Dell 5324 manual Deny management, Management Access-list Configuration mode, 191

Page 191

mask prefix-length—Specifies the number of bits that comprise the source IP address prefix. The prefix length must be preceded by a forward slash (/). (Range: 0 - 32)

service service—Indicates service type. Can be one of the following: telnet, ssh, http, https or snmp.

Default Configuration

If no permit statement is present, the default is set to deny.

Command Mode

Management Access-list Configuration mode

User Guidelines

Rules with Ethernet, VLAN and port-channel parameters are valid only if an IP address is defined on the appropriate interface.The system supports up to 256 management access rules.

Example

The following example shows how all ports are permitted in the access-list called "mlist".

Console (config)# management access-listmlist

Console (config-macl)# permit

deny (management)

The deny Management Access-List Configuration mode command defines a deny rule.

Syntax

deny [ethernet interface-number vlan vlan-id port-channel number] [service service]

deny ip-source ip-address [mask mask prefix-length] [ethernet interface-number vlan vlan- id port-channel number] [service service]

ethernet interface-number—A valid Ethernet port number.

vlan vlan-id—A valid VLAN number.

port-channelnumber—A valid port-channel number.

ip-address—Source IP address. (Range: Valid IP Address)

mask mask—Specifies the network mask of the source IP address. (Range: Valid subnet mask)

mask prefix-length—Specifies the number of bits that comprise the source IP address prefix. The prefix length must be preceded by a forward slash (/). (Range: 0 - 32)

Management ACL

191

Image 191
Contents CLI Reference Guide Aug Contents Using the CLI Address Table Commands Clock Ethernet Configuration Commands Igmp Snooping Commands Lacp Commands Management ACL Port Monitor Commands Rmon Commands Spanning-Tree Commands SSH Commands Syslog Commands Tacacs Commands Vlan Commands 32 802.1x Commands 382 Page Introduction Command GroupsCommand Groups Configures commands related to 802.1x security protocol Configures and reports on Spanning Tree protocolConfigures Tacacs commands Address Table Commands AAA CommandsDisplays statically created entries in the bridge Configures an external time source forConfigures the system to automatically switch Defines an authentication key for SimpleConfiguration and Image Files Commands Displays the backup configuration file contents Ethernet Configuration CommandsGvrp Commands Sets an IP address Igmp Snooping CommandsDefines a default gateway router IP AddressingCache Line CommandsDeletes entries from the host name-to-address Sets the line for automatic baud rate detection Lldp CommandsPHY Diagnostics Commands Management ACL CommandsQoS Commands Port Channel CommandsPort Monitor Commands Enables each port trust state Radius CommandsSnmp Commands Rmon CommandsSpanning Tree Commands MST Sets the default path cost method SSH CommandsOverrides the default link-type setting Syslog Commands Reloads the operating system System Management CommandsTacacs Commands Disables the default Vlan functionality User Interface CommandsVlan Commands Switches the mode to debugInterface Reserves a Vlan as the internal usage Vlan of anWeb Server Commands Command Description Access Mode 802.1x CommandsCommand Groups GC Global Configuration Mode Command ModesDevice Notification operation Sntp IC Interface Configuration ModeReserves a Vlan as the internal usage Vlan of an interface An Extensible Authentication Protocol EAP request/identityFrame, from the client, before resending the request Command Description LC Line Configuration ModeEnables the Simple Network Time Protocol Sntp client on an PE Privileged User Exec Mode MA Management Access-level ModeVlan UE User Exec Mode SP SSH Public Key ModeCommand Modes VC Vlan Configuration Mode W . d e l l . c o m s u p p o r t . d e l l . c o m Introduction Using the CLICLI Command Modes Privileged Exec Mode User Exec ModeExit End Ctrl+Z Global Configuration ModeStarting the CLI Consoleconfig# username admin password smith Editing FeaturesEntering Commands Config#interface ethernet Terminal Command BufferNegating the Effect of Commands Command CompletionEnter CLI Command ConventionsKeyboard Shortcuts Italic fontUsing the CLI Command Mode AAA CommandsAaa authentication login Default ConfigurationExample Aaa authentication enableFollowing example configures authentication login Console config# aaa authentication enable default enable Login authenticationConsole config-line#login authentication default Enable authenticationFollowing example configures the http authentication Ip http authenticationConsole config-line#enable authentication default Following example configures https authentication Ip https authenticationShow authentication methods Following example displays the authentication configuration Syntax Show authentication methods Default ConfigurationThis command has no default configuration Privileged Exec modeSyntax Password password encrypted No password PasswordConsole# show authentication methods Following example specifies a password secret on a line Enable passwordNo password is required No user is defined UsernameShow users accounts Console# show users accounts Syntax Show users accounts Default ConfigurationAAA Commands Bridge address Address Table CommandsInterface configuration Vlan mode Bridge multicast filtering Disabled. All multicast addresses are flooded to all portsThis example, bridge multicast filtering is enabled Console config# bridge multicast filteringFollowing example registers the MAC address No multicast addresses are definedExamples No forbidden addresses are defined Command ModesBridge multicast forbidden address This example all multicast packets on port g8 are forwarded Disable forward-all on the specified interfaceBridge multicast forward-all Bridge multicast forbidden forward-allSyntax Bridge aging-timeConsole# clear bridge Clear bridgeSyntax Clear bridge Port security Disabled No port securityInterface Configuration Ethernet, port-channel mode Mac-address-Specify a MAC address in the format Console config-if#port security routed secure-addressPort security routed secure-address Show bridge address-tablePort-channel-number-A valid port-channel number Console# show bridge address-table Show bridge address-table staticVlan -Specific Vlan Show bridge address-table countConsole# show bridge address-table static Syntax Show bridge address-table count vlan vlanConsole# show bridge address-table count Show bridge multicast address-tableConsole # show bridge multicast address-table format ip Console # show bridge multicast address-tableVlanid-A valid Vlan ID value Show bridge multicast filteringShow ports security Syntax Show bridge multicast filtering vlan-idConsole # show ports security Syntax Clock source sntp No clock source ClockClock set Clock sourceConsole# clock source sntp Clock timezoneNo external clock source Clock summer-time No authentication key is defined Sntp authentication-keySyntax Sntp authenticate No sntp authenticate Sntp authenticateConsoleconfig# sntp authentication-key 8 md5 ClkKey Not trusted Sntp client poll timerFollowing example authenticates key Sntp trusted-keyConsole config# sntp broadcast client enable Sntp broadcast client enableConsole config# sntp client poll timer Syntax Sntp client enable No sntp client enable Sntp anycast client enableSntp client enable interface Console config-if#sntp anycast client enable101 Sntp unicast client enableConsole config# sntp unicast client enable Syntax Sntp unicast client poll no sntp unicast client poll Console config# sntp unicast client pollSntp unicast client poll Sntp server103 Show clockSyntax Show clock detail 104 Console# show clock105 Show sntp configurationSyntax Show sntp configuration Console# show sntp configuration106 Show sntp statusSyntax Show sntp status Following example shows the status of the Sntp107 Clock Copy Configuration and Image FilesDelete startup-config Console# delete startup-config110 Understanding Invalid Combinations of Source and Destination111 Storing the Running or Startup Configuration on a ServerCopy Character Descriptions Copying image file from a Server to Flash Memory112 Boot systemSyntax Boot system image-1 image-2 Console# boot system image-1113 Show running-configSyntax Show running-config sort type Sort type defaults to interface if unspecifiedSyntax Show startup-config sort type 114 Show startup-configConsole# show running-config no spanning-tree 115 Syntax Show backup-config 116 Show backup-configConsole# show startup-config no spanning-tree 117 Console# show backup-config software version118 Show bootvarSyntax Show bootvar Default Configuration Console# show bootvarInterface range ethernet Ethernet Configuration CommandsInterface ethernet Shutdown Syntax Shutdown No shutdown Default ConfigurationInterface is enabled Following example disables port g5Syntax Speed 100 1000 No speed DescriptionSpeed Syntax Description string No description122 DuplexSyntax Duplex half full No duplex Flowcontrol Consoleconfig# interface ethernet g5Syntax Negotiation No negotiation Default Configuration Negotiation124 MdixSyntax Flowcontrol auto on off No flowcontrol Syntax Mdix on auto No mdix125 Syntax Back-pressure No back-pressure Default ConfigurationBack-pressure 126 Port jumbo-frameClear counters Console# set interface active ethernet g5 Show interfaces configurationSet interface active Console# clear counters ethernet g1128 Interfaces configuration129 Show interfaces statusConsole# show interfaces status 130131 Show interfaces description132 Show interfaces countersConsole# show interfaces description ethernet g1 Console# show interfaces counters 133134 Following example displays counters for port g1Console# show interfaces counters ethernet g1 Following table describes the fields shown in the displayIeee Std .3, 2000 Edition, section 135136 Syntax Show ports jumbo-frame Default ConfigurationShow ports jumbo-frame Console# show ports jumbo-frame Port storm-control broadcast enableConsoleconfig# port storm-control include-multicast Port storm-control include-multicastPort storm-control broadcast rate Broadcast storm control is disabledConsoleconfig-if#port storm-control broadcast enable Default storm control broadcast rate isSyntax Show ports storm-control interface Consoleconfig-if#port storm-control broadcast rateFollowing example displays the storm control configuration Show ports storm-control140 Syntax Gvrp enable No gvrp enable Default Configuration Gvrp CommandsGvrp enable global Gvrp enable interface142 Garp timerFollowing example enables Gvrp on ethernet g8 143 By default, dynamic Vlan creation is enabledGvrp vlan-creation-forbid Clear gvrp statistics Console config-if#gvrp vlan-creation-forbidConsole config-if#gvrp registration-forbid Gvrp registration-forbid145 Show gvrp configurationConsole# clear gvrp statistics ethernet g8 146 Console# show gvrp configurationShow gvrp statistics Console# show gvrp statistics Show gvrp error-statisticsFollowing example shows Gvrp statistics information 147148 Console# show gvrp-error statisticsFollowing example displays Gvrp statistics information 149 Igmp Snooping CommandsIp igmp snooping Global Ip igmp snooping Interface150 Ip igmp snooping mrouterIp igmp snooping host-time-out 151 Console config-if#ip igmp snooping host-time-outIp igmp snooping mrouter-time-out Ip igmp snooping leave-time-out Console config-if#ip igmp snooping mrouter-time-outDefault leave-time-out configuration is 10 seconds Console config-if#ip igmp snooping leave-time-outConsole # show ip igmp snooping mrouter Show ip igmp snooping mrouterShow ip igmp snooping interface 154 Show ip igmp snooping groupsExample displays Igmp snooping information Console # show ip igmp snooping interface155 Example shows Igmp snooping informationConsole # show ip igmp snooping groups Igmp Snooping Commands Console# clear host dhcp IP Addressing CommandsClear host dhcp Ip address158 Interface configuration Ethernet, VLAN, port-channelIp address dhcp No IP address is defined for interfaces159 Ip default-gatewaySyntax Ip default-gateway ip-address No ip default-gateway No default gateway is defined160 Following example defines an ip default gatewayShow ip interface 161 ArpConsole# show ip interface Clear arp-cache Arp timeoutConsole config# arp 198.133.219.232 00000c400fbc ethernet Following example displays entries in the ARP table Syntax Show arp Default ConfigurationShow arp Console# clear arp-cacheSyntax Ip domain-name name No ip domain-name Ip domain-lookupIp domain-name Syntax Ip domain-lookup No ip domain-lookupFollowing example sets the available name server Ip name-serverIp host No name server addresses are specifiedSyntax Clear host name Clear hostSyntax Ip host name address No ip host name No host is defined167 Default Configuration Command ModeShow hosts Syntax Show hosts name168 Syntax Lacp port-priority value No lacp port-priority Lacp CommandsLacp system-priority Lacp port-priority170 Lacp timeoutSyntax Lacp timeout long short No lacp timeout Default port timeout value is longSyntax Show lacp port-channel portchannelnumber Show lacp ethernetShow lacp port-channel Console# show lacp ethernet g1 statistics172 Console# show lacp port-channelSyntax Speed bps Line CommandsLine Syntax Line console telnet ssh174 Exec-timeoutSyntax Autobaud No autobaud Default Configuration Autobaud175 Syntax Exec-timeout minutes seconds No exec-timeoutShow line Syntax Show line console telnet sshConsole# show line console Following example displays the line configurationTerminal history Terminal history size177 Maximum for the sum of all buffers isLine Commands Syntax Lldp CommandsLldp enable global Lldp enable interfaceDefault 30 seconds Lldp timerInterface configuration Ethernet Syntax Lldp timer seconds No lldp timerSyntax Lldp hold-multiplier number No lldp hold-multiplier Lldp reinit-delayDefault Configuraiton Lldp hold-multiplierDefault value is 2 seconds Lldp tx-delaySyntax Lldp reinit-delay seconds No lldp reinit-delay Syntax Lldp tx-delay seconds No lldp tx-delay ParametersNo optional TLV is transmitted Lldp optional-tlvLldp management-address Usage Guidelines184 Clear lldp rxShow lldp local Show lldp configurationSyntax Show lldp configuration ethernet interface Switch# show lldp configuration186 Show lldp neighbors187 Switch# show lldp neighborsSwitch# show lldp neighbors ethernet g1 Lldp Commands 189 Management access-listName-The access list name using up to 32 characters Management ACL190 Console config# management access-class mlistPermit management 191 Management Access-list Configuration modeDeny management 192 Management access-classConsole# show management access-list Show management access-listShow management access-class Syntax Show management access-list name194 Syntax Show management access-class Default ConfigurationConsole# show management access-class Console# test copper-port tdr g3 PHY Diagnostics CommandsTest copper-port tdr Show copper-ports tdr196 Show copper-ports cable-lengthSyntax Show copper-ports cable-length interface Port must be active and working in 1000M197 Show fiber-ports optical-transceiverConsole# show copper-ports cable-length Console# show fiber-ports optical-transceiver 198Console# show fiber-ports optical-transceiver detailed 199PHY Diagnostics Commands Interface range port-channel Port Channel CommandsConsole config# interface port-channel Interface port-channel202 Console config# interface range port-channelChannel-group Port is not assigned to any port-channelSyntax Show interfaces port-channel port-channel-number Console config-if#channel-group 1 mode onPort channel load balance Show interfaces port-channel204 Port monitor Port Monitor CommandsDefault is both rx and tx Interface Configuration mode206 Syntax Show ports monitor Default ConfigurationShow ports monitor 207 Console# show ports monitorPort Monitor Commands Show qos QoS CommandsQos 210 Following example displays a QoS modeWrr-queue cos-map 211 Interface Configuration Ethernet, port channel modeWrr-queue bandwidth Following example maps CoS 3 to queue212 Following example assigns WRR weights to egress queuesPriority-queue out num-of-queues All queues are expedite queues213 Console config# priority-queue out num-of-queuesShow qos interface Following example sets queue 4, 3 to be expedite queues214 Qos map dscp-queueConsole# show qos interface ethernet g1 queuing 215 Qos trust GlobalSyntax Qos trust cos dscp No qos trust Qos cos Syntax Qos trust No qos trust Default ConfigurationSyntax Qos cos default-cos No qos cos 216 Qos trust Interface217 Show qos mapSyntax Show qos map dscp-queue D1 x 10 + D2 = Value of Dscp Following example displays the Dscp port-queue mapConsole# show qos map Dscp-queue map Following table describes the fields used aboveIp-address-IP address of the Radius server host Radius CommandsBy default, no Radius host is specified Radius-server hostSyntax Radius-server key key-string No radius-server key TimeoutDefault is an empty string Radius-server key221 Console config# radius-server retransmitRadius-server retransmit Radius-server source-ip222 Radius-server timeoutConsole config# radius-server timeout Show radius-servers Console config# radius-server deadtimeSyntax Show radius-servers Default Configuration Radius-server deadtimeConsole# show radius-servers Following example displays the Radius server settings224 225 Rmon CommandsShow rmon statistics Console# show rmon statistics ethernet g1Field Description 226227 Rmon collection historyConsole# show rmon collection history Console config-if#rmon collection history 1 intervalShow rmon collection history Following example displays all Rmon group statistics229 Show rmon historyConsole# show rmon history 5 throughput Console# show rmon history 5 errors230 231 Console# show rmon history 5 other232 Rmon alarm233 Show rmon alarm-tableSyntax Show rmon alarm number Show rmon alarmSyntax Show rmon alarm-table Default Configuration Console# show rmon alarm-table235 Following example displays Rmon 1 alarmsConsole# show rmon alarm 236 Rmon eventFollowing example displays the Rmon event table Following example configures an event with the trap indexSyntax Show rmon events Default Configuration Show rmon eventsEvent-Event index. Range 0 Show rmon logConsole# show rmon events Syntax Show rmon log event239 Following example displays the Rmon logging tableConsole# show rmon log 240 Console config# rmon table-size historyRmon table-size History table size is Log table size isNo snmp-server community community ip-address Snmp CommandsThere are no default communities defined Snmp-server community242 Default SettingDefault and DefaultSuper views exists Snmp-server view243 Snmp-server filterProduct specific Syntax Snmp-server contact text No snmp-server contact Snmp-server contactSnmp-server location Included245 Snmp-server enable trapsConsole config# snmp-server enable traps Syntax Snmp-server location text No snmp-server location246 Snmp-server trap authenticationConsole config# snmp-server trap authentication Snmp-server host247 Snmp-server set248 Snmp-server groupRouter context is translated to context in the MIB Console config# snmp-server group user-groupv3 priv readSnmp-server user No group entry exists250 251 Following example configures a new Snmp Version 3 userConsole config# snmp-server user Snmp-server v3-host252 Following example configures an SNMPv3 hostSnmp-server engineID local 253 Syntax Show snmp engineID Default SettingConsoleconfig # snmp-server engineID local default Show snmp engineid254 Syntax Show snmp Default ConfigurationShow snmp Console# sh snmp255 Show snmp viewsSyntax Show snmp views viewname 256 Show snmp groupsSyntax Show snmp groups groupname 257 Show snmp filtersSyntax Show snmp filters filtername 258 Show snmp usersSyntax Show snmp users username 259 Snmp Commands Spanning-tree Spanning-Tree CommandsSpanning-tree mode Syntax Spanning-tree No spanning-tree Default ConfigurationSeconds-Time in seconds. Range 4 Consoleconfig# spanning-tree mode rstpConsoleconfig# spanning-tree forward-time Spanning-tree forward-time263 Spanning-tree hello-time264 Consoleconfig# spanning-tree hello-timeSpanning-tree max-age Spanning-tree priority Spanning-tree disableConsoleconfig# spanning-tree max-age Consoleconfig# spanning-tree priorityCost-The port path cost Range 1 200,000,000 Following example disables spanning-tree on g5Spanning-tree cost Syntax Spanning-tree cost cost No spanning-tree cost267 Consoleconfig-if#spanning-tree port-prioritySpanning-tree port-priority Spanning-tree portfast268 Consoleconfig-if#spanning-tree portfastConsoleconfig-if#spanning-tree link-type shared Spanning-tree link-typeSpanning-tree mst max-hops Default number of hops isConsole config # spanning-tree mst 1 priority Spanning-tree mst priority270 Console config # spanning-tree mst max-hopsConsoleconfig-if#spanning-tree mst 1 port-priority Spanning-tree mst port-priority271 Spanning-tree mst configurationSpanning-tree mst cost Interface Long Short272 Syntax Spanning-tree mst configuration Default SettingInstance mst Syntax Instance instance-id add remove vlan vlan-rangeSyntax Revision value No revision Name mstRevision mst Syntax Name stringSyntax Show current pending Default configuration revision number isFollowing example sets the configuration revision to Show mstAbort mst Syntax Exit Default SettingSyntax Abort Default Setting Exit mst276 Spanning-tree pathcost methodSpanning-tree bpdu Console# spanning-tree pathcost method long277 Consoleconfig# spanning-tree bpdu floodingClear spanning-tree detected-protocols Syntax Spanning-tree bpdu filtering flooding278 Show spanning-treeConsole# clear spanning-tree detected-protocols ethernet g1 Following example displays spanning-tree informationConsole# show spanning-tree 279280 281 282 283 284 285 286 Console# show spanning-tree mst-configuration287 288 289 290 Spanning-tree mst mstp-rstpSpanning-tree guard root Consoleconfig# spanning-tree mst mstp-rstpRoot guard is disabled Interface configuration Ethernet, port-channel292 Following example enable root guard on port g8Consoleconfig-if#spanning-tree guard root Ip ssh server SSH CommandsIp ssh port Crypto key generate rsa Syntax Crypto key generate dsa Default ConfigurationConsole config# crypto key generate dsa Crypto key generate dsa295 Syntax Crypto key generate rsa Default ConfigurationConsole config# crypto key generate rsa Ip ssh pubkey-authUser-key Consoleconfig# crypto key pubkey-chain sshCrypto key pubkey-chain ssh 297 Key-stringSyntax Key-string row key-string 298 Syntax Show ip ssh Default ConfigurationShow ip ssh Rsa-RSA key Dsa-DSA key Following example displays the SSH server configurationShow crypto key mypubkey Syntax Show crypto key mypubkey rsa dsaConsole# show crypto key mypubkey rsa Show crypto key pubkey-chain ssh300 301 Console# show crypto key pubkey-chain sshFollowing example displays the SSH public called bob Console# show crypto key pubkey-chain ssh username bobSSH Commands Logging Syslog CommandsSyntax Logging on no logging on Default Configuration Logging onSyntax Logging console level No logging console Default is informationalLogging console As described in the field descriptionsSyntax Logging buffered level No logging buffered Default level is informationalLogging buffered Logging buffered sizeConsole# clear logging Console config# logging buffered sizeSyntax Clear logging Default Configuration Clear loggingSyntax Logging file level No logging file Syntax Clear logging file Default ConfigurationLogging file Clear logging fileConsole# clear logging file Syntax Show logging Default ConfigurationShow logging Following example clears messages from the logging file309 Syntax Show logging file Default ConfigurationShow logging file Console# show logging310 Syntax Show syslog-servers Default ConfigurationShow syslog-servers 311 Following example displays the syslog server settingsConsole# show syslog-servers Syslog Commands 313 Timeout timeout-The default is 2000 millisecondsSystem Management Ping314 TracerouteFollowing example displays a ping to IP address 315 316 317 Special Telnet Command charactersTelnet 318 Keywords Table319 Ports Table320 Following command switches to another open Telnet sessionResume Syntax Resume connectionHostname ReloadConsole# show users Show usersShow sessions Syntax Show system Exec modeShow system Console show sessionsConsole show system Show versionFollowing example displays the system information Syntax Show version 324325 Asset-tagSyntax Asset-tag tag No asset-tag Tag-The device asset tag. Range 1- 16 characters326 Syntax Show system id Default ConfigurationShow system id Console show system id327 Tacacs CommandsTacacs-server host No Tacacs host is specifiedFollowing example specifies a TACACS+ host Tacacs-server timeoutFollowing example sets the authentication encryption key Tacacs-server key329 Console config# tacacs-server timeoutTacacs-server source-ip Console# show tacacs Show tacacsSyntax Show tacacs ip-address Ip-address-Name or IP address of the hostUser Interface EnableDisable Syntax Configure LoginConfigure Syntax Login Default Configuration333 ExitconfigurationSyntax Exit Default Configuration All command modesFollowing example closes an active terminal session Syntax End Default ConfigurationExitEXEC EndHistory Syntax Help Default ConfigurationSyntax History No history Default Configuration HelpDebug-mode Syntax History size number-of-commands No history sizeSyntax Debug-mode Default Configuration History size337 Syntax Show history Default ConfigurationShow history Console# show privilege Syntax Show privilege Default ConfigurationShow privilege Console# show historyVlan Vlan CommandsVlan database Console# vlan database Default-vlan disableInterface vlan 341 Interface range vlanSyntax Interface range vlan vlan-range all 342 Switchport access vlanName Syntax Name string no name343 Switchport trunk allowed vlanConsole config-if#switchport access vlan Console config-if#switchport trunk native vlan Switchport trunk native vlanSwitchport general allowed vlan Console config-if#switchport trunk allowed vlan add 2,5-8345 Switchport general pvid346 Switchport general ingress-filtering disableIngress filtering is enabled All VLANs allowed Switchport general acceptable-frame-type tagged-onlySwitchport forbidden vlan All frame types are accepted at ingress348 Console config-if#switchport forbidden vlan addMap protocol protocols-group Following example maps protocol ip-arp to the group named349 Switchport general map protocols-group vlanIp internal-usage-vlan Vlan-id-VLAN ID of the internal usage VLAN.Range Valid VlanFollowing example displays all Vlan information Console config# ip internal-usage-vlanShow vlan Syntax Show vlan tag vlan-id name vlan-name351 Syntax Show vlan internal usage Default ConfigurationShow vlan internal usage Following example displays protocols-groups information Syntax Show vlan protocols-groups Default ConfigurationShow vlan protocols-groups Console# show vlan internal usage353 Show interfaces switchportConsole# show vlan protocols-groups Syntax Switchport mode customer access trunk general 354 Switchport modeConsole# show interface switchport ethernet g1 Vlan-id- Vlan ID of the customer Switchport customer vlanNo switchport mode No Vlan is configured356 Syntax Ip http port port-number No ip http port Web ServerIp http server Ip http portSyntax Ip https port port-number No ip https port Default for the device is disabledIp https server Ip https port359 Following example configures the https port number toCrypto certificate generate Following example regenerates a Https certificate Console enable# crypto certificate generate key-generateCrypto certificate request Certificate and the SSL RSA key pairs do not exist361 Console# crypto certificate 1 request362 Crypto certificate importSyntax Crypto certificate number import Number-Specifies the certificate number. Range 1363 Consoleconfig# crypto certificate 1 importIp https certificate Certificate number364 Console config# ip https certificateCrypto certificate export pkcs12 Syntax Crypto certificate number export pkcs12Console# crypto certificate 1 export pkcs12 Following example exports the certificate and RSA keys365 366 Crypto certificate import pkcs12Syntax Crypto certificate number import pkcs12 passphrase Following example imports the certificate and RSA keys367 Console# show crypto certificate mycertificate Show crypto certificate mycertificateSyntax Show crypto certificate mycertificate number Following example displays the certificateConsole# show ip http Show ip httpShow ip https 370 Console# show ip httpsMethod1 method2...-At least one from the following table 802.1x CommandsAaa authentication dot1x Console config# aaa authentication dot1x default noneDot1x port-control Following example enables 802.1x globallyConsole config# dot1x system-auto-control Dot1x system-auto-control373 Dot1x re-authenticationConsole config-if#dot1x port-control auto Syntax Dot1x re-authentication No dot1x re-authenticationConsole config-if#dot1x timeout re-authperiod Dot1x timeout re-authperiodDot1x re-authenticate Console config-if#dot1x re-authentication375 Dot1x timeout quiet-periodConsole# dot1x re-authenticate ethernet g8 376 Dot1x timeout tx-periodConsole config-if#dot1x timeout quiet-period 377 Dot1x timeout supp-timeoutDot1x max-req Syntax Dot1x max-req count No dot1x max-req378 Dot1x timeout server-timeout379 Console config# dot1x timeout server-timeoutShow dot1x Syntax Show dot1x ethernet interfaceConsole# show dot1x ethernet g3 380Following example displays 802.1X users Show dot1x usersSyntax Show dot1x users username username Username-Supplicant username Range 1- 160 characters382 Show dot1x statisticsSyntax Show dot1x statistics ethernet interface 383 Switch# show dot1x statistics ethernet g1384 User should be authorized to access the VlanDot1x auth-not-req Syntax Dot1x auth-not-req no dot1x auth-not-req385 Dot1x multiple-hostsDot1x single-host-violation Syntax Dot1x multiple-hosts no dot1x multiple-hosts386 Show dot1x advancedForward trap Syntax Show dot1x advanced ethernet interface387 Switch# show dot1x advancedSwitch# show dot1x advanced ethernet g1 388 Console# show dot1x advanced ethernet g1
Related manuals
Manual 72 pages 22.37 Kb

5324 specifications

The Dell 5324 is a high-performance network switch that is designed to meet the demands of modern enterprise networking. This switch represents a blend of advanced features aimed at enhancing network efficiency, reliability, and scalability, which are crucial for businesses looking to optimize their infrastructure.

One of the standout features of the Dell 5324 is its Layer 3 routing capabilities. It supports static routing and various dynamic routing protocols, including RIP, OSPF, and BGP, allowing for efficient data transfer across complex networks. This capability is particularly beneficial for organizations that require robust inter-VLAN routing and seamless connectivity with multiple network segments.

The Dell 5324 comes equipped with 24 Gigabit Ethernet ports, which provide ample connectivity options for devices within the network. Additionally, it includes four 10 Gigabit SFP+ ports, enabling users to integrate high-speed uplinks easily. This flexibility allows businesses to expand their network as demand grows without the need for a completely new setup.

Power over Ethernet (PoE) support is another significant advantage of the Dell 5324, as it enables the switch to deliver both data and power to connected devices through a single Ethernet cable. This feature is particularly useful for powering IP phones, security cameras, and Wi-Fi access points, simplifying the overall cabling and ensuring a neater installation.

Furthermore, the Dell 5324 offers advanced security features that help protect the network from unauthorized access and potential threats. It includes features such as 802.1X port-based authentication, MAC address filtering, and VLAN segmentation, ensuring that only authorized devices can connect to the network.

The user-friendly web-based interface alongside command-line interface (CLI) access enhances manageability, allowing network administrators to monitor performance, configure settings, and troubleshoot issues with ease. In addition, the switch supports network automation protocols, which can streamline management tasks and improve efficiency.

The industrial-grade design of the Dell 5324 ensures its reliability in various environments, making it a suitable choice for data centers and enterprise networks alike. With its combination of performance, scalability, and security features, the Dell 5324 stands out as a capable solution for organizations looking to improve their network infrastructure. Its capabilities make it a versatile addition for businesses aiming for a robust and future-ready networking environment.