Optionally, set the timeout period for aging learned MAC entries. Policy Configuration Example A CoS of 8 Create a policy role that applies a CoS 8 to data VLAN 10 and configures it to rate-limit traffic to 200,000 kbps with a moderate priority of 5. You can also use the show commands described in Reviewing and Enabling Spanning Tree on page 15-20 to review information related to all Spanning Tree protocol activity. To start configuration, you want to connect the switch console to PuTTY. Configuring MSTP Defining Edge Port Status By default, edge port status is disabled on all ports. Configuring OSPF Interfaces OSPF is disabled by default and must be enabled on routing interfaces with the ip ospf enable command in interface configuration mode. (For example: security or traffic broadcast containment). 3. Ctrl+E Move cursor to end of line. Creates a policy profile for the phones and a policy rule that maps tagged frames on the user ports to that policy profile. Downloading New Firmware or just want to verify the contents of the images directory, refer to Deleting a Backup Image File on page 1-5 for more information. Telnet Enabled inbound and outbound. Using Multicast in Your Network Generation ID gen id: 1331801871 10.5.40.0/255.255.255.0 [2] via neighbor: 10.5.50.1 Uptime: 66704 , expires: 0 version: 3 Generation ID gen id: 1331805217 10.5.50.0/255.255.255.0 [0] via neighbor: direct 10.5.51.0/255.255.255.0 [0] via neighbor: direct direct direct Uptime: 3615 , expires: 0 version: 3 10.5.70.0/255.255.255.0 [3] via neighbor: Uptime: 66716 , expires: 0 version: 3 10.5.60.0/255.255.255. Create an SNMPv3 user and specify authentication, encryption, and security credentials. Getting Help The following icons are used in this guide: Note: Calls the readers attention to any item of information that may be of special importance. Terms and Definitions LoopProtect Lock status for port lag.0.2, SID 56_ is UNLOCKED Enterasys->show spantree lpcapablepartner port lag.0.2 Link partner of port lag.0.2_is LoopProtect-capable. For both DVMRP and PIM-SM for IPv4 to operate, IGMP must be enabled. Procedure 24-1 Configuring IPv4 Standard and Extended ACLs Step Task 1. While Enterasys Discovery Protocol and Cisco Discovery Protocol are vendor-specific protocols, LLDP is an industry standard (IEEE 802.1AB), vendor-neutral protocol. Thisexampleshowshowtodisplaythelinkflapparameterstable: Tabl e 74providesanexplanationoftheshowlinkflapparameterscommandoutput. The default setting is auto. 1.2 IP phone ge. If there is still a tie, these ports are connected via a shared medium. (This feature is not configurable on the G-Series. (Optional) Specify the method the Enterasys device uses to detect connected PDs. Usethiscommandtoenableordisableportwebauthentication. Senders use RPs to announce their existence, and receivers use RPs to learn about new senders of a group. The PVID determines the VLAN to which all untagged frames received on the port will be classified. * or ge.1.1-48) assign egress vlan: set vlan egress X ge.1.x untagged STP Operation Rapid Spanning Tree Operation Rapid Spanning Tree (RSTP) optimizes convergence in a properly configured network by significantly reducing the time to reconfigure the networks active topology when physical topology or configuration parameter changes occur. DHCPv6 Configuration Relay Remote ID Option Flags Procedure 25-7 on page 25-17 describes the tasks to configure a Fixed Switch interface as a DHCPv6 server. set snmp community community_name 2. User Authentication Overview password configured on the switch to the authentication server. When operating in unicast mode, optionally change the number of poll retries to a unicast SNTP server. 6. This example assumes that VLAN 10 has already been configured for routing. Set the SNMP target address for notification message generation. Table 25-9 show ipv6 ospf neighbor Output Details, Overview of Authentication and Authorization Methods. Authentication can be either clear text or encrypted MD5. Any router with a priority of 0 will opt out of the DR election process. RESTRICTIONS. The Enterasys Fixed Switches support neighbor advertise and solicit, duplicate address detection, and unreachability detection. For information on changing these default settings, refer to Chapter 5, User Account and Password Management. Configuring RIP Configure a RIP authentication key for use on the interface. , ./ `. (8) When it no longer wants to receive the stream, Host 2 can do one of the following: - Send a leave message to Router 2. Thisexampleshowshowtodisplaymultipleauthenticationsystemconfiguration: Configuring User + IP Phone Authentication. 4. Procedure 25-1 Configuring IPv6 Management Step Task Command(s) 1. Thisexampledisplaystheneighborsinthecache. (Optional) Verify the new settings. Bookmark File PDF Enterasys C2g124 24 User Guide Manuals & User Guides. 11 Configuring Link Aggregation This chapter describes how to configure link aggregation on the fixed switch platforms. By default, security audit logging is disabled. Interface-specific parameters are configured with variations of the Spanning Tree port configuration commands. access-list ipv6 name {deny | permit} protocol {srcipv6-addr/ prefix-length | any} [eq port] {dstipv6-addr/prefix-length | any} [eq port] [dscp dscp] [flow-label label-value] [assign-queue queue-id] 4. In this way, both upstream and downstream facing ports are protected. Chapter 2: Configuring Switches in a Stack, Chapter 6: Discovery Protocol Configuration, Chapter 14: Logging and Network Management, Appendix A: Policy and Authentication Capacities. Thisexampleshowshowtodisplaythelinkflapmetricstable: Table 7-4 show linkflap parameters Output Details, Table 7-5 show linkflap metrics Output Details, Using SNMP Contexts to Access Specific MIBs. Configuring PIM-SM Basic PIM-SM Configuration By default, PIM-SM is disabled globally on Enterasys fixed switches and attached interfaces. Quality of Service Overview queue 2 has access to its percentage of time slices, and so on round robin. Neighbor Discovery Overview connected neighbors. For multiple user 802.1x authentication or any non-802.1x authentication, set the system authentication mode to use multiple authenticators simultaneously. See Configuring OSPF Areas on page 22-8 for additional discussion of OSPF area configuration. DHCP Snooping ------set system service-acl my-sacl deny ip-source 192.168.10.10 mask 255.255.255.255 service ssh priority 1 set system service-acl my-sacl permit port ge.1.1 priority 2 set system service-acl my-sacl permit port ge.1.2 priority 3 set system service-acl my-sacl permit ip-source 10.10.22. ThisexampleshowshowtodisplayallOSPFrelatedinformationfortheVLAN6interface: Tabl e 209providesanexplanationoftheshowippimsminterfacevlancommandoutput. Using Multicast in Your Network 2. Spanning Trees primary goal is to ensure a fully connected, loop-free topology. Display the access entity index values. Cisco Nexus 5000 Series NX-OS Software Configuration Guide. User Account Overview Procedure 5-2 on page 5-4 shows how a super-user creates a new super-user account and assigns it as the emergency access account. If the port is configured so that it is connected to a switching device known to implement Loop Protect, it uses full functional (enhanced) mode. The Class of Service capability of the device is implemented by a priority queueing mechanism. Therefore, a value of 7 is given the highest priority. A value of 0x06 indicates that the tunneling medium pertains to 802 media (including Ethernet) Tunnel-Private-Group-ID attribute indicates the group ID for a particular tunneled session. DHCP Configuration DHCP Configuration on a Non-Routing System The following procedure provides basic DHCP server functionality when the DHCP pool is associated with the systems host IP address. Note: If this switch will be added to an existing stack, you should install the primary and backup firmware versions that are currently installed on the stack units. ThisexampleshowshowtodisplayOSPFdatabasesummaryinformation. OSPF adjacencies can not be formed on a passive interface. Disable WebView and show the current state. The RP router, for the group, is selected by using the hash algorithm defined in RFC 2362. 1.4 IP switch Discovery MIB Port Device ge. DHCP Configuration IP Address Pools IP address pools must be configured for both automatic and manual IP address allocation by a DHCP server. Configuring Policy Table 16-4 Non-Edge Protocols (continued) Protocol Policy Effect Web Server Protocol Stop malicious proxies and application-layer attacks by ensuring only the right Web servers can connect from the right location at the right time, by blocking HTTP on the source port for this device. If two supplies are installed in redundant mode, system power redundancy is guaranteed if one supply fails. Multicast Operation Multicast allows a source to send a single copy of data using a single IP address from a welldefined range for an entire group of recipients (a multicast group). Note: You must be logged in to the Enterasys device with read-write access rights to use the commands shown in this procedure. Globally: Disabled. Additional Configuration Tasks current.log Deleting a Backup Image File Since the stackable and standalone switches can store only two firmware images at a time, you may have to delete a backup image, if one exists, before you can manually download a new firmware image. 1. Refer to page ACL Configuration Overview Inserting a new ACL rule entry into an ACL Moving an ACL rule to a new location in an ACL Apply the ACL to VLAN interfaces, to ports, or to Link Aggregation ports. Find out what model of switch you are upgrading and what is current version of firmware running on the switch. Enterasys devices allow up to 8 server IP addresses to be configured as destinations for Syslog messages. Security audit logging is enabled or disabled with the command set logging local. show tacacs session {authorization | accounting} [state] Displays only the current status for TACACS+ per-command authorization and accounting. priority Sets which ports continue to receive power in a low power situation. Syslog Components and Their Use Table 14-1 14-4 Syslog Terms and Definitions (continued) Term Definition Enterays Usage Syslog server A remote server configured to collect and store Syslog messages. Configuring ACLs Port-string ----------ge.1.29 Access-list ----------121 Configuring ACLs This section provides procedures and examples for configuring IPv4, IPv6, and MAC ACLs. . Licensing Procedure in a Stack Environment. Switch Configuration Using WebView; Switch Configuration Using CLI Commands; 3. RMON There are only three Filter Entries available, and a user can associate all three Filter Entries with the Channel Entry. Policy Configuration Overview QoS configuration details are beyond the scope of this chapter. Optionally, change the encryption type. Table 26-3 lists the logging commands that require different user access permissions when the security mode is set to C2. Display the current settings for the Management Authentication Notification MIB. Refer to page Spanning Tree Basics underlying physical ports. See Table 11-2 on page 11-7 for a description of port parameters. In router configuration mode, optionally enable route redistribution of non-RIP protocol routes. Display the MAC addresses in the switchs filtering database (FID). RMON Table 18-1 RMON Group Event RMON Monitoring Group Functions and Commands (continued) What It Does What It Monitors CLI Command(s) Controls the generation and notification of events from the device.