Manuals / Cabletron Systems / Computer Equipment / Switch

Cabletron Systems 2H23-50R Port Level Security Conﬁguration Screen, Security State Selectable

Models: 2H23-50R 2H33-37R

1 182

Download 182 pages 26.68 Kb

Page 127

Port Level Security Conﬁguration Screen

Security State (Selectable)

Used to select the state of security for frames received by a speciﬁc port on the connector. The states are as follows:

•PortMismatch – Indicates that not all ports on the connector are set to the same state.

•NonSecure – Allows the ports on the connector to receive all frames. The source address of received frames is not examined and the frames are processed in a non secure state.

•LockOnNext – The next frame received by each port is examined to learn its source address. As the source address of a frame is learned on a port, only those frames received with that same source address are processed on that port. Any other address detected is considered as an intruder and the device executes the actions selected in the Action On Intruder ﬁeld.

•LockedOnAddr – The source address of the last frame received (or the source address entered in the Port Level Security Conﬁguration screen, if one is entered) is used for security purposes. Once a secure address is deﬁned on a port, only those frames received with that same source address are processed on that port. Any other frame detected with a different address is considered as an intruder, causing the device to execute the actions selected in the Action On Intruder ﬁeld.

Action On Intruder (Toggle)

Used to select the actions taken for the selected security state. There are two ﬁelds to select the actions. Both toggle to activate or deactivate the action.

•DisablePort/NoDisable – DisablePort causes the switch to turn off the port that had a security violation. With NoDisable set, the port is not turned off.

•SendTrap/NoTrap – SendTrap causes the switch to send an SNMP trap when a port detects a security violation. With NoTrap set, no SNMP trap is sent.

2H23-50R/2H33-37R User’s Guide

5-77

Image 127

Cabletron Systems 2H23-50R Port Level Security Conﬁguration Screen, Security State Selectable, Action On Intruder Toggle

Contents

CONN 2H23-50R/2H33-37R SmartSwitch 2100 User’s Guide9032286-04 CONN CONNPage FCC NOTICE Only qualiﬁed personnel should perform installation procedures2H23-50R/2H33-37R User’s Guide 2H23-50R/2H33-37R User’s Guide INDUSTRY CANADA NOTICEVCCI NOTICE CABLETRON SYSTEMS, INC. PROGRAM LICENSE AGREEMENT2H23-50R/2H33-37R User’s Guide EXCLUSION OF WARRANTY AND DISCLAIMER OF LIABILITYCABLETRON SOFTWARE PROGRAM LICENSE UNITED STATES GOVERNMENT RESTRICTED RIGHTS2H23-50R/2H33-37R User’s Guide SAFETY INFORMATION CLASS 1 LASER TRANSCEIVERSSAFETY INFORMATION CLASS 1 LASER TRANSCEIVERS LASER RADIATION AND CONNECTORSManufacturer’s Name Cabletron Systems, Inc DECLARATION OF CONFORMITY2H23-50R/2H33-37R User’s Guide Application of Council Directives 89/336/EEC 73/23/EEC2H23-50R/2H33-37R User’s Guide INTRODUCTION CONTENTSINSTALLATION CHAPTERCHAPTER ContentsTROUBLESHOOTING CHAPTER2H23-50R/2H33-37R User’s Guide ContentsSNMP Traps Screen OPTIONAL INSTALLATIONS AND ContentsSPECIFICATIONS SPECIFICATIONSCHAPTER INTRODUCTION 1.1 USING THIS GUIDE1.2 STRUCTURE OF THIS GUIDE Chapter 1 Introduction 1.3 OVERVIEWThe 2H23-50R is a high speed network repeater/switch device that provides four Ethernet networks and four Fast Ethernet networks RJ21 MicroLANs, CONN 1 through CONN 4 and two slots 5 and 6 for optional Fast Ethernet Interface Modules. The RJ21 connectors each consist of 12 repeater ports that are able to reside on the Ethernet 1.3.1 Connectivity 1.3.2 Full Duplex Switched Ethernet1.3.3 Auto-Negotiation 1.3.5 Runtime IP Address Discovery 1.3.4 SmartTrunking1.3.6 Management 1.3.7 Switching Options1.3.9 Year 2000 Compliant 1.3.10 LANVIEW Diagnostic LEDs1.4 OPTIONAL FEATURES 1.3.8 Standards Compatibility1.4.2 High Speed Interface Modules 1.4.1 Fast Ethernet Interface ModulesTable 1-1 Fast Ethernet Interface Modules 2H23-50R/2H33-37R User’s Guide 1.5 DOCUMENT CONVENTIONSThe following conventions are used throughout this document Document Conventions1.6 GETTING HELP 1.7 RELATED MANUALS 1-12 Chapter 1 Introduction2H23-50R/2H33-37R User’s Guide 2.1 SmartTrunk CHAPTER NETWORK REQUIREMENTS2.2 10BASE-T NETWORK Multimode Fiber Optic Cable Length 2.3 100BASE-TX NETWORK2.4 100BASE-FX FIBER OPTIC NETWORK Single Mode Fiber Cable Lengths3.1 REQUIRED TOOLS CHAPTER INSTALLATION3.2 UNPACKING THE DEVICE 3.3 INSTALLING OPTIONSInstallation 3.4 INSTALLING THE DEVICE3.4.1 Tabletop or Shelf Installation Guidelines for Tabletop and Shelf InstallationsGuidelines for the Rackmount Installation 3.4.2 Rackmount InstallationRack mounting the 2H23-50R or 2H33-37R involves the following Figure 3-4 Installing the Device in a Rack Figure 3-3 Installing the Rackmount BracketsRack Mounting the Device 3.4.3 Connecting Power to the Device 3.5 CONNECTING TO THE NETWORK 3.5.1 Connecting Cables to CONN 1 Through 3.5.2 Connecting a UTP Segment to the FE-100TX 2251-31 Figure 3-7 FE-100TX Crossover SwitchFigure 3-8 Cable Pinouts - RJ45 Crossover Cable 100 FE-100TXRX LED TX LED Figure 3-9 FE100-TX Port Connection3.5.3 Connecting a Fiber Optic Segment to the FE-100FX and FE-100F3 TX LED SC ConnectorFigure 3-10 Fiber Optic Cable Connection RX LED3.6 COMPLETING THE INSTALLATION 3-16 Chapter 3 Installation2H23-50R/2H33-37R User’s Guide 4.1 USING LANVIEW CHAPTER TROUBLESHOOTINGFlashing indicates an LED ﬂashing randomly Chapter 4 Troubleshooting2H23-50R/2H33-37R User’s Guide Color Using LANVIEW2H23-50R/2H33-37R User’s Guide Table 4-1 LANVIEW LEDs2H23-50R/2H33-37R User’s Guide Chapter 4 TroubleshootingTable 4-1 LANVIEW LEDs Continued 100 LED Receive RX LED 4.2 FE-100TX LEDA link exists if the associated port 5 or 6 RX LED is on Chapter 4 TroubleshootingTable 4-2 10/100 LED Indications When RX LED Is On Table 4-3 10/100 LED Indications When RX LED Is Off2H23-50R/2H33-37R User’s Guide 4.3 TROUBLESHOOTING CHECKLISTTroubleshooting Checklist Table 4-4 Troubleshooting Checklistdowntime of up to two minutes will result from this action 4.4 USING THE RESET BUTTON5.1 OVERVIEW CHAPTER LOCAL MANAGEMENTTable 5-1 Keyboard Conventions 5.2 LOCAL MANAGEMENT KEYBOARD CONVENTIONSChapter 5 Local Management 2H23-50R/2H33-37R User’s Guide5.3 MANAGEMENT TERMINAL SETUP Management Terminal Connection 5.3.1 Console Cable Connection2H23-50R/2H33-37R User’s Guide 5.3.2 Management Terminal Setup ParametersManagement Terminal Setup Table 5-2 VT Terminal Setup5.3.3 Telnet Connections 5.3.4 Monitoring an Uninterruptible Power Supply Figure 5-3 Local Management Password Screen 5.4 ACCESSING LOCAL MANAGEMENT5.4.1 Navigating Local Management Screens 5-10 Figure 5-4 802.1D Switching Mode, LM Screen HierarchyFigure 5-5 802.1Q Switching Mode, LM Screen Hierarchy Chapter 5 Local Management5.4.3 Exiting Local Management Screens 5.4.2 Selecting Local Management Menu Screen ItemsTo exit LM using the RETURN command, proceed as follows 2H23-50R/2H33-37R User’s Guide 5.5 DEVICE MENU SCREENDEVICE CONFIGURATION Device Menu ScreenDEVICE STATISTICS DEVICE CONFIGURATIONNETWORK TOOLS SWITCH CONFIGURATION SMARTTRUNK CONFIGURATION 5.6 DEVICE CONFIGURATION MENU SCREENSection 5.7.9 provides instructions on setting the operational mode DEVICE SPECIFIC CONFIGURATION GENERAL CONFIGURATIONSWITCH CONFIGURATION SMARTTRUNK CONFIGURATION5.7 GENERAL CONFIGURATION SCREEN TFTP Gateway IP Addr Modiﬁable Default Gateway ModiﬁableIP Address Modiﬁable Subnet Mask ModiﬁableDisplays the total time that the device has been operating IP Fragmentation Toggle Com ToggleApplication Toggle Clear NVRAM Toggle5.7.1 Setting the IP Address Figure 5-11 Conﬁguration Warning Screen 5.7.2 Setting the Subnet Mask5.7.4 Setting the TFTP Gateway IP Address 5.7.3 Setting the Default Gateway5.7.5 Setting the Device Date 5.7.7 Entering a New Screen Refresh Time 5.7.6 Setting the Device Time5.7.9 Setting the Operational Mode 5.7.8 Setting the Screen Lockout Time802.1D SWITCHING, 802.1Q SWITCHING, or SECURE FAST VLAN Figure 5-12 Conﬁguration Warning Screen General Conﬁguration Screen2H23-50R/2H33-37R User’s Guide 5-275.7.10 Conﬁguring the COM Port 2H23-50R/2H33-37R User’s Guide 6. When the message “SAVED OK” displays, the edits you made are saved4. Use the arrow keys to highlight YES. Press ENTER General Conﬁguration Screen5.7.11 Clearing NVRAM 5.7.10.1 Changing the COM Port ApplicationClear NVRAM as follows 5.7.12 Enabling/Disabling IP Fragmentation Figure 5-15 SNMP Community Names Screen 5.8 SNMP COMMUNITY NAMES SCREENCommunity Name Modiﬁable Access Policy Read-Only5.8.1 Establishing Community Names 5.9 SNMP TRAPS SCREEN Enable Traps Toggle 5.9.1 Conﬁguring the Trap Table5.10 SWITCH CONFIGURATION SCREEN Number of Ports Read-Only Switch Conﬁguration ScreenSwitch Address Read-Only Figure 5-17 Switch Conﬁguration ScreenAge Time Modiﬁable Type of STA SelectablePort # Read-Only Displays the hardware address assigned to each listed port 5.10.2 Setting the Age Time Field 5.10.1 Setting the STA5.10.3 Setting Enabling or Disabling the Port Status Figure 5-18 Device Speciﬁc Conﬁguration Menu Screen 5.11 DEVICE SPECIFIC CONFIGURATION MENU SCREENSYSTEM RESOURCES HIGH SPEED INTERFACE CONFIGURATION802.1Q VLAN CONFIGURATION Port Based VLAN User’s GuideREPEATER CONFIGURATION MENU 5.12 SYSTEM RESOURCES SCREENNVRAM Installed Read-only 5.12.1 Setting the Reset Peak Switch UtilizationFlash Memory Installed Read-only DRAM Installed Read-only5.13 HIGH SPEED INTERFACE CONFIGURATION SCREEN 2H23-50R ONLY Link Status Read-only Port Type Read-onlyDesired Oper. Mode Selectable Current Oper. Mode Read-only5.13.1 Conﬁguring an FE-100FX or FE-100F3 5.13.1.1 Setting the FE-100FX or FE-100F3 Operational Mode5.13.2.2 Setting the FE-100TX Advertised Ability 5.13.2.1 Setting the FE-100TX Operational Mode5.13.2 Conﬁguring an FE-100TX 5.14 FLASH DOWNLOAD SCREEN Download Method Selectable The following brieﬂy deﬁnes each ﬁeld of the Flash Download screenLast Image File Name Read-only Reboot After Download Modiﬁable only when the user chooses RUNTIMETFTP Gateway IP Addr Selectable Last Image Server IP Read-only5.14.2 Image File Download Using TFTP 5.14.1 Image File Download Using BootP5.14.3 Image File Download Using Runtime Table 5-6 CONN/Port Organization 5.15 PORT REDIRECT FUNCTION SCREENShows which ports are currently set as destination ports 5.15.1 Displaying the Source and Destination Entries 5.15.2 Changing Source and Destination Ports Broadcast frames received above the threshold setting are dropped 5.16 BROADCAST SUPPRESSION SCREENThe following explains each ﬁeld of the Broadcast Suppression screen 5.16.2 Setting the Reset Peak 5.16.1 Setting the ThresholdFigure 5-24 VLAN Main Menu Screen 5.17 THE VLAN MAIN MENU 802.1Q SCREENFigure 5-25 Repeater Conﬁguration Menu Screen 5.18 REPEATER CONFIGURATION MENU SCREENPORT LEVEL SECURITY CONFIGURATION 5.19 REPEATER PORT CONFIGURATION SCREENREPEATER PORT CONFIGURATION DEVICE LEVEL SECURITY CONFIGURATIONFigure 5-26 Repeater Port Conﬁguration Screen PORT# Read-onlyTable 5-8 CONN/Repeater Port Relationship Displays the Link status Link or No Link of the port 5.19.1 Setting the Port Operating Mode 5.19.2 Enabling /Disabling Ports 5.19.3 Setting All Ports5.19.4 Enabling/Disabling Network Ports 5.20 DEVICE LEVEL SECURITY CONFIGURATIONFigure 5-27 Device Level Security Conﬁguration Screen Connector Read-OnlyTable 5-10 CONN/Repeater Port Relationship Security State Selectable5.20.1 Setting the Device Level Security 5-75 5.21 PORT LEVEL SECURITY CONFIGURATION SCREENPort Level Security Conﬁguration Screen 2H23-50R/2H33-37R User’s GuideTable 5-12 CONN/Network Organization Port Read-onlyNetwork Read-only Table 5-11 CONN/Repeater Port Relationship2H23-50R/2H33-37R User’s Guide Port Level Security Conﬁguration ScreenSecurity State Selectable Action On Intruder ToggleAddress Modiﬁable 5.21.1 Setting the Port Level Security5.22 DEVICE STATISTICS MENU SCREEN The Device Statistics Menu screen displays the following menu items REPEATER STATISTICS 5.23 SWITCH STATISTICS SCREENThe Switch Statistics screen displays the following ﬁelds CLEAR COUNTERS Command 5.24 INTERFACE STATISTICS SCREENInOctets Read-Only InErrors Read-OnlyInterface Read-Only Name Read-OnlyOutUnicast Read-Only OutErrors Read-OnlyAdmin Status Read-Only OutOctets Read-Only5.24.1 Displaying Interface Statistics 5.25 RMON STATISTICS SCREEN 5.24.2 Using the Clear Counters CommandThe following brieﬂy deﬁnes each ﬁeld of the RMON Statistics screen Broadcast Pkts Read-only CRC Align Errors Read-onlyDrop Events Read-only Collisions Read-onlyTotal Octets Read-only Fragments Read-onlyJabbers Read-only Total Packets Read-only5.25.1 Displaying RMON Statistics 5.25.2 Using the Clear Counters CommandOperating statistics for each repeater port 1 through 48 for the 5.26 REPEATER STATISTICS SCREENThe following describes each ﬁeld of the Repeater Statistics screen For details on how to use this ﬁeld, refer to Section Displays the total number of errors 5.26.2 Displaying Network Port Statistics 5.26.1 Displaying Network StatisticsPORT # Command 5.27 NETWORK TOOLS 5.26.3 Using the Clear Counters CommandExample SyntaxDescription OptionsOptions 5.27.1 Built-in Commandsarp options SyntaxOptions ExampleSyntax DescriptionExample SyntaxDescription OptionsOptions ExampleSyntax DescriptionExample SyntaxresetNot Applicable OptionsDescription not reached, the command displays all next-hopExample SyntaxSyntax OptionsNot Applicable ExampleDescription Examplelinktrap SyntaxDescription The atmstpstate command allows the user tooption as enable, disable, or status. The STATE SyntaxOptions 5.27.2 Special CommandsSyntax Description5-108 Chapter 5 Local Management2H23-50R/2H33-37R User’s Guide A.1 DEVICE SPECIFICATIONS APPENDIX A SPECIFICATIONSA.2 PHYSICAL PROPERTIES A.4 ENVIRONMENTAL REQUIREMENTS A.3 ELECTRICAL SPECIFICATIONSA.5 INPUT/OUTPUT PORTS A.7 REGULATORY COMPLIANCE A.6 COM PORT PINOUT ASSIGNMENTS2H23-50R/2H33-37R User’s Guide Appendix A SpeciﬁcationsB.1 FE-100TX APPENDIX B FE-100TX, FE-100FX, AND FE-100F3 SPECIFICATIONSAppendix B FE-100TX, FE-100FX, and FE-100F3 Speciﬁcations B.2 FE-100FX2H23-50R/2H33-37R User’s Guide FE-100f3 B.3 FE-100F3FE-100F3 2H23-50R/2H33-37R User’s Guide2H23-50R/2H33-37R User’s Guide Appendix B FE-100TX, FE-100FX, and FE-100F3 SpeciﬁcationsC.1 REQUIRED TOOLS APPENDIX C OPTIONAL INSTALLATIONS AND MODE SWITCH BANK SETTINGSAppendix C Optional Installations and Mode Switch Bank Settings C.2 REMOVING THE CHASSIS COVER2H23-50R/2H33-37R User’s Guide To remove the chassis cover, proceed as follows Figure C-1 Removing the Chassis Cover C.2.1 Setting the Mode SwitchesSwitches 1 through 4 - For Cabletron Systems use only Switch deﬁnitions and positions are as followsFigure C-2 Mode Switch Location/Component Layout Switch 7 - Clear NVRAM. Changing the position of this switch resets NVRAM on the next power-up. All user-entered parameters, such as the IP address, device names, etc., are reset to the factory default settings. Once the device resets, you can either use the factory default settings or reenter your own parameters Primary Power Supply C.3 INSTALLING OPTIONAL FAST ETHERNET INTERFACE MODULESInstalling Optional Fast Ethernet Interface Modules Figure C-3 Fast Ethernet Interface Module Connector LocationTo install a Fast Ethernet Interface Module in port slot 5 or 6 of the 2. Remove the screw from the rear standoff. Save the screw Installing Optional Fast Ethernet Interface Modules2H23-50R/2H33-37R User’s Guide 7. Reinstall the cover Index-1 INDEXNumerics 2H23-50R/2H33-37R User’s GuideIndex-2 Index2H23-50R/2H33-37R User’s Guide 2H23-50R/2H33-37R User’s Guide IndexIndex-3 Index-4 Index2H23-50R/2H33-37R User’s Guide 2H23-50R/2H33-37R User’s Guide IndexIndex-5 Index-6 Index2H23-50R/2H33-37R User’s Guide