User Manual
Page 4
... the flash memory. Enables/disables the logging of system messages directly from 0 for Emergencies to 7 for levels 0 to 3 to be logged to flash and levels 0 to 7 to be stored in troubleshooting network problems, severe error messages that can be logged to the 3248 and 5224 User's Guides The levels range from the Web interface and the command line interface (CLI). System Logs Configuration The Switch/General/System Logs page allows you to configure the logging of...
... the flash memory. Enables/disables the logging of system messages directly from 0 for Emergencies to 7 for levels 0 to 3 to be logged to flash and levels 0 to 7 to be stored in troubleshooting network problems, severe error messages that can be logged to the 3248 and 5224 User's Guides The levels range from the Web interface and the command line interface (CLI). System Logs Configuration The Switch/General/System Logs page allows you to configure the logging of...
User Manual
Page 6
... a logging process. www.dell.com | support.dell.com CLI Commands The following table summarizes the equivalent CLI commands for system and event messages Example Console(config)#logging on Console(config)#logging history ram 0 Console(config)# Console#show logging {flash | ram | trap} Usage Controls the logging of debug or error messages to syslog servers or other management stations. The no form command disables the logging process. You can also limit the error messages sent to messages of syslog messages to the 3248 and 5224 User's Guides...
... a logging process. www.dell.com | support.dell.com CLI Commands The following table summarizes the equivalent CLI commands for system and event messages Example Console(config)#logging on Console(config)#logging history ram 0 Console(config)# Console#show logging {flash | ram | trap} Usage Controls the logging of debug or error messages to syslog servers or other management stations. The no form command disables the logging process. You can also limit the error messages sent to messages of syslog messages to the 3248 and 5224 User's Guides...
User Manual
Page 7
Enables/disables the logging of debug or error messages to the 3248 and 5224 User's Guides 7 To add an IP address to the remote server. (Default: 3) • Host IP List - Addendum to the remote logging process. (Default: Enabled) • Logging Facility - Sets the facility type for all messages from level 0 to level 3 are sent to the Host IP List, type the new IP address in the Host IP List, and click Remove Host IP. The syslog...
Enables/disables the logging of debug or error messages to the 3248 and 5224 User's Guides 7 To add an IP address to the remote server. (Default: 3) • Host IP List - Addendum to the remote logging process. (Default: Enabled) • Logging Facility - Sets the facility type for all messages from level 0 to level 3 are sent to the Host IP List, type the new IP address in the Host IP List, and click Remove Host IP. The syslog...
User Manual
Page 10
... to save any changes you to enable/disable the SSH server feature on the switch. (Default: Enabled) • SSH authentication timeout - www.dell.com | support.dell.com NOTE: There are two versions of authentication attempts that the SSH server waits for a response from a client during an authentication attempt. (Range: 1 to 120 seconds; Secure Shell The Secure Shell (SSH) server feature provides remote management access using encrypted paths between the switch and SSH-enabled management station clients. • SSH Server Status - Default: 120...
... to save any changes you to enable/disable the SSH server feature on the switch. (Default: Enabled) • SSH authentication timeout - www.dell.com | support.dell.com NOTE: There are two versions of authentication attempts that the SSH server waits for a response from a client during an authentication attempt. (Range: 1 to 120 seconds; Secure Shell The Secure Shell (SSH) server feature provides remote management access using encrypted paths between the switch and SSH-enabled management station clients. • SSH Server Status - Default: 120...
User Manual
Page 12
... a RADIUS server for authentication, you are using the console port, Web browser, or Telnet. Select the authentication, or authentication sequence, required: (Default: Local) - The RADIUS system uses User Datagram Protocol (UDP) while TACACS+ uses Transmission Control Protocol (TCP). NOTICE: If you are setting up privilege levels on a RADIUS or TACACS+ server, level 0 allows Normal Exec access to switches on the network. Console# Authentication Settings Similar to RADIUS, TACACS+ is $Enable. RADIUS - Local - Local, RADIUS - www.dell.com | support.dell.com...
... a RADIUS server for authentication, you are using the console port, Web browser, or Telnet. Select the authentication, or authentication sequence, required: (Default: Local) - The RADIUS system uses User Datagram Protocol (UDP) while TACACS+ uses Transmission Control Protocol (TCP). NOTICE: If you are setting up privilege levels on a RADIUS or TACACS+ server, level 0 allows Normal Exec access to switches on the network. Console# Authentication Settings Similar to RADIUS, TACACS+ is $Enable. RADIUS - Local - Local, RADIUS - www.dell.com | support.dell.com...
User Manual
Page 15
...Console(config)#radius-server key green Console(config)#radius-server retransmit 5 NOTE: The default password for the enable command is 1-65535.) Displays the current configuration of seconds the switch waits for items in the Switch/Security/Authentication Settings page. Sets the RADIUS server UDP port number. Specifies the TACACS+ server IP address. Addendum to 20 characters). Specifies the RADIUS server IP address. Sets the TACACS+ server TCP port number. Displays the current configuration of times the switch attempts to 20 characters). CLI Commands The following table...
...Console(config)#radius-server key green Console(config)#radius-server retransmit 5 NOTE: The default password for the enable command is 1-65535.) Displays the current configuration of seconds the switch waits for items in the Switch/Security/Authentication Settings page. Sets the RADIUS server UDP port number. Specifies the TACACS+ server IP address. Addendum to 20 characters). Specifies the RADIUS server IP address. Sets the TACACS+ server TCP port number. Displays the current configuration of times the switch attempts to 20 characters). CLI Commands The following table...
User Manual
Page 16
... secure access (for example, an encrypted connection) to the 32 48 and 5 224 User 's Guides For example: https://device [:port_number] Console(config)#radius-server timeout 10 Console(config)#tacacs-server host 192.168.1.19 Console(config)#tacacs-server port 49 Console(config)#tacacs-server key tiger Console(config)# Console#show tacacs-server Remote TACACS server configuration: Server IP address: 192.168.1.19 Communication key with service pack 6a), Windows 2000, Solaris 2.6 16 Addendum to the switch's Web interface. Both the HTTP and HTTPS service can be enabled independently...
... secure access (for example, an encrypted connection) to the 32 48 and 5 224 User 's Guides For example: https://device [:port_number] Console(config)#radius-server timeout 10 Console(config)#tacacs-server host 192.168.1.19 Console(config)#tacacs-server port 49 Console(config)#tacacs-server key tiger Console(config)# Console#show tacacs-server Remote TACACS server configuration: Server IP address: 192.168.1.19 Communication key with service pack 6a), Windows 2000, Solaris 2.6 16 Addendum to the switch's Web interface. Both the HTTP and HTTPS service can be enabled independently...
User Manual
Page 17
... changes, click Refresh. Specifies the UDP port number used for Internet Explorer 5.x and Netscape Navigator 4.x. Addendum to the switch's Web interface. (Default: 443). The Switch/Security/HTTPS page contains the following figure is representative of PowerConnect 3248 and 5224. Allows you do not want to enable/disable the HTTPS server feature on the switch. (Default: Enabled) • HTTPS Port - The following fields that can be edited: • HTTPS Status...
... changes, click Refresh. Specifies the UDP port number used for Internet Explorer 5.x and Netscape Navigator 4.x. Addendum to the switch's Web interface. (Default: 443). The Switch/Security/HTTPS page contains the following figure is representative of PowerConnect 3248 and 5224. Allows you do not want to enable/disable the HTTPS server feature on the switch. (Default: Enabled) • HTTPS Port - The following fields that can be edited: • HTTPS Status...
User Manual
Page 18
... 5 224 User 's Guides www.dell.com | support.dell.com CLI Commands The following table summarizes the equivalent CLI commands for items in the dynamic or static address table are accepted as authorized to access the network through that port. The no form command restores the default port. When port security is detected and the switch can automatically take action by disabling the port and sending a trap message. Copies an HTTPS certificate from an TFTP server to the switch's Web interface. Be...
... 5 224 User 's Guides www.dell.com | support.dell.com CLI Commands The following table summarizes the equivalent CLI commands for items in the dynamic or static address table are accepted as authorized to access the network through that port. The no form command restores the default port. When port security is detected and the switch can automatically take action by disabling the port and sending a trap message. Copies an HTTPS certificate from an TFTP server to the switch's Web interface. Be...
User Manual
Page 19
... save any changes you can enable/disable security for any switch port. Shutdown: Indicates that only an SNMP trap message be sent. - See "Switch 3248: ReEnabling a Shutdown Port" on the port. (Default: Disabled) • Intrusion Shutdown and Trap - Note that a secure port has the following restrictions: • It should not be connected to a network interconnection device. • It cannot be configured as a member of a static trunk. • It can configure...
... save any changes you can enable/disable security for any switch port. Shutdown: Indicates that only an SNMP trap message be sent. - See "Switch 3248: ReEnabling a Shutdown Port" on the port. (Default: Disabled) • Intrusion Shutdown and Trap - Note that a secure port has the following restrictions: • It should not be connected to a network interconnection device. • It cannot be configured as a member of a static trunk. • It can configure...
User Manual
Page 20
... Apply Changes to the 32 48 and 5 224 User 's Guides The no shutdown command in Interface Configuration mode. NOTE: To re-enable a port using the CLI, use the no form command resets the values to the defaults. 20 Addendum to enable the port. Switch 3248: CLI Commands The following figure is enabled on a port. Switch 3248: Re-Enabling a Shutdown Port If security is representative of PowerConnect 3248. www.dell.com | support.dell.com The following table summarizes the equivalent CLI commands for items in the Ports/Port Security page...
... Apply Changes to the 32 48 and 5 224 User 's Guides The no shutdown command in Interface Configuration mode. NOTE: To re-enable a port using the CLI, use the no form command resets the values to the defaults. 20 Addendum to enable the port. Switch 3248: CLI Commands The following figure is enabled on a port. Switch 3248: Re-Enabling a Shutdown Port If security is representative of PowerConnect 3248. www.dell.com | support.dell.com The following table summarizes the equivalent CLI commands for items in the Ports/Port Security page...
User Manual
Page 21
None: Indicates that the port should be disabled and an SNMP trap message sent. Example Console(config)#interface ethernet 1/5 Console(config-if)#port security action shutdown Console(config-if)#port security Console(config-if)# Switch 5224: Port Security The Ports/Port Security page contains links to the following pages: • Global Configuration • Port Security Configuration Switch 5224: Global Configuration On the Ports/Port Security/Global Configuration page, you can set the security action to save any changes you do not want to...
None: Indicates that the port should be disabled and an SNMP trap message sent. Example Console(config)#interface ethernet 1/5 Console(config-if)#port security action shutdown Console(config-if)#port security Console(config-if)# Switch 5224: Port Security The Ports/Port Security page contains links to the following pages: • Global Configuration • Port Security Configuration Switch 5224: Global Configuration On the Ports/Port Security/Global Configuration page, you can set the security action to save any changes you do not want to...
User Manual
Page 22
... page, click Apply Changes. See "Switch 5224: ReEnabling a Shutdown Port" on the port. (Default: Disabled) NOTICE: If a port is representative of PowerConnect 5224. Enables or disables port security on page 23. www.dell.com | support.dell.com The following parameter: • Security Status - If you can enable/disable security for any changes you make in the Port column, you can configure the following figure is disabled due to the 32 48 and 5 224 User 's Guides
... page, click Apply Changes. See "Switch 5224: ReEnabling a Shutdown Port" on the port. (Default: Disabled) NOTICE: If a port is representative of PowerConnect 5224. Enables or disables port security on page 23. www.dell.com | support.dell.com The following parameter: • Security Status - If you can enable/disable security for any changes you make in the Port column, you can configure the following figure is disabled due to the 32 48 and 5 224 User 's Guides
User Manual
Page 23
... re-enable a port using the CLI, use the no form command disables port security. Addendum to be disabled. Switch 5224: Re-Enabling a Shutdown Port If security is disabled, click the check box in the Admin/Oper column. 3 Click Apply Changes to enable the port. Command port security Usage Enables port security on a port and you set the intrusion action to Trap and Shutdown, a security violation causes the port to the 3 248 and 52 24 User 's Guides 23...
... re-enable a port using the CLI, use the no form command disables port security. Addendum to be disabled. Switch 5224: Re-Enabling a Shutdown Port If security is disabled, click the check box in the Admin/Oper column. 3 Click Apply Changes to enable the port. Command port security Usage Enables port security on a port and you set the intrusion action to Trap and Shutdown, a security violation causes the port to the 3 248 and 52 24 User 's Guides 23...
User Manual
Page 25
... MAC address. In addition, each port needs time to forward frames. The ID is selected from among the device ports attached to "ports" in seconds, at regular intervals. Specifies the time interval, in this section means "interfaces," which the root device transmits a configuration message. • Forward Delay - Identifies the priority and MAC address of the Spanning Tree Protocol: • Bridge Settings • Advanced Bridge Settings • Port Settings • Trunk Settings Bridge Settings...
... MAC address. In addition, each port needs time to forward frames. The ID is selected from among the device ports attached to "ports" in seconds, at regular intervals. Specifies the time interval, in this section means "interfaces," which the root device transmits a configuration message. • Forward Delay - Identifies the priority and MAC address of the Spanning Tree Protocol: • Bridge Settings • Advanced Bridge Settings • Port Settings • Trunk Settings Bridge Settings...
User Manual
Page 26
....dell.com | support.dell.com • Root Port - Specifies the port number on the switch: (Default: RSTP) - If there is closest to the root device. • Configuration Changes - Identifies the time since the Spanning Tree was accepted as , STP BPDU) after a port's migration delay timer expires, the switch assumes it is selected, the switch uses RSTP set to the 32 48 and 5 224 User 's Guides If you enable the Spanning Tree, you can configure the following Spanning Tree parameters...
....dell.com | support.dell.com • Root Port - Specifies the port number on the switch: (Default: RSTP) - If there is closest to the root device. • Configuration Changes - Identifies the time since the Spanning Tree was accepted as , STP BPDU) after a port's migration delay timer expires, the switch assumes it is selected, the switch uses RSTP set to the 32 48 and 5 224 User 's Guides If you enable the Spanning Tree, you can configure the following Spanning Tree parameters...
User Manual
Page 29
...tree spanning-tree mode {stp | rstp} spanning-tree forward-time seconds spanning-tree hello-time time spanning-tree max-age seconds spanning-tree priority priority show spanning-tree [interface] Usage Enables the Spanning Tree algorithm globally for the switch. Selects the Spanning Tree mode for the switch. The no form command restores the default (STP). Configures the Spanning Tree bridge forward time globally for the switch. The no form command disables STP. CLI Commands The following table summarizes the equivalent CLI commands for items in the Spanning Tree/Bridge Settings...
...tree spanning-tree mode {stp | rstp} spanning-tree forward-time seconds spanning-tree hello-time time spanning-tree max-age seconds spanning-tree priority priority show spanning-tree [interface] Usage Enables the Spanning Tree algorithm globally for the switch. Selects the Spanning Tree mode for the switch. The no form command restores the default (STP). Configures the Spanning Tree bridge forward time globally for the switch. The no form command disables STP. CLI Commands The following table summarizes the equivalent CLI commands for items in the Spanning Tree/Bridge Settings...
User Manual
Page 31
... specify Spanning Tree parameters for specific interfaces, including port priority, path cost, link type, and edge port. Discarding - References to the 3 248 and 52 24 User 's Guides 31 The no form command restores the default. You may use a different priority or path cost for ports of this section means "interfaces," which includes both ports and trunks. Port address table is available: • State - The no form command restores the default. In the Port Settings page, you can support fast forwarding. Port...
... specify Spanning Tree parameters for specific interfaces, including port priority, path cost, link type, and edge port. Discarding - References to the 3 248 and 52 24 User 's Guides 31 The no form command restores the default. You may use a different priority or path cost for ports of this section means "interfaces," which includes both ports and trunks. Port address table is available: • State - The no form command restores the default. In the Port Settings page, you can support fast forwarding. Port...
User Manual
Page 32
... 32 48 and 5 224 User 's Guides Where more than one port is used for all ports on the designated bridging device through which this port to ports with the highest priority (such as, lowest value) is configured as a trunk member The Port Settings page also contains the following fields that can be blocked if the Spanning Tree Protocol is detecting network loops. trunk: 500,000 Fast Ethernet -
... 32 48 and 5 224 User 's Guides Where more than one port is used for all ports on the designated bridging device through which this port to ports with the highest priority (such as, lowest value) is configured as a trunk member The Port Settings page also contains the following fields that can be blocked if the Spanning Tree Protocol is detecting network loops. trunk: 500,000 Fast Ethernet -
User Manual
Page 33
... the interface is at any time, the switch detects STP BPDUs, including Configuration or Topology Change Notification BPDUs, it automatically sets the selected interface to the 3 248 and 52 24 User 's Guides 33 Quicker convergence for ports connected to shared media. • Edge Port - Retains the current forwarding database to reduce the amount of a bridged LAN or to the spanning tree forwarding state. Overcomes other bridge. - A connection to...
... the interface is at any time, the switch detects STP BPDUs, including Configuration or Topology Change Notification BPDUs, it automatically sets the selected interface to the 3 248 and 52 24 User 's Guides 33 Quicker convergence for ports connected to shared media. • Edge Port - Retains the current forwarding database to reduce the amount of a bridged LAN or to the spanning tree forwarding state. Overcomes other bridge. - A connection to...