Manuals / Brands / Computer Equipment / Switch / Allied Telesis / Computer Equipment / Switch

Allied Telesis AT-9400 - page 588

1 668

Download 668 pages, 3.09 Mb

588 Section IX: Management Security

Contents

Main Page Contents Page Page Section III: IGMP Snooping, MLD Snooping, and RRP Snooping ....................293 Page Page Page Page Figures Page Page Page Page Page Tables Page Preface How This Guide is Organized Page Product Documentation Where to Go First Page Document Conventions Page Contacting Allied Telesis Page Section I Basic Operations Page Chapter 1 Basic Switch Parameters Configuring the Switchs Name, Location, and Contact Page Page Changing the Manager and Operator Passwords Changing the Manager or Operator Password Page Resetting the Manager Password Setting the System Time Setting the System Time Manually Setting the System Time from an SNTP or NTP Server Page Page Rebooting the Switch Page Configuring the Console Startup Mode Configuring the Console Timer Configuring the Telnet Server Setting the Baud Rate of the Serial Terminal Port Pinging a Remote System Returning the AT-S63 Management Software to the Factory Default Values Page Displaying Hardware and Software Information Page Page Displaying System Hardware Information Page Displaying Uplink Port Information Page Page Page Chapter 2 Port Parameters Displaying Port Status Page Page Configuring Port Parameters Page Page Page Configuring Head of Line Blocking Page Configuring Flow Control and Back Pressure Page Configuring Port Filtering Page Setting Up Rate Limiting Page Resetting a Port Forcing Port Renegotiation Resetting the Port Configuration to the Default Settings Displaying Port Statistics Page Page Clearing Port Statistics Page Chapter 3 Enhanced Stacking Setting a Switchs Enhanced Stacking Status Page Selecting a Switch in an Enhanced Stack Page Page Page Displaying the Enhanced Stacking Status Chapter 4 SNMPv1 and SNMPv2c Enabling or Disabling SNMP Management Setting the Authentication Failure Trap Creating an SNMP Community String Page Page Modifying a Community String Page Page Page Deleting a Community String Displaying the SNMP Community Strings Chapter 5 MAC Address Table Displaying the MAC Address Tables Page Page Page Adding Static Unicast and Multicast MAC Addresses Page Deleting Unicast and Multicast MAC Addresses Deleting All Dynamic MAC Addresses Changing the Aging Time Chapter 6 Static Port Trunks Creating a Static Port Trunk Page Page Page Modifying a Static Port Trunk Page Page Deleting a Static Port Trunk Page Chapter 7 LACP Port Trunks Enabling or Disabling LACP Page Setting the LACP System Priority Creating an Aggregator Page Page Modifying an Aggregator Page Deleting an Aggregator Displaying LACP Port and Aggregator Status Page Chapter 8 Port Mirroring Creating a Port Mirror Page Disabling a Port Mirror Modifying a Port Mirror Displaying the Port Mirror Section II Advanced Operations Page Chapter 9 File System Working with Boot Configuration Files Creating a Boot Creating a Boot Configuration File Configuring the Switchs Parameter Settings Selecting the Active Boot Configuration File for the Switch Setting the Active Boot Page Viewing a Boot Editing a Boot Page Copying a System File Examples Renaming a System File Examples Deleting a System File Displaying System Files Listing All Files Page Listing Files on the Compact Flash Card Working with Flash Memory Information about the Flash Memory Formatting the Flash Memory Working with the Compact Flash Card Compact Flash Card Information Page Changing the Current Flash Card Directory Chapter 10 File Downloads and Uploads Downloading the AT-S63 Image File onto a Switch Guidelines Page Downloading the AT-S63 Image from a Local Page Page Page Downloading the AT-S63 Image from a Remote Page Uploading the AT-S63 Image File Switch to Switch Guidelines Page Page Uploading an AT-S63 Configuration File Switch to Switch Guidelines Page Page Downloading a System File Guidelines Page Downloading a a Local Page Page Page Page Page Uploading a System File Guidelines Uploading a a Local Page Page Uploading a a Remote Page Page Chapter 11 Event Logs and the Syslog Client Working with the Event Logs Enabling or Disabling the Event Logs Displaying an Event Log Page Page Page Page Page Modifying the Event Log Full Action Clearing an Event Log Saving an Event Log to a File Page Page Configuring Log Outputs Creating a Log Output Definition Page Page Page Page Modifying a Log Output Deleting a Log Output Log Output Definition Details Page Chapter 12 Classifiers Creating a Classifier The Classifier Configuration menu is shown in Figure 72. Figure 73. Create Classifier Menu (Page 1) Page Page Modifying a Classifier Page Deleting a Classifier Deleting All Classifiers Displaying Classifiers Page The second page of the Display Classifier Details menu is shown in Figure 77. Figure 77. Display Classifier Details Menu (Page 2) Chapter 13 Access Control Lists Creating an ACL Page Page Modifying an ACL Page Deleting an ACL Page Deleting All ACLs Displaying ACLs Page Page Chapter 14 Class of Service Configuring CoS Page Page Mapping CoS Priorities to Egress Queues Configuring Egress Scheduling Page Displaying Port CoS Priorities Chapter 15 Quality of Service Managing Flow Groups Creating a Flow Page Page Modifying a Flow Deleting a Flow Displaying Flow Groups Page Page Page Managing Traffic Classes Creating a Traffic Class Page Page Page Modifying a Traffic Class Page Deleting a Traffic Class Traffic Classes Page Page Managing Policies Creating a Policy Page Page Modifying a Policy Deleting a Policy Policies Page Page Page Configuring Denial of Service Defense Page Page Chapter 17 Power Over Ethernet Setting the PoE Threshold Page Configuring PoE Port Settings Page Displaying PoE Status and Settings Page Page Page Page Page Page Chapter 18 IGMP Snooping Configuring IGMP Snooping Page Page Page Enabling or Disabling IGMP Snooping Displaying a List of Host Nodes Page Displaying a List of Multicast Routers Page Chapter 19 MLD Snooping Configuring MLD Snooping Page Page Enabling or Disabling MLD Snooping Displaying a List of Host Nodes Page Displaying a List of Multicast Routers Page Page Page Enabling or Disabling RRP Snooping Page Page Chapter 21 SNMPv3 Configuring SNMPv3 Entities Configuring the SNMPv3 User Table Page Page Page Page Modifying the Authentication Protocol and Password Page Modifying the Privacy Protocol and Password Page Page Configuring the SNMPv3 View Table Page Page Page Modifying a Subtree Mask Page Modifying a View Type Modifying a Storage Type Page Configuring the SNMPv3 Access Table Page Page Page Page Page Modifying the Read View Name Page Page Modifying the Write View Name Page Modifying the Notify View Name Page Page Page Page Configuring the SNMPv3 SecurityToGroup Table Creating an Page Page Deleting an Modifying an Modifying the Group Name Page Page Page Configuring the SNMPv3 Notify Table Page Page Modifying a Notify Tag Page Modifying a Notify Type Modifying a Storage Type Page Configuring the SNMPv3 Target Address Table Page Page Page Modifying a Target IP Address Page Modifying the Target Address UDP Port Modifying the Target Address Timeout Modifying the Target Address Retries Modifying the Target Address Tag List Modifying the Target Parameters Field Page Page Configuring the SNMPv3 Target Parameters Table Page Page Page Page Modifying the Security Name (User Name) Page Modifying the Security Model Modifying the Security Level Page Modifying the Message Process Model Page Page Configuring the SNMPv3 Community Table Page Page Page Page Modifying the Community Name Page Modifying the Security Name Modifying the Transport Tag Page Page Displaying SNMPv3 Table Menus User Table Menu The Display SNMPv3 Table menu is shown in Figure 143. Figure 144. Display SNMPv3 User Table Menu View Table Menu Access Table Displaying the Display SNMPv3 Table Menu Notify Table Page Table Menu The Display SNMPv3 Community Table menu is shown in Figure 147. Figure 151. Display SNMPv3 Community Table Menu Page Section V Spanning Tree Protocols Page Chapter 22 Spanning Tree and Rapid Spanning Tree Protocols Enabling or Disabling a Spanning Tree Protocol Page Configuring STP Configuring STP Bridge Settings Page Page Configuring STP Page Page Displaying STP Resetting STP to the Default Configuring RSTP RSTP Bridge Page Page Page Page RSTP Port Page RSTP Port State Resetting RSTP to the Default Chapter 23 Multiple Spanning Tree Protocol Selecting MSTP as the Active Spanning Tree Protocol Configuring MSTP Bridge Settings Page Page Page Configuring the CIST Priority Page Displaying the CIST Priority Page Creating, Deleting, and Modifying MSTI IDs Deleting an MSTI ID Page Adding, Removing, and Modifying VLAN Associations to MSTI IDs Adding or Removing a VLAN from an Associating a VLAN to an Removing a VLAN from an Associating VLANs to an MSTI ID and Deleting All Associated VLANs Clearing VLAN to MSTI Associations Configuring MSTP Port Settings Generic MSTP Page Table 11 Auto External Path Costs MSTI-specific Port Parameters Page Page Displaying the MSTP Port Configuration Page Displaying the MSTP Port State Page Page Resetting MSTP to the Defaults Section VI Virtual LANs Page Chapter 24 Port-based and Tagged VLANs Creating a Port-based or Tagged VLAN Page Page Page Page Example of Creating a Port-based VLAN Page Example of Creating a Tagged VLAN Page Modifying a Port-based or Tagged VLAN Page Page Page Displaying VLANs Page Deleting a Port-based or Tagged VLAN Page Page Deleting All VLANs Page Displaying PVIDs Enabling or Disabling Ingress Filtering Page Chapter 25 GARP VLAN Registration Protocol Configuring GVRP Page Enabling or Disabling GVRP on a Port Page Converting a Dynamic GVRP VLAN Displaying the GVRP Port Configuration Displaying GVRP Counters Page Page Page Page Displaying the GVRP Database Page Displaying the GIP Connected Ports Ring Page Displaying the GVRP State Machine Page Page Page Page Selecting a VLAN Mode Page Displaying VLAN Information Page Page Chapter 27 Protected Ports VLANs Creating a Protected Ports VLAN Page Page Modifying a Protected Ports VLAN Page Page Displaying a Protected Ports VLAN Section 1 Section 2 Deleting a Protected Ports VLAN Page Page Chapter 28 MAC Address-based VLANs Creating a MAC Address-based VLAN Page Adding and Deleting MAC Addresses Page Adding and Deleting Egress Ports Page Deleting a MAC Address-based VLAN Page Displaying MAC Address-based VLANs Page Page Page Page Chapter 29 Internet Protocol Version 4 Routing Interfaces Creating a New Routing Interface Page Page Modifying a Routing Interface Page Page Deleting a Routing Interface Displaying the IP Address of the Local Interface Setting the Default Route or Default Gateway Setting the Local Interface Setting the ARP Cache Timeout Section VIII Port Security Page Chapter 30 MAC Address-based Port Security Configuring MAC Address Port Security Page Page Page Displaying Port Security Levels Page Page Chapter 31 802.1x Port-based Network Access Control Setting Port Roles Page Enabling or Disabling 802.1x Port-based Network Access Control Configuring Authenticator Port Parameters Page Page Page Page Page Configuring Supplicant Port Parameters Page Page Displaying the Port Access Parameters Page Configuring RADIUS Accounting Page Page Section IX Management Security Page Chapter 32 Web Server Configuring the Web Server Page Page General Steps for Configuring the Web Server for Encryption General Steps for a Self-signed Certificate General Steps for a Public or Private CA Certificate Page Chapter 33 Encryption Keys Creating an Encryption Key Page Page Page Deleting an Encryption Key Modifying an Encryption Key Exporting an Encryption Key Page Page Importing an Encryption Key Page Page Displaying the Encryption Keys Page Page Chapter 34 PKI Certificates and SSL Creating a Self-signed Certificate Page Page Page Adding a Certificate to the Database Page Page Modifying a Certificate Page Page Deleting a Certificate Page Viewing a Certificate Page Page Generating an Enrollment Request Page Page Installing CA Certificates onto a Switch Viewing and Configuring the Maximum Number of Certificates Configuring SSL Chapter 35 Secure Shell (SSH) Configuring SSH Page Page Displaying SSH Information Page Chapter 36 TACACS+ and RADIUS Protocols Enabling or Disabling Server-based Management Authentication Page Configuring the TACACS+ Client Page Displaying the TACACS+ Settings Configuring the RADIUS Client Page Page Displaying RADIUS Status and Settings Page Page Chapter 37 Management Access Control List Enabling or Disabling the Management ACL Page Creating an ACE Page Modifying an ACE Page Deleting an ACE Displaying the ACEs Page Index Numerics A B C D E F G H I L M N O P R S Page T U V W