manualshive.com logo in svg

Black Box LE2700A, Руководство пользователя, Страница: 107 / 154

Поделиться
Скачать
Black Box LE2700A Скачать руководство пользователя страница 107

724-746-5500   |   blackbox.com 

Page 107

Chapter 5: Management

 

Table 5-79 (continued). RADIUS Accounting Statistics for Server #1 screen options.

Label

Description

Other info

This section contains information about the state of the server and the latest round-trip time.

5.8.6 NAS (802.1x)

This page allows you to configure the IEEE 802.1X and MAC-based authentication system and port settings.

The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by 
requiring users to first submit credentials for authentication. One or more central servers (the backend servers) determine whether 
the user is allowed access to the network. These backend (RADIUS) servers are configured on the authentication configuration 
page.

MAC-based authentication allows for authentication of more than one user on the same port, and does not require the users to 
have special 802.1X software installed on their system. The switch uses the users’ MAC addresses to authenticate against the 
backend server. As intruders can create counterfeit MAC addresses, MAC-based authentication is less secure than 802.1X  
authentication.

Overview of 802.1X (Port-Based) Authentication

In an 802.1X network environment, the user is called the supplicant, the switch is the authenticator, and the RADIUS server is the 
authentication server. The switch acts as the man-in-the-middle, forwarding requests and responses between the supplicant and 
the authentication server. Frames sent between the supplicant and the switch are special 802.1X frames, known as EAPOL (EAP 
Over LANs) frames which encapsulate EAP PDUs (RFC3748). Frames sent between the switch and the RADIUS server are RADIUS 
packets. RADIUS packets also encapsulate EAP PDUs together with other attributes like the switch's IP address, name, and the 
supplicant's port number on the switch. EAP is very flexible as it allows for different authentication methods, like MD5-Challenge, 
PEAP, and TLS. The important thing is that the authenticator (the switch) does not need to know which authentication method 
the supplicant and the authentication server are using, or how many information exchange frames are needed for a particular 
method. The switch simply encapsulates the EAP part of the frame into the relevant type (EAPOL or RADIUS) and forwards it.

When authentication is complete, the RADIUS server sends a special packet containing a success or failure indication. Besides for-
warding the result to the supplicant, the switch uses it to open up or block traffic on the switch port connected to the supplicant.

NOTE:  In an environment where two backend servers are enabled, the server timeout is configured to X seconds (using the 

authentication configuration page), and the first server in the list is currently down (but not considered dead), if the  
supplicant retransmits EAPOL Start frames at a rate faster than X seconds, it will never be authenticated because the switch 
will cancel on-going backend authentication server requests whenever it receives a new EAPOL Start frame from the sup-
plicant. Since the server has not failed (because the X seconds have not expired), the same server will be contacted when 
the next backend authentication server requests from the switch. This scenario will loop forever. Therefore, the server  
timeout should be smaller than the supplicant's EAPOL Start frame retransmission rate.

Содержание LE2700A

Страница 1: ...ies Hardened Managed Modular Switches LE2700A LE2710C LE2721C LE2700AE LE2711C LE2722C LE2700UK LE2720C LE2731C Order toll free in the U S Call 877 877 BBOX outside U S call 724 746 5500 FREE technica...

Страница 2: ...is Manual Black Box and the Double Diamond logo are registered trademarks of BB Technologies Inc Any other trademarks mentioned in this manual are acknowledged to be the property of the trademark owne...

Страница 3: ...en the equipment is operated in a commercial environment Operation of this equipment in a residential area is likely to cause interference in which case the user at his own expense will be required to...

Страница 4: ...n el flujo de aire por los orificios de ventilaci n 10 El equipo el ctrico deber ser situado fuera del alcance de fuentes de calor como radiadores registros de calor estufas u otros aparatos incluyend...

Страница 5: ...19 3 3 1 Grounding 19 3 3 2 Fault Relay 19 3 3 3 Redundant Power Inputs 19 3 4 Connection 20 3 4 1 Cables 20 3 4 2 SFP 22 3 4 3 B Ring B Chain 22 4 Redundancy 25 4 1 B Ring 25 4 1 1 Introduction 25 4...

Страница 6: ...68 5 5 5 SNMP View Configurations 68 5 5 6 SNMP Access Configurations 69 5 6 Traffic Prioritization 70 5 6 1 Storm Control 70 5 6 2 Port Classification 71 5 6 3 Port Tag Remaking 72 5 6 4 Port DSCP 73...

Страница 7: ...nitor and Diag 118 5 10 1 MAC Table 118 5 10 2 Port Statistics 120 5 10 3 Port Mirroring 122 5 10 4 System Log Information 123 5 10 5 Cable Diagnostics 124 5 10 6 SFP Monitor 125 5 10 7 Ping 125 5 11...

Страница 8: ...sed port security Port based network access control 802 1x Single 802 1x and Multiple 802 1x MAC based authentication QoS assignment Guest VLAN MAC address limit TACACS VLAN 802 1Q to segregate and se...

Страница 9: ...ng 1 Fault 1 Def 1 Link 1 SPD 1 FDX 1 RMT 28 Port LEDs LE2720C 2 LEDs per port LE2731C 1 LED per port Environmental Temperature Tolerance Operating 40 to 185 F 40 to 85 C Storage 40 to 185 F 40 to 85...

Страница 10: ...0C 4 port 100FX multimode 2 km SC module LE2711C 4 port 100FX multimode 2 km ST module LE2720C 8 port 10 100 1000BASE T RJ 45 module LE2721C 8 port 100 1000 Mbps SFP module LE2722C 4 port 100 1000 Mbp...

Страница 11: ...d LE2700UK LE2700 Series Hardened Managed Modular Switch with power supply UK power cord LE2710C 4 port 100FX multimode 2 km SC module LE2711C 4 port 100FX multimode 2 km ST module LE2720C 8 port 10 1...

Страница 12: ...Overview 2 4 Hardware Description Figure 2 1 Front panel Figure 2 2 Back panel Power module slot 2 Power module slot 1 10 Gigabit or Gigabit Ethernet module installs in slot 4 Power module installed...

Страница 13: ...el name Name of product 2 System and Port status LEDs System LEDs include PWR PWR1 PWR2 R M Ring Fault DEF Port LEDs include LINK SPD FDX port number 3 Serial console port Links to console for managem...

Страница 14: ...SFP module LE2731C 4 port 10 GE SFP module Figure 2 4 SFP Modules Part Number Description Compatible Switch Modules LFP401 SFP 155 Mbps Fiber with Extended Diagnostics 850 nm Multimode LC 2 km LE2721...

Страница 15: ...W2 Green On DC power module 2 activated 4 R M Green On Ring Master 5 Ring Green On Ring enabled Green Slowly blinking Ring structure is broken i e part of the ring is disconnected Green Fast blinking...

Страница 16: ...brackets orientated in front of the rack nest front and rear brackets together Fasten together using remaining M4 screws into counter sunk holes Step 3 Fasten the front mounting bracket to the front o...

Страница 17: ...d 3 respectively Step 3 Switch on the power of the switch Figure 3 4 SFP module 3 2 3 100 1000 Mbps SFP Module LE2722C or 10G SFP Module LE2731C Each LE2700 Series Hardened Managed Modular Switches sw...

Страница 18: ...ts 2 Removing and installing an Ethernet module can shorten its useful life Do not remove and insert the modules more often than is absolutely necessary 3 2 4 Power Module Each LE2700 Series Hardened...

Страница 19: ...he rule of thumb is that wiring sharing similar electrical characteristics can be bundled together 7 Separate input wiring from output wiring 8 Label the wiring to all devices in the system 3 3 1 Grou...

Страница 20: ...AT3 4 5 100 ohm UTP 328 ft 100 m RJ 45 100BASE TX CAT5 100 ohm UTP UTP 328 ft 100 m RJ 45 1000BASE TX CAT5 CAT5e 100 ohm UTP UTP 328 ft 100 m RJ 45 With 1000 100BASE TX 10BASE T cables pins 1 and 2 ar...

Страница 21: ...BI_DA 7 BI_DD BI_DC 8 BI_DD BI_DC NOTE and signs represent the polarity of the wires that make up each wire pair RS 232 port wiring You can manage the LE2700 Series Switch via console ports using a RS...

Страница 22: ...ts connected For information about the port setting please refer to Section 4 1 2 Configuration 3 Connect the last switch to the first switch to form a ring topology B Ring Figure 3 10 B Ring Coupling...

Страница 23: ...hile the other will act as the backup path that is activated when the primary path connection fails B Ring Figure 3 12 Dual homing B Chain When connecting multiple B Rings to meet your expansion deman...

Страница 24: ...746 5500 blackbox com Page 24 Chapter 3 Hardware Installation 3 Once the setting is completed one of the connections will act as the main path and the other as the backup path B Ring Figure 3 13 B Ch...

Страница 25: ...fast recover technology 4 1 2 Configurations B Ring supports three ring topologies Ring Master Coupling Ring and Dual Homing You can configure the settings in the interface below Table 4 1 Configurati...

Страница 26: ...ations of current redundant ring technologies 4 2 2 Configurations B Chain is very easy to configure and manage Only one edge port of the edge switch needs to be defined Other switches beside them jus...

Страница 27: ...loop and hence caus ing congestion in the network STP can identify the best path to the destination and block all other paths The blocked links will stay connected but inactive When the best path fail...

Страница 28: ...rent STP port role of the CIST port The values include AlternatePort BackupPort RootPort and DesignatedPort State The current STP port state of the CIST port The values include Blocking Learning and F...

Страница 29: ...guration screen options Label Description Protocol Version The version of the STP protocol Valid values include STP RSTP and MSTP Forward Delay The delay used by STP bridges to transit root and design...

Страница 30: ...switches with the same VLANs at least one MST instance and the same MST region name Therefore switches can use different paths in the network to effectively balance loads Port Settings This page allo...

Страница 31: ...u to enter a user defined value The path cost is used when establishing an active topology for the network Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports The r...

Страница 32: ...the MSTI The VLANs must be separated with commas and or space A VLAN can only be mapped to one MSTI An unused MSTI will be left empty ex without any mapped VLANs Save Click to save changes Reset Clic...

Страница 33: ...orts in favor of higher path cost ports The range of valid values is 1 to 200000000 Priority Configures the priority for ports having identical port costs See above OpenEdge setate flag A flag indicat...

Страница 34: ...connects to a point to point LAN rather than a shared medium This can be configured automatically or set to true or false manually Transiting to forwarding state is faster for point to point LANs tha...

Страница 35: ...ow Java applets to open sockets You need to modify the browser setting sepa rately in order to enable Java applets for network ports Preparing for Web Management You can access the management page of...

Страница 36: ...em information configuration screen options Label Description System Name An administratively assigned name for the managed node By convention this is the node s fully qualified domain name A domain n...

Страница 37: ...o any changes made locally and revert to previously saved values 5 1 2 Admin Password This page allows you to configure the system password required to access the web pages or log in from CLI Figure 5...

Страница 38: ...mation of the switch in this page Figure 5 7 IP Configuration screen Table 5 4 IP Configuration screen options Label Description DHCP Client Enable the DHCP client by checking this box If DHCP fails o...

Страница 39: ...03 4dc7 the symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can appear only once It can also represent a legally valid...

Страница 40: ...undo any changes made locally and revert to previously saved values 5 1 7 SSH You can configure the SSH mode in the following page Figure 5 10 SSH Configuration screen Table 5 7 SSH Configuration scre...

Страница 41: ...ted The columns include the following information Figure 5 12 LLDP Neighbor Information screen Table 5 9 LLDP Neighbor Information screen options Label Description Local Port The port that you use to...

Страница 42: ...time to live Table 5 11 Local Counters options Label Description Local Port The port that receives or transmits LLDP frames Tx Frames The number of LLDP frames transmitted on the port Rx Frames The nu...

Страница 43: ...ately Clear Click to clear the local counters All counters including global counters are cleared upon reboot Auto refresh Check to enable an automatic refresh of the page at regular intervals 5 1 9 Mo...

Страница 44: ...h You can check the Enabled checkbox to activate the function Once the box is checked you will be able to input information in each column Figure 5 17 DHCP Server Configuration screen 5 2 2 Dynamic Cl...

Страница 45: ...ent is used to forward and transfer DHCP mes sages between the clients and the server when they are not in the same subnet domain Relay Information Mode Indicates the existing DHCP relay information m...

Страница 46: ...message containing the information is received The relay statistics show the information of relayed packets of the switch Figure 5 21 DHCP Relay Statistics Table 5 14 DHCP Relay Statistics screen opti...

Страница 47: ...ed when received messages contain relay agent information 5 3 Port Setting Port Setting allows you to manage individual ports of the switch including traffic power and trunks 5 3 1 Port Control This p...

Страница 48: ...wer savings enabled Enabled both link up and link down power savings enabled Total Power Usage Total power consumption of the board measured in percentage Save Click to save changes Reset Click to und...

Страница 49: ...ation By default no ports belong to any aggregation group Only full duplex ports can join an aggregation and the ports must be in the same speed in each group 5 3 3 LACP This page allows you to enable...

Страница 50: ...LACP activity status Active will transmit LACP packets every second while Passive will wait for a LACP packet from a partner speak if spoken to Save Click to save changes Reset Click to undo any chang...

Страница 51: ...dress Partner Port The partner s port number associated with the port Refresh Click to refresh the page immediately Auto refresh Check to enable an automatic refresh of the page at regular intervals L...

Страница 52: ...1 to 10 seconds Shutdown Time The period in seconds for which a port will be kept disabled when a loop is detected shutting down the port The valid value is 0 to 604800 seconds 7 days A value of zero...

Страница 53: ...to delete the entry It will be deleted during the next save VLAN ID The VLAN ID for the entry MAC Address The MAC address for the entry Port Members Checkmarks indicate which ports are members of the...

Страница 54: ...affects VLAN ingress processing If the port only accepts tagged frames untagged frames received on the port will be discarded By default the field is set to All Port VLAN Mode The allowed values are N...

Страница 55: ...ID and is forwarded When the port receives tagged frames 1 If the tagged frame contains a TPID of 0x8100 it will be forwarded 2 If the TPID of tagged frame is not 0x8100 ex 0x88A8 it will be discarded...

Страница 56: ...724 746 5500 blackbox com Page 56 Chapter 5 Management Figure 5 34...

Страница 57: ...724 746 5500 blackbox com Page 57 Chapter 5 Management Figure 5 35...

Страница 58: ...ox com Page 58 Chapter 5 Management Examples of VLAN Settings VLAN Access Mode Figure 5 36 Switch A Port 7 is VLAN Access mode Untagged 20 Port 8 is VLAN Access mode Untagged 10 Below are the switch s...

Страница 59: ...blackbox com Page 59 Chapter 5 Management Figure 5 38 VLAN 1Q Trunk Mode Figure 5 39 Switch B Port 1 VLAN 1Qtrunk mode tagged 10 20 Port 2 VLAN 1Qtrunk mode tagged 10 20 Below are the switch settings...

Страница 60: ...724 746 5500 blackbox com Page 60 Chapter 5 Management Figure 5 41 VLAN Hybrid Mode Port 1 VLAN Hybrid mode untagged 10 Tagged 10 20 Below are the switch settings Figure 5 42 Figure 5 43...

Страница 61: ...agement VLAN QinQ Mode VLAN QinQ mode is usually adopted when there are unknown VLANs as shown in the figure below VLAN X Unknown VLAN Figure 5 44 VLAN QinQ mode Port 1 VLAN Settings Figure 5 45 VLAN...

Страница 62: ...ere Port members of each private VLAN can be added or removed here Private VLANs are based on the source port mask and there are no connections to VLANs This means that VLAN IDs and private VLAN IDs c...

Страница 63: ...LAN to add a new private VLAN ID An empty row is added to the table and the private VLAN can be configured as needed The allowed range for a private VLAN ID is the same as the switch port number range...

Страница 64: ...length is 0 to 255 and only ASCII characters from 33 to 126 are allowed The field only suits to SNMPv1 and SNMPv2c SNMPv3 uses USM for authentication and privacy and the community string will be assoc...

Страница 65: ...address of this switch IPv6 address consists of 128 bits represented as eight groups of four hexadecimal digits with a colon separating each field For example in fe80 215 c5ff fe03 4dc7 the symbol is...

Страница 66: ...mmunity Figure 5 52 SNMPv3 Communities Configuration screen Table 5 32 SNMPv3 Communities Configuration screen options Label Description Delete Check to delete the entry It will be deleted during the...

Страница 67: ...Auth NoPriv no authentication and none privacy Auth NoPriv Authentication and no privacy Auth Priv Authentication and privacy The value of security level cannot be modified if the entry already exists...

Страница 68: ...ld belong to Possible security models included v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM Security Name A string identifying the security name that this entry sh...

Страница 69: ...Model and Security Level Figure 5 56 SNMPv3 Access Configuration screen Table 5 36 SNMPv3 Access Configuration screen options Label Description Delete Check to delete the entry It will be deleted duri...

Страница 70: ...unicast multicast or broadcast traffic across the switch NOTE Frames sent to the CPU of the switch are always limited to approximately 4 kpps For example broadcasts in the management VLAN are limited...

Страница 71: ...5 6 7 QoS class 1 0 2 3 4 5 6 7 If the port is VLAN aware the frame is tagged and Tag Class is enabled then the frame is classified to a QoS class that is mapped from the PCP and DEI value in the tag...

Страница 72: ...ssified to the DEI value in the tag Otherwise the frame is classified to the default DEI value Tag Class Shows the classification mode for tagged frames on this port Disabled Use default QoS class and...

Страница 73: ...DSCP This page allows you to configure basic QoS Port DSCP settings for all switch ports Figure 5 60 QoS Egress Port DSCP Configuration screen Table 5 40 QoS Egress Port DSCP Configuration screen opt...

Страница 74: ...P Translation Egress Remap DP0 table or from the DSCP Translation Egress Remap DP1 table 5 6 5 Port Policing This page allows you to configure Policer settings for all switch ports Figure 5 61 QoS Ing...

Страница 75: ...w applies Enable E Check to enable queue policer for individual switch ports Rate Configures the rate of each queue policer The default value is 500 This value is restricted to 100 to 1000000 when the...

Страница 76: ...icted to 100 to 1000000 when the Unit is kbps and it is restricted to 1 to 3300 when the Unit is Mbps Queues Shaper Unit Configures the rate for each queue shaper The default value is 500 This value i...

Страница 77: ...t is kbps and it is restricted to 1 to 3300 when the Unit is Mbps Queues Shaper Unit Configures the rate of each queue shaper The default value is 500 This value is restricted to 100 to 1000000 when t...

Страница 78: ...r rate as kbps or Mbps The default value is kbps 5 6 8 Port Scheduled This page provides an overview of QoS Egress Port Schedulers for all switch ports Figure 5 65 QoS Egress Port Schedulers screen Ta...

Страница 79: ...S This page allows you to configure basic QoS DSCP based QoS Ingress Classification settings for all switches Figure 5 67 DSCP Based QoS Ingress Classification screen Table 5 47 DSCP Based QoS Ingress...

Страница 80: ...are two configuration parameters for DSCP Translation 1 Translate DSCP can be translated to any of 0 63 DSCP values 2 Classify check to enable ingress classification Egress Configurable egress parame...

Страница 81: ...lass Actual QoS class DPL Actual Drop Precedence Level DSCP Select the classified DSCP value 0 63 5 6 13 QoS Control List This page allows you to edit or insert a single QoS control entry at a time A...

Страница 82: ...Control Valid Control valid values can range from 0x00 to 0xFF or Any The default value is Any SNAP PID valid PID a k a ethernet type values can range from 0x00 to 0xFFFF or Any The default value is A...

Страница 83: ...dividual queues for all switch ports Figure 5 71 Queuing Counters screen Table 5 51 Queuing Counters screen options Label Description Port The switch port number to which the following settings will b...

Страница 84: ...e matched with the frame s content There are three action fields Class DPL and DSCP Class Classified QoS if a frame matches the QCE it will be put in the queue DPL Drop Precedence Level if a frame mat...

Страница 85: ...AN Configurations of IGMP Snooping Each page shows up to 99 entries from the VLAN table with a default value of 20 selected by the Entries Per Page input field When first visited the web page will sho...

Страница 86: ...GMP Snooping Status screen options Label Description VLAN ID The VLAN ID of the entry Querier Version Active Querier version Host Version Active Host version Querier Status Shows the Querier status as...

Страница 87: ...5 56 IGMP Snooping Group Information screen options Label Description VLAN ID The VLAN ID of the group Groups The group address of the group displayed Port Members Ports under this group 5 8 Security...

Страница 88: ...Scan scans IP MAC automatically but no binding function Binding enables binding Under this mode any IP MAC that does not match the entry will not be allowed to access the network Shutdown shuts down...

Страница 89: ...evice MAC Address Specifies MAC address of the device Advanced Configurations Alias IP Address This page provides Alias IP Address configuration Some devices might have more than one IP addresses You...

Страница 90: ...evention screen options Label Description Mode Enables or disables DDOS prevention of the port Sensibility Indicates the level of DDOS detection Possible levels are Low low sensibility Normal normal s...

Страница 91: ...e event Reboot Device if PoE is supported the device can be rebooted The event will be logged Status Indicates the DDOS prevention status Possible statuses are disables DDOS prevention Analyzing analy...

Страница 92: ...on Mode Enables or disables stream monitoring of the port Action Indicates the action to take when the stream gets low Possible actions are no action Log it simply logs the event 5 8 3 ACL Ports This...

Страница 93: ...allowed values are Disabled or a specific port number The default value is Disabled Logging Specifies the logging operation of the port The allowed values are Enabled frames received on the port are...

Страница 94: ...ation screen Table 5 66 ACE Configuration screen Label Description Ingress Port Indicates the ingress port to which the ACE will apply Any the ACE applies to any port Port n the ACE applies to this po...

Страница 95: ...abled port shutdown is disabled for the ACE Counter Indicates the number of times the ACE matched by a frame Figure 5 87 MAC Parameters screen Table 5 67 MAC Parameters screen options Label Descriptio...

Страница 96: ...ID filter for the ACE Any no VLAN ID filter is specified VLAN ID filter status is don t care Specific if you want to filter a specific VLAN ID with the ACE choose this value A field for entering a VLA...

Страница 97: ...than zero must not be able to match this entry Yes IPv4 frames whose MF bit is set or the FRAG OFFSET field is greater than zero must be able to match this entry Any any value is allowed don t care IP...

Страница 98: ...rk sender IP filter is set to Network Specify the sender IP address and sender IP mask in the SIP Address and SIP Mask fields that appear Sender IP Address When Host or Network is selected for the sen...

Страница 99: ...length HLN and protocol address length PLN settings 0 ARP RARP frames where the HLN is equal to Ethernet 0x06 and the PLN is equal to IPv4 0x04 must not match this entry 1 ARP RARP frames where the H...

Страница 100: ...lue The allowed range is 0 to 255 A frame matching the ACE will use this ICMP code value Figure 5 92 TCP Parameters and UDP Parameters screens Table 5 72 TCP Parameters and UDP Parameters screens opti...

Страница 101: ...ata from sender value for the ACE 0 TCP frames where the FIN field is set must not be able to match this entry 1 TCP frames where the FIN field is set must be able to match this entry Any any value is...

Страница 102: ...pond to a previous request This will stop the switch from continually trying to contact a server that it has already determined as dead Setting the dead time to a value greater than 0 zero will enable...

Страница 103: ...rver If the port is set to 0 zero the default port 1813 is used on the RADIUS accounting server Secret The secret up to 29 characters long shared between the RADIUS accounting server and the switch st...

Страница 104: ...is enabled Figure 5 97 RADIUS Accounting Server Status Overview screen Table 5 77 RADIUS Accounting Server Status Overview screen options Label Description The RADIUS server number Click to navigate t...

Страница 105: ...tication Client MIB Use the server drop down list to switch between the backend servers to show related details Figure 5 98 RADIUS Authentication Statistics for Server 1 screen Table 5 78 RADIUS Authe...

Страница 106: ...r Info This section contains information about the state of the server and the latest round trip time Figure 5 99 RADIUS Accounting Statistics for Server 1 screen Table 5 79 RADIUS Accounting Statisti...

Страница 107: ...s which encapsulate EAP PDUs RFC3748 Frames sent between the switch and the RADIUS server are RADIUS packets RADIUS packets also encapsulate EAP PDUs together with other attributes like the switch s I...

Страница 108: ...ation is complete the RADIUS server sends a success or failure indication which in turn causes the switch to open up or block traffic for that particular client using static entries into the MAC Table...

Страница 109: ...to check for activity on the MAC address in question at regular intervals and free resources if no activity is seen within a given period of time This parameter controls exactly this period and can b...

Страница 110: ...switch will cancel on going backend authentication server requests whenever it receives a new EAPOL Start frame from the supplicant Since the server has not failed because the X seconds have not expir...

Страница 111: ...the switch which in turn uses the client s MAC address as both username and password in the subsequent EAP exchange with the RADIUS server The 6 byte MAC address is converted to a string in the follo...

Страница 112: ...l be attempted immediately The button only has effect on successfully authenticated clients on the port and will not cause the clients to be temporarily unauthorized Reinitialize forces a reinitializa...

Страница 113: ...hich port details to be displayed Figure 5 102 NAS Statistics Port 2 screen Table 5 82 NAS Statistics Port 2 screen options Label Description Admin State The port s current administrative state Refer...

Страница 114: ...Backend Server Counters These backend RADIUS frame counters are available for the following administrative states 802 1X MAC based Auth Last Supplicant Client Info Information about the last supplica...

Страница 115: ...83 System Log Configuration screen options Label Description Server Mode Indicates existing server mode When the mode operation is enabled the syslog message will be sent to sys log server The syslog...

Страница 116: ...SMTP Setting screen options Label Description E mail Alarm Enables or disables transmission of system warnings by e mail Sender E mail Address SMTP server IP address Mail Subject Subject of the mail...

Страница 117: ...stem Warning Event Selection screen Table 5 85 System Warning Event Selection screen options Label Description System Cold Start Sends out alerts when the system is restarted Power Status Sends out al...

Страница 118: ...ds This removal is called aging You can configure aging time by entering a value in the box of Age Time The allowed range is 10 to 1000000 seconds You can also disable the automat ic aging of dynamic...

Страница 119: ...mbers Checkmarks indicate which ports are members of the entry Check or uncheck to modify the entry Adding New Static Entry Click to add a new entry to the static MAC table You can specify the VLAN ID...

Страница 120: ...start over Figure 5 110 MAC Address Table screen Table 5 88 MAC Address Table screen options Label Description Type Indicates whether the entry is a static or dynamic entry MAC address The MAC address...

Страница 121: ...tion Filtered The number of received frames filtered by the forwarding process Auto refresh Check to enable an automatic refresh of the page at regular intervals Refresh Updates the counter entries st...

Страница 122: ...of long2 frames received with a valid CRC Rx Fragments The number of short1 frames received with an invalid CRC Rx Jabber The number of long2 frames received with an invalid CRC Rx Filtered The number...

Страница 123: ...re not mirrored Tx only only frames transmitted from this port are mirrored to the mirror port Frames received are not mirrored Disabled neither transmitted nor recived frames are mirrored Enabled bot...

Страница 124: ...ailable entry ID Updates system log entries ending at the last entry currently displayed Updates system log entries starting from the last entry currently displayed Updates system log entries ending a...

Страница 125: ...he length in meters of the cable pair 5 10 6 SFP Monitor SFP modules with DDM Digital Diagnostic Monitoring function can measure the temperature of the apparatus helping you monitor the status of conn...

Страница 126: ...om 10 10 132 20 icmp_seq 1 time 0ms 64 bytes from 10 10 132 20 icmp_seq 2 time 0ms 64 bytes from 10 10 132 20 icmp_seq 3 time 0ms 64 bytes from 10 10 132 20 icmp_seq 4 time 0ms Sent 5 packets received...

Страница 127: ...ps clock output Input enable the 1 pps clock input Disable disable the 1 pps clock in out put External Enable The box allows you to configure external clock output The following values are possible Tr...

Страница 128: ...e one way measurements are used This parameter applies only to a slave In one way mode no delay measurements are performed i e this is applicable only if frequency synchronization is needed The master...

Страница 129: ...ws how much power the powered device currently is using Current Used Shows how much current the PD currently is using Priority Shows the port s priority configured by the user Port Status Shows the po...

Страница 130: ...an reset the stack switch on this page After reset the system will boot normally as if you have powered on the devices Figure 5 124 Warm Reset screen Table 5 99 Factory default prompt screen options L...

Страница 131: ...Page 131 Chapter 5 Management Follow the steps below to access the console via RS 232 serial cable Step 1 On Windows desktop click on Start Programs Accessories Communications HyperTerminal Figure 5...

Страница 132: ...500 blackbox com Page 132 Chapter 5 Management Step 2 Input a name for the new connection Figure 5 126 Connection Description screen Step 3 Select a COM port in the drop down list Figure 5 127 COM por...

Страница 133: ...t properties appears including bits per second data bits parity stop bits and flow control Figure 5 128 COM Properties screen Step 5 The console login screen will appear Use the keyboard to enter the...

Страница 134: ...168 10 254 User Name admin Password admin Follow the steps below to access the console via Telnet Step 1 Telnet to the IP address of the switch from the Run window by inputting commands or from the M...

Страница 135: ...Figure 5 132 Command Groups screen System System Configuration all port_list Reboot Restore Default keep_ip Contact contact Name name Location location Description description Password password Usern...

Страница 136: ...enable disable actiphy dynamic Excessive port_list discard restart Statistics port_list command up down VeriPHY port_list SFP port_list MAC MAC Configuration port_list Add mac_addr port_list vid Delet...

Страница 137: ...Configuration port_list Add pvlan_id port_list Delete pvlan_id Lookup pvlan_id Isolate port_list enable disable Security Security Switch Switch security setting Network Network security setting AAA A...

Страница 138: ...alarm_variable absolute delta rising_threshold rising_event_ index falling_threshold falling_event_index rising falling both Alarm Delete alarm_id Alarm Lookup alarm_id Security Network Security Netwo...

Страница 139: ...d vid tag_prio dmac_type etype etype smac dmac arp sip dip smac arp_opcode arp_flags ip sip dip protocol ip_flags icmp sip dip icmp_type icmp_code ip_flags udp sip dip sport dport ip_flags tcp sip dip...

Страница 140: ...Filter enable disable bpduGuard enable disable recovery timeout CName config name integer Status msti port_list Msti Priority msti priority Msti Map msti clear Msti Add msti vid Port Configuration por...

Страница 141: ...e Key port_list key Role port_list active passive Status port_list Statistics port_list clear LLDP LLDP Configuration port_list Mode port_list enable disable Statistics port_list clear Info port_list...

Страница 142: ...nicast enable disable packet_rate Storm Multicast enable disable packet_rate Storm Broadcast enable disable packet_rate QCL Add qce_id qce_id_next port_list tag vid pcp dei smac dmac_type etype etype...

Страница 143: ...hentication enable disable Period reauth_period Timeout eapol_timeout Statistics port_list clear eapol radius Clients port_list all client_cnt Agetime age_time Holdtime hold_time IGMP IGMP Configurati...

Страница 144: ...etype smac dmac arp sip dip smac arp_opcode arp_flags ip sip dip protocol ip_flags icmp sip dip icmp_type icmp_code ip_flags udp sip dip sport dport ip_flags tcp sip dip sport dport ip_flags tcp_flag...

Страница 145: ...x User Add engineid user_name MD5 SHA auth_password DES priv_password User Delete index User Changekey engineid user_name auth_password priv_password User Lookup index Group Add security_model securit...

Страница 146: ...o Filter clockinst def_delay_filt period dist Servo clockinst displaystates ap_enable ai_enable ad_enable ap ai ad SlaveTableUnicast clockinst UniConfig clockinst index duration ip_addr ForeignMasters...

Страница 147: ...enable disable Alarm PowerFailure pwr1 pwr2 pwr3 enable disable Event Event Configuration Syslog SystemStart enable disable Syslog PowerStatus enable disable Syslog SnmpAuthenticationFailure enable di...

Страница 148: ...ode enable disable Dualhoming Port port Chain Chain Configuration Mode enable disable 1stUplinkPort port 2ndUplinkPort port EdgePort 1st 2nd none RCS RCS Mode enable disable Add ip_addr port_list web_...

Страница 149: ...ource destination Port DDOS Action port_list do_nothing block_1_min block_10_mins block shutdown only_log reboot_device Port DDOS Status port_list Port Alive Mode port_list enable disable Port Alive A...

Страница 150: ...able disable 1stRingPort mrp_port 2ndRingPort mrp_port Parameter MRP_TOPchgT value Parameter MRP_TOPNRmax value Parameter MRP_TSTshortT value Parameter MRP_TSTdefaultT value Parameter MRP_TSTNRmax val...

Страница 151: ...724 746 5500 blackbox com Page 151 NOTES...

Страница 152: ...724 746 5500 blackbox com Page 152 NOTES...

Страница 153: ...724 746 5500 blackbox com Page 153 NOTES...

Страница 154: ...Tech support available in 60 seconds or less Copyright 2014 Black Box Corporation All rights reserved Black Box and the Double Diamond logo are registered trademarks of BB Technologies Inc Any third...

Отзывы:

Нет отзывов