Home » Dell Manuals » Hubs & Switches » Dell PowerConnect 5448 » Manual Viewer

Dell PowerConnect 5448 User's Guide - Page 247

The following table summarizes the equivalent CLI commands for enabling the port based

View all Dell PowerConnect 5448 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 247 highlights

Enabling Port Based Authentication Using the CLI Commands The following table summarizes the equivalent CLI commands for enabling the port based authentication as displayed in the Port Based Authentication page. Table 7-1. Port Authentication CLI Commands CLI Command Description aaa authentication dot1x default method1 [method2.] Specifies one or more authentication, authorization, and accounting (AAA) methods for use on interfaces running IEEE 802.1X. dot1x auth-not-req Enables authorized devices access to the VLAN. dot1x guest-vlan Defines a Guest VLAN. dot1x guest vlan enable Enables authorized users on the inteface to access the Guest VLAN. dot1x mac-authentication Enables authentication based on the station's MAC address (MAC based authentication). dot1x max-req count Sets the maximum number of times that the device sends an EAP to the client, before restarting the authentication process. dot1x re-authenticate [ethernet interface] Manually initiates a re-authentication of all 802.1X-enabled ports or the specified 802.1X-enabled port. dot1x re-authentication Enables periodic re-authentication of the client. dot1x timeout quiet-period seconds Sets the number of seconds that the device remains in the quiet state following a failed authentication exchange. dot1x timeout re-authperiod seconds Sets the number of seconds between re-authentication attempts. dot1x timeout server-timeout seconds Sets the time for the retransmission of packets to the authentication server. dot1x timeout supp-timeout seconds Sets the time for the retransmission of an EAP request frame to the client. dot1x timeout tx-period seconds Sets the number of seconds that the device waits for a response to an EAP - request/identity frame, from the client, before resending the request. dot1x traps mac-authentication failure Enables sending traps when the MAC address failed authenticaiton (MAC based authentication). dot1x radius-attribues vlan Enables user-based VLAN assignment. show dot1x [ethernet interface] Displays 802.1X status for the device or for the specified interface. show dot1x advanced Displays 802.1X advanced features for the switch or specified interface. show dot1x users [username username] Displays 802.1X users for the device. Configuring Device Information 247

Section	Page
User Guide	1
Introduction	13
PowerConnect 54xx Series Systems	13
Features	14
General Features	14
MAC Address Supported Features	15
Layer 2 Features	16
VLAN Supported Features	17
Spanning Tree Protocol Features	18
Link Aggregation	18
Layer 3 Features	19
Quality of Service Features	19
Device Management Features	20
Security Features	21
Locked Port Support	22
Additional CLI Documentation	23
Hardware Description	25
Device Port Configurations	25
PowerConnect 54xx Series Systems Front Panel Port Description	25
PowerConnect Back Panel Port Description	26
Device Ports	26
Physical Dimensions	27
LED Definitions	27
Port LEDs	27
System LEDs	28
Hardware Components	29
Power Supplies	29
Reset Button	30
Ventilation System	30
Installing the PowerConnect Device	31
Installation Precautions	31
Site Requirements	32
Unpacking	32
Package Contents	32
Unpacking the Device	32
Mounting the Device	33
Overview	33
Mounting the System	33
Installing the Device without a Rack	34
Connecting the Device	34
Connecting a Device to a Terminal	34
Connecting a Device to a Power Supply	36
Port Connections, Cables, and Pinout Information	36
RJ-45 Connections for 10/100/1000BaseT Ports	36
Port Default Settings	37
Auto-Negotiation	37
MDI/MDIX	38
Flow Control	38
Back Pressure	38
Switching Port Default Settings	38
Starting and Configuring the Device	39
Configure the Terminal	40
Booting the Device	40
Initial Configuration	43
Advanced Configuration	47
Retrieving an IP Address From a DHCP Server	47
Receiving an IP Address From a BOOTP Server	49
Security Management and Password Configuration	49
Configuring Security Passwords	50
Configuring an Initial Terminal Password	50
Configuring an Initial Telnet Password	50
Configuring an Initial SSH Password	51
Configuring an Initial HTTP Password	51
Configuring an Initial HTTPS Password	51
Configuring Login Banners	52
Startup Procedures	52
Startup Menu Procedures	52
Software Download	54
Erase FLASH File	54
Erasing the Device Configuration	54
Password Recovery	54
Software Download Through TFTP Server	55
Using Dell OpenManage Switch Administrator	59
Understanding the Interface	59
Device Representation	60
Using the Switch Administrator Buttons	61
Information Buttons	61
Device Management Buttons	61
Starting the Application	62
Accessing the Device Through the CLI	62
Console Connection	62
Telnet Connection	62
Using the CLI	63
Command Mode Overview	63
User EXEC Mode	63
Privileged EXEC Mode	64
Global Configuration Mode	64
Interface Configuration Mode	65
CLI Examples	66
Configuring System Information	67
Defining General Device Information	67
Viewing Device Information	67
Defining System Time Settings	71
Viewing System Health Information	77
Viewing the Versions Page	79
Resetting the Device	80
Configuring SNTP Settings	81
Defining SNTP Global Parameters	82
Defining SNTP Authentication Methods	84
Defining SNTP Servers	86
Defining SNTP Interfaces	91
Managing Logs	93
Defining Global Log Parameters	93
Displaying RAM Log Table	97
Displaying the Log File Table	99
Viewing the Device Login History	101
Configuring the Remote Log Server Settings Page	102
Defining Device IP Addresses	107
Configuring the Internet Protocol Version 6 (IPv6)	107
Defining IPv4 Default Gateways	108
Defining IPv4 Interfaces	109
Defining DHCP IPv4 Interface Parameters	113
Defining IPv6 Interfaces	115
Defining IPv6 Default Gateway	120
Defining IPv6 ISATAP Tunnels	123
Defining IPv6 Neighbors	125
Viewing the IPv6 Routes Table	129
Configuring Domain Name Systems	132
Defining Default Domains	135
Mapping Domain Host	136
Configuring ARP	139
Running Cable Diagnostics	142
Viewing Copper Cable Diagnostics	142
Viewing Optical Transceiver Diagnostics	145
Managing Device Security	147
Defining Access Profiles	147
Adding an Access Profile	149
Defining Authentication Profiles	154
Assigning Authentication Profiles	157
Managing Passwords	161
Viewing Active Users	164
Defining the Local User Databases	165
Defining Line Passwords	168
Defining Enable Passwords	170
Defining TACACS+ Settings	171
Configuring RADIUS Global Parameters	176
Configuring LLDP and LLDP-MED	181
Defining LLDP Properties	182
Configuring LLDP Using CLI Commands	183
Defining LLDP Port Settings	183
Defining LLDP MED Network Policy	186
Defining LLDP MED Port Settings	188
Viewing the LLDP Neighbors Information	192
Defining SNMP Parameters	194
Defining SNMP Global Parameters	194
Defining SNMP View Settings	197
Adding a View	199
Defining SNMP Views Using CLI Commands	200
Defining SNMP Access Control	200
Defining SNMP Groups	202
Displaying the Access Table	202
Removing SNMP Groups	203
Defining SNMP Access Control Using CLI Commands	203
Assigning SNMP User Security	203
Adding Users to a Group	205
Displaying the User Security Model Table	206
Deleting an User Security Model Table Entry	206
Defining Communities	207
Defining Notification Filters	212
Defining SNMP Notification Recipients	214
Managing Files	220
File Management Overview	220
Downloading Files	221
Uploading Files	224
Copying Files	227
Managing Device Files	229
Defining Advanced Settings	230
Configuring General Device Tuning Parameters	231
Optimizing iSCSI	232
Configuring iSCSI Global Parameters	232
Defining iSCSI Global Parameters Using CLI Commands	234
Managing iSCSI Targets	236
Defining iSCSI Targets Using CLI Commands	237
Monitoring iSCSI Sessions	238
Defining iSCSI Sessions Using CLI Commands	239
Configuring Device Information	241
Configuring Network Security	241
Configuring Advanced Port Based Authentication	248
Authenticating Users	251
Configuring Port Security	252
ACL Overview	256
Defining MAC Based Access Control Lists	263
Defining ACL Binding	267
Configuring DHCP Snooping	269
Defining DHCP Snooping on VLANs	272
Defining Trusted Interfaces	273
Adding Interfaces to the DHCP Snooping Database	275
Configuring Ports	278
Defining Port Parameters	278
Configuring Load Balancing	284
Enabling Storm Control	289
Defining Port Mirroring Sessions	292
Configuring Address Tables	295
Viewing Dynamic Addresses	298
Configuring GARP	301
Configuring the Spanning Tree Protocol	303
Defining STP Port Settings	308
Defining STP LAG Settings	312
Configuring Rapid Spanning Tree	314
Configuring Multiple Spanning Tree	317
Defining MSTP Interface Settings	321
Configuring VLANs	323
Defining VLAN Ports Settings	331
Defining VLAN LAG Settings	334
Defining VLAN Protocol Groups	337
Adding Protocol Ports	339
Configuring GVRP	340
Configuring Voice VLANs	343
Defining Voice VLAN Port Settings	347
Defining OUIs	349
Aggregating Ports	351
Defining LAG Membership	354
Multicast Forwarding Support	355
Adding Bridge Multicast Address Members	358
Assigning Multicast Forward All Parameters	362
IGMP Snooping	366
Unregistered Multicast	371
Viewing Statistics	375
Viewing Tables	375
Viewing Utilization Summary	375
Viewing Counter Summary	376
Viewing Interface Statistics	377
Viewing Etherlike Statistics	380
Viewing GVRP Statistics	383
Viewing EAP Statistics	387
Viewing RMON Statistics	389
Viewing RMON Statistics Group	389
Viewing RMON History Control Statistics	392
Viewing the RMON History Table	394
Defining Device RMON Events	396
Viewing the RMON Events Log	399
Defining RMON Device Alarms	401
Viewing Charts	404
Viewing Port Statistics	404
Viewing LAG Statistics	406
Viewing the CPU Utilization	409
Viewing CPU Utilization Using CLI Commands	410
Configuring Quality of Service	411
Defining CoS Global Parameters	413
Defining QoS Interface Settings	414
Defining Bandwidth Settings	416
Defining Queue Settings	419
Mapping CoS Values to Queues	422
Mapping DSCP Values to Queues	423
Device Specifications	427
Port and Cable Specifications	427
Port Specifications	427
Operating Conditions	428
Physical Device Specifications	428
Device Memory Specifications	428
Feature Specifications	429
VLAN	429
Quality of Service	429
Layer 2 Multicast	429
Device Security	429
Additional Switching Features	430
Device Management	430

Match case Limit results 1 per page

Configuring Device Information

247

Enabling Port Based Authentication Using the CLI Commands

The following table summarizes the equivalent CLI commands for enabling the port based

authentication as displayed in the

Port Based Authentication

page.

Table 7-1.

Port Authentication CLI Commands

CLI Command

Description

aaa authentication dot1x default

method1

[

method2

Specifies one or more authentication, authorization, and accounting (AAA)

methods for use on interfaces running IEEE 802.1X.

dot1x auth-not-req

Enables authorized devices access to the VLAN.

dot1x guest-vlan

Defines a Guest VLAN.

dot1x guest vlan enable

Enables authorized users on the inteface to access the Guest VLAN.

dot1x mac-authentication

Enables authentication based on the station’s MAC address (MAC based

authentication).

dot1x max-req

count

Sets the maximum number of times that the

device

sends an EAP to the

client, before restarting the authentication process.

dot1x re-authenticate

[

ethernet

interface

]

Manually initiates a re-authentication of all 802.1X-enabled ports or the

specified 802.1X-enabled port.

dot1x re-authentication

Enables periodic re-authentication of the client.

dot1x timeout quiet-period

seconds

Sets the number of seconds that the

device

remains in the quiet state

following a failed authentication exchange.

dot1x timeout re-authperiod

seconds

Sets the number of seconds between re-authentication attempts.

dot1x timeout server-timeout

seconds

Sets the time for the retransmission of packets to the authentication server.

dot1x timeout supp-timeout

seconds

Sets the time for the retransmission of an EAP request frame to the client.

dot1x timeout tx-period

seconds

Sets the number of seconds that the

device

waits for a response to an

EAP - request/identity frame, from the client, before resending the request.

dot1x traps mac-authentication

failure

Enables sending traps when the MAC address failed authenticaiton

(MAC based authentication).

dot1x radius-attribues vlan

Enables user-based VLAN assignment.

show dot1x

[

ethernet

interface

]

Displays 802.1X status for the

device

or for the specified interface.

show dot1x advanced

Displays 802.1X advanced features for the switch or specified interface.

show dot1x users

[

username

]

Displays 802.1X users for the

device