8.28 MB - Edge-Core

More documents

Recommendations

Info

3 Configuring the Switch Console#configure Console(config)#authentication login tacacs 4-68 Console(config)#tacacs-server host 10.20.30.40 4-74 Console(config)#tacacs-server port 200 4-74 Console(config)#tacacs-server key green 4-75 Console#show tacacs-server 4-75 Server IP address: 10.20.30.40 Communication key with tacacs server: ***** Server port number: 200 Console(config)# Configuring HTTPS You can configure the switch to enable the Secure Hypertext Transfer Protocol (HTTPS) over the Secure Socket Layer (SSL), providing secure access (i.e., an encrypted connection) to the switch’s web interface. Command Usage • Both the HTTP and HTTPS service can be enabled independently on the switch. However, you cannot configure both services to use the same UDP port. • If you enable HTTPS, you must indicate this in the URL that you specify in your browser: https://device[:port_number] • When you start HTTPS, the connection is established in this way: - The client authenticates the server using the server’s digital certificate. - The client and server negotiate a set of security protocols to use for the connection. - The client and server generate session keys for encrypting and decrypting data. • The client and server establish a secure encrypted connection. A padlock icon should appear in the status bar for Internet Explorer 5.x or above and Netscape Navigator 6.2 or above. • The following web browsers and operating systems currently support HTTPS: Table 3-4 HTTPS System Support Web Browser Operating System Internet Explorer 5.0 or later Windows 98,Windows NT (with service pack 6a), Windows 2000, Windows XP Netscape Navigator 6.2 or later Windows 98,Windows NT (with service pack 6a), Windows 2000, Windows XP, Solaris 2.6 • To specify a secure-site certificate, see “Replacing the Default Secure-site Certificate” on page 3-39. Command Attributes • HTTPS Status – Allows you to enable/disable the HTTPS server feature on the switch. (Default: Enabled) • Change HTTPS Port Number – Specifies the UDP port number used for HTTPS connection to the switch’s web interface. (Default: Port 443) 3-38
User Authentication 3 Web – Click Security, HTTPS Settings. Enable HTTPS and specify the port number, then click Apply. Figure 3-25 HTTPS Settings CLI – This example enables the HTTP secure server and modifies the port number. Console(config)#ip http secure-server 4-30 Console(config)#ip http secure-port 443 4-31 Console(config)# Replacing the Default Secure-site Certificate When you log onto the web interface using HTTPS (for secure access), a Secure Sockets Layer (SSL) certificate appears for the switch. By default, the certificate that Netscape and Internet Explorer display will be associated with a warning that the site is not recognized as a secure site. This is because the certificate has not been signed by an approved certification authority. If you want this warning to be replaced by a message confirming that the connection to the switch is secure, you must obtain a unique certificate and a private key and password from a recognized certification authority. Caution: For maximum security, we recommend you obtain a unique Secure Sockets Layer certificate at the earliest opportunity. This is because the default certificate for the switch is not unique to the hardware you have purchased. When you have obtained these, place them on your TFTP server, and use the following command at the switch's command-line interface to replace the default (unrecognized) certificate with an authorized one: Console#copy tftp https-certificate 4-63 TFTP server ip address: Source certificate file name: Source private file name: Private password: Note: The switch must be reset for the new certificate to be activated. To reset the switch, type: Console#reload 3-39
Page 1:
Powered by Accton ES3526X ES3526X-D
Page 4 and 5:
ES3526X ES3526X-DCPW F2.2.6.9 E0420
Page 6 and 7:
Contents vi Console Port Settings 3
Page 8 and 9:
Contents Configuring IGMP Snooping
Page 10 and 11:
Contents x logging sendmail level 4
Page 12 and 13:
Contents xii capabilities 4-108 flo
Page 14 and 15:
Contents map ip dscp (Interface Con
Page 16 and 17:
Tables Table 4-29 RADIUS Client Com
Page 18 and 19:
Figures Figure 3-43 LACP - Aggregat
Page 20 and 21:
1 Introduction Description of Softw
Page 22 and 23: 1 Introduction Virtual LANs - The s
Page 24 and 25: 1 Introduction Table 1-2 System Def
Page 26 and 27: 1 Introduction 1-8
Page 28 and 29: 2 Initial Configuration • Configu
Page 30 and 31: 2 Initial Configuration Setting Pas
Page 32 and 33: 2 Initial Configuration 5. Wait a f
Page 34 and 35: 2 Initial Configuration 2. Enter th
Page 36 and 37: 3 Configuring the Switch Navigating
Page 38 and 39: 3 Configuring the Switch Main Menu
Page 40 and 41: 3 Configuring the Switch Table 3-2
Page 42 and 43: 3 Configuring the Switch Basic Conf
Page 44 and 45: 3 Configuring the Switch These addi
Page 46 and 47: 3 Configuring the Switch CLI - Ente
Page 48 and 49: 3 Configuring the Switch Using DHCP
Page 50 and 51: 3 Configuring the Switch Downloadin
Page 52 and 53: 3 Configuring the Switch Saving or
Page 60 and 61: 3 Configuring the Switch Remote Log
Page 62 and 63: 3 Configuring the Switch Resetting
Page 64 and 65: 3 Configuring the Switch CLI - This
Page 66 and 67: 3 Configuring the Switch Web - Clic
Page 68 and 69: 3 Configuring the Switch Command At
Page 70 and 71: 3 Configuring the Switch Command At
Page 74 and 75: 3 Configuring the Switch Configurin
Page 76 and 77: 3 Configuring the Switch Generating
Page 80 and 81: 3 Configuring the Switch • If a p
Page 82 and 83: 3 Configuring the Switch • The RA
Page 84 and 85: 3 Configuring the Switch • Re-aut
Page 86 and 87: 3 Configuring the Switch Displaying
Page 88 and 89: 3 Configuring the Switch • IP add
Page 90 and 91: 3 Configuring the Switch The order
Page 96 and 97: 3 Configuring the Switch CLI - This
Page 98 and 99: 3 Configuring the Switch • Max MA
Page 100 and 101: 3 Configuring the Switch CLI - Sele
Page 102 and 103: } } 3 Configuring the Switch CLI -
Page 104 and 105: 3 Configuring the Switch CLI - The
Page 108 and 109: 3 Configuring the Switch Field LACP
Page 112 and 113: 3 Configuring the Switch CLI - The
Page 116 and 117: 3 Configuring the Switch Rate Limit
Page 118 and 119: 3 Configuring the Switch Parameter
Page 122 and 123:
3 Configuring the Switch Web - Clic
Page 124 and 125:
3 Configuring the Switch Changing t
Page 126 and 127:
3 Configuring the Switch informatio
Page 128 and 129:
3 Configuring the Switch • Rapid
Page 130 and 131:
Page 132 and 133:
3 Configuring the Switch Alternate
Page 134 and 135:
3 Configuring the Switch Configurin
Page 136 and 137:
3 Configuring the Switch VLAN Confi
Page 138 and 139:
3 Configuring the Switch these host
Page 140 and 141:
3 Configuring the Switch CLI - Ente
Page 142 and 143:
3 Configuring the Switch Creating V
Page 144 and 145:
3 Configuring the Switch - Untagged
Page 146 and 147:
Page 148 and 149:
3 Configuring the Switch CLI - This
Page 150 and 151:
Page 152 and 153:
Page 154 and 155:
3 Configuring the Switch Class of S
Page 156 and 157:
3 Configuring the Switch Mapping Co
Page 158 and 159:
3 Configuring the Switch Selecting
Page 160 and 161:
3 Configuring the Switch Layer 3/4
Page 162 and 163:
3 Configuring the Switch CLI* - The
Page 164 and 165:
3 Configuring the Switch Mapping IP
Page 166 and 167:
Page 168 and 169:
3 Configuring the Switch Command At
Page 170 and 171:
3 Configuring the Switch CLI - This
Page 172 and 173:
3 Configuring the Switch Assigning
Page 174 and 175:
3 Configuring the Switch 3-140
Page 176 and 177:
4 Command Line Interface To access
Page 178 and 179:
4 Command Line Interface Showing Co
Page 180 and 181:
4 Command Line Interface Exec Comma
Page 182 and 183:
4 Command Line Interface Command Li
Page 184 and 185:
4 Command Line Interface Line Comma
Page 186 and 187:
4 Command Line Interface Example Co
Page 188 and 189:
4 Command Line Interface Command Mo
Page 190 and 191:
4 Command Line Interface Command Us
Page 192 and 193:
4 Command Line Interface disconnect
Page 194 and 195:
4 Command Line Interface Default Se
Page 196 and 197:
4 Command Line Interface The ! comm
Page 198 and 199:
4 Command Line Interface Table 4-7
Page 200 and 201:
4 Command Line Interface • The fa
Page 202 and 203:
4 Command Line Interface • IP add
Page 204 and 205:
Page 206 and 207:
4 Command Line Interface Example
Page 208 and 209:
Page 210 and 211:
Page 212 and 213:
4 Command Line Interface delete pub
Page 214 and 215:
Page 216 and 217:
Page 218 and 219:
Page 220 and 221:
4 Command Line Interface clear logg
Page 222 and 223:
4 Command Line Interface show log T
Page 224 and 225:
4 Command Line Interface logging se
Page 226 and 227:
Page 228 and 229:
Page 230 and 231:
4 Command Line Interface calendar s
Page 232 and 233:
Page 234 and 235:
4 Command Line Interface Related Co
Page 236 and 237:
4 Command Line Interface Frame Size
Page 238 and 239:
4 Command Line Interface • The de
Page 240 and 241:
Page 242 and 243:
Page 244 and 245:
Page 246 and 247:
Page 248 and 249:
4 Command Line Interface TACACS+ Cl
Page 250 and 251:
4 Command Line Interface Port Secur
Page 252 and 253:
Page 254 and 255:
4 Command Line Interface dot1x oper
Page 256 and 257:
4 Command Line Interface dot1x time
Page 258 and 259:
4 Command Line Interface - Max Coun
Page 260 and 261:
4 Command Line Interface Access Con
Page 262 and 263:
Page 264 and 265:
Page 266 and 267:
Page 268 and 269:
4 Command Line Interface MAC ACLs T
Page 270 and 271:
4 Command Line Interface Example Th
Page 272 and 273:
Page 274 and 275:
4 Command Line Interface SNMP Comma
Page 276 and 277:
4 Command Line Interface Related Co
Page 278 and 279:
Page 280 and 281:
Page 282 and 283:
4 Command Line Interface disabled,
Page 284 and 285:
4 Command Line Interface • Avoid
Page 286 and 287:
Page 288 and 289:
Page 290 and 291:
4 Command Line Interface Mirror Por
Page 292 and 293:
4 Command Line Interface Rate Limit
Page 294 and 295:
Page 296 and 297:
Page 298 and 299:
Page 300 and 301:
4 Command Line Interface lacp port-
Page 302 and 303:
4 Command Line Interface Console#sh
Page 304 and 305:
4 Command Line Interface Console#sh
Page 306 and 307:
4 Command Line Interface clear mac-
Page 308 and 309:
4 Command Line Interface Spanning T
Page 310 and 311:
Page 312 and 313:
4 Command Line Interface spanning-t
Page 314 and 315:
Page 316 and 317:
4 Command Line Interface cause forw
Page 318 and 319:
4 Command Line Interface spanning-t
Page 320 and 321:
4 Command Line Interface VLAN Comma
Page 322 and 323:
4 Command Line Interface Configurin
Page 324 and 325:
Page 326 and 327:
4 Command Line Interface switchport
Page 328 and 329:
4 Command Line Interface show vlan
Page 330 and 331:
4 Command Line Interface 3. Use the
Page 332 and 333:
Page 334 and 335:
Page 336 and 337:
Page 338 and 339:
Page 340 and 341:
4 Command Line Interface queue mode
Page 342 and 343:
Page 344 and 345:
Page 346 and 347:
4 Command Line Interface map ip por
Page 348 and 349:
4 Command Line Interface map ip dsc
Page 350 and 351:
4 Command Line Interface Default Se
Page 352 and 353:
Page 354 and 355:
4 Command Line Interface ip igmp sn
Page 356 and 357:
4 Command Line Interface IGMP Query
Page 358 and 359:
4 Command Line Interface ip igmp sn
Page 360 and 361:
Page 362 and 363:
4 Command Line Interface • If you
Page 364 and 365:
4 Command Line Interface show ip re
Page 366 and 367:
4 Command Line Interface 4-192
Page 368 and 369:
A Software Specifications Additiona
Page 370 and 371:
A Software Specifications A-4
Page 372 and 373:
B Troubleshooting Using System Logs
Page 374 and 375:
Glossary GARP VLAN Registration Pro
Page 376 and 377:
Glossary MD5 Message-Digest Algorit
Page 378 and 379:
Glossary User Datagram Protocol (UD
Page 380 and 381:
Index IGMP groups, displaying 3-137
Page 382:
Index W Web interface access requir
show all

8.28 MB - Edge-Core

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?