Home » Dell Manuals » Hubs & Switches » Dell PowerConnect 2848 » Manual Viewer

Dell PowerConnect 2848 User's Guide - Page 95

Configuring Device Switching, Configuring Network Security, Authenticators, Supplicants - support vlan

View all Dell PowerConnect 2848 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 95 highlights

Configuring Device Switching This section provides all system operation and general information for configuring network security, ports, Address tables, GARP, VLANs, Spanning Tree, Port Aggregation, and Multicast Support. Configuring Network Security The device enables network security through both Access Control Lists and Locked Ports. Port Based Authentication (802.1x) Port based authentication enables authenticating system users on a per-port basis via a external server. Only authenticated and approved system users can transmit and receive data. Ports are authenticated via the RADIUS server using the Extensible Authentication Protocol (EAP). Port Authentication includes: • Authenticators - Specifies the port that is authenticated before permitting system access. • Supplicants - Specifies host connected to the authenticated port requesting to access the system services. • Authentication Server - Specifies the external server, for example, the RADIUS server that performs the authentication on behalf of the authenticator, and indicates whether the user is authorized to access system services. Port based authentication creates two access states: • Controlled Access - Permits communication between the user and the system, if the user is authorized. • Uncontrolled Access - Permits uncontrolled communication regardless of the port state. The device currently supports Port Based Authentication via RADIUS servers. Advanced Port Based Authentication Advanced Port Based Authentication enables multiple hosts to be attached to a single port. Advanced Port Based Authentication requires only one host to be authorized for all hosts to have system access. If the port is unauthorized all attached hosts are denied access to the network. Advanced Port Based Authentication also enables user based authentication. Specific VLANs in the device are always available, even if specific ports attached to the VLAN are unauthorized. For example, Voice over IP does not require authentication, while data traffic requires authentication. VLANs for which authorization is not required can be defined. Unauthenticated VLANs are available to users, even if the ports attached to the VLAN are defined as authorized. 7 Update with your book title 95

Section	Page
Dell™ PowerConnect™ 28xx Systems User Guide	1
Contents	3
Introduction	9
System Description	9
PowerConnect 2808	9
PowerConnect 2816	9
PowerConnect 2824	10
PowerConnect 2848	10
Summary of PowerConnect Models	11
Features	11
General Features	11
MAC Address Supported Features	13
Layer 2 Features	13
VLAN Supported Features	14
Spanning Tree Protocol Features	15
Class of Service (CoS) Features	16
Ethernet Switch Management Features	16
Hardware Description	17
Switch Port Configurations	17
PowerConnect 28xx Front and Back Panel Port Description	17
Physical Dimensions	21
LED Definitions	21
Power LED	22
Managed Mode LED	22
Fan LED (2824/2848 only)	22
Port LEDs	22
Managed Mode Button	23
Switch Ventilation Fan	23
Cables, Port Connections, and Pinout Information	24
1000BASE-T Cable Requirements	24
RJ-45 Connections for 10/100/1000BASE-T Ports	24
SFP Ports	25
Power Connectors	26
Internal Power Supply Connector	26
Installing the PowerConnect Device	27
Installation Precautions	27
Site Requirements	28
Unpacking	28
Package Contents	28
Unpacking the Device	28
Mounting the Device	29
Overview	29
Device Rack Installation	29
Installing on a Flat Surface	30
Installing on a Wall	31
Connecting the Device	32
Connecting the Device to the Network	32
Connecting the Terminal to the Device	33
Connecting a Device to a Power Supply	34
Port Connections, Cables, and Pinout Information	35
RJ-45 Connections for 10/100/1000BaseT Ports	35
Port Default Settings	36
Auto-Negotiation	36
MDI/MDIX	36
Flow Control	36
Back Pressure	36
Switching Port Default Settings	37
Starting and Configuring the Device	39
Booting the Device - Managed Mode	40
Initial Configuration - Managed Mode	41
Advanced Configuration	44
Retrieving an IP Address From a DHCP Server	45
Startup Procedures	45
Startup Menu Procedures	45
Software Download	46
Erase FLASH File	46
Erasing the Device Configuration	47
Password Recovery	47
Software Download Through TFTP Server	47
Management Modes	49
Default Values	49
Transitioning Between Modes	50
Returning to Managed Mode	51
Using Dell OpenManage Switch Administrator	53
Understanding the Interface	53
Device Representation	54
Using the Switch Administrator Buttons	55
Information Buttons	55
Device Management Buttons	56
Starting the Application	56
Access Levels	56
Configuring System Information	59
Defining General Device Information	59
Viewing Device Information	59
Viewing the Versions Page	61
Resetting the Device	62
Entering Secure Mode	63
Defining Device IP Addresses	64
Defining IP Interface Parameters	64
Running Cable Diagnostics	65
Viewing Copper Cable Diagnostics	65
Viewing Optical Transceiver Diagnostics	67
Managing Device Security	69
Defining the Local User Databases	69
Configuring RADIUS Global Parameters	71
Defining SNMP Parameters	74
Defining SNMP Global Parameters	75
Defining Communities	76
Defining SNMP Notification Recipients	78
Managing Files	80
Downloading Files	80
Uploading Files	82
Restoring Default Settings	83
Defining DHCP Server Settings	83
Configuring DHCP Properties	84
Defining Network Pool	85
Excluding Addresses	87
Manually Allocating IP Addresses (Static Hosts)	89
Configuring Address Binding	92
Defining Advanced Settings	93
Configuring General Device Parameters	93
Configuring Device Switching	95
Configuring Network Security	95
Configuring Port Based Authentication	96
Configuring Advanced Port Based Authentication	100
Authenticating Users	102
Configuring Ports	103
Defining Port Parameters	103
Aggregating Ports	105
Configuring Green Ethernet	108
Enabling Storm Control	110
Defining Port Mirroring Sessions	112
Configuring Address Tables	114
Viewing Dynamic Addresses	114
Configuring the Spanning Tree Protocol	116
Defining STP Global Settings	116
Defining STP Port Settings	119
Defining STP LAG Settings	122
Configuring Rapid Spanning Tree	124
Configuring VLANs	126
Defining VLAN Members	126
VLAN Port Membership Table	128
Defining VLAN Ports Settings	130
Defining VLAN LAG Settings	131
Aggregating Ports	133
Defining LAG Membership	134
Multicast Forwarding Support	134
Defining Multicast Global Parameters	135
Adding Bridge Multicast Address Members	136
Assigning Multicast Forward All Parameters	138
IGMP Snooping	141
Viewing Statistics	143
Viewing RMON Statistics	144
Viewing RMON Statistics Group	144
Viewing Charts	145
Viewing the CPU Utilization	146
Configuring Quality of Service	147
Defining CoS Global Parameters	149
Defining QoS Interface Settings	150
Defining Queue Settings	151
Mapping CoS Values to Queues	153
Mapping DSCP Values to Queues	154
Managing the Device Using the CLI	157
Accessing the Device Through the CLI	157
Console Connection	157
Telnet Connection	157
Using the CLI	158
Command Mode Overview	158
User EXEC Mode	158
Privileged EXEC Mode	159
Global Configuration Mode	159
Interface Configuration Mode	160
CLI Commands	161
Command: asset-tag	161
Command: copy	161
Command: debug-mode	162
Command: do	163
Command: end	163
Command: exit (configuration)	163
Command: exit (EXEC)	164
Command: help	164
Command: interface ethernet	165
Command: interface port-channel	165
Command: interface vlan	166
Command: ip address	166
Command: ip default-gateway	167
Command: login	167
Command: ping	167
Command: reload	169
Command: show tech-support command	169
Command: snmp-server community	171
Command: username	172
Glossary	173

Match case Limit results 1 per page

Update with your book title

Configuring Device Switching

This section provides all system operation and general information for configuring network security,

ports, Address tables, GARP, VLANs, Spanning Tree, Port Aggregation, and Multicast Support.

Configuring Network Security

The device enables network security through both Access Control Lists and Locked Ports.

Port Based Authentication (802.1x)

Port based authentication enables authenticating system users on a per-port basis via a external

server. Only authenticated and approved system users can transmit and receive data. Ports are

authenticated via the RADIUS server using the Extensible Authentication Protocol (EAP). Port

Authentication includes:

•

Authenticators

— Specifies the port that is authenticated before permitting system access.

•

Supplicants

— Specifies host connected to the authenticated port requesting to access the system

services.

•

Authentication Server

— Specifies the external server, for example, the RADIUS server that

performs the authentication on behalf of the authenticator, and indicates whether the user is

authorized to access system services.

Port based authentication creates two access states:

•

Controlled Access

— Permits communication between the user and the system, if the user is

authorized.

•

Uncontrolled Access

— Permits uncontrolled communication regardless of the port state.

The device currently supports Port Based Authentication via RADIUS servers.

Advanced Port Based Authentication

Advanced Port Based Authentication enables multiple hosts to be attached to a single port.

Advanced Port Based Authentication requires only one host to be authorized for all hosts to have

system access. If the port is unauthorized all attached hosts are denied access to the network.

Advanced Port Based Authentication also enables user based authentication. Specific VLANs in the

device are always available, even if specific ports attached to the VLAN are unauthorized. For

example, Voice over IP does not require authentication, while data traffic requires authentication.

VLANs for which authorization is not required can be defined. Unauthenticated VLANs are

available to users, even if the ports attached to the VLAN are defined as authorized.