Manuals / Asante Technologies / Computer Equipment / Switch

Asante Technologies 8000 user manual Configuring Security Level 2 or Level, Advanced Management

Models: 8000

1 168

Download 168 pages 50.89 Kb

Page 106

Select u to Set/Clear port security. Type s to set security.

Advanced Management

KNote: The three security levels are mutually exclusive; a port can have either security level1, level2, or level 3, but never a combination of security levels.

To configure security level 2 or 3, you must specify the port-trusted MAC address. You can either specify the address directly, or direct the system to trust the address of the first station that addresses the port. By trusting the first station to address the port, you can configure port security before you know which system will ultimately use that port.

When security level 2 (port lock) is enabled and an intruder attempts to direct traffic to the port, the port is immediately disabled. The port is then re- enabled only by clearing the security level by management.

When security level 3 (intruder lock) is enabled and an intruder attempts to direct traffic to the port, the switch locks out the intruder’s MAC address; it will not accept any traffic from that station. The intruder’s address is then re- enabled only by clearing the security level by management.

IImportant: If you set security level 2 or 3, you should also set the Intruder Trap. If you do not set this trap, you will not receive notification that the port has been dis- abled. See “Setting the Intruder Trap.”

By default, security levels 2 and 3 are both disabled.

Configuring Security Level 2 or Level 3

To set security level 2 (port lock) or level 3 (intruder lock) on a port:

1 From the Configuration Menu, type t to access the Secu- rity Management Menu.

2 Type p to access the Port Security Configuration Menu, as shown in Figure 4-5.

3 Use the commands at the bottom of the menu to navigate to the port you want to want to configure.

4

5

6 Type 2 to select Port Security with Port Lock, or 3 to select Port Security with Intruder Lock.

7 Type 1 to have the system trust the first station that addresses this port, or type 2 to enter a specific port-

Page 4-16

Image 106

Asante Technologies 8000 user manual Configuring Security Level 2 or Level, Advanced Management

Contents

IntraCore Limited Five Year Warranty Table of Contents Viewing Legends for Configuration Settings ConfigurationUnicast Forwarding Database Configuration Advanced ManagementWeb Browser Management Technical Support MIB StatisticsPage Core Switching Engine IntraCore Architecture OverviewLAN Infrastructure ConnectivityNetwork Management, Security, Performance, and Control MAN/WANIntraCore Product Family ManceEdge Switches Enterprise SwitchesExpansion Modules Port 10/100 Switch ModuleIntraCore IntraCore1000BaseLX Long Haul Gbic Gigabit Ethernet Switch Module1000Base SX Gbic 1000BaseLX GbicFeatures FeaturesFeature Description Introduction Feature Description VLANsDefaults and Specifications Defaults and SpecificationsConfiguration Default Setting LEDs Color and MeaningEnvironmental Requirements Installation GuidelinesPower Requirements Cooling and AirflowInstallation Overview Step Action to Be TakenSafety Precautions for Rack Installation Chassis Installation/PlacementInstallation in an Equipment Rack Equipment Rack GuidelinesFree-Standing/Desktop Placement Equipment Rack Installation ProcedureThree or Four Stack Configuration Stacking SwitchesTwo Stack Configuration Stacking SwitchesFour stack configuration Installing Port Expansion Modules Installing Port Expansion ModulesInstalling a Gbic Installing Gbic InterfacesRemoving a Gbic Connecting Power Connecting PowerGbic Care and Handling 10/100BaseX Ports Cabling Procedures Connecting to the NetworkConnecting To Cable Required BootP Configuration Configuring for Management1000BaseX Ports Cabling Procedures Configuring for ManagementConnecting To a Console Management Options Management OptionsOut-of-Band Management Method Type DescriptionIn-Band Management TelnetWeb Browser SNMP-Based ManagementInstallation and Setup Configuration Local Management Interface LoggingExiting a Submenu Accessing a SubmenuMain Menu Local Management InterfaceViewing General Information 4MBSetting Description Viewing General InformationConfiguration Menu Options Configuration MenuMenu Item Description Configuration Menu Snmp ConfigurationCurrent Settings System Administration ConfigurationChanging System Administration Info System IP Configuration System IP ConfigurationDescribes each setting on the System IP Configuration Menu Changing System IP InformationBootstrap Configuration Bootstrap ConfigurationImage Banks Loading Software Locally Remote Bootstrap Configuration Menu Loading Software RemotelyCurrent Settings Date Rently running on the IntraCore Load ModeBootstrap Configuration Snmp Configuration EmptySnmp Configuration Changing Community StringsEnabling Authentication Traps Adding or Updating a Trap ReceiverPort Configuration Port ConfigurationDeleting a Trap Receiver 10 Port Configuration Menu for 10/100BaseTX modules Viewing Legends for Configuration Settings 11 Legends for all Port Configuration MenusCurrent Port Settings Enabling or Disabling a PortConfiguring Auto-Negotiation Toggling Port Link Speed Configuring a Port ManuallyToggling Half to Full Duplex Configuring 1000BaseX Ports 12 Port Configuration Menu for 1000BaseX portsEnabling or Disabling a Port Advanced 10/100BaseTX Port Configuration Advanced Port ConfigurationAdvanced Port Configuration Advanced 1000BaseX Port Configuration 14 Advanced Port Configuration Menu 1000BaseX portSetting the Maximum Broadcast or Multicast Rate Flow ControlEnabling or Disabling 802.3x Flow Control Setting Port Default Priority Global Port ConfigurationGlobal Port Configuration 15 Global Port Configuration Menu 10/100BaseTX ports Unicast Forwarding Database Configuration Unicast Forwarding Database ConfigurationDisplaying the Forwarding Database Age-out TimeUnicast Forwarding Database Configuration Searching for a MAC Address MPTSetting the MAC Address Age-Out Time 20 MAC Address Search summaryImage File Downloading Configuration 21 Image File Downloading Configuration MenuImage File Downloading Configuration Image Downloading Through Tftp10 describes each setting on the Tftp Image Downloading Menu Performing a Software Upgrade at Runtime Serial Downloading Configuration 23 X/Y/Z Modem Image File Downloading MenuPerforming a Software Upgrade 24 Baud Rate Menu System Reset Configuration System Reset ConfigurationCurrent Options Resetting the IntraCoreOption Description Viewing the System Log Scheduling a System ResetViewing the System Log Clearing the System Log 26 System Log MenuUser Interface Configuration User Interface ConfigurationConfiguration Setting Description Setting Telnet Idle Time-out Period Setting Console Idle Time-out PeriodChanging the Password Page Viewing Statistics 29 Systems Module MapConfiguration 31 Port Statistics Counters since reset Configuration Spanning Tree Protocol OverviewHow It Works Enabling and Disabling STPBridge Priority Configuring Spanning Tree ParametersSpanning Tree Parameters Hello TimeMaximum Age Forward DelayPort Priority Current STP Settings ID is the Bridge Priority. If the Bridge ID is shown asSpanning Tree Port Configuration Setting Port Priority and Path CostSnmp and Rmon Management Snmp and Rmon ManagementEthernet Statistics Group Alarm GroupRmon Management Ethernet History GroupSecurity Management Security ManagementSecurity Option Description Action Security Traps Enabling and Disabling Duplicated IP Trap Duplicated IP Detection and TrapEnabling and Disabling Duplicated IP Detection Viewing a List of Duplicated IP AddressesEnabling and Disabling Station Movement Trap Similar to FigureConfiguring Port Security Port Security Configuration MenuConfiguring Port New Node Detection Trap Advanced Management Setting DescriptionConfiguring Port Lock and Intruder Lock Configuring Security Level 2 or Level Resetting Security to Defaults Setting the Intruder TrapInserting/Modifying a Port Trusted MAC Address Vlan Specifications for the IntraCore Vlan ManagementBenefits of Vlan Management Other Vlan Features in IntraCoreOverview of VLANs Vlan ManagementTagged and Untagged Frames AbbreviationsPort Vlan ID Default VlanVlan Groups Vlan Port Membership and UntaggingIndependent vs. Shared Learning Inter-Switch Links Port Receive Ingress VLANs Untagset Frame Type FilterAll Frames Disabled Yes Configuring Vlan Management Describes each setting on the Vlan Management MenuConfiguring Static Vlan Groups FIDCreating a Vlan Vlan IndexNaming a Vlan Enabling and Disabling Management AccessRemoving a Vlan Adding Port MembersDeleting Port Members Advanced Static Vlan ConfigurationMoving Ports to This Vlan Specifying Tagging or No Tagging for a Port Specifying Shared or Independent Address LearningInserting and Removing MAC Addresses Configuring Vlan Port Attributes 10 Vlan Port Configuration MenuSetting the Port Vlan ID Adding and Deleting VLANs from the Port Configuring Port Receive Frame TypeEnabling and Disabling Port Ingress Filtering Enabling and Disabling Port Gvrp Status Configuring Inter-Switch LinksAdding an ISL Port to VLANs Configuring Tagging for the ISL Port on Each Vlan Configuring the ISL Port to Receive Tagged FramesDisplaying a Summary of Vlan Groups Displaying a Vlan Port SummaryConfiguring Gvrp Resetting Vlan Configuration to DefaultsDisplaying a Vlan FID-VID Association Summary 15 Gvrp Configuration Menu Enabling Gvrp on a Group of Ports Enabling and Disabling System GvrpDisabling Gvrp on a Group of Ports Configuring Vlan Forbidden Sets 16 Vlan Forbidden Set Configuration MenuConfiguring Registration Fixed Sets 17 Vlan Registration Fixed Set Configuration MenuMulticast Traffic Management Multicast AddressesGmrp Garp Multicast Registration Protocol IP Multicast Quality of Service RsvpIgmp Snooping Multicast Traffic ManagementConfiguring Multicast Traffic Management 18 Multicast Traffic Management MenuEnabling and Disabling Igmp Snooping Enabling and Multicast Poliocy-based Quality of ServiceEnabling and Disabling Gmrp Displaying a Summary of Group AddressesMulticast Forwarding Database Configuration 19 Summary of Group AddressesInserting a Multicast Group Address Adding ports to the Selected AddressRemoving a Multicast Group Address Advanced Management Accessing with a Web Browser Web Browser ManagementWeb Browser Management Overview Front Panel Button Port Activity IndicatorManagement Buttons Front Panel DisplayPort Selector Feature Port Configuration and StatisticsGenl Info General Information Button Genl Info General Information ButtonStatistics Bar Chart Statistics ButtonLine chart of received frames for a port Statistics Button-7 the counters for a port are displayed in bar graph form Bar graph of counters for a port Port Config Port Configuration Button Port Configuration tableSpan Tree Spanning Tree Button Span Tree Spanning Tree Button10 Snmp Configuration Snmp ButtonAddr Address Table Button Addr Address Table ButtonPort Configuration Vlan ButtonVlan Configuration Vlan Button14 Vlan Group Configuration options Creating or Modifying a VlanAdding and Deleting Port Members 16 Add/Delete Port Member dialog box Duplicate IP Button Duplicate IP ButtonWeb Browser Management Technical Support Contacting Technical SupportA-2 Readable Frames FCS ErrorsMIB Object Definitions for Counters Readable OctetsFrame Too Longs Alignment ErrorsShort Events Collisions RuntsMIB Object Definitions for Counters Late Events Mismatches Very Long EventsAuto Partitions Total Errors