Asante Technologies user manual Asante IntraCore IC36240

Page 59

Other types of traffic to consider include the following.

External protocols and IP Addresses

ICMP from service provider IP Addresses

Explicitly permitted return traffic for internal connections to the Internet

Specific Internet Control Message Protocol (ICMP) types

Outbound Domain Name System (DNS) query replies

TCP established

User Datagram Protocol (UDP) return traffic

FTP data connections

TFTP data connections

Multimedia connections

Explicitly permitted externally sourced traffic destined to protected internal addresses

VPN Traffic

HTTP to web servers

Secure Socket Layer (SSL) to web servers

FTP to FTP servers

Inbound FTP data connections

Simple Mail Transfer Protocol (SMTP)

Other applications and servers

Inbound DNS queries

Inbound DNS zone transfers

Important: By default, if no conditions match, the software rejects the address.

The switch supports two types of access lists:

Standard: access list numbers 1–99 and 1300–1999 (expanded range)

Extended: access list numbers 100–199 and 2000–2699 (expanded range)

59

Asante IntraCore IC36240

User’s Manual

Page 58 Page 60
Image 59
Page 58 Page 60
Contents IntraCore IC36240 Series IntraCore IC36240 Layer 2+ Gigabit Ethernet Switch User’s ManualTable of Contents Password Service Password-Encryption Snmp Configuration Commands Trunk Ieee 802.1q Technical Support and Warranty Introduction FeaturesFront and Back Panel Descriptions Package ContentsLED LEDsConsole Interface Management and ConfigurationSafety Overview Hardware Installation and SetupInstallation Overview Environmental Requirements Installing into an Equipment RackRecommended Installation Tools Power RequirementsEquipment Rack Guidelines Installing the Optional External Power SupplySFP Mini Gbic Ports 1 10/100/1000BaseT Ports Cabling Procedures Connecting PowerConnecting to the Network Pin Number Pair Number & Wire Colors Gigabit Ethernet Ports Cabling ProceduresAsante IntraCore IC36240 Connecting to a Console Initial Software SetupUser Access Verification Password Connecting to a PCEnable Password Passwords and Privileges CommandsPrivileges Commands Service Password-Encryption PasswordPassword and login Commands Login SecurityConfiguring an IP Address Username CommandSwitchconfig# ip default-gateway Restoring Factory DefaultsSystem Boot Parameters Setting a Default IP Gateway AddressDocument Conventions Understanding the Command Line Interface CLIUser Top User Exec Mode Access Each Command ModeCommand Show ? Purpose Privileged Top Privileged Exec ModeGlobal Configuration Mode Switch# configure Command Exit End Ctrl-Z PurposeSpanning-Tree Configuration Mode Interface Configuration ModeSpanning-tree mst configuration Advanced Features Supported within the Command ModeVlan Configuration Mode Example of Context Sensitive Help Command Help PurposeSwitch# configure ? Checking Command SyntaxKeystrokes/Command Purpose Using CLI Command HistoryUsing the No and Default Forms of Commands Using Command-Line Editing Features and ShortcutsKeystrokes Purpose Moving Around on the Command LineCompleting a Partial Command Name Editing Command Lines That Wrap Scrolling Down a Line or a Screen Redisplaying the Current Command LineDeleting Entries Keystrokes Transposing Mistyped CharactersControlling Capitalization Switch# clock set 092930 28 January Switch# reload cr Managing the System and Configuration FilesSetting the System Clock Switch# clock ?Enabling the System Log Changing the PasswordTesting Connections with Ping Tests Specifying the HostnameSwitch# show running-config Managing Configuration FilesDisplaying the Operating Configuration Configuring from the TerminalNewname# copy running-config startup-config Copying Configuration Files to a Network ServerSwitch# copy startup-config ? Switch# copy running-config tftp//192.168.0.1/my-config Switch# copy running-configSwitch# copy running-config Tftp Switch# copy tftp//192.168.123.59/my-confg running-config Configuring SnmpAuthentication Access ControlSupport Create or Modify Access Control for Snmp CommunitySecurity Levels Establish the Contact and Location of the Snmp Agent Command Purpose Snmp-server community string viewSnmp Configuration Commands Configuring Spanning TreeSpanning-tree mst? Spanning Tree ParametersPort Path Cost Spanning Tree Port ConfigurationRapid Spanning Tree Protocol Rstp Port PriorityEnabling Rapid Spanning Tree Configuring Switch/Bridge PrioritySwitchconfig# spanning-tree priority priority Rapid ConvergenceConfiguring Port Priority Configuring Link TypeConfiguring an Edge Port Configuring Port Path CostMultiple Spanning-Tree MST Vlan Configuring VlanShow mac-address-table Switchconfig# mac-address-table aging-timeMAC Address Table Class Address or Range Status Configuring IPAssign IP Addresses to Switch Define a Static ARP Cache Establish Address ResolutionForwarding Unknown Multicast Packets Configuring IgmpManaging IP Multicast Traffic Igmp OverviewHost-query messages Using Access ListsSwitchconfig-if-veth1#ip igmp query-interval Command Purpose Ip igmp query-max-response-timeUsing a Classification ACL Asante IntraCore IC36240 Create a Standard Access List Switchconfig# mac access-list standard Create a MAC Access ListCreate an Expanded Access List Access-list 101 deny tcp 192.168.123.0 0.0.0.255 ? Access-list 101 ?Access-list 101 deny ? Access-list 101 deny tcp ?Access-list standard ? Creating an Access List with a NameApplying an Access List to an Interface Access-list ?Switchconfig# access-list 110 permit udp any any eq Configuring Common Access ListsAccess-list 101 deny ip any any Creating or Modifying a Vlan Vlan ConfigurationDeleting a Vlan Switch# show vlanSwitchconfig-vlan#port-member delete eth Trunk Ieee 802.1q Static AccessVlan Port Membership Modes Switchconfig# end Command Purpose Switchconfig# vlan dot1q tag nativePriority Queuing Quality of Service ConfigurationConfiguring Weighted Fair Queuing Monitoring Weighted Fair Queuing ListsMonitoring Priority Queuing Lists Configuring Traffic Shaping for an InterfaceTraffic Shaping Defining the Priority ListGeneric Traffic Shaping Example Configuring Rate LimitConfiguring Traffic Shaping for an Access List Monitoring the Traffic Shaping ConfigurationAsante IntraCore IC36240 Main Configuration Menu Configuring the Switch Using the GUIFront Panel Information Screen Information ScreensGeneral Information Screen Assign IP Addresses to SwitchClass Address or Range Status Individual Port Configuration Screen Port Configuration MenuAsante IntraCore IC36240 Press go Spanning Tree Protocol Configuration STP Port Configuration Global STP Bridge Configuration Snmp Configuration Asante IntraCore IC36240 Address Table Screen Asante IntraCore IC36240 Asante IntraCore IC36240 Vlan Configuration Asante IntraCore IC36240 Click Apply Igmp Configuration Asante IntraCore IC36240 Asante IntraCore IC36240 Web CLI Screen System Clock Menu Save Problem Possible Solutions Appendix a Basic TroubleshootingPerformance Appendix B SpecificationsPhysical Characteristics Environmental RangeStandards Compliance Technical Support and WarrantyFCC Compliance Statement Important Safety Instructions Appendix C FCC Compliance and Warranty StatementsIntraCare Warranty Statement Appendix D Online Warranty Registration Index Access ListIgmp LED Safety Priority Queuing Vlan
Top Page Image Contents