Home » Netgear Manuals » Hubs & Switches » Netgear GS748Tv4 » Manual Viewer

Netgear GS748Tv4 GS748Tv4 Software Administration Manual - Page 161

Certificate Download, SSL Version 3, TLS Version 1, Maximum Number of HTTPS Sessions, Cancel, Apply

Add to My Manuals
Save this manual to your list of manuals

Page 161 highlights

GS748T Smart Switch Software Administration Manual 1. Use the radio buttons in the HTTPS Admin Mode field to enable or disable the Administrative Mode of Secure HTTP. The currently configured value is shown when the Web page is displayed. The default value is Disable. You can only download SSL certificates when the HTTPS Admin mode is disabled. 2. Use the radio buttons in the SSL Version 3 field to enable or disable Secure Sockets Layer Version 3.0. The currently configured value is shown when the Web page is displayed. The default value is Enable. 3. Use the radio buttons in the TLS Version 1 field to enable or disable Transport Layer Security Version 1.0. The currently configured value is shown when the Web page is displayed. The default value is Enable. 4. In the HTTPS Port field, specify the TCP port to use for HTTPS data. The value must be in the range of 1-65535. Port 443 is the default value. The currently configured value is shown when the Web page is displayed. 5. In the HTTPS Session Soft Timeout field, specify the number of minutes an HTTPS session can be idle before a timeout occurs. After the session is inactive for the configured amount of time, the administrator is automatically logged out and must re-enter the password to access the management interface. A value of zero corresponds to an infinite timeout. The default value is 5 minutes. The currently configured value is shown when the Web page is displayed. 6. In the HTTPS Session Hard Timeout field, specify the number of hours an HTTPS session can remain active, regardless of session activity. The value must be in the range of (1-168) hours. The default value is 24 hours. The currently configured value is shown when the Web page is displayed. 7. In the Maximum Number of HTTPS Sessions field, specify the maximum number of HTTPS sessions that can be open at the same time. The value must be in the range of (0-2). The default value is 2. The currently configured value is shown when the Web page is displayed. 8. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 9. If you make changes to the page, click Apply to apply the changes to the system. Certificate Download For the Web server on the switch to accept HTTPS connections from a management station, the Web server needs a public key certificate. You can generate a certificate externally (for example, off-line) and download it to the switch. To display the Certificate Download page, click Security > Access, and then click the HTTPS > Certificate Download link. Downloading SSL Certificates Before you download a file to the switch, the following conditions must be true: • The file to download from the TFTP server is on the server in the appropriate directory. Chapter 5: Managing Device Security | 161

Section	Page
GS748T Smart Switch	1
Table of Contents	3
1. Getting Started	9
Getting Started with the GS748T Smart Switch	10
Switch Management Interface	11
Connecting the Switch to the Network	12
Switch Discovery in a Network with a DHCP Server	13
Switch Discovery in a Network without a DHCP Server	15
Configuring the Network Settings on the Administrative System	16
Web Access	18
Smart Control Center Utilities	19
Network Utilities	19
Configuration Upload and Download	20
Firmware Upgrade	22
Viewing and Managing Tasks	24
Understanding the User Interfaces	25
Using the Web Interface	25
Using SNMP	30
Interface Naming Convention	31
2. Configuring System Information	33
Management	34
System Information	34
IP Configuration	35
IPv6 Network Configuration	37
IPv6 Network Neighbor	39
Time	40
Denial of Service	45
DNS	48
Green Ethernet Configuration	51
SNMP	52
SNMPV1/V2	52
Trap Flags	55
SNMP v3 User Configuration	56
LLDP	58
LLDP Configuration	58
LLDP Port Settings	59
LLDP-MED Network Policy	61
LLDP-MED Port Settings	62
Local Information	64
Neighbors Information	66
Services — DHCP Filtering	71
DHCP Filtering Configuration	71
Interface Configuration	72
3. Configuring Switching Information	75
Ports	76
Port Configuration	76
Flow Control	77
Link Aggregation Groups	79
LAG Configuration	79
LAG Membership	81
LACP Configuration	82
LACP Port Configuration	83
VLANs	84
VLAN Configuration	84
VLAN Membership Configuration	85
Port VLAN ID Configuration	87
Voice VLAN	89
Voice VLAN Properties	89
Voice VLAN Port Setting	90
Voice VLAN OUI	91
Auto-VoIP Configuration	93
Spanning Tree Protocol	94
STP Switch Configuration	94
CST Configuration	96
CST Port Configuration	98
CST Port Status	99
Rapid STP	101
MST Configuration	101
MST Port Configuration	103
STP Statistics	105
Multicast	107
Auto-Video Configuration	107
IGMP Snooping	107
IGMP Snooping Querier	116
Forwarding Database	120
MAC Address Table	120
Dynamic Address Configuration	122
Static MAC Address	123
4. Configuring Quality of Service	125
Class of Service	126
Basic CoS Configuration	126
CoS Interface Configuration	127
Interface Queue Configuration	129
802.1p to Queue Mapping	130
DSCP to Queue Mapping	131
Differentiated Services	133
Defining DiffServ	133
Diffserv Configuration	134
Class Configuration	135
Policy Configuration	138
Service Configuration	143
Service Statistics	144
5. Managing Device Security	147
Management Security Settings	148
Change Password	148
RADIUS Configuration	149
Configuring TACACS+	154
Authentication List Configuration	157
Configuring Management Access	159
HTTP Configuration	159
Secure HTTP Configuration	160
Certificate Download	161
Access Profile Configuration	163
Access Rule Configuration	164
Port Authentication	166
802.1X Configuration	166
Port Authentication	168
Port Summary	172
Traffic Control	173
MAC Filter Configuration	173
MAC Filter Summary	175
Storm Control	175
Port Security Configuration	177
Port Security Interface Configuration	178
Security MAC Address	179
Protected Ports Membership	180
Configuring Access Control Lists	181
ACL Wizard	181
MAC ACL	182
MAC Rules	183
MAC Binding Configuration	185
MAC Binding Table	186
IP ACL	187
IP Rules	189
IP Extended Rules	190
IP Binding Configuration	194
IP Binding Table	195
6. Monitoring the System	197
Ports	198
Switch Statistics	198
Port Statistics	200
Port Detailed Statistics	201
EAP Statistics	208
Cable Test	209
System Logs	211
Memory Logs	211
FLASH Log Configuration	213
Server Log Configuration	214
Trap Logs	216
Event Logs	218
Port Mirroring	219
Multiple Port Mirroring	219
7. Maintenance	221
Reset	222
Device Reboot	222
Factory Default	222
Upload File From Switch	224
TFTP File Upload	224
HTTP File Upload	225
Download File To Switch	227
TFTP File Download	227
HTTP File Download	229
File Management	231
Dual Image Configuration	231
Dual Image Status	232
Troubleshooting	234
Ping	234
Ping IPv6	235
Traceroute	236
8. Help	239
Online Help	239
Support	239
User Guide	240
A. Hardware Specifications and Default Values	242
GS748T Smart Switch Specifications	242
GS748T Switch Features and Defaults	243
B. Configuration Examples	247
Virtual Local Area Networks (VLANs)	248
VLAN Example Configuration	249
Access Control Lists (ACLs)	250
MAC ACL Example Configuration	250
Standard IP ACL Example Configuration	252
Differentiated Services (DiffServ)	253
Class	253
DiffServ Traffic Classes	254
Creating Policies	254
DiffServ Example Configuration	255
802.1X	258
802.1X Example Configuration	259
MSTP	261
MSTP Example Configuration	262
C. Notification of Compliance	266

Match case Limit results 1 per page

Chapter 5:

Managing Device Security

161

GS748T Smart Switch Software Administration Manual

Use the radio buttons in the

HTTPS Admin Mode

field to enable or disable the

Administrative Mode of Secure HTTP.

The currently configured value is shown when the Web page is displayed. The default

value is Disable. You can only download SSL certificates when the HTTPS Admin mode

is disabled.

Use the radio buttons in the

SSL Version 3

field to enable or disable Secure Sockets Layer

Version 3.0. The currently configured value is shown when the Web page is displayed. The

default value is Enable.

Use the radio buttons in the

TLS Version 1

field to enable or disable Transport Layer

Security Version 1.0. The currently configured value is shown when the Web page is

displayed. The default value is Enable.

In the

HTTPS Port

field, specify the TCP port to use for HTTPS data. The value must be in

the range of 1–65535. Port 443 is the default value. The currently configured value is shown

when the Web page is displayed.

In the

HTTPS Session Soft Timeout

field, specify the number of minutes an HTTPS

session can be idle before a timeout occurs.

After the session is inactive for the configured amount of time, the administrator is

automatically logged out and must re-enter the password to access the management

interface. A value of zero corresponds to an infinite timeout. The default value is 5

minutes. The currently configured value is shown when the Web page is displayed.

In the

HTTPS Session Hard Timeout

field, specify the number of hours an HTTPS session

can remain active, regardless of session activity. The value must be in the range of (1–168)

hours. The default value is 24 hours. The currently configured value is shown when the Web

page is displayed.

In the

Maximum Number of HTTPS Sessions

field, specify the maximum number of

HTTPS sessions that can be open at the same time. The value must be in the range of

(0–2). The default value is 2. The currently configured value is shown when the Web page is

displayed.

Click

Cancel

to cancel the configuration on the screen and reset the data on the screen to

the latest value of the switch.

If you make changes to the page, click

Apply

to apply the changes to the system.

Certificate Download

For the Web server on the switch to accept HTTPS connections from a management station,

the Web server needs a public key certificate. You can generate a certificate externally (for

example, off-line) and download it to the switch.

To display the Certificate Download page, click

Security

Access, and then click the HTTPS

Certificate Download

link.

Downloading SSL Certificates

Before you download a file to the switch, the following conditions must be true:

•

The file to download from the TFTP server is on the server in the appropriate directory.