beautypg.com
Manuals
Brands
HP Manuals
Switch
ProCurve Series 2600
HP ProCurve Series 2600 Manuals
Manuals and User Guides for HP ProCurve Series 2600. We have
4
HP ProCurve Series 2600 manuals available for free PDF download: Management And Configuration Manual, Manual, Access Security Manual, Installation And Getting Started Manual
HP ProCurve Series 2600 Management And Configuration Manual (547 pages)
Brand:
HP
| Category:
Switch
| Size: 7.29 MB
Table of Contents
Table of Contents
5
Contents
19
1 Getting Started
20
Introduction
20
About the Feature Descriptions
20
Conventions
21
Command Syntax Statements
21
Command Prompts
21
Screen Simulations
22
Port Identity Convention for Examples
22
Related Publications
22
Getting Documentation from the Web
24
Sources for more Information
25
Need Only a Quick Start
26
Contents
27
Selecting a Management Interface
28
Overview
28
Understanding Management Interfaces
28
Advantages of Using the Menu Interface
29
Advantages of Using the CLI
30
Advantages of Using the HP Web Browser Interface
31
Advantages of Using HP Toptools for Hubs & Switches
32
Contents
35
3 Using the Menu Interface
36
Overview
36
Starting and Ending a Menu Session
37
How to Start a Menu Interface Session
38
How to End a Menu Session and Exit from the Console
39
Main Menu Features
41
Screen Structure and Navigation
43
Rebooting the Switch
46
Menu Features List
48
Where to Go from here
49
Contents
51
4 Using the Command Line Interface (CLI)
52
Overview
52
Accessing the CLI
52
Using the CLI
52
Privilege Levels at Logon
53
Privilege Level Operation
54
Operator Privileges
54
Manager Privileges
55
How to Move between Levels
57
Listing Commands and Command Options
58
Listing Commands Available at any Privilege Level
58
Command Option Displays
60
Displaying CLI "Help
61
Configuration Commands and the Context Configuration Modes
63
CLI Control and Editing
66
Contents
67
5 Using the HP Web Browser Interface
68
Overview
68
General Features
69
Starting an HP Web Browser Interface Session with the Switch
70
Using a Standalone Web Browser in a PC or UNIX Workstation
70
Using HP Toptools for Hubs & Switches
71
Tasks for Your First HP Web Browser Interface Session
73
Viewing the "First Time Install" Window
73
Creating Usernames and Passwords in the Browser Interface
74
Online Help for the HP Web Browser Interface
77
Support/Mgmt Urls Feature
78
Support URL
79
Help and the Management Server URL
79
Status Reporting Features
81
The Overview Window
81
The Port Utilization and Status Displays
82
Port Status
84
The Alert Log
85
Alert Types
86
The Status Bar
88
Setting Fault Detection Policy
89
6 Switch Memory and Configuration
91
Contents
91
Overview
92
Overview of Configuration File Management
92
Using the CLI to Implement Configuration Changes
95
Configuration Changes
95
Using the Menu and Web Browser Interfaces to Implement Configuration Changes
98
Configuration Changes Using the Menu Interface
98
Rebooting from the Menu Interface
100
Configuration Changes Using the Web Browser Interface
101
Using Primary and Secondary Flash Image Options
102
Displaying the Current Flash Image Data
102
OS Downloads
104
Local os Replacement and Removal
105
Rebooting the Switch
107
Operating Notes
109
Contents
111
Overview
112
Interface Access: Console/Serial Link, Web, and Telnet
113
Menu: Modifying the Interface Access
114
CLI: Modifying the Interface Access
115
Denying Interface Access by Terminating Remote Management
118
Sessions
118
System Information
119
Menu: Viewing and Configuring System Information
120
CLI: Viewing and Configuring System Information
121
Web: Configuring System Parameters
124
Using Friendly (Optional) Port Names
125
Configuring and Operating Rules for Friendly Port Names
125
Configuring Friendly Port Names
126
Displaying Friendly Port Names with Other Port Data
128
8 Configuring IP Addressing
131
Contents
131
Overview
132
IP Configuration
133
Just Want a Quick Start with IP Addressing
134
IP Addressing with Multiple Vlans
134
IP Configuration
134
IP Addressing in a Stacking Environment
135
Menu: Configuring IP Address, Gateway, and Time-To-Live (TTL)
135
CLI: Configuring IP Address, Gateway, and Time-To-Live (TTL)
137
Web: Configuring IP Addressing
141
How IP Addressing Affects Switch Operation
141
Dhcp/Bootp Operation
142
Network Preparations for Configuring Dhcp/Bootp
145
IP Preserve: Retaining VLAN-1 IP Addressing Across Configuration File Downloads
146
Globally Assigned IP Network Addresses
150
9 Time Protocols
151
Contents
151
Overview
152
SNTP Time Synchronization
152
Timep Time Synchronization
152
General Steps for Running a Time Protocol on the Switch
153
Overview: Selecting a Time Synchronization Protocol or Turning off Time Protocol Operation
153
Disabling Time Synchronization
154
SNTP: Viewing, Selecting, and Configuring
154
Menu: Viewing and Configuring SNTP
155
CLI: Viewing and Configuring SNTP
158
Timep: Viewing, Selecting, and Configuring
164
Menu: Viewing and Configuring Timep
165
CLI: Viewing and Configuring Timep
166
SNTP Unicast Time Polling with Multiple SNTP Servers
171
Adding and Deleting SNTP Server Addresses
172
Address Prioritization
172
Configured
174
Menu Interface Operation with Multiple SNTP Server Addresses
174
SNTP Messages in the Event Log
174
Contents
175
10 Optimizing Traffic Flow with Port Controls, Port Trunking, and Port-Based Priority
175
Overview
176
Viewing Port Status and Configuring Port Parameters
176
Menu: Viewing Port Status and Configuring Port Parameters
179
CLI: Viewing Port Status and Configuring Port Parameters
180
Web: Viewing Port Status and Configuring Port Parameters
183
Port Trunking
184
Port Trunk Features and Operation
185
Trunk Configuration Methods
186
Menu: Viewing and Configuring a Static Trunk Group
190
CLI: Viewing and Configuring a Static or Dynamic Port Trunk
192
Group
192
Using the Cli to Configure a Static or Dynamic Trunk Group
195
Web: Viewing Existing Port Trunk Groups
198
Trunk Group Operation Using LACP
198
Lacp Notes and Restrictions
203
Trunk Group Operation Using the "Trunk" Option
205
Trunk Operation Using the "FEC" Option
205
How the Switch Lists Trunk Data
206
Outbound Traffic Distribution Across Trunked Links
206
Configuring Port-Based Priority for Incoming Packets
208
The Role of 802.1Q VLAN Tagging
208
Outbound Port Queues and Packet Priority Settings
209
Operating Rules for Port-Based Priority
210
Configuring and Viewing Port-Based Priority
211
Messages Related to Prioritization
212
Troubleshooting Prioritization
212
11 Configuring for Network Management Applications
213
Contents
213
Using SNMP Tools to Manage the Switch
214
Overview
214
SNMP Management Features
214
Configuring for SNMP Access to the Switch
215
Configuring for SNMP Version 3 Access to the Switch
216
SNMP Version 3 Commands
217
Snmpv3 Enable
218
SNMP Version 3 Users
219
Group Access Levels
222
SNMP Communities
223
Menu: Viewing and Configuring Non-SNMP Version 3
225
Communities
225
CLI: Viewing and Configuring SNMP Community Names
227
SNMP Notification and Traps
229
Trap Features
231
Using the CLI to Enable Authentication Traps
234
Advanced Management: RMON
235
Cdp
236
Introduction
236
CDP Terminology
237
General CDP Operation
238
Outgoing Packets
238
Incoming CDP Packets
239
Configuring CDP on the Switch
242
Viewing the Switch's Current CDP Configuration
243
Viewing the Switch's Current CDP Neighbors Table
243
Clearing (Resetting) the CDP Neighbors Table
244
Configuring CDP Operation
245
Effect of Spanning Tree (STP) on CDP Packet Transmission
247
CDP Packets
248
CDP Neighbor Data and MIB Objects
249
Operating Notes
251
12 Port-Based Virtual Lans (Vlans) and GVRP
253
Contents
253
Overview
254
Port-Based Virtual Lans (Static Vlans)
255
Overview of Using Vlans
258
The Primary VLAN
258
VLAN Support and the Default VLAN
258
Per-Port Static VLAN Configuration Options
260
General Steps for Using Vlans
261
VLAN Operating Notes
261
Menu: Configuring VLAN Parameters
262
CLI: Configuring VLAN Parameters
267
Web: Viewing and Configuring VLAN Parameters
273
VLAN Tagging Information
274
The Secure Management VLAN
278
Effect of Vlans on Other Switch Features
282
VLAN Restrictions
283
Gvrp
285
General Operation
286
Per-Port Options for Handling GVRP "Unknown Vlans
288
Per-Port Options for Dynamic VLAN Advertising and Joining
290
GVRP and VLAN Access Control
292
Configuring GVRP on a Switch
293
Planning for GVRP Operation
293
GVRP Operating Notes
299
13 Multimedia Traffic Control with IP Multicast (IGMP)
302
Overview
302
General Operation and Features
303
IGMP Terms
304
IGMP Operating Features
305
CLI: Configuring and Displaying IGMP
306
How IGMP Operates
311
Web: Enabling or Disabling IGMP
311
Automatic Fast-Leave IGMP
313
Operation with or Without IP Addressing
313
Forced Fast-Leave IGMP
315
Configuring Per-Port Forced Fast-Leave IGMP
318
Using the Switch as Querier
319
Excluding Well-Known or Reserved Multicast Addresses from IP Multicast Filtering
320
Excluding Well-Known or Reserved Multicast Addresses from IP Multicast Filtering
321
14 802.1W Rapid Spanning Tree Protocol (RSTP)
323
And 802.1D Spanning Tree Protocol (STP)
323
Contents
323
Overview
324
How Spanning Tree Operates
326
Spanning Tree Options: RSTP (802.1W) and STP (802.1D)
328
RSTP (802.1W)
328
Stp (802.1D)
328
Configuring Rapid Reconfiguration Spanning Tree (RSTP)
329
Transitioning from STP to RSTP
330
Optimizing the RSTP Configuration
331
Configuring RSTP
331
CLI: Configuring RSTP
332
Menu: Configuring RSTP
338
Web: Enabling or Disabling RSTP
339
D Spanning-Tree Protocol (STP)
340
Menu: Configuring 802.1D STP
340
CLI: Configuring 802.1D STP
343
STP Fast Mode
347
Fast-Uplink Spanning Tree Protocol (STP)
348
Terminology
350
Operating Rules for Fast Uplink
351
Menu: Viewing and Configuring Fast-Uplink STP
352
CLI: Viewing and Configuring Fast-Uplink STP
358
Operating Notes
361
Web: Enabling or Disabling STP
362
15 HP Procurve Stack Management
364
Overview
364
Operation
365
Which Devices Support Stacking
366
Components of HP Procurve Stack Management
367
General Stacking Operation
367
Operating Rules for Stacking
369
Specific Rules
370
Configuring Stack Management
371
Overview of Configuring and Bringing up a Stack
371
Using the Menu Interface to View Stack Status and Configure
375
Using the Menu Interface to View and Configure a Commander Switch
375
Stacking
375
Using the Menu to Manage a Candidate Switch
377
Using the Commander to Manage the Stack
379
Using the Commander to Access Member Switches for Configuration Changes and Monitoring Traffic
385
Converting a Commander or Member to a Member of Another Stack
386
Monitoring Stack Status
387
Using the CLI to View Stack Status and Configure Stacking
391
Using the Cli to View Stack Status
393
Adding to a Stack or Moving Switches between Stacks
397
Using the Cli to Remove a Member from a Stack
402
SNMP Community Operation in a Stack
405
Using the CLI to Disable or Re-Enable Stacking
406
Transmission Interval
406
Stacking Operation with Multiple Vlans Configured
406
Web: Viewing and Configuring Stacking
407
Status Messages
408
Contents
409
Overview of IP Routing
410
IP Interfaces
410
IP Tables and Caches
411
IP Global Parameters for Routing Switches
413
IP Interface Parameters for Routing Switches
414
Configuring IP Parameters for Routing Switches
415
Configuring IP Addresses
415
Configuring ARP Parameters
415
Configuring Forwarding Parameters
418
Configuring ICMP
420
Configuring Static IP Routes
422
Static Route Types
422
Static IP Route Parameters
423
Static Route States Follow VLAN (Interface) States
423
Configuring a Static IP Route
424
Configuring the Default Route
424
Configuring a "Null" Route
425
Configuring IRDP
426
Enabling IRDP Globally
427
Enabling IRDP on an Individual VLAN Interface
427
Displaying IRDP Information
429
Configuring DHCP Relay
430
Overview
430
DHCP Packet Forwarding
430
Minimum Requirements for DHCP Relay Operation
431
Contents
433
Overview
434
Downloading Switch Software
434
General Switch Software Download Rules
435
Using TFTP to Download Switch Software from a Server
435
Menu: TFTP Download from a Server to Primary Flash
436
CLI: TFTP Download from a Server to Primary or Secondary
438
Flash
438
CLI: TFTP Download from a Server to Primary or
438
Using Xmodem to Download Switch Software from a PC or UNIX Workstation
439
Menu: Xmodem Download to Primary Flash
439
CLI: Xmodem Download from a PC or Unix Workstation to Primary or Secondary Flash
440
Switch-To-Switch Download
441
Menu: Switch-To-Switch Download to Primary Flash
441
CLI: Switch-To-Switch Downloads
442
Using the HP Toptools for Hubs & Switches Utility
443
Troubleshooting TFTP Downloads
444
Transferring Switch Configurations
445
Copying Diagnostic Data to a Remote Host, PC, or Unix
448
Copying Command Output to a Destination Device
448
Copying Event Log Output to a Destination Device
449
Copying Crash Data Content to a Destination Device
449
Copying Crash Log Data Content to a Destination Device
450
Contents
451
Overview
452
Status and Counters Data
453
Menu Access to Status and Counters
454
General System Information
455
Switch Management Address Information
456
Module Information
457
Port Status
458
Viewing Port and Trunk Group Statistics and Flow Control Status
459
Menu Access to Port and Trunk Statistics
460
Viewing the Switch's MAC Address Tables
462
Spanning Tree Protocol (STP) Information
467
Cli Access to Stp Data
468
Internet Group Management Protocol (IGMP) Status
469
VLAN Information
469
VLAN Information
470
Web Browser Interface Status Information
472
Port and Static Trunk Monitoring Features
473
Menu: Configuring Port and Static Trunk Monitoring
474
CLI: Configuring Port and Static Trunk Monitoring
476
Web: Configuring Port Monitoring
478
Contents
479
Overview
480
Troubleshooting Approaches
480
Browser or Telnet Access Problems
482
Unusual Network Activity
484
General Problems
484
Prioritization Problems
485
CDP Problems
485
IGMP-Related Problems
486
LACP-Related Problems
487
Port-Based Access Control (802.1X)-Related Problems
487
Radius-Related Problems
490
Spanning-Tree Protocol (STP) and Fast-Uplink Problems
491
SSH-Related Problems
492
Stacking-Related Problems
493
TACACS-Related Problems
494
Timep, SNTP, or Gateway Problems
496
VLAN-Related Problems
496
Using Logging to Identify Problem Sources
499
Event Log Operation
499
Debug and Syslog Operation
503
Diagnostic Tools
509
Port Auto-Negotiation
509
Ping and Link Tests
510
Diagnostic Tools
510
Displaying the Configuration File
514
CLI Administrative and Troubleshooting Commands
517
Restoring the Factory-Default Configuration
518
Restoring a Flash Image
519
Overview
523
Determining MAC Addresses
524
HP ProCurve Series 2600 Manual (300 pages)
Access Security Guide
Brand:
HP
| Category:
Switch
| Size: 3.68 MB
Table of Contents
Table of Contents
5
Getting Started
14
Introduction and Applicable Switches
14
About the Feature Descriptions
14
Overview of Access Security Features
15
General Switch Traffic Security Guideline
17
Command Syntax Conventions
18
Simulating Display Output
18
Command Prompts
18
Screen Simulations
19
Port Identity Convention for Examples
19
Related Publications
19
Getting Documentation from the Web
21
Sources for more Information
22
Need Only a Quick Start
23
To Set up and Install the Switch in Your Network
23
Contents
25
Overview
26
Configuring Username and Password Security
26
Configuring Local Password Security
28
Menu: Setting Passwords
28
CLI: Setting Passwords and Usernames
29
Web: Setting Passwords and Usernames
30
Front-Panel Security
31
When Security Is Important
31
Front-Panel Button Functions
33
Configuring Front-Panel Security
36
Password Recovery
41
Password Recovery Process
43
Web and MAC Authentication for the Series 2600/2600-PWR and 2800 Switches
45
Contents
45
Overview
46
Client Options
47
General Features
48
How Web and MAC Authentication Operate
49
Authenticator Operation
49
Terminology
53
Operating Rules and Notes
54
Do These Steps before You Configure Web/Mac Authentication
56
General Setup Procedure for Web/Mac Authentication
56
Additional Information for Configuring the RADIUS Server to Support MAC Authentication
58
Configuring the Switch to Access a RADIUS Server
59
Configuring Web Authentication on the Switch
61
Overview
61
Configure the Switch for Web-Based Authentication
62
Configuring MAC Authentication on the Switch
66
Overview
66
Configure the Switch for MAC-Based Authentication
67
Show Status and Configuration of Web-Based Authentication
70
Show Status and Configuration of MAC-Based Authentication
72
Client Status
74
Contents
75
Overview
76
TACACS+ Authentication
76
Terminology Used in TACACS Applications
77
General System Requirements
79
General Authentication Setup Procedure
79
Configuring TACACS+ on the Switch
82
Beforeyou Begin
82
CLI Commands Described in this Section
83
Viewing the Switch's Current Authentication Configuration
83
Viewing the Switch's Current TACACS+ Server Contact Configuration
84
Configuring the Switch's Authentication Methods
85
Configuring the Switch's TACACS+ Server Access
89
How Authentication Operates
94
General Authentication Process Using a TACACS+ Server
94
Local Authentication Process
96
Using the Encryption Key
97
Controlling Web Browser Interface Access When Using TACACS+ Authentication
98
Controlling Web Browser Interface Access When Using TACACS
98
Authentication
98
Messages Related to TACACS+ Operation
99
Operating Notes
99
RADIUS Authentication and Accounting
101
Contents
101
Overview
102
Terminology
103
Switch Operating Rules for RADIUS
104
General RADIUS Setup Procedure
105
Outline of the Steps for Configuring RADIUS Authentication
106
Configuring the Switch for RADIUS Authentication
106
Configure Authentication for the Access Methods You Want RADIUS
108
To Protect
108
Configure the Switch to Access a RADIUS Server
110
Configure the Switch's Global RADIUS Parameters
112
Local Authentication Process
116
Controlling Web Browser Interface Access When Using RADIUS Authentication
117
Configuring RADIUS Accounting
117
Authentication
117
Operating Rules for RADIUS Accounting
119
Steps for Configuring RADIUS Accounting
119
Configuring RADIUS Accounting
119
Reports to the Radius Server
122
Viewing RADIUS Statistics
125
General RADIUS Statistics
125
RADIUS Authentication Statistics
127
RADIUS Accounting Statistics
128
Changing RADIUS-Server Access Order
129
Messages Related to RADIUS Operation
131
Configuring Secure Shell (SSH)
133
Contents
133
Overview
134
Terminology
136
Prerequisite for Using SSH
137
Public Key Formats
137
Steps for Configuring and Using SSH for Switch and Client Authentication
138
General Operating Rules and Notes
140
Configuring the Switch for SSH Operation
141
Assigning a Local Login (Operator) and Enable (Manager) Password
141
Generating the Switch's Public and Private Key Pair
142
Providing the Switch's Public Key to Clients
144
Enabling SSH on the Switch and Anticipating SSH Client Contact
147
Behavior
147
Configuring the Switch for SSH Authentication
150
Use an SSH Client to Access the Switch
153
Further Information on SSH Client Public-Key Authentication
153
Messages Related to SSH Operation
159
Configuring Secure Socket Layer (SSL)
161
Contents
161
Overview
162
Terminology
163
Prerequisite for Using SSL
165
Steps for Configuring and Using SSL for Switch and Client Authentication
165
General Operating Rules and Notes
166
Configuring the Switch for SSL Operation
167
Assigning a Local Login (Operator) and Enable (Manager)Password
167
Generating the Switch's Server Host Certificate
169
Comments on Certificate Fields
171
Enabling SSL on the Switch and Anticipating SSL Browser Contact
177
Behavior
181
Common Errors in SSL Setup
181
Contents
183
Configuring Port-Based Access Control (802.1X)
183
General Features
185
Why Use Port-Based Access Control
185
Overview
185
How 802.1X Operates
188
Authenticator Operation
188
Switch-Port Supplicant Operation
189
Terminology
190
General Operating Rules and Notes
192
General Setup Procedure for Port-Based Access Control (802.1X)
194
Do These Steps before You Configure 802.1X Operation
194
Overview: Configuring 802.1X Authentication on the Switch
195
Configuring Switch Ports as 802.1X Authenticators
197
Enable 802.1X Authentication on Selected Ports
197
Configure the 802.1X Authentication Method
201
Enable 802.1X Authentication on the Switch
202
Enter the RADIUS Host IP Address(Es)
202
802.1X Open VLAN Mode
203
Introduction
203
Use Models for 802.1X Open VLAN Modes
204
Operating Rules for Authorized-Client and Unauthorized-Client Vlans
207
Setting up and Configuring 802.1X Open VLAN Mode
209
802.1X Open VLAN Operating Notes
213
Option for Authenticator Ports: Configure Port-Security to Allow Only
214
802.1X Devices
214
To Other Switches
216
Displaying 802.1X Configuration, Statistics, and Counters
220
Show Commands for Port-Access Authenticator
220
Viewing 802.1X Open VLAN Mode Status
222
Show Commands for Port-Access Supplicant
225
How RADIUS/802.1X Authentication Affects VLAN Operation
226
Messages Related to 802.1X Operation
230
Configuring and Monitoring Port Security
231
Contents
231
Overview
232
Basic Operation
232
Blocking Unauthorized Traffic
233
Trunk Group Exclusion
234
Planning Port Security
235
Port Security Command Options and Operation
236
Retention of Static MAC Addresses
240
Displaying Current Port Security Settings
240
Configuring Port Security
242
MAC Lockdown
247
Differences between MAC Lockdown and Port Security
249
Deploying MAC Lockdown
251
MAC Lockout
255
Port Security and MAC Lockout
257
Web: Displaying and Configuring Port Security Features
257
Reading Intrusion Alerts and Resetting Alert Flags
258
Notice of Security Violations
258
How the Intrusion Log Operates
259
Keeping the Intrusion Log Current by Resetting Alert Flags
259
Using the Event Log to Find Intrusion Alerts
265
Web: Checking for Intrusions, Listing Intrusion Alerts, and Resetting
265
Operating Notes for Port Security
266
Alert Flags
266
Contents
269
Traffic/Security Filters
269
(HP Procurve Series 2600/2600-PWR and 2800 Switches)
269
Overview
270
Using Source-Port Filters
272
Operating Rules for Source-Port Filters
272
Configuring a Source-Port Filter
273
Viewing a Source-Port Filter
275
Filter Indexing
276
Editing a Source-Port Filter
277
Contents
279
Overview
280
Using Authorized IP Managers
280
Options
281
Access Levels
281
Defining Authorized Management Stations
282
Overview of IP Mask Operation
282
Menu: Viewing and Configuring IP Authorized Managers
283
CLI: Viewing and Configuring Authorized IP Managers
284
Configuring Ip Authorized Managers for the Switch
285
Web: Configuring IP Authorized Managers
287
Building Ip Masks
287
Configuring One Station Per Authorized Manager Ip Entry
287
HP ProCurve Series 2600 Access Security Manual (241 pages)
Brand:
HP
| Category:
Network Router
| Size: 4.34 MB
Table of Contents
Table of Contents
5
Contents
13
Getting Started
14
Introduction and Applicable Switches
14
About the Feature Descriptions
14
Overview of Access Security Features
15
Command Syntax Conventions
17
Simulating Display Output
17
Command Prompts
17
Screen Simulations
18
Port Identity Convention for Examples
18
Related Publications
18
Getting Documentation from the Web
20
Sources for more Information
21
Need Only a Quick Start
22
To Set up and Install the Switch in Your Network
22
Contents
23
Configuring Username and Password Security
24
Overview
24
Configuring Local Password Security
26
Menu: Setting Passwords
26
CLI: Setting Passwords and Usernames
27
Web: Setting Passwords and Usernames
28
TACACS+ Authentication
29
Contents
29
Overview
30
Terminology Used in TACACS Applications
31
General System Requirements
33
General Authentication Setup Procedure
33
Configuring TACACS+ on the Switch
36
Beforeyou Begin
36
CLI Commands Described in this Section
37
Viewing the Switch's Current Authentication Configuration
37
Viewing the Switch's Current TACACS+ Server Contact
38
Configuration
38
Configuring the Switch's Authentication Methods
39
Configuring the Switch's TACACS+ Server Access
43
How Authentication Operates
48
General Authentication Process Using a TACACS+ Server
48
Local Authentication Process
50
Using the Encryption Key
51
Controlling Web Browser Interface Access When Using TACACS+ Authentication
52
Messages Related to TACACS+ Operation
53
Operating Notes
53
4 RADIUS Authentication and Accounting
55
RADIUS Authentication and Accounting
55
Contents
55
Overview
56
Terminology
57
Switch Operating Rules for RADIUS
58
General RADIUS Setup Procedure
59
Outline of the Steps for Configuring RADIUS Authentication
60
Configuring the Switch for RADIUS Authentication
60
Configure Authentication for the Access Methods You Want
62
RADIUS to Protect
62
Configure the Switch to Access a RADIUS Server
64
Configure the Switch's Global RADIUS Parameters
66
Local Authentication Process
70
RADIUS Authentication
70
Controlling Web Browser Interface Access When Using RADIUS Authentication
71
Configuring RADIUS Accounting
72
Operating Rules for RADIUS Accounting
73
Steps for Configuring RADIUS Accounting
73
Configuring RADIUS Accounting
73
Viewing RADIUS Statistics
79
General RADIUS Statistics
79
RADIUS Authentication Statistics
81
RADIUS Accounting Statistics
82
Changing RADIUS-Server Access Order
83
Messages Related to RADIUS Operation
85
Configuring Secure Shell (SSH)
87
Contents
87
Overview
88
Terminology
90
Prerequisite for Using SSH
91
Public Key Formats
91
Steps for Configuring and Using SSH for Switch and Client
92
Authentication
92
General Operating Rules and Notes
94
Configuring the Switch for SSH Operation
95
Assigning a Local Login (Operator) and Enable (Manager)
95
Password
95
Generating the Switch's Public and Private Key Pair
96
Providing the Switch's Public Key to Clients
98
Enabling SSH on the Switch and Anticipating SSH Client
101
Contact Behavior
101
Configuring the Switch for SSH Authentication
104
Use an SSH Client to Access the Switch
107
Further Information on SSH Client Public-Key Authentication
107
Messages Related to SSH Operation
113
Contents
115
Configuring Secure Socket Layer (SSL)
116
Overview
116
Terminology
117
Prerequisite for Using SSL
119
Steps for Configuring and Using SSL for Switch and Client
119
Authentication
119
General Operating Rules and Notes
120
Configuring the Switch for SSL Operation
121
Assigning a Local Login (Operator) and Enable (Manager)
121
Password
121
Generating the Switch's Server Host Certificate
123
Enabling SSL on the Switch and Anticipating SSL Browser
131
Contact Behavior
131
Common Errors in SSL Setup
135
Configuring Port-Based Access Control (802.1X)
137
Contents
137
Overview
138
Why Use Port-Based Access Control
138
General Features
138
How 802.1X Operates
141
Authenticator Operation
141
Switch-Port Supplicant Operation
142
Terminology
143
General Operating Rules and Notes
145
General Setup Procedure for Port-Based Access Control
147
(802.1X)
147
Do These Steps before You Configure 802.1X Operation
147
Overview: Configuring 802.1X Authentication on the Switch
148
Configuring Switch Ports as 802.1X Authenticators
150
Enable 802.1X Authentication on Selected Ports
150
Configure the 802.1X Authentication Method
154
Enter the RADIUS Host IP Address(Es)
155
Enable 802.1X Authentication on the Switch
155
802.1X Open VLAN Mode
156
Introduction
156
Use Models for 802.1X Open VLAN Modes
157
Operating Rules for Authorized-Client and Unauthorized-Client
160
Vlans
160
Setting up and Configuring 802.1X Open VLAN Mode
162
802.1X Open VLAN Operating Notes
166
Option for Authenticator Ports: Configure Port-Security to Allow Only 802.1X Devices
167
Configuring Switch Ports to Operate as Supplicants for 802.1X Connections to Other Switches
169
Displaying 802.1X Configuration, Statistics, and Counters
173
Show Commands for Port-Access Authenticator
173
Viewing 802.1X Open VLAN Mode Status
175
Show Commands for Port-Access Supplicant
178
How Radius/802.1X Authentication Affects VLAN Operation
179
Messages Related to 802.1X Operation
183
Configuring and Monitoring Port Security
185
Contents
185
Overview
186
Basic Operation
186
Blocking Unauthorized Traffic
187
Trunk Group Exclusion
188
Planning Port Security
189
Port Security Command Options and Operation
190
Displaying Current Port Security Settings
194
Retention of Static MAC Addresses
194
Configuring Port Security
196
Reading Intrusion Alerts and Resetting Alert Flags
201
Notice of Security Violations
201
How the Intrusion Log Operates
202
Keeping the Intrusion Log Current by Resetting Alert Flags
203
Using the Event Log to Find Intrusion Alerts
208
Web: Checking for Intrusions, Listing Intrusion Alerts, and
208
Web: Displaying and Configuring Port Security Features
201
Operating Notes for Port Security
209
Contents
211
Traffic/Security Filters (HP Procurve Switch 2824 and 2848)
212
Overview
212
Using Source-Port Filters
214
Operating Rules for Source-Port Filters
214
Configuring a Source-Port Filter
215
Viewing a Source-Port Filter
217
Filter Indexing
218
Editing a Source-Port Filter
219
Contents
221
Using Authorized IP Managers
222
Overview
222
Options
223
Access Levels
223
Defining Authorized Management Stations
224
Overview of IP Mask Operation
224
Menu: Viewing and Configuring IP Authorized Managers
225
CLI: Viewing and Configuring Authorized IP Managers
226
Web: Configuring IP Authorized Managers
228
Building IP Masks
229
Configuring One Station Per Authorized Manager Ip Entry
229
Configuring Multiple Stations Per Authorized Manager IP Entry
230
Additional Examples for Authorizing Multiple Stations
232
HP ProCurve Series 2600 Installation And Getting Started Manual (116 pages)
ProCurve 2600 Series Switches
Brand:
HP
| Category:
Switch
| Size: 5.6 MB
Table of Contents
Table of Contents
5
1 Introducing the Switch
9
Front of the Switch
11
Network Ports
12
Leds
12
Port Leds
14
Multiple-Display Port Leds - Port LED View or LED Mode Select Button and Indicator Leds
15
Reset Button
17
Clear Button
17
Back of the Switch
18
Console Port
19
Power Connector
19
Switch Features
19
2 Installing the Switch
21
Included Parts
21
Installation Procedures
23
Installation Precautions
23
Prepare the Installation Site
23
Installing or Removing Mini-Gbics
27
Verify the Switch Passes Self Test
29
LED Behavior
30
4 Mount the Switch
31
Rack or Cabinet Mounting
31
Rack Mounting the 2626-PWR and 2650-PWR Switches
32
Rack Mounting the Non-PWR Switches and the 2600-8-PWR Switch
34
Flat Wall Mounting
36
Wall Mounting the Series 2600 Non-PWR Switches
37
Wall Mounting the Series 2600-8-PWR Switch
38
5 Connect the Switch to a Power Source
39
Horizontal Surface Mounting
39
6 Connect the Network Cables
40
Using the RJ-45 Connectors
40
Connecting Cables to Mini-Gbics
41
Optional) Connect a Redundant Power Supply to a Series 2600-PWR Switch
41
RPS/EPS Operation
42
Operating Characteristics of the 600 RPS/EPS (J8168A)
42
600 RPS/EPS Leds
43
610 EPS Leds
47
Operating Characteristics of the 610 EPS (J8169A)
47
8 Optional) Connect a Console to the Switch
50
Terminal Configuration
50
Direct Console Access
51
Sample Network Topologies for Non-PWR Switches
52
As a Desktop Switch
52
As a Segment Switch
53
Connecting to a Backbone Switch
55
Sample Network Topologies for PWR Switches
56
As a Desktop Switch Implementing Poe
56
As a Segment Switch Implementing Poe
57
Stacking the Switch
59
Configuring the Switch
61
Recommended Minimal Configuration
61
Using the Console Setup Screen
62
Where to Go from here
64
Starting a Telnet Session
65
Starting a Web Browser Session
65
Using the IP Address for Remote Switch Management
65
Basic Troubleshooting Tips
67
Troubleshooting
67
Diagnosing with the Leds
70
Diagnostic Tips
71
Proactive Networking
74
Checking Console Messages
75
Testing Twisted-Pair Cabling
76
Testing Switch-To-Device Network Communications
76
Testing End-To-End Network Communications
76
Restoring the Factory Default Configuration
77
Downloading New Switch Software
78
HP Customer Support Services
78
Before Calling Support
78
Checking the Switch Leds
75
Hardware Diagnostic Tests
75
Testing the Switch by Resetting It
75
A Switch Specifications
79
Electrical
79
Physical
79
Acoustic
80
Environmental
80
Cable Length
81
Connectors
81
Lasers
81
Safety
81
B Switch Ports and Network Cables
83
Switch Ports
83
Twisted-Pair Cables
83
Fiber-Optic Cables
84
Mode Conditioning Patch Cord for Gigabit-LX
85
Installing the Patch Cord
86
Twisted-Pair Cable/Connector Pin-Outs
87
Cable Diagram
89
Pin Assignments
89
Straight-Through Twisted-Pair Cable for 10 Mbps or 100 Mbps Network Connections
89
Cable Diagram
90
Crossover Twisted-Pair Cable for 10 Mbps or 100 Mbps Network Connection
90
Pin Assignments
90
Cable Diagram
91
Pin Assignments
91
Straight-Through Twisted-Pair Cable for 1000 Mbps Network Connections
91
C Safety and EMC Regulatory Statements
93
Safety Information
93
Informations Concernant la Sécurité
94
Hinweise zur Sicherheit
95
Considerazioni Sulla Sicurezza
96
Consideraciones sobre Seguridad
97
Safety Information (Japan
98
Safety Information (China
99
Australia/New Zealand
100
Canada
100
EMC Regulatory Statements
100
Japan
100
U.s.a
100
Korea
101
Taiwan
101
European Community
102
Declaration of Conformity
103
Waste Electrical and Electronic Equipment (WEEE) Statements
104
Related Products
HP ProCurve 6208M-SX
HP HP ProCurve Series 6600
HP ProCurve Series 2810
HP HP ProCurve series 2500
HP ProCurve Series
HP PROCURVE 6120
HP procurve switch xl modules
HP ProCurve 630
HP ProCurve 5406zl Intelligent Edge
HP ProCurve 1400 Series
HP Categories
Desktop
Laptop
Server
Monitor
Switch
More HP Manuals