Allied Telesis AT-8000S User Manual

4.5 (4)

Layer 2

Ethernet Switch

AT-8000S Series

User’s Guide

Table of Contents

Table of Contents

 

Preface....................................................................................................................................

6

Web Browser Interface User’s Guide Overview ..............................................................................

7

Intended Audience...........................................................................................................................

7

Document Conventions ...................................................................................................................

8

Contacting Allied Telesis .................................................................................................................

8

Getting Started......................................................................................................................

10

Starting the Application..................................................................................................................

10

Using the Web Browser Interface..................................................................................................

12

Viewing the Device Representation.........................................................................................................

12

User Interface Components.....................................................................................................................

13

Using the Management Buttons ..............................................................................................................

14

Adding, Modifying and Deleting Information ............................................................................................

15

Saving Configurations..............................................................................................................................

16

Logging Out ...................................................................................................................................

16

Resetting the Device .....................................................................................................................

17

Defining System Information.................................................................................................

18

Configuring System Time......................................................................................................

20

Setting the System Clock ..............................................................................................................

22

Configuring SNTP..........................................................................................................................

23

Polling for Unicast Time Information........................................................................................................

23

Polling for Anycast Time Information .......................................................................................................

23

Broadcast Time Information.....................................................................................................................

23

Configuring Daylight Saving Time .................................................................................................

24

Configuring Device Security..................................................................................................

26

Configuring Management Security ................................................................................................

27

Defining Access Profiles ..........................................................................................................................

28

Defining Profile Rules ..............................................................................................................................

31

Defining Authentication Profiles...............................................................................................................

34

Mapping Authentication Profiles ..............................................................................................................

37

Configuring Server Based Authentication................................................................................................

38

Configuring TACACS+ ............................................................................................................................

38

Configuring RADIUS................................................................................................................................

41

Configuring Local Users ..........................................................................................................................

43

Configuring Network Security ........................................................................................................

45

Network Security Overview......................................................................................................................

46

Managing Port Security ...........................................................................................................................

46

Defining 802.1x Port Access....................................................................................................................

49

Enabling Storm Control............................................................................................................................

52

Page 1

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Configuring Ports ..................................................................................................................

54

Defining Port Settings ...................................................................................................................

55

Configuring Port Mirroring .............................................................................................................

59

Aggregating Ports .........................................................................................................................

62

Defining Trunk Settings...........................................................................................................................

63

Defining Port Trunking ............................................................................................................................

67

Configuring LACP ...................................................................................................................................

69

Configuring Interfaces...........................................................................................................

70

Defining MAC Addresses..............................................................................................................

71

Configuring VLANs........................................................................................................................

74

Defining VLAN Properties .......................................................................................................................

75

Defining VLAN Interface Settings ...........................................................................................................

77

Defining GVRP........................................................................................................................................

79

Configuring System Logs......................................................................................................

82

Defining Log Settings....................................................................................................................

83

Clearing Event Logs......................................................................................................................

85

Configuring Log Servers ...............................................................................................................

85

Setting System Log Display ..........................................................................................................

86

Viewing Flash Logs.......................................................................................................................

87

Configuring Spanning Tree ...................................................................................................

88

Configuring Classic Spanning Tree...............................................................................................

89

Defining STP Properties .........................................................................................................................

89

Defining STP Interfaces ..........................................................................................................................

91

Configuring Rapid Spanning Tree.................................................................................................

94

Configuring Multiple Spanning Tree..............................................................................................

96

Defining MSTP Properties ......................................................................................................................

97

Defining MSTP Interfaces .......................................................................................................................

98

Defining MSTP Instances .....................................................................................................................

100

Configuring Multicast Forwarding .......................................................................................

102

Configuring IGMP Snooping .......................................................................................................

103

Defining Multicast Bridging Groups.............................................................................................

105

Defining Multicast Forward All Settings.......................................................................................

107

Configuring SNMP ..............................................................................................................

110

SNMP Overview..........................................................................................................................

111

Enabling SNMP...........................................................................................................................

112

Defining SNMP Communities......................................................................................................

114

Defining SNMP Groups...............................................................................................................

116

Defining SNMP Users .................................................................................................................

118

Defining SNMP Views.................................................................................................................

120

Page 2

Table of Contents

Configuring SNMP Notifications ..................................................................................................

122

Defining Notification Recipients .............................................................................................................

122

Defining Notification Filters ....................................................................................................................

124

Configuring Power Over Ethernet .......................................................................................

126

Enabling PoE and Setting the Power Threshold .........................................................................

127

Defining PoE Settings..................................................................................................................

128

Configuring Services...........................................................................................................

132

Enabling Class of Service (CoS) .................................................................................................

133

Configuring CoS Priorities ...........................................................................................................

135

Mapping Queues .........................................................................................................................

136

Mapping CoS Values to Queues ...........................................................................................................

136

Mapping DSCP Values to Queues ........................................................................................................

137

Configuring Bandwidth QoS ........................................................................................................

138

Managing System Files.......................................................................................................

140

Restoring the Default Configuration ............................................................................................

141

Defining TFTP File Uploads and Downloads...............................................................................

142

Viewing Integrated Cable Tests...................................................................................................

145

Viewing Optical Transceivers ......................................................................................................

147

Resetting the Device ...................................................................................................................

148

Viewing Statistics ................................................................................................................

150

Viewing Interface Statistics..........................................................................................................

151

Viewing Interface Statistics....................................................................................................................

151

Viewing Etherlike Statistics....................................................................................................................

153

Managing RMON Statistics .........................................................................................................

155

Viewing RMON Statistics.......................................................................................................................

155

Configuring RMON History ....................................................................................................................

157

Configuring RMON Events ....................................................................................................................

161

Defining RMON Alarms .........................................................................................................................

164

Managing Stacking .............................................................................................................

168

Stacking Overview.......................................................................................................................

169

Stacking Ring Topology.........................................................................................................................

169

Stacking Chain Topology.......................................................................................................................

169

Stacking Members and Unit ID ..............................................................................................................

170

Removing and Replacing Stacking Members........................................................................................

170

Exchanging Stacking Members .............................................................................................................

171

Configuring Stacking Management .............................................................................................

172

Connecting a Terminal..............................................................................................................

174

Initial Configuration ...................................................................................................................

174

Configuration175

Static IP Address and Subnet Mask175

User Name176

Page 3

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Downloading Software..............................................................................................................

176

Standalone Device Software Download176

Stacking Member Software Download177

RS-232 Port Settings................................................................................................................

181

Port Defaults.............................................................................................................................

181

Configuration Defaults..............................................................................................................

181

Security Defaults ......................................................................................................................

181

System Time Defaults ..............................................................................................................

182

Spanning Tree Defaults............................................................................................................

182

Address Table Defaults ............................................................................................................

182

VLAN Default............................................................................................................................

183

Trunking Defaults .....................................................................................................................

183

Multicast Defaults .....................................................................................................................

183

Page 4

Table of Contents

Page 5

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Preface

This guide contains instructions on how to configure an AT-8000S Series Layer 2+ Fast Ethernet Switch using the interface in the Embedded Management System (EWS).

The Embedded Management System enables configuring, monitoring, and troubleshooting of network devices remotely via a web browser. The web pages are easy-to-use and easy-to-navigate.

This preface provides an overview of the Web Browser Interface User’s Guide, and includes the following sections:

Web Browser Interface User’s Guide Overview

Intended Audience

Page 6

Preface

Web Browser Interface User’s Guide Overview

Web Browser Interface User’s Guide Overview

The Web Browser Interface User’s Guide provides the following sections:

Section 1,“Getting Started” — Provides information for using the Embedded Web Management System, including adding, editing, and deleting configurations.

Section 2, “Defining System Information” — Provides information for defining basic device information.

Section 3, “Configuring System Time” — Provides information for configuring Daylight Savings Time and Simple Network Time Protocol (SNTP).

Section 4, “Configuring Device Security” — Provides information for configuring both system and network security, including traffic control, and switch access methods.

Section 5, “Configuring Ports” — Provides information for configuring ports, port aggregation, port mirroring and LACP.

Section 6, “Configuring Interfaces” — Provides information for defining ports, LAGs, and VLANs.

Section 7, “Configuring System Logs” — Provides information for setting up and viewing system logs, and configuring switch log servers.

Section 8, “Configuring Spanning Tree” — Provides information for configuring Classic, Rapid, and Multiple Spanning Tree.

Section 9, “Configuring Multicast Forwarding” — Provides information for configuring both the static and dynamic forwarding databases.

Section 10, “Configuring SNMP” — Provides information for configuring SNMP access and management.

Section 11, “Configuring Power Over Ethernet” — Provides information for configuring Power over Ethernet (PoE) on the device.

Section 12, “Configuring Services” — Provides information for configuring Quality of Service CoS parameters.

Section 13, “Managing System Files” — Provides information for managing system files.

Section 14, “Viewing Statistics” — Provides information about viewing device statistics, including Remote Monitoring On Network (RMON) statistics, and device history events.

Section 15, “Managing Stacking” — Provides information for stacking, including a stacking overview.

Intended Audience

This guide is intended for network administrators familiar with IT concepts and terminology.

Page 7

Page 7

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Document Conventions

This document uses the following conventions:

Note

Provides related information or information of special importance.

Caution

Indicates potential damage to hardware or software, or loss of data.

Warning

Indicates a risk of personal injury.

Contacting Allied Telesis

This section provides Allied Telesis contact information for technical support as well as sales or corporate information.

Online Support

You can request technical support online by accessing the Allied Telesis Knowledge Base

 

from the following web site: www.alliedtelesis.com/kb. You can use the Knowledge Base

 

to submit questions to our technical support staff and review answers to previously asked

 

questions.

Email and Telephone

Support

Returning Products

For Sales or

Corporate

Information

Management

Software Updates

For Technical Support via email or telephone, refer to the Support & Services section of the Allied Telesis web site: www.alliedtelesiselesis.com.

Products for return or repair must first be assigned a Return Materials Authorization (RMA) number. A product sent to Allied Telesis without a RMA number will be returned to the sender at the sender’s expense.

To obtain a RMA number, contact Allied Telesis’s Technical Support at our web site: www.alliedtelesiselesis.com.

You can contact Allied Telesis for sales or corporate information at our web site: www.alliedtelesis.com. To find the contact information for your country, select Contact Us -> Worldwide Contacts.

You can download new releases of management software for our managed products from either of the following Internet sites:

Allied Telesis web site: www.alliedtelesis.com

Allied Telesis FTP server: ftp://ftp.alliedtelesis.com

To download new software from the Allied Telesis FTP server using your workstation’s command prompt, you need FTP client software and you must log in to the server. Enter “anonymous” as the user name and your email address for the password.

Page 8

Preface

Contacting Allied Telesis

Page 9

Page 9

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Section 1. Getting Started

This section provides an introduction to the Web Browser Interface, and includes the following topics:

Starting the Application

User Interface Components

Resetting the Device

Starting the Application

Starting the Application

This section contains information for starting the application. The login information is configured with a default user name and password. The default password is friend; the default user name is manager. Passwords are both case sensitive and alphanumeric. Additional user names can be added.

To open the application:

1.Open a web browser.

2.Enter the device IP address in the address bar and press <Enter>. The Login Page opens:

Figure 1: Login Page

3.Enter the user name and password.

4.Click Login. The Embedded Web System Home Page opens:

Page 10

Allied Telesis AT-8000S User Manual

Getting Started

Starting the Application

Figure 2: Embedded Web System Home Page

5.Click Configuration. The System General Page opens:

Figure 3: System General Page

Page 11

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Using the Web Browser Interface

This section provides general information about the interface, and describes the following topics:

Viewing the Device Representation

User Interface Components

Using the Management Buttons

Using the Management Buttons

Adding, Modifying and Deleting Information

Viewing the Device Representation

Zoom Views provide a graphical representation of the device ports. The Port Settings Page displays an example of the Zoom View with a detailed graphical representation of the device ports.

To open a zoom view of device ports:

Click Layer 1 > Port Settings. The Port Settings Page opens:

Figure 4: Port Settings Page

The port status indicators vary with context, for example the general port status indicators are as in the figure above while port mirror indicators are different. Indicator legend descriptions are provided with each context of the specific Zoom View.

Page 12

Getting Started

Using the Web Browser Interface

User Interface Components

The System General Page example shows the interface components.

Figure 5: System General Page

The following table lists the interface components with their corresponding numbers:

Table 1:

Interface Components

 

Component

Description

 

 

 

 

1

Menu

 

The Menu provides easy navigation through the main management software

 

 

 

features. In addition, the Menu provides general navigation options.

 

 

 

 

2

Tabs

 

Provide navigation to configurable device sub-features.

 

 

 

3

Management Buttons

Enable configuring parameters and navigation to other pages, see Using the

 

 

 

Management Buttons.

 

 

 

 

Page 13

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Using the Management Buttons

Management buttons provide an easy method of configuring device information, and include the following:

Table 2:

Configuration Management Buttons

 

Button

 

 

 

Button Name

Description

 

 

 

 

 

 

 

 

 

 

 

 

Add

Opens a page which creates new configuration entries.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Create

Opens a page which creates new configuration entries.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Modify

Modifies the configuration settings. The configuration change is

 

 

 

 

 

 

 

 

 

 

 

saved to the Running Configuration file and is maintained until

 

 

 

 

 

 

 

 

 

 

 

 

reset or power-up.

 

 

 

 

 

 

 

 

 

 

 

 

Apply

Saves configuration changes to the device. The configuration

 

 

 

 

 

 

 

 

 

 

 

change is saved to the Running Configuration file and is

 

 

 

 

 

 

 

 

 

 

 

 

maintained until reset or power-up.

 

 

 

 

 

 

 

 

 

 

 

 

Configure

Opens a page which creates or modifies configuration entries.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Delete

Deletes the selected table and configuration entries.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

View

Displays detailed information for the current page/configuration.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Refresh

Refreshes information displayed on the current page.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Reset

Device reset. Resets the device information for all device

 

 

 

 

 

 

 

 

 

 

 

parameters according to current configuration.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Defaults

Configuration reset. Resets the information for all parameters in

 

 

 

 

 

 

 

 

 

 

 

the current context (page/tab) to predefined defaults.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Test

Performs a diagnostic test.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Clear All Counters

Removes all counters.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

The application menu includes the following general purpose buttons:

 

 

 

 

 

 

 

 

 

 

 

 

Configuration

Opens the default configuration page (System General).

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Login

Signs the user into the WBI, starts the management session.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Logout

Signs the user out of the WBI, ending the management session.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Help

Opens the online help page.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Exit Help

Closes the online help page.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Save Config

Used when configuration changes to the device need to be saved

 

 

 

 

 

 

 

 

 

 

 

as permanent. The configuration is saved as permanent by

 

 

 

 

 

 

 

 

 

 

 

 

copying the current Running Configuration file to the Startup

 

 

 

 

 

 

Configuration file.

 

 

 

 

 

 

 

Page 14

Getting Started

Using the Web Browser Interface

Adding, Modifying and Deleting Information

The WBI contains and tables for configuring devices. User-defined information can be added, modified or deleted in specific WBI pages.

To add information to tables or WBI pages:

1.Open a WBI page.

2.Click Add. An Add page opens, for example, the Add Local User Page:

Figure 6: Add Local User Page

3.Define the fields.

4.Click Apply. The configuration information is saved, and the device is updated.

To modify information in tables or WBI pages:

1.Open a WBI page.

2.Select a table entry.

3.Click Modify. A Modify (or Settings) page opens, for example, the Local User Settings Page:

Figure 7: Local User Settings Page

4.Define the fields.

5.Click Apply. The fields are modified, and the information is saved to the device.

Page 15

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

To delete information in tables or WBI pages:

1.Open the WBI page.

2.Select a table row.

3.Click Delete. The information is deleted, and the device is updated.

Saving Configurations

User-defined information can be saved for permanent use or until next update, not just for the current session. A configuration is saved as permanent by copying the current Running Configuration file to the Startup Configuration file.

To save changes permanently:

Click Save Config on the menu.

Logging Out

The Logout option enables the user to log out of the device thereby terminating the running session. To log out:

In any page, click Logout on the menu. The current management session is ended and the Login Page opens:

Figure 8: Login Page

For more information about login, refer to Starting the Application.

Page 16

Getting Started

Resetting the Device

Resetting the Device

The Reset option enables resetting the device from a remote location.

Note

Save all changes to the Running Configuration file before resetting the device. This prevents the current device configuration from being lost. See also "Managing System Files".

To reset the device:

1.In the System General Page, click Reset. You are prompted to confirm.

2.Click OK. The device is reset. Resetting the device ends the web browser management session. You must restart the session to continue managing the device. After the device is reset, a prompt for a user name and password displays.

3.Enter a user name and password to reconnect to the Web Interface.

To reset the device to the predefined default configuration:

In the System General Page, click Defaults. The default settings are restored and the device is reset.

Page 17

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Section 2. Defining System Information

The System General Page contains general device information, including system name and its IP addressing, administrator and passwords information, Dynamic Host Configuration Protocol (DHCP) configuration and MAC Address Aging Time.

To define the general system information:

1.Click System > General. The System General Page opens:

Figure 9: System General Page

The System General Page comprises two sections: Administration and DHCP Configuration. The Administration section of the System General Page contains the following fields:

System Name — Indicates the user-defined name of the device. This is a required field. The field range is 0-159 characters.

Administrator — Indicates the name of the administrator responsible for managing the device. The field range is 0-159 characters.

Comments — (Optional) The user can add any comments about the device in this field, for example, fill in the location of the device.

IP Address — Indicates the device’s IP address.

Subnet Mask — Indicates the device’s subnet mask.

Page 18

Defining System Information

Default Gateway — The IP address of a router for remote management of the device. The address must be entered in the format: xxx.xxx.xxx.xxx. The default value is 0.0.0.0.

Note

Packets are forwarded to the default IP when frames are sent to a remote network via the default gateway. The configured IP address must belong to the same subnet as one of the IP interfaces.

The DHCP Configuration section of the System General Page contains the following fields:

DHCP — Indicates if the Dynamic Host Configuration Protocol (DHCP) is enabled.

Enable — DHCP dynamically assigns IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. If the DHCP client software is activated, the device immediately begins to query the network for a DHCP server. The device continues to query the network for its IP configuration until it receives a response. If the device and IP address are manually assigned, that address is deleted and replaced by the IP address received from the DHCP server.

Disable — Disables DHCP on the device.

Mac Address Aging Time — The time interval an inactive dynamic MAC address can remain in the MAC address table before it is deleted. The default time is 300 seconds, and the range is 0-300.

2.Define the administration, passwords and DHCP configuration fields.

3.Click Apply. The system general information is defined and the device is updated.

4.Click Save Config on the menu to save the changes permanently.

Page 19

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Section 3. Configuring System Time

This section provides information for configuring system time parameters, including:

Setting the System Clock

Configuring SNTP

Configuring Daylight Saving Time

The following is a list of Daylight Savings Time start and end dates by country:

Albania — From the last weekend of March until the last weekend of October.

Australia — From the end of October until the end of March.

Australia - Tasmania — From the beginning of October until the end of March.

Armenia — From the last weekend of March until the last weekend of October.

Austria — From the last weekend of March until the last weekend of October.

Bahamas — From April to October, in conjunction with Daylight Savings Time in the United States.

Belarus — From the last weekend of March until the last weekend of October.

Belgium — From the last weekend of March until the last weekend of October.

Brazil — From the third Sunday in October until the third Saturday in March. During the period of Daylight Saving Time, Brazilian clocks go forward one hour in most of the Brazilian southeast.

Chile — In Easter Island, from March 9 until October 12. In the rest of the country, from the first Sunday in March or after 9th March.

China — China does not use Daylight Saving Time.

Canada — From the first Sunday in April until the last Sunday of October. Daylight Saving Time is usually regulated by provincial and territorial governments. Exceptions may exist in certain municipalities.

Cuba — From the last Sunday of March to the last Sunday of October.

Cyprus — From the last weekend of March until the last weekend of October.

Denmark — From the last weekend of March until the last weekend of October.

Egypt — From the last Friday in April until the last Thursday in September.

Estonia — From the last weekend of March until the last weekend of October.

Finland — From the last weekend of March until the last weekend of October.

France — From the last weekend of March until the last weekend of October.

Germany — From the last weekend of March until the last weekend of October.

Greece — From the last weekend of March until the last weekend of October.

Hungary — From the last weekend of March until the last weekend of October.

India — India does not use Daylight Saving Time.

Iran — From Farvardin 1 until Mehr 1.

Iraq — From April 1 until October 1.

Ireland — From the last weekend of March until the last weekend of October.

Israel — Varies year-to-year.

Italy — From the last weekend of March until the last weekend of October.

Japan — Japan does not use Daylight Saving Time.

Jordan — From the last weekend of March until the last weekend of October.

Latvia — From the last weekend of March until the last weekend of October.

Lebanon — From the last weekend of March until the last weekend of October.

Page 20

Configuring System Time

Lithuania — From the last weekend of March until the last weekend of October.

Luxembourg — From the last weekend of March until the last weekend of October.

Macedonia — From the last weekend of March until the last weekend of October.

Mexico — From the first Sunday in April at 02:00 to the last Sunday in October at 02:00.

Moldova — From the last weekend of March until the last weekend of October.

Montenegro — From the last weekend of March until the last weekend of October.

Netherlands — From the last weekend of March until the last weekend of October.

New Zealand — From the first Sunday in October until the first Sunday on or after March 15.

Norway — From the last weekend of March until the last weekend of October.

Paraguay — From April 6 until September 7.

Poland — From the last weekend of March until the last weekend of October.

Portugal — From the last weekend of March until the last weekend of October.

Romania — From the last weekend of March until the last weekend of October.

Russia — From the last weekend of March until the last weekend of October.

Serbia — From the last weekend of March until the last weekend of October.

Slovak Republic - From the last weekend of March until the last weekend of October.

South Africa — South Africa does not use Daylight Saving Time.

Spain — From the last weekend of March until the last weekend of October.

Sweden — From the last weekend of March until the last weekend of October.

Switzerland — From the last weekend of March until the last weekend of October.

Syria — From March 31 until October 30.

Taiwan — Taiwan does not use Daylight Saving Time.

Turkey — From the last weekend of March until the last weekend of October.

United Kingdom — From the last weekend of March until the last weekend of October.

United States of America — From the first Sunday in April at 02:00 to the last Sunday in October at 02:00.

Page 21

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Setting the System Clock

The System Time Page contains fields for defining system time parameters for both the local hardware clock and the external SNTP clock. If the system time is kept using an external SNTP clock, and the external SNTP clock fails, the system time reverts to the local hardware clock. Daylight Savings Time can be enabled on the device.

To configure the system clock time:

1.Click System > System Time. The System Time Page opens:

Figure 10: System Time Page

The Clock Source and System Time sections of the System Time Page contains the following fields:

Clock Source — The source used to set the system clock. The possible field values are:

Use Local Settings — Indicates that the clock is set locally.

Use SNTP Server — Indicates that the system time is set via an SNTP server.

System Time — Sets the local clock time. The field format is HH:MM:SS. For example: 21:15:03.

System Date — Sets the system date. The field format is Day/Month/Year. For example: 04/May/50 (May 4, 2050).

Time Zone Offset — The difference between Greenwich Mean Time (GMT) and local time. For example, the Time Zone Offset for Paris is GMT +1, while the Time Zone Offset for New York is GMT –5.

To set the system clock:

2.Select the system time mode.

3.Define the System Date, System Time and Time Zone Offset fields.

4.Click Apply in each section. The local system clock settings are saved, and the device is updated.

5.Click Save Config on the menu to save the changes permanently.

Page 22

Configuring System Time

Configuring SNTP

Configuring SNTP

The device supports the Simple Network Time Protocol (SNTP). SNTP assures accurate network device clock time synchronization up to the millisecond. Time synchronization is performed by a network SNTP server. The device operates only as an SNTP client, and cannot provide time services to other systems. The device can poll the following server types for the server time:

Unicast

Anycast

Broadcast

Time sources are established by stratums. Stratums define the accuracy of the reference clock. The higher the stratum (where zero is the highest), the more accurate the clock. The device receives time from stratum 1 and above. The following is an example of stratums:

Stratum 0 — A real time clock (such as a GPS system) is used as the time source.

Stratum 1 — A server that is directly linked to a Stratum 0 time source is used. Stratum 1 time servers provide primary network time standards.

Stratum 2 — The time source is distanced from the Stratum 1 server over a network path. For example, a Stratum 2 server receives the time over a network link, via NTP, from a Stratum 1 server.

Polling for Unicast Time Information

Polling for Unicast information is used for polling a server for which the IP address is known. T1 - T4 are used to determine the server time. This is the preferred method for synchronizing device time.

Polling for Anycast Time Information

Polling for Anycast information is used when the SNTP server IP address is unknown. The first Anycast server to return a response is used to set the time value. Time levels T3 and T4 are used to determine the server time. Using Anycast time information for synchronizing device time is preferred to using Broadcast time information.

Broadcast Time Information

Broadcast information is used when the server IP address is unknown. When a broadcast message is sent from an SNTP server, the SNTP client listens for the response. The SNTP client neither sends time information requests nor receives responses from the Broadcast server.

Message Digest 5 (MD5) Authentication safeguards device synchronization paths to SNTP servers. MD5 is an algorithm that produces a 128-bit hash. MD5 is a variation of MD4, and increases MD4 security. MD5 verifies the integrity of the communication, authenticates the origin of the communication.

To define SNTP global parameters:

1.Click System > System Time. The System Time Page opens.

The SNTP Settings section of the System Time Page contains the following fields:

Status — Indicates if SNTP is enabled on the device. The possible field values are:

Disabled — Indicates that SNTP is disabled.

Enabled — Indicates that SNTP is enabled.

Server IP Address — Displays a user-defined SNTP server IP address.

Poll Interval — Defines the interval (in seconds) at which the SNTP server is polled for Unicast information. The Poll Interval default is 1024 seconds.

2.Select the SNTP Status.

Page 23

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

3.Define the Server IP Address and the Poll Interval fields.

4.Click Apply. The SNTP global settings are defined, and the device is updated.

5.Click Save Config on the menu to save the changes permanently.

Configuring Daylight Saving Time

To configure DST:

1.Click System > System Time. The System Time Page opens:

The Additional Time Parameters section of the System Time Page contains the following fields:

Daylight Saving — Enables automatic Daylight Saving Time (DST) on the device based on the device’s location. There are two types of daylight settings, either by a specific date in a particular year or a recurring setting irrespective of the year. For a specific setting in a particular year complete the Daylight Savings area, and for a recurring setting, complete the Recurring area. The possible field values are:

USA — The device devices to DST at 2:00 a.m. on the first Sunday of April, and reverts to standard time at 2:00 a.m. on the last Sunday of October.

European — The device devices to DST at 1:00 am on the last Sunday in March and reverts to standard time at 1:00 am on the last Sunday in October. The European option applies to EU members, and other European countries using the EU standard.

Custom — The DST definitions are user-defined based on the device locality. If Custom is selected, the From and To fields must be defined.

Time Set Offset — Used for non-USA and European countries to set the amount of time for DST (in minutes). The default time is 60 minutes. The range is 1-1440 minutes.

From — Indicates the time that DST begins in countries other than the USA and Europe, in the format Day/ Month/Year in one field and HH:MM in another. For example, if DST begins on October 25, 2007 at 5:00 am, the two fields should be set to 25/Oct./07 and 05:00. The possible field values are:

Date — The date on which DST begins. The possible field range is 1-31.

Month — The month of the year in which DST begins. The possible field range is Jan.-Dec.

Year — The year in which the configured DST begins.

Time — The time at which DST begins. The field format is HH:MM. For example: 05:30.

To — Indicates the time that DST ends in countries other than the USA and Europe, in the format Day/Month/ Year in one field and HH:MM in another. For example, if DST ends on March 23, 2008 at midnight, the two fields should be 23/Mar/08 and 00:00. The possible field values are:

Date — The date on which DST ends. The possible field range is 1-31.

Month — The month of the year in which DST ends. The possible field range is Jan-Dec.

Year— The year in which the configured DST ends.

Time — The time at which DST starts. The field format is HH:MM. For example: 05:30.

Recurring — Enables user-defined DST for countries in which DST is constant from year to year, other than the USA and Europe.

From — The time that DST begins each year. In the example, DST begins locally every first Sunday in April at midnight. The possible field values are:

Day — The day of the week from which DST begins every year. The possible field range is SundaySaturday.

Week — The week within the month from which DST begins every year. The possible field range is 1-5.

Month — The month of the year in which DST begins every year. The possible field range is Jan.-Dec.

Page 24

Configuring System Time

Configuring Daylight Saving Time

Time — The time at which DST begins every year. The field format is Hour:Minute. For example: 02:10.

To — The time that DST ends each year. In the example, DST ends locally every first Sunday in October at midnight. The possible field values are:

Day — The day of the week at which DST ends every year. The possible field range is Sunday-Saturday.

Week — The week within the month at which DST ends every year. The possible field range is 1-5.

Month — The month of the year in which DST ends every year. The possible field range is Jan.-Dec.

Time — The time at which DST ends every year. The field format is HH:MM. For example: 05:30.

2.To configure the device to automatically switch to DST, select Daylight Savings and select either USA, European, or Other. If you select Other, you must define its From and To fields. To configure DST parameters that will recur every year, select Recurring and define its From and To fields.

3.Click Apply. The DST settings are saved, and the device is updated.

4.Click Save Config on the menu to save the changes permanently.

Page 25

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Section 4. Configuring Device Security

This section describes setting security parameters for ports, device management methods, users, and servers. This section contains the following topics:

Configuring Management Security

Configuring Network Security

Page 26

Configuring Device Security

Configuring Management Security

Configuring Management Security

This section provides information for configuring device management security: device authentication methods, users and passwords.

This section includes the following topics:

Defining Access Profiles

Defining Profile Rules

Defining Authentication Profiles

Mapping Authentication Profiles

Configuring Server Based Authentication

Configuring TACACS+

Configuring RADIUS

Configuring Local Users

Page 27

Allied Telesis AT-8000S Switch

Web Browser Interface User’s Guide

Defining Access Profiles

Access profiles are profiles and rules for accessing the device. Access to management functions can be limited to user groups. User groups are defined for interfaces according to IP addresses or IP subnets. Access profiles contain management methods for accessing and managing the device. The device management methods include:

All

Telnet

Secure Telnet (SSH)

HTTP

Management access to different management methods may differ between user groups. For example, User Group 1 can access the device module only via an HTTPS session, while User Group 2 can access the device module via both HTTPS and Telnet sessions. The Access Profile Page contains the currently configured access profiles and their activity status.

Assigning an access profile to an interface denies access via other interfaces. If an access profile is assigned to any interface, the device can be accessed by all interfaces.

To define access profiles:

1.Click Mgmt. Security > Access Profile. The Access Profile Page opens:

Figure 11: Access Profile Page

The Access Profile Page contains a table listing the currently defined profiles and their active status:

Access Profile Name — The name of the profile. The access profile name can contain up to 32 characters.

Current Active Access Profile — Indicates if the profile is currently active. The possible field values are:

Page 28

Configuring Device Security

Configuring Management Security

Checked — The access profile is currently active. Access Profiles cannot be deleted when active.

Unchecked — Disables the active access profile.

2.Click Add. The Add Access Profile Page opens:

Figure 12: Add Access Profile Page

The Add Access Profile Page contains the following fields:

Access Profile Name — Defines the name of a new access profile.

Rule Priority — Defines the rule priority. When the packet is matched to a rule, user groups are either granted permission or denied device management access. The rule number is essential to matching packets to rules, as packets are matched on a first-fit basis. The rule priorities are assigned in the Profile Rules Page.

Management Method — Defines the management method for which the rule is defined. Users with this access profile can access the device using the management method selected. The possible field values are:

All — Assigns all management methods to the rule.

Telnet — Assigns Telnet access to the rule. If selected, users accessing the device using Telnet meeting access profile criteria are permitted or denied access to the device.

Secure Telnet (SSH) — Assigns SSH access to the rule. If selected, users accessing the device using Telnet meeting access profile criteria are permitted or denied access to the device.

HTTP — Assigns HTTP access to the rule. If selected, users accessing the device using HTTP meeting access profile criteria are permitted or denied access to the device.

Secure HTTP (HTTPS) — Assigns HTTPS access to the rule. If selected, users accessing the device using HTTPS meeting access profile criteria are permitted or denied access to the device.

SNMP — Assigns SNMP access to the rule. If selected, users accessing the device using SNMP meeting access profile criteria are permitted or denied access to the device.

Interface — Defines the interface on which the access profile is defined. The possible field values are:

Port — Specifies the port on which the access profile is defined.

LAG — Specifies the LAG on which the access profile is defined.

VLAN — Specifies the VLAN on which the access profile is defined.

Source IP Address — Defines the interface source IP address to which the access profile applies. The Source IP Address field is valid for a subnetwork.

Page 29

Loading...
+ 158 hidden pages