XGS-5240-Series User Manual

ManualsBrandsPLANET Technology ManualsLAN SwitchesLayer 2+ 24-Port 10G SFP+ + 2-Port 40G QSFP+ Stackable Managed Switch

391

392

393

394

395

396

397

398

399

400

Table Of Contents

Chapter 1 INTRODUCTION
- 1.1 Packet Contents
- 1.2 Product Description
- 1.3 Product Features
- 1.4 Product Specifications
Chapter 2 INSTALLATION
- 2.1 Hardware Description
- 2.2 Switch Installation
Chapter 3 witch Management
- 3.1 Management Options
  - 3.1.1 Out-Of-Band Management
  - 3.1.2 In-band Management
- 3.2 CLI Interface
Chapter 4 Basic Switch Configuration
- 4.1 Basic Configuration
- 4.2 Telnet Management
  - 4.2.1 Telnet
    - 1.1.1.9 Introduction to Telnet
    - 1.1.1.10 Telnet Configuration Task List
  - 4.2.2 SSH
- 4.3 Configure Switch IP Addresses
  - 4.3.1 Switch IP Addresses Configuration Task List
- 4.4 SNMP Configuration
- 4.5 Switch Upgrade
Chapter 5 File System Operations
- 5.1 Introduction to File Storage Devices
- 5.2 File System Operation Configuration Task list
- 5.3 Typical Applications
- 5.4 Troubleshooting
Chapter 6 Cluster Configuration
- 6.1 Introduction to cluster network management
- 6.2 Cluster Network Management Configuration Sequence
- 6.3 Examples of Cluster Administration
- 6.4 Cluster Administration Troubleshooting
Chapter 7 USB Function Configuration
- 7.1 Introduction
- 7.2 USB Function Configuration List
- 7.3 USB Function Examples
- 7.4 USB Function Troubleshooting
Chapter 8 Device Management
- 8.1 Device Management Brief
- 8.2 Device Management Configuration
  - 8.2.1 Monitor and Debug Task
Chapter 9 Port Configuration
- 9.1 Introduction to Port
- 9.2 Network Port Configuration Task List
- 9.3 Port Configuration Example
- 9.4 Port Troubleshooting
Chapter 10 Port Isolation Function Configuration
- 10.1 Introduction to Port Isolation Function
- 10.2 Task Sequence of Port Isolation
- 10.3 Port Isolation Function Typical Examples
Chapter 11 Port Loopback Detection Function Configuration
- 11.1 Introduction to Port Loopback Detection Function
- 11.2 Port Loopback Detection Function Configuration Task List
- 11.3 Port Loopback Detection Function Example
- 11.4 Port Loopback Detection Troubleshooting
Chapter 12 ULDP Function Configuration
- 12.1 Introduction to ULDP Function
- 12.2 ULDP Configuration Task Sequence
- 12.3 ULDP Function Typical Examples
- 12.4 ULDP Troubleshooting
Chapter 13 LLDP Function Operation Configuration
- 13.1 Introduction to LLDP Function
- 13.2 LLDP Function Configuration Task Sequence
- 13.3 LLDP Function Typical Example
- 13.4 LLDP Function Troubleshooting
Chapter 14 Port Channel Configuration
- 14.1 Introduction to Port Channel
- 14.2 Brief Introduction to LACP
  - 14.2.1 Static LACP Aggregation
  - 14.2.2 Dynamic LACP Aggregation
- 14.3 Introduction to Load balance
- 14.4 Port Channel Configuration Task List
- 14.5 Port Channel Examples
- 14.6 Troubleshooting
  - 14.6.1 Port Channel Troubleshooting
  - 14.6.2 Load Balance Troubleshooting
Chapter 15 MTU Configuration
- 15.1 Introduction to MTU
- 15.2 MTU Configuration Task Sequence
Chapter 16 bpdu-tunnel-protocol Configuration
- 16.1 Introduction to bpdu-tunnel-protocol
  - 16.1.1 bpdu-tunnel-protocol function
  - 16.1.2 Background of bpdu-tunnel-protocol
- 16.2 bpdu-tunnel-protocol Configuration Task List
- 16.3 Examples of bpdu-tunnel-protocol
- 16.4 bpdu-tunnel-protocol Troubleshooting
Chapter 17 DDM Configuration
- 17.1 Introduction to DDM
  - 17.1.1 Brief Introduction to DDM
  - 17.1.2 DDM Function
- 17.2 DDM Configuration Task List
- 17.3 Examples of DDM
- 17.4 DDM Troubleshooting
Chapter 18 EFM OAM Configuration
- 18.1 Introduction to EFM OAM
- 18.2 EFM OAM Configuration
- 18.3 EFM OAM Example
- 18.4 EFM OAM Troubleshooting
Chapter 19 LLDP-MED
- 19.1 Introduction to LLDP-MED
- 19.2 LLDP-MED Configuration Task Sequence
- 19.3 LLDP-MED Example
- 19.4 LLDP-MED Troubleshooting
Chapter 20 PORT SECURITY
- 20.1 Introduction to PORT SECURITY
- 20.2 PORT SECURITY Configuration Task List
- 20.3 Example of PORT SECURITY
- 20.4 PORT SECURITY Troubleshooting
Chapter 21 QSFP+ Port Split and Combination Configuration
- 21.1 Introduction to QSFP+ Port Split and Combination Configuration
- 21.2 QSFP+ Port Configuration
- 21.3 Typical Case of QSFP+ Port Configuration
- 21.4 QSFP+ Port Configuration Troubleshooting
Chapter 22 VLAN Configuration
- 22.1 VLAN Configuration
- 22.2 GVRP Configuration
- 22.3 Dot1q-tunnel Configuration
- 22.4 VLAN-translation Configuration
- 22.5 Dynamic VLAN Configuration
- 22.6 Voice VLAN Configuration
- 22.7 Super VLAN Configuration
Chapter 23 MAC Table Configuration
- 23.1 Introduction to MAC Table
  - 23.1.1 Obtaining MAC Table
  - 23.1.2 Forward or Filter
- 23.2 Mac Address Table Configuration Task List
- 23.3 Typical Configuration Examples
- 23.4 MAC Table Troubleshooting
- 23.5 MAC Notification Configuration
Chapter 24 MSTP Configuration
- 24.1 Introduction to MSTP
- 24.2 MSTP Configuration Task List
- 24.3 MSTP Example
- 24.4 MSTP Troubleshooting
Chapter 25 QoS Configuration
- 25.1 Introduction to QoS
- 25.2 QoS Configuration Task List
- 25.3 QoS Example
- 25.4 QoS Troubleshooting
Chapter 26 PBR Configuration
- 26.1 Introduction to PBR
- 26.2 PBR Configuration
- 26.3 PBR Examples
Chapter 27 IPv6 PBR Configuration
- 27.1 Introduction to PBR (Policy-based Router)
- 27.2 PBR Configuration Task Sequence
- 27.3 PBR Examples
- 27.4 PBR Troubleshooting Help
Chapter 28 Flow-based Redirection
- 28.1 Introduction to Flow-based Redirection
- 28.2 Flow-based Redirection Configuration Task Sequence
- 28.3 Flow-based Redirection Examples
- 28.4 Flow-based Redirection Troubleshooting Help
Chapter 29 Egress QoS Configuration
- 29.1 Introduction to Egress QoS
  - 29.1.1 Egress QOS Terms
  - 29.1.2 Basic Egress QoS Model
- 29.2 Egress QoS Configuration
- 29.3 Egress QoS Examples
- 29.4 Egress QoS Troubleshooting Help
Chapter 30 Flexible QinQ Configuration
- 30.1 Introduction to Flexible QinQ
- 30.2 Flexible QinQ Configuration Task List
- 30.3 Flexible QinQ Example
- 30.4 Flexible QinQ Troubleshooting
Chapter 31 Layer 3 Management Configuration
- 31.1 Layer 3 Management Interface
  - 31.1.1 Introduction to Layer 3 Management Interface
  - 31.1.2 Layer 3 Interface Configuration Task List
- 31.2 IP Configuration
- 31.3 ARP
Chapter 32 ARP Scanning Prevention Function Configuration
- 32.1 Introduction to ARP Scanning Prevention Function
- 32.2 ARP Scanning Prevention Configuration Task Sequence
- 32.3 ARP Scanning Prevention Typical Examples
- 32.4 ARP Scanning Prevention Troubleshooting Help
Chapter 33 Prevent ARP, ND Spoofing Configuration
- 33.1 Overview
- 33.2 Prevent ARP, ND Spoofing configuration
- 33.3 Prevent ARP, ND Spoofing Example
Chapter 34 ARP GUARD Configuration
- 34.1 Introduction to ARP GUARD
- 34.2 ARP GUARD Configuration Task List
Chapter 35 Gratuitous ARP Configuration
- 35.1 Introduction to Gratuitous ARP
- 35.2 Gratuitous ARP Configuration Task List
- 35.3 Gratuitous ARP Configuration Example
- 35.4 Gratuitous ARP Troubleshooting
Chapter 36 DHCP Configuration
- 36.1 Introduction to DHCP
- 36.2 DHCP Server Configuration
- 36.3 DHCP Relay Configuration
- 36.4 DHCP Configuration Examples
- 36.5 DHCP Troubleshooting
Chapter 37 DHCPv6 Configuration
- 37.1 Introduction to DHCPv6
- 37.2 DHCPv6 Server Configuration
- 37.3 DHCPv6 Relay Delegation Configuration
- 37.4 DHCPv6 Prefix Delegation Server Configuration
- 37.5 DHCPv6 Prefix Delegation Client Configuration
- 37.6 DHCPv6 Configuration Examples
- 37.7 DHCPv6 Troubleshooting
Chapter 38 DHCP option 82 Configuration
- 38.1 Introduction to DHCP option 82
  - 38.1.1 DHCP option 82 Message Structure
  - 38.1.2 option 82 Working Mechanism
- 38.2 DHCP option 82 Configuration Task List
- 38.3 DHCP option 82 Application Examples
- 38.4 DHCP option 82 Troubleshooting
Chapter 39 DHCPv6 option37, 38
- 39.1 Introduction to DHCPv6 option37, 38
- 39.2 DHCPv6 option37, 38 Configuration Task List
- 39.3 DHCPv6 option37, 38 Examples
  - 39.3.1 DHCPv6 Snooping option37, 38 Example
  - 39.3.2 DHCPv6 Relay option37, 38 Example
- 39.4 DHCPv6 option37, 38 Troubleshooting
Chapter 40 DHCP Snooping Configuration
- 40.1 Introduction to DHCP Snooping
- 40.2 DHCP Snooping Configuration Task Sequence
- 40.3 DHCP Snooping Typical Application
- 40.4 DHCP Snooping Troubleshooting Help
  - 40.4.1 Monitor and Debug Information
  - 40.4.2 DHCP Snooping Troubleshooting Help
Chapter 41 DHCP option 60 and option 43
- 41.1 Introduction to DHCP option 60 and option 43
- 41.2 DHCP option 60 and option 43 Configuration Task List
- 41.3 DHCPv6 option 60 and option 43 Example
- 41.4 DHCP option 60 and option 43 Troubleshooting
Chapter 42 IPv4 Multicast Protocol
- 42.1 IPv4 Multicast Protocol Overview
- 42.2 IGMP
- 42.3 IGMP Snooping
- 42.4 IGMP Proxy Configuration
Chapter 43 IPv6 Multicast Protocol
- 43.1 MLD
- 43.2 MLD Snooping
Chapter 44 Multicast VLAN
- 44.1 Introductions to Multicast VLAN
- 44.2 Multicast VLAN Configuration Task List
- 44.3 Multicast VLAN Examples
Chapter 45 ACL Configuration
- 45.1 Introduction to ACL
- 45.2 ACL Configuration Task List
- 45.3 ACL Example
- 45.4 ACL Troubleshooting
Chapter 46 Self-defined ACL Configuration
- 46.1 Introduction to Self-defined ACL
  - 46.1.1 Standard Self-defined ACL Template
  - 46.1.2 Digital Self-defined ACL
- 46.2 Self-defined ACL Configuration
- 46.3 Self-defined ACL Example
- 46.4 Self-defined ACL Troubleshooting
Chapter 47 802.1x Configuration
- 47.1 Introduction to 802.1x
- 47.2 802.1x Configuration Task List
- 47.3 802.1x Application Example
- 47.4 802.1x Troubleshooting
Chapter 48 The Number Limitation Function of MAC and IP in Port, VLAN Configuration
- 48.1 Introduction to the Number Limitation Function of MAC and IP in Port, VLAN
- 48.2 The Number Limitation Function of MAC and IP in Port, VLAN Configuration Task Sequence
- 48.3 The Number Limitation Function of MAC and IP in Port, VLAN Typical Examples
- 48.4 The Number Limitation Function of MAC and IP in Port, VLAN Troubleshooting Help
Chapter 49 Operational Configuration of AM Function
- 49.1 Introduction to AM Function
- 49.2 AM Function Configuration Task List
- 49.3 AM Function Example
- 49.4 AM Function Troubleshooting
Chapter 50 Security Feature Configuration
- 50.1 Introduction to Security Feature
- 50.2 Security Feature Configuration
- 50.3 Security Feature Example
Chapter 51 TACACS+ Configuration
- 51.1 Introduction to TACACS+
- 51.2 TACACS+ Configuration Task List
- 51.3 TACACS+ Scenarios Typical Examples
- 51.4 TACACS+ Troubleshooting
Chapter 52 RADIUS Configuration
- 52.1 Introduction to RADIUS
  - 52.1.1 AAA and RADIUS Introduction
  - 52.1.2 Message structure for RADIUS
- 52.2 RADIUS Configuration Task List
- 52.3 RADIUS Typical Examples
  - 52.3.1 IPv4 Radius Example
  - 52.3.2 IPv6 RadiusExample
- 52.4 RADIUS Troubleshooting
Chapter 53 SSL Configuration
- 53.1 Introduction to SSL
  - 53.1.1 Basic Element of SSL
- 53.2 SSL Configuration Task List
- 53.3 SSL Typical Example
- 53.4 SSL Troubleshooting
Chapter 54 IPv6 Security RA Configuration
- 54.1 Introduction to IPv6 Security RA
- 54.2 IPv6 Security RA Configuration Task Sequence
- 54.3 IPv6 Security RA Typical Examples
- 54.4 IPv6 Security RA Troubleshooting Help
Chapter 55 VLAN-ACL Configuration
- 55.1 Introduction to VLAN-ACL
- 55.2 VLAN-ACL Configuration Task List
- 55.3 VLAN-ACL Configuration Example
- 55.4 VLAN-ACL Troubleshooting
Chapter 56 MAB Configuration
- 56.1 Introduction to MAB
- 56.2 MAB Configuration Task List
- 56.3 MAB Example
- 56.4 MAB Troubleshooting
Chapter 57 PPPoE Intermediate Agent Configuration
- 57.1 Introduction to PPPoE Intermediate Agent
  - 57.1.1 Brief Introduction to PPPoE
  - 57.1.2 Introduction to PPPoE IA
- 57.2 PPPoE Intermediate Agent Configuration Task List
- 57.3 PPPoE Intermediate Agent Typical Application
- 57.4 PPPoE Intermediate Agent Troubleshooting
Chapter 58 SAVI Configuration
- 58.1 Introduction to SAVI
- 58.2 SAVI Configuration
- 58.3 SAVI Typical Application
- 58.4 SAVI Troubleshooting
Chapter 59 Captive Portal Authentication
- 59.1 Captive Portal Authentication Configuration
- 59.2 Accounting Function Configuration
- 59.3 Free-resource Configuration
- 59.4 Authentication White-list Configuration
- 59.5 Automatic Page Pushing after Successful Authentication (it is not supported currently)
- 59.6 http-redirect-filter
- 59.7 Portal Non-perception
- 59.8 Portal Escaping
  - 59.8.1 Portal Server Escaping
  - 59.8.2 Radius Server Escaping
Chapter 60 VRRP Configuration
- 60.1 Introduction to VRRP
- 60.2 VRRP Configuration Task List
- 60.3 VRRP Typical Examples
- 60.4 VRRP Troubleshooting
Chapter 61 IPv6 VRRPv3 Configuration
- 61.1 Introduction to VRRPv3
  - 61.1.1 The Format of VRRPv3 Message
  - 61.1.2 VRRPv3 Working Mechanism
- 61.2 VRRPv3 Configuration
  - 61.2.1 Configuration Task Sequence
- 61.3 VRRPv3 Typical Examples
- 61.4 VRRPv3 Troubleshooting
Chapter 62 MRPP Configuration
- 62.1 Introduction to MRPP
- 62.2 MRPP Configuration Task List
- 62.3 MRPP Typical Scenario
- 62.4 MRPP Troubleshooting
Chapter 63 ULPP Configuration
- 63.1 Introduction to ULPP
- 63.2 ULPP Configuration Task List
- 63.3 ULPP Typical Examples
  - 63.3.1 ULPP Typical Example1
  - 63.3.2 ULPP Typical Example2
- 63.4 ULPP Troubleshooting
Chapter 64 ULSM Configuration
- 64.1 Introduction to ULSM
- 64.2 ULSM Configuration Task List
- 64.3 ULSM Typical Example
- 64.4 ULSM Troubleshooting
Chapter 65 Mirror Configuration
- 65.1 Introduction to Mirror
- 65.2 Mirror Configuration Task List
- 65.3 Mirror Examples
- 65.4 Device Mirror Troubleshooting
Chapter 66 RSPAN Configuration
- 66.1 Introduction to RSPAN
- 66.2 RSPAN Configuration Task List
- 66.3 Typical Examples of RSPAN
- 66.4 RSPAN Troubleshooting
Chapter 67 SNTP Configuration
- 67.1 Introduction to SNTP
- 67.2 Typical Examples of SNTP Configuration
Chapter 68 NTP Function Configuration
- 68.1 Introduction to NTP Function
- 68.2 NTP Function Configuration Task List
- 68.3 Typical Examples of NTP Function
- 68.4 NTP Function Troubleshooting
Chapter 69 DNSv4/v6 Configuration
- 69.1 Introduction to DNS
- 69.2 DNSv4/v6 Configuration Task List
- 69.3 Typical Examples of DNS
- 69.4 DNS Troubleshooting
Chapter 70 Summer Time Configuration
- 70.1 Introduction to Summer Time
- 70.2 Summer Time Configuration Task Sequence
- 70.3 Examples of Summer Time
- 70.4 Summer Time Troubleshooting
Chapter 71 Monitor and Debug
- 71.1 Ping
- 71.2 Ping6
- 71.3 Traceroute
- 71.4 Traceroute6
- 71.5 Show
- 71.6 Debug
- 71.7 System log
Chapter 72 Reload Switch after Specified Time
- 72.1 Introduce to Reload Switch after Specifid Time
- 72.2 Reload Switch after Specifid Time Task List
Chapter 73 Debugging and Diagnosis for Packets Received and Sent by CPU
- 73.1 Introduction to Debugging and Diagnosis for Packets Received and Sent by CPU
- 73.2 Debugging and Diagnosis for Packets Received and Sent by CPU Task List
Chapter 74 VSF
- 74.1 Overview
- 74.2 Relevant VSF Configuration
- 74.3 Typical VSF Example
- 74.4 VSF Troubleshooting
Chapter 75 SWITCH OPERATION
- 75.1 Address Table
- 75.2 Learning
- 75.3 Forwarding & Filtering
- 75.4 Store-and-Forward
- 75.5 Auto-Negotiation
Chapter 76 TROUBLESHOOTING
Chapter 77 APPENDIX A
- 77.1 A.1 Switch's RJ45 Pin Assignments
- 77.2 A.2 10/100Mbps, 10/100BASE-TX
Chapter 78 GLOSSARY

Configuration Guide of XGS-5240-Series

47-10

Fig 3-10 the Authentication Flow of 802.1x EAP-TLS

3. EAP-TTLS Authentication Method

EAP-TTLS is a product of the cooperation of Funk Software and Certicom. It can p

rovide an authentication as strong as that provided by EAP-TLS, but without requiring u

sers to have their own digital certificate. The only request is that the Radius server sho

uld have a digital certificate. The authentication of users’ identity is implemented with p

asswords transmitted in a safely encrypted tunnel established via the certificate of the a

uthentication server. Any kind of authentication request including EAP, PAP and MS-CH

APV2 can be transmitted within TTLS tunnels.

4. PEAP Authentication Method

EAP-PEAP is brought up by Cisco, Microsoft and RAS Security as a recommended