User manual
Table Of Contents
- Table of Contents
- About This Guide
- 1 Product Introduction
- 2 Hardware Installation
- 3 Getting Started
- 4 Configuration
- Web-based Management
- Tool Bar > Save Menu
- Tool Bar > Tool Menu
- Tool Bar > Online Help
- Function Tree
- Device Information
- System > System Settings
- System > Serial Port Settings
- System > IPv6 System Settings
- System > IPv6 Route Settings
- System > IPv6 Neighbor Settings
- System > DHCP Auto Configuration
- System > Trap Settings
- System > Port Configuration > Port Settings
- System > Port Configuration > Port Description
- System > Port Configuration > Port Error Disabled
- System > SNMP Settings > SNMP Global State
- System > SNMP Settings > SNMP User Table
- System > SNMP Settings > SNMP Group Table
- System > SNMP Settings > SNMP View Table
- System > SNMP Settings > SNMP Community Table
- System > SNMP Settings > SNMP Host Table
- System > SNMP Settings > SNMP Engine ID
- System > SNMP Settings > SNMP Trap Settings
- System > User Accounts
- System > MAC Address Aging Time
- System > ARP Aging Time Settings
- System > PPPoE Circuit ID Insertion Settings
- System > Web Settings
- System > Telnet Settings
- System > Password Encryption
- System > Ping Test
- System > MAC Notification Settings
- System > System Log Configuration > System Log Settings
- System > System Log Configuration > System Log Server
- System > SMTP Service > SMTP Server Settings
- System > SMTP Service > SMTP Service
- Configuration > 802.1Q VLAN
- Configuration > 802.1Q Management VLAN
- Configuration > VLAN Status
- Configuration > GVRP Settings
- Configuration > GVRP Timer Settings
- Configuration > QinQ > QinQ Settings
- Configuration > QinQ > VLAN Translation CVID Entry Settings
- Configuration > 802.1v Protocol VLAN > 802.1v Protocol Group Settings
- Configuration > 802.1v Protocol VLAN > 802.1v Protocol VLAN Settings
- Configuration > VLAN Trunk Settings
- Configuration > Link Aggregation > Port Trunkings
- Configuration > Link Aggregation > LACP Port Settings
- Configuration > BPDU Protection Settings
- Configuration > IGMP Snooping > IGMP Snooping
- Configuration > IGMP Snooping > IGMP Access Control Settings
- Configuration > IGMP Snooping > ISM VLAN Settings
- Configuration > IGMP Snooping > Host Table
- Configuration > IGMP Snooping > IP Multicast Profile Settings
- Configuration > IGMP Snooping > Limited Multicast Range Settings
- Configuration > IGMP Snooping > Max Multicast Group Settings
- Configuration > MLD Snooping > MLD Snooping Settings
- Configuration > MLD Snooping > MLD Host Table
- Configuration > Port Mirroring
- Configuration > Loopback Detection
- Configuration > SNTP Settings > Time Settings
- Configuration > SNTP Settings > TimeZone Settings
- Configuration > DHCP/BOOTP Relay > DHCP/BOOTP Relay Global Settings
- Configuration > DHCP/BOOTP Relay > DHCP/BOOTP Relay Interface Settings
- Configuration > DHCP Local Relay Settings
- Configuration > DHCPv6 Relay Settings
- Configuration > Firmware Information
- Configuration > Spanning Tree > STP Bridge Global Settings
- Configuration > Spanning Tree > STP Port Settings
- Configuration > Spanning Tree > MST Configuration Identification
- Configuration > Spanning Tree > STP Instance Settings
- Configuration > Spanning Tree > MSTP Port Information
- Configuration > Ethernet OAM > Ethernet OAM Port Settings
- Configuration > Ethernet OAM > Ethernet OAM Event Configuration
- Configuration > DULD > DULD Port Settings
- Configuration > Multicast Forwarding & Filtering > Multicast Forwarding
- Configuration > Multicast Forwarding & Filtering > Multicast Filtering
- QoS > Traffic Control
- QoS > Bandwidth Control
- QoS > CoS Scheduling Mechanism
- QoS > CoS Output Scheduling
- QoS > 802.1p Default Priority
- QoS > 802.1p User Priority
- QoS > DSCP Priority Settings
- QoS > Priority Settings
- QoS > MAC Priority Settings
- QoS > IP Priority Settings
- QoS > IPv6 Priority Settings
- QoS > IPv6 Traffic Class Priority Settings
- QoS > TCP/UDP Port Priority Settings
- QoS > VLAN ID Priority Settings
- QoS > Protocol Priority Settings
- RMON > RMON Basic Settings
- RMON > RMON Ethernet Statistics Configuration
- RMON > RMON History Control Configuration
- RMON > RMON Alarm Configuration
- RMON > RMON Event Configuration
- Security > Trusted Host
- Security > Safeguard Engine
- Security > ARP Spoofing Prevention
- Security > Gratuitous ARP
- Security > Port Security
- Security > SSL Settings
- Security > Smart Binding > Smart Binding Settings
- Security > Smart Binding > Smart Binding
- Security > Smart Binding > White List
- Security > Smart Binding > Black List
- Security > Smart Binding > DHCP Snooping List
- Security > 802.1X > 802.1X Settings
- Security > 802.1X > 802.1X User
- Security > 802.1X > 802.1X Authentication RADIUS
- Security > 802.1X > 802.1X Guest VLAN
- Security > MAC Address Table > Static MAC
- Security > MAC Address Table > Dynamic Forwarding Table
- Security > Access Authentication Control > Authentication Policy Settings
- Security > Access Authentication Control > Application Authentication Settings
- Security > Access Authentication Control > Authentication Server Group
- Security > Access Authentication Control > Authentication Server
- Security > Access Authentication Control > Login Method Lists
- Security > Access Authentication Control > Enable Method Lists
- Security > Access Authentication Control > Local Enable Password Settings
- Security > Traffic Segmentation
- Security > DoS Prevention Settings
- Security > DHCP Server Screening > DHCP Server Screening Port Settings
- Security > DHCP Server Screening > Filter DHCP Server
- Security > SSH Settings > SSH Settings
- Security > SSH Settings > SSH Authmode and Algorithm Settings
- Security > SSH Settings > SSH User Authentication Lists
- Monitoring > Statistics
- Monitoring > Session Table
- Monitoring > CPU Utilization
- Monitoring > Memory Utilization
- Monitoring > Port Utilization
- Monitoring > Packet Size
- Monitoring > Packets > Transmitted (TX)
- Monitoring > Packets > Received (RX)
- Monitoring > Packets > UMB Cast (RX)
- Monitoring > Errors > Received (RX)
- Monitoring > Errors > Transmitted (TX)
- Monitoring > Cable Diagnostics
- Monitoring > System Log
- Monitoring > Browse ARP Table
- Monitoring > Ethernet OAM > Browse Ethernet OAM Event Log
- Monitoring > Ethernet OAM > Browse Ethernet OAM Statistics
- Monitoring > Port Access Control > RADIUS Authentication
- Monitoring > Port Access Control > RADIUS Account Client
- ACL > ACL Configuration Wizard
- ACL > Access Profile List
- ACL > ACL Finder
- ACL > CPU Filter Configuration Wizard
- ACL > CPU Filter Access Profile List
- ACL > CPU Filter Finder
- LLDP > LLDP Global Settings
- LLDP > Basic LLDP Port Settings
- LLDP > 802.1 Extension LLDP Port Settings
- LLDP > 802.3 Extension LLDP Port Settings
- LLDP > LLDP Management Address Settings
- LLDP > LLDP Statistics Table
- LLDP > LLDP Management Address Table
- LLDP > LLDP Local Port Table
- LLDP > LLDP Remote Port Table
- Appendix A - Ethernet Technology
- Appendix B - Ethernet Technology
- Appendix C – Rack mount Instructions
- Appendix D – Cables and Connectors
- Appendix E– Module Specs and Cable Lengths
4 Configuration DES-1210 Metro Ethernet Managed Switch User Manual
79
Figure 4.132 – Security > Access Authentication control > Authentication Server Group
Simply enter a group name of no more than 15 alphanumeric characters to define the user group to add.
After clicking Apply, the new user-defined group will be displayed in the Server Group table. Here, it can be
configured as the user desires.
The Switch has two built-in Authentication Server Groups that cannot be removed but can be modified. To
modify a particular group, click Edit button, which will then display the following window.
Figure 4.133 – Security > Access Authentication control > Authentication Server Group-Edit
Select Group Name, Protocol and IP address then click Add to implement the changes.
NOTE: The user must configure Authentication
Server Hosts using the Authentication Server
Hosts page before adding hosts to the list.
Authentication Server Hosts must be configured
for their specific protocol on a remote centralized
server before this function can work properly.
NOTE: The two built in server groups can only
have server hosts running the same TACACS
daemon. The TACACS+ and RADIUS protocols
are separate entities and are not compatible with
each other.
Security > Access Authentication Control > Authentication Server
This Authentication Server page will set user-defined Authentication Server Hosts for the TACACS+ and
RADIUS security protocols on the Switch. When a user attempts to access the Switch with Authentication
Policy enabled, the Switch will send authentication packets to a remote TACACS+ or RADIUS server host on
a remote host. The TACACS+ or RADIUS server host will then verify or deny the request and return the
appropriate message to the Switch. More than one authentication protocol can be run on the same physical
server host but, remember that TACACS+ and RADIUS are separate entities and are not compatible with
each other. The maximum supported number of server hosts is 16.