Allied Telesis AT-S94 Скачать руководство пользователя страница 26 | Manualshive

Страница: 26 / 203

background image

Configuring Device Security

Configuring Management Security

Page 26

Configuring Management Security

This section provides information for configuring device management security, device authentication methods,
users and passwords.

This section includes the following topics:

•

Defining Access Profiles

•

Defining Profile Rules

•

Defining Authentication Profiles

•

Mapping Authentication Profiles

Defining Access Profiles

Access profiles are profiles and rules for accessing the device. Access to management functions can be limited to
user groups. User groups are defined for interfaces according to IP addresses or IP subnets. Access profiles
contain management methods for accessing and managing the device. The device management methods
include:

•

All

•

Telnet

•

Secure Telnet (SSH)

•

HTTP

•

Secure HTTP (HTTPS)

Management access to different management methods may differ between user groups. For example, User
Group 1 can access the device module only via an HTTPS session, while User Group 2 can access the device
module via both HTTPS and Telnet sessions. The

Access Profile Page

contains the currently configured access

profiles and their activity status.

Assigning an access profile to an interface denies access via other interfaces. If an access profile is assigned to
any interface, the device can be accessed by all interfaces.

To define access profiles:

1.

Click

Mgmt. Security > Access Profile

. The

Access Profile Page

opens:

«
...
24
25
26
27
28
...
»

Содержание AT-S94

Страница 1: ...Layer 2 Ethernet Switch AT S94 V1 1 0 Web Browser Interface User s Guide...

Страница 2: ...ntioned herein are trademarks or registered trademarks of their respective owners Allied Telesis Inc reserves the right to make changes in specifications and other information contained in this docume...

Страница 3: ...nformation 17 Configuring System Time 19 Setting the System Clock 19 Configuring SNTP 20 Configuring Daylight Saving Time 21 Configuring Device Security 25 Configuring Management Security 26 Defining...

Страница 4: ...ettings 96 Defining GVRP 98 Defining MAC Based Groups 100 Configuring System Logs 103 Defining Log Settings 103 Viewing Temporary and Flash Logs 106 Configuring Spanning Tree 108 Configuring Classic S...

Страница 5: ...ntegrated Cable Tests 165 Viewing Optical Transceivers 167 Resetting the Device 168 Viewing Statistics 169 Viewing Device Statistics 169 Viewing Interface Statistics 169 Viewing Etherlike Statistics 1...

Страница 6: ...194 System Defaults 196 RS 232 Port Settings 197 Port Defaults 197 Configuration Defaults 198 Security Defaults 198 Jumbo Frame Defaults 198 System Time Defaults 198 Spanning Tree Defaults 199 Address...

Страница 7: ...oth system and network security including traffic control and switch access methods Section 5 Configuring DHCP Snooping Provides information for enabling and defining DHCP Snooping configurations and...

Страница 8: ...lesis Knowledge Base from the following web site www alliedtelesis com support You can use the Knowledge Base to submit questions to our technical support staff and review answers to previously asked...

Страница 9: ...on for starting the application The login information is configured with a default user name and password The default password is friend the default user name is manager Passwords are both case sensit...

Страница 10: ...Getting Started Starting the Application Page 10 Figure 2 System General Page...

Страница 11: ...m Views provide a graphical representation of the device ports The Port Settings Page displays an example of the Zoom View with a detailed graphical representation of the device ports To open a zoom v...

Страница 12: ...components with their corresponding numbers Table 1 Interface Components Component Description 1 Menu The Menu provides easy navigation through the main management software features In addition the Me...

Страница 13: ...guration entries View Displays detailed information for the current page configuration Refresh Refreshes information displayed on the current page Reset Device reset Resets the device information for...

Страница 14: ...on to tables or WBI pages 1 Open a WBI page 2 Click Add An Add page opens for example the Add Local User Page Figure 5 Add Local User Page 3 Define the fields 4 Click Apply The configuration informati...

Страница 15: ...information can be saved for permanent use or until next update not just for the current session A configuration is saved as permanent by copying the current Running Configuration file to the Startup...

Страница 16: ...ce 1 In the System General Page click Reset You are prompted to confirm 2 Click OK The device is reset Resetting the device ends the web browser management session You must restart the session to cont...

Страница 17: ...comprises two sections Administration and DHCP Configuration The Administration section of the contains the following fields System Name Indicates the user defined name of the device This is a require...

Страница 18: ...vice following reset checks if the IP address is already defined in the Startup Configuration If not the device tries to receive an IP address from a BootIP server until either an IP address is receiv...

Страница 19: ...Clock The System Time Page contains fields for defining system time parameters for both the local hardware clock and the external SNTP clock If the system time is kept using an external SNTP clock an...

Страница 20: ...s an SNTP client and cannot provide time services to other systems The device can poll the following server types for the server time Unicast Anycast Broadcast Time sources are established by stratums...

Страница 21: ...Time The System Time Page opens The Additional Time Parameters section of the System Time Page contains the following fields Daylight Saving Enables automatic Daylight Saving Time DST on the device b...

Страница 22: ...The week within the month at which DST ends every year The possible field range is 1 5 Month The month of the year in which DST ends every year The possible field range is Jan Dec Time The time at whi...

Страница 23: ...ber Lebanon From the last weekend of March until the last weekend of October Lithuania From the last weekend of March until the last weekend of October Luxembourg From the last weekend of March until...

Страница 24: ...he last weekend of March until the last weekend of October United Kingdom From the last weekend of March until the last weekend of October United States of America From the second Sunday in March at 0...

Страница 25: ...This section describes setting security parameters for ports device management methods users and servers This section contains the following topics Configuring Management Security Configuring Server...

Страница 26: ...or IP subnets Access profiles contain management methods for accessing and managing the device The device management methods include All Telnet Secure Telnet SSH HTTP Secure HTTP HTTPS Management acc...

Страница 27: ...status Access Profile Name The name of the profile The access profile name can contain up to 32 characters Current Active Access Profile Indicates if the profile is currently active The possible field...

Страница 28: ...vice using Telnet meeting access profile criteria are permitted or denied access to the device HTTP Assigns HTTP access to the rule If selected users accessing the device using HTTP meeting access pro...

Страница 29: ...tached to the access rule The possible field values are Permit Permits access to the device Deny Denies access to the device This is the default 3 Define the fields 4 Click Apply The access profile is...

Страница 30: ...ty Profile Rules The Profile Rules Page opens Figure 12 Profile Rules Page Access Profile Name Displays the access profile to which the rule is attached Priority Defines the rule priority When the pac...

Страница 31: ...denied access to the device Secure HTTP HTTPS Assigns HTTPS access to the rule If selected users accessing the device using HTTPS meeting access profile criteria are permitted or denied access to the...

Страница 32: ...dify an access rule 1 Click Mgmt Security Profile Rules The Profile Rules Page opens 2 Click Modify The Profiles Rules Configuration Page opens Figure 14 Profiles Rules Configuration Page 3 Define the...

Страница 33: ...Authentication Profiles Page contains two tables which display the currently defined profiles Login Authentication Profiles Provides the method by which system users logon to the device Enable Authent...

Страница 34: ...cation cannot be verified at the RADIUS server the session is authenticated locally If the session cannot be authenticated locally the session is permitted Local TACACS Indicates that Authentication f...

Страница 35: ...and the device is updated To modify the authentication profile settings 1 Click Mgmt Security Authentication Profiles The Authentication Profiles Page opens 2 Click Modify The Authentication Profile...

Страница 36: ...ods are used To map authentication methods 1 Click Mgmt Security Authentication Mapping The Authentication Mapping Page opens Figure 18 Authentication Mapping Page The Authentication Mapping Page comp...

Страница 37: ...for access HTTP Indicates that authentication methods are used for HTTP access Possible methods are Local Authentication occurs locally RADIUS Authenticates the user at the RADIUS server TACACS Authen...

Страница 38: ...Terminal Access Controller Access Control System TACACS provides centralized security user access validation The system supports up to 8 TACACS servers TACACS provides a centralized user management sy...

Страница 39: ...authentication port Timeout for Reply Defines the time interval in seconds that passes before the connection between the device and the TACACS server times out The field range is 1 60 seconds and the...

Страница 40: ...To modify TACACS server settings 1 Click Mgmt Protocols TACACS The TACACS Page opens 2 Click Modify The TACACS Configuration Page opens Figure 21 TACACS Configuration Page 3 Define the relevant field...

Страница 41: ...between the device and the TACACS server times out The field range is 1 60 seconds and the default is 10 seconds Default Dead Time Defines the default amount of time in minutes that a RADIUS server i...

Страница 42: ...String Indicates the key string used for authenticating and encrypting all RADIUS communications between the device and the RADIUS server This key must match the RADIUS encryption Source IP Address Di...

Страница 43: ...g Device Security Configuring Server Based Authentication Page 43 Figure 24 RADIUS Configuration Page 3 Define the relevant fields 4 Click Apply The RADIUS server settings are modified and the device...

Страница 44: ...Users Page displays the list of currently defined local users and contains the following fields User Name Displays the user s name Access Level Displays the user access level The lowest user access le...

Страница 45: ...o 159 characters Confirm Password Verifies the password 3 Define the fields 4 Click Apply The user is added to the Local Users table and the device is updated To modify local users 1 Click Mgmt Securi...

Страница 46: ...Password The Line Password Page opens Figure 28 Line Password Page The Line Password Page contains the following fields Console Line Password Defines the line password for accessing the device via a...

Страница 47: ...ity monitors both received and learned packets that are received on specific ports Access to the locked port is limited to users with specific MAC addresses These addresses are either manually defined...

Страница 48: ...Port Security Page displays the Zoom View of the selected stacking member s defined in the Unit No field ports 2 In the Unit No field select the stacking member to display 3 Select the ports to lock...

Страница 49: ...sic lock mechanism The port is immediately locked regardless of the number of addresses that have already been learned Limited Dynamic Lock Locks the port by deleting the current dynamic MAC addresses...

Страница 50: ...d Displays the method by which the last session was authenticated The possible field values are None Indicates that no authentication method is used to authenticate the port RADIUS Provides port authe...

Страница 51: ...ify port based authentication settings 1 Click Modify The Port Authentication Settings Page opens Figure 32 Port Authentication Settings Page The Port Authentication Settings Page contains the followi...

Страница 52: ...e In case of MAC 802 1x 802 1x takes precedence Enable Periodic Reauthentication Permits port reauthentication The possible field values are Enable Enables port reauthentication This is the default va...

Страница 53: ...network resources or causing the network to time out Storm control is enabled for all ports by defining the packet type and the rate the packets are transmitted The system measures the incoming Broad...

Страница 54: ...Specifies the Broadcast mode currently enabled on the device The possible field values are Multicast Broadcast Counts both Broadcast and Multicast traffic together Broadcast Only Counts only the Broad...

Страница 55: ...trol entries ACEs that are made of the filters that determine traffic classifications The total number of ACEs that can be defined in all ACLs together is 256 This section contains the following topic...

Страница 56: ...E Destination MAC Mask Indicates the destination MAC Address wild card mask Wildcards are used to mask all or part of a destination MAC Address Wild card masks specify which octets are used and which...

Страница 57: ...ble Rule Priority and define the ACL s relevant fields 5 Click Apply The MAC Based ACL configuration is defined and the device is updated 6 Click Save Config on the menu to save the changes permanentl...

Страница 58: ...MAC Based ACE rule is defined and the device is updated 5 Click Save Config on the menu to save the changes permanently To modify the MAC Based ACL configuration 1 Click Network Security MAC Based ACL...

Страница 59: ...evice Security Defining Access Control Page 59 3 Define the fields 4 Click Apply The MAC Based ACL configuration is defined and the device is updated 5 Click Save Config on the menu to save the change...

Страница 60: ...ecked Maintains the ACL ACE Priority Indicates the rule priority which determines which rule is matched to a packet on a first match basis Protocol Creates an ACE based on a specific protocol The avai...

Страница 61: ...ocol IGP for network routing Layer Two 2 Tunneling Protocol an extension to the PPP protocol that enables ISPs to operate Virtual Private Networks VPNs IPIP IP over IP IPIP Encapsulates IP packets to...

Страница 62: ...ICMP Code Indicates and ICMP message code for filtering ICMP packets ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code IGMP Type Filters packets by IGMP...

Страница 63: ...s based on QoS values such as DSCP or IP Precedence The possible field values are Checked Enables identification of flows based on QoS values Selecting this option makes the Match DSCP and Match IP Pr...

Страница 64: ...Based ACE Page page opens Figure 41 Add IP Based ACE Page 3 Define the fields 4 Click Apply The IP Based ACE rule is defined and the device is updated 5 Click Save Config on the menu to save the chan...

Страница 65: ...ng Access Control Page 65 Figure 42 IP Based ACL Configuration Page 3 Define the fields 4 Click Apply The IP Based ACL configuration is defined and the device is updated 5 Click Save Config on the men...

Страница 66: ...atched packets 1 Click Network Security ACL Binding The ACL Binding Page opens Figure 43 ACL Binding Page The ACL Binding Page contains the following fields Interface Indicates the interface to which...

Страница 67: ...ose the interface to which the ACL is bound The possible values are Port Port associated with the ACL Trunk Trunk associated with the ACL Select IP Based ACL or MAC Based ACL Choose the ACL which is b...

Страница 68: ...only from within the network or the network firewall DHCP with Option 82 attaches authentication messages to the packets sent from the host DHCP passes the configuration information to hosts on a TCP...

Страница 69: ...rt number from which the client s packet was received Disable Disables DHCP Option 82 with data insertion on the device This is the default value Verify MAC Address Indicates if MAC addresses are veri...

Страница 70: ...d and the device is updated 4 Click Save Config on the menu to save the changes permanently Defining DHCP Snooping on VLANs The VLAN Settings Page allows network managers to enable DHCP snooping on VL...

Страница 71: ...terfaces can be configured to receive traffic from outside the network or the firewall To define trusted interfaces 1 Click DHCP Snooping Trusted Interfaces The Trusted Interfaces Page opens Figure 47...

Страница 72: ...ion page opens Figure 48 Trusted Configuration Page 4 Edit the following field Trusted Status Indicates whether the interface is a Trusted Interface Enable Interface is in trusted mode Disable Interfa...

Страница 73: ...C Address Indicates the MAC addresses recorded in the DHCP Database The Database can be queried by MAC address IP Address Indicates the IP addresses recorded in the DHCP Database The Database can be q...

Страница 74: ...er Lease Time Displays the lease time The Lease Time defines the amount of time the DHCP Snooping entry is active Addresses whose lease times are expired are ignored by the switch The possible values...

Страница 75: ...ing Ports Setting Ports Configurations This section contains the following topics Defining Port Settings Configuring Port Mirroring Defining Port Settings The Port Settings Page contains fields for de...

Страница 76: ...ort Setting Configuration Page opens Figure 52 Port Setting Configuration Page The Port Setting Configuration Page contains the following fields Port Lists the names of configured ports Description Pr...

Страница 77: ...ype determines what speed setting options are available Admin speed can only be designated when auto negotiation is disabled The possible field values are 10M Indicates the port is currently operating...

Страница 78: ...mode Enable Indicates that flow control is currently enabled for the selected port Disable Indicates that flow control is currently disabled for the selected port This is the default value Current Flo...

Страница 79: ...ng 1 Click Layer 1 Port Mirroring The Port Mirroring Page opens Figure 53 Port Mirroring Page The Port Mirroring Page contains information about all port mirrors currently defined on the device The fo...

Страница 80: ...s the port from which traffic is to be analyzed Type Indicates the port mode configuration for port mirroring The possible field values are Rx Only Defines the port mirroring on receiving ports Tx Onl...

Страница 81: ...uring Ports Setting Ports Configurations Page 81 3 Define the Type field 4 Click Apply The Port mirroring is modified and the device is updated 5 Click Save Config on the menu to permanently save the...

Страница 82: ...on the port The port is in full duplex mode All ports in the trunk have the same ingress filtering and tagged modes All ports in the trunk have the same back pressure and flow control modes All ports...

Страница 83: ...ffic Down Indicates the trunk is not currently linked and is not forwarding or receiving traffic Speed Displays the configured aggregated rate for the trunk The possible field values are 10 Indicates...

Страница 84: ...to all interfaces 2 Click Modify The Trunk Setting Configuration Page opens Figure 57 Trunk Setting Configuration Page The Trunk Setting Configuration Page contains the following fields Trunk Lists th...

Страница 85: ...hat the trunk advertises for a 10 Mbps speed trunk and full duplex mode setting 100 Half Indicates that the trunk advertises for a 100 Mbps speed trunk and half duplex mode setting 100 Full Indicates...

Страница 86: ...efined trunks To modify Port Trunking settings 1 Click Layer 1 Port Trunking The Port Trunking Page opens Figure 58 Port Trunking Page The Port Trunking Page contains information about all port trunks...

Страница 87: ...ed LACP Indicates if LACP is enabled on the trunk The possible field values are Checked Enables LACP on the trunk Unchecked Disables LACP on the trunk This is the default value 4 Modify the Trunk LACP...

Страница 88: ...ins fields for configuring LACP trunks To configure LACP for trunks 1 Click Layer 1 LACP The LACP Page opens Figure 60 LACP Page The LACP Page contains the following fields LACP System Priority Specif...

Страница 89: ...Configuring Ports Aggregating Ports Page 89 Figure 61 LACP Configuration Page 3 Define the fields 4 Click Apply The LACP settings are saved and the device is updated...

Страница 90: ...C Addresses The MAC Address Page contains parameters for querying information in the Static MAC Address Table and the Dynamic MAC Address Table in addition to viewing and configuring Unicast addresses...

Страница 91: ...te All Dynamic MAC Addresses Clicking Delete removes all dynamic addresses from the MAC Address Table 2 Define the fields for the Unicast or Multicast MAC addresses to add 3 Click Add The Add MAC Addr...

Страница 92: ...AC Address Page opens 2 Click View Depending on whether View Static or View Dynamic is chosen the View Static MAC Address Table Page or View Dynamic MAC Address Table Page opens Figure 64 View Static...

Страница 93: ...nd Multicast domains Broadcast and Multicast traffic is transmitted only in the VLAN in which the traffic is generated VLAN tagging provides a method of transferring VLAN information between VLAN awar...

Страница 94: ...N VLAN Name Displays the user defined VLAN name VLAN Type Displays the VLAN type The possible field values are Dynamic Indicates the VLAN was dynamically created through GARP Static Indicates the VLAN...

Страница 95: ...value for all interfaces Excluded Indicates that the port is excluded from the VLAN Forbidden Indicates that the port cannot be included in the VLAN 2 Click the Add button The Add VLAN Page opens Fig...

Страница 96: ...e VLAN mapping is displayed Trunk Specifies the trunk for which the VLAN mapping is displayed Interface Displays the port or trunk number Interface VLAN Mode Indicates the interface membership status...

Страница 97: ...es ingress filtering on the device Ingress filtering discards packets that are defined to VLANs of which the specific port is not a member Disable Disables ingress filtering on the device Reserved VLA...

Страница 98: ...embership In the GVRP Page users can do the following tasks Configuring GVRP Enabling Disabling GVRP on a Port Caution The settings for the three GVRP timers must be the same on all GVRP active device...

Страница 99: ...N creation on the interface Disable Disables Dynamic VLAN creation on the interface GVRP Registration Indicates if VLAN registration through GVRP is enabled on the interface The possible field values...

Страница 100: ...e The MAC Based Groups Page contains the following fields MAC Based Group In the MAC Based Group table network managers group VLANs based on the VLAN MAC address MAC Address Displays the MAC address a...

Страница 101: ...o the fields in the MAC Based Groups Page the Add MAC Address Group Page contains the following additional fields Host Defines the specified MAC address as the only address associated with the VLAN gr...

Страница 102: ...l fields Group Type Indicates the VLAN Group to which interfaces are mapped The possible field value is MAC based Indicates that interfaces are mapped to MAC based VLAN groups 3 Select a VLAN to map w...

Страница 103: ...erver which are Error The following table lists the available system log severity levels and the corresponding messages Table 3 System Log Severity Levels Severity Level Description Message Emergency...

Страница 104: ...mation Type Indicates the log type included in the output The possible values are Console Indicates that the output is of a console log Temporary Indicates that the output is of the temporary memory l...

Страница 105: ...a Log Type in the Configure Log Outputs table 3 Click Add The Add Syslog Page opens Figure 78 Add Syslog Page The Add Syslog Page contains the following fields Log Server IP Address Defines the IP ad...

Страница 106: ...elect the entry in the Log Table and click Modify The Event Log Configuration Page opens Figure 79 Event Log Configuration Page 2 Define the relevant fields 3 Click Apply The Server Log configuration...

Страница 107: ...following information Log Index The log index number Log Time The date and time that the log was entered Severity The severity of the event for which the log entry was created Description The event de...

Страница 108: ...on configuring Classic STP see Configuring Classic Spanning Tree Rapid STP Detects and uses network topologies that provide faster convergence of the spanning tree without creating forwarding loops F...

Страница 109: ...nables STP on the device Disable Disables STP on the device STP Operation Mode Specifies the STP mode that is enabled on the device The possible field values are Classic STP Enables Classic STP on the...

Страница 110: ...is 6 40 seconds the default value is 20 seconds Forward Delay Specifies the device Forward Delay Time in seconds The Forward Delay Time is the time interval during which a bridge remains in the liste...

Страница 111: ...erface Configuration Page The STP Interface Configuration Page contains the following sections STP Port Parameters table Global System Trunk table The parameters listed in both tables are identical Th...

Страница 112: ...d The port or trunk through which the designated switch is attached to the LAN Alternate Provides an alternate path to the root switch from the root interface Backup Provides a backup path to the desi...

Страница 113: ...ng Tree Configuration Page contains the following fields Default Path Cost Select if the default path cost of the port is automatically set by the port speed and the default path cost method 5 Select...

Страница 114: ...port and stacking member for which the RSTP settings are displayed Trunk Specifies the trunk for which the RSTP settings are displayed Interface Displays the port or trunk on which Rapid STP is enabl...

Страница 115: ...to Point Operational Status Displays the point to point operating state Activate Protocol Migration Test Select to run a Protocol Migration Test The test identifies the STP mode of the interface conne...

Страница 116: ...port can be placed in the Forwarding state in another STP instance This section contains the following topics Defining MSTP Properties Defining MSTP Interfaces Defining MSTP Instance Mappings Definin...

Страница 117: ...ee Master instance The IST Master is the specified instance root Configure Interface Settings Click Configure to assign MSTP settings to a specific interface Configure Instance Mapping Click Configure...

Страница 118: ...the root device Designated Indicates the port or trunk through which the designated device is attached to the LAN Alternate Provides an alternate path to the root device from the root interface Backu...

Страница 119: ...elected interface 5 Click Save Config on the menu to save changes permanently 6 To view the MSTP configurations of all interfaces click Interface Table The MSTP Interface Table is displayed In the MST...

Страница 120: ...ayer 2 MSTP The MSTP Page opens 2 Click Configure next to the Configure Instance Mapping option The MSTP Instance Mapping Page opens Figure 89 MSTP Instance Mapping Page The MSTP Instance Mapping Page...

Страница 121: ...Layer 2 MSTP The MSTP Page opens 2 Click Configure next to the Configure Instance Settings option The MSTP Instance Settings Page opens Figure 90 MSTP Instance Settings Page The MSTP Instance Setting...

Страница 122: ...figuring Multiple Spanning Tree Page 122 3 Define the fields 4 Click Apply MSTP is defined for the selected instance and the device is updated The MSTP Page is displayed 5 Click Save Config on the men...

Страница 123: ...its the packets to the relevant ports The Internet Group Management Protocol IGMP allows hosts to notify their local switch or router that they want to receive transmissions assigned to a specific mul...

Страница 124: ...he creation of the Multicast filtering database To configure IGMP Snooping 1 Click Multicast IGMP The IGMP Page opens Figure 91 IGMP Page The IGMP Page contains the following fields Enable IGMP Snoopi...

Страница 125: ...to Learn Indicates if Auto Learn is enabled on the device If Auto Learn is enabled the devices automatically learns where other Multicast groups are located Enables or disables Auto Learn on the Ether...

Страница 126: ...GMP Snooping global parameters are modified and the device is updated 5 Click Save Config on the menu to save the changes permanently Defining Multicast Bridging Groups The Multicast Group Page displa...

Страница 127: ...n the relevant VLAN Disabled is the default value VLAN ID Displays the VLAN for which Multicast parameters are displayed Bridge Multicast Address Identifies the Multicast group MAC address IP address...

Страница 128: ...ess and the Bridge Multicast IP Address 6 Click Apply The new Multicast group is saved and the device is updated To modify a multicast group 1 Click Modify The Multicast Group Configuration Page opens...

Страница 129: ...The Multicast Forward All Page contains the following fields VLAN ID Displays the VLAN for which Multicast parameters are displayed Select the interfaces displayed in the table Ports of Unit Specifie...

Страница 130: ...rfaces to modify 3 Click Modify The Multicast Forward All Configuration Page opens Figure 97 Multicast Forward All Configuration Page 4 Define the Interface Status field 5 Click Apply The Multicast Fo...

Страница 131: ...as of the MIB tree The SNMPv3 security structure consists of security models with each model having its own security levels There are three security models defined SNMPv1 SNMPv2c and SNMPv3 Users are...

Страница 132: ...se Default Restores default SNMP settings using the Local Engine ID Enable SNMP Notifications Indicates if SNMP traps are enabled for the device The possible values are Checked Traps are enabled Unche...

Страница 133: ...communities 1 Click SNMP Community The SNMP Global Page opens The SNMP Community Page opens Figure 99 SNMP Community Page The SNMP Community Page contains the Basic and the Advanced Table SNMP Communi...

Страница 134: ...ties Advanced Table contains the following fields Management Station Displays the management station IP address for which the advanced SNMP community is defined 0 0 0 0 indicates all management statio...

Страница 135: ...iguring SNMP Page 135 Figure 101 Community Configuration Page 3 Define the Basic or Advanced configuration of the community 4 Click Apply The SNMP community settings are modified and the device is upd...

Страница 136: ...ld values are SNMPv1 SNMPv1 is defined for the group SNMPv2 SNMPv2 is defined for the group SNMPv3 SNMPv3 is defined for the group Security Level Defines the security level attached to the group Secur...

Страница 137: ...ty Model and Operation 4 Click Apply The new SNMP group is saved To modify an SNMP group 1 Click SNMP Groups The SNMP Group Page opens 2 Click Modify The Group Configuration Page opens Figure 104 Grou...

Страница 138: ...defined user names The field range is up to 30 alphanumeric characters Group Name Contains a list of user defined SNMP groups SNMP groups are defined in the SNMP Group Profile Page Engine ID Displays...

Страница 139: ...ser Page In addition to the SNMP Users Page the Add SNMP User Page contains the following fields Authentication Method Defines the SNMP Authentication method The possible field values are MD5 Key User...

Страница 140: ...ey Privacy Key Defines the Privacy Key LSB If only authentication is required 20 bytes are defined If both privacy and authentication are required 36 bytes are defined Each byte in hexadecimal charact...

Страница 141: ...e opens Figure 108 SNMP Views Page The SNMP Views Page contains the following fields View Name Displays the user defined views The view name can contain a maximum of 30 alphanumeric characters Object...

Страница 142: ...owing options Select from List Select the Subtree from the list provided Pressing the Up and Down buttons allows you to change the priority by moving the selected subtree up or down in the list Insert...

Страница 143: ...sers and the trap type sent SNMP notification filters provide the following services Identifying Management Trap Targets Trap Filtering Selecting Trap Generation Parameters Providing Access Control Ch...

Страница 144: ...times the device resends an inform request The field range is 1 255 The default is 3 SNMPv3 Notification Recipient The SNMPv3 Notification Recipient table contains the following fields Recipients IP D...

Страница 145: ...ication recipient settings are saved and the device is updated 5 Click Save Config on the menu to save the changes permanently To modify notification settings 1 Click SNMP Notify The SNMP Notify Page...

Страница 146: ...e 146 Figure 112 SNMP Notify Configuration Page 3 Define the fields 4 Click Apply The SNMP Notification configuration is modified and the device is updated 5 Click Save Config on the menu to save the...

Страница 147: ...ter notifications To configure SNMP notification filters 1 Click SNMP Notify The SNMP Notify Page opens 2 Click Configure next to Configure Notification Filters The SNMP Notification Filter Configurat...

Страница 148: ...ed from either the Select from List or the Object ID field there are two configuration options Select from List Select the OID from the list provided Pressing the Up and Down buttons allows you to cha...

Страница 149: ...e IP phones Powered Devices are connected to the device via Ethernet ports This section includes the following topic Enabling PoE and Setting the Power Threshold Enabling PoE and Setting the Power Thr...

Страница 150: ...power threshold is 95 the threshold is exceeded when the PoE devices require more than 356 25 W Maximum Power Available Indicates the maximum power allocated to the device Unit Number Indicates the s...

Страница 151: ...he port Priority Level Indicates the PoE ports priority The possible values are High Medium and Low The default is Low Class Indicates the power class the IEEE 802 3af class of the device Output Volta...

Страница 152: ...as detected a fault on the powered device For example the powered device memory could not be read Test Indicates the powered device is being tested For example a powered device is tested to confirm it...

Страница 153: ...ority Ensures that time sensitive applications are always forwarded Strict Priority SP allows the prioritization of mission critical time sensitive traffic over less time sensitive applications For ex...

Страница 154: ...Enable QoS Mode Indicates if QoS is enabled on the device The possible values are Checked Enables QoS on the device Unchecked Disables QoS on the device Trust Mode Defines which packet fields to use...

Страница 155: ...interface Unchecked Maintains the current CoS settings This is the default value 2 Select the interfaces 3 Check the Restore Defaults option where needed 4 Click Modify The CoS Configuration Page open...

Страница 156: ...ttings for the defined CoS and DSCP and contains the following fields Select Schedule Defines the priority method in queuing Strict Priority Indicates that traffic scheduling for the selected queue is...

Страница 157: ...oS Page contains the following fields Restore Defaults Restores the device factory defaults for mapping CoS tags to a forwarding queue Class of Service Specifies the CoS priority tag values where zero...

Страница 158: ...ffic queues For example a packet with a DSCP tag value of 3 can be assigned to queue 2 To set DSCP to queues 1 Click Services Queuing Scheduling The CoS Queuing Scheduling Page opens 2 In the Configur...

Страница 159: ...our traffic priority queues are supported 4 Modify the Queue values 5 Click Apply The DSCP to Queue mapping is updated 6 Click Save Config on the menu to save the changes permanently Configuring QoS B...

Страница 160: ...ss ports Defines the amount of bandwidth assigned to the interface The available values are3 5 Mbps 1 Gbps for FE ports the maximum value equals the maximum port speed Egress Shaping Rates Indicates t...

Страница 161: ...a backup copy of the device configuration Up to five backup configuration files can be saved on the device with user configured names These files are generated when the user copies the Running Config...

Страница 162: ...The possible field values are Checked System restarts after the Configuration File is restored to the factory defaults Unchecked After the Configuration File is restored to the factory defaults the s...

Страница 163: ...wing fields TFTP Operation Defines the type of TFTP operation and the type of file The possible values are Download Downloads a firmware or configuration file depending on the selection below Upload U...

Страница 164: ...e Copies the Firmware or the Boot file from the Stacking Master Software Image Downloads the Image file Destination Unit Downloads firmware or the Boot file to the designated unit The values are All C...

Страница 165: ...le Length test To perform a copper cable test 1 Click Utilities Cable Test The Cable Test Page opens Figure 126 Cable Test Page The Cable Test Page displays the following information Unit Number Indic...

Страница 166: ...an only be performed when the port is up and operating at 1 Gbps 2 Select the Unit Number and the Port 3 Click Test The cable test is performed 4 Click Advanced The Cable Test Configuration Page opens...

Страница 167: ...ace configuration information is displayed Port Displays the IP address of the port on which the cable is tested Temperature Celsius Displays the temperature oC at which the cable is operating Voltage...

Страница 168: ...he current device configuration from being lost To reset the device 1 Click Utilities Reset The Reset Page opens Figure 129 Reset Page 2 Select the Reset Unit No The possible values are 1 Reset the Ma...

Страница 169: ...istics Managing RMON Statistics Viewing Device Statistics This section contains the following topics Viewing Interface Statistics Viewing Etherlike Statistics Viewing Interface Statistics The Interfac...

Страница 170: ...Total Bytes Octets Displays the number of octets received on the selected interface Unicast Packets Displays the number of Unicast packets received on the selected interface Multicast Packets Displays...

Страница 171: ...ific trunk for which the Etherlike statistics are displayed Refresh Rate Defines the frequency of the interface statistics updates The possible field values are No Refresh Indicates that the Etherlike...

Страница 172: ...isplays the number of received paused frames on the selected interface Transmitted Paused Frames Displays the number of paused frames transmitted from the selected interface 2 Select the Interface and...

Страница 173: ...d on the device The RMON Statistics Page contains statistics for both received and transmitted packets To view RMON statistics 1 Click Statistics RMON Statistics The RMON Statistics Page opens Figure...

Страница 174: ...occurred on the interface since the device was last refreshed Undersize Packets Displays the number of undersized packets less than 64 octets received on the interface since the device was last refre...

Страница 175: ...ion was taken Trunk Specifies the trunk from which the RMON information was taken Sampling Interval Indicates in seconds the time period that samplings are taken from the ports The field range is 1 36...

Страница 176: ...ield range is 1 65535 The default value is 50 3 Define the Source Interface Owner Max No of Samples to Keep and Sampling Interval fields 4 Click Apply The new entry is added to the history table and t...

Страница 177: ...nge is 0 20 characters Each table entry represents all counter values compiled during a single sample Sample No Displays the entry number for the History Control Table page Received Bytes Octets Displ...

Страница 178: ...ncluding FCS octets received on the interface since the device was last refreshed Jabbers Displays the total number of received packets that were longer than 1518 octets This number excludes frame bit...

Страница 179: ...ent Entry Displays the event Community Displays the community to which the event belongs Description Displays the user defined event description Type Describes the event type Possible values are Log I...

Страница 180: ...y is added and the device is updated To modify the RMON Event entry settings 1 Click Statistics RMON Events The RMON Events Page opens 2 Click Modify The RMON Events Configuration Page opens Figure 13...

Страница 181: ...ON Events Table 1 Click Statistics RMON Events The RMON Events Page opens 2 Click View The RMON Events Logs Page opens Figure 140 RMON Events Logs Page The RMON Events Logs Page contains the following...

Страница 182: ...ays interface for which RMON statistics are displayed The possible field values are Port Displays the RMON statistics for the selected port Trunk Displays the RMON statistics for the selected trunk Co...

Страница 183: ...the alarm generation Rising is defined by crossing the threshold from a low value threshold to a higher value threshold Interval sec Defines the alarm interval time in seconds Owner Displays the devi...

Страница 184: ...Viewing Statistics Managing RMON Statistics Page 184 Figure 143 Alarm Configuration Page 3 Define the fields 4 Click Apply The RMON alarm is saved and the device is updated...

Страница 185: ...cts and reconfigures the ports with minimal operational impact in the event of Unit Failure Inter unit Stacking Link Failure Unit Insertion Removing a Stacking Unit This section includes the following...

Страница 186: ...on Guide Removing and Replacing Stacking Members Stacking member 1 and stacking member 2 are Master enabled units Unit 1 and Unit 2 are either designated as Stacking Master or Secondary Master The Sta...

Страница 187: ...ck member is removed from the stack and then replaced with a unit with the same Unit ID the stack member is configured with the original device configuration Only ports which are physically present ar...

Страница 188: ...ds Force Master The unit is forced to be master of the stack Note that only Unit 1 or Unit 2 can be the stack master Unit No Indicates the Unit ID assigned to the unit in the current stacking configur...

Страница 189: ...erminal or a desktop or portable system with a serial port and running VT100 terminal emulation software The CLI can be accessed through the connected Terminal To connect a terminal to the device Cons...

Страница 190: ...onfigurations are required Static IP Address and Subnet Mask User Name Static IP Address and Subnet Mask IP interfaces can be configured on each port of the device After entering the configuration com...

Страница 191: ...configured user name is entered as a login name for remote management sessions To configure user name and privilege level enter the command at the system prompt as shown in the configuration example D...

Страница 192: ...Copy 3329361 bytes copied in 00 03 00 hh mm ss console show bootvar Unit Image Filename Version Date Status 1 1 image 1 v1 1 0 29 25 Nov 2007 12 46 12 Not active 1 2 image 2 v1 1 0 29 25 Nov 2007 12 4...

Страница 193: ...t the device The device boots up with the updated boot and system files Console copy tftp 172 16 101 101 file1 ros image Accessing file file1 on 172 16 101 101 Loading file1 from 172 16 101 101 09 Jul...

Страница 194: ...g Member To download software an Stacking Member number 3 perform the following 1 Power up the stack as described in the Allied Telesis AT S95 Installation Guide The CLI command prompt is displayed 2...

Страница 195: ...umber 1 instead of number 3 as per the previous example 2 Enter the copy command to copy the software from the Stacking Master to the Stacking Member To copy the software from the Stacking Master to a...

Страница 196: ...system defaults and includes the following topics RS 232 Port Settings Port Defaults Configuration Defaults Security Defaults Jumbo Frame Defaults System Time Defaults Spanning Tree Defaults Address T...

Страница 197: ...t defaults Data Bits 8 Stop Bits 1 Parity None Flow Control None Baud Rate 115 200 bps Auto Negotiation Enabled Auto Negotiation advertised capabilities Enabled Auto MDI MDIX Enabled Head of Line Bloc...

Страница 198: ...lts Jumbo Frame Defaults The following is the Jumbo Frame default System Time Defaults The following is the system time default Default User Name manager Default Password friend System Name None Comme...

Страница 199: ...wing are the VLAN defaults STP Enabled STP Port Disabled Rapid STP Enabled Multiple STP Disabled Fast Link Disabled Path Cost Long Number of MAC Entries 8 000 MAC Address Aging Time 300 seconds VLAN A...

Страница 200: ...The following are the Multicast defaults QoS Defaults The following are the QoS defaults Possible Trunks 8 Possible Ports per Trunk 8 LACP Ports Trunk 16 IGMP Snooping Disable Maximum Multicast Groups...

Страница 201: ...ation Rate 164 Copper cables 169 CRC 182 Critical 107 D Daylight Saving Time DST configuration broadcast time 22 DST per country 23 parameters 22 Debug 108 Default gateway 19 Delta 186 device manageme...

Страница 202: ...120 Multicast 128 130 133 Multicast Forwarding 127 Multicast groups 128 Multiple Spanning Tree Protocol MSTP 120 N Notice 107 Notifications 136 148 O Object ID 145 Offset 21 22 Option 82 70 71 P Path...

Страница 203: ...89 Stacking Master 190 STP 113 115 119 STP configuration Fast Link 116 Stratum 21 Strict Priority 157 160 Subtree ID 152 Suspended 80 system log configuration 108 modify 110 severity levels 107 System...

Отзывы:

Нет отзывов

Похожие инструкции для AT-S94

Бренд: Sagem Страницы: 19

Бренд: D-Link Страницы: 12

Бренд: i-MO Страницы: 58

grandMA2 Series

Бренд: MA lighting Страницы: 36

ADSL 2/2+ Router with USB Port ADE-3410v2

Бренд: Planet Страницы: 62

Бренд: FS Страницы: 19

Бренд: TP-Link Страницы: 7

Бренд: TRENDnet Страницы: 10

Бренд: Keysight Technologies Страницы: 106

Бренд: Ubiquiti Страницы: 20

Бренд: Milesight Страницы: 15

TE100S8P - Fast Ethernet Switch

Бренд: TRENDnet Страницы: 11

Fast EtherLink XL PCI 10/100BASE-TXNetwork Interface...

Бренд: 3Com Страницы: 12

Бренд: Avigilon Страницы: 12

SecPath F50X0 Series

Бренд: H3C Страницы: 41

LN1000 - RELEASE NOTES 8-27-2010

Бренд: Juniper Страницы: 64

ReadyNAS Duo v2

Бренд: NETGEAR Страницы: 100

Elinx EIRP410-2SFP-T

Бренд: B&B Electronics Страницы: 24

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды