Allied Telesis AT-iMG606BD Especificaciones Pagina 623
- Pagina / 995
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
13. Configuring Network Services Port Authentication (802.1x)
614
AlliedView NMS Administration Guide
13.19 Port Authentication (802.1x)
The main components of Port Authentication are:
• The Authenticator - the port on the SBx3100 that wishes to enforce authentication before allowing access to services
that are accessible behind it. The SBx3100 plays this role.
• The Supplicant -the user device attached to the Authenticator that wishes to access services offered by the
authenticator's system. The supplicant may be a PC or other device connected to the Authenticator either directly or via
a hub
• The Authentication Server (RADIUS) - a device that uses the authentication credentials supplied by the supplicant (using
802.1X method described below), via the authenticator, or from the authenticator itself (using MAC based authentication
method) to determine if the authenticator should grant access to the network. Once authorized, the Authentication
server notifies the Authenticator to allow access. The Authentication Server may also supply other information
pertaining to the supplicant such as a particular VLAN to use.
Port authentication can be implemented with the following methods:
• 802.1X - This uses the IEEE Standard 802.1X standard. The supplicant is required to use 802.1X and supply the
authentication credentials to the Authentication Server via the Authenticator.
• MAC-based authentication - This uses the source MAC address of the supplicant for authentication. When the
Authenticator receives the frame from a newly learned source MAC, the Authenticator generates a RADIUS request for
authentication.
• Web-based authentication - A username/password pair is entered from the client’s browser. When the switch receives
the pair, it generates a RADIUS request for authentication.
The Authenticator can be configured to authorize one supplicant or more than one supplicant, as follows:
• Single Host - Only one (single) supplicant that is authorized can be allowed to communicate on the Authenticator port.
The other supplicant is disallowed.
• Multi Host - More than one supplicant is possible on the Authenticator port. When any one supplicant succeeds with
authentication, the other supplicants are automatically considered to be authenticated and can communicate on the port.
This mode is known as 'Piggyback Mode' also.
• Multi Supplicant - More than one supplicant is possible on the Authenticator port. However each supplicant has to be
individually authenticated. Some supplicants are allowed and some supplicants may be disallowed when a supplicant failed
to authenticate.
The NMS supports the following:
• 802.1x method
• MAC Authentication method
• Single Host, Multi Host, and Multi Supplicant
Note: Configuring RADIUS is not part of NMS provisioning, and must be done separately.
13.19.1 Port Authentication for a Device
1. To access port authentication management, do one of the following in the Network Objects panel:
• Go to Network Maps > Physical Network. In the Physical Network screen, select the device.
• Go to Network Inventory > Nodes. In the Nodes screen, select the device.
2. Go to Operations > Port Authentication Management. The Port Authentication Management screen appears.
- Administration Guide 1
- Release 14.3 1
- Table of Contents 3
- 1.1 The NMS Editions 10
- 1.2 Documentation Set 10
- 1.3 Service and Support 10
- 2. Managed Devices 11
- 2.2 Supported CPE Devices 17
- 2.6 Supported Functionality 22
- Third Party Products 23
- 2.6.2 Rapier Products 24
- 2.6.4 CentreCOM Products 26
- 2.6.5 Third Party Products 27
- 3. Starting Up 29
- 3.3 The Application Screen 30
- 3.4 Broadcasting a Message 31
- 3.6 Resource Management 33
- 3.7 CPE Traps 34
- 3. Starting Up CPE Traps 35
- 4. File Administration 36
- 4.1 Discovery Configurator 37
- 4.2.1 Schedule Tab 38
- 4.2.2 SNMP Tab 39
- 4.2.3 CWMP Tab 40
- 4.2.4 CLI Logins Tab 42
- 4.2.5 Network Discovery Tab 45
- 4.2.6 Node Discovery Tab 47
- 4.2.7 Other Discovery Tab 49
- 5. DHCP support is provided 50
- 4.3.1 Basic Tab 51
- 4.3.2 SNMP Tabs 52
- 4.3.3 CWMP Tab 53
- 4.3.4 CLI Logins Tab 53
- 4.3.5 Network Discovery Tab 56
- 4.3.6 Node Discovery Tab 57
- 4.5 Backup and Restore 59
- • ATINMS_BACKUP_DEST 61
- • ATIDEVICE_BACKUP_DEST 61
- • ATIDEVICE_BACKUP_LIMIT 61
- AT_NMSRestore.bat 62
- ./AT_NMSRestore.sh 62
- 4.6 Inventory Reporting 64
- FIGURE 4-30 License History 68
- 4.10 Status Monitoring 73
- 4.10.1 Status Table 74
- 4.10.2 Menu Options (Export) 78
- AT_FwLoadImport.bat 79
- AT_FwLoadImport.sh 79
- 5. Security Administration 84
- 5.2 Add a New User 86
- 5.3 User Settings 89
- 5.3.4 Viewing Audit Trails 91
- 5.4 Adding a new group 93
- • Click Add in the wizard 96
- 5.5 Custom View Scope (CVS) 97
- 5.5.4 Set Scope Properties 98
- 5.6 Permissions Tree 99
- 5.6.2 Permissions Tree 100
- TABLE 5-7 102
- 5.7.1 RADIUS 107
- 5.7.2 Tacacs+ 107
- 5.8.1 Overview 108
- ./AT_ConfigureRadius.sh 109
- 5.8.3 Example Configurations 116
- 6. Profile Management 121
- 6.3 Creating a Profile 122
- 2. Do one of the following: 124
- 6.5 Deleting a Profile 128
- 6.6 Deploying a Profile 128
- 6.7 Redeploying a Profile 129
- 6.10 Profile Monitoring 131
- FIGURE 6-7 ADSL-Bond Profile 134
- 6.15 DS3-SFP Support 140
- FIGURE 6-20 DS3-SFP tab 143
- 7. Quality of Service (QoS) 144
- 7.2 QoS Flows 145
- QoS Policy Flow 146
- QoS Packet Flow 147
- TABLE 7-2 QoS Packet Flow 148
- 7.3 QoS Priority Action 149
- 7.4 QoS Traffic Action Form 151
- 7.5 QoS Policy Action Form 155
- 7.7 QoS Policy Rule Form 159
- 1. Upstream/Downstream Links 170
- 2. Downstream Only Link 170
- Example EPON Port Profile 173
- 7.12.1 Overview 175
- 7.12.2 Overview of GUI 176
- 7.12.3 Example Configuration 176
- 8.1 QoS Deployments Table 182
- 8.5 Redeploying Policies 183
- FIGURE 8-2 Redeploy Policy 184
- 9.1 View Chassis 186
- 9.1.1 Display Types 188
- 9.2 Provisioning a Device 191
- FIGURE 9-21 Download Window 206
- 2. Save the file as motd.txt 208
- 9.2.5 Device Information 211
- 9.2.6 SNMP Agent 212
- FIGURE 9-31 SNMP Agent Panel 213
- TABLE 9-7 SNMP Agent Fields 213
- 9.2.7 SNMP Community 214
- Create SNMP Community Form 215
- 9.2.8 Obtaining SW Loads 219
- FIGURE 9-41 Purge Load Files 222
- 7. AT-AR440S and 450S 225
- 9.2.12 SysLog Management 238
- • ALL Row 241
- • Other options 242
- FIGURE 9-67 245
- 9.2.14 MPEG Test 247
- Search Find Option 259
- VLAN Configuration Options 267
- 9.4.1 One Time 269
- 9.4.2 Recurring 270
- 9.4.3 View Tasks Form 271
- 9.5.1 Alarms/Events 272
- 9.5.2 Performance 272
- Task Application Steps 273
- • File not found 280
- 9.5.10 Manage/Unmanage 283
- 9.5.11 Update Status 283
- 9.6 Manage CLI Users 284
- 9.7 Customer Cutover 284
- 9.7.3 Procedure Overview 286
- 10. Card Management 300
- 10.2 Using Card Management 301
- FIGURE 10-1 Card Management 302
- 10.3 Creating a Card 303
- 10.4 Enabling a Card 304
- 10.5 Disabling a Card 304
- 10.6 Restarting a Card 304
- 10.7 Destroying a Card 304
- 10.9 Viewing Recent Commands 305
- 10.10 Viewing Card Details 305
- 10.11 GE3 Card 306
- 10.12 GE8 Card 306
- 10.13 ADSL24A Card 307
- 10.16 CFC Cards 308
- TABLE 10-3 CFC Card Details 310
- 10.17 FE10/FX10 Card 311
- FE10/FX10 Card Details 312
- 10.18 FX20 Card 313
- 10.19 POTS24 Card 313
- Create POTS 24 Card Form 314
- 10.20 CES8 Card 321
- 10.21 NTE8 Card 323
- 10.28 GE24POE 325
- • Close - Closes the window 330
- FIGURE 11-1 Port Management 331
- TABLE 11-1 Port Management 331
- 11.1.1 Display Preferences 335
- 11.7 Provision New EPON Port 341
- Provision New EPON Port 343
- Optical Networking 344
- Unit (ONU) 344
- 11.11 Status Tab 347
- 11.13 iMG/RG Tab 349
- 11.13.3 Port Assignments Tab 350
- 11.13.4 IP Routes Tab 350
- 11.13.6 Video Service Tab 350
- 11.13.7 Voice Service Tab 350
- 11.14 Ether-like Config. Tab 351
- 11.15 ADSL Configuration Tab 360
- 11.15.5 ADSL Video Tab 369
- TABLE 11-13 IP Filters Form 373
- • Valid Intervals 374
- • Invalid Intervals 374
- • Current 1 Day Time Elapsed 374
- Field/Button Description 384
- 11.18.1 DS1/E1 Port Tab 391
- 11.18.2 PSPAN Tab 392
- FIGURE 11-52 CES PSPAN Tab 393
- 11.18.3 PMON Statistics 394
- 11.19.1 DS1/E1 Port Tab 398
- 11.19.2 PPP Tab 399
- 11.19.3 Eth Interface Tab 400
- 11.19.4 PMON Statistics Tab 401
- 11.19.5 Stats Graph tab 403
- 11.19.6 Port Thresholds Tab 404
- 11.23 VDSL24 Port 411
- 11.24 Statistics Tab 416
- 11.24.2 RMON Stats Tab 417
- 11.24.3 Graph Stats Tab 418
- 11.25 Port Log Tab 419
- 11.26 DHCP Tab 419
- 11.27 FDB Tab 419
- 11.28 Video Tab 419
- Video Tab 420
- 11.29 ATM Bonding 421
- FIGURE 11-75 ATMBOND Tab 423
- 11.29.6 PMON Thresholds 426
- 11.29.7 Diagnostics 427
- FIGURE 11-81 ATMBOND Diags 428
- 11.30 STP Tab 429
- 12.2 GenBand Reports 433
- 12.2.2 Line Reports 434
- 12.3.1 Accessing DELT 436
- 12.3.3 Retrieve DELT Results 436
- 12.3.4 Graph DELT Result 436
- 12.3.8 Graphed Parameters 441
- 12.4.1 Overview of SELT 441
- 12.4.2 Accessing SELT 442
- 12.5 Diagnostics for ATMBOND 443
- 12.6.1 Overview 444
- 12.6.2 Basic Functions 445
- 12.6.3 Feature Limitations 446
- 12.6.4 Provisioning Flow 446
- 12.6.6 Staging - Summary 448
- 12.6.7 Staging - Method 1 448
- 12.6.8 Staging - Method 2 450
- 2. Powers up the Comtrend 452
- 12.7 POE View / Modify Port 455
- 13.1.1 Profile Management 457
- 13.1.2 Quality of Service 457
- 13.1.5 NTE8 Service 457
- • The Network VLAN itself 458
- FIGURE 13-2 VLAN Network Map 460
- 13.2.3 Physical Network Map 461
- 13.3 Creating Network VLANs 467
- FIGURE 13-13 Edit Ports Form 472
- 13.4 Extending Network VLANs 473
- 13.6 Deleting Network VLANs 476
- 13.7.1 Overview 477
- 13.7.2 Create Network VLAN 477
- 13.9.1 Overview 494
- 13.9.2 HVLAN Configuration 494
- • Is Master 506
- • Is Enabled 506
- • COMPLETE is green 510
- • FAILED is red 510
- • LINKS-UP is green 510
- • LINKS-DOWN is red 511
- 13.10.5 Example Scenario 514
- Creating Control VLAN Domain 517
- 13.11.1 Overview 531
- GUI for Second EPS Ring 539
- Protection Domain Enabled 545
- 13.12 Customer Management 550
- 13.12.3 Add DS1/E1 Customer 555
- BD Fiber 571
- • Line Encoding 572
- • Ports Type: {DS1/E1} 574
- • Port 1 RG-CES Port Profile 574
- • Port 2 RG-CES Port Profile 574
- 13.14.3 Create DS1 Profile 590
- DS1 Tab for NTE Example 597
- 13.14.7.3 Eth Interface Tab 599
- 13.15.1 VLAN Submap Display 606
- 13.16 Link Discovery 609
- 13.17.1 Overview 610
- 13.18 Diagnostic Audit 617
- Example Audit Report 619
- CES Circuit Audit Panel 621
- Results of Running CES Audit 622
- • Diagnostic Stats 624
- Processing 631
- 14. Provisioning the iMG/RG 632
- Customer 634
- • The Service Area is SPSI 647
- 14.1.7 Changing Customer IDs 652
- 14.3.1 Pre-requisite Steps 654
- 14.3.3 General Profile 655
- The wireless tab allows the 659
- 14.3.4 RG Internet Profile 663
- 14.3.4.3 Firewall Tab 670
- RG Internet Profile - NAT Tab 675
- 14.3.5 Video Profile 676
- 14.3.6 Voice Profile 678
- 14.4.2 Internet - Bridged 687
- 14.4.3 Internet - Routed 688
- 14.4.5 Video - Snooping 695
- 14.4.6 Video - Proxy 698
- • ManualSec2/Proxy 699
- • ManualSec3/Proxy 699
- • AutoSec2/Proxy 699
- • AutoSec3/Proxy 699
- RG Voice Profile - “SIP1” 702
- Ethernet 728
- 14.5.6.1 RG Forms 731
- = voice_VLAN (VID 10) 739
- = Physical Link 739
- = video_VLAN (VID 30) 742
- = data_VLAN (VID 20) 742
- = mgmt_VLAN (VID 40) 742
- = IP Subnet 742
- 3. Select the Security tab 745
- 6. Select the NAT tab 746
- • RG613-TX/TXJ/BD/SH/LH 748
- • RG623-TX/BD/SH/LH 748
- • iMG613-RF 748
- • iMG616-BD/SH/LH/RF/RF+/SRF+ 748
- • iMG624-A/B 749
- • iMG634-A/B 749
- • iMG634-WA/WB 749
- • Custom Views 751
- • !war*, !cle* 756
- • !warning, !clear 756
- • cr*, maj*, mino* 756
- • critical, major, minor 756
- • type = CustPort 760
- • parentKey = dot18* 760
- 14.7.1 Backup/Restore 765
- 14.7.2 Device Configuration 765
- 14.8.1 Open Access 766
- 14.8.2 Multi-service VLANs 768
- 14.8.4 iBG915-FX 773
- • GE8 on the 9x00 iMAP 780
- • GE24BX on 9000 series iMAP 780
- 2. Discovery (DHCP) 793
- 5. Click on Modify 810
- 5. Click Modify 819
- 11. END OF PROCEDURE 820
- 14.9.10 iMG/RG Recovery 825
- FX (iMG646) Figure 14-170 832
- ADSL (iMG634) Figure 14-171 832
- FX (iMG646) Figure 14-177 838
- ADSL (iMG634) Figure 14-178 838
- FX (iMG646) Figure 14-184 844
- ADSL (iMG634) Figure 14-185 844
- 14.10.1 DHCP Provisioning 847
- 14.10.2 GUI Provisioning 848
- 14.10.3 GUI Displays 850
- 14.11.1 Overview 851
- 14.11.2 Profiles 852
- 14.11.4 Custom View 854
- 14.12.1 LCFO 863
- 14.13 iMG/RG Diagnostics 864
- Port Port 866
- Name Port State 866
- Operational Status 866
- Port State 866
- 14.13.2 iMG LAN Diagnostics 867
- 14.14.3 LAN Ports State 873
- 14.15 LAN Flow Control 875
- 15.1 Overview 879
- 15.2 Data Collection Screen 880
- 15.3 Data Collection 882
- 15.3.1 Polling Objects 883
- • System: sysName, sysOID 885
- 15.3.2 Add a Statistic 887
- 15.4 Threshold Notification 890
- 15.4.1 Add Threshold 892
- 16.1 Overview 896
- 16.2 Event View 898
- 16.3.2 Loading from a MIB 904
- 16.3.3 Loading from a File 904
- 16.4.1 Setting Event Parsers 905
- FIGURE 16-14 Event Filters 916
- 16.5.1 Event Filters 918
- 16.5.2 Event Filter Actions 919
- 16.6.2 Applying Log Filters 925
- 16.6.4 Viewing Logs 926
- 16.7 Alarm View Display 927
- Alarm View Main Panel 928
- 16.8 Alarm Propagation 929
- Devices Only) 938
- 17.1 SNMP MIB 940
- FIGURE 17-1 MIB Manager View 941
- 17.3.1 Overview 942
- • Loading MIBs directly 943
- 17.4 MIB Browser Settings 945
- 17.5 SNMP Operations 945
- TABLE 17-3 SNMP Properties 946
- 17.7 Trap Viewer 948
- 17.8 Trap Parser 949
- 17.9 Graphs 953
- 17.10 CWMP 954
- A. Exporting Tabular Data 955
- A.3 Exporting Selected Items 959
- B. dhcpd Files 963
- B.2 dhcpd Includes 964
- B. dhcpd Files dhcpd Includes 965
- B.2.2 spsi-ai00-awplus-class 976
- B.2.3 spsi-ai00-subnet 977
- B.3 DNS Configuration File 982
- C. Northbound Interface 985
- C.1 SOAP Implementation 986
- C.1.2 WSDL 987
- C.1.3 Web Services 987
- C.2 User Interaction 988
- C.2.2 User Security 989
- C.2.5 Available Operations 990
- Operations Table 991
- C.2.6 Provision Parameters 993
- Provision Parameters 994
Relacionado con productos y manuales para Gateways / Controladores Allied Telesis AT-iMG606BD
(46 paginas)© 2020, manymanuals.es. Todos los derechos reservados | 0.053 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales