Manuals / 3Com / Computer Equipment / Switch

3Com 3CRDSF9PWR To view the DSA and RSA keys, SSH Host Key Page contains the following fields

Models: 3CRDSF9PWR

1 256

Download 256 pages 60.62 Kb

Page 80

80CHAPTER 4: MANAGING DEVICE SECURITY

To use SSH with password authentication, the host public key must still be given to the client, either during initial connection or manually entered into the known host file. You do not need to configure the client’s keys.

The SSH server supports up to four client sessions. The maximum number of client sessions includes both current Telnet sessions and SSH sessions.

Displaying the SSH The SSH Host Key Page shows the public key used for management Key access to the switch through an SSH client application.

To view the DSA and RSA keys:

1Click Security > SSH > Host Key. The SSH Host Key Page opens:

Figure 40 SSH Host Key Page

The SSH Host Key Page contains the following fields:

■Key — When an RSA key is displayed, the first field indicates the size of the host key (e.g., 1024), the second field is the encoded public exponent (e.g., 65537), and the last string is the encoded modulus. When a DSA key is displayed, the first field indicates that the encryption method used by SSH is based on the Digital Signature Standard (DSS), and the last string is the encoded modulus.

■Key Type — Indicates DSA or RSA key type, the key size, and the SSH client versions which may use this key.

■Fingerprint — Hash algorithms used to generate the key.

Image 80

3Com 3CRDSF9PWR manual To view the DSA and RSA keys, Click Security SSH Host Key. The SSH Host Key Page opens

Contents

3Com OfficeConnect Managed PoE Switch 3Com Corporation Campus Drive Marlborough Managing System Information Provides information for User GuideOverview About this Guide Conventions RelatedDocumentation Lists conventions that are used throughout this guideAbout this Guide Contents Viewing Basic Settings Configuring Ports Configuring Igmp Snooping Managing System Files Managing Device Diagnostics -O UTSTroubleshooting Page Getting Started Switch AboutOfficeConnect Managed FastOfficeConnect Managed Fast Ethernet PoE Switch-front panel Indicators OfficeConnect Managed Fast Ethernet PoE switch provides LEDLED Status Describes the meanings of the LEDsSystem SpecificationsFast Ethernet PoE switch Installing Management Setting Up forMethods of Managing a Switch Refer to Setting Up Web Interface Management on Refer to Setting Up Command Line Interface Management onSwitch Setup Refer to Setting Up Snmp Management V1 or V2 onConfigure IP information manually for your switch or view Automatically configured IP informationInitial Switch Setup and Management Flow Diagram Automatic IP Configuration using Dhcp Manual IP ConfigurationInterface CLI PrerequisitesConnecting the Workstation to the Switch Manually set the IP Address using the Console PortConsole#configure Console#show ip interface Choosing a Browser Setting Up WebInterface Setting Up Command LineInterface Management Over the NetworkNetwork Using Telnet Where xxx.xxx.xxx.xxx is the IP address of the switchUpgrading Software using Default UsersEnter y and press Return. The system reboots the switch Following prompt displaysUsing the 3COM WEB Interface Accessing the 3Com Web Interface Starting the 3ComWeb Interface Multi-Session Web ConnectionsEnter Network Password Web InterfaceUnderstanding 3Com Web Interface 3Com Web Interface HomeFollowing table lists the user interface components Interface Components View DescriptionManagement Buttons To access the Device RepresentationClick Device Summary Device View Table Options Using ScreenTo view configuration information Click Administration IP Setup. The IP Setup Page opens IP SetupModify the fields Click . The access fields are modified System Access ModifyConfiguration Configuration to be saved to the flash memoryTo save the device configuration Click . The configuration is savedClick . a confirmation message is displayed Resetting the DeviceClick Administration Reset. The Reset Page opens Click Reboot in 15 secondsPassword is displayed Defaults Restores device factory defaultsTo restore the device Restoring FactoryLogging Off DeviceTo log off the device Following message appearsViewing Basic Settings To view the Device Summary Settings Device Summary Page contains the following fieldsPolling Interval Page contains the following fields Polling IntervalClick Device Summary Color Key. The Color Key Page opens Color KeyManaging Device Security Managing Device Security System Access Summary To define System Access InterfaceTo modify System Access Click . The Users are deleted, and the device is updated To remove usersTo configure the Radius client Managing Device Security 802.1X AuthenticationDefining Port-Based Click Security 802.1X Summary. The 802.1X Summary Page opens Defining Port-Based Authentication Click Security 802.1X Setup. The 802.1X Setup Page opens 802.1X System SettingPort Settings Defining Port-Based Authentication Forwarded on to the originally requested web DefiningLocal Database Local Database Setup Page contains the following fields AuthenticationTo configure Local Database Settings Local Database Port Detail Local Database Port Setup Page contains the following fields To display the users stored in the Local Database User Name The name of users stored in the local databaseSummary To create user entries in the Local DatabaseCreate a User Local Database User Modify To remove a user entry from the Local Database Local Database User RemoveEncrypting Connection toTo configure Https settings Client and server establish a secure encrypted connectionDisabled Https is disabled on the device Https//deviceportnumberHttps Download Certificate Managing Device Security Switch supports both SSH Version 1.5 and 2.0 clients SSH Host Key Page contains the following fields To view the DSA and RSA keysClick Security SSH Host Key. The SSH Host Key Page opens Must use this web page to create a public host key SSH Key GenerateDefining Access Access Control Lists ACLs allow network managers to defineControl Lists Filters that determine traffic classificationsMAC Based ACL Summary To configure MAC-based ACLs Click Device ACL MAC Based ACL Setup. The MAC Based ACLAdd Rules to ACL Select Create ACLTo define a new MAC-based ACL rule Click Device ACL MAC Based ACL Remove. The MAC Based ACLCheck Remove ACL IP Based ACL Summary Defining Access Control Lists Opens To configure IP-based ACLsClick Device ACL IP Based ACL Setup. The IP Based ACL Setup Add Rules to ACL Managing Device Security To create a new IP-based ACL Click Device ACL IP Based ACL Remove. The IP Based ACLUpdated ACL Binding Summary ACL Binding Setup To define ACL BindingTo remove ACL Binding ACL Binding RemoveManaging Device Security Settings To display the storm control settingsStorm Control For all portsConfiguring To configure Broadcast Storm ControlControl Define the relevant fieldsUsing Broadcast Storm Control Managing Device Security Information Device View Viewing System Description Settings System settings. The section includes the following topicsConfiguring the System Name Configuring System TimeTo configure the System Name DeviceTo configure the System Time System Time SetupDefining System Settings Saving the Device Saved to the flash memoryTo reset the device configuration Managing System Information Configuring Ports Port Administration Summary 115 To configure Port Settings Port Administration Setup117 Click Port Administration Detail. The Port Detail Page opens 119 Configuring Ports Aggregating Ports Link Aggregation Summary To create Link Aggregation Blue Displays a member of the aggregation being createdSummary Deselected portsBlue Displays a member of the modified aggregation To modify Link AggregationLink Aggregation Modify Page includes the following fields Summary To remove Link Aggregation Link Aggregation Remove Page includes the following fieldsLacp Summary Lacp Modify Aggregating Ports Configuring Vlans Click Device Vlan Vlan Detail. The Vlan Detail Page opens VlanVlan Port Detail Click Device Vlan Setup. The Vlan Setup Page opens Vlan Setup Page contains the following fieldsCreate VLANs To create VLANsTo rename VLANs Click Device Vlan Rename. The Vlan Rename Page opensTo edit Vlan Settings Click Device Vlan Modify VLAN. The Modify Vlan Page opens137 To modify Port Vlan Settings Click Device Vlan Modify Port. The Modify Port Page opensTo delete VLANs Click Device Vlan Remove. The Vlan Remove Page opensConfiguring Vlans Address Information IP Setup Page contains the following fields Defining IPAddressing To define an IP interfaceConfiguring ARP Settings ARP Settings Summary To configure ARP entries ARP Settings SetupARP Settings Remove To remove ARP entriesConfiguring ARP Settings Configuring IP and MAC Address Information Table Settings To view address table settingsPort Summary Configuring Igmp Snooping To configure Igmp Snooping Click Device Igmp Snooping Setup. The Igmp SnoopingVlan Settings Configuring Igmp Snooping Configuring Spanning Tree Spanning Tree Summary 157 To configure Spanning Tree Setup Spanning Tree159 Spanning Tree Port Setup To modify Spanning TreeRecommended STA Path Cost Range Configuring Spanning Tree Configuring Snmp Snmp version Snmp version 2cClick Administration Snmp Setup. The Snmp Setup Page opens To set the operational status for SnmpClick Administration Snmp Snmp Add. The Snmp Add Page opens To define Snmp communitiesSnmp Add Page contains the following fields Community StringSnmp Trap Remove Community String Removing SnmpCommunities To remove Snmp communities or trapsRemove Snmp Trap Service Click Device QoS CoS Summary. The CoS Summary Page opens CoS SummaryTo configure CoS Settings Click Device QoS CoS Setup. The CoS Setup Page opensTo configure the queue mode Click Device QoS Queue. The Queue Setup Page opensCoS to Queue Summary To configure CoS values to queues With 0 representing the lowest queue and 3 as the highestTo view the Dscp to CoS mapping Dscp to CoS SummaryDscp to CoS Setup To map Dscp to CoS valuesClick Device QoS Trust Setup. The Trust Setup Page opens Trust Setup Page contains the following fieldsIngress Rate Limit Bandwidth SummaryEgress Shaping Rates Be applied to the egress traffic on a specified interface To configure Bandwidth SettingsBandwidth Setup Page contains the following fields Egress Shaping Rate Configuring Quality of Service Voice Vlan Summary To configure Voice Vlan Settings Voice Vlan SetupVoice Vlan is defined, and the device is To configure Voice Vlan port settings Voice Vlan Port SetupDevice is updated For specific ports To view Voice Vlan Port Detail SettingsPort Definitions Configuring Voice Vlan Voice Vlan OUI Summary Page contains the following fields To view Voice Vlan OUI SettingsOUI List To modify Voice Vlan OUI Settings Voice Vlan OUI Modify Page contains the following fieldsConfiguring Quality of Service Managing System Files Managing System Files Configuration Upload To backup System filesConfiguration Download To restore System filesRestoring SoftwareTo download the software image Software DownloadManaging System Files Ethernet Devices Device Power Display Port PoE Summary Page displays the following informationPort Power Display To configure Port PoE Settings Click Port PoE Setup. The Port PoE Setup Page opens203 Managing Power Over Ethernet Devices Managing System Logs System Log Severity LevelsTo view Logging Logging DisplayLogging Setup Page contains the following fields To define Log ParametersManaging System Logs Viewing Statistics To view port statistics Port Statistics SummaryPort Statistics Summary Page Field Description Port Statistics Summary Page Field Description 213 Port Statistics Summary Page Field Description Managing Device Diagnostics Port mirroring is not supported for trunk ports To enable port mirroring Port Mirroring SetupManaging Device Diagnostics To remove port mirroring Port Mirroring RemoveTo view cables diagnostics Cable Diagnostics SummaryConfiguring Cable Diagnostics Diagnostics To test cablesRequest packets to another node on the network Using the command line interface to ping another devicePinging Another Press Esc to stop pinging 3Com Network SupervisorAccess Manager DirectorHP OpenView Network NodeManager Application such as 3Com Enterprise Management Suite EMSAppendix a 3COM Network Management Environmental PhysicalFeature Description ElectricalSwitch Features Interface with Crossover Mdix SSL Appendix B Device Specifications and Features PC-AT Serial Cable Null Modem Cable RJ-45 to RS-232 25-pinEthernet Port RJ-45 Pin Assignments 10/100 and 1000BASE-T RJ-45 connectionsEthernet Port RJ-45 Pin Assignments Appendix C PIN-OUTS Solutions ProblemTroubleshooting No connection and the port LED is off Lost Password Problems Possible Cause SolutionProblems Possible Cause Solution Appendix D Troubleshooting Access Control List Address ResolutionBoot Protocol Service DscpAppendix E Glossary Ieee 802.3u IeeeIgmp Snooping Igmp QueryPort Authentication See Ieee Link Aggregation See Port TrunkRemote Remote MonitoringProtocol Rstp Secure Shell SSHXModem Byte blocks and error-correctedThough located on the same LAN Service Benefits Register YourProduct to Gain TTroubleshootWarranty ServicesAccess Software Purchase ExtendedMust apply for a user name and password Contact UsNext section Directory of 3Com resources by region at00800 4411 Contact Us Appendix F Obtaining Support for Your 3COM Products Regulatory Notices