Last Resort Action/Local Selectable | Enterasys Networks 2H258

Radius Configuration Screen

Table 3-6 Radius Configuration Screen Field Descriptions (Continued)

Use this field…	To…

Last Resort Action/Local (Selectable)

Accept, Challenge, and Reject, which do the following:

ACCEPT: Allows local access (via COM port) at the super-user level with no further attempt at authentication.

CHALLENGE: Reverts to local module (legacy) passwords.

REJECT: Does not allow local access.

For more details, refer to Section 3.7.1.

To set local and remote servers, refer to Section 3.7.2.

Last Resort Action/Remote (Toggle)

Accept, Challenge, and Reject, which do the following:

ACCEPT: Allows remote access (via Telnet or WebView) at the super-user level with no further attempt at authentication.

CHALLENGE: Reverts to local module (legacy) passwords.

REJECT: Does not allow remote access.

	For more details, refer to Section 3.7.1.
	To set local and remote servers, refer to Section 3.7.2.

Radius Client	Enable or disable client status.
(Toggle)

IP Address	Enter the IP address (in decimal-dot format) of the primary and
(Modifiable)	secondary servers being configured for the RADIUS function.

Secret	Enter a secret string of characters or the primary and secondary server
(Modifiable)	(16 characters are recommended as per RFC 2865). The maximum is
	32 characters).

Auth Port	Enter the number of the Authorization UDP Port for the Primary and
(Modifiable)	Secondary server.

Accessing Local Management 3-29

Image 67

Enterasys Networks 2H258 Last Resort Action/Local Selectable, Last Resort Action/Remote Toggle, Radius Client, IP Address

Contents

SmartSwitch 2200 Series Page Page Enterasys NETWORKS, INC Program License Agreement Page Page Contents Device Configuration Menu Screens Port Configuration Menu Screens Configuration Menu Screens Layer 3 Extensions Menu Screens Network Tools Screens Generic Attribute Registration Protocol Garp Figures Xiii Xiv Tables Xvi Tables About This Guide Using this Guide Structure of this Guide Xix Document Conventions Related Documents Bold type Typographical and Keystroke ConventionsPage Overview Introduction Management Agent Navigating Local Management Screens In-Band vs. Out-of-BandLocal Management Requirements None Defined Local Management Screen Elements Selection Fields Event Message FieldDisplay Fields Input Fields Local Management Keyboard Conventions Command Fields Your email address Getting HelpPage Local Management Requirements Management Terminal Setup Console Cable Connection 2H252-25R SmartSwitch device is shown in -1as an example VT100ID Management Terminal Setup Parameters Telnet Connections Monitoring AN Uninterruptible Power Supply DB9 Port RJ45 COM Port Page Accessing Local Management 802.1Q Switching Mode, LM Screen Hierarchy Exiting Local Management Screens Using the Exit CommandUsing the Return Command Selecting Local Management Menu Screen Items When to Use Using the Next and Previous CommandsUsing the Clear Counters Command Password Screen Screen Example How to Access Enter Screen Navigation Path Device Menu Screen Menu ConfigurationMenu Descriptions Device Tools NetworkSecurity Section Cont’d Overview of Security Methods Host Access Control Authentication Haca Overview of Security Methods 14Accessing Local Management Definitions of Terms and Abbreviations 2 802.1X Port Based Network Access Control 2.2 802.1X Security Overview Concurrent Operation of 802.1X and MAC MAC Authentication OverviewAuthentication Method Selection Authentication Method Sequence Authentication MAC 20Accessing Local Management MAC Authentication Control Security Menu Screen Refer to -4for a functional description of each menu item Radius PasswordsName Services Authentication Module Login Passwords Screen Passwords Screen Field Descriptions Switch Radius Configuration Screen Setting the Module Login Password Retries Timeout IP Address Last Resort Action/Local SelectableLast Resort Action/Remote Toggle Radius Client Setting the Local and Remote Servers Setting the Last Resort Authentication Name Services Configuration Screen Name Services Configuration Screen Secure Harbour IP Switch Name ModifiableName Services Web Authentication System Authentication Configuration Screen System Authentication Configuration Screen Port # AuthenticationAuthenticated , or Unauthenticated System EAP Port Configuration Screen EAP Port Configuration Screen Port Backend State Authentication State Port Control Force Reauth Initialize PortMaximum Requests 10 EAP Statistics Menu Screen EAP Statistics Menu Screen EAP Diagnostic AuthenticatorEAP Session 11 EAP Session Statistics Screen EAP Session Statistics Screen When to Use SessionOctetsTx Authenticate Server or a local Authentication Server MethodSessionID SessionOctetsRx Port Number EAP Authenticator Statistics Screen When to UseClear Counters Command Session User Name 12 EAP Authenticator Statistics Screen Clear Counters 13 EAP Diagnostic Statistics Screen EAP Diagnostic Statistics Screen When to Use Timeouts Enters ConnectingLogoffs Connecting Authenticating Other Requests To AuthenticatedAccess Challenges Backend Statistics Responses Clear MAC Port Configuration ScreenCounters 14 MAC Port Configuration Screen Port Enable SET ALL Ports MAC Supplicant Configuration Screen MAC Address Duration False Reauthenticate SupInitialize Supplicant Plicant Device Configuration Menu Screens General Configuration Device Configuration Menu Screen Information GeneralSnmp Resources 0.0 General Configuration Screen Addr Default GatewaySubnet Mask Tftp Gateway IP Time Operational ModeDevice Time Screen Refresh WebView Agg ModeClear Nvram IP Fragmentation Configuration Warning Screen, IP Address Setting the IP Address Configuration Warning Screen, Subnet Mask Setting the Subnet Mask Setting the Tftp Gateway IP Address Setting the Default Gateway Setting the Device Date Setting the Module Name Setting the Screen Lockout Time Setting the Device TimeEntering a New Screen Refresh Time Configuring the COM Port COM Port Warning Changing the COM Port Application UPS Clearing Nvram Clear Nvram Warning Enabling/Disabling IP Fragmentation Snmp Configuration Menu Screen Snmp Configuration Menu Screen Snmp Community Names Configuration Screen Snmp Community Names Configuration Screen Establishing Community Names Snmp Traps Configuration Screen Snmp Traps Configuration Screen Trap Community Configuring the Trap TableEnable Traps Trap Destination 10 Access Control List Screen Access Control List Screen IP Addr Access Control Lists Entering Single Addresses Entering IP AddressesMask Entering Ranges of Addresses Enable/Disable ACL XX KB System Resources Information Screen Setting the Reset Peak Switch Utilization Flash Download Configuration Screen 12 Flash Download Configuration Screen Flash Download Configuration Screen Field Descriptions Download File Reboot AfterDownload Download Server IP Configuration File Download Using Tftp Image File Download Using Runtime Configuration File Upload Using Tftp 36Device Configuration Menu Screens Port Configuration Menu Screens Port Configuration Menu Screen in Agg Mode, Huntgroup Port Configuration Menu Screen Redirect EthernetInterface HSIM/VHSIM Ethernet Interface Configuration Screen Port Type Intf Duplex ConfigLink Speed HDX FC Ethernet Port Configuration Screen Refer to -3for a functional description of each screen field Physical Port Default SpeedDefault Duplex Interface 10Port Configuration Menu Screens Save to ALL Full Duplex FlowControl Half Duplex Flow Setting the Advertised Ability Selecting Field Settings Redirect Configuration Menu Screen HSIM/VHSIM Configuration ScreenConfiguration Menu Redirect Configuration Menu Screen Port Redirect Configuration Screen Destination Port Source Port Status Redirect ErrorsFrame Format Source Port n Changing Source and Destination Ports Vlan Redirect Configuration Screen Vlan Redirect Configuration Screen Source Vlan n Source Vlan Changing Source Vlan and Destination Ports Aggregation Menu Usage Notes Definitions to Know Rapid Reconfiguration Spanning Tree Link Aggregation 802.3ad Main Menu Screen Aggregator 1 802.3ad Port Screen When to Use 802.3ad Port Screen MUX Viewing and Editing 802.3ad Port ParametersAggregator OperKey 10 802.3ad Port Details Screen 1.1 802.3ad Port Details Screen When to Use Port Instance ActorSystemPriority PartnerAdminSysID ActorOperState PartnerOperState Lagid Displaying Port StatisticsStats 11 802.3ad Port Statistics Screen 1.2 802.3ad Port Statistics Screen When to Use LACPDUsTx LACPDUsRxIllegalRx MarkerPDUsRx ActorChurnCount LastRxTimedeltaActorChurnState PartnerChurnState 12 802.3ad Aggregator Screen 2 802.3ad Aggregator Screen When to Use SysPri Viewing and Editing 802.3ad Aggregator ParametersDisplaying Aggregator Details AggInst 13 802.3ad Aggregator Details Screen 2.1 802.3ad Aggregator Details Screen When to Use Partner Instance 14 802.3ad System Screen 3 802.3ad System Screen When to Use Number Broadcast Suppression Configuration ScreenSystem Identifier Number of Ports Total RX Port # Setting the Reset Peak Setting the Threshold Configuration Menu Screens 802.1 Configuration Menu Screen 802.1 Configuration Menu Screen 802.1Q Vlan Spanning Tree802.1p Tree Configuration Menu Spanning Tree Configuration Menu Screen Spanning Tree Configuration Screen AgeTime Vlan Operation Current STP ModeConfigured Priority Configuring a Vlan Spanning Tree Spanning Tree Port Configuration Screen Spanning Tree Port Configuration Screen Age Time Switch AddressSTP Vlan ID Pvst Port Configuration Screen Enabling/Disabling the Default Spanning Tree PortsViewing Status of Spanning Tree Ports Port Designated Root CorrespondingPort Designated Port Designated Port Port PriorityPort Designated Cost Port StatePage Vlan Configuration Menu 802.1Q Vlan Configuration Menu Screens Summary of Vlan Local Management Preparing for Vlan Configuration 802.1Q Vlan Configuration Menu Screen 802.1Q Vlan Configuration Menu Screen Current Vlan Static VlanVlan Port Classification Static Vlan Configuration Screen FDB ID Vlan ID DEL Marked Creating a Static VlanVlan Name ADD Renaming a Static Vlan Displaying the Current Static Vlan Port Egress List Paging Through the Vlan List Deleting a Static Vlan Static Vlan Egress Configuration Screen Static Vlan Egress Configuration Screen Egress Setting the Egress Type on One or More Ports Individually Setting Egress Types on PortsSetting the Same Egress Type on All Ports Simultaneously Displaying the Next Group of Ports Current Vlan Configuration Screen Read-Only An example of a dynamic Vlan is a Gvrp Vlan Vlan Type Current Vlan Egress Configuration Screen Current Vlan Egress Configuration Screen Vlan Port Configuration Screen Override is Policy Pvid Pvid Configuring the Vlan Ports Changing the Port Mode Admit Tagged Frames only Vlan Classification Configuration Screen VID VID Marked ClassificationDescription DEL ALL/DEL 0x0000 000.000.000.000 0000x00000000 Tftp Http DNS Smtp Src TCP Port FTP Data 00-00-00-00-00-00 Nlsp IPX WAN Custom Classification Precedence Rules Layer Classification Precedence Displaying the Current Classification Rule Assignments Example Assigning a Classification to a VID Deleting One or More Classification Rules Protocol Port Configuration ScreenDeleting Line Items Deleting All Classification Rules Protocol Port Configuration Screen Field Classification RuleClassify SET Ports to Assigning Ports to a VID/ClassificationAssigning One or More Ports Individually Assigning All Ports Simultaneously Assigning VID/Classification to Port Vlan Lists Screen Navigation Paths 802.1p Configuration Menu Port Priority Configuration 802.1p Configuration Menu Screen When to Use Queues Port PriorityTraffic Class Transmit Port Priority Configuration Screen Port Priority Configuration Screen Policy Override Setting Switch Port Priority Port-by-PortSet Traffic Class Information Screen Setting Switch Port Priority on All Ports Traffic Class Information Screen Traffic Class Information Screen Field Descriptions Traffic Class Configuration Screen Traffic Class Configuration Screen Traffic Class Assigning the Traffic Class to Port PrioritySave Transmit Queues Configuration Screen Transmit Queues Configuration Screen Q2, Q3 Weights Q0, Q1Current Queueing Mode Setting the Current Queueing Mode Priority Classification Configuration Screen PID PID 18802.1p Configuration Menu Screens No Change TOS=PID Custom TCP No Change TOS=PID Custom Dest IP Address Mask New IP TOS Tftp Src TCP Port New IP TOS FTP Data IP Fragments New IP TOS IP Fragments2 Start End New IP TOS 00000 Dest TCP Port Start End New IP TOS 00000 SAP 28802.1p Configuration Menu Screens About the IP TOS Rewrite Function Layer Assigning a Classification to a PID Displaying the Current PID/Classification Assignments Deleting All Line Items Deleting PID/Classification/Description Line ItemsDeleting One or More Line Items Protocol Port Configuration Screen See which ports are set to the PID/Classification indicated Assigning Ports to a PID/Classification Solving the Problem Switch Rate Limiting Configuration Screen Maximum Priority List Port Number Modifiable Port Type Feature Direction Configuring a Port 42802.1p Configuration Menu Screens Changing One or More Line Items Changing/Deleting Port Line Items More About Rate Limiting Rate Limiting Configuration Screen Page Layer 3 Extensions Menu Screen Layer 3 Extensions Menu Screens Layer 3 Extensions Menu Screen IGMP/VLAN IGMP/VLAN Configuration Screen 120 Igmp Version Last Member Query Query IntervalQuery Response Robustness Querier Uptime Switch Query IPMcastMartPoolSize Querier Address Igmp State IGMP/VLAN Configuration ProcedurePage Device Statistics Menu Screen Device Statistics Menu Screens Lists the number of frames received, transmitted, filtered, Rmon Switch Statistics Screen Frames Txmtd Frames RcvdFrames Fltrd Frames Frwded Interface Statistics Screen Interface Statistics Screen InOctets InNonUnicast InErrorsOutErrors InUnicast MTU Displaying Interface Statistics Rmon Statistics Screen Rmon Statistics Screen Owner CRC Align ErrorsRmon Index Data Source Total Packets Oversized PktsFragments Jabbers 1024 1518 Octets Displaying Rmon StatisticsIndex nn Network Tools Screens Screen ExampleNetwork Tools Help Screen Refer to -1for a list of the commands Alias Command Alias Stats Examples Arp-a Arp Syntax Arplearn normal limited status Options Syntax Bridge ENABLE/DISABLE IFNUM/ALL OptionsArplearn Bridge Cdp Syntax Cdp enable/disable/status OptionsDefroute Syntax dynamicegress action vid Options action DynamicegressVid Syntax Enable Group Disable Group Trap #ALL Commands for Listing Events Syntax gigabitportmode active redundant status Syntax igmpv3drop enable disable statusGigabitportmode Igmpv3drop Lgframeadmin Loopbackdetect Syntax linktrap enable/disable/status PORT/allSyntax loopbackdetect enable disable state Linktrap Syntax maclock show port# all Maclock Maclock set trap port# all enable disable Syntax Maclock set enable port# all globalMaclock set disable port# all global Maclock set macaddress port# all create enable disable Maclock show Stations Netstat Maclock set enable global Syntax nonbridgeifnum 0 9999 status Nonbridgeifnum Ping PassiveStp Policy set port portnumberorrangeorall profileindex PolicySyntax policy show profile profileindex Policy show port portnumberorrangeorall Policy show port Examples Contiued Radius 11-24Network Tools Screens Radius client Character string for the shared secret code. For security Ratelimitmode Syntax ratelimitmode status highrange default lowrangeExamples Cont’d Syntax reset Options None Example -reset Reset Show SatsizeSyntax Satsize 8 16 status Options Show Appletalk interfaces Syntax stpEdgePort status SoftresetSyntax softreset Options None StpEdgePort Syntax StpForceVersion 0 2 status Options StpForceVersion Value Syntax stpLegacyPathCost enable disable statusStpLegacyPathCost Recommended StpPointToPointMAC StpPort Syntax stpRealTimeMsgAge enable disable statusStpRealTimeMsgAge Syntax Telnet IP address Port # Options Syntax Suppresstopologytraps enable disable OptionsSuppresstopologytraps Telnet Syntax timedreset status t seconds resetnv dontresetnv TimedsoftresetTimedreset Syntax timedsoftreset status t seconds resetnv dontresetnv Syntax Traceroute IP address Options Traceroute VrrpPort EXAMPLE, Effects of Aging Time on Dynamic Egress Options None Example -done Done, quit, exit Vlan Operation and Network Applications Example of a Vlan Defining VLANs 12.2.1 802.1Q VLANs Types of VLANsOther Vlan Strategies Vlan Terms Benefits and RestrictionsIngress Tagged Frame Default VlanFiltering Database Identifier FDB ID Gmrp QcstpGarp Garp Vlan Gvrp Vlan Operation Configuration Process Customizing the Vlan Forwarding List Vlan Switch OperationDefining a Vlan Classifying Frames to a Vlan FID Forwarding Decisions Receiving Frames from Vlan PortsUntagged Frames Tagged Frames Managing the Switch Vlan ConfigurationKnown Unicasts Switch with VLANs Switch Without VLANs Switch Management with VLANs 12-14VLAN Operation and Network Applications 3069162 Assigning a Vlan ID and Vlan Name Quick Vlan Walkthrough Assigning Ports to the Vlan Egress list Walkthrough Stage One, Static Vlan Configuration Screen Walkthrough Stage Two, Port 3 Egress Setting Walkthrough Stage Three, Port 10 Egress Setting Configuring the Port Parameters Walkthrough Stage Four, Vlan Port Configuration Examples Example 1, Single Switch Operation For the Red Vlan Frame Handling 11 Switch Configured for VLANs Example 2, VLANs Across Multiple Switches Redco Blue Industries 12-26VLAN Operation and Network Applications Switch 12-28VLAN Operation and Network Applications Redco Blue Industries User a Blue Industries Redco 15 Transmitting to Bridge Switches 1 Finance Department Example 5, Using Dynamic Egress to Control Traffic PCs 00.00.00.00.00.0A Switch SET ALL Ports no Vlan Operation and Network Applications Page Generic Attribute Registration Protocol Garp HOW IT Works About Igmp Supported Features and Functions Detecting Multicast Routers Page Numerics Index Index-2 Index-3 Index-4 Index-5 Index-6 Index-7 Index-8 Index-9 Index-10 Index-11