Web Management Guide-R02
Table Of Contents
- How to Use This Guide
- Contents
- Figures
- Tables
- Getting Started
- Web Configuration
- Using the Web Interface
- Basic Management Tasks
- Displaying System Information
- Displaying Hardware/Software Versions
- Configuring Support for Jumbo Frames
- Displaying Bridge Extension Capabilities
- Managing System Files
- Setting the System Clock
- Configuring the Console Port
- Configuring Telnet Settings
- Displaying CPU Utilization
- Configuring CPU Guard
- Displaying Memory Utilization
- Resetting the System
- Interface Configuration
- VLAN Configuration
- Address Table Settings
- Spanning Tree Algorithm
- Congestion Control
- Class of Service
- Quality of Service
- VoIP Traffic Configuration
- Security Measures
- AAA (Authentication, Authorization and Accounting)
- Configuring User Accounts
- Web Authentication
- Network Access (MAC Address Authentication)
- Configuring HTTPS
- Configuring the Secure Shell
- Access Control Lists
- Filtering IP Addresses for Management Access
- Configuring Port Security
- Configuring 802.1X Port Authentication
- DoS Protection
- DHCP Snooping
- DHCPv6 Snooping
- ND Snooping
- IPv4 Source Guard
- IPv6 Source Guard
- ARP Inspection
- Application Filter
- Basic Administration Protocols
- Configuring Event Logging
- Link Layer Discovery Protocol
- Simple Network Management Protocol
- Configuring Global Settings for SNMP
- Setting Community Access Strings
- Setting the Local Engine ID
- Specifying a Remote Engine ID
- Setting SNMPv3 Views
- Configuring SNMPv3 Groups
- Configuring Local SNMPv3 Users
- Configuring Remote SNMPv3 Users
- Specifying Trap Managers
- Creating SNMP Notification Logs
- Showing SNMP Statistics
- Remote Monitoring
- Setting a Time Range
- Ethernet Ring Protection Switching
- MLAG Configuration
- OAM Configuration
- LBD Configuration
- Multicast Filtering
- Overview
- Layer 2 IGMP (Snooping and Query for IPv4)
- Configuring IGMP Snooping and Query Parameters
- Specifying Static Interfaces for a Multicast Router
- Assigning Interfaces to Multicast Services
- Setting IGMP Snooping Status per Interface
- Filtering IGMP Packets on an Interface
- Displaying Multicast Groups Discovered by IGMP Snooping
- Displaying IGMP Snooping Statistics
- Filtering and Throttling IGMP Groups
- MLD Snooping (Snooping and Query for IPv6)
- Configuring MLD Snooping and Query Parameters
- Setting Immediate Leave Status for MLD Snooping per Interface
- Specifying Static Interfaces for an IPv6 Multicast Router
- Assigning Interfaces to IPv6 Multicast Services
- Filtering MLD Query Packets on an Interface
- Showing MLD Snooping Groups and Source List
- Displaying MLD Snooping Statistics
- Filtering and Throttling MLD Groups
- Multicast VLAN Registration for IPv4
- IP Tools
- IP Configuration
- General IP Routing
- IP Services
- Appendices
Chapter 12
| Security Measures
AAA (Authentication, Authorization and Accounting)
– 288 –
■
Accounting Server UDP Port – Network (UDP) port on authentication
server used for accounting messages. (Range: 1-65535; Default: 1813)
■
Authentication Server UDP Port – Network (UDP) port on authentication
server used for authentication messages. (Range: 1-65535; Default: 1812)
■
Authentication Timeout – The number of seconds the switch waits for a
reply from the RADIUS server before it resends the request.
(Range: 1-65535; Default: 5)
■
Authentication Retries – Number of times the switch tries to authenticate
logon access via the authentication server. (Range: 1-30; Default: 2)
■
Set Key – Mark this box to set or modify the encryption key.
■
Authentication Key – Encryption key used to authenticate logon access
for client. Enclose any string containing blank spaces in double quotes.
(Maximum length: 48 characters)
■
Confirm Authentication Key – Re-type the string entered in the previous
field to ensure no errors were made. The switch will not change the
encryption key if these two fields do not match.
◆ TACACS+
■
Global – Provides globally applicable TACACS+ settings.
■
Server Index – Specifies one of five TACACS+ servers that may be
configured. The switch attempts authentication using the listed sequence
of servers. The process ends when a server either approves or denies access
to a user.
■
Server IP Address – Address of the TACACS+ server.
(A Server Index entry must be selected to display this item.)
■
Authentication Server TCP Port – Network (TCP) port of TACACS+ server
used for authentication messages. (Range: 1-65535; Default: 49)
■
Authentication Timeout – The number of seconds the switch waits for a
reply from the TACACS+ server before it resends the request.
(Range: 1-65535; Default: 5)
■
Authentication Retries – Number of times the switch tries to authenticate
logon access via the authentication server. (Range: 1-30; Default: 2)
■
Set Key – Mark this box to set or modify the encryption key.
■
Authentication Key – Encryption key used to authenticate logon access
for client. Enclose any string containing blank spaces in double quotes.
(Maximum length: 48 characters)