Any of the management interfaces, including VLAN routing interfaces, can be configured as the source IP address used in packets generated by the TACACS+ client. OSPF adjacencies can not be formed on a passive interface. SNTP Configuration b. Refer to Table 4-7 on page 4-20 for default DHCP server settings. 3. trap | inform3 Unsolicited message sent by an SNMP agent to an SNMP manager when an event has occurred. Link Aggregation Control Protocol (LACP) is described in Chapter 11, Configuring Link Aggregation. Stackable Switches Configuration Guide Firmware Version 6.03.xx.xxxx P/N 9034313-07. i Notice Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site without prior notice. RSTP provides rapid connectivity following the failure of a switching device, switch port, or the addition of a switch into the network. Configured and maintained VPN products for establish IPsec (L2L . The port with the best path is selected as the root port. Create a community name. Table 14-7 show sntp Output Details, Table 15-1 RMON Monitoring Group Functions and Commands (Continued), Table 18-1 Enabling the Switch for Routing, Table 18-2 Router CLI Configuration Modes. Because the admin key settings for physical ports 7 and 8 do not agree with any LAG admin key setting on the device, ports 7 and 8 can not be part of any LAG. By default, every bridge will have a FID-to-SID mapping that equals VLAN FID 1/SID 0. priority Sets which ports continue to receive power in a low power situation. See Procedure 20-2 on page 20-4. ip address ip-address ip-mask [secondary] 2. System contact Set to empty string. Configuring Authentication Optionally Enable Guest Network Privileges With PWA enhanced mode enabled, you can optionally configure guest networking privileges. Table 11-5 describes how to display link aggregation information and statistics. Minimally configures RADIUS, 802.1x, and MAC authentication. set snmp view viewname securedviewname subtree 1 set snmp view viewname securedviewname subtree 0.0 set snmp view viewname unsecuredviewname subtree 1 set snmp view viewname unsecuredviewname subtree 0.0 6. IP interfaces Disabled with no IP addresses specified. The directed broadcast address includes the network or subnet fields, with the binary bits of the host portion of the address set to one. Optionally, save the configuration to a backup file named myconfig in the configs directory and copy the file to your computer using TFTP. Both ends of the cable are isolated with transformers blocking any DC or common mode voltage on the signal pair. Note: When configuring any string or name parameter input for any command, do not use any letters with diacritical marks (an ancillary glyph added to a letter). For example, set logging local console enable would not execute without also specifying file enable or disable. ToenableandconfiguretheOpenShortestPathFirst(OSPF)routingprotocol. set telnet {enable | disable} [inbound | outbound | all] Inbound = Telnet to the switch from a remote device Outbound = Telnet to other devices from the switch 2. IPv6 Routing Configuration the MTU value for the tunnel interfaces was reduced by 20 octets, to allow for the basic IPv4 headers added to IPv6 packets. In order to provide a default set of network resources to communicate over HTTP, policy must be set to only allow DHCP, ARP, DNS, and HTTP. On the Enterasys switch, define the same user as in the above example (v3user) with this EngineID and with the same Auth/Priv passwords you used previously. Figure 3-2 provides an example. A packet is either forwarded (a permit rule) or not forwarded (a deny rule) according to the first rule that is matched. Guest networking allows an administrator to specify a set of credentials that will, by default, appear on the PWA login page of an end station when a user attempts to access the network. Configuring Switches in a Stack, About SecureStack C3 Switch Operation in a Stack, Installing a New Stackable System of Up to Eight Units, Installing Previously-Configured Systems in a Stack, Adding a New Unit to an Existing Stack UsethiscommandtodisplayIPv6routingtableinformationforactiveroutes. Each area has its own link-state database. Three ICMP probes will be transmitted for each hop between the source and the traceroute destination. Create a new read-write or read-only user login account and enable it. MAC lock traps Specifies whether SNMP traps associated with MAC locking will be sent. set dhcpsnooping trust port port-string enable 4. sFlow Configuring Poller and Sampler Instances A poller instance performs counter sampling on the data source to which it is configured. Notice Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site without prior notice. Managing Switch Configuration and Files Caution: If you do not follow the steps above, you may lose remote connectivity to the switch. Guide the actions of Level 1 and Level 2 teams focus on configuration changes, software updates, and preventive/ corrective maintenance, define and develop together with Management team, the initial performance procedures that should be used by the NOC. 1.2 PC ge. All generated messages are eligible for logging to local destinations and to remote servers configured as Syslog servers. set dhcpsnooping vlan vlan-list enable 3. Table 24-2 Output of show ipv6 dhcp statistics Command (Continued). Configuring OSPF Areas 0 to 4294967295. Policy Configuration Overview QoS configuration details are beyond the scope of this chapter. Understanding and Configuring Loop Protect Valid values are 065535 seconds. IPv6 Routing Configuration Enabling an Interface for IPv6 Routing In addition to enabling an interface for routing, you must enable unicast routing on the switch with the ipv6 unicast-routing command in global router configuration mode. An authentication key has to be trusted to be used with an SNTP server. Assign to queue assign the packet to a queue Note: Unlike other Fixed Switch platforms, A4 ACLs are not terminated with an implicit deny all rule. Using Multicast in Your Network DVMRP routing is implemented on Enterasys devices as specified in RFC 1075 and draft-ietf-idmrdvmrp-v3-10.txt. Stand Alone (SSA) Switch Hardware Installation Guide SSA-T4068-0252 SSA-T1068-0652 SSA-G1018-0652. To clear the MultiAuth authentication mode. Basic PIM-SM configuration includes the following steps: 1. I have over twenty years of experience working in the Information Systems Management field. set garp timer {[join timer-value] [leave timer-value] [leaveall timer-value]} port-string Caution: The setting of GARP timers is critical and should only be changed by personnel familiar with 802.1Q standards. Example PoE Configuration A PoE-compliant G-Series device is configured as follows: One 400W power supply is installed. Important Notice Depending on the firmware version used on your Fixed Switch platform, some features described in this document may not be supported. Use clear license to remove an applied license from a switch. Premium Edge The S-Series Edge Switch will be rate-limited using a configured CoS that is applied to the services and phoneES policy role. This configuration requires a charging circuit to charge the DC capacitors of the modules in a controlled way. This example assumes that you havent any preconfigured community names or access rights. Switch Configuration Using CLI Commands Guidelines for Rackmount Installation Attaching Brackets and Installing in Rack About SecureStack Switch Operation in a Stack 44 Recommended Procedures to Install New and Existing Stacks Installing a New Stackable System of Up to Eight Switches Adding a New Switch to an Existing Stack Important Notice Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site without prior notice. Chapter 19, Configuring Multicast Configure VRRP. A new root port may forward as soon as any recent root ports are put into blocking. S, K, and 7100 Series CLI Reference Guide for Version 8.41 Aug 2015 You can also use the show commands described in Reviewing and Enabling Spanning Tree on page 15-20 to review information related to all Spanning Tree protocol activity. DHCPv6 Configuration DHCPv6 Pool: pool22 Static Bindings: Binding for Client 00:01:00:06:99:a3:ff:11:22:33:44:55:66:77 IA PD: IA ID not specified, Prefix: 3001:2222::/48 Preferred Lifetime infinite, Valid Lifetime infinite Static Bindings: Binding for Client 00:01:00:06:99:a3:ff:11:22:33:44:55:66:77 IA PD: IA ID not specified, Prefix: 3001:3333::/48 Preferred Lifetime infinite, Valid Lifetime infinite DNS Server: 2001:DB8:222:111::10 DNS Server: 2001:DB8:4444:5555::20 Domain Name: enterasys. Syslog Components and Their Use The following sections provide greater detail on modifying key Syslog components to suit your enterprise. Use the show spantree mstcfgid command to determine MSTI configuration identifier information, and whether or not there is a misconfiguration due to non-matching configuration identifier components: This example shows how to display MSTI configuration identifier information. 1. Refer to the CLI Reference for your platform for details about the commands listed below. Management Authentication Notification MIB Functionality Refer to the CLI Reference for your platform for detailed information about the commands listed below in Procedure 5-4. . Terms and Definitions LoopProtect Lock status for port lag.0.2, SID 56_ is UNLOCKED Enterasys->show spantree lpcapablepartner port lag.0.2 Link partner of port lag.0.2_is LoopProtect-capable. Disabled MAC lock Syslog messages Specifies whether Syslog messages associated with MAC locking will be sent. TodisplayordeleteswitchARPtableentries,andtodisplayMACaddressinformation. show snmp counters Display SNMP engine properties. OSPF routes IP packets based solely on the destination IP address found in the IP packet header. The default setting is auto. A dependent downstream device on a pruned branch restarts. RIP Configuration Example Table 21-2 lists the default RIP configuration values. 6 Firmware Image and File Management This chapter describes how to download and install a firmware image file and how to save and display the system configuration as well as manage files on the switch. Enter router interface configuration command mode for the specified interface from global configuration command mode. 1 Setting Up a Switch for the First Time This chapter describes how to configure an Enterasys stackable or standalone Fixed Switch received from the factory that has not been previously configured. To enable an interface, including VLAN, tunnel, and loopback interfaces, for IPv6 routing, in router interface configuration mode: Use the ipv6 address command to configure a global IPv6 address on an interface. Thisexampleshowshowtodisplay802.1Xstatus: Thisexampleshowshowtodisplayauthenticationdiagnosticsinformationforge.1.1: Thisexampleshowshowtodisplayauthenticationstatisticsforge.1.1: ThisexampleshowshowtodisplayMACauthenticationinformationforge.2.1through8: Tabl e 263providesanexplanationofthecommandoutput. Spanning Tree Basics The MSTP enabled network may contain any combination of Single Spanning Tree (SST) regions and Multiple Spanning Tree (MST) regions. 100 Procedure 18-1 describes how to configure RMON. Configure user authentication. IPv6 Routing Configuration Router R2 R2(su)->router R2(su)->router>enable R2su)->router#configure Enter configuration commands: R2(su)->router(Config)#interface vlan 20 R2(su)->router(Config-if(Vlan 20))#ip address 195.167.20.1 255.255.255.0 R2(su)->router(Config-if(Vlan 20))#no shutdown R2(su)->router(Config-if(Vlan 20))#exit R2(su)->router(Config)#interface tunnel 10 R2(su)->router(Config-if(Tnnl 101))#ipv6 address 2001:db8:111:1::20/127 R2(su)->router(Config-if(Tnnl 101))#tunnel source 195.167.20. Terms and Definitions Configuring Dynamic Policy Assignment Configure the RADIUS server user accounts with the appropriate information using the Filter-ID attribute for faculty role members and devices. Configuring PoE Stackable B5 and C5 Devices Procedure 7-2 PoE Configuration for Stackable B5 and C5 Devices Step Task Command(s) 1. Configuring PIM-SM PIM-SM is an advanced routing feature that must be enabled with a license key. (B3 platforms only) EAPOL Disabled. Enabling IGMP globally on the device and on the VLANs. Proxy ARP This variation of the ARP protocol allows the router to send an ARP response on behalf of an end node to the requesting host. After you have established your connection to the switch, follow these steps to download the latest firmware: 1. Port Configuration Overview maximum number of packets which can be received per second with the set port broadcast command: Maximum packet per second values are: 148810 for Fast Ethernet ports 1488100 for 1-Gigabit ports. VLAN authorization egress format Determines whether dynamic VLAN tagging will be none, tagged, untagged, or dynamic for an egress frame. Configure an RMON filter entry. This enables you to set the IP address and system password using a single console port. Examples 17-18 Chapter 18: Configuring Network Monitoring Basic Network Monitoring Features .. 18-1 Console/Telnet History Buffer . Chapter 20: IP Configuration Enabling the Switch for Routing . 20-1 Router Configuration Modes 20-1 Entering Router Configuration Modes . 20-2 Example Configuring Area Virtual-Link Authentication . 22-14 Configuring Area Virtual-Link Timers. 22-14 Configuring Route Redistribution 22-14 Configuring Passive Interfaces .. Extended IPv4 ACL Configuration .. 24-12 MAC ACL Configuration .. 24-13 Chapter 25: Configuring and Managing IPv6 Managing IPv6 . Disabling and Enabling Ports .. 26-9 MAC Locking Defaults . 26-9 MAC Locking Configuration .. 26-10 TACACS+ .. 11-3 13-1 13-2 13-3 14-1 15-1 15-2 15-3 15-4 15-5 15-6 15-7 15-8 15-9 15-10 15-11 15-12 15-13 15-14 15-15 15-16 15-17 16-1 17-1 17-2 17-3 17-4 17-5 19-1 19-2 19-3 19-4 19-5 19-6 22-1 22-2 22-3 22-4 22-5 22-6 23-1 23-2 23-3 25-1 Link Aggregation Example.. 11-12 Communication between LLDP-enabled Devices . 13-3 LLDP-MED .. 4-7 4-8 5-1 6-1 7-1 7-2 7-3 8-1 8-2 8-3 8-4 9-1 9-2 9-3 10-1 10-2 10-3 10-4 11-1 11-2 11-3 11-4 11-5 11-6 11-7 12-1 12-2 12-3 12-4 12-5 13-1 13-2 13-3 13-4 13-5 13-6 14-1 14-2 14-3 14-4 15-1 15-2 15-3 15-4 15-5 15-6 15-7 15-8 15-9 15-10 15-11 16-1 16-2 16-3 16-4 16-5 xx Default DHCP Server Parameters . 4-20 Configuring Pool Parameters 16-6 17-1 18-1 18-2 18-3 18-4 18-5 18-6 18-7 18-8 19-1 19-2 19-3 19-4 19-5 19-6 19-7 19-8 19-9 19-10 20-1 20-2 20-3 21-1 21-2 21-3 22-1 22-2 23-1 23-2 24-1 25-1 25-2 25-3 25-4 25-5 25-6 26-1 26-2 26-3 26-4 26-5 26-6 26-7 26-8 26-9 26-10 26-11 26-12 26-13 26-14 Policy Configuration Terms and Definitions 16-18 CoS Configuration Terminology About This Guide This guide provides basic configuration information for the Enterasys Networks Fixed Switch platforms using the Command Line Interface (CLI0, including procedures and code examples.