User manual
Table Of Contents
- Introduction
- Product Overview
- Installation and Quick Startup
- Package Contents
- Switch Installation
- Installing the Switch in a Rack
- Quick Starting the Switch
- System Information Setup
- Quick Start up Software Version Information
- Quick Start up Physical Port Data
- Quick Start up User Account Management
- Quick Start up IP Address
- Quick Start up Uploading from Switch to Out-of-Band PC
- Quick Start up Downloading from Out-of-Band PC to Switch
- Quick Start up Downloading from TFTP Server
- Quick Start up Factory Defaults
- Console and Telnet Administration Interface
- Web-Based Management Interface
- Command Line Interface Structure and Mode-based CLI
- Switching Commands
- System Information and Statistics commands
- Device Configuration Commands
- Interface
- L2 MAC Address and Multicast Forwarding Database Tables
- VLAN Management
- Double VLAN commands
- GVRP and Bridge Extension
- IGMP Snooping
- IGMP Snooping Querier
- MLD Snooping
- MLD Snooping Querier
- Port Channel
- Storm Control
- L2 Priority
- Port Mirror
- Link State
- Port Backup
- FIP Snooping
- Enhanced Transmission Selection (ETS)
- Congestion Notification
- Management Commands
- Spanning Tree Commands
- System Log Management Commands
- Script Management Commands
- User Account Management Commands
- Security Commands
- CDP (Cisco Discovery Protocol) Commands
- SNTP (Simple Network Time Protocol) Commands
- MAC-Based Voice VLAN Commands
- LLDP (Link Layer Discovery Protocol) Commands
- Denial Of Service Commands
- VTP (VLAN Trunking Protocol) Commands
- Protected Ports Commands
- Static MAC Filtering Commands
- System Utilities
- DHCP Snooping Commands
- IP Source Guard (IPSG) Commands
- Dynamic ARP Inspection (DAI) Command
- Differentiated Service Command
- ACL Command
- IPv6 ACL Command
- CoS (Class of Service) Command
- Domain Name Server Relay Commands
- Routing Commands
- IP Multicast Commands
- IPv6 Commands
- Web-Based Management Interface
- Overview
- System Menu
- View ARP Cache
- Viewing Inventory Information
- Configuring Management Session and Network Parameters
- Defining Forwarding Database
- Viewing Logs
- Managing Switch Interface
- Defining sFlow
- Defining SNMP
- Viewing Statistics
- Managing System Utilities
- Managing CDP Function
- Defining Trap Manager
- Configuring SNTP
- Defining DHCP Client
- Defining DNS Relay Function
- Switching Menu
- Managing DHCP Snooping
- Managing IP Source Guard (IPSG)
- Managing Dynamic ARP Inspection (DAI)
- Managing Filters
- Managing Port-based VLAN
- Managing Protected Ports
- Managing Protocol-based VLAN
- Managing IP Subnet-based VLAN
- Managing MAC-based VLAN
- Managing MAC-based Voice VLAN
- Managing Voice VLAN
- Defining GARP
- Managing IGMP Snooping
- Managing IGMP Snooping Querier
- Managing MLD Snooping
- Managing MLD Snooping Querier
- Managing Port-Channel
- Viewing Multicast Forwarding Database
- Managing Spanning Tree
- Defining 802.1p priority
- Managing Port Security
- Managing LLDP
- Managing LLDP-MED
- Managing VTP
- Managing Link State
- Managing Port-Backup
- Managing FIP-Snooping
- Routing Menu
- Security Menu
- IPv6 Menu
- Configuring IPv6 Global Configuration Page
- Configuring IPv6 Interface Configuration Page
- Viewing IPv6 Interface Summary Page
- Viewing IPv6 Interface Statistics Page
- Viewing IPv6 Neighbor Table Information Page
- Viewing IPv6 Static Neighbor Table Information Page
- Managing OSPFv3 Protocol
- Managing IPv6 Routes
- Managing RIPv6
- QOS Menu
- IPv4 Multicast Menu
- IPv6 Multicast Menu
- 240 -
Protocol Version: The protocol version associated with this port. The only possible value is 1,
corresponding to the first version of the dot1x specification.
PAE Capabilities: The port access entity (PAE) functionality of this port. Possible values are
Authenticator or Supplicant.
Control Mode - The configured control mode for this port. Possible values are force-unauthorized,
force-authorized, auto and mac-based.
Authenticator PAE State: Current state of the authenticator PAE state machine. Possible values are
Initialize, Disconnected, Connecting, Authenticating, Authenticated, Aborting, Held, ForceAuthorized,
and ForceUnauthorized.
Backend Authentication State: Current state of the backend authentication state machine. Possible
values are Request, Response, Success, Fail, Timeout, Idle, and Initialize.
Quiet Period: The timer used by the authenticator state machine on this port to define periods of time
in which it will not attempt to acquire a supplicant. The value is expressed in seconds and will be in the
range of 0 to 65535.
Transmit Period: The timer used by the authenticator state machine on the specified port to
determine when to send an EAPOL EAP Request/Identity frame to the supplicant. The value is
expressed in seconds and will be in the range of 1 to 65535.
Guest VLAN ID: The guest VLAN identifier configured on the interface.
Guest VLAN Period: The timer used by authenticator state machine on this port.
Supplicant Timeout: The timer used by the authenticator state machine on this port to timeout the
supplicant. The value is expressed in seconds and will be in the range of 1 to 65535.
Server Timeout: The timer used by the authenticator on this port to timeout the authentication
server. The value is expressed in seconds and will be in the range of 1 to 65535.
Maximum Requests: The maximum number of times the authenticator state machine on this port will
retransmit an EAPOL EAP Request/Identity before timing out the supplicant. The value will be in the
range of 1 to 10.
Vlan ID: The VLAN assigned to the port by the radius server.
VLAN Assigned Reason: The reason the VLAN identified in the VLAN-assigned field has been
assigned to the port. Possible values are RADIUS, Unauthenticated VLAN, Guest VLAN, default, and
Not Assigned. When the VLAN Assigned Reason is ‘Not Assigned’t, it means that the port has not
been assigned to any VLAN by dot1x.
Reauthentication Period: The timer used by the authenticator state machine on this port to
determine when reauthentication of the supplicant takes place. The value is expressed in seconds
and will be in the range of 1 to 65535.
Reauthentication Enabled: Indicates if reauthentication is enabled on this port. Possible values are
True or False.
Key Transmission Enabled: Indicates if the key is transmitted to the supplicant for the specified
port. Possible values are True or False.
Control Direction: Indicates the control direction for the specified port or ports. Possible values are
both or in.
Maximum Users - The maximum number of clients that can get authenticated on the port in the
MAC-based dot1x authentication mode.
Unauthenticated VLAN ID - Indicates the unauthenticated VLAN configured for this port.
Session Timeout - Indicates the time for which the given session is valid. The time period in seconds
is returned by the RADIUS server on authentication of the port.
Session Termination Action - This value indicates the action to be taken once the session timeout
expires. Possible values are Default, Radius-Request. If the value is Default, the session is