User's Manual
Table Of Contents
- 8-Port Multi-Gigabit Smart Managed Pro Switch with Two 10G Ports
- Contents
- 1 Get Started
- 2 Configure System Information
- View and Configure the Switch Management Settings
- View or Define System Information and View Software Versions
- View the System CPU Status
- View USB Device Information
- Configure the IPv4 Address for the Network Interface and Management VLAN
- Configure the IPv6 Address for the Network Interface
- View the IPv6 Network Neighbor
- Configure the Time Settings
- Configure DNS Settings
- Configure Green Ethernet Settings
- Use the Device View
- Configure Power over Ethernet
- Configure SNMP
- Configure LLDP
- Configure DHCP Snooping
- Set Up PoE Timer Schedules
- View and Configure the Switch Management Settings
- 3 Configure Switching
- Configure Port Settings and Flow Control
- Configure Link Aggregation Groups
- Configure VLANs
- Configure VLAN Settings
- Configure VLAN Membership
- View VLAN Status
- Configure Port PVID Settings
- Configure MAC-Based VLAN Groups
- Manually Add Members to or Remove Them From a MAC-Based VLAN Group
- Configure Protocol-Based VLAN Groups
- Manually Add Members to or Remove Them From a Protocol-Based VLAN Group
- Configure GARP Switch Settings
- Configure GARP Ports
- Configure a Voice VLAN
- Configure Auto-VoIP
- Configure Spanning Tree Protocol
- Configure Multicast
- View the MFDB Table
- View the MFDB Statistics
- Configure Auto-Video
- IGMP Snooping Overview
- Configure the Global IGMP Snooping Settings
- View the IGMP Snooping Table
- Configure IGMP Snooping for VLANs
- Modify IGMP Snooping Settings for a VLAN
- Disable IGMP Snooping on a VLAN and Remove It From the Table
- IGMP Snooping Querier Overview
- Configure IGMP Snooping Querier
- Configure IGMP Snooping Querier for VLANs
- Display the IGMP Snooping Querier for VLAN Status
- MLD Snooping Overview
- Configure the Global MLD Snooping Settings
- Configure MLD Snooping for a VLAN
- View, Search, and Manage the MAC Address Table
- 4 Configure Routing
- IP Routing Overview
- Configure IP Settings
- Configure VLAN Routing
- Manage IPv4 Routes
- Configure Address Resolution Protocol
- Configure IPv6
- Configure IPv6 Global Settings
- Add a Static IPv6 Route
- Change the Preference for a Static IPv6 Route
- Remove a Static IPv6 Route
- View the IPv6 Route Table
- Configure IPv6 VLAN Interface Settings
- Add an IPv6 Global Address to an IPv6 VLAN
- Change the Settings for an IPv6 Global Address on an IPv6 VLAN
- Remove an IPv6 Global Address From an IPv6 VLAN
- Add an IPv6 Prefix for Advertisement on an IPv6 VLAN
- Change the Settings for an IPv6 Prefix for Advertisement on an IPv6 VLAN
- Remove an IPv6 Prefix From an IPv6 VLAN
- View IPv6 Statistics for an Interface
- View or Clear the IPv6 Neighbor Table
- 5 Configure Quality of Service
- 6 Manage Device Security
- Management Security Settings
- Configure Management Access
- Configure Port Authentication
- Set Up Traffic Control
- Configure Access Control Lists
- Use the ACL Wizard to Create a Simple ACL
- Configure a Basic MAC ACL
- Configure MAC ACL Rules
- Configure MAC Bindings
- View or Delete MAC ACL Bindings in the MAC Binding Table
- Configure an IP ACL
- Configure Rules for a Basic IP ACL
- Configure Rules for an Extended IP ACL
- Configure an IPv6 ACL
- Configure IPv6 Rules
- Configure IP ACL Interface Bindings
- View or Delete IP ACL Bindings in the IP ACL Binding Table
- 7 Monitor the System
- 8 Maintain the Switch and Perform Troubleshooting
- A Configuration Examples
- B Hardware Specifications and Default Settings
Smart Managed Pro Switches MS510TX and MS510TXPP
Configuration Examples User Manual344
controls the authorized/unauthorized state of the controlled port depending on the outcome of
the RADIUS-based authentication process.
Supplicant
Authenticator switch
Supplicant
Radius
authentication
server
(192.100.10.23)
Figure 1. 802.1X authentication roles
802.1X Example Configuration
This example shows how to configure the switch so that 802.1X-based authentication is
required on the ports in a corporate conference room (mg7–mg8). These ports are available
to visitors and must be authenticated before access is granted to the network. The
authentication is handled by an external RADIUS server. When the visitor is successfully
authenticated, traffic is automatically assigned to the guest VLAN. This example assumes
that a VLAN was configured with a VLAN ID of 150 and VLAN name of Guest.
1. On
the Port Authentication page, select ports mg6 through mg8.
2. From
the Port Control menu, select Auto.
The selection from the Port Control menu for all other ports on which authentication is
not needed must be Authorized. When the selection from the Port Control menu is
Authorized, the port is unconditionally put in a force-authorized state and does not
require any authentication. When the selection from the Port Control menu is Auto, the
authenticator P
AE sets the controlled port mode.
3. In
the Guest VLAN field for ports mg7–mg8, enter 150 to assign these ports to the guest
VLAN.
You can configure additional settings to control access to the network through the ports.
See Configure a Port Security Interface on page 251 for information about the settings.
4. Click
the Apply button.