Main
TigerSwitch 10/100
48-Port 10/100Mbps Fast Ethernet Managed Switch
Management Guide
Page
Page
Page
L
W
IMITED
ARRANTY
W
IMITED
ARRANTY
ii
iii
ONTENTS
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
2 Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
3 Configuring the Switch . . . . . . . . . . . . . . . . . . . . . . . . 3-1
iv
v
vi
4 Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . 4-1
vii
viii
ix
x
xi
xii
xiii
xiv
A Software Specifications . . . . . . . . . . . . . . . . . . . . . . . . .A-1
B Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1
Glossary Index
T
xv
ABLES
xvi
Page
Page
F
xix
IGURES
xx
xxi
Page
1-1
NTRODUCTION
Key Features
1-2
Description of Software Features
F
S
1-3
1-4
F
S
1-5
1-6
D
1-7
System Defaults
1-8
D
1-9
Page
NITIAL
2-1
ONFIGURATION
Connecting to the Switch
Configuration Options
C
2-2
Required Connections
S
2-3
C
2-4
Remote Connections
C
2-5
Basic Configuration
Console Connection
Setting Passwords
C
2-6
Setting an IP Address
C
2-7
Manual Configuration
C
2-8
Dynamic Configuration
C
2-9
Enabling SNMP Management Access
Community Strings
C
2-10
Trap Receivers
C
2-11
Saving Configuration Settings
C
2-12
Managing System Files
ONFIGURING
THE
3-1
WITCH
Using the Web Interface
Page
Navigating the Web Browser Interface
S
3-4
Configuration Options
Panel Display
Main Menu
Table 3-2 Main Menu
S
3-6
M
3-7
S
3-8
M
3-9
S
3-10
C
3-11
Basic Configuration
Displaying System Information
Page
C
3-13
Displaying Switch Hardware/Software Versions
Page
C
3-15
Displaying Bridge Extension Capabilities
Page
C
3-17
Setting the Switchs IP Address
S
3-18
Manual Configuration
C
3-19
Using DHCP/BOOTP
S
3-20
C
3-21
Managing Firmware
Page
Page
S
3-24
Saving or Restoring Configuration Settings
C
3-25
Page
C
3-27
S
3-28
Console Port Settings
C
3-29
S
3-30
Telnet Settings
C
3-31
S
3-32
C
3-33
Configuring Event Logging
System Log Configuration
S
3-34
C
3-35
Remote Log Configuration
S
3-36
C
3-37
Page
C
3-39
Sending Simple Mail Transfer Protocol Alerts
Page
C
3-41
Resetting the System
S
3-42
Setting the System Clock
Configuring SNTP
C
3-43
S
3-44
Setting the Time Zone
N
Simple Network Management Protocol
Setting Community Access Strings
Page
Page
S
3-48
User Authentication
Configuring User Accounts
A
3-49
S
3-50
Configuring Local/Remote Logon Authentication
A
3-51
S
3-52
Page
S
3-54
CLI Specify all the required parameters to enable logon authentication.
Configuring HTTPS
A
3-55
S
3-56
Replacing the Default Secure-site Certificate
A
3-57
Configuring the Secure Shell
S
3-58
A
3-59
S
3-60
Generating the Host Key Pair
A
3-61
Page
A
3-63
Configuring the SSH Server
Page
A
3-65
Configuring Port Security
S
3-66
A
3-67
Configuring 802.1X Port Authentication
S
3-68
Page
S
3-70
Configuring 802.1X Global Settings
A
3-71
Configuring Port Settings for 802.1X
S
3-72
A
SER
UTHENTICATION
3-73
S
3-74
Displaying 802.1X Statistics
This switch can display statistics for dot1x protocol exchanges for any port.
A
3-75
S
3-76
Filtering Addresses for Management Access
Page
S
3-78
Access Control Lists
Configuring Access Control Lists
C
L
3-79
Setting the ACL Name and Type
S
3-80
Configuring a Standard IP ACL
Page
S
3-82
Configuring an Extended IP ACL
Page
S
3-84
Configuring a MAC ACL
Page
Page
C
3-87
Port Configuration
Displaying Connection Status
Field Attributes (Web)
Page
C
3-89
Current Status:
S
3-90
Configuring Interface Connections
C
3-91
S
3-92
Creating Trunk Groups
C
3-93
}
S
3-94
Statically Configuring a Trunk
Page
}
S
3-96
Enabling LACP on Selected Ports
}
C
3-97
S
3-98
Configuring LACP Parameters Dynamically Creating a Port Channel
C
3-99
Page
C
ORT
3-101
S
3-102
Displaying LACP Port Counters
You can display statistics for LACP protocol messages.
C
3-103
CLI The following example displays LACP counters.
Displaying LACP Settings and Status for the Local Side
Table 3-7 LACP Internal Configuration Information
S
3-104
Table 3-7 LACP Internal Configuration Information (Continued)
C
3-105
S
3-106
Displaying LACP Settings and Status for the Remote Side
Table 3-8 LACP Neighbor Configuration Information
C
ORT
3-107
S
3-108
Setting Broadcast Storm Thresholds
Page
S
3-110
Configuring Port Mirroring
C
3-111
S
3-112
Configuring Rate Limits
Rate Limit Granularity
C
3-113
Rate Limit Configuration
Page
C
3-115
Table 3-9 Port Statistics
S
3-116
C
3-117
S
3-118
Page
S
3-120
CLI This example shows statistics for port 13.
Address Table Settings
Page
Page
Spanning Tree Algorithm Configuration
T
C
A
3-125
x x
S
3-126
Displaying Global Settings
T
C
A
3-127
Page
T
C
CLI
LGORITHM
A
S
3-130
Configuring Global Settings
T
C
A
3-131
S
3-132
Page
S
3-134
Displaying Interface Settings
T
x
x
S
3-136
Page
S
3-138
Configuring Interface Settings
T
C
A
3-139
S
3-140
3-141
VLAN Configuration
IEEE 802.1Q VLANs
S
3-142
Assigning Ports to VLANs
3-143
S
3-144
3-145
Forwarding Tagged/Untagged Frames
S
3-146
Enabling or Disabling GVRP (Global Setting)
Displaying Basic VLAN Information
3-147
Displaying Current VLANs
Command Attributes (Web)
Page
3-149
Creating VLANs
Page
3-151
Adding Static Members to VLANs (VLAN Index)
S
3-152
3-153
Adding Static Members to VLANs (Port Index)
Page
3-155
Configuring VLAN Behavior for Interfaces
S
3-156
3-157
S
3-158
Private VLANs
3-159
Displaying Current Private VLANs
Page
3-161
Configuring Private VLANs
S
3-162
Associating VLANs
3-163
Displaying Private VLAN Interface Information
Page
3-165
Configuring Private VLAN Interfaces
S
3-166
C
Class of Service Configuration
Layer 2 Queue Settings
Setting the Default Priority for Interfaces
S
3-168
C
ERVICE
S
OF
S
3-170
Page
S
3-172
Selecting the Queue Mode
Page
S
3-174
Layer 3/4 Priority Settings
Mapping Layer 3/4 Priorities to CoS Values
C
S
3-175
Selecting IP Precedence/DSCP Priority
Page
C
S
3-177
Mapping DSCP Priority
Page
C
S
3-179
Mapping IP Port Priority
Page
C
S
3-181
Mapping CoS Values to ACLs
Page
F
3-183
Multicast Filtering
S
3-184
Layer 2 IGMP (Snooping and Query)
Configuring IGMP Snooping and Query Parameters
F
3-185
Page
F
3-187
Displaying Interfaces Attached to a Multicast Router
S
3-188
Specifying Static Interfaces for a Multicast Router
F
3-189
Displaying Port Members of Multicast Services
S
3-190
F
3-191
Assigning Ports to Multicast Services
Page
4-1
4
I
INE
L
OMMAND
L
I
4-2
Telnet Connection
Page
Entering Commands
Page
L
I
4-6
Showing Commands
Page
L
I
4-8
Understanding Command Modes
Exec Commands
C
4-9
Configuration Commands
L
I
4-10
C
4-11
Command Line Processing
L
I
Command Groups
The system commands can be broken down into the functional groups shown below
Table 4-4 Command Groups
G
4-13
L
I
4-14
Line Commands
Table 4-5 Line Commands
C
4-15
line
L
I
4-16
login
C
4-17
password
L
I
4-18
timeout login response
C
4-19
exec-timeout
L
I
4-20
password-thresh
C
4-21
silent-time
L
I
4-22
databits
C
4-23
parity
speed
L
I
4-24
stopbits
C
4-25
disconnect
show line
L
General Commands
I
4-26
Example To show all lines, enter this command:
Table 4-6 General Commands
C
4-27
enable
L
I
4-28
disable
configure
C
4-29
show history
L
I
4-30
reload
end
C
4-31
exit
quit
L
System Management Commands
M
C
4-33
Device Designation Commands
prompt
L
I
4-34
hostname
User Access Commands
M
C
4-35
username
L
I
4-36
enable password
M
C
IP Filter Commands
4-37
L
I
4-38
management
M
C
4-39
show management
L
I
Web Server Commands
4-40
Table 4-12 Web Server Commands
M
C
4-41
ip http port
ip http server
L
I
4-42
ip http secure-server
M
C
4-43
ip http secure-port
L
I
4-44
Telnet Server Commands
ip telnet port
M
C
4-45
ip telnet server
L
I
4-46
Secure Shell Commands
M
C
4-47
L
I
4-48
M
C
4-49
ip ssh server
L
I
4-50
ip ssh timeout
M
C
4-51
ip ssh authentication-retries
ip ssh server-key size
L
I
4-52
delete public-key
M
C
4-53
ip ssh crypto host-key generate
L
I
4-54
ip ssh crypto zeroize
ip ssh save host-key
M
C
4-55
show ip ssh
show ssh
L
I
4-56
Table 4-16 show ssh - display description
M
C
4-57
show public-key
L
I
4-58
M
C
4-59
Event Logging Commands
logging on
L
I
4-60
logging history
M
C
4-61
logging host
L
I
4-62
logging facility
M
C
4-63
logging trap
L
I
4-64
clear logging
show logging
M
C
4-65
L
I
4-66
The following example displays settings for the trap function.
show logging sendmail (4-71)
M
C
4-67
show log
L
I
4-68
SMTP Alert Commands
logging sendmail host
M
C
4-69
logging sendmail level
L
I
4-70
logging sendmail source-email
logging sendmail destination-email
M
C
4-71
logging sendmail
show logging sendmail
L
I
4-72
Time Commands
Table 4-22 Time Commands
M
C
4-73
sntp client
L
I
4-74
sntp server
M
C
4-75
sntp poll
show sntp
L
I
4-76
clock timezone
M
C
4-77
calendar set
L
I
System Status Commands
4-78
show calendar
M
C
4-79
show startup-config
L
I
4-80
Example
show running-config (4-81)
M
C
4-81
show running-config
L
I
4-82
Example
show startup-config (4-79)
M
C
4-83
show system
L
I
4-84
show users
show version
M
C
4-85
Frame Size Commands
jumbo frame
Flash/File Commands
C
4-87
copy
L
I
4-88
C
LASH
ILE
4-89
The following example shows how to copy the running configuration to a startup file.
L
I
4-90
delete
C
4-91
dir
L
I
4-92
whichboot
C
4-93
boot system
L
I
Authentication Commands
C
4-95
authentication login
L
I
4-96
authentication enable
C
4-97
RADIUS Client
L
I
4-98
radius-server host
C
4-99
radius-server port
radius-server key
L
I
4-100
radius-server retransmit
radius-server timeout
C
4-101
show radius-server
L
I
4-102
TACACS+ Client
tacacs-server host
C
4-103
tacacs-server port
tacacs-server key
L
I
4-104
show tacacs-server
Port Security Commands
C
4-105
port security
L
I
4-106
C
4-107
802.1X Port Authentication
Table 4-32 802.1X Port Authentication
L
I
4-108
dot1x system-auth-control
dot1x default
C
4-109
dot1x max-req
dot1x port-control
L
I
4-110
dot1x operation-mode
C
4-111
dot1x re-authenticate
dot1x re-authentication
L
I
4-112
dot1x timeout quiet-period
dot1x timeout re-authperiod
C
4-113
dot1x timeout tx-period
L
I
4-114
show dot1x
C
4-115
L
I
4-116
C
L
Access Control List Commands
L
I
IP ACLs
4-118
C
L
4-119
access-list ip
L
I
4-120
permit, deny (Standard ACL)
Page
L
I
4-122
permit, deny (Extended ACL)
C
L
4-123
L
I
4-124
show ip access-list
C
L
4-125
ip access-group
L
I
4-126
show ip access-group
map access-list ip
C
L
4-127
show map access-list ip
L
I
4-128
Example
map access-list ip (4-126)
Page
L
I
4-130
permit, deny (MAC ACL)
C
L
4-131
show mac access-list
L
I
4-132
mac access-group
show mac access-group
C
L
4-133
map access-list mac
L
I
4-134
show map access-list mac
C
L
4-135
ACL Information
show access-list
SNMP Commands
Table 4-39 SNMP Commands
4-137
snmp-server community
Page
4-139
snmp-server host
L
I
4-140
4-141
snmp-server enable traps
Page
4-143
L
I
4-144
Interface Commands
Table 4-40 Interface Commands
C
4-145
interface
description
L
I
4-146
speed-duplex
C
4-147
negotiation
L
I
4-148
capabilities
C
4-149
flowcontrol
L
I
4-150
shutdown
C
4-151
switchport broadcast packet-rate
L
I
4-152
clear counters
Page
L
I
4-154
show interfaces counters
C
4-155
L
I
4-156
show interfaces switchport
C
4-157
Table 4-41 Interfaces Switchport Statistics
L
I
Mirror Port Commands
port monitor
P
C
4-159
show port monitor
L
Rate Limit Commands
Page
L
I
4-162
rate-limit granularity
Page
L
I
4-164
Link Aggregation Commands
A
C
4-165
L
I
4-166
channel-group
lacp
Page
L
I
4-168
A
C
4-169
lacp system-priority
L
I
4-170
lacp admin-key (Ethernet Interface)
A
C
4-171
lacp admin-key (Port Channel)
L
I
4-172
lacp port-priority
Page
L
I
4-174
Table 4-45 show lacp counters - display description
A
C
4-175
Table 4-46 show lacp internal - display description
L
I
4-176
Table 4-46 show lacp internal - display description (Continued)
A
C
4-177
Table 4-47 show lacp neighbors - display description
L
Address Table Commands
Table 4-48 show lacp sysid - display description
Table 4-49 Address Table Commands
T
C
4-179
mac-address-table static
L
I
4-180
clear mac-address-table dynamic
show mac-address-table
T
C
4-181
mac-address-table aging-time
Page
T
C
4-183
Spanning Tree Commands
Table 4-50 Spanning Tree Commands
L
I
4-184
spanning-tree
T
C
4-185
spanning-tree mode
L
I
4-186
spanning-tree forward-time
spanning-tree hello-time
T
C
4-187
spanning-tree max-age
L
I
4-188
spanning-tree priority
T
C
4-189
spanning-tree pathcost method
spanning-tree transmission-limit
L
I
4-190
spanning-tree spanning-disabled
T
C
4-191
spanning-tree cost
L
I
4-192
spanning-tree port-priority
spanning-tree edge-port
T
C
4-193
spanning-tree portfast
L
I
4-194
spanning-tree link-type
T
C
4-195
spanning-tree protocol-migration
L
I
4-196
show spanning-tree
T
C
REE
PANNING
4-197
VLAN Commands
Editing VLAN Groups
vlan database
4-199
vlan
L
I
4-200
4-201
Configuring VLAN Interfaces
interface vlan
L
I
4-202
switchport mode
4-203
switchport acceptable-frame-types
L
I
4-204
switchport ingress-filtering
4-205
switchport native vlan
L
I
4-206
switchport allowed vlan
4-207
switchport forbidden vlan
L
I
4-208
Displaying VLAN Information
show vlan
4-209
Configuring Private VLANs
L
I
4-210
4-211
private-vlan
L
I
4-212
private vlan association
4-213
switchport mode private-vlan
L
I
4-214
switchport private-vlan host-association
switchport private-vlan isolated
4-215
switchport private-vlan mapping
L
I
4-216
show vlan private-vlan
GVRP
GVRP and Bridge Extension Commands
bridge-ext gvrp
L
I
4-218
show bridge-ext
GVRP
C
E
B
4-219
L
I
4-220
garp timer
GVRP
C
E
B
4-221
Priority Commands
Table 4-57 Priority Commands
Table 4-58 Priority Commands (Layer 2)
C
4-223
queue mode
L
I
4-224
switchport priority default
C
4-225
queue bandwidth
L
I
4-226
queue cos-map
C
4-227
show queue mode
show queue bandwidth
L
I
4-228
show queue cos-map
C
4-229
Priority Commands (Layer 3 and 4)
map ip port (Global Configuration)
Table 4-60 Priority Commands (Layer 3 and 4)
L
I
4-230
map ip port (Interface Configuration)
C
4-231
map ip precedence (Global Configuration)
L
I
4-232
map ip precedence (Interface Configuration)
C
4-233
map ip dscp (Global Configuration)
map ip dscp (Interface Configuration)
L
I
4-234
C
4-235
show map ip port
L
I
4-236
show map ip precedence
C
4-237
show map ip dscp
L
I
Multicast Filtering Commands
Table 4-63 Multicast Filtering Commands
Table 4-64 IGMP Snooping Commands
F
C
4-239
ip igmp snooping
ip igmp snooping vlan static
L
I
4-240
ip igmp snooping version
F
C
4-241
show ip igmp snooping
show mac-address-table multicast
L
I
IGMP Query Commands (Layer 2)
4-242
F
C
4-243
ip igmp snooping querier
ip igmp snooping query-count
L
I
4-244
ip igmp snooping query-interval
F
C
4-245
ip igmp snooping query-max-response-time
L
I
4-246
ip igmp snooping router-port-expire-time
F
C
4-247
Static Multicast Routing Commands
ip igmp snooping vlan mrouter
L
I
4-248
show ip igmp snooping mrouter
C
IP Interface Commands
ip address
L
I
4-250
C
4-251
ip default-gateway
ip dhcp restart
L
I
4-252
show ip interface
C
4-253
show ip redirects
ping
L
I
4-254
PPENDIX
OFTWARE
A-1
PECIFICATIONS
Software Features
Management Features
S
A-3
Standards
S
A-4
Management Information Bases
PPENDIX
B-1
B T
Problems Accessing the Management Interface
ROUBLESHOOTING
B-2
S
L
B-3
Using System Logs
Page
G
Glossary-1
LOSSARY
Glossary-2
Glossary-3
Glossary-4
Glossary-5
Glossary-6
Glossary-7
Glossary-8
NDEX
Numerics
A
B
C
G
H
I
J
L
P
Q
R
S
T
U
V
W