GS716Tv2/GS724Tv3 Software Admin Manual
Page 8
GS716Tv2 and GS724Tv3 Software Administration Manual Chapter 5 Managing Device Security Management Security Settings 5-1 Change Password ...5-2 RADIUS Configuration 5-3 Configuring TACACS 5-10 Authentication List Configuration 5-13 Configuring Management Access 5-15 HTTP Configuration 5-15 Secure HTTP Configuration 5-16 Certificate Download 5-18 Access Profile Configuration 5-19 Access Rule Configuration 5-21 Port Authentication ...5-22 802.1X Configuration 5-23 Port Authentication 5-24...
GS716Tv2 and GS724Tv3 Software Administration Manual Chapter 5 Managing Device Security Management Security Settings 5-1 Change Password ...5-2 RADIUS Configuration 5-3 Configuring TACACS 5-10 Authentication List Configuration 5-13 Configuring Management Access 5-15 HTTP Configuration 5-15 Secure HTTP Configuration 5-16 Certificate Download 5-18 Access Profile Configuration 5-19 Access Rule Configuration 5-21 Port Authentication ...5-22 802.1X Configuration 5-23 Port Authentication 5-24...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 9
... Configuration to Defaults 7-2 Upload File From Switch 7-3 Uploading Files ...7-5 Download File To Switch 7-5 TFTP File Download 7-6 HTTP File Download 7-8 File Management ...7-10 Dual Image Configuration 7-10 Viewing the Dual Image Status 7-12 Troubleshooting ...7-13 Ping ...7-13 TraceRoute ...7-14 Appendix A Hardware Specifications and Default Values GS7xxT Gigabit Smart Switch Specifications A-1 GS7xxTR Gigabit Smart Switch Features and Defaults A-2 ix v1.0, July 2009
... Configuration to Defaults 7-2 Upload File From Switch 7-3 Uploading Files ...7-5 Download File To Switch 7-5 TFTP File Download 7-6 HTTP File Download 7-8 File Management ...7-10 Dual Image Configuration 7-10 Viewing the Dual Image Status 7-12 Troubleshooting ...7-13 Ping ...7-13 TraceRoute ...7-14 Appendix A Hardware Specifications and Default Values GS7xxT Gigabit Smart Switch Specifications A-1 GS7xxTR Gigabit Smart Switch Features and Defaults A-2 ix v1.0, July 2009
GS716Tv2/GS724Tv3 Software Admin Manual
Page 23
... Upgrade The application software for the GS716T/GS724T Gigabit Smart Switch is upgradeable, enabling your firmware: 1. This procedure uses the TFTP protocol to 20 ASCII characters. See "Download File To Switch" on page 1-7 Password Change To set a new password: 1. You can set a new password. GS716Tv2 and GS724Tv3 Software Administration Manual • "Password Change" on page...
... Upgrade The application software for the GS716T/GS724T Gigabit Smart Switch is upgradeable, enabling your firmware: 1. This procedure uses the TFTP protocol to 20 ASCII characters. See "Download File To Switch" on page 1-7 Password Change To set a new password: 1. You can set a new password. GS716Tv2 and GS724Tv3 Software Administration Manual • "Password Change" on page...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 141
Click the Security tab, then click Access, and then click the HTTP HTTP Configuration link. GS716Tv2 and GS724Tv3 Software Administration Manual Configuring Management Access From the Access page, you can also configure Access Control Profiles and Access Rules. You can configure HTTP and ... Access tab contains the following folders: • "HTTP Configuration" on page 5-15 • "Secure HTTP Configuration" on page 5-16 • "Certificate Download" on page 5-18 • "Access Profile Configuration" on page 5-19 • "Access Rule Configuration" on the system.
Click the Security tab, then click Access, and then click the HTTP HTTP Configuration link. GS716Tv2 and GS724Tv3 Software Administration Manual Configuring Management Access From the Access page, you can also configure Access Control Profiles and Access Rules. You can configure HTTP and ... Access tab contains the following folders: • "HTTP Configuration" on page 5-15 • "Secure HTTP Configuration" on page 5-16 • "Certificate Download" on page 5-18 • "Access Profile Configuration" on page 5-19 • "Access Rule Configuration" on the system.
GS716Tv2/GS724Tv3 Software Admin Manual
Page 143
... configured value is shown when the Web page is displayed. The default value is the default value. Managing Device Security v1.0, July 2009 5-17 Enables or Disables Transport Layer Security Version 1.0. Port 443 is Disable... Secure Sockets Layer Version 3.0. The value must be in the range of 1- 65535. You can only download SSL certificates when the HTTPS Admin mode is Enable. The default value is displayed. Sets the HTTPS Port...or Disables the Administrative Mode of (1-60) minutes. GS716Tv2 and GS724Tv3 Software Administration Manual Figure 5-10 Table 5-12.
... configured value is shown when the Web page is displayed. The default value is the default value. Managing Device Security v1.0, July 2009 5-17 Enables or Disables Transport Layer Security Version 1.0. Port 443 is Disable... Secure Sockets Layer Version 3.0. The value must be in the range of 1- 65535. You can only download SSL certificates when the HTTPS Admin mode is Enable. The default value is displayed. Sets the HTTPS Port...or Disables the Administrative Mode of (1-60) minutes. GS716Tv2 and GS724Tv3 Software Administration Manual Figure 5-10 Table 5-12.
GS716Tv2/GS724Tv3 Software Admin Manual
Page 144
...in the appropriate directory. • The file is in the range of HTTPS sessions. Downloading SSL Certificates. You can generate a certificate externally (i.e., off-line) and download it to download from a management station, the Web server needs a public key certificate. The currently configured value is ...value is 24 hours. Figure 5-11 5-18 v1.0, July 2009 Managing Device Security The default value is 4. Sets the maximum allowable number of (0-4). The value must be in the correct format. • The switch has a path to accept HTTPS connections from the TFTP server ...
...in the appropriate directory. • The file is in the range of HTTPS sessions. Downloading SSL Certificates. You can generate a certificate externally (i.e., off-line) and download it to download from a management station, the Web server needs a public key certificate. The currently configured value is ...value is 24 hours. Figure 5-11 5-18 v1.0, July 2009 Managing Device Security The default value is 4. Sets the maximum allowable number of (0-4). The value must be in the correct format. • The switch has a path to accept HTTPS connections from the TFTP server ...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 145
...be downloaded is available on the page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. Enter the IP address of the TFTP server in the form of the switch. 3. To access the Access Profile Configuration page: Managing Device... • SSL DH Strong Encryption Parameter PEM File: SSL Diffie- GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-13. If you change any of SSL certificate to download. Certificate Download Fields Field Description File Type TFTP Server IP Select the type of the settings ...
...be downloaded is available on the page, click Apply to send the updated configuration to the switch. Configuration changes take effect immediately. Enter the IP address of the TFTP server in the form of the switch. 3. To access the Access Profile Configuration page: Managing Device... • SSL DH Strong Encryption Parameter PEM File: SSL Diffie- GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-13. If you change any of SSL certificate to download. Certificate Download Fields Field Description File Type TFTP Server IP Select the type of the settings ...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 207
Chapter 7 Maintenance The Maintenance tab contains links to the following pages that help you manage the switch: • "Reset" on page 7-1 • "Upload File From Switch" on page 7-3 • "Download File To Switch" on page 7-5 • "File Management" on page 7-10 • "Troubleshooting" on page 7-13 Reset The Reset menu contains links to the following options: • "Rebooting the Switch" on page 7-1 • "Reset Configuration to Defaults" on page 7-2 Rebooting the Switch Use the Device Reboot page to reboot the system. To access the Device Reboot page: 7-1 v1.0, July 2009
Chapter 7 Maintenance The Maintenance tab contains links to the following pages that help you manage the switch: • "Reset" on page 7-1 • "Upload File From Switch" on page 7-3 • "Download File To Switch" on page 7-5 • "File Management" on page 7-10 • "Troubleshooting" on page 7-13 Reset The Reset menu contains links to the following options: • "Rebooting the Switch" on page 7-1 • "Reset Configuration to Defaults" on page 7-2 Rebooting the Switch Use the Device Reboot page to reboot the system. To access the Device Reboot page: 7-1 v1.0, July 2009
GS716Tv2/GS724Tv3 Software Admin Manual
Page 211
... Use the following options: • "TFTP File Download" on page 7-6 • "HTTP File Download" on the TFTP server where you are uploading another type of the switch. Download File To Switch The switch supports system file downloads from Switch Fields (continued) Field Transfer File Path Transfer File Name...upload, check this box before clicking Apply. GS716Tv2 and GS724Tv3 Software Administration Manual Table 7-1. If you want to upload. Click Cancel to cancel the operation on the screen and reset the data on the switch to put the file. A file name with a ...
... Use the following options: • "TFTP File Download" on page 7-6 • "HTTP File Download" on the TFTP server where you are uploading another type of the switch. Download File To Switch The switch supports system file downloads from Switch Fields (continued) Field Transfer File Path Transfer File Name...upload, check this box before clicking Apply. GS716Tv2 and GS724Tv3 Software Administration Manual Table 7-1. If you want to upload. Click Cancel to cancel the operation on the screen and reset the data on the switch to put the file. A file name with a ...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 212
Click Maintenance Download TFTP File Download in the navigation tree. GS716Tv2 and GS724Tv3 Software Administration Manual TFTP File Download Use the Download File to Switch page to download device software, the image file, the configuration files and SSL files from a TFTP server to the switch. Figure 7-4 7-6 Maintenance v1.0, July 2009 To access the TFTP File Download page: 1. You can also download files via HTTP. See "HTTP File Download" on page 7-8 for additional information.
Click Maintenance Download TFTP File Download in the navigation tree. GS716Tv2 and GS724Tv3 Software Administration Manual TFTP File Download Use the Download File to Switch page to download device software, the image file, the configuration files and SSL files from a TFTP server to the switch. Figure 7-4 7-6 Maintenance v1.0, July 2009 To access the TFTP File Download page: 1. You can also download files via HTTP. See "HTTP File Download" on page 7-8 for additional information.
GS716Tv2/GS724Tv3 Software Admin Manual
Page 213
...PEM File: SSL Diffie-Hellman Strong Encryption Parameter File (PEM Encoded). GS716Tv2 and GS724Tv3 Software Administration Manual Table 7-2. The device boots and runs from the non-active image. Shows the format of the switch. Enter the name of file you want to understand. The most common usage ...of text-based configuration is to the latest value of the TFTP Server Address field The factory default is a safety feature for Smart Switch to download, either image1 or image2. Enter the path on the screen to upload a working configuration from the TFTP server. You may enter ...
...PEM File: SSL Diffie-Hellman Strong Encryption Parameter File (PEM Encoded). GS716Tv2 and GS724Tv3 Software Administration Manual Table 7-2. The device boots and runs from the non-active image. Shows the format of the switch. Enter the name of file you want to understand. The most common usage ...of text-based configuration is to the latest value of the TFTP Server Address field The factory default is a safety feature for Smart Switch to download, either image1 or image2. Enter the path on the screen to upload a working configuration from the TFTP server. You may enter ...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 214
...7-8 Maintenance v1.0, July 2009 GS716Tv2 and GS724Tv3 Software Administration Manual Downloading a File to the Switch Before you download a file to the switch, the following procedures to download a file from the TFTP server is on the server in the correct format. • The switch has a path to the TFTP server.... to be true: • The file to download from a TFTP server to the switch. 1. The system will display a warning that you are downloading a GS716T/GS724T image (Code), select the image on the switch to the switch, see "File Management" on the TFTP server. 4. Click the Start...
...7-8 Maintenance v1.0, July 2009 GS716Tv2 and GS724Tv3 Software Administration Manual Downloading a File to the Switch Before you download a file to the switch, the following procedures to download a file from the TFTP server is on the server in the correct format. • The switch has a path to the TFTP server.... to be true: • The file to download from a TFTP server to the switch. 1. The system will display a warning that you are downloading a GS716T/GS724T image (Code), select the image on the switch to the switch, see "File Management" on the TFTP server. 4. Click the Start...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 215
...GS724Tv3 Software Administration Manual 1. Click Maintenance Download HTTP File Download in flash (default). • Text Configuration: Choose this option to download, either image1 (the default) or image2. Maintenance 7-9 v1.0, July 2009 HTTP File Download Fields Field File Type Image Name Select File Description Specify the type of the switch... File (PEM Encoded) Specify the code image you want to update the switch's configuration. You may enter up to initiate the file download. Figure 7-5 Table 7-3. Enter the path and filename or browse for the file you...
...GS724Tv3 Software Administration Manual 1. Click Maintenance Download HTTP File Download in flash (default). • Text Configuration: Choose this option to download, either image1 (the default) or image2. Maintenance 7-9 v1.0, July 2009 HTTP File Download Fields Field File Type Image Name Select File Description Specify the type of the switch... File (PEM Encoded) Specify the code image you want to update the switch's configuration. You may enter up to initiate the file download. Figure 7-5 Table 7-3. Enter the path and filename or browse for the file you...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 226
GS716Tv2 and GS724Tv3 Software Administration Manual Table A-8. Other Features Feature Sets Supported IGMP snooping v1/v2 16 on GS716T/ 24 on GS724T (per port) Configurations upload/download 1 EAPoL flooding 16 on GS716T/ 24 on GS724T (per port) BPDU flooding 16 on GS716T/ 24 on GS724T (per port) Static multicast groups 8 Filter multicast control 1 Default Disabled N/A Disabled Disabled Disabled Disabled A-4 Hardware Specifications and Default Values v1.0, July 2009
GS716Tv2 and GS724Tv3 Software Administration Manual Table A-8. Other Features Feature Sets Supported IGMP snooping v1/v2 16 on GS716T/ 24 on GS724T (per port) Configurations upload/download 1 EAPoL flooding 16 on GS716T/ 24 on GS724T (per port) BPDU flooding 16 on GS716T/ 24 on GS724T (per port) Static multicast groups 8 Filter multicast control 1 Default Disabled N/A Disabled Disabled Disabled Disabled A-4 Hardware Specifications and Default Values v1.0, July 2009
GS716Tv2/GS724Tv3 Software Admin Manual
Page 243
GS716Tv2 and GS724Tv3 Software Administration Manual Index A Alert 6-18, 6-20 authentication enable 1-15 C Certificate 5-18 ... Global 3-32 Green Ethernet 2-15 HTTP 5-15 IGMP Snooping 3-32 LACP 3-8 LACP Port 3-9 LAG 3-5 LLDP 2-23 MAC Filter 5-30 Management Access 5-15 MST Port 3-27 Network Settings on the Administrative System 1-6 password 5-2 Port Security 5-34 Port VLAN ID 3-14 QoS 4-1 ...Debug 6-18, 6-20 Default Gateway 2-4 defaults A-1 CoS B-6 factory 5-2 DES 1-15 Device View 1-13 DoS 2-13 download a file 7-8 files via HTTP 7-6 from a remote system 7-5 software 7-6 v1.0, July 2009 Index-1
GS716Tv2 and GS724Tv3 Software Administration Manual Index A Alert 6-18, 6-20 authentication enable 1-15 C Certificate 5-18 ... Global 3-32 Green Ethernet 2-15 HTTP 5-15 IGMP Snooping 3-32 LACP 3-8 LACP Port 3-9 LAG 3-5 LLDP 2-23 MAC Filter 5-30 Management Access 5-15 MST Port 3-27 Network Settings on the Administrative System 1-6 password 5-2 Port Security 5-34 Port VLAN ID 3-14 QoS 4-1 ...Debug 6-18, 6-20 Default Gateway 2-4 defaults A-1 CoS B-6 factory 5-2 DES 1-15 Device View 1-13 DoS 2-13 download a file 7-8 files via HTTP 7-6 from a remote system 7-5 software 7-6 v1.0, July 2009 Index-1
GS716Tv2/GS724Tv3 Software Admin Manual
Page 244
...GS724Tv3 Software Administration Manual Dual Image Status 7-12 E EAP 6-12 EAPOL 6-13 Emergency 6-18, 6-20 Error 6-18, 6-20 F file management 7-10 firmware upgrade 1-7 G getting started 1-1 Green Ethernet 2-15 H Help HTML-based 1-12 HTML 1-11 HTTP 5-15 over an encrypted Secure Sockets Layer 5-16 Secure 5-15 HTTP File Download... Settings 2-24 M MAC 2-2, 2-29, 3-3, 3-24, 3-32 ACL 5-40 Address Table 3-50 bridge identifier 3-27 CPU Management Interface 1-16 Dynamic Address 3-49 Filter Summary 5-32 MFDB Table 3-37 multicast destination 3-35 Rules 5-42 Searching Address Table 3-47 Static Address 3-52...
...GS724Tv3 Software Administration Manual Dual Image Status 7-12 E EAP 6-12 EAPOL 6-13 Emergency 6-18, 6-20 Error 6-18, 6-20 F file management 7-10 firmware upgrade 1-7 G getting started 1-1 Green Ethernet 2-15 H Help HTML-based 1-12 HTML 1-11 HTTP 5-15 over an encrypted Secure Sockets Layer 5-16 Secure 5-15 HTTP File Download... Settings 2-24 M MAC 2-2, 2-29, 3-3, 3-24, 3-32 ACL 5-40 Address Table 3-50 bridge identifier 3-27 CPU Management Interface 1-16 Dynamic Address 3-49 Filter Summary 5-32 MFDB Table 3-37 multicast destination 3-35 Rules 5-42 Searching Address Table 3-47 Static Address 3-52...