Cisco 200 Series Smart Switches Administration Guide 1.4.0.X
Total Page:16
File Type:pdf, Size:1020Kb
ADMINISTRATION GUIDE Cisco Small Business 200 Series Smart Switch Administration Guide Table of Contents 1 Table of Contents Chapter 1: Table of Contents 1 Chapter 2: Getting Started 8 Starting the Web-based Configuration Utility 8 Quick Start Device Configuration 12 Interface Naming Conventions 12 Window Navigation 14 Chapter 3: Status and Statistics 18 System Summary 18 Ethernet Interfaces 18 Etherlike Statistics 19 802.1X EAP Statistics 20 Health 21 RMON 22 View Log 29 Chapter 4: Administration: System Log 30 Setting System Log Settings 30 Setting Remote Logging Settings 32 Viewing Memory Logs 33 Chapter 5: Administration: File Management 35 System Files 35 Upgrade/Backup Firmware/Language 38 Download/Backup Configuration/Log 41 Cisco Small Business 200 Series Smart Switch Administration Guide 1 Table of Contents 1 Configuration Files Properties 46 Copy/Save Configuration 46 Auto Configuration/Image Update via DHCP 48 56 Chapter 6: Administration 57 Device Models 57 System Settings 59 Management Interface 61 User Accounts 61 Defining Idle Session Timeout 61 Time Settings 62 System Log 62 File Management 62 Rebooting the Device 62 Health 64 Diagnostics 65 Discovery - Bonjour 65 Discovery - LLDP 66 Discovery - CDP 66 Ping 66 Chapter 7: Administration: Time Settings 68 System Time Options 68 SNTP Modes 70 Configuring System Time 70 Chapter 8: Administration: Diagnostics 77 Copper Ports Tests 77 Displaying Optical Module Status 79 Cisco Small Business 200 Series Smart Switch Administration Guide 2 Table of Contents 1 Configuring Port and VLAN Mirroring 80 Viewing CPU Utilization and Secure Core Technology 82 Chapter 9: Administration: Discovery 83 Bonjour 83 LLDP and CDP 84 Configuring LLDP 85 Configuring CDP 104 CDP Statistics 111 Chapter 10: Port Management 113 Configuring Ports 113 Loopback Detection 117 Link Aggregation 119 UDLD 126 PoE 126 Configuring Green Ethernet 126 Chapter 11: Port Management: Unidirectional Link Detection 134 UDLD Overview 134 UDLD Operation 135 Usage Guidelines 137 Dependencies On Other Features 137 Default Settings and Configuration 138 Before You Start 138 Common UDLD Tasks 138 Configuring UDLD 139 Chapter 12: Smartport 143 Overview 143 Cisco Small Business 200 Series Smart Switch Administration Guide 3 Table of Contents 1 What is a Smartport 144 Smartport Types 144 Smartport Macros 146 Macro Failure and the Reset Operation 147 How the Smartport Feature Works 148 Auto Smartport 148 Error Handling 152 Default Configuration 152 Relationships with Other Features and Backwards Compatibility 153 Common Smartport Tasks 153 Configuring Smartport Using The Web-based Interface 155 Built-in Smartport Macros 159 Chapter 13: Port Management: PoE 171 PoE on the Device 171 PoE Properties 174 PoE Settings 175 Chapter 14: VLAN Management 177 Overview 177 Regular VLANs 179 186 Voice VLAN 186 Chapter 15: Spanning Tree 198 STP Flavors 198 STP Status and Global Settings 199 Spanning Tree Interface Settings 200 Rapid Spanning Tree Settings 202 Cisco Small Business 200 Series Smart Switch Administration Guide 4 Table of Contents 1 Chapter 16: Managing MAC Address Tables 205 Static MAC Addresses 206 Dynamic MAC Addresses 207 Chapter 17: Multicast 208 Multicast Forwarding 208 Multicast Properties 212 MAC Group Address 213 IP Multicast Group Addresses 214 IPv4 Multicast Configuration 216 IPv6 Multicast Configuration 218 IGMP/MLD Snooping IP Multicast Group 220 Multicast Router Ports 221 Forward All 221 Unregistered Multicast 222 Chapter 18: IP Configuration 224 Overview 224 IPv4 Management and Interfaces 226 Domain Name 239 Chapter 19: Security 243 Defining Users 244 Configuring RADIUS 246 Management Access Method 250 Management Access Authentication 254 Secure Sensitive Data Management 255 SSL Server 256 SSH Client 258 Configuring TCP/UDP Services 258 Cisco Small Business 200 Series Smart Switch Administration Guide 5 Table of Contents 1 Defining Storm Control 259 Configuring Port Security 260 802.1X 262 Denial of Service Prevention 263 Chapter 20: Security: 802.1X Authentication 267 Overview of 802.1X 267 Authenticator Overview 269 Common Tasks 273 802.1X Configuration Through the GUI 274 Chapter 21: Security: SSH Client 280 Secure Copy (SCP) and SSH 280 Protection Methods 281 SSH Server Authentication 282 SSH Client Authentication 283 Before You Begin 284 Common Tasks 284 SSH Client Configuration Through the GUI 286 Chapter 22: Security: Secure Sensitive Data Management 290 Introduction 290 SSD Rules 291 SSD Properties 296 Configuration Files 298 SSD Management Channels 302 Menu CLI and Password Recovery 303 Configuring SSD 303 Chapter 23: Quality of Service 306 Cisco Small Business 200 Series Smart Switch Administration Guide 6 Table of Contents 1 QoS Features and Components 307 Configuring QoS - General 308 Managing QoS Statistics 317 Chapter 24: SNMP 319 SNMP Versions and Workflow 319 Model OIDs 321 SNMP Engine ID 322 Configuring SNMP Views 324 Creating SNMP Groups 325 Managing SNMP Users 327 Defining SNMP Communities 328 Defining Trap Settings 330 Notification Recipients 331 SNMP Notification Filters 335 Cisco Small Business 200 Series Smart Switch Administration Guide 7 2 Getting Started This section provides an introduction to the web-based configuration utility, and covers the following topics: • Starting the Web-based Configuration Utility • Quick Start Device Configuration • Interface Naming Conventions • Window Navigation Starting the Web-based Configuration Utility This section describes how to navigate the web-based switch configuration utility. If you are using a pop-up blocker, make sure it is disabled. Browser Restrictions If you are using IPv6 interfaces on your management station, use the IPv6 global address and not the IPv6 link local address to access the device from your browser. Launching the Configuration Utility To open the web-based configuration utility: STEP 1 Open a Web browser. STEP 2 Enter the IP address of the device you are configuring in the address bar on the browser, and then press Enter. NOTE When the device is using the factory default IP address of 192.168.1.254, its power LED flashes continuously. When the device is using a DHCP-assigned IP address or an administrator-configured static IP address, the power LED is on solid. Cisco Small Business 200 Series Smart Switch Administration Guide 8 Getting Started Starting the Web-based Configuration Utility 2 Logging In The default username is cisco and the default password is cisco. The first time that you log in with the default username and password, you are required to enter a new password. NOTE If you have not previously selected a language for the GUI, the language of the Login page is determined by the language(s) requested by your browser and the languages configured on your device. If your browser requests Chinese, for example, and Chinese has been loaded into your device, the Login page is automatically displayed in Chinese. If Chinese has not been loaded into your device, the Login page appears in English. The languages loaded into the device have a language and country code (en-US, en-GB and so on). For the Login page to be automatically displayed in a particular language, based on the browser request, both the language and country code of the browser request must match those of the language loaded on the device. If the browser request contains only the language code without a country code (for example: fr). The first embedded language with a matching language code is taken (without matching the country code, for example: fr_CA). To log in to the device configuration utility: STEP 1 Enter the username/password. The password can contain up to 64 ASCII characters. Password-complexity rules are described in Setting Password Complexity Rules. STEP 2 If you are not using English, select the desired language from the Language drop- down menu. To add a new language to the device or update a current one, see Upgrade/Backup Firmware/Language. STEP 3 If this is the first time that you logged on with the default user ID (cisco) and the default password (cisco) or your password has expired, the Change Password Page appears. See Password Expiration for additional information. STEP 4 Choose whether to select Disable Password Complexity Enforcement or not. For more information on password complexity, see the Setting Password Complexity Rules section. STEP 5 Enter the new password and click Apply. When the login attempt is successful, the Getting Started page appears. If you entered an incorrect username or password, an error message appears and the Login page remains displayed on the window. If you are having problems logging in, please see the Launching the Configuration Utility section in the Administration Guide for additional information. Cisco Small Business 200 Series Smart Switch Administration Guide 9 Getting Started Starting the Web-based Configuration Utility 2 Select Don't show this page on startup to prevent the Getting Started page from being displayed each time that you log on to the system. If you select this option, the System Summary page is opened instead of the Getting Started page. HTTP/HTTPS You can either open an HTTP session (not secured) by clicking Log In, or you can open an HTTPS (secured) session, by clicking Secure Browsing (HTTPS). You are asked to approve the logon with a default RSA key, and an HTTPS session is opened. NOTE There is no need to input the username/password prior to clicking the Secure Browsing (HTTPS) button. For information on how to configure HTTPS, see SSL Server. Password Expiration The New Password page is displayed in the following cases: • The first time that you access the device with the default username cisco and password cisco. This page forces you to replace the factory default password. • When the password expires, this page forces you to select a new password. Logging Out By default, the application logs out after ten minutes of inactivity. You can change this default value as described in the Defining Idle Session Timeout section.