Any” are the same as the
ExtremeWare settings called “TCP permit established.” These settings specify that all

new

TCP

connections (as indicated by the presence of a Sync request) from the client endpoints to the
server will be denied (existing TCP sessions will continue). When you select either of the “Deny
TCP SYN packet” settings, the traffic direction is automatically set from client to server.

NOTE

When you select either of the Deny TCP SYN packets services, the QoS profiles for all devices in your policy
scope are automatically set to “blackhole” to accomplish the denial of new TCP traffic.

b

To specify an L4 port or port range, enter a port number in the

L4 Port Range

field. Enter a

single port number, or a port range in the form

<

first_port

>-<

last_port

>

.

The L4 Port Range field appears only if you select a service that requires a port specification.
These selections are:

■

Specify TCP port range

■

Specify UDP port range

■

Deny TCP SYN packets

The other selections either indicate any port (TCP Any, UDP Any, IP Any, Deny any TCP SYN
packets) or translate directly to an L4 port.

c

If you want to specify an L4 port for the

client or user

endpoints, click the

Specify client L4 port

or the

Specify user L4 port

check box to display the client service selection fields. The drop-down

list of services is limited to the ability to specify TCP or UDP Any, or a TCP or UDP port range.

11

The last step is to define the access domain for a Security policy or scope for an IP policy—the
devices on which the access list rules should be implemented, along with the QoS profile that should
be associated with these rules.

«
...
491
492
493
494
495
...
»

Summary of Contents for EPICenter 6.0

Page 1: ...e Networks Inc 3585 Monroe Street Santa Clara California 95051 888 257 3000 408 579 2800 http www extremenetworks com EPICenter Reference Guide Version 6 0 Published November 2006 Part number 100248 00 Rev 01 ...

Page 2: ...r its subsidiaries in the United States and other countries Other names and marks may be the property of their respective owners 2006 Extreme Networks Inc All Rights Reserved Specifications are subject to change without notice Merit is a registered trademark of Merit Network Inc Solaris and Java are trademarks of Sun Microsystems Inc in the U S and other countries Avaya is a trademark of Avaya Inc...

Page 3: ...tions 29 The Navigation Toolbar 29 The Main Feature Frame 31 EPICenter Menus 32 The Component Tree 34 The Status Detail Information Panel 35 Feature Function Buttons 37 EPICenter Dialog Boxes 37 Right Click Pop Up Menus 38 The External App Sub Menu 39 The Device Sub Menu 39 The Technical Support Sub Menu 40 The Macros Sub Menu 41 The Properties Command 42 Printing from EPICenter 42 Help on Help 42...

Page 4: ...perties 86 Device Properties 88 Slot Properties 92 Port Properties 96 Chapter 4 The EPICenter Alarm System 101 Overview of the EPICenter Alarm System 101 Alarm Manager Functions 102 Predefined Alarms 102 The Alarm Log Browser 103 The Alarm Log Browser Summary 104 Acknowledging an Alarm 105 Deleting Alarm Log Entries 105 Deleting Groups of Log Entries 106 Viewing Alarm Details 106 Creating an Alarm...

Page 5: ... Menus 143 Configuration File Locations 144 Device Configuration Summary Status 145 Uploading Configurations from Devices 149 Changing the Configuration Filename Format 151 Archiving Configuration Settings 151 Scheduling Device Archive Uploads 152 Scheduling Global Archive Uploads 153 Setting Archive Limits 155 Archive Baseline Differences Report 156 Configuring Email Notification of Archive Basel...

Page 6: ...etworks Switches 197 Using Telnet Macros 199 Built in Telnet Macros 199 The Macro Player 200 Playing a Macro 202 Using Variables in a Macro 203 Configuring a Repeat Interval 204 Viewing Macro Results 204 Loading a Saved Macro 207 The Macro Editor 208 Creating Macros for Context Based Replay 210 Saving a Macro 214 Loading a Macro for Editing 214 Deleting a Macro 214 Importing Macros 214 Exporting a...

Page 7: ... Functions 251 ExtremeWare Software Requirements 252 Tasks List Summary Window 252 Creating a Search Task 254 Detailed Task View 257 Exporting Task Results to a Text File 259 Chapter 10 Real Time Statistics 261 Overview of Real Time Statistics 261 Real Time Statistics Functions 262 Real Time Statistics Function Buttons 263 The Statistics Menu 264 Pop Up Menus 264 Displaying Multi Port Statistics 2...

Page 8: ...05 Layout Map 305 Layout Map in Window 306 Fit Map in Window 307 Expand Map 308 Compress Map 308 Inflate Nodes 309 Deflate Nodes 309 Undo Map Edit 309 Zoom Map In 309 Zoom Map Out 310 Unzoom Map 310 Sync Links for Map or Sync Links for All Maps 310 Find Map Node 311 Map Properties 312 Print Map 315 The Display Menu 316 VLAN Information 316 The Tools Menu 318 Mark Links Mode 318 Add Links to VLAN 3...

Page 9: ...s 349 EPICenter Access Roles 350 EPICenter and RADIUS Authentication 351 Setting EPICenter Server Properties 351 User Administration 352 Adding or Modifying User Accounts 353 Deleting a User 354 Changing Your Own User Password 354 Role Administration 355 Adding or Modifying a Role 357 Deleting a Role 359 RADIUS Administration 359 RADIUS Client Configuration 360 RADIUS Server Configuration 361 Disa...

Page 10: ... 402 VLAN Reports 405 VLAN Summary Report 405 Voice VLAN Summary Voice Over IP Reports 407 EAPS Reports 408 EAPS Summary 408 EAPS Log Report 409 Log Reports 410 Alarm Log Report 410 Event Log 412 Syslog System Log 415 The Configuration Management Activity Log 416 Wireless Reports 418 Wireless Summary Report 418 Wireless AP Wireless Port Inventory Report 420 Wireless Interface Report 422 Safe AP MA...

Page 11: ...ing a Table Display 466 The EAPS Domain Details Display 467 The Devices Tab 469 The Device Details Display 471 The Links Tab 475 EAPS Log Reports 478 Chapter 17 Using the Policy Manager 481 Using the Policy Manager 481 The Policies View 482 Policy Definition Page 484 Policy Traffic Page 486 Creating a New Policy 488 Edit Policy Endpoints Window 495 Edit Policy Access Domain Policy Scope Window 497...

Page 12: ...enter Backup 537 EPICenter Log Backups 537 Database Utilities 537 The Validation Utility 538 Using the DBVALID Command Line Utility 538 Database Connection Parameters 539 The Backup Utility 539 The DBBACKUP Command Line Utility 539 Database Connection Parameters 540 Installing a Backup Database 540 Appendix C The Spanning Tree Monitor 543 Overview of the Spanning Tree Monitor 543 STP Monitor Funct...

Page 13: ...EPICenter Reference Guide 13 QoS Settings for a VoIP VLAN 556 Default Configuration Attributes 557 Minimum Bandwidth Calculations 558 Configuring QoS Settings 560 VoIP Reports 563 Index 565 ...

Page 14: ...EPICenter Reference Guide 14 ...

Page 15: ...Routing concepts The Simple Network Management Protocol SNMP NOTE If the information in the Release Notes shipped with your software differs from the information in this guide follow the Release Note Terminology When features functionality or operation is specific to the Summit Alpine or BlackDiamond switch family the family name is used Explanations about features and operations that are the same...

Page 16: ...This typeface represents information as it appears on the screen Screen displays bold This typeface indicates how you would type a particular command The words enter and type When you see the word enter in this guide you must type something and then press the Return or Enter key Do not press the Return or Enter key when an instruction simply says type Key names Key names appear in text in one of t...

Page 17: ...s throughout the software Other manuals that you will find useful are ExtremeWare Software User Guide ExtremeWare Command Reference Guide ExtremeXOS Concepts Guide ExtremeXOS Command Reference Guide For documentation on Extreme Networks products and for general information about Extreme Networks see the Extreme Networks home page http www extremenetworks com Customers with a support contract can a...

Page 18: ...Preface EPICenter Reference Guide 18 ...

Page 19: ...1 EPICenter Basic Features ...

Page 20: ......

Page 21: ...implicity Simplicity begins with a detailed real time view of the entire network EPICenter s topology view provides users with an overview of every element of the network and how they all connect at Layer 2 and Layer 3 Centralized configuration management and firmware management simplifies the configuration and maintenance of your network elements These functions can be performed simultaneously on...

Page 22: ...nt can be discovered by the EPICenter Inventory Manager and monitored at a basic level These devices can appear on a topology map with basic status and alarm handling based on MIB 2 functionality Based on EPICenter s Third Party Integration Framework selected appliances from Extreme Networks partners can be integrated into EPICenter in a robust fashion that allows reporting the use of Telnet macro...

Page 23: ...xtreme Networks web site for the most current information on device support in the EPICenter software Third Party Device Support Any device running a MIB 2 compatible SNMP agent can be discovered by the EPICenter Inventory manager and saved in the Inventory database All devices in the database can also appear on a topology map The EPICenter alarm system can handle basic MIB 2 SNMP traps from any d...

Page 24: ...EPICenter Overview EPICenter Reference Guide 24 ...

Page 25: ... version 6 0 or later If you have not yet installed version 6 0 see the EPICenter Software Installation and Upgrade Quick Start for instructions The EPICenter Home Page The EPICenter Home page displays the Network Status Summary Report a simple HTML report with some basic statistics on the status of your network Click on the description of the problem where it is underlined in the left hand side o...

Page 26: ...tical alarms in the last 24 hours that have not been acknowledged The number of Syslog messages with a priority of Critical or worse that occurred in the last 24 hours The number of Invalid Login alarms that have occurred in the last 24 hours The number of Authentication Failure alarms that have occurred in the last 24 hours For any of these items where the number is non zero the description becom...

Page 27: ... Summary Report Each row in the summary provides the status of one of the EPICenter server group members It provides the following information about each server The server name Clicking on the server name initiates the Dynamic Reports module for that server You can then run any of the available HTML reports A link that can launch a client connection to the server Clicking on the Client link launch...

Page 28: ...he bottom of the Summary Report panel you can navigate to the About EPICenter page The About EPICenter page shown in Figure 3 provides information about the version of EPICenter that you are running This information may be needed if it becomes necessary for you to contact Extreme Networks Technical Support Figure 3 The About EPICenter page From this page you can do the following Access the online ...

Page 29: ...o access various EPICenter features The buttons that appear in this Toolbar are determined by the features that the EPICenter administrator has enabled or disabled for this installation of EPICenter and by the features enabled by the role assigned to your user account The Navigation Toolbar may include additional optional features such as the EPICenter Policy Manager if you have a license for thos...

Page 30: ...with one or more MAC or IP addresses or identify the IP or MAC addresses connected to a set of ports Telnet An interactive Telnet application where you can create and run command line macros on multiple devices in one operation You can also establish Telnet sessions with individual switches both Extreme Networks and third party devices RT Stats The Real Time statistics applet that provides graphs ...

Page 31: ...ade license which requires the installation of an Advanced Upgrade license key ServiceWatch The EPICenter ServiceWatch software which can be launched from within the EPICenter client ServiceWatch is not an EPICenter feature but a separate product You can enable the integration into the EPICenter Navigation Toolbar through the Server Properties pages in the EPICenter Administration applet There are...

Page 32: ...ion some applets provide an applet specific set of buttons at the top of the main applet frame These provide access to specific applet functions such as adding deleting or configuring components managed by the applet See Feature Function Buttons on page 37 for more details Other applets provide tabbed pages for different functions within the applet EPICenter Menus EPICenter features except Reports...

Page 33: ...reme Networks s Technical Assistance Center TAC is helping you with a problem they may request that you send them the data you collect from this command See The Technical Support Sub Menu on page 40 for details on using this command Device Enables you to view other types of information about a device from other EPICenter applets without having to leave the current applet Provides a submenu of appl...

Page 34: ...nted both by a text identifier and by a small icon that represents the type of object Following are some examples of icons used in the Component Tree Devices are identified in the tree by their device name as defined in the SysName MIB variable and IP address A user with administrator access can change this to reverse the order of the IP address and device name or to display the device name only T...

Page 35: ...alarm status displayed for the device group See Alarm Propagation to the Device Group on page 50 for more information on alarm propagation including how to disable or enable it for a device An alarm icon shown for the device group indicates the highest severity unacknowledged alarm among those devices within the device group that have alarm propagation enabled If a device is offline the text ident...

Page 36: ...e depending on which applet you are viewing and also on the permissions associated with your user account Resizing Columns In a wide columnar display such as shown in Figure 6 you can resize the widths of each column To do this follow these steps 1 Place the cursor over the line separating the column you want to resize from the column to its right 2 Click and hold the left mouse button to grab the...

Page 37: ...unctions provided by these buttons are the same as the functions found in the Feature menu Most buttons invoke a pop up dialog box for the function such as the Add VLAN function shown in Figure 7 NOTE If you have a Monitor role some or all of the buttons in a given applet are not available to you For example in the VLAN Manager a user with the Monitor role can view information about the components...

Page 38: ... click Apply to commit those settings then display the IP Forwarding settings and make changes on that page Close Closes the dialog box dismissing ant unapplied actions Use to exit the dialog box when you are finished Reset This typically restores the dialog box to the state it was in when it was opened clearing any selections on the screen and resetting the data to the current information from th...

Page 39: ...ts However for most third party devices the Device Manager command is not available The Device Sub Menu The Device command provides a sub menu of commands that let you view the following information for the selected device Table 4 Right Click Pop Up Menu Basic Commands External App If EPICenter has been configured to launch an external application for the selected third party device a link to the ...

Page 40: ...Statistics on page 261 for details about the Real Time Statistics feature Sync The Sync command causes EPICenter to poll the switch and update all configuration and status information See Updating Device Information The Sync Operation on page 80 for details about this command Telnet The Telnet command opens an EPICenter Telnet window that is connected to the selected device See Running a Telnet Se...

Page 41: ...on option is checked EPICenter executes the following commands For devices running ExtremeWare 7 3 or later the show tech support all command is executed For devices running ExtremeXOS the show tech all detail command is executed You can change the location where this file will be saved By default the file name will start with TACInfo and will include the device IP address and timestamp TACInfo_ I...

Page 42: ...and the HTML based Reports described in EPICenter Reports on page 373 You can print the HTML reports using the browser print button However you should click in the panel where the report is displayed to ensure that only that panel is printed If you print without doing this the Navigation Toolbar may not be refreshed and you will need to refresh the client manually Help on Help The online help syst...

Page 43: ...tton This expands the Table of Contents in the navigation panel at the left of the page to display the headings that surround the page you are viewing You can print the page you are viewing by clicking the print button found at the top right From the Help window you can display the full EPICenter Reference Guide as an Acrobat PDF file by clicking the PDF button This requires a version of Adobe s A...

Page 44: ...Getting Started with EPICenter EPICenter Reference Guide 44 ...

Page 45: ...he Inventory Manager Add function Once a network device is known to the EPICenter database you can assign it to one or more device groups and configure it using the Inventory Manager VLAN Manager Configuration Manager Firmware Manager Interactive Telnet or Telnet macros or through the optional Policy Manager You can receive alarms about faults on the device and you can view a hierarchical topology...

Page 46: ...Manager applet provide the following functions These functions may also be accessed through the Inventory menu and the Delete Modify and Sync functions may be accessed from the pop up menu accessed by right clicking a component in the Component Tree The Inventory Menu EPICenter provides a set of menus at the top of the main applet frame Most of these are standard across all the EPICenter applets a...

Page 47: ...tion as the Modify button See Modifying Devices and Device Groups on page 73 Sync Update configuration and status information Device Update configuration and status information for one of more devices except for contact information This performs the same function as the Sync button See Updating Device Information The Sync Operation on page 80 FDB Update the MAC address database for the device This...

Page 48: ...lable if the device supports FDB polling MAC Polling must be enabled through the MAC Polling Server Properties in the Admin applet Disable Alarm Propagation Enable Alarm Propagation Enables or disables Alarm Propagation for the selected device or device group If disabled this device will not be included when determining the alarm status at the device group level See Alarm Propagation to the Device...

Page 49: ...y one device group Default You cannot delete or change the name of the Default device group Click on the plus sign to the left of a Device Group name to display the list of switches that are members of that group A red circle with a white S next to a device indicates that the device is not reachable through SNMP The device name is also shown in red to indicate that it is not operational A device n...

Page 50: ...l not be factored into the alarm status for the Device Group This lets you base alarm propagation at the device group level on a subset of critical devices while ignoring less critical devices Devices with alarm propagation disabled show an X through the alarm icon However the color of the alarm icon still indicates the correct alarm status for the alarm You can also disable alarm propagation for ...

Page 51: ...ay Device is offline EPICenter will not communicate with the device You can create references to the device for alarms policy groups device groups RMON thresholds and so on The network state of the device including port status ESRP configured VLANs and STP is preserved when the device returns to online status Red Device is not responding to EPICenter status queries This may mean that the device is...

Page 52: ...s gathered from the switch agent Figure 11 Device Detail Display chassis view This view shows an active graphical display of the switch front panel as well as a panel of status information For some devices a back panel view may also be provided S w Version The firmware version running on the device SNMP The SNMP version version 1 or version 3 used on the device Device Login The device login name U...

Page 53: ...play string if one has been applied Figure 12 Device Detail Display ports status The Additional Info field You can add additional information about the selected device by typing into the Additional Info field see Figure 13 You can enter up to 255 characters of information into this free form text field The information is stored in the EPICenter database not on the device itself As soon as you type...

Page 54: ...or power supply by clicking the cursor on the item in the switch image Display the list of slots or ports in the Component Tree and select the element about which you want status information In the Component Tree the type and status of a port is indicated by its shape and color red if the port is disabled green if it is enabled and active neutral black white gray if it is enabled and ready but ina...

Page 55: ...evice are displayed in the Device Information panel The Additional Info field For slots and ports you can enter additional information into a free form Additional Info text field that is stored in the EPICenter database This information is not stored in the device You can enter up to 255 characters of information in this field As soon as you type in this field the Save button at the top left of th...

Page 56: ...the Inventory Manager The detail display is split into side by side display as shown in Figure 15 Individual stack members are shown in a manner similar to the way modules in a chassis device are displayed and are referred to as slots in some of the information displays Figure 15 Device Details display for a stacking device The graphical display for a stacking device is presented in three tabs the...

Page 57: ... a slot or a port on a device for which FDB polling is enabled by selecting the slot or port in the Component Tree Device This shows basic information about the stacking device The information is similar to the information shown for other Extreme Networks devices but for the entire stacking device Power Fan This tab shows power supply and fan status for every slot stack member in the stack Stackin...

Page 58: ...ted for the MAC address Dynamic Shows a green check if the entry is dynamic shows a red X if it is not Static Shows a green check if there is a static entry for the MAC in the permanent FDB shows a red X if there is not Permanent Shows a green check if the entry is permanent shows a red X if it is not Forwarding Type The forwarding type MAC IP IPX MAC IP MAC IPX or unknown Discovered The date and ...

Page 59: ...rored Whether the MAC is mirrored Yes No Questionable Whether the MAC is questionable Yes No Remapped Whether the MAC has been remapped Yes No Translated Whether the MAC has been translated Yes No MAC Address The MAC address that defines the entry Port List Ports to which the permanent FDB entry applies Dynamic Shows a green check if the entry is dynamic shows a red X if it is not Static Shows a g...

Page 60: ...de you want to re enable 2 Select the Edge Port FDB tab This will display the empty Operational FDB display for the port 3 Click the button at the bottom of the display that is now labeled Enable FDB Polling If the port already has FDB polling enabled the button at the bottom of the page will instead be labeled Disable FDB Polling Third Party Device Status If the device you select is a third party...

Page 61: ...evelop additional device images they will be made available on Extreme Networks support web site under the Patches section at www extremenetworks com services software EPICenter asp You can also contact your Extreme Networks sales representative or reseller if you would like help from Extreme s Professional Services organization for creating images or configuration files for specific devices Disco...

Page 62: ...ddress with Wild Cards Specify the device address range using wild cards such as 10 203 10 or 10 203 Valid wildcard characters are and dash acts as a wildcard for the entire octet 0 255 is a wildcard for a single digit 0 9 lets you specify a range for any octet You can use this in more than one octet Note that you cannot combine the dash with another wildcard in the same octet You can also use the...

Page 63: ...age have the following functions SNMP Read Community Specify or verify the SNMP Read Community string so that EPICenter can retrieve information from any SNMP version 1 devices it discovers Enable SNMP V3 Discovery Select Enable SNMP V3 Discovery if devices on your network use SNMP version 3 SNMP Timeout Specify the length of time to wait for an SNMP request to complete when attempting to contact ...

Page 64: ...nd displays status messages for each device it finds as it works through the set of IP addresses you have specified Figure 20 Results of a discovery with details visible When the discovery has completed the set of discovered devices is listed in the top panel of the Discovery Results window NOTE These devices are NOT automatically entered into the EPICenter database You must explicitly select and ...

Page 65: ... passwords you specify are correct for each device A device cannot be added if the password is not correct Figure 21 Setting default device options for discovered devices 3 Enter or make changes to any of the Basic fields These options apply to the entire set of devices you are adding Add Attempts to add selected devices to the EPICenter Inventory database Close Closes the Discovery Results window...

Page 66: ...xtremeWare Vista HTTP or HTTPS SSH must be enabled on the device Additional Info Any information you want to be included by default for all the devices added to the EPICenter inventory in this operation Maximum of 255 characters SNMP Write Community String Specify or verify the SNMP Write Community string so that EPICenter can retrieve information from any SNMP version 1 devices it discovers The d...

Page 67: ...essfully added Red X in the checkbox The device cannot be added the device name is displayed in red Plus and minus signs Click the plus sign at the left of the device name to display server messages related to adding the device Click the minus sign at the left of the device to hide the server messages Up and down arrows Move up and down the device tree displaying the server messages associated wit...

Page 68: ...u must perform a discovery again to regenerate information on those devices After the Add has finished the Discovery Results window is re displayed You can select more devices specify a different set of Inventory Device Options and add those devices to the Inventory Manager Adding Devices and Device Groups You must have Administrator or Manager access to add devices to the EPICenter database and c...

Page 69: ...the device If SSH is not available SSH enabling key not installed this field is not selectable Device Manager Protocol The protocol used to communicate with this device when using the device based element manager ExtremeWare Vista HTTP or HTTPS SSH must be enabled on the device Device Poll Interval minutes The Device Poll Interval that controls how frequently EPICenter polls the device for detail ...

Page 70: ...tional Info Any additional information you want to be included with this device Maximum of 255 characters SNMP Version Select the SNMP version from the SNMP Version pull down menu SNMP Read Community String If the device is using SNMP version 1 enter the SNMP Read Community string for the device The default for Extreme Networks devices is public SNMP Write Community String If the device is using S...

Page 71: ...n be managed as a group For example devices might be grouped by physical location Building 1 Building 2 first floor second floor or by management characteristics devices that use a specific SNMP community string for example All devices automatically become members of a device group when they are added to the EPICenter database either through Add Devices or as a part of the Discovery process A devi...

Page 72: ...scription field Available Devices List To move a device to the selected device group select one or more devices in the Available Devices list and click Move The Move button removes the device from the original device group and adds it to the new device group To have the device belong to the original device group and the new device group select one or more devices in the Available Devices list and ...

Page 73: ...members of a device group You must have Administrator or Manager access to modify device contact information and device groups If you have Monitor access only you cannot use this function Modifying a Device You can display the Modify Devices and Device Groups window in three ways Select Modify from the Inventory menu Click the Modify button on the Toolbar Select a device in the Component Tree righ...

Page 74: ... to view the list of all devices from all device groups Device IP Address The IP address of the selected device Device Login The login needed to Telnet to the device or to use ExtremeWare Vista SSH Selects whether EPICenter should use SSH2 for secure Telnet sessions SSH2 must be configured on the device in order for an SSH2 session to be established between EPICenter and the device If SSH is not a...

Page 75: ...e Modify Devices and Device Groups window Device Poll Interval Specifies how frequently the EPICenter server should poll the for detailed device information such as software version BootROM version and so on This also includes EDP and ESRP information for non i series devices To avoid a potentially large amount of polling traffic this detailed polling is only done every 30 minutes for core chassis...

Page 76: ...nge the community string in the database for a device and do not elect to change it on the device itself EPICenter may no longer be able to communicate with the device For settings other than the device contact password and community strings EPICenter does not make any changes on the device In order to continue to communicate with the device you must SNMP Version The version of SNMP version 1 or v...

Page 77: ... making the changes Modifying a Device Group Devices are always a member of a device group devices not explicitly assigned to another device group are members of the Default device group This has two effects related to modifying device groups When devices are removed from all other device groups they are automatically added to the Default device group Devices cannot be removed from the Default dev...

Page 78: ... List The Included Devices list displays the devices that are currently members of the Device Group you have selected to modify Move Moves the selected devices into the group being modified and removes them from the old group You can remove a device from multiple old groups at the same time by selecting multiple occurrences of the device before you click Move Copy Copies the selected device into t...

Page 79: ...ntory Manager main page Select the appropriate tab to display the Delete Devices window see Figure 33 Figure 33 Devices tab of the Delete Devices and Device Groups window 2 To select a device from a specific device group select the device group from the pull down list in the Filter by Device Group field Select All Devices to view the list of all devices from all device groups 3 Select one or more ...

Page 80: ...elete from the Inventory menu at the top of the Inventory Manager main page Select the appropriate tab to display the Delete Device Groups window see Figure 34 Figure 34 Device Groups tab of the Delete Devices and Device Groups window 2 Select one or more device groups in the Device Groups list and click Delete 3 Click OK to confirm that you want to delete the device group information from the dat...

Page 81: ...ize Devices dialog shown in Figure 35 is displayed listing the devices in the EPICenter database Figure 35 Synchronize Devices dialog 2 To select a device from a specific device group select the device group from the pull down list in the Filter by Device Group field Select All Devices to view the list of all devices from all device groups 3 Select one or more devices in the Device list 4 Click Re...

Page 82: ... 37 These options apply to future network devices that you add to the EPICenter database Device Login The device login required for Telnet or to use ExtremeWare Vista The default is admin Device Contact Password The device password The default is an empty password no password Use SSH Whether SSH2 should be used for secure Telnet sessions Select SSH Enabled if EPICenter should use SSH2s SSH2 must b...

Page 83: ...nity string for devices using SNMP version 1 The default is private SNMP V3 User Name The principal name used for SNMP V3 authentication and security The default is initialmd5 SNMP V3 Privacy Protocol Specifies the SNMP V3 privacy protocol Select either No Privacy or CBC DES Privacy The default is No Privacy SNMP V3 Privacy Password If the device is using CBC DES Privacy enter the privacy password...

Page 84: ... to the Configure Defaults window Finding Devices You can search for a device in the EPICenter database by name by IP address or by type of device This may be useful if you have a large number of devices in your inventory To search for a device 1 From the Tools menu click Find Device The Find Devices dialog shown in Figure 39 is displayed You can search for devices by name or by IP address You can...

Page 85: ...Device Groups Properties window shows summary information for all device groups see Figure 40 To display this window select the top level Device Groups item in the Component Tree then select Properties from the Display menu or from the right click pop up menu Search Enter a complete or partial device name or IP address into this field acts as a wildcard for an entire octet 0 255 or for the rest of...

Page 86: ...e Group Properties window shows information about a selected device group see Figure 41 To display this window select a Device Group in the Component Tree then select Properties from the Display menu or from the right click pop up menu No of Device Groups The number of device groups defined in EPICenter Device Group The names of the device groups defined in EPICenter Description An optional descri...

Page 87: ...lays the following information Device Group The name of the device group Description An optional description for the device group No of Devices The number of devices in the device group For each device that is a member of the Device Group the following information is displayed Device The name of the device IP Address The IP address of the device Device The name of the device that is a member of th...

Page 88: ...op of the window depending on the type and configuration of the device The following tabs may appear Device VLAN STP Edge Port FDB 10 100 Ready The number of 10 100 ports that are ready 10 100 Total The total number of 10 100 ports on the device Gigabit Active The number of active gigabit ports on the device Gigabit Ready The number of gigabit ports that are ready Gigabit Total The total number of...

Page 89: ... entry per STPD if the domain includes multiple VLANs Device The name of the device and the status indicator light IP Address The IP address of the device Type Version The type of device and the version of the software currently running on the device MAC Address The MAC address of the device Boot Time The date and time of the last device reboot VLAN VLAN name Tag VLAN tag Protocol Protocol filter ...

Page 90: ...a green check if the entry is dynamic shows a red X if it is not Static Shows a green check if there is a static entry for the MAC in the permanent FDB shows a red X if there is not Permanent Shows a green check if the entry is permanent shows a red X if it is not Forwarding Type The forwarding type MAC IP IPX MAC IP MAC IPX or unknown Discovered The date and time at which the MAC address was lear...

Page 91: ...k if the entry is secure shows a red X if it is not Blackhole Type Blackhole type None Ingress Egress Both Discovered The date and time at which the MAC address was learned Port The port on the device on which the user is logged in User Name The login name of the user IP Address The IP address of the user s host Login Type The login type either network login or 802 1x MAC Address The MAC address o...

Page 92: ...h Antenna Type The type of antenna on the device connected to this port e g Integrated or detachable Antenna Location The physical location of the antenna Indoor Outdoor Interface Wireless interface identifier A remote connect interface is indicated by a v preceding the interface identifier for example v 1 1 1 v 1 1 2 and so on 802 11 Mode Wireless LAN RF mode 802 11a 802 11b or 802 11g b RF Chann...

Page 93: ...indow displays up to four tabs Slot Operational FDB Network Clients Wireless present only if the device supports wireless ports The Slot Tab For modules that require a special version of ExtremeWare to be installed the Slot tab displays all the following information For modules that do not require a special version of ExtremeWare a subset of this information is shown Slot Name The number or letter...

Page 94: ...hat defines the entry IP Address es IP addresses detected for the MAC address Dynamic Shows a green check if the entry is dynamic shows a red X if it is not Static Shows a green check if there is a static entry for the MAC in the permanent FDB shows a red X if there is not Permanent Shows a green check if the entry is permanent shows a red X if it is not Forwarding Type The forwarding type MAC IP ...

Page 95: ...o this port Serial Number The serial number of the device connected to this port Country Code The Country Code associated with the device connected to this port which determines country dependent frequency and other regulatory settings on the wireless port shared by all wireless ports on the switch Antenna Type The type of antenna on the device connected to this port e g Integrated or detachable A...

Page 96: ...gn of a slot to display the ports for that particular device 2 Right click on a port and select Properties from the pop up menu that appears The Device Port Properties window appears as shown in Figure 44 Figure 44 Device Port Properties window The Device Port Properties window may have up to four tabs Port Operational FDB Network Clients Wireless present only if the device supports wireless ports...

Page 97: ...MAC address was discovered MAC Address The MAC address that defines the entry IP Address es IP addresses detected for the MAC address Dynamic Shows a green check if the entry is dynamic shows a red X if it is not Static Shows a green check if there is a static entry for the MAC in the permanent FDB shows a red X if there is not Permanent Shows a green check if the entry is permanent shows a red X ...

Page 98: ...aces The number of physical interfaces associated with this port Location Location of the port as configured by the administrator BootROM Version The BootROM version running on the device connected to this port S W Version The version of the software running on the device connected to this port Description A description of the device connected to this port Product Name The product name of the devi...

Page 99: ...SS The ESS name the name of the wireless network associated with the security profile Security Profile Security profile configured for this interface see the section on CLI commands for security on the switch in the Summit 300 48 Switch Software User Guide 802 11 Auth 802 11 authentication method for this wireless interface all open or shared Network Auth Network authentication method all methods ...

Page 100: ...The Inventory Manager EPICenter Reference Guide 100 ...

Page 101: ... Protocol SNMP traps syslog messages and some limited polling The Alarm System supports SNMP Management Information Base 2 MIB 2 the Extreme Networks private MIB Remote Monitoring RMON traps and selected traps from other MIBs For selected third party devices that have been integrated into EPICenter through it s device integration framework EPICenter can support the full set of traps provided by th...

Page 102: ... EAPS Master node status has changed from Complete to Failed EAPS State Change Warning EPICenter event EPICenter has detected that an EAPS Master node status has changed from Failed to Complete ESRP State Changed Extreme proprietary trap This alarm indicates that an ESRP state change has occurred on the device Fan failure EPICenter event This alarm indicates a cooling fan in the device has failed ...

Page 103: ...event EPICenter has detected that a stack link is down The Alarm Log Browser Click the Alarm button in the Navigation Toolbar to run the Alarm System applet and view the Alarm Log Browser The Alarm Log Browser page appears as shown in Figure 45 Figure 45 The Alarm Log Browser page The Alarm button icon in the Navigation Toolbar acts as an alarm indicator if it is displayed in red instead of black ...

Page 104: ...ent Filter field at the top of the display shows the current filter definition There are four predefined filters You can select one of these filters from the pull down field just below the Current Filter label The Alarms indicator to the right of the Current Filter field shows the number of Alarm instances that matched the filter The summary displays the following information for each alarm instan...

Page 105: ...r also returns to black You can unacknowledge alarms you have previously acknowledged if needed The Ack or Unack operation may take a few seconds to update the database When the update is complete the rows are deselected Deleting Alarm Log Entries To delete an alarm log entry This removes the selected alarm log entries entirely from the EPICenter database Message The message generated by the alarm...

Page 106: ...Defining an Alarm Log Display Filter on page 109 for a description of this window and information about creating your own filters Deleting Saved Alarm Log Filters You can delete any saved alarm log display filters except for the default filter To delete a filter do the following To delete a group of alarm entries click the Del button at the top of the page This opens a window where you can define ...

Page 107: ...e selected alarm 1 Click the Del Filter button This opens the Delete Filters window 2 Select the filter you want to delete and click OK To stop processing enabled alarms click the Pause button at the top of the page EPICenter ignores all traps when the alarms are paused To resume processing traps click Resume 1 Select the alarm you want to view 2 Click the Detail button at the top of the page or d...

Page 108: ...equire repeated events this value is 1 Repeat Period The time period within which the repeated events occurred for alarms with a repetitive occurrence specification Displays N A if the alarm does not require repeated events Device Name The name of the device on which the alarm generating event s occurred Alarm Source The IP address where the alarm event s originated Acked Whether this alarm has be...

Page 109: ...splayed in the Alarm Log Browser summary list based on criteria such as Source IP Severity Alarm Name LogID and a number of others The Define Alarm Log Filter window opens displaying either the last filter definition you created or the Default filter View last 300 alarms Pattern matching The pattern matched by the event data if a pattern is defined for this alarm Alarm Events Details of the events...

Page 110: ... follows Field The parameter you want to use as a filter criterion Select one from the pull down menu The choices are Log ID Filter on Log ID Alarm Name Filter on Alarm name Category Filter on category name Severity Filter on severity level Source IP Filter on alarm source IP address PortIfIndex Filter on a port for alarms that use Port as the source type Time Filter on the entry date and time sta...

Page 111: ...larm System applet To restore the default filter definition click the View last 300 alarms check box and click OK Value The value against which the parameter specified in the Field field should be tested The type format and range of the values you can specify depend on the parameter you selected in the Field field Values may be entered as follows Log ID An integer You can test equality relationshi...

Page 112: ...e a filter a set of conditions that EPICenter can use to determine whether an alarm record should be deleted To create a delete condition filter do the following 1 If the View last 300 alarms check box is checked the remaining fields are grayed out Uncheck the check box to enable the other fields 2 Define a filter criteria by selecting or filling in the Field Operator and Value fields as follows T...

Page 113: ...allowed Value The value against which the parameter specified in the Field field should be tested The type format and range of the values you can specify depend on the parameter you selected in the Field field Values may be entered as follows Log ID An integer You can test equality relationships equal not equal greater than less than greater than or equal less than or equal or for a range Between ...

Page 114: ... alarms or define your own custom alarms to report errors based on a number of event types under conditions you specify such as repeated occurrences or exceeding threshold values You can also specify the actions to be taken when an alarm occurs such as sending e mail running a program executing a Telnet macro or sounding an audible alert To view a current alarm definition to create a new definitio...

Page 115: ...arm Actions are discussed in more detail in Defining Alarm Actions on page 121 The Alarm Scope defines which devices can trigger an alarm The predefined alarms are scoped by default for all devices and ports Thus a trap received from any port or any device triggers the corresponding alarm You can modify the scope of any of these alarms Alarm Scope is discussed in more detail in Defining the Alarm ...

Page 116: ...except that the settings for the selected alarm are shown in the appropriate fields Figure 50 The New Alarm Definition window Basic definition tab Use the tabs at the top of the window to move between the three pages When you are finished with your alarm definition click OK A new alarm definition is added to the Alarm Definition List the existing alarm definition is updated for an alarm that has b...

Page 117: ...figuration tab before they appear in the Event Name list See Threshold Configuration on page 127 for information on defining RMON events See Appendix A Event Types for Alarms for a description of the EPICenter and SNMP events from which you can choose Pattern Matching on Event Data You can specify that the alarm should be triggered only if the data provided with the event matches a specific patter...

Page 118: ...meWare 6 1 or later CPU Utilization rules can only be configured on switches running ExtremeWare 6 2 or later NOTE RMON must be enabled on the switch in order for RMON trap events to be generated Syslog messages may also be used to trigger alarms To receive Syslog messages the Syslog receiver function of EPICenter must be enabled and remote logging must be enabled with EPICenter configured as a Sy...

Page 119: ...al program executed as an alarm action alarmActions The list of actions defined for the alarm eventLogID The ID of the event in EPICenter s event log eventTypeName The type of event SNMP Trap RMON Rising Trap RMON Falling Trap or EPICenter event concatenated with the Event Name the SNMP trap name RMON rule name or EPICenter event name eventGenericType The SNMP Generic Type number of the trap event...

Page 120: ...components in the source list to the Selection list Remove Removes the selected components from the Selection list Remove All Removes all the components from the Selection list Scope on all devices and ports When this is checked an event received from any device or device port will trigger the alarm In addition as new devices are added to the EPICenter inventory database those devices and ports wi...

Page 121: ...nition window Action definition In this window you define the actions for the alarm the functions that should be performed when the alarm occurs You can have the alarm perform any or all of the actions defined here NOTE In order to use an e mail action you must first configure your e mail settings You will not be able to select an e mail action until this has been done See Setting Up E mail for th...

Page 122: ...ress es of the recipients for the e mail E mail addresses in a list can be separated by commas semicolons or spaces Short email provides the alarm number in the subject header and the alarm name source IP address and ifIndex severity and alarm message in the body of the email Forward Trap to Click this check box to forward the trap event that caused this alarm The forwarding instructions currently...

Page 123: ...ot need to include all the variables and they can be in any order You can insert the trap variable by selecting from the list of system variables displayed when you click the Variables button however you must still add the index enclosed in parentheses The example in Figure 53 shows a command taking the extremeEapsPrimaryStatus and extremeEapsSecondaryStatus as arguments Run program Click the chec...

Page 124: ...d index 1 So upon an EDP Neighbor Added trap to run a program testprog and pass it the port number you could use the command cmd c testprog ToCliPort trap 1 For example if the trap returns an IfIndex of 1009 the ToCliPort function will convert it to 1 9 so that the resulting run command is cmd c testprog 1 9 Setting Up E mail for the Alarm System Before you can use the either of the e mail actions...

Page 125: ...ngs window as shown in Figure 55 The window initially shows the global trap receiver settings configured in the Administration applet as part of the Server Properties configuration for SNMP see SNMP Properties on page 366 for how to set these global settings SMTP Host The outgoing mail server name or IP address Sent By The e mail address that should be used as the sender of the e mail My server re...

Page 126: ...or workgroups An ISP might define categories for alarms from a specific customer s equipment By default all alarms are assigned to the category named Default This category can be renamed but it cannot be deleted Creating a New Alarm Category A small pop up window appears into which you can enter the name of the new category Click OK to enter the new category into the Category List Host Type the ho...

Page 127: ...ion page lets you define the conditions or rules that will cause certain trap events to occur and specify the devices on which these rules should be configured You can use this page to define thresholds for RMON utilization or CPU utilization You can configure RMON threshold traps for a wide range of variables but several specifically port utilization temperature and STP topology change have been ...

Page 128: ... and Solutions Guide for additional information In addition to specifying the conditions under which trap events should be generated you also use the Threshold Configuration page to define the target devices on which the event rules should be configured To view the current threshold configuration rules and to create new rules or modify existing rules click the Threshold Configuration tab at the to...

Page 129: ... by that rule For a detailed definition of these parameters see Configuring an RMON Rule on page 133 CPU Utilization Rule Display To display the CPU Utilization rules click the CPU Utilization node in the Configurations tree Figure 57 shows the Alarm System Configuration page as it appears when displaying CPU Configuration rules for a selected device Device The name of the device Port The port to ...

Page 130: ...eshold shown as N A always compares the actual sample value Sample Interval The time between samples in seconds Rising Threshold The threshold value that triggers an event when the CPU Utilization value a percentage increments past this value Falling Threshold Shown as zero predefined to be 90 of the Rising Threshold value Startup The condition that causes the initial occurrence of this event show...

Page 131: ...he top of the page This opens the Modify Configuration window showing the rule definition for the target you selected The Modify Configuration window shows the same information as the New Configuration window but with the information for the current target filled in See Configuring a New Rule or Modifying a Rule on page 131 for details about the fields in this window 1 Select the rule folder or th...

Page 132: ...appropriate fields The information you can enter differs depending on the selection you made in the Configuration Type field See Configuring an RMON Rule on page 133 for details about the information required for an RMON rule See Configuring CPU Utilization Rules on page 134 for how to configure CPU Utilization Rules See Configuring Rules for the Predefined RMON Event Types on page 136 for configu...

Page 133: ...ped with the EPICenter software and indexed by ifIndex It does not display table variables in tables indexed by an index other than or in addition to ifIndex Description The description of the MIB variable This description should specify the units of measure for the variable needed in order to correctly specify the Rising Threshold and Falling Threshold values Rising Threshold A threshold value th...

Page 134: ...tons in this window are predefined Sample Interval seconds The interval in seconds over which the data is sampled and compared to the rising and falling thresholds Startup Alarm The condition that should be met to cause the initial occurrence of this event Select from the following Rising An event is generated the first time the sample value becomes greater than or equal to the Rising Threshold va...

Page 135: ...o the Rising Threshold for the first time including the initial sample after the alarm is enabled This is the startup condition Rule Name For CPU Utilization the name is predefined because there can only be one rule of this type on a device Rising Threshold A threshold value in percent that triggers an event when the CPU utilization rises past this value This value is also used to compute a fallin...

Page 136: ... the fields you can change The Port Utilization Temperature and Topology Change configuration types are actually RMON utilization rules with a predefined configuration interface The New Configuration and Modify Configuration windows are the same of the Configuration windows for a CPU Utilization event see Figure 59 except that you must provide a name for the rule NOTE STP Topology Change traps are...

Page 137: ...ew Configuration Target page as shown in Figure 60 This page lets you specify which devices should be configured to generate the event you have defined Figure 60 RMON target selection window MIB Variable The MIB variable is predefined to be one of the following For Port utilization extremeRtStatsUtilization 0 For Temperature extremeCurrentTemperature 0 For Topology Change dot1dStpTopChanges 0 Fall...

Page 138: ...el changes based on the Source Type It is labeled Device when you select either Device or Ports a second field is provided for port selection if needed If you leave your cursor over a device name for a moment a pop up displays the IP address of the device IfIndex The list of ports available on the device selected in the Device Source list This list appears only if you ve selected Port as the Sourc...

Page 139: ... To add a device or device group to the Selection list select the device or device group and click Add To add all devices or device groups in the list click Add All 3 To remove a device or device group from Selection list select the item and click Remove To remove all devices or device groups click Remove All 4 Click Synchronize to initiate the synchronization process The Alarm Manager uses SNMP t...

Page 140: ...The EPICenter Alarm System EPICenter Reference Guide 140 ...

Page 141: ...tworks devices only For devices running ExtremeXOS both the current configuration file and any Policy files saved on the switch are uploaded and saved in zip format The individual elements of the zip file configuration file and policy files can be inspected individually It is not possible to create baseline configurations for devices running ExtremeXOS The Configuration Manager also provides the a...

Page 142: ...sing this feature Increment Download an incremental configuration to one or more selected device See Downloading an Incremental Configuration to Devices on page 159 for details on using this feature View View the contents of the selected configuration file using the Configuration Viewer Diff View the differences between two configuration files using the Diff Viewer requires configuration of a Diff...

Page 143: ...onfiguration for the device or for all devices in a device group See Scheduling a Baseline Upload on page 162 View View the baseline configuration for the selected device using the Configuration Viewer See Viewing a Configuration File on page 166 Diff View the differences between the selected configuration file and the baseline configuration for the device using the Diff Viewer requires configurat...

Page 144: ...aseline configuration for the device or for all devices in a device group See Scheduling a Baseline Upload on page 162 View View the baseline configuration for the selected device using the Configuration Viewer See Viewing a Configuration File on page 166 Diff View the differences between the selected configuration file and the baseline configuration for the device using the Diff Viewer requires c...

Page 145: ...he tftp_root baselines subdirectory Since there can only be one baseline configuration per device baseline configuration files are saved with filenames created just from the device IP address The form of the file name for a baseline configuration file is tftp_root baselines device_address txt for devices running ExtremeWare NOTE Baselining is not supported for devices running ExtremeXOS tftp_root ...

Page 146: ...figuration activity Successful Failed or None Name The device name and or IP address Last Successful Upload The date and time of the last successful upload for the device Next Upload The date and time for the next Archival upload if one is scheduled Last Successful Download The last configuration download that has taken place through the EPICenter Configuration Manager for this device Baseline Tim...

Page 147: ...of the archived configuration txt extension for ExtremeWare devices zip extension for ExtremeXOS devices Upload Time The date and time at which the configuration was uploaded from the device Baseline Whether the configuration is the baseline configuration A green check indicates that this file has been designated as the baseline configuration A red X indicates that this is not the baseline configu...

Page 148: ...age 166 If multiple configuration zip files have been uploaded from a device running ExtremeXOS you can select and view the differences between like elements from within the files i e the configuration files or policy files See Comparing Two Configuration File The Diff Command on page 167 for more information Last Upload Filename Filename with path of the last successful archive upload for the dev...

Page 149: ...ces for upload Determines the devices shown in the Available Devices list Select All Devices from the drop down menu to include all devices in the Available Devices list Available Devices The devices from which you can upload configuration information Shows devices in the Device Group selected in the Device Group field Devices for Upload The devices you have selected from which to upload configura...

Page 150: ...e time at which the upload was performed IP Address _ Time txt In addition to appending some trailer text you can change the format of the file name The IP Baseline Check this option to designate the uploaded Configuration files as the baseline files for the selected devices If this option is checked the file is placed in a baseline subdirectory tftp_root baseline IP_address txt Archive to Select ...

Page 151: ...uration filename format from within the Admin applet Server Properties under the Other category See Server Properties Administration on page 362 for more information Archiving Configuration Settings You can schedule the uploading archiving of configuration information so that it is done automatically either once a day or once a week You can set up a global archive schedule as well as schedule arch...

Page 152: ...wn in Figure 66 with the Device Schedule tab displayed Figure 66 Schedule Upload window The fields in the Device Schedule window are as follows Device Group The device group from which to select devices for upload Determines the devices shown in the Available Devices list Select All Devices from the drop down menu to include all devices in the Inventory database in he Available Devices list Availa...

Page 153: ...indow as shown in Figure 67 Repeat Every Day The upload should be done every day at the specified time for the devices in the Devices for Scheduling list When you select this option you can specify the time of day the hour and minutes at which the upload should be done Repeat Every Week The upload should be done every week at the specified day and time for the devices in the Devices for Scheduling...

Page 154: ...es that use the global schedule When you select this option you can specify the time of day the hour and minutes and the day of the week at which the upload should be done At Hours 0 23 Specify the hour at which the upload should be done Minutes 0 60 Specify the minute within the hour at which the upload should be done Days of Week For a weekly schedule specify the day of the week on which to perf...

Page 155: ...chive limits apply only to files created automatically through a scheduled upload To set archive limits select the Archive Limit tab in the Schedule Upload window as shown in Figure 68 Figure 68 Archive Limits window The archive limit settings you can select are No Limit An unlimited number of files can be saved for each device This is the default Number of copies per device to keep Specifies the ...

Page 156: ...y named with the date at which the report was created for example 2004_10_11 pdf Figure 69 shows an example of this report The one report contains information about configuration changes detected for all devices included in the scheduled archive operation Figure 69 Configuration Change Report For each device the report shows the information about each configuration change it has detected If either...

Page 157: ...itch save the configuration after reboot as the Primary Secondary or Current configuration You can only download to one device at a time To download saved configuration information to a device click the Download button at the top of the window The Download Configuration window appears as shown in Figure 71 Email to The email address es of the recipient s of the email E mail addresses in a list can...

Page 158: ...selected in the Device Group field Last Uploaded Configuration If configuration information has been uploaded from the device the file where it was saved File Location The location and name of the file to download When you select a device the file displayed as the Last Uploaded Configuration appears here To select a different file you can type a filename into this field or click the Show Uploaded ...

Page 159: ...you can create or designate a set of configuration information as a baseline configuration for devices running ExtremeWare 6 0 or later see Creating a Baseline Configuration File on page 161 Using an incremental download to execute a baseline configuration provides a known standard configuration that you can use to ensure that devices are configured into a known state For example if you want to se...

Page 160: ...onfiguration then click the Add button If you want to download the baseline configuration to all the devices in the device group click the Add All button Download Incremental config to list When you select devices from the Supported Devices list and click Add or Add All the devices are moved to the Download Incremental Config to list To remove devices from the Download Incremental config to list s...

Page 161: ...ile that should be designated as the baseline c Select Baseline then Create from the Configuration menu or the right click pop up menu You are asked to confirm that this configuration file should be used as the baseline You can upload a configuration as a baseline You do this by using the Upload command and checking the Baseline checkbox under Upload File Options See Uploading Configurations from ...

Page 162: ...ine filename is cleared If you have a device group selected EPICenter deletes any baseline files for all devices in the device group and resets the baseline status of those devices Scheduling a Baseline Upload You can schedule the upload of a baseline configuration for one or more devices Unlike the Archive feature this is a one time event you cannot schedule repeating baseline uploads This featur...

Page 163: ...ld Devices for Scheduling The devices you have selected from which to upload baseline configuration files Set Schedule Specify the schedule you want No Schedule Removes any schedule associated with the device s in the Devices for Scheduling list Schedule Baseline The upload should be done at the specified day and time for the devices in the Devices for Scheduling list When you select this option y...

Page 164: ...d and you can specify whether the configuration should be saved on the device after the reboot If you want to download a baseline configuration to replace only part of a device s configuration you can use the Incremental download feature instead of the Baseline Restore feature See Downloading an Incremental Configuration to Devices on page 159 for more information on using the Incremental download...

Page 165: ...selected in the Device Group field Baseline Configuration If a baseline configuration has been uploaded from the device the file where it was saved Download configuration to Select the location on the device to which the configuration should be downloaded Current Downloads to the current partition Primary Downloads to the Primary partition Secondary Downloads to the secondary partition Save config...

Page 166: ...th the configuration file you want to view 2 Select the configuration file you want to view For ExtremeXOS devices you must expand the contents of the zip file and select the configuration file or a policy file from within the zip file to view You cannot use the View function by selecting the zip file See Figure 64 for an example of an expanded ExtremeXOS configuration zip file 3 Click the View bu...

Page 167: ...re files on a single device To view differences between two configuration files for a device 1 In the main Configuration Manager window select the device for which you want to compare configuration files 2 Select the two configuration files you want to compare using Ctrl click or Shift click For ExtremeXOS devices you must expand the contents of two zip files then you can select and compare the co...

Page 168: ...re a baseline and a configuration file 2 Select the one configuration file you want to compare to the baseline 3 Select Baseline Diff from the Configuration menu or from the right click pop up menu If you have not selected a configuration file to compare the Baseline Diff command is not available EPICenter invokes the Difference viewer in a separate window with the two files you selected displayed...

Page 169: ... built in viewer but you can configure EPICenter to use an alternate application You can use a viewer such as NotePad or WordPad in Windows or vi in Linux or Solaris The Diff function requires an external Difference viewer A difference viewer displays the two configuration files simultaneously and indicate the places where they differ You cannot use the Diff function until you have configured a vi...

Page 170: ...u may choose to use that TFTP server instead of the one provided with EPICenter The TFTP server configured through EPICenter is the one that is used for downloading and uploading from the devices NOTE The Configuration Manager may cause multiple devices to contact the TFTP server at once to perform upload or download operations Some third party TFTP servers have problems accepting multiple TFTP re...

Page 171: ...root To change the location of the TFTP server root you must first disable the EPICenter TFTP server to enable the Set TFTP Root field You can then change the TFTP root path NOTE If you change the location of the TFTP root directory after you have saved any configuration image files in any of these directories EPICenter will no longer be able to find those files You must copy the files from the ol...

Page 172: ...Configuration Manager EPICenter Reference Guide 172 ...

Page 173: ...ovides a graphical interface for managing versions of ExtremeWare and ExtremeXOS software images and BootROM images and upgrading Extreme devices as appropriate The Firmware Manager provides a framework for storing image and BootROM files and allows tracking of multiple versions It also provides an automated function that can check the Extreme web site and indicate when newer versions of these fil...

Page 174: ...oftware See Upgrading the Software or BootROM on Your Switches on page 182 for details on using this feature Versions Specify the current version of the ExtremeWare software for each type of Extreme Networks device See Specifying the Current Software Versions on page 194 for details on using this feature Update Displays a list of available software and allows you to connect directly to Extreme Net...

Page 175: ...ng environment EPICenter_install_dir is c Program Files Extreme Networks EPICenter 6 0 In the Solaris environment EPICenter_install_dir is opt ExtremeNetworks EPICenter6 0 Table 16 Pop Up Menu Commands Upgrade Upgrade the ExtremeWare software or BootROM image on Extreme devices or to Extreme modules that include software See Upgrading the Software or BootROM on Your Switches on page 182 for detail...

Page 176: ...ager Main Window To start the Firmware Manager click the Firmware button in the EPICenter Navigation Toolbar The Firmware Manager main window appears see Figure 80 Figure 80 Firmware Manager showing summary status for a device group Select a Device Group to see Summary Status for the devices in the group The table displays the following information Device The name and or IP address of the device T...

Page 177: ... device matches the version you have designated as the standard version for this device type the column also displays a green check If the version does not match the standard version the column displays a red X If no standard version has been specified no indicator is shown See Specifying the Current Software Versions on page 194 for more information on specifying standard versions Obsolete A red ...

Page 178: ... or stack member ExtremeWare 7 4 or later Software Versions The version number of the software image on the module and whether it is an SSH capable release Obsolete A red X indicates that this software version is considered obsolete meaning it has been superseded by a newer General Availability release If you have Automatic Information Updates enabled EPICenter checks the Extreme Networks web site...

Page 179: ...ge 175 SSH capable images are subject to export restrictions and require a special license To request SSH code contact Technical Support For ExtremeXOS modular software packages also cannot be downloaded using the Firmware Manager s image update feature You must also obtain those images outside of EPICenter and place them in the images or slotImages subdirectories Downloading the software or BootR...

Page 180: ...e name of the software build Status The release status of the software whether the software is a General Availability software release or Obsolete meaning it has been superseded by a newer General Availability release If you have Automatic Information Updates enabled EPICenter checks the Extreme Networks web site once every 24 hours for the newest version information Present Whether this version o...

Page 181: ... You must have a current support contract and an e Support user name and password to obtain access to the Extreme Networks server A message window appears showing the progress of the downloads you have requested to the EPICenter server Figure 84 shows an example of this window Click OK when the downloads have completed Figure 84 Messages from Server window showing image update progress Description...

Page 182: ...r the switch should be rebooted to immediately use the new image The BootROM software initializes certain important switch variables during the switch or module boot process CAUTION If a BootROM upgrade does not complete successfully it could prevent the switch from booting EPICenter provides an Upgrade Wizard to help you select and download a new ExtremeWare software image or BootROM image to a d...

Page 183: ...emeXOS 11 1 or later with 2 MSMs installed Upgrading a Stacking Device For Extreme Networks devices that support stacking the Upgrade Wizard allows you to upgrade the images for the stack master and for individual stack members as needed The stack master must be upgraded in a separate operation using the appropriate device image for the stack master device type Stack members can be upgraded indivi...

Page 184: ...can download a software image or determine if newer versions of the images are available See Obtaining Updated Software Images on page 179 for more information To begin the upgrade process do the following 1 Select an image in the Software Images table You can only upgrade using one image at a time 2 Click Next to go to the next page of the Upgrade Wizard Type Whether the image is a version of Ext...

Page 185: ... the Supported Hardware page does not appear The next page you see is the Hardware Selection page NOTE If the Supported Hardware Selection page appears when you do not expect it go back to the Image Selection page and verify that you have selected the image you intended Refer to the latest EPICenter Release Note for information on images that may require special handling The Supported Hardware Sel...

Page 186: ...being eligible for upgrade If you simply select Next you will be able to select and upgrade any device shown in the Component Tree NOTE If you want to have EPICenter recognize a non standard image contact Extreme Networks Technical Support They can help you create or obtain a supplemental software image list file The Hardware Selection Page This page lets you select the devices you want to upgrade...

Page 187: ...s from specific device groups If you selected a Slot Image or Slot BootROM then you must select a device in the Component Tree on the left in order to see a list of slots that can be upgraded The Select devices to be upgraded list shows the following information Category The device category used to indicate devices that can be upgraded at the same time Categories are indicated by letter A B C etc ...

Page 188: ...emeWare 6 1e or 7 1e to 7 3e for the Summit 200 24 48 require a special image and steps If the upgrade is one that requires special operations an error message is displayed stating that the upgrade will not be performed 4 Click Next to go to the next page of the Upgrade Wizard If you want to select a different software or BootROM image click Back to return to the Image Selection page NOTE If you s...

Page 189: ... Multi Step Upgrade page Figure 88 Upgrade Wizard Operation Selection page On this page you specify where the image should be placed and whether the device should be rebooted In some cases you can specify a delay before the reboot occurs The options you are presented depends on the type of upgrade you are performing The options are Upgrade Options Appears only if the selected device supports the H...

Page 190: ...you have made for the upgrade Figure 89 Upgrade Wizard Upgrade Preview page Reboot immediately after download The device should be rebooted immediately after the download has completed Reboot after Type a number between 1 72 to specify the reboot should be delayed for the specified number of hours This option is not available for all upgrade types Download configuration after upgrade Download the ...

Page 191: ...rform a procedure called a multi step upgrade Using the multi step upgrade EPICenter automatically determines the appropriate upgrade path for both the device BootROM and image The EPICenter client software compares the desired destination image and BootROM versions to the existing source image and BootROM versions loaded on the switch to determine what intermediate steps if any are required Only ...

Page 192: ...nation software image version EPICenter performs the upgrade procedure for each iterative step along the way For each iterative upgrade to the device during a multi step upgrade the Upgrade Wizard performs the following tasks Backs up the current device configuration Performs the current upgrade downloads the appropriate image Reboots the device If this was a software image upgrade restores the de...

Page 193: ...orms only one upgrade at a time if multiple steps are needed you must initiate the upgrade process again after each successful iteration until the final image has been installed To proceed with the upgrade EPICenter has proposed for this step click Next The Operation Selection page of the Upgrade Wizard will appear with the appropriate options selected a device reboot and a configuration download ...

Page 194: ...s you specify the current version of the ExtremeWare software for each type of Extreme Networks device This information is used by the EPICenter software to determine whether an individual device is running the version you have specified as the standard version This is the version that appears in the Standard Image column in the Hardware Selection page of the Upgrade Wizard It is also used to dete...

Page 195: ...n in the Software Images list you can click Display Updates to open the Display Software Images Updates window where you can download a software image or determine if newer versions of the images are available See Obtaining Updated Software Images on page 179 for more information Configuring the TFTP Server If you already have a TFTP server installed on the system where the EPICenter server is run...

Page 196: ...The Firmware Manager EPICenter Reference Guide 196 ...

Page 197: ...macro editor can be executed from other areas in EPICenter accessed through right click pop up menus or the EPICenter Tools menu Macros are supported on most Extreme Networks and Avaya devices Telnet macros may also be supported on other third party devices that have been integrated with EPICenter through the third party device integration framework Most other third party devices that are not inte...

Page 198: ...re being run on the switch If macros are not supported on an individual switch true of some third party switches and a few Extreme Networks switches the Macro Status is Macros not supported If a Telnet session is currently open on a switch the switch name is highlighted in bold in the list of switches in the Component Tree NOTE If a switch displayed in the Component Tree has an S in a red circle a...

Page 199: ... specific devices and save it along with an execution context device device group or port and execution roles You can also create user defined variables under this tab and use them in your macro You cannot play a macro from this interface but you can save the macro and load it into the Macro Player interface at a later time or you can select the Macro Player tab your macro will appear in the comma...

Page 200: ...ions list Figure 94 shows the Telnet Player view with a short script entered into the Macro command buffer LLDP Device Details Shows LLDP information for a device runs the show lldp command Can be run by an administrator from the right click pop up menu when a device is selected in the Component Tree Note This macro should not be run on devices running ExtremeWare as it will fail with a time out L...

Page 201: ...Ware CLI commands into the macro buffer Name The name of the device Address The IP address of the device Macro Status The status of the last macro executed on the device The status can be one of Pending The macro is intended to run on this switch but has not yet started This macro is used only used when playing macros repeatedly Playing The macro is currently running Stopped The macro was stopped ...

Page 202: ...rd as specified in the Inventory Manager and runs the macro If the macro is a repeating macro it repeats sequentially on all selected switches until you click Stop You can execute just a portion of a macro by highlighting just the portion of the macro that you want to execute Only the selected portion will execute when you initiate the playback This does not affect saving the macro the entire macr...

Page 203: ... disappear To place a variable in your macro 1 Click to place the cursor in your macro at the point where you want the variable to appear 2 Click the Vars button to display the System or User defined menus 3 Click to select the variable you want from one of the two sub menus The variable is inserted into your macro These variables can be used only in macros not in an interactive Telnet session The...

Page 204: ... it plays back repeatedly at a specified interval do the following 1 Click the Repeat button to display the Macro Repeat pop up window Figure 96 The Telnet Macro Repeat interval configuration 2 Check the Repeating check box 3 Enter an interval in seconds in the Repeat Delay sec field 4 Click OK Viewing Macro Results There are two ways to view the results of a macro The results are displayed in a M...

Page 205: ...lete results for an individual device select the row in the table and the output for that device appears in the area below the results table To stop the execution of a macro on a device select the row in the table and click Stop When execution has been halted a system message will appear and a red stop sign icon indicates that execution has been stopped Device The name of the device on which the m...

Page 206: ...tion and provide a path to the directory where they files should be saved then click Save Each file will be named with its IP address ip_address txt for example 10 205 1 19 txt To save all the results into a single file select the second option and provide the path and filename under which the results should be saved The macro output results in a file are preceded by a header line that identifies ...

Page 207: ... telnet directory under a subdirectory created for the current user session The Telnet log file is named according to the IP address of the device and contains the output from the last macro executed However unlike the files you save explicitly these files are deleted when you end your EPICenter client session If you want to preserve the output from a macro you must save it to a file you specify L...

Page 208: ...nd save macros that can be run both from within the Macro Player and from outside the Telnet feature via the Macros menu found under the EPICenter Tools menu and on the right click pop up menus As part of the macro creation you can specify a context for the macro device device group or port that determines when the macro appears on one of these menus Name The name of the saved macro Description An...

Page 209: ...ave Saves the macro in the macro buffer with the name and description you have specified See Saving a Macro on page 214 Load Opens a dialog where you can select a saved macro to load into the macro buffer The name of the loaded macro appears in the Macro Source field See Loading a Macro for Editing on page 214 Delete Opens a dialog where you can select a saved macro to be deleted Import Opens a di...

Page 210: ...ables User defined variables provide a way for you to create a generic set of commands and then provide specific values for the parameters of the commands at run time For example in the create vlan command you can use a variable for the VLAN name create vlan vlanname Then when you run the macro on a specific switch you will be prompted to enter the VLAN name To create and use user defined variable...

Page 211: ...is inserted at the insertion point in the script The Execution Context The execution context determines when a Telnet macro will be available in other EPICenter features based on the element selected in the Component Tree For example a macro with Device Group context will appear in the Macros submenu of the EPICenter Tools menu and in the right click pop up menu when a Device Group node is selecte...

Page 212: ...u want to enable The Execution Role tab will show all roles currently defined within the EPICenter database You must select a role if you want the macro to be available outside the Telnet feature If you do not select an execution role the macro will only be available for execution from within the Telnet feature and will not appear in the Macros submenu of the Tools menu or pop up menus for any use...

Page 213: ...e trap event specified for the alarm See Defining Alarm Actions on page 121 When you have finished creating or editing your macro and saved it you will be able to select it in to use as an action for the alarm associated with the trap Figure 103 Specifying trap varbinds in a Telnet macro Because the variables may return values in a form that is not usable in a CLI command two functions are provide...

Page 214: ... a Saved Macro on page 207 for more information Deleting a Macro You can delete a saved macro by clicking the Delete button A pop up window similar to the Load Macro window appears Select one or more macros to delete then click Delete You will be asked to confirm the deletion If the macro you want to delete is used as an Alarm action a warning appears If you proceed to delete the macro it is remov...

Page 215: ...d 3 context type port Macro Macros The following table defines the elements you can use in the SML file to define a Telnet Macro Table 18 Macro Element Definitions Macros Macros Statement that defines the Macro file Macro Macro Statement that defines a macro name Name of the Macro description Description associated with the macro appears in the Description field in the Macro Editor contents conten...

Page 216: ... device in the Inventory Manager Your EPICenter user name must also have ExtremeWare access permission For third party devices you will need to provide the login and password interactively Open Telnet sessions are indicated by displaying the switch name in bold in the Component Tree EPICenter allows only five Telnet sessions to be open concurrently and they must all belong to the same Device Group...

Page 217: ...ecent Telnet output The Telnet session window will display the commands and results from macros that are run on the switch You can also type in commands individually Copy Paste from an Interactive Telnet Session A copy and paste function is available within an interactive Telnet session Copy and paste let you copy from one interactive Telnet session into another interactive session or into the mac...

Page 218: ...uffer place the cursor where you want the lines inserted click the right mouse button and select Paste from the pop up menu NOTE You cannot use the browser cut and paste functions for this purpose Macro Recording and Playback from an Interactive Telnet Session The record function creates a macro by echoing commands that you type in an interactive Telnet session into the Macro Record Play Buffer Th...

Page 219: ...ces You can open an interactive Telnet session on a third party device and execute commands interactively Select the switch from the Telnet device list in the Component Tree This opens a Telnet session to the selected switch and waits for input as appropriate to the device s Telnet interface For third party devices integrated into EPICenter through the third party device integration framework auto...

Page 220: ...The Interactive Telnet Feature EPICenter Reference Guide 220 ...

Page 221: ... or VLAN Device port and VLAN resources are defined externally to the Grouping Manager through the EPICenter discovery capability and the Inventory and VLAN applets User and host resources are defined within the Grouping Manager either by importing the information from an external source such as an LDAP directory NT Domain Controller NIS server or a file or by creating the resources within the Gro...

Page 222: ...l collapsed into a single layer Resources of types other than ports are ignored by these applets Port Groups along with all the other types of groups and resources may also be used by the optional Policy Manager The Hosts and Users groups either the predefined groups or subordinate groups may be used by the optional Policy Manager This is also true of all user defined groups No other EPICenter app...

Page 223: ... port information You can also define attributes of your own and then use them as search criteria when you want to find sets of resources with common attributes Relationships between Resources The Grouping Manager also supports relationships between User Host and Port resources These relationships are used by the optional Policy Manager applet and help the Policy Manager generate specific QoS rule...

Page 224: ...p You cannot destroy system defined resources or individual imported resources You can only destroy imported resources by destroying the entire Import Source group See Deleting Resources The Destroy Function on page 229 Import Imports resources from an external source such as an NT Domain Controller LDAP database or a specially formatted text file See Importing Resources on page 242 Find Finds a r...

Page 225: ...ed in the EPICenter database See Adding a Resource as a Child of a Group on page 230 Remove Removes a child resource from the group This removes the parent child relationship between the resource and the group This does not remove the resource from the EPICenter database unless it is a user defined resource and this is the only instance of the resource Removing all instances of a resource is the e...

Page 226: ... The name of the Resource For ports the name of the port is the Device name followed by the port number For example S1 3 is the name of port 3 on the device named S1 Description A description of the resource optional for user defined resources For Device Groups this is the description entered for the group in the Inventory Manager For devices this is the device description sysDescr variable if pre...

Page 227: ...e input process and may be different from the Resource Name Below these fields there are two tabbed pages whose contents depends on the type of resource being displayed For Groups you can view a list of Children of the group This lists the resources individual resources or subordinate groups associated with the selected group For each child the list includes the resource name its type and its sour...

Page 228: ...ou have created rather than to the root level group Once you ve created a resource you can add it as a child of other groups For example a User resource Fred can be a member of both the group Marketing and the group Chicago 2 Click the New button at the top of the Grouping Manager window The Add a New Resource to Group window as shown in Figure 108 is displayed Figure 108 Adding a new resource 3 E...

Page 229: ...gin IDs are maintained automatically L4 This attribute is used only for Custom Applications It is the only Type that is allowed for this kind of group c Enter a value for the attribute For a Generic attribute enter a string For an IP Subnet attribute fill in the fields provided and edit the subnet mask specification as appropriate For a Netlogin ID enter a string In order to be recognized correctl...

Page 230: ...is placed into a group as it is created either the root level group or the group that was selected when it was created However because a resource can be a member of multiple groups you may wish to add an existing resource to an additional group or move it to a different group To add a resource to a group you select the resource from a list of the resources that are currently defined in the EPICent...

Page 231: ...ou have selected to add 4 Select a resource from one of the lists in the Select Resources to be Added panel at the left hand side of the dialog window You can make your selection from either side of the panel The Select Resources to be Added panel is split into two parts The Component Tree in the left half of the panel displays the groups that contain resources of interest It may include devices i...

Page 232: ... Query function click the Find button You can add the results of your query directly into your Resource Results list by selecting the resources you want to add and clicking the Add button at the bottom of the Query window See Searching for a Resource on page 238 for more information on the Find function 7 You can remove resources from the Resource Results list if you change your mind about your se...

Page 233: ...e on page 238 for more information on the Find function Removing a resource from all groups of which it is a member is the equivalent of destroying the resource Adding Relationships to a Resource Individual resources cannot have children However certain types of resources Hosts Users or Ports can have relationships Devices cannot have either relationships or children For example a Host may have a ...

Page 234: ... are presented as children of the groups in the tree Show All allows resource children of all types to be displayed Show Devices shows only Device resources However devices cannot be used in relationships so nothing is displayed if you select this filter Show Hosts shows only Host resources Show Ports shows only Device and Port resources Show Users shows only User resources Show VLANs shows only V...

Page 235: ... Cancel button at the bottom of the window to cancel the changes you have made to this group Removing Relationships from a Resource To remove a relationship between two resources Hosts Users or Ports do the following 1 In the Component Tree select one of the resources that is involved in the relationship so that the resource is displayed in the Resource Details window 2 Select the Relationship tab...

Page 236: ...ommonly created when a resource is imported from an external source such as an NT Domain Controller or NIS that contains user and host information For Host and User resources this attribute may be used by the EPICenter Policy Manager If Netlogin is enabled on the switches in your network attribute and relationship information mappings between users hosts and IP addresses for host and user resource...

Page 237: ...button is not present 2 Click the Add button The Add Attributes pop up dialog appears as shown in Figure 112 Figure 112 Adding attributes to a resource 3 Enter the name of the attribute in the Attribute Name field 4 Select an attribute type from the drop down list in the Attribute Type field You can choose from the first three for all groups but Custom Applications For Custom Applications L4 is th...

Page 238: ...ations on the resource you ve selected before you save Click the Cancel button at the bottom of the window to cancel the changes you ve made to this group To remove an attribute from the list of attributes do the following 1 Select one or more attributes you want to remove 2 Click the Remove button 3 To save your changes to the EPICenter database click the Save button at the bottom of the Grouping...

Page 239: ...result list and add them to the Resource Results list in the Add Resource or Add Relationship window See Searching from the Add Resources or Add Relationship Window on page 242 for more information Setting up a Resource Search To search for resources that match criteria you specify do the following 1 Click the Find button in the toolbar at the top of the main Grouping Manager window or click the F...

Page 240: ... criteria fields are combined using a Boolean AND This means a resource must match all the criteria you specify in these fields in order be included in the search results 3 Enter any attribute specifications you want to use as search criteria The process is similar to that used to add attributes to a resource A resource matches the query if it matches any of the attributes specified in this sectio...

Page 241: ...rmine where a resource is used i e to find out what groups it belongs to Since a resource can be a child of multiple groups this lets you identify all the parents of a particular resource In particular before you delete a resource from the EPICenter database you may want to make sure that you know all the places it is being used to avoid problems when you remove it Once you find a resource using t...

Page 242: ...the Search window is closed To close the Search window without adding any resources click the Cancel button Importing Resources The Import feature allows you to import user and host resource definitions and groups containing those resources from a source external to the EPICenter system You can import from an NT Domain server an NIS server or an LDAP directory You can also import host and user res...

Page 243: ...and user groups See Importing from an NT Domain Controller or NIS Server on page 248for more detailed information Select LDAP to import information from an LDAP directory See Importing from an LDAP Directory on page 244for information on modifying the file containing the LDAP import mapping specification Select File to import information from a tab delimited text file See Importing from a File on ...

Page 244: ...se This file is in the same format as the import file discussed in Importing from a File on page 245 The import process uses an import specification file that defines the following The information you want to extract from the directory How to map that data to groups resources and attributes in the EPICenter Grouping module The specification file must be named LDAPConfig txt and must reside in the ...

Page 245: ... the displayed name of the resource within the EPICenter Grouping Manager This is required filterList Defines the search criteria Because of the limits on the amount of data that a search returns in one operation you may need to split your search into multiple operations as is done in the example file This is required objectClassMapping This maps an LDAP entry to a Grouping Manager resource type b...

Page 246: ...tab attribute_type Each type specifier must be enclosed by parenthesis and separated from the preceding type specifier by a tab Three tabs must precede the first type specifier The items in this line define the type of each attribute defined in line two You must include a type specification for every attribute included in line two The first three items in line two do not require a type as they are...

Page 247: ... part of the file defines the relationships between the resources both group membership and relationships between the resources themselves see Adding Relationships to a Resource on page 233 for more information about relationships The GROUPS specification is required even if you do not define any groups GROUPS Each line in this section has the following form resource_type resource_uniqueID tab res...

Page 248: ...r wendy group ugr1 user heidi group ugr1 user mary group ugr2 user pam group ugr2 user eric group hgr1 host win2k group hgr1 host host1 group hgr1 host host2 group dgr1 host host3 group dgr1 host host4 Host to User Relation user wendy host win2k user heidi host host1 user mary host host2 host host3 user pam host host4 user eric Importing from an NT Domain Controller or NIS Server Importing from an...

Page 249: ...e NT Domain Controller to a file and using that to create an import file that contains only the information that you want to be visible through EPICenter Grouping Manager The import process imports the following information For users username fullname description For hosts hostname description primary IP address For groups users only name description usernames of members The import process creates...

Page 250: ...The Grouping Manager EPICenter Reference Guide 250 ...

Page 251: ... maintained in the EPICenter database and a Network search that searches switches on the network for the specified MAC or IP addresses If you have configured EPICenter to do MAC polling EPICenter maintains in its own database the information it learns about edge ports from the switches it polls See Chapter 14 Administering EPICenter for information on setting MAC Poller properties to enable MAC po...

Page 252: ...re initiated they are placed in the Find Address Tasks List in the Component Tree Selecting the Find Address Tasks folder in the Component Tree displays a summary of the status of the tasks in the Task List see Figure 116 Table 22 IP MAC Address Finder Function Buttons Up Moves the selection focus up in the Task Component Tree Down Moves the selection focus down in the Task Component Tree Find Dis...

Page 253: ...elete Select a task and click Delete to delete an individual task This deletes the task specification as well as the task results Once a task has completed it cannot be rerun unless it is the most recent task completed ReRun Select a task and click ReRun to execute the task again Clone Select a task and click Clone to bring up the Find Addresses window with the specifications of the selected task ...

Page 254: ...er when you exit the EPICenter client all the task specifications and search results are deleted Creating a Search Task To create a search task click the Find button in the Tool bar at the top of the IP MAC Address Finder page This displays the Find IP and MAC Addresses window Figure 117 NOTE If you have already submitted a task the most recent task with its specifications is displayed in the Find...

Page 255: ...ork Network performs a search from the network by searching the devices in the search domain This option may take longer to complete but can provide more current results If you perform a network search EPICenter reports unreachable devices Search Domains Define the search domain criteria the devices to be searched for a Network search Note No search domain can be specified if you are doing a Datab...

Page 256: ...m into the Target Domains list You can create a target domain that includes a combination of these specifications NOTE The IP MAC Address Finder applet does not support hierarchical port groups If you have created port groups in the Grouping Manager that include subgroups as members those subgroups will not appear in the Target Domains list Instead any ports that are members of subgroups will be d...

Page 257: ... the table The applet will find the address on the other switches that have connectivity to the switch with the target IP address however NOTE Each search task can return a maximum of 2 000 MAC address entries If a search returns more than 2 000 entries a warning message is displayed in the status window If you see a warning message add additional search constraints to reduce the number of returne...

Page 258: ...ase or Network Submitted Shows the date and time the task was submitted Ended Shows the date and time the task was finished Addresses to Find The list of IP or MAC addresses that were the object of the search Search Domains For a Network search only the Search Domains where the search took place This will be empty when the search type is Database For a Network search the Search Domains lists shows...

Page 259: ...ssFinderResults directory which is a subdirectory of the EPICenter installation directory You can optionally specify a subdirectory within the AddressFinderResults directory by entering the subdirectory name into the Directory field By default a search result exported file will be given a name created from the current date time and task name For example the results for task Task 2 run on April 25 ...

Page 260: ...ct Export Local Select the location where you want the file to be saved You must provide a file name it is not predefined for this option 3 Click the Apply button to save the results Click Reset to clear all the fields Click Close to close the dialog without saving the file ...

Page 261: ...rts where N is a number you can configure If you choose to view multiple ports the display shows data for the most recent sampling interval for the selected set of ports The display is updated every sampling interval You can also view historical statistics for a single port If you choose to view a single port the display shows the value of the selected variable s over time based on the number of d...

Page 262: ...octets but that had either a bad FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error etherHistoryUndersizePkts The number of packets received during this sampling interval that were less than 64 octets long excluding framing bits but including FCS octets and were otherwise well formed etherHistoryOversizePkts The number of packets recei...

Page 263: ... initially set to display 10 slices Select this to display the data as a bar chart A 3D bar chart is the default for all chart displays The 3D setting is also a user configurable option Select this to display the data as a horizontal bar chart This chart type by default displays in 3D The 3D setting is also a user configurable option Select this to display the data as a stacked bar chart This char...

Page 264: ...chart type is especially useful when displaying individual errors for a single port Pie Displays the data as a pie chart This chart type is available only when you are displaying statistics for multiple ports on a device device slot or in a port group The maximum number of slices in the pie is a user configurable setting It is initially set to display 10 slices Bar Displays the data as a bar chart...

Page 265: ...ubgroups will not appear in the Component Tree of the Real Time statistics applet Instead any ports that are members of subgroups will be displayed directly under the top level port group as if they are members of the top level group For a port you can display individual errors in addition to utilization and total errors Select a network device to display data for some or all ports on the device S...

Page 266: ...ey press the left mouse button and drag the cursor left or right to rotate the graph Hold down the Ctrl key press the left mouse button and drag the cursor up or down to set the depth of the three dimensional view For any of the bar graphs move the cursor and then wait to see the change take effect which may take a few seconds There are cases where you may not see data for every port you expect in...

Page 267: ...sful in loading data from the device it displays a message similar to that shown in Figure 120 Figure 120 Warning displayed when the EPICenter server cannot retrieve data There are several reasons why the EPICenter server may not be able to display any device data The EPICenter server cannot communicate with the device indicated by an S in a red circle next to the device name The device does not h...

Page 268: ...e in the respective chart or row in a tabular display Click on a device device slot or port group in the left side Component Tree to list the ports it contains then select a port A set of utilization statistics for the selected port is displayed as shown in Figure 121 Figure 121 Utilization data over time for an individual port on a device The number of data points displayed and the sampling inter...

Page 269: ...The buttons at the top of the page let you select the format of the statistical display and control several other aspects of the display The commands on the Statistics menu perform the same functions You can change the display mode in the following ways Apply a top 15 limitation which means only the top 15 ports should be displayed The top 15 ports are displayed in order from highest largest perce...

Page 270: ...ion button The Graph Preferences window is displayed as shown in Figure 123 Use the tabs across the top of the window to select the type of setting you want to change Each tab displays a page with a group of related settings When you have changed any setting you want on a given page Click Apply to put the changes into effect but keep the Graph Preferences window open so you can make changes on ano...

Page 271: ...ault is 10 maximum is 1000 View Elevation Controls the elevation rise from the front of the bar to the back in degrees The default is 10 range is 45 View Rotation Controls the angle of rotation of the bar in degrees The default is 12 range is 45 Minimum Graphed Utilization Specifies the minimum scale for the Y axis for utilization graphs The default is 1 0 1 meaning that the Y axis will not show l...

Page 272: ...s or by specifying HSB or RGB values The fields in this window are as follows Data colors in order starting from 1 are used in a pie chart for as many slices as you ve specified If you specify more than 12 slices the colors will repeat with slice 13 using the same color as slice 1 The Graph Data tab Figure 126 lets you set several miscellaneous graph parameters Figure 126 Setting other graph prefe...

Page 273: ...Slice Display Count Specifies the number of slices to display in a pie chart The default is 10 maximum is 50 Historical Data Display Count Specifies the number of historical data points to display in a graph for an individual port The default is 50 the maximum value you can set is 100 However the actual maximum number of data points you can get is determined by the SNMP agent running in the device...

Page 274: ... be saved as a file printed or sent by e mail just as with any other HTML page When a graph image is displayed in the window you can click a link below the initial display to change the way the data is displayed NOTE Once you select display graph image you can no longer change the display format to a table or to a dual display However you can use the browser Back button to go to the previously dis...

Page 275: ...to a graph from within the snapshot image window The HTML page persists in a snapshot image cache until the EPICenter server is restarted or until the image cache becomes full When the image cache reaches its limit older snapshot images will be deleted as needed to make room for new snapshot images ...

Page 276: ...Real Time Statistics EPICenter Reference Guide 276 ...

Page 277: ...ou can customize the resulting maps by moving elements adding new elements such as links decorative non managed nodes and text and customizing the device nodes themselves The Default view which appears when you first access the Topology applet is auto populated with the devices currently in EPICenter s inventory NOTE Links can only be discovered and auto populated between Extreme Networks devices ...

Page 278: ...ks Mode on or off Mark Links mode lets you select multiple links on multiple maps and is used in conjunction with the Add Links to VLAN function Performs the same function as the Mark Links Mode command on the Tools menu See Mark Links Mode on page 318 Map Creates a new map as a submap of the currently map Performs the same function as the New Map command on the New menu See New Map on page 296 De...

Page 279: ...he current map See Delete Map on page 301 Cut Map Nodes Cuts selected map nodes from the current map See Cut Map Nodes on page 302 Paste Map Nodes Pastes cut map nodes onto the current map See Paste Map Nodes on page 302 Delete Map Nodes Deletes selected map nodes from the current map Deleted nodes are not available to be pasted they will need to be added again or recreated See Delete Map Nodes on...

Page 280: ...n all maps in the view See Sync Links for Map or Sync Links for All Maps on page 310 Find Map Node Lets you select a node from the list of all nodes in the current view EPICenter will find and select that node See Find Map Node on page 311 Map Properties Lets you set a number of properties related to the appearance of the current map See Map Properties on page 312 Print Map Prints the current map ...

Page 281: ...lnet macros available for the selected device See The Macros Sub Menu on page 41 for more information Table 34 Device Node Pop Up Menu Commands Connect Edge Port to VLAN Same as the Connect Edge Port to VLAN command from the Tools menu Opens the Connect Edge Port to VLAN Wizard which guides you through adding edge ports from a selected device to a VLAN See Connect Edge Port to VLAN on page 320 Dis...

Page 282: ...Cut Map Nodes command from the Edit menu Cuts selected map nodes from the current map See Cut Map Nodes on page 302 Paste Map Nodes Same as the Paste Map Nodes command from the Edit menu Pastes cut map nodes onto the current map See Paste Map Nodes on page 302 Delete Map Nodes Same as the Delete Map Nodes command from the Edit menu Deletes selected map nodes from the current map Deleted nodes are ...

Page 283: ...than one map or view a pop up window asks you to select which map you want to display NOTE If you have not yet performed a Discovery i e there are no devices in EPICenter s Inventory database the map will be blank Map Properties Same as the Map Properties command from the Map menu Lets you set a number of properties related to the appearance of the current map See Map Properties on page 312 View P...

Page 284: ...opology view is displayed The name of the currently displayed map is highlighted Map Alarm Status The highest level alarm currently unacknowledged among the devices in the current map or any of its submaps Devices and submaps within this map that have alarm propagation disabled do not contribute to this status If the alarm icon has an X through it this means alarm propagation has been disabled for...

Page 285: ...r the device or the alarm status is below the alarm status threshold for the view The alarm status threshold is set when you create a View or in the View properties and specifies the lowest severity level at which an alarm status icon should be displayed for a device node on the map If the alarm icon has an X through it this means alarm propagation has been disabled for this device the alarm statu...

Page 286: ...nal node annotation A hyper node can have links only between itself and other devices on the displayed map A hyper node does not link to other hyper nodes You can double click on a hyper node icon to navigate directly to the map and the device represented by the hyper node Figure 131 Example of a hyper node icon representing a device A hyper node icon shows the following information The name of th...

Page 287: ...devices when EDP or LLDP is enabled on either device Links can also be detected on third party devices that support LLDP Links can also be user created NOTE For devices with EDP and or LLDP disabled or not supported you can manually add user defined links to the map to represent connectivity between devices These links will initially have unknown status will not display endpoint or utilization inf...

Page 288: ...ore of the links in the group is down A link is considered unknown when one side of the link is up and the other is down or one or both ports are SNMP unreachable A blinking line indicates that the line has been marked in Mark Links mode A broken line when viewing VLANs indicates that the selected VLAN does not exist or may be misconfigured at one of the link endpoints i e a device port The format...

Page 289: ...For example you can resize an individual node by selecting the node and doing one of the following Use the cursor to grab one of the resize handles that appear when the node is selected and drag the handle to resize the node Select the Inflate Nodes or Deflate Nodes command from the Map Menu Use the keyboard shortcuts Ctrl I or Ctrl D for those commands see Inflate Nodes on page 309 and Deflate No...

Page 290: ...er node type Product Product name for a Device node n a for any other node type Device Device name obtained from the sysName variable for a Device node n a for any other node type VLANs Ports list If the Display VLANs option is enabled displays the VLANs configured on the device Appears for Device Nodes and Device Hyper Nodes only status The status of the link up down partially up for load shared ...

Page 291: ...alog box opens as shown in Figure 135 total errors The total errors if RMON is enabled on the device and if RMON statistics are enabled for this map This is updated regularly typically every 30 seconds VLANs Ports Tag table Displays information about the VLANs configured on the endpoint port status The overall status of the composite link up down partially up or unknown Partially up indicates that...

Page 292: ...to populate view Check to add the devices currently in the EPICenter inventory database to the new View Submaps and hyper nodes are created as needed In addition as new devices are added to EPICenter they are also added to the view If you do a Discovery after you have created a view with the auto populate option enabled all new discovered devices are added to the view See Node Placement Criteria i...

Page 293: ...ding enabled are always placed on the Root Map Devices without IP Forwarding enabled are placed in submaps based on the subnet mask associated with the IP interface used by EPICenter to manage the device In the Default view submaps are named based on the subnet IP address plus the subnet mask for example 10 205 0 0 16 10 205 0 0 24 and so on Both Extreme Networks and third party devices are placed...

Page 294: ...Map Layout checkbox Even though the default layout may take a long time it only needs to be done once and produces a more optimal layout To specify a grid layout which may result in overlapping links check the Grid Map Layout checkbox To bypass the layout process check cancel Figure 137 shows an example of a the default layout for a 500 node map Figure 138 shows the same nodes in a grid layout ...

Page 295: ...The New Menu EPICenter Reference Guide 295 Figure 137 Example of a default layout for a 500 node map ...

Page 296: ... of a grid layout New Map You can create a new map by doing one of the following Select New Map from the New menu Click the Create new map icon on the icon bar A new submap node appears on the map and a New Map entry appears in the map hierarchy tree as shown in Figure 139 ...

Page 297: ... by clicking in a different panel from the one where you are editing New Device Map Node You can add device nodes to your map by doing one of the following Select New Device Map Node from the New menu Right click on the map background to display the pop up menu then select New Device Map Node Click the Create new device map node icon on the icon bar A pop up window appears with a list of all devic...

Page 298: ...You can add a text node to your map by doing one of the following Select New Text Map Node from the New menu Right click on the map background to display the pop up menu then select New Text Map Node A text map node can be used to annotate your map such as to create a title for the map New User Created Map Link There may be situations where you want to represent a link between devices when a real ...

Page 299: ...of the link onto one of the node you want to connect 3 Do the same with the other end of the link After the link is connected you can specify endpoints for the link To specify the end points 1 Select the link 2 In the Information panel select the port for the endpoint from the list in the Port field for first device as shown in Figure 141 3 Select the port for the other endpoint from the list in t...

Page 300: ...device where EDP or LLDP is enabled a new link is created on the map in addition to the user created link If the device to which a user created link connects is cut from the map the link must be manually recreated when the device is pasted back The Edit Menu You can edit your topology views in a number of ways including changing the names of the views and maps and cutting pasting or deleting map e...

Page 301: ... in the Map Properties window as discussed in Map Properties on page 312 Delete Map To delete a submap you must first display the submap you want to delete and delete all the elements on the map You can then delete the submap by selecting Delete Map from the Edit menu You can also delete a submap by clicking the submap node on its parent map You will be asked to confirm that you want to delete the...

Page 302: ...ound to display the pop up menu then select Cut Map Nodes Enter Ctrl H from the keyboard NOTE You are NOT asked to confirm this action if you cut a node by mistake you just need to paste it back again to the map NOTE If you switch to another topology view or leave the topology applet and you have not pasted the contents of the cut buffer those contents are lost To remove nodes from the map without...

Page 303: ...ht click on the map background to display the pop up menu then select Delete Map Nodes CAUTION You will NOT be asked to confirm that you want to delete the nodes If you delete nodes accidently you will need to add them again to the map Delete User Created Map Links You can remove one or more user created links from the map using the Delete User Created Map Links command NOTE You cannot delete link...

Page 304: ... current view name is displayed here Auto populate view Check to add the devices currently in the EPICenter inventory database to the new View Submaps and hyper nodes are created as needed In addition as new devices are added to EPICenter they are also added to the view If you do a Discovery after you have created a view with the auto populate option enabled all new discovered devices will be adde...

Page 305: ...layouts are determined Figure 143 shows the visible portion of the default layout produced for a map with approximately 100 nodes Map Specific Properties Display device names Uncheck to hide device names on the maps The default is to display the names Changing this affects only nodes created after this setting is changed existing nodes retain their settings unless you also check the Update all map...

Page 306: ...out creates a map that is larger than the visible area of the Topology Manager window you can have the Topology Manager attempt to optimize the map layout within the visible area of the window To have EPICenter optimize the map layout within the current window do one of the following Select Layout Map In Window from the Map menu Click with the right mouse button on the map background to display th...

Page 307: ...r shrink the map layout to fit within the current window do one of the following Select Fit Map In Window from the Map menu Click with the right mouse button on the map background to display the pop up menu then select Fit Map in Window Enter Ctrl W from the keyboard This function does not attempt to optimize the layout for node or link overlap To attempt to optimize the layout use the Layout Map ...

Page 308: ...wing Select Expand Map from the Map menu Enter Ctrl E from the keyboard Because this command affects map links nodes that do not have links are not moved Compress Map The Compress Map function decreases the length of the links between map nodes without changing the size of the nodes To compress the current map do one of the following Select Compress Map from the Map menu Enter Ctrl S from the keyb...

Page 309: ... nodes the command will deflate just the nodes you ve selected You can select multiple nodes by using Shift click hold down the shift key and click the cursor on the node you want to select To deflate the selected nodes do one of the following Select Deflate Nodes from the Map menu Enter Ctrl D from the keyboard Undo Map Edit You can undo your last ten map layout and sizing actions one by one usin...

Page 310: ...een previously removed from the map if they are real links that are up However if you want to have EPICenter discover new links immediately instead of waiting for the next polling cycle you can use one of the Sync Links commands Sync Links for Map or Sync Links for All Maps You can also use Sync Links for Map to remove links that no longer exist Since EPICenter cannot distinguish between a link th...

Page 311: ...large number of nodes it may be difficult to quickly find a specific node you re interested in seeing The Find Map Node function lets you select a node from the list of all nodes in the current view EPICenter will then find and select that node To find a node do one of the following Select Find Map Node from the Map menu Right click on the map background to display the pop up menu then select Find...

Page 312: ...e Find Map Node window is open the list of devices will no longer be correct To update the list to reflect the current view click the Refresh button Map Properties There are a number of properties you can set for the current map such as the background color or image node background color and style node and link text color and whether RMON statistics should be enabled for the devices on this map To...

Page 313: ... in the small box to the right of the color bar icon Node Background Color Change the node background color for non transparent map nodes by clicking the color bar icon labeled Node Background Color You can select a color using color swatches or by specifying HSB or RGB values The current color is displayed in the small box to the right of the color bar icon Note Device nodes that display a device...

Page 314: ...e you can select a color by using color swatches or by specifying HSB or RGB values The current color is displayed in the small box to the right of the color bar icon To set the color of the text used to label links click the color bar icon labeled Link Text Color This displays a color selection window where you can select a color using color swatches or by specifying HSB or RGB values The current...

Page 315: ...is to have RMON statistics disabled for the map NOTE It is possible to disable RMON statistics for the Topology applet as a whole so that the RMON Statistics checkbox will not have any effect This is done setting RMON properties on the Server Properties page of the Administration applet Adding Map Background Images You can add images of your own to use as background images for topology maps by pla...

Page 316: ...on in the Topology Map Toolbar Select Display from the menu bar and then select VLAN information This is a toggle menu item select it once to display VLAN information select it again to remove the VLAN information display When you enable the VLAN information display a drop down field appears in the applet Toolbar that lists all the VLANs configured for devices on the map To view VLAN information b...

Page 317: ...igured on a device select the device node on the map The Map Element Description panel on the left hand side of the window displays information about the VLANs configured on a selected device node For more detailed information about the VLANs on a device you can right click on the device and select Device then VLANs from the pop up menu that appears See The Device Sub Menu on page 39 for more info...

Page 318: ... Mode is turned on you can click on multiple links on multiple maps in the view to select them EPICenter remembers all of the selected links from each map To enable Mark Links Mode do the following Select Mark Links Mode from the Tools menu Click the Mark icon in the Toolbar To select or deselect a link click on the link Marked links blink on the map Add Links to VLAN Use the Add Links to VLAN fun...

Page 319: ...to an existing VLAN radio button Select the VLAN from the list Uncheck the Add selected links to VLAN as tagged checkbox to specify that the VLAN should be added as untagged check the checkbox to add the link as tagged To add the selected link to a new VLAN click the Add links to a new VLAN radio button The display changes as shown in Figure 150 ...

Page 320: ...ge Port to VLAN You can add an edge port from a selected device to a particular VLAN from within the Topology feature As you add the port the map view is automatically updated to display your proposed changes To connect an edge port to a VLAN select the node and do one of the following Select Connect Edge Port to VLAN from the Tools menu Right click on the Device map node then select Connect Edge ...

Page 321: ...If you want to add the port as tagged click the Add the selected port as tagged port checkbox 4 Click Next The second page of the Connect Port to VLAN Wizard appears as shown in Figure 152 Figure 152 Connect Port to VLAN Wizard page 2 If the connection from the selected edge port to the desired VLAN is viable the Wizard displays path information including any additional ports that must be added to...

Page 322: ...the device to the VLAN is created If you try to add an edge port from a device that is already a member of the desired VLAN the Wizard reports that the VLAN is on the same device and that the port will be added without changing links 5 Uncheck Add calculated links if you want to add the selected edge port to the VLAN and you do not want the found path to be added 6 Click Finish to complete the con...

Page 323: ...cal connections The VLAN Manager creates and manages VLANs for Extreme Networks devices only It does not handle other third party devices even though third party devices can be managed through the Inventory Manager If you run the EPICenter client with Administrator or Manager access you can Create and delete VLANs Add or remove ports from existing VLANs Modify a VLAN s IP address Create and modify...

Page 324: ...escribed in EPICenter Menus on page 32 The VLAN Manager provides an additional menu VLAN that contains commands unique to the VLAN Manager The VLAN menu contains the following items Table 37 VLAN Manager Function Buttons By VLAN Show all the switches with ports that are members of a specific VLAN By Switch Show the VLANs that have members on a specific switch Add Create VLANs on the switch If you ...

Page 325: ... feature ModifyVLAN ModifyVLANs on the switch If you have Monitor access only you can not use this function See Modifying a VLAN on page 335 for details on using this feature Filters View add and delete protocol filter definitions If you have Monitor access you can view filter definitions but not add or delete them See Adding and Deleting Protocol Filters on page 339 for details on using this feat...

Page 326: ...VLAN NOTE You must add switches to the EPICenter database through Discovery or by using the Add function in the Inventory Manager Until you add a switch to the database you cannot use EPICenter create any VLANs on that switch Macros Same as the Macros command from the Tools menu See The Macros Sub Menu on page 41 for more information Properties If a device is selected this opens the Device Propert...

Page 327: ...f all VLANs configured on the Extreme Networks switches included in the EPICenter database The All VLANs display includes Select an individual VLAN to view a summary of the configuration of the switches and ports that are members of that VLAN Select the By Switch button to display switches at the first level of the Component Tree Listed under each switch is every VLAN that is defined on the switch...

Page 328: ...ch select the switch in the Component Tree of the By Switch view Figure 155 shows an example of the All VLANs on Switch view Figure 155 VLAN topology shown by switch The following information is displayed for each VLAN on the selected switch Name The switch name Type An icon representing the switch type Name VLAN name Tag VLAN tag Protocol Protocol filter for the VLAN VLAN IP Addr VLAN IP address ...

Page 329: ...tch in the selected VLAN Viewing VLAN Member Ports You can display details about the component ports of a VLAN by selecting a VLAN and switch in the tree on the left You can do this from either the By VLAN or By Switch view Once you have selected a VLAN and switch or switch and VLAN the panel on the right displays detailed information about the ports in the selected VLAN and switch as shown in Fig...

Page 330: ...mber Type The port type shown as an icon Different icons are used to represent the port types 10 100Mbps 100Base FX 100Base T TX 1000BASE X Tagged ports are shown with a small orange tag Load shared ports for devices running ExtremeWare are indicated with a small green S Speed The port speed Duplex The Duplex setting Full or Half State The port state Enabled or Disabled Status The port status Read...

Page 331: ...ged to indicate that the VLAN is to be untagged Available Switches The list of switches known to EPICenter Select a switch from this list to display the ports on the switch that are available to be included in the VLAN If a protocol other than ANY is selected only switches that support the assigning of the protocol to a VLAN are included in the list Available Ports When a switch is selected in the...

Page 332: ... as slave load sharing ports 6 Select one or more ports from the Available Ports list 7 Click Tagged to add the port s as tagged Click Untagged to add the ports as untagged ports If this is an untagged VLAN you are not allowed to add a tagged port If you add a port untagged EPICenter must remove it from any other VLAN that includes the port as an untagged member EPICenter will warn you and let you...

Page 333: ...ior of the switches on which the VLAN resides 1 Select the IP Forwarding tab at the top of the Add VLAN window The IP Forwarding page is displayed as shown in Figure 160 Figure 160 Add VLAN dialog IP Forwarding page The display lists the switches that you specified to be members of this VLAN and shows whether IP Forwarding is already enabled on the each switch 2 Select a switch from the table of s...

Page 334: ...of the switches in the VLAN are offline or unreachable the VLAN cannot be deleted completely and remains with only those switches as members 4 Click Close to exit the window NOTE When you delete a VLAN it is not immediately removed from the By VLAN Component Tree even though it has been deleted from all switches It can remain in the Component Tree with no device members for up to 24 hours before E...

Page 335: ...on the selected VLAN If you do not select a VLAN beforehand you can select one from within the Modify VLAN window See Modifying a VLAN from the Toolbar on page 335 for details In the By VLAN view select a VLAN in the Component Tree right click to display the pop up menu and select Modify VLAN Membership This is not available if you are viewing By Switch Using this method you can modify the VLAN me...

Page 336: ...between 2 and 4095 Enter the text untagged to indicate that the VLAN is to be untagged Available Switches The list of switches known to EPICenter Select a switch from this list to display the ports on the switch that are available to be included in the VLAN If a protocol other than ANY is selected only switches that support the assigning of the protocol to a VLAN are included in the list Available...

Page 337: ... what you want 8 After you add a device and port to the VLAN you can use the Connect Device button to determine whether that port can connect to the other members of the VLAN Select the device you want to check Click the Connect Device button If EPICenter can find a path from the device and port to another member of the VLAN it opens a Connection Information window that displays information about ...

Page 338: ...on the switch CAUTION This changes the IP Forwarding behavior for the entire switch not just for the selected VLAN 13 Click Apply to implement the changes 14 Click Close to exit the window Modifying a VLAN from the Component Tree Menu To start the Modify VLAN process for a VLAN in the Component Tree follow these steps 1 Select a VLAN in the Component Tree 2 Right click to display the pop up menu a...

Page 339: ...s is an untagged VLAN you cannot add a tagged port The tagged button will be grayed out in this case NOTE If you add a port untagged EPICenter automatically removes it from any other VLAN that includes the port as an untagged member and that uses the same protocol as the VLAN to which you are adding the port 6 To remove ports from the VLAN select one or more ports in the Current VLAN Port Members ...

Page 340: ... that are in use by a VLAN are indicated with an asterisk in the In Use column 2 To delete a protocol filter select a filter in the list and click Delete This deletes the protocol filter from all Extreme Networks switches managed by the EPICenter software as well as from the EPICenter database NOTE If a filter is in use by a VLAN you cannot delete it 3 Click Close to exit the window To add a proto...

Page 341: ...inition click Add to add the new protocol filter to the EPICenter database NOTE The protocol filter is now available to be used on any switch but is not created on any switches at this time The protocol filter is created on a switch only when you create a VLAN to use the new protocol filter on that switch The database acts as a collective store for network data without needing to replicate it on e...

Page 342: ...Using the VLAN Manager EPICenter Reference Guide 342 ...

Page 343: ...vidual ESRP enabled VLAN and the switches in those VLANs ESRP Monitor Functions The ESRP Monitor feature does not provide any feature specific menus The four standard EPICenter menus are available EPICenter Display Tools and Help However the functions on the Display and Tools menus are not available Right click pop up menus are also not available in this feature For information on the standard EPI...

Page 344: ...ch is being managed by EPICenter is included in EPICenter s Inventory database the name will appear If the switch is not known to EPICenter the MAC address will appear IP Address The IP address of the ESRP enabled VLAN If the master switch is not known to EPICenter this will be N A Group The ESRP group to which this ESRP enabled VLAN belongs in a broadcast domain that contains multiple instances o...

Page 345: ...efined priority number between 0 and 254 a higher number has higher priority MAC The switch MAC address a higher number address has priority The election algorithm can be one of the following ports_track_priority_mac the default This algorithm considers active ports first then tracking then priority then the MAC address to determine the ESRP Master This is the only algorithm supported for ExtremeW...

Page 346: ...switches is managed by EPICenter i e is included in EPICenter s device database If there are other ESRP enabled switches in that VLAN their ESRP status will also be displayed in the ESRP Manager even if they are not being managed by EPICenter The Detailed ESRP Information view displays the following information Switch Name The name of the switch if known If the switch is not being managed by EPICe...

Page 347: ...naged by EPICenter the ToMaster and ToSlave values for those switches will not be updated until the next device polling interval NOTE The number of Tracked Pings cannot be obtained from versions of ExtremeWare prior to version 6 1 6 For switches running earlier versions of ExtremeWare the display defaults to zero Tracked Ports The number of tracked ports that are currently active Tracked Routes Th...

Page 348: ...The ESRP Monitor EPICenter Reference Guide 348 ...

Page 349: ...ter can be configured to act as a Remote Authentication Dial In User Service RADIUS client allowing it to use an external RADIUS server to authenticate EPICenter users As an option the external RADIUS server can be configured to return user role information as well as the user authentication As an alternative EPICenter can be configured to act as a RADIUS server however the RADIUS server built int...

Page 350: ... enabled by an Administrator user Regardless of your access role you can run the Administration applet to change your own password Users with an Administrator role can add and delete users and assign user access levels NOTE The EPICenter user accounts are separate from the Extreme switch user accounts You can configure both through the EPICenter software or you can have switch access independently...

Page 351: ...entication When EPICenter acts as a RADIUS client the external RADIUS server can be configured using a Vendor Specific Attribute VSA to provide user role information to EPICenter along with the login and password authentication The EPICenter software incorporates a basic RADIUS server that may be useful for demonstration or testing purposes However the built in RADIUS server should not be used in ...

Page 352: ...e RADIUS access To access the Administrator applet click Admin from the Navigation Toolbar The User Administration page appears as shown in Figure 169 Initially the only users are admin and user Figure 169 User Administration window NOTE If you have not done so already you should add a password for the admin user account By default neither the admin or user accounts have a password when EPICenter ...

Page 353: ...isting user make the necessary changes to the password role or ExtremeWare access Note the for the user admin you cannot change the role The user admin cannot be deleted either 3 Click OK The new user information is stored in the EPICenter database User Name The EPICenter login name for the user This is filled in and cannot be modified if you are editing an existing user Password The password for ...

Page 354: ...s all information about this user account from the EPICenter database NOTE To remove all access privileges for a user without removing the user account from the EPICenter database use the Modify User function and change the Role to Disabled Changing Your Own User Password If your user role is Administrator you can change your own password or passwords for other users through the Modify dialog init...

Page 355: ...n in the Verify Password field 3 Click Apply Your new password is stored in the EPICenter database NOTE The change does not take effect until the next time you log in Role Administration If your user role is Administrator you can add modify and delete EPICenter roles Roles let you define different combinations of access to the features of EPICenter For each feature a role can provide Read Write Ac...

Page 356: ...om within the Admin applet The Roles Administration page opens as shown in Figure 172 Administrator Users who can create modify and delete user accounts and can create or modify roles By default Administrators also have read write access to all other EPICenter features enabling them to modify device parameters as well as view status information and statistics Manager Users who by default have read...

Page 357: ... a role the feature setting for the role are displayed in the EPICenter Feature Access list at the bottom of the page Adding or Modifying a Role 1 To add a role click Add To modify a role select the role and click Modify You cannot modify the Disabled role A Role New or Role Modify window opens see Figure 173 ...

Page 358: ...abled 4 Click Apply to create or modify the role If features are globally disabled through the Features Properties settings under the Server Properties Configuration tab you will not be able to select those features when you add or modify a role The Access column will show Globally Disabled instead of access options The STP and VoIP features are globally disabled by default and this is shown in Fi...

Page 359: ...le that the RADIUS server may return If a user is authenticated with a role that EPICenter does not recognize the user will be given the Monitor role by default See the EPICenter Concepts and Solutions Guide for information on configuring this in the RADIUS server Enabling EPICenter as a RADIUS server means that Extreme switches can act as RADIUS clients authenticating users against the RADIUS ser...

Page 360: ...ration panel It is recommended but not required that both a primary and a secondary RADIUS server be available for authentication 2 Fill in the name or IP address of the primary and secondary RADIUS servers 3 The default port used for the RADIUS server is 1645 If either RDIAUS server uses a different port enter that port number in the appropriate RADIUS Port field NOTE The port you enter must matc...

Page 361: ...1 Click the Enable EPICenter as a RADIUS Server button in the RADIUS Configuration panel at the top of the page This enables the fields in the Server Configuration panel 2 Enter the RADIUS server s shared secret in the RADIUS Secret field NOTE If you change the secret in the RADIUS server you must also change it in any of the RADIUS clients Extreme switches that use the RADIUS server for user auth...

Page 362: ...values of a number of properties that affect the function and performance of the EPICenter server 1 Click the Server Properties tab at the top of the page The Server Properties Configuration page appears as shown in Figure 175 Figure 175 Server Properties Configuration page initial properties list Devices 2 Select a set of properties from the drop down menu field at the top of the central panel Yo...

Page 363: ... shut down and restart the EPICenter server Devices Properties When you select Devices from the drop down menu field at the top of the properties panel you can set the following properties Telnet Login Timeout Period sec The length of time in seconds after which a CLI Telnet login request to a switch should time out The default is 10 seconds the range is 1 to 30 seconds Device HTTP Port The port t...

Page 364: ...imum severity level of messages to be logged in a switch Syslog file All messages with Severity equal to or higher than the setting you select will be logged For example if you select 2 Critical then messages of severity 2 Critical 1 Alert and 0 Emergency will be logged The default is 6 Information Save Changed Configurations Only A check specifies that device configurations should be uploaded by ...

Page 365: ...e takes effect as soon as you click Apply In other cases such as the enabling the Configuration Manager the EPICenter server must be restarted A notification is displayed if a restart is required Scalability Properties Select Scalability from the drop down menu field at the top of the properties panel to modify the settings for server resources to provide better performance when managing a large n...

Page 366: ...Accepted per Minute This specifies the maximum number of syslog messages that EPICenter can receive in one minute from all managed devices If more than this number of messages are received within a one minute interval the excess messages are ignored The default is 275 the maximum you can set is 500 Poll Interval The interval in minutes between SNMP polls of a switch to fetch basic device status in...

Page 367: ...istics uncheck the checkbox If this option is disabled then no RMON statistics will be displayed on any maps regardless of the setting of the Display RMON Statistics Display RMON Statistics in new Maps by Default The display of RMON statistics on a map can be enabled or disabled for individual maps through the RMON Statistics checkbox option in the Topology Map Properties window for each map This ...

Page 368: ... to complete it means the EPICenter server is more heavily loaded than if the requests complete quickly The System Load setting tells EPICenter whether the calculated interval between sets of Telnet requests should be relatively longer or shorter compared to the perceived EPICenter server load EPICenter uses the System Load setting in conjunction with the time it took for the last set of Telnet re...

Page 369: ...d in minutes after which the user is required to re login to the EPICenter server The default is 30 minutes You can disable the time out by setting the property to 1 ServiceWatch URL The URL for accessing ServiceWatch to allow it to be launched from the EPICenter Navigation Toolbar and to run in the main EPICenter applet window For example if ServiceWatch is running on a system named tampico at po...

Page 370: ...s You can choose to have the component tree show the port number only or the port number followed by the port name in parentheses if a name or display string has been associated with the port The default is port number only DHCP Temporary Lease A setting that informs the server how long to wait before querying a switch for a netlogin or a permanent IP address from an 802 1x client The default is 2...

Page 371: ...uring a Server Group Member To configure your EPICenter server as a server group member 1 Click the Server Group Member button in the Server Group Type panel at the top of the page This enables the fields in the Server Group Member panel 2 Enter the host name or IP address of the server that acts as the group manager in the Server Group Manager field 3 Enter the port number to be used to communica...

Page 372: ... other and which they use for secure transmission of server data The default shared secret is the string secret NOTE If you change the secret in one EPICenter server you must also change it in all of the other servers in the group 3 Enter the Poll Interval in minutes This determines the frequency with which the Server Manager communicates information to the other server members of the EPICenter se...

Page 373: ... can be loaded quickly even over a dial up connection and can also be printed Some of these reports are actually tools to help you access information helpful for debugging problems with EPICenter or the devices it is managing With the exception of the Network Summary Report EPICenter s HTML reports are always displayed in a browser window even if you are running the EPICenter installed client appl...

Page 374: ...page appears as shown in Figure 177 click View Reports in the left hand panel Figure 177 EPICenter Start up page You will be asked to log in use the same user name and password as you use to log in to the EPICenter server Reports Available in EPICenter The EPICenter software provides the following reports and tools Table 40 EPICenter Reports Report Category Report Name Description Main Extreme eSu...

Page 375: ...hows details about cards of a given type From there you can view details about the device hosting the card The Empty Slots report shows empty slots by device Stack Inventory Stack Summary Device Details Stack Details Inventory of stacking devices From this report you can access Device Details for the stacking device or Stack Details Interface Report Inventory of all ports on devices in the databas...

Page 376: ...current wireless clients detected regardless of client state Client History Historical presentation of activity by wireless client Spoofed Clients Device Details Wireless Port Details List of clients with the same MAC address detected on different wireless interfaces From here you can view details on the device or interface reporting the client Unconnected Clients List of wireless clients not in t...

Page 377: ...ble only to users with an Administrator role See the chapter on Tuning and Debugging EPICenter in the EPICenter Concepts and Solutions Guide for more information Miscellaneous Resource to Attribute Shows all resources that include a specified attribute from the Grouping Manager User to Host Lists current set of user to host mappings including primary IP address of the host Table 40 EPICenter Repor...

Page 378: ...orts to View The Reports browser interface initially shows the EPICenter Reports Main page as shown in Figure 178 Figure 178 EPICenter Reports menu The Main page includes a brief description of the predefined reports that are available scroll down in the page to see the complete list ...

Page 379: ...s detailed information to a file is csv format You can then send this report to Extreme To create a eSupport report select a Device Group from the pull down menu then click Export You are asked to provide a filename for the file and will be able to specify a location on your local system where the file should be saved Using Report Filtering A number of the reports provide a filtering capability so...

Page 380: ...t for example the letter B is greater than A or later in alphabetical order Mary is greater than Joe Mary is also greater than Many NOTE You can use the browser Copy and Paste functions to copy a specific value from the current report into the comparison field To use a second condition to your filter choose one of the logical operators And or Or If you do not want to include a second condition do ...

Page 381: ...link to return to the EPICenter start up page If you launched the Reports feature directly from the browser the browser may time out if there is no activity for a period of time To access Reports after the browser times out log in again EPICenter Report Structure EPICenter reports are either generated by Tcl scripts or are Java based The Tcl based reports can be customized and can serve as models ...

Page 382: ... information on the current version of the EPICenter software running on the EPICenter service and compares the current version to the latest available version This summary shows the following statistics The number of devices known to the EPICenter server that are not responding to EPICenter queries The number of devices reported to be in marginal condition such as a problem with the fan temperatu...

Page 383: ...etwork uses a firewall you can configure HTTP proxy properties using the Server Properties External Connections option of the Admin feature To configure an HTTP proxy device and port see External Connections Properties on page 368 The Distributed Server Summary If you are running in a Distributed server configuration a Distributed Server summary appears below the Network Summary as shown in Figure...

Page 384: ...es the Dynamic Reports feature for that server You can then run any of the available HTML reports Launch Client A link that can launch a client connection to the server Clicking on the Client link launches a client that attempts to connect to that server Devices Up The number of devices managed by the server that are up Devices Down The number of devices managed by the server that are down Critica...

Page 385: ...183 shows example output Figure 183 Device Reports The initial display presents summaries at the Device Group and the device type level A drill down report called Device Details contains the same information you can view in the Inventory applet Information on this report is on page 387 Devices by Group Table The Devices by Group table displays the following information Device Group Name of the dev...

Page 386: ...ollowing information about each device Description Description of the group as kept in the EPICenter device inventory Quantity Number of devices in the group Device Type Type of device Quantity Number of devices of this type known to EPICenter Device Group s All EPICenter Device groups to which it belongs this is displayed only if you select All Devices Name Name of the device from the sysName var...

Page 387: ...PoE blade you will be able to link to reports about those features the Additional Switch Information links at the bottom of the details report If the device does not support these features the Additional Switch Information links do not appear Type Type of device Location Device location from the sysLocation variable MAC Media access control address of the device Serial Number Device serial number ...

Page 388: ...e Group s Device Groups to which this device belongs Device Type The device type Name The name given to the device Description The description provided for the device Location The location information for the device Contact The contact information for the device Boot Time Pacific Daylight Time Time of the most recent boot Software Version The version of software currently running on the device ...

Page 389: ...net to view the Power over Ethernet Report Power over Ethernet Report The Power Over Ethernet report shows information about the PoE configuration of the device Figure 186 shows an example of this report Primary Image The version of software saved as the Primary Image Secondary Image The version of software saved as the Secondary Image Status Device Status OK marginal or Fan Status Status of fans ...

Page 390: ... is installed Disconnect Precedence The method used to determine which port to disconnect when power drain exceeds the power budget lowest priority next port connected causes a shutdown of the lowest priority port deny port next port that attempts to connect is denied power regardless of priority Usage Threshold The threshold for power utilization compared to the configured maximum for either the ...

Page 391: ...mber where this module resides Group Index The index of the power source supplying inline power to this slot Max Available Power Watts The maximum power available to this slot Measured Power Watts The current measured power on the slot Configured Power Limit Watts The configured maximum amount of inline power available to this slot Configuration Indicates whether PoE is enabled or not Status Statu...

Page 392: ... mW Reserved power limit on this port Port Type The user defined port type PoE status Whether power is enabled on this port Enabled or Disabled Operation Status Status of the port disabled searching delivering power fault test other fault Classification Class association for this port 0 1 2 3 4 Priority Port priority for purposes of power management Violation Precedence The limit used to determine...

Page 393: ...Device Group level includes the following Click a Device Group name in the Group column to display the Device Status Report for the devices in the group Figure 189 shows example output Group Name of the device group Description Description of the group as kept in the EPICenter device inventory Alarms in last 24 hours Total alarms for all devices in the device group Devices Not Responding Number of...

Page 394: ...p Name of the device group Device Name Name of the device from the sysName variable IP IP address of the device Status The status of the device operational offline marginal and not responding Last Failure Local Time Zone Time at which the most recent device failure occurred expressed in the local time zone of the EPICenter server Down Period d h m s Length of time the device was unreachable report...

Page 395: ...modules Slot Inventory Card Reports Click the Slot Inventory link in the left hand panel to view the Card Reports list showing an inventory of the slots and module cards known to EPICenter Figure 191 shows example output Click a Card Type link to view a Card Summary Report for an individual card type Click All Cards at the bottom of Name Name of the device from the sysName variable Category The de...

Page 396: ...r All Cards to display the Card Summary report for the modules known to EPICenter Figure 192 shows an example of output that appears if you select All Cards The information shown for an individual card type is the same except that the Card Type column is not included Card Types Type of module cards and empty slots known to EPICenter Quantity Number of modules of a given type For All Cards this is ...

Page 397: ...eport displays the following information about the empty slots Device Group s Name of all the device groups of which the device is a member Device Name Name of the device where the card resides from the sysName variable Device Address IP address of the device Device Location Device location from the sysLocation variable Card Type Type of module card this is displayed only if you select All Cards S...

Page 398: ...port showing all stack devices known to EPICenter Figure 193 Stack Inventory The initial display summarizes module card types and empty slots Stack Summary Report Select a Stack Device type or All Stacks to display the Stack Summary report for the stack devices known to EPICenter Figure 192 shows an example of output that appears if you select All Stacks The information shown for an individual sta...

Page 399: ...ack Details Report Click on a slot name to display the Stack Details report for the selected device Figure 195 shows an example of output Device Group s Name of all the device groups of which the device stack master is a member Device Name Name of the device from the sysName variable Device Address IP address of the device link to the Device Details report Device Location Device location from the ...

Page 400: ...cation variable Device Current Image Version of image running on the master device Slot Type Type of module card this is displayed only if you select All Cards Slot Name Name of the stacking device linked to the Stack Details report for the device Slot Serial Number Stack Device serial number Slot Primary Image The version of software saved as the Primary Image in the stack device Slot Secondary I...

Page 401: ...P Address IP address of the interface Port Port number of the interface Port Name Port name of the interface AdminStatus Interface administrative status enabled disabled OperStatus Operational status of the interface ready active Configured Speed Type Nominal configured speed of the interface Actual Speed Type Actual speed of the interface FDB Polling Whether the port is being actively polled as a...

Page 402: ...IP address Click the heading of a column to sort the report based on the contents of that column for example to sort by operational status click on the OperStatus heading You can filter the ports that are displayed by constructing a conditional filter using the fields at the top of the page This lets you construct a two clause filter statement Figure 197 shows an example Figure 197 Device Ports fi...

Page 403: ... Figure 199 shows a portion of example output VLAN Select all VLANs or the name of a particular VLAN Device Group Select all groups or the name of a particular device group Inactive Days Enter the number of days of inactivity for the requested port s Inactive Hours Enter the number of hours of inactivity for the requested port s Device Name Name of the device on which the port resides IP Address I...

Page 404: ... device group and the time frame inactive days inactive hours The Unused Port Reports detail displays the following Port Number Number of the unused port Port Name An optional name text string configured for the port Inactive Time Length of time this port has been inactive Vlan Name Name of the VLAN to which this port belongs Physical Type Type of port ...

Page 405: ...l area network LAN To view a report of the VLANs known to EPICenter click the Vlan Summary link in the left hand panel Figure 200 shows example output VLAN Summary Report The VLAN Summary Report shows basic information about all the VLANs on devices EPICenter is managing Figure 200 VLAN Reports The information reported includes VLAN Name Name of the VLAN Tag 802 1Q tag if any ...

Page 406: ...s for this VLAN Device List IP addresses of devices with QoS profiles configured for this VLAN Device Name Name of a device on which the VLAN is configured IP Address IP address of a device on which the VLAN is configured VLAN IP IP address assigned to the VLAN Tagged Ports List of 802 1Q tagged ports Untagged Ports List of untagged ports Tagged Ports Number of tagged ports Untagged Ports Number o...

Page 407: ...n the VLAN The Voice over IP Details report displays the following information Click the VLAN name to display a detailed report for an individual VLAN VoIP Vlan Name Name of the VLAN Device List IP addresses of devices with ports that are members of this VLAN and the QoS Profile configured for this VLAN on each device Device Name Name of the device IP Address IP address of the device VLAN IP The I...

Page 408: ...applet EAPS Summary The EAPS Summary report provides a brief overview of the status of the EAPS domains known to EPICenter This report can also be viewed from the Tools menu in the EAPS Monitor applet The report shows The total number of EAPS domains known to EPICenter The number of Domains currently in an error state The number of domain failures that have occurred in the last 24 hours Figure 203...

Page 409: ... are shown You can filter for A specific device by IP address must be exact wildcards are not supported The type of event trap or syslog entries you can enter any keywords that may appear under the Type column as part of the description of the trap or syslog entry Specific varbinds enter a keyword that matches the varbind you want to find such as extremeEapsLastStatusChange Events that occurred wi...

Page 410: ... Alarm Log Report To see all the entries in the EPICenter Alarm Log click the Alarm Log link in the left hand panel Figure 205 shows a portion of an example output Time Time the event occurred expressed in the local time zone of the EPICenter server Source IP address of the device and port number if applicable that generated the event Type Event type for example SNMP Trap Varbinds Variable data tr...

Page 411: ...e show all option can take a very long time to complete The Alarm Log report displays the following information Time Time the alarm occurred expressed in the local time zone of the EPICenter server Name Name of the alarm Severity Severity level of the alarm Source IP address of the device that generated the alarm Category Category that the alarm is classified under Ack ed Whether the alarm has bee...

Page 412: ...e contents of that column You can filter the alarms that are displayed by constructing a conditional filter using the fields at the top of the page You can construct a two clause filter statement as shown in Figure 206 Figure 206 Alarm Log filter specification For further information on filtering see Using Report Filtering on page 379 You can filter on any of the variables shown in the report Even...

Page 413: ...Clicking the First or Last links to display the first or last page in the report Event Event ID of the event assigned by the EPICenter server when the event is received Count Number of consecutive events if the same trap occurs at the same time and is received multiple times only one event is created and the count displays the number of traps Time Time the event occurred expressed in the local tim...

Page 414: ...o clause filter statement Figure 208 Event Log filter specification For further information on filtering see Using Report Filtering on page 379 You can filter on any of the variables shown in the report You can use the browser s Copy and Paste functions to copy a specific value from the current report into the comparison field This technique is particularly useful if you want to filter on a specif...

Page 415: ... portion The log can be saved in csv or xml format or shown in a new page The information displayed includes the following Event Event ID of the syslog entry assigned by the EPICenter server when the syslog is received Time Time the syslog is received by EPICenter expressed in the local time zone of the EPICenter server Source IP address of the device that generated the syslog entry Facility Syslo...

Page 416: ...onal filter using the fields at the top of the page as shown in Figure 210 You can construct a two clause filter statement Figure 210 System Log filter specification For further information on filtering see Using Report Filtering on page 379 The Configuration Management Activity Log This log tracks all the configuration operations performed through EPICenter uploading and downloading of configurat...

Page 417: ...g methods Clicking the Previous and Next links Selecting a page number from the at the top of the report Time Time at which the configuration activity occurred expressed in the local time zone of the EPICenter server Device IP address of the device on which the action was taken Activity The action that was attempted Status Whether the action was successful or not Descr A message describing the rea...

Page 418: ... an access point The Altitude 300 wireless port serves as the radio transmitter and receiver inheriting configuration information as soon as it is attached to the switch and as changes are made to the wireless profiles after the system is deployed The wireless interfaces are radios A switch port usually represents one interface but if a wireless port is connected it adds two more interfaces to the...

Page 419: ...is Link To access the following report wireless ports Wireless Port Inventory Report wireless clients Current Wireless Clients Report unconnected wireless clients Unconnected Client Report last 1 hour Wireless Client History Report filtered for Auth Failed client actions within the last hour spoofed wireless clients Spoofing Wireless Client Report ...

Page 420: ...1 Auth Open Network Auth None and Encryption N A web based net login Wireless Interface Report filtered for interfaces with Dot11 Auth all dot11 auth Network Auth Net Login and Encryption all encryptions MAC RADIUS Wireless Interface Report filtered for interfaces with Dot11 Auth Open Network Auth Mac RADIUS and Encryption all encryptions 802 1x Wireless Interface Report filtered for interfaces wi...

Page 421: ...h the AP is connected Port Port on the switch to which the AP is connected State State of the wireless port Online or Offline Wireless Port MAC MAC address for the wireless port Serial Number Wireless port serial number Product Name Manufacturer s name for the wireless port Country Code Country code which determines country dependent frequency and other regulatory settings on the wireless port sha...

Page 422: ...igure 215 shows example output Figure 215 Wireless Interface Report You can filter this report by IP address RF mode SSID Channel State Dot11Authentiction method Network Authentication method Encryption method or any combination of these factors The initial display presents a summary at the wireless interface level Device Name and IP address of the switch to which the wireless interface is connect...

Page 423: ...Channel Radio frequency channel used by the wireless interface Dot11 Auth Dot11 Authentication method for this wireless interface all Dot11 authentication Open or Shared Network Auth Network Authentication method all methods none Net Login Mac RADIUS 802 11x WPA or WPA PSK Encryption Encryption method all encryption methods N A none WEP64 TKIP AES WEP128 or Other State Interface state enabled or d...

Page 424: ... Name of the AP Manufacturer Manufacturer of the AP Serial Number Serial number of the AP MAC Address MAC address of the AP Country Code Country code which determines country dependent frequency and other regulatory settings on the wireless port shared by all wireless ports on the switch RF Modes Supported RF modes one or more of 802 11a 802 11b 802 11g or 802 11b g ...

Page 425: ...ged state Location Location information for the AP connected to this port Description Description of the AP SSID Service set ID for the wireless interface MAC Address MAC address of the wireless interface radio RF Mode Wireless LAN RF mode 802 11a 802 11b 802 11g or 802 11b g Channel Radio frequency channel used by the interface RF Profile RF profile used by the interface Bridging Whether bridging...

Page 426: ...ort shows the list of access points that have been detected by an by Extreme Networks Altitude 300 AP that are not managed by EPICenter and are not on the Safe AP list at the time the user requests this report The data used to determine the existence of rogue APs is based on the most recent detail poll information for the devices augmented by any traps AP detected AP modified and AP removed that E...

Page 427: ...rer of the AP Mode Wireless LAN RF mode 802 11a 802 11b or 802 11g b Channel Radio frequency channel used by the rogue interface SSID Service set ID for the wireless interface Possible Connected Devices The switch es the EPICenter MAC Poller has determined could be where the rogue AP is connected There can be multiple devices in this field if EPICenter detected the MAC address on more than one swi...

Page 428: ...etermined could be where the rogue AP is connected There can be multiple devices in this field if EPICenter detected the MAC address on more than one switch Possible Connected Ports The port s on the possible connected devices where the AP could be connected Encryption Whether Encryption is being used by this AP True or False WPA Enabled Whether WPA is enabled Yes or No WPA Encryption The type of ...

Page 429: ... detection and change the detection interval EPICenter periodically checks the database to determine if any rogue AP detection events traps have occurred If it finds that an AP has been detected it generates a rogue AP alarm It generates an alarm for each rogue AP detected and will continue to generate alarms until either the Administrator adds the AP to the Safe AP MAC List or until the AP is rem...

Page 430: ...02 11b 802 11g or 802 11b g Channel Radio frequency channel used by the wireless interface SSID Service set ID for the wireless interface Possible Connected Devices The switch es the EPICenter MAC Poller has determined could be where the rogue AP is connected There can be multiple devices in this field if EPICenter detected the MAC address on more than one switch Click the link in this cell to vie...

Page 431: ...s The interval is set in minutes and defaults to 180 minutes 3 hours To change the interval enter a different number and click Change NOTE You can also enable or disable the Rogue Access Point Found alarm in the Alarm Browser Network Login Report The Network Login Report provides information about 802 1x and HTTP login activity The HTTP network log is Extreme specific To view a Network Login Repor...

Page 432: ...of that column Current Wireless Clients Report The Current Wireless Clients report lists all wireless clients regardless of their states that are currently in the network as seen by the wireless ports To view a summary of wireless clients click the Wireless Reports link in the left hand panel and then click the Current Clients link Figure 223 shows a portion of an example output reduced here becau...

Page 433: ...ss in any combination along with an additional choice from the drop down list device interface interface mode interface channel client SSID client MAC address or user name The information displayed is as follows Client MAC MAC address of the client Click the link in this cell to display the Wireless Client History report for this client User Name User name associated with this client appears only ...

Page 434: ...iated The client is associated with the wireless interface but cannot communicate with the network Data forwarding The client can communicate with the network Note A client state changes from detected authenticated associated and data forwarding in that order For interfaces using the WEP authentication method a client in the authenticated state means the client has been authenticated However for i...

Page 435: ...nter software was last started The information displayed is as follows Time Time of this client s action as noted in the Action column Client MAC MAC address of the client User Name User name that the client is using to connect to interface a value appears here only if the authentication method is 802 1x Auth Method Authentication method that client is using to access the network Open WEP MAC 802 ...

Page 436: ...ases from the report you can specify a wireless client time out length minimum connection time to correspond to the client age out setting on the switch To view a summary of clients in the data forwarding state on more than one wireless interface click the Wireless Reports link in the left hand panel and then click the Spoofing Clients link Figure 225 shows MAC addresses of wireless clients in the...

Page 437: ...hows on the new interface temporarily as not connected However the client may not truly be in the unconnected state because it may still be connected on the old interface It should be considered an unconnected client only if it is unconnected for longer than the wireless client time out interval which you can specify for this report To view a summary of clients that are not in the data forwarding ...

Page 438: ...ethod shown in the Client Auth Method column Associated The client is associated with the wireless interface but cannot communicate with the network Data forwarding The client can communicate with the network Auth Method Authentication method that client is using to access the network Open WEP MAC 802 1x PSK none or all authentications Encrypt Method Encryption method used by this client WEP64 WEP...

Page 439: ...ools are described in the chapter on Tuning and Debugging EPICenter in the EPICenter Concepts and Solutions Guide EPICenter Server Reports This category includes both the Server State Summary report which provides a large amount of information about the EPICenter server and its activity and a set of administrator tools available only to users with an Administrator role that may be useful in analyz...

Page 440: ...nter Subsystem The name of the subsystem TFTP Server Internal Syslog Server Internal RADIUS Server MAC Poller Configuration Whether the subsystem is enabled or disabled Current Status Whether the subsystem is running or stopped Last Poll Completed The time at which the last complete polling cycle finished Last Poll Duration The length of time it took to perform the last complete FDB polling cycle ...

Page 441: ...nning a Telnet macro across a number of devices Currently In Use Number of threads currently in use Maximum In Use at Once Maximum number of threads that are in use at one time Total of Requests Total number of times a thread is requested to perform an operation in the server Total of Wait For Thread Total number of times the server has to wait for a thread to become available Percentage Wait per ...

Page 442: ...t have an Administrator role you will not see this link in the left hand panel of the Reports feature The tools for debugging EPICenter are described in the chapter on Tuning and Debugging EPICenter in the EPICenter Concepts and Solutions Guide Miscellaneous Reports Resource to Attribute Mapping Report The Resource to Attribute Mapping Report lists all resources that include the specified attribut...

Page 443: ...ser interface or by importing them For the attribute you select in the pull down menu the report displays the following information User to Host Mapping Report The User to Host Mapping Report lists currently defined user and host mappings along with the primary IP address of the host You can create user host mappings in the Grouping Manager and also are created automatically if the Dynamic Link Co...

Page 444: ...This section explains how to print or export reports Printing Reports Unlike the other EPICenter applets EPICenter reports can be printed with your browser s print function To print a report place the cursor in the pane where the report is displayed and use the browser s Print button or the Print command from the File menu to initiate the print User Name User name Host Name Name of the host mapped...

Page 445: ...e exported Device Reports Device Inventory Card Report Slot Inventory EAPS Log Report Wireless Port Inventory Report Wireless Interface Report Spoofing Wireless Client Report Unauthenticated Client Report Wireless Client Report Wireless Client History Report Report on Device Ports Interface Reports Unused Ports Network Login Report Alarm Log Event Log Report Syslog Report Config Management Log Rep...

Page 446: ...EPICenter Reports EPICenter Reference Guide 446 ...

Page 447: ...2 Advanced Upgrade Features ...

Page 448: ......

Page 449: ...focus on individual EAPS domains it can also help you debug EAPS problems on your network As with the EPICenter Topology Manager the EAPS Monitor map is discovered and populated automatically NOTE Your devices must be running ExtremeWare 7 7 or later or ExtremeXOS 11 3 or later in order to be recognized by EPICenter as EAPS nodes ExtremeXOS 11 6 is required for full functionality within EPICenter ...

Page 450: ...ing a table or Detail Display The EAPS Monitor Menus EPICenter provides a set of menus at the top of the main display frame These are standard across all the EPICenter applets and most of the commands in these menus are described in EPICenter Menus on page 32 The EAPS Monitor provides several additional menu items to the standard Tools menus The EAPS Monitor Tools menu contains the following items...

Page 451: ...logy View Provides a submenu of commands that run in a separate window with the device preselected Alarms Statistics Sync Telnet Viewer VLANs Device Manager You can also view the Properties display from this menu See The Device Sub Menu on page 39 for a description of each command Macros Displays a list of Telnet macros available for the selected device See The Macros Sub Menu on page 41 for more ...

Page 452: ...minimize overlap See Automatic Layout on page 460 for further information ZoomIn Expands the entire map increasing the spacing between nodes The style of the node may change at different zoom levels See Zooming the Map on page 461 for further information ZoomOut Shrinks the entire map reducing the spacing between nodes The style of the node may change at different zoom levels See Zooming the Map o...

Page 453: ...network including their status with respect to the EAPS protocol The top panel provides three tabs that allow you to switch between status displays for Domains Devices or Links In addition within these displays you can display detailed status for individual domains devices ports or links while the corresponding elements are highlighted automatically on the map in the lower panel The viewport displ...

Page 454: ... or status of any EAPS Domains to which the device belongs For an EAPS node clicking on a domain link displays detailed Domain status right clicking the link or clicking the small Focus mode icon invokes Focus mode for that EAPS domain You can also enter Focus mode for a domain by selecting the daemon in the Domain table at the top of the window See Focus Mode on page 461 for details about using F...

Page 455: ...ts you view a thumbnail view of the entire map and lets you position the Viewport within it The small boxed arrow in the lower right corner activates the Map Overview See Moving the Viewport on page 460 for more information about this feature Figure 232 shows the Viewport with the Map Overview activated and the Map s right click menu displayed You can move the Viewport by dragging the small green ...

Page 456: ...entified by their Control VLAN tags all EAPS enabled devices that share the same Control VLAN as identified by the VLAN tag are determined to be members of the same Domain Thus if two independent EAPS domains in your network use the same Control VLAN tag EPICenter will consider them to be a singe EAPS domain Initially the name of the domain is determined by the name used on the first discovered no...

Page 457: ...at all domains in which this device participates are fully operational A yellow ring indicates that one or more of the domains is not fully operational but is in a transitional state or an unknown state as when the device is SNMP unreachable A red ring indicates that one or more of the domains is not operational if the device has a master in a Failed state or a Transit node in a links down state Y...

Page 458: ... domain of which this node is a member Click the device link to display the Device Details display See The Device Details Display on page 471 for more information about this display Click the small Reports icon to the right of the device link to display the EAPS Log Report for this device Click a domain link left click to show the EAPS Domain Details display for the domain See The EAPS Domain Deta...

Page 459: ... the endpoints of that link Reorganizing the Map View There are a number of ways to manipulate the view of your network as shown on the EAPS map You can reorganize the placement on the nodes in the map either by asking EPICenter to calculate a layout or by dragging nodes around yourself You must have write access to the EAPS Monitor in order to perform this function Read Only users cannot do this ...

Page 460: ...wn in Figure 234 on page 459 Any user can perform this function Moving the Viewport If the complete EAPS map is too large to fit within the display area you can move the viewport around to view different parts of the total map There are several ways to do this In addition you can minimize or maximize the viewport or change its vertical dimension with respect to the amount of space allocated to the...

Page 461: ... in to the innermost closest level full details are displayed for each node IP address name and status icons The port endpoints for each link are also displayed When the map is zoomed out to the outermost farthest level only the status icons for the nodes and the links between nodes are displayed Device and port information can be displayed by moving the cursor over a node or link of interest Focu...

Page 462: ...Mode indicator bar or click the small boxed arrow at the right end of the Focus mode bar The Tools Menu Using the Tools menu you can update the EAPS status of the devices on the map run a verification on the EAPS devices and view a variety of information about the devices represented by the nodes on the map By selecting a function from the Tools menu or from the Device pop up menu you can invoke d...

Page 463: ...configurations in your network and provides a report that shows where configuration errors are found To run a verification on your EAPS domains click Verify EAPS under the Tools menu Depending on the size of your network and your EAPS configurations this can take as long as 15 minutes The results of the verification are shown in the EAPS Verification Results window Figure 236 EAPS Verification Res...

Page 464: ...s you can execute CLI commands on the device while still viewing the EAPS Verification Report and the EAPS map showing the highlighted device or domain 5 When you have fixed the problems via ExtremeWare or ExtremeXOS commands you can close the Telnet applet and then Refresh the EAPS Verification Report to see the results of your corrections NOTE It may take multiple iterations of correcting errors...

Page 465: ...The number of Domains currently in an error state The number of domain failures that have occurred in the last 24 hours Figure 237 The EAPS Summary Report The report can also be run from within EPICenter s Reports feature See EAPS Summary on page 408 The Domains Tab The Domains table shown under the Domains tab provides an overview of the domains known to EPICenter The table shows the following in...

Page 466: ...in a column header sorts the column in ascending order The second click in the column header reverses the sort order Table 47 Columns in the Domains Tab Column O Domain status The status of the domain Operational green Transitional Yellow Down Red Domain The name of the domain Click this link to open the Domain Detail window and to highlight the nodes and links on the EAPS map that are included in...

Page 467: ...icates the sort level of that column Figure 239 shows a three column sort Doing a regular click for the third time in any column heading removes all the sort specifications You can specify as many sort levels as there are columns in the table You can sort columns in the various Details Displays in the same manner Figure 239 Sorting by multiple columns The EAPS Domain Details Display The EAPS Domai...

Page 468: ...in s name in the network To change the domain name click the Edit button Type a new name and either Save the name or Cancel the edit Domain Description An optional description of the domain To add or change a description click the Edit button Type a description and either Save it or Cancel the edit Domain Status Status of the domain Error Warning or Complete Last Updated The date of the last statu...

Page 469: ...er the node is a Master or Transit node Primary Port Primary port number Secondary Port Secondary port number Device Enabled Whether EAPS is globally enabled on the device true or false Fast Convergence Whether the device is enabled for fast convergence true or false Domain Node Detail Domain Node name The node s name within the domain Enabled Whether this specific node is enabled as an EAPS node ...

Page 470: ... Status Highest unacknowledged alarm state on the device Device SNMP Reachability Reachability status Reachable via SNMP green triangle or not reachable red X Device name The name of the device Click the name to find and highlight the device on the EAPS map For EAPS nodes the name is also a link to open the Device Details window If the name is not shown as a link then the device is not enabled for...

Page 471: ...ow shows information in under four tabs Domain Nodes Shared Ports Domain Ports Device Settings The Domain Nodes Tab Figure 242 shows the Domain Nodes tab as displayed when the Device Details window first appears Figure 242 The Device Details windows Domain Nodes tab Reports For EAPS nodes click the Report icon to display the EAPS Trap syslog report for that device see EAPS Log Reports on page 478 ...

Page 472: ...Init Precomplete PreInit or Unknown Mode Whether the node acts as a Master or Transit node for this domain Primary Primary port number Secondary Secondary port number Domain The name of the domain to which this node belongs Domain Node Detail Enabled Whether this node is enabled as an EAPS node True or false Control VLAN Name Name of the control VLAN Control VLAN Tag VLAN tag ID of the control VLA...

Page 473: ... number of the shared port Status Status of the shared port Idle Ready Blocking Preforwarding Mode Whether the node acts as a Controller or a Partner node for this shared link Link ID An integer configured on the switch for the shared port Neighbor Status of the neighboring node Down Up Error Root Blocker The port s status as a root blocker None or Active Port Status Status of the port Ready Activ...

Page 474: ...s tab shows the following information Table 53 Device Details window Domain Ports tab Domain Ports Port The number of a port configured for one of the domains sharing a link Status Status of the port Up Down Blocked or Unknown Link ID An integer ID configured on the switch for the shared port only Mode Whether the node acts as a Controller or a Partner node or is unconfigured for the shared port D...

Page 475: ...n overview of the links currently known to exist between devices in the EPICenter database Figure 245 shows the Links tab Secondary Port Secondary port number Table 54 Device Details window Device Settings tab EAPS Protocol Enabled Whether the EAPS protocol is enabled on this device true or false Fast Convergence Enabled Whether the fast convergence is enabled for this device true or false Last Co...

Page 476: ... link SP to display the Shared Port information window See DP Link Discovery Protocol The discovery protocol enabled on the link EDP LLDP or EDP and LLDP Type The link type speed Device Name The name of the device at one endpoint of the link Click the device name to display the Device Properties window see Device Properties on page 88 IP Address The IP address of the first endpoint device Clicking...

Page 477: ...port on which the link exists on the second endpoint device Click the port number to display the Port Properties window see Port Properties on page 96 Table 56 Shared Ports window Shared Port Link ID An integer configured on the switch for the shared port Shared Port Mode Whether the node acts as a Controller or a Partner node for this shared link Shared Port Status Status of the shared port Idle ...

Page 478: ... exact wildcards are not supported The type of event trap or syslog entries you can enter any keywords that may appear under the Type column as part of the description of the trap or syslog entry Specific varbinds enter a keyword that matches the varbind you want to find such as extremeEapsLastStatusChange Events that occurred within a certain time frame Enter values into the fields and click Subm...

Page 479: ...lowing information Time Time the event occurred expressed in the local time zone of the EPICenter server Source IP address of the device and port number if applicable that generated the event Type Event type SNMP trap or syslog including description Varbinds Variable data transmitted with a trap as appropriate ...

Page 480: ...EAPS Protocol Monitoring and Verification EPICenter Reference Guide 480 ...

Page 481: ...ithin the Policy Manager If you have Monitor level access only you cannot use these functions To invoke the Policy Manager click the Policy button in the Navigation Toolbar The Policy Manager main window is displayed see Figure 248 The Policy Manager is organized into two functional areas The Policies View where you can create view and modify EPICenter policy definitions for Extreme devices The or...

Page 482: ... affect the endpoints or scoping of a policy or any changes on a device that affect access list or QoS settings on the device will cause an immediate reconfiguration of all enabled policies on the network devices Access based Security policies will be automatically configured only if the Auto configuration mode is activated When auto configuration is disabled device policy configuration occurs onl...

Page 483: ...e main applet frame shows the definition and function of the selected elements exclamation point An empty column used to invoke a sort by policy precedence Clicking the column header will sort the policies in precedence order Name The name of the policy Type The type of policy Access based security IP source physical port or VLAN Enabled Indicates whether the policy is enabled A green check indica...

Page 484: ...ies network resources to users indicates traffic going from the endpoints specified in Network Resources side of the Policy Traffic area of the Policy Description page to the endpoints specified in the Users area Users to network resources indicates traffic flowing from user endpoint s to the network resource endpoint s Bidirectional indicates that access list rules are generated for traffic in bo...

Page 485: ...enter Inventory or Grouping applets and may include hosts custom applications users devices and ports or groups of any of those resources For example the resource shown in the Network Resources list in Figure 249 is a single host The resource in the Users list is a User group If you have Administrator or Manager access you can use the Edit button to access the resources list and view the definitio...

Page 486: ...c The Policy Access Domain Scope for IP policies section displays the network devices on which the policy rules should be implemented The devices can be specified individually or as groups whose member devices or device ports will be included in the domain The policy domain also specifies the QoS profiles that are implemented on each device for the specified traffic flows The Policy Access Domain ...

Page 487: ...nal traffic flow server to client and the service specification UDP Any This resulted in the four traffic flows shown in Figure 250 Protocol The protocol specified for the traffic TCP in the example Dest IP The destination IP address derived from one of the host specifications Dest Port The L4 port associated with the destination IP address if a port has been specified An asterisk indicates the sp...

Page 488: ...o any devices click the Enabled check box once to remove the check mark and indicate that this policy should not be enabled The presence of a check in the box indicates that the policy will be enabled which is the default state 4 Select a schedule for this policy if desired Default is 24 hours a day 7 days a week You can check desired days set start time on the 24 hour clock and set time periods f...

Page 489: ...as servers and clients The resources you select are typically hosts or users but do not need to be in a conventional client server relationship They simply represent the endpoints source and destination translated to an IP address and port of the traffic flow You can specify individual endpoints or groups that contain the endpoints You can also specify a subnet address or the Any wildcard as an en...

Page 490: ... either to the right or below the list of endpoint resources For a Security policy Two Edit buttons are provided one to the right of the Network Resources list and one to the right of the Users resource list as shown in Figure 251 For an IP policy Two Edit buttons are provided one to the right of the Servers resource list and one to the right of the Clients resource list similar to that shown in F...

Page 491: ...selected resources to the Current Policy Endpoints list Use the Add All button to add all the children of the group you have selected in the component tree Use the Remove button to remove selected resources from the Current Policy Endpoints list Use the Remove All button to remove all resources from the Current Policy Endpoints list For an IP policy and for the Network Resources side of an Access ...

Page 492: ...be considered the source and the network resource endpoints will be considered the destination in the access list rules created from this policy The bottom button indicates that this policy should apply to all traffic flowing between the user right side endpoints and the network resource left side endpoints in either direction 10 Server service and L4 ports for a Security or an IP policy You may i...

Page 493: ...en you select either of the Deny TCP SYN packets services the QoS profiles for all devices in your policy scope are automatically set to blackhole to accomplish the denial of new TCP traffic b To specify an L4 port or port range enter a port number in the L4 Port Range field Enter a single port number or a port range in the form first_port last_port The L4 Port Range field appears only if you sele...

Page 494: ...p An optional comment you can enter when you select the QoS profile for the resource The order in which the resources are displayed in the Policy Access Domain or Scope Resource list determines their precedence Precedence is significant when an individual device appears more than once in the list as a member of multiple groups for example and the QoS profile setting of each of those occurrences is...

Page 495: ...igured on the device for this policy by selecting a resource in the Current Policy Access Domain Devices list and then selecting a profile from the drop down list associated with that resource Click OK to close the Edit window and display the contents of the Current Policy Endpoints list in the appropriate resource list in the Access List Policy Traffic for IP policies area Cancel closes the Edit ...

Page 496: ...re already selected as endpoints When you select a group in the component tree its children groups or individual resources are displayed in the associated Resource list the right half of the Select Endpoints to be Added area Individual resources are displayed only if they are of types that can be used as endpoints for the policy type you have selected For example if you are creating a VLAN policy ...

Page 497: ... this policy endpoint This button does not appear if you are creating User side Security VLAN or Source Port endpoints NOTE You cannot have both the wildcard endpoint specification and individual endpoint specifications in the Current Policy Endpoints list as individual endpoints are redundant with the Any specification If you specify Add Wildcard when there are other endpoints in the list the Pol...

Page 498: ...he policy access domain The area on the right of the window Current Policy Access Domain Devices shows the resources you have already selected to include in the access domain for your policy 1 Add or remove resources from the Current Policy Access Domain Devices list 2 In addition to selecting resources you can select the QoS Profile that should be configured on the device for this policy a Select...

Page 499: ...t click the OK button at the bottom of the window This closes the Edit window and displays the contents of the Current Policy Scope Resources list in the appropriate resource list in the Policy Traffic area Click Cancel to close the Edit window and abandon any changes you have made to the Current Policy Scope Resources list Modifying Policies To modify a network policy you follow the same steps yo...

Page 500: ...Policy Traffic fields will change The current entries in the traffic resource list s are removed although they will still appear in the Current Policy Endpoints list in the Edit Policy Endpoints window However if they are not valid endpoint types for the new policy type they will not be added to the endpoint resource lists and you will need to select new endpoints for your policy Name To change th...

Page 501: ...ource in the Current Policy Scope Resources list and then selecting a profile from the drop down list associated with that resource Click OK to close the Edit window and display the contents of the Current Policy Endpoints list in the appropriate resource list in the Policy Traffic area Cancel closes the Edit window and abandons any changes you have made to the Current Policy Endpoints list To cha...

Page 502: ...policies of lower priority The policy precedence defined in this window only controls the relationships between policies of the same type Policies of different types have a predefined precedence relationship Security and IP QoS policies are the highest priority Source Port QoS policies are second and VLAN QoS policies have the lowest priority For Security and IP policies the precedence can be mani...

Page 503: ...profiles QP1 through QP8 and configure your modified profiles on a selected set of devices or on individual ports on a device You cannot change the settings of the blackhole profile which is set to priority deny and does not use the minimum or maximum bandwidth settings Click the Configure QoS profiles button to view or change the current QoS profile definitions in the Policy System This displays ...

Page 504: ...width specified in the previous field 4 To change the priority select one of the eight priorities low lowHi normal normalHi medium mediumHi high highHi or deny from the drop down menu in the Priority field 5 To specify the devices or ports on which this modified profile should be configured select devices or groups from the Select Resources to be Added part of the window and move them to the Resou...

Page 505: ...and reconfiguration of the QoS policies on your network When auto configuration is enabled a policy reconfiguration may be triggered by any of the following events Changes to group memberships made through the Grouping Manager or Inventory Manager that affect a group used to define a policy endpoint or policy scope Network login 802 1x user login logout Changes made through the ExtremeWare CLI or ...

Page 506: ...peration occurs the configuration status icon shown at the upper right corner of the Policy Manager displays an animated status indication of the progress of the configuration First the Policy Manager must compute the access list and QoS rules based on your policy definitions This is indicated by an animated display of the following graphic Second the Policy Manager applies the computed policies t...

Page 507: ...to the configuration function either successful or unsuccessful select a device in the list The messages related to the device are displayed as lines under the device node Plus sign Click the plus sign at the left of the device name to display server messages related to configuring the device Minus sign Click the minus sign at the left of the device to hide the server messages Up and down arrows T...

Page 508: ...Using the Policy Manager EPICenter Reference Guide 508 ...

Page 509: ... the users are logged into the network The QoS Profile settings for the devices managed by the EPICenter server The ACL Viewer shows information about the policies you ve defined even if they have not been configured on the network Thus you can use the ACL Viewer to preview the rules you ve specified before they take effect on your network The ACL Viewer organizes information by device scope infor...

Page 510: ... Lists VLAN QoS and Source Port QoS The format of each of these displays is the same and is organized by policy scope one entry for each policy and scope resource device or group If a policy has multiple scope resources each has a separate entry For example in Figure 266 the policy ip1 is scoped on two individual devices so there are two entries in the list for that policy Each entry in the summar...

Page 511: ...es actually configured on the device Most Security policies are shown only while the user is actively connected to the network NOTE IP policies can only be configured on Extreme Networks devices running ExtremeWare versions 5 0x or 6 0 x or later Non i series devices only support IP policies if they run ExtremeWare 5 0x All Extreme Networks devices support VLAN QoS To display the traffic patterns ...

Page 512: ...es in precedence order Policy Displays the name of the policy Protocol Indicates the protocol specified for the traffic UPD TCP etc in the example Dest IP The destination IP address derived from one of the host specifications Dest L4 Port The L4 port associated with the destination IP address if a port has been specified An asterisk indicates the specification Any Src IP The source IP address deri...

Page 513: ... of the table The rows in the comparison display are displayed in colors that indicate the status of the rule Compare policy and configured rules Select to compare the EPICenter generated rules with the rules configured on the device as shown in Figure 268 View policy rules Select to display the EPICenter rules only View configured rules Select to display the configured rules only Green The rule i...

Page 514: ...ugh the Policy Manager or through the ExtremeWare CLI Config Traffic The traffic definition to which this rule applies The summary in this field includes the protocol the ingress ports In Ports on the switch the destination IP address and ports and the source IP address and ports Config Profile The QoS profile applied to this traffic flow Owner Indicates how the rule was generated If the rule was ...

Page 515: ...ated by any VLAN QoS policies that have the selected group in its scope see Figure 269 Profile The QoS profile specified for this traffic flow by this policy To be used Indicates whether the rule is acceptable for configuration on the device not in conflict with any other rules Values for this column are Yes the rule can be used No duplicated indicating that the rule duplicates another rule No dis...

Page 516: ...erated by the EPICenter Policy Manager based on your policy definitions and the rules actually configured on the device as shown in Figure 270 exclamation point An empty column used to invoke a sort by policy precedence Clicking the column header will sort the policies in precedence order Policy Displays the name of the policy VLAN The VLAN for which this policy is specified Profile The QoS profil...

Page 517: ... policy rule comparison display shows both the ideal rules as generated by the EPICenter Policy Manager shown in the left half of the table and the configured rules as they exist on the device shown in the right half of the table Compare policy and configured rules Select to compare the EPICenter generated rules with the rules configured on the device as shown in Figure 268 View policy rules Selec...

Page 518: ...ce but it was not generated by the EPICenter Policy Manager Only the Configured side of the table is filled in for these rules exclamation point An empty column used to invoke a sort by policy precedence Clicking the column header will sort the policies in policy precedence order Policy Displays the name of the policy Ideal Rule VLAN The VLAN specified by this policy Ideal Rule Profile The QoS pro...

Page 519: ...treme i series device as well as the policies actually configured on the device NOTE Source Port QoS policies can only be configured on Extreme Networks devices running ExtremeWare versions 5 0x or 6 x or later Non i series devices only support Source Port QoS if they run ExtremeWare 5 0x To display the traffic patterns generated by the Source Port QoS policies that include the group in the policy...

Page 520: ... Figure 272 Source Port QoS display showing ideal and configured rules for a device The View field at the top of the display lets you select how you want to view the device rules You can view the access list rules in three ways exclamation point An empty column used to invoke a sort by policy precedence Clicking the column header will sort the policies in policy precedence order Policy Displays th...

Page 521: ...n the traffic patterns for the rule are the same but the specified treatment the QoS profile is different Both the Ideal and Configured sides of the table are filled in Blue The rule is configured on the device but it was not generated by the EPICenter Policy Manager Only the Configured side of the table is filled in for these rules exclamation point An empty column used to invoke a sort by policy...

Page 522: ...P1 through QP8 and the blackhole profile For non i series devices it shows the four QoS profiles QP1 through QP4 and the blackhole profile For i series devices it also shows per port QoS profile settings that are different from the QoS profile settings for the device as a whole Figure 273 shows a QoS Profile display for an i series device Figure 273 QoS profile display for an i series device Sourc...

Page 523: ...the QoS Profile display is as follows The same columns are shown in the Port exception QoS Profiles table Network Login 802 1x Display The Network Login 802 1x display shows lists the Network Login 802 1x information about each user connected to the device Figure 274 shows the Network Login 802 1x display Figure 274 Network Login 802 1x display Profile The name of the profile Min BW The minimum ba...

Page 524: ...is updated each time a user logs in and out of the selected device Port The port on the device on which the user is logged in User Name The name of the user IP Address The IP address of the user s host Login Type The login type either network login or 802 1x MAC Address The MAC address of the user s host VLAN The VLAN to which the port belongs ...

Page 525: ...3 Appendices ...

Page 526: ......

Page 527: ...works proprietary trap Indicates that the number of prefixes received over this peer session has reached the maximum configured limit BGP4 V2 EXOS 10 1 BGP M2 Threshold Reached Extreme Networks proprietary trap Indicates that the number of prefixes received over this peer session has reached the threshold limit BGP4 V2 EXOS 10 1 BGP Prefix Max Exceeded Extreme Networks proprietary trap Indicates t...

Page 528: ...rietary trap Indicates that the wanDsx3LossOfMasterClock event for the specified interface has been detected ExtremeWare 6 1 8b66 Not supported in ExtremeXOS Dsx3 No Loss of Master Clock Extreme Networks proprietary trap Indicates that the wanDsx3NoLossOfMasterClock event for the specified interface has been detected ExtremeWare 6 1 8b66 Not supported in ExtremeXOS EAPS Fail Timer Expired Flag Cle...

Page 529: ... be sent once the fan has attained normal operation This trap is sent repetitively every 30 seconds until all the fans are back to normal condition All Fan OK Extreme Networks proprietary trap This trap indicates that a fan has transitioned out of a failure state and is now operating correctly All Health Check Failed Extreme Networks proprietary trap The CPU HealthCheck has failed ExtremeWare 6 1 ...

Page 530: ...onMismatch should cause a trap only if it prevents an adjacency from forming ExtremeWare 6 1 9 ExtremeXOS 10 1 OSPF Interface Receive Bad Packet An ospfIfRxBadPacket trap signifies that an OSPF packet has been received on a non virtual interface that cannot be parsed ExtremeWare 6 1 9 ExtremeXOS 10 1 OSPF Interface State Change An ospfIfStateChange trap signifies that there has been a change in th...

Page 531: ...re has been a change in the state of an OSPF virtual interface This trap should be generated when the interface state regresses e g goes from Point to Point to Down or progresses to a terminal state i e Point to Point ExtremeWare 6 1 9 ExtremeXOS 10 1 OSPF Virtual Interface TX Retransmit An ospfVirtIfTxRetransmit trap signifies than an OSPF packet has been retransmitted on a virtual interface All ...

Page 532: ... power delivery status of the PSE port whether the port is delivering power or not This notification should be sent on every status change except in the searching mode At least 500 msec must elapse between notifications emitted by the same object instance ExtremeXOS 11 1 Redundant Power Supply Failed Extreme Networks proprietary trap This trap indicates that the attached redundant power supply dev...

Page 533: ...the scan results table Generated only if the value of extremeWirelessScanSendAPAddedTrap is true ExtremeWare 7 3 Not supported in ExtremeXOS Wireless AP Removed Extreme Networks proprietary trap Generated when an AP is removed from the scan results table Generated only if the value of extremeWirelessScanSendAPRemovededTrap is true ExtremeWare 7 3 Not supported in ExtremeXOS Wireless AP Updated Ext...

Page 534: ...trap Generated when a new station is added to the probe info table Generated only if the value of extremeWirelessProbeInfoSendAddedTrap is true ExtremeWare 7 3 Not supported in ExtremeXOS Wireless Probe Info Removed Extreme Networks proprietary trap Generated when a station is removed from the probe info table Generated only if the value of extremeWirelessProbeInfoSendRemovedTrap is true ExtremeWa...

Page 535: ...bit 1 ON OSPF Neighbor State Change set ospfSetTrap bit 2 ON OSPF Virtual Neighbor State Change set ospfSetTrap bit 3 ON OSPF Interface Config Error set ospfSetTrap bit 4 ON OSPF Virtual Interface Config Error set ospfSetTrap bit 5 ON OSPF Interface Authentication Failure set ospfSetTrap bit 6 ON OSPF Virtual Interface Authentication Failure set ospfSetTrap bit 7 ON OSPF Interface Receive Bad Pack...

Page 536: ...the SNMP Fan Failed trap which will be generated every 30 seconds until the condition is corrected High Trap Count One Shot Event No Longer Valid Overheat For Extreme Networks devices only The EPICenter server generates this event for an Extreme device when it detects a transition from normal temperature to overheat condition on the device Unlike the SNMP overheat trap event this event is based on...

Page 537: ...eated in the directory opt ExtremeNetworks EPICenter6 0 user war where opt ExtremeNetworks EPICenter6 0 is the install_dir The Alarm Log is backed up to the file Alarm_Log txt The Event Log is backed up to the file Event_Log txt Each primary backup file is in turn backed up to a secondary file when it reaches its maximum size of approximately 30 MB for Event_Log txt and 6 MB for Alarm_Log txt Alar...

Page 538: ...ity The Validation utility validates all indexes and keys on some or all of the tables in the database Access the Validation utility from the MS DOS or Solaris command line using the dbvalid command This convention also allows incorporation into batch or command files Using the DBVALID Command Line Utility To validate the EPICenter database running under Windows use the command install_dir databas...

Page 539: ...tabase dbbackup c uid dba pwd sql eng EPIC51 dbf install_dir basecamp db backup_dir Under Solaris use the command install_dir database dbbackup c uid dba pwd sql eng EPIC51 dbf install_dir basecamp db backup_dir This example assumes a database user ID of dba with password sql These are the defaults used when the database server is installed through the EPICenter installation process If you have ch...

Page 540: ...e EPICenter database basecamp db connecting as user ID dba with password sql install_dir database dbbackup c uid dba pwd sql eng EPIC51 dbf install_dir basecamp db c tmp Installing a Backup Database The backup database is named basecamp db and is kept in the directory you specified when you ran the dbbackup command c tmp in the example To replace a damaged database with the backup copy follow thes...

Page 541: ...e Guide 541 3 Copy the backup copy of basecamp db and basecamp log to the EPICenter installation directory 4 Restart the EPICenter software following the instructions in the EPICenter Installation and Upgrade Note for your operating system ...

Page 542: ...EPICenter Backup EPICenter Reference Guide 542 ...

Page 543: ...The default switch configuration includes a single STP domain called s0 The default VLAN is a member of STPD s0 STP ports can run in one of three modes 802 1D mode which conforms to the IEEE 802 1D standard Extreme Multiple Instance Spanning Tree Protocol EMISTP mode an Extreme implementation of STP that allows a port to belong to multiple STP domains This is the default on Extreme switches Enhanc...

Page 544: ... Right Click Pop Up Menus on page 38 for basic information about using pop up menus The contents of a pop up menu depends on the type of item you have selected in the Component Tree If you select a specific STP domain or VLAN the pop up menu provides a Properties command If you select a device all the commands shown in Table 65 are available Displaying STP Domain Information Click the STP button i...

Page 545: ...the domain The VLANs in turn show the devices with ports that are members of the VLAN within the domain NOTE Devices running earlier versions of ExtremeWare may also have Spanning Tree domains configured and enabled but the EPICenter server is unable to obtain information about these domains because SNMP agent support for STP was added in version 6 2 2 The information presented for each STP domain...

Page 546: ...ed domain Root Max Age The maximum allowable age for STP information learned by the root for this domain If this age is reached the current information is discarded and the Spanning Tree is recalculated Value is in seconds Root Hello Time The interval between transmission of Configuration BPDUs by the root for this domain Value is in seconds Root Forward Delay The forward delay time being used by ...

Page 547: ... you select a VLAN the STP Devices view appears as shown in Figure 277 Figure 277 STP Devices view This view shows information about the devices participating in the selected VLAN within this domain The information presented for each device includes Name The name of the VLAN Devices The number of devices participating in this VLAN for this domain Ports The number of ports participating in this VLA...

Page 548: ... bridge If this device is the root bridge the cost will be zero Designated Bridge Indicates whether this device is a designated bridge transmits configuration BPDUs to other bridges on any of its ports Priority The bridge priority of this bridge for this STP domain Max Age The maximum allowable age for STP information as determined by the root for this domain If this age is reached the current inf...

Page 549: ...domain is disabled the port table will be empty Port The device and port number STP State Whether STP is enabled or disabled on this port State The state of the port Disabled Blocking Listening Learning or Forwarding Mode The port mode 802 1D PVST or EMISTP Priority The port priority of this port in this STP domain Port Cost This port s contribution to the cost of the path from this port to the ro...

Page 550: ...the root for this domain If this age is reached the current information is discarded and the Spanning Tree is recalculated Value is in seconds Root Hello Time The interval between transmission of Configuration BPDUs by the root for this domain Value is in seconds Root Forward Delay The forward delay time being used by the root for this domain The forward delay is the time that a bridge remains in ...

Page 551: ...ion with the compression rates used in the IP phones for coding decoding voice traffic The VoIP applet can then configure the appropriate QoS settings on the switches on which the VoIP VLANs reside The EPICenter VoIP module is a separately licensed component of the EPICenter product family When a VoIP applet license is installed on the EPICenter server the VoIP icon appears in the Navigation Toolb...

Page 552: ... over IP VLANs the display shows all VoIP VLANs and their included devices If you select an individual VLAN in the Component Tree the display shows only the devices that include the selected VLAN The Select button at the top of this window lets you select VLANs for Voice over IP VLAN The name of the VLAN This may appear in the list multiple times if the VLAN is configured on more than one switch I...

Page 553: ...ed with VoIP traffic should use protocol IP or Any and may be tagged or untagged If you add a new device to an existing VoIP VLAN for example to expand the number of IP phones the new device will not be configured automatically as a VoIP VLAN You will need to select the VLAN on the new device and then configure the VoIP settings on that device 1 To select the VLANs to configure for Voice over IP c...

Page 554: ... as part of the VoIP VLAN A red X indicates that this device has not been selected or has been deselected As a rule all devices in the VLAN will be enabled or disabled for VoIP and switches cannot be enabled or disabled individual However if a device is added to the VLAN after the VLAN has been enabled that switch will not be enabled until you re enable the entire VLAN IP Address The IP address as...

Page 555: ... VLAN as a VoIP enabled VLAN and will save this setting in the EPICenter database NOTE Any devices added to the VLAN after the VLAN has been configured for VoIP are not automatically configured for VoIP You must return to the VoIP applet and configure the new device 5 Click Close to close the window NOTE When you disable a VLAN the VoIP settings for the devices in the VLAN remain in the EPICenter ...

Page 556: ...S Settings for the selected VLAN are displayed as shown in Figure 283 Figure 283 QoS Settings page for a VoIP VLAN The top portion of the QoS Settings page shows the current QoS settings for each switch in the VLAN If you configure new settings using the Configure VoIP QoS Parameters dialog the settings shown in this part of the display may change to reflect the new settings The bottom portion of ...

Page 557: ...e computed QoS bandwidth settings may not be accurate NOTE VoIP configuration attributes are set on a switch by switch basis meaning that all IP phones connected to an individual switch are assumed to use the same compression algorithm Settings cannot currently be configured for individual ports Priority This specifies the priority of the VoIP traffic on this VLAN You can select any of the eight p...

Page 558: ...eously The minimum bandwidth setting will never be less than 1 of the egress port s total available bandwidth However there may be situations where the bandwidth calculation algorithm either overestimates or underestimates the minimum bandwidth requirements If the egress port speed is set to Auto the bandwidth calculation assumes 100 Mbps as the configured port speed If the port s actual speed is ...

Page 559: ...tch B the VoIP Manager module assumes that the one ingress port port 29 is a single IP phone port when it is actually a trunk port If the egress port port 30 on the upstream switch B is configured as 1000 Mbps port as is the case in the example the minimum bandwidth setting will probably be acceptable in most cases because the VoIP Manager module will never assign less than 1 of the bandwidth 10 M...

Page 560: ... is where multiple IP phone are connected via a hub to a single ingress port on a switch In this configuration the VoIP Manager will underestimate the number of IP phone connections and will therefore underestimate the required minimum bandwidth In this case you can also use the information in Table 66 to help you determine the correct minimum bandwidth in the QoS profile for the VoIP VLAN on the ...

Page 561: ...ation attributes you specified on the QoS Settings page You can configure the switches with the default settings or modify the settings for one or more individual switches For example if your organization uses several types of VoIP phones with different compression algorithms you may need to set different algorithms and QoS profile settings for the switches to which these phones are connected NOTE...

Page 562: ...s to the Calculated Settings list 4 You can edit the minimum and maximum bandwidth setting values once an entry has been placed in the Calculated Settings list Select the cell containing the bandwidth percentage you want to change type in a new percentage and click outside the cell for the change to be recognized There are a number of reasons why you might want to change the minimum or maximum ban...

Page 563: ...oice over IP VLANs along with the switches that are included in those VLANs The Voice over IP Details report displays information about each device in the VLAN You can access the EPICenter software Dynamic Reporting capability in one of two ways By clicking the Reports icon in the EPICenter software Navigation Toolbar By logging in directly from the EPICenter Start up page See Chapter 15 Voice ove...

Page 564: ...Voice over IP Manager EPICenter Reference Guide 564 ...

Page 565: ...113 adding alarm category 126 alarm definition 115 CPU Utilization rule 130 devices 68 protocol filters 340 relationships to resource 233 resource as child 230 RMON rule 130 user accounts 353 VLANs 331 adding nodes to a map 297 Additional Info field 53 55 address range in IP MAC Address Finder 255 admin predefined administrator user 350 Admin button 30 Administration page 352 Administrator adding ...

Page 566: ...ule target configuration 137 Topology Change rule 136 unacknowledging 105 variables 118 All Device Groups page 49 All ESRPs view 344 Apply button 38 Archive button Configuration Manager 152 Archive Baseline differences report 156 archiving configuration settings 152 Attribute Name field 237 Attribute Type field 237 attributes of resources 223 227 DLCS ID type 236 238 generic type 229 236 238 IP su...

Page 567: ...anager 46 73 224 Modify RMON Configuration 131 New 482 488 New Discovery 63 Order 482 502 Paste nodes into map 302 Play Telnet 202 Policies 483 Policy 31 481 509 Profile 482 503 Protocol Filters 340 Query 241 Remove Add Attribute 238 Remove Add Resources 232 Remove Discovery 63 Remove Grouping Manager 233 235 Remove IP MAC Address Finder 255 256 Remove Relationship from Group 235 Remove All Add Re...

Page 568: ...ad 162 scheduled device upload 152 scheduling global archive uploads 153 setting archive limits 155 software version specification 194 TFTP button 170 Upload button 149 uploading device configuration 149 viewing configuration files 166 configured rules display IP QoS 515 Source Port QoS 522 configuring policy precedence 502 configuring QoS policies 505 Connect Device button 337 Connect Edge Port t...

Page 569: ...play 523 device properties 88 Device reports 384 device status Inventory Manager display 51 Device Status report 375 393 Device tab 89 dialog boxes 37 drop down menu fields 38 list box fields 38 page tabs 37 selecting multiple items in a list 38 text fields 38 directed configuration 505 Disable Port button 429 disable rouge AP detection 429 431 Disabled access 350 356 disabling port for a rogue AP...

Page 570: ...ge downloading to device 183 specifying current version 174 175 194 upgrading device 182 ExtremeWare Vista from Inventory Manager 40 F falling threshold CPU utilization 135 for predefined RMON events 137 RMON events 133 FDB polling disabling for a port 60 file import in Grouping Manager 243 filtering in reports 379 resources 227 231 filtering alarms 104 106 109 Find Address Tasks List window 252 F...

Page 571: ...List 255 tasks list 253 Tasks List Summary 252 WildCard button 255 L L4 port 492 L4 port range field 493 specifying for client 493 specifying for user 493 Layout button Topology 305 Layout Map In Window Topology 306 Layout Map menu selection 305 LDAP directory importing from 243 244 link topology 287 adding to VLANs 318 composite link 288 291 deleting from map 303 marking for adding to VLAN 318 li...

Page 572: ... modifying alarm category 127 alarm definition 115 device groups 77 device information 73 IP address for VLAN 337 policy precedence 502 Qos profiles 503 RMON configuration 131 user accounts 353 VLANs 335 Monitor access 350 356 multi step upgrade 182 191 N navigating EPICenter applications 29 Navigation Toolbar 29 Network Clients tab 91 Network Login report 376 Network Login 802 x1 display 523 netw...

Page 573: ...B polling 60 in Grouping Manager 221 port types in VLAN Manager 330 removing from VLAN 331 332 337 339 STPD membership 543 predefined alarms 102 114 predefined groups 221 Print Map menu selection 315 Printing 42 Priority ESRP 346 Priority field 504 Profile button 482 503 Properties Device tab 89 Edge Port FDB tab 90 Network Clients tab 91 STP tab 89 Syslog Messages tab 91 VLAN tab 89 protocol filt...

Page 574: ...History 376 Config Mgmt Log 375 Current Clients 376 Debug EPICenter 377 Device Details 387 Device Inventory 385 Device Inventory report 375 384 Device reports 384 Device Status report 375 393 Distributed Server summary 27 383 eSupport Export 374 379 Event Log 375 Event Log report 412 exiting 381 exporting 445 filtering 379 Interface report 401 Main page 378 MIB Poller Summary 376 MIB Query 376 Net...

Page 575: ...Type predefined rule 137 Startup Alarm 134 Startup Alarm for predefined rule 137 synchronize with device rules 139 Temperature predefined rule 136 Topology change predefined rule 136 traps 101 104 utilization on map links 315 RMON statistics enable on topology map topology enabling RMON statistics 314 RMON Statistics Topology 315 rogue AP adding to Safe APs list 429 alarms report 429 detection rep...

Page 576: ...ut Period 363 Telnet Screen Width 370 Thread Default Alloc Size 366 Thread Pool Size 366 Timeout Period 366 Topology properties 367 Traps per device 366 Traps per Minute 366 Update Type Library on Server 369 Upload Download Timeout Period 363 Use EPICenter Login for Telnet 364 Server Properties tab 362 server service 492 Server State Summary report 377 ServiceWatch button 31 setting graph preferen...

Page 577: ...Center Telnet 197 from Inventory Manager 40 macro status 201 macros 200 paste 202 217 Repeat Delay 204 Repeating check box 204 third party devices 219 Telnet button 30 197 Telnet Connections list 200 Telnet feature 197 terminology About This Guide 15 text fields 38 text node 287 TFTP button Configuration Manager 170 TFTP server enabling disabling 170 195 setting root directory path 171 195 third p...

Page 578: ...s modifying 353 utilities database backup 539 database validation 537 V Validate EAPS 463 Variables button Alarms 123 Versions button Firmware Manager 194 view topology 284 Alarm Status Threshold 292 creating new 291 deleting 301 displaying 293 renaming 293 setting properties 304 View configured rules menu item 513 517 521 View policy rules menu item 513 517 521 View Properties 304 viewing access ...

Page 579: ...LANs from tree 334 viewing by switch 328 viewing member ports 329 VLANs button 316 VLANs for VoIP 553 Voice over IP button 31 Voice VLAN Summary report 375 VoIP Details report 563 Disabling on a VLAN 555 Enabling on a VLAN 555 Voice VLAN Summary report 563 VoIP Manager 551 553 558 VoIP Settings IP Address 552 Maximum Bandwidth Max BW 552 Minimum Bandwidth Min BW 552 Priority 552 QoS Profile 552 Sw...

Page 580: ...EPICenter Reference Guide 580 ...

Reviews:

No comments

Related manuals for EPICenter 6.0

Jetstream CPX-1000

Brand: Paradyne Pages: 93

LINUX ENTERPRISE DESKTOP 11 - KDE

Brand: Novell Pages: 102

Brand: Extreme Networks Pages: 546

ExtremeWare 7.5

Brand: Extreme Networks Pages: 2546

Brand: Blamsoft Pages: 28

Brand: Drobo Pages: 6

Brand: FARONICS Pages: 43

Brand: HP Pages: 4

BD DISCRECORDER

Brand: Ulead Pages: 18

READIRIS 12 PRO

Brand: IRIS Pages: 6

BRIGHTMAIL GATEWAY SMALL BUSINESS EDITION

Brand: Symantec Pages: 4

Brand: Symantec Pages: 30

Brand: Altigen Pages: 502

ENTERPRISE LINUX 5 - DM MULTIPATH

Brand: Red Hat Pages: 42

Spectra nTier File Migrator

Brand: Spectra Logic Pages: 92

Unified Messaging

Brand: Oracle Pages: 46

Retail Place 12.2

Brand: Oracle Pages: 68

Oracle Web Application Server

Brand: Oracle Pages: 80

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands