Manual

ManualsBrandsAllied Telesis ManualsComputer HardwareAT-S62

521

522

523

524

525

526

527

528

529

530

Table Of Contents

Table of Contents
List of Figures
Preface
- How This Guide is Organized
- Document Conventions
- Where to Find Web-based Guides
- Contacting Allied Telesyn
- Management Software Updates
Chapter 1
Overview
- Management Overview
- Local Management Session
- Telnet Management Session
- Web Browser Management Session
- SNMP Management Session
- Management Access Levels
Section I
Basic Operations
- Chapter 2
- Starting a Local or Telnet Management Session
- Chapter 3
- Enhanced Stacking
- Chapter 4
- Basic Switch Parameters
- Chapter 5
- SNMPv1 and SNMPv2c Configuration
- Chapter 6
- Port Parameters
- Chapter 7
- MAC Address Table
- Chapter 8
- Port Trunking
- Chapter 9
- Port Mirroring
- Chapter 10
- Ethernet Statistics
  - Displaying Port Statistics
  - Clearing Port Counters
Section II
Advanced Operations
- Chapter 11
- File System
- Chapter 12
- File Downloads and Uploads
- Chapter 13
- Event Log
- Chapter 14
- Quality of Service
- Chapter 15
- IGMP Snooping
- Chapter 16
- Denial of Service Defense
  - Denial of Service Defense Overview
  - Enabling or Disabling Denial of Service Prevention
Section III
SNMPv3 Operations
- Chapter 17
- SNMPv3 Configuration
Section IV
Spanning Tree Protocols
- Chapter 18
- Spanning Tree and Rapid Spanning Tree Protocols
- Chapter 19
- Multiple Spanning Tree Protocol
Section V
Virtual LANs
- Chapter 20
- Tagged and Port-based Virtual LANs
- Chapter 21
- GARP VLAN Registration Protocol
- Chapter 22
- Multiple VLAN Modes
Section VI
Port Security
- Chapter 23
- MAC Address Security
- Chapter 24
- 802.1x Port-based Access Control
Section VII
Management Security
- Chapter 25
- Web Server
  - Web Server Overview
    - Supported Protocols
    - General Steps to Configuring the Web Server for Encryption
  - Configuring the Web Server
- Chapter 26
- Encryption Keys
- Chapter 27
- Public Key Infrastructure Certificates
- Chapter 28
- Secure Shell (SSH) Protocol
- Chapter 29
- RADIUS and TACACS+ Authentication Protocols
  - TACACS+ and RADIUS Overview
    - Guidelines
  - Configuring Authentication Protocol Settings
    - Displaying RADIUS Status and Settings
- Chapter 30
- Management Access Control List
Section VIII
Web Browser Management
- Chapter 31
- Starting a Web Browser Management Session
  - Starting a Web Browser Management Session
    - Browser Tools
  - Saving Your Parameter Changes
  - Quitting a Web Browser Management Session
- Chapter 32
- Enhanced Stacking
  - Setting a Switch’s Enhanced Stacking Status
  - Selecting a Switch in an Enhanced Stack
    - Returning to the Master Switch
  - Displaying the Enhanced Stacking Status
- Chapter 33
- Basic Switch Parameters
  - Configuring an IP Address and Switch Name
  - Activating the BOOTP and DHCP Client Software
  - Displaying System Information
  - Configuring the Manager and Operator Passwords
  - Rebooting a Switch
  - Pinging a Remote System
  - Returning the AT-S62 Software to the Factory Default Values
- Chapter 34
- SNMPv1 and SNMPv2c Community Strings
  - Enabling or Disabling SNMP Management
  - Creating a New SNMPv1 or SNMPv2c Community String
  - Modifying a Community String
  - Deleting a Community String
  - Displaying the SNMP Status and Community Strings
- Chapter 35
- Port Parameters
  - Configuring Port Parameters
  - Displaying Port Status and Statistics
- Chapter 36
- MAC Address Table
  - Displaying the MAC Address Table
  - Adding Static Unicast and Multicast MAC Addresses
  - Deleting Unicast and Multicast MAC Addresses
  - Changing the Aging Time
- Chapter 37
- Port Trunking
  - Creating a Port Trunk
  - Modifying a Port Trunk
  - Deleting a Port Trunk
  - Displaying the Port Trunks
- Chapter 38
- Port Mirroring
  - Creating a Port Mirror
  - Modifying or Disabling a Port Mirror
  - Deleting a Port Mirror
  - Displaying the Port Mirror
- Chapter 39
- File Downloads and Uploads
  - Downloading a File
  - Uploading a File
- Chapter 40
- Event Log
  - Enabling or Disabling the Event Log
  - Displaying Events
  - Saving the Event Log
  - Clearing the Event Log
- Chapter 41
- Quality of Service
  - Configuring CoS
  - Mapping CoS Priorities to Egress Queues
  - Configuring Egress Scheduling
  - Displaying the CoS Settings
  - Displaying QoS Scheduling
- Chapter 42
- IGMP Snooping
  - Configuring IGMP Snooping
  - Displaying a List of Host Nodes and Multicast Routers
- Chapter 43
- Denial of Service Defense
  - Configuring Denial of Service Attack Defense
  - Displaying the DoS Settings
- Chapter 44
- SNMPv3 Protocol
  - Configuring the SNMPv3 Protocol
  - Enabling the SNMP Protocol
  - Configuring the SNMPv3 User Table
  - Configuring the SNMPv3 View Table
  - Configuring the SNMPv3 Access Table
  - Configuring the SNMPv3 SecurityToGroup Table
  - Configuring the SNMPv3 Notify Table
  - Configuring the SNMPv3 Target Address Table
  - Configuring the SNMPv3 Target Parameters Table
  - Configuring the SNMPv3 Community Table
  - Displaying SNMPv3 Tables
- Chapter 45
- STP, RSTP, and MSTP
  - Enabling or Disabling Spanning Tree
  - Configuring STP
  - Configuring RSTP
  - Configuring MSTP
  - Displaying Spanning Tree Settings
- Chapter 46
- Virtual LANs
  - Creating a New Port-Based or Tagged VLAN
  - Modifying a Port-Based or Tagged VLAN
  - Deleting a Port-Based or Tagged VLAN
  - Displaying VLANs
  - Selecting a VLAN Mode
  - Specifying a Management VLAN
- Chapter 47
- GARP VLAN Registration Protocol
  - Configuring GVRP
  - Enabling or Disabling GVRP on a Port
  - Displaying the GVRP Settings
- Chapter 48
- MAC Address Security
  - Displaying MAC Address Security Levels
- Chapter 49
- 802.1x Port-based Access Control
  - Enabling and Disabling Port-based Access Control
  - Setting Port Roles
  - Configuring Authenticator Port Parameters
  - Configuring Supplicant Port Parameters
  - Displaying the Port-based Access Control Settings
- Chapter 50
- Secure Shell Protocol
  - Configuring the SSH Server
  - Displaying SSH Information
- Chapter 51
- Encryption Keys, PKI, and SSL
  - Displaying Encryption Keys
  - Displaying PKI Settings and Certificates
  - Displaying the SSL Settings
- Chapter 52
- RADIUS and TACACS+ Authentication Protocols
  - Configuring RADIUS and TACACS+
  - Displaying the RADIUS or TACSACS+ Settings
- Chapter 53
- Management Access Control List
  - Creating a Management ACL
  - Adding or Deleting an ACE
  - Displaying the Management ACL
Appendix A
- AT-S62 Default Settings
Appendix B
- SNMPv3 Configuration Examples
  - SNMPv3 Configuration Examples
Index
- Numerics
- A
- B
- C
- D
- E
- F
- G
- H
- I
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X

Chapter 27: Public Key Infrastructure Certificates

Section VII: Management Security 524

Creating a Self-signed Certificate

This section contains the procedure for creating a self-signed certificate.

Please review the following before you perform the procedure:

❑ For a general review of all the steps to configuring the switch for

a self-signed certificate, refer to General Steps for a Self-signed

Certificate on page 488.)

❑ The switch’s time and date must be set before you create a self-

signed certificate. You can set this manually or you can configure

the switch to obtain the date and time from an SNTP server on

your network or the Internet. For instructions, refer to Setting the

System Time on page 67.

❑ You must generate an encryption key pair before you create a

certificate. For instructions, refer to Creating an Encryption Key on

page 500.

❑ During this procedure you are prompted to enter the ID number

of the encryption key pair you want to use to create the certificate.

If you have forgotten the ID number, refer to Creating an

Encryption Key on page 500 to view key ID numbers.

To create a self-signed certificate, perform the following procedure:

1. From the Main Menu, type 7 to select Security and Services.

The Security and Services menu is shown in Figure 55 on page

196.

2. From the Security and Services menu, type 4 to select

Keys/Certificates Configuration.

The Keys/Certificates Configuration menu is shown in Figure 164

on page 500.

Note

The certificate must have a distinguished name. You can specify the

distinguished name for the certificate from this menu by selecting

option 1 - Distinguished Name in the Keys/Certificates

Configuration menu and entering the name. Or, you can wait and

specify the distinguished name later in this procedure. For

information about distinguished names, refer to Distinguished

Names on page 512.