All rights reserved. No part of this publication may be reproduced without prior written permission from Allied Telesyn, Inc.
Microsoft and Internet Explorer are registered trademarks of Microsoft Corporation. Netscape Navigator is a registered trademark of
Netscape Communications Corporation. All other product names, company names, logos or other designations mentioned herein are
trademarks or registered trademarks of their respective owners.
Allied Telesyn, Inc. reserves the right to make changes in specifications and other information contained in this document without prior
written notice. The information provided herein is subject to change without notice. In no event shall Allied Telesyn, Inc. be liable for any
incidental, special, indirect, or consequential damages whatsoever, including but not limited to lost profits, arising out of or related to this
manual or the information contained herein, even if Allied Telesyn, Inc. has been advised of, known, or should have known, the possibility
of such damages.
How This Guide is Organized........................................................................................................................... 22
Online Support ........................................................................................................................................... 25
Email and Telephone Support.................................................................................................................... 25
New Features History ....................................................................................................................................... 26
Version 1.4.0 .............................................................................................................................................. 26
Local Management Session ............................................................................................................................. 31
Chapter 2: Starting a Local or Telnet Management Session ..................................................................... 39
Local Management Session ............................................................................................................................. 40
Starting a Local Management Session ...................................................................................................... 41
Quitting a Local Session ............................................................................................................................ 43
When Does a Switch Need an IP Address? ..................................................................................................... 50
How Do You Assign an IP Address?.......................................................................................................... 51
Configuring an IP Address and Switch Name .................................................................................................. 52
Activating the BOOTP or DHCP Client Software.............................................................................................. 55
Rebooting a Switch........................................................................................................................................... 57
Configuring the Manager and Operator Passwords ......................................................................................... 58
Changing the Manager or Operator Password .......................................................................................... 58
Resetting the Manager Password.............................................................................................................. 59
Setting the System Time .................................................................................................................................. 61
Configuring the Console Startup Mode ............................................................................................................ 65
Configuring the Console Timer......................................................................................................................... 66
3
Contents
Enabling or Disabling the Telnet Server ........................................................................................................... 67
Setting the Baud Rate of the RS-232 Terminal Port ......................................................................................... 68
Setting Fan Control ........................................................................................................................................... 69
Enabling and Disabling Fan Control ........................................................................................................... 69
Displaying Fan Control Status .................................................................................................................... 70
Pinging a Remote System ................................................................................................................................72
Returning the AT-S62 Software to the Factory Default Values......................................................................... 73
Retaining the System Files.........................................................................................................................73
Deleting the System Files........................................................................................................................... 74
Viewing System Hardware and Software Information.......................................................................................76
Setting a Switch’s Enhanced Stacking Status .................................................................................................. 83
Selecting a Switch in an Enhanced Stack......................................................................................................... 85
Returning to the Master Switch ......................................................................................................................... 87
Chapter 5: SNMPv1 and SNMPv2c Configuration ....................................................................................... 89
SNMPv1 and SNMPv2c Overview .................................................................................................................... 90
Default SNMP Community Strings ............................................................................................................. 92
Enabling or Disabling SNMP Management....................................................................................................... 93
Setting the Authentication Failure Trap............................................................................................................. 94
Creating an SNMP Community String .............................................................................................................. 95
Modifying a Community String .......................................................................................................................... 98
Deleting a Community String ..........................................................................................................................102
Displaying the SNMP Community Strings....................................................................................................... 103
Chapter 6: Port Parameters ........................................................................................................................105
Displaying Port Status.....................................................................................................................................106
Configuring Port Parameters ..........................................................................................................................109
Setting the Rate Limit......................................................................................................................................118
Displaying Port Statistics ................................................................................................................................120
Clearing Port Counters ...................................................................................................................................122
Chapter 7: MAC Address Table ..................................................................................................................123
MAC Address Overview..................................................................................................................................124
Displaying MAC Addresses ............................................................................................................................126
Adding Static Unicast and Multicast MAC Addresses.....................................................................................130
Deleting Unicast and Multicast MAC Addresses............................................................................................. 132
Deleting All Dynamic MAC Addresses ............................................................................................................ 133
Changing the Aging Time ...............................................................................................................................134
Chapter 8: Static and LACP Port Trunks ................................................................................................... 135
Port Trunk Overview ....................................................................................................................................... 136
Static Port Trunk Overview.......................................................................................................................136
Load Distribution Methods........................................................................................................................144
Managing Static Port Trunks...........................................................................................................................147
Creating a Static Port Trunk ..................................................................................................................... 147
Modifying a Static Port Trunk ................................................................................................................... 150
Deleting a Static Port Trunk...................................................................................................................... 152
Enabling or Disabling LACP ..................................................................................................................... 154
Setting a LACP System Priority................................................................................................................155
Creating an Aggregator ............................................................................................................................ 156
Modifying an Aggregator .......................................................................................................................... 158
Deleting an Aggregator ............................................................................................................................ 160
Displaying LACP Port or Aggregator Status ............................................................................................ 161
Chapter 9: Port Mirroring ............................................................................................................................ 165
Port Mirroring Overview.................................................................................................................................. 166
Creating a Port Mirror ..................................................................................................................................... 167
Disabling a Port Mirror.................................................................................................................................... 169
Chapter 10: File System .............................................................................................................................. 173
File System Overview..................................................................................................................................... 174
Working with Boot Configuration Files............................................................................................................ 176
Creating a Boot Configuration File ........................................................................................................... 176
Setting the Active Boot Configuration File................................................................................................ 179
Viewing a Boot Configuration File............................................................................................................ 180
Editing a Boot Configuration File.............................................................................................................. 182
Troubleshooting a Boot Configuration File............................................................................................... 182
Copying, Renaming, and Deleting System Files ............................................................................................ 183
Displaying System Files ................................................................................................................................. 185
Chapter 11: File Downloads and Uploads ................................................................................................. 187
Downloading a New AT-S62 Image File onto a Switch .................................................................................. 188
Downloading a System File ............................................................................................................................ 202
Downloading a File from a Local Management Session .......................................................................... 203
Downloading a File from a Telnet Management Session......................................................................... 207
Uploading a System File................................................................................................................................. 209
Uploading a File from a Local Management Session............................................................................... 210
Uploading a File from a Telnet Management Session ............................................................................. 213
Chapter 12: Event Log and Syslog Servers .............................................................................................. 215
Event Log and Syslog Server Overview ......................................................................................................... 216
Managing the Event Log................................................................................................................................. 217
Enabling or Disabling the Event Log ........................................................................................................ 217
Displaying the Event Log ......................................................................................................................... 218
Modifying the Event Log Full Action......................................................................................................... 222
Saving the Event Log ............................................................................................................................... 224
Clearing the Event Log............................................................................................................................. 224
Managing Syslog Server Definitions............................................................................................................... 225
Creating a Syslog Server Definition ......................................................................................................... 226
Modifying a Syslog Server Definition ....................................................................................................... 230
Deleting a Syslog Server Definition.......................................................................................................... 231
Displaying a Syslog Server Definition ...................................................................................................... 232
Creating a Classifier........................................................................................................................................241
Modifying a Classifier...................................................................................................................................... 244
Deleting a Classifier ........................................................................................................................................246
Deleting All Classifiers .................................................................................................................................... 247
Chapter 14: Access Control Lists .............................................................................................................. 251
Access Control List (ACL) Overview ............................................................................................................... 252
Parts of an ACL ........................................................................................................................................ 253
Creating an ACL .............................................................................................................................................259
Modifying an ACL............................................................................................................................................261
Deleting an ACL..............................................................................................................................................263
Deleting All ACLs ............................................................................................................................................265
Chapter 15: Quality of Service .................................................................................................................... 267
Quality of Service Overview ............................................................................................................................268
Flow Groups .............................................................................................................................................270
Creating a Flow Group ............................................................................................................................. 283
Modifying a Flow Group............................................................................................................................ 285
Deleting a Flow Group.............................................................................................................................. 287
Creating a Traffic Class ............................................................................................................................ 290
Modifying a Traffic Class ..........................................................................................................................294
Deleting a Traffic Class ............................................................................................................................ 296
Creating a Policy ......................................................................................................................................299
Modifying a Policy..................................................................................................................................... 302
Deleting a Policy....................................................................................................................................... 303
Chapter 16: Class of Service ...................................................................................................................... 307
Class of Service Overview ..............................................................................................................................308
Displaying Port CoS Priorities ........................................................................................................................ 320
Displaying a List of Host Nodes...................................................................................................................... 329
Displaying a List of Multicast Routers............................................................................................................. 331
Chapter 18: Denial of Service Defenses .................................................................................................... 333
Denial of Service Defense Overview .............................................................................................................. 334
SYN Flood Attack..................................................................................................................................... 334
Land Attack .............................................................................................................................................. 335
Ping of Death Attack ................................................................................................................................ 337
IP Options Attack ..................................................................................................................................... 338
Denial of Service Defense Guidelines...................................................................................................... 339
Enabling or Disabling Denial of Service Prevention ....................................................................................... 340
Chapter 19: Power Over Ethernet .............................................................................................................. 343
Power Over Ethernet Overview ...................................................................................................................... 344
PoE Implementation on the AT-8524POE Switch.................................................................................... 345
Power Budgeting...................................................................................................................................... 345
Port Prioritization...................................................................................................................................... 346
Setting the PoE Threshold.............................................................................................................................. 348
Configuring PoE Port Settings........................................................................................................................ 350
Displaying PoE Status and Settings ............................................................................................................... 352
Managing the Address Resolution Protocol Table ......................................................................................... 360
Displaying the ARP Table ........................................................................................................................ 361
Deleting an ARP Entry ............................................................................................................................. 363
Deleting All ARP Entries .......................................................................................................................... 363
Configuring the ARP Table Timeout Value .............................................................................................. 364
Displaying the Routing Table.......................................................................................................................... 365
Displaying the TCP Connections Table.......................................................................................................... 367
Deleting a TCP Connection ............................................................................................................................ 370
Displaying the TCP Global Information Table ................................................................................................ 371
Displaying the Display SNMPv3 User Table Menu .................................................................................. 472
Displaying the Display SNMPv3 View Table Menu ..................................................................................474
Displaying the Display SNMPv3 Access Table Menu .............................................................................. 475
Displaying the Display SNMPv3 SecurityToGroup Table Menu...............................................................476
Displaying the Display SNMPv3 Notify Table Menu................................................................................
Displaying the Display SNMPv3 Target Address Table Menu ................................................................. 478
Displaying the Display SNMPv3 Target Parameters Table Menu ............................................................479
Displaying the Display SNMPv3 Community Table Menu........................................................................480
.477
Section IV: Spanning Tree Protocols ..................................................................... 481
Chapter 22: Spanning Tree and Rapid Spanning Tree Protocols ........................................................... 483
STP and RSTP Overview ...............................................................................................................................484
Bridge Priority and the Root Bridge .......................................................................................................... 485
Mixed STP and RSTP Network ................................................................................................................ 491
Spanning Tree and VLANs.......................................................................................................................491
Enabling or Disabling a Spanning Tree Protocol ............................................................................................493
Configuring the CIST Priority.......................................................................................................................... 526
Creating, Deleting, and Modifying MSTIs ....................................................................................................... 528
Creating an MSTI..................................................................................................................................... 529
Deleting an MSTI .................................................................................................................................... 530
Modifying an MSTI ................................................................................................................................... 530
Associating VLANs to MSTI IDs ..................................................................................................................... 532
Adding VLAN Associations to an MSTI.................................................................................................... 533
Removing VLAN Associations from an MSTI........................................................................................... 534
Replacing VLAN Associations to an MSTI .............................................................................................. 534
Removing All VLAN Associations from an MSTI...................................................................................... 535
Configuring MSTP Port Settings..................................................................................................................... 536
Configuring Generic MSTP Port Settings................................................................................................. 536
Configuring MSTI-specific Port Parameters............................................................................................. 538
Displaying MSTP Port Settings and Status .................................................................................................... 541
Creating a Port-based or Tagged VLAN......................................................................................................... 559
Example of Creating a Port-based VLAN ....................................................................................................... 563
Example of Creating a Tagged VLAN ............................................................................................................ 564
Modifying a VLAN........................................................................................................................................... 565
Deleting a VLAN ............................................................................................................................................. 571
Deleting All VLANs ......................................................................................................................................... 574
Selecting a VLAN Mode.................................................................................................................................. 612
Displaying VLAN Information .......................................................................................................................... 613
Configuring MAC Address-based Port Security ..............................................................................................637
Displaying Port Security Levels ......................................................................................................................641
Chapter 29: 802.1x Port-based Network Access Control ......................................................................... 643
IEEE 802.1x Port-based Network Access Control Overview ..........................................................................644
Port Roles................................................................................................................................................. 646
Authenticator Role .................................................................................................................................... 646
Supplicant Role ........................................................................................................................................648
Authenticator Ports with Single and Multiple Supplicants.........................................................................649
Supplicant and VLAN Associations .......................................................................................................... 655
General Steps........................................................................................................................................... 659
802.1x Port-based Network Access Control Guidelines ...........................................................................660
Setting Port Roles ........................................................................................................................................... 662
Enabling and Disabling 802.1x Port-based Network Access Control.............................................................. 664
Configuring Authenticator Port Parameters .................................................................................................... 665
Configuring Supplicant Port Parameters......................................................................................................... 671
Displaying the Port Access Parameters.......................................................................................................... 674
Chapter 30: Web Server .............................................................................................................................. 681
Web Server Overview..................................................................................................................................... 682
Configuring the Web Server ........................................................................................................................... 683
General Steps to Configuring the Web Server for Encryption ........................................................................ 685
General Steps for a Self-signed Certificate.............................................................................................. 685
General Steps for a Public or Private CA Certificate................................................................................ 685
Data Encryption........................................................................................................................................ 690
Data Authentication.................................................................................................................................. 692
Creating an Encryption Key............................................................................................................................ 695
Deleting an Encryption Key ............................................................................................................................ 699
Modifying an Encryption Key .......................................................................................................................... 700
Exporting an Encryption Key .......................................................................................................................... 701
Importing an Encryption Key .......................................................................................................................... 703
Chapter 32: PKI Certificates and SSL ........................................................................................................ 705
Types of Certificates ................................................................................................................................ 706
User Verification....................................................................................................................................... 712
Public Key Infrastructure .......................................................................................................................... 713
Public Keys .............................................................................................................................................. 713
Digital Signatures..................................................................................................................................... 713
Creating a Self-signed Certificate................................................................................................................... 718
Adding a Certificate to the Database.............................................................................................................. 722
Modifying a Certificate .................................................................................................................................... 725
Deleting a Certificate ...................................................................................................................................... 727
Viewing a Certificate....................................................................................................................................... 728
Generating an Enrollment Request ................................................................................................................ 730
Installing CA Certificates onto a Switch.......................................................................................
Support for SSH ....................................................................................................................................... 738
General Steps to Configuring SSH...........................................................................................................741
Configuring the SSH Server............................................................................................................................742
Displaying SSH Information ............................................................................................................................ 744
Chapter 34: TACACS+ and RADIUS Authentication Protocols ............................................................... 747
TACACS+ and RADIUS Overview..................................................................................................................748
Enabling or Disabling the Management ACL .................................................................................................. 764
Creating an ACE ............................................................................................................................................. 766
Modifying an ACE ........................................................................................................................................... 768
Deleting an ACE ............................................................................................................................................. 770
Displaying the ACEs ....................................................................................................................................... 771
Port Configuration Default Settings................................................................................................................. 785
802.1x Port-Based Network Access Control Default Settings......................................................................
...786
Power Over Ethernet ......................................................................................................................................788
Class of Service ..............................................................................................................................................789
Web Server Default Settings .......................................................................................................................... 797
Traffic Control ................................................................................................................................................. 805
Spanning Tree Protocols ................................................................................................................................ 806
Port Trunks ..................................................................................................................................................... 806
IP Multicast ..................................................................................................................................................... 807
Port Security ................................................................................................................................................... 807
Management Access and Security ................................................................................................................. 807
System Monitoring.......................................................................................................................................... 808
Denial of Service Defenses ............................................................................................................................ 809
Index ............................................................................................................................................................. 811
13
Contents
14
Figures
Chapter 2:Starting a Local or Telnet Management Session..................................................................... 39
Figure 1: Connecting a Terminal or PC to the RS232 Terminal Port....................................................................................41
Figure 3: Main Menu.............................................................................................................................................................42
Figure 4: System Administration Menu.................................................................................................................................52
Figure 5: System Configuration Menu ..................................................................................................................................53
Figure 6: System Utilities Menu............................................................................................................................................57
Figure 8: Configure System Time Menu...............................................................................................................................62
Figure 9: Console (Serial/Telnet) Configuration Menu .........................................................................................................65
Figure 10: Fan Control Configuration Menu .........................................................................................................................70
Figure 11: Show Fan Control Status.....................................................................................................................................71
Figure 12: System Information Menu....................................................................................................................................76
Figure 13: System Hardware Information Menu...................................................................................................................77
Figure 18: SNMPv1 & SNMPv2c Community Menu.............................................................................................................95
Figure 19: Modify SNMP Community Menu .........................................................................................................................98
Figure 20: Display SNMP Community Menu ......................................................................................................................103
Figure 21: Port Configuration Menu....................................................................................................................................106
Figure 22: Port Status Menu...............................................................................................................................................106
Figure 23: Port Configuration (Port) Menu..........................................................................................................................109
Figure 24: Head of Line Blocking .......................................................................................................................................113
Figure 25: Flow Control Menu ............................................................................................................................................114
Figure 26: Back Pressure Menu .........................................................................................................................................115
Figure 28: Port Statistics Menu...........................................................................................................................................120
Figure 29: MAC Address Tables Menu...............................................................................................................................126
Figure 30: Display Unicast MAC Addresses Menu.............................................................................................................126
Figure 31: Display All Menu - Unicast MAC Addresses......................................................................................................127
Figure 32: Display All Menu - Multicast MAC Addresses ...................................................................................................128
Figure 33: Configure MAC Addresses Menu......................................................................................................................130
Chapter 8: Static and LACP Port Trunks................................................................................................... 135
Figure 34: Static Port Trunk Example.................................................................................................................................136
Figure 35: Example of Multiple Aggregators for Multiple Aggregate Trunks ......................................................................139
Figure 36: Example of an Aggregator with Multiple Trunks................................................................................................140
15
Figures
Figure 37: Port Trunking and LACP Menu..........................................................................................................................148
Figure 38: Static Port Trunking Menu .................................................................................................................................148
Figure 41: LACP (IEEE 8023ad) Configuration Menu ........................................................................................................155
Figure 42: Create LACP (IEEE 8023ad) Aggregator Menu ................................................................................................157
Figure 43: Modify LACP (IEEE 8023ad) Aggregator Menu ................................................................................................159
Figure 44: LACP (IEEE 802.3ad Port Status Menu ............................................................................................................162
Figure 45: LACP (IEEE 802.3ad) Aggregator Status Menu................................................................................................162
Figure 46: Port Mirroring Menu #1......................................................................................................................................167
Figure 47: Port Mirroring Menu #2......................................................................................................................................167
Chapter 10:File System .............................................................................................................................. 173
Figure 48: File Operations Menu ........................................................................................................................................177
Figure 49: View File Menu ..................................................................................................................................................181
Figure 50: List Files Menu...................................................................................................................................................186
Chapter 11:File Downloads and Uploads ................................................................................................. 187
Figure 51: Downloads and Uploads Menu..........................................................................................................................190
Figure 52: Local Management Window ..............................................................................................................................192
Figure 63: Syslog Server Configuration Menu ....................................................................................................................226
Figure 64: Configure Log Outputs Menu with a Syslog Server Definition...........................................................................230
Figure 65: User Priority and VLAN Fields within an Ethernet Frame..................................................................................236
Figure 66: ToS field in an IP Header...................................................................................................................................237
Figure 68: Create Classifier Menu (Page 1) .......................................................................................................................242
Figure 69: Create Classifier Menu (Page 2) .......................................................................................................................242
Figure 70: Show Classifiers Menu ......................................................................................................................................248
Chapter 14:Access Control Lists .............................................................................................................. 251
Figure 71: ACL Example 1..................................................................................................................................................254
Figure 72: ACL Example 2..................................................................................................................................................255
Figure 73: ACL Example 3..................................................................................................................................................256
Figure 74: ACL Example 4..................................................................................................................................................257
Figure 75: ACL Example 5..................................................................................................................................................257
Figure 76: ACL Example 6..................................................................................................................................................258
Figure 77: Access Control Lists (ACL) Menu......................................................................................................................259
Figure 79: Modify ACL Menu ..............................................................................................................................................261
Figure 80: Destroy ACL Menu ............................................................................................................................................263
Figure 81: Show Classifiers Menu ......................................................................................................................................266
Figure 84: QoS Video Application Example........................................................................................................................278
Figure 85: QoS Critical Database Example ........................................................................................................................280
Figure 86: Policy Component Hierarchy Example ..............................................................................................................282
Figure 87: Quality of Service (QoS) menu..........................................................................................................................283
Figure 88: Flow Group Configuration Menu........................................................................................................................283
Figure 89: Create Flow Group Menu ..................................................................................................................................284
Figure 90: Modify Flow Group Menu ..................................................................................................................................286
Figure 91: Destroy Flow Group Menu.................................................................................................................................287
Figure 92: Show Flow Groups Menu ..................................................................................................................................288
Figure 93: Display Flow Group Detail Menu.......................................................................................................................289
Figure 94: Traffic Class Configuration Menu ......................................................................................................................290
Figure 95: Create Traffic Class Menu.................................................................................................................................291
Figure 96: Modify Traffic Class Menu.................................................................................................................................295
Figure 97: Destroy Traffic Class Menu ...............................................................................................................................296
Figure 98: Show Traffic Classes Menu...............................................................................................................................297
Figure 100: Create Policy Menu .........................................................................................................................................300
Figure 101: Modify Policy Menu .........................................................................................................................................302
Figure 102: Show Policies Menu ........................................................................................................................................304
Chapter 16:Class of Service ...................................................................................................................... 307
Figure 103: Security and Services Menu............................................................................................................................313
Figure 104: Class of Service (CoS) Menu ..........................................................................................................................314
Figure 105: Configure Port COS Priorities Menu................................................................................................................314
Figure 106: Map CoS Priority to Egress Queue Menu .......................................................................................................316
Figure 108: Show Port CoS Priorities Menu.......................................................................................................................320
Figure 111: View Multicast Hosts List Menu.......................................................................................................................329
Figure 112: View Multicast Routers List Menu ...................................................................................................................331
Chapter 18:Denial of Service Defenses.................................................................................................... 333
Figure 113: Denial of Service (DoS) Menu.........................................................................................................................340
Figure 114: LAN IP Subnet Menu.......................................................................................................................................341
Figure 115: SYN Flood Configuration Menu.......................................................................................................................342
Chapter 19:Power Over Ethernet .............................................................................................................. 343
Figure 116: Power Over Ethernet Configuration Menu.......................................................................................................348
Figure 117: PoE Global Configuration Menu......................................................................................................................348
Figure 118: PoE Port Configuration Menu..........................................................................................................................350
Figure 119: PoE Status Menu ............................................................................................................................................352
Figure 120: PoE Global Status Menu .................................................................................................................................353
Figure 121: PoE Summary Ports Status Menu...................................................................................................................354
Figure 122: PoE Summary Ports Status Menu...................................................................................................................355
Figure 128: IP Address and TCP Port Number ..................................................................................................................368
Figure 129: Display TCP Global Information Table ............................................................................................................371
Figure 134: Configure SNMPv3 User Table Menu .............................................................................................................387
Figure 135: Modify SNMPv3 User Table Menu ..................................................................................................................391
Figure 136: Configure SNMPv3 View Table Menu .............................................................................................................397
Figure 137: Modify SNMPv3 View Table Menu ..................................................................................................................400
Figure 138: Configure SNMPv3 Access Table Menu .........................................................................................................406
Figure 139: Modify SNMPv3 Access Table Menu ..............................................................................................................412
Figure 161: Point-to-Point and Edge Port ...........................................................................................................................491
Figure 165: STP Port Parameters Menu.............................................................................................................................498
Figure 166: Configure STP Port Settings Menu..................................................................................................................498
Figure 167: Display STP Port Configuration Menu.............................................................................................................500
Figure 168: RSTP Menu .....................................................................................................................................................501
Figure 169: RSTP Port Parameters Menu..........................................................................................................................504
Figure 170: Configure RSTP Port Settings Menu...............................................................................................................504
Chapter 23:Multiple Spanning Tree Protocol ........................................................................................... 507
Figure 171: VLAN Fragmentation with STP or RSTP .........................................................................................................509
Figure 172: MSTP Example of Two Spanning Tree Instances ..........................................................................................510
Figure 173: Multiple VLANs in a MSTI ...............................................................................................................................511
Figure 174: Multiple Spanning Tree Region .......................................................................................................................514
Figure 175: CIST and VLAN Guideline - Example 1...........................................................................................................518
Figure 176: CIST and VLAN Guideline - Example 2...........................................................................................................519
Figure 177: Spanning Regions - Example 1 .......................................................................................................................520
Figure 181: VLAN-MSTI Association Menu ........................................................................................................................533
Figure 182: MSTP Port Parameters Menu..........................................................................................................................536
Figure 183: Configure MSTP Port Settings Menu...............................................................................................................537
Figure 184: Configure Per Spanning Tree Port Settings Menu ..........................................................................................539
Chapter 24:Port-based and Tagged Virtual LANs ................................................................................... 545
Figure 185: Port-based VLAN - Example 1 ........................................................................................................................551
Figure 186: Port-based VLAN - Example 2 ........................................................................................................................553
Figure 187: Example of a Tagged VLAN............................................................................................................................557
Figure 192: Expanded Modify VLAN Menu ........................................................................................................................566
Figure 193: Show VLANs Menu .........................................................................................................................................569
Figure 197: GVRP Example ..............................................................................................................................................583
Figure 201: GVRP Port Parameters Menu .........................................................................................................................593
Figure 202: Configure GVRP Port Settings Menu ..............................................................................................................594
Figure 203: Display GVRP Port Configuration Menu..........................................................................................................594
Figure 204: Other GARP Port Parameters Menu ...............................................................................................................597
Figure 205: GVRP Counters Menu (page 1) ......................................................................................................................598
Figure 206: GVRP Counters Menu (page 2) ......................................................................................................................599
Figure 208: GIP Connected Ports Ring Menu ....................................................................................................................603
Figure 209: GVRP State Machine Menu (page 1) ..............................................................................................................604
Figure 210: Display GVRP State Machine Menu (page 2) .................................................................................................604
Figure 212: Create VLAN Menu .........................................................................................................................................619
Figure 213: Expanded Modify VLAN Menu ........................................................................................................................623
Figure 214: Show VLANs Menu .........................................................................................................................................626
Figure 215: Show VLANs Menu .........................................................................................................................................627
Chapter 28:MAC Address-based Port Security ....................................................................................... 633
Figure 218: Port Security Menu..........................................................................................................................................637
Figure 219: Configure Port Security Menu #1 ....................................................................................................................637
Figure 220: Configure Port Security Menu #2 ....................................................................................................................639
Figure 221: Display Port Security Menu .............................................................................................................................641
Chapter 29:802.1x Port-based Network Access Control ........................................................................ 643
Figure 222: Example of the Supplicant Role ......................................................................................................................648
Figure 223: Authenticator Port in Single Operating Mode with a Single Client...................................................................650
Figure 224: Single Operating Mode with Multiple Clients Using the Piggy-back Feature - Example 1 ..............................651
Figure 225: Single Operating Mode with Multiple Clients Using the Piggy-back Feature - Example 2 ..............................652
Figure 226: Single Operating Mode with Multiple Clients Using the Piggy-back Feature - Example 3 ..............................653
Figure 227: Authenticator Port in Multiple Operating Mode - Example 1............................................................................654
Figure 228: Authenticator Port in Multiple Operating Mode - Example 2............................................................................655
Figure 229: Port Access Control (802.1X) Menu ................................................................................................................662
Figure 230: Configure Port Access Role Menu ..................................................................................................................663
Figure 232: Configure Authenticator Port Access Parameters Menu .................................................................................666
Figure 233: Configure Supplicant Menu .............................................................................................................................671
19
Figures
Figure 234: Configure Supplicant Port Access Parameters Menu......................................................................................672
Figure 235: Display Port Access Status Menu....................................................................................................................674
Chapter 30:Web Server .............................................................................................................................. 681
Figure 237: Web Server Configuration Menu .....................................................................................................................683
Figure 241: Export Key to File Menu ..................................................................................................................................701
Figure 242: Import Key From File Menu .............................................................................................................................703
Chapter 32:PKI Certificates and SSL ........................................................................................................ 705
Figure 243: Public Key Infrastructure (PKI) Configuration Menu ........................................................................................719
Figure 244: X509 Certificate Management Menu ...............................................................................................................719
Figure 245: Create Self-Signed Certificate Menu ...............................................................................................................720
Figure 246: Add Certificate Menu .......................................................................................................................................722
Figure 252: SSH Remote Management of a Slave Switch .................................................................................................740
Figure 254: Show Server Information Menu .......................................................................................................................744
Chapter 34:TACACS+ and RADIUS Authentication Protocols ............................................................... 747
Figure 258: RADIUS Server Configuration .........................................................................................................................757
Figure 259: Show Status Menu...........................................................................................................................................758
Chapter 35:Management Access Control List.......................................................................................... 759
Figure 260: Management ACL Configuration Menu ...........................................................................................................764
Figure 262: Display All Management ACL Entries Menu....................................................................................................771
20
Preface
This guide contains instructions on how to configure an AT-8500 Series
Layer 2+ Fast Ethernet Switch using the menus interface in the AT-S62
management software.
For instructions on how to manage the switch from the web browser
interface or the command line interface, refer to the AT-S62 Web Browser
Interface User’s Guide and the AT-S62 Command Line Interface User’s
Guide. These guides are available from the Allied Telesyn web site.
This preface contains the following sections:
“How This Guide is Organized” on page 22
“Document Conventions” on page 23
“Where to Find Web-based Guides” on page 24
“Contacting Allied Telesyn” on page 25
“New Features History” on page 26
Caution
The software described in this documentation contains certain
cryptographic functionality and its export is restricted by U.S. law. As
of this writing, it has been submitted for review as a “retail encryption
item” in accordance with the Export Administration Regulations, 15
C.F.R. Part 730-772, promulgated by the U.S. Department of
Commerce, and conditionally may be exported in accordance with
the pertinent terms of License Exception ENC (described in 15
C.F.R. Part 740.17). In no case may it be exported to Cuba, Iran,
Iraq, Libya, North Korea, Sudan, or Syria. If you wish to transfer this
software outside the United States or Canada, please contact your
local Allied Telesyn sales representative for current information on
this product’s export status.
21
Preface
How This Guide is Organized
This manual is divided into the following sections.
Section I: Basic Operations
The chapters in this section explain how to perform basic switch
operations, such as setting port parameters, creating port trunks, and
viewing the MAC address table.
Section II: Advanced Operations
The chapters in this section explain some of the more advanced
operations, such as using the file system, downloading and uploading
files, and configuring Quality of Service.
Section III: SNMPv3 Operations
The chapter in this section explains how to configure the switch for
SNMPv3. (The instructions for SNMPv1 and SNMPv2 are in Section 1,
Basic Operations.)
Section IV: Spanning Tree Protocols
The chapters in this section explain the Spanning Tree, Rapid Spanning
Tree, and Multiple Spanning Tree Protocols.
Section V: Virtual LANs
The chapters in this section explain port-based and tagged VLANs,
GVRP, multiple VLAN modes, and protected ports VLANs.
Section VI: Port Security
The chapters in this section explain MAC address-based port security and
802.1x port-based access control.
Section VII: Management Security
The chapters in this section explain the management security features,
such as the Secure Sockets Layer (SSL) and the Secure Shell (SSH)
protocols.
This section provides Allied Telesyn contact information for technical
support as well as sales or corporate information.
Online SupportYou can request technical support online by accessing the Allied Telesyn
Knowledge Base from the following web site: www.alliedtelesyn.com/kb.
You can use the Knowledge Base to submit questions to our technical
support staff and review answers to previously asked questions.
Email and
Telephone
Support
Returning
Products
For Sales or
Corporate
Information
Management
Software Updates
For Technical Support via email or telephone, refer to the Support &
Services section of the Allied Telesyn web site: www.alliedtelesyn.com.
Products for return or repair must first be assigned a Return Materials
Authorization (RMA) number. A product sent to Allied Telesyn without a
RMA number will be returned to the sender at the sender’s expense.
To obtain a RMA number, contact Allied Telesyn’s Technical Support at
our web site: www.alliedtelesyn.com.
You can contact Allied Telesyn for sales or corporate information at our
web site: www.alliedtelesyn.com. To find the contact information for your
country, select Contact Us -> Worldwide Contacts.
You can download new releases of management software for our
managed products from either of the following Internet sites:
To download new software from the Allied Telesyn FTP server using your
workstation’s command prompt, you need FTP client software and you
must log in to the server. Enter “anonymous” as the user name and your
email address for the password.
25
Preface
New Features History
The following subsection contains the new features in the AT-S62
management software.
Version 1.4.0Table 1 lists the new features in version 1.4.0 of the AT-S62 management
software.
Table 1. New Features in AT-S62 Version 1.4.0
ChangeChapter and Procedure
Fan Control Feature for the AT-8524POE Switch
New feature.Chapter 3, “Basic Switch Parameters” on page 49
New procedure:
“Setting Fan Control” on page 69
Quality of Service - Flow Groups and Traffic Classes
Added the following new parameters to
Chapter 15, “Quality of Service” on page 267
QoS flow groups and traffic classes:
ToS parameter for replacing the
Type of Service field of IPv4
Modified procedures:
“Creating a Flow Group” on page 283
packets.
Move ToS to Priority parameter for
replacing the value in the 802.1p
priority field with the value in the
“Modifying a Flow Group” on page 285
“Creating a Traffic Class” on page 290
“Modifying a Traffic Class” on page 294
ToS priority field in IPv4 packets.
Move Priority to ToS parameter for
replacing the value in the ToS
priority field with the 802.1p priority
field in IPv4 packets.
Quality of Service - Policies
Added the following new parameters to
Chapter 15, “Quality of Service” on page 267
QoS policies:
ToS, Move ToS to Priority, and
Move Priority to ToS, as defined
Modified procedures:
“Creating a Policy” on page 299
above.
Send to Mirror Port parameter for
“Modifying a Policy” on page 302
copying traffic to a destination
mirror port.
26
Table 1. New Features in AT-S62 Version 1.4.0 (Continued)
multiple supplicants on an
authenticator port. For background
information, see “Authenticator
Ports with Single and Multiple
Supplicants” on page 649.
Guest VLAN. For background
information, see “Guest VLAN” on
page 657.
VLAN Assignment and Secure
VLAN for supporting dynamic
VLAN assignments from a RADIUS
authentication server for supplicant
accounts. For background
information, see “Supplicant and
VLAN Associations” on page 655.
MAC address-based authentication
as an alternative to 802.1x
username and password
authentication. For background
information, refer to “Authentication
Modes” on page 646.
Chapter 29, “802.1x Port-based Network Access
Control” on page 643
Modified procedure:
“Configuring Authenticator Port Parameters” on
page 665
Management Access Control List
Simplified the menu interface for
managing the access control entries in
the Management ACL.
Chapter 35, “Management Access Control List” on
page 759
Modified procedures:
“Creating an ACE” on page 766
“Modifying an ACE” on page 768
“Deleting an ACE” on page 770
27
Preface
28
Chapter 1
Overview
This chapter reviews the functions of the AT-S62 management software,
the types of management sessions supported by the switch, and the
management access levels. This chapter contains the following sections:
“Management Overview” on page 30
“Local Management Session” on page 31
“Telnet Management Session” on page 32
“Web Browser Management Session” on page 33
“SNMP Management Session” on page 34
“Management Access Levels” on page 35
29
Chapter 1: Overview
Management Overview
The AT-S62 management software allows you to monitor and adjust the
operating parameters of an AT-8500 Series switch and includes the
following features:
Basic operations such as configuring port and switch parameters,
enhanced stacking, SNMPv1 and v2c, trunking, and mirroring
Advanced operations including file uploads and downloads, event
logging, traffic classifiers, access control lists, denial of service
defense, Quality of Service (QoS), Class of Service (CoS), and IGMP
snooping
SNMPv3
Spanning tree protocols including STP, RSTP, and MSTP
Virtual LANs
Port security options such as 802.1x Port-based Network Access
Control and MAC address security levels
Management security including encryption keys, PKI, SSL, Secure
Shell, TACACS+, RADIUS, and management access control lists
The AT-S62 management software is preinstalled on the switch with
default settings for all operating parameters. If the default settings are
adequate for your network, you can use the device as an unmanaged
switch by connecting it to your network, as explained in the hardware
installation guide, and powering on the switch.
Note
The default settings for the management software can be found in
Appendix A, “AT-S62 Default Settings” on page 773.
To actively manage a switch, you must connect to its management
software. There are two general ways to connect to a switch:
Locally using the RS232 Terminal Port on the switch
Remotely using the Telnet protocol, the Secure Shell (SSH) protocol,
or a web browser
The AT-S62 management software has three management interfaces.
There is a menus interface, a command line interface, and a web browser
interface. You can use the menus interface or the command line interface
when managing the switch locally through the RS232 Terminal Port or
remotely using the Telnet or SSH protocol. You use the web browser
interface to manage the device with a web browser.
30
The following sections in this chapter briefly describe the different types of
management sessions.
Loading...
+ 792 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.