Dell 5324 Aaa authentication enable, Example, Following example configures authentication login

Page 66

w w w . d e l l . c o m s u p p o r t . d e l l . c o m

Create a list by entering the aaa authentication login list-name method command for a particular protocol, where list-nameis any character string used to name this list. The method argument identifies the list of methods that the authentication algorithm tries, in the given sequence.

The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.

Example

The following example configures authentication login.

Console (config)# aaa authentication login default radius local enable none

aaa authentication enable

The aaa authentication enable Global Configuration mode command defines authentication method lists for accessing higher privilege levels. To return to the default configuration use the no form of this command.

Syntax

aaa authentication enable {default list-name}method1 [method2...]

no aaa authentication enable default

default—Uses the listed authentication methods that follow this argument as the default list of methods, when using higher privilege levels.

list-name—Character string used to name the list of authentication methods activated, when using access higher privilege levels.

method1 [method2...]—Specify at least one from the following table:

Keyword

Source or destination

 

 

enable

Uses the enable password for authentication.

 

 

line

Uses the line password for authentication.

 

 

none

Uses no authentication.

 

 

radius

Uses the list of all RADIUS servers for authentication. Uses username

 

"$enabx$." where x is the privilege level.

 

 

tacacs

Uses the list of all TACACS+ servers for authentication. Uses

 

username "$enabx$." where x is the privilege level.

 

 

66

AAA Commands

Page 65 Page 67
Image 66
Page 65 Page 67
Contents CLI Reference Guide Aug Contents Using the CLI Address Table Commands Clock Ethernet Configuration Commands Igmp Snooping Commands Lacp Commands Management ACL Port Monitor Commands Rmon Commands Spanning-Tree Commands SSH Commands Syslog Commands Tacacs Commands Vlan Commands 32 802.1x Commands 382 Page Command Groups Command GroupsIntroduction Configures and reports on Spanning Tree protocol Configures Tacacs commandsConfigures commands related to 802.1x security protocol AAA Commands Address Table CommandsDefines an authentication key for Simple Configures an external time source forConfigures the system to automatically switch Displays statically created entries in the bridgeConfiguration and Image Files Commands Ethernet Configuration Commands Displays the backup configuration file contentsGvrp Commands IP Addressing Igmp Snooping CommandsDefines a default gateway router Sets an IP addressLine Commands Deletes entries from the host name-to-addressCache Lldp Commands Sets the line for automatic baud rate detectionManagement ACL Commands PHY Diagnostics CommandsPort Channel Commands Port Monitor CommandsQoS Commands Radius Commands Enables each port trust stateRmon Commands Snmp CommandsSpanning Tree Commands MST SSH Commands Overrides the default link-type settingSets the default path cost method Syslog Commands System Management Commands Tacacs CommandsReloads the operating system Switches the mode to debug User Interface CommandsVlan Commands Disables the default Vlan functionalityReserves a Vlan as the internal usage Vlan of an InterfaceWeb Server Commands 802.1x Commands Command Description Access ModeCommand Groups Command Modes GC Global Configuration ModeDevice Notification operation IC Interface Configuration Mode SntpAn Extensible Authentication Protocol EAP request/identity Frame, from the client, before resending the requestReserves a Vlan as the internal usage Vlan of an interface LC Line Configuration Mode Enables the Simple Network Time Protocol Sntp client on anCommand Description MA Management Access-level Mode PE Privileged User Exec ModeVlan SP SSH Public Key Mode UE User Exec ModeCommand Modes VC Vlan Configuration Mode W . d e l l . c o m s u p p o r t . d e l l . c o m Using the CLI CLI Command ModesIntroduction User Exec Mode Privileged Exec ModeGlobal Configuration Mode Exit End Ctrl+ZStarting the CLI Editing Features Entering CommandsConsoleconfig# username admin password smith Command Completion Terminal Command BufferNegating the Effect of Commands Config#interface ethernetItalic font CLI Command ConventionsKeyboard Shortcuts EnterUsing the CLI Default Configuration AAA CommandsAaa authentication login Command ModeAaa authentication enable Following example configures authentication loginExample Login authentication Console config# aaa authentication enable default enableEnable authentication Console config-line#login authentication defaultIp http authentication Console config-line#enable authentication defaultFollowing example configures the http authentication Ip https authentication Show authentication methodsFollowing example configures https authentication Privileged Exec mode Syntax Show authentication methods Default ConfigurationThis command has no default configuration Following example displays the authentication configurationPassword Console# show authentication methodsSyntax Password password encrypted No password Enable password No password is requiredFollowing example specifies a password secret on a line Username Show users accountsNo user is defined Syntax Show users accounts Default Configuration Console# show users accountsAAA Commands Address Table Commands Interface configuration Vlan modeBridge address Console config# bridge multicast filtering Disabled. All multicast addresses are flooded to all portsThis example, bridge multicast filtering is enabled Bridge multicast filteringNo multicast addresses are defined ExamplesFollowing example registers the MAC address Command Modes Bridge multicast forbidden addressNo forbidden addresses are defined Bridge multicast forbidden forward-all Disable forward-all on the specified interfaceBridge multicast forward-all This example all multicast packets on port g8 are forwardedBridge aging-time SyntaxClear bridge Syntax Clear bridgeConsole# clear bridge Disabled No port security Interface Configuration Ethernet, port-channel modePort security Show bridge address-table Console config-if#port security routed secure-addressPort security routed secure-address Mac-address-Specify a MAC address in the formatPort-channel-number-A valid port-channel number Show bridge address-table static Console# show bridge address-tableSyntax Show bridge address-table count vlan vlan Show bridge address-table countConsole# show bridge address-table static Vlan -Specific VlanShow bridge multicast address-table Console# show bridge address-table countConsole # show bridge multicast address-table Console # show bridge multicast address-table format ipSyntax Show bridge multicast filtering vlan-id Show bridge multicast filteringShow ports security Vlanid-A valid Vlan ID valueConsole # show ports security Clock source ClockClock set Syntax Clock source sntp No clock sourceClock timezone No external clock sourceConsole# clock source sntp Clock summer-time Sntp authentication-key No authentication key is definedSntp authenticate Consoleconfig# sntp authentication-key 8 md5 ClkKeySyntax Sntp authenticate No sntp authenticate Sntp trusted-key Sntp client poll timerFollowing example authenticates key Not trustedSntp broadcast client enable Console config# sntp client poll timerConsole config# sntp broadcast client enable Console config-if#sntp anycast client enable Sntp anycast client enableSntp client enable interface Syntax Sntp client enable No sntp client enableSntp unicast client enable Console config# sntp unicast client enable101 Sntp server Console config# sntp unicast client pollSntp unicast client poll Syntax Sntp unicast client poll no sntp unicast client pollShow clock Syntax Show clock detail103 Console# show clock 104Console# show sntp configuration Show sntp configurationSyntax Show sntp configuration 105Following example shows the status of the Sntp Show sntp statusSyntax Show sntp status 106107 Clock Console# delete startup-config Configuration and Image FilesDelete startup-config CopyUnderstanding Invalid Combinations of Source and Destination 110Copying image file from a Server to Flash Memory Storing the Running or Startup Configuration on a ServerCopy Character Descriptions 111Console# boot system image-1 Boot systemSyntax Boot system image-1 image-2 112Sort type defaults to interface if unspecified Show running-configSyntax Show running-config sort type 113Show startup-config Console# show running-config no spanning-treeSyntax Show startup-config sort type 114 115 Show backup-config Console# show startup-config no spanning-treeSyntax Show backup-config 116 Console# show backup-config software version 117Console# show bootvar Show bootvarSyntax Show bootvar Default Configuration 118Ethernet Configuration Commands Interface ethernetInterface range ethernet Following example disables port g5 Syntax Shutdown No shutdown Default ConfigurationInterface is enabled ShutdownSyntax Description string No description DescriptionSpeed Syntax Speed 100 1000 No speedDuplex Syntax Duplex half full No duplex122 Negotiation Consoleconfig# interface ethernet g5Syntax Negotiation No negotiation Default Configuration FlowcontrolSyntax Mdix on auto No mdix MdixSyntax Flowcontrol auto on off No flowcontrol 124Syntax Back-pressure No back-pressure Default Configuration Back-pressure125 Port jumbo-frame Clear counters126 Console# clear counters ethernet g1 Show interfaces configurationSet interface active Console# set interface active ethernet g5Interfaces configuration 128Show interfaces status 129130 Console# show interfaces statusShow interfaces description 131Show interfaces counters Console# show interfaces description ethernet g1132 133 Console# show interfaces countersFollowing table describes the fields shown in the display Following example displays counters for port g1Console# show interfaces counters ethernet g1 134135 Ieee Std .3, 2000 Edition, sectionSyntax Show ports jumbo-frame Default Configuration Show ports jumbo-frame136 Port storm-control include-multicast Port storm-control broadcast enableConsoleconfig# port storm-control include-multicast Console# show ports jumbo-frameDefault storm control broadcast rate is Broadcast storm control is disabledConsoleconfig-if#port storm-control broadcast enable Port storm-control broadcast rateShow ports storm-control Consoleconfig-if#port storm-control broadcast rateFollowing example displays the storm control configuration Syntax Show ports storm-control interface140 Gvrp enable interface Gvrp CommandsGvrp enable global Syntax Gvrp enable No gvrp enable Default ConfigurationGarp timer Following example enables Gvrp on ethernet g8142 By default, dynamic Vlan creation is enabled Gvrp vlan-creation-forbid143 Gvrp registration-forbid Console config-if#gvrp vlan-creation-forbidConsole config-if#gvrp registration-forbid Clear gvrp statisticsShow gvrp configuration Console# clear gvrp statistics ethernet g8145 Console# show gvrp configuration Show gvrp statistics146 147 Show gvrp error-statisticsFollowing example shows Gvrp statistics information Console# show gvrp statisticsConsole# show gvrp-error statistics Following example displays Gvrp statistics information148 Ip igmp snooping Interface Igmp Snooping CommandsIp igmp snooping Global 149Ip igmp snooping mrouter Ip igmp snooping host-time-out150 Console config-if#ip igmp snooping host-time-out Ip igmp snooping mrouter-time-out151 Console config-if#ip igmp snooping leave-time-out Console config-if#ip igmp snooping mrouter-time-outDefault leave-time-out configuration is 10 seconds Ip igmp snooping leave-time-outShow ip igmp snooping mrouter Show ip igmp snooping interfaceConsole # show ip igmp snooping mrouter Console # show ip igmp snooping interface Show ip igmp snooping groupsExample displays Igmp snooping information 154Example shows Igmp snooping information Console # show ip igmp snooping groups155 Igmp Snooping Commands Ip address IP Addressing CommandsClear host dhcp Console# clear host dhcpNo IP address is defined for interfaces Interface configuration Ethernet, VLAN, port-channelIp address dhcp 158No default gateway is defined Ip default-gatewaySyntax Ip default-gateway ip-address No ip default-gateway 159Following example defines an ip default gateway Show ip interface160 Arp Console# show ip interface161 Arp timeout Console config# arp 198.133.219.232 00000c400fbc ethernetClear arp-cache Console# clear arp-cache Syntax Show arp Default ConfigurationShow arp Following example displays entries in the ARP tableSyntax Ip domain-lookup No ip domain-lookup Ip domain-lookupIp domain-name Syntax Ip domain-name name No ip domain-nameNo name server addresses are specified Ip name-serverIp host Following example sets the available name serverNo host is defined Clear hostSyntax Ip host name address No ip host name Syntax Clear host nameSyntax Show hosts name Default Configuration Command ModeShow hosts 167168 Lacp port-priority Lacp CommandsLacp system-priority Syntax Lacp port-priority value No lacp port-priorityDefault port timeout value is long Lacp timeoutSyntax Lacp timeout long short No lacp timeout 170Console# show lacp ethernet g1 statistics Show lacp ethernetShow lacp port-channel Syntax Show lacp port-channel portchannelnumberConsole# show lacp port-channel 172Syntax Line console telnet ssh Line CommandsLine Syntax Speed bpsAutobaud Exec-timeoutSyntax Autobaud No autobaud Default Configuration 174Syntax Show line console telnet ssh Syntax Exec-timeout minutes seconds No exec-timeoutShow line 175Terminal history size Following example displays the line configurationTerminal history Console# show line consoleMaximum for the sum of all buffers is 177Line Commands Lldp enable interface Lldp CommandsLldp enable global SyntaxSyntax Lldp timer seconds No lldp timer Lldp timerInterface configuration Ethernet Default 30 secondsLldp hold-multiplier Lldp reinit-delayDefault Configuraiton Syntax Lldp hold-multiplier number No lldp hold-multiplierSyntax Lldp tx-delay seconds No lldp tx-delay Parameters Lldp tx-delaySyntax Lldp reinit-delay seconds No lldp reinit-delay Default value is 2 secondsUsage Guidelines Lldp optional-tlvLldp management-address No optional TLV is transmittedClear lldp rx 184Switch# show lldp configuration Show lldp configurationSyntax Show lldp configuration ethernet interface Show lldp localShow lldp neighbors 186Switch# show lldp neighbors Switch# show lldp neighbors ethernet g1187 Lldp Commands Management ACL Management access-listName-The access list name using up to 32 characters 189Console config# management access-class mlist Permit management190 Management Access-list Configuration mode Deny management191 Management access-class 192Syntax Show management access-list name Show management access-listShow management access-class Console# show management access-listSyntax Show management access-class Default Configuration Console# show management access-class194 Show copper-ports tdr PHY Diagnostics CommandsTest copper-port tdr Console# test copper-port tdr g3Port must be active and working in 1000M Show copper-ports cable-lengthSyntax Show copper-ports cable-length interface 196Show fiber-ports optical-transceiver Console# show copper-ports cable-length197 198 Console# show fiber-ports optical-transceiver199 Console# show fiber-ports optical-transceiver detailedPHY Diagnostics Commands Interface port-channel Port Channel CommandsConsole config# interface port-channel Interface range port-channelPort is not assigned to any port-channel Console config# interface range port-channelChannel-group 202Show interfaces port-channel Console config-if#channel-group 1 mode onPort channel load balance Syntax Show interfaces port-channel port-channel-number204 Interface Configuration mode Port Monitor CommandsDefault is both rx and tx Port monitorSyntax Show ports monitor Default Configuration Show ports monitor206 Console# show ports monitor 207Port Monitor Commands QoS Commands QosShow qos Following example displays a QoS mode Wrr-queue cos-map210 Following example maps CoS 3 to queue Interface Configuration Ethernet, port channel modeWrr-queue bandwidth 211All queues are expedite queues Following example assigns WRR weights to egress queuesPriority-queue out num-of-queues 212Following example sets queue 4, 3 to be expedite queues Console config# priority-queue out num-of-queuesShow qos interface 213Qos map dscp-queue Console# show qos interface ethernet g1 queuing214 Qos trust Global Syntax Qos trust cos dscp No qos trust215 Qos trust Interface Syntax Qos trust No qos trust Default ConfigurationSyntax Qos cos default-cos No qos cos 216 Qos cosShow qos map Syntax Show qos map dscp-queue217 Following table describes the fields used above Following example displays the Dscp port-queue mapConsole# show qos map Dscp-queue map D1 x 10 + D2 = Value of DscpRadius-server host Radius CommandsBy default, no Radius host is specified Ip-address-IP address of the Radius server hostRadius-server key TimeoutDefault is an empty string Syntax Radius-server key key-string No radius-server keyRadius-server source-ip Console config# radius-server retransmitRadius-server retransmit 221Radius-server timeout Console config# radius-server timeout222 Radius-server deadtime Console config# radius-server deadtimeSyntax Show radius-servers Default Configuration Show radius-serversFollowing example displays the Radius server settings 224Console# show radius-servers Console# show rmon statistics ethernet g1 Rmon CommandsShow rmon statistics 225226 Field DescriptionRmon collection history 227Following example displays all Rmon group statistics Console config-if#rmon collection history 1 intervalShow rmon collection history Console# show rmon collection historyShow rmon history 229Console# show rmon history 5 errors 230Console# show rmon history 5 throughput Console# show rmon history 5 other 231Rmon alarm 232Show rmon alarm-table 233Console# show rmon alarm-table Show rmon alarmSyntax Show rmon alarm-table Default Configuration Syntax Show rmon alarm numberFollowing example displays Rmon 1 alarms Console# show rmon alarm235 Rmon event 236Show rmon events Following example configures an event with the trap indexSyntax Show rmon events Default Configuration Following example displays the Rmon event tableSyntax Show rmon log event Show rmon logConsole# show rmon events Event-Event index. Range 0Following example displays the Rmon logging table Console# show rmon log239 History table size is Log table size is Console config# rmon table-size historyRmon table-size 240Snmp-server community Snmp CommandsThere are no default communities defined No snmp-server community community ip-addressSnmp-server view Default SettingDefault and DefaultSuper views exists 242Snmp-server filter Product specific243 Included Snmp-server contactSnmp-server location Syntax Snmp-server contact text No snmp-server contactSyntax Snmp-server location text No snmp-server location Snmp-server enable trapsConsole config# snmp-server enable traps 245Snmp-server host Snmp-server trap authenticationConsole config# snmp-server trap authentication 246Snmp-server set 247Snmp-server group 248No group entry exists Console config# snmp-server group user-groupv3 priv readSnmp-server user Router context is translated to context in the MIB250 Snmp-server v3-host Following example configures a new Snmp Version 3 userConsole config# snmp-server user 251Following example configures an SNMPv3 host Snmp-server engineID local252 Show snmp engineid Syntax Show snmp engineID Default SettingConsoleconfig # snmp-server engineID local default 253Console# sh snmp Syntax Show snmp Default ConfigurationShow snmp 254Show snmp views Syntax Show snmp views viewname255 Show snmp groups Syntax Show snmp groups groupname256 Show snmp filters Syntax Show snmp filters filtername257 Show snmp users Syntax Show snmp users username258 259 Snmp Commands Syntax Spanning-tree No spanning-tree Default Configuration Spanning-Tree CommandsSpanning-tree mode Spanning-treeSpanning-tree forward-time Consoleconfig# spanning-tree mode rstpConsoleconfig# spanning-tree forward-time Seconds-Time in seconds. Range 4Spanning-tree hello-time 263Consoleconfig# spanning-tree hello-time Spanning-tree max-age264 Consoleconfig# spanning-tree priority Spanning-tree disableConsoleconfig# spanning-tree max-age Spanning-tree prioritySyntax Spanning-tree cost cost No spanning-tree cost Following example disables spanning-tree on g5Spanning-tree cost Cost-The port path cost Range 1 200,000,000Spanning-tree portfast Consoleconfig-if#spanning-tree port-prioritySpanning-tree port-priority 267Spanning-tree link-type Consoleconfig-if#spanning-tree portfastConsoleconfig-if#spanning-tree link-type shared 268Spanning-tree mst priority Default number of hops isConsole config # spanning-tree mst 1 priority Spanning-tree mst max-hopsSpanning-tree mst port-priority Console config # spanning-tree mst max-hopsConsoleconfig-if#spanning-tree mst 1 port-priority 270Interface Long Short Spanning-tree mst configurationSpanning-tree mst cost 271Syntax Instance instance-id add remove vlan vlan-range Syntax Spanning-tree mst configuration Default SettingInstance mst 272Syntax Name string Name mstRevision mst Syntax Revision value No revisionShow mst Default configuration revision number isFollowing example sets the configuration revision to Syntax Show current pendingExit mst Syntax Exit Default SettingSyntax Abort Default Setting Abort mstConsole# spanning-tree pathcost method long Spanning-tree pathcost methodSpanning-tree bpdu 276Syntax Spanning-tree bpdu filtering flooding Consoleconfig# spanning-tree bpdu floodingClear spanning-tree detected-protocols 277Following example displays spanning-tree information Show spanning-treeConsole# clear spanning-tree detected-protocols ethernet g1 278279 Console# show spanning-tree280 281 282 283 284 285 Console# show spanning-tree mst-configuration 286287 288 289 Spanning-tree mst mstp-rstp 290Interface configuration Ethernet, port-channel Consoleconfig# spanning-tree mst mstp-rstpRoot guard is disabled Spanning-tree guard rootFollowing example enable root guard on port g8 Consoleconfig-if#spanning-tree guard root292 SSH Commands Ip ssh portIp ssh server Crypto key generate dsa Syntax Crypto key generate dsa Default ConfigurationConsole config# crypto key generate dsa Crypto key generate rsaIp ssh pubkey-auth Syntax Crypto key generate rsa Default ConfigurationConsole config# crypto key generate rsa 295Consoleconfig# crypto key pubkey-chain ssh Crypto key pubkey-chain sshUser-key Key-string Syntax Key-string row key-string297 Syntax Show ip ssh Default Configuration Show ip ssh298 Syntax Show crypto key mypubkey rsa dsa Following example displays the SSH server configurationShow crypto key mypubkey Rsa-RSA key Dsa-DSA keyShow crypto key pubkey-chain ssh 300Console# show crypto key mypubkey rsa Console# show crypto key pubkey-chain ssh username bob Console# show crypto key pubkey-chain sshFollowing example displays the SSH public called bob 301SSH Commands Logging on Syslog CommandsSyntax Logging on no logging on Default Configuration LoggingAs described in the field descriptions Default is informationalLogging console Syntax Logging console level No logging consoleLogging buffered size Default level is informationalLogging buffered Syntax Logging buffered level No logging bufferedClear logging Console config# logging buffered sizeSyntax Clear logging Default Configuration Console# clear loggingClear logging file Syntax Clear logging file Default ConfigurationLogging file Syntax Logging file level No logging fileFollowing example clears messages from the logging file Syntax Show logging Default ConfigurationShow logging Console# clear logging fileConsole# show logging Syntax Show logging file Default ConfigurationShow logging file 309Syntax Show syslog-servers Default Configuration Show syslog-servers310 Following example displays the syslog server settings Console# show syslog-servers311 Syslog Commands Ping Timeout timeout-The default is 2000 millisecondsSystem Management 313Traceroute Following example displays a ping to IP address314 315 316 Special Telnet Command characters Telnet317 Keywords Table 318Ports Table 319Syntax Resume connection Following command switches to another open Telnet sessionResume 320Reload HostnameShow users Show sessionsConsole# show users Console show sessions Exec modeShow system Syntax Show systemSyntax Show version 324 Show versionFollowing example displays the system information Console show systemTag-The device asset tag. Range 1- 16 characters Asset-tagSyntax Asset-tag tag No asset-tag 325Console show system id Syntax Show system id Default ConfigurationShow system id 326No Tacacs host is specified Tacacs CommandsTacacs-server host 327Tacacs-server key Tacacs-server timeoutFollowing example sets the authentication encryption key Following example specifies a TACACS+ hostConsole config# tacacs-server timeout Tacacs-server source-ip329 Ip-address-Name or IP address of the host Show tacacsSyntax Show tacacs ip-address Console# show tacacsEnable DisableUser Interface Syntax Login Default Configuration LoginConfigure Syntax ConfigureAll command modes ExitconfigurationSyntax Exit Default Configuration 333End Syntax End Default ConfigurationExitEXEC Following example closes an active terminal sessionHelp Syntax Help Default ConfigurationSyntax History No history Default Configuration HistoryHistory size Syntax History size number-of-commands No history sizeSyntax Debug-mode Default Configuration Debug-modeSyntax Show history Default Configuration Show history337 Console# show history Syntax Show privilege Default ConfigurationShow privilege Console# show privilegeVlan Commands Vlan databaseVlan Default-vlan disable Interface vlanConsole# vlan database Interface range vlan Syntax Interface range vlan vlan-range all341 Syntax Name string no name Switchport access vlanName 342Switchport trunk allowed vlan Console config-if#switchport access vlan343 Console config-if#switchport trunk allowed vlan add 2,5-8 Switchport trunk native vlanSwitchport general allowed vlan Console config-if#switchport trunk native vlanSwitchport general pvid 345Switchport general ingress-filtering disable Ingress filtering is enabled346 All frame types are accepted at ingress Switchport general acceptable-frame-type tagged-onlySwitchport forbidden vlan All VLANs allowedFollowing example maps protocol ip-arp to the group named Console config-if#switchport forbidden vlan addMap protocol protocols-group 348Vlan-id-VLAN ID of the internal usage VLAN.Range Valid Vlan Switchport general map protocols-group vlanIp internal-usage-vlan 349Syntax Show vlan tag vlan-id name vlan-name Console config# ip internal-usage-vlanShow vlan Following example displays all Vlan informationSyntax Show vlan internal usage Default Configuration Show vlan internal usage351 Console# show vlan internal usage Syntax Show vlan protocols-groups Default ConfigurationShow vlan protocols-groups Following example displays protocols-groups informationShow interfaces switchport Console# show vlan protocols-groups353 Switchport mode Console# show interface switchport ethernet g1Syntax Switchport mode customer access trunk general 354 No Vlan is configured Switchport customer vlanNo switchport mode Vlan-id- Vlan ID of the customer356 Ip http port Web ServerIp http server Syntax Ip http port port-number No ip http portIp https port Default for the device is disabledIp https server Syntax Ip https port port-number No ip https portFollowing example configures the https port number to Crypto certificate generate359 Certificate and the SSL RSA key pairs do not exist Console enable# crypto certificate generate key-generateCrypto certificate request Following example regenerates a Https certificateConsole# crypto certificate 1 request 361Number-Specifies the certificate number. Range 1 Crypto certificate importSyntax Crypto certificate number import 362Certificate number Consoleconfig# crypto certificate 1 importIp https certificate 363Syntax Crypto certificate number export pkcs12 Console config# ip https certificateCrypto certificate export pkcs12 364Following example exports the certificate and RSA keys 365Console# crypto certificate 1 export pkcs12 Following example imports the certificate and RSA keys Crypto certificate import pkcs12Syntax Crypto certificate number import pkcs12 passphrase 366367 Following example displays the certificate Show crypto certificate mycertificateSyntax Show crypto certificate mycertificate number Console# show crypto certificate mycertificateShow ip http Show ip httpsConsole# show ip http Console# show ip https 370Console config# aaa authentication dot1x default none 802.1x CommandsAaa authentication dot1x Method1 method2...-At least one from the following tableDot1x system-auto-control Following example enables 802.1x globallyConsole config# dot1x system-auto-control Dot1x port-controlSyntax Dot1x re-authentication No dot1x re-authentication Dot1x re-authenticationConsole config-if#dot1x port-control auto 373Console config-if#dot1x re-authentication Dot1x timeout re-authperiodDot1x re-authenticate Console config-if#dot1x timeout re-authperiodDot1x timeout quiet-period Console# dot1x re-authenticate ethernet g8375 Dot1x timeout tx-period Console config-if#dot1x timeout quiet-period376 Syntax Dot1x max-req count No dot1x max-req Dot1x timeout supp-timeoutDot1x max-req 377Dot1x timeout server-timeout 378Syntax Show dot1x ethernet interface Console config# dot1x timeout server-timeoutShow dot1x 379380 Console# show dot1x ethernet g3Username-Supplicant username Range 1- 160 characters Show dot1x usersSyntax Show dot1x users username username Following example displays 802.1X usersShow dot1x statistics Syntax Show dot1x statistics ethernet interface382 Switch# show dot1x statistics ethernet g1 383Syntax Dot1x auth-not-req no dot1x auth-not-req User should be authorized to access the VlanDot1x auth-not-req 384Syntax Dot1x multiple-hosts no dot1x multiple-hosts Dot1x multiple-hostsDot1x single-host-violation 385Syntax Show dot1x advanced ethernet interface Show dot1x advancedForward trap 386Switch# show dot1x advanced Switch# show dot1x advanced ethernet g1387 Console# show dot1x advanced ethernet g1 388
Related manuals
Manual 72 pages 22.37 Kb

5324 specifications

The Dell 5324 is a high-performance network switch that is designed to meet the demands of modern enterprise networking. This switch represents a blend of advanced features aimed at enhancing network efficiency, reliability, and scalability, which are crucial for businesses looking to optimize their infrastructure.

One of the standout features of the Dell 5324 is its Layer 3 routing capabilities. It supports static routing and various dynamic routing protocols, including RIP, OSPF, and BGP, allowing for efficient data transfer across complex networks. This capability is particularly beneficial for organizations that require robust inter-VLAN routing and seamless connectivity with multiple network segments.

The Dell 5324 comes equipped with 24 Gigabit Ethernet ports, which provide ample connectivity options for devices within the network. Additionally, it includes four 10 Gigabit SFP+ ports, enabling users to integrate high-speed uplinks easily. This flexibility allows businesses to expand their network as demand grows without the need for a completely new setup.

Power over Ethernet (PoE) support is another significant advantage of the Dell 5324, as it enables the switch to deliver both data and power to connected devices through a single Ethernet cable. This feature is particularly useful for powering IP phones, security cameras, and Wi-Fi access points, simplifying the overall cabling and ensuring a neater installation.

Furthermore, the Dell 5324 offers advanced security features that help protect the network from unauthorized access and potential threats. It includes features such as 802.1X port-based authentication, MAC address filtering, and VLAN segmentation, ensuring that only authorized devices can connect to the network.

The user-friendly web-based interface alongside command-line interface (CLI) access enhances manageability, allowing network administrators to monitor performance, configure settings, and troubleshoot issues with ease. In addition, the switch supports network automation protocols, which can streamline management tasks and improve efficiency.

The industrial-grade design of the Dell 5324 ensures its reliability in various environments, making it a suitable choice for data centers and enterprise networks alike. With its combination of performance, scalability, and security features, the Dell 5324 stands out as a capable solution for organizations looking to improve their network infrastructure. Its capabilities make it a versatile addition for businesses aiming for a robust and future-ready networking environment.
Top Page Image Contents