User Manual
Table Of Contents
- M4300 Intelligent Edge Series Fully Managed Stackable Switches
- Contents
- 1 Get Started
- 2 Configure System Information
- Configure and Display the System and Slot Information
- Configure a Loopback Interface
- Configure Management Interfaces
- Manage the Time Settings
- Manage Precision Time Protocol
- Configure DNS Settings
- Configure the Switch Database Management Template Preference
- Configure Green Ethernet Settings
- Configure and Display Bonjour Settings
- Configure DHCP Server Settings
- Manage a DHCP L2 Relay
- Manage the DHCPv6 Server
- Configure Power over Ethernet
- Configure SNMP
- Configure LLDP
- Configure LLDP Global Settings
- Configure the LLDP Interface
- View LLDP Statistics
- View LLDP Local Device Information
- View LLDP Remote Device Information
- View LLDP Remote Device Inventory
- Configure LLDP-MED Global Settings
- Configure LLDP-MED Interface
- View LLDP-MED Local Device Information
- View LLDP-MED Remote Device Information
- View LLDP-MED Remote Device Inventory
- Configure Link Dependency
- Configure ISDP
- Manage Timer Schedules
- 3 Manage Stacking
- M4300 Series Switch Stacking Overview
- Firmware Synchronization and Upgrade
- Stack Configuration Maintenance
- Stack Master Election
- Stack Factory Defaults Reset Behavior
- Stack NSF
- Configure a Stack
- Run Stack Port Diagnostics
- Configure Stack Firmware Synchronization
- View NSF Summary Data
- View NSF Checkpoint Statistics
- 4 Configure Switching Information
- Configure VLANs
- Configure Basic VLAN Settings
- Reset the VLAN Configuration to Default Setting
- Configure an Internal VLAN
- Configure VLAN Trunking
- Configure VLAN Membership
- View the VLAN Status
- Configure Port PVID Settings
- Configure a MAC-Based VLAN
- Configure Protocol-Based VLAN Groups
- Configure Protocol-Based VLAN Group Membership
- Configure an IP Subnet-Based VLAN
- Configure a Port DVLAN
- Configure a Voice VLAN
- Configure GARP Switch Settings
- Configure a GARP Port
- Configure Auto-VoIP
- Configure iSCSI Settings
- Configure Spanning Tree Protocol
- Manage Multicast
- View the MFDB Table
- View the MFDB Statistics
- Manage IGMP Snooping
- Configure IGMP Snooping Automatically with IGMP Plus Mode
- Configure IGMP Snooping Manually
- Configure IGMP Snooping for Interfaces
- Configure IGMP Snooping for VLANs Automatically with IGMP Plus Mode
- Configure IGMP Snooping for VLANs Manually
- Configure a Multicast Router
- Configure a Multicast Router VLAN
- IGMP Snooping Querier Overview
- Configure IGMP Snooping Querier
- Configure IGMP Snooping Querier for VLANs
- Configure MLD Snooping Automatically with MLD Plus Mode
- Configure MLD Snooping Manually
- Configure an MLD Snooping Interface
- Configure MLD Snooping for VLANs Automatically with MLD Plus Mode
- Configure MLD Snooping for VLANs Manually
- Enable or Disable a Multicast Router on an Interface
- Configure Multicast Router VLAN Settings
- Configure MLD Snooping Querier
- Configure MLD Snooping Querier VLAN Settings
- Configure MVR
- Search and Manage the MAC Address Table
- Manage Port Settings
- Manage Link Aggregation Groups
- Manage the Multiple Registration Protocol Settings
- Manage Loop Protection
- Configure VLANs
- 5 Manage Routing
- Manage Routes
- Configure the Routing IP Settings
- Configure Routing Parameters for the Switch
- Manage IPv6
- Configure IPv6 Global Settings
- View the IPv6 Route Table
- Configure IPv6 Interface Settings
- Configure the IPv6 Prefix Settings
- View IPv6 Statistics
- View the IPv6 Neighbor Table and Clear IPv6 Neighbors
- Configure an IPv6 Static Route
- View the IPv6 Route Table
- Configure IPv6 Route Preferences
- Configure IPv6 Tunnels
- Manage VLANs
- Configure Address Resolution Protocol
- Configure RIP
- Configure Router Discovery
- Configure Virtual Router Redundancy Protocol
- 6 Configure OSPF and OSPFv3
- Configure OSPF
- Configure Basic OSPF Settings
- Configure the OSPF Default Route Advertise Settings
- Configure OSPF Settings
- Configure the OSPF Common Area ID
- Configure the OSPF Stub Area
- Configure the OSPF NSSA Area
- Configure the OSPF Area Range
- Configure the OSPF Interface
- View and Clear OSPF Statistics for an Interface
- View the OSPF Neighbor Table and Clear OSPF Neighbors
- View the OSPF Link State Database
- Configure the OSPF Virtual Link
- Configure the OSPF Route Redistribution
- View the NSF OSPF Summary
- Configure OSPFv3
- Configure Basic OSPFv3 Settings
- Configure OSPFv3 Default Route Advertise Settings
- Configure the Advanced OSPFv3 Settings
- Configure the OSPFv3 Common Area
- Configure an OSPFv3 Stub Area
- Configure the OSPFv3 NSSA Area
- Configure the OSPFv3 Area Range
- Configure the OSPFv3 Interface
- View and Clear OSPFv3 Interface Statistics
- View the OSPFv3 Neighbor Table and Clear OSPFv3 Neighbors
- View the OSPFv3 Link State Database
- Configure the OSPFv3 Virtual Link
- Configure OSPFv3 Route Redistribution
- View the NSF OSPFv3 Summary
- Configure OSPF
- 7 Configure Multicast Routing
- Multicast Overview
- View the Multicast Mroute Table
- Add Mroute Static Multicast Entries
- Configure Global Multicast Settings
- Configure the Multicast Interface
- Configure Global Multicast DVMRP Settings
- Configure the DVMRP Interface
- Search for DVMRP Neighbors
- View the DVMRP Next Hop Settings
- View the Multicast DVMRP Prune
- View the DVMRP Route
- Configure Multicast IGMP Settings
- Configure PIM Settings
- Configure the Multicast PIM Global Settings
- Configure PIM SSM Settings
- Configure PIM Interface
- View the PIM Neighbor
- View the PIM Candidate Rendezvous Point
- View the PIM Neighbor
- Configure the PIM Candidate Rendezvous Point
- Configure the PIM Bootstrap Router Candidate
- Configure the PIM Static Rendezvous Point
- Configure Multicast Static Routes
- Configure the Multicast Admin Boundary
- Configure IPv6 Multicast Settings
- View the IPv6 Multicast Mroute Table
- Configure the IPv6 PIM Global Settings
- Configure IPv6 PIM SSM
- Configure the IPv6 PIM Interface
- View the IPv6 PIM Neighbor
- Configure the IPv6 PIM Candidate Rendezvous Point
- Configure the IPv6 PIM Bootstrap Router Candidate Settings
- Configure the IPv6 PIM Static Rendezvous Point
- Configure IPv6 MLD Global Settings
- Configure the IPv6 MLD Routing Interface
- View IPv6 MLD Routing Interface Statistics
- View the IPv6 MLD Groups
- View and Clear IPv6 MLD Traffic
- Configure the IPv6 MLD Proxy Interface
- View IPv6 MLD Proxy Interface Statistics
- View the IPv6 MLD Proxy Membership
- Configure IPv6 Multicast Static Routes
- Multicast Overview
- 8 Configure Quality of Service
- 9 Manage Switch Security
- Manage User Accounts and Passwords
- Manage the RADIUS Server Settings
- Manage the TACACS Settings
- Configure Authentication Lists
- View Login Sessions
- Manage HHTP, HTTPS, and SSH Access
- Configure Telnet Access
- Configure Console Port Access
- Configure Denial of Service Settings
- Configure Access Control Settings
- Manage Port Authentication
- Control Traffic With MAC Filtering
- Configure Port Security and Private Groups
- Configure Protect Ports
- Set Up Private VLANs
- Manage the Storm Control Settings
- Configure DHCP Snooping
- Configure IP Source Guard Interfaces
- Configure Dynamic ARP Inspection
- Set Up Captive Portals
- Set Up and Manage Access Control Lists
- Use the ACL Wizard to Create a Simple ACL
- Configure an ACL Based on Destination MAC Address
- Use the ACL Wizard to Complete the Destination MAC ACL
- Configure a Basic MAC ACL
- Configure MAC ACL Rules
- Configure MAC Binding
- View and Delete MAC ACL Bindings in the MAC Binding Table
- Configure an IP ACL
- Configure Rules for an IP ACL
- Configure Rules for an Extended IP ACL
- Configure an IPv6 ACL
- Configure IPv6 Rules
- Configure IP ACL Interface Bindings
- View and Delete IP ACL Bindings in the IP ACL Binding Table
- Configure VLAN ACL Bindings
- 10 Monitor the Switch and Network
- 11 Maintenance and Troubleshooting
- A Configuration Examples
- B Default Settings
- C Acronyms and Abbreviations
M4300 Intelligent Edge Series Fully Managed Stackable Switches
Configuration Examples User Manual707
A Port Access Entity (PAE) is able to adopt one of two distinct roles within an access control
interaction:
1. Authenticator: A Port that enforces authentication before allowing access to services
available through that Port.
2. Supplicant:
A Port that attempts to access services offered by the Authenticator.
Additionally, there exists a third role:
3. Authentication server: Performs the authentication function necessary to check the
credentials of the Supplicant on behalf of the
Authenticator.
All three roles are required for you to complete an authentication exchange.
The switch support the Authenticator role only, in which the PAE is responsible for
communicating with the Supplicant.
The Authenticator PAE is also responsible for submitting
the information received from the Supplicant to the Authentication Server in order for the
credentials to be checked, which will determine the authorization state of the Port. The
Authenticator PAE controls the authorized/unauthorized state of the controlled Port
depending on the outcome of the RADIUS-based authentication process.
Figure 1. 802.1X Authentication Roles
802.1X Example Configuration
This example shows how to configure the switch so that 802.1X-based authentication is
required on the ports in a corporate conference room (1/0/5– 1/0/8). These ports are
available to visitors and must be authenticated before granting access to the network. The
authentication is handled by an external RADIUS server. When the visitor is successfully
authenticated, traffic is automatically assigned to the guest VLAN. This example assumes
that a VLAN has been configured with a VLAN ID of 150 and VLAN Name of Guest.
1. From the Port
Authentication page, select ports 1/0/5, 1/0/6, 1/0/7 and 1/0/8.
2. From the Port Control menu, select Unauthorized.