Administration Guide
Page 5
... Defining 802.1X Properties Defining Port Authentication Modifying 8021X Security Defining Authentication Modifying Authentication Settings Authenticated Hosts Defining Access Control Defining MAC Based ACL Adding Rule to MAC Based ACL Modifying MAC Based ACL Defining IP Based ACL Modifying IP Based ACL Adding an IP Based Rule Defining ACL Binding Modifying ACL Binding Defining DoS Prevention DoS Global Settings ESW 500 Series Switches Administration Guide Contents 104 106 109...
... Defining 802.1X Properties Defining Port Authentication Modifying 8021X Security Defining Authentication Modifying Authentication Settings Authenticated Hosts Defining Access Control Defining MAC Based ACL Adding Rule to MAC Based ACL Modifying MAC Based ACL Defining IP Based ACL Modifying IP Based ACL Adding an IP Based Rule Defining ACL Binding Modifying ACL Binding Defining DoS Prevention DoS Global Settings ESW 500 Series Switches Administration Guide Contents 104 106 109...
Administration Guide
Page 12
... The Cisco Switch Configuration Utility, page 18 ESW 500 Series Switches Administration Guide 1 The ESW 500 series is a family of Ethernet switches that addresses network infrastructure and access needs of a typical installation. The ESW 500 series includes seven Fast Ethernet and GigE switches in Fast Ethernet and GigE models. They are : ESW 500 Series Switch ESW 520-8P ESW 540-8P ESW 520-24 ESW 520-24P ESW 520-48 ESW 520-48P ESW 540-24 ESW 540-24P ESW-540-48 Port Configuration 8 Port 10/100 PoE 8 Port 10/100/1000 PoE 24 Port 10/100 24 Port 10/100 PoE 48 Port 10/100 48 Port 10/100 PoE...
... The Cisco Switch Configuration Utility, page 18 ESW 500 Series Switches Administration Guide 1 The ESW 500 series is a family of Ethernet switches that addresses network infrastructure and access needs of a typical installation. The ESW 500 series includes seven Fast Ethernet and GigE switches in Fast Ethernet and GigE models. They are : ESW 500 Series Switch ESW 520-8P ESW 540-8P ESW 520-24 ESW 520-24P ESW 520-48 ESW 520-48P ESW 540-24 ESW 540-24P ESW-540-48 Port Configuration 8 Port 10/100 PoE 8 Port 10/100/1000 PoE 24 Port 10/100 24 Port 10/100 PoE 48 Port 10/100 48 Port 10/100 PoE...
Administration Guide
Page 15
... Typical Installation Methods 1 The ESW 540-24/24P and ESW 540-48 use port 11. The mini-GBIC ports are highlighted in GREEN in the examples. ESW 500 Series Switches Administration Guide 4 When connecting to it, and adjust its speed and duplex accordingly. The other switches, routers, or network backbone devices, and are highlighted RED in half and full-duplex modes. Auto-sensing technology enables each port to automatically detect the speed of 10 Mbps, 100 Mbps, or 1000...
... Typical Installation Methods 1 The ESW 540-24/24P and ESW 540-48 use port 11. The mini-GBIC ports are highlighted in GREEN in the examples. ESW 500 Series Switches Administration Guide 4 When connecting to it, and adjust its speed and duplex accordingly. The other switches, routers, or network backbone devices, and are highlighted RED in half and full-duplex modes. Auto-sensing technology enables each port to automatically detect the speed of 10 Mbps, 100 Mbps, or 1000...
Administration Guide
Page 17
... and remove the switch from DHCP server) • Using the Console The first three options to connect to the switch will open the ESW 500 Series Switch Configuration Utility, which launch the Switch Configuration Utility. There are : • Using the default static IP address of the switch • Using Cisco Configuration Assistant • Using a dynamic IP address allocated to the switch via DHCP (from the network. The console option uses a terminal emulation program such as HyperTerminal (bundled with an ethernet cable. STEP 2 Connect...
... and remove the switch from DHCP server) • Using the Console The first three options to connect to the switch will open the ESW 500 Series Switch Configuration Utility, which launch the Switch Configuration Utility. There are : • Using the default static IP address of the switch • Using Cisco Configuration Assistant • Using a dynamic IP address allocated to the switch via DHCP (from the network. The console option uses a terminal emulation program such as HyperTerminal (bundled with an ethernet cable. STEP 2 Connect...
Administration Guide
Page 21
... switch is known prior to installation, based on the network topology. Getting Started Connecting to the Switch IPv4 Interface Page 1 NOTE It is expected that you have finished using the PC to connect to the switch and made the switch part of your network, you can reconfigure the PC to its original IP address configuration and physical configuration as part of your network. Click Apply. ESW 500 Series Switches Administration Guide 10...
... switch is known prior to installation, based on the network topology. Getting Started Connecting to the Switch IPv4 Interface Page 1 NOTE It is expected that you have finished using the PC to connect to the switch and made the switch part of your network, you can reconfigure the PC to its original IP address configuration and physical configuration as part of your network. Click Apply. ESW 500 Series Switches Administration Guide 10...
Administration Guide
Page 32
... a Cisco SBCS network, the installation is being deployed into a nonCisco network, you will need to the Cisco UC520 or SR520. Getting Started Performing Common Configuration Tasks CDP Page 1 Review the ports for the Switch To add or edit the default VLAN settings, click on VLAN & Port Settings > VLAN Management > Properties. ESW 500 Series Switches Administration Guide 21 Configuring the VLAN Settings for connecting IP Phones, PCs, Access Points and the uplink to manually change the Voice VLAN from the default of 100 if...
... a Cisco SBCS network, the installation is being deployed into a nonCisco network, you will need to the Cisco UC520 or SR520. Getting Started Performing Common Configuration Tasks CDP Page 1 Review the ports for the Switch To add or edit the default VLAN settings, click on VLAN & Port Settings > VLAN Management > Properties. ESW 500 Series Switches Administration Guide 21 Configuring the VLAN Settings for connecting IP Phones, PCs, Access Points and the uplink to manually change the Voice VLAN from the default of 100 if...
Administration Guide
Page 34
...-48 ESW 500 Series Switches Administration Guide 23 ESW 520-48P - 1-48 ESW 540-24 1-10, 13-22 - Getting Started Performing Common Configuration Tasks 1 Role Router Switch Access Point Guest Server Printer VS Camera Other Description • Configured for optimal connection to a router or firewall for WAN connectivity • Configured as an uplink port to another switch or router Layer 2 port for fast convergence • Enables 802.1Q trunking • Configured for optimal connection to a wireless access point • Configurable VLAN • Configured...
...-48 ESW 500 Series Switches Administration Guide 23 ESW 520-48P - 1-48 ESW 540-24 1-10, 13-22 - Getting Started Performing Common Configuration Tasks 1 Role Router Switch Access Point Guest Server Printer VS Camera Other Description • Configured for optimal connection to a router or firewall for WAN connectivity • Configured as an uplink port to another switch or router Layer 2 port for fast convergence • Enables 802.1Q trunking • Configured for optimal connection to a wireless access point • Configurable VLAN • Configured...
Administration Guide
Page 73
.... However, the initial configuration of mismatched port role. Managing Smart Ports Configuring Smart Ports for Desktops 3 NOTE By default, the user ports are configured with the most common settings for WLAN networks. Configuring Smart Ports for Desktops The Smart Ports for Desktops Page allows network administrators to the ports when the device restarts • Ports are saved in the Running Configuration file. A port will be deactivated or has degraded service by connecting a switch or an access point to IP phone...
.... However, the initial configuration of mismatched port role. Managing Smart Ports Configuring Smart Ports for Desktops 3 NOTE By default, the user ports are configured with the most common settings for WLAN networks. Configuring Smart Ports for Desktops The Smart Ports for Desktops Page allows network administrators to the ports when the device restarts • Ports are saved in the Running Configuration file. A port will be deactivated or has degraded service by connecting a switch or an access point to IP phone...
Administration Guide
Page 78
... specific VLANs. • Port Security Mode - Indicates the VLAN port mode enabled on the port as long as the Data VLAN. The dynamic addresses associated with current learned addresses. Indicates which Smart Port wizard settings are not aged out or relearned on the port. Indicates the port to desktops and IP phones. • Data VLAN - This is locked. Data VLANs only carry data packets and receive a lower priority than voice traffic. • Voice VLAN - ESW 500 Series Switches Administration Guide...
... specific VLANs. • Port Security Mode - Indicates the VLAN port mode enabled on the port as long as the Data VLAN. The dynamic addresses associated with current learned addresses. Indicates which Smart Port wizard settings are not aged out or relearned on the port. Indicates the port to desktops and IP phones. • Data VLAN - This is locked. Data VLANs only carry data packets and receive a lower priority than voice traffic. • Voice VLAN - ESW 500 Series Switches Administration Guide...
Administration Guide
Page 108
Passwords are used to authenticate users accessing the device. By default, a single user name is added, the default user name, cisco will be overwritten. To define Passwords: ESW 500 Series Switches Administration Guide 97 NOTE When a new Local User is defined, cisco, with a password of cisco. Configuring Device Security Passwords Management 5 Configuring Device Security The Security Suite contains the following topics: • Passwords Management • Defining Authentication • Defining Access Methods • Defining Traffic Control • Defining 802...
Passwords are used to authenticate users accessing the device. By default, a single user name is added, the default user name, cisco will be overwritten. To define Passwords: ESW 500 Series Switches Administration Guide 97 NOTE When a new Local User is defined, cisco, with a password of cisco. Configuring Device Security Passwords Management 5 Configuring Device Security The Security Suite contains the following topics: • Passwords Management • Defining Authentication • Defining Access Methods • Defining Traffic Control • Defining 802...
Administration Guide
Page 117
... default settings are user-assigned defaults. To define TACACS+: ESW 500 Series Switches Administration Guide 106 The TACACS+ Page contains fields for assigning the Default Parameters for validation of users accessing the device. Performed at login. Configuring Device Security Defining Authentication 5 Defining TACACS+ The devices provide Terminal Access Controller Access Control System (TACACS+) client support. Provides authentication during login and via user names and user-defined passwords. • Authorization - The TACACS+ protocol ensures network...
... default settings are user-assigned defaults. To define TACACS+: ESW 500 Series Switches Administration Guide 106 The TACACS+ Page contains fields for assigning the Default Parameters for validation of users accessing the device. Performed at login. Configuring Device Security Defining Authentication 5 Defining TACACS+ The devices provide Terminal Access Controller Access Control System (TACACS+) client support. Provides authentication during login and via user names and user-defined passwords. • Authorization - The TACACS+ protocol ensures network...
Administration Guide
Page 141
... Series Switches Administration Guide 130 The possible field values are : - For FE ports, the rate is updated. STEP 4 Click Apply. Indicates if Broadcast packet types are either manually defined on the port, or learned on ESW-540, ESW-520, and ESW-520-8p devices. • Broadcast Rate Threshold - Disables Broadcast packet types to users with specific MAC addresses. Unknown Unicast, Multicast & Broadcast - On FE devices, this option can only be forwarded. • Broadcast Mode - Defining Port Security Network...
... Series Switches Administration Guide 130 The possible field values are : - For FE ports, the rate is updated. STEP 4 Click Apply. Indicates if Broadcast packet types are either manually defined on the port, or learned on ESW-540, ESW-520, and ESW-520-8p devices. • Broadcast Rate Threshold - Disables Broadcast packet types to users with specific MAC addresses. Unknown Unicast, Multicast & Broadcast - On FE devices, this option can only be forwarded. • Broadcast Mode - Defining Port Security Network...
Administration Guide
Page 160
... ACL Page allows a MAC-based Access Control List (ACL) to an interface. The table lists Access Control Elements (ACE) rules, which can be defined. Your switch supports up to define classification actions and rules for specific ingress ports. The MAC Based ACL Page opens: ESW 500 Series Switches Administration Guide 149 Defining Access Control Access Control Lists (ACL) allow network managers to 256 ACLs. ACLs are composed of Access Control Entries (ACEs) that are made of ACEs that determine traffic classifications. Displays the supplicant MAC address...
... ACL Page allows a MAC-based Access Control List (ACL) to an interface. The table lists Access Control Elements (ACE) rules, which can be defined. Your switch supports up to define classification actions and rules for specific ingress ports. The MAC Based ACL Page opens: ESW 500 Series Switches Administration Guide 149 Defining Access Control Access Control Lists (ACL) allow network managers to 256 ACLs. ACLs are composed of Access Control Entries (ACEs) that are made of ACEs that determine traffic classifications. Displays the supplicant MAC address...
Administration Guide
Page 169
... a clients to communicate and exchange data streams. TCP guarantees packet delivery, and guarantees packets are transmitted and received in an autonomous network. - The ICMP allows the gateway or destination host to a specific multicast group. - HMP monitors hosts spread over the network. - ESW 500 Series Switches Administration Guide 158 Specifies the format of packets and their local switch or router that transmits packets but does not guarantee their...
... a clients to communicate and exchange data streams. TCP guarantees packet delivery, and guarantees packets are transmitted and received in an autonomous network. - The ICMP allows the gateway or destination host to a specific multicast group. - HMP monitors hosts spread over the network. - ESW 500 Series Switches Administration Guide 158 Specifies the format of packets and their local switch or router that transmits packets but does not guarantee their...
Administration Guide
Page 214
... the port has a fiber optic port connection. • Port Status - Down - This field is configurable only when auto negotiation is disabled, and the port speed is updated. ESW 500 Series Switches Administration Guide 203 Port is part of the port that the interface supports transmission between the device and the client in only one interface to 10M or 100M. Full - STEP 2 To copy the settings from one direction at a time. • PVE - Displays the port type...
... the port has a fiber optic port connection. • Port Status - Down - This field is configurable only when auto negotiation is disabled, and the port speed is updated. ESW 500 Series Switches Administration Guide 203 Port is part of the port that the interface supports transmission between the device and the client in only one interface to 10M or 100M. Full - STEP 2 To copy the settings from one direction at a time. • PVE - Displays the port type...
Administration Guide
Page 230
... network traffic. • PVID - Indicates that only tagged packets are accepted on the port (packet type) cannot be designated. Ingress filtering is activated on the port. - Trunk - Indicates that both tagged and untagged packets are accepted on the port. - Modifying VLAN Interface Settings STEP 2 Click VLAN & Port Settings > VLAN Management > Interface Settings. Customer - The Edit VLAN Port Page opens: ESW 500 Series Switches Administration Guide 219 In Customer mode, the added tag provides a VLAN ID to VLANs. Disable - Indicates the port mode...
... network traffic. • PVID - Indicates that only tagged packets are accepted on the port (packet type) cannot be designated. Ingress filtering is activated on the port. - Trunk - Indicates that both tagged and untagged packets are accepted on the port. - Modifying VLAN Interface Settings STEP 2 Click VLAN & Port Settings > VLAN Management > Interface Settings. Customer - The Edit VLAN Port Page opens: ESW 500 Series Switches Administration Guide 219 In Customer mode, the added tag provides a VLAN ID to VLANs. Disable - Indicates the port mode...
Administration Guide
Page 231
... packets are 1 to VLANs, and each customer, ensuring private and segregated network traffic. • PVID - The port belongs to VLANs in Access mode, the packet types which all ports are accepted on the port. - Packets classified to enable/ disable ingress filtering on an access port. - Configuring VLANs Defining Interface Settings Edit VLAN Port Page 7 The Edit VLAN Port Page contains the following fields: • Interface - General - Indicates the port mode. The port belongs to a single untagged VLAN. Packet type accepted on the port...
... packets are 1 to VLANs, and each customer, ensuring private and segregated network traffic. • PVID - The port belongs to VLANs in Access mode, the packet types which all ports are accepted on the port. - Packets classified to enable/ disable ingress filtering on an access port. - Configuring VLANs Defining Interface Settings Edit VLAN Port Page 7 The Edit VLAN Port Page contains the following fields: • Interface - General - Indicates the port mode. The port belongs to a single untagged VLAN. Packet type accepted on the port...
Administration Guide
Page 301
... a particular hardware queue - ESW 500 Series Switches Administration Guide 290 QoS in the VLAN header. • QoS refers to CoS or QoS settings. The assignment of Service (CoS) and QoS are used in QoS and network security. The QoS facility involves the following context: • CoS provides varying Layer 2 traffic services. The ingress interface - Traffic shaping The terms Class of network traffic to specified criteria, and that specific traffic receives preferential treatment. Used to decide which traffic is...
... a particular hardware queue - ESW 500 Series Switches Administration Guide 290 QoS in the VLAN header. • QoS refers to CoS or QoS settings. The assignment of Service (CoS) and QoS are used in QoS and network security. The QoS facility involves the following context: • CoS provides varying Layer 2 traffic services. The ingress interface - Traffic shaping The terms Class of network traffic to specified criteria, and that specific traffic receives preferential treatment. Used to decide which traffic is...
Administration Guide
Page 312
... 0-7. STEP 3 Click Apply. Configuring Quality of Service > General > CoS. Maintains the current QoS settings. Indicates whether the interface is a port or EtherChannel. • Set Default User Priority - Restores the factory QoS default settings to the selected port. - STEP 2 Define the relevant fields. STEP 4 Click Apply. The Edit Interface Priority Page opens: Edit Interface Priority Page The Edit Interface Priority Page contains the following fields: • Interface - ESW 500 Series Switches Administration Guide 301
... 0-7. STEP 3 Click Apply. Configuring Quality of Service > General > CoS. Maintains the current QoS settings. Indicates whether the interface is a port or EtherChannel. • Set Default User Priority - Restores the factory QoS default settings to the selected port. - STEP 2 Define the relevant fields. STEP 4 Click Apply. The Edit Interface Priority Page opens: Edit Interface Priority Page The Edit Interface Priority Page contains the following fields: • Interface - ESW 500 Series Switches Administration Guide 301
Administration Guide
Page 320
... value is the default value. - Status - The Edit Bandwidth Page opens: ESW 500 Series Switches Administration Guide 309 For FE ports, the rate is 64 - 1,000,000 Kbps. - CIR - Defines Committed Burst Size (CbS) as the queue shaping type. Enables or disables rate limiting for ingress ports. Defines the rate limit for ingress interfaces. For GE ports, the rate is 62 - 100,000 Kips. CbS - Modifying Bandwidth Settings STEP 2 Click...
... value is the default value. - Status - The Edit Bandwidth Page opens: ESW 500 Series Switches Administration Guide 309 For FE ports, the rate is 64 - 1,000,000 Kbps. - CIR - Defines Committed Burst Size (CbS) as the queue shaping type. Enables or disables rate limiting for ingress ports. Defines the rate limit for ingress interfaces. For GE ports, the rate is 62 - 100,000 Kips. CbS - Modifying Bandwidth Settings STEP 2 Click...