User Guide
Page 26
...RADIUS, TACACS+ Web - Community strings SNMP version 3 - MD5 or SHA password Port - HTTPS Telnet - SSH SNMP v1/2c - IEEE 802.1X, MAC address filtering Access Control Lists Supports up to 128 ACLs, 96 MAC rules and 96 rules per system DHCP Client Supported DHCP Snooping Supported with Option 82 relay information Port Configuration Speed, duplex mode and flow control Rate Limiting Input rate and output limiting per port Port Mirroring One or more port mirrored to a single analysis port Port Trunking Supports up to 8K MAC addresses in this switch. It includes a management...
...RADIUS, TACACS+ Web - Community strings SNMP version 3 - MD5 or SHA password Port - HTTPS Telnet - SSH SNMP v1/2c - IEEE 802.1X, MAC address filtering Access Control Lists Supports up to 128 ACLs, 96 MAC rules and 96 rules per system DHCP Client Supported DHCP Snooping Supported with Option 82 relay information Port Configuration Speed, duplex mode and flow control Rate Limiting Input rate and output limiting per port Port Mirroring One or more port mirrored to a single analysis port Port Trunking Supports up to 8K MAC addresses in this switch. It includes a management...
User Guide
Page 27
... over a Telnet-equivalent connection, IP address filtering for SNMP/web/Telnet management access, and MAC address filtering for secure management access via the IEEE 802.1X protocol. ACLs can manually configure the speed, duplex mode, and flow control used on specific ports, or use of network bandwidth. Port Configuration - Some of advanced performance enhancing features. Port-based authentication is also supported via the web, SSH for secure management access over LANs (EAPOL) to request user credentials from engulfing the network. Flow control should also be used by...
... over a Telnet-equivalent connection, IP address filtering for SNMP/web/Telnet management access, and MAC address filtering for secure management access via the IEEE 802.1X protocol. ACLs can manually configure the speed, duplex mode, and flow control used on specific ports, or use of network bandwidth. Port Configuration - Some of advanced performance enhancing features. Port-based authentication is also supported via the web, SSH for secure management access over LANs (EAPOL) to request user credentials from engulfing the network. Flow control should also be used by...
User Guide
Page 28
... manually set up or dynamically configured using IEEE 802.3ad Link Aggregation Control Protocol (LACP). This prevents the creation of Software Features Rate Limiting - The switch can be written to a monitor port. When a static address is configured on another port. This prevents bad frames from overwhelming the network. Spanning Tree Algorithm - This protocol provides loop detection and recovery by restricting access for frame buffering. Port Mirroring - Port Trunking - The additional ports dramatically increase the throughput across any port to the address table. Static...
... manually set up or dynamically configured using IEEE 802.3ad Link Aggregation Control Protocol (LACP). This prevents the creation of Software Features Rate Limiting - The switch can be written to a monitor port. When a static address is configured on another port. This prevents bad frames from overwhelming the network. Spanning Tree Algorithm - This protocol provides loop detection and recovery by restricting access for frame buffering. Port Mirroring - Port Trunking - The additional ports dramatically increase the throughput across any port to the address table. Static...
User Guide
Page 29
... to a specific set of Service value by remotely configuring VLAN membership for different VLANs. It is a direct extension of Service - It can be manually assigned to prioritize incoming traffic based on network policies, different kinds of each packet. The switch supports tagged VLANs based on Layer 2, Layer 3, or Layer 4 information contained in a flat network. • Simplify network management for node changes/moves by the switch, and the traffic then sent to a Class of VLANs. Using access lists allows...
... to a specific set of Service value by remotely configuring VLAN membership for different VLANs. It is a direct extension of Service - It can be manually assigned to prioritize incoming traffic based on network policies, different kinds of each packet. The switch supports tagged VLANs based on Layer 2, Layer 3, or Layer 4 information contained in a flat network. • Simplify network management for node changes/moves by the switch, and the traffic then sent to a Class of VLANs. Using access lists allows...
User Guide
Page 34
... accessed by default. The switch's HTTP web agent allows you to perform the following management functions: • Set user names and passwords • Set an IP interface for a management VLAN • Configure SNMP parameters • Enable/disable any port • Set the speed/duplex mode for any port • Configure the bandwidth of any computer attached to the network. Note: The IP address for configuration and monitoring via a command line interface (CLI). The CLI program can be managed from any port by a Telnet connection over the network...
... accessed by default. The switch's HTTP web agent allows you to perform the following management functions: • Set user names and passwords • Set an IP interface for a management VLAN • Configure SNMP parameters • Enable/disable any port • Set the speed/duplex mode for any port • Configure the bandwidth of any computer attached to the network. Note: The IP address for configuration and monitoring via a command line interface (CLI). The CLI program can be managed from any port by a Telnet connection over the network...
User Guide
Page 38
... BOOTP or DHCP address allocation servers on . From the Global Configuration mode prompt, type "interface vlan 1" to begin broadcasting service requests. To set the IP address of the default gateway for the network to the startup-config file (step 6), then the switch will start broadcasting service requests. Press . Type "ip dhcp restart" to access the interface-configuration mode. Press . 4. From the Privileged Exec level global configuration mode prompt, type "interface vlan 1" to the global configuration mode prompt. Type "ip address ip-address netmask," where...
... BOOTP or DHCP address allocation servers on . From the Global Configuration mode prompt, type "interface vlan 1" to begin broadcasting service requests. To set the IP address of the default gateway for the network to the startup-config file (step 6), then the switch will start broadcasting service requests. Press . Type "ip dhcp restart" to access the interface-configuration mode. Press . 4. From the Privileged Exec level global configuration mode prompt, type "interface vlan 1" to the global configuration mode prompt. Type "ip address ip-address netmask," where...
User Guide
Page 39
... SNMP traps. Success. Console(config)#interface vlan 1 Console(config-if)#ip address dhcp Console(config-if)#end Console#ip dhcp restart Console#show ip interface" command. The switch can configure the switch to (1) respond to set the access level. 2-6 You therefore need to assign community strings to FLASH finish. To provide management access for SNMP version 1 and 2c clients) Community strings are used to control management access to SNMP version 1 and 2c stations, as well as HP OpenView. Enter the startup file name...
... SNMP traps. Success. Console(config)#interface vlan 1 Console(config-if)#ip address dhcp Console(config-if)#end Console#ip dhcp restart Console#show ip interface" command. The switch can configure the switch to (1) respond to set the access level. 2-6 You therefore need to assign community strings to FLASH finish. To provide management access for SNMP version 1 and 2c clients) Community strings are used to control management access to SNMP version 1 and 2c stations, as well as HP OpenView. Enter the startup file name...
User Guide
Page 46
... Extension Configuration IP Configuration Jumbo Frames File Management Copy Operation Delete Set Start-Up Line Console Telnet Log Logs System Logs Remote Logs SMTP Renumbering Reset SNTP Configuration Clock Time Zone SNMP Configuration Agent Status SNMPv3 Table 3-2 Main Menu Description Page 3-10 Provides basic system description, including contact information 3-10 Shows the number of files from this program. 3 Configuring the Switch Main Menu Using the onboard web agent, you can define system parameters, manage and control the switch, and all its ports, or monitor network...
... Extension Configuration IP Configuration Jumbo Frames File Management Copy Operation Delete Set Start-Up Line Console Telnet Log Logs System Logs Remote Logs SMTP Renumbering Reset SNTP Configuration Clock Time Zone SNMP Configuration Agent Status SNMPv3 Table 3-2 Main Menu Description Page 3-10 Provides basic system description, including contact information 3-10 Shows the number of files from this program. 3 Configuring the Switch Main Menu Using the onboard web agent, you can define system parameters, manage and control the switch, and all its ports, or monitor network...
User Guide
Page 56
... defined VLANs. • GMRP - This switch uses Shared VLAN Learning (SVL), where all VLANs share the same address table. • Configurable PVID Tagging - Web - Field Attributes • Extended Multicast Filtering Services - it uses the Internet Group Management Protocol (IGMP) to "VLAN Configuration" on each port. (Refer to provide automatic multicast filtering. Click System, Bridge Extension Configuration. GARP Multicast Registration Protocol (GMRP) allows network devices to display default settings for the key variables. You can access these...
... defined VLANs. • GMRP - This switch uses Shared VLAN Learning (SVL), where all VLANs share the same address table. • Configurable PVID Tagging - Web - Field Attributes • Extended Multicast Filtering Services - it uses the Internet Group Management Protocol (IGMP) to "VLAN Configuration" on each port. (Refer to provide automatic multicast filtering. Click System, Bridge Extension Configuration. GARP Multicast Registration Protocol (GMRP) allows network devices to display default settings for the key variables. You can access these...
User Guide
Page 62
...firmware form a TFTP server, enter the IP address of the TFTP server, select "opcode" as the startup code cannot be later downloaded to a TFTP server. - Success. The configuration files can upload/download configuration settings to running config. - running-config to the running -config - Copies the startup config to file - Select the file name from the switch to tftp - Console#config Console(config)#boot system opcode:V2271.F Console(config)#exit Console#reload 4-64 4-69 4-22 Saving or Restoring Configuration Settings You can be deleted. file to /from a TFTP server. file...
...firmware form a TFTP server, enter the IP address of the TFTP server, select "opcode" as the startup code cannot be later downloaded to a TFTP server. - Success. The configuration files can upload/download configuration settings to running config. - running-config to the running -config - Copies the startup config to file - Select the file name from the switch to tftp - Console#config Console(config)#boot system opcode:V2271.F Console(config)#exit Console#reload 4-64 4-69 4-22 Saving or Restoring Configuration Settings You can be deleted. file to /from a TFTP server. file...
User Guide
Page 65
... device connected to terminal) and receive (from terminal). Click System, Line, Console. Specify Even, Odd, or None. (Default: None) • Speed - Specify the console port connection parameters as configured for the Password parameter, or by a single global password as required, then click Apply. 1. Sets the number of time (set up for specific user-name accounts. (Default: Local) Web - Sets the terminal line's baud rate for the line connection. Enables password checking at login. Sets the amount of time the management console is started on a line with password...
... device connected to terminal) and receive (from terminal). Click System, Line, Console. Specify Even, Odd, or None. (Default: None) • Speed - Specify the console port connection parameters as configured for the Password parameter, or by a single global password as required, then click Apply. 1. Sets the number of time (set up for specific user-name accounts. (Default: Local) Web - Sets the terminal line's baud rate for the line connection. Enables password checking at login. Sets the amount of time the management console is started on a line with password...
User Guide
Page 66
...; Telnet Status - When the logon attempt threshold is terminated for the console, then specify the connection parameters as required. Default: 300 seconds) • Exec Timeout - If user input is not detected within the timeout interval, the connection is reached, the 3-23 Enables or disables Telnet access to log into the CLI. Sets the TCP port number for a user to the switch. (Default: Enabled) • Telnet Port Number - To display the current console port settings, use the show line Console configuration: Password threshold: 3 times...
...; Telnet Status - When the logon attempt threshold is terminated for the console, then specify the connection parameters as required. Default: 300 seconds) • Exec Timeout - If user input is not detected within the timeout interval, the connection is reached, the 3-23 Enables or disables Telnet access to log into the CLI. Sets the TCP port number for a user to the switch. (Default: Enabled) • Telnet Port Number - To display the current console port settings, use the show line Console configuration: Password threshold: 3 times...
User Guide
Page 125
... these ports to two static trunk ports on another switch using LACP will only be enabled if one of the active links fails. • All ports on both ends of Trunk 2 Basic information: Port type: 100TX Mac address: 00-12-CF-12-34-84 Configuration: Name: Port admin: Up Speed-duplex: Auto Capabilities: 10half, 10full, 100half, 100full Flow control: Disabled Port security: Disabled Max MAC count: 0 Current status: Created by: User Link status: Up Port operation status: Up Operation speed-duplex: 100full Flow control type: None Member Ports: Eth1/1, Eth1/2, Console...
... these ports to two static trunk ports on another switch using LACP will only be enabled if one of the active links fails. • All ports on both ends of Trunk 2 Basic information: Port type: 100TX Mac address: 00-12-CF-12-34-84 Configuration: Name: Port admin: Up Speed-duplex: Auto Capabilities: 10half, 10full, 100half, 100full Flow control: Disabled Port security: Disabled Max MAC count: 0 Current status: Created by: User Link status: Up Port operation status: Up Operation speed-duplex: 100full Flow control type: None Member Ports: Eth1/1, Eth1/2, Console...
User Guide
Page 137
... interface is configured on an interface. Figure 3-59 Input Rate Limit Port Configuration 3-94 Enables or disables the rate limit. (Default: Enabled) • Input/Output Rate Limit - 3 Configuring the Switch Configuring Rate Limits This function allows the network manager to apply rate limiting. Traffic that exceed the acceptable amount of the switch. Non-conforming traffic is dropped, conforming traffic is transmitted, while packets that falls within the rate limit is forwarded without any changes. Command Attributes • Port/Trunk - Sets the rate...
... interface is configured on an interface. Figure 3-59 Input Rate Limit Port Configuration 3-94 Enables or disables the rate limit. (Default: Enabled) • Input/Output Rate Limit - 3 Configuring the Switch Configuring Rate Limits This function allows the network manager to apply rate limiting. Traffic that exceed the acceptable amount of the switch. Non-conforming traffic is dropped, conforming traffic is transmitted, while packets that falls within the rate limit is forwarded without any changes. Command Attributes • Port/Trunk - Sets the rate...
User Guide
Page 151
To allow multiple spanning trees to operate over the network, you must configure a related set of spanning tree instances. - Command Attributes Basic Configuration of 10 or [(Max. RSTP is selected from among the device ports attached to the network. (References to STP forced compatibility mode). - Default: 32768 - Maximum: The lower of Global Settings • Spanning Tree State - Changing modes stops all devices have compatible VLAN instance assignments. - i.e., when this section mean "interfaces," which the...
To allow multiple spanning trees to operate over the network, you must configure a related set of spanning tree instances. - Command Attributes Basic Configuration of 10 or [(Max. RSTP is selected from among the device ports attached to the network. (References to STP forced compatibility mode). - Default: 32768 - Maximum: The lower of Global Settings • Spanning Tree State - Changing modes stops all devices have compatible VLAN instance assignments. - i.e., when this section mean "interfaces," which the...
User Guide
Page 232
..., and sets the policy as trusted or untrusted. An untrusted interface is an interface that is configured to the entire VLAN. Overwrites the DHCP client packet information with the switch's relay information. • Keep - Figure 3-116 DHCP Snooping Information Option Configuration CLI - Console(config)#ip dhcp snooping information option Console(config)#ip dhcp snooping information policy replace Console(config)# 4-235 4-236 DHCP Snooping Port Configuration Configures switch ports as replace. Click DHCP Snooping, Information Option Configuration. Enables or disables port as...
..., and sets the policy as trusted or untrusted. An untrusted interface is an interface that is configured to the entire VLAN. Overwrites the DHCP client packet information with the switch's relay information. • Keep - Figure 3-116 DHCP Snooping Information Option Configuration CLI - Console(config)#ip dhcp snooping information option Console(config)#ip dhcp snooping information policy replace Console(config)# 4-235 4-236 DHCP Snooping Port Configuration Configures switch ports as replace. Click DHCP Snooping, Information Option Configuration. Enables or disables port as...
User Guide
Page 250
... Limiting Link Aggregation Address Table Spanning Tree VLANs Class of Service Quality of Service Multicast Filtering IP Interface DHCP Snooping IP Source Guard IP Cluster Table 4-4 Command Groups Description Sets communication parameters for the serial port and Telnet, including baud rate and console time-out Basic commands for entering privileged access mode, restarting the system, or quitting the CLI Controls system logs, system passwords, user name, browser management options, and a variety of the monitored port Controls the maximum rate for traffic transmitted or received on MAC address...
... Limiting Link Aggregation Address Table Spanning Tree VLANs Class of Service Quality of Service Multicast Filtering IP Interface DHCP Snooping IP Source Guard IP Cluster Table 4-4 Command Groups Description Sets communication parameters for the serial port and Telnet, including baud rate and console time-out Basic commands for entering privileged access mode, restarting the system, or quitting the CLI Controls system logs, system passwords, user name, browser management options, and a variety of the monitored port Controls the maximum rate for traffic transmitted or received on MAC address...
User Guide
Page 265
... prompt string no form to restore the default prompt. Command Group Device Designation User Access IP Filter Web Server Telnet Server Secure Shell Event Logging Time (System Clock) System Status Frame Size Table 4-7 System Management Commands Function Page Configures information that uniquely identifies this switch 4-24 Configures the basic user names and passwords for management access 4-25 Configures IP addresses that are used in PE and NE mode Specifies the host name for the switch Sets the system contact string...
... prompt string no form to restore the default prompt. Command Group Device Designation User Access IP Filter Web Server Telnet Server Secure Shell Event Logging Time (System Clock) System Status Frame Size Table 4-7 System Management Commands Function Page Configures information that uniquely identifies this switch 4-24 Configures the basic user names and passwords for management access 4-25 Configures IP addresses that are used in PE and NE mode Specifies the host name for the switch Sets the system contact string...
User Guide
Page 266
... remove a user name. 4 System Management Commands Example Console(config)#prompt RD2 RD2(config)# hostname This command specifies or modifies the host name for management access are listed in this device. The name of this host. (Maximum length: 255 characters) Default Setting None Command Mode Global Configuration Example Console(config)#hostname RD#1 Console(config)# User Access Commands The basic commands required for this section. Use the no username name 4-25 This switch also includes other options for password checking via the console or a Telnet connection...
... remove a user name. 4 System Management Commands Example Console(config)#prompt RD2 RD2(config)# hostname This command specifies or modifies the host name for management access are listed in this device. The name of this host. (Maximum length: 255 characters) Default Setting None Command Mode Global Configuration Example Console(config)#hostname RD#1 Console(config)# User Access Commands The basic commands required for this section. Use the no username name 4-25 This switch also includes other options for password checking via the console or a Telnet connection...
User Guide
Page 487
... B: Troubleshooting Problems Accessing the Management Interface Table B-1 Troubleshooting Chart Symptom Action Cannot connect using Telnet, • Be sure the switch is powered up an account on the switch for each SSH user, including user name, authentication level, and password. • Be sure you have imported the client's public key to the switch (if public key authentication is used). web browser, or SNMP software • Check network cabling between the management station and the switch. • Check that you have a valid network connection...
... B: Troubleshooting Problems Accessing the Management Interface Table B-1 Troubleshooting Chart Symptom Action Cannot connect using Telnet, • Be sure the switch is powered up an account on the switch for each SSH user, including user name, authentication level, and password. • Be sure you have imported the client's public key to the switch (if public key authentication is used). web browser, or SNMP software • Check network cabling between the management station and the switch. • Check that you have a valid network connection...