Port Based Network Access Control PBNAC | Avaya P3343T-ML guide

Image 104

Avaya P3343T-ML manual Port Based Network Access Control PBNAC, How “Port Based” Authentication Works

Contents

STACKABLE SWITCH SOFTWARE VERSIONInstallation and Configuration Guide AVAYA P334T-ML avaya.com Document no Overview ContentsSection Installation Configuring the Terminal Serial Port Parameters Configuration Ingress VLAN Security Port Mirroring Constraints Troubleshooting and Maintenance Chapter 15 Updating the Software Before you Install the P330-ML Safety InformationPreface FCC Notice Warranty Notes, Cautions, and Warnings Avaya Support Avaya P334T-ML User’s Guide SECTION 1 OVERVIEW Page Avaya P334T-ML Features Avaya P334T-ML OverviewChapter Introduction Layer 3 Features P330-ML Command Line Interface CLINetwork Management and Monitoring Device Manager Embedded Web SMON Avaya Integrated ManagerPort Mirroring Fans, Power Supply, and BUPS-ML Monitoring Standards and Compatibility Avaya P330 Standards SupportedIEEE IETF - Layer IETF - Network Monitoring Specifications P334T-ML SwitchPower Requirements Physical Safety Safety - AC VersionSafety - DC Version EMC Emissions Basic MTBF Stacking Sub-moduleInterfaces Safety Information Approved SFF/SFP GBIC Transceivers Installation SpecificationsTo Install the SFF/SFP GBIC transceiver To Remove the SFF/SFP GBIC transceiver Gigabit Fiber Optic Cabling Agency Approval Console Pin Assignments Chapter SECTION 2 INSTALLATION Page Site Preparation InstallationRequired Tools Table 4.2 Power Requirements - AC Power Requirements - DC Rack Mounting Optional To connect stacked switches Installing the X330STK-ML Stacking Sub-Module OptionalConnecting Stacked Switches 5 Power up the added modules X330LC X330RCX330SC Prerequisites Connecting Cables to Network EquipmentMaking Connections to Network Equipment Page Powering On - Avaya P330 Switch DC Powering Up the Avaya P330Powering On - Avaya P330 Module AC Post-Installation Avaya P334T-ML Front and Rear Panels Avaya P334T-ML Front Panel P334T-ML LEDs LED Name Chapter 6 Avaya P334T-ML Front and Rear Panels Avaya P334T-ML LED Descriptions Continued Avaya P334T-ML Back Panel BUPS-ML connector cover plate removedTable 6.2 Avaya P334T-ML - - Select buttons Figure 6.4 P334T-ML AC version Back Panel with Stacking Sub-module BUPS-ML Input Connector Figure 6.6 BUPS-ML Input Connector Sticker Establishing Switch Access Configuring the Terminal Serial Port ParametersConnecting a Terminal to the Avaya P330 Serial port Establishing a Serial Connection P330 Sessions Assigning P330’s IP Stack Addresssession router The mode can be either switch, router, wan, atm, mgp Establishing a Telnet Connection Establishing an SSH Connection Connecting a Modem to the Console Port set interface ppp enableEstablishing a Modem PPP Connection with the P330 Overview Security Levels Entering the Supervisor Level Entering the CLI Introduction to SNMP User AuthenticationSNMP Support control the P330 Users Groups SNMP Commands Views In order to In order to SSH Protocol Support Introduction to SSH SSH Commands Figure 8.1 SSH Session Establishment Process SCP Protocol Support RADIUS Introduction to RADIUS User attempts login Local User account authenticated in switch? No User name and password authenticated? No Authentication Rejectsent to switch Authentication request sent to RADIUS Server Radius Commands Introduction to Telnet Telnet CommandsTelnet Client Support Introduction Recovery PasswordRecovery Password Commands Allowed Managers Introduction Allowed Managers CLI CommandsAllowed Managers Allowed Protocols Introduction Allowed Protocols CLI CommandsAllowed Protocols ip telnet-client enable no ip telnet-client SECTION 3 CONFIGURATION Page Avaya P330 Default Settings P330 Default SettingsConfiguring the Switch Function Ports 51 1 Ensure that the other side is also set to Autonegotiation EnabledPorts Chapter 9 P330 Default Settings Switch Configuration Basic Switch Configuration Operating parameters System Parameter ConfigurationIdentifying the system Uploading and Downloading Device Configurations and Images Network Time Acquiring Protocols Parameter Configuration Layer 2 Configuration File In order to Layer 3 Configuration File In order to System Logging System Logging Introduction Sinks Applications Syslog Servers Syslog Configuration CLI Commands In order to Monitoring CPU Utilization Chapter 10 Switch Configuration Avaya P330 Layer 2 Features Overview Configuring Ethernet Parameters EthernetFast Ethernet Gigabit Ethernet Gigabit Ethernet ports MMMMMMSSSSSS MM-MM-MM-SS-SS-SS Ethernet Configuration CLI Commands Ethernet Implementation in the Avaya P334T-ML Speed - 10/100 ports 1-48 1G ports 51Priority queuing - 10/100 ports 4 queues 1G ports 2 queues CAM size - 8K addresses VLAN Configuration VLAN Overview VLAN Tagging Multi VLAN Binding Figure 11.3 illustrates these binding modes in P330 Ingress VLAN Security VLAN CLI CommandsAutomatic VLAN Learning VLAN Implementation in the Avaya P334T-ML PBNAC Implementation in the P330 Family Port Based Network Access Control PBNACHow “Port Based” Authentication Works Configuring the P330 for PBNAC PBNAC CLI Commands In order to Spanning Tree per Port Spanning Tree ProtocolSpanning Tree Protocol Rapid Spanning Tree Protocol RSTP Spanning Tree Implementation in the P330 Family Spanning Tree Protocol CLI Commands Set the port point-to-point admin set port point-to-point adminadmin and operational RSTP status status MAC Security MAC Security Implementation in P330 MAC Security CLI Commands MAC Aging Configuring the P330 for MAC AgingMAC Aging CLI Commands LAG CLI Commands LAG Overview LAG Implementation in the Avaya P330 Family of Products Port Redundancy Port Redundancy Operation Port Redundancy CLI Commands Intermodule Port Redundancy redundancy entry defined for the display the intermoduleshow intermodule port redundancy IP Multicast Filtering IP Multicast CLI Commands IP Multicast Implementation in the Avaya P334T-ML RMON Overview RMON CLI CommandsRMON In order to SMON SMON Overview Port Mirroring Configuration Port Mirroring CLI commandsPort Mirroring Overview Port Mirroring Constraints Multilayer Policy About Multilayer Policy Multilayer Policy Implementation in the P334T-ML Configuring the P334T-ML for Multilayer Policy Multilayer Policy CLI Commands In order to Weighted Queuing CLI Commands Weighted QueuingImplementation of Weighted Queuing in the P330-ML Port Classification CLI Commands Port Classification Implementation of Stack Health in the P330 Family Stack RedundancyStack Health Stack Health CLI Commands Initiate the stack health testingprocedure set stack health Chapter 11 Avaya P330 Layer 2 Features Avaya P330 Layer 3 Features What is Routing? Figure 12.1 Routing Multinetting Multiple Subnets per VLAN Routing ConfigurationForwarding IP Configuration IP Configuration CLI Commands Assigning Initial Router Parameters set vlan Vlan-id name Vlan-name replacing Vlan-id by the Routerconfigure# interface interface-name The Routerconfigure-ifinterface-name# prompt appearsRouterconfigure-ifinterface-name# ip address ip- address netmask Routerconfigure# interface interface-name# ip vlan vland-id Obtaining a Routing License Key To obtain a License Key that enables routing features1 Go to http//license-lsg.avaya.com and click “request new license” 2 Enter the Certificate Key and Certificate Type 3 Click Next 4 Enter contact information once per certificate 5 Click Next 6 View number of licenses left Activating a Routing License Key set license module license featureNameLicense Key CLI Commands Chapter 12 Avaya P330 Layer 3 Features RIP Routing Interchange Protocol Configuration RIP Overview Table 12.1 DIfferences Between RIP and RIP2 RIP CLI CommandsRIP2 In order to OSPF Open Shortest Path First Configuration OSPF Overview OSPF CLI Commands Static Routing Overview Static Routing ConfigurationStatic Routing Configuration CLI Commands Route Preferences Route Redistribution Commands Route Redistribution ARP Address Resolution Protocol Table Configuration ARP Overview ARP CLI Commands The ARP Table BOOTP/DHCP Dynamic Host Configuration Protocol Relay Configuration BOOTP/DHCP Overview BOOTP/DHCP CLI Commands NetBIOS Re-broadcast Configuration CLI Commands NetBIOS Re-broadcast ConfigurationNetBIOS Overview VRRP Virtual Router Redundancy Protocol Configuration VRRP Overview VRRP Configuration Example VRRP CLI Commands Case #2 In order to SRRP Overview SRRP ConfigurationSRRP Configuration Example SRRP CLI Commands Policy Configuration CLI Commands Policy ConfigurationPolicy Configuration Overview In order to Policy Configuration Example Figure 12.4 Avaya P330 Policy P330-1super# ip access-list 100 3 deny tcp host 192.168.5.33 any eq P330-1super# ip access-list 100 1 fwd6 tcp 149.49.0.0 0.0.255.255 anyP330-1super# ip access-list 100 2 fwd3 tcp any host IP Fragmentation/Reassembly CLI Commands IP Fragmentation and ReassemblyIP Fragmentation and Reassembly Overview SECTION 4 TROUBLESHOOTING AND MAINTENANCE Page Troubleshooting the Installation Troubleshooting the Installation Chapter 13 Troubleshooting the Installation Maintenance Replacing the Stacking Sub-module Maintenance Updating the Software Software DownloadObtain Software Online Downloading Software Download New Version without Overwriting Existing Version