User Manual
Table Of Contents
- M4100 Series Managed Switch
- Contents
- 1. Get Started
- 2. Configure System Information
- System Configuration
- Configure Initial Management VLAN Settings
- Define System Information
- View the Switch Status
- Manage Loopback Interfaces
- View the IPv6 Network Neighbor Table
- Configure an IPv4 Management VLAN
- View or Set the System Time
- Configure DNS
- Configure the DHCP Server
- Configure the DHCP Pool
- Configure UDP Relay Global Settings
- Configure the Basic PoE Settings
- Configure Advanced PoE Settings
- View All MIBs Supported by the Switch
- Configure SNMP v3 Settings for a User
- LLDP Overview
- Configure LLDP Global Settings
- Configure an LLDP Interface
- View LLDP Statistics
- View LLDP Local Device Information
- View LLDP Remote Device Information
- View LLDP Remote Device Inventory
- Configure LLDP-MED Global Settings
- Configure the LLDP-MED Interface
- View LLDP-MED Local Device Information
- View LLDP-MED Remote Device Information
- View LLDP-MED Remote Device Inventory
- ISDP Settings Overview
- Configure Timers
- 3. Configure Switching Information
- VLAN Overview
- Configure a Basic VLAN
- Configure an Internal VLAN
- Add a VLAN
- Reset VLAN Configuration
- Configure Internal VLAN Settings
- Configure VLAN Trunking
- Configure VLAN Membership
- View VLAN Status
- Configure Port PVID
- Configure a MAC-Based VLAN Group
- Configure a Protocol-Based VLAN Group
- Configure Protocol-Based VLAN Group Membership
- Configure an IP Subnet–Based VLAN
- Configure Port DVLAN
- Configure a Voice VLAN
- Configure GARP Switch Settings
- Configure GARP Port Settings
- Auto-VoIP Overview
- Spanning Tree Protocol Overview
- Configure Multicast
- IGMP Snooping Overview
- Configure MLD Snooping
- Configure MVR
- Manage MAC Addresses
- Configure Port Settings
- Link Aggregation Group Overview
- VLAN Overview
- 4. Routing
- 5. Configure Quality of Service
- QoS Overview
- Class of Service
- Differentiated Services
- DiffServ Wizard Overview
- Use the DiffServ Wizard
- Configure DiffServ
- Configure the Global Diffserv Mode
- Configure a DiffServ Class
- Configure the Class Match Criteria
- Configure a DiffServ IPv6 Class
- Configure the DiffServ Class Match Criteria
- Configure DiffServ Policy
- Configure DiffServ Policy Attributes
- Configure DiffServ Policy Settings on an Interface
- View Service Statistics
- 6. Manage Device Security
- Management Security Settings
- Configure RADIUS Settings
- TACACS
- Set Up a Login Authentication List
- Configure Management Access
- Manage Certificates
- Manage Telnet
- Port Authentication Overview
- Traffic Control
- Configure a Private Group
- Private VLAN Overview
- Storm Control Overview
- Control DHCP Snooping Settings
- Configure an IP Source Guard Interface
- Configure Dynamic ARP Inspection
- Access Control List Overview
- Use the ACL Wizard
- Create a MAC ACL
- Configure MAC Rules
- Configure ACL MAC Binding
- View or Delete MAC Bindings
- Configure an IP ACL
- Configure Rules for an IP ACL
- Configure IP Extended Rules
- Configure an IPv6 ACL
- Configure IPv6 Rules
- Configure ACL Interface Bindings
- View or Delete IP ACL Bindings
- View or Delete VLAN ACL Bindings
- 7. Monitoring the System
- 8. Maintenance
- A. Default Settings
- B. Configuration Examples
Manage Device Security
304
M4100 Series Managed Switch
You can select multiple check boxes to apply the same settings to the selected ports, or
select the check box in the heading row to apply the same settings to all ports.
9. For the selected port(s), specify the following settings:
• Control Mode. This selector lists the options for control mode. The control mode is set
only if the link status of the port is link up. The options are as follows:
- force unauthorized. The authenticator port access entity (PAE) unconditionally
sets the controlled port to unauthorized.
- force authorized. The authenticator PAE unconditionally sets the controlled port
to authorized.
- auto. The authenticator PAE sets the controlled port mode to reflect the outcome
of the authentication exchanges between the supplicant, authenticator, and the
authentication server.
- mac based. The authenticator PAE sets the controlled port mode to reflect the
outcome of the authentication exchanges between the supplicant, authenticator,
and the authentication server on a per supplicant basis.
- N/A. The control mode is not applicable.
• Use MAB to enable or disable MAP. The default selection is Disable.
• Quiet Period. This input field allows the user to configure the quiet period for the
selected port. This command sets the value, in seconds, of the timer used by the
authenticator state machine on this port to define periods of time in which it does not
attempt to acquire a supplicant. The quiet period is the period for which the
authenticator does not attempt to acquire a supplicant after a failed authentication
exchange with the supplicant. The quiet period must be a number in the range of 0 to
65535. A quiet period value of 0 means that the authenticator state machine never
acquires a supplicant. The default value is 60. Changing the value does not change
the configuration until the APPLY button is clicked.
• Transmit Period. This input field allows the user to configure the transmit period for
the selected port. The transmit period is the value, in seconds, of the timer used by
the authenticator state machine on the specified port to determine when to send an
EAPOL EAP Request/Identity frame to the supplicant. The transmit period must be a
number in the range of 1 to 65535. The default value is 30. Changing the value does
not change the configuration until the APPLY button is clicked.
• GuestVLAN ID. This field allows the user to configure the guest VLAN ID on the
interface. The valid range is 0 to 4093.The default value is 0. Changing the value
does not change the configuration until the APPLY button is clicked. Enter 0 to clear
the guest VLAN ID on the interface.
• Guest VLAN Period. This input field allows the user to enter the guest VLAN period
for the selected port. The guest VLAN period is the value, in seconds, of the timer
used by the GuestVlan authentication. The guest VLAN time-out must be a value in
the range of 1 to 300. The default value is 90. Changing the value does not change
the configuration until the APPLY button is clicked.
• Unauthenticated VLAN ID. This input field allows the user to enter the
unauthenticated VLAN ID for the selected port. The valid range is 0-4093.The default