Allied Telesis Switch Configuration and Firewall Setup Guide
Page 110

110

AT-8800 Series Switch User Guide

Backup switch

If your network has many switches, you may wish to keep a backup switch ready to replace any switch that malfunctions. When you upgrade the software release or patch on the other switches in the network, upgrade the backup too. Store on it one current config script for each switch in your network, so that when it is needed, you need only set the configuration file with which it boots to match the switch it replaces.

Configure logging

The logging facility stores log messages for events with a specified severity in a log file. You can change the size of the log file, and the kind of messages recorded. You can configure the switch to output log messages in several ways, including to a remote switch with a specified IP address, or as an email to a particular email address. The switch can also receive log messages from another switch. Set the Logging Facility to log and forward the log messages you need to monitor your network (see the Logging Facility chapter in the AT- 8800 Series Switch Software Reference). Inspect the log file from time to time, and if difficulties arise.

Configure Firewall

The firewall facility is enabled with a special feature license. To obtain a special feature license contact an Allied Telesyn authorised distributor or reseller.

Use the Firewall to protect your network from several kinds of unwanted traffic or deliberate attacks (see the Firewall chapter in the AT-8800 Series Switch Software Reference. A special feature licence is required.

FLASH compaction

If the FLASH memory gets filled beyond a certain level, it will automatically activate FLASH compaction to recover any space that is made available from deleted files. You can also activate FLASH compaction manually if required.

While FLASH is compacting, do not restart the switch or use any commands that affect the FLASH file subsystem. Do not restart the switch, or create, edit, load, rename or delete any files until a message confirms that FLASH file compaction is completed. Interrupting flash compaction may result in damage to files. Damaged files are likely to prevent the switch from operating correctly.

Watch for software updates

From time to time patches may be released to improve the function of your switch software, and new software releases make new features available. Watch for patches and new software releases on the support site at http://www.alliedtelesyn.co.nz/support/ar400.

Software Release 2.6.1 C613-02039-00 REV A

Page 109 Page 111
Image 110
Page 109 Page 111
Contents AT-8800 Series Switch Page Contents Operating the switch AT-8800 Series Switch User GuideMaintenance and Troubleshooting Page Chapter Introducing the AT-8800 Series SwitchWhy Read this User Guide? Where To Find More Information AT-8800 Series Switch Documentation SetIntroduction Features of the AT-8800 Series SwitchOnline Technical Support Management Features Software FeaturesSpecial Feature Licences Do if You Clear Flash Memory Completely on Getting Started with the Command Line Interface CLI This ChapterParameters for terminal communication Value Connecting a Terminal or PCTerminal Communication Parameters Logging Enter the password at the password promptGetting Started with the Command Line Interface CLI Assigning an IP AddressSetting Routes To change the IP address for an interface, enter the commandTo add a static route, enter the command Changing a PasswordChoosing a Password Using the Commands Not availableAliases Getting Command Line HelpTo display the current help file, enter the command Enabling Special Feature Licences Setting System ParametersGetting Started with the Graphical User Interface GUI Getting Started with the Graphical User Interface GUIBrowser and PC Setup What is the GUI?Accessing the Switch via the GUI Supported browsers and operating systemsHttp Proxy Servers See Option 1 Configuring the Switch before Installation on Establishing a Connection to the SwitchSee Option 3 Connecting to an Installed Switch on See Option 2 Installing the Switch into the LAN onSee Http Proxy Servers on page 23 for more information Option 1 Configuring the Switch before InstallationUse this procedure if At the login prompt, enter the user name and password Option 2 Installing the Switch into the LANDefault username is manager Plug the switch into the LANSee Secure Access on page 29 for more information Assign the vlan1 interface an IP addressSelect a PC Option 3 Connecting to an Installed SwitchFind out the IP address of the switch’s interface If necessary, bypass the Http proxy serverSecure Access Create a Security Officer user accountTo create an RSA key pair, use the command Then enter the password for CIPHER, sbr4y3To enable system security, use the command System Status System StatusUsing Configuration Pages Using the GUI Navigation and FeaturesConfiguration Menu Quality of Service and traffic filtersAn example of a configuration page with a selection table Editable Fields Management Menu Monitoring MenuContext Sensitive GUI Help Diagnostics MenuChanging the Password Configuring Multiple Devices Saving Configuration Entered with the GUICombining GUI and CLI Configuration Load the new file onto the switch To upgrade the GUIThen delete the GUI resource file, using the command Upgrading the GUIPoint your web browser at the switch’s IP address TroubleshootingInstall the new file as the preferred GUI Accessing the Switch via the GUI Deleting Temporary FilesTraffic Flow IP Addresses and Dhcp SolutionSolutions Time and NTPLoading Software Page Snmp and MIBs on Using Scripts onUser Accounts and Privileges A Security Officer prompt looks likeLogin Operating the switch Normal Mode and Security ModeTo display the current operating mode, enter the command Specific Parameters Remote Management Storing Files in Flash MemoryUsing Scripts Example output from the Show File commandSaving the Switch’s Configuration Storing Multiple ScriptsFile extensions and file types Extension File type/function Loading and Uploading FilesFile Naming Conventions Loading Files SPATo load a patch file Configure the Loader Setting Loader DefaultsExample Load a Patch File Using Http Download the patch fileMore information Uploading Files From the SwitchExample Upload a Configuration File Using Tftp To upload a log fileUpgrading Switch Software Load the new release file onto the switch Example Upgrade to a New Software Release UsingTo upgrade to a new software release Enter licence information for the release Enter the licence password for the software releaseMake the release the default permanent release Test the releaseCheck that the file is successfully loaded Example Upgrade to a new patch fileTo upgrade to a new patch file Using the Built-in Editor Snmp and MIBsWhere interface is the name of an interface, such as vlan11 For More About Operations and FacilitiesAT-8800 Series Switch User Guide Switch Ports Enabling and Disabling Switch PortsTo enable or disable a switch port, use the commands To display information about switch ports, use the commandSTP Autonegotiation of Port Speed and Duplex Mode Port Trunking Speed 10/100Show VLAN=ALL Layer 2 Switching Packet Storm ProtectionPort Mirroring Port security Example output from the Show Switch Port Intrusion command Virtual Local Area Networks VLANsVlan Tagging TpidFormat of user priority and Vlan data in an Ethernet frame Vlan Membership using Vlan Tags Member ports Vlan membership of example of a network using tagged portsVlan Membership of Untagged Packets Creating VLANs Vlans with untagged portsTo add tagged ports to a VLAN, use the command To destroy a VLAN, use the commandVlan Interaction with STPs and Trunk Groups Summary of Vlan tagging rulesProtected VLANs Ingress Rules Layer 2 Switching ProcessGeneric Vlan Registration Protocol Gvrp Learning Process Forwarding Process Layer 2 Filtering Example output from the Show Switch Filter command Quality of Service Egress RulesSpanning Tree Protocol STP Spanning Tree ModesRapid Spanning Tree port states State Meaning Spanning Tree and Rapid Spanning Tree Port StatesSpanning tree port states State Meaning Configuring STP SET STP=stpnameALL PRIORITY=0..65535 Example output from the Show STP command Do not occur Switch Max Age Parameter MeaningTo display STP port information, use the command 94AT-8800 Series Switch User Guide Example output from the Show STP Port commandTo show STP counters, use the command Transmit 96AT-8800 Series Switch User GuideReceive DiscardedInterfaces to Layer 3 Protocols Igmp SnoopingDisable Igmpsnooping Example output from the Show IP Igmp command Group ListDescription TriggersEvent ParametersLayer Internet Protocol IP Then use either of the following commandsDisplays the interfaces enabled for IP routing Figure IP MulticastingLayer 103 Routing Information Protocol RIPNovell IPX Example output from the Show IPX Circuit command AppleTalkResource Reservation Protocol Rsvp Layer 105Page Maintenance and Troubleshooting How the Switch Starts Up Switch startup messagesHow to Avoid Problems Set system territoryWatch for software updates What to Do if You Clear Flash Memory Completely If you accidentally do this, you will need toGetting the Most Out of Technical Support What to Do if Passwords are LostWhat to Do if the PPP Link Disconnects Regularly To get debugging output, enter the command Resetting Switch DefaultsChecking Connections Using Ping Maintenance and Troubleshooting 113Stop a Ping that is in progress, enter the command Troubleshooting IP ConfigurationsTo set Ping defaults, enter the command Telnet FailsYour switch is acting as a Dhcp server Troubleshooting Dhcp IP AddressesYour switch is acting as a Dhcp client Maintenance and Troubleshooting 115Local Workstations Can Not Access Remote Servers Troubleshooting IPX ConfigurationsTo check that the PPP link is active, enter the command No Routes are Visible to the Remote RouterUsing Trace Route for IP Traffic Check route tablesTo halt a trace route that is in progress, enter the command
Top Page Image Contents