Web Management Guide
Table Of Contents
- How to Use This Guide
- Contents
- Figures
- Tables
- Getting Started
- Web Configuration
- Using the Web Interface
- Basic Management Tasks
- Displaying System Information
- Displaying Hardware/Software Versions
- Configuring Support for Jumbo Frames
- Displaying Bridge Extension Capabilities
- Managing System Files
- Setting the System Clock
- Configuring The Console Port
- Configuring Telnet Settings
- Displaying CPU Utilization
- Displaying Memory Utilization
- Resetting the System
- Interface Configuration
- VLAN Configuration
- Address Table Settings
- Spanning Tree Algorithm
- Congestion Control
- Class of Service
- Layer 2 Queue Settings
- Layer 3/4 Priority Settings
- Setting Priority Processing to IP Precedence/DSCP or CoS
- Mapping Ingress DSCP Values to Internal DSCP Values
- Mapping CoS Priorities to Internal DSCP Values
- Mapping Internal DSCP Values to Egress CoS Values
- Mapping IP Precedence Values to Internal DSCP Values
- Mapping IP Port Priority to Internal DSCP Values
- Quality of Service
- Security Measures
- AAA Authentication, Authorization and Accounting
- Configuring User Accounts
- Web Authentication
- Network Access (MAC Address Authentication)
- Configuring HTTPS
- Configuring the Secure Shell
- Access Control Lists
- Showing TCAM Utilization
- Setting the ACL Name and Type
- Configuring a Standard IPv4 ACL
- Configuring an Extended IPv4 ACL
- Configuring a Standard IPv6 ACL
- Configuring an Extended IPv6 ACL
- Configuring a MAC ACL
- Configuring an ARP ACL
- Binding a Port to an Access Control List
- Configuring ACL Mirroring
- Showing ACL Hardware Counters
- ARP Inspection
- Filtering IP Addresses for Management Access
- Configuring Port Security
- Configuring 802.1X Port Authentication
- IPv4 Source Guard
- IPv6 Source Guard
- DHCP Snooping
- Basic Administration Protocols
- Configuring Event Logging
- Link Layer Discovery Protocol
- Simple Network Management Protocol
- Configuring Global Settings for SNMP
- Setting the Local Engine ID
- Specifying a Remote Engine ID
- Setting SNMPv3 Views
- Configuring SNMPv3 Groups
- Setting Community Access Strings
- Configuring Local SNMPv3 Users
- Configuring Remote SNMPv3 Users
- Specifying Trap Managers
- Creating SNMP Notification Logs
- Showing SNMP Statistics
- Remote Monitoring
- Connectivity Fault Management
- Configuring Global Settings for CFM
- Configuring Interfaces for CFM
- Configuring CFM Maintenance Domains
- Configuring CFM Maintenance Associations
- Configuring Maintenance End Points
- Configuring Remote Maintenance End Points
- Transmitting Link Trace Messages
- Transmitting Loop Back Messages
- Transmitting Delay- Measure Requests
- Displaying Local MEPs
- Displaying Details for Local MEPs
- Displaying Local MIPs
- Displaying Remote MEPs
- Displaying Details for Remote MEPs
- Displaying the Link Trace Cache
- Displaying Fault Notification Settings
- Displaying Continuity Check Errors
- UDLD Configuration
- Multicast Filtering
- Overview
- IGMP Protocol
- Layer 2 IGMP (Snooping and Query for IPv4)
- Configuring IGMP Snooping and Query Parameters
- Specifying Static Interfaces for an IPv4 Multicast Router
- Assigning Interfaces to IPv4 Multicast Services
- Setting IGMP Snooping Status per Interface
- Filtering IGMP Query Packets
- Displaying Multicast Groups Discovered by IGMP Snooping
- Displaying IGMP Snooping Statistics
- Filtering and Throttling IGMP Groups
- MLD Snooping (Snooping and Query for IPv6)
- Layer 3 IGMP (Query used with Multicast Routing)
- IP Configuration
- IP Services
- General IP Routing
- Unicast Routing
- Overview
- Configuring the Routing Information Protocol
- Configuring General Protocol Settings
- Clearing Entries from the Routing Table
- Specifying Network Interfaces
- Specifying Passive Interfaces
- Specifying Static Neighbors
- Configuring Route Redistribution
- Specifying an Administrative Distance
- Configuring Network Interfaces for RIP
- Displaying RIP Interface Settings
- Displaying Peer Router Information
- Resetting RIP Statistics
- Configuring the Open Shortest Path First Protocol (Version 2)
- Defining Network Areas Based on Addresses
- Configuring General Protocol Settings
- Displaying Administrative Settings and Statistics
- Adding an NSSA or Stub
- Configuring NSSA Settings
- Configuring Stub Settings
- Displaying Information on NSSA and Stub Areas
- Configuring Area Ranges (Route Summarization for ABRs)
- Redistributing External Routes
- Configuring Summary Addresses (for External AS Routes)
- Configuring OSPF Interfaces
- Configuring Virtual Links
- Displaying Link State Database Information
- Displaying Information on Neighboring Routers
- Specifying Passive Interfaces
- Multicast Routing
- Appendices
- Glossary
- Index
Chapter 11
| Security Measures
AAA Authentication, Authorization and Accounting
– 239 –
between the authentication server and logon client. This switch can pass
authentication messages between the server and client that have been
encrypted using MD5 (Message-Digest 5), TLS (Transport Layer Security), or
TTLS (Tunneled Transport Layer Security).
Parameters
These parameters are displayed:
Configure Server
Server Type
– Select RADIUS or TACACS+ server.
◆
RADIUS
■
Global
– Provides globally applicable RADIUS settings.
■
Server Index
– Specifies one of five RADIUS servers that may be
configured. The switch attempts authentication using the listed sequence
of servers. The process ends when a server either approves or denies access
to a user.
■
Server IP Address
– Address of authentication server.
(A Server Index entry must be selected to display this item.)
■
Authentication Server UDP Port
– Network (UDP) port on authentication
server used for authentication messages. (Range: 1-65535; Default: 1812)
■
Authentication Timeout
– The number of seconds the switch waits for a
reply from the RADIUS server before it resends the request. (Range: 1-60;
Default: 5)
■
Authentication Retries
– Number of times the switch tries to authenticate
logon access via the authentication server. (Range: 1-5; Default: 2)
■
Set Key
– Mark this box to set or modify the encryption key.
■
Authentication Key
– Encryption key used to authenticate logon access
for client. Enclose any string containing blank spaces in double quotes.
(Maximum length: 48 characters)
■
Confirm Authentication Key
– Re-type the string entered in the previous
field to ensure no errors were made. The switch will not change the
encryption key if these two fields do not match.
◆
TACACS+
■
Global
– Provides globally applicable TACACS+ settings.
■
Server Index
– Specifies the index number of the server to be configured.
The switch currently supports only one TACACS+ server.