Switch User Manual
Table Of Contents
- 00-1Cover.pdf
- 01-CLI Operation.pdf
- 02-Login Operation.pdf
- 1 Logging In to the Switching Engine
- 2 Logging In Through OAP
- 3 Logging In Through Telnet
- 4 Logging In from the Web-Based Network Management System
- 5 Logging In from NMS
- 6 Configuring Source IP Address for Telnet Service Packets
- 7 User Control
- 03-Configuration File Management Operation.pdf
- 04-VLAN Operation.pdf
- 1 VLAN Overview
- 2 VLAN Configuration
- 05-Auto Detect Operation.pdf
- 06-Voice VLAN Operation.pdf
- 07-GVRP Operation.pdf
- 08-Basic Port Configuration Operation.pdf
- 1 Basic Port Configuration
- Ethernet Port Overview
- Configuring Ethernet Ports
- Making Basic Port Configuration
- Configuring Port Auto-Negotiation Speed
- Setting the Ethernet Port Broadcast Suppression Ratio
- Enabling Flow Control on a Port
- Configuring Access Port Attribute
- Configuring Hybrid Port Attribute
- Configuring Trunk Port Attribute
- Disabling Up/Down Log Output on a Port
- Copying Port Configuration to Other Ports
- Configuring a Port Group
- Setting Loopback Detection for an Ethernet Port
- Configuring the Ethernet Port to Run Loopback Test
- Enabling the System to Test Connected Cable
- Configuring the Interval to Perform Statistical Analysis on Port Traffic
- Displaying and Maintaining Ethernet Ports
- Ethernet Port Configuration Example
- Troubleshooting Ethernet Port Configuration
- 1 Basic Port Configuration
- 09-Link Aggregation Operation.pdf
- 1 Link Aggregation Configuration
- 10-Port Isolation Operation.pdf
- 11-Port Security-Port Binding Operation.pdf
- 1 Port Security Configuration
- Port Security Overview
- Port Security Configuration
- Displaying and Maintaining Port Security Configuration
- Port Security Configuration Example
- 2 Port Binding Configuration
- 1 Port Security Configuration
- 12-DLDP Operation.pdf
- 13-MAC Address Table Management Operation.pdf
- 14-MSTP Operation.pdf
- 1 MSTP Configuration
- STP Overview
- MSTP Overview
- Configuring Root Bridge
- Configuration Prerequisites
- Configuring an MST Region
- Specifying the Current Device as a Root Bridge/Secondary Root Bridge
- Configuring the Bridge Priority of the Current Device
- Configuring the Mode a Port Recognizes and Sends MSTP Packets
- Configuring the MSTP Operation Mode
- Configuring the Maximum Hop Count of an MST Region
- Configuring the Network Diameter of the Switched Network
- Configuring the MSTP Time-related Parameters
- Configuring the Timeout Time Factor
- Configuring the Maximum Transmitting Speed on the Current Port
- Configuring the Current Port as an Edge Port
- Specifying Whether the Link Connected to a Port Is Point-to-point Link
- Enabling MSTP
- Configuring Leaf Nodes
- Configuration Prerequisites
- Configuring the MST Region
- Configuring the Mode a Port Recognizes and Sends MSTP Packets
- Configuring the Timeout Time Factor
- Configuring the Maximum Transmitting Speed on the Current Port
- Configuring a Port as an Edge Port
- Configuring the Path Cost for a Port
- Configuring Port Priority
- Specifying Whether the Link Connected to a Port Is a Point-to-point Link
- Enabling MSTP
- Performing mCheck Operation
- Configuring Guard Functions
- Configuring Digest Snooping
- Configuring Rapid Transition
- Configuring VLAN-VPN Tunnel
- STP Maintenance Configuration
- Enabling Trap Messages Conforming to 802.1d Standard
- Displaying and Maintaining MSTP
- MSTP Configuration Example
- VLAN-VPN tunnel Configuration Example
- 1 MSTP Configuration
- 15-802.1x and System Guard Operation.pdf
- 1 802.1x Configuration
- Introduction to 802.1x
- Introduction to 802.1x Configuration
- Basic 802.1x Configuration
- Advanced 802.1x Configuration
- Displaying and Maintaining 802.1x
- Configuration Example
- 2 Quick EAD Deployment Configuration
- 3 System-Guard Configuration
- 1 802.1x Configuration
- 16-AAA Operation.pdf
- 1 AAA Overview
- 2 AAA Configuration
- AAA Configuration Task List
- RADIUS Configuration Task List
- Creating a RADIUS Scheme
- Configuring RADIUS Authentication/Authorization Servers
- Configuring RADIUS Accounting Servers
- Configuring Shared Keys for RADIUS Messages
- Configuring the Maximum Number of RADIUS Request Transmission Attempts
- Configuring the Type of RADIUS Servers to be Supported
- Configuring the Status of RADIUS Servers
- Configuring the Attributes of Data to be Sent to RADIUS Servers
- Configuring the Local RADIUS Authentication Server Function
- Configuring Timers for RADIUS Servers
- Enabling Sending Trap Message when a RADIUS Server Goes Down
- Enabling the User Re-Authentication at Restart Function
- HWTACACS Configuration Task List
- Displaying and Maintaining AAA
- AAA Configuration Examples
- Troubleshooting AAA
- 3 EAD Configuration
- 17-MAC Address Authentication Operation.pdf
- 18-IP Address and Performance Operation.pdf
- 19-DHCP Operation.pdf
- 1 DHCP Overview
- 2 DHCP Relay Agent Configuration
- Introduction to DHCP Relay Agent
- Configuring the DHCP Relay Agent
- Displaying and Maintaining DHCP Relay Agent Configuration
- DHCP Relay Agent Configuration Example
- Troubleshooting DHCP Relay Agent Configuration
- 3 DHCP Snooping Configuration
- DHCP Snooping Overview
- DHCP Snooping Configuration
- Configuring DHCP Snooping
- Configuring DHCP Snooping to Support Option 82
- DHCP-Snooping Option 82 Support Configuration Task List
- Enable DHCP-snooping Option 82 support
- Configure a handling policy for DHCP packets with Option 82
- Configure the storage format of Option 82
- Configure the circuit ID sub-option
- Configure the remote ID sub-option
- Configure the padding format for Option 82
- Configuring IP Filtering
- DHCP Snooping Configuration Example
- Displaying and Maintaining DHCP Snooping Configuration
- 4 DHCP/BOOTP Client Configuration
- 20-ACL Operation.pdf
- 1 ACL Configuration
- ACL Overview
- ACL Configuration
- ACL Assignment
- Displaying and Maintaining ACL
- Examples for Upper-layer Software Referencing ACLs
- Examples for Applying ACLs to Hardware
- 1 ACL Configuration
- 21-QoS-QoS Profile Operation.pdf
- 1 QoS Configuration
- Overview
- QoS Supported by Devices
- QoS Configuration
- QoS Configuration Task List
- Configuring Priority Trust Mode
- Configuring Priority Mapping
- Setting the Priority of Protocol Packets
- Marking Packet Priority
- Configuring Traffic Policing
- Configuring Traffic Shaping
- Configuring Traffic Redirecting
- Configuring VLAN Mapping
- Configuring Queue Scheduling
- Collecting/Clearing Traffic Statistics
- Enabling the Burst Function
- Configuring Traffic Mirroring
- Displaying and Maintaining QoS
- QoS Configuration Example
- 2 QoS Profile Configuration
- 1 QoS Configuration
- 22-Mirroring Operation.pdf
- 23-ARP Operation.pdf
- 24-SNMP-RMON Operation.pdf
- 25-Multicast Operation.pdf
- 1 Multicast Overview
- 2 IGMP Snooping Configuration
- IGMP Snooping Overview
- IGMP Snooping Configuration
- IGMP Snooping Configuration Task List
- Enabling IGMP Snooping
- Configuring the Version of IGMP Snooping
- Configuring Timers
- Configuring Fast Leave Processing
- Configuring a Multicast Group Filter
- Configuring the Maximum Number of Multicast Groups on a Port
- Configuring IGMP Querier
- Suppressing Flooding of Unknown Multicast Traffic in a VLAN
- Configuring Static Member Port for a Multicast Group
- Configuring a Static Router Port
- Configuring a Port as a Simulated Group Member
- Configuring a VLAN Tag for Query Messages
- Configuring Multicast VLAN
- Displaying and Maintaining IGMP Snooping
- IGMP Snooping Configuration Examples
- Troubleshooting IGMP Snooping
- 3 Common Multicast Configuration
- 26-NTP Operation.pdf
- 1 NTP Configuration
- Introduction to NTP
- NTP Configuration Task List
- Configuring NTP Implementation Modes
- Configuring Access Control Right
- Configuring NTP Authentication
- Configuring Optional NTP Parameters
- Displaying and Maintaining NTP Configuration
- NTP Configuration Examples
- 1 NTP Configuration
- 27-SSH Operation.pdf
- 1 SSH Configuration
- SSH Overview
- Configuring the SSH Server
- SSH Server Configuration Tasks
- Configuring the Protocol Support for the User Interface
- Generating/Destroying a RSA or DSA Key Pair
- Exporting the RSA or DSA Public Key
- Creating an SSH User and Specify an Authentication Type
- Specifying a Service Type for an SSH User
- Configuring SSH Management
- Configuring the Client Public Key on the Server
- Assigning a Public Key to an SSH User
- Specifying a Source IP Address/Interface for the SSH Server
- Configuring the SSH Client
- Displaying and Maintaining SSH Configuration
- SSH Configuration Examples
- When the Device Acts as the SSH Server and the Authentication Type is Password
- When the Device Acts as an SSH Server and the Authentication Type is Publickey
- When the Switch Acts as an SSH Client and the Authentication Type is Password
- When the Device Acts as an SSH Client and the Authentication Type is Publickey
- When the Device Acts as an SSH Client and First-time authentication is not Supported
- 1 SSH Configuration
- 28-File System Management Operation.pdf
- 29-FTP-SFTP-TFTP Operation.pdf
- 1 FTP and SFTP Configuration
- Introduction to FTP and SFTP
- FTP Configuration
- SFTP Configuration
- 2 TFTP Configuration
- 1 FTP and SFTP Configuration
- 30-Information Center Operation.pdf
- 1 Information Center
- Information Center Overview
- Information Center Configuration
- Introduction to the Information Center Configuration Tasks
- Configuring Synchronous Information Output
- Configuring to Display the Time Stamp with the UTC Time Zone
- Setting to Output System Information to the Console
- Setting to Output System Information to a Monitor Terminal
- Setting to Output System Information to a Log Host
- Setting to Output System Information to the Trap Buffer
- Setting to Output System Information to the Log Buffer
- Setting to Output System Information to the SNMP NMS
- Displaying and Maintaining Information Center
- Information Center Configuration Examples
- 1 Information Center
- 31-System Maintenance and Debugging Operation.pdf
- 1 Host Configuration File Loading
- 2 Basic System Configuration and Debugging
- 3 Network Connectivity Test
- 4 Device Management
- Introduction to Device Management
- Device Management Configuration
- Displaying and Maintaining the Device Management Configuration
- 32-VLAN-VPN Operation.pdf
- 33-HWPing Operation.pdf
- 34-DNS Operation.pdf
- 35-Smart Link-Monitor Link Operation.pdf
- 36-PoE-PoE Profile Operation.pdf
- 1 PoE Configuration
- PoE Overview
- PoE Configuration
- PoE Configuration Task List
- Enabling the PoE Feature on a Port
- Setting the Maximum Output Power on a Port
- Setting PoE Management Mode and PoE Priority of a Port
- Setting the PoE Mode on a Port
- Configuring the PD Compatibility Detection Function
- Upgrading the PSE Processing Software Online
- Displaying and Maintaining PoE Configuration
- PoE Configuration Example
- 2 PoE Profile Configuration
- 1 PoE Configuration
- 37-Routing Protocol Operation.pdf
- 1 IP Routing Protocol Overview
- 2 Static Route Configuration
- 3 RIP Configuration
- 4 IP Route Policy Configuration
- 38-UDP Helper Operation.pdf
- 39-Appendix.pdf
1-10
This function needs the cooperation of iNode client and a iMC server.
z The iNode client needs to capable of detecting multiple network adapters, proxies, and IE proxies.
z The iMC server is configured to disable the use of multiple network adapters, proxies, or IE proxies.
By default, an iNode client program allows use of multiple network adapters, proxies, and IE proxies. In
this case, if the iMC server is configured to disable use of multiple network adapters, proxies, or IE
proxies, it prompts the iNode client to disable use of multiple network adapters, proxies, or IE proxies
through messages after the supplicant system passes the authentication.
z The client-checking function needs the support of iNode client program.
z To implement the proxy detecting function, you need to enable the function on both the iNode client
program and the iMC server in addition to enabling the client version checking function on the
device by using the dot1x version-check command.
Checking the client version
With the iNode client version-checking function enabled, the device checks the version and validity of
an iNode client to prevent unauthorized users or users with earlier versions of iNode client from logging
in.
This function makes the device to send version-requesting packets again if the iNode client fails to send
version-reply packet to the device when the version-checking timer times out.
The iNode client version-checking function needs the support of an iNode client program.
The Guest VLAN function
The Guest VLAN function enables supplicant systems that are not authenticated to access network
resources in a restrained way.
The Guest VLAN function enables supplicant systems that do not have iNode client installed to access
specific network resources. It also enables supplicant systems that are not authenticated to upgrade
their iNode client programs.
With this function enabled:
z The device sends authentication request (EAP-Request/Identity) packets to all the 802.1x-enabled
ports.
z After the maximum number retries have been made and there are still ports that have not sent any
response back, the device will then add these ports to the Guest VLAN.
z Users belonging to the Guest VLAN can access the resources of the Guest VLAN without being
authenticated. But they need to be authenticated when accessing external resources.
Normally, the Guest VLAN function is coupled with the dynamic VLAN delivery function.