HPE OfficeConnect 1850 Series Скачать руководство пользователя страница 69 | Manualshive

Страница: 69 / 97

background image

Secure Connection

69

Table 36. Advanced Security Configuration Fields

Click

Apply

to save any changes for the current boot session. The changes take effect immediately but

are not retained across a switch reset unless you click

Save Configuration

.

Secure Connection

The HPE OfficeConnect 1850 series switch software allows the administrator to enable or disable
Secure HTTP protocol (HTTPS). When enabled, the administrator can establish a secure connection
with the switch using the Secure Sockets Layer (SSL) protocol. Secure HTTP can help ensure that
communication between the management system and the switch is protected from eavesdropping and
man-in-the-middle attacks.
You can upload an SSL certificate to the switch or have the switch generate its own certificate. The
SSL certificate functions as a digital passport, enabling client web browsers to verify the identity of the
switch before accessing it.

The certificate provides information to the browser such as the server name, the trusted certificate
authority (CA) that issued the certificate, the date it was issued, and the switch’s public key.

Field

Description

Auto DoS

Enable this option to enable all the DoS prevention mechanisms with default values. Enabling

this feature makes all the fields in the remainder of the table inaccessible (grayed-out). When

disabled, you can individually turn on and off the DoS features and change their default

values. This feature and all the individual DoS protections are disabled by default.

Prevent Land Attack

Enable this option to drop packets for which the source IP address equals the destination IP

address.

Prevent TCP Blat Attack

Enable this option to drop packets for which the TCP source port equals the TCP destination

port.

Prevent UDP Blat Attack

Enable this option to drop packets that have a UDP source port equal to the UDP destination

port.

Prevent Invalid TCP Flags

Attack

Enable this option to drop packets that have TCP Flags SYN and FIN set.

Prevent TCP Fragment

Attack

Enable this option to drop IP packets that have an IP fragment offset equal to 1.

Check First Fragment Only

Enable this option to drop packets that have a TCP header smaller than the minimum TCP

header size, which is hard-coded to 20 bytes.

Prevent Smurf Attack

Enable this option to drop ICMP Echo packets (ping) that are sent to a broadcast IP address.

Prevent Ping Flood Attack

Enable this option to prevent ping flooding by limiting the number of ICMP ping packets.

Prevent SYN Flood Attack

Enable this option to limit the rate of TCP connection requests so that they are not received

faster than they can be processed.

NOTE:

SSL is described in client/server terminology, where the SSL-enabled switch is the server and a web
browser is the client.

«
...
67
68
69
70
71
...
»

Содержание OfficeConnect 1850 Series

Страница 1: ...Switch Management and Configuration Guide Abstract Use this guide to assist in managing the following HPE OfficeConnect 1850 switch HPE OfficeConnect 1850 6XGT 2XGT SFP Switch JL169A Part Number 5200 0095 Published September 2016 Edition 1 ...

Страница 2: ...ments Microsoft Windows and Windows NT are US registered trademarks of Microsoft Corporation Java and Oracle are registered trademarks of Oracle and or its affiliates Revision History Open Source Code Notice This product includes code licensed under the GNU General Public License the GNU Lesser General Public License and or certain other open source licenses A complete machine readable copy of the...

Страница 3: ...0 Common Page Elements 11 Saving Changes 11 Graphical Switch 11 Port Configuration and Summary 12 System LEDs 12 Port Status Indicator 12 2 Dashboard 13 3 Setup Network 15 Get Connected 15 System Time Pages 18 System Time 18 Time Configuration 19 Time Zone Configuration 22 Daylight Saving Time Configuration 23 4 Switching Features 25 Port Configuration 25 Port Status 25 Modifying Interface Setting...

Страница 4: ...onfiguration 50 6 Trunks 51 Trunk Configuration 52 Modifying Trunk Settings 53 Trunk Statistics 54 7 Link Layer Discovery Protocol LLDP and LLDP MED 55 LLDP Global Configuration 55 LLDP Local Device Summary 57 Displaying Port Details 58 LLDP Remote Device Summary 59 LLDP Global Statistics 60 LLDP MED Global Configuration 62 LLDP MED Local Device Summary 64 LLDP MED Remote Device Summary 65 Display...

Страница 5: ...r 86 MAC Table 87 11 Maintenance Pages 89 Password Manager 89 Backup and Update Manager 90 Backing Up Files 90 Updating Files 91 Dual Image Configuration 93 A Support and other resources 94 Accessing Hewlett Packard Enterprise Support 94 Accessing updates 94 Websites 95 Customer self repair 95 Remote support 95 Documentation feedback 96 B Warranty information 97 Warranty information 97 ...

Страница 6: ...ts are presumed About Your Switch Manual Set The switch manual set includes the following HPE OfficeConnect 1850 Switch Series Quick Setup Guide and Safety Regulatory Informa tion a printed guide shipped with your switch Provides illustrations for basic installation and setup Also includes product specifications as well as safety and regulatory statements and stan dards supported by the switch HPE...

Страница 7: ...d only community 1 MAC table 16000 entries SNTP server configuration 1 Time zones count 91 Jumbo frame size 9216 bytes Soft session web session timeout 1 min 60 min Hard session web session timeout 1 Hr 168 Hrs Trunk configuration 4 Trunk membership ports 4 VLANs 64 VLAN IDs 1 4093 VLAN priority levels 0 7 Syslog servers 1 Buffered logs 100 total storage 10K Maintenance users 1 Password length 8 c...

Страница 8: ...e same subnet as the switch For example set it to IP address 192 168 1 2 mask 255 255 255 0 4 Enter the IP address 192 168 1 1 in the web browser See page 9 for web browser requirements Thereafter use the web interface to configure a different IP address or configure the switch as a DHCP client so that it receives a dynamically assigned IP address from the network After the switch is able to commu...

Страница 9: ...one has been set and then click Log In By default the username is admin and there is no password After the initial log on the administra tor may configure a password Figure 1 Login Page Operating System Browser Windows 7 Internet Explorer 9 10 Firefox 38 2 1 40 0 3 41 0 b1 beta Chrome 44 0 2403 45 0 2454 46 0 beta Windows 8 8 1 Internet Explorer 11 included in base OS 8 1 Firefox 38 2 1 40 0 3 41 ...

Страница 10: ...en you click Dashboard in the navigation pane See Dashboard on page 13 for more information You can click the Setup Network link beneath Dashboard to display the Get Connected page which you use to set up a management connection to the switch See Get Connected on page 15 for more information The graphical switch displays summary information for the switch LEDs and port status For informa tion on t...

Страница 11: ...guration file in RAM Unless you save them to system flash memory the changes will be lost if the system reboots To save them perma nently click on the upper right side of the page Note that when there are unsaved changes the button displays a file image A page displays to confirm that you want to save followed by a page that confirms that the operation was completed successfully Graphical Switch T...

Страница 12: ... the switch ports or the fan The Status LED for the component with the fault will blink simultaneously Off The switch is powered off or is NOT receiving power Locator Blue Blinking slowly The locator function has been enabled to help physically locate the switch Off The locator function is disabled and the switch is operating properly Port Status Indicator Each port in the device view is visually ...

Страница 13: ...ess for management access and the software and operating system versions This page also shows resource usage statistics This page is displayed when you first log on or when you click Dashboard in the navigation pane Figure 4 Dashboard Page If you update the name location or contact information click Apply to update the switch configuration Your changes take effect immediately but are not retained ...

Страница 14: ...y default System Object ID The base object ID for the switch s enterprise MIB System Up Time The time in days hours and minutes since the last switch reboot Current Time The current time in hours minutes and seconds as configured 24 or 12 hr AM PM format by the user Date The current date in month day and year format Device Information Software Version The version of the code running on the switch ...

Страница 15: ...d as the management port for the network interface The configuration parameters associated with the switch s network interface do not affect the configuration of the front panel ports through which traffic is switched or forwarded except that for the management port the port VLAN ID PVID will be the management VLAN To display the Get Connected page click Setup Network Get Connected In the example ...

Страница 16: ...address to be used When in doubt set this to be the same as the default gateway address used by your PC MAC Address The hardware MAC address of this switch Web Parameters Session Timeout Specify the amount of time in minutes that a connection to the web interface remains active assuming no user activity The range is 1 to 60 and the default is 5 minutes To keep the connection active regardless of u...

Страница 17: ...he management VLAN and port 10 is the management port other ports that are members of VLAN 1 will not provide access to the switch management interface The features that utilize the management port include the following DHCP SNMP SNTP TFTP SNMP SNMP Enable or disable Simple Network Management Protocol SNMP If enabled the administrator can view switch data using an SNMPv1 v2c manager The switch sup...

Страница 18: ...ation bar and ensure that the Clock tab is selected Figure 6 System Time Page Table 3 System Time Fields Field Description Current Time Time The current time This value is determined by an SNTP server When SNTP is disabled the system time increments from 00 00 00 1 Jan 1970 which is set at bootup Date The current date Time Source The source from which the time and date is obtained SNTP The time ha...

Страница 19: ...k System Time in the navigation pane and click the Time tab Time Zone Time Zone The currently set time zone The default is GMT Greenwich Mean Time Dublin Edinburgh Lisbon London Acronym The acronym for the time zone if one is configured on the system e g PST EDT Daylight Saving Time Daylight Saving Time Shows whether Daylight Saving Time DST is enabled and the mode of operation No Daylight Saving ...

Страница 20: ...e Configuration fields are available for configuration SNTP Configuration SNTP Client Select Enabled or Disabled default to configure the SNTP client mode When disabled the system time increments from 00 00 00 1 Jan 1970 which is set at bootup SNTP NTP Server Specify the IPv4 address of the SNTP server to which requests should be sent Server Port Specify the server s UDP port for SNTP The range is...

Страница 21: ...valid Version Not Supported The SNTP protocol version supported by the server is not com patible with the version supported by the switch client Server Unsynchronized The SNTP server is not synchronized with its peers This is indicated via the leap indicator field in the SNTP message Blocked The SNTP server indicated that no further requests were to be sent to this server This is indicated by a st...

Страница 22: ...ime Zone Configuration Fields Click Apply to update the switch configuration Your changes take effect immediately but are not retained across a switch reset unless you click Save Configuration Field Description Time Zone Select the time zone for your location The default is GMT Greenwich Mean Time Dublin Edinburgh Lisbon London Acronym Specify an acronym for the time zone The acronym can have up t...

Страница 23: ...e DST occurs within your time zone When configured the system time adjusts automatically one hour forward at the start of the DST period and one hour backward at the end To display the Daylight Saving Time page click Setup Network System Time in the navigation pane and click the Daylight Saving Time tab Figure 9 Daylight Saving Time Configuration Page ...

Страница 24: ...arry forward to subsequent years When a DST mode is enabled the clock will be adjusted one hour forward at the start of the DST period and one hour backward at the end Date Range Set the following to indicate when the change to DST occurs and when it ends These fields are editable when Non Recurring is selected as the DST mode Start End Date Use the calendar to set the day month and year when the ...

Страница 25: ...enables port configuration To view this page click Switching Port Configuration in the navigation pane Figure 10 Port Status Page Table 7 Port Status Fields Field Description Interface The port or trunk ID Admin Mode The administrative mode of the interface If a port or trunk is administratively disabled it cannot forward traffic Enabled Administratively enabled Disabled Administratively disabled ...

Страница 26: ...ts traffic ingress egress or both to another port the probe port Probe The port is configured to receive mirrored traffic from one or more source ports Port Status The physical status Link Up or Link Down of the link at the port Physical Mode Displays whether Auto negotiation is enabled or disabled on the port If the mode is Auto the port s maximum capability are advertised and the duplex mode and...

Страница 27: ...last clear operation To display the Port Summary Statistics page click Switching Port Configuration in the navigation pane and select the Statistics tab Figure 12 Port Summary Statistics Page Field Description Interface The interface or interfaces to be configured Admin Mode Select Enabled to make the port accessible on the network or Disabled to prevent the port from receiving or forwarding packe...

Страница 28: ...w o Error The count of packets received on the port without any packet errors Received Packets with Error The count of packets received on the port with errors Broadcast Received Packets The count of broadcast packets received on the port Transmitted Packets w o Error The number of packets transmitted out of that port without any packet errors Transmitted Packets with Error The number of packets t...

Страница 29: ...e also displays summary information for all source ports configured for mirror ing To add one or more source ports to mirror to the destination port click Add Source Figure 14 Add Port Mirroring Source Field Description Port Mirroring Enables or disables port mirroring globally on the switch This feature is disabled by default Destination Port Select the switch port to which packets will be mirror...

Страница 30: ...ined across a switch reset unless you click Save Configuration This feature is disabled by default Field Description Available Source Port s Select the source ports or trunks to mirror to the destination port To select multiple source ports hold down Ctrl while selecting ports You can also select the CPU to mirror traffic sent from the switch CPU to the switch interfaces or vice versa Ports that a...

Страница 31: ...itches on a bridged LAN STP allows a network to have redundant paths without the risk of network loops STP uses the spanning tree algorithm to provide a single path between end stations on a network When STP is enabled bridges on a network exchange bridge protocol data units BPDUs to communicate changes in the network topology and to provide information that helps determine the optimal paths betwe...

Страница 32: ...ay the Spanning Tree Status page click Switching Spanning Tree in the navigation pane and make sure the Status tab is selected This page includes information about global STP settings and interface status information Figure 17 Spanning Tree Status Page ...

Страница 33: ...f topology changes since STP was enabled Time Since Last Change Amount of time since the last topology change was detected The format is DD HH MM SS representing the time in Days Hours Minutes and Seconds Spanning Tree Interface Status The following fields list the interfaces on which the feature is enabled See Table 14 on page 37 for descriptions of these features Root Guarded Interfaces A list o...

Страница 34: ...s all ports are in the blocking state The port is blocked to pre vent network loops Forwarding The port sends and receives user traffic Disabled The port is administratively disabled and is not part of the spanning tree This is the default selection Cost The path cost from the port to the root bridge Hello Time The amount of time the root bridge waits between sending hello BPDUs Point to point MAC...

Страница 35: ...entering the existing STP topology Thus devices that were originally not a part of STP are not allowed to influence the STP topology When disabled an edge port that receives a BDPU becomes a non edge port which can affect the STP topology When enabling BPDU Guard also ensure that the desired interfaces are operating as edge ports by enabling the Admin Edge Port mode for each of those interfaces Th...

Страница 36: ...uring the election process all ports are in the blocking state The port is blocked to prevent network loops Listening The port sends and receives BPDUs and evaluates information to provide a loop free topology This state occurs during network convergence and is the first state in transitioning to the forwarding state Learning The port learns the MAC addresses of frames it receives and begins to po...

Страница 37: ...y port that is the port with the lower priority value becomes the root port If the priority values are the same the port with the lower interface index becomes the root port Select a value from 0 to 240 in increments of 16 The default is 128 Admin Edge Port Select this option to administratively configure the port as an edge port that is a port that connects directly to a network host or network s...

Страница 38: ... a port the port does not propagate received topology change notifications and topology changes to other ports This feature is disabled by default Port Status and Statistics Edge Port Indicates whether the port is currently operating as an Edge port either due to administrative configuration or to automatic configuration by the Auto Edge feature Point to point MAC Indicates whether the port connec...

Страница 39: ... received on the port until it is either manually enabled by the administrator or re enabled by the Auto Recovery feature The Auto Recovery feature will automatically re enabled a diagnostically disabled port when the error conditions that caused the port to be disabled are no longer detected The switch utilizes a configu rable Auto Recovery timer to periodically check the error condition at set i...

Страница 40: ...consecutive seconds that port will be disabled again BPDU Rate Limit Auto Recovery is disabled by default Auto Recovery Parameters Recovery Time This configures the Auto Recovery time interval The Auto Recovery time interval is common for both BPDU Guard and BPDU Rate Limit The default value of the timer is 300 seconds and the range is from 30 to 86400 seconds Interface Status Interface The interf...

Страница 41: ...6 When an interface receives a loop protection PDU it compares the source MAC address with its own If the MAC addresses match a loop is detected and a configured action is taken which may include shutting down the port for a specified period An interface can be configured to receive and take action in response to loop protection PDUs but not to send out the PDUs itself Ports on which loop protecti...

Страница 42: ...gured period This is the default Shutdown Port and Log The event will be logged and the port it shut down for the con figured period Log Only The event will be logged and the port remains operational Tx Mode Indicates whether the interface is configured Enabled to send out loop protection protocol data units PDUs to actively detect loops When disabled the interface does not send out loop protectio...

Страница 43: ...nterfaces Figure 23 Edit Loop Protection Port Configuration Page Field Description Loop Protection Select Enabled or Disabled to administratively enable or disable this feature globally on the switch This feature is disabled by default Transmission Time The interval at which the switch sends loop protection PDUs on interfaces that are enabled to send them The range is 1 to 10 seconds and the defau...

Страница 44: ... on static trunks but cannot be enabled on trunks that are dynamically formed through LACP Action Select the action to occur when a loop is detected on a port with loop protection enabled Shutdown Port The port will be shut down for the configured period This is the default selection Shutdown Port and Log The event will be logged and the port it shut down for the con figured period Log Only The ev...

Страница 45: ... network performance When enabled the switch supports IGMPv1 and IGMPv2 To enable IGMP snooping and view global status information click Switching IGMP Snooping in the navigation pane Figure 24 IGMP Snooping Page Table 19 IGMP Snooping Fields If you change the Admin Mode click Apply to save the changes for the current boot session The changes take effect immediately but are not retained across a s...

Страница 46: ...nd station may omit the tag or the VLAN por tion of the tag in which case the first switch port to receive the packet may either reject it or insert a tag using its default VLAN ID A given port may handle traffic for more than one VLAN but it can only sup port one default VLAN ID HPE OfficeConnect 1850 series switches support up to 64 VLANs Viewing VLAN Status and Adding VLANs Use the VLAN Status ...

Страница 47: ...reate up to 64 VLANs Field Description VLAN ID The numerical VLAN identifier VID assigned to the VLAN from 1 to 4093 Note VLAN 0 VID 0x000 in a frame is reserved and is used to indicate that the frame does not belong to any VLAN In this case the 802 1Q tag specifies only a priority and the value is referred to as a priority tag Name A user configurable name that identifies the VLAN If no name is s...

Страница 48: ...iguration page specify the new name consisting of 0 to 32 alphanumeric char acters and click Apply Configuring Interfaces as VLAN Members By default all ports and trunks are assigned membership in the default VLAN VLAN 1 If you create additional VLANs you can add interfaces as members of the new VLANs and configure VLAN tagging settings for the interfaces You can also modify interface memberships ...

Страница 49: ...e included in the frame s Ethernet header Untagged The port is an untagged member of the selected VLAN When frames in this VLAN are forwarded on this port the VLAN ID will not be included in the frame s Ether net header NOTE Consider the following guidelines when editing VLAN port memberships and settings A port can be an untagged member of only one VLAN If you change the VLAN that a port is an un...

Страница 50: ...PVID is not configurable In a tagged frame the VLAN is identified by the VLAN ID in the tag By default the PVID is 1 for all ports which is the VLAN ID of the default VLAN VLAN 1 Port Priority The default 802 1p priority assigned to Layer 2 untagged packets arriving at the port A value of 0 the default indicates the lowest priority commonly used for routine traffic and 7 indicates the highest prio...

Страница 51: ...s This is the default port type All members of a trunk must participate in the same protocols A static trunk interface does not require a partner system to be able to aggregate its member ports From a system perspective a Trunk is treated as a physical port A Trunk and a physical port use the same configuration parameters for administrative enable disable port priority and path cost A trunk failur...

Страница 52: ...ata Units LACPDUs with links in the trunk The PDUs contain infor mation about each link and enable the trunk to maintain them Static Static trunks are assigned to a bundle by the administrator Members do not exchange LACPDUs A static trunk does not require a partner system to be able to aggregate its member ports This is the default port type Note that the loop protection feature is not supported ...

Страница 53: ...ks by default Load Balance The hashing algorithm used to distribute traffic load among the physical ports of the trunk while preserving the per flow packet order The hashing algorithm uses various packet attributes to determine the outgoing physical port The following sets of packet attributes can be used to compute the hashing algorithm Source MAC VLAN EtherType Incoming Port Destination MAC VLAN...

Страница 54: ... the currently selected trunk The changes take effect immediately Trunk Statistics The Trunk Statistics page displays the flap count for each trunk A flap occurs when a trunk interface or trunk member port goes down To display the Trunk page click Trunks Statistics in the navigation pane Figure 32 Trunk Statistics Page Table 25 Trunk Statistics Fields You can click Clear Counters to reset the flap...

Страница 55: ...tions implementing the LLDP transmit function and LLDP DUs are received and processed by stations implementing the receive function The transmit and receive functions can be enabled and disabled separately per port By default both functions are enabled on all ports LLDP MED is an extension of the LLDP standard LLDP MED uses LLDP s organizationally specific Type Length Value TLV extensions and defi...

Страница 56: ...lization Delay Specify the number of seconds to wait before attempting to re initialize LLDP on a port after the LLDP operating mode on the port changes The range is from 1 to 10 seconds and the default is 2 seconds Notification Interval Specify the minimum number of seconds to wait between transmissions of remote data change notifications The range is from 5 to 3600 seconds and the default is 5 s...

Страница 57: ...odify settings on all interfaces click Edit All LLDP Local Device Summary Use the LLDP Local Device Summary page to view LLDP information for switch interfaces To display this page click LLDP Local Devices in the navigation pane Figure 35 LLDP Local Device Summary Page If all LLDP functions are disabled on an interface then it does not appear in the table ...

Страница 58: ...ice Chassis ID Subtype The type of information used to identify the chassis Capabilities Supported The primary function s the device supports Capabilities Enabled The primary function s the device supports that are enabled Interface Description Interface The interface ID Port ID The port identifier which is the physical address associated with the interface Port ID Subtype The type of information ...

Страница 59: ...emote device To display the Remote Device page click LLDP Remote Devices in the navigation pane Figure 37 LLDP Remote Device Summary Page Field Description System Name The user configured system name for the device The system name is configured on the Dashboard page System Description The device description which includes information about the product model and platform Management Address The addr...

Страница 60: ... remote system Port ID The physical address of the port on the remote device that sent the LLDP data Port Description The port description configured on the remote device If the port description is not configured the field may show the interface number of the remote port or it may be blank System Name The system description configured on the remote device If the system description is not configure...

Страница 61: ...es associated with the remote systems because of insufficient resources Age Outs The number of times the complete set of information advertised by a particular MSAP has been deleted from tables associated with the remote systems because the information timeliness interval has expired Time Since Last Update Time when an entry was created modified or deleted in the tables associated with the remote ...

Страница 62: ... Protocol Media Endpoint Discovery LLDP MED settings click LLDP MED Configuration in the navigation pane Figure 39 LLDP MED Global Configuration Page The following global settings display Table 32 LLDP MED Global Configuration Fields If you change the Fast Start Repeat Count click Apply to save any changes for the current boot ses sion The changes take effect immediately but are not retained acros...

Страница 63: ...the interface When enabled the LLDP MED transmit and receive functions are effectively enabled on the interface This feature is enabled by default Notification Status Indicates whether LLDP MED topology change notifications are enabled or disabled on the interface This feature is disabled by default Operational Status Indicates whether the interface is configured to transmit TLVs To transmit TLVs ...

Страница 64: ...ertised by the switch interfaces when they are enabled for LLDP MED To display this page click LLDP MED Local Devices in the navigation pane Figure 41 LLDP MED Local Device Summary Page Table 34 LLDP MED Local Device Summary Fields Field Description Interface The trunk or port ID Port ID The interface identifier which is its physical address ...

Страница 65: ... Description Interface The local interface that has received LLDP MED data units from remote devices Remote ID The client identifier assigned to the remote system that sent the LLDP MED data unit Device Class The MED Classification advertised by the TLV from the remote device The following three classifications represent the actual endpoints Class I Generic for example IP Communication Controller ...

Страница 66: ...Device Information Page The following additional fields appear on the LLDP MED Remote Device Information page Field Description Capability Information Supported Capabilities The supported capabilities that were received in the MED TLV on this interface Enabled Capabilities The supported capabilities on the remote device that are also enabled Device Class The MED Classification advertised by the TL...

Страница 67: ...s Inventory Information This section describes the information in the inventory TLVs received in the LLDP MED frames on this interface Hardware Revision The hardware version advertised by the remote device Firmware Revision The firmware version advertised by the remote device Software Revision The software version advertised by the remote device Serial Number The serial number advertised by the re...

Страница 68: ... to help protect against DoS attacks A DoS attack is an attempt to saturate the switch with external communication requests to prevent the switch from performing efficiently or at all You can enable Auto DoS protection that prevents common types of DoS attacks To display the Advanced Security page click Security Advanced Security in the navigation pane Figure 44 Advanced Security Configuration Aut...

Страница 69: ...ainder of the table inaccessible grayed out When disabled you can individually turn on and off the DoS features and change their default values This feature and all the individual DoS protections are disabled by default Prevent Land Attack Enable this option to drop packets for which the source IP address equals the destination IP address Prevent TCP Blat Attack Enable this option to drop packets ...

Страница 70: ...nerated by the switch are self signed that is the validity of the information provided in the certificate is attested to by the switch itself Uploaded certificates can also be self signed by a server other than the switch or they can be root certificates A root certificate has been digitally signed by a CA and is therefore considered to provide a higher level of security You can also upload the en...

Страница 71: ... public key certificate that has been signed by another server or a root certificate that has been signed by a certificate authority You can also upload Diffie Hellman DH encryption param eter files which establish the algorithms for encrypting key exchanges Before you upload a file to the switch the following conditions must be met The file is on the server in the appropriate directory The file i...

Страница 72: ... DH Weak Strong Encryption Parameter PEM File DH certificates provide the algo rithms for encrypting key exchanges and are used independent of the certificate The weak version uses a cipher strength of 512 bits and the strong version uses a cypher strength of 1024 bits Browser settings determine which DH file parameters are requested at the start of the SSL session 4 Browse for the file on your lo...

Страница 73: ...state and remains in that state until it is re enabled by the Auto Recovery feature Storm Control functionality is applicable only for physical interfaces When Auto Recovery is enabled an interface in the diagnostically disabled state due to a storm is recovered link up when the recovery interval expires If the interface continues to encounter exces sive traffic it may be placed back into the diag...

Страница 74: ...ets per second regardless of the actual packet sizes being received by the port Each of the three storm control packet types is rate limited independently Auto Recovery Parameters Auto Recovery This configures the Storm Control auto recovery administrative mode This feature is disabled by default Recovery Time This configures the Storm Control auto recovery time interval The default value of the t...

Страница 75: ...ely but are not retained across a switch reset unless you click Save Configuration Field Description Low Power Idle EEE EEE Energy Efficient Ethernet is designed to save power by turning off network ports that are not passing traffic When this features is enabled the ports can enter a low power mode to reduce power consumption during periods of low link utilization EEE works for ports in auto nego...

Страница 76: ...gy Efficient Ethernet feature For example 10 means that the device required 10 less power Current Power Consumption The estimated power consumption by all ports Per Port Status Interface The interface ID If EEE is not enabled then no interfaces display Link Partner Supports EEE Displays Yes if the interface has received EEE messages called Type Length Values or TLVs from a link partner or No if it...

Страница 77: ...deleted from the RAM when a new message is added If the system restarts all messages are cleared The Log page displays the 100 most recent system messages such as configuration failures and user ses sions The newest log entry by default is displayed at the bottom of the list To display the Log page click Diagnostics Log in the navigation pane Figure 50 Buffered Log Page NOTE If more than 100 messa...

Страница 78: ... so that it is preserved upon reboot When the switch is reset to factory defaults all crash log information is erased Field Description Log Index The log number Log Time Time at which the log was entered in the table Severity The severity level associated with the log message The severity can be one of the following Emergency The device is unusable Alert Action must be taken immediately Critical T...

Страница 79: ...hive Log Configuration The HPE OfficeConnect 1850 series switch software supports logging system messages to the buff ered log file or forwarding messages over the network using the Syslog protocol Syslog messages can be captured by a designated host on the network that is running a Syslog daemon You can use the Log Configuration page to configure buffered log and Syslog settings To display the Lo...

Страница 80: ...tem error of a specified operation Notice Notifies the user of a system error Info Provides the user with system information This is the default filter level Debug An internal note to reconcile programming code SysLog Configuration SysLog Host Enables and disables logging to configured syslog hosts When the syslog admin mode is disabled the device does not relay logs to syslog hosts and no message...

Страница 81: ... the port with the connected cable to test Cable Status Displays the cable status as one of the following Normal The cable is working correctly Open The cable is disconnected or there is a faulty connector Open and short There is an electrical short in the cable Cable status test failed The cable status could not be determined The cable may in fact be working No Cable The cable is not connected to...

Страница 82: ... The test returns a cable length estimate Failure Location Distance The estimated distance from the end of the cable to the failure location Note This field displays a value only when the cable status is Open or Short otherwise this field is blank NOTE If the link is down and a cable is attached to a 10 100 Ethernet adapter the Cable Status may indi cate Open or Short because some Ethernet adapter...

Страница 83: ...e delay between ping packets The range is from 1 to 60 seconds and the default is 3 seconds Size Specify the size of the ping packet to be sent Changing the size allows you to troubleshoot connectivity issues with a variety of packet sizes such as large or very large packets The range is from 0 to 13000 bytes and the default is 0 bytes Status The current status of the ping test which can be one of...

Страница 84: ... You can use the Reset Configuration page to restore all settings to their factory default values All con figuration changes including those that were previously saved are reset in the running system by this action If the switch is configured to use DHCP to acquire its IP address the address may change upon restart you will need to determine the address before logging back in to the management uti...

Страница 85: ...h date and time information Device Information Software and OS versions System Resource Usage CPU and memory usage data Image Status and Image Description The active and backup image status and versions Buffered Log and Configuration Messages and logging configuration details Syslog Configuration Syslog status and remote port and address information Time Configuration and Time Zone SNTP client sta...

Страница 86: ...Green Features EEE Configuration Global and per port enable disable status and power con sumption data PoE Configuration On switches that support PoE global and per port configuration and sched ule settings You can click Save As to save the Support File page content The Support File page is saved as HTML and is named support_file html by default Locator When you need to physically locate the switc...

Страница 87: ...the bridge table or the forwarding database To display the MAC Table page click Diagnostics MAC Table in the navigation pane Figure 59 MAC Table Page IMPORTANT The address table supports up to 16K MAC address entires however the UI will dis play up to 500 entries If the MAC address you want to view is not displayed you can search for it by using the Filter option You can enter a partial MAC addres...

Страница 88: ...r internal management on the switch Interface Index The Interface Index of the MIB interface table entry associated with the source port This value helps identify an interface when using SNMP to manage the switch Status Provides information about the entry and why it is in the table Possible values are the following Learned The address has been automatically learned by the switch and can age out w...

Страница 89: ...er name or password click Apply to save your changes At the next log on use the new password Field Description Username A unique ID or name used to identify the administrative user account A change in the username is effective the next time you attempt to log into the switch Current Password Enter the old password if one exists There is no password by default New Password Confirm New Password Ente...

Страница 90: ...les from a remote system This is the page you use to update the switch firmware Files can be backed up and updated using either HTTP or TFTP To display this page click Maintenance Backup and Update Manager in the navigation pane Figure 61 File Transfer Page Backing Up Files To back up a file click in the Backup column in either the HTTP or TFTP row The HTTP Backup File or TFTP Backup File page dis...

Страница 91: ...e Page Field Description File Type Select the type of file to back up from the switch to a remote system You can back up the active or backup image the system configuration file the error log in persistent memory also referred to as the event log and the buffered log in RAM Server Address TFTP only Enter the IP address of the TFTP server File Name TFTP only Enter the path on the server where you w...

Страница 92: ... Certificates and Encryption Files on page 71 Select File Browse to the location on the network where the new file is located and select it Digital Signature Verification For the Backup Code you can select this option to have the switch verify the file download with a digital signature Digital signature verification is applied to backup code only Status Status information on the update process Fie...

Страница 93: ...tion Fields Click Apply to save your changes to the switch IMPORTANT If you configure a description for the active and or backup firmware image the descrip tion will not be cleared if you reset the switch to the factory default settings Field Description Image Status This section lists the current image status information Image The type of image which can be either Active or Backup Version The sof...

Страница 94: ...ftware products provide a mechanism for accessing software updates through the prod uct interface Review your product documentation to identify the recommended software update method To download product updates go to either of the following Hewlett Packard Enterprise Support Center Get connected with updates page www hpe com support e updates Software Depot website www hpe com support softwaredepo...

Страница 95: ...SR programs allow you to repair your product If a CSR part needs to be replaced it will be shipped directly to you so that you can install it at your conve nience Some parts do not qualify for CSR Your Hewlett Packard Enterprise authorized service provider will determine whether a repair can be accomplished by CSR For more information about CSR contact your local service provider or go to the CSR ...

Страница 96: ...ocumentation send any errors suggestions or comments to Documentation Feedback docsfeedback hpe com When submitting your feedback include the document title part number edi tion and publication date located on the front cover of the document For online help content include the product name product version help edition and publication date located on the legal notices page ...

Страница 97: ...ts available at www hpe com support Safety Compliance EnterpriseProducts Warranty information HPE ProLiant and x86 Servers and Options http www hpe com support ProLiantServers Warranties HPE Enterprise Servers http www hpe com support EnterpriseServers Warranties HPE Storage Products http www hpe com support Storage Warranties HPE Networking Products http www hpe com support Networking Warranties ...

Отзывы:

Нет отзывов

Похожие инструкции для OfficeConnect 1850 Series

Бренд: JDS Uniphase Страницы: 37

Бренд: Valcom Страницы: 2

Sierra Pro XL 1616V3

Бренд: Kramer Страницы: 2

Бренд: Belkin Страницы: 12

Бренд: K-Dyne Страницы: 10

Бренд: Inline Страницы: 26

Бренд: I/O Interconnect Страницы: 27

Бренд: Elements Страницы: 2

Бренд: Kobold Страницы: 23

PFS4226-24ET-240

Бренд: Dahua Страницы: 3

Бренд: NBK Страницы: 32

Бренд: Labgear Страницы: 8

Бренд: Versa Technology Страницы: 26

Бренд: TCi Страницы: 11

OMNICUBE F1DK102P

Бренд: Belkin Страницы: 21

Бренд: Samson Страницы: 48

GEF-UHD-89-HBT2

Бренд: Gefen Страницы: 232

Бренд: Tripp Lite Страницы: 3

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды