Command Line Interface Guide
Page 88
dot1x re-authenticate Manually initiates a re-authentication of the client. show dot1x Displays 802.1X status... the status of MAC Authentication PE Bypass. 88 Command Groups show dot1x clients Displays detailed information about the users PE who have successfully authenticated on the system or on the port. IC authentication attempts. dot1x timeout supptimeout... times the switch IC sends an EAP-request frame to the client before resending the request. dot1x max-users Sets the maximum number of clients supported IC on the port when MAC-based 802.1X authentication is enabled...
dot1x re-authenticate Manually initiates a re-authentication of the client. show dot1x Displays 802.1X status... the status of MAC Authentication PE Bypass. 88 Command Groups show dot1x clients Displays detailed information about the users PE who have successfully authenticated on the system or on the port. IC authentication attempts. dot1x timeout supptimeout... times the switch IC sends an EAP-request frame to the client before resending the request. dot1x max-users Sets the maximum number of clients supported IC on the port when MAC-based 802.1X authentication is enabled...
Command Line Interface Guide
Page 128
...chain ssh 128 Command Groups GC snmp-server enable traps Enables the switch to be configured from a SSH GC server connection. snmp-server user Configures a new SNMP Version 3 user. SSH Command Description Mode* crypto key generate dsa Generates DSA key pairs for the switch. Displays SSH public keys stored on page ... rsa Generates RSA key pairs for the switch. GC ip ssh pubkey-auth Enables public key authentication for incoming GC SSH sessions. key-string Manually specifies a SSH public key. GC snmp-server group Configures a new SNMP group or a table that GC maps SNMP...
...chain ssh 128 Command Groups GC snmp-server enable traps Enables the switch to be configured from a SSH GC server connection. snmp-server user Configures a new SNMP Version 3 user. SSH Command Description Mode* crypto key generate dsa Generates DSA key pairs for the switch. Displays SSH public keys stored on page ... rsa Generates RSA key pairs for the switch. GC ip ssh pubkey-auth Enables public key authentication for incoming GC SSH sessions. key-string Manually specifies a SSH public key. GC snmp-server group Configures a new SNMP group or a table that GC maps SNMP...
Command Line Interface Guide
Page 129
... Types" on severity. NOTE: *For the meaning of logging and the syslog PE messages stored in the internal buffer. PE Describes the syslog server. PE user-key Specifies which SSH public key is manually SP configured and enters the SSH public key-string configuration command.
... Types" on severity. NOTE: *For the meaning of logging and the syslog PE messages stored in the internal buffer. PE Describes the syslog server. PE user-key Specifies which SSH public key is manually SP configured and enters the SSH public key-string configuration command.
Command Line Interface Guide
Page 144
...and general match criteria. Contains commands to configure the QoS policy map. • Policy Class - The SSH Public-Key Chain Configuration mode command user-key command is used to enter the SSH Public Key-chain configuration mode. • SSH Public Key-string - Use the policy-map command...to attach or remove a diffserv class from a policy and to configure an Ethernet interface. • Port Channel - Contains commands to manually specify other switch SSH public keys. Contains commands to manage loopback interfaces. Use the class-map class-map-name commands to access the QoS...
...and general match criteria. Contains commands to configure the QoS policy map. • Policy Class - The SSH Public-Key Chain Configuration mode command user-key command is used to enter the SSH Public Key-chain configuration mode. • SSH Public Key-string - Use the policy-map command...to attach or remove a diffserv class from a policy and to configure an Ethernet interface. • Port Channel - Contains commands to manually specify other switch SSH public keys. Contains commands to manage loopback interfaces. Use the class-map class-map-name commands to access the QoS...
Command Line Interface Guide
Page 159
...up an SNMP version 1 or 3 account, see the user documentation. To add a management station: Please enter the SNMP community string to manually configure the switch. For more information on adding management systems, see the user documentation). You must answer this question within 60 seconds, ...otherwise the system will continue with normal operation using SNMP (required for Dell Network Manager) you...
...up an SNMP version 1 or 3 account, see the user documentation. To add a management station: Please enter the SNMP community string to manually configure the switch. For more information on adding management systems, see the user documentation). You must answer this question within 60 seconds, ...otherwise the system will continue with normal operation using SNMP (required for Dell Network Manager) you...
Command Line Interface Guide
Page 162
...The system is used to login to setup your initial privilege (Level 15) user account. This account is not setup for Dell Network Manager) you can . To setup a user account: 162 Using the CLI Waiting to manually configure the switch. To manage the switch using the default system configuration.Note... may setup other SNMP accounts. (For more information on setting up user accounts and changing privilege levels, see the user documentation). Would you up the initial SNMP version 2 account now. . Welcome to Dell Easy Setup Wizard The Setup Wizard guides you through the initial switch ...
...The system is used to login to setup your initial privilege (Level 15) user account. This account is not setup for Dell Network Manager) you can . To setup a user account: 162 Using the CLI Waiting to manually configure the switch. To manage the switch using the default system configuration.Note... may setup other SNMP accounts. (For more information on setting up user accounts and changing privilege levels, see the user documentation). Would you up the initial SNMP version 2 account now. . Welcome to Dell Easy Setup Wizard The Setup Wizard guides you through the initial switch ...
Command Line Interface Guide
Page 622
...Mode Privileged EXEC mode 622 802.1x Commands Default Configuration This command has no default configuration. When configuring a port to enable manually initiating a re-authentication of all 802.1x-enabled ports or the specified 802.1x-enabled port. The full syntax is recommended... port must be in order to go immediately to the forwarding state after successful authentication. Command Mode Interface Configuration (Ethernet) mode User Guidelines It is unit/port. Specifies a valid interface number. Syntax dot1x re-authenticate [ethernet interface] • interface - Default Configuration...
...Mode Privileged EXEC mode 622 802.1x Commands Default Configuration This command has no default configuration. When configuring a port to enable manually initiating a re-authentication of all 802.1x-enabled ports or the specified 802.1x-enabled port. The full syntax is recommended... port must be in order to go immediately to the forwarding state after successful authentication. Command Mode Interface Configuration (Ethernet) mode User Guidelines It is unit/port. Specifies a valid interface number. Syntax dot1x re-authenticate [ethernet interface] • interface - Default Configuration...
Command Line Interface Guide
Page 623
.... To return to enable periodic re-authentication of the client. Example The following command manually initiates a re-authentication of this command. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. User Guidelines This command has no user guidelines. console# dot1x re-authenticate ethernet 1/g16 dot1x re-authentication Use the dot1x...
.... To return to enable periodic re-authentication of the client. Example The following command manually initiates a re-authentication of this command. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. User Guidelines This command has no user guidelines. console# dot1x re-authenticate ethernet 1/g16 dot1x re-authentication Use the dot1x...
Command Line Interface Guide
Page 1265
... RSA keys are generated in the file system and the private key is never displayed to the user. they are not saved in order to enter public key configuration mode in the switch configuration; Syntax crypto key pubkey-chain ssh Default Configuration By ... crypto key pubkey-chain ssh Use the crypto key pubkey-chain ssh command in Global Configuration mode to manually specify public keys such as SSH client public keys. Command Mode Global Configuration mode User Guidelines This command has no public keys configured. Default Configuration RSA key pairs do not exist. Example The...
... RSA keys are generated in the file system and the private key is never displayed to the user. they are not saved in order to enter public key configuration mode in the switch configuration; Syntax crypto key pubkey-chain ssh Default Configuration By ... crypto key pubkey-chain ssh Use the crypto key pubkey-chain ssh command in Global Configuration mode to manually specify public keys such as SSH client public keys. Command Mode Global Configuration mode User Guidelines This command has no public keys configured. Default Configuration RSA key pairs do not exist. Example The...
Command Line Interface Guide
Page 1268
Example The following example enables the switch to specify an SSH public key manually. The UU-encoded DER format is enabled by default. To disable this function, use the commands crypto key generate rsa, and crypto key generate dsa. ... specify the SSH public key row by OpenSSH. 1268 SSH Commands Syntax ip ssh server no form of this command. Command Mode Global Configuration mode User Guidelines To generate SSH server keys, use the no ip ssh server Default Configuration This command is the same format as the authorized keys file...
Example The following example enables the switch to specify an SSH public key manually. The UU-encoded DER format is enabled by default. To disable this function, use the commands crypto key generate rsa, and crypto key generate dsa. ... specify the SSH public key row by OpenSSH. 1268 SSH Commands Syntax ip ssh server no form of this command. Command Mode Global Configuration mode User Guidelines To generate SSH server keys, use the no ip ssh server Default Configuration This command is the same format as the authorized keys file...
Command Line Interface Guide
Page 1274
...Example The following example enables a SSH public key to specify which SSH public key you are no user guidelines. Specifies the remote SSH client username. (Range: 1-48 characters) • rsa - Syntax user-key username {rsa|dsa} no form of this command. Command Mode SSH Public Key Chain Configuration ...mode User Guidelines This command has no keys. user-key Use the user-key command in SSH Public Key Chain Configuration mode to be manually configured for the SSH public key chain called "bob." DSA key Default ...
...Example The following example enables a SSH public key to specify which SSH public key you are no user guidelines. Specifies the remote SSH client username. (Range: 1-48 characters) • rsa - Syntax user-key username {rsa|dsa} no form of this command. Command Mode SSH Public Key Chain Configuration ...mode User Guidelines This command has no keys. user-key Use the user-key command in SSH Public Key Chain Configuration mode to be manually configured for the SSH public key chain called "bob." DSA key Default ...
Command Line Interface Guide
Page 1297
.... The name of Switch/Stack. Command Mode Global Configuration mode User Guidelines This command has no hostname • name - System Management Commands 1297 Example console(config)#cut-through mode The mode (enable) is effective from the ... Configuration mode. To restore the default host name, use the initiate failover command in a stack, use the no form of the command. console(config)# hostname Dell initiate failover To manually force a failover from the next reload of the host. (Range: 1-255 characters) Default Configuration Host name not configured.
.... The name of Switch/Stack. Command Mode Global Configuration mode User Guidelines This command has no hostname • name - System Management Commands 1297 Example console(config)#cut-through mode The mode (enable) is effective from the ... Configuration mode. To restore the default host name, use the initiate failover command in a stack, use the no form of the command. console(config)# hostname Dell initiate failover To manually force a failover from the next reload of the host. (Range: 1-255 characters) Default Configuration Host name not configured.
User's Guide
Page 37
...are PEAP, EAP-TTL, EAP-TTLS, and EAP-TLS. Locked Port Support The locked port feature limits access on a port to users with MLD v1. The protocol specifically discovers which types of traffic are assigned security features. Introduction 37 MLD/MLDv2 (RFC2710/RFC3810) MLD... is used to provide traffic flow control, restrict contents of routing updates, decide which multicast addresses are manually defined or learned on that only authorized users have access to specific resources while blocking off any neighboring multicast routers. Also supported are authenticated through the ...
...are PEAP, EAP-TTL, EAP-TTLS, and EAP-TLS. Locked Port Support The locked port feature limits access on a port to users with MLD v1. The protocol specifically discovers which types of traffic are assigned security features. Introduction 37 MLD/MLDv2 (RFC2710/RFC3810) MLD... is used to provide traffic flow control, restrict contents of routing updates, decide which multicast addresses are manually defined or learned on that only authorized users have access to specific resources while blocking off any neighboring multicast routers. Also supported are authenticated through the ...
User's Guide
Page 38
... connection to configure and manage the switch and stack. It describes the advantages of users accessing the switch. TACACS+ TACACS+ provides centralized security for the PowerConnect PowerConnect 6200 Series switches are available on the Dell Support website at www.support.dell.com/manuals: • Getting Started Guide-provides information about the switch models in which the...
... connection to configure and manage the switch and stack. It describes the advantages of users accessing the switch. TACACS+ TACACS+ provides centralized security for the PowerConnect PowerConnect 6200 Series switches are available on the Dell Support website at www.support.dell.com/manuals: • Getting Started Guide-provides information about the switch models in which the...
User's Guide
Page 81
...deployed, functional, and completely manageable through the serial interface. Configuring Dell PowerConnect 81 Configuration Overview Before configuring the switch, obtain the following configuration on the switch: • Establishes the initial privileged user account with a valid password. NOTE: After making any configuration... • Default gateway (next hop router) IP address for autoconfig, manual configuration of the switch is setup with default management VLAN ID=1. The wizard configures one privileged user account during the set up . After the initial set up, you through...
...deployed, functional, and completely manageable through the serial interface. Configuring Dell PowerConnect 81 Configuration Overview Before configuring the switch, obtain the following configuration on the switch: • Establishes the initial privileged user account with a valid password. NOTE: After making any configuration... • Default gateway (next hop router) IP address for autoconfig, manual configuration of the switch is setup with default management VLAN ID=1. The wizard configures one privileged user account during the set up . After the initial set up, you through...
User's Guide
Page 84
... default value is set up as possible. NOTE: In the example below, the possible user options are examples only. Waiting to access these management interfaces by entering [ctrl+z]. Note:... using the input values listed above . After you must respond to the next question to manually configure the switch. You may also choose to allow all IP addresses to select management unit...setup wizard within 60 seconds)? [Y/N] y Step 1: 84 Configuring Dell PowerConnect Example of prompts and responses associated with running as quickly as defined. • A network management system is...
... default value is set up as possible. NOTE: In the example below, the possible user options are examples only. Waiting to access these management interfaces by entering [ctrl+z]. Note:... using the input values listed above . After you must respond to the next question to manually configure the switch. You may also choose to allow all IP addresses to select management unit...setup wizard within 60 seconds)? [Y/N] y Step 1: 84 Configuring Dell PowerConnect Example of prompts and responses associated with running as quickly as defined. • A network management system is...
User's Guide
Page 213
Displays the user name (or Guest ID) of the client (if applicable). • IP Address - To force the captive portal to disconnect an authenticated client, select the Remove check box next to disconnect one or more authenticated clients. From this page, you can manually force the ...To disconnect all clients from all authenticated clients that are connected through the captive portal. The list of the client (if applicable). • User - To view information about all captive portals, click Delete All. Identifies the MAC address of the connected client. • Protocol - To ...
Displays the user name (or Guest ID) of the client (if applicable). • IP Address - To force the captive portal to disconnect an authenticated client, select the Remove check box next to disconnect one or more authenticated clients. From this page, you can manually force the ...To disconnect all clients from all authenticated clients that are connected through the captive portal. The list of the client (if applicable). • User - To view information about all captive portals, click Delete All. Identifies the MAC address of the connected client. • Protocol - To ...
User's Guide
Page 218
...default, SNMPv2 is defined for the stack. The local engineID is important to access the information over the stack. It is used to manually configure the local engineID for SNMPv3 and includes: • Authentication - The SNMP agent defines the MIB specification format, as well as the... format used for managing network devices. In addition, the User Security Model (USM) is automatically enabled on an SNMP message. Cipher-Bock-Chaining (CBC) is important to configure the local engine ID, see...
...default, SNMPv2 is defined for the stack. The local engineID is important to access the information over the stack. It is used to manually configure the local engineID for SNMPv3 and includes: • Authentication - The SNMP agent defines the MIB specification format, as well as the... format used for managing network devices. In addition, the User Security Model (USM) is automatically enabled on an SNMP message. Cipher-Bock-Chaining (CBC) is important to configure the local engine ID, see...
User's Guide
Page 294
...timeout tx-period show dot1x show dot1x ethernet dot1x guest-vlan dot1x unauth-vlan Description Enables MAB on a port. Enables manual control of the authorization state of MAC Authentication Bypass. Shows the status of the port. Sets the guest VLAN on...for a response from the authentication server before restarting the authentication process. Manually initiates a re-authentication of the client. To display the Authenticated Users page, click Switching →Network Security →Authenticated Users in the quiet state following a failed authentication attempt Sets the number...
...timeout tx-period show dot1x show dot1x ethernet dot1x guest-vlan dot1x unauth-vlan Description Enables MAB on a port. Enables manual control of the authorization state of MAC Authentication Bypass. Shows the status of the port. Sets the guest VLAN on...for a response from the authentication server before restarting the authentication process. Manually initiates a re-authentication of the client. To display the Authenticated Users page, click Switching →Network Security →Authenticated Users in the quiet state following a failed authentication attempt Sets the number...
Configuration Guide
Page 50
...; Implement two traffic filtering methods. Overview Port Security: • Allows for limiting the number of static MAC addresses for a port. Static Locking: User manually specifies a list of MAC addresses on a given port. • Packets that have a matching MAC address (secure packets) are not eligible for ... seen within the age-out time. Only frames with an allowable source MAC address are restricted. • Enabled on a port. The user can be set the time-out value. • Dynamically locked MAC addresses are not learned. all dynamically locked addresses are 'freed.' ...
...; Implement two traffic filtering methods. Overview Port Security: • Allows for limiting the number of static MAC addresses for a port. Static Locking: User manually specifies a list of MAC addresses on a given port. • Packets that have a matching MAC address (secure packets) are not eligible for ... seen within the age-out time. Only frames with an allowable source MAC address are restricted. • Enabled on a port. The user can be set the time-out value. • Dynamically locked MAC addresses are not learned. all dynamically locked addresses are 'freed.' ...