Managing Device Security | 3Com 2924-PWR specs

78CHAPTER 4: MANAGING DEVICE SECURITY

■Select from List — Selects a protocol from a list by which packets are matched to the rule.

■Protocol ID — Adds user-defined protocols by which packets are matched to the rule. Each protocol has a specific protocol number which is unique. The possible field range is 0-255.

■Source Port — Enables creating an ACL based on a specific protocol.

■Any — Enables creating an ACL based on any protocol.

■Destination Port — Defines the destination port that is matched to packets. Enabled only when TCP or UDP are selected in the Protocol list.

■Any — Enables creating an ACL Based on any protocol.

■TCP Flags — If checked, enables configuration of TCP flags matched to the packet. The possible fields are:

■Urg — Urgent pointer field significant. The urgent pointer points to the sequence number of the octet following the urgent data.

■Ack — Acknowledgement field significant. The acknowledgement field is the byte number of the next byte that the sender expects to receive from the receiver.

■Psh — Push (send) the data as soon as possible, without buffering. This is used for interactive traffic.

■Rst — Reset the connection. This invalidates the sequence numbers and aborts the session between the sender and receiver.

■Syn — Synchronize Initial Sequence Numbers (ISNs). This is used to initialize a new connection.

■Fin — Finish. This indicates there is no more data from the sender. This marks a normal closing of the session between the sender and receiver.

For each TCP flag, the possible field values are:

■Set — Enables the TCP flag.

■Unset — Disables the TCP flag.

■Don’t Care — Does not check the packet’s TCP flag.

Image 78

3Com 2924-PWR manual Managing Device Security

Contents

3Com Baseline Switch 2924-PWR Plus 3Com Corporation Campus Drive Marlborough User Guide OverviewManaging System Information Provides information for About this Guide Conventions RelatedDocumentation Contents Viewing Basic Settings Configuring Ports Configuring Igmp Snooping Managing Power Over Ethernet Devices Device Specifications and Features Glossary Getting Started Hardware Features 2924-PWR Hardware Features Switch 2924-PWR Plus 24-Port-front panel Indicators LED StatusDescribes the meanings of the LEDs System Installing Switch Management Setting Up forMethods of Managing a Switch Web Interface Management Refer to Setting Up Snmp Management V1 or V2 on Switch SetupRefer to Setting Up Web Interface Management on Snmp Management Initial Switch Setup and Management Flow Diagram Automatic IP Configuration using Dhcp Manual IP Configuration Interface CLI Prerequisites Connecting the Workstation to the Switch Manually set the IP Address using the Console Port IpSetup xxx.xxx.xxx.xxx mmm.mmm.mmm.mmm ggg.ggg.ggg.gggg Getting Started Setting Up Web InterfaceChoosing a Browser Over the Network \ ping Upgrading Software using Enter yes and press Return. The system reboots the switchFollowing prompt displays Using the 3COM WEB Interface Web Interface Accessing the 3Com Web InterfaceStarting the 3Com Multi-Session Web Connections Enter Network Password Web Interface Understanding 3Com Web Interface 3Com Web Interface Home Web Interface Components To access the Device Representation Click Device Summary Device ViewManagement Buttons Using Screen Viewing Configuration InformationTable Options Adding Configuration Information Click Administration IP Setup. The IP Setup Page opens Modify the fields Click . The access fields are modified System Access Modify System Access Remove To save the device configuration ConfigurationLatest configuration to be saved to the flash memory Click . The configuration is saved Resetting the Device Click Administration Reset. The Reset Page opensClick . a confirmation message is displayed User Name and Password Defaults Restoring Factory To log off the device Logging OffDevice Click Viewing Basic Settings To view the Device Summary Settings Click Device Summary. The Device Summary Page opensPage Click Device Summary Color Key. The Color Key Page opens Color Key Managing Device Security Managing Device Security System Access Summary To define System Access Interface To modify System Access Click . The Users are deleted, and the device is updated To remove users To configure the Radius client Managing Device Security Authentication Defining Port-Based802.1X Click Security 802.1X Summary. The 802.1X Summary Page opens Defining Port-Based Authentication 802.1X Global Settings Click Security 802.1X Setup. The 802.1X Setup Page opens 802.1X Port Settings Managing Device Security To view MAC Based ACLs MAC Based ACL Summary To configure MAC-based ACLs Click Device ACL MAC Based ACL Setup. The MAC Based ACLMAC Based ACL Setup Page contains the following fields Add Rules to ACL Select Create ACL Modify To modify a MAC-based ACL rule Managing Device Security Click Device ACL MAC Based ACL Remove. The MAC Based ACL MAC Based ACL Remove Page contains the following fields Check Remove ACL IP Based ACL Summary Managing Device Security To configure IP-based ACLs IP Based ACL Setup Managing Device Security Defining Access Control Lists Select Create ACL Modify Rule IP Based ACL Modify Managing Device Security Defining Access Control Lists Click Device ACL IP Based ACL Remove. The IP Based ACL IP Based ACL Remove Updated ACL Binding Summary ACL Binding Setup To define ACL Binding To remove ACL Binding ACL Binding Remove Managing Device Security Broadcast Storm Setup To define Broadcast Storm Traffic Information Device View Managing System Information Page To configure the System Name System Name To configure the System Time Local SettingsEnabled on the device System Time Setup Page contains the following fields Managing System Information Page Monitor users have no access to this To reset the device configuration Define the fields Click or . The device is reset Configuring Ports Page To view Port Settings Port Administration Summary 101 To configure Port Settings Port Administration Setup 103 Click Port Administration Detail. The Port Detail Page opens To view Port Details 105 Aggregating Ports Link Aggregation Summary To create Link Aggregation Blue Displays a member of the aggregation being createdDeselected ports Summary To modify Link Aggregation Link Aggregation Modify Page includes the following fieldsBlue Displays a member of the modified aggregation Summary To remove Link Aggregation Link Aggregation Remove Page includes the following fields Lacp Summary Lacp Modify 115 Configuring Vlans Click Device Vlan Vlan Detail. The Vlan Detail Page opens Vlan Vlan Port Detail Create Click Device Vlan Setup. The Vlan Setup Page opensVlan Setup Page contains the following fields To create VLANs Rename Vlan To edit Vlan Settings Click Device Vlan Modify VLAN. The Modify Vlan Page opens Configuring Vlans To modify Port Vlan Settings Modify Vlan Port To delete VLANs Click Device Vlan Remove. The Vlan Remove Page opens Address Information IP Setup Page contains the following fields To define an IP interface Configuring ARP Settings ARP Settings Summary To configure ARP entries ARP Settings Setup ARP Settings Remove To remove ARP entries Configuring ARP Settings Databases is forwarded immediately to the port. The Dynamic ConfiguringAddress Tables Traffic is seen for a certain period, are erased Table Settings To view address table settings Port Summary Configuring Address Tables Address Table To add MAC addresses to the Address Table Configuring Address Tables Address Table Setup Page contains the following field To define the Aging Time To remove ports Port Remove Configuring IP and MAC Address Information To remove MAC addresses from the Address Table Address Table Remove Configuring IP and MAC Address Information Configuring Igmp Snooping To configure Igmp Snooping Click Device Igmp Snooping Setup. The Igmp Snooping SetupOpens Select Enable or Disable from the Igmp Status list Configuring Spanning Tree Spanning Tree Summary Configuring Spanning Tree 149 Global Settings To configure Spanning Tree SetupSpanning Tree Setup Page contains the following fields Bridge Settings Designated Root To modify Spanning Tree Spanning Tree Modify Configuring Spanning Tree Configuring Snmp Snmp version Snmp version 2c Snmp Communities Setup To define Snmp communities Insert New Community Enables adding an Snmp community Snmp ManagementCommunity String To remove Snmp communities Snmp Communities Remove Snmp Traps Setup To define Snmp traps To remove Snmp traps Snmp Traps Remove Snmp Traps Remove Page contains the following fields Service Click Device QoS CoS Summary. The CoS Summary Page opens CoS Summary To configure CoS Settings Click Device QoS CoS Setup. The CoS Setup Page opens CoS to Queue Summary To configure CoS values to queues CoS to Queue Setup Can be assigned to queue To view the Dscp Queue Dscp to Queue Summary Be assigned to queue To map CoS to Queues Click Device QoS Trust Setup. The Trust Setup Page opens Trust Setup Ingress Rate Limit Bandwidth Summary Egress Shaping Rates To configure Bandwidth Settings Bandwidth Setup Page contains the following fields Egress Shaping Rate There are two operational modes for IP Phones Defining VoiceReceived unevenly. The system supports one Voice Vlan Tagged packets are used for all communications Voice Vlan Summary Voice Vlan Setup Voice Vlan Port Setup Device is updated Defining Voice Vlan To view Voice Vlan Port Detail Settings Voice Vlan Port Details To view Voice Vlan OUI Settings OUI ListVoice Vlan OUI Summary Page contains the following fields Voice Vlan OUI Modify Page contains the following fields Voice Vlan OUI Modify Defining Voice Vlan Managing System Files 185 Configuration Upload To backup System files Configuration Download To restore System files To download the software image Software Download Active Image Page contains the following fields Active Image Ethernet Devices Device Power Display Port PoE Summary Page displays the following information Ports Power Display Click Port PoE Setup. The Port PoE Setup Page opens Managing Power Over Ethernet Devices Managing System Logs System Log Severity Levels To view Logging Logging Display Logging Setup To define Log Parameters Managing System Logs 199 Viewing Statistics To view Rmon statistics Port Statistics Summary Viewing Statistics 203 Managing Device Diagnostics Configuring Port Mirroring To enable port mirroring Port Mirroring Setup Configuring Port Mirroring To remove port mirroring Port Mirroring Remove Viewing Cable DiagnosticsTo view cables diagnostics Copper cable attached to a port Managing Device Diagnostics Diagnostics To test cables 3Com Network Supervisor Access Manager Director Manager HP OpenViewNetwork Node Application such as 3Com Enterprise Management Suite EMS Environmental Physical Features of the Baseline Switch 2924-PWR Plus Electrical Switch Features Interface with Crossover Mdix SSL Vlan PC-AT Serial Cable Null Modem Cable RJ-45 to RS-232 25-pin Ethernet Port RJ-45 Pin Assignments 10/100 and 1000BASE-T RJ-45 connections Ethernet Port RJ-45 Pin Assignments Problem TroubleshootingSolutions Problems Possible Cause Solution Contact 3Com With the Command Getting StartedLine Interface CLI Commands Sessions Syntax Default Configuration User GuidelinesExample Syntax Parameters Syntax Summary Default Configuration Summary No default IP address is defined for interfaces Following example displays an IP address configured manually Upgrade Tftp Server IP AddressDestination File NameFile Type Syntax Initialize Syntax Reboot Logout The Logout command terminates the CLI session Syntax Logout Default Configuration Password The Password command changes the user’s password Syntax Password Default Configuration Boot Protocol Access Control ListAddress Resolution Service Dscp 239 Group LAG Link Aggregation See Port Trunk MIB Port Authentication See Ieee Controller Access AuthenticationTerminal Access Remote 243 Warranty Service BenefitsSolve Problems Online Services Contact Us Access SoftwareDownloads Support and Repair Country Telephone Number US and Canada Telephone Technical Support and Repair 800 876 Regulatory Notices