Manuals / 3Com / Computer Equipment / Switch

3Com 10014298 manual Examples, Remote Radius Server

Models: 10014298

1 294

Download 294 pages 41.59 Kb

Page 238

238CHAPTER 9: AAA AND RADIUS OPERATION

Table 256 Displaying and Debugging AAA and RADIUS/HWTACACS Protocol

Operation	Command

Clear stop-accounting packets from the buffer	reset stop-accounting-buffer {
	radius-schemeradius-scheme-name
	session-idsession-id
	time-rangestart-time stop-time
	user-nameuser-name }
Reset the statistics of RADIUS server	reset radius statistics
Clear stop-accounting packets from the buffer	reset stop-accounting-buffer
	hwtacacs-scheme
	hwtacacs-scheme-name
Reset the statistics of HWTACACS server	reset hwtacacs statistics {
	accounting authentication
	authorization all }

Enable RADIUS packet debugging Disable RADIUS packet debugging

Enable debugging of local RADIUS authentication server

Disable debugging of local RADIUS authentication server

Enable HWTACACS debugging

Disable HWTACACS debugging

debugging radius packet

undo debugging radius packet

debugging local-server { all error event packet }

undo debugging local-server { all error event packet }

debugging hwtacacs { all error event message receive-packet send-packet }

undo debugging hwtacacs { all error event message receive-packet send-packet }

AAA, RADIUS, and AAA/RADIUS protocol configuration commands are generally used together with

HWTACACS Protocol 802.1x configuration commands. Refer to the typical configuration examples

Configuration provided in “Configuring 802.1x” on page 209.

Examples

Configuring FTP/Telnet Configuring Telnet user authentication at the remote server is similar to User Authentication at configuring FTP users. The following description is based on Telnet users.

Remote RADIUS Server

In the environment illustrated in the following figure, the the RADIUS server must be configured to authenticate the Telnet users to be registered.

One RADIUS server (the authentication server) is connected to the switch and the server IP address is 10.110.91.146. The password for exchanging messages between the switch and the authentication server is "expert". The switch cuts off domain name from username and sends the left part to the RADIUS server.

Image 238

3Com 10014298 manual Examples, Remote Radius Server

Contents

Switch Configuration Guide Marlborough, MA 3Com CorporationCampus Drive 01752-3064Contents IP Multicast Overview 109 104 Route Capacity 105 Configuring Route Capacity110 IP Multicast Protocols 112 Configuring the Mstp Running Mode 192 137 Configuring PIM-SM 138 Gmrp Configuring Gmrp 146STP Overview 181 Configuring STP 191237 Dynamic Vlan with Radius Server Configuration Example 240244 Configuring File Management 245 239278 Configuring NTP 279 274 Configuring Rmon286 Page Text Conventions Lists icon conventions that are used throughout this bookLists the text conventions used in this book Icon DescriptionDisplay user-interface Product Overview Switch ConfiguringConsole port. To set up the local configuration environment To set terminal parameters Setting TerminalParameters Dialog box, as shown in FigureSelect Properties HyperTerminal Window Telnet Connecting the PC to the SwitchEnter system view, return to user view by pressing Ctrl+Z Connecting Two Switch 7750 Systems Run TelnetDial-up Modem SW7750telnetSet Up Remote Configuration Environment Interface Dial the Remote PCEntering the User Interface View Configuring the Attributes of the AUX Console PortConfigure the Attributes of the AUX Console Port Enter User Interface ViewConfiguring the Terminal Attributes By default, the terminal screen length is 24 lines Managing UsersConfigure Authentication Method Perform the following configuration in user interface viewAuthorize users to use the command lines Configure the Local Authentication PasswordSet Command Level Used After a User Logs Perform the following configuration in local-user viewSet Command Level After User Login Set Command Priority Configuring the Attributes of a ModemConfiguring Redirection Configure ModemConfigure Automatic Command Execution Perform the following configuration in user viewConfigure to Send Messages Between User Interfaces Displaying and Debugging User InterfaceCommand Line InterfaceCommand Line Interface Function Feature of Command View Editing Features of the Command Line Command LineDisplaying Features of the Command Line Online HelpCommon Command Line Error Messages Common Command Line Error MessagesHistory Command Retrieve History CommandEditing Functions Editing Features of the Command LineDisplaying Features of the Command Line Display FunctionsSystem Access Port Configuration Ethernet Port OverviewEntering Ethernet Port View Setting Description Character String for Ethernet PortEnabling and Disabling Ethernet Ports Setting the Speed of the Ethernet Port Setting Duplex Attribute of the Ethernet PortSetting Cable Type for Ethernet Port Permitting/Forbidding Jumbo Frames on the Ethernet port Setting Flow Control for Ethernet PortSetting Ethernet Port Broadcast Suppression Ratio Set Flow Control for Ethernet PortAdding the Ethernet Port to a Vlan Setting the Link Type for an Ethernet PortSetting Ethernet Port Broadcast Suppression Ratio Set Link Type for Ethernet PortSet the Default Vlan ID for the Ethernet Port Setting the Default Vlan ID for Ethernet PortAdding the Ethernet Port to Specified VLANs Displaying and Debugging Ethernet Ports Copying a Port Configuration to Other PortsCopying a Port Configuration to Other Ports Display and Debug Ethernet PortPort Configuration Configuring LinkExample Configuring the Default Vlan ID of the Trunk Port AggregationManual and Static Lacp Aggregation Port Configuration Dynamic Lacp aggregation Enabling or Disabling Lacp at a Port Lacp enableUndo lacp enable Enabling/Disabling Lacp at a PortCreate or Delete an Aggregation Group Creating or Deleting an Aggregation GroupAdd/Delete Ethernet Port to/from Aggregation Group Configuring System Priority Setting or Deleting an Aggregation Group DescriptorBy default, an aggregation group has no descriptor By default, system priority isDisplaying and Debugging Link Aggregation Default value for port priority isConfigure Port Priority Display and Debug Link AggregationExample Link Aggregation Configuration Networking For Link AggregationConfiguring Link Aggregation Port Configuration Vlan Overview Configuring VLANsConfiguring GARP/GVRP Vlan OverviewSpecifying the Broadcast Suppression Ratio for a Vlan Setting the Broadcast Suppression Ratio for VlanCreating or Deleting a Vlan Creating or Deleting a VlanSpecifying or Removing Vlan Interfaces Setting or Deleting the Vlan Description Character StringBy default, the string parameter is null Create a Vlan before creating an interface for itExample Vlan Configuration Displaying and Debugging a VlanAdding Ethernet Ports to a Vlan By default, the system adds all ports to VLAN1Adding Ethernet Ports to a Vlan Add Ethernet1/0/1 and Ethernet1/0/2 to VLAN2 Creating and Deleting a Vlan Protocol TypeCreating and Deleting a Vlan Protocol Type SW7750-vlan2port ethernet1/0/1 to ethernet1/0/2 Example Protocol-Based Vlan ConfigurationAdd Ethernet1/0/3 and Ethernet1/0/4 to VLAN3 SW7750-vlan3port ethernet1/0/3 to ethernet1/0/4SW7750-vlan2protocol-vlan ip Configure the protocol Vlan on port G1/0/1SW7750-vlan2protocol-vlan ? SW7750int g1/0/1Configure port G1/0/3 as Vlan 3 and port G1/0/2 as Vlan Vlan and multicast addressesSetting the Garp Timers Setting the Garp TimersDisplaying and Debugging Garp Display and Debug GarpEnabling or Disabling Global Gvrp By default, Gvrp is disabled on a portSetting the Gvrp Registration Type Enabling or Disabling Port GvrpSetting the Gvrp Registration Type By default, the Gvrp registration type is normalExample Gvrp Configuration Example Displaying and Debugging GvrpEnable Gvrp on the trunk port Enable Gvrp globallyCreate VLANs Configuring IP AddressConfigure the Host Name and the Corresponding IP Address Configure IP Address and HostName for a HostConfiguring the IP Address of the Vlan Interface Subnet and MaskDisplaying and Debugging an IP Address Example Configuring an IP AddressConfigure IP Address for a Vlan Interface Display and Debug IP AddressExample IP Address Resolution Configure the IP address for Vlan interfaceAddress Configuration Enter Vlan interfaceManually Adding/Deleting Static ARP Mapping Entries Manually Adding/Deleting Static ARP Mapping EntriesLearning Gratuitous ARPs Learning Gratuitous ARPsDhcp Relay Configuring the Dynamic ARP Aging TimerDisplaying and Debugging ARP Dhcp-server groupNo ip ipaddress1 Configuring a Dhcp Server IP Address in a Dhcp Server GroupConfigure/Delete the IP Address of the Dhcp Server Ipaddress2Enabling/Disabling Dhcp Security Features Configuring the Dhcp Server Group for the Vlan InterfaceConfiguring the Address Table Entry Configure/Delete the Address Table EntryExample Configuring Dhcp Relay Displaying and Debugging Dhcp RelaySW7750display dhcp-server Show the configuration of Dhcp server groups in User viewRelay Configuration Dynamically SW7750display dhcp-server interface vlan-interfaceIP Performance AttributesConfigure Whether to Forward L3 Broadcast Packets Display and Debug IP PerformanceSW7750terminal debugging SW7750debugging tcp packet SW7750terminal debugging SW7750debugging tcp transactNetwork Protocol Operation IP Routing Protocol Operation About Hops Routing Table Individual static routes can be different Static RoutesUnreliable source Routes Shared Between Routing ProtocolsConfiguring a Static Route Default RouteConfiguring a Static Route Parameters are explained as follows IP address and mask Configuring a Default RouteConfiguring a Default Route Transmitting interface or next hop addressDeleting All Static Routes Example Typical Static Route ConfigurationDisplaying and Debugging Static Routes Displaying and Debugging the Routing TableConfigure the static route for Ethernet Switch C Configure the static route for Ethernet Switch aConfigure the static route for Ethernet Switch B Enabled, but the IP packets cannot be forwarded normallyRIP Network or host is unreachableRip Enabling RIP and Entering the RIP ViewEnabling RIP and Entering the RIP View Undo ripEnabling the RIP Interface By default, RIP is not enabledConfiguring Unicast RIP Messages Specifying the RIP VersionConfiguring RIP Timers Specifying RIP Version of the InterfaceConfiguring Zero Field Check of the Interface Packet Configuring RIP-1 Zero Field Check of the Interface PacketBy default, RIP-1 performs zero field check on the packet Specifying the Operating State of the InterfaceSetting RIP-2 Packet Authentication By default, the router receives the host routeBy default, RIP-2 uses the route aggregation function Disabling Host RouteSetting RIP-2 Packet Authentication Configuring Split HorizonBy default, split horizon of the interface is enabled Configuring Split HorizonSetting the RIP Preference Configuring the Default Cost for the Imported RouteBy default, the cost value for the RIP imported route is By default, the preference of RIP isConfiguring RIP to Filter Routes Configuring Route FilteringDisplaying and Debugging RIP Configure RIP on Switch B Example Typical RIP ConfigurationConfigure RIP on Switch a Configure RIP on Switch CAdvertise, receive, and import the route information IP Routing PolicyInformation that meets its conditions IP PrefixDefining a Route Policy IP PrefixDefining a Route Policy Permit deny nodeDefining If-match Clauses for a Route Policy By default, no matching is performedDefining If-match Conditions Defining Apply Clauses for a Route Policy Configuring Importing Routes of Other ProtocolsDefining Apply Clauses Defining IP Prefix Configuring for Filtering Received RoutesConfiguring Filtering for Received Routes Defining Prefix-listDisplaying and Debugging the Routing Policy Configuring for Filtering Distributed RoutesConfiguring Filtering of Distributed Routes Displaying and Debugging the Route PolicySetting the Safety Value for Switch Memory Configuring Route CapacitySetting the Lower Limit for Switch Memory Setting the Lower Limit of the Ethernet Switch MemorySetting the Lower Limit and the Safety Value Simultaneously Setting the Safety Value of the Ethernet Switch MemoryDisplaying and Debugging Route Capacity Operation Command Enable automatic recovery of disconnectedMemory auto-establish enable Displaying and Debugging Route CapacityIP Routing Protocol Operation Multicast Protocol Comparison Between the Unicast and Multicast Transmission Ranges and Meanings of Class D Addresses Ranges and meanings of Class D addresses are shown in TableEthernet Multicast MAC Addresses Reserved Multicast Address ListInternet Group Management Protocol Igmp Multicast Routing ProtocolPIM-SM Protocol-Independent Multicast Sparse Mode RPF Reverse Path ForwardingUndo multicast routing-enable By default, multicast routing is disabledMulticast routing-enable Enabling MulticastBy default, the multicast route-limit is Configuring the Multicast Route LimitClearing MFC Forwarding Entries or Statistic Information Display and Debug Common Multicast Configuration Configuring IgmpDisplaying and Debugging Common Multicast Configuration Participating in multicast must implement IgmpSpecific group query Default is Igmp Version By default, Igmp is not enabledConfiguring the Igmp Version Enabling Igmp on an InterfaceSeconds By default, the interval is 1 secondIgmp lastmember-queryinterval Undo igmpConfiguring a Router to be a Member of a Group Configuring the Limit of Igmp Groups on an InterfaceConfigure a Router to Be a Member of a Group Configuring the Igmp Query Message Interval By default, a router does not join a multicast groupLimiting Access to IP Multicast Groups Default interval is 60 secondsConfigure the Igmp Querier Present Timer Configuring the Igmp Querier Present TimerConfiguring the Maximum Query Response Time Configure the Maximum Query Response TimeDisplaying and Debugging Igmp Display and Debug IgmpIgmp Snooping Implement Igmp Snooping Multicast Packet Transmission With Igmp SnoopingImplementing Igmp Snooping Configure Router Port Aging Time Configure Router Port Aging TimeEnabling/Disabling Igmp Snooping By default, the maximum response time is 10 seconds By default, the port aging time is 260 secondsConfiguring Maximum Response Time Configure Aging Time of Multicast Group MemberEnable Igmp Snooping if it is disabled Example Igmp Snooping ConfigurationDisplay the status of Gmrp Multicast Protocol Assert Mechanism Diagram Enabling PIM-DM See Configuring Common Multicast onConfiguring the Interface Hello Message Interval Entering PIM ViewConfiguring the Filtering of PIM Neighbors Configuring the Filtering of Multicast Source/GroupPerform the following configuration in the PIM view Configure Hello Message Interval on an InterfaceDisplaying and Debugging PIM-DM Displaying and Debugging PIM-DMEnable the multicast routing protocol Example PIM-DM ConfigurationConfiguration procedure Enable PIM-DMNeighbor discovery mechanism is the same as that of PIM-DM Build the RP shared tree RPTConfigure BSRs Preparing to ConfigureConfigure Candidate RPs Configure Static RPEnabling PIM-SM Refer to Configuring Common Multicast onRefer to Configuring Igmp on Enabling PIM-SMSetting the PIM-SM Domain Border Setting the PIM-SM Domain BorderConfiguring Candidate-BSRs Pim bsr-boundaryConfiguring Candidate-BSRs Configuring Candidate-RPsConfiguring Static RP Configuring Candidate-RPsConfiguring RP to Filter the Register Messages Sent by DR See Configuring PIM-DMonConfiguring the Filtering of PIM Neighbor Configuring the Interface Hello Message IntervalBsr-policy acl-number Limiting the Range of Legal BSRLimiting the Range of Legal C-RP Undo bsr-policyDisplaying and Debugging PIM-SM Clearing Multicast Route Entries from PIM Routing TableClearing PIM Neighbors Clearing Multicast Route Entries from PIM Routing TableConfigure Switch a Enable PIM-SM Execute the debugging command in user view to debug PIM-SMExample Configuring PIM-SIM Display and Debug PIM-SMConfigure the C-RP Configure Switch B Enable PIM-SMConfigure the C-BSR Configure PIM domain borderInformation dynamically registered by other switches Configure Switch C Enable PIM-SMMulticast in Vlan Enabling/Disabling Gmrp on the Port Enable/Disable Gmrp GloballyExample Configuring Gmrp Displaying and Debugging GmrpEnable Gmrp on the port Configure LSB Enable Gmrp globallyFiltering or Classifying ACL OverviewHardware Quantitative Limitation to the ACL Value range MaximumBe done in sequence Configuring ACLsConfiguring the Time RangeDefine an Advanced ACL Defining a Basic ACLBasic ACL is defined by numbers from 2000 to Define Basic ACLDefine Advanced ACL Perform the following configuration in designated viewDefining a Layer-2 ACL Define Layer-2 ACLDisplaying and Debugging an ACL Activate ACLACL Configuration Examples Access ControlActivate ACL Activate the traffic-of-payserver ACL Select ACL mode Select ip-based ACL modeDefine the work time range Set the time range 800 to Define the time range Define time range 800 toDefine the rules for packet with source IP address Configuring QoSSelect ACL mode Select link-based ACL mode Activate ACL Activate the ACL traffic-of-hostTraffic Traffic refers to all packets passing through a switchTraffic Classification Bandwidth Assurance Packet FilterTraffic Policing Port Traffic LimitTraffic Mirroring Traffic CountingOperation Command Set port priority Setting Port PrioritySetting Port Priority Restore the default priority Undo prioritySetting Queue Scheduling Setting Port MirroringSetting Port Mirroring By default, the switch selects the default mapping Configure the COS local-precedence mapping tableRestore the default mapping Mapping Between Dscp Priority Levels and Outbound QueuesConfiguring the Traffic Limit Configuring the Traffic LimitConfiguring the Priority for Queue Scheduling Entering QoS ViewSetting Traffic Redirection Setting Line LimitSetting Traffic Bandwidth Setting the Line RateRelabeling the Priority Level Configuring the RED OperationConfigure RED Operation Relabeling the Priority LevelDisplaying and Debugging QoS Configuring Traffic StatisticsConfiguring Traffic Statistics Display and Debug QoSTraffic Limit and Line Rate Traffic Bandwidth Traffic StatisticsDisplay priority-trust Set traffic limit for the wage server Enter QoS view Define the traffic-of-payserver rule in the advanced ACLPort Mirroring Define traffic classification rules for PC1 packets Priority Relabeling Configuration ExampleSW7750acl number Packet Redirection Rule 0 interface gigabitetherent7/0/8 View the configuration with the display commandOther interface units support only SP algorithm SW7750queue-scheduler wrr 5 5 10 10 15 15 9Define traffic rules for the packets of IP address Traffic BandwidthTraffic Statistics Traffic BandwidthControl Configuring ACLSecurity, see System Access Define traffic rules for PC1 packetsExample Controlling Telnet Users with ACL Defining an ACLImporting an ACL Defining a Basic ACLImporting an ACL to Control Snmp Users Call an ACLDefine a Numbered Basic ACL Read-view read-view write-view Authentication privacy read-viewExample Controlling Snmp Users with an ACL Snmp-agent group v3 group-nameImport the basic ACLs QOS/ Operation Configuring STP STP OverviewAlgorithm Illustrates the networkConfiguring STP STP Operation Final Stabilized Spanning Tree Mstp Overview Internal Spanning Tree IST MST RegionVlan Mapping Table Common Spanning Tree CSTCommon Root Bridge Multiple Spanning Tree Instance MstiMsti Region root Boundary portCist calculation Configuring MstpMstp Principles Msti calculationEntering MST region view Stp region-configurationUndo stp Region-configuration Enter MST Region ViewRoot Switch Configuring the MST RegionPerform the following configuration in MST region view Configure the MST Region for a SwitchSpecify the Switch as Primary or Secondary Root Switch Configure the Mstp Running Mode By default, the switch priority isConfigure the Priority for a Switch Configure the Max Hops in an MST Region Configure the Switching Network DiameterConfigure the Time Parameters of a Switch Configure the Max Transmission Speed on a Port Configuring in system viewConfiguring in Ethernet port view PortConfigure a Port as an Edge Port or a Non-edge Port Instance instance-id cost Configure the Path Cost of a PortSpecify the Standard To BeFollowed in Path Cost Calculation Stp instance instance-id costStp pathcost-standard Calculates the default Path Cost for the connectedLink Restore the default standard to be used Dot1d-1998 dot1t legacyPriority priority Configure the Port PriorityInstance instance-id port Stp instance instance-idportConfiguring the Port Connection with Point-to-Point Link Configure the Port Connection With the Point-to-point LinkSecurity Function Configure the mCheck Variable of a PortVariable of a Port McheckConfigure the Switch Security Function Enable/Disable Mstp on a Port Enable/Disable Mstp on a DeviceDevice Digest Snooping Configuring DigestSnooping Configure digest snooping PrerequisitesIeee 802.1x Authentication Process Implement 802.1x on Ethernet Switch Setting Port Access Control Method Setting the Port Access Control ModeEnabling/Disabling Enabling Dhcp to Launch Authentication Checking the Users that Log on the Switch by ProxySetting Number of Users on a Port Set to Enable Dhcp to Launch AuthenticationSetting the Maximum Retransmission Times Configuring the Authentication Method for 802.1x UsersConfiguring Timers Enable/Disable a Quiet-Period Timer Enabling/Disabling Quiet-Period TimerExample 802.1x Configuration Displaying and DebuggingSW7750dot1x port-method macbased interface ethernet 1/0/2 SW7750dot1x interface ethernet 1/0/2SW7750radius scheme radius1 Protocols ImplementingAAA and Radius Network security managementRadius Implementing AAA/RADIUS on Ethernet Switch Configuring AAACreating/Deleting an ISP Domain Configure Relevant Attributes of ISP Domain Configuring Relevant Attributes of an ISP DomainCreate/Delete ISP Domain Setting Attributes of a Local User By default, there is no local user in the systemCreating a Local User Radius Protocol Disconnecting a User by ForceBy default, no online user will be disconnected by force Radius server type, etcCreate/Delete a Radius Server Group Creating/Deleting a Radius Server GroupUndo radius scheme Setting the IP Address and Port Number of Radius Server Set IP Address and Port Number of Radius ServerBy default, timeout timer of Radius server is 3 seconds Setting the Radius Packet Encryption KeySetting the Response Timeout Timer of Radius Server Setting Retransmission Times of the Radius Request PacketEnabling the Selection of the Radius Accounting Option Setting a Real-time Accounting IntervalEnable the Selection of the Radius Accounting Option Set Retransmission Times of Radius Request PacketEnabling/Disabling Stop Accounting Request Buffer By default, minute is set to 12 minutesSetting Maximum Times of Real-time Accounting Request Recommended Ratio of Minute to Number of UsersSetting Radius Server State Setting the Supported Type of Radius ServerBy default, the Radius server type is standard Enable/Disable Stopping Accounting Request BufferSet Radius Server State Setting Username Format Transmitted to Radius ServerSet the Unit of Data Flow Transmitted to Radius Server Setting the Timers of the Radius Server Configuring a Local Radius Server GroupConfiguring Source Address for Radius Packets Sent by NAS Setting the Response Timeout Timer of the Radius Server229 Hwtacacs configuration tasks include III. Configure the Radius Server Response Timer35 Configure the Radius server response timer 36 Hwtacacs configurationConfiguring Hwtacacs AAA and Radius Operation Configuring Hwtacacs Perform the following configuration in Hwtacacs view Configuring Hwtacacs Default response timeout timer is set to 5 seconds Setting Tacacs Server TimersInterval is in minutes and must be a multiple RADIUS, DisplayingDebugging the AAA Hwtacacs ProtocolsExamples Remote Radius ServerConfigure the association between domain and Radius Configure the domainConfigure Radius scheme Authentication at aConfigure name of the delivered Vlan Configure a Hwtacacs schemeConfigure Vlan delivery mode as string Associate the domain with the HwtacacsUser authentication/authorization always fails ConfigurationsRadius packet cannot be transmitted to Radius server AAA and Radius Operation Managing the MAC Address Table File SystemFile System Managing DevicesFile Operation Mode of the File SystemPerform the following operation in system view File System OperationDisplay the working directory in the flash Example File System OperationFormat the flash Create a directory named testSaving the Current Configuration Perform the following configuration in all viewsErasing the Configuration Files from Flash Memory Configure the FTP Server Authentication and Authorization Configuring the FTP Server Authentication and AuthorizationEnable/Disable FTP Server Enabling and Disabling the FTP ServerDisplaying and Debugging the FTP Server Configuring FTP Server ParametersBy default, the FTP server connection timeout is 30 minutes Introduction to FTP ClientDownloading Files with Tftp Configuring the File Transmission ModeBy default, Tftp transmits files in binary mode Uploading Files with TftpSetting MAC Address Table Entries Disabling or Enabling Global MAC Address Learning By default, the MAC address learning function is enabledDisabling or Enabling MAC Address Learning on a Port Displaying and Debugging the MAC Address Table Setting MAC Address Aging TimeSetting the MAC Address Aging Time for the System Displaying and Debugging MAC Address TableDisplay the MAC address configurations in all views Example Configuring MAC Address Table ManagementEnter the system view of the switch Add a MAC address specify the native VLAN, port and stateResetting a Slot Is booted Perform the following configuration in user viewUpgrading BootROM If you input reboot only, the whole system will be resetSetting the Backboard View Setting the Slot Temperature LimitMaintaining Debugging System Setting the Time Zone Setting the System NameSetting the System Clock Setting Daylight Saving TimeSetting Daylight Saving Time Perform this command in user viewBy default, daylight saving time is not set Display Commands of the SystemDisplaying Diagnostic Information Enabling and Disabling DebuggingTracert Command Testing Tools forFollowing sections Ping Tracert Command PingTimeout host Tracert CommandOperation Command Trace a route Tracert -f first-TTL -mEnable/Disable the Logging Function Setting the Output Channel of the LogEnabling and Disabling the Logging Function Numbers and Names of the Channels for Log Output Defining the Log Filtering RulesLog Output Syslog-Defined SeverityConfiguring the Snmp Timestamp Output Format Configuring the Snmp Timestamp Output FormatDefine the Filtering Rules of the Channels Enable Rstp module debugging Configuring the Info-center LoghostExample Log Configuration SW7750 security messagesDisplaying and Debugging the Syslog Function Displaying and Debugging the Syslog FunctionArchitecture of the MIB Tree MIBs Supported by the Ethernet Switch Setting the Community NameMIB Attribute MIB Content References Setting the Destination Address of a Trap Setting the Destination Address of a TrapSetting the Community Name Enabling and Disabling the Snmp Agent to Send a TrapSetting Snmp Information Setting the Lifetime of the Trap MessageBy default, the lifetime of a trap message is 120 seconds By default, syslocation is specified as Marlborough MASetting and Deleting an Snmp Group Setting and Deleting an Snmp GroupSetting the Source Address of the Trap Setting the Source Address of the TrapAdding and Deleting a User to or from an Snmp Group Creating and Updating View Information or Deleting a ViewCreating and Updating View Information or Deleting a View Disabling the Snmp Agent Enabling and Disabling Transmission of Trap InformationDisplaying and Debugging Snmp Enter the system view Example Snmp ConfigurationOperation Command Display the contact character string Set the community name, group name, and userUsed network management standards NetworksAdding and Deleting an Entry to or from the Event Table Adding and Deleting an Entry to or from the Alarm TableAdding or Delete an Entry to or from the Alarm Table Add or Delete an Entry to or from the Event TableAdd or Delete an Entry to or from the Statistics Table Configure Rmon Displaying the Rmon ConfigurationExample Rmon Configuration View the configurations in user viewNTP Configuring NTP Operating Mode Authentication-keyid keyid Configuring NTP Time ServerNtp-service unicast-server Undo ntp-service unicast-serverConfiguring NTP Peer Mode Perform the following configurations in Vlan interface viewConfiguring NTP Broadcast Server Mode Configuring NTP Multicast Server Mode Configuring NTP Broadcast Client ModeConfiguring NTP Multicast Client Mode Setting the Specified Key to Be Reliable Configuring NTP ID AuthenticationSetting the NTP Authentication Key Key number key-numberranges from 1 toSetting the NTP Master Clock Designating an Interface to Transmit NTP MessageSetting Maximum Local Sessions Setting the Authority to Access a Local SwitchDisplaying and Debugging NTP Configure Ethernet Switch SW77502 Enter system view Example Configuring NTP ServersConfigure the Switch SW77501 Enter system view Set the local clock as the NTP master clock at stratumSW77502display ntp-service status Example Configuring NTP Peers Configure Ethernet Switch SW77504 Enter system viewSW77504display ntp-service status SW77504display ntp-service sessionsEnter Vlan-interface2 view Example Configuring NTP Broadcast ModeConfigure Ethernet Switch SW77501 Enter system view Set it as broadcast server# Set the local clock as a master NTP clock at stratum Example Configuring NTP Multicast ModeConfigure Ethernet Switch SW77503 Enter system view Set it as a multicast serverExample Configuring Authentication-Enabled NTP Server Mode SW77501ntp-service authentication enable Configure the key as reliableSW77501ntp-service reliable authentication-keyid System Management