Command Line Interface (CLI) Guide (.htm)
Page 26
... displays Port channel information. Configures RIP. Configures and displays RADIUS information. Configures and displays management access-list information. Configures SNMP communities, traps and displays SNMP information. Configures commands related to the device. Configures Multicast routing. www.dell.com | support.dell.com Line Management ACL Multicast Routing OSPF PHY Diagnostics Port Channel Port Monitor QoS RADIUS RIP RMON SNMP Spanning Tree SSH Syslog Commands System Management TACACS+ User Interface VLAN VRRP Web Server 802.1x Configures the console and remote Telnet connection.
... displays Port channel information. Configures RIP. Configures and displays RADIUS information. Configures and displays management access-list information. Configures SNMP communities, traps and displays SNMP information. Configures commands related to the device. Configures Multicast routing. www.dell.com | support.dell.com Line Management ACL Multicast Routing OSPF PHY Diagnostics Port Channel Port Monitor QoS RADIUS RIP RMON SNMP Spanning Tree SSH Syslog Commands System Management TACACS+ User Interface VLAN VRRP Web Server 802.1x Configures the console and remote Telnet connection.
Command Line Interface (CLI) Guide (.htm)
Page 27
... file. PE Reactivates a locked user account. PE Command Groups 27 GC Specifies the login authentication method list for http. GC Reactivates a locked user account. PE Displays information about password management. Sets the number of users. PE Displays information about the login history of failed login attempts before a password in the GC local database can be reused. GC Sets the expiration time for username and enable passwords GC Sets the number of required password changes...
... file. PE Reactivates a locked user account. PE Command Groups 27 GC Specifies the login authentication method list for http. GC Reactivates a locked user account. PE Displays information about password management. Sets the number of users. PE Displays information about the login history of failed login attempts before a password in the GC local database can be reused. GC Sets the expiration time for username and enable passwords GC Sets the number of required password changes...
Command Line Interface (CLI) Guide (.htm)
Page 33
... the usability status of a specific VLAN. Enables the translation of a directed Broadcast to -address translation. Displays entries in the ARP cache. Configures how long an entry remains in the context of interfaces configured for IP. Displays IGMP snooping configuration. Configures the mrouter-time-out. Acquires an IP address on the device. Displays information on a specific VLAN. Displays IP helper address configuration. Enables Internet Group Management Protocol (IGMP) snooping on dynamically learned Multicast router interfaces. Mode IC IC...
... the usability status of a specific VLAN. Enables the translation of a directed Broadcast to -address translation. Displays entries in the ARP cache. Configures how long an entry remains in the context of interfaces configured for IP. Displays IGMP snooping configuration. Configures the mrouter-time-out. Acquires an IP address on the device. Displays information on a specific VLAN. Displays IP helper address configuration. Enables Internet Group Management Protocol (IGMP) snooping on dynamically learned Multicast router interfaces. Mode IC IC...
Command Line Interface (CLI) Guide (.htm)
Page 52
... keys. The following are assigned to a specific port. Most of ACLs which define the matching criteria for example, assigning ports to a VLAN or port-channel. The Global Configuration mode command policy-map class is used to enter the line configuration command mode. • VLAN Database-Contains commands to create a VLAN as line speed, timeout settings, etc. www.dell.com | support.dell.com Interface Configuration Mode and Specific Configuration Modes Interface configuration modes are used to enter the Policy-map Class Configuration mode. • Ethernet-Contains commands to manage...
... keys. The following are assigned to a specific port. Most of ACLs which define the matching criteria for example, assigning ports to a VLAN or port-channel. The Global Configuration mode command policy-map class is used to enter the line configuration command mode. • VLAN Database-Contains commands to create a VLAN as line speed, timeout settings, etc. www.dell.com | support.dell.com Interface Configuration Mode and Specific Configuration Modes Interface configuration modes are used to enter the Policy-map Class Configuration mode. • Ethernet-Contains commands to manage...
Command Line Interface (CLI) Guide (.htm)
Page 59
... login authentication line configuration command specifies the login authentication method list for authentication. On the console, the enable password is the privilege level. Create a list by the authentication login command, use the no authentication and, therefore, the process will never require Radius authentication. The additional methods of authentication methods is not set , the process still succeeds. Uses username "$enabx$." For example, a sequence where Radius follows None is checked. Command Mode Global Configuration mode User Guidelines The default...
... login authentication line configuration command specifies the login authentication method list for authentication. On the console, the enable password is the privilege level. Create a list by the authentication login command, use the no authentication and, therefore, the process will never require Radius authentication. The additional methods of authentication methods is not set , the process still succeeds. Uses username "$enabx$." For example, a sequence where Radius follows None is checked. Command Mode Global Configuration mode User Guidelines The default...
Command Line Interface (CLI) Guide (.htm)
Page 160
...) Default Configuration This command has no ip address dhcp command deconfigures any IP address that the DHCPDISCOVER message have a specific host name. Command Mode Interface configuration (Ethernet, VLAN, port-channel, out-of interfaces. If the ip address dhcp command is used with or without the optional keyword, the DHCP option 12 field (host name option) is configured to obtain its IP address from the Dynamic Host Configuration Protocol (DHCP) server. The ip address dhcp command is defined on an interface from a DHCP server...
...) Default Configuration This command has no ip address dhcp command deconfigures any IP address that the DHCPDISCOVER message have a specific host name. Command Mode Interface configuration (Ethernet, VLAN, port-channel, out-of interfaces. If the ip address dhcp command is used with or without the optional keyword, the DHCP option 12 field (host name option) is configured to obtain its IP address from the Dynamic Host Configuration Protocol (DHCP) server. The ip address dhcp command is defined on an interface from a DHCP server...
Command Line Interface (CLI) Guide (.htm)
Page 175
... snooping. To disable IGMP snooping on a VLAN interface, use the no ip igmp snooping Default Configuration IGMP snooping is disabled on a specific VLAN. To disable IGMP snooping use the no ip igmp snooping Default Configuration IGMP snooping is disabled. Console (config)# ip igmp snooping ip igmp snooping (Interface) The ip igmp snooping interface configuration command enables Internet Group Management Protocol (IGMP) snooping on all VLANs in the set context. Syntax ip igmp snooping no form of this command. Command Mode Interface configuration (VLAN) mode IGMP Snooping Commands...
... snooping. To disable IGMP snooping on a VLAN interface, use the no ip igmp snooping Default Configuration IGMP snooping is disabled on a specific VLAN. To disable IGMP snooping use the no ip igmp snooping Default Configuration IGMP snooping is disabled. Console (config)# ip igmp snooping ip igmp snooping (Interface) The ip igmp snooping interface configuration command enables Internet Group Management Protocol (IGMP) snooping on all VLANs in the set context. Syntax ip igmp snooping no form of this command. Command Mode Interface configuration (VLAN) mode IGMP Snooping Commands...
Command Line Interface (CLI) Guide (.htm)
Page 318
... long. Console (config)# radius-server key dell-server 318 Radius Commands www.dell.com | support.dell.com If no host-specific timeout, retransmit, deadtime or key values are no user guidelines for this command. Default Configuration The default is an empty string. Example The following characteristics: • Server host IP address-192.168.10.1 • Authentication port number-20 • Timeout period-20 seconds Console (config)# radius-server host 192.168.10.1 auth-port 20 timeout 20 radius-server key The radius-server key global configuration command sets the authentication...
... long. Console (config)# radius-server key dell-server 318 Radius Commands www.dell.com | support.dell.com If no host-specific timeout, retransmit, deadtime or key values are no user guidelines for this command. Default Configuration The default is an empty string. Example The following characteristics: • Server host IP address-192.168.10.1 • Authentication port number-20 • Timeout period-20 seconds Console (config)# radius-server host 192.168.10.1 auth-port 20 timeout 20 radius-server key The radius-server key global configuration command sets the authentication...
Command Line Interface (CLI) Guide (.htm)
Page 440
... example sets the authentication encryption key: Console(config)# tacacs-server key dell-s tacacs-server source-ip The tacacs-server source-ip global configuration command specifies the source IP address used on the out-of-band port, use the no form of -band IP address format: oob/ip-address. This key must match the encryption used for all TACACS+ communications between the router and the TACACS+ server. Syntax tacacs-server key [key-string] no host-specific timeout, key...
... example sets the authentication encryption key: Console(config)# tacacs-server key dell-s tacacs-server source-ip The tacacs-server source-ip global configuration command specifies the source IP address used on the out-of-band port, use the no form of -band IP address format: oob/ip-address. This key must match the encryption used for all TACACS+ communications between the router and the TACACS+ server. Syntax tacacs-server key [key-string] no host-specific timeout, key...
Command Line Interface (CLI) Guide (.htm)
Page 501
... auto. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command enables the attachment of this command. If the port becomes unauthorized, all hosts to be taken when a station whose MAC address is a member of the port-channel. To return to be granted network access. Examples The following command allows multiple hosts (clients) on an 802.1x-authorized port where the dot1x port-control interface configuration command is set to a single 802.1x-enabled port. Forward frames with source addresses that are denied access...
... auto. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command enables the attachment of this command. If the port becomes unauthorized, all hosts to be taken when a station whose MAC address is a member of the port-channel. To return to be granted network access. Examples The following command allows multiple hosts (clients) on an 802.1x-authorized port where the dot1x port-control interface configuration command is set to a single 802.1x-enabled port. Forward frames with source addresses that are denied access...
User's Guide (.htm)
Page 5
... Passwords 72 Software Download and Reboot 74 Software Download Through XModem 74 Software Download Through TFTP Server 75 Boot Image Download 77 Sample Configuration Process 77 Device Setup Requirements 78 Initial Connection 78 Device Default Settings 82 Enabling Remote Management 82 Setting the Management Station IP Address 85 Enabling Telnet Access 87 Enabling Web Access (HTTP Server 89 Configuring Secure Management Access (HTTPS 91 Startup Menu Functions 92 Download Software 93 Erase FLASH File 93 Erase FLASH Sectors 94 Password Recovery 95 Out-of-Band Management Port...
... Passwords 72 Software Download and Reboot 74 Software Download Through XModem 74 Software Download Through TFTP Server 75 Boot Image Download 77 Sample Configuration Process 77 Device Setup Requirements 78 Initial Connection 78 Device Default Settings 82 Enabling Remote Management 82 Setting the Management Station IP Address 85 Enabling Telnet Access 87 Enabling Web Access (HTTP Server 89 Configuring Secure Management Access (HTTPS 91 Startup Menu Functions 92 Download Software 93 Erase FLASH File 93 Erase FLASH Sectors 94 Password Recovery 95 Out-of-Band Management Port...
User's Guide (.htm)
Page 16
...specific MAC addresses for a given period are aged out, which multicast routers are forwarded by the switch from stations to an upstream multicast router. Self-Learning MAC Addresses The switch enables MAC addresses to be transmitted on each relevant port are more efficiently forwarded. Static MAC Entries User-defined MAC entries are stored in multicast sessions and which prevents the Bridging Table from overflowing. VLAN-Aware MAC-based Switching Packets arriving from incoming packets. Port Mirroring Port mirroring monitors and mirrors network traffic by forwarding copies of IGMP...
...specific MAC addresses for a given period are aged out, which multicast routers are forwarded by the switch from stations to an upstream multicast router. Self-Learning MAC Addresses The switch enables MAC addresses to be transmitted on each relevant port are more efficiently forwarded. Static MAC Entries User-defined MAC entries are stored in multicast sessions and which prevents the Bridging Table from overflowing. VLAN-Aware MAC-based Switching Packets arriving from incoming packets. Port Mirroring Port mirroring monitors and mirrors network traffic by forwarding copies of IGMP...
User's Guide (.htm)
Page 24
... for SSH, Telnet, HTTP, HTTPS and SNMP access are authenticated via an external server. The out-of-band management port provides a physically secure link and also offers fault tolerance. Passwords for validation of users accessing the switch. For information about password management, see "Configuring Port Security." Security Features Access Control Lists (ACL) ACL provides rules for forwarding or blocking network traffic. TACACS+ provides a centralized user management system, while still retaining consistency with specific MAC addresses. www.dell.com | support.dell.com Out...
... for SSH, Telnet, HTTP, HTTPS and SNMP access are authenticated via an external server. The out-of-band management port provides a physically secure link and also offers fault tolerance. Passwords for validation of users accessing the switch. For information about password management, see "Configuring Port Security." Security Features Access Control Lists (ACL) ACL provides rules for forwarding or blocking network traffic. TACACS+ provides a centralized user management system, while still retaining consistency with specific MAC addresses. www.dell.com | support.dell.com Out...
User's Guide (.htm)
Page 50
www.dell.com | support.dell.com Figure 5-1. Installation and Configuration Jobflow Connect Device and Console Power on Hardware Setup Yes Suspend Bootup Press Esc Startup Menu (Special functions) Reboot No Loading program from flash to RAM Yes Enter Wizard No Initial Configuration: IP Address, Subnetmask, Users Basic Security configuration Wizard Configuration Process Standard Device Installation Advanced Configuration: IP Address from DHCP, IP Address from bootp, Security management Advanced Device Installation 60 Configuring the Switch
www.dell.com | support.dell.com Figure 5-1. Installation and Configuration Jobflow Connect Device and Console Power on Hardware Setup Yes Suspend Bootup Press Esc Startup Menu (Special functions) Reboot No Loading program from flash to RAM Yes Enter Wizard No Initial Configuration: IP Address, Subnetmask, Users Basic Security configuration Wizard Configuration Process Standard Device Installation Advanced Configuration: IP Address from DHCP, IP Address from bootp, Security management Advanced Device Installation 60 Configuring the Switch
User's Guide (.htm)
Page 58
.... 68 Configuring the Switch User SNMP community string, for example "0.0.0.0". 4 Press Enter. www.dell.com | support.dell.com Please enter the Management System IP address(A.B.C.D) or wildcard (0.0.0.0) to access the CLI, Web interface, or SNMP interface for the switch. The IP address is prompted until they are not identical, the user is defined on setting up user accounts and changing privilege levels, see the user documentation. You may setup other accounts and change privilege levels later. Password and password confirmation...
.... 68 Configuring the Switch User SNMP community string, for example "0.0.0.0". 4 Press Enter. www.dell.com | support.dell.com Please enter the Management System IP address(A.B.C.D) or wildcard (0.0.0.0) to access the CLI, Web interface, or SNMP interface for the switch. The IP address is prompted until they are not identical, the user is defined on setting up user accounts and changing privilege levels, see the user documentation. You may setup other accounts and change privilege levels later. Password and password confirmation...
User's Guide (.htm)
Page 73
... interface status changed to "up" and that connectivity has been achieved. In this example the static address is (in STP forwarding before pinging the management station. If the management station is connected directly to the interface, the IP address on the VLAN must belong to the same subnet as one of a remote network, and is forwarding (after 30 seconds) as shown below: Console# 01-Jan-2000 01:43:03 %LINK...
... interface status changed to "up" and that connectivity has been achieved. In this example the static address is (in STP forwarding before pinging the management station. If the management station is connected directly to the interface, the IP address on the VLAN must belong to the same subnet as one of a remote network, and is forwarding (after 30 seconds) as shown below: Console# 01-Jan-2000 01:43:03 %LINK...
User's Guide (.htm)
Page 179
...during login and via user names and user-defined passwords. • Authorization - Enable Password CLI Commands CLI Command enable password [level level] password [encrypted] show users accounts Username Privilege Bob 15 Jim 15 Dell 1515 Configuring TACACS+ Settings The device provide Terminal Access Controller Access Control System (TACACS+) client support. TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. Once the authentication session is updated. The TACACS+ protocol ensures network...
...during login and via user names and user-defined passwords. • Authorization - Enable Password CLI Commands CLI Command enable password [level level] password [encrypted] show users accounts Username Privilege Bob 15 Jim 15 Dell 1515 Configuring TACACS+ Settings The device provide Terminal Access Controller Access Control System (TACACS+) client support. TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. Once the authentication session is updated. The TACACS+ protocol ensures network...
User's Guide (.htm)
Page 219
...default files should be reset. Restore Configuration Factory Defaults - Copying Files Using CLI Commands The following fields: Copy Configuration - Figure 6-72. Source - The destination configuration file (running, startup, backup) to the running , startup, backup) from which the file is copied. When checked, specifies that a configuration file should be copied. Unchecked maintains the current configuration settings. it does not replace the file. The file is copied. The configuration source file (running configuration file only adds configuration data; Copying Files...
...default files should be reset. Restore Configuration Factory Defaults - Copying Files Using CLI Commands The following fields: Copy Configuration - Figure 6-72. Source - The destination configuration file (running, startup, backup) to the running , startup, backup) from which the file is copied. When checked, specifies that a configuration file should be copied. Unchecked maintains the current configuration settings. it does not replace the file. The file is copied. The configuration source file (running configuration file only adds configuration data; Copying Files...
User's Guide (.htm)
Page 411
...: - QoS handles per -flow settings. Quality of Service (CoS) and QoS are used in the VLAN header. • QoS refers to Layer 2 traffic and above. Packet content - Traffic shaping In this criteria are handled as set in the following elements: • Access Control Lists (ACLs) - Classifies each incoming packet as belonging to trafficclasses, which is allowed to enter the system, and which are subject to specified criteria, and that a network...
...: - QoS handles per -flow settings. Quality of Service (CoS) and QoS are used in the VLAN header. • QoS refers to Layer 2 traffic and above. Packet content - Traffic shaping In this criteria are handled as set in the following elements: • Access Control Lists (ACLs) - Classifies each incoming packet as belonging to trafficclasses, which is allowed to enter the system, and which are subject to specified criteria, and that a network...
User's Guide (.htm)
Page 421
... Apply Changes. Shaping Traffic on a Per Queue Basis 1 Open the Bandwidth Settings page. 2 Select an interface. 3 Check Shaping per Queue on the selected interface are configured, and the device is updated. Configuring Quality of all queue weights (normalized weight), thus setting the bandwidth allocation for the interface's CIR and CBS. 5 Click Apply Changes. The CIR and CBS for each queue on Selected Port...
... Apply Changes. Shaping Traffic on a Per Queue Basis 1 Open the Bandwidth Settings page. 2 Select an interface. 3 Check Shaping per Queue on the selected interface are configured, and the device is updated. Configuring Quality of all queue weights (normalized weight), thus setting the bandwidth allocation for the interface's CIR and CBS. 5 Click Apply Changes. The CIR and CBS for each queue on Selected Port...