User Guide
Page 12
... ...37 3.3 LEDs ...37 Part II: Basic Configuration 39 Chapter 4 The Web Configurator ...41 4.1 Introduction ...41 4.2 System Login ...41 4.3 The Status Screen ...42 4.3.1 Change Your Password 48 4.4 Saving Your Configuration 48 4.5 Switch Lockout ...48 4.6 Resetting the Switch ...49 4.6.1 Reload the Configuration File 49 4.7 Logging Out of the Web Configurator 50 4.8 Help... 6.1.4 Troubleshooting ...63 Chapter 7 System Status and Port Statistics 65 7.1 Overview ...65 7.2 Port Status Summary ...65 7.2.1 Status: Port Details 67 Chapter 8 Basic Setting ...71 12 ES-2024 Series User's Guide
... ...37 3.3 LEDs ...37 Part II: Basic Configuration 39 Chapter 4 The Web Configurator ...41 4.1 Introduction ...41 4.2 System Login ...41 4.3 The Status Screen ...42 4.3.1 Change Your Password 48 4.4 Saving Your Configuration 48 4.5 Switch Lockout ...48 4.6 Resetting the Switch ...49 4.6.1 Reload the Configuration File 49 4.7 Logging Out of the Web Configurator 50 4.8 Help... 6.1.4 Troubleshooting ...63 Chapter 7 System Status and Port Statistics 65 7.1 Overview ...65 7.2 Port Status Summary ...65 7.2.1 Status: Port Details 67 Chapter 8 Basic Setting ...71 12 ES-2024 Series User's Guide
User Guide
Page 26
... be monitored and/or managed by all ports in the same VLAN as numbers and letters. • Write down the password and put it in a safe place. 26 ES-2024 Series User's Guide Ports can belong to configure advanced features. This is recommended for firmware upgrades and configuration backup/ ... can be part of the following things regularly to make the Switch more secure and to manage the Switch more effectively. • Change the password. Chapter 1 Getting to Know Your Switch Shared resources such as a server can be used by an SNMP manager. Line commands offer an alternative...
... be monitored and/or managed by all ports in the same VLAN as numbers and letters. • Write down the password and put it in a safe place. 26 ES-2024 Series User's Guide Ports can belong to configure advanced features. This is recommended for firmware upgrades and configuration backup/ ... can be part of the following things regularly to make the Switch more secure and to manage the Switch more effectively. • Change the password. Chapter 1 Getting to Know Your Switch Shared resources such as a server can be used by an SNMP manager. Line commands offer an alternative...
User Guide
Page 27
Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes. If you forget your last configuration. Chapter 1 Getting to Know Your Switch • Back up an earlier configuration file, you would not have to reset the Switch to restore it). If you backed up the configuration (and make sure you will have to totally re-configure the Switch. You could simply restore your password, you know how to its factory default settings. ES-2024 Series User's Guide 27
Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes. If you forget your last configuration. Chapter 1 Getting to Know Your Switch • Back up an earlier configuration file, you would not have to reset the Switch to restore it). If you backed up the configuration (and make sure you will have to totally re-configure the Switch. You could simply restore your password, you know how to its factory default settings. ES-2024 Series User's Guide 27
User Guide
Page 42
The date and time display as shown if you access the web configurator. 42 ES-2024 Series User's Guide The default username is admin and associated default password is the first screen that displays when you have not configured a time server nor manually entered a time and date in the General Setup screen. Figure 16 Web Configurator: Login 4 Click OK to view the first web configurator screen. 4.3 The Status Screen The Status screen is 1234. Chapter 4 The Web Configurator 3 The login screen appears.
The date and time display as shown if you access the web configurator. 42 ES-2024 Series User's Guide The default username is admin and associated default password is the first screen that displays when you have not configured a time server nor manually entered a time and date in the General Setup screen. Figure 16 Web Configurator: Login 4 Click OK to view the first web configurator screen. 4.3 The Status Screen The Status screen is 1234. Chapter 4 The Web Configurator 3 The login screen appears.
User Guide
Page 47
... logs and test port(s). Diagnostic This link takes you to screens where you can enable DiffServ and set DSCP-to-IEEE802.1p mappings. ES-2024 Series User's Guide 47 IP Application Static Route This link takes you to screens where you can configure the DHCP settings. DHCP...where you can configure protection against network loops that occur on the edge of your network. The external servers can change the system login password and configure SNMP and remote management. Access Control This link takes you to screens where you can be either RADIUS (Remote Authentication Dial-...
... logs and test port(s). Diagnostic This link takes you to screens where you can enable DiffServ and set DSCP-to-IEEE802.1p mappings. ES-2024 Series User's Guide 47 IP Application Static Route This link takes you to screens where you can configure the DHCP settings. DHCP...where you can configure protection against network loops that occur on the edge of your network. The external servers can change the system login password and configure SNMP and remote management. Access Control This link takes you to screens where you can be either RADIUS (Remote Authentication Dial-...
User Guide
Page 48
... Delete the management VLAN (default is turned off . Click Management > Access Control > Logins to nonvolatile memory. Figure 18 Change Administrator Login Password 4.4 Saving Your Configuration When you are done modifying the settings in a screen, click Apply to save your changes back to the Switch's ...storage that remains even if the Switch's power is VLAN 1). 48 ES-2024 Series User's Guide Nonvolatile memory refers to the run -time memory are done with a configuration session. 4.5 Switch Lockout You could ...
... Delete the management VLAN (default is turned off . Click Management > Access Control > Logins to nonvolatile memory. Figure 18 Change Administrator Login Password 4.4 Saving Your Configuration When you are done modifying the settings in a screen, click Apply to save your changes back to the Switch's ...storage that remains even if the Switch's power is VLAN 1). 48 ES-2024 Series User's Guide Nonvolatile memory refers to the run -time memory are done with a configuration session. 4.5 Switch Lockout You could ...
User Guide
Page 49
.... Chapter 4 The Web Configurator 2 Delete all port-based VLANs with 8 data bits, no parity, one stop bit and flow control set to none. ES-2024 Series User's Guide 49 The "CPU port" is the management port of the Switch. 4.6 Resetting the Switch If you will need to reload the... When you reconnect the Switch's power, you will see the initial screen. 3 When you will lose all services from the Switch or forget the administrator password, you see the message "Press any key to lock yourself and others ) from accessing the Switch. 8 Change a service port number but forget it. ...
.... Chapter 4 The Web Configurator 2 Delete all port-based VLANs with 8 data bits, no parity, one stop bit and flow control set to none. ES-2024 Series User's Guide 49 The "CPU port" is the management port of the Switch. 4.6 Resetting the Switch If you will need to reload the... When you reconnect the Switch's power, you will see the initial screen. 3 When you will lose all services from the Switch or forget the administrator password, you see the message "Press any key to lock yourself and others ) from accessing the Switch. 8 Change a service port number but forget it. ...
User Guide
Page 50
... configurator. This is recommended after you finish a management session for the "Starting XMODEM upload" message before activating XMODEM upload on your password again after you log out. Chapter 4 The Web Configurator 5 Wait for security reasons. Erasing OK sysname> atgo The Switch is shown... below. CCCCCCCCCCCCCCCC Total 49152 bytes received. Figure 20 Web Configurator: Logout Screen 50 ES-2024 Series User's Guide You have to log in with a default configuration file including the default password of "1234". 4.7 Logging Out of the Web Configurator Click Logout in a screen...
... configurator. This is recommended after you finish a management session for the "Starting XMODEM upload" message before activating XMODEM upload on your password again after you log out. Chapter 4 The Web Configurator 5 Wait for security reasons. Erasing OK sysname> atgo The Switch is shown... below. CCCCCCCCCCCCCCCC Total 49152 bytes received. Figure 20 Web Configurator: Logout Screen 50 ES-2024 Series User's Guide You have to log in with a default configuration file including the default password of "1234". 4.7 Logging Out of the Web Configurator Click Logout in a screen...
User Guide
Page 145
... Section 22.1.2 on page 174 for login information in which an authentication server validates access to a port based on a username and password provided by all operating systems. See your RADIUS server settings. 18.1.1 IEEE 802.1x Authentication The following figure illustrates how a client connecting to validate users. ... authentication uses the RADIUS (Remote Authentication Dial In User Service, RFC 2138, 2139) protocol to a IEEE 802.1x authentication enabled port goes through a validation process. ES-2024 Series User's Guide 145
... Section 22.1.2 on page 174 for login information in which an authentication server validates access to a port based on a username and password provided by all operating systems. See your RADIUS server settings. 18.1.1 IEEE 802.1x Authentication The following figure illustrates how a client connecting to validate users. ... authentication uses the RADIUS (Remote Authentication Dial In User Service, RFC 2138, 2139) protocol to a IEEE 802.1x authentication enabled port goes through a validation process. ES-2024 Series User's Guide 145
User Guide
Page 147
Use this row only if you make them. ES-2024 Series User's Guide 147 In the Port Authentication screen click 802... configuring it on each port. Specify how often a client has to re-enter his or her username and password to stay connected to the port. Note: You must first allow 802.1x authentication on the Switch before configuring... it on each port. Specify if a subscriber has to periodically re-enter his or her username and password to stay connected to the port. Select this check box to permit 802.1x authentication on this port. Table 38...
Use this row only if you make them. ES-2024 Series User's Guide 147 In the Port Authentication screen click 802... configuring it on each port. Specify how often a client has to re-enter his or her username and password to stay connected to the port. Note: You must first allow 802.1x authentication on the Switch before configuring... it on each port. Specify if a subscriber has to periodically re-enter his or her username and password to stay connected to the port. Select this check box to permit 802.1x authentication on this port. Table 38...
User Guide
Page 174
...you to validate an unlimited number of the device. TACACS+ RADIUS Transport Protocol UDP (User Datagram Protocol) Encryption Encrypts the password sent for authentication. Table 49 RADIUS vs. Figure 89 AAA Server 22.1.1 Local User Accounts By storing user profiles locally on...the Switch, your authentication server settings (RADIUS, TACACS+ or both) and then set up the authentication priority and accounting settings. 174 ES-2024 Series User's Guide TACACS+ TCP (Transmission Control Protocol) All communication between RADIUS and TACACS+. First, configure your Switch is encrypted...
...you to validate an unlimited number of the device. TACACS+ RADIUS Transport Protocol UDP (User Datagram Protocol) Encryption Encrypts the password sent for authentication. Table 49 RADIUS vs. Figure 89 AAA Server 22.1.1 Local User Accounts By storing user profiles locally on...the Switch, your authentication server settings (RADIUS, TACACS+ or both) and then set up the authentication priority and accounting settings. 174 ES-2024 Series User's Guide TACACS+ TCP (Transmission Control Protocol) All communication between RADIUS and TACACS+. First, configure your Switch is encrypted...
User Guide
Page 176
...when you want to alternate between the two RADIUS servers. Enter the IP address of an external RADIUS accounting server in dotted decimal notation. 176 ES-2024 Series User's Guide Check this section to configure your changes to save your RADIUS accounting server settings. This is not sent over the ... RADIUS server, if the RADIUS server does not respond then the Switch tries to do so. You need not change this screen afresh. Specify a password (up to 32 alphanumeric characters) as the key to be the same on the top navigation panel to the Switch's run-time memory. This key...
...when you want to alternate between the two RADIUS servers. Enter the IP address of an external RADIUS accounting server in dotted decimal notation. 176 ES-2024 Series User's Guide Check this section to configure your changes to save your RADIUS accounting server settings. This is not sent over the ... RADIUS server, if the RADIUS server does not respond then the Switch tries to do so. You need not change this screen afresh. Specify a password (up to 32 alphanumeric characters) as the key to be the same on the top navigation panel to the Switch's run-time memory. This key...
User Guide
Page 177
...Setup Use this box if you to configure your network administrator instructs you want to the Switch's run-time memory. Shared Secret Specify a password (up to 32 alphanumeric characters) as shown. Apply Click Apply to save your changes to remove an existing RADIUS accounting server entry from... the Switch. Figure 92 Advanced Application > AAA > TACACS+ Server Setup ES-2024 Series User's Guide 177 This key must be shared between the external RADIUS accounting server and the Switch. Click on the TACACS+...
...Setup Use this box if you to configure your network administrator instructs you want to the Switch's run-time memory. Shared Secret Specify a password (up to 32 alphanumeric characters) as shown. Apply Click Apply to save your changes to remove an existing RADIUS accounting server entry from... the Switch. Figure 92 Advanced Application > AAA > TACACS+ Server Setup ES-2024 Series User's Guide 177 This key must be shared between the external RADIUS accounting server and the Switch. Click on the TACACS+...
User Guide
Page 178
... the timeout value to be the same on the top navigation panel to save your changes to configure your TACACS+ authentication settings. Specify a password (up to 32 alphanumeric characters) as the key to 30 seconds, then the Switch waits for 15 seconds and then tries the second TACACS...of an external TACACS+ accounting server in this field. Chapter 22 AAA The following table describes the labels in dotted decimal notation. 178 ES-2024 Series User's Guide Specify the amount of an external TACACS+ server in seconds that the Switch waits for an authentication request response ...
... the timeout value to be the same on the top navigation panel to save your changes to configure your TACACS+ authentication settings. Specify a password (up to 32 alphanumeric characters) as the key to 30 seconds, then the Switch waits for 15 seconds and then tries the second TACACS...of an external TACACS+ accounting server in this field. Chapter 22 AAA The following table describes the labels in dotted decimal notation. 178 ES-2024 Series User's Guide Specify the amount of an external TACACS+ server in seconds that the Switch waits for an authentication request response ...
User Guide
Page 179
This key must be shared between the external TACACS+ accounting server and the Switch. Shared Secret Specify a password (up to 32 alphanumeric characters) as shown. Delete Check this screen to configure authentication and accounting settings on the Switch. Click on the ...Apply. Apply Click Apply to save your changes to the nonvolatile memory when you are done configuring. Figure 93 Advanced Application > AAA > AAA Setup ES-2024 Series User's Guide 179 This entry is not sent over the network. Cancel Click Cancel to begin configuring this screen afresh. 22.2.3 AAA ...
This key must be shared between the external TACACS+ accounting server and the Switch. Shared Secret Specify a password (up to 32 alphanumeric characters) as shown. Delete Check this screen to configure authentication and accounting settings on the Switch. Click on the ...Apply. Apply Click Apply to save your changes to the nonvolatile memory when you are done configuring. Figure 93 Advanced Application > AAA > AAA Setup ES-2024 Series User's Guide 179 This entry is not sent over the network. Cancel Click Cancel to begin configuring this screen afresh. 22.2.3 AAA ...
User Guide
Page 184
... Used for authentication. the format of the User-Name attribute is $enab#$, where # is set to Login Users User-Name User-Password NAS-Identifier NAS-IP-Address 22.3.1.3 Attributes Used by authentication and accounting functions on the Switch. Calling-Station-Id Frame-MTU EAP-Message... State Message-Authenticator 184 ES-2024 Series User's Guide This value is the privilege level (1-14) User-Password NAS-Identifier NAS-IP-Address 22.3.1.2 Attributes Used to Ethernet(15) on the Switch. Chapter ...
... Used for authentication. the format of the User-Name attribute is $enab#$, where # is set to Login Users User-Name User-Password NAS-Identifier NAS-IP-Address 22.3.1.3 Attributes Used by authentication and accounting functions on the Switch. Calling-Station-Id Frame-MTU EAP-Message... State Message-Authenticator 184 ES-2024 Series User's Guide This value is the privilege level (1-14) User-Password NAS-Identifier NAS-IP-Address 22.3.1.2 Attributes Used to Ethernet(15) on the Switch. Chapter ...
User Guide
Page 229
...computer. 28.8 FTP Command Line This section shows some examples of your computer under a filename of uploading to a computer using FTP commands. ES-2024 Series User's Guide 229 Figure 125 Management > Maintenance > Backup Configuration Follow the steps below to your choosing. Once you have customized...Click Save to save the file on . First, understand the filename conventions. 28.8.1 Filename Conventions The configuration file (also known as password, Switch setup, IP Setup, and so on your current Switch configuration to or downloading files from the Save in drop-down list box...
...computer. 28.8 FTP Command Line This section shows some examples of your computer under a filename of uploading to a computer using FTP commands. ES-2024 Series User's Guide 229 Figure 125 Management > Maintenance > Backup Configuration Follow the steps below to your choosing. Once you have customized...Click Save to save the file on . First, understand the filename conventions. 28.8.1 Filename Conventions The configuration file (also known as password, Switch setup, IP Setup, and so on your current Switch configuration to or downloading files from the Save in drop-down list box...
User Guide
Page 230
... This is "1234"). 5 Enter bin to set transfer mode to binary. 230 ES-2024 Series User's Guide Be sure you will need to rename them as the ... filename different than the source, you keep unaltered copies of both files for a username. 4 Enter your password as uploading the wrong model firmware may damage your device. 28.8.2 FTP Command Line Procedure 1 Launch the ...FTP client on your Switch configurations, system-related data (including the default password), the error log and the trace log. If your Switch. 3 Press [ENTER] when prompted for later...
... This is "1234"). 5 Enter bin to set transfer mode to binary. 230 ES-2024 Series User's Guide Be sure you will need to rename them as the ... filename different than the source, you keep unaltered copies of both files for a username. 4 Enter your password as uploading the wrong model firmware may damage your device. 28.8.2 FTP Command Line Procedure 1 Launch the ...FTP client on your Switch configurations, system-related data (including the default password), the error log and the trace log. If your Switch. 3 Press [ENTER] when prompted for later...
User Guide
Page 231
....8.4 FTP Restrictions FTP will work when: • FTP service is disabled in the Service Access Control screen. • The IP address(es) in GUIbased FTP clients. Likewise get config config.cfg transfers the configuration file on the Switch to your computer and renames it to exit... does not match, the Switch will disconnect the Telnet session immediately. and password is when a user I.D. Transfer Type Initial Remote Directory Initial Local Directory The server requires a unique User ID and Password to the server for GUI-based FTP Clients COMMAND DESCRIPTION Host Address Enter ...
....8.4 FTP Restrictions FTP will work when: • FTP service is disabled in the Service Access Control screen. • The IP address(es) in GUIbased FTP clients. Likewise get config config.cfg transfers the configuration file on the Switch to your computer and renames it to exit... does not match, the Switch will disconnect the Telnet session immediately. and password is when a user I.D. Transfer Type Initial Remote Directory Initial Local Directory The server requires a unique User ID and Password to the server for GUI-based FTP Clients COMMAND DESCRIPTION Host Address Enter ...
User Guide
Page 233
... console port access control session and Telnet access control session cannot coexist when multi-login is disabled. Figure 126 Management > Access Control ES-2024 Series User's Guide 233 See the CLI Reference Guide for more information on disabling multi-login. 29.2 The Access Control Main... Screen Click Management > Access Control in the navigation panel to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed. Table 77 Access Control Overview Console Port SSH Telnet FTP One session Share up...
... console port access control session and Telnet access control session cannot coexist when multi-login is disabled. Figure 126 Management > Access Control ES-2024 Series User's Guide 233 See the CLI Reference Guide for more information on disabling multi-login. 29.2 The Access Control Main... Screen Click Management > Access Control in the navigation panel to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed. Table 77 Access Control Overview Console Port SSH Telnet FTP One session Share up...