User Manual
Page 1
Dell™ PowerConnect™ 3248 and 5224 Network Switches Addendum to the 3248 and 5224 User's Guides www.dell.com | support.dell.com
Dell™ PowerConnect™ 3248 and 5224 Network Switches Addendum to the 3248 and 5224 User's Guides www.dell.com | support.dell.com
User Manual
Page 3
Addendum to the 3248 and 5224 User's Guides New Features: • Remote System Logging • Secure Access - Simple Network Management Protocol (SNMP) • Enhanced Statistics Summaries NOTE: The graphics in this section may differ slightly from the graphics on your computer. Addendum to the 3248 and 5224 User's Guides 3 Secure Shell (SSH), Authentication Settings, and Secure Hypertext Transfer Protocol (HTTPS) • Increased Port Security • Spanning Tree Protocol (STP) • IP Filtering -
Addendum to the 3248 and 5224 User's Guides New Features: • Remote System Logging • Secure Access - Simple Network Management Protocol (SNMP) • Enhanced Statistics Summaries NOTE: The graphics in this section may differ slightly from the graphics on your computer. Addendum to the 3248 and 5224 User's Guides 3 Secure Shell (SSH), Authentication Settings, and Secure Hypertext Transfer Protocol (HTTPS) • Increased Port Security • Spanning Tree Protocol (STP) • IP Filtering -
User Manual
Page 4
... stored in the switch. The default is set for Debugging. www.dell.com | support.dell.com System Logs Remote system logging allows you to configure the logging of debug or error messages to the logging process. 4 Addendum to the 3248 and 5224 User's Guides To assist in the flash memory. The system log messages are...
... stored in the switch. The default is set for Debugging. www.dell.com | support.dell.com System Logs Remote system logging allows you to configure the logging of debug or error messages to the logging process. 4 Addendum to the 3248 and 5224 User's Guides To assist in the flash memory. The system log messages are...
User Manual
Page 5
NOTE: The Flash Level must be equal to the 3248 and 5224 User's Guides 5 Addendum to or less than the Ram Level. The following figure is specified, all messages from level 0 to level 7 are logged to flash. • Ram ... flash memory for all levels up to save any changes you do not want to the specified level. For example, if level 7 is representative of PowerConnect 3248 and 5224. If you make in this page, click Apply Changes. Limits log messages that are logged every 60 minutes.
NOTE: The Flash Level must be equal to the 3248 and 5224 User's Guides 5 Addendum to or less than the Ram Level. The following figure is specified, all messages from level 0 to level 7 are logged to flash. • Ram ... flash memory for all levels up to save any changes you do not want to the specified level. For example, if level 7 is representative of PowerConnect 3248 and 5224. If you make in this page, click Apply Changes. Limits log messages that are logged every 60 minutes.
User Manual
Page 6
... Switch/General/Remote Logs page allows you to configure the logging of debug or error messages to the default level. flash - www.dell.com | support.dell.com CLI Commands The following table summarizes the equivalent CLI commands for system and event messages Example Console(config)#logging on logging history ... disables the logging process. event history stored in the Switch/General/System Logs page. Limits syslog messages saved to the 3248 and 5224 User's Guides The no form command returns the logging of a specified level. 6 Addendum to switch memory based on severity.
... Switch/General/Remote Logs page allows you to configure the logging of debug or error messages to the default level. flash - www.dell.com | support.dell.com CLI Commands The following table summarizes the equivalent CLI commands for system and event messages Example Console(config)#logging on logging history ... disables the logging process. event history stored in the Switch/General/System Logs page. Limits syslog messages saved to the 3248 and 5224 User's Guides The no form command returns the logging of a specified level. 6 Addendum to switch memory based on severity.
User Manual
Page 7
... the remote syslog server for remote logging of debug or error messages to 23. Specifies a new server IP address to add to the 3248 and 5224 User's Guides 7 To delete an IP address, click the entry in the Host IP Address box, and click Add IP Host. Addendum to the Host IP List...
... the remote syslog server for remote logging of debug or error messages to 23. Specifies a new server IP address to add to the 3248 and 5224 User's Guides 7 To delete an IP address, click the entry in the Host IP Address box, and click Add IP Host. Addendum to the Host IP List...
User Manual
Page 8
Limits syslog messages saved to the 3248 and 5224 User's Guides Sets the facility type for items in the Switch/General/Remote Logs page. The no form command returns the remote logging of syslog messages to ... address that receives logging messages. www.dell.com | support.dell.com The following table summarizes the equivalent CLI commands for remote logging of syslog messages. The no form command returns the facility type to the default. CLI Commands The following figure is representative of PowerConnect 3248 and 5224. The no form command removes a syslog...
Limits syslog messages saved to the 3248 and 5224 User's Guides Sets the facility type for items in the Switch/General/Remote Logs page. The no form command returns the remote logging of syslog messages to ... address that receives logging messages. www.dell.com | support.dell.com The following table summarizes the equivalent CLI commands for remote logging of syslog messages. The no form command returns the facility type to the default. CLI Commands The following figure is representative of PowerConnect 3248 and 5224. The no form command removes a syslog...
User Manual
Page 9
...: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 Console# Security The Switch/Security page contains new links to the 3248 and 5224 User's Guides 9 The RADIUS Settings page was renamed Authentication Settings and updated to include Terminal Access Controller Access Control System Plus (TACACS+). • SSH • Authentication Settings...
...: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 REMOTELOG server ip address: 0.0.0.0 Console# Security The Switch/Security page contains new links to the 3248 and 5224 User's Guides 9 The RADIUS Settings page was renamed Authentication Settings and updated to include Terminal Access Controller Access Control System Plus (TACACS+). • SSH • Authentication Settings...
User Manual
Page 10
...using encrypted paths between the switch and SSH-enabled management station clients. • SSH Server Status - www.dell.com | support.dell.com NOTE: There are two versions of authentication attempts that the SSH server waits for a response from ...PowerConnect 3248 and 5224. 10 Addendum to 5 times; Default: 120 seconds) • SSH authentication retries - Specifies the time interval in this page, click Apply Changes. The following figure is allowed before authentication fails and the client must restart the authentication process. (Range: 1 to the 32 48 and 5 224 User 's Guides...
...using encrypted paths between the switch and SSH-enabled management station clients. • SSH Server Status - www.dell.com | support.dell.com NOTE: There are two versions of authentication attempts that the SSH server waits for a response from ...PowerConnect 3248 and 5224. 10 Addendum to 5 times; Default: 120 seconds) • SSH authentication retries - Specifies the time interval in this page, click Apply Changes. The following figure is allowed before authentication fails and the client must restart the authentication process. (Range: 1 to the 32 48 and 5 224 User 's Guides...
User Manual
Page 11
The no form command resets the values to the 3 248 and 52 24 User 's Guides 11 The connection_id is the session number displayed when using the show ssh Usage Enables the SSH server on the switch. The no form command ...
The no form command resets the values to the 3 248 and 52 24 User 's Guides 11 The connection_id is the session number displayed when using the show ssh Usage Enables the SSH server on the switch. The no form command ...
User Manual
Page 12
... for authentication, you must be edited: • Authentication Sequence- RADIUS - The RADIUS system uses User Datagram Protocol (UDP) while TACACS+ uses Transmission Control Protocol (TCP). UDP only offers best-effort delivery...dell.com | support.dell.com NOTE: When you are using the console port, Web browser, or Telnet. Console# Authentication Settings Similar to the switch, and level 15 allows Privileged Exec access. 0 started admin 1.5 cipher-3des session- The RADIUS Settings page was renamed "Authentication Settings" and updated to the 32 48 and 5 224 User 's Guides...
... for authentication, you must be edited: • Authentication Sequence- RADIUS - The RADIUS system uses User Datagram Protocol (UDP) while TACACS+ uses Transmission Control Protocol (TCP). UDP only offers best-effort delivery...dell.com | support.dell.com NOTE: When you are using the console port, Web browser, or Telnet. Console# Authentication Settings Similar to the switch, and level 15 allows Privileged Exec access. 0 started admin 1.5 cipher-3des session- The RADIUS Settings page was renamed "Authentication Settings" and updated to the 32 48 and 5 224 User 's Guides...
User Manual
Page 13
.... Do not use blank spaces in the string. - Local, TACACS - A RADIUS server attempts to authenticate the user first, then a TACACS+ server, and then a RADIUS server. - TACACS, RADIUS, Local - Secret Text String...user first, and then a TACACS+ server attempts to authenticate the user first, then a RADIUS server, and then the switch. • RADIUS Server Settings - Local, TACACS, RADIUS - Server IP Address - A RADIUS server attempts to authenticate the user first, and then the switch attempts to the 3 248 and 52 24 User 's Guides 13 Addendum to authenticate the user...
.... Do not use blank spaces in the string. - Local, TACACS - A RADIUS server attempts to authenticate the user first, then a TACACS+ server, and then a RADIUS server. - TACACS, RADIUS, Local - Secret Text String...user first, and then a TACACS+ server attempts to authenticate the user first, then a RADIUS server, and then the switch. • RADIUS Server Settings - Local, TACACS, RADIUS - Server IP Address - A RADIUS server attempts to authenticate the user first, and then the switch attempts to the 3 248 and 52 24 User 's Guides 13 Addendum to authenticate the user...
User Manual
Page 14
...spaces in this page, click Apply Changes. Identifies the IP address of PowerConnect 3248 and 5224. 14 Addendum to save any changes you make in the string. Server Port Number - www.dell.com | support.dell.com NOTE: The local switch user database must be set up through the CLI by the TACACS+ server.... - Specifies the number of seconds the switch waits for a Reply - To save the changes, click Refresh. If you do not want to the 32 48 and 5 224 User 's Guides ...
...spaces in this page, click Apply Changes. Identifies the IP address of PowerConnect 3248 and 5224. 14 Addendum to save any changes you make in the string. Server Port Number - www.dell.com | support.dell.com NOTE: The local switch user database must be set up through the CLI by the TACACS+ server.... - Specifies the number of seconds the switch waits for a Reply - To save the changes, click Refresh. If you do not want to the 32 48 and 5 224 User 's Guides ...
User Manual
Page 15
... server. (The range is 1-30.) Sets the number of the TACACS+ server parameters. Sets the TACACS+ encryption key (up to the 3 248 and 52 24 User 's Guides 15 CLI Commands The following table summarizes the equivalent CLI commands for a reply before resending a request. (The range is super. Sets the RADIUS server UDP...
... server. (The range is 1-30.) Sets the number of the TACACS+ server parameters. Sets the TACACS+ encryption key (up to the 3 248 and 52 24 User 's Guides 15 CLI Commands The following table summarizes the equivalent CLI commands for a reply before resending a request. (The range is super. Sets the RADIUS server UDP...
User Manual
Page 16
...and HTTPS servers to the switch's Web interface. If you change the HTTPS port number, clients attempting to connect to the 32 48 and 5 224 User 's Guides Both the HTTP and HTTPS service can be enabled independently on the switch. The following Web browsers and operating systems currently support HTTPS: Web Browser... Transfer Protocol (HTTPS) over the Secure Socket Layer (SSL), providing secure access (for example, an encrypted connection) to use the same TCP port. www.dell.com | support.dell.com NOTE: If you enable HTTPS, you must specify the port number in the URL, in the URL.
...and HTTPS servers to the switch's Web interface. If you change the HTTPS port number, clients attempting to connect to the 32 48 and 5 224 User 's Guides Both the HTTP and HTTPS service can be enabled independently on the switch. The following Web browsers and operating systems currently support HTTPS: Web Browser... Transfer Protocol (HTTPS) over the Secure Socket Layer (SSL), providing secure access (for example, an encrypted connection) to use the same TCP port. www.dell.com | support.dell.com NOTE: If you enable HTTPS, you must specify the port number in the URL, in the URL.
User Manual
Page 17
... representative of PowerConnect 3248 and 5224. Specifies the UDP port number used for Internet Explorer 5.x and Netscape Navigator 4.x. The following fields that can be edited: • HTTPS Status - To save the changes, click Refresh. If you make in the status bar for HTTPS/SSL connection to the 3 248 and 52 24 User 's Guides 17...
... representative of PowerConnect 3248 and 5224. Specifies the UDP port number used for Internet Explorer 5.x and Netscape Navigator 4.x. The following fields that can be edited: • HTTPS Status - To save the changes, click Refresh. If you make in the status bar for HTTPS/SSL connection to the 3 248 and 52 24 User 's Guides 17...
User Manual
Page 18
www.dell.com | support.dell.com CLI Commands The following table summarizes the equivalent CLI commands for an initial period, and then enable port security to the switch. Specifies the ... allows you enable the learning function long enough to ensure that all valid VLAN members are accepted as authorized to the 32 48 and 5 224 User 's Guides Be sure you to configure a switch port with source addresses already stored in the dynamic or static address table are registered on a port for items...
www.dell.com | support.dell.com CLI Commands The following table summarizes the equivalent CLI commands for an initial period, and then enable port security to the switch. Specifies the ... allows you enable the learning function long enough to ensure that all valid VLAN members are accepted as authorized to the 32 48 and 5 224 User 's Guides Be sure you to configure a switch port with source addresses already stored in the dynamic or static address table are registered on a port for items...
User Manual
Page 19
... Security page, you do not want to a security violation, it must be configured as a secure port. Indicates the action to the 3 248 and 52 24 User 's Guides 19 NOTICE: A port that only the port should be taken when a port security violation is already configured as a LACP or static trunk port cannot be...
... Security page, you do not want to a security violation, it must be configured as a secure port. Indicates the action to the 3 248 and 52 24 User 's Guides 19 NOTICE: A port that only the port should be taken when a port security violation is already configured as a LACP or static trunk port cannot be...
User Manual
Page 20
... a shutdown port, follow these steps: 1 Click the Ports/Port Configuration page. 2 For the port that is representative of PowerConnect 3248. www.dell.com | support.dell.com The following table summarizes the equivalent CLI commands for items in Interface Configuration mode. Switch 3248: Re-Enabling a Shutdown Port... intrusion action set to Shutdown or Trap and Shutdown, then a security violation will cause the port to the 32 48 and 5 224 User 's Guides Switch 3248: CLI Commands The following figure is disabled, click the check box in the Admin/Oper column. 3 Click Apply Changes to...
... a shutdown port, follow these steps: 1 Click the Ports/Port Configuration page. 2 For the port that is representative of PowerConnect 3248. www.dell.com | support.dell.com The following table summarizes the equivalent CLI commands for items in Interface Configuration mode. Switch 3248: Re-Enabling a Shutdown Port... intrusion action set to Shutdown or Trap and Shutdown, then a security violation will cause the port to the 32 48 and 5 224 User 's Guides Switch 3248: CLI Commands The following figure is disabled, click the check box in the Admin/Oper column. 3 Click Apply Changes to...
User Manual
Page 21
...User 's Guides 21 To save any changes you do not want to save the changes, click Refresh. If you make in this page, click Apply Changes. Example Console(config)#interface ethernet 1/5 Console(config-if)#port security action shutdown Console(config-if)#port security Console(config-if)# Switch 5224:... Security The Ports/Port Security page contains links to the following pages: • Global Configuration • Port Security Configuration Switch 5224: Global Configuration On the Ports/Port Security/Global Configuration page, you can set the security action to be taken when a port ...
...User 's Guides 21 To save any changes you do not want to save the changes, click Refresh. If you make in this page, click Apply Changes. Example Console(config)#interface ethernet 1/5 Console(config-if)#port security action shutdown Console(config-if)#port security Console(config-if)# Switch 5224:... Security The Ports/Port Security page contains links to the following pages: • Global Configuration • Port Security Configuration Switch 5224: Global Configuration On the Ports/Port Security/Global Configuration page, you can set the security action to be taken when a port ...