User Manual
Page 3
Addendum to the 3248 and 5224 User's Guides New Features: • Remote System Logging • Secure Access - Addendum to the 3248 and 5224 User's Guides 3 Simple Network Management Protocol (SNMP) • Enhanced Statistics Summaries NOTE: The graphics in this section may differ slightly from the graphics on your computer. Secure Shell (SSH), Authentication Settings, and Secure Hypertext Transfer Protocol (HTTPS) • Increased Port Security • Spanning Tree Protocol (STP) • IP Filtering -
Addendum to the 3248 and 5224 User's Guides New Features: • Remote System Logging • Secure Access - Addendum to the 3248 and 5224 User's Guides 3 Simple Network Management Protocol (SNMP) • Enhanced Statistics Summaries NOTE: The graphics in this section may differ slightly from the graphics on your computer. Secure Shell (SSH), Authentication Settings, and Secure Hypertext Transfer Protocol (HTTPS) • Increased Port Security • Spanning Tree Protocol (STP) • IP Filtering -
User Manual
Page 7
...General/Remote Logs page contains the following fields that receive the syslog messages. Displays the list of syslog messages. To add an IP address to the 3248 and 5224 User's Guides 7 The syslog server uses the facility type to dispatch log messages to save any changes you do not want ...to an appropriate service. (Default: 23) • Logging Trap - If you make in the Host IP List, and click Remove Host IP. For example, if level...
...General/Remote Logs page contains the following fields that receive the syslog messages. Displays the list of syslog messages. To add an IP address to the 3248 and 5224 User's Guides 7 The syslog server uses the facility type to dispatch log messages to save any changes you do not want ...to an appropriate service. (Default: 23) • Logging Trap - If you make in the Host IP List, and click Remove Host IP. For example, if level...
User Manual
Page 8
CLI Commands The following figure is representative of PowerConnect 3248 and 5224. The no form command returns the facility type to a remote server based on severity. The no form command removes a syslog server host. Limits... Switch/General/Remote Logs page. Command logging host host_ip_address logging facility facility_type logging trap level Usage Adds a syslog server host IP address that receives logging messages. www.dell.com | support.dell.com The following table summarizes the equivalent CLI commands for remote logging of syslog messages to the default level. 8 Addendum...
CLI Commands The following figure is representative of PowerConnect 3248 and 5224. The no form command returns the facility type to a remote server based on severity. The no form command removes a syslog server host. Limits... Switch/General/Remote Logs page. Command logging host host_ip_address logging facility facility_type logging trap level Usage Adds a syslog server host IP address that receives logging messages. www.dell.com | support.dell.com The following table summarizes the equivalent CLI commands for remote logging of syslog messages to the default level. 8 Addendum...
User Manual
Page 9
... facility type: local use 7 REMOTELOG level type: Warning conditions REMOTELOG server ip address: 10.1.0.9 REMOTELOG server ip address: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 Console# Security The Switch/Security page contains new links to the 3248 and 5224 User's Guides 9 The RADIUS Settings page was renamed Authentication Settings and updated...
... facility type: local use 7 REMOTELOG level type: Warning conditions REMOTELOG server ip address: 10.1.0.9 REMOTELOG server ip address: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 Console# Security The Switch/Security page contains new links to the 3248 and 5224 User's Guides 9 The RADIUS Settings page was renamed Authentication Settings and updated...
User Manual
Page 11
...and 52 24 User 's Guides 11 Terminates an SSH connection. Example Console(config)#ip ssh server Console(config)#ip ssh timeout 100 Console(config)#ip ssh authentication-retries 5 Console(config)# Console#show ip ssh Information of secure shell SSH status: enable SSH authentication timeout: 100 SSH ... The no form command disables the SSH server. Displays the status of current SSH sessions. Command ip ssh server ip ssh {[timeout seconds] | [authentication-retries integer]} disconnect ssh connection_id show ip ssh show ssh Usage Enables the SSH server on the switch.
...and 52 24 User 's Guides 11 Terminates an SSH connection. Example Console(config)#ip ssh server Console(config)#ip ssh timeout 100 Console(config)#ip ssh authentication-retries 5 Console(config)# Console#show ip ssh Information of secure shell SSH status: enable SSH authentication timeout: 100 SSH ... The no form command disables the SSH server. Displays the status of current SSH sessions. Command ip ssh server ip ssh {[timeout seconds] | [authentication-retries integer]} disconnect ssh connection_id show ip ssh show ssh Usage Enables the SSH server on the switch.
User Manual
Page 13
... and then a TACACS+ server attempts to authenticate the user first, then the switch, and then a RADIUS server. - RADIUS, TACACS - Server IP Address - A RADIUS server attempts to authenticate the user first, and then a TACACS+ server attempts to authenticate the user first, then a TACACS+... server, and then the switch. - Identifies the IP address of Server Transmits - RADIUS, TACACS, Local - A RADIUS server attempts to authenticate the user. - RADIUS, Local, TACACS - A RADIUS server...
... and then a TACACS+ server attempts to authenticate the user first, then the switch, and then a RADIUS server. - RADIUS, TACACS - Server IP Address - A RADIUS server attempts to authenticate the user first, and then a TACACS+ server attempts to authenticate the user first, then a TACACS+... server, and then the switch. - Identifies the IP address of Server Transmits - RADIUS, TACACS, Local - A RADIUS server attempts to authenticate the user. - RADIUS, Local, TACACS - A RADIUS server...
User Manual
Page 14
Identifies the IP address of PowerConnect 3248 and 5224. 14 Addendum to save any changes you make in the string. If you do not want to the 32 48 and 5 224 User 's Guides Specifies the number of seconds the switch waits for a Reply - www.dell.com | support.dell.com NOTE: The ...local switch user database must be set up through the CLI by the TACACS+ server. - If using a TACACS+ server, specify the following figure is shared between the switch and the TACACS+ server. Server IP Address - Specifies the text ...
Identifies the IP address of PowerConnect 3248 and 5224. 14 Addendum to save any changes you make in the string. If you do not want to the 32 48 and 5 224 User 's Guides Specifies the number of seconds the switch waits for a Reply - www.dell.com | support.dell.com NOTE: The ...local switch user database must be set up through the CLI by the TACACS+ server. - If using a TACACS+ server, specify the following figure is shared between the switch and the TACACS+ server. Server IP Address - Specifies the text ...
User Manual
Page 15
...Commands The following table summarizes the equivalent CLI commands for a reply before resending a request. (The range is super. Specifies the TACACS+ server IP address. Sets the TACACS+ server TCP port number. Sets the RADIUS encryption key (up to 20 characters). Displays the current configuration of the...is 1-30.) Sets the number of seconds the switch waits for items in the Switch/Security/Authentication Settings page. Specifies the RADIUS server IP address. Sets the RADIUS server UDP port number. Sets the number of times the switch attempts to the 3 248 and 52 24 ...
...Commands The following table summarizes the equivalent CLI commands for a reply before resending a request. (The range is super. Specifies the TACACS+ server IP address. Sets the TACACS+ server TCP port number. Sets the RADIUS encryption key (up to 20 characters). Displays the current configuration of the...is 1-30.) Sets the number of seconds the switch waits for items in the Switch/Security/Authentication Settings page. Specifies the RADIUS server IP address. Sets the RADIUS server UDP port number. Sets the number of times the switch attempts to the 3 248 and 52 24 ...
User Manual
Page 16
....168.1.19 Console(config)#tacacs-server port 49 Console(config)#tacacs-server key tiger Console(config)# Console#show tacacs-server Remote TACACS server configuration: Server IP address: 192.168.1.19 Communication key with service pack 6a), Windows 2000, Solaris 2.6 16 Addendum to the HTTPS server must indicate this in this ..., an encrypted connection) to use the same TCP port. However, you cannot configure the HTTP and HTTPS servers to the switch's Web interface. www.dell.com | support.dell.com NOTE: If you enable HTTPS, you must specify the port number in the URL, in the URL.
....168.1.19 Console(config)#tacacs-server port 49 Console(config)#tacacs-server key tiger Console(config)# Console#show tacacs-server Remote TACACS server configuration: Server IP address: 192.168.1.19 Communication key with service pack 6a), Windows 2000, Solaris 2.6 16 Addendum to the HTTPS server must indicate this in this ..., an encrypted connection) to use the same TCP port. However, you cannot configure the HTTP and HTTPS servers to the switch's Web interface. www.dell.com | support.dell.com NOTE: If you enable HTTPS, you must specify the port number in the URL, in the URL.
User Manual
Page 18
... the TCP port number used for HTTPS connection to the switch. The no form command disables the HTTPS server. Command ip http secure-server ip http secure-port port_number copy tftp https-certificate Usage Enables the HTTPS server on the specified port. Only incoming traffic with... one or more device Media Access Control (MAC) addresses that are authorized to access the network through that port. www.dell.com | support.dell....
... the TCP port number used for HTTPS connection to the switch. The no form command disables the HTTPS server. Command ip http secure-server ip http secure-port port_number copy tftp https-certificate Usage Enables the HTTPS server on the specified port. Only incoming traffic with... one or more device Media Access Control (MAC) addresses that are authorized to access the network through that port. www.dell.com | support.dell....
User Manual
Page 35
... management station, the mask should be set to the IP Filter List. • Subnet Mask - Otherwise, the IP address group is the address of the IP address/subnet mask entries currently configured for SNMP access. • IP address - For example: IP address 192.168.1.1 and mask 255.255.255.0 -... If the IP is specified by an IP address and a subnet mask that are available: • IP Filter List - Specifies a valid IP address group from 192.168.1.0 to the ...
... management station, the mask should be set to the IP Filter List. • Subnet Mask - Otherwise, the IP address group is the address of the IP address/subnet mask entries currently configured for SNMP access. • IP address - For example: IP address 192.168.1.1 and mask 255.255.255.0 -... If the IP is specified by an IP address and a subnet mask that are available: • IP Filter List - Specifies a valid IP address group from 192.168.1.0 to the ...
User Manual
Page 36
..., click the entry in the Subnet Mask box, and click Add IP Filtering Entry. Command snmp ip filter ip_address subnet_mask Usage Sets IP addresses of PowerConnect 3248 and 5224. www.dell.com | support.dell.com NOTICE: The default setting is enabled and only addresses in the IP group will have SNMP access. CLI Commands The following figure is...
..., click the entry in the Subnet Mask box, and click Add IP Filtering Entry. Command snmp ip filter ip_address subnet_mask Usage Sets IP addresses of PowerConnect 3248 and 5224. www.dell.com | support.dell.com NOTICE: The default setting is enabled and only addresses in the IP group will have SNMP access. CLI Commands The following figure is...
User Manual
Page 37
... are packets with errors. Displays the percentage of traffic received on the port that are broadcast packets. • %Error Packets Received - Example Console(config)#snmp ip filter 10.1.2.3 255.255.255.255 Console(config)# Statistics The Statistics page has two new links to the 3 248 and 52 24 User 's Guides 37...
... are packets with errors. Displays the percentage of traffic received on the port that are broadcast packets. • %Error Packets Received - Example Console(config)#snmp ip filter 10.1.2.3 255.255.255.255 Console(config)# Statistics The Statistics page has two new links to the 3 248 and 52 24 User 's Guides 37...