Manual
Table Of Contents
- Table of Contents
- List of Figures
- Preface
- Chapter 1
- Overview
- Section I
- Basic Operations
- Chapter 2
- Starting a Local or Telnet Management Session
- Chapter 3
- Enhanced Stacking
- Chapter 4
- Basic Switch Parameters
- When Does a Switch Need an IP Address?
- Configuring an IP Address and Switch Name
- Activating the BOOTP and DHCP Client Software
- Rebooting a Switch
- Configuring the Manager and Operator Passwords
- Setting the System Time
- Configuring the Console Startup Mode
- Configuring the Console Timer
- Enabling or Disabling the Telnet Server
- Setting the Baud Rate of the RS-232 Terminal Port
- Pinging a Remote System
- Returning the AT-S62 Software to the Factory Default Values
- Viewing System Hardware and Software Information
- Setting the Switch’s Temperature Threshold
- Chapter 5
- SNMPv1 and SNMPv2c Configuration
- Chapter 6
- Port Parameters
- Chapter 7
- MAC Address Table
- Chapter 8
- Port Trunking
- Chapter 9
- Port Mirroring
- Chapter 10
- Ethernet Statistics
- Section II
- Advanced Operations
- Chapter 11
- File System
- Chapter 12
- File Downloads and Uploads
- Chapter 13
- Event Log
- Chapter 14
- Quality of Service
- Chapter 15
- IGMP Snooping
- Chapter 16
- Denial of Service Defense
- Section III
- SNMPv3 Operations
- Chapter 17
- SNMPv3 Configuration
- SNMPv3 Overview
- Configuring the SNMPv3 Protocol
- Configuring the SNMPv3 User Table
- Configuring the SNMPv3 View Table
- Configuring the SNMPv3 Access Table
- Configuring the SNMPv3 SecurityToGroup Table
- Configuring the SNMPv3 Notify Table
- Configuring the SNMPv3 Target Address Table
- Configuring the SNMPv3 Target Parameters Table
- Configuring the SNMPv3 Community Table
- Displaying SNMPv3 Table Menus
- Displaying the Display SNMPv3 User Table Menu
- Displaying the Display SNMPv3 View Table Menu
- Displaying the Display SNMPv3 Access Table Menu
- Displaying the Display SNMPv3 SecurityToGroup Table Menu
- Displaying the Display SNMPv3 Notify Table Menu
- Displaying the Display SNMPv3 Target Address Table Menu
- Displaying the Display SNMPv3 Target Parameters Table Menu
- Displaying the Display SNMPv3 Community Table Menu
- Section IV
- Spanning Tree Protocols
- Chapter 18
- Spanning Tree and Rapid Spanning Tree Protocols
- Chapter 19
- Multiple Spanning Tree Protocol
- Section V
- Virtual LANs
- Chapter 20
- Tagged and Port-based Virtual LANs
- VLAN Overview
- Port-based VLAN Overview
- Tagged VLAN Overview
- Creating a Port-based or Tagged VLAN
- Example of Creating a Port-based VLAN
- Example of Creating a Tagged VLAN
- Modifying a VLAN
- Displaying VLANs
- Deleting a VLAN
- Deleting All VLANs
- Displaying PVIDs and Port Priorities
- Enabling or Disabling Ingress Filtering
- Specifying a Management VLAN
- Chapter 21
- GARP VLAN Registration Protocol
- Chapter 22
- Multiple VLAN Modes
- Section VI
- Port Security
- Section VII
- Management Security
- Chapter 25
- Web Server
- Chapter 26
- Encryption Keys
- Chapter 27
- Public Key Infrastructure Certificates
- Chapter 28
- Secure Shell (SSH) Protocol
- Chapter 29
- RADIUS and TACACS+ Authentication Protocols
- Chapter 30
- Management Access Control List
- Section VIII
- Web Browser Management
- Chapter 31
- Starting a Web Browser Management Session
- Chapter 32
- Enhanced Stacking
- Chapter 33
- Basic Switch Parameters
- Chapter 34
- SNMPv1 and SNMPv2c Community Strings
- Chapter 35
- Port Parameters
- Chapter 36
- MAC Address Table
- Chapter 37
- Port Trunking
- Chapter 38
- Port Mirroring
- Chapter 39
- File Downloads and Uploads
- Chapter 40
- Event Log
- Chapter 41
- Quality of Service
- Chapter 42
- IGMP Snooping
- Chapter 43
- Denial of Service Defense
- Chapter 44
- SNMPv3 Protocol
- Configuring the SNMPv3 Protocol
- Enabling the SNMP Protocol
- Configuring the SNMPv3 User Table
- Configuring the SNMPv3 View Table
- Configuring the SNMPv3 Access Table
- Configuring the SNMPv3 SecurityToGroup Table
- Configuring the SNMPv3 Notify Table
- Configuring the SNMPv3 Target Address Table
- Configuring the SNMPv3 Target Parameters Table
- Configuring the SNMPv3 Community Table
- Displaying SNMPv3 Tables
- Chapter 45
- STP, RSTP, and MSTP
- Chapter 46
- Virtual LANs
- Chapter 47
- GARP VLAN Registration Protocol
- Chapter 48
- MAC Address Security
- Chapter 49
- 802.1x Port-based Access Control
- Chapter 50
- Secure Shell Protocol
- Chapter 51
- Encryption Keys, PKI, and SSL
- Chapter 52
- RADIUS and TACACS+ Authentication Protocols
- Chapter 53
- Management Access Control List
- Appendix A
- AT-S62 Default Settings
- Basic Switch Default Settings
- Enhanced Stacking Default Setting
- SNMP Default Settings
- Port Configuration Default Settings
- Event Log Default Settings
- Quality of Service
- IGMP Snooping Default Settings
- Denial of Service Prevention Default Settings
- STP, RSTP, and MSTP Default Settings
- VLAN Default Settings
- GVRP Default Settings
- MAC Address Security Default Settings
- 802.1x Port-Based Network Access Control Default Settings
- Web Server Default Settings
- SSL Default Settings
- PKI Default Settings
- SSH Default Settings
- Server-Based Authentication Default Settings
- Management Access Control List Default Setting
- AT-S62 Default Settings
- Appendix B
- Index

AT-S62 User’s Guide
Section VII: Management Security 537
Generating an Enrollment Request
To request a certificate from a public or private CA, you need to generate
an enrollment request. The request contains the public key for the
certificate, a distinguished name, and other information. The request is
stored as a file with a “.csr” extension in the AT-S62 file system, from
where you can upload it onto your management workstation or FTP
server for submission to the CA. (For a review of all the steps to creating
an enrollment request and downloading a certificate from a CA onto a
switch, refer to General Steps for a Public or Private CA Certificate on
page 488.)
Please review the following before you perform the procedure:
❑ You must generate an encryption key pair before you can create
an enrollment request. For instructions, refer to Creating an
Encryption Key on page 500.
❑ During this procedure you are prompted to enter the ID number
of the encryption key pair you want to use to create the
enrollment request. If you have forgotten the ID number, refer to
Creating an Encryption Key on page 500 to view key ID numbers.
To generate an enrollment request, perform the following procedure:
1. From the Main Menu, type 7 to select Security and Services.
2. From the Security and Services menu, type 4 to select the
Keys/Certificates Configuration menu.
3. From the Keys/Certificates Configuration menu, type 1 to select
Switch Distinguished Name (DN) and, when prompted, enter a name.
An enrollment request must have a distinguished name. For
information, refer to Distinguished Names on page 512.
4. From the Keys/Certificates Configuration menu, type 3 to select
Public Key Infrastructure (PKI) Configuration.
The Public Key Infrastructure (PKI) Configuration menu is shown
in Figure 169 on page 525.