Main
TigerSwitch 10/100
24-Port 10/100Mbps Stackable Managed Switch Management Guide
Management Guide
Page
Page
Page
L
W
IMITED
ARRANTY
W
IMITED
ARRANTY
ii
iii
ONTENTS
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
2 Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
3 Configuring the Switch . . . . . . . . . . . . . . . . . . . . . . . . 3-1
iv
v
vi
4 Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . 4-1
vii
viii
ix
x
xi
xii
xiii
xiv
A Software Specifications . . . . . . . . . . . . . . . . . . . . . . . . .A-1
B Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1
Page
Page
T
xvii
ABLES
xviii
Page
F
xx
IGURES
xxi
xxii
1-1
NTRODUCTION
Key Features
1-2
Description of Software Features
F
S
1-3
1-4
F
S
1-5
1-6
D
1-7
System Defaults
1-8
D
1-9
Page
NITIAL
2-1
ONFIGURATION
Connecting to the Switch
Configuration Options
C
2-2
Required Connections
S
2-3
C
2-4
Remote Connections
O
2-5
Stack Operations
Selecting the Stack Master
Recovering from Stack Failure or Topology Change
C
2-6
Basic Configuration
Console Connection
C
2-7
Setting Passwords
C
2-8
Setting an IP Address
Manual Configuration
C
2-9
Dynamic Configuration
C
2-10
Enabling SNMP Management Access
C
2-11
Community Strings
C
2-12
Trap Receivers
Saving Configuration Settings
S
Managing System Files
Page
ONFIGURING
THE
3-1
WITCH
Using the Web Interface
Page
Navigating the Web Browser Interface
S
3-4
Configuration Options
Panel Display
Main Menu
Table 3-2 Main Menu
S
3-6
M
3-7
S
3-8
M
3-9
S
3-10
C
3-11
Basic Configuration
Displaying System Information
Page
C
3-13
Displaying Switch Hardware/Software Versions
Page
C
3-15
Displaying Bridge Extension Capabilities
Page
C
3-17
Setting the Switchs IP Address
S
3-18
Manual Configuration
C
3-19
Using DHCP/BOOTP
S
3-20
C
3-21
Managing Firmware
Page
Page
S
3-24
Saving or Restoring Configuration Settings
C
3-25
Page
C
3-27
S
3-28
Console Port Settings
C
3-29
S
3-30
Telnet Settings
C
3-31
S
3-32
C
3-33
Configuring Event Logging
System Log Configuration
S
3-34
C
3-35
Remote Log Configuration
Page
C
3-37
Page
C
3-39
Sending Simple Mail Transfer Protocol Alerts
Page
C
3-41
Resetting the System
S
3-42
Setting the System Clock
Configuring SNTP
C
3-43
S
3-44
Setting the Time Zone
N
Simple Network Management Protocol
Setting Community Access Strings
S
3-46
Specifying Trap Managers and Trap Types
Page
S
3-48
User Authentication
Configuring User Accounts
A
3-49
S
3-50
Configuring Local/Remote Logon Authentication
A
3-51
S
3-52
Page
S
3-54
CLI Specify all the required parameters to enable logon authentication.
Configuring HTTPS
A
3-55
S
3-56
Replacing the Default Secure-site Certificate
A
3-57
Configuring the Secure Shell
S
3-58
A
3-59
S
3-60
Generating the Host Key Pair
A
3-61
S
3-62
Configuring the SSH Server
Page
S
3-64
Configuring Port Security
A
3-65
S
3-66
Configuring 802.1X Port Authentication
A
3-67
Page
A
3-69
Configuring 802.1X Global Settings
S
3-70
Configuring Port Settings for 802.1X
A
3-71
S
3-72
A
3-73
Displaying 802.1X Statistics
This switch can display statistics for dot1x protocol exchanges for any port.
Table 3-5 802.1X Statistics
S
3-74
A
3-75
Filtering Addresses for Management Access
Page
C
L
3-77
Access Control Lists
Configuring Access Control Lists
S
3-78
Setting the ACL Name and Type
Page
Page
C
L
3-81
Configuring an Extended IP ACL
S
3-82
C
L
3-83
S
3-84
Configuring a MAC ACL
Page
Page
Page
Port Configuration
C
3-89
Field Attributes (CLI) Basic Information:
Configuration:
S
3-90
Current Status:
C
3-91
Configuring Interface Connections
S
3-92
C
3-93
Creating Trunk Groups
S
3-94
C
}
3-95
Statically Configuring a Trunk
Page
C
}
ORT
ONFIGURATION
3-97
Enabling LACP on Selected Ports
S
3-98
C
3-99
Configuring LACP Parameters Dynamically Creating a Port Channel
S
3-100
Page
S
3-102
C
3-103
Displaying LACP Port Counters
You can display statistics for LACP protocol messages.
Figure 3-45 LACP - Port Counters Information
S
3-104
CLI The following example displays LACP counters.
Displaying LACP Settings and Status for the Local Side
C
3-105
Table 3-7 LACP Internal Configuration Information (Continued)
S
3-106
C
3-107
Displaying LACP Settings and Status for the Remote Side
Table 3-8 LACP Neighbor Configuration Information
S
3-108
C
3-109
Setting Broadcast Storm Thresholds
Page
C
3-111
Configuring Port Mirroring
S
3-112
C
3-113
Configuring Rate Limits
Rate Limit Granularity
S
3-114
Rate Limit Configuration
C
3-115
Showing Port Statistics
S
3-116
Table 3-9 Port Statistics
C
3-117
S
3-118
C
3-119
Page
C
ORT
ONFIGURATION
3-121
CLI This example shows statistics for port 13.
Address Table Settings
Page
S
3-124
Spanning Tree Algorithm Configuration
S
3-126
x x
T
C
A
3-127
Displaying Global Settings
S
3-128
Page
S
CLI
3-130
This command displays global STA settings, followed by settings for each port .
T
C
A
3-131
Configuring Global Settings
S
3-132
Page
Page
T
C
A
3-135
Displaying Interface Settings
x
T
x
C
A
3-137
S
3-138
T
C
A
3-139
Configuring Interface Settings
S
3-140
T
C
A
3-141
VLAN Configuration
3-143
Assigning Ports to VLANs
S
3-144
3-145
S
3-146
Forwarding Tagged/Untagged Frames
3-147
Enabling or Disabling GVRP (Global Setting)
Displaying Basic VLAN Information
S
3-148
Displaying Current VLANs
Command Attributes (Web)
3-149
Command Attributes (CLI)
S
3-150
Creating VLANs
3-151
S
3-152
Adding Static Members to VLANs (VLAN Index)
3-153
S
3-154
Adding Static Members to VLANs (Port Index)
3-155
S
3-156
Configuring VLAN Behavior for Interfaces
3-157
S
3-158
3-159
Private VLANs
S
3-160
Displaying Current Private VLANs
3-161
Configuring Private VLANs
S
3-162
3-163
Associating VLANs
S
3-164
Displaying Private VLAN Interface Information
3-165
Configuring Private VLAN Interfaces
S
3-166
3-167
S
3-168
Class of Service Configuration
Layer 2 Queue Settings
Setting the Default Priority for Interfaces
C
S
3-169
S
3-170
Mapping CoS Values to Egress Queues
C
S
3-171
S
3-172
Selecting the Queue Mode
Page
S
3-174
Layer 3/4 Priority Settings
Mapping Layer 3/4 Priorities to CoS Values
C
S
3-175
Selecting IP Precedence/DSCP Priority
Page
C
S
3-177
Mapping DSCP Priority
S
3-178
C
S
3-179
Mapping IP Port Priority
Page
C
S
3-181
Mapping CoS Values to ACLs
Page
F
3-183
Multicast Filtering
S
3-184
Layer 2 IGMP (Snooping and Query)
Configuring IGMP Snooping and Query Parameters
F
3-185
S
3-186
F
3-187
Displaying Interfaces Attached to a Multicast Router
S
3-188
Specifying Static Interfaces for a Multicast Router
F
3-189
Displaying Port Members of Multicast Services
Page
F
3-191
Assigning Ports to Multicast Services
Page
4-1
4
I
INE
L
OMMAND
L
I
4-2
Telnet Connection
Page
Entering Commands
Page
L
I
4-6
Showing Commands
Page
L
I
4-8
Understanding Command Modes
Exec Commands
C
4-9
Configuration Commands
L
I
4-10
C
4-11
Command Line Processing
L
I
Command Groups
The system commands can be broken down into the functional groups shown below
Table 4-4 Command Groups
G
4-13
Table 4-4 Command Groups (Continued)
L
I
Line Commands
Table 4-5 Line Commands
C
4-15
line
L
I
4-16
login
C
4-17
password
L
I
4-18
timeout login response
C
4-19
exec-timeout
L
I
4-20
password-thresh
C
4-21
silent-time
L
I
4-22
databits
C
4-23
parity
speed
L
I
4-24
stopbits
C
4-25
disconnect
show line
Page
C
4-27
General Commands
enable
L
I
4-28
disable
C
4-29
configure
show history
L
I
4-30
reload
C
4-31
end
exit
Page
M
C
Device Designation Commands
4-33
System Management Commands
Table 4-7 System Management Commands
Table 4-8 Device Designation Commands
L
I
4-34
prompt
hostname
Page
L
I
4-36
username
M
C
4-37
enable password
L
I
IP Filter Commands
4-38
M
C
4-39
management
L
I
4-40
show management
M
C
Web Server Commands
4-41
Table 4-12 Web Server Commands
L
I
4-42
ip http port
ip http server
M
C
4-43
ip http secure-server
L
I
4-44
ip http secure-port
M
C
4-45
Telnet Server Commands
ip telnet port
L
I
4-46
ip telnet server
M
C
4-47
Secure Shell Commands
L
I
4-48
M
C
4-49
L
I
4-50
ip ssh server
M
C
4-51
ip ssh timeout
L
I
4-52
ip ssh authentication-retries
ip ssh server-key size
M
C
4-53
delete public-key
ip ssh crypto host-key generate
L
I
4-54
ip ssh crypto zeroize
M
C
4-55
ip ssh save host-key
L
I
4-56
show ip ssh
show ssh
M
C
4-57
show public-key
Table 4-16 show ssh - display description (Continued)
L
I
4-58
M
C
4-59
Event Logging Commands
logging on
L
I
4-60
logging history
M
C
4-61
logging host
L
I
4-62
logging facility
M
C
4-63
logging trap
L
I
4-64
clear logging
show logging
M
C
4-65
L
I
4-66
show log
M
C
4-67
L
I
4-68
SMTP Alert Commands
logging sendmail host
M
C
4-69
logging sendmail level
L
I
4-70
logging sendmail source-email
logging sendmail destination-email
M
C
4-71
logging sendmail
show logging sendmail
L
I
4-72
Time Commands
Table 4-22 Time Commands
M
C
4-73
sntp client
L
I
4-74
sntp server
M
C
4-75
sntp poll
show sntp
L
I
4-76
clock timezone
M
C
4-77
calendar set
L
I
System Status Commands
4-78
show calendar
M
C
4-79
light unit
show startup-config
Page
M
C
ANAGEMENT
YSTEM
4-81
L
I
4-82
show running-config
M
C
ANAGEMENT
YSTEM
4-83
Page
M
C
4-85
show users
L
I
4-86
show version
M
C
4-87
Frame Size Commands
jumbo frame
Flash/File Commands
C
4-89
copy
L
I
4-90
C
LASH
ILE
4-91
The following example shows how to copy the running configuration to a startup file.
L
I
4-92
delete
dir
C
4-93
L
I
4-94
whichboot
boot system
Authentication Commands
L
I
4-96
Authentication Sequence
authentication login
C
4-97
authentication enable
L
I
4-98
C
4-99
RADIUS Client
radius-server host
L
I
4-100
radius-server port
C
4-101
radius-server key
radius-server retransmit
L
I
4-102
radius-server timeout
show radius-server
C
4-103
TACACS+ Client
L
I
4-104
tacacs-server host
tacacs-server port
C
4-105
tacacs-server key
show tacacs-server
L
I
4-106
Port Security Commands
C
4-107
port security
L
I
4-108
802.1X Port Authentication
C
4-109
dot1x system-auth-control
[no] system-auth-control
Disabled
L
I
4-110
dot1x default
dot1x max-req
C
4-111
dot1x port-control
L
I
4-112
dot1x operation-mode
C
4-113
dot1x re-authenticate
dot1x re-authentication
L
I
4-114
dot1x timeout quiet-period
dot1x timeout re-authperiod
C
4-115
dot1x timeout tx-period
show dot1x
L
I
4-116
C
4-117
L
I
4-118
C
L
Access Control List Commands
L
I
IP ACLs
4-120
C
L
4-121
access-list ip
L
I
4-122
permit, deny (Standard ACL)
C
L
4-123
permit, deny (Extended ACL)
L
I
4-124
C
L
4-125
L
I
4-126
show ip access-list
ip access-group
C
L
4-127
show ip access-group
L
I
4-128
map access-list ip
Page
L
I
4-130
MAC ACLs
access-list mac
C
L
4-131
permit, deny (MAC ACL)
L
I
4-132
C
L
4-133
show mac access-list
mac access-group
L
I
4-134
show mac access-group
map access-list mac
C
L
4-135
show map access-list mac
L
I
4-136
ACL Information
show access-list
C
IST
L
ONTROL
CCESS
SNMP Commands
snmp-server community
4-139
snmp-server contact
Page
4-141
snmp-server host
L
I
4-142
snmp-server enable traps
4-143
show snmp
L
I
4-144
C
4-145
Interface Commands
Table 4-40 Interface Commands
L
I
4-146
interface
description
4-147
speed-duplex
L
I
4-148
negotiation
4-149
capabilities
L
I
4-150
flowcontrol
4-151
shutdown
L
I
4-152
switchport broadcast packet-rate
4-153
clear counters
Page
4-155
show interfaces counters
L
I
4-156
4-157
show interfaces switchport
L
I
4-158
Table 4-41 Interfaces Switchport Statistics
P
Mirror Port Commands
port monitor
L
I
4-160
show port monitor
R
Rate Limit Commands
L
I
4-162
rate-limit
rate-limit granularity
R
C
L
4-163
show rate-limit
Link Aggregation Commands
A
C
4-165
L
I
4-166
channel-group
Page
L
I
4-168
lacp system-priority
A
C
4-169
L
I
4-170
lacp admin-key (Ethernet Interface)
A
C
4-171
lacp admin-key (Port Channel)
L
I
4-172
lacp port-priority
A
C
4-173
show lacp
L
I
4-174
Table 4-45 show lacp counters - display description
A
C
4-175
Table 4-46 show lacp internal - display description
L
I
4-176
Table 4-46 show lacp internal - display description (Continued)
A
C
4-177
Table 4-47 show lacp neighbors - display description
L
Address Table Commands
Table 4-48 show lacp sysid - display description
Table 4-49 Address Table Commands
T
C
4-179
mac-address-table static
Page
T
C
4-181
show mac-address-table
L
I
4-182
mac-address-table aging-time
show mac-address-table aging-time
Spanning Tree Commands
Table 4-50 Spanning Tree Commands
L
I
4-184
spanning-tree
T
C
4-185
spanning-tree mode
L
I
4-186
spanning-tree forward-time
T
C
4-187
spanning-tree hello-time
spanning-tree max-age
L
I
4-188
spanning-tree priority
T
C
4-189
spanning-tree pathcost method
Page
T
C
4-191
spanning-tree port-priority
L
I
4-192
spanning-tree edge-port
T
C
4-193
spanning-tree portfast
L
I
4-194
spanning-tree link-type
T
C
4-195
spanning-tree protocol-migration
L
I
4-196
show spanning-tree
T
C
REE
PANNING
4-197
VLAN Commands
Editing VLAN Groups
vlan database
4-199
vlan
L
I
4-200
4-201
Configuring VLAN Interfaces
interface vlan
L
I
4-202
switchport mode
4-203
switchport acceptable-frame-types
L
I
4-204
switchport ingress-filtering
4-205
switchport native vlan
L
I
4-206
switchport allowed vlan
4-207
switchport forbidden vlan
L
I
4-208
Displaying VLAN Information
show vlan
4-209
Configuring Private VLANs
L
I
4-210
private-vlan
4-211
private vlan association
Page
4-213
switchport mode private-vlan
L
I
4-214
switchport private-vlan host-association
switchport private-vlan mapping
4-215
show vlan private-vlan
L
I
4-216
GVRP and Bridge Extension Commands
Table 4-56 GVRP and Bridge Extension Commands
GVRP
C
E
B
4-217
L
I
4-218
switchport gvrp
GVRP
C
E
B
4-219
L
I
4-220
GVRP
C
E
B
4-221
Priority Commands
Table 4-57 Priority Commands
Table 4-58 Priority Commands (Layer 2)
C
4-223
queue mode
L
I
4-224
switchport priority default
C
4-225
queue bandwidth
L
I
4-226
queue cos-map
C
4-227
show queue mode
show queue bandwidth
L
I
4-228
show queue cos-map
C
4-229
Priority Commands (Layer 3 and 4)
map ip port (Global Configuration)
Table 4-60 Priority Commands (Layer 3 and 4)
L
I
4-230
map ip port (Interface Configuration)
C
4-231
map ip precedence (Global Configuration)
L
I
4-232
map ip precedence (Interface Configuration)
C
4-233
map ip dscp (Global Configuration)
map ip dscp (Interface Configuration)
L
I
4-234
C
4-235
show map ip port
L
I
4-236
show map ip precedence
C
4-237
show map ip dscp
L
I
Multicast Filtering Commands
Table 4-63 Multicast Filtering Commands
Table 4-64 IGMP Snooping Commands
F
C
4-239
ip igmp snooping
ip igmp snooping vlan static
L
I
4-240
ip igmp snooping version
F
C
4-241
show ip igmp snooping
show mac-address-table multicast
L
I
IGMP Query Commands (Layer 2)
4-242
F
C
4-243
ip igmp snooping querier
ip igmp snooping query-count
L
I
4-244
ip igmp snooping query-interval
F
C
4-245
ip igmp snooping query-max-response-time
L
I
4-246
ip igmp snooping router-port-expire-time
F
C
4-247
Static Multicast Routing Commands
ip igmp snooping vlan mrouter
L
I
4-248
show ip igmp snooping mrouter
C
IP Interface Commands
ip address
L
I
4-250
C
4-251
ip dhcp restart
Page
C
4-253
show ip redirects
ping
L
I
4-254
PPENDIX
OFTWARE
A-1
PECIFICATIONS
Software Features
Management Features
S
A-3
Standards
S
A-4
Management Information Bases
PPENDIX
B-1
B T
Problems Accessing the Management Interface
ROUBLESHOOTING
B-2
S
L
B-3
Using System Logs
Page
G
Glossary-1
LOSSARY
Glossary-2
Glossary-3
Glossary-4
Glossary-5
Glossary-6
Glossary-7
Glossary-8
NDEX
Numerics
A
B
C
G
H
I
J
L
Q
R
S
T
U
V
W