Displaying 802.1x Global Settings | SMC Networks SMC8624/48T

CONFIGURING THE SWITCH

802.1x client

RADIUS server

1.Client attempts to access a switch port.

2.Switch sends client an identity request.

3.Client sends back identity information.

4.Switch forwards this to authentication server.

5.Authentication server challenges client.

6.Client responds with proper credentials.

7.Authentication server approves access.

8.Switch grants client access to this port.

The operation of 802.1x on the switch requires the following:

•The switch must have an IP address assigned.

•RADIUS authentication must be enabled on the switch and the IP address of the RADIUS server specified.

•Each switch port that will be used must be set to dot1x “Auto” mode.

•Each client that needs to be authenticated must have dot1x client software installed and properly configured.

•The RADIUS server and 802.1x client support EAP. (The switch only supports EAPOL in order to pass the EAP packets from the server to the client.)

•The RADIUS server and client also have to support the same EAP authentication type. The current version of the firmware supports only the EAP-MD5 authetication type. (Some clients have native support in Windows, otherwise the dot1x client must support it.)

Displaying 802.1x Global Settings

The dot1x protocol includes global parameters that control the client authentication process that runs between the client and the switch (i.e., authenticator), as well as the client identity lookup process that runs between the switch and authentication server. These parameters are described in this section.

3-52

Image 100

SMC Networks SMC8624/48T manual Displaying 802.1x Global Settings, 802.1x client Radius server

Contents

TigerSwitch 10/100/1000 Page TigerSwitch 10/100/1000 Management Guide Trademarks Limited Warranty Limited Warranty Contents Contents Contents Command Line Interface Vii Viii Contents Contents Contents Xii Xiii Xiv Contents Tables Xvi Xvii Figures Xviii Xix 61. Displaying Vlan Information by Port Membership Figures Key Features Key Features Description of Software Features Description of Software Features Introduction Description of Software Features Introduction System Defaults System Defaults System Defaults Dhcp Introduction Connecting to the Switch Configuration Options Required Connections Connecting to the Switch Remote Connections Basic ConfigurationConsole Connection Setting Passwords Setting an IP Address Manual Configuration Dynamic Configuration Initial Configuration Enabling Snmp Management Access Community Strings Initial Configuration Saving Configuration Settings Trap Receivers Managing System Files Managing System Files Initial Configuration Configuring the Switch Using the Web Interface Configuring the Switch Navigating the Web Browser Interface Home Configuration Options Panel Display Main Menu Main Menu ACL Lacp STA 141 Vlan ID DNS Displaying System Information Field Attributes System Information CLI Specify the hostname, location and contact information Main Board Displaying Switch Hardware/Software VersionsManagement Software Web Click System, Switch Information Switch Information Displaying Bridge Extension Capabilities CLI Enter the following command Setting the Switch’s IP AddressWeb Click System, Bridge Extension Command Attributes Manual IP Configuration Using DHCP/BOOTP Dhcp IP Configuration 288 Managing Firmware Downloading System Software from a Server Operation Code Image File Transfer Saving or Restoring Configuration Settings Downloading Configuration Settings from a Server 10. Downloading Configuration Settings from a Server Resetting the System CLI Use the reload command to restart the switch Setting the System Clock Configuring Sntp 13. Sntp Configuration Setting the Time Zone 14. Setting the Time Zone Setting Community Access Strings Simple Network Management Protocol Access Mode Specifying Trap Managers and Trap Types 16. Specifying Trap Managers and Trap Types User Authentication Configuring the Logon Password Configuring Local/Remote Logon Authentication 17. Configuring the Logon Password Command Usage Radius Settings Tacacs Settings 18. Setting Local, Radius and Tacacs Authentication Configuring Https 19. Https Settings Https Support Replacing the Default Secure-site Certificate Configuring the Secure Shell Configuring the Switch Generating the Host Key Pair Field Attributes 20. SSH Host-Key Settings Configuring the SSH Server SSH server includes basic settings for authentication 21. SSH Server Settings Configuring Port Security Command Usage 22. Configuring Port Security Configuring 802.1x Port Authentication Displaying 802.1x Global Settings 802.1x client Radius server 23 .1x Information 111 Configuring 802.1x Global Settings Configuring Port Authorization Mode 24 .1x Configuration 25 .1x Port Configuration Authorized Statistical Values Displaying 802.1x Statistics1x Statistics 26 .1x Statistics Configuring Access Control Lists Access Control ListsCLI This example displays the 802.1x statistics for port Setting the ACL Name and Type 27. Naming and Choosing ACLs CLI This example creates a standard IP ACL named bill Configuring a Standard IP ACL Command Attributes 28. Configuring Standard IP ACLs Configuring an Extended IP ACL Command Attributes Access Control Lists 29. Configuring Extended IP ACLs Configuring a MAC ACL Command Attributes 120 Command Usage 30. Configuring MAC ACLs Command Usage Configuring ACL MasksSpecifying the Mask Type Configuring an IP ACL Mask This mask defines the fields to check in the IP header Configuring the Switch 32. Configuring an IP based ACL Configuring a MAC ACL Mask This mask defines the fields to check in the packet header 33. Configuring a MAC based ACL Binding a Port to an Access Control List 148 34. Mapping ACLs to Port Ingress/Egress Queues Filtering Management Access 35. Filtering Management Access Displaying Connection Status Port ConfigurationField Attributes Web Field Attributes CLI Web Click Port, Port Information or Trunk Information Current status CLI This example shows the connection status for Port 178 Configuring Interface Connections Port Configuration 37. Configuring Port Attributes Creating Trunk Groups Command Usage Statically Configuring a Trunk Command Usage 38. Static Trunk Configuration Enabling Lacp on Selected Ports Command Usage 189 39. Lacp Port Configuratio 190 Command Attributes 40. Lacp Aggregation Port Configuration Displaying Lacp Port Counters Counter InformationYou can display statistics for Lacp protocol messages Lacp Port Counter Information 41. Displaying Lacp Port Counters Information Internal Configuration Information Displaying Lacp Settings and Status for the Local SideLacp Settings Link Passive 1 Active 42. Displaying Lacp Port Information Neighbor Configuration Information Displaying Lacp Settings and Status for the Remote SideLacp Remote Side Settings 100 43. Displaying Remote Lacp Port Information Setting Broadcast Storm Thresholds 101 102 44. Enabling Port Broadcast Control Configuring Port Mirroring 103 Configuring Rate Limits 104 Command Attribute 105 Showing Port Statistics 106 107 Port Statistics 108 109 Rmon Statistics 110 47. Displaying Port Statistics 111 48. Displaying Etherlike and Rmon Statistics Address Table Settings Setting Static Addresses112 CLI This example shows statistics for port 113 49. Mapping Ports to Static Addresses Displaying the Address Table 114 115 Changing the Aging TimeCLI This example sets the aging time to 400 seconds Spanning Tree Algorithm Configuration 116 Displaying Global Settings 117 118 119 120 52. Displaying the Spanning Tree Algorithm Global settings apply to the entire switch Configuring Global Settings121 Basic Configuration of Global Settings 122 Root Device Configuration 123 Configuration Settings for Rstp 124 53. Configuring the Spanning Tree Algorithm 125 Displaying Interface Settings 126 127 Rules defining port status are 128 AD B 129 130 Configuring Interface SettingsCLI This example shows the STA attributes for port 131 132 133 Configuring Multiple Spanning TreesCLI This example sets STA attributes for port 134 135 Vlan ID Vlan to assign to this selected MST instance. Range 136 Displaying Interface Settings for Mstp 137 138 Configuring Interface Settings for Mstp 139 58. Mstp Port Configuration 140 Vlan Configuration Overview141 CLI This example sets the Mstp attributes for port 142 Assigning Ports to VLANs 143 144 145 Forwarding Tagged/Untagged Frames Enabling or Disabling Gvrp Global Setting CLI This example enables Gvrp for the switchDisplaying Basic Vlan Information 146 Command Attributes Web Displaying Current VLANs147 Web Click VLAN, 802.1Q VLAN, Basic Information Command Attributes CLI 148 Creating VLANs 149 150 CLI This example creates a new Vlan Adding Static Members to VLANs Vlan Index 151 63. Configuring Vlan Port Attributes 152 Adding Static Members to VLANs Port Index 153 Configuring Vlan Behavior for Interfaces 154 155 156 65. Configuring Vlan Ports 157 Configuring Private VLANs CLI This example enables private VLANs158 Enabling Private VLANs Configuring Uplink and Downlink Ports Configuring Protocol-Based VLANs159 160 Configuring Protocol GroupsCreate a protocol group for one or more protocols 161 Mapping Protocols to VLANs 162 69. Mapping Protocols to VLANs Setting the Default Priority for Interfaces Class of Service Configuration163 CLI This example assigns a default priority of 5 to port 164 Mapping CoS Values to Egress Queues 165Egress Queue Priority Mapping 10. CoS Priority Levels 71. Configuring Ports and Trunks for Class of Service 166 Selecting the Queue Mode 167 Setting the Service Weight for Traffic Classes 168 Mapping Layer 3/4 Priorities to CoS Values 169 Selecting IP Precedence/DSCP Priority 170 171 Mapping IP Precedence11. IP Precedence Prioruty 75. Mapping IP Precedence to Class of Service Values 172 Mapping Dscp Priority 173 76. Mapping IP Dscp Priority to Class of Service Values 174 Mapping IP Port Priority 175 176 78. IP Port Priority Mapping 177 Mapping CoS Values to ACLs13. CoS to ACL Mapping Changing Priorities Based on ACL Rules 178 179 180 79. Changing Priorities Based on ACL Rules Multicast Filtering 181 Layer 2 Igmp Snooping and Query Configuring Igmp Snooping and Query Parameters182 183 80. Configuring Internet Group Management Protocol 184 185 Command AttributesDisplaying Interfaces Attached to a Multicast Router 186 Specifying Static Interfaces for a Multicast Router Displaying Port Members of Multicast Services 187 Assigning Ports to Multicast Services 188 189 84. Specifying Multicast Port Membership Configuring General DNS Server Parameters Configuring Domain Name Service190 191 85. Configuring DNS 192 Configuring Static DNS Host to Address Entries 193 194 86. Mapping IP Addresses to a Host Name Displaying the DNS Cache 195 196 Web Select DNS, Cache Using the Command Line Interface Accessing the CLI Telnet Connection Using the Command Line Interface Entering Commands This section describes how to enter CLI commandsKeywords and Arguments Minimum Abbreviation Command Completion Getting Help on Commands Showing Commands Using Command History Negating the Effect of CommandsPartial Keyword Lookup Exec Commands Understanding Command ModesCommand Modes Configuration Commands Configuration Commands Mode Command Prompt Command Line Processing Keystroke Function Command Groups Command Group Index 255 Line Commands Line Command Syntax Default Setting Command ModeLine Syntax Line console vty Related Commands LoginSyntax Login local no login Password Username 4-35 passwordSyntax Password 0 7 password no password No password is specified Exec-timeout Login 4-16password-thresh4-19Syntax Exec-timeout seconds no exec-timeout CLI No timeout Telnet 10 minutes Password-thresh To set the timeout to two minutes, enter this commandSyntax Password-thresh threshold no password-thresh Default value is three attempts Silent-time Syntax Silent-time seconds no silent-time To specify 7 data bits, enter this command DatabitsSyntax Databits 7 8 no databits Seven data bits per character Eight data bits per character To specify no parity, enter this command ParitySyntax Parity none even odd no parity None No parity Even Even parity Odd Odd parity To specify 57600 bps, enter this command SpeedSyntax Speed bps no speed Auto Stopbits DisconnectSyntax Stopbits 1 Syntax Disconnect session-id Show line Syntax Show line console vty General Commands EnableGeneral Commands Syntax Enable level Disable Disable Enable passwordNormal Exec None Configure Show history This command restarts the system Reload This command resets the entire system This example shows how to reset the switchThis command returns to Privileged Exec mode End This command exits the configuration program ExitQuit Any This example shows how to quit a CLI session System Management CommandsSystem Mangement Commands Device Designation Commands Device Designation CommandsPrompt Syntax Prompt string no prompt User Access Commands User Access CommandsHostname Syntax Hostname name no hostname Username Enable password Default is level Default password is super IP Filter Commands 10. IP Filter Commands Management All addresses Show management Web Server Commands 11. Web Server Command Default Setting Command Mode Syntax No ip http server Default SettingIp http port Ip http server Ip http secure-server Syntax No ip http secure-server Default SettingIp http port Copy tftp https-certificate Ip http secure-port4-44 Copy tftp https-certificate Ip http secure-port Portnumber The UDP port used for HTTPS/SSL. Range443 Ip http secure-server4-42 Secure Shell Commands 12. Secure Shell Commands 12. Secure Shell Commands System Management Commands Disabled Syntax Ip ssh server no ip ssh server Default SettingIp ssh server Ip ssh timeout Syntax Ip ssh timeout seconds no ip ssh timeoutIp ssh crypto host-key generate 4-52 show ssh Seconds Exec-timeout4-18 show ip ssh Ip ssh authentication-retriesShow ip ssh Delete public-key Ip ssh server-key sizeSyntax Delete public-key username dsa rsa Ip ssh crypto host-key generate Syntax Ip ssh crypto host-key generate dsa rsaDsa DSA key type Rsa RSA key type Generates both the DSA and RSA key pairs Use this command to clear the host key from memory i.e. RAM Ip ssh crypto zeroizeIp ssh crypto zeroize 4-53 ip ssh save host-key4-54 Syntax Ip ssh crypto zeroize dsa rsa Show ip ssh Ip ssh save host-keySyntax Ip ssh save host-key dsa rsa Show ssh 13. SSH Information Syntax Show public-key user username host Show public-keyUsername Name of an SSH user. Range 1-8 characters Shows all public keys RSA Event Logging Commands 14. Event Logging CommandsSyntax No logging on Default Setting Logging on Logging history Logging history 4-59 clear logging Flash errors level 3 RAM warnings level 7 Logging hostSyntax No logging host hostipaddress Hostipaddress The IP address of a syslog server Logging facility Syntax No logging facility type Logging trap Clear loggingSyntax Logging trap level no logging trap Syntax Clear logging flash ram Show logging Show loggingSyntax Show logging flash ram sendmail trap Following example displays settings for the trap function 15. Smtp Alert Commands Smtp Alert CommandsShow logging sendmail Logging sendmail host Syntax No logging sendmail host ipaddress Logging sendmail level Logging sendmail source-emailSyntax Logging sendmail level level Syntax Logging sendmail source-email email-address Logging sendmail destination-email Syntax No logging sendmail destination-email email-address Logging sendmail Syntax No logging sendmail Default SettingShow logging sendmail Time Commands 16. Time Commands Syntax Sntp server ip1 ip2 ip3 Sntp serverSntp poll 4-72 show sntp Related Commands Sntp pollSntp client Syntax Sntp poll seconds no sntp poll Disabled Sntp broadcast client Syntax No sntp broadcast client Default SettingShow sntp Clock timezone Show sntp This command displays the system clock Calendar setShow calendar Syntax Show startup-config System Status Commands17. System Status Commands Command Usage Show running-config4-80 Show running-config Show startup-config4-77 This command displays system information Show system Show users Show version Frame Size Commands 18. Frame Size CommandsSyntax No jumbo frame Default Setting Jumbo frame Flash/File Commands 19. Flash/File Commands Copy Command Usage Following example shows how to download a configuration file Filename Name of the configuration file or image name This command deletes a file or imageDelete This command displays a list of files in flash memory Syntax Dir boot-rom config opcode filenameDir Dir Delete public-key4-51 Whichboot Following example shows how to display all file information Boot system Syntax Boot system boot-romconfig opcode filename Authentication Commands Authentication SequenceDir 4-90 whichboot 20. Authentication Commands Authentication login Local Username for setting the local user names and passwords 22. Radius Client CommandsRadius Client Radius-server host Radius-server port 10.1.0.1Syntax Radius-server port portnumber no radius-server port 1812 Radius-server retransmit Radius-server keySyntax Radius-server key keystring no radius-server key Radius-server timeout Show radius-server 23. TACACS+ Client Commands TACACS+ ClientTacacs-server host Hostipaddress IP address of a TACACS+ server Tacacs-server port Syntax Tacacs-server port portnumber no tacacs-server port Show tacacs-server Tacacs-server keySyntax Tacacs-server key keystring no tacacs-server key 24. Port Security Commands Port Security CommandsPort security Status Disabled Action None Maximum Addresses Interface Configuration Ethernet 802.1x Port Authentication 25 .1x Port Authentication Commands Authentication dot1x default Dot1x default Syntax Dot1x default Command ModeDefault Command Mode Dot1x max-req Default Interface ConfigurationDot1x port-control Force-authorized Dot1x re-authenticate Syntax Dot1x re-authenticate interfaceDot1x operation-mode Ethernet unit/port Dot1x re-authentication Dot1x timeout quiet-periodSyntax No dot1x re-authentication Command Mode Seconds The number of seconds. Range Dot1x timeout re-authperiod Dot1x timeout tx-period Show dot1x Show dot1x statistics interface interface Authenticator State Machine State- Current state including initialize, reauthenticate 113 Access Control List Commands Access Control Lists Access Control List Commands Masks for Access Control Lists 26. Access Control List Commands27. IP ACL Commands IP ACLs EXT-ACL Access-list ip Syntax No access-list ip standard extended aclname Permit, deny Ip access-group4-129 show ip access-list4-123 Standard ACL Access-list ip No permit deny tcp Extended ACL 122 Show ip access-list Access-list ip mask-precedenceSyntax Show ip access-list standard extended aclname Syntax No access-list ip mask-precedence in out Mask IP ACL 4-125 ip access-group4-129 Syntax No mask protocol IP Mask 126 127 Show access-list ip mask-precedence Syntax Show access-list ip mask-precedence in out Syntax No ip access-group aclname in out Ip access-groupMask IP ACL Show ip access-group Map access-list ipShow ip access-list4-123 This command shows the ports assigned to IP ACLs Queue cos-map4-260 Show map access-list ip Syntax Show map access-list ip interface Show map access-list ipMap access-list ip Match access-list ip Show marking Match access-list ipShow marking 28. MAC ACL Commands MAC ACLs Access-list mac Syntax No access-list mac aclname Permit, deny MAC ACL Any host destination destination address-bitmask MAC ACL Show mac access-list Access-list mac mask-precedenceThis command displays the rules for configured MAC ACLs Syntax Show mac access-list aclname Mask MAC ACL 4-140 mac access-group4-144 Mask MAC ACL MAC Mask 142 Syntax Show access-list mac mask-precedence in out Show access-list mac mask-precedenceThis example creates an Egress MAC ACL Syntax Mac access-group aclname in out Mac access-groupShow mac access-list4-139 Show mac access-group Map access-list macThis command shows the ports assigned to MAC ACLs Syntax No map access-list mac aclname cos cos-value Queue cos-map4-260 Show map access-list mac Show map access-list macSyntax Show map access-list mac interface Match access-list mac ACL Information Show access-list29. ACL Information Snmp Commands Show access-groupThis command shows the port assignments of ACLs 30. Snmp Commands Snmp community Syntax Snmp community string rorw no snmp community string Snmp contact Snmp locationSyntax Snmp contact string no snmp contact Syntax Snmp-server location text no snmp-server location Snmp host Host Address None Snmp Version Consoleconfig#snmp-server host 10.1.19.23 batman Syntax No snmp enable traps authentication link-up-down Snmp enable trapsIssue authentication and link-up-down traps This command checks the status of Snmp communications Show snmp 156 DNS Commands 31. DNS Commands No static entries Ip hostThis example maps two address to a host name Clear host Ip domain-nameSyntax Clear host name Syntax Ip domain-name name no ip domain-name Ip domain-list Syntax No ip domain-list name Ip domain-name4-159 Ip name-server Server-address1- IP address of domain-name server Ip domain-lookup Syntax No ip domain-lookup Default SettingIp domain-name4-159 ip domain-lookup4-163 Show hosts Ip domain-name4-159 ip name-server4-162 This command displays the configuration of the DNS server This command displays entries in the DNS cacheShow dns Show dns cache This command clears all entries in the DNS cache Clear dns cache 167 Interface Commands 32. Interface Commands Interface DescriptionPort-channel channel-idRange Syntax Description string no description Speed-duplex Interface Configuration Ethernet, Port ChannelFollowing example adds a description to port Negotiation Syntax No negotiation Default SettingNegotiation 4 -170 capabilities 4 Following example configures port 11 to use autonegotiation Capabilities 4 -172speed-duplex 4 Capabilities Syntax No flowcontrol Default Setting Flow control enabledFlowcontrol Negotiation 4 -170speed-duplex 4 -169 flowcontrol 4 Following example enables flow control on port Syntax Combo-forced-mode mode no combo-forced-modeCombo-forced-mode Negotiation 4 Capabilities flowcontrol, symmetric Syntax No shutdown Default Setting All interfaces are enabledFollowing example disables port Shutdown Switchport broadcast packet-rate This command clears statistics on an interface Port-channel channel-idRange Default SettingClear counters Following example clears statistics on port This command displays the status for an interface Show interfaces statusSyntax Show interfaces status interface Shows the status for all interfaces This command displays interface statistics Show interfaces countersSyntax Show interfaces counters interface Shows the counters for all interfaces 180 Show interfaces switchport Syntax Show interfaces switchport interfaceThis example shows the configuration setting for port Shows all interfaces Shows if acceptable Vlan frames include all types or Mirror Port Commands 33. Mirror Port CommandsInterface Configuration Ethernet, destination port Port monitor This command displays mirror information Unit Switch unit Port Port numberShow port monitor Syntax Show port monitor interface Following shows mirroring configured from port 6 to port Rate Limit Commands34. Rate Limit Commands Rate-limit Mbps Link Aggregation Commands 35. Link Aggregation Commands Guidelines for Creating Trunks General Guidelines Channel-group Syntax Channel-group channel-idno channel-groupChannel-id- Trunk index Range Current port will be added to this trunk Syntax No lacp Default Setting Lacp 191 Lacp system-priority 32768 Lacp admin-keyEthernet Interface Syntax Lacp admin-key key no lacp admin-key Lacp admin-key Port ChannelInterface Configuration Port Channel Lacp port-priority Show lacp This command displays Lacp informationPort Channel all 197 198 199 36. Adress Table Commands Address Table Commands200 Mac-address-table static 201Mac-address- MAC address Vlan-id- Vlan ID Range Clear mac-address-table dynamic Show mac-address-table202 Mac-address- MAC address Mask Bits to match in the address Mac-address-table aging-time 203 Show mac-address-table aging-time 204 37. Spanning Tree Commands Spanning Tree Commands205 Spanning tree is enabled Spanning-tree206 No spanning-tree 207 Spanning-tree modeRstp 208 Spanning-tree forward-time 209 Spanning-tree max-age Spanning-tree hello-time210 Spanning-tree priority 211 212 Spanning-tree pathcost methodLong method Spanning-tree mst-configuration This command limits the maximum transmission rate for BPDUsSpanning-tree transmission-limit 213 Mst vlan MST Configuration214 Mst priority 215 Switch’s MAC address Name216 Syntax Name name Revision 217Revision 4 Syntax Revision number 218 Max-hopsName 4 Spanning-tree spanning-disabled Syntax No spanning-tree spanning-disabled Default SettingSpanning-tree cost 219 Spanning-tree port-priority 220Priority The priority for a port. Range 0-240, in steps 128 Syntax No spanning-tree edge-port Default Setting Spanning-tree edge-port221 Spanning-tree cost 4 Syntax No spanning-tree portfast Default Setting Spanning-tree portfast222 Spanning-tree portfast 4 223 Spanning-tree link-typeSpanning-treeedge-port 4 Spanning-tree mst cost 224 225 Spanning-tree mst port-priority 4 226 Spanning-tree mst port-prioritySpanning-tree mst cost 4 Port-channel channel-idRange Command Mode Spanning-tree protocol-migration227 Syntax Spanning-tree protocol-migration interface 228 Show spanning-treeSyntax Show spanning-tree interface mst instanceid 229 Show spanning-tree mst configuration This command shows the multiple spanning tree configurationSyntax Show spanning-tree mst configuration Command Mode 230 Vlan Commands 38. Vlan CommandsEditing Vlan Groups 231 Vlan database 232Show vlan 4 By default only Vlan 1 exists and is active Vlan Database Configuration233 Vlan 40. Configuring Vlan Interfaces Configuring Vlan Interfaces234 235 Interface vlanSyntax Interface vlan vlan-id Shutdown 4 Switchport mode Syntax Switchport mode trunk hybrid no switchport modeAll ports are in hybrid mode with the Pvid set to Vlan Switchport acceptable-frame-types 4 Switchport acceptable-frame-types Switchport mode 4237 All frame types Syntax No switchport ingress-filtering Default Setting Switchport ingress-filtering238 Switchport native vlan 239 Switchport allowed vlan 240 241 Switchport forbidden vlanNo VLANs are included in the forbidden list Displaying Vlan Information 242Show vlan 41. Displaying Vlan Information 42. Protocol-based Vlan Commands Following example shows how to display information for Vlan243 No protocol groups are configured Protocol-vlan protocol-group Configuring Groups244 245 Protocol-vlan protocol-group Configuring InterfacesNo protocol groups are mapped for any interface 246 Show protocol-vlan protocol-groupSyntax Show protocol-vlan protocol-group group-id Group-id- Group identifier for a protocol group. Range This shows protocol group 1 configured for IP over Ethernet 247Show interfaces protocol-vlan protocol-group Mapping for all interfaces is displayed 43. Private Vlan Commands 248Pvlan No private VLANs are defined 249 This command displays the configured private VlanShow pvlan Gvrp and Bridge Extension Commands 44. Gvrp and Bridge Extension CommandsSyntax No bridge-ext gvrp Default Setting 250 251 Show bridge-ext Switchport gvrp Show gvrp configurationSyntax No switchport gvrp Default Setting Syntax Show gvrp configuration interface Garp timer 253 Show garp timer Show garp timer 4Syntax Show garp timer interface Shows all Garp timers Priority Commands Garp timer 445. Priority Commands 255 Priority Commands Layer Switchport priority default46. Priority Commands Layer 256 257 Queue mode Syntax Queue mode strict wrr no queue modeWeighted Round Robin 258 Queue bandwidth 259Show queue bandwidth 4 260 Queue cos-map Show queue mode This command shows the current queue mode261 Show queue cos-map 4 This command shows the class of service priority map 262Show queue bandwidth Show queue cos-map 47. Priority Commands Layer 3 Priority Commands Layer 3263 Syntax Map ip port no map ip port Default Setting 264 Syntax No map ip precedence Default Setting 265 List below shows the default priority mapping 266 Syntax No map ip dscp Default Setting 267 Map ip dscp Interface Configuration 268 Use this command to show the IP port priority map 269Show map ip port Syntax Show map ip port interface This command shows the IP precedence priority map 270Show map ip precedence Syntax Show map ip precedence interface This command shows the IP Dscp priority map 271Show map ip dscp Syntax Show map ip dscp interface Multicast Filtering Commands Igmp Snooping Commands48. Multicast Filtering Commands 49. Igmp Snooping Commands Following example enables Igmp snooping 273Ip igmp snooping No ip igmp snooping 274 Ip igmp snooping vlan static Following configures the switch to use Igmp Version 275Ip igmp snooping version Igmp Version Show ip igmp snooping 276Show mac-address-table multicast 50. Igmp Query Commands Layer Igmp Query Commands Layer277 Syntax No ip igmp snooping querier Default Setting 278Ip igmp snooping querier Ip igmp snooping query-count Following shows how to configure the query count to 279Ip igmp snooping query-interval Ip igmp snooping query-max-response-time 4 280 Seconds The report delay advertised in Igmp queries. RangeIp igmp snooping query-max-response-time 281 Switch must use IGMPv2 for this command to take effectIp igmp snooping router-port-expire-time Static Multicast Routing Commands 51. Static Multicast Routing Commands282 Ip igmp snooping vlan mrouter Displays multicast router ports for all configured VLANs 283Show ip igmp snooping mrouter Syntax Show ip igmp snooping mrouter vlan vlan-id IP Interface Commands Basic IP Configuration52. Basic IP Configuration commands 284 Interface Configuration Vlan 285Ip address IP address Netmask This command submits a Bootp or Dhcp client request 286Ip dhcp restart Ip dhcp restart 4 Syntax Ip default-gateway gateway no ip default-gateway Ip default-gateway287 Show ip interface 288Show ip redirects This command has no default for the host 289Ping Syntax Ping host count countsize size 290 Interface 4 291 Software Features AuthenticationDhcp Client Port Configuration Flow Control Class of Service Additional FeaturesPort Mirroring Rate Limits Management Features StandardsIn-Band Management Out-of-Band Management Management Information Bases Appendix B Troubleshooting Table B-1. Troubleshooting Chart Troubleshooting Glossary-1 Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 Glossary-8 User Datagram Protocol UDPVirtual LAN Vlan XModem Numerics Index-1 Index-2 Igmp Index-3 Snmp Snmp Index-4 Page For Technical SUPPORT, Call