Allied-telesis AT-S63 Manual de usuario Pagina 620
- Pagina / 710
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Chapter 29: 802.1x Port-based Network Access Control
620 Section IV: Security
IEEE 802.1x Port-based Network Access Control Overview
The AT-S63 management software offers you several different methods
for protecting your network and its resources from unauthorized access.
For instance, Chapter 23, ”Port Security” on page 517, explains how you
can restrict network access using the MAC addresses that belong to the
end nodes of your network.
This chapter explains yet another way. This method is referred to as Port-
based Network Access Control (IEEE 802.1x). It uses the RADIUS protocol
to control who can send traffic through and receive traffic from a switch
port. With this feature, the switch does not allow an end node to send or
receive traffic through a port until the user of the node has logged on by
entering a username and password that the RADIUS server has
validated.
The benefit of this type of network security is obvious. This feature can
prevent an unauthorized individual from connecting a computer to a
switch port or using an unattended workstation to access your network
resources. Only those users to whom you have assigned valid usernames
and passwords are able to use the switch to access the network.
This port security method uses the RADIUS authentication protocol. The
AT-S63 management software is shipped with RADIUS client software. If
you have already read Chapter 30, ”TACACS+ and RADIUS Protocols” on
page 644, then you know that you can use the RADIUS client software on
the switch, along with a RADIUS server on your network, to create new
manager accounts that control who can manage and change the AT-S63
parameter on the switch.
Note
RADIUS with Extensible Authentication Protocol (EAP) extensions is
the only supported authentication server for this feature. This
feature is not supported with the TACACS+ authentication protocol.
The switch supports only one authentication protocol at a time.
Therefore, if you want to implement IEEE 802.1 port access control
and also create new manager accounts as explained in Chapter 30,
”TACACS+ and RADIUS Protocols” on page 644, you must use the
RADIUS protocol.
Following are several terms to keep in mind when you use this feature.
❑ Supplicant - A supplicant is an end user or end node that wants to
access the network through a switch port. A supplicant is also
referred to as a client.
❑ Authenticator - The authenticator is a port on the switch that
- Menus Interface 1
- User’s Guide 1
- Section II 5
- Section IV 10
- Contents 12
- How This Guide is Organized 23
- Document Conventions 25
- Contacting Allied Telesyn 27
- Management Software Updates 28
- Overview 29
- Management Overview 30
- Local Management Session 32
- Telnet Management Session 33
- Chapter 1: Overview 34
- SNMP Management Session 35
- Management Access Levels 36
- Basic Features 37
- 38 Section I: Basic Features 38
- Starting a Local or Telnet 39
- Management Session 39
- Section I: Basic Features 41 41
- Enhanced 42
- Stacking 42
- Quitting a Local 43
- Quitting a 45
- 46 Section I: Basic Features 46
- Basic Switch Parameters 47
- 48 Section I: Basic Features 48
- Section I: Basic Features 49 49
- How Do You 50
- Assign an IP 50
- Address? 50
- 52 Section I: Basic Features 52
- Section I: Basic Features 53 53
- 54 Section I: Basic Features 54
- Section I: Basic Features 55 55
- Information 56
- Section I: Basic Features 57 57
- Rebooting a Switch 58
- Section I: Basic Features 59 59
- 60 Section I: Basic Features 60
- Section I: Basic Features 61 61
- Setting the System Time 62
- System Time 63
- D - Disabled) -> 64
- -> 600 65
- 66 Section I: Basic Features 66
- Configuring the Console Timer 67
- 68 Section I: Basic Features 68
- Supported baud rates are: 69
- Pinging a Remote System 70
- Default Values 71
- Displaying 73
- Hardware 73
- ° Celsius 74
- Section I: Basic Features 75 75
- 76 Section I: Basic Features 76
- Section I: Basic Features 77 77
- 78 Section I: Basic Features 78
- SNMPv1 and SNMPv2c 79
- SNMPv1 and SNMPv2c Overview 80
- Default SNMP 82
- Enter SNMP Manager IP Addr: 86
- Enter Trap Receiver IP Addr: 86
- Modifying a Community String 88
- Enter SNMP Community Name: 89
- Enhanced Stacking 93
- Enhanced Stacking Overview 94
- Section I: Basic Features 95 95
- IP Address 96
- Section I: Basic Features 97 97
- 98 Section I: Basic Features 98
- Section I: Basic Features 99 99
- Chapter 5: Enhanced Stacking 100
- 100 Section I: Basic Features 100
- Section I: Basic Features 101 101
- 102 Section I: Basic Features 102
- Section I: Basic Features 103 103
- 104 Section I: Basic Features 104
- Port Parameters 105
- Configuring Port Parameters 106
- Section I: Basic Features 107 107
- Chapter 6: Port Parameters 108
- 108 Section I: Basic Features 108
- Section I: Basic Features 109 109
- 110 Section I: Basic Features 110
- Section I: Basic Features 111 111
- Enter port-list -> 112
- 114 Section I: Basic Features 114
- Section I: Basic Features 115 115
- Configuring Filtering 116
- Enabled 117
- Setting Up Rate Limiting 118
- Section I: Basic Features 119 119
- Resetting a Port 120
- Forcing Port Renegotiation 121
- Displaying Port Statistics 123
- 124 Section I: Basic Features 124
- Section I: Basic Features 125 125
- Clearing Port Statistics 126
- Displaying Port Status 127
- 128 Section I: Basic Features 128
- MAC Address Table 129
- MAC Address Overview 130
- Section I: Basic Features 131 131
- Chapter 7: MAC Address Table 132
- 132 Section I: Basic Features 132
- Section I: Basic Features 133 133
- 134 Section I: Basic Features 134
- Section I: Basic Features 135 135
- 136 Section I: Basic Features 136
- Section I: Basic Features 137 137
- XXXXXX XXXXXX 138
- Section I: Basic Features 139 139
- Changing the Aging Time 140
- Port Trunking 141
- Port Trunking Overview 142
- Port Operating 143
- Specifications 143
- Distribution 143
- Chapter 8: Port Trunking 144
- 144 Section I: Basic Features 144
- Workstation A 145
- Workstation B 145
- Workstation C 145
- Workstation D 145
- 146 Section I: Basic Features 146
- Section I: Basic Features 147 147
- 148 Section I: Basic Features 148
- Creating a Port Trunk 149
- 150 Section I: Basic Features 150
- Enter Trunk Name: 151
- Modifying a Port Trunk 152
- Section I: Basic Features 153 153
- 154 Section I: Basic Features 154
- Deleting a Port Trunk 155
- Displaying the Port Trunks 156
- Section I: Basic Features 157 157
- 158 Section I: Basic Features 158
- Port Mirroring 159
- Port Mirroring Overview 160
- Creating a Port Mirror 161
- Mirror-To Port (0-24): 162
- Disabling a Port Mirror 163
- Modifying a Port Mirror 164
- Displaying the Port Mirror 165
- Chapter 9: Port Mirroring 166
- 166 Section I: Basic Features 166
- Advanced Features 167
- File System 169
- File System Overview 170
- Using Wildcards 171
- Groups of Files 171
- Creating a Boot 172
- Configuration 172
- Enter the file name: 174
- Setting the 175
- Active Boot 175
- Viewing a Boot 176
- Editing a Boot 177
- Chapter 10: File System 178
- Copying a System File 179
- Renaming a System File 180
- Deleting a System File 181
- Displaying System Files 182
- File Downloads and Uploads 185
- 186 Section I: Basic Features 186
- Section I: Basic Features 187 187
- 188 Section I: Basic Features 188
- Section I: Basic Features 189 189
- 190 Section I: Basic Features 190
- Section I: Basic Features 191 191
- 192 Section I: Basic Features 192
- [Yes/No] 193
- -> [Yes/No] 193
- 194 Section I: Basic Features 194
- Downloading a System File 196
- Downloading a 197
- System File 197
- Management 197
- 198 Section I: Basic Features 198
- Section I: Basic Features 199 199
- Uploading a System File 201
- Uploading a 202
- Section I: Basic Features 203 203
- Section I: Basic Features 205 205
- 206 Section I: Basic Features 206
- Event Log 207
- Event Log Overview 208
- Chapter 12: Event Log 210
- Displaying Events 211
- Clearing the Event Log 217
- Saving an Event Log to a File 218
- Quality of Service 221
- Quality of Service Overview 222
- Configuring CoS 227
- Configuring Egress Scheduling 231
- Changes 232
- IGMP Snooping 233
- IGMP Snooping Overview 234
- Configuring IGMP Snooping 236
- Chapter 14: IGMP Snooping 238
- Router IP 243
- RRP Snooping 245
- RRP Snooping Overview 246
- Chapter 15: RRP Snooping 248
- STP and RSTP 249
- STP and RSTP Overview 250
- Bridge Priority 251
- Chapter 16: STP and RSTP 252
- Edge Port 256
- Mixed STP and 257
- RSTP Networks 257
- Spanning Tree 257
- Configuring STP 261
- Port Settings 263
- Displaying STP 265
- Resetting STP to 266
- Settings 266
- Configuring RSTP 267
- Configuring 269
- RSTP Port 269
- Displaying the 271
- RSTP Port State 272
- Resetting RSTP 274
- Chapter 17 277
- MSTP Overview 278
- Chapter 17: MSTP 280
- AT-9424T/SP 281
- AT-9424T/GB 281
- VLAN and MSTI 283
- Associations 283
- Multiple 283
- Summary of 288
- Guidelines 288
- Switch A 291
- Switch B 291
- Configuring the CIST Priority 297
- 4096]: [0 to 15] -> 298
- Displaying the CIST Priority 299
- Creating an 301
- Deleting an 302
- Modifying an 302
- 4096] [0 to 15] -> 8 303
- Adding or 304
- Removing a 304
- VLAN from an 304
- Associating a 305
- VLAN to an 305
- Enter the list of VLANs: 307
- Clearing VLAN 308
- [Yes/No] -> 316
- Chapter 18 317
- SNMPv3 Overview 318
- Authentication 319
- Protocols 319
- SNMPv3 Privacy 319
- Protocol 319
- SNMPv3 MIB 320
- SNMPv3 Storage 321
- Notification 321
- SNMPv3 User Table 322
- SNMPv3 View Table 322
- SNMPv3 Access Table 322
- Chapter 18: SNMPv3 324
- Configuring SNMPv3 Entities 327
- SNMPv3 User 328
- Table Entry 328
- Enter User (Security) Name: 330
- Enter Privacy Password: 331
- Enter User Name: 334
- Re-enter Privacy password: 335
- SNMPv3 View 338
- 1.3.6.1.2.1.2.2.1.0.3 344
- Enter View Name: 345
- 1.3.6.1.2.1.6 345
- SNMPv3 Access 347
- P-AuthPriv]: 349
- Enter Read View Name: 350
- Enter Write View Name: 350
- Enter Notify View Name: 350
- Enter Group Name: 352
- A-AuthNoPriv, P-AuthPriv]: 352
- SecurityToGroup 363
- Table Entr 367
- SNMPv3 Notify 371
- Enter Notify Name: 376
- SNMPv3 Target 379
- Address Table 379
- Enter Tag List: 381
- Enter Target Parameters: 381
- Enter IP Address: 385
- Enter Target Address Name: 385
- Parameters 393
- Enter Target Parameters Name: 394
- Community 407
- Enter Security Name: 409
- Enter Transport Tag: 409
- Enter Community Index: 413
- Displaying SNMPv3 Table Menus 416
- Display SNMPv3 417
- View Table 417
- Access Table 418
- Notify Table 420
- Table Menu 422
- Section III 425
- 426 Section III: VLANs 426
- Port-based and Tagged VLANs 427
- VLAN Overview 428
- Section III: VLANs 429 429
- Port-based VLAN Overview 430
- Port VLAN 431
- Identifier 431
- 432 Section III: VLANs 432
- Port-based 433
- Example 1 433
- Example 2 434
- Section III: VLANs 435 435
- Tagged VLAN Overview 436
- Tagged and 437
- Untagged Ports 437
- General Rules 438
- Tagged VLAN 438
- 440 Section III: VLANs 440
- Section III: VLANs 441 441
- 442 Section III: VLANs 442
- Section III: VLANs 443 443
- 444 Section III: VLANs 444
- Section III: VLANs 445 445
- 446 Section III: VLANs 446
- Modifying a VLAN 447
- 448 Section III: VLANs 448
- Press any key to continue 449
- 450 Section III: VLANs 450
- Displaying VLANs 451
- 452 Section III: VLANs 452
- Deleting a VLAN 453
- 454 Section III: VLANs 454
- Section III: VLANs 455 455
- Resetting to the Default VLAN 456
- Section III: VLANs 457 457
- Displaying PVIDs 458
- Section III: VLANs 459 459
- 460 Section III: VLANs 460
- Specifying a Management VLAN 461
- Press any key to continue 462
- Multiple VLANs 463
- Multiple VLAN Mode Overview 464
- Section III: VLANs 465 465
- Non-802.1Q 466
- Compliant 466
- Multiple VLAN 466
- Section III: VLANs 467 467
- Selecting a VLAN Mode 468
- Displaying VLAN Information 469
- Chapter 20: Multiple VLANs 470
- 470 Section III: VLANs 470
- Chapter 21 471
- 472 Section III: VLANs 472
- Switch #2 473
- 474 Section III: VLANs 474
- Section III: VLANs 475 475
- Attribute 476
- Registration 476
- Protocol (GARP) 476
- Section III: VLANs 477 477
- 478 Section III: VLANs 478
- Section III: VLANs 479 479
- Configuring GVRP 480
- Section III: VLANs 481 481
- 482 Section III: VLANs 482
- Section III: VLANs 483 483
- 484 Section III: VLANs 484
- Displaying GVRP Counters 485
- 486 Section III: VLANs 486
- Section III: VLANs 487 487
- 488 Section III: VLANs 488
- Section III: VLANs 489 489
- Displaying the GVRP Database 490
- Section III: VLANs 491 491
- 492 Section III: VLANs 492
- Section III: VLANs 493 493
- Marketing 494
- GVRP State Machine 494
- Section III: VLANs 495 495
- 496 Section III: VLANs 496
- Section III: VLANs 497 497
- 498 Section III: VLANs 498
- Protected Ports VLANs 499
- Protected Ports VLAN Overview 500
- Section III: VLANs 501 501
- Protected Ports 502
- Section III: VLANs 503 503
- 504 Section III: VLANs 504
- Enter Group Number -> 505
- 506 Section III: VLANs 506
- Section III: VLANs 507 507
- 510 Section III: VLANs 510
- Section III: VLANs 511 511
- 512 Section III: VLANs 512
- Section III: VLANs 513 513
- 514 Section III: VLANs 514
- Security 515
- 516 Section IV: Security 516
- Port Security 517
- MAC Address Security Overview 518
- Section IV: Security 519 519
- MAC Address 520
- Section IV: Security 521 521
- Chapter 23: Port Security 522
- 522 Section IV: Security 522
- Section IV: Security 523 523
- 524 Section IV: Security 524
- Section IV: Security 525 525
- 526 Section IV: Security 526
- Access Control Lists 527
- Parts of a 528
- ACL Guidelines 529
- 530 Section IV: Security 530
- Section IV: Security 531 531
- Creating the Management ACL 532
- Section IV: Security 533 533
- 534 Section IV: Security 534
- Adding an ACE 535
- Deleting an ACE 536
- Displaying the ACEs 537
- Interface 538
- Web Server 539
- Web Server Overview 540
- Section IV: Security 541 541
- Configuring the Web Server 542
- Section IV: Security 543 543
- Chapter 25: Web Server 544
- 544 Section IV: Security 544
- Section IV: Security 545 545
- 546 Section IV: Security 546
- Encryption Keys 547
- Basic Overview 548
- Section IV: Security 549 549
- Chapter 26: Encryption Keys 550
- 550 Section IV: Security 550
- Section IV: Security 551 551
- Verification 552
- Section IV: Security 553 553
- Encryption 554
- Section IV: Security 555 555
- Key Exchange 557
- Algorithms 557
- 558 Section IV: Security 558
- Creating an Encryption Key 559
- 560 Section IV: Security 560
- Section IV: Security 561 561
- Enter new Description -> 562
- Deleting an Encryption Key 563
- Modifying an Encryption Key 564
- Exporting an Encryption Key 565
- 566 Section IV: Security 566
- Section IV: Security 567 567
- Importing an Encryption Key 568
- Section IV: Security 569 569
- 570 Section IV: Security 570
- Section IV: Security 571 571
- 572 Section IV: Security 572
- PKI Certificates and SSL 573
- 574 Section IV: Security 574
- Distinguished 576
- Section IV: Security 577 577
- 578 Section IV: Security 578
- Technical Overview 579
- 580 Section IV: Security 580
- Elements of a 581
- Public Key 581
- Infrastructure 581
- Certificate 582
- Validation 582
- Revocation Lists 582
- Implementation 583
- 584 Section IV: Security 584
- Section IV: Security 585 585
- 586 Section IV: Security 586
- Section IV: Security 587 587
- 588 Section IV: Security 588
- Section IV: Security 589 589
- Enter file name (*.key) -> 590
- Modifying a Certificate 591
- 592 Section IV: Security 592
- Section IV: Security 593 593
- Deleting a Certificate 594
- Section IV: Security 595 595
- Viewing a Certificate 596
- Section IV: Security 597 597
- 598 Section IV: Security 598
- Section IV: Security 599 599
- 600 Section IV: Security 600
- ...Done 601
- 602 Section IV: Security 602
- Database 603
- Configuring SSL 604
- Section IV: Security 605 605
- 606 Section IV: Security 606
- Secure Shell (SSH) 607
- SSH Overview 608
- Section IV: Security 609 609
- Slave Switch 611
- Master Switch 611
- 612 Section IV: Security 612
- Configuring SSH 613
- 614 Section IV: Security 614
- Section IV: Security 615 615
- Displaying SSH Information 616
- Section IV: Security 617 617
- 618 Section IV: Security 618
- 802.1x Port-based Network 619
- Access Control 619
- 620 Section IV: Security 620
- 622 Section IV: Security 622
- Section IV: Security 623 623
- Section IV: Security 625 625
- Network Access 626
- Section IV: Security 627 627
- Setting Port Roles 629
- 630 Section IV: Security 630
- Section IV: Security 631 631
- 632 Section IV: Security 632
- Section IV: Security 633 633
- 634 Section IV: Security 634
- Section IV: Security 635 635
- 636 Section IV: Security 636
- Section IV: Security 637 637
- 638 Section IV: Security 638
- Section IV: Security 639 639
- 640 Section IV: Security 640
- Configuring RADIUS Accounting 641
- 642 Section IV: Security 642
- Section IV: Security 643 643
- TACACS+ and RADIUS Protocols 644
- TACACS+ and RADIUS Overview 645
- TACACS+ and 646
- Section IV: Security 647 647
- Enabling 648
- TACACS+ or 648
- Disabling 649
- Configuring TACACS+ 650
- D-Disabled) -> 651
- Section IV: Security 652 652
- TAC Timeout 653
- Configuring RADIUS 654
- Section IV: Security 655 655
- Section IV: Security 656 656
- Section IV: Security 657 657
- Section IV: Security 658 658
- Denial of Service Defense 659
- Denial of Service Overview 660
- Section IV: Security 661 661
- 662 Section IV: Security 662
- Ping of Death 663
- IP Options 664
- Denial of 664
- Service Defense 664
- Section IV: Security 665 665
- Enter port-list: 666
- Section IV: Security 667 667
- 668 Section IV: Security 668
- AT-S63 Default Settings 669
- Basic Switch Default Settings 671
- RJ-45 Serial 672
- Terminal Port 672
- Default Settings 672
- SNTP Default 672
- Switch State Slave 674
- SNMP Default Settings 675
- Event Log Default Settings 677
- MSTP Default 682
- VLAN Default Settings 683
- GVRP Default Settings 684
- Web Server Default Settings 687
- SSL Default Settings 688
- PKI Default Settings 689
- SSH Default Settings 690
- Control List 692
- Status Disabled 692
- SNMPv3 Configuration Examples 693
- Operator 695
- Worksheet 696
Relacionado con productos y manuales para Hardware De La Computadora Allied-telesis AT-S63
Hardware De La Computadora Allied-telesis AT-VIEW PLUS 3.1 INSTALLATION Manual de usuario
(26 paginas)
(26 paginas)
Hardware De La Computadora Allied-telesis AT-VIEW PLUS 3.0 INSTALLATION Manual de usuario
(26 paginas)
(26 paginas)
Hardware De La Computadora Allied-telesis AT-VIEW PLUS 3.0 VLAN MANAGER Manual de usuario
(52 paginas)
(52 paginas)
Hardware De La Computadora Allied-telesis AT-VIEW PLUS 3.0 MIB COMPILER Manual de usuario
(14 paginas)
(14 paginas)
Hardware De La Computadora Allied-telesis AT-VIEW PLUS 3.0 DEVICE MANAGER Manual de usuario
(127 paginas)
(127 paginas)
Hardware De La Computadora Allied-telesis AT-VIEW PLUS 3.1 DEVICE MANAGEMENT Manual de usuario
(277 paginas)
(277 paginas)
Hardware De La Computadora Allied-telesis AT-8400 Line Card and Power Supply Manual de usuario
(2 paginas)
(2 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.052 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales