GS716Tv2/GS724Tv3 Software Admin Manual
Page 8
GS716Tv2 and GS724Tv3 Software Administration Manual Chapter 5 Managing Device Security Management Security Settings 5-1 Change Password ...5-2 RADIUS Configuration 5-3 Configuring TACACS 5-10 Authentication List Configuration 5-13 Configuring Management Access 5-15 HTTP Configuration 5-15 Secure HTTP Configuration 5-16 Certificate Download 5-18 Access Profile Configuration 5-19 Access Rule Configuration 5-21 Port Authentication ...5-22 802.1X Configuration 5-23 Port Authentication 5-24...
GS716Tv2 and GS724Tv3 Software Administration Manual Chapter 5 Managing Device Security Management Security Settings 5-1 Change Password ...5-2 RADIUS Configuration 5-3 Configuring TACACS 5-10 Authentication List Configuration 5-13 Configuring Management Access 5-15 HTTP Configuration 5-15 Secure HTTP Configuration 5-16 Certificate Download 5-18 Access Profile Configuration 5-19 Access Rule Configuration 5-21 Port Authentication ...5-22 802.1X Configuration 5-23 Port Authentication 5-24...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 9
... Configuration to Defaults 7-2 Upload File From Switch 7-3 Uploading Files ...7-5 Download File To Switch 7-5 TFTP File Download 7-6 HTTP File Download 7-8 File Management ...7-10 Dual Image Configuration 7-10 Viewing the Dual Image Status 7-12 Troubleshooting ...7-13 Ping ...7-13 TraceRoute ...7-14 Appendix A Hardware Specifications and Default Values GS7xxT Gigabit Smart Switch Specifications A-1 GS7xxTR Gigabit Smart Switch Features and Defaults A-2 ix v1.0, July 2009
... Configuration to Defaults 7-2 Upload File From Switch 7-3 Uploading Files ...7-5 Download File To Switch 7-5 TFTP File Download 7-6 HTTP File Download 7-8 File Management ...7-10 Dual Image Configuration 7-10 Viewing the Dual Image Status 7-12 Troubleshooting ...7-13 Ping ...7-13 TraceRoute ...7-14 Appendix A Hardware Specifications and Default Values GS7xxT Gigabit Smart Switch Specifications A-1 GS7xxTR Gigabit Smart Switch Features and Defaults A-2 ix v1.0, July 2009
GS716Tv2/GS724Tv3 Software Admin Manual
Page 23
... GS716T/GS724T Gigabit Smart Switch is upgradeable, enabling your firmware: 1. Click Password Change from computer to 20 ASCII characters. Note: Password Change is not at the application level, i.e. You can also upgrade the firmware using the TFTP Download and HTTP Download features mentioned in this process, you are described below. GS716Tv2 and GS724Tv3 Software Administration...
... GS716T/GS724T Gigabit Smart Switch is upgradeable, enabling your firmware: 1. Click Password Change from computer to 20 ASCII characters. Note: Password Change is not at the application level, i.e. You can also upgrade the firmware using the TFTP Download and HTTP Download features mentioned in this process, you are described below. GS716Tv2 and GS724Tv3 Software Administration...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 141
... and GS724Tv3 Software Administration Manual Configuring Management Access From the Access page, you can also configure Access Control Profiles and Access Rules. Click the Security tab, then click Access, and then click the HTTP HTTP Configuration link. Figure 5-9 Managing Device ...Security v1.0, July 2009 5-15 To access the HTTP Configuration page: 1. The Security Access tab contains the following folders: • "HTTP Configuration" on page 5-15 • "Secure HTTP Configuration" on page 5-16 • "Certificate Download" on page...
... and GS724Tv3 Software Administration Manual Configuring Management Access From the Access page, you can also configure Access Control Profiles and Access Rules. Click the Security tab, then click Access, and then click the HTTP HTTP Configuration link. Figure 5-9 Managing Device ...Security v1.0, July 2009 5-15 To access the HTTP Configuration page: 1. The Security Access tab contains the following folders: • "HTTP Configuration" on page 5-15 • "Secure HTTP Configuration" on page 5-16 • "Certificate Download" on page...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 143
... value is shown when the Web page is disabled. Enables or Disables Secure Sockets Layer Version 3.0. Managing Device Security v1.0, July 2009 5-17 You can only download SSL certificates when the HTTPS Admin mode is displayed. The currently configured value is shown when the ... Port HTTPS Session Soft Timeout Description Enables or Disables the Administrative Mode of 1- 65535. The default value is displayed. GS716Tv2 and GS724Tv3 Software Administration Manual Figure 5-10 Table 5-12. The default value is the default value. Port 443 is 5 minutes. The default value is...
... value is shown when the Web page is disabled. Enables or Disables Secure Sockets Layer Version 3.0. Managing Device Security v1.0, July 2009 5-17 You can only download SSL certificates when the HTTPS Admin mode is displayed. The currently configured value is shown when the ... Port HTTPS Session Soft Timeout Description Enables or Disables the Administrative Mode of 1- 65535. The default value is displayed. GS716Tv2 and GS724Tv3 Software Administration Manual Figure 5-10 Table 5-12. The default value is the default value. Port 443 is 5 minutes. The default value is...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 144
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-12. The value must be in the range of HTTPS sessions. The currently configured value is shown when the Web page is 24 hours. You can generate a certificate externally (i.e., off-line) and download it to ...5-18 v1.0, July 2009 Managing Device Security To display the Certificate Download page, click Security Access, and then click the HTTPS Certificate Download link. The value must be in the correct format. • The switch has a path to download from a management station, the Web server ...
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-12. The value must be in the range of HTTPS sessions. The currently configured value is shown when the Web page is 24 hours. You can generate a certificate externally (i.e., off-line) and download it to ...5-18 v1.0, July 2009 Managing Device Security To display the Certificate Download page, click Security Access, and then click the HTTPS Certificate Download link. The value must be in the correct format. • The switch has a path to download from a management station, the Web server ...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 145
... the switch. 3. Click Cancel to the switch. To access the Access Profile Configuration page: Managing Device Security v1.0, July 2009 5-19 The factory default is blank. 2. You may enter up to the switch. The...of SSL certificate to download, which can be downloaded is available on the screen to download. Enter the IP address of the TFTP server in x.x.x.x format. Make sure that control management access to 32 ...Parameter PEM File: SSL Diffie- GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-13. Hellman Strong Encryption Parameter File (PEM Encoded).
... the switch. 3. Click Cancel to the switch. To access the Access Profile Configuration page: Managing Device Security v1.0, July 2009 5-19 The factory default is blank. 2. You may enter up to the switch. The...of SSL certificate to download, which can be downloaded is available on the screen to download. Enter the IP address of the TFTP server in x.x.x.x format. Make sure that control management access to 32 ...Parameter PEM File: SSL Diffie- GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-13. Hellman Strong Encryption Parameter File (PEM Encoded).
GS716Tv2/GS724Tv3 Software Admin Manual
Page 207
To access the Device Reboot page: 7-1 v1.0, July 2009 Chapter 7 Maintenance The Maintenance tab contains links to the following pages that help you manage the switch: • "Reset" on page 7-1 • "Upload File From Switch" on page 7-3 • "Download File To Switch" on page 7-5 • "File Management" on page 7-10 • "Troubleshooting" on page 7-13 Reset The Reset menu contains links to the following options: • "Rebooting the Switch" on page 7-1 • "Reset Configuration to Defaults" on page 7-2 Rebooting the Switch Use the Device Reboot page to reboot the system.
To access the Device Reboot page: 7-1 v1.0, July 2009 Chapter 7 Maintenance The Maintenance tab contains links to the following pages that help you manage the switch: • "Reset" on page 7-1 • "Upload File From Switch" on page 7-3 • "Download File To Switch" on page 7-5 • "File Management" on page 7-10 • "Troubleshooting" on page 7-13 Reset The Reset menu contains links to the following options: • "Rebooting the Switch" on page 7-1 • "Reset Configuration to Defaults" on page 7-2 Rebooting the Switch Use the Device Reboot page to reboot the system.
GS716Tv2/GS724Tv3 Software Admin Manual
Page 211
...Type, Server IP Address, and Transfer File Name (full path without TFTP server IP address) fields. 4. Download File To Switch The switch supports system file downloads from the switch to cancel the operation on the screen and reset the data on page 7-8 Maintenance 7-5 v1.0, July 2009...Download" on the screen to upload. If you are uploading a GS716T/GS724T image (Code), select the image on the TFTP server where you are uploading another type of the switch. The page will refresh automatically until the file transfer completes. The factory default is blank. GS716Tv2 and GS724Tv3...
...Type, Server IP Address, and Transfer File Name (full path without TFTP server IP address) fields. 4. Download File To Switch The switch supports system file downloads from the switch to cancel the operation on the screen and reset the data on page 7-8 Maintenance 7-5 v1.0, July 2009...Download" on the screen to upload. If you are uploading a GS716T/GS724T image (Code), select the image on the TFTP server where you are uploading another type of the switch. The page will refresh automatically until the file transfer completes. The factory default is blank. GS716Tv2 and GS724Tv3...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 212
You can also download files via HTTP. Figure 7-4 7-6 Maintenance v1.0, July 2009 See "HTTP File Download" on page 7-8 for additional information. Click Maintenance Download TFTP File Download in the navigation tree. GS716Tv2 and GS724Tv3 Software Administration Manual TFTP File Download Use the Download File to Switch page to download device software, the image file, the configuration files and SSL files from a TFTP server to the switch. To access the TFTP File Download page: 1.
You can also download files via HTTP. Figure 7-4 7-6 Maintenance v1.0, July 2009 See "HTTP File Download" on page 7-8 for additional information. Click Maintenance Download TFTP File Download in the navigation tree. GS716Tv2 and GS724Tv3 Software Administration Manual TFTP File Download Use the Download File to Switch page to download device software, the image file, the configuration files and SSL files from a TFTP server to the switch. To access the TFTP File Download page: 1.
GS716Tv2/GS724Tv3 Software Admin Manual
Page 213
...needed without having to translate the contents for example, change the device name, serial number, IP address), and download it for another similar device (for Smart Switch to 32 characters. Maintenance 7-7 v1.0, July 2009 This field is only visible when Code is blank. The...PEM Encoded). • SSL DH Strong Encryption Parameter PEM File: SSL Diffie-Hellman Strong Encryption Parameter File (PEM Encoded). GS716Tv2 and GS724Tv3 Software Administration Manual Table 7-2. while the other image stores a second copy. The factory default is a safety feature for faults occurring during...
...needed without having to translate the contents for example, change the device name, serial number, IP address), and download it for another similar device (for Smart Switch to 32 characters. Maintenance 7-7 v1.0, July 2009 This field is only visible when Code is blank. The...PEM Encoded). • SSL DH Strong Encryption Parameter PEM File: SSL Diffie-Hellman Strong Encryption Parameter File (PEM Encoded). GS716Tv2 and GS724Tv3 Software Administration Manual Table 7-2. while the other image stores a second copy. The factory default is a safety feature for faults occurring during...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 214
...the software is available on the TFTP server. 4. To display this page: 7-8 Maintenance v1.0, July 2009 After you download to the switch, see "File Management" on page 7-10. To activate a software image that you not overwrite the active image. Verify the IP address of... message appears. If you are trying to overwrite the active image. 3. GS716Tv2 and GS724Tv3 Software Administration Manual Downloading a File to the Switch Before you download a file to the switch, the following procedures to download a file from the TFTP server is on the server in the appropriate directory. •...
...the software is available on the TFTP server. 4. To display this page: 7-8 Maintenance v1.0, July 2009 After you download to the switch, see "File Management" on page 7-10. To activate a software image that you not overwrite the active image. Verify the IP address of... message appears. If you are trying to overwrite the active image. 3. GS716Tv2 and GS724Tv3 Software Administration Manual Downloading a File to the Switch Before you download a file to the switch, the following procedures to download a file from the TFTP server is on the server in the appropriate directory. •...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 215
...the code image you want to update the switch's configuration. You may enter up to initiate the file download. HTTP File Download Fields Field File Type Image Name Select File Description Specify the type of the switch. 3. Enter the path and filename or ...the navigation menu. Figure 7-5 Table 7-3. Click Maintenance Download HTTP File Download in flash (default). • Text Configuration: Choose this option to download, either image1 (the default) or image2. GS716Tv2 and GS724Tv3 Software Administration Manual 1. This field is only visible when Code...
...the code image you want to update the switch's configuration. You may enter up to initiate the file download. HTTP File Download Fields Field File Type Image Name Select File Description Specify the type of the switch. 3. Enter the path and filename or ...the navigation menu. Figure 7-5 Table 7-3. Click Maintenance Download HTTP File Download in flash (default). • Text Configuration: Choose this option to download, either image1 (the default) or image2. GS716Tv2 and GS724Tv3 Software Administration Manual 1. This field is only visible when Code...
GS716Tv2/GS724Tv3 Software Admin Manual
Page 226
GS716Tv2 and GS724Tv3 Software Administration Manual Table A-8. Other Features Feature Sets Supported IGMP snooping v1/v2 16 on GS716T/ 24 on GS724T (per port) Configurations upload/download 1 EAPoL flooding 16 on GS716T/ 24 on GS724T (per port) BPDU flooding 16 on GS716T/ 24 on GS724T (per port) Static multicast groups 8 Filter multicast control 1 Default Disabled N/A Disabled Disabled Disabled Disabled A-4 Hardware Specifications and Default Values v1.0, July 2009
GS716Tv2 and GS724Tv3 Software Administration Manual Table A-8. Other Features Feature Sets Supported IGMP snooping v1/v2 16 on GS716T/ 24 on GS724T (per port) Configurations upload/download 1 EAPoL flooding 16 on GS716T/ 24 on GS724T (per port) BPDU flooding 16 on GS716T/ 24 on GS724T (per port) Static multicast groups 8 Filter multicast control 1 Default Disabled N/A Disabled Disabled Disabled Disabled A-4 Hardware Specifications and Default Values v1.0, July 2009
GS716Tv2/GS724Tv3 Software Admin Manual
Page 243
GS716Tv2 and GS724Tv3 Software Administration Manual Index A Alert 6-18, 6-20 authentication enable 1-15 C Certificate 5-18 ... Global 3-32 Green Ethernet 2-15 HTTP 5-15 IGMP Snooping 3-32 LACP 3-8 LACP Port 3-9 LAG 3-5 LLDP 2-23 MAC Filter 5-30 Management Access 5-15 MST Port 3-27 Network Settings on the Administrative System 1-6 password 5-2 Port Security 5-34 Port VLAN ID 3-14 QoS 4-1 ...Debug 6-18, 6-20 Default Gateway 2-4 defaults A-1 CoS B-6 factory 5-2 DES 1-15 Device View 1-13 DoS 2-13 download a file 7-8 files via HTTP 7-6 from a remote system 7-5 software 7-6 v1.0, July 2009 Index-1
GS716Tv2 and GS724Tv3 Software Administration Manual Index A Alert 6-18, 6-20 authentication enable 1-15 C Certificate 5-18 ... Global 3-32 Green Ethernet 2-15 HTTP 5-15 IGMP Snooping 3-32 LACP 3-8 LACP Port 3-9 LAG 3-5 LLDP 2-23 MAC Filter 5-30 Management Access 5-15 MST Port 3-27 Network Settings on the Administrative System 1-6 password 5-2 Port Security 5-34 Port VLAN ID 3-14 QoS 4-1 ...Debug 6-18, 6-20 Default Gateway 2-4 defaults A-1 CoS B-6 factory 5-2 DES 1-15 Device View 1-13 DoS 2-13 download a file 7-8 files via HTTP 7-6 from a remote system 7-5 software 7-6 v1.0, July 2009 Index-1
GS716Tv2/GS724Tv3 Software Admin Manual
Page 244
...GS724Tv3 Software Administration Manual Dual Image Status 7-12 E EAP 6-12 EAPOL 6-13 Emergency 6-18, 6-20 Error 6-18, 6-20 F file management 7-10 firmware upgrade 1-7 G getting started 1-1 Green Ethernet 2-15 H Help HTML-based 1-12 HTML 1-11 HTTP 5-15 over an encrypted Secure Sockets Layer 5-16 Secure 5-15 HTTP File Download... Settings 2-24 M MAC 2-2, 2-29, 3-3, 3-24, 3-32 ACL 5-40 Address Table 3-50 bridge identifier 3-27 CPU Management Interface 1-16 Dynamic Address 3-49 Filter Summary 5-32 MFDB Table 3-37 multicast destination 3-35 Rules 5-42 Searching Address Table 3-47 Static Address 3-52...
...GS724Tv3 Software Administration Manual Dual Image Status 7-12 E EAP 6-12 EAPOL 6-13 Emergency 6-18, 6-20 Error 6-18, 6-20 F file management 7-10 firmware upgrade 1-7 G getting started 1-1 Green Ethernet 2-15 H Help HTML-based 1-12 HTML 1-11 HTTP 5-15 over an encrypted Secure Sockets Layer 5-16 Secure 5-15 HTTP File Download... Settings 2-24 M MAC 2-2, 2-29, 3-3, 3-24, 3-32 ACL 5-40 Address Table 3-50 bridge identifier 3-27 CPU Management Interface 1-16 Dynamic Address 3-49 Filter Summary 5-32 MFDB Table 3-37 multicast destination 3-35 Rules 5-42 Searching Address Table 3-47 Static Address 3-52...