manualshive.com logo in svg

IS5 COMMUNICATIONS iSG18GFP, User Manual

The IS5 Communications iSG18GFP is a cutting-edge communication device designed to meet your business needs. Easily set up and operate with the included User Manual. Download your free manual from manualshive.com and unleash the full potential of your iSG18GFP today.

Share
Download
background image

 

CHAPTER: 

LOGIN AND MANAGEMENT,

 SECTION: 

PASSWORD EXPIRATION

 

 

UM-G-iSG18GFP-4.5.06.1-EN.docx 

 

© 2020 IS5 COMMUNICATIONS Inc. ALL RIGHTS RESERVED 

3. 

"Password:" line will appear.

 

4. 

Type the new password twice (the first one is for setup, the second is for verification)

 

5. 

 In case of successful password change a message will be sent to syslog. Message will contain:

 

a. 

Changer’s username

 

b. 

Username of the applied password change

 

 

When changing an ACE password 

1. 

In CLI root, go to ACE terminal by typing application connect.

 

2. 

 Type user change password uname su.

 

3. 

"Old password:" line will appear.

 

4. 

Type old password first for authentication and then type the new password twice (the first one is for setup, the 

second is for verification)

 

5. 

 In case of successful password change a message will be sent to syslog. Message will contain:

 

a. 

Changer’s username

 

b. 

Username of the applied password change.

 

7.5  Password Expiration 

The password expiration has the following pre-set parameters: 

 

maximum time (default = 90 days) 

 

warning time (default = 10 days) 

At the next login, the iSG18GFP will notify the user to change the password after the warning time has elapsed. A 

proper message will be sent to syslog. 

After the  password expiration (‘maximum time’ elapsed), the iSG18GFP will notify the user upon next login and 

enforce a change of the password. A proper message will be sent to syslog. 

7.6  CLI / iDMS User and Password Protection 

Login authentication attempts either through the CLI or iDMS (Industrial Device Management System) are limited to 

3. After that the system will close the SSH server for one minute. 

 

<129>Jul 31 10:57:59 iSG18GFP CLI Attempt to login as su via console failed 

% Maximum Password tries over, User is blocked 

 

Figure 7 - Error Message when Wrong Password Entered

 

 

In addition, on interfaces different then the console, after 9 attempts, the IP will be blocked. The IP can be 

unblocked once the user is logged in to the iSG18GFP through a different IP or through the console. 

 

 

Summary of Contents for iSG18GFP

Page 1: ...ICATIONS INC ALL RIGHTS RESERVED iSG18GFP User Manual General Section G iSG18GFP Intelligent 18 Port Compact Service Aware Ethernet Switch IEC 61850 3 and IEEE 1613 Compliant Version 4 5 06 1 Apr 2020...

Page 2: ...ucts found to be defective within this warranty period including shipping costs This warranty does not cover product modifications or repairs done by persons other than iS5 approved personnel and this...

Page 3: ...ector 8 3 3 3 Power Budget 8 CHAPTER 4 CONFIGURATION ENVIRONMENT 9 4 1 Command Line Interface 9 4 2 Command Line navigation 10 4 2 1 Minimum Abbreviation 10 4 2 2 GREP 10 4 2 3 Dynamic Completion of C...

Page 4: ...ntrol 50 6 10 2 Rate Limit Output 50 6 11 Ports Command Hierarchy 50 6 12 Ports Commands Description 52 6 12 1 Port Configuration Example 54 6 12 2 Configuration Output Example 56 CHAPTER 7 LOGIN AND...

Page 5: ...nterfaces Defaults 14 Table 8 Root Commands Description 16 Table 9 GCE Commands Description 20 Table 10 Port Addressing Syntax 46 Table 11 Ports Default States 48 Table 12 Ports Default States 48 Tabl...

Page 6: ...ts for the Distributed Automation control of remote sites This product is as a secure gateway for Ethernet IP and Serial services as an optimized platform for servicing these needs over the network co...

Page 7: ...ng features please refer to Section B iSG18GFP User Manual Basic Section B UM B iSG18GFP 4 5 06 01 EN docx For security features refer to iSG18GFP User Manual Security Section S UM S iSG18GFP 4 5 06 0...

Page 8: ...Example Your Product enable 15 Courier New 10 regular blue Courier New 10 regular black CLI command outputs Current privilege level is 15 Your Product show privilege Pre requisites or special informa...

Page 9: ...P Address Resolution Protocol CLI Command Line Interface CLI Fa or FE Fa stands for Fast Ethernet Gi Gigabit Ethernet GCE General Configuration Environment MAC Media Access Control VLAN Virtual LAN TC...

Page 10: ...iSG18GFP 4 5 06 1 EN docx 2020 IS5 COMMUNICATIONS Inc ALL RIGHTS RESERVED Hardware and Interfaces 2 1 Graphical View of Hardware Figure 1 Graphical View of Hardware 2 2 Logical System View Figure 2 Lo...

Page 11: ...ing device for proper cooling using natural air flow Refer to the figure below Figure 3 Distance for Natural Air Flow 3 2 Grounding 1 To install the grounding wire prepare a minimum 10 American Wire G...

Page 12: ...to a reliable ground as described below 3 3 Connecting to a Power Source CAUTION Please refer to the iSG18GFP installation guide for complete installation instructions 3 3 1 Wiring DC Input Voltage Fe...

Page 13: ...tor Use 18AWG 1mm2 wire with insulated ferrules 3 3 3 Power Budget Please refer to the iSG18GFP installation guide for complete breakdown of power consumption per product group and recommended upstrea...

Page 14: ...ng table lists the CLI environments and modes Table 4 Command Line Interface Command Mode Access Method Prompt Exit Method Root Following user log in this mode is available to the user iSG18GFP To exi...

Page 15: ...CLI mode 4 2 2 GREP The GREP and GREP V allows filtering long show outputs GREP text filter to output lines which includes the given text GREP v text filter to output lines which do not include the gi...

Page 16: ...ace gigabit mac address table static unicast 02 20 d2 fc 1c 79 vlan 4092 interface fastethernet mac address table static unicast 02 20 d2 fc 1c 7a vlan 4092 interface fastethernet 4 2 3 Dynamic Comple...

Page 17: ...rts Serial ports Cellular modem OSPF VLAN tagging IPSec VPN Management Authentication SCADA Gateway SCADA Firewall L2 L4 Firewall QOS Serial services Terminal services ERP MSTP OSPF RIP FTP SNMP NAT T...

Page 18: ...nt X SNMP Trap X SNMP X SSH Client X X Syslog X X Telnet Client X X Telnet server X X TFTP Client X Web management interface X Networking LLDP X OAM CFM ITU T Y 1731 X QOS X Protection Conditioned sch...

Page 19: ...Firewall X Serial Transparent Tunneling X Terminal Server X VPN L2 GRE VPN X L3 IPSec VPN X L3 mGRE DM VPN X 4 4 System Defaults The following table details the features and interfaces defaults Table...

Page 20: ...led TACACS Disabled Radius Disabled ACLs Disabled SNTP Disabled Firewall Disabled VPN Disabled 4 5 Root Commands The Root Configuration Environment list of main CLI commands is shown below Root Help c...

Page 21: ...permissible mode Lock Locks the CLI console It allows the user system administrator to lock the console to prevent unauthorized users from gaining access to the CLI command shell Enter the login pass...

Page 22: ...efault ip address ip address default ip address allocation protocol ip address dhcp login authentication login authentication default authorized manager ip source archive download sw interface configu...

Page 23: ...r counters show ip interface show authorized managers show interfaces show interfaces counters show system specific port id show interface mtu show interface bridge port type show nvram show env show...

Page 24: ...COMMANDS UM G iSG18GFP 4 5 06 1 EN docx 2020 IS5 COMMUNICATIONS Inc ALL RIGHTS RESERVED show telnet server show audit set http authentication scheme set http redirection enable http redirect show htt...

Page 25: ...accessing the GUI to manage the switch authorized manager ip source Configures an IP authorized manager and the no form of the command removes manager from authorized managers list mtu frame size Con...

Page 26: ...maximum number of unicast dynamic MAC L2 MAC entries hardware can learn on the system system contact system location clear interfaces counters clear counters show ip interface show authorized manager...

Page 27: ...lear line vty login block for audit logging logsize threshold feature telnet show telnet server show audit set http authentication scheme set http redirection enable http redirect show http authentica...

Page 28: ...ace status management vlan list port_list show iftype protocol deny table clear line vty audit logging logsize threshold feature telnet show telnet server show audit set http authentication scheme set...

Page 29: ...ospf ip rip NAT cellular connection continuous echo disable enable modem network refresh settings show wan capture delete export help show start stop date discrete service show dm vpn multipoint gre n...

Page 30: ...vlan show running config interface fastethernet 0 1 8 show running config interface gigabitethernet 0 1 2 show vlan port config show interfaces status ACLs show running config acl FDB show mac addres...

Page 31: ...ACE ACE Routing router interface show router route show router static enable show running config show ip route exit router ospf enable show running config show ip ospf route show ip ospf neighbor show...

Page 32: ...show l2 vpn nhrp spoke show l2 vpn nhrp hub show ipsec vpn tunnel show ipsec show global defs ipsec show preshared ipsec show sa ipsec show log Serial serial card show serial port show serial local en...

Page 33: ...e must be FAT32 The iSG18GFP can hold at its disk a maximum of two OS image files Before downloading a new OS file to the switch make sure the iSG18GFP has on it only one the active file If needed del...

Page 34: ...RIGHTS RESERVED startup config import export flash file_name sftp user password aa bb cc dd file_name tftp aa bb cc dd file_name logs export flash file_name sftp user password aa bb cc dd file_name tf...

Page 35: ...CLI management 2 Prepare a USB stick formatted to FAT32 and with the OS version at its root directory 3 Display available OS files iSG18GFP os image show list Versions list IS_5018_4 5 04 09 tar IS_50...

Page 36: ...image show list Versions list IS_5018_4 5 04 09 tar active IS_5018_4 5 06 01 tar 5 4 2 From SFTP To upgrade the OS image file from a SFTP server perform the following 1 Display the available OS files...

Page 37: ..._5018_4 5 06 01 tar active iSG18GFP 4 Activate desired OS file will automatically reboot the device iSG18GFP os image activate flash IS_5018_4 5 04 09 tar Switch booting iSG18GFP os image show list Ve...

Page 38: ...p address filename Example iSG18GFP logs export sftp user user 172 18 212 230 logs_january13 5 6 Example of Exporting DB Files to Flash Drive The following flow will show how to export configuration a...

Page 39: ...ble reboot the unit and interrupt the boot process at the Safe Mode prompt The first Safe mode is used for approved technician only and should not be used unless specified iS5Com This Safe Mode state...

Page 40: ...ther type field continue c Continue with start up process help H Display help about this utility c Extracting software s OK 01 01 70 00 25 34 Running applications For safe mode Press s safe mode menu...

Page 41: ...ult configuration for the device eeprom 3 Write to EEPROM recover 4 Recover the device s images from a package file db 5 Export Import DB continue c Continue in start up process refresh r Refresh menu...

Page 42: ...the switch safe mode menu reset 1 Reset the device defcfg 2 Load the factory default configuration for the device eeprom 3 Write to EEPROM recover 4 Recover the device s images from a package file db...

Page 43: ...guration for the device eeprom 3 Write to EEPROM recover 4 Recover the device s images from a package file db 5 Export Import DB continue c Continue in start up process refresh r Refresh menu help H D...

Page 44: ...te file name and path Below examples shown relate to version 4 0 02 10 tar Choose Options 4 and 1 safe mode menu reset 1 Reset the device defcfg 2 Load the factory default configuration for the device...

Page 45: ...4 09 tar Enter version number on USB For main menu press X mnt usb IS_5018_4 5 06 01 tar Version was installed successfully 4 Activate the new version Select Options 4 and 3 The system will boot safe...

Page 46: ...file please wait 5 8 3 Installing First Firmware Image from a USB Follow the steps below for an example of installing a first version from a USB Local database and any active OS image will be deleted...

Page 47: ...require an update to the iSG18GFP s OS Such updates will include the OS image also referred to as Uboot file provided to you by the iS5Com support team Upon obtaining the OS file follow these steps 1...

Page 48: ...s images from a package file db 5 Export Import DB continue c Continue in start up process refresh r Refresh menu help H Display help about this utility 4 safe mode menu reset 1 Reset the device defcf...

Page 49: ...package file db 5 Export Import DB continue c Continue in start up process help H Display help about this utility 5 Export Import DB export 1 Export DB to usb import 2 Import DB from usb list 3 Show l...

Page 50: ...SYSTEM VERSION AND DATABASE SECTION SAFE MODE UM G iSG18GFP 4 5 06 1 EN docx 2020 IS5 COMMUNICATIONS Inc ALL RIGHTS RESERVED continue c Continue in start up process help H Display help about this uti...

Page 51: ...Syntax Command Description interface type Specifies the interface type Fastethernet F gigabitethernet G Port id Specifies the port id in a slot number port format Slot number is 0 for Ethernet ports...

Page 52: ...4 Enabling Ports To be accessible the required interfaces must be activated This is done using the no shutdown command 1 An example of enabling port interface number 5 is as follows iSG18GFP config in...

Page 53: ...4 Serial tunneling Service VLANs Terminal Server Service VLANs Gateway Service VLANs L2 VPN NNI Vlan UNI VLAN L3 VPN NNI Vlan IPsec NNI Vlan Cellular Firewall Service VLANs 6 6 Ports FE 0 9 16 The usa...

Page 54: ...8 1 Power Management of PoE 1 The eight PoE ports support in total maximum power output of a For 12 VDC powered units 70 Watt b For 24 VDC powered units 90 Watt c For 48 VDC powered units 120 Watt or...

Page 55: ...state of the port Port number is in the range 1 8 when related to fastethernet 1 8 6 9 Cellular Ports Cellular Port Description 2SIM LTE1 Dual SIM LTE Modem with 3G fallback International 2SIM LTE2 Du...

Page 56: ...end desired on off mtu mtu value no shutdown no storm control broadcast multicast dlf level pps 1 250 000 no rate limit output rate limit burst limit switchport unicast mac learning limit limit value...

Page 57: ...llowed only if the port is not a tagged member at any VLAN The port property of switchport acceptable frame type must be set to untagged AND priority Tagged Trunk accepts and sends only tagged frames...

Page 58: ...operating over the interface Note Any messages larger than the MTU are divided into smaller packets before transmission Default 1500 system specific port id This command configures the system specific...

Page 59: ...en used with send option storm control sets the storm control rate for broadcast multicast and DLF packets broadcast Broadcast packets multicast Multicast packets dlf Unicast packets level Storm contr...

Page 60: ...GFP 4 5 06 1 EN docx 2020 IS5 COMMUNICATIONS Inc ALL RIGHTS RESERVED 3 Set a port PVID iSG18GFP config interface fastethernet 0 5 iSG18GFP config if switchport pvid 5 4 Set a Port Alias iSG18GFP confi...

Page 61: ...ess is 00 20 d2 fc c1 f1 MTU 1500 bytes Full duplex 100 Mbps No Negotiation HOL Block Prevention disabled CPU Controlled Learning disabled Auto MDIX on Input flow control is off output flow control is...

Page 62: ...t Vlan ID 1 Port Acceptable Frame Type Admit All Port Mac Learning Status Enabled Port Mac Learning Limit Default Port Ingress Filtering Disabled Port Mode Trunk iSG18GFP show vlan port config port fa...

Page 63: ...uenced by the authorized manager conditions If no authorized managers are configured default state then secure gateway management is possible on all configured VLANs and associated ports via the respe...

Page 64: ...a specific authorized manager from the list of authorized managers ip_addr Sets the network or host address from which the secure gateway is managed An address 0 0 0 0 indicates Any Manager ip_mask S...

Page 65: ...r Logins no username Set a new user Username 2 32 characters length Must start with A Z or a z Allowed small and capital letters Allowed numbers 0 9 Allowed special symbols and _ Password 8 32 charact...

Page 66: ...7 5 Password Expiration The password expiration has the following pre set parameters maximum time default 90 days warning time default 10 days At the next login the iSG18GFP will notify the user to c...

Page 67: ...ager iSG18GFP config authorized manager ip source 10 10 10 10 32 interface fastethernet 0 1 vlan 1 service ssh snmp telnet iSG18GFP config authorized manager ip source 10 10 10 10 iSG18GFP show author...

Page 68: ...Enable Disable Exit Help logout Users with privilege level 1 can access all user level commands with iSG18GFP prompt Users with privilege level 15 can access all commands It is the least restricted le...

Page 69: ...ational parameters 7 9 1 1 Connecting the device to a PC using the Console Port 1 Connect the RJ45 connector of the console cable to the device s Console Port CON 2 Connect the other side of the cable...

Page 70: ...0 1 Default state Table 18 Default State of Features Feature Default state Vlan 1 Active All ports are members Layer 3 interface Interface VLAN 1 is set to 10 10 10 1 8 SSH Enabled Telnet Disabled Con...

Page 71: ...elnet interface type port id no switchport pvid vlan ID no shutdown no interface vlan vlan id no shutdown ip address dhcp ip address subnet mask Application connect reload schedule date and time YYYY...

Page 72: ...tch supports SSH client allowing It to open SSH session to a remote partner User username to be logged in at the remote partner Remote ip IP address of remote partner Config terminal line vty Set idle...

Page 73: ...reload cancel Cancels all scheduled automatic reloads reload show Shows user set scheduled reloads 7 10 4 Example For management of ports using designated VLAN and IP follow the configuration example...

Page 74: ...s for Creating Alias Command Description Config terminal Alias replacement string Represents the string for which a replacement is needed token to be replaced Specifies an abbreviated short form of th...

Page 75: ...1 Port Mac Learning Limit The Administrator can enable or disable the Mac Learning Status of each port By default each port in the bridge is allocated a limit on the number of Mac addresses that is l...

Page 76: ...raffic will be learned with the VLAN tag by default 7 13 3 Configuration Example Static MAC entry 1 Place a static entry iSG18GFP config mac address table static unicast 02 20 d2 fc 1c 95 vlan 1 inter...

Page 77: ...hardware address Vlan vlan id 1 4094 no arp ip address show ip arp Vlan vlan id 1 4094 interface type interface id ip address mac address summary information Table 21 Commands Hierarchy Commands Desc...

Page 78: ...G18GFP config arp timeout 50 2 Set static entry iSG18GFP config arp 172 18 212 100 00 11 22 33 44 55 Vlan 1 Output example iSG18GFP show ip arp VRF Id 0 VRF Name default Address Hardware Address Type...

Reviews:

No comments

Related manuals for iSG18GFP

Keithley 7707 User Manual preview
7707
Brand: Keithley Pages: 59
D-Link DSR-500 User Manual preview
DSR-500
Brand: D-Link Pages: 213
Enginko MCF-LW06424 Operating Manual preview
MCF-LW06424
Brand: Enginko Pages: 19
MicroNet BroadLink SP3353 Installation Manual preview
BroadLink SP3353
Brand: MicroNet Pages: 66
H3C S10500 Series Mpls Configuration Manual preview
S10500 Series
Brand: H3C Pages: 400
Magnadyne RV2458 Installation Manual preview
RV2458
Brand: Magnadyne Pages: 8
TVT Digital TD-3316B4-16P-A1 Quick Start Manual preview
TD-3316B4-16P-A1
Brand: TVT Digital Pages: 2
H3C LSWM12H2Q User Manual preview
LSWM12H2Q
Brand: H3C Pages: 9
Airlink101 AWMB100 User Manual preview
AWMB100
Brand: Airlink101 Pages: 46
ivideon Bridge B1610 Quick Start Manual preview
Bridge B1610
Brand: ivideon Pages: 11
Vacron VDH-NK300 Hardware Manual preview
VDH-NK300
Brand: Vacron Pages: 16
Broadband Products D-Link DSL-2640U Quick Installation Manual preview
D-Link DSL-2640U
Brand: Broadband Products Pages: 12
SMC Networks SMC-EZ1026DT User Manual preview
SMC-EZ1026DT
Brand: SMC Networks Pages: 56
Fluke Network Tester User Manual preview
Network Tester
Brand: Fluke Pages: 102
Cradlepoint wipipe CTR350 Quick Start Manual preview
wipipe CTR350
Brand: Cradlepoint Pages: 2
Enterasys 2H258-17R Installation & User Manual preview
2H258-17R
Brand: Enterasys Pages: 62
Helmholz 700-160-3EN02 Quick Start Manual preview
700-160-3EN02
Brand: Helmholz Pages: 14
Hanwha Techwin Wisenet XRN-6410DB4 User Manual preview
Wisenet XRN-6410DB4
Brand: Hanwha Techwin Pages: 118

Brands by name

Popular brands

Load more brands