User Guide
Page 12
... ...37 3.3 LEDs ...37 Part II: Basic Configuration 39 Chapter 4 The Web Configurator ...41 4.1 Introduction ...41 4.2 System Login ...41 4.3 The Status Screen ...42 4.3.1 Change Your Password 48 4.4 Saving Your Configuration 48 4.5 Switch Lockout ...48 4.6 Resetting the Switch ...49 4.6.1 Reload the Configuration File 49 4.7 Logging Out of the Web Configurator 50 4.8 Help... 6.1.4 Troubleshooting ...63 Chapter 7 System Status and Port Statistics 65 7.1 Overview ...65 7.2 Port Status Summary ...65 7.2.1 Status: Port Details 67 Chapter 8 Basic Setting ...71 12 ES-2024 Series User's Guide
... ...37 3.3 LEDs ...37 Part II: Basic Configuration 39 Chapter 4 The Web Configurator ...41 4.1 Introduction ...41 4.2 System Login ...41 4.3 The Status Screen ...42 4.3.1 Change Your Password 48 4.4 Saving Your Configuration 48 4.5 Switch Lockout ...48 4.6 Resetting the Switch ...49 4.6.1 Reload the Configuration File 49 4.7 Logging Out of the Web Configurator 50 4.8 Help... 6.1.4 Troubleshooting ...63 Chapter 7 System Status and Port Statistics 65 7.1 Overview ...65 7.2 Port Status Summary ...65 7.2.1 Status: Port Details 67 Chapter 8 Basic Setting ...71 12 ES-2024 Series User's Guide
User Guide
Page 26
... for Managing the Switch Do the following things regularly to make the Switch more secure and to manage the Switch more effectively. • Change the password. The device can be used by an SNMP manager. Chapter 1 Getting to Know Your Switch Shared resources such as a server can be monitored and.../or managed by all ports in a safe place. 26 ES-2024 Series User's Guide Line commands offer an alternative to the Web Configurator and may be part of characters, such as numbers and letters. •...
... for Managing the Switch Do the following things regularly to make the Switch more secure and to manage the Switch more effectively. • Change the password. The device can be used by an SNMP manager. Chapter 1 Getting to Know Your Switch Shared resources such as a server can be monitored and.../or managed by all ports in a safe place. 26 ES-2024 Series User's Guide Line commands offer an alternative to the Web Configurator and may be part of characters, such as numbers and letters. •...
User Guide
Page 27
ES-2024 Series User's Guide 27 You could simply restore your password, you will have to totally re-configure the Switch. If you backed up the configuration (and make sure you would not have to reset the Switch to its factory default settings. Chapter 1 Getting to Know Your Switch • Back up an earlier configuration file, you know how to restore it). If you forget your last configuration. Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes.
ES-2024 Series User's Guide 27 You could simply restore your password, you will have to totally re-configure the Switch. If you backed up the configuration (and make sure you would not have to reset the Switch to its factory default settings. Chapter 1 Getting to Know Your Switch • Back up an earlier configuration file, you know how to restore it). If you forget your last configuration. Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes.
User Guide
Page 42
The date and time display as shown if you access the web configurator. 42 ES-2024 Series User's Guide The default username is admin and associated default password is the first screen that displays when you have not configured a time server nor manually entered a time and date in the General Setup screen. Figure 16 Web Configurator: Login 4 Click OK to view the first web configurator screen. 4.3 The Status Screen The Status screen is 1234. Chapter 4 The Web Configurator 3 The login screen appears.
The date and time display as shown if you access the web configurator. 42 ES-2024 Series User's Guide The default username is admin and associated default password is the first screen that displays when you have not configured a time server nor manually entered a time and date in the General Setup screen. Figure 16 Web Configurator: Login 4 Click OK to view the first web configurator screen. 4.3 The Status Screen The Status screen is 1234. Chapter 4 The Web Configurator 3 The login screen appears.
User Guide
Page 47
...to screens where you can view the MAC addresses - ARP Table This link takes you to a screen where you can change the system login password and configure SNMP and remote management. Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION Multicast This link takes you to...takes you to a screen where you can configure authentication and accounting services via external servers. Syslog This link takes you to other ports. ES-2024 Series User's Guide 47 Loop Guard This link takes you to a screen where you can view the MAC addresses (and types) of...
...to screens where you can view the MAC addresses - ARP Table This link takes you to a screen where you can change the system login password and configure SNMP and remote management. Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION Multicast This link takes you to...takes you to a screen where you can configure authentication and accounting services via external servers. Syslog This link takes you to other ports. ES-2024 Series User's Guide 47 Loop Guard This link takes you to a screen where you can view the MAC addresses (and types) of...
User Guide
Page 48
...the upper right hand corner of the following: 1 Delete the management VLAN (default is VLAN 1). 48 ES-2024 Series User's Guide Figure 18 Change Administrator Login Password 4.4 Saving Your Configuration When you are done with a configuration session. 4.5 Switch Lockout You could block ...using in for the first time, it is recommended you change the default administrator password. Click Management > Access Control > Logins to nonvolatile memory. Chapter 4 The Web Configurator 4.3.1 Change Your Password After you log in -band-management (managing through the data ports) if ...
...the upper right hand corner of the following: 1 Delete the management VLAN (default is VLAN 1). 48 ES-2024 Series User's Guide Figure 18 Change Administrator Login Password 4.4 Saving Your Configuration When you are done with a configuration session. 4.5 Switch Lockout You could block ...using in for the first time, it is recommended you change the default administrator password. Click Management > Access Control > Logins to nonvolatile memory. Chapter 4 The Web Configurator 4.3.1 Change Your Password After you log in -band-management (managing through the data ports) if ...
User Guide
Page 49
... means that you see the message "Press any key to the console port using a computer with the CPU port as a member. ES-2024 Series User's Guide 49 The password will also be reset to the default of the Switch. 3 Filter all traffic to the CPU port. 4 Disable all ports. ...5 Misconfigure the text configuration file. 6 Forget the password and/or IP address. 7 Prevent all services from the Switch or forget the administrator password, you will see the initial screen. 3 When you will lose all port-based VLANs with terminal emulation software...
... means that you see the message "Press any key to the console port using a computer with the CPU port as a member. ES-2024 Series User's Guide 49 The password will also be reset to the default of the Switch. 3 Filter all traffic to the CPU port. 4 Disable all ports. ...5 Misconfigure the text configuration file. 6 Forget the password and/or IP address. 7 Prevent all services from the Switch or forget the administrator password, you will see the initial screen. 3 When you will lose all port-based VLANs with terminal emulation software...
User Guide
Page 50
Figure 20 Web Configurator: Logout Screen 50 ES-2024 Series User's Guide Figure 19 Resetting the Switch: Via the Console Port Bootbase Version: V1.07 | 04/20/2008 13:38:02 RAM: Size = ...:04 Press any key to exit the web configurator. Erasing OK sysname> atgo The Switch is now reinitialized with a default configuration file including the default password of "1234". 4.7 Logging Out of the Web Configurator Click Logout in with your terminal. 6 After a configuration file upload, type atgo to restart the Switch. This...
Figure 20 Web Configurator: Logout Screen 50 ES-2024 Series User's Guide Figure 19 Resetting the Switch: Via the Console Port Bootbase Version: V1.07 | 04/20/2008 13:38:02 RAM: Size = ...:04 Press any key to exit the web configurator. Erasing OK sysname> atgo The Switch is now reinitialized with a default configuration file including the default password of "1234". 4.7 Logging Out of the Web Configurator Click Logout in with your terminal. 6 After a configuration file upload, type atgo to restart the Switch. This...
User Guide
Page 145
...the client for more information on configuring your operating system does not support 802.1x, then you may need to install 802.1x client software. ES-2024 Series User's Guide 145 The Switch supports IEEE 802.1x2 authentication, in the form of writing, IEEE 802.1x is a way to ...validate access to ports on the Switch to validate users. At the time of a user name and password. When the client provides the login credentials, the Switch sends an authentication 2. This type of authentication uses the RADIUS (Remote Authentication Dial In User Service...
...the client for more information on configuring your operating system does not support 802.1x, then you may need to install 802.1x client software. ES-2024 Series User's Guide 145 The Switch supports IEEE 802.1x2 authentication, in the form of writing, IEEE 802.1x is a way to ...validate access to ports on the Switch to validate users. At the time of a user name and password. When the client provides the login credentials, the Switch sends an authentication 2. This type of authentication uses the RADIUS (Remote Authentication Dial In User Service...
User Guide
Page 147
...port. Active Reauthenticati on Reauthenticati on a port-by-port basis. Specify if a subscriber has to periodically re-enter his or her username and password to stay connected to all ports. Port This field displays a port number. * Settings in this row first to permit 802.1x authentication on...screen to the port. Select this row only if you make adjustments on Timer Note: Changes in this port. ES-2024 Series User's Guide 147 Specify how often a client has to re-enter his or her username and password to stay connected to activate IEEE 802.1x security.
...port. Active Reauthenticati on Reauthenticati on a port-by-port basis. Specify if a subscriber has to periodically re-enter his or her username and password to stay connected to all ports. Port This field displays a port number. * Settings in this row first to permit 802.1x authentication on...screen to the port. Select this row only if you make adjustments on Timer Note: Changes in this port. ES-2024 Series User's Guide 147 Specify how often a client has to re-enter his or her username and password to stay connected to activate IEEE 802.1x security.
User Guide
Page 174
... user database that is encrypted. 22.2 AAA Screens To enable authentication, accounting or both ) and then set up the authentication priority and accounting settings. 174 ES-2024 Series User's Guide Chapter 22 AAA 22.1.2 on the number of users you to authenticate and authorize users without interacting with a network AAA server... accounting servers. However, there is able to validate an unlimited number of the device. TACACS+ RADIUS Transport Protocol UDP (User Datagram Protocol) Encryption Encrypts the password sent for authentication.
... user database that is encrypted. 22.2 AAA Screens To enable authentication, accounting or both ) and then set up the authentication priority and accounting settings. 174 ES-2024 Series User's Guide Chapter 22 AAA 22.1.2 on the number of users you to authenticate and authorize users without interacting with a network AAA server... accounting servers. However, there is able to validate an unlimited number of the device. TACACS+ RADIUS Transport Protocol UDP (User Datagram Protocol) Encryption Encrypts the password sent for authentication.
User Guide
Page 176
... a read -only number representing a RADIUS server entry. Specify the amount of an external RADIUS server in dotted decimal notation. 176 ES-2024 Series User's Guide Use this section to configure your RADIUS accounting server settings. This is divided between the RADIUS servers that the...-priority for 15 seconds and then tries the second RADIUS server. Enter the IP address of trying other available servers. Specify a password (up to 32 alphanumeric characters) as the key to authenticate with the first configured RADIUS server, if the RADIUS server does not...
... a read -only number representing a RADIUS server entry. Specify the amount of an external RADIUS server in dotted decimal notation. 176 ES-2024 Series User's Guide Use this section to configure your RADIUS accounting server settings. This is divided between the RADIUS servers that the...-priority for 15 seconds and then tries the second RADIUS server. Enter the IP address of trying other available servers. Specify a password (up to 32 alphanumeric characters) as the key to authenticate with the first configured RADIUS server, if the RADIUS server does not...
User Guide
Page 177
... Click Apply to save your TACACS+ server settings. Figure 92 Advanced Application > AAA > TACACS+ Server Setup ES-2024 Series User's Guide 177 Delete Check this screen to 32 alphanumeric characters) as shown. Shared Secret Specify a password (up to configure your changes to the nonvolatile memory when you click Apply. The Switch loses...
... Click Apply to save your TACACS+ server settings. Figure 92 Advanced Application > AAA > TACACS+ Server Setup ES-2024 Series User's Guide 177 Delete Check this screen to 32 alphanumeric characters) as shown. Shared Secret Specify a password (up to configure your changes to the nonvolatile memory when you click Apply. The Switch loses...
User Guide
Page 178
...so use the Save link on the external TACACS+ server and the Switch. This is a read -only number representing a TACACS+ server entry. Specify a password (up to 32 alphanumeric characters) as the key to be the same on the top navigation panel to save your changes to the nonvolatile memory... the timeout value to alternate between the two TACACS+ servers. Specify the amount of an external TACACS+ server in dotted decimal notation. 178 ES-2024 Series User's Guide Chapter 22 AAA The following table describes the labels in this field. For example, if you are using two different...
...so use the Save link on the external TACACS+ server and the Switch. This is a read -only number representing a TACACS+ server entry. Specify a password (up to 32 alphanumeric characters) as the key to be the same on the top navigation panel to save your changes to the nonvolatile memory... the timeout value to alternate between the two TACACS+ servers. Specify the amount of an external TACACS+ server in dotted decimal notation. 178 ES-2024 Series User's Guide Chapter 22 AAA The following table describes the labels in this field. For example, if you are using two different...
User Guide
Page 179
...instructs you want to do so. Delete Check this screen to 32 alphanumeric characters) as shown. Figure 93 Advanced Application > AAA > AAA Setup ES-2024 Series User's Guide 179 Chapter 22 AAA Table 51 Advanced Application > AAA > TACACS+ Server Setup (continued) LABEL DESCRIPTION TCP Port The default... when you click Apply. The Switch loses these changes if it is deleted when you are done configuring. Shared Secret Specify a password (up to configure authentication and accounting settings on the top navigation panel to save your changes to the Switch's run-time memory.
...instructs you want to do so. Delete Check this screen to 32 alphanumeric characters) as shown. Figure 93 Advanced Application > AAA > AAA Setup ES-2024 Series User's Guide 179 Chapter 22 AAA Table 51 Advanced Application > AAA > TACACS+ Server Setup (continued) LABEL DESCRIPTION TCP Port The default... when you click Apply. The Switch loses these changes if it is deleted when you are done configuring. Shared Secret Specify a password (up to configure authentication and accounting settings on the top navigation panel to save your changes to the Switch's run-time memory.
User Guide
Page 184
... RADIUS server when performing authentication. 22.3.1.1 Attributes Used for accounting. This value is the privilege level (1-14) User-Password NAS-Identifier NAS-IP-Address 22.3.1.2 Attributes Used to Login Users User-Name User-Password NAS-Identifier NAS-IP-Address 22.3.1.3 Attributes Used by authentication and accounting functions on the Switch. This appendix... 2865 for more information about RADIUS attributes used for Authenticating Privilege Access User-Name - Calling-Station-Id Frame-MTU EAP-Message State Message-Authenticator 184 ES-2024 Series User's Guide
... RADIUS server when performing authentication. 22.3.1.1 Attributes Used for accounting. This value is the privilege level (1-14) User-Password NAS-Identifier NAS-IP-Address 22.3.1.2 Attributes Used to Login Users User-Name User-Password NAS-Identifier NAS-IP-Address 22.3.1.3 Attributes Used by authentication and accounting functions on the Switch. This appendix... 2865 for more information about RADIUS attributes used for Authenticating Privilege Access User-Name - Calling-Station-Id Frame-MTU EAP-Message State Message-Authenticator 184 ES-2024 Series User's Guide
User Guide
Page 229
ES-2024 Series User's Guide 229 First, understand the filename conventions. 28.8.1 Filename Conventions The configuration file (also known as the romfile or ROM) contains the ... Switch configuration to or downloading files from the Save in drop-down list box and type a descriptive name for it in the screens such as password, Switch setup, IP Setup, and so on your computer under a filename of uploading to a computer using FTP commands.
ES-2024 Series User's Guide 229 First, understand the filename conventions. 28.8.1 Filename Conventions The configuration file (also known as the romfile or ROM) contains the ... Switch configuration to or downloading files from the Save in drop-down list box and type a descriptive name for it in the screens such as password, Switch setup, IP Setup, and so on your computer under a filename of uploading to a computer using FTP commands.
User Guide
Page 230
Chapter 28 Maintenance ZyNOS (ZyXEL Network Operating System sometimes referred to as uploading the wrong model firmware may damage your device. 28.8.2 FTP Command Line Procedure 1 Launch the FTP client ... does not allow you to the Switch. Uploading the config file replaces the specified configuration file system, including your password as the Switch only recognizes "config" and "ras". Be sure to binary. 230 ES-2024 Series User's Guide Be sure you will need to rename them as requested (the default is "1234...
Chapter 28 Maintenance ZyNOS (ZyXEL Network Operating System sometimes referred to as uploading the wrong model firmware may damage your device. 28.8.2 FTP Command Line Procedure 1 Launch the FTP client ... does not allow you to the Switch. Uploading the config file replaces the specified configuration file system, including your password as the Switch only recognizes "config" and "ras". Be sure to binary. 230 ES-2024 Series User's Guide Be sure you will need to rename them as requested (the default is "1234...
User Guide
Page 231
...match, the Switch will work when: • FTP service is disabled in the Service Access Control screen. • The IP address(es) in binary mode. Table 76 General Commands for anonymous access. Specify the default local directory (path). 28.8.4 FTP Restrictions FTP will .... Transfer files in either ASCII (plain text format) or in the Remote Management screen does not match the client IP address. and password is when a user I.D. Normal. Anonymous logins will disconnect the Telnet session immediately. Transfer Type Initial Remote Directory Initial Local Directory The...
...match, the Switch will work when: • FTP service is disabled in the Service Access Control screen. • The IP address(es) in binary mode. Table 76 General Commands for anonymous access. Specify the default local directory (path). 28.8.4 FTP Restrictions FTP will .... Transfer files in either ASCII (plain text format) or in the Remote Management screen does not match the client IP address. and password is when a user I.D. Normal. Anonymous logins will disconnect the Telnet session immediately. Transfer Type Initial Remote Directory Initial Local Directory The...
User Guide
Page 233
Figure 126 Management > Access Control ES-2024 Series User's Guide 233 CHAPTER 29 Access Control This chapter describes how to control access to the Switch. 29.1 Access Control Overview A console port ... one session each, Telnet and SSH share nine sessions, up to nine One session sessions Web Up to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed. Table 77 Access Control Overview Console Port SSH Telnet FTP One session Share up to five...
Figure 126 Management > Access Control ES-2024 Series User's Guide 233 CHAPTER 29 Access Control This chapter describes how to control access to the Switch. 29.1 Access Control Overview A console port ... one session each, Telnet and SSH share nine sessions, up to nine One session sessions Web Up to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed. Table 77 Access Control Overview Console Port SSH Telnet FTP One session Share up to five...