beautypg.com

LevelOne GTL-2691 User Manual

Page 73

background image

C

HAPTER

1

| Introduction

Description of Software Features

– 73 –

C

ONFIGURATION

B

ACKUP

AND

R

ESTORE

You can save the current configuration settings to a file on the

management station (using the web interface) or an FTP/TFTP server

(using the web or console interface), and later download this file to restore

the switch configuration settings.

A

UTHENTICATION

This switch authenticates management access via the console port, Telnet,

or a web browser. User names and passwords can be configured locally or

can be verified via a remote authentication server (i.e., RADIUS or

TACACS+). Port-based authentication is also supported via the IEEE

802.1X protocol. This protocol uses Extensible Authentication Protocol over

LANs (EAPOL) to request user credentials from the 802.1X client, and then

uses the EAP between the switch and the authentication server to verify

the client’s right to access the network via an authentication server (i.e.,

RADIUS or TACACS+ server).

Other authentication options include HTTPS for secure management access

via the web, SSH for secure management access over a Telnet-equivalent

connection, SNMP Version 3, IP address filtering for SNMP/Telnet/web

management access. MAC address filtering and IP source guard also

provide authenticated port access. While DHCP snooping is provided to

prevent malicious attacks from insecure ports.

A

CCESS

C

ONTROL

L

ISTS

ACLs provide packet filtering for IP frames (based on address, protocol,

TCP/UDP port number or TCP control code) or any frames (based on MAC

address or Ethernet type). ACLs can by used to improve performance by

blocking unnecessary network traffic or to implement security controls by

restricting access to specific network resources or protocols.

DHCP

A DHCP server is provided to assign IP addresses to host devices. Since

DHCP uses a broadcast mechanism, a DHCP server and its client must

physically reside on the same subnet. Since it is not practical to have a

DHCP server on every subnet, DHCP Relay is also supported to allow

dynamic configuration of local clients from a DHCP server located in a

different network.

P

ORT

C

ONFIGURATION

You can manually configure the speed, duplex mode, and flow control used
on specific ports, or use auto-negotiation to detect the connection settings

used by the attached device. Use full-duplex mode on ports whenever

possible to double the throughput of switch connections. Flow control

should also be enabled to control network traffic during periods of

congestion and prevent the loss of packets when port buffer thresholds are

exceeded. The switch supports flow control based on the IEEE 802.3x

standard (now incorporated in IEEE 802.3-2002).

See also other documents in the category LevelOne Routers: