Supermicro AOC-XEH-IN2 Uživatelský manuál Strana 90
- Strana / 392
- Tabulka s obsahem
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
Superblade Network Modules User’s Manual
6-26
6-11 IEEE 802.1x
IEEE 802.1x is a client-server based access control and authentication protocol that
restricts unauthorized user devices from connecting to the LAN through publicly
accessible ports. This port-based access control is accomplished by using a RADIUS
server that is connected to a gigabit switch management port to authenticate client
users trying to access a network through the switch. The gigabit switch will relay
Extensible Authentication Protocol over LAN (EAPoL) packets between the user client
and the RADIUS server. The 802.1x protocol consists of three components: client,
authenticator and authentication server.
The Authentication Server is a remote device that runs the RADIUS server program
(Windows 2000/2003 IAS™, freeRADIUS™ from open source). The role of the
Authentication Server is to certify the identity of a client attempting to access the
network. By exchanging secure information between the RADIUS server and the client
through EAPoL packets, the Authentication Server will inform the switch whether or not
the client is granted access to the LAN through the connected port.
The client is a workstation that wishes to access the network through a connected
switch port. All workstations have to run a program (supplicant) that is compliant with the
802.1x protocol. Microsoft Windows XP™ and Vista™ should have this. A user can also
install another third party package, such as Odyssey® from Funk Software®.
When the G
LOBAL RADIUS SETTING and SET STATUS of an individual port are enabled,
that port will initially be placed into an unauthorized state. The client will initiate
negotiations by sending an EAPOL
START packet.
There are several EAP authentication methods available in Microsoft Windows XP, such
as EAP-MD5, EAP-TLS and EAP-PEAP. Currently, the gigabit switch only supports
EAP-MD5 for 802.1x authentication.
• PEAP-MS-CHAP v2 uses password-based credentials and requires computer
certificates on the RADIUS servers.
• EAP-TLS uses certificate-based credentials and requires user and computer
certificates on the wire’s client computers and computer certificates on the RADIUS
servers.
• EAP-MD5 (Message Digest 5) Challenge Handshake Authentication Protocol (MD5
CHAP), which uses passwords.
Wiring for 802.1x
The EAPOL packets are handled by a management processor in the switch. The
processor communicates with the outside world through three ports. Two ports (eth0
and eth1) are connected to the CMM module's Ethernet port and the third port (eth2) is
connected to all 24 switching ports. Only one port is enabled at any time. The regular
configuration setup switch is managed through the CMM Ethernet port. Thus, for regular
deployment, the RADIUS server should be located where it can be reached from the
CMM Ethernet port.
- SuperBlade 1
- Network Modules 1
- User’s Manual 1
- REPRODUCTIVE HARM 2
- Table of Contents 3
- List of Figures 13
- List of Tables 21
- About this Manual 27
- Manual Organization 27
- Chapter 1 29
- Introduction 29
- 1-4 Contacting Supermicro 30
- Chapter 2 31
- System Safety 31
- 2-4 Operating Precautions 32
- Chapter 3 33
- Setup and Installation 33
- SBM-GEM-001 34
- Switch Modules 34
- Removing a Switch Module 35
- Network Connection 37
- SERNAME box 38
- Address Defaults 39
- Command Line 40
- Firmware 41
- Chapter 4 47
- InfiniBand Modules 47
- Chapter 4: InfiniBand Modules 49
- InfiniBand Switch LEDs 54
- Chapter 5 55
- Ethernet Modules 55
- LED Indicators 56
- Chapter 5: Ethernet Modules 57
- Pass-through Module 60
- Chapter 6 65
- 1-Gb Ethernet Switch Firmware 65
- WITCH STATUS screen in the 66
- 6-1 Port Status 68
- Port VLAN ID (PVID) 69
- Jumbo Frames Support 69
- Control Description 70
- 6-2 Statistics 71
- 6-3 VLAN 74
- 6-4 Configuring a Static VLAN 76
- 6-5 Trunking 77
- 6-6 Mirroring 79
- 6-7 Quality of Service 80
- 6-8 Rate Control 82
- 6-9 L2 Management 83
- ELETE link for that 84
- DDRESSES 84
- 6-10 Spanning Tree 85
- Port Transition State 86
- NABLE RSTP dialog 87
- PPLY GLOBAL SETTINGS button 87
- Root Status 88
- Bridge Setting 88
- RSTP Port Settings 89
- 6-11 IEEE 802.1x 90
- 802.1x Configuration 91
- 6-12 IGMP Snooping 92
- 6-13 SNMP 94
- Chapter 7 99
- 7-2 Login 100
- 7-3 Home Page 101
- Top Page Links 104
- Top LED Display 104
- Left Side Tree 104
- 7-4 System Management Page 105
- System Settings 107
- System Version 109
- File Management 110
- File Copy 111
- Firmware Upgrade 112
- Management Security 113
- Management User Account 114
- TACACS+ Global Settings 116
- TACACS+ Server Configuration 117
- IP Authorized Manager 118
- SSH Configuration 119
- SSLConfiguration 120
- ONFIGURATION page 121
- Syslog Configuration 122
- Syslog Mail Configuration 123
- MAC Based ACL 124
- IP Standard ACL 125
- IP Extended ACL 126
- Parameter Description 127
- WEBGUI Settings 128
- GENT CONTROL SETTINGS page 129
- SNMP Community Settings 130
- SNMP Group Settings 131
- SNMP Group Access Settings 132
- SNMP View Tree Settings 133
- SNMP Target Address Settings 134
- SNMP User Settings 136
- SNMP Trap Settings 137
- SNMP AgentX 138
- RMON Basic Settings 140
- Event Configuration 141
- RMON Alarm Configuration 142
- ALLING THRESHOLD 143
- QOS Basic Settings 145
- QOS Classmap Settings 146
- QOS Policymap Settings 147
- COSQ Scheduling Algorithm 148
- EIGHT value 149
- NTP Settings 150
- CX4 Cable Length 152
- Enabling Stacking 153
- Figure 7-47. Switch Diagram 154
- Stack Configuration 156
- Stack Details 157
- Stack Link Status 158
- Stack Counters 159
- 7-5 Layer 2 Management 161
- Layer 2 Basic Settings 162
- Port Manager 163
- Port Monitoring 165
- VLAN Traffic Class 166
- Port Control 167
- Rate Limiting 168
- VLAN Basic Settings 169
- Port Settings 170
- Static VLAN 171
- Protocol Group 172
- Port Protocol 172
- Vlan Port MAC Map 173
- Unicast MAC 174
- Wildcard 175
- Switch Port VLAN 176
- Dynamic Vlan 177
- Port Configuration 178
- GARP Timers 179
- RSTP Global Settings 180
- RSTP Basic Settings 181
- Port Status 183
- MSTP Basic Settings 184
- MSTP Timers 186
- VLAN Mapping 188
- CIST Port Status 190
- LA Basic Settings 192
- Interface Settings 193
- Port Channel 194
- Port State Info 196
- Load Balancing 197
- Basic Settings 198
- Local AS 202
- MAC Session Info 203
- Unicast Filters 204
- Multicast Filters 205
- 7-6 Layer 3 Management 206
- Vlan Interface 207
- IP V4 Interface Settings 208
- IP Route 209
- LoopBack Basic Settings 210
- IPv6 Route Configuration 211
- IPv6 Interface 212
- ND Cache 213
- Address Settings 214
- Address Profile 215
- Prefix Settings 216
- DHCP Server 217
- Pool Settings 218
- DHCP Relay 219
- RIP Basic Settings 221
- Interfaces 222
- Neighbors List 223
- Security Settings 224
- Address Summarization 225
- RIP6 Interface 226
- OSPF Basic Settings 229
- Interface 231
- Virtual Interface 232
- OSPF Neighbor 233
- OSPF RRD Route Configuration 234
- OSPF Area Aggregation 235
- External Aggregation 236
- OSPFv3 Basic Settings 238
- OSPF V3 External Aggregation 242
- BGP Basic Settings 244
- BGP Peer Configuration 245
- BGP MED Configuration 246
- Local Preference 247
- BGP Filter 249
- Route Aggregations 250
- Advanced BGP Configuration 251
- BGP Community Management 252
- RRD Basic Settings 254
- RRD6 Basic Settings 258
- RRD V6 OSPF 260
- VRRP Basic Settings 262
- VRRP Settings 263
- 7-7 Multicast 264
- IGMP Snooping Configuration 265
- IGMP Snooping Timer 266
- IGMP Snooping Interface 267
- IGMP Snooping VLAN Router 268
- IGMP MAC Forwarding 269
- Dynamic Multicast 270
- Interface Configuration 273
- Group Information 274
- Source Information 275
- Component 277
- Candidate RPs 279
- Threshold 280
- Static RP 281
- DVMRP Basic Settings 282
- 7-8 Statistics 284
- Ethernet Statistics 286
- ADIUS SERVER ADDRESS 288
- ORT NUMBER 288
- OUND TRIP TIME in seconds 288
- TACACS+ Statistics 290
- RMON Ethernet Statistics 292
- SNMP Statistics 294
- Current DB 297
- VLAN Port Statistics 298
- VLAN Multicast Table 299
- VLAN Counter Statistics 300
- VLAN Capabilities 301
- VLAN FDB Entries 302
- RSTP Statistics 303
- RSTP Port Statistics 304
- MSTP Statistics 306
- MSTP CIST Statistics 307
- MSTP MSTI Port Statistics 308
- Link Aggregation (LA) 309
- LA Port Statistics 310
- LA Neighbor Statistics 311
- 802.1X Session Statistics 312
- 802.1X Supplicant Statistics 313
- Mac Session Statistics 314
- ARP Cache 316
- ICMP Statistics 317
- IP V6 Interface Statistics 319
- ICMP V6 Statistics 321
- RIP Statistics 323
- RIP6 Interface Statistics 324
- RIP6 Route Information 325
- OSPF Route Information 327
- OSPF Link State DB 328
- OSPFV3 Route Information 330
- OSPFV3 Link State DB 331
- VRRP Statistics 332
- IGMP Snooping 334
- IGMP Snooping V3 Statistics 336
- IGMP Statistics 337
- PIM Interface Statistics 339
- PIM Neighbor Statistics 340
- PIM BSR Info 341
- PIM RP Set Information 342
- PIM Route Information 343
- DVMRP Routers 344
- DVMRP Multicast Routers 345
- DVMRP Prune Statistics 346
- Appendix A 369
- HCA Mezzanine Cards 369
- A-2 Mezzanine HCA Cards 370
- InfiniHost III Lx DDR chip 371
- A-3 Installation 377
- Card Installation 378
- Figure A-9. Card Installation 379
- Appendix B 381
- LED Descriptions 381
- Appendix B: LED Descriptions 383
- Descriptions 384
- Appendix C 385
- Installing Triple Wide Bays 385
- Screws 4Pcs 386
- Screws 4pcs 387
- Disclaimer 391
Související produkty a manuály pro Síťové karty Supermicro AOC-XEH-IN2
(18 stránky)© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.022 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce