Main
TigerStack III 10/100
Port Fast Ethernet Swi
24-
tch
Management Guide
Page
Page
Page
L
W
IMITED
ARRANTY
W
IMITED
ARRANTY
ii
ABLE
OF
iii
ONTENTS
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
C
iv
C
v
C
vi
C
vii
4 Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . 4-1
C
viii
C
ix
C
x
C
xi
C
xii
C
xiii
C
xiv
C
xv
C
xvi
A
Page
xix
ABLES
xx
xxi
Page
F
xxiii
IGURES
xxiv
xxv
Page
1-1
NTRODUCTION
Key Features
1-2
Description of Software Features
Table 1-1 Key Features
F
S
1-3
1-4
F
S
1-5
1-6
D
1-7
System Defaults
1-8
D
1-9
1-10
NITIAL
2-1
ONFIGURATION
Connecting to the Switch
Configuration Options
C
2-2
S
2-3
Required Connections
C
2-4
Remote Connections
O
2-5
Stack Operations
Selecting the Stack Master
Recovering from Stack Failure or Topology Change
C
2-6
Basic Configuration
Console Connection
C
2-7
Setting Passwords
Setting an IP Address
C
2-8
C
2-9
C
2-10
Enabling SNMP Management Access
C
2-11
C
2-12
C
2-13
Saving Configuration Settings
C
2-14
Managing System Files
P
E
2-15
Configuring Power over Ethernet
Page
3-1
CHAPTER 3 CONFIGURING THE SWITCH
Using the Web Interface
Page
Navigating the Web Browser Interface
Page
Page
S
3-6
Main Menu
Table 3-2 Switch Main Menu
I
B
W
3-7
S
3-8
I
B
W
3-9
S
3-10
I
B
W
3-11
S
3-12
C
3-13
Basic Configuration
Displaying System Information
Page
C
ASIC
3-15
CLI Specify the hostname, location and contact information.
Displaying Switch Hardware/Software Versions
S
3-16
C
ASIC
3-17
Web Click System, Switch Information.
S
3-18
Displaying Bridge Extension Capabilities
C
3-19
Setting the IP Address
S
3-20
Page
S
3-22
Using DHCP/BOOTP
C
3-23
Managing Firmware
S
3-24
Downloading System Software from a Server
Page
S
3-26
Saving or Restoring Configuration Settings
C
3-27
Page
C
3-29
S
3-30
Console Port Settings
C
3-31
S
3-32
C
3-33
Telnet Settings
S
3-34
Page
S
3-36
C
3-37
Remote Log Configuration
S
3-38
C
3-39
Displaying Log Messages
S
3-40
Sending Simple Mail Transfer Protocol Alerts
Page
S
3-42
Resetting the System
C
3-43
Setting the System Clock
Configuring SNTP
S
3-44
Setting the Time Zone
N
Simple Network Management Protocol
S
3-46
N
P
M
3-47
Table 3-4 SNMPv3 Security Models and Levels
Page
Page
S
3-50
Specifying Trap Managers and Trap Types
N
P
M
3-51
S
3-52
Page
S
3-54
Specifying a Remote Engine ID
N
P
M
3-55
Configuring SNMPv3 Users
Page
Page
S
3-58
Configuring Remote SNMPv3 Users
N
P
M
3-59
Page
N
P
M
3-61
Configuring SNMPv3 Groups
S
3-62
Notify View The configured view for notifications. (Range: 1-64 characters)
Table 3-5 Supported Notification Messages
N
P
M
3-63
S
3-64
N
P
M
3-65
Page
N
P
M
3-67
Setting SNMPv3 Views
Page
A
3-69
User Authentication
Page
Page
S
3-72
Configuring Local/Remote Logon Authentication
A
3-73
Page
A
SER
UTHENTICATION
3-75
CLI Specify all the required parameters to enable logon authentication.
S
3-76
A
3-77
Replacing the Default Secure-site Certificate
S
3-78
Configuring the Secure Shell
A
3-79
S
3-80
A
3-81
Generating the Host Key Pair
Page
A
3-83
Configuring the SSH Server
S
3-84
A
3-85
Configuring Port Security
S
3-86
Page
S
3-88
Configuring 802.1X Port Authentication
A
3-89
Displaying 802.1X Global Settings
Command Attributes
S
3-90
Configuring 802.1X Global Settings
A
3-91
Configuring Port Settings for 802.1X
S
3-92
A
SER
UTHENTICATION
3-93
S
3-94
Displaying 802.1X Statistics
This switch can display statistics for dot1x protocol exchanges for any port.
A
3-95
S
3-96
Filtering IP Addresses for Management Access
A
3-97
S
3-98
Access Control Lists
Configuring Access Control Lists
C
L
3-99
Setting the ACL Name and Type
S
3-100
Configuring a Standard IP ACL
C
L
3-101
Configuring an Extended IP ACL
S
3-102
Page
S
3-104
Configuring a MAC ACL
Page
Page
Page
S
3-108
Configuring an IP ACL Mask
Page
S
3-110
Configuring a MAC ACL Mask
Page
S
3-112
Binding a Port to an Access Control List
Page
S
3-114
Port Configuration
Displaying Connection Status
Command Attributes (Web)
C
3-115
Field Attributes (CLI) Basic information:
Configuration:
S
3-116
Current status:
C
3-117
Configuring Interface Connections
S
3-118
C
3-119
S
3-120
Creating Trunk Groups
C
}
3-121
Statically Configuring a Trunk
Page
C
}
3-123
Enabling LACP on Selected Ports
}
S
3-124
C
3-125
Configuring LACP Parameters Dynamically Creating a Port Channel
S
3-126
Page
S
3-128
C
3-129
Displaying LACP Port Counters
You can display statistics for LACP protocol messages.
Figure 3-55 Displaying LACP Port Counters Information
S
3-130
CLI The following example displays LACP counters for port channel 1.
Displaying LACP Settings and Status for the Local Side
C
3-131
Table 3-9 LACP Internal Configuration Information (Continued)
S
3-132
C
3-133
Displaying LACP Settings and Status for the Remote Side
Table 3-10 LACP Neighbor Configuration Information
S
3-134
C
3-135
Setting Broadcast Storm Thresholds
S
3-136
Configuring Port Mirroring
C
3-137
Page
C
3-139
Showing Port Statistics
S
3-140
C
3-141
S
3-142
C
3-143
Page
O
S
E
3-145
Power Over Ethernet Settings
S
3-146
Switch Power Status
Page
Page
O
S
E
3-149
Configuring Port PoE Power
S
3-150
T
S
Address Table Settings
Setting Static Addresses
Page
Page
Spanning Tree Algorithm Configuration
T
C
A
3-155
x x
S
3-156
Displaying Global Settings
T
C
A
3-157
S
3-158
T
C
LGORITHM
A
REE
S
3-160
Configuring Global Settings
T
C
A
3-161
S
3-162
T
C
A
3-163
Page
T
C
A
3-165
Displaying Interface Settings
S
3-166
T
x
x
C
A
3-167
S
3-168
T
C
A
3-169
Configuring Interface Settings
S
3-170
T
C
A
3-171
S
3-172
Configuring Multiple Spanning Trees
Page
S
3-174
CLI This displays STA settings for instance 1, followed by settings for each port.
Page
S
3-176
T
C
A
3-177
Configuring Interface Settings for MSTP
S
3-178
3-179
VLAN Configuration
IEEE 802.1Q VLANs
S
3-180
Assigning Ports to VLANs
3-181
S
3-182
Forwarding Tagged/Untagged Frames
3-183
Enabling or Disabling GVRP (Global Setting)
S
3-184
Displaying Basic VLAN Information
3-185
Displaying Current VLANs
Command Attributes (Web)
S
3-186
Command Attributes (CLI)
Creating VLANs
3-187
S
3-188
Adding Static Members to VLANs (VLAN Index)
3-189
S
3-190
Adding Static Members to VLANs (Port Index)
3-191
Configuring VLAN Behavior for Interfaces
S
3-192
3-193
Page
3-195
Displaying Current Private VLANs
S
3-196
3-197
Configuring Private VLANs
S
3-198
Associating Community VLANs
3-199
Displaying Private VLAN Interface Information
S
3-200
Configuring Private VLAN Interfaces
3-201
S
3-202
Class of Service Configuration
Layer 2 Queue Settings
Setting the Default Priority for Interfaces
C
ERVICE
S
OF
S
3-204
Mapping CoS Values to Egress Queues
C
S
3-205
S
3-206
Selecting the Queue Mode
Page
S
3-208
Layer 3/4 Priority Settings
Mapping Layer 3/4 Priorities to CoS Values
C
S
3-209
Mapping IP Precedence
S
3-210
C
S
3-211
Mapping DSCP Priority
Page
C
S
3-213
Mapping IP Port Priority
Page
C
S
3-215
Copy Settings
Page
Page
S
3-218
Changing Priorities Based on ACL Rules
Page
S
3-220
Multicast Filtering
IGMP Protocol
F
3-221
Layer 2 IGMP (Snooping and Query)
S
3-222
Configuring IGMP Snooping and Query Parameters
F
3-223
S
Displaying Interfaces Attached to a Multicast Route
3-224
r
F
3-225
Specifying Interfaces Attached to a Multicast Router
S
3-226
Displaying Port Members of Multicast Services
Command Attribute
F
3-227
S
3-228
Assigning Ports to Multicast Services
D
Configuring Domain Name Service
Configuring General DNS Server Parameters
S
3-230
Page
S
3-232
Configuring Static DNS Host to Address Entries
Page
S
3-234
Displaying the DNS Cache
Page
Page
4-1
4
I
INE
L
OMMAND
I
L
C
4-2
Entering Commands
Keywords and Arguments
C
4-4
Minimum Abbreviation
Command Completion
Getting Help on Commands
L
I
The command show interfaces ? will display the following information:
4-5
C
4-6
Partial Keyword Lookup
Negating the Effect of Commands
Using Command History
L
I
4-7
Exec Commands
C
4-8
Configuration Commands
L
I
4-9
Table 4-2 Configuration Command Modes
C
4-10
Command Line Processing
L
I
Command Groups
The system commands can be broken down into the functional groups shown below
Table 4-4 Command Group Index
G
4-12
Table 4-4 Command Group Index (Continued)
L
I
Line Commands
Table 4-5 Line Commands
C
4-14
line
L
I
4-15
login
C
4-16
password
L
I
4-17
timeout login response
C
4-18
exec-timeout
L
I
4-19
password-thresh
C
4-20
silent-time
databits
L
I
4-21
parity
C
4-22
speed
L
I
4-23
stopbits
disconnect
C
4-24
show line
L
I
General Commands
enable
C
4-26
disable
L
I
4-27
configure
show history
C
4-28
reload
L
I
4-29
end
exit
C
4-30
quit
L
I
System Management Commands
Table 4-7 System Management Commands
M
C
4-32
Device Designation Commands
prompt
L
I
4-33
hostname
light unit
M
C
4-34
User Access Commands
username
L
I
4-35
M
C
4-36
enable password
L
I
4-37
IP Filter Commands
management
M
C
4-38
show management
L
I
Web Server Commands
4-39
Table 4-12 Web Server Commands
M
C
4-40
ip http port
ip http server
L
I
4-41
ip http secure-server
M
C
4-42
ip http secure-port
L
I
4-43
Telnet Server Commands
ip telnet server
M
C
4-44
Secure Shell Commands
L
I
4-45
Table 4-15 Secure Shell Commands
M
C
4-46
L
I
4-47
ip ssh server
M
C
4-48
ip ssh timeout
L
I
4-49
ip ssh authentication-retries
M
C
4-50
ip ssh server-key size
delete public-key
L
I
4-51
ip ssh crypto host-key generate
M
C
4-52
ip ssh crypto zeroize
ip ssh save host-key
L
I
4-53
show ip ssh
show ssh
M
C
4-54
Table 4-16 show ssh - display description
L
I
4-55
show public-key
M
C
Event Logging Commands
4-56
Table 4-17 Event Logging Commands
L
I
4-57
logging on
logging history
M
C
4-58
L
I
4-59
logging host
logging facility
M
C
4-60
logging trap
L
I
4-61
clear log
show logging
M
C
4-62
L
I
4-63
show log
M
C
4-64
SMTP Alert Commands
logging sendmail host
L
I
4-65
logging sendmail level
M
C
4-66
logging sendmail source-email
L
I
4-67
logging sendmail destination-email
logging sendmail
M
C
4-68
show logging sendmail
Time Commands
L
I
4-69
sntp client
M
C
4-70
sntp server
L
I
4-71
sntp poll
M
C
4-72
show sntp
L
I
4-73
clock timezone
M
C
4-74
calendar set
show calendar
L
I
4-75
System Status Commands
show startup-config
M
C
4-76
L
I
4-77
show running-config
M
C
ANAGEMENT
YSTEM
4-78
L
I
4-79
show system
M
C
4-80
show users
show version
Flash/File Commands
Table 4-24 Flash/File Commands
C
4-82
copy
L
I
4-83
C
LASH
ILE
4-84
The following example shows how to copy the running configuration to a startup file.
L
I
4-85
C
4-86
delete
L
I
4-87
dir
C
4-88
whichboot
L
I
4-89
boot system
Power over Ethernet Commands
L
I
4-91
power mainpower maximum allocation
power inline compatible
C
E
4-92
L
I
4-93
power inline
power inline maximum allocation
C
E
4-94
power inline priority
L
I
4-95
show power inline status
C
E
4-96
show power mainpower
Authentication Commands
Table 4-29 Authentication Commands
Table 4-30 Authentication Sequence Command
C
4-98
authentication login
L
I
4-99
authentication enable
C
4-100
RADIUS Client
L
I
4-101
radius-server host
C
4-102
radius-server port
radius-server key
L
I
4-103
radius-server retransmit
radius-server timeout
C
4-104
show radius-server
L
I
4-105
TACACS+ Client
tacacs-server host
C
4-106
tacacs-server port
tacacs-server key
L
I
4-107
show tacacs-server
Port Security Commands
C
4-108
port security
L
I
4-109
C
4-110
802.1X Port Authentication
Table 4-34 802.1X Port Authentication Commands
L
I
4-111
dot1x system-auth-control
dot1x default
C
4-112
dot1x port-control
L
I
4-113
dot1x operation-mode
C
4-114
dot1x re-authenticate
dot1x re-authentication
L
I
4-115
dot1x timeout quiet-period
dot1x timeout re-authperiod
C
4-116
dot1x timeout tx-period
show dot1x
L
I
4-117
C
4-118
L
I
4-119
Access Control List Commands
C
L
4-120
L
I
4-121
C
L
4-122
IP ACLs
Table 4-36 IP ACL Commands
L
I
4-123
access-list ip
C
L
4-124
access-list ip extended fragment-auto-mask
permit, deny (Standard ACL)
L
I
4-125
permit, deny (Extended ACL)
C
L
4-126
L
I
4-127
C
L
4-128
show ip access-list
L
I
4-129
access-list ip mask-precedence
C
L
4-130
mask (IP ACL)
L
I
4-131
C
IST
L
ONTROL
CCESS
L
I
4-133
show access-list ip mask-precedence
C
L
4-134
ip access-group
L
I
4-135
show ip access-group
map access-list ip
C
L
4-136
show map access-list ip
L
I
4-137
match access-list ip
C
MAC ACLs
L
4-138
show marking
L
I
4-139
access-list mac
C
L
4-140
permit, deny (MAC ACL)
L
I
4-141
C
L
4-142
show mac access-list
L
I
4-143
access-list mac mask-precedence
C
L
4-144
mask (MAC ACL)
L
I
This example creates an Egress MAC ACL.
4-145
C
L
4-146
show access-list mac mask-precedence
mac access-group
L
I
4-147
show mac access-group
map access-list mac
C
L
4-148
show map access-list mac
L
I
4-149
match access-list mac
C
L
4-150
ACL Information show access-list
L
SNMP Commands
4-152
snmp-server
L
I
4-153
show snmp
4-154
snmp-server community
snmp-server contact
L
I
4-155
snmp-server location
4-156
snmp-server host
L
I
4-157
4-158
L
I
4-159
snmp-server enable traps
4-160
snmp-server engine-id
L
I
4-161
show snmp engine-id
4-162
snmp-server view
L
I
4-163
show snmp view
4-164
snmp-server group
L
I
4-165
show snmp group
4-166
Table 4-44 show snmp group - display description
L
I
4-167
snmp-server user
4-168
L
I
4-169
show snmp user
This command shows information on SNMP users. Command Mode
Interface Commands
Table 4-46 Interface Commands
L
I
4-171
interface
description
C
4-172
speed-duplex
L
I
4-173
negotiation
C
4-174
capabilities
L
I
4-175
flowcontrol
C
4-176
shutdown
L
I
4-177
switchport broadcast packet-rate
C
4-178
clear counters
L
I
4-179
show interfaces status
C
4-180
show interfaces counters
L
I
4-181
C
4-182
show interfaces switchport
L
I
4-183
Table 4-47 show interfaces switchport - display description
P
Mirror Port Commands
port monitor
L
I
4-185
show port monitor
R
Rate Limit Commands
L
I
4-187
rate-limit
A
Link Aggregation Commands
L
I
4-189
A
C
4-190
channel-group
lacp
L
I
4-191
A
C
4-192
lacp system-priority
L
I
4-193
lacp admin-key (Ethernet Interface)
A
C
4-194
lacp admin-key (Port Channel)
L
I
4-195
lacp port-priority
A
C
4-196
show lacp
L
I
4-197
Table 4-52 show lacp internal - display description
Table 4-51 show lacp counters - display description (Continued)
A
C
4-198
Table 4-52 show lacp internal - display description (Continued)
L
I
4-199
Table 4-53 show lacp neighbors - display description
T
Address Table Commands
Table 4-54 show lacp sysid - display description
Table 4-55 Address Table Commands
L
I
4-201
mac-address-table static
T
C
4-202
clear mac-address-table dynamic
show mac-address-table
L
I
4-203
mac-address-table aging-time
T
Spanning Tree Commands
L
I
4-205
Table 4-56 Spanning Tree Commands (Continued)
T
C
4-206
spanning-tree
L
I
4-207
spanning-tree mode
T
C
4-208
spanning-tree forward-time
L
I
4-209
spanning-tree hello-time
T
C
4-210
spanning-tree max-age
L
I
4-211
spanning-tree default priority
spanning-tree priority
T
C
4-212
spanning-tree pathcost method
L
I
4-213
spanning-tree transmission-limit
T
C
4-214
spanning-tree backup-root
spanning-tree mst-configuration
L
I
4-215
mst vlan
T
C
4-216
mst priority
L
I
4-217
name
T
C
4-218
revision
max-hops
L
I
4-219
spanning-tree spanning-disabled
T
C
4-220
spanning-tree cost
L
I
4-221
spanning-tree port-priority
spanning-tree edge-port
T
C
4-222
spanning-tree portfast
L
I
4-223
spanning-tree link-type
T
C
4-224
spanning-tree mst cost
L
I
4-225
spanning-tree mst port-priority
T
C
4-226
spanning-tree protocol-migration
L
I
4-227
show spanning-tree
T
C
4-228
L
I
4-229
show spanning-tree mst configuration
This command shows the configuration of the multiple spanning tree. Command Mode
VLAN Commands
Editing VLAN Groups
vlan database
L
I
4-231
vlan
4-232
Configuring VLAN Interfaces
L
I
4-233
interface vlan
4-234
switchport mode
L
I
4-235
switchport acceptable-frame-types
4-236
switchport ingress-filtering
L
I
4-237
switchport native vlan
4-238
switchport allowed vlan
L
I
4-239
switchport forbidden vlan
4-240
Displaying VLAN Information
show vlan
L
I
4-241
Example The following example shows how to display information for VLAN 1:
Configuring Private VLANs
4-242
L
I
4-243
private-vlan
4-244
private-vlan association
L
I
4-245
switchport mode private-vlan
4-246
switchport private-vlan host-association
switchport private-vlan mapping
L
I
4-247
show vlan private-vlan
GVRP
GVRP and Bridge Extension Commands
Table 4-62 GVRP and Bridge Extension Commands
L
I
4-249
bridge-ext gvrp
show bridge-ext
GVRP
C
E
B
4-250
L
I
4-251
garp timer
GVRP
C
E
B
4-252
Priority Commands
C
4-254
Priority Commands (Layer 2)
queue mode
L
I
4-255
queue bandwidth
C
4-256
switchport priority default
L
I
4-257
queue cos-map
C
4-258
L
I
4-259
show queue mode
show queue bandwidth
C
4-260
show queue cos-map
Priority Commands (Layer 3 and 4)
L
I
4-261
map ip port (Global Configuration)
C
4-262
map ip port (Interface Configuration)
map ip precedence (Global Configuration)
L
I
4-263
map ip precedence (Interface Configuration)
C
4-264
map ip dscp (Global Configuration)
L
I
4-265
map ip dscp (Interface Configuration)
C
4-266
show map ip port
L
I
4-267
show map ip precedence
C
4-268
show map ip dscp
L
I
Multicast Filtering Commands
Table 4-69 Multicast Filtering Commands
Table 4-70 IGMP Snooping Commands
F
C
4-270
ip igmp snooping
ip igmp snooping vlan static
L
I
4-271
ip igmp snooping version
F
C
4-272
show ip igmp snooping
show mac-address-table multicast
L
I
4-273
IGMP Query Commands (Layer 2)
ip igmp snooping querier
F
C
4-274
ip igmp snooping query-count
L
I
4-275
ip igmp snooping query-interval
F
C
4-276
ip igmp snooping query-max-response-time
L
I
4-277
ip igmp snooping router-port-expire-time
F
C
4-278
Static Multicast Routing Commands
ip igmp snooping vlan mrouter
L
I
4-279
show ip igmp snooping mrouter
C
IP Interface Commands
ip address
L
I
4-281
C
4-282
ip default-gateway
ip dhcp restart
L
I
4-283
show ip interface
C
4-284
show ip redirects
ping
L
I
4-285
4-286
DNS Commands
L
I
4-287
ip host
4-288
clear host
ip domain-name
L
I
4-289
ip domain-list
4-290
ip name-server
L
I
4-291
ip domain-lookup
4-292
show hosts
L
I
4-293
show dns
show dns cache
4-294
clear dns cache
PPENDIX
A-1
A S
S
OFTWARE
PECIFICATIONS
Software Features
Management Features
S
A-3
SNMPv3
RMON
Standards
S
A-4
Management Information Bases
PPENDIX
B-1
B
ROUBLESHOOTING
Problems Accessing the Management Interface
Table B-1 Troubleshooting Chart
Symptom Action Cannot connect using Telnet, web browser, or SNMP software
B-2
Table B-1 Troubleshooting Chart
S
L
B-3
Using System Logs
Page
G
Glossary-1
LOSSARY
Glossary-2
Glossary-3
Glossary-4
Glossary-5
Glossary-6
Glossary-7
Page
NDEX
Numerics
A
B
C
H
I
L
M
P
R
S
T
U
V
W