User Manual
Page 4
... Forwarding on the Stack 57 Hot Add/Delete and Firmware Synchronization 57 Security Features 57 Configurable Access and Authentication Profiles 57 Password-Protected Management Access . . . . 58 Strong Password Enforcement 58 TACACS+ Client 58 RADIUS Support 58 SSH/SSL 59 Inbound Telnet Control 59 Denial of Service 59 Captive Portal 59 Dot1x Authentication (IEEE 802.1X 60 MAC-Based 802.1X Authentication 60 Dot1x Monitor Mode 60 MAC-Based Port Security 60 Access Control Lists (ACL 61 Time...
... Forwarding on the Stack 57 Hot Add/Delete and Firmware Synchronization 57 Security Features 57 Configurable Access and Authentication Profiles 57 Password-Protected Management Access . . . . 58 Strong Password Enforcement 58 TACACS+ Client 58 RADIUS Support 58 SSH/SSL 59 Inbound Telnet Control 59 Denial of Service 59 Captive Portal 59 Dot1x Authentication (IEEE 802.1X 60 MAC-Based 802.1X Authentication 60 Dot1x Monitor Mode 60 MAC-Based Port Security 60 Access Control Lists (ACL 61 Time...
User Manual
Page 56
...-panel ports, if all switches are connected together through the management interface (Web, CLI, or SNMP) of the master unit. The stack operates and is managed as the master, and the entire stack is running the same firmware version. Automatic Firmware Upgrade for New Stack Members If a switch is added to a stack, and the switch is managed through the stack ports, they operate as a single unit with the PowerConnect M6348 PowerConnect 7000 Series switches and PowerConnect M6348 switches...
...-panel ports, if all switches are connected together through the management interface (Web, CLI, or SNMP) of the master unit. The stack operates and is managed as the master, and the entire stack is running the same firmware version. Automatic Firmware Upgrade for New Stack Members If a switch is added to a stack, and the switch is managed through the stack ports, they operate as a single unit with the PowerConnect M6348 PowerConnect 7000 Series switches and PowerConnect M6348 switches...
User Manual
Page 58
... and brute-force attacks. For information about configuring TACACS+ client settings, see "Controlling Management Access" on page 169. Strong Password Enforcement The Strong Password feature enforces a baseline password strength for validation of length, complexity and randomness. RADIUS Support The switch has a Remote Authentication Dial In User Service (RADIUS) client and can also configure the switch to 32 named authentication and accounting RADIUS servers. Password strength is the configuration of a security breach.
... and brute-force attacks. For information about configuring TACACS+ client settings, see "Controlling Management Access" on page 169. Strong Password Enforcement The Strong Password feature enforces a baseline password strength for validation of length, complexity and randomness. RADIUS Support The switch has a Remote Authentication Dial In User Service (RADIUS) client and can also configure the switch to 32 named authentication and accounting RADIUS servers. Password strength is the configuration of a security breach.
User Manual
Page 61
... port, LAG, or VLAN interface. Time-Based ACLs With the Time-based ACL feature, you can define when an ACL is in effect and the amount of time it is a security feature that only authorized users have access to specific resources while blocking off any unwarranted attempts to provide traffic flow control, restrict contents of routing updates, decide which types of traffic are used to reach network resources. Access Control Lists (ACL) Access Control Lists (ACLs) ensure that filters IP packets...
... port, LAG, or VLAN interface. Time-Based ACLs With the Time-based ACL feature, you can define when an ACL is in effect and the amount of time it is a security feature that only authorized users have access to specific resources while blocking off any unwarranted attempts to provide traffic flow control, restrict contents of routing updates, decide which types of traffic are used to reach network resources. Access Control Lists (ACL) Access Control Lists (ACLs) ensure that filters IP packets...
User Manual
Page 63
... power savings when the link is down, the PHY automatically goes down for short period of the power supply (or power supplies). PoE can also be administratively enabled or disabled on a per -port basis. Energy Detect Mode When the Energy Detect mode is enabled and the port link is lightly loaded. Power over Ethernet (PoE) Plus Features NOTE: The PowerConnect 7024P and 7048P switches support PoE Plus. Power Utilization Reporting The switch displays the current power consumption of time...
... power savings when the link is down, the PHY automatically goes down for short period of the power supply (or power supplies). PoE can also be administratively enabled or disabled on a per -port basis. Energy Detect Mode When the Energy Detect mode is enabled and the port link is lightly loaded. Power over Ethernet (PoE) Plus Features NOTE: The PowerConnect 7024P and 7048P switches support PoE Plus. Power Utilization Reporting The switch displays the current power consumption of time...
User Manual
Page 77
.... In Layer 2 multicast services, a single frame addressed to a specific multicast address is used by monitoring, or snooping traffic to detect packets used to create classification rules to assign the traffic between iSCSI initiator and target systems special QoS treatment in the switch. Based on the destination port. For information about configuring L2 multicast features, see "Configuring iSCSI Optimization" on the switch. MAC Multicast Support Multicast service is traffic that allows a switch to a configured traffic class. Internet Small Computer System Interface (iSCSI...
.... In Layer 2 multicast services, a single frame addressed to a specific multicast address is used by monitoring, or snooping traffic to detect packets used to create classification rules to assign the traffic between iSCSI initiator and target systems special QoS treatment in the switch. Based on the destination port. For information about configuring L2 multicast features, see "Configuring iSCSI Optimization" on the switch. MAC Multicast Support Multicast service is traffic that allows a switch to a configured traffic class. Internet Small Computer System Interface (iSCSI...
User Manual
Page 104
... been configured for console access. NOTE: SSH, which is more information, see "Initiating a Telnet Session from the OpenManage Switch Administrator. None • Stop bits - 1 • Flow control - Telnet Connection Telnet is required for console port access, the User: login prompt displays. Telnet connections are enabled by default. For more secure than Telnet, is disabled by default, and the Telnet port number is 23. None 4 Power on page 279. 104 Using the Command-Line Interface The switch supports up to the switch. All CLI commands can use any Telnet...
... been configured for console access. NOTE: SSH, which is more information, see "Initiating a Telnet Session from the OpenManage Switch Administrator. None • Stop bits - 1 • Flow control - Telnet Connection Telnet is required for console port access, the User: login prompt displays. Telnet connections are enabled by default. For more secure than Telnet, is disabled by default, and the Telnet port number is 23. None 4 Power on page 279. 104 Using the Command-Line Interface The switch supports up to the switch. All CLI commands can use any Telnet...
User Manual
Page 132
... information from a DHCP server on the switch OOB interface by on the network and creates the administrative user with read/write access. DHCP is enabled by default. The administrator configures a PowerConnect 7000 Series switch to perform the initial switch configuration. The administrator uses the OOB port to the management network. console#configure console(config)#interface out-of-band console(config-if)#ip address dhcp console(config-if)#exit 2 Configure the administrative user. If the DHCP client on the switch has been disabled, use the Dell Easy Setup Wizard to obtain...
... information from a DHCP server on the switch OOB interface by on the network and creates the administrative user with read/write access. DHCP is enabled by default. The administrator configures a PowerConnect 7000 Series switch to perform the initial switch configuration. The administrator uses the OOB port to the management network. console#configure console(config)#interface out-of-band console(config-if)#ip address dhcp console(config-if)#exit 2 Configure the administrative user. If the DHCP client on the switch has been disabled, use the Dell Easy Setup Wizard to obtain...
User Manual
Page 143
... phones identified by CDP or DHCP (not LLDP) Switch Stack MAC Addressing and Stack Design Considerations The switch stack uses the MAC addresses assigned to use the original master unit's MAC addresses. This can cause severe problems in neighbor tables remain valid after the failover to other L2 entries in the network. Managing a Switch Stack 143 System up time. IP address, network mask, default gateway on each VLAN Neighbor cache entries Connections List of interfaces with a ring topology (or...
... phones identified by CDP or DHCP (not LLDP) Switch Stack MAC Addressing and Stack Design Considerations The switch stack uses the MAC addresses assigned to use the original master unit's MAC addresses. This can cause severe problems in neighbor tables remain valid after the failover to other L2 entries in the network. Managing a Switch Stack 143 System up time. IP address, network mask, default gateway on each VLAN Neighbor cache entries Connections List of interfaces with a ring topology (or...
User Manual
Page 155
... the stack and specify the model of the switch being preconfigured. Change the switch ID number. The valid range is cleared when the units reset. Configure a description for the specified stack member. The index into the database of the supported switch types, indicating the type of the new stack member. • unit - Enable nonstop forwarding on the stack. Exit to manage the stack and view information about these commands, see the PowerConnect 7000 Series CLI Reference Guide.
... the stack and specify the model of the switch being preconfigured. Change the switch ID number. The valid range is cleared when the units reset. Configure a description for the specified stack member. The index into the database of the supported switch types, indicating the type of the new stack member. • unit - Enable nonstop forwarding on the stack. Exit to manage the stack and view information about these commands, see the PowerConnect 7000 Series CLI Reference Guide.
User Manual
Page 170
...(s) to use a remote TACACS+ server to use . The supported security levels are allowed to validate switch management access for example, Telnet or HTTP) and/or source IP address. RADIUS Configure information about port-based access, 802.1X, and the Internal Authentication Server (IAS), see "Configuring 802.1X and Port-Based Security" on page 505. 170 Controlling Management Access Line and Enable passwords Passwords to allow only authorized users to access the switch through the CLI interface (console, Telnet, and SSH) and to use for...
...(s) to use a remote TACACS+ server to use . The supported security levels are allowed to validate switch management access for example, Telnet or HTTP) and/or source IP address. RADIUS Configure information about port-based access, 802.1X, and the Internal Authentication Server (IAS), see "Configuring 802.1X and Port-Based Security" on page 505. 170 Controlling Management Access Line and Enable passwords Passwords to allow only authorized users to access the switch through the CLI interface (console, Telnet, and SSH) and to use for...
User Manual
Page 178
... 505. Table 9-2 describes the default settings for the management access features. The IEEE 802.1X feature (also known as Dot1X) and Captive Portal feature use RADIUS, IAS, or the local user database to authenticate users. For information about RADIUS-assigned VLANs, see "Configuring a Captive Portal" on page 445. Default Management Security Values By default, the only management access to control network access. Control List (ACL) Password management Password minimum length is enabled, and the minimum features password length...
... 505. Table 9-2 describes the default settings for the management access features. The IEEE 802.1X feature (also known as Dot1X) and Captive Portal feature use RADIUS, IAS, or the local user database to authenticate users. For information about RADIUS-assigned VLANs, see "Configuring a Captive Portal" on page 445. Default Management Security Values By default, the only management access to control network access. Control List (ACL) Password management Password minimum length is enabled, and the minimum features password length...
User Manual
Page 539
... rules. Configuring Access Control Lists 539 ACLs can reside in a packet or frame to any physical port, port-channel (LAG), or VLAN routing port. ACLs can also provide traffic flow control, restrict contents of routing updates, and decide which types of traffic are a collection of permit and deny conditions, called rules, that can be applied to check for matching conditions. Egress ACLs provide the capability to configure Access Control Lists (ACLs), including IPv4, IPv6, and MAC ACLs. The PowerConnect 7000 Series switches support ACL configuration in this...
... rules. Configuring Access Control Lists 539 ACLs can reside in a packet or frame to any physical port, port-channel (LAG), or VLAN routing port. ACLs can also provide traffic flow control, restrict contents of routing updates, and decide which types of traffic are a collection of permit and deny conditions, called rules, that can be applied to check for matching conditions. Egress ACLs provide the capability to configure Access Control Lists (ACLs), including IPv4, IPv6, and MAC ACLs. The PowerConnect 7000 Series switches support ACL configuration in this...
User Manual
Page 688
... traffic until the ingress rate for the packet type falls below the threshold. Storm control is enabled per interface, by defining the packet type and the rate at which is Flow Control? used . 688 Configuring Port-Based Traffic Control Flow control is available for full-duplex mode of operation. Forwarded message responses can configure a threshold level, which the packets are used to activate storm-control is disabled. If the ingress rate of that the higher speed switch refrains from connected devices. If flow control is enabled...
... traffic until the ingress rate for the packet type falls below the threshold. Storm control is enabled per interface, by defining the packet type and the rate at which is Flow Control? used . 688 Configuring Port-Based Traffic Control Flow control is available for full-duplex mode of operation. Forwarded message responses can configure a threshold level, which the packets are used to activate storm-control is disabled. If the ingress rate of that the higher speed switch refrains from connected devices. If flow control is enabled...
Getting Started Guide
Page 7
... Guide, which is available on your User Documentation CD, or check the Dell Support website at support.dell.com for the latest updates on documentation and firmware. Introduction This document provides basic information about how to install a switch and perform the initial configuration. This document contains the following sections: • Hardware Overview • Installation • Starting and Configuring the Switch PowerConnect 7000 Series Overview The PowerConnect 7000 Series switches are stackable Layer 3 Gigabit Ethernet switches and include the following six models...
... Guide, which is available on your User Documentation CD, or check the Dell Support website at support.dell.com for the latest updates on documentation and firmware. Introduction This document provides basic information about how to install a switch and perform the initial configuration. This document contains the following sections: • Hardware Overview • Installation • Starting and Configuring the Switch PowerConnect 7000 Series Overview The PowerConnect 7000 Series switches are stackable Layer 3 Gigabit Ethernet switches and include the following six models...
Getting Started Guide
Page 21
Installation and Configuration Flow Chart Connect Power and Console Power On Yes Choose Option 2 Boot Menu (Special Functions) Reboot Enter Boot Menu? No Loading Program from Flash to perform the initial configuration after the switch is unpacked and mounted. Starting and Configuring the Switch The following flow chart provides an overview of the steps you use to RAM Enter Wizard? No Manual Initial Configuration Yes Easy Setup Wizard Configuration Advanced Configuration Getting Started Guide 19 Figure 1-13.
Installation and Configuration Flow Chart Connect Power and Console Power On Yes Choose Option 2 Boot Menu (Special Functions) Reboot Enter Boot Menu? No Loading Program from Flash to perform the initial configuration after the switch is unpacked and mounted. Starting and Configuring the Switch The following flow chart provides an overview of the steps you use to RAM Enter Wizard? No Manual Initial Configuration Yes Easy Setup Wizard Configuration Advanced Configuration Getting Started Guide 19 Figure 1-13.
Getting Started Guide
Page 25
... the alreadyconnected console port or remotely through the console port. If POST passes successfully, valid firmware is turned on with a default user name, password, or IP address. These settings are displayed on the screen of the switch, obtain the following assumptions: • The PowerConnect switch was established, and the Dell Easy Setup Wizard prompt appears on the terminal and indicate test success or failure. Booting the Switch When the power is...
... the alreadyconnected console port or remotely through the console port. If POST passes successfully, valid firmware is turned on with a default user name, password, or IP address. These settings are displayed on the screen of the switch, obtain the following assumptions: • The PowerConnect switch was established, and the Dell Easy Setup Wizard prompt appears on the terminal and indicate test success or failure. Booting the Switch When the power is...
Getting Started Guide
Page 29
... use Dell Network Manager or other accounts and change this account. To add a management station: Please enter the SNMP community string to be activated. This account is used . [public]: public NOTE: If it is configured, the default access level is disabled until you must specify the management system IP address and the "community string" or password that the particular management system uses to setup your initial privilege (Level 15) user...
... use Dell Network Manager or other accounts and change this account. To add a management station: Please enter the SNMP community string to be activated. This account is used . [public]: public NOTE: If it is configured, the default access level is disabled until you must specify the management system IP address and the "community string" or password that the particular management system uses to setup your initial privilege (Level 15) user...
Getting Started Guide
Page 296
... the switch. To access the switch through any Management Station. [0.0.0.0]: 10.1.2.100 Step 2: Now we need to automatically request an IP address from the network DHCP server. [192.168.2.1]: dhcp 294 Guía de introducción Would you can use these IP addresses to access the CLI, Web interface, or SNMP interface of the device (A.B.C.D) or enter "DHCP" (without the quotes) to setup your initial privilege (Level 15) user account. To setup a user...
... the switch. To access the switch through any Management Station. [0.0.0.0]: 10.1.2.100 Step 2: Now we need to automatically request an IP address from the network DHCP server. [192.168.2.1]: dhcp 294 Guía de introducción Would you can use these IP addresses to access the CLI, Web interface, or SNMP interface of the device (A.B.C.D) or enter "DHCP" (without the quotes) to setup your initial privilege (Level 15) user account. To setup a user...
Getting Started Guide
Page 331
...-Band) Interface and/or the VLAN 1 routing interface. To access the switch through any Management Interface you like to the CLI and Web interface. Başka hesaplar oluşturabilir ve ayrıcalık seviyelerini daha sonra değiştirebilirsiniz. Would you can use these IP addresses to setup your initial privilege (Level 15) user account. Setup the default gateway if IP address is used to login to setup the...
...-Band) Interface and/or the VLAN 1 routing interface. To access the switch through any Management Interface you like to the CLI and Web interface. Başka hesaplar oluşturabilir ve ayrıcalık seviyelerini daha sonra değiştirebilirsiniz. Would you can use these IP addresses to setup your initial privilege (Level 15) user account. Setup the default gateway if IP address is used to login to setup the...