Owner manual
Table Of Contents
- Contents
- Tables
- Preface
- Section I
- Basic Operations
- Chapter 1
- Starting a Command Line Management Session
- Chapter 2
- Basic Command Line Commands
- Chapter 3
- Basic Switch Commands
- DISABLE DHCPBOOTP
- DISABLE IP REMOTEASSIGN
- DISABLE TELNET
- ENABLE BOOTP
- ENABLE DHCP
- ENABLE IP REMOTEASSIGN
- ENABLE TELNET
- PING
- PURGE IP
- RESET SWITCH
- RESET SYSTEM
- RESTART REBOOT
- RESTART SWITCH
- SET ASYN
- SET IP INTERFACE
- SET IP ROUTE
- SET PASSWORD MANAGER
- SET PASSWORD OPERATOR
- SET SWITCH CONSOLETIMER
- SET SYSTEM
- SET TELNET INSERTNULL
- SET USER PASSWORD
- SHOW ASYN
- SHOW CONFIG DYNAMIC
- SHOW CONFIG INFO
- SHOW DHCPBOOTP
- SHOW IP INTERFACE
- SHOW IP ROUTE
- SHOW SWITCH
- SHOW SYSTEM
- Chapter 4
- Enhanced Stacking Commands
- Chapter 5
- Simple Network Time Protocol (SNTP) Commands
- Chapter 6
- SNMPv2 and SNMPv2c Commands
- Chapter 7
- Port Parameter Commands
- Chapter 8
- Port Statistics Commands
- Chapter 9
- MAC Address Table Commands
- Chapter 10
- Static Port Trunking Commands
- Chapter 11
- LACP Port Trunking Commands
- Chapter 12
- Port Mirroring Commands
- Chapter 13
- Networking Stack
- Section II
- Advanced Operations
- Chapter 14
- File System Commands
- Chapter 15
- File Download and Upload Commands
- Chapter 16
- Event Log and Syslog Server Commands
- Chapter 17
- Classifier Commands
- Chapter 18
- Access Control List Commands
- Chapter 19
- Class of Service (CoS) Commands
- Chapter 20
- Quality of Service (QoS) Commands
- ADD QOS FLOWGROUP
- ADD QOS POLICY
- ADD QOS TRAFFICCLASS
- CREATE QOS FLOWGROUP
- CREATE QOS POLICY
- CREATE QOS TRAFFICCLASS
- DELETE QOS FLOWGROUP
- DELETE QOS POLICY
- DELETE QOS TRAFFICCLASS
- DESTROY QOS FLOWGROUP
- DESTROY QOS POLICY
- DESTROY QOS TRAFFICCLASS
- PURGE QOS
- SET QOS FLOWGROUP
- SET QOS POLICY
- SET QOS PORT
- SET QOS TRAFFICCLASS
- SHOW QOS FLOWGROUP
- SHOW QOS POLICY
- SHOW QOS TRAFFICCLASS
- Chapter 21
- Denial of Service Defense Commands
- Section III
- IGMP Snooping, MLD Snooping, and RRP Snooping
- Chapter 22
- IGMP Snooping Commands
- Chapter 23
- MLD Snooping Commands
- Chapter 24
- RRP Snooping Commands
- Section IV
- SNMPv3
- Chapter 25
- SNMPv3 Commands
- ADD SNMPV3 USER
- CLEAR SNMPV3 ACCESS
- CLEAR SNMPV3 COMMUNITY
- CLEAR SNMPV3 NOTIFY
- CLEAR SNMPV3 TARGETADDR
- CLEAR SNMPV3 VIEW
- CREATE SNMPV3 ACCESS
- CREATE SNMPV3 COMMUNITY
- CREATE SNMPV3 GROUP
- CREATE SNMPV3 NOTIFY
- CREATE SNMPV3 TARGETADDR
- CREATE SNMPV3 TARGETPARAMS
- CREATE SNMPV3 VIEW
- DELETE SNMPV3 USER
- DESTROY SNMPv3 ACCESS
- DESTROY SNMPv3 COMMUNITY
- DESTROY SNMPv3 GROUP
- DESTROY SNMPv3 NOTIFY
- DESTROY SNMPv3 TARGETADDR
- DESTROY SNMPv3 TARGETPARMS
- DESTROY SNMPV3 VIEW
- PURGE SNMPV3 ACCESS
- PURGE SNMPV3 COMMUNITY
- PURGE SNMPV3 NOTIFY
- PURGE SNMPV3 TARGETADDR
- PURGE SNMPV3 VIEW
- SET SNMPV3 ACCESS
- SET SNMPV3 COMMUNITY
- SET SNMPV3 GROUP
- SET SNMPV3 NOTIFY
- SET SNMPV3 TARGETADDR
- SET SNMPV3 TARGETPARAMS
- SET SNMPV3 USER
- SET SNMPV3 VIEW
- SHOW SNMPV3 ACCESS
- SHOW SNMPV3 COMMUNITY
- SHOW SNMPv3 GROUP
- SHOW SNMPV3 NOTIFY
- SHOW SNMPV3 TARGETADDR
- SHOW SNMPV3 TARGETPARAMS
- SHOW SNMPV3 USER
- SHOW SNMPV3 VIEW
- Section V
- Spanning Tree Protocols
- Chapter 26
- Spanning Tree Protocol Commands
- Chapter 27
- Rapid Spanning Tree Protocols Commands
- Chapter 28
- Multiple Spanning Tree Protocol Commands
- Section VI
- Virtual LANs
- Chapter 29
- Port-based, Tagged, and Multiple Mode VLAN Commands
- Chapter 30
- GARP VLAN Registration Protocol Commands
- Chapter 31
- Protected Ports VLAN Commands
- Chapter 32
- MAC Address-based VLAN Commands
- Section VII
- Port Security
- Chapter 33
- MAC Address-based Port Security Commands
- Chapter 34
- 802.1x Port-based Network Access Control Commands
- Section VIII
- Management Security
- Chapter 35
- Web Server Commands
- Chapter 36
- Encryption Key Commands
- Chapter 37
- Public Key Infrastructure (PKI) Certificate Commands
- Chapter 38
- Secure Sockets Layer (SSL) Commands
- Chapter 39
- Secure Shell (SSH) Commands
- Chapter 40
- TACACS+ and RADIUS Commands
- Chapter 41
- Management ACL Commands
- Index
AT-S63 Management Software Command Line Interface User’s Guide
Section VII: Port Security 589
set portaccess=8021x port=22 role=authenticator mode=multi
The following command assigns the Guest VLAN “Product_show” to
authenticator ports 5 and 12. The ports function as untagged members of
the VLAN and allow any network user access to the VLAN without logging
on. However, should a port start to receive EAPOL packets, it assumes
that a supplicant is initiating a log on and changes to the unauthorized
state. After the log on is completed, the port moves to its predefined VLAN:
set portaccess=8021x port=5,12 role=authenticator
guestvlan=product_show
The following command configures port 15 as an authenticator port. This
example assumes that the user accounts on the RADIUS server have
VLAN assignments. With the VLANASSIGNMENT parameter set to
enabled, the port processes the VLAN assignments it receives from the
RADIUS server. Had this parameter been disabled, the port would ignore
the VLAN assignments and leave the port in its predefined VLAN
assignment. The VLAN assignment of the port is determined by the initial
log on by a client. With the SECUREVLAN parameter set to enabled, only
those subsequent supplicants having the same VLAN assignment as the
initial supplicant are allowed to use the port:
set portaccess=8021x port=15 role=authenticator
mode=multiple vlanassignment=enabled securevlan=enabled
The following command sets port 7 to the authenticator role, the quiet
period on the port to 30 seconds, and the server timeout period to 200
seconds:
set portaccess=8021x port=7 role=authenticator
quietperiod=30 servtimeout=200
The following command configures authenticator port 5 to the multiple
operating mode:
set portaccess=8021x port=5 role=authenticator mode=multi
The following command configures authenticator port 5 to the single
operating mode and disables piggy backing:
set portaccess=8021x port=5 role=authenticator mode=single
piggyback=disabled
The following command disables port-based access control on ports 12
and 15:
set portaccess=8021x port=12,15 role=none