Juniper Networks EX2500

iv Table of Contents

EX2500 Ethernet Switch Configuration Guide

TACACS+ Authentication........................................................................ 14

How TACACS+ Authentication Works.............................. ................14

TACACS+ Authentication Features in the EX2500 Switch ................14

Command Authorization and Logging............................................... 16

Configuring TACACS+ Authentication on the Switch........................ 16

Secure Shell...................................................... .......................................17

Configuring SSH Features on the Switch ...........................................17

SSH Encryption of Management Messages........................................ 17

Generating RSA Host and Server Keys for SSH Access ......................17

SSH Integration with RADIUS and TACACS+ Authentication............ 18

End User Access Control.......................................................................... 18

Considerations for Configuring End User Accounts ...........................19

User Access Control.......... ................................................................19

Listing Current Users......................................................................... 20

Logging In to an End User Account ...................................................20

Chapter 2 VLANs 21

VLAN Overview.............................................................................................. 21

VLANs and Port VLAN ID Numbers......................... .......................................22

VLAN Numbers........................................................................................ 22

PVID Numbers......................................................................................... 22

VLAN Tagging... .............................................................................................23

VLAN Topologies and Design Considerations.......... .......................................26

VLAN Configuration Rules .......................................................................26

Multiple VLANs Configuration Example...... .............................................27

Private VLANs................................ ................................................................29

Private VLAN Ports..................... .............................................................29

Private VLAN Configuration Guidelines.................................................... 30

Private VLAN Configuration Example ......................................................30

Chapter 3 Spanning Tree Protocol 31

Spanning Tree Overview................................................................ ................31

Bridge Protocol Data Units (BPDUs)......................................................... 32

Determining the Path for Forwarding BPDUs.................................... 32

Bridge Priority................................................................................ ...32

Port Priority..... .................................................................................33

Port Path Cost......................................... ..........................................33

Spanning Tree Group Configuration Guidelines .......................................33

Changing the Spanning Tree Mode....................................................33

Assigning a VLAN to a Spanning Tree Group............................... ......33

Creating a VLAN................................................................................ 34

Rules for VLAN Tagged Ports............................................................. 34

Adding and Removing Ports from STGs ............................................34

Rapid Spanning Tree Protocol.................................................. ......................35

Port State Changes .................................................................................. 35

Port Type and Link Type .........................................................................36

Edge Port............................. .............................................................36

Link Type.......................................................... ................................36

RSTP Configuration Guidelines ................................................................36

RSTP Configuration Example................................................................... 36

Per VLAN Rapid Spanning Tree............................................................ ..........37

Default Spanning Tree Configuration....................................................... 37

Why Do We Need Multiple Spanning Trees?............................................ 37